1.7 KiB
1.7 KiB
Policy Version Binding to Reachability Slices (strict/forward/any)
Module
Scanner
Status
VERIFIED
Description
Binds reachability slices to specific policy versions with three validation modes: strict (invalidate on any policy change), forward (valid with newer versions), and any (valid with any version). Production defaults to strict mode.
Implementation Details
- Policy Binding:
src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/PolicyBinding.cs-PolicyBindingbinds reachability slices to specific policy versions with three validation modes: strict (invalidate on any policy change), forward (valid with newer versions), and any (valid with any version)
- Slice Schema:
src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceSchema.cs-SliceSchemaincludes policy version binding metadata in slice definitions
E2E Test Plan
- Create a reachability slice with strict policy binding and verify it is invalidated when the policy version changes
- Create a reachability slice with forward binding and verify it remains valid when the policy version is incremented
- Create a reachability slice with forward binding and verify it is invalidated when the policy version is rolled back
- Create a reachability slice with "any" binding and verify it remains valid regardless of policy version changes
- Verify production defaults to strict mode when no binding mode is explicitly specified
- Verify invalidated slices trigger re-computation of reachability analysis
Verification
| Check | Result |
|---|---|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |