new advisories work and features gaps work
This commit is contained in:
master
@@ -7,6 +7,8 @@
|
||||
- Maintain evidence bundle schemas and export formats.
|
||||
- Provide API and worker workflows for evidence packaging and retrieval.
|
||||
- Enforce deterministic ordering, hashing, and offline-friendly behavior.
|
||||
- Support transparency log (Rekor) and RFC3161 timestamp references in bundle metadata.
|
||||
- Support S3 Object Lock for WORM retention and legal hold when configured.
|
||||
|
||||
## Required Reading
|
||||
- docs/README.md
|
||||
@@ -16,13 +18,19 @@
|
||||
- docs/modules/evidence-locker/export-format.md
|
||||
- docs/modules/evidence-locker/evidence-bundle-v1.md
|
||||
- docs/modules/evidence-locker/attestation-contract.md
|
||||
- docs/modules/evidence-locker/schemas/stellaops-evidence-pack.v1.schema.json
|
||||
- docs/modules/evidence-locker/schemas/bundle.manifest.schema.json
|
||||
|
||||
## Working Agreement
|
||||
- Deterministic ordering and invariant formatting for export artifacts.
|
||||
- Use TimeProvider and IGuidGenerator where timestamps or IDs are created.
|
||||
- Propagate CancellationToken for async operations.
|
||||
- Keep offline-first behavior (no network dependencies unless explicitly configured).
|
||||
- Bundle manifests must serialize transparency and timestamp references in deterministic order (logIndex, tokenPath).
|
||||
- Object Lock configuration is validated at startup when enabled.
|
||||
|
||||
## Testing Strategy
|
||||
- Unit tests for bundling, export serialization, and hash stability.
|
||||
- Schema evolution tests for bundle compatibility.
|
||||
- Tests for transparency and timestamp reference serialization.
|
||||
- Tests for Object Lock configuration validation.
|
||||
|
||||
Reference in New Issue
Block a user