git.stella-ops.org/docs/replay/policy-sim/inputs.lock.sample.json

{
  "$schema": "./lock.schema.json",
  "schemaVersion": "1.0.0",
  "generatedAt": "2025-12-03T00:00:00Z",
  "policyBundleSha256": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
  "graphSha256": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
  "sbomSha256": "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc",
  "timeAnchorSha256": "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
  "datasetSha256": "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
  "shadowIsolation": true,
  "requiredScopes": ["policy:simulate:shadow", "graph:read"],
  "notes": "Lock for PS1–PS10 remediation; DSSE signature optional"
}