git.stella-ops.org/datasets/reachability/schema/manifest.schema.json

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://stellaops.io/schemas/reachability/manifest.schema.json",
  "title": "Reachability Sample Manifest",
  "description": "Metadata for a reachability test sample",
  "type": "object",
  "required": ["sampleId", "version", "createdAt", "language", "category", "description"],
  "properties": {
    "sampleId": {
      "type": "string",
      "pattern": "^sample:[a-z]+:[a-z0-9-]+:[0-9]+$",
      "description": "Unique sample identifier"
    },
    "version": {
      "type": "string",
      "pattern": "^[0-9]+\\.[0-9]+\\.[0-9]+$",
      "description": "Sample version (SemVer)"
    },
    "createdAt": {
      "type": "string",
      "format": "date-time",
      "description": "Creation timestamp (UTC ISO-8601)"
    },
    "language": {
      "type": "string",
      "enum": ["java", "csharp", "javascript", "php", "python", "native", "polyglot"],
      "description": "Primary language of the sample"
    },
    "category": {
      "type": "string",
      "enum": ["positive", "negative", "contested"],
      "description": "Ground truth category"
    },
    "description": {
      "type": "string",
      "description": "Human-readable description"
    },
    "source": {
      "type": "object",
      "properties": {
        "repository": {
          "type": "string",
          "format": "uri"
        },
        "commit": {
          "type": "string"
        },
        "buildToolchain": {
          "type": "string"
        }
      }
    },
    "vulnerabilities": {
      "type": "array",
      "items": {
        "type": "object",
        "required": ["vulnId", "purl", "affectedSymbol"],
        "properties": {
          "vulnId": {
            "type": "string",
            "description": "CVE or advisory ID"
          },
          "purl": {
            "type": "string",
            "description": "Package URL of vulnerable package"
          },
          "affectedSymbol": {
            "type": "string",
            "description": "Symbol name that is vulnerable"
          }
        }
      }
    },
    "artifacts": {
      "type": "array",
      "items": {
        "type": "object",
        "required": ["path", "hash", "type"],
        "properties": {
          "path": {
            "type": "string"
          },
          "hash": {
            "type": "string",
            "pattern": "^sha256:[a-f0-9]{64}$"
          },
          "type": {
            "type": "string"
          }
        }
      }
    }
  }
}