feat: add entropy policy banner and policy gate indicator components
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implemented EntropyPolicyBannerComponent with configuration for entropy policies, including thresholds, current scores, and mitigation steps. - Created PolicyGateIndicatorComponent to display the status of policy gates, including passed, failed, and warning gates, with detailed views for determinism and entropy gates. - Added HTML and SCSS for both components to ensure proper styling and layout. - Introduced computed properties and signals for reactive state management in Angular. - Included remediation hints and actions for user interaction within the policy gate indicator.
This commit is contained in:
master
130
docs/product-advisories/ADVISORY_INDEX.md
Normal file
130
docs/product-advisories/ADVISORY_INDEX.md
Normal file
@@ -0,0 +1,130 @@
|
||||
# Product Advisory Index
|
||||
|
||||
This index consolidates the November 2025 product advisories, identifying canonical documents and duplicates.
|
||||
|
||||
## Canonical Advisories (Active)
|
||||
|
||||
These are the authoritative advisories to reference for implementation:
|
||||
|
||||
### CVSS v4.0
|
||||
- **Canonical:** `25-Nov-2025 - Add CVSS v4.0 Score Receipts for Transparency.md`
|
||||
- **Sprint:** SPRINT_0190_0001_0001_cvss_v4_receipts.md
|
||||
- **Status:** New sprint created
|
||||
|
||||
### SBOM/VEX Pipeline
|
||||
- **Canonical:** `27-Nov-2025 - Deep Architecture Brief - SBOM‑First, VEX‑Ready Spine.md`
|
||||
- **Sprint:** SPRINT_0186_0001_0001_record_deterministic_execution.md (tasks 15a-15f)
|
||||
- **Supersedes:**
|
||||
- `24-Nov-2025 - Bridging OpenVEX and CycloneDX for .NET.md` → archive
|
||||
- `25-Nov-2025 - Revisiting Determinism in SBOM→VEX Pipeline.md` → archive
|
||||
- `26-Nov-2025 - From SBOM to VEX - Building a Transparent Chain.md` → archive
|
||||
|
||||
### Rekor/DSSE Batch Sizing
|
||||
- **Canonical:** `26-Nov-2025 - Handling Rekor v2 and DSSE Air‑Gap Limits.md`
|
||||
- **Sprint:** SPRINT_0401_0001_0001_reachability_evidence_chain.md (DSSE tasks)
|
||||
- **Supersedes:**
|
||||
- `27-Nov-2025 - Rekor Envelope Size Heuristic.md` → archive (duplicate)
|
||||
- `27-Nov-2025 - DSSE and Rekor Envelope Size Heuristic.md` → archive (duplicate)
|
||||
- `27-Nov-2025 - Optimizing DSSE Batch Sizes for Reliable Logging.md` → archive (duplicate)
|
||||
|
||||
### Graph Revision IDs
|
||||
- **Canonical:** `26-Nov-2025 - Use Graph Revision IDs as Public Trust Anchors.md`
|
||||
- **Sprint:** SPRINT_0401_0001_0001_reachability_evidence_chain.md (existing tasks)
|
||||
- **Supersedes:**
|
||||
- `25-Nov-2025 - Hash‑Stable Graph Revisions Across Systems.md` → archive (earlier version)
|
||||
|
||||
### Reachability Benchmark (Public)
|
||||
- **Canonical:** `24-Nov-2025 - Designing a Deterministic Reachability Benchmark.md`
|
||||
- **Sprint:** SPRINT_0513_0001_0001_public_reachability_benchmark.md
|
||||
- **Related:**
|
||||
- `26-Nov-2025 - Opening Up a Reachability Dataset.md` → complementary (dataset focus)
|
||||
|
||||
### Unknowns Registry
|
||||
- **Canonical:** `27-Nov-2025 - Managing Ambiguity Through an Unknowns Registry.md`
|
||||
- **Sprint:** SPRINT_0140_0001_0001_runtime_signals.md (existing implementation)
|
||||
- **Extends:** `archived/18-Nov-2025 - Unknowns-Registry.md`
|
||||
- **Status:** Already implemented in Signals module; advisory validates design
|
||||
|
||||
### Explainability
|
||||
- **Canonical (Graphs):** `27-Nov-2025 - Making Graphs Understandable to Humans.md`
|
||||
- **Canonical (Verdicts):** `27-Nov-2025 - Explainability Layer for Vulnerability Verdicts.md`
|
||||
- **Sprint:** SPRINT_0401_0001_0001_reachability_evidence_chain.md (UI-CLI tasks)
|
||||
- **Status:** Complementary advisories - graphs cover edge reasons, verdicts cover audit trails
|
||||
|
||||
### VEX Proofs
|
||||
- **Canonical:** `25-Nov-2025 - Define Safe VEX 'Not Affected' Claims with Proofs.md`
|
||||
- **Sprint:** SPRINT_0401_0001_0001_reachability_evidence_chain.md (POLICY-VEX tasks)
|
||||
|
||||
### Binary Reachability
|
||||
- **Canonical:** `27-Nov-2025 - Verifying Binary Reachability via DSSE Envelopes.md`
|
||||
- **Sprint:** SPRINT_0401_0001_0001_reachability_evidence_chain.md (GRAPH-HYBRID tasks)
|
||||
|
||||
### Scanner Roadmap
|
||||
- **Canonical:** `27-Nov-2025 - Blueprint for a 2026‑Ready Scanner.md`
|
||||
- **Sprint:** Multiple sprints (0186, 0401, 0512)
|
||||
- **Status:** High-level roadmap document
|
||||
|
||||
## Files to Archive
|
||||
|
||||
The following files should be moved to `archived/` as they are superseded:
|
||||
|
||||
```
|
||||
# Duplicates/superseded
|
||||
24-Nov-2025 - Bridging OpenVEX and CycloneDX for .NET.md
|
||||
25-Nov-2025 - Revisiting Determinism in SBOM→VEX Pipeline.md
|
||||
25-Nov-2025 - Hash‑Stable Graph Revisions Across Systems.md
|
||||
26-Nov-2025 - From SBOM to VEX - Building a Transparent Chain.md
|
||||
27-Nov-2025 - Rekor Envelope Size Heuristic.md
|
||||
27-Nov-2025 - DSSE and Rekor Envelope Size Heuristic.md
|
||||
27-Nov-2025 - Optimizing DSSE Batch Sizes for Reliable Logging.md
|
||||
|
||||
# Junk/malformed files
|
||||
24-Nov-2025 - 1 copy 2.md
|
||||
24-Nov-2025 - Designing a Deterministic Reachability Benchmarkmd (missing dot)
|
||||
25-Nov-2025 - Half‑Life Confidence Decay for Unknownsmd (missing dot)
|
||||
```
|
||||
|
||||
## Sprint Cross-Reference
|
||||
|
||||
| Advisory Topic | Sprint ID | Status |
|
||||
|---------------|-----------|--------|
|
||||
| CVSS v4.0 | SPRINT_0190_0001_0001 | NEW |
|
||||
| SPDX 3.0.1 / SBOM | SPRINT_0186_0001_0001 | AUGMENTED |
|
||||
| Reachability Benchmark | SPRINT_0513_0001_0001 | NEW |
|
||||
| Reachability Evidence | SPRINT_0401_0001_0001 | EXISTING |
|
||||
| Unknowns Registry | SPRINT_0140_0001_0001 | EXISTING (implemented) |
|
||||
| Graph Revision IDs | SPRINT_0401_0001_0001 | EXISTING |
|
||||
| DSSE/Rekor Batching | SPRINT_0401_0001_0001 | EXISTING |
|
||||
|
||||
## Implementation Priority
|
||||
|
||||
Based on gap analysis:
|
||||
|
||||
1. **P0 - CVSS v4.0** (Sprint 0190) - Industry moving to v4.0, genuine gap
|
||||
2. **P1 - SPDX 3.0.1** (Sprint 0186 tasks 15a-15f) - Standards compliance
|
||||
3. **P1 - Public Benchmark** (Sprint 0513) - Differentiation/marketing value
|
||||
4. **P2 - Explainability** (Sprint 0401) - UX enhancement, existing tasks
|
||||
5. **P3 - Already Implemented** - Unknowns, Graph IDs, DSSE batching
|
||||
|
||||
## Implementer Quick Reference
|
||||
|
||||
For each topic, the implementer should read:
|
||||
|
||||
1. **Sprint file** - Contains task definitions, dependencies, working directories
|
||||
2. **Documentation Prerequisites** - Listed in each sprint file
|
||||
3. **Canonical advisory** - Full product context and rationale
|
||||
4. **Module AGENTS.md** - If exists, contains module-specific coding guidance
|
||||
|
||||
### Key Module Docs to Read Before Implementation
|
||||
|
||||
| Module | Architecture Doc | AGENTS.md |
|
||||
|--------|-----------------|-----------|
|
||||
| Policy | `docs/modules/policy/architecture.md` | `src/Policy/*/AGENTS.md` |
|
||||
| Scanner | `docs/modules/scanner/architecture.md` | `src/Scanner/*/AGENTS.md` |
|
||||
| Sbomer | `docs/modules/sbomer/architecture.md` | `src/Sbomer/*/AGENTS.md` |
|
||||
| Signals | `docs/modules/signals/architecture.md` | `src/Signals/*/AGENTS.md` |
|
||||
| Attestor | `docs/modules/attestor/architecture.md` | `src/Attestor/*/AGENTS.md` |
|
||||
|
||||
---
|
||||
*Index created: 2025-11-27*
|
||||
*Last updated: 2025-11-27*
|
||||
Reference in New Issue
Block a user