stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

update audit bundle and vex decision schemas, add keyboard shortcuts for triage

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-15 09:03:36 +02:00
parent b058dbe031
commit 4344020dd1
16 changed files with 975 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
docs/ui/triage.md Normal file
View File

@@ -0,0 +1,50 @@
# Triage Workspace
The triage workspace (`/triage/artifacts/:artifactId`) is optimized for high-frequency analyst workflows: navigate findings, inspect reachability and signed evidence, and record VEX decisions with minimal mouse interaction.
## Keyboard shortcuts
Shortcuts are ignored while typing in `input`, `textarea`, `select`, or any `contenteditable` region.
| Shortcut | Action |
| --- | --- |
| `J` | Jump to first incomplete evidence pane for the selected finding. |
| `Y` | Copy the selected attestation payload to the clipboard. |
| `R` | Cycle reachability view: path list → compact graph → textual proof. |
| `/` | Switch to the Reachability tab and focus the search box. |
| `S` | Toggle deterministic sort for the findings list. |
| `A` | Quick VEX: open the VEX modal with status “Affected (unmitigated)”. |
| `N` | Quick VEX: open the VEX modal with status “Not affected”. |
| `U` | Quick VEX: open the VEX modal with status “Under investigation”. |
| `?` | Toggle the keyboard help overlay. |
| `↑` / `↓` | Select previous / next finding. |
| `←` / `→` | Switch to previous / next evidence tab. |
| `Enter` | Open the VEX modal for the selected finding. |
| `Esc` | Close overlays (keyboard help, reachability drawer, attestation detail). |
## Evidence completeness (`J`)
`J` navigates to the first incomplete evidence area for the selected finding using this order:
1. Missing VEX decision → opens the VEX modal.
2. Reachability is `unknown` → switches to the Reachability tab.
3. Missing signed evidence → switches to the Attestations tab.
4. Otherwise, shows “All evidence complete”.
## Deterministic sort (`S`)
When deterministic sort is enabled, findings are sorted by:
1. Reachability (reachable → unknown → unreachable → missing)
2. Severity
3. Age (modified/published date)
4. Component (PURL)
Ties break by CVE and internal vulnerability ID to keep ordering stable.
## Related docs
- `docs/ui/advisories-and-vex.md`
- `docs/ui/reachability-overlays.md`
- `docs/ui/vulnerability-explorer.md`