96 lines
3.0 KiB
C#
96 lines
3.0 KiB
C#
using StellaOps.BinaryIndex.Core.Models;
|
|
|
|
namespace StellaOps.BinaryIndex.FixIndex.Models;
|
|
|
|
/// <summary>
|
|
/// Evidence of a CVE fix in a distro package.
|
|
/// </summary>
|
|
public sealed record FixEvidence
|
|
{
|
|
/// <summary>Distro identifier (e.g., "debian", "ubuntu", "alpine")</summary>
|
|
public required string Distro { get; init; }
|
|
|
|
/// <summary>Release/codename (e.g., "bookworm", "jammy", "v3.19")</summary>
|
|
public required string Release { get; init; }
|
|
|
|
/// <summary>Source package name</summary>
|
|
public required string SourcePkg { get; init; }
|
|
|
|
/// <summary>CVE identifier (e.g., "CVE-2024-1234")</summary>
|
|
public required string CveId { get; init; }
|
|
|
|
/// <summary>Fix state</summary>
|
|
public required FixState State { get; init; }
|
|
|
|
/// <summary>Version where the fix was applied (if applicable)</summary>
|
|
public string? FixedVersion { get; init; }
|
|
|
|
/// <summary>Method used to detect the fix</summary>
|
|
public required FixMethod Method { get; init; }
|
|
|
|
/// <summary>Confidence score (0.0 - 1.0)</summary>
|
|
public required decimal Confidence { get; init; }
|
|
|
|
/// <summary>Evidence payload for audit trail</summary>
|
|
public required FixEvidencePayload Evidence { get; init; }
|
|
|
|
/// <summary>Corpus snapshot ID (if from snapshot ingestion)</summary>
|
|
public Guid? SnapshotId { get; init; }
|
|
|
|
/// <summary>Timestamp when this evidence was created</summary>
|
|
public DateTimeOffset CreatedAt { get; init; }
|
|
}
|
|
|
|
/// <summary>
|
|
/// Base class for evidence payloads.
|
|
/// </summary>
|
|
public abstract record FixEvidencePayload;
|
|
|
|
/// <summary>
|
|
/// Evidence from changelog parsing.
|
|
/// </summary>
|
|
public sealed record ChangelogEvidence : FixEvidencePayload
|
|
{
|
|
/// <summary>Path to changelog file</summary>
|
|
public required string File { get; init; }
|
|
|
|
/// <summary>Version from changelog entry</summary>
|
|
public required string Version { get; init; }
|
|
|
|
/// <summary>Excerpt from changelog mentioning CVE</summary>
|
|
public required string Excerpt { get; init; }
|
|
|
|
/// <summary>Line number where CVE was mentioned</summary>
|
|
public int? LineNumber { get; init; }
|
|
}
|
|
|
|
/// <summary>
|
|
/// Evidence from patch header parsing.
|
|
/// </summary>
|
|
public sealed record PatchHeaderEvidence : FixEvidencePayload
|
|
{
|
|
/// <summary>Path to patch file</summary>
|
|
public required string PatchPath { get; init; }
|
|
|
|
/// <summary>SHA-256 digest of patch file</summary>
|
|
public required string PatchSha256 { get; init; }
|
|
|
|
/// <summary>Excerpt from patch header</summary>
|
|
public required string HeaderExcerpt { get; init; }
|
|
}
|
|
|
|
/// <summary>
|
|
/// Evidence from official security feed.
|
|
/// </summary>
|
|
public sealed record SecurityFeedEvidence : FixEvidencePayload
|
|
{
|
|
/// <summary>Feed identifier (e.g., "alpine-secfixes", "debian-oval")</summary>
|
|
public required string FeedId { get; init; }
|
|
|
|
/// <summary>Entry identifier within the feed</summary>
|
|
public required string EntryId { get; init; }
|
|
|
|
/// <summary>Published timestamp from feed</summary>
|
|
public required DateTimeOffset PublishedAt { get; init; }
|
|
}
|