feat(ui): ship reachability witnessing shell

2026-03-07 19:44:25 +02:00
parent 536d3fe6bd
commit 1088ae1bc4
29 changed files with 3858 additions and 1288 deletions
--- a/docs/features/checked/web/reachability-witnessing-ui.md
+++ b/docs/features/checked/web/reachability-witnessing-ui.md
@@ -0,0 +1,53 @@
+# Reachability Witnessing UI
+
+## Module
+Web
+
+## Status
+VERIFIED
+
+## Description
+Mounted the canonical `Security > Reachability` shell for coverage, witnesses, proof-of-exposure, and sensor-gap investigation. Operators can drill from findings, triage, evidence replay, and release detail into one witness-detail experience with return-to-context preserved, drawer-first proof inspection, and export or verify actions.
+
+## Implementation Details
+- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/reachability/`
+- **Primary components**:
+  - `reachability-center` (`src/Web/StellaOps.Web/src/app/features/reachability/reachability-center.component.ts`)
+  - `witness-page` (`src/Web/StellaOps.Web/src/app/features/reachability/witness-page.component.ts`)
+  - `poe-drawer` (`src/Web/StellaOps.Web/src/app/features/reachability/poe-drawer.component.ts`)
+- **Canonical routes**:
+  - `/security/reachability/coverage`
+  - `/security/reachability/witnesses`
+  - `/security/reachability/witnesses/:witnessId`
+  - `/security/reachability/poe`
+  - `/security/reachability/poe/:artifactId`
+  - `/security/reachability/gaps`
+- **Secondary entry points**:
+  - `Security > Findings`
+  - `Triage > Artifact Workspace`
+  - `Evidence > Verify & Replay`
+  - `Releases > Detail`
+- **Source**: shipped reachability owner shell with witness-detail and PoE deep-link contract
+
+## E2E Test Plan
+- **Setup**:
+  - [ ] Log in with a user that can view Security, Evidence, and Releases.
+  - [ ] Navigate to `/security/reachability/witnesses`.
+  - [ ] Ensure witness API data exists or fallback fixtures are enabled.
+- **Core verification**:
+  - [ ] Verify `Coverage`, `Witnesses`, `PoE / Exposure`, and `Sensor Gaps` render in one mounted shell.
+  - [ ] Verify witness search, filters, and witness-detail drill-in work.
+  - [ ] Verify PoE drawer, PoE permalink route, export, and verify actions work.
+- **Cross-shell verification**:
+  - [ ] Verify findings, triage, evidence replay, and release detail link into the canonical reachability routes.
+  - [ ] Verify `returnTo` restores the original workflow context.
+  - [ ] Verify fallback fixtures render a clear degraded-mode message when the backend is unavailable.
+
+## Verification
+- Run:
+  - `npx ng test --watch=false --include src/tests/reachability_center/reachability-center.component.spec.ts --include src/tests/reachability_center/witness-page.component.spec.ts --include src/tests/security-risk/security-risk-routes.spec.ts --include src/tests/security-risk/finding-detail-page-reachability-handoff.spec.ts --include src/tests/triage/triage-workspace-with-proof-tree.behavior.spec.ts --include src/tests/evidence/replay-controls-reachability-handoff.spec.ts --include src/tests/releases/release-detail.live-refresh.spec.ts`
+  - `npx playwright test tests/e2e/reachability-witnessing.spec.ts --workers=1`
+- Tier 0 (source): pass
+- Tier 1 (build/tests): pass
+- Tier 2 (behavior): pass
+- Verified on (UTC): 2026-03-07T18:25:00Z
--- a/docs/implplan/SPRINT_20260307_025_FE_reachability_witnessing_merge.md
+++ b/docs/implplan/SPRINT_20260307_025_FE_reachability_witnessing_merge.md
@@ -1,130 +0,0 @@
-# Sprint 20260307-025 - Reachability Witnessing Merge
-
-## Topic & Scope
- Restore witness and proof-of-exposure UX as a deeper part of `Security > Reachability`.
- Ship fully usable witness and proof flows with working routes, drawers, exports, and cross-links from findings, triage, evidence, and release contexts.
- Complete the missing functionality so operators can actually inspect, verify, and navigate reachability proof rather than just reach routed placeholders.
- Working directory: `src/Web/StellaOps.Web/src/app/features/reachability`.
- Allowed coordination edits: `src/Web/StellaOps.Web/src/app/routes/`, `src/Web/StellaOps.Web/src/app/features/security-risk/`, `src/Web/StellaOps.Web/src/app/features/triage/`, `docs/modules/ui/reachability-witnessing`, and `docs/modules/ui/TASKS.md`.
- Expected evidence: mounted reachability tabs, working witness detail pages, working PoE drawer/permalink behavior, cross-shell deep links, targeted tests, and updated docs.
-
-## Dependencies & Concurrency
- Depends on:
-  - `docs/modules/ui/reachability-witnessing/README.md`
-  - `docs/contracts/witness-v1.md`
-  - `docs/architecture/EVIDENCE_PIPELINE_ARCHITECTURE.md`
-  - `src/Web/StellaOps.Web/src/app/features/reachability/reachability-center.component.ts`
-  - `src/Web/StellaOps.Web/src/app/features/reachability/witness-page.component.ts`
-  - `src/Web/StellaOps.Web/src/app/features/reachability/poe-drawer.component.ts`
-  - `src/Web/StellaOps.Web/src/app/routes/security-risk.routes.ts`
-  - `src/Web/StellaOps.Web/src/app/routes/evidence.routes.ts`
- Safe parallelism:
-  - tab and route contract work should finish before FE implementation begins
-  - witness list/detail and PoE drawer work can proceed in parallel once the route contract is stable
-  - cross-product deep-link work can proceed in parallel with shell implementation
-
-## Documentation Prerequisites
- `docs/modules/ui/reachability-witnessing/README.md`
- `docs/modules/ui/contextual-actions-patterns/README.md`
- `docs/modules/ui/restoration-topics/reachability-witnessing.md`
- `docs/modules/ui/component-preservation-map/RESTORATION_PRIORITIES.md`
-
-## Delivery Tracker
-
-### FE-RW-001 - Wire reachability witness routes and tabs into the active shell
-Status: TODO
-Dependency: none
-Owners: Product Manager, FE Architect
-Task description:
- Add the `Coverage`, `Witnesses`, `PoE / Exposure`, and `Sensor Gaps` flows to the active reachability shell.
- Make the canonical routes and panel behavior work in the live router.
-
-Completion criteria:
- [ ] Reachability remains the canonical owner shell in the live router.
- [ ] Witness and PoE routes are wired and reachable.
- [ ] Tab and panel state work in code, not only in docs.
-
-### FE-RW-002 - Ship the Witnesses list and witness-detail page
-Status: TODO
-Dependency: FE-RW-001
-Owners: Developer, FE Architect
-Task description:
- Implement the searchable `Witnesses` tab and the full witness detail page using the existing reachability and witness APIs.
- Ensure the detail page includes path, confidence, related evidence, and export or verify actions.
-
-Completion criteria:
- [ ] Witness listing and filters are usable from the mounted shell.
- [ ] Witness detail renders the required investigation sections.
- [ ] Export and verify actions work from witness detail.
-
-### FE-RW-003 - Ship PoE detail as drawer-first UX with permalink support
-Status: TODO
-Dependency: FE-RW-001
-Owners: Developer, Product Manager
-Task description:
- Implement proof-of-exposure detail as a contextual drawer by default, with a permalink route for export and audit use cases.
- Make PoE open from witness detail and other owning workflows without creating a second proof product.
-
-Completion criteria:
- [ ] PoE drawer is usable from witness detail and other entry points.
- [ ] Permalink route works for direct proof access.
- [ ] Operators can inspect proof without leaving the owning workflow unless they choose to.
-
-### FE-RW-004 - Wire findings, triage, evidence, and release deep links
-Status: TODO
-Dependency: FE-RW-002
-Owners: FE Architect, Developer
-Task description:
- Implement deep links from `Security > Findings`, `Triage > Artifact Workspace`, `Evidence > Verify & Replay`, and release-context decisioning flows.
- Preserve `returnTo` navigation so witness and PoE inspection does not strand the operator away from the original workflow.
-
-Completion criteria:
- [ ] Findings, triage, evidence, and release entry points open the working reachability UX.
- [ ] `returnTo` behavior preserves the original workflow context.
- [ ] No duplicate witness pages are required outside the reachability shell.
-
-### FE-RW-005 - Complete exports, evidence cards, and proof actions
-Status: TODO
-Dependency: FE-RW-003
-Owners: Developer, Documentation author
-Task description:
- Implement DOT, Mermaid, replay verify, and evidence-chain actions in witness and PoE detail.
- Align labels and affordances so exported proof remains understandable across security, evidence, and release workflows.
-
-Completion criteria:
- [ ] Export and verify actions are usable in the shipped UI.
- [ ] Evidence-chain and proof summary cards render in the shipped UI.
- [ ] Terminology is aligned across the related docs and pages.
-
-### FE-RW-006 - Verify, document, and cut over the feature
-Status: TODO
-Dependency: FE-RW-004
-Owners: QA, Documentation author
-Task description:
- Add Playwright scenarios for the reachability shell, witness detail, PoE drawer, export actions, and cross-shell deep links.
- Update reachability and evidence docs so this ships as a usable feature, not a documented merge target only.
-
-Completion criteria:
- [ ] UI verification covers shell tabs, witness detail, and PoE detail.
- [ ] Cross-shell deep links and proof actions are included in verification.
- [ ] Docs reflect the mounted and usable feature.
-
-## Execution Log
-| Date (UTC) | Update | Owner |
-| --- | --- | --- |
-| 2026-03-07 | Sprint created to ship witness and proof-of-exposure UX as deeper reachability functionality with reusable witness detail pages and PoE drawers across security, triage, evidence, and release flows. | Project Manager |
-
-## Decisions & Risks
- Decision: `Security > Reachability` remains the owner shell for witness and proof UX.
- Decision: witness detail is a full page; PoE is a drawer first and a permalink route second.
- Risk: evidence and release teams may create parallel proof views during implementation.
- Mitigation: freeze deep-link and return-to-context rules before FE work begins.
- Risk: proof terminology may drift between reachability, evidence, and decisioning docs.
- Mitigation: align labels and actions to the reachability UX dossier before implementation starts.
- Delivery rule: this sprint is only complete when witness and PoE flows are mounted, usable from their primary and secondary entry points, and verified end to end.
- Reference design note: `docs/modules/ui/reachability-witnessing/README.md`.
-
-## Next Checkpoints
- 2026-03-08: confirm shell tabs and witness versus PoE ownership boundaries.
- 2026-03-09: freeze witness detail, PoE drawer, and deep-link contracts.
- 2026-03-10: finalize QA and rollout contract.
--- a/docs/modules/ui/README.md
+++ b/docs/modules/ui/README.md
@@ -16,6 +16,8 @@ The Console presents operator dashboards for scans, policies, VEX evidence, runt
 - Added restoration topic shape notes at `restoration-topics/README.md` for Watchlist, Reachability Witnessing, Platform Ops, Triage explainability, and Workflow Visualization placement.
 - Added implementation-ready UX dossiers for Watchlist, Reachability Witnessing, Platform Ops Consolidation, Triage Explainability Workspace, Workflow Visualization and Replay, and shared contextual action patterns.
 - Added FE sprint files for the five accepted restoration topics plus a shared sprint for single actions, drawers, tabs, and stray-page placement patterns.
+- Shipped the canonical `Security > Reachability` witness and proof-of-exposure shell, including cross-shell handoffs from findings, triage, evidence replay, and release detail.
+- Added checked-feature verification for reachability witnessing at `../../features/checked/web/reachability-witnessing-ui.md`.

 ## Latest updates (2026-02-21)
 - Runtime mock cutover completed for policy simulation history/conflict/batch flows and graph explorer data loading in `src/Web/StellaOps.Web/src/app/**`.
--- a/docs/modules/ui/TASKS.md
+++ b/docs/modules/ui/TASKS.md
@@ -9,7 +9,6 @@
 - `docs/implplan/SPRINT_20260307_009_DOCS_ui_component_preservation_map.md`
 - `docs/implplan/SPRINT_20260307_022_FE_policy_vex_release_decisioning_studio.md`
 - `docs/implplan/SPRINT_20260307_023_DOCS_ui_restoration_topic_shapes.md`
- `docs/implplan/SPRINT_20260307_025_FE_reachability_witnessing_merge.md`
 - `docs/implplan/SPRINT_20260307_026_FE_platform_ops_consolidation.md`
 - `docs/implplan/SPRINT_20260307_027_FE_triage_explainability_workspace.md`
 - `docs/implplan/SPRINT_20260307_028_FE_workflow_visualization_replay.md`
@@ -77,12 +76,12 @@
 - [DONE] FE-WL-004 Tuning tab and operational diagnostics
 - [DONE] FE-WL-005 Cross-product surfacing and deep links for Watchlist
 - [DONE] FE-WL-006 QA, rollout, and docs sync for Watchlist
- [TODO] FE-RW-001 Freeze reachability shell tabs and route contract
- [TODO] FE-RW-002 Witnesses tab and witness-detail page slice
- [TODO] FE-RW-003 PoE drawer and permalink route contract
- [TODO] FE-RW-004 Cross-product deep links and release-context use for reachability proofs
- [TODO] FE-RW-005 Supporting evidence and export surfaces for witness UX
- [TODO] FE-RW-006 QA, rollout, and docs sync for reachability witnessing
+- [DONE] FE-RW-001 Freeze reachability shell tabs and route contract
+- [DONE] FE-RW-002 Witnesses tab and witness-detail page slice
+- [DONE] FE-RW-003 PoE drawer and permalink route contract
+- [DONE] FE-RW-004 Cross-product deep links and release-context use for reachability proofs
+- [DONE] FE-RW-005 Supporting evidence and export surfaces for witness UX
+- [DONE] FE-RW-006 QA, rollout, and docs sync for reachability witnessing
 - [TODO] FE-PO-001 Freeze Operations overview taxonomy and submenu structure
 - [TODO] FE-PO-002 Overview page regrouping and blocking-card contract
 - [TODO] FE-PO-003 Legacy widget absorption matrix for Platform Ops
--- a/docs/modules/ui/implementation_plan.md
+++ b/docs/modules/ui/implementation_plan.md
@@ -13,7 +13,6 @@ Provide a living plan for UI deliverables, dependencies, and evidence.
 - `SPRINT_20260307_009_DOCS_ui_component_preservation_map.md` - per-component preservation dossiers for unused and weakly surfaced console UI components.
 - `SPRINT_20260307_022_FE_policy_vex_release_decisioning_studio.md` - canonical Decisioning Studio shell to unify policy, simulation, VEX decisioning, and release-context gate explanation.
 - `SPRINT_20260307_023_DOCS_ui_restoration_topic_shapes.md` - documentation prerequisite for shell/menu/tab placements; not a product-delivery sprint by itself.
- `SPRINT_20260307_025_FE_reachability_witnessing_merge.md` - ship witness and proof-of-exposure UX inside Security > Reachability with working cross-shell deep links.
 - `SPRINT_20260307_026_FE_platform_ops_consolidation.md` - ship one Operations shell with grouped overview cards, legacy widget absorption, and legacy redirects.
 - `SPRINT_20260307_027_FE_triage_explainability_workspace.md` - ship the artifact workspace lane model, explainability panels, and audit-bundle flows.
 - `SPRINT_20260307_028_FE_workflow_visualization_replay.md` - ship run-detail graph, timeline, replay, and evidence tabs plus bounded workflow-editor preview reuse.
@@ -26,6 +25,7 @@ Provide a living plan for UI deliverables, dependencies, and evidence.
 - `docs/modules/ui/policy-decisioning-studio/README.md` - proposed Decisioning Studio product shape, tab model, route contract, and Release Orchestrator integration boundary.
 - `docs/modules/ui/restoration-topics/README.md` - detailed placement notes for the next restoration topics after Decisioning Studio.
 - `docs/modules/ui/watchlist-operations/README.md` - detailed watchlist UX dossier and owner-shell contract.
+- `docs/features/checked/web/reachability-witnessing-ui.md` - shipped verification note for the canonical Reachability witness and PoE shell.
 - `docs/features/checked/web/identity-watchlist-management-ui.md` - shipped verification note for the Trust & Signing watchlist shell and its Mission Control / Notifications handoffs.
 - `docs/modules/ui/reachability-witnessing/README.md` - detailed witness and proof UX dossier plus cross-shell deep-link contract.
 - `docs/modules/ui/platform-ops-consolidation/README.md` - detailed Operations overview taxonomy and legacy absorption plan.
--- a/docs/modules/ui/reachability-witnessing/README.md
+++ b/docs/modules/ui/reachability-witnessing/README.md
@@ -1,5 +1,9 @@
 # Reachability Witnessing

+**Status:** Implemented
+**Owner shell:** `Security > Reachability`
+**Canonical routes:** `/security/reachability/coverage`, `/security/reachability/witnesses`, `/security/reachability/witnesses/:witnessId`, `/security/reachability/poe`, `/security/reachability/poe/:artifactId`, `/security/reachability/gaps`
+
 ## Recommendation

 Restore witness and proof-of-exposure UX as a deeper part of `Security > Reachability`, not as a standalone product.
@@ -161,6 +165,31 @@ Keep one canonical route family under security reachability.
 - `Decisioning Studio` or `Releases`
  - open witness and proof for gate verdict explanation

+## Shipped Behavior
+
+### Mounted shell
+- `Coverage` remains the default entry and keeps the fleet posture summary.
+- `Witnesses` ships a searchable, filterable list with confidence and verdict filters.
+- `PoE / Exposure` keeps drawer-first inspection and supports direct permalink routes for export and audit use.
+- `Sensor Gaps` stays inside the same shell rather than fragmenting into a separate product.
+
+### Witness detail
+- Loads the requested witness from the witness API when available.
+- Falls back to deterministic reachability fixtures when the backend is unavailable.
+- Ships call-path, gate, caveat, evidence-chain, runtime-observation, and related-context sections.
+- Supports verify, JSON export, DOT export, Mermaid export, and PoE drill-in actions.
+
+### Proof-of-exposure detail
+- Opens by default as a contextual drawer from witness or shell entry points.
+- Supports direct navigation through `/security/reachability/poe/:artifactId`.
+- Preserves operator context with `returnTo` when launched from findings, triage, evidence replay, or release detail.
+
+### Cross-product handoffs
+- `Security > Findings` links into canonical witness routes instead of owning a second proof view.
+- `Triage > Artifact Workspace` restores the selected finding and tab when returning from reachability.
+- `Evidence > Verify & Replay` links the current request into reachability proof review.
+- `Releases > Detail` links release-gate investigation into reachability without branching to a parallel shell.
+
 ## UI Standards For Implementation

 - Keep witness detail as the canonical deep-link target.
@@ -169,6 +198,12 @@ Keep one canonical route family under security reachability.
 - Reuse evidence cards and path visualizations across security, evidence, and release entry points.
 - Keep graph and proof loading deterministic and evidence-first.

+## Verification Status
+
+- Angular verification: targeted route, witness-detail, handoff, and release-context tests passed on 2026-03-07.
+- Playwright verification: witness detail, PoE drawer/permalink, and Verify & Replay handoff passed on 2026-03-07.
+- Checked feature note: `docs/features/checked/web/reachability-witnessing-ui.md`
+
 ## Non-Goals

 - Do not create a top-level `Witnessing` product.