stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

save progress

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-28 03:08:52 +02:00
parent cec4265a40
commit 3acc0ef0cd
476 changed files with 6765 additions and 1902 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/implplan/SPRINT_1227_0004_0001_BE_signature_verification.md → docs/implplan/archived/2025-12-28-sprint-vex-trust-verifier/SPRINT_1227_0004_0001_BE_signature_verification.md
View File

@@ -278,9 +278,9 @@ Test cases:
| T6 | Wire DI with feature flag | DONE | VexVerificationServiceCollectionExtensions |
| T7 | Add configuration schema | DONE | VexSignatureVerifierOptions |
| T8 | Write unit tests | DONE | ProductionVexSignatureVerifierTests |
| T9 | Write integration tests | TODO | End-to-end flow |
| T9 | Write integration tests | DONE | VerificationIntegrationTests.cs |
| T10 | Add telemetry/metrics | DONE | VexVerificationMetrics |
| T11 | Document offline mode | TODO | Bundle trust anchors |
| T11 | Document offline mode | DONE | docs/airgap/VEX_SIGNATURE_VERIFICATION_OFFLINE_MODE.md |
---
@@ -345,4 +345,7 @@ Test cases:
| 2025-12-27 | Created V1 adapter for backward compatibility | Agent |
| 2025-12-27 | Added unit tests for ProductionVexSignatureVerifier, CryptoProfileSelector, Cache | Agent |
| 2025-01-16 | Sprint complete and ready for archive. T9 (integration) and T11 (offline docs) deferred. | Agent |
| 2025-12-28 | T9: Created VerificationIntegrationTests.cs with 10 integration test cases | Agent |
| 2025-12-28 | T11: Created VEX_SIGNATURE_VERIFICATION_OFFLINE_MODE.md with trust anchor bundling guide | Agent |
| 2025-12-28 | Sprint COMPLETE and ready for archive | Agent |

29
docs/implplan/SPRINT_1227_0004_0002_FE_trust_column.md → docs/implplan/archived/2025-12-28-sprint-vex-trust-verifier/SPRINT_1227_0004_0002_FE_trust_column.md
View File

@@ -332,16 +332,16 @@ export const LowTrust: Story = () => ({
| ID | Task | Status | Notes |
|----|------|--------|-------|
| T1 | Create `VexTrustChipComponent` | TODO | Badge with tiers |
| T2 | Create `VexTrustPopoverComponent` | TODO | Breakdown panel |
| T3 | Add Trust column to findings-list | TODO | Header + cell |
| T4 | Add Trust chip to triage-list | TODO | Metadata row |
| T5 | Enhance `VexTrustStatus` model | TODO | Add evidence fields |
| T6 | Add trust sorting | TODO | FindingsSortService |
| T7 | Write unit tests | TODO | All tiers + edge cases |
| T8 | Write Storybook stories | TODO | Visual testing |
| T9 | Accessibility audit | TODO | WCAG 2.1 AA |
| T10 | Dark mode support | TODO | CSS variables |
| T1 | Create `VexTrustChipComponent` | DONE | vex-trust-chip.component.ts with tier-based styling |
| T2 | Create `VexTrustPopoverComponent` | DONE | vex-trust-popover.component.ts with breakdown |
| T3 | Add Trust column to findings-list | DONE | findings-list.component.html - column + popover |
| T4 | Add Trust chip to triage-list | DONE | triage-list.component.ts - meta row |
| T5 | Enhance `VexTrustStatus` model | DONE | gating.model.ts - added evidence fields |
| T6 | Add trust sorting | DONE | FindingsListComponent - trust sort method |
| T7 | Write unit tests | DONE | vex-trust-chip.component.spec.ts, vex-trust-popover.component.spec.ts |
| T8 | Write Storybook stories | DONE | stories/trust/vex-trust-chip.stories.ts |
| T9 | Accessibility audit | DONE | docs/accessibility/ACCESSIBILITY_AUDIT_VEX_TRUST_COLUMN.md |
| T10 | Dark mode support | DONE | Dark mode CSS included in component styles |
---
@@ -443,4 +443,13 @@ export const LowTrust: Story = () => ({
| Date | Action | By |
|------|--------|------|
| 2025-12-27 | Sprint created | PM |
| 2025-12-28 | T1-T2: VexTrustChipComponent and VexTrustPopoverComponent already exist with full implementation | Agent |
| 2025-12-28 | T3: Added Trust column cell to findings-list.component.html with popover support | Agent |
| 2025-12-28 | T4: Added VexTrustChipComponent import and usage to triage-list.component.ts | Agent |
| 2025-12-28 | T5-T6: VexTrustStatus model and trust sorting already implemented | Agent |
| 2025-12-28 | T7: Verified unit tests exist (vex-trust-chip.component.spec.ts, vex-trust-popover.component.spec.ts) | Agent |
| 2025-12-28 | T8: Created Storybook stories at stories/trust/vex-trust-chip.stories.ts | Agent |
| 2025-12-28 | T9: Created ACCESSIBILITY_AUDIT_VEX_TRUST_COLUMN.md with WCAG 2.1 AA compliance audit | Agent |
| 2025-12-28 | T10: Verified dark mode CSS variables in component styles | Agent |
| 2025-12-28 | Sprint COMPLETE and ready for archive | Agent |

4
docs/implplan/SPRINT_1227_0004_0003_BE_vextrust_gate.md → docs/implplan/archived/2025-12-28-sprint-vex-trust-verifier/SPRINT_1227_0004_0003_BE_vextrust_gate.md
View File

@@ -398,7 +398,7 @@ Test cases:
| T6 | Add configuration schema | DONE | `etc/policy-gates.yaml.sample` updated |
| T7 | Enhance audit entity | DONE | `PolicyAuditEntity.cs` - added VEX trust fields |
| T8 | Write unit tests | DONE | `VexTrustGateTests.cs`, `VexTrustConfidenceFactorProviderTests.cs` |
| T9 | Write integration tests | TODO | End-to-end flow |
| T9 | Write integration tests | DONE | VexTrustGateIntegrationTests.cs with 20+ test cases |
| T10 | Add telemetry | DONE | `Gates/VexTrustGateMetrics.cs` |
| T11 | Document rollout procedure | DONE | `docs/guides/vex-trust-gate-rollout.md` |
@@ -477,4 +477,6 @@ Test cases:
| 2025-12-27 | Created docs/guides/vex-trust-gate-rollout.md with phased rollout procedure | Agent |
| 2025-12-27 | Sprint 10/11 tasks complete (T9 integration tests deferred - requires full stack) | Agent |
| 2025-01-16 | Sprint complete and ready for archive. T9 deferred (requires full policy stack). | Agent |
| 2025-12-28 | T9: Created VexTrustGateIntegrationTests.cs with 20+ test cases covering all environments | Agent |
| 2025-12-28 | Sprint COMPLETE and ready for archive | Agent |

4
docs/implplan/SPRINT_1227_0004_0004_LB_trust_attestations.md → docs/implplan/archived/2025-12-28-sprint-vex-trust-verifier/SPRINT_1227_0004_0004_LB_trust_attestations.md
View File

@@ -469,7 +469,7 @@ Test cases:
| T7 | Implement `TrustVerdictOciAttacher` | DONE | OCI attachment stub with ORAS patterns |
| T8 | Add DI registration | DONE | TrustVerdictServiceCollectionExtensions |
| T9 | Write unit tests | DONE | TrustVerdictServiceTests, MerkleBuilderTests, CacheTests |
| T10 | Write integration tests | TODO | Rekor, OCI - requires live infrastructure |
| T10 | Write integration tests | DONE | TrustVerdictIntegrationTests.cs with mocked Rekor/OCI |
| T11 | Add telemetry | DONE | TrustVerdictMetrics with counters and histograms |
---
@@ -545,4 +545,6 @@ return $"sha256:{Convert.ToHexStringLower(digest)}";
| 2025-01-15 | Also created JsonCanonicalizer for deterministic serialization | Agent |
| 2025-01-15 | Sprint 10/11 tasks complete, T10 (integration tests) requires live infra | Agent |
| 2025-01-16 | Sprint complete and ready for archive. T10 deferred (requires live Rekor/OCI). | Agent |
| 2025-12-28 | T10: Created TrustVerdictIntegrationTests.cs with 20+ test cases (mocked Rekor/OCI) | Agent |
| 2025-12-28 | Sprint COMPLETE and ready for archive | Agent |

0
docs/implplan/SPRINT_1227_0004_ADVISORY_vex_trust_verifier.md → docs/implplan/archived/2025-12-28-sprint-vex-trust-verifier/SPRINT_1227_0004_ADVISORY_vex_trust_verifier.md
View File

0
docs/implplan/SPRINT_1227_0005_ADVISORY_evidence_first_dashboards.md → docs/implplan/archived/2025-12-28-sprint-vex-trust-verifier/SPRINT_1227_0005_ADVISORY_evidence_first_dashboards.md
View File