stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
5593212b414864ab213082c8945a267451b99901
git.stella-ops.org/docs/features/checked/graph/graph-edge-metadata-with-reason-evidence-provenance.md

3.5 KiB
Raw Blame History

Graph Edge Metadata with Reason/Evidence/Provenance

Module

Graph

Status

VERIFIED

Description

EdgeReason and CallgraphEdge models exist in Signals with persistence projection, and EdgeBundle exists in Scanner reachability. The Graph module (src/Graph) implements edge metadata types including EdgeReason, EdgeVia, and ExplanationPayload in src/Graph/StellaOps.Graph.Api/Contracts/EdgeMetadataContracts.cs (423 lines), along with the EdgeMetadataService for querying, storing, and inferring edge-level metadata.

What's Implemented

  • Graph API services: src/Graph/StellaOps.Graph.Api/Services/ -- query, search, path, diff, export, lineage, overlay services (all with in-memory implementations)
  • Edge metadata contracts: src/Graph/StellaOps.Graph.Api/Contracts/EdgeMetadataContracts.cs -- EdgeReason, EdgeVia, ExplanationPayload, EdgeMetadataResponse types (423 lines)
  • Edge metadata service: src/Graph/StellaOps.Graph.Api/Services/EdgeMetadataService.cs -- query, set, and infer edge metadata with tenant isolation
  • Graph snapshot documents: src/Graph/StellaOps.Graph.Indexer/Documents/GraphSnapshot.cs, GraphSnapshotBuilder.cs -- graph document model (nodes/edges with metadata)
  • Graph document factory: src/Graph/StellaOps.Graph.Indexer/Schema/GraphDocumentFactory.cs -- creates graph documents with identity
  • Graph identity: src/Graph/StellaOps.Graph.Indexer/Schema/GraphIdentity.cs -- content-addressed graph identity
  • CVE observation nodes: src/Graph/__Libraries/StellaOps.Graph.Core/CveObservationNode.cs -- CVE observation data on graph nodes
  • Advisory linkset: src/Graph/StellaOps.Graph.Indexer/Ingestion/Advisory/AdvisoryLinksetProcessor.cs, AdvisoryLinksetTransformer.cs -- advisory evidence linking to graph edges
  • Inspector: src/Graph/StellaOps.Graph.Indexer/Ingestion/Inspector/GraphInspectorProcessor.cs, GraphInspectorTransformer.cs -- inspection evidence on edges
  • Postgres persistence: src/Graph/__Libraries/StellaOps.Graph.Indexer.Persistence/Postgres/Repositories/PostgresGraphDocumentWriter.cs, PostgresGraphSnapshotProvider.cs
  • Tests: src/Graph/__Tests/StellaOps.Graph.Api.Tests/EdgeMetadataServiceTests.cs -- 14 tests covering roundtrip, tenant isolation, reason inference, overwrite semantics
  • Source: Feature matrix scan

Implementation Plan

  • All planned types (EdgeReason, EdgeVia, ExplanationPayload) verified to exist in EdgeMetadataContracts.cs
  • Edge metadata is exposed through the EdgeMetadataService with full CRUD and inference
  • Tenant isolation confirmed working
  • Further integration with Signals EdgeReason and Scanner EdgeBundle models may be expanded in future sprints

Related Documentation

  • Source: See feature catalog

Verification

  • Run ID: run-002
  • Date: 2026-02-09T21:43:00Z
  • Tier: 1 (Source + Build + Test)
  • Result: PASS
  • Evidence: 52/52 Graph.Api.Tests pass (including 14/14 EdgeMetadataServiceTests). 108/108 non-persistence tests pass across all Graph test projects. 17 Persistence tests skipped (require Docker/PostgreSQL -- environment limitation, not a regression).
  • Notes: Required 1 retry cycle. Initial failure due to test fixture edge IDs not matching seeded data. Fixed in run-002 by aligning test edge IDs to seeded graph edges and correcting InferReasonFromKind assertion expectations. Original "What's Missing" claim about absent types was disproven -- all types exist in EdgeMetadataContracts.cs (423 lines).