8768c27f30
- Introduced `ReachabilityState`, `RuntimeHit`, `ExploitabilitySignal`, `ReachabilitySignal`, `SignalEnvelope`, `SignalType`, `TrustSignal`, and `UnknownSymbolSignal` records to define various signal types and their properties. - Implemented JSON serialization attributes for proper data interchange. - Created project files for the new signal contracts library and corresponding test projects. - Added deterministic test fixtures for micro-interaction testing. - Included cryptographic keys for secure operations with cosign.
1.1 KiB
1.1 KiB
StellaOps Evidence Locker – Changelog
Semantic Versioning policy: MAJOR for breaking API/format changes; MINOR for new capabilities or schema additions; PATCH for fixes that do not change contracts. Dates are UTC.
1.1.0 – 2025-12-04
- Closed EB1–EB10 gaps from the 28-Nov-2025 advisory:
- Published canonical schemas
schemas/bundle.manifest.schema.jsonandschemas/checksums.schema.json. - DSSE subject now bound to the Merkle root (sha256 of
checksums.txt); log policy captured for offline/online cases. - Replay provenance block defined and embedded in manifest/attestation contracts.
- Incident-mode toggles recorded and signed; portable/redaction guidance formalized.
- Merkle/CAS recipe documented with deterministic gzip/tar invariants.
- Offline verifier guide + script published; golden sealed/portable bundles and replay NDJSON fixtures added under
tests/EvidenceLocker/Bundles/Golden/.
- Published canonical schemas
- Status: Released for documentation/fixtures; wire into code/tests before packaging a new binary drop.
1.0.0 – 2025-11-19
- Initial Evidence Bundle v1 contract and sample layout published.