{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://stella.ops/predicates/reachability@v1", "title": "StellaOps Reachability Attestation Predicate", "description": "Predicate for reachability analysis results.", "type": "object", "required": ["result", "confidence", "graphDigest"], "properties": { "result": { "type": "string", "enum": ["reachable", "unreachable", "unknown"], "description": "Reachability analysis result." }, "confidence": { "type": "number", "minimum": 0, "maximum": 1, "description": "Confidence score (0-1)." }, "graphDigest": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$", "description": "Digest of the call graph used." }, "paths": { "type": "array", "items": { "$ref": "#/$defs/reachabilityPath" }, "description": "Paths from entrypoints to vulnerable code." }, "entrypoints": { "type": "array", "items": { "$ref": "#/$defs/entrypoint" }, "description": "Entrypoints considered." }, "computedAt": { "type": "string", "format": "date-time" }, "expiresAt": { "type": "string", "format": "date-time" } }, "$defs": { "reachabilityPath": { "type": "object", "required": ["pathId", "steps"], "properties": { "pathId": { "type": "string" }, "steps": { "type": "array", "items": { "type": "object", "properties": { "node": { "type": "string" }, "fileHash": { "type": "string" }, "lines": { "type": "array", "items": { "type": "integer" }, "minItems": 2, "maxItems": 2 } } } } } }, "entrypoint": { "type": "object", "required": ["type"], "properties": { "type": { "type": "string" }, "route": { "type": "string" }, "auth": { "type": "string" } } } }, "additionalProperties": false }