27 lines
995 B
Markdown
27 lines
995 B
Markdown
# Risk Samples (fixtures layout)
|
|
|
|
Use this folder for frozen, deterministic fixtures once schemas and payloads arrive.
|
|
|
|
Structure (proposed):
|
|
- `profiles/` — profile JSON (DSSE-wrapped where applicable) + `SHA256SUMS`
|
|
- `factors/` — factor input payloads grouped by source (epss/, kev/, reachability/, runtime/), each with `SHA256SUMS`
|
|
- `explain/` — explainability outputs paired with inputs; include `SHA256SUMS`
|
|
- `api/` — request/response examples for risk endpoints; include `SHA256SUMS`
|
|
|
|
Rules:
|
|
- UTC timestamps; stable ordering of arrays/objects.
|
|
- No live calls; fixtures only.
|
|
- Record hashes via `sha256sum` and keep manifests alongside samples.
|
|
|
|
Quick receipt checklist (see `INGEST_CHECKLIST.md` for detail):
|
|
1) Normalize JSON with `jq -S .`
|
|
2) Update `SHA256SUMS` in the target folder
|
|
3) Verify with `sha256sum -c`
|
|
4) Log files + hashes in the sprint Execution Log
|
|
|
|
Manifests created:
|
|
- `profiles/SHA256SUMS`
|
|
- `factors/SHA256SUMS`
|
|
- `explain/SHA256SUMS`
|
|
- `api/SHA256SUMS`
|