stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

docs consolidation

Browse Source
This commit is contained in:
master
2026-01-07 10:23:21 +02:00
parent 4789027317
commit 044cf0923c
515 changed files with 5460 additions and 5292 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/technical/architecture/07_HIGH_LEVEL_ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,5 @@
# High Level Architecture (Compatibility Alias)
This file is retained to keep older references working.
For the current high-level architecture overview, see `docs/ARCHITECTURE_OVERVIEW.md`.
For the detailed reference map, see `docs/ARCHITECTURE_REFERENCE.md`.

8
docs/technical/architecture/advisory-alignment-report.md
View File

@@ -122,7 +122,7 @@ This report validates that **StellaOps achieves 90%+ alignment** with the refere
**Evidence:**
- `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Epss/`
- `docs/architecture/epss-versioning-clarification.md`
- `docs/technical/architecture/epss-versioning-clarification.md`
---
@@ -240,7 +240,7 @@ This report validates that **StellaOps achieves 90%+ alignment** with the refere
**Evidence:**
- `src/Scanner/__Libraries/StellaOps.Scanner.Unknowns/`
- `docs/architecture/signal-contract-mapping.md` (Signal-14 section)
- `docs/technical/architecture/signal-contract-mapping.md` (Signal-14 section)
---
@@ -295,5 +295,5 @@ StellaOps demonstrates **100% alignment** with the reference advisory architectu
- [in-toto Attestation Framework](https://github.com/in-toto/attestation)
- [FIRST.org EPSS](https://www.first.org/epss/)
- [OpenVEX Specification](https://github.com/openvex/spec)
- `docs/architecture/signal-contract-mapping.md`
- `docs/architecture/epss-versioning-clarification.md`
- `docs/technical/architecture/signal-contract-mapping.md`
- `docs/technical/architecture/epss-versioning-clarification.md`

4
docs/technical/architecture/component-map.md
View File

@@ -22,7 +22,7 @@ Concise descriptions of every top-level component under `src/`, summarising the
## Policy & Governance
- **Policy** — Policy Engine core libraries and services executing lattice logic across SBOM, advisory, and VEX evidence. Emits explain traces, drives Findings, Notifier, and Export Center (`docs/modules/policy/architecture.md`).
- **Policy Studio / TaskRunner / PacksRegistry** Authoring, automation, and reusable template services that orchestrate policy and operational workflows (`docs/task-packs/`, `docs/modules/cli/`, `docs/modules/ui/`).
- **Policy Studio / TaskRunner / PacksRegistry** - Authoring, automation, and reusable template services that orchestrate policy and operational workflows (`docs/modules/packs-registry/guides/`, `docs/modules/cli/`, `docs/modules/ui/`).
- **Governance components** (Authority scopes, Policy governance, Console policy UI) are covered in `docs/security/policy-governance.md` and `docs/modules/ui/policies.md`.
## Identity, Signing & Provenance
@@ -35,7 +35,7 @@ Concise descriptions of every top-level component under `src/`, summarising the
## Scheduling, Orchestration & Automation
- **Scheduler** — Detects advisory/VEX deltas and orchestrates deterministic rescan runs toward Scanner and Policy Engine (`docs/modules/scheduler/architecture.md`).
- **Orchestrator** — Central coordination service dispatching jobs (scans, exports, policy runs) to modules, working closely with Scheduler, CLI, and UI (`docs/modules/orchestrator/architecture.md`).
- **TaskRunner** Executes automation packs sourced from PacksRegistry, integrating with Orchestrator, CLI, Notify, and Authority (`docs/task-packs/runbook.md`).
- **TaskRunner** - Executes automation packs sourced from PacksRegistry, integrating with Orchestrator, CLI, Notify, and Authority (`docs/modules/packs-registry/guides/runbook.md`).
- **Signals** — Ingests runtime posture signals and feeds Policy/Notifier workflows (`docs/modules/zastava/architecture.md`, signals sections).
- **TimelineIndexer** — Builds timelines of evidence/events for forensics and audit tooling (`docs/modules/timeline-indexer/guides/timeline.md`).

4
docs/technical/architecture/epss-versioning-clarification.md
View File

@@ -264,7 +264,7 @@ current EPSS methodology from FIRST.org. EPSS does not use numbered versions lik
Instead, EPSS scores are tracked by daily `model_date`. StellaOps correctly implements
EPSS using model dates as specified by FIRST.org.
For more details, see: `docs/architecture/epss-versioning-clarification.md`
For more details, see: `docs/technical/architecture/epss-versioning-clarification.md`
```
---
@@ -431,7 +431,7 @@ private double CalculateExploitPressure(UnknownRanking ranking)
## Related Documents
- `docs/implplan/SPRINT_5000_0001_0001_advisory_alignment.md` - Parent sprint
- `docs/architecture/signal-contract-mapping.md` - Signal contract mapping
- `docs/technical/architecture/signal-contract-mapping.md` - Signal contract mapping
- `docs/modules/risk-engine/guides/epss-integration-v4.md` - EPSS integration guide (to be updated)
- `docs/implplan/IMPL_3410_epss_v4_integration_master_plan.md` - EPSS implementation plan (to be updated)
- `docs/modules/risk-engine/guides/formulas.md` - Scoring formulas including EPSS