generated from coulomb/repo-seed
requirement refs map to capability groups
This commit is contained in:
@@ -51,6 +51,7 @@ The key runtime fields are:
|
||||
- `check_groups`: named groups that assessment profiles can select.
|
||||
- `preflight_runner`: optional runner ID used before selected check groups.
|
||||
- `runner_entrypoints`: concrete runner declarations.
|
||||
- `mappings`: mapping set IDs under `mappings/<mapping-id>.json`.
|
||||
- `certification_boundary`: explicit statement of what the extension does not
|
||||
certify.
|
||||
|
||||
@@ -102,6 +103,30 @@ Command placeholders:
|
||||
The command is executed with the extension directory as its working directory.
|
||||
The core does not use a shell for command runners.
|
||||
|
||||
## Mapping Sets
|
||||
|
||||
Mapping sets connect normalized evidence requirement refs to capability groups,
|
||||
controls, conformance classes, quality dimensions, or other assessment targets.
|
||||
|
||||
Each mapping set lives under:
|
||||
|
||||
```text
|
||||
extensions/<extension-id>/mappings/<mapping-id>.json
|
||||
```
|
||||
|
||||
and validates against:
|
||||
|
||||
```text
|
||||
docs/schemas/mapping-set.schema.json
|
||||
```
|
||||
|
||||
The core does not embed domain policy. It only joins evidence `requirement_refs`
|
||||
to extension-owned mappings and writes normalized mapping records to:
|
||||
|
||||
```text
|
||||
runs/<run-id>/normalized/mappings.json
|
||||
```
|
||||
|
||||
## Python Runner Contract
|
||||
|
||||
A Python runner receives one context object and returns one result object.
|
||||
@@ -167,6 +192,6 @@ Initial statuses:
|
||||
|
||||
## Next SDK Steps
|
||||
|
||||
- Add normalizer and mapping plug-in contracts.
|
||||
- Add normalizer plug-in contracts.
|
||||
- Add extension-owned schema validation for domain-specific target profile
|
||||
fields.
|
||||
|
||||
Reference in New Issue
Block a user