feat: add PolicyPackSelectorComponent with tests and integration

- Implemented PolicyPackSelectorComponent for selecting policy packs.
- Added unit tests for component behavior, including API success and error handling.
- Introduced monaco-workers type declarations for editor workers.
- Created acceptance tests for guardrails with stubs for AT1–AT10.
- Established SCA Failure Catalogue Fixtures for regression testing.
- Developed plugin determinism harness with stubs for PL1–PL10.
- Added scripts for evidence upload and verification processes.

docs/task-packs/approvals-ledger.schema.json

@@ -0,0 +1,48 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "title": "StellaOps Task Pack Approval Ledger",
+  "description": "DSSE payload recording approval decisions for Task Pack gates.",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "schemaVersion",
+    "runId",
+    "gateId",
+    "planHash",
+    "decision",
+    "decidedAt",
+    "tenantId",
+    "approver"
+  ],
+  "properties": {
+    "schemaVersion": {
+      "type": "string",
+      "const": "stellaops.pack.approval-ledger.v1"
+    },
+    "runId": { "type": "string", "minLength": 1 },
+    "gateId": { "type": "string", "minLength": 1 },
+    "planHash": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" },
+    "decision": { "type": "string", "enum": ["approved", "rejected", "expired"] },
+    "decidedAt": { "type": "string", "format": "date-time" },
+    "tenantId": { "type": "string", "minLength": 1 },
+    "environment": { "type": "string" },
+    "approver": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["id"],
+      "properties": {
+        "id": { "type": "string", "minLength": 1 },
+        "summary": { "type": "string" }
+      }
+    },
+    "reason": { "type": "string" },
+    "evidence": {
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "requestDigest": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" },
+        "responseDigest": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" }
+      }
+    }
+  }
+}

docs/task-packs/packs-offline-bundle.schema.json

@@ -64,19 +64,19 @@
       "properties": {
         "sandbox": {
           "type": "object",
-          "additionalProperties": false,
-          "required": ["mode", "egressAllowlist", "cpuLimitMillicores", "memoryLimitMiB"],
-          "properties": {
-            "mode": { "type": "string", "enum": ["sealed", "restricted"] },
-            "egressAllowlist": {
-              "type": "array",
-              "items": { "type": "string" }
-            },
-            "cpuLimitMillicores": { "type": "integer", "minimum": 1 },
-            "memoryLimitMiB": { "type": "integer", "minimum": 1 },
-            "quotaSeconds": { "type": "integer", "minimum": 1 }
-          }
+      "additionalProperties": false,
+      "required": ["mode", "egressAllowlist", "cpuLimitMillicores", "memoryLimitMiB", "quotaSeconds"],
+      "properties": {
+        "mode": { "type": "string", "enum": ["sealed", "restricted"] },
+        "egressAllowlist": {
+          "type": "array",
+          "items": { "type": "string" }
         },
+        "cpuLimitMillicores": { "type": "integer", "minimum": 1 },
+        "memoryLimitMiB": { "type": "integer", "minimum": 1 },
+        "quotaSeconds": { "type": "integer", "minimum": 1 }
+      }
+    },
         "revocations": { "type": "string", "description": "Revocation list for pack versions/digests." },
         "signatures": {
           "type": "object",

docs/task-packs/registry.md

@@ -176,6 +176,7 @@ Extensions must be deterministic and derived from signed bundle data.
 - **Sandbox + quotas (TP6):** Registry metadata carries `sandbox.mode`, explicit egress allowlists, CPU/memory limits, and quota seconds; Task Runner refuses packs missing these fields.
 - **SLO + alerting (TP9):** Pack metadata includes SLOs (`runP95Seconds`, `approvalP95Seconds`, `maxQueueDepth`); registry emits metrics/alerts when declared SLOs are exceeded during publish/import flows.
 - **Fail-closed imports (TP10):** Import/mirror paths abort when DSSE, hash entries, or revocation files are absent or stale, returning actionable error codes for CLI/Task Runner.
+- **Approval ledger schema:** Registry exposes `docs/task-packs/approvals-ledger.schema.json` for DSSE approval records (planHash must be `sha256:<64-hex>`); import validation rejects non-conforming ledgers.
 
 ---
 

docs/task-packs/spec.md

@@ -168,7 +168,7 @@ pack.yaml ──▶ schema validation ──▶ expression audit ──▶ deter
 Packs must pass CLI validation before publishing.
 
 ### 6.1 · TP Gap Remediation (2025-12)
-- **Canonical plan hash (TP1):** Compute `plan.hash` as `sha256` over canonical JSON (`plan.canonicalPlanPath`) with sorted keys and normalized numbers/booleans. The canonical plan file ships in offline bundles.
+- **Canonical plan hash (TP1):** Compute `plan.hash` as `sha256:<64-hex>` over canonical JSON (`plan.canonicalPlanPath`) with sorted keys and normalized numbers/booleans. The canonical plan file ships in offline bundles.
 - **Inputs lock (TP2):** CLI emits `inputs.lock` capturing resolved inputs and redacted secret placeholders; hashed via `hashes[]` and included in evidence bundles.
 - **Approval ledger DSSE (TP3):** Approval responses are DSSE-signed ledgers embedding `runId`, `gateId`, `planHash`, and tenant context; Task Runner rejects approvals without matching plan hash.
 - **Secret redaction (TP4):** `security.secretsRedactionPolicy` defines hashing/redaction for secrets and PII; transcripts/evidence must reference this policy.
@@ -178,6 +178,7 @@ Packs must pass CLI validation before publishing.
 - **Offline bundle schema + verifier (TP8):** Offline exports must satisfy `docs/task-packs/packs-offline-bundle.schema.json` and pass `scripts/packs/verify_offline_bundle.py --require-dsse`.
 - **SLO + alerting (TP9):** Manifests declare `slo.runP95Seconds`, `slo.approvalP95Seconds`, `slo.maxQueueDepth`, and optional `slo.alertRules`; telemetry enforces and alerts on breaches.
 - **Fail-closed gates (TP10):** Approval/policy/timeline gates fail closed when DSSE, hash entries, or quotas are missing/expired; CLI surfaces remediation hints.
+- **Approval ledger schema:** Approval decisions must conform to `docs/task-packs/approvals-ledger.schema.json`; planHash is `sha256:<64-hex>` and DSSE envelopes must reference ledger digest.
 
 ---