22 lines
1.3 KiB
Markdown
22 lines
1.3 KiB
Markdown
# AGENTS
|
|
## Role
|
|
Provides OpenVEX statement normalization and export writers for lightweight attestation-oriented outputs.
|
|
## Scope
|
|
- Parse OpenVEX documents/attestations into canonical claims with provenance metadata.
|
|
- Utilities to merge multiple OpenVEX statements and resolve conflicts for consensus ingestion.
|
|
- Export writer emitting OpenVEX envelopes from consensus data with deterministic ordering.
|
|
- Optional SBOM linkage helpers referencing component digests or PURLs.
|
|
## Participants
|
|
- OCI/OpenVEX connector and other attest-based sources depend on this module for normalization.
|
|
- Export module uses writers for `--format openvex` requests.
|
|
- Attestation layer references emitted statements to populate predicate subjects.
|
|
## Interfaces & contracts
|
|
- Normalizer classes implementing `INormalizer`, reducer utilities to consolidate OpenVEX events, export serializer.
|
|
## In/Out of scope
|
|
In: OpenVEX parsing, normalization, export serialization, helper utilities.
|
|
Out: OCI registry access, policy evaluation, attestation signing (handled by other modules).
|
|
## Observability & security expectations
|
|
- Log normalization anomalies with subject digest and justification mapping while respecting offline constraints.
|
|
## Tests
|
|
- Snapshot-driven normalization/export tests will be placed in `../StellaOps.Excititor.Formats.OpenVEX.Tests`.
|