stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

feat: Add Go module and workspace test fixtures

Browse Source 
- Created expected JSON files for Go modules and workspaces.
- Added go.mod and go.sum files for example projects.
- Implemented private module structure with expected JSON output.
- Introduced vendored dependencies with corresponding expected JSON.
- Developed PostgresGraphJobStore for managing graph jobs.
- Established SQL migration scripts for graph jobs schema.
- Implemented GraphJobRepository for CRUD operations on graph jobs.
- Created IGraphJobRepository interface for repository abstraction.
- Added unit tests for GraphJobRepository to ensure functionality.
This commit is contained in:
StellaOps Bot
2025-12-06 20:04:03 +02:00
parent a6f1406509
commit 05597616d6
178 changed files with 12022 additions and 4545 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
docs/assets/vuln-explorer/console/CAPTURES.md Normal file
View File

@@ -0,0 +1,182 @@
# Console Asset Captures for Vuln Explorer Documentation
> **Status:** Ready for capture
> **Last Updated:** 2025-12-06
> **Owner:** Console Guild
> **Hash Manifest:** See SHA256SUMS after capture
## Capture Instructions
Run the console app locally and capture each screen:
```bash
# Start the dev environment
docker compose -f deploy/compose/docker-compose.dev.yaml up -d
# Access console at https://localhost:8443
# Log in with dev credentials
# Navigate to each section below and capture
```
## Required Captures
### 1. Dashboard Overview
**File:** `dashboard-overview.png`
**Description:** Main dashboard showing vulnerability counts, risk scores, and recent activity.
```markdown
![Dashboard Overview](./dashboard-overview.png)
The dashboard provides:
- Total vulnerability count by severity (Critical, High, Medium, Low)
- Risk score trend over time
- Top affected components
- Recent scan activity
```
---
### 2. Vulnerability Explorer List
**File:** `vuln-explorer-list.png`
**Description:** Vulnerability list view with filters and sorting.
```markdown
![Vulnerability Explorer List](./vuln-explorer-list.png)
The vulnerability list shows:
- CVE ID, severity, CVSS score
- Affected package and version
- Fix availability status
- VEX status (affected, not_affected, fixed, under_investigation)
```
---
### 3. Vulnerability Detail View
**File:** `vuln-detail.png`
**Description:** Single vulnerability detail page with full context.
```markdown
![Vulnerability Detail](./vuln-detail.png)
The detail view includes:
- Full vulnerability description
- CVSS vector breakdown
- Affected components
- Reachability analysis
- VEX statements
- Remediation guidance
```
---
### 4. Findings Ledger Timeline
**File:** `findings-timeline.png`
**Description:** Timeline view of vulnerability findings and state changes.
```markdown
![Findings Timeline](./findings-timeline.png)
The timeline shows:
- Finding discovery events
- Status transitions
- Evidence snapshots
- Attestation links
```
---
### 5. Risk Score Panel
**File:** `risk-score-panel.png`
**Description:** Risk score breakdown with contributing factors.
```markdown
![Risk Score Panel](./risk-score-panel.png)
The risk panel displays:
- Overall risk score (0-100)
- Factor breakdown (severity, exploitability, asset criticality)
- Score history
- Policy compliance status
```
---
### 6. VEX Consensus View
**File:** `vex-consensus.png`
**Description:** VEX consensus display showing multiple issuer statements.
```markdown
![VEX Consensus](./vex-consensus.png)
The VEX consensus view shows:
- Aggregated status from multiple issuers
- Issuer trust levels
- Statement timestamps
- Rationale summaries
```
---
### 7. Policy Studio Editor
**File:** `policy-studio-editor.png`
**Description:** Policy Studio with Monaco editor and rule builder.
```markdown
![Policy Studio Editor](./policy-studio-editor.png)
The Policy Studio includes:
- Monaco editor with StellaOps DSL highlighting
- Rule builder sidebar
- Simulation panel
- Lint/compile feedback
```
---
### 8. Air-Gap Status Panel
**File:** `airgap-status.png`
**Description:** Air-gap mode status and bundle information.
```markdown
![Air-Gap Status](./airgap-status.png)
The air-gap panel shows:
- Sealed mode status
- Last advisory update timestamp
- Bundle version
- Time anchor validity
```
---
## After Capture
1. Place captured images in this directory
2. Generate hashes:
```bash
sha256sum *.png > SHA256SUMS
```
3. Update `docs/assets/vuln-explorer/SHA256SUMS` with new entries
4. Mark DOCS-CONSOLE-OBS-52-001 as DONE in sprint file
## Sample SHA256SUMS Entry
```
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 dashboard-overview.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 vuln-explorer-list.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 vuln-detail.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 findings-timeline.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 risk-score-panel.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 vex-consensus.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 policy-studio-editor.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 airgap-status.png
```