7503c19b8f
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering. - Created helper methods for generating sample verdict inputs and computing canonical hashes. - Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics. - Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
Risk Samples (fixtures layout)
Use this folder for frozen, deterministic fixtures once schemas and payloads arrive.
Structure (proposed):
profiles/— profile JSON (DSSE-wrapped where applicable) +SHA256SUMSfactors/— factor input payloads grouped by source (epss/, kev/, reachability/, runtime/), each withSHA256SUMSexplain/— explainability outputs paired with inputs; includeSHA256SUMSapi/— request/response examples for risk endpoints; includeSHA256SUMS
Rules:
- UTC timestamps; stable ordering of arrays/objects.
- No live calls; fixtures only.
- Record hashes via
sha256sumand keep manifests alongside samples.
Quick receipt checklist (see INGEST_CHECKLIST.md for detail):
- Normalize JSON with
jq -S . - Update
SHA256SUMSin the target folder - Verify with
sha256sum -c - Log files + hashes in the sprint Execution Log
Manifests created:
profiles/SHA256SUMSfactors/SHA256SUMSexplain/SHA256SUMSapi/SHA256SUMS