8768c27f30
- Introduced `ReachabilityState`, `RuntimeHit`, `ExploitabilitySignal`, `ReachabilitySignal`, `SignalEnvelope`, `SignalType`, `TrustSignal`, and `UnknownSymbolSignal` records to define various signal types and their properties. - Implemented JSON serialization attributes for proper data interchange. - Created project files for the new signal contracts library and corresponding test projects. - Added deterministic test fixtures for micro-interaction testing. - Included cryptographic keys for secure operations with cosign.
17 lines
1.1 KiB
Markdown
17 lines
1.1 KiB
Markdown
# StellaOps Evidence Locker – Changelog
|
||
|
||
Semantic Versioning policy: MAJOR for breaking API/format changes; MINOR for new capabilities or schema additions; PATCH for fixes that do not change contracts. Dates are UTC.
|
||
|
||
## 1.1.0 – 2025-12-04
|
||
- Closed EB1–EB10 gaps from the 28-Nov-2025 advisory:
|
||
- Published canonical schemas `schemas/bundle.manifest.schema.json` and `schemas/checksums.schema.json`.
|
||
- DSSE subject now bound to the Merkle root (sha256 of `checksums.txt`); log policy captured for offline/online cases.
|
||
- Replay provenance block defined and embedded in manifest/attestation contracts.
|
||
- Incident-mode toggles recorded and signed; portable/redaction guidance formalized.
|
||
- Merkle/CAS recipe documented with deterministic gzip/tar invariants.
|
||
- Offline verifier guide + script published; golden sealed/portable bundles and replay NDJSON fixtures added under `tests/EvidenceLocker/Bundles/Golden/`.
|
||
- Status: **Released** for documentation/fixtures; wire into code/tests before packaging a new binary drop.
|
||
|
||
## 1.0.0 – 2025-11-19
|
||
- Initial Evidence Bundle v1 contract and sample layout published.
|