stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
c8a871dd3050db0a8949fb20b528a019d7f358b5
git.stella-ops.org/docs/schemas/calibration-manifest.schema.json
StellaOps Bot 5146204f1b feat: add security sink detection patterns for JavaScript/TypeScript 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
2025-12-22 23:21:21 +02:00

235 lines
6.6 KiB
JSON
Raw Blame History

{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://stella-ops.org/schemas/calibration-manifest/1.0.0",
"title": "Calibration Manifest Schema",
"description": "Schema for trust vector calibration manifests that track tuning history",
"type": "object",
"required": [
"manifest_id",
"tenant",
"epoch",
"started_at",
"completed_at",
"calibrations"
],
"properties": {
"manifest_id": {
"type": "string",
"description": "Unique identifier for the calibration manifest"
},
"tenant": {
"type": "string",
"minLength": 1,
"description": "Tenant identifier for multi-tenancy"
},
"epoch": {
"type": "integer",
"minimum": 1,
"description": "Calibration epoch number"
},
"started_at": {
"type": "string",
"format": "date-time",
"description": "ISO 8601 UTC timestamp when calibration started"
},
"completed_at": {
"type": "string",
"format": "date-time",
"description": "ISO 8601 UTC timestamp when calibration completed"
},
"calibrations": {
"type": "array",
"items": {
"$ref": "#/$defs/SourceCalibration"
},
"description": "Per-source calibration results"
},
"config": {
"$ref": "#/$defs/CalibrationConfig"
},
"metrics": {
"$ref": "#/$defs/CalibrationMetrics"
}
},
"additionalProperties": false,
"$defs": {
"SourceCalibration": {
"type": "object",
"description": "Calibration result for a single VEX source",
"required": [
"source_id",
"previous_vector",
"new_vector",
"adjustments",
"sample_count"
],
"properties": {
"source_id": {
"type": "string",
"description": "Identifier of the VEX source"
},
"previous_vector": {
"$ref": "trust-vector.schema.json",
"description": "Trust vector before calibration"
},
"new_vector": {
"$ref": "trust-vector.schema.json",
"description": "Trust vector after calibration"
},
"adjustments": {
"$ref": "#/$defs/VectorAdjustments"
},
"sample_count": {
"type": "integer",
"minimum": 0,
"description": "Number of post-mortem samples used"
},
"accuracy_before": {
"type": "number",
"minimum": 0,
"maximum": 1,
"description": "Accuracy before calibration"
},
"accuracy_after": {
"type": "number",
"minimum": 0,
"maximum": 1,
"description": "Accuracy after calibration"
}
},
"additionalProperties": false
},
"VectorAdjustments": {
"type": "object",
"description": "Adjustments applied to trust vector components",
"properties": {
"provenance_delta": {
"type": "number",
"description": "Change in Provenance score"
},
"coverage_delta": {
"type": "number",
"description": "Change in Coverage score"
},
"replayability_delta": {
"type": "number",
"description": "Change in Replayability score"
}
},
"additionalProperties": false
},
"CalibrationConfig": {
"type": "object",
"description": "Configuration used for this calibration run",
"properties": {
"learning_rate": {
"type": "number",
"minimum": 0,
"maximum": 1,
"default": 0.02,
"description": "Maximum adjustment per epoch"
},
"momentum": {
"type": "number",
"minimum": 0,
"maximum": 1,
"default": 0.1,
"description": "Momentum for smoothing adjustments"
},
"min_samples": {
"type": "integer",
"minimum": 1,
"default": 10,
"description": "Minimum samples required for calibration"
},
"accuracy_threshold": {
"type": "number",
"minimum": 0,
"maximum": 1,
"default": 0.7,
"description": "Target accuracy threshold"
}
},
"additionalProperties": false
},
"CalibrationMetrics": {
"type": "object",
"description": "Aggregate metrics for the calibration epoch",
"properties": {
"total_samples": {
"type": "integer",
"minimum": 0,
"description": "Total post-mortem samples processed"
},
"sources_calibrated": {
"type": "integer",
"minimum": 0,
"description": "Number of sources calibrated"
},
"sources_skipped": {
"type": "integer",
"minimum": 0,
"description": "Number of sources skipped (insufficient samples)"
},
"average_accuracy_improvement": {
"type": "number",
"description": "Average accuracy improvement across sources"
},
"max_drift": {
"type": "number",
"minimum": 0,
"description": "Maximum calibration drift detected"
}
},
"additionalProperties": false
},
"PostMortemOutcome": {
"type": "object",
"description": "Post-mortem truth for calibration comparison",
"required": [
"vulnerability_id",
"asset_digest",
"predicted_status",
"actual_status",
"source_id",
"recorded_at"
],
"properties": {
"vulnerability_id": {
"type": "string",
"description": "CVE or vulnerability identifier"
},
"asset_digest": {
"type": "string",
"pattern": "^sha256:[a-f0-9]{64}$",
"description": "Asset digest"
},
"predicted_status": {
"type": "string",
"enum": ["affected", "not_affected", "fixed", "under_investigation"],
"description": "Status predicted by trust lattice"
},
"actual_status": {
"type": "string",
"enum": ["affected", "not_affected", "fixed"],
"description": "Confirmed actual status"
},
"source_id": {
"type": "string",
"description": "Source that made the prediction"
},
"recorded_at": {
"type": "string",
"format": "date-time",
"description": "When the post-mortem was recorded"
},
"evidence_ref": {
"type": "string",
"description": "Reference to evidence supporting the truth"
}
},
"additionalProperties": false
}
}
}
Reference in New Issue View Git Blame Copy Permalink