35c8f9216f
- Introduced `BinaryReachabilityLifterTests` to validate binary lifting functionality. - Created `PackRunWorkerOptions` for configuring worker paths and execution persistence. - Added `TimelineIngestionOptions` for configuring NATS and Redis ingestion transports. - Implemented `NatsTimelineEventSubscriber` for subscribing to NATS events. - Developed `RedisTimelineEventSubscriber` for reading from Redis Streams. - Added `TimelineEnvelopeParser` to normalize incoming event envelopes. - Created unit tests for `TimelineEnvelopeParser` to ensure correct field mapping. - Implemented `TimelineAuthorizationAuditSink` for logging authorization outcomes.
Stella Ops Bench Repository
Status: Draft — aligns with
docs/benchmarks/vex-evidence-playbook.md(Sprint 401).
Purpose: Host reproducible VEX decisions and comparison data that prove Stella Ops’ signal quality vs. baseline scanners.
Layout
bench/
README.md # this file
findings/ # per CVE/product bundles
CVE-YYYY-NNNNN/
evidence/
reachability.json
sbom.cdx.json
decision.openvex.json
decision.dsse.json
rekor.txt
metadata.json
tools/
verify.sh # DSSE + Rekor verifier
verify.py # offline verifier
compare.py # baseline comparison script
replay.sh # runs reachability replay manifolds
results/
summary.csv
runs/<date>/... # raw outputs + replay manifests
Refer to docs/benchmarks/vex-evidence-playbook.md for artifact contracts and automation tasks. The bench/ tree will be populated once BENCH-AUTO-401-019 and DOCS-VEX-401-012 land.