stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

feat: add PolicyPackSelectorComponent with tests and integration

Browse Source 
- Implemented PolicyPackSelectorComponent for selecting policy packs.
- Added unit tests for component behavior, including API success and error handling.
- Introduced monaco-workers type declarations for editor workers.
- Created acceptance tests for guardrails with stubs for AT1–AT10.
- Established SCA Failure Catalogue Fixtures for regression testing.
- Developed plugin determinism harness with stubs for PL1–PL10.
- Added scripts for evidence upload and verification processes.
This commit is contained in:
StellaOps Bot
2025-12-05 21:24:34 +02:00
parent 347c88342c
commit 18d87c64c5
220 changed files with 7700 additions and 518 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docs/onboarding/dev-quickstart.md
View File

@@ -18,6 +18,13 @@ Core concepts:
- **Trust lattice:** Merges vendor VEX, runtime signals, configs, etc. into a single deterministic verdict.
- **Audit trail:** Every decision is reproducible from stored inputs and proofs.
**Offline/determinism essentials (read first):**
- Install from the curated offline kit (no network); pin SDK + tool versions in `inputs.lock`.
- Use DSSE-signed configs and keep signing keys in offline `~/.stellaops/keys` with short-lived tokens.
- Run `dotnet format` / `dotnet test` with `--blame-crash --blame-hang` using fixed seeds (`Random(1337)`) to avoid flakiness.
- Capture DB/queue matrix upfront: MongoDB (pinned version), optional Postgres slices, and local cache paths; set `TZ=UTC` for all runs.
If you think “content-addressed trust pipeline for SBOMs + VEX,” youre in the right mental model.
---
@@ -39,6 +46,15 @@ Start by opening these projects **in order**:
6. `src/StellaOps.Shared/CanonicalModel/`
Canonical entities & graph IDs. **Read this carefully** it underpins determinism.
Starter issues to grab on day 1 (all offline-friendly):
- Add DSSE verification to a small CLI path (`stella verify --local-only`).
- Extend `inputs.lock` examples with a pinned scanner/DB matrix.
- Write a deterministic unit test for canonical ID ordering.
- Improve `docs/` cross-links (Developer Quickstart ↔ platform architecture) and ensure `docs:` trailer appears in commits.
UI note: Console remains in flux; focus on backend determinism first, then follow UI sprints 0209/0215 for micro-interactions and proof-linked VEX updates.
Helpful docs:
- `docs/modules/platform/*` protocols (DSSE envelopes, lattice terms, trust receipts).