stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Add UI benchmark driver and scenarios for graph interactions
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
devportal-offline / build-offline (push) Has been cancelled
Details

Browse Source 
- Introduced `ui_bench_driver.mjs` to read scenarios and fixture manifest, generating a deterministic run plan.
- Created `ui_bench_plan.md` outlining the purpose, scope, and next steps for the benchmark.
- Added `ui_bench_scenarios.json` containing various scenarios for graph UI interactions.
- Implemented tests for CLI commands, ensuring bundle verification and telemetry defaults.
- Developed schemas for orchestrator components, including replay manifests and event envelopes.
- Added mock API for risk management, including listing and statistics functionalities.
- Implemented models for risk profiles and query options to support the new API.
This commit is contained in:
StellaOps Bot
2025-12-02 01:28:17 +02:00
parent 909d9b6220
commit 44171930ff
94 changed files with 3606 additions and 271 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
docs/product-advisories/ADVISORY_INDEX.md
View File

@@ -10,6 +10,7 @@ These are the authoritative advisories to reference for implementation:
- **Canonical:** `25-Nov-2025 - Add CVSS v4.0 Score Receipts for Transparency.md`
- **Sprint:** SPRINT_0190_0001_0001_cvss_v4_receipts.md
- **Gaps:** `31-Nov-2025 FINDINGS.md` (CV1CV10 remediation task CVSS-GAPS-190-013)
- **Timing/UI:** `01-Dec-2025 - Time-to-Evidence (TTE) Metric.md` (archived)
- **Status:** New sprint created
### CVSS v4.0 Momentum Briefing
@@ -76,6 +77,20 @@ These are the authoritative advisories to reference for implementation:
- **Gaps:** `31-Nov-2025 FINDINGS.md` (PVX1PVX10 remediation task UI-PROOF-VEX-0215-010)
- **Status:** Drawer/badge pattern defined but missing scoped auth, cache/staleness policy, stronger integrity verification, failure/offline UX, evidence precedence rules, telemetry privacy schema, signed permalinks, revision reconciliation, and fixtures/tests.
### Time-to-Evidence (TTE) Metric
- **Canonical:** `01-Dec-2025 - Time-to-Evidence (TTE) Metric.md`
- **Sprint:** SPRINT_0215_0001_0001_vuln_triage_ux.md (UI) with telemetry alignment to SPRINT_0180_0001_0001_telemetry_core.md
- **Related Docs:** UI sprints 0209/0215, telemetry architecture docs
- **Gaps:** `31-Nov-2025 FINDINGS.md` (TTE1TTE10 remediation task TTE-GAPS-0215-011)
- **Status:** Metric defined but needs event schema/versioning, proof eligibility rules, sampling/bot filters, per-surface SLO/error budgets, index/streaming requirements, offline-kit handling, alert/runbook, release gate, and a11y tests.
### Archived Advisories (1523 Nov 2025)
- **Canonical:** `docs/product-advisories/archived/*.md` (embedded provenance events, function-level VEX explainability, binary reachability branches, SBOM-provenance spine, etc.)
- **Sprint:** SPRINT_300_documentation_process.md (triage/decision)
- **Related Docs:** None current (need revival + canonicalization)
- **Gaps:** `31-Nov-2025 FINDINGS.md` (AR-EP1 … AR-VB1 remediation task ARCHIVED-GAPS-300-020)
- **Status:** Archived set lacks schemas, determinism rules, redaction/licensing, changelog/signing, and duplication resolution; needs triage on which to revive into active advisories.
### SBOM → VEX Proof Blueprint
- **Canonical:** `29-Nov-2025 - SBOM to VEX Proof Pipeline Blueprint.md`
- **Sprint:** SPRINT_300_documentation_process.md (docs tracker)