stella-ops.org/git.stella-ops.org

Files

master 1bf6bbf395 semi implemented and features implemented save checkpoint

2026-02-08 18:00:49 +02:00

1.2 KiB

Raw Blame History

Policy Simulation Reachability Overrides

Module

Cli

Status

IMPLEMENTED

Description

What-if reachability overrides in policy simulation: override reachability states (reachable/unreachable) and scores for specific vulnerabilities or packages to model hypothetical scenarios.

Implementation Details

Command Group: src/Cli/StellaOps.Cli/Commands/PolicyCommandGroup.cs -- policy simulation commands
Commands:
- stella policy simulate <file> --override-reachability <cve>=reachable|unreachable -- override reachability state
- stella policy simulate <file> --override-score <cve>=<score> -- override reachability score
What-if engine: Applies overrides before evaluation to model hypothetical scenarios

E2E Test Plan

Run stella policy simulate ./policy.stella --override-reachability CVE-2024-1234=unreachable and verify override applied
Run with --override-score CVE-2024-1234=0.1 and verify score override
Verify simulation results differ from baseline when overrides change gate outcomes
Verify multiple overrides can be specified simultaneously
Verify --format json output includes override annotations