stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
e2e404e705578c36a9d19a806405bd3051bc52ce
git.stella-ops.org/docs/events/advisoryai.evidence.bundle@0.json
master e91da22836
Some checks failed
api-governance / spectral-lint (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Add new provenance and crypto registry documentation 
- Introduced attestation inventory and subject-rekor mapping files for tracking Docker packages.
- Added a comprehensive crypto registry decision document outlining defaults and required follow-ups.
- Created an offline feeds manifest for bundling air-gap resources.
- Implemented a script to generate and update binary manifests for curated binaries.
- Added a verification script to ensure binary artefacts are located in approved directories.
- Defined new schemas for AdvisoryEvidenceBundle, OrchestratorEnvelope, ScannerReportReadyPayload, and ScannerScanCompletedPayload.
- Established project files for StellaOps.Orchestrator.Schemas and StellaOps.PolicyAuthoritySignals.Contracts.
- Updated vendor manifest to track pinned binaries for integrity.
2025-11-18 23:47:13 +02:00

59 lines
2.2 KiB
JSON
Raw Blame History

{
"$id": "https://stella-ops.org/schemas/events/advisoryai.evidence.bundle@0.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "AdvisoryAI evidence bundle (draft v0)",
"type": "object",
"additionalProperties": false,
"required": ["bundleId", "advisoryId", "tenant", "generatedAt", "observations"],
"properties": {
"bundleId": {"type": "string", "description": "Deterministic bundle identifier (UUID or ULID)."},
"advisoryId": {"type": "string", "description": "Upstream advisory identifier (vendor or CVE-style)."},
"tenant": {"type": "string", "description": "Owning tenant."},
"generatedAt": {"type": "string", "format": "date-time", "description": "UTC timestamp when bundle was assembled."},
"schemaVersion": {"type": "integer", "default": 0},
"observations": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"additionalProperties": false,
"required": ["observationId", "source"],
"properties": {
"observationId": {"type": "string"},
"source": {"type": "string", "description": "Publisher or feed name."},
"purl": {"type": "string", "description": "Optional package URL."},
"cve": {"type": "string"},
"severity": {"type": "string", "description": "Publisher-reported severity label."},
"cvss": {
"type": "object",
"additionalProperties": false,
"properties": {
"vector": {"type": "string"},
"score": {"type": "number"}
}
},
"summary": {"type": "string"},
"evidence": {
"type": "object",
"description": "Raw upstream statement or excerpt.",
"additionalProperties": true
}
}
}
},
"signatures": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"required": ["signature", "keyId"],
"properties": {
"signature": {"type": "string", "description": "Base64 signature over canonical JSON."},
"keyId": {"type": "string"},
"algorithm": {"type": "string"}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink