git.stella-ops.org/samples/policy/policy-preview-unknown.json

{
  "previewRequest": {
    "imageDigest": "sha256:7dbe0c9a5d4f1c8184007e9d94dbe55928f8a2db5ab9c1c2d4a2f7bbcdfe1234",
    "findings": [
      {
        "id": "library:pkg/openssl@1.1.1w",
        "severity": "Unknown",
        "source": "NVD",
        "tags": [
          "trust:vendor",
          "reachability:unknown",
          "unknown-age-days:5"
        ]
      },
      {
        "id": "library:pkg/zlib@1.3.1",
        "severity": "High",
        "source": "NVD",
        "tags": [
          "state:unknown",
          "reachability:runtime",
          "unknown-since:2025-10-10T00:00:00Z",
          "observed-at:2025-10-19T12:00:00Z"
        ]
      }
    ],
    "baseline": [
      {
        "findingId": "library:pkg/openssl@1.1.1w",
        "status": "Pass",
        "score": 0,
        "configVersion": "1.0",
        "inputs": {
          "severityWeight": 25,
          "trustWeight": 1,
          "reachabilityWeight": 0.45,
          "baseScore": 11.25
        },
        "quiet": false
      },
      {
        "findingId": "library:pkg/zlib@1.3.1",
        "status": "Pass",
        "score": 0,
        "configVersion": "1.0",
        "inputs": {
          "severityWeight": 75,
          "trustWeight": 1,
          "reachabilityWeight": 0.45,
          "baseScore": 33.75
        },
        "quiet": false
      }
    ]
  },
  "previewResponse": {
    "success": true,
    "policyDigest": "8a0f72f8dc5c51c46991db3bba34e9b3c0c8e944a7a6d0a9c29a9aa6b8439876",
    "revisionId": "rev-42",
    "changed": 2,
    "diffs": [
      {
        "findingId": "library:pkg/openssl@1.1.1w",
        "baseline": {
          "findingId": "library:pkg/openssl@1.1.1w",
          "status": "Pass",
          "score": 0,
          "configVersion": "1.0",
          "inputs": {
            "severityWeight": 25,
            "trustWeight": 1,
            "reachabilityWeight": 0.45,
            "baseScore": 11.25
          },
          "quiet": false
        },
        "projected": {
          "findingId": "library:pkg/openssl@1.1.1w",
          "status": "Blocked",
          "ruleName": "Block vendor unknowns",
          "ruleAction": "block",
          "notes": "Unknown vendor telemetry — medium confidence band.",
          "score": 19.5,
          "configVersion": "1.0",
          "inputs": {
            "severityWeight": 50,
            "trustWeight": 0.65,
            "reachabilityWeight": 0.6,
            "baseScore": 19.5,
            "trustWeight.vendor": 0.65,
            "reachability.unknown": 0.6,
            "unknownConfidence": 0.55,
            "unknownAgeDays": 5
          },
          "quietedBy": null,
          "quiet": false,
          "unknownConfidence": 0.55,
          "confidenceBand": "medium",
          "unknownAgeDays": 5,
          "sourceTrust": "vendor",
          "reachability": "unknown"
        },
        "changed": true
      },
      {
        "findingId": "library:pkg/zlib@1.3.1",
        "baseline": {
          "findingId": "library:pkg/zlib@1.3.1",
          "status": "Pass",
          "score": 0,
          "configVersion": "1.0",
          "inputs": {
            "severityWeight": 75,
            "trustWeight": 1,
            "reachabilityWeight": 0.45,
            "baseScore": 33.75
          },
          "quiet": false
        },
        "projected": {
          "findingId": "library:pkg/zlib@1.3.1",
          "status": "Warned",
          "ruleName": "Runtime mitigation required",
          "ruleAction": "warn",
          "notes": "Runtime reachable unknown — mitigation window required.",
          "score": 18.75,
          "configVersion": "1.0",
          "inputs": {
            "severityWeight": 75,
            "trustWeight": 1,
            "reachabilityWeight": 0.45,
            "baseScore": 33.75,
            "reachability.runtime": 0.45,
            "warnPenalty": 15,
            "unknownConfidence": 0.35,
            "unknownAgeDays": 13
          },
          "quietedBy": null,
          "quiet": false,
          "unknownConfidence": 0.35,
          "confidenceBand": "medium",
          "unknownAgeDays": 13,
          "sourceTrust": "NVD",
          "reachability": "runtime"
        },
        "changed": true
      }
    ],
    "issues": []
  }
}