git.stella-ops.org/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GoldenSet/Configuration/GoldenSetOptions.cs

using System.ComponentModel.DataAnnotations;

namespace StellaOps.BinaryIndex.GoldenSet;

/// <summary>
/// Configuration options for the GoldenSet module.
/// </summary>
public sealed class GoldenSetOptions
{
    /// <summary>
    /// Configuration section name.
    /// </summary>
    public const string SectionName = "BinaryIndex:GoldenSet";

    /// <summary>
    /// Current schema version for golden set definitions.
    /// </summary>
    [Required]
    public string SchemaVersion { get; set; } = GoldenSetConstants.CurrentSchemaVersion;

    /// <summary>
    /// Validation options.
    /// </summary>
    public GoldenSetValidationOptions Validation { get; set; } = new();

    /// <summary>
    /// Storage options.
    /// </summary>
    public GoldenSetStorageOptions Storage { get; set; } = new();

    /// <summary>
    /// Caching options.
    /// </summary>
    public GoldenSetCachingOptions Caching { get; set; } = new();

    /// <summary>
    /// Authoring options.
    /// </summary>
    public GoldenSetAuthoringOptions Authoring { get; set; } = new();
}

/// <summary>
/// Authoring options for golden sets.
/// </summary>
public sealed class GoldenSetAuthoringOptions
{
    /// <summary>
    /// Enable AI-assisted enrichment.
    /// </summary>
    public bool EnableAiEnrichment { get; set; } = true;

    /// <summary>
    /// Enable upstream commit analysis.
    /// </summary>
    public bool EnableCommitAnalysis { get; set; } = true;

    /// <summary>
    /// Maximum number of commits to analyze per vulnerability.
    /// </summary>
    public int MaxCommitsToAnalyze { get; set; } = 5;

    /// <summary>
    /// Minimum confidence threshold for auto-accepting AI suggestions.
    /// </summary>
    public decimal AutoAcceptConfidenceThreshold { get; set; } = 0.8m;
}

/// <summary>
/// Validation options for golden sets.
/// </summary>
public sealed class GoldenSetValidationOptions
{
    /// <summary>
    /// Validate that the CVE exists in NVD/OSV (requires network).
    /// </summary>
    public bool ValidateCveExists { get; set; } = true;

    /// <summary>
    /// Validate that sinks are in the registry.
    /// </summary>
    public bool ValidateSinks { get; set; } = true;

    /// <summary>
    /// Validate edge format strictly (must match bbN->bbM).
    /// </summary>
    public bool StrictEdgeFormat { get; set; } = true;

    /// <summary>
    /// Skip network calls (air-gap mode).
    /// </summary>
    public bool OfflineMode { get; set; } = false;
}

/// <summary>
/// Storage options for golden sets.
/// </summary>
public sealed class GoldenSetStorageOptions
{
    /// <summary>
    /// PostgreSQL schema name for golden sets.
    /// </summary>
    public string PostgresSchema { get; set; } = "golden_sets";

    /// <summary>
    /// Connection string name (from configuration).
    /// </summary>
    public string ConnectionStringName { get; set; } = "BinaryIndex";
}

/// <summary>
/// Caching options for golden sets.
/// </summary>
public sealed class GoldenSetCachingOptions
{
    /// <summary>
    /// Cache duration for sink registry lookups (minutes).
    /// </summary>
    public int SinkRegistryCacheMinutes { get; set; } = 60;

    /// <summary>
    /// Cache duration for golden set definitions (minutes).
    /// </summary>
    public int DefinitionCacheMinutes { get; set; } = 15;
}