Add software design documentation, requirements files, and expand review-sets

.reviewmark.yaml

@@ -7,7 +7,9 @@
 # Processed in order; prefix a pattern with '!' to exclude.
 needs-review:
   - "**/*.cs"                       # All C# source and test files
+  - "requirements.yaml"             # Root requirements file
   - "docs/reqstream/*.yaml"         # Per-software-item requirements files
+  - "docs/design/*.md"              # Software design documents
   - "!**/obj/**"                    # Exclude build output
   - "!**/bin/**"                    # Exclude build output
 
@@ -30,51 +32,104 @@ reviews:
   - id: ReviewMark-Context
     title: Review of Context software unit (command-line argument handling)
     paths:
-      - "docs/reqstream/cli-requirements.yaml"          # requirements
+      - "docs/reqstream/unit-context.yaml"              # requirements
+      - "docs/design/context.md"                        # design
       - "src/**/Context.cs"                             # implementation
       - "test/**/ContextTests.cs"                       # tests
 
   - id: ReviewMark-GlobMatcher
     title: Review of GlobMatcher software unit (file pattern matching)
     paths:
-      - "src/**/GlobMatcher.cs"                         # implementation
-      - "test/**/GlobMatcherTests.cs"                   # tests
+      - "docs/reqstream/unit-glob-matcher.yaml"          # requirements
+      - "docs/design/glob-matcher.md"                    # design
+      - "src/**/GlobMatcher.cs"                          # implementation
+      - "test/**/GlobMatcherTests.cs"                    # tests
 
-  - id: ReviewMark-Index
-    title: Review of Index software unit (review evidence indexing)
+  - id: ReviewMark-ReviewIndex
+    title: Review of ReviewIndex software unit (review evidence indexing)
     paths:
-      - "docs/reqstream/index-requirements.yaml"        # requirements
-      - "src/**/Index.cs"                               # implementation
+      - "docs/reqstream/unit-review-index.yaml"         # requirements
+      - "docs/design/review-index.md"                   # design
+      - "src/**/ReviewIndex.cs"                         # implementation
       - "test/**/IndexTests.cs"                         # tests
 
   - id: ReviewMark-PathHelpers
     title: Review of PathHelpers software unit (file path utilities)
     paths:
-      - "src/**/PathHelpers.cs"                         # implementation
-      - "test/**/PathHelpersTests.cs"                   # tests
+      - "docs/reqstream/unit-path-helpers.yaml"          # requirements
+      - "docs/design/path-helpers.md"                    # design
+      - "src/**/PathHelpers.cs"                          # implementation
+      - "test/**/PathHelpersTests.cs"                    # tests
 
   - id: ReviewMark-Program
     title: Review of Program software unit (main entry point and tool orchestration)
     paths:
-      - "docs/reqstream/cli-requirements.yaml"          # requirements
-      - "docs/reqstream/platform-requirements.yaml"     # platform requirements
+      - "docs/reqstream/unit-program.yaml"              # requirements
+      - "docs/design/program.md"                        # design
       - "docs/guide/guide.md"                           # user guide
       - "src/**/Program.cs"                             # implementation
       - "test/**/ProgramTests.cs"                       # unit tests
-      - "test/**/IntegrationTests.cs"                   # integration tests
-      - "test/**/Runner.cs"                             # test infrastructure
       - "test/**/TestDirectory.cs"                      # test infrastructure
-      - "test/**/AssemblyInfo.cs"                       # test infrastructure
 
   - id: ReviewMark-Configuration
     title: Review of ReviewMarkConfiguration software unit (configuration parsing and processing)
     paths:
-      - "docs/reqstream/configuration-requirements.yaml"    # requirements
-      - "src/**/ReviewMarkConfiguration.cs"                 # implementation
-      - "test/**/ReviewMarkConfigurationTests.cs"           # tests
+      - "docs/reqstream/subsystem-configuration.yaml"   # requirements
+      - "docs/design/review-mark-configuration.md"      # design
+      - "src/**/ReviewMarkConfiguration.cs"             # implementation
+      - "test/**/ReviewMarkConfigurationTests.cs"       # tests
 
   - id: ReviewMark-Validation
     title: Review of Validation software unit (self-validation test execution)
     paths:
-      - "docs/reqstream/ots-requirements.yaml"          # OTS requirements verified by self-validation
+      - "docs/reqstream/unit-validation.yaml"           # requirements
+      - "docs/design/validation.md"                     # design
       - "src/**/Validation.cs"                          # implementation
+      - "test/**/ValidationTests.cs"                    # tests
+
+  # Special review-sets
+  - id: ReviewMark-System
+    title: Review of ReviewMark system-level behavior, platform support, and integration
+    paths:
+      - "docs/reqstream/reviewmark-system.yaml"         # system requirements
+      - "docs/reqstream/platform-requirements.yaml"     # platform requirements
+      - "docs/design/introduction.md"                   # design introduction and architecture
+      - "docs/design/system.md"                         # system design
+      - "test/**/IntegrationTests.cs"                   # integration tests
+      - "test/**/Runner.cs"                             # test infrastructure
+      - "test/**/AssemblyInfo.cs"                       # test infrastructure
+
+  - id: ReviewMark-Design
+    title: Review of all ReviewMark design documentation
+    paths:
+      - "docs/reqstream/platform-requirements.yaml"     # platform requirements
+      - "docs/design/introduction.md"                   # design introduction and architecture
+      - "docs/design/system.md"                         # system design
+      - "docs/design/context.md"                        # Context design
+      - "docs/design/glob-matcher.md"                   # GlobMatcher design
+      - "docs/design/review-index.md"                   # ReviewIndex design
+      - "docs/design/path-helpers.md"                   # PathHelpers design
+      - "docs/design/program.md"                        # Program design
+      - "docs/design/review-mark-configuration.md"      # ReviewMarkConfiguration design
+      - "docs/design/validation.md"                     # Validation design
+
+  - id: ReviewMark-AllRequirements
+    title: Review of all ReviewMark requirements files
+    paths:
+      - "requirements.yaml"                             # root requirements file
+      - "docs/reqstream/reviewmark-system.yaml"         # system-level requirements
+      - "docs/reqstream/subsystem-cli.yaml"             # CLI subsystem requirements
+      - "docs/reqstream/subsystem-configuration.yaml"   # Configuration subsystem requirements
+      - "docs/reqstream/unit-context.yaml"              # Context unit requirements
+      - "docs/reqstream/unit-program.yaml"              # Program unit requirements
+      - "docs/reqstream/unit-review-index.yaml"         # ReviewIndex unit requirements
+      - "docs/reqstream/unit-glob-matcher.yaml"         # GlobMatcher unit requirements
+      - "docs/reqstream/unit-path-helpers.yaml"         # PathHelpers unit requirements
+      - "docs/reqstream/unit-validation.yaml"           # Validation unit requirements
+      - "docs/reqstream/platform-requirements.yaml"     # Platform support requirements
+      - "docs/reqstream/ots-mstest.yaml"                # MSTest OTS requirements
+      - "docs/reqstream/ots-reqstream.yaml"             # ReqStream OTS requirements
+      - "docs/reqstream/ots-buildmark.yaml"             # BuildMark OTS requirements
+      - "docs/reqstream/ots-versionmark.yaml"           # VersionMark OTS requirements
+      - "docs/reqstream/ots-sarifmark.yaml"             # SarifMark OTS requirements
+      - "docs/reqstream/ots-sonarmark.yaml"             # SonarMark OTS requirements

docs/design/context.md

@@ -0,0 +1,59 @@
+# Context
+
+## Purpose
+
+The `Context` software unit is responsible for parsing command-line arguments and
+providing a unified interface for output and logging throughout the tool. It acts as
+the primary configuration carrier, passing parsed options from the CLI entry point
+to all processing subsystems.
+
+## Properties
+
+The following properties are populated by `Context.Create()` from the command-line
+arguments:
+
+| Property | Type | Description |
+| -------- | ---- | ----------- |
+| `Version` | bool | Requests version display |
+| `Help` | bool | Requests help display |
+| `Silent` | bool | Suppresses console output |
+| `Validate` | bool | Requests self-validation run |
+| `Lint` | bool | Requests configuration linting |
+| `ResultsFile` | string? | Path for TRX/JUnit test results output |
+| `DefinitionFile` | string | Path to the `.reviewmark.yaml` configuration |
+| `PlanFile` | string? | Output path for the Review Plan document |
+| `PlanDepth` | int | Heading depth for the Review Plan |
+| `ReportFile` | string? | Output path for the Review Report document |
+| `ReportDepth` | int | Heading depth for the Review Report |
+| `IndexPaths` | string[]? | Paths to scan when building an evidence index |
+| `WorkingDirectory` | string | Base directory for resolving relative paths |
+| `Enforce` | bool | Fail if any review-set is not Current |
+| `Elaborate` | bool | Expand file lists in generated documents |
+
+## Argument Parsing
+
+`Context.Create(string[] args)` is a factory method that processes the argument
+array sequentially, recognizing both flag arguments (e.g., `--validate`) and
+value arguments (e.g., `--plan <path>`). Unrecognized or unsupported arguments
+cause `Context.ParseArgument` to throw an `ArgumentException`, which callers of
+`Context.Create` are expected to handle and surface as a CLI error. The resulting
+`Context` instance holds the fully parsed state when argument parsing succeeds.
+
+## Output Methods
+
+| Method | Description |
+| ------ | ----------- |
+| `WriteLine(string)` | Writes a line to the console (unless `Silent` is set) and to the log file |
+| `WriteError(string)` | Writes an error line to the console and to the log file |
+
+## Exit Code
+
+`Context.ExitCode` reflects the current error status of the tool run. It is set to
+a non-zero value when an error is detected. The value of `ExitCode` is returned from
+`Program.Main()` as the process exit code.
+
+## Logging
+
+When a log file path is provided via the relevant CLI argument, `Context` opens and
+holds the log file handle for the duration of the tool run. All output written through
+`WriteLine` and `WriteError` is duplicated to the log file.

docs/design/definition.yaml

@@ -0,0 +1,18 @@
+---
+resource-path:
+  - docs/design
+  - docs/template
+input-files:
+  - docs/design/title.txt
+  - docs/design/introduction.md
+  - docs/design/system.md
+  - docs/design/context.md
+  - docs/design/glob-matcher.md
+  - docs/design/review-index.md
+  - docs/design/path-helpers.md
+  - docs/design/program.md
+  - docs/design/review-mark-configuration.md
+  - docs/design/validation.md
+template: template.html
+table-of-contents: true
+number-sections: true

docs/design/glob-matcher.md

@@ -0,0 +1,32 @@
+# GlobMatcher
+
+## Purpose
+
+The `GlobMatcher` software unit resolves an ordered list of glob patterns into a
+concrete, sorted list of file paths relative to a base directory. It provides the
+file enumeration primitive used by the Configuration subsystem to expand the
+`needs-review` and `review-set` file lists defined in `.reviewmark.yaml`.
+
+## Algorithm
+
+`GlobMatcher.GetMatchingFiles(baseDirectory, patterns)` processes patterns in the
+order they are declared. Patterns prefixed with `!` are exclusion patterns; all
+others are inclusion patterns. Each inclusion pattern adds matching paths to the
+result set; each exclusion pattern removes matching paths from the result set.
+Because patterns are applied in declaration order, a later pattern can re-include
+files excluded by an earlier one, or exclude files included by an earlier one. The
+`**` wildcard matches any number of path segments, enabling recursive matching.
+After all patterns are processed, the result set is sorted and returned.
+
+## Return Value
+
+The method returns a sorted list of relative file paths. Path separators are
+normalized to forward slashes regardless of the host operating system, ensuring
+consistent fingerprint computation across platforms.
+
+## Usage
+
+`GlobMatcher.GetMatchingFiles()` is called by `ReviewMarkConfiguration` to resolve:
+
+- The `needs-review` file list, which represents all files subject to review
+- Each `review-set` file list, which represents the files covered by a specific review record

docs/design/introduction.md

@@ -0,0 +1,56 @@
+# Introduction
+
+This document describes the software design for the ReviewMark project.
+
+## Purpose
+
+ReviewMark is a .NET command-line tool for automated file-review evidence management
+in regulated environments. It computes cryptographic fingerprints of defined file-sets,
+queries a review evidence store for corresponding review records, and produces compliance
+documents on each CI/CD run.
+
+This design document describes the internal architecture, subsystems, and software units
+that together implement the ReviewMark tool. It is intended to support development,
+review, and maintenance activities.
+
+## Scope
+
+This design document covers:
+
+- The software system decomposition into subsystems and software units
+- The responsibilities and interfaces of each software unit
+- The algorithms and data flows used for fingerprinting, evidence lookup, and document generation
+- The self-validation framework
+
+This document does not cover:
+
+- External CI/CD pipeline configuration
+- Evidence store setup or administration
+- Requirements traceability (see the Requirements Specification)
+
+## Software Architecture
+
+The following diagram shows the decomposition of the ReviewMark software system into
+subsystems and software units.
+
+```text
+ReviewMark (Software System)
+├── CLI Subsystem
+│   ├── Program (Software Unit)
+│   └── Context (Software Unit)
+├── Configuration Subsystem
+│   ├── ReviewMarkConfiguration (Software Unit)
+│   └── GlobMatcher (Software Unit)
+├── Index Subsystem
+│   ├── ReviewIndex (Software Unit)
+│   └── PathHelpers (Software Unit)
+└── Validation (Software Unit)
+```
+
+## Audience
+
+This document is intended for:
+
+- Software developers working on ReviewMark
+- Quality assurance teams performing design verification
+- Project stakeholders reviewing architectural decisions

docs/design/path-helpers.md

@@ -0,0 +1,35 @@
+# PathHelpers
+
+## Purpose
+
+The `PathHelpers` software unit provides safe path construction utilities that
+prevent path traversal attacks. It is used by the Index subsystem when constructing
+file system paths to evidence PDF files referenced in the evidence index.
+
+## SafePathCombine()
+
+`PathHelpers.SafePathCombine(basePath, relativePath)` combines a trusted base path
+with an untrusted relative path from the evidence index, validating that the result
+does not escape the base directory.
+
+The validation steps are:
+
+1. Reject any relative path that contains `..` segments (explicit traversal attempt).
+2. Reject any relative path that is rooted (absolute path supplied where a relative one is required).
+3. Combine the base path and relative path.
+4. Verify that the combined path still begins with the base path (catches edge cases
+   such as platform-specific path normalization that might otherwise bypass the
+   earlier checks).
+5. Return the combined path.
+
+The double-check strategy (pre-validation of segments plus post-combination
+verification) defends against edge cases such as URL-encoded separators or
+platform-specific path normalization that might otherwise bypass a single check.
+
+## Security Rationale
+
+Evidence index files may be loaded from external sources (file shares or URLs).
+The `file` field in each index record is supplied by the evidence store and must
+be treated as untrusted input. Without path validation, a maliciously crafted
+index could direct the tool to read or reference files outside the intended
+evidence directory. `SafePathCombine` eliminates this attack surface.

docs/design/program.md

@@ -0,0 +1,47 @@
+# Program
+
+## Purpose
+
+The `Program` software unit is the main entry point of the ReviewMark tool. It is
+responsible for constructing the execution context, dispatching to the appropriate
+processing logic based on parsed flags, and returning a meaningful exit code to the
+calling process.
+
+## Version Property
+
+`Program.Version` returns the tool version string. The version is embedded at build
+time from the assembly metadata and follows semantic versioning conventions.
+
+## Main() Method
+
+`Program.Main(string[] args)` is the process entry point. It:
+
+1. Constructs a `Context` instance via `Context.Create(args)` inside a `using` block
+2. Calls `Program.Run(Context)` to perform the requested operation
+3. Returns `Context.ExitCode` as the process exit code
+
+Any unexpected exception that escapes `Run()` is logged to the standard error stream
+via `Console.Error` and then rethrown. As a result, the process terminates due to the
+unhandled exception and the final exit code is determined by the .NET runtime rather
+than by `Program.Main` explicitly returning a non-zero value.
+
+## Run() Dispatch Logic
+
+`Program.Run(Context)` evaluates the parsed flags in the following priority order,
+executing the first matching action and returning:
+
+1. If `--version` — print version and return
+2. If `--help` — print banner and return
+3. If `--validate` — run self-validation and return
+4. If `--lint` — run configuration lint and return
+5. If `--index` paths provided — scan and write evidence index, then return
+6. Otherwise — generate Review Plan and/or Review Report and return
+
+Only one top-level action is performed per invocation. Actions later in the priority
+order are not reached if an earlier flag is set.
+
+## PrintBanner()
+
+`Program.PrintBanner(Context)` writes the help text to the console via
+`Context.WriteLine()`. The banner lists all supported flags and arguments with brief
+descriptions.