First-time user experience fixes and platform contract repairs

FTUX fixes (Sprint 316-001): - Remove all hardcoded fake data from dashboard — fresh installs show honest setup guide instead of fake crisis data (5 fake criticals gone) - Curate advisory source defaults: 32 sources disabled by default (ecosystem, geo-restricted, exploit, hardware, mirror). ~43 core sources remain enabled. StellaOps Mirror no longer enabled at priority 1. - Filter Mirror-category sources from Create Domain wizard to prevent circular mirror-from-mirror chains - Add 404 catch-all route — unknown URLs show "Page Not Found" instead of silently rendering the dashboard - Fix arrow characters in release target path dropdown (? → →) - Add login credentials to quickstart documentation - Update Feature Matrix: 14 release orchestration features marked as shipped (was marked planned) Platform contract repairs (from prior session): - Add /api/v1/jobengine/quotas/summary endpoint on Platform - Fix gateway route prefix matching for /policy/shadow/* and /policy/simulations/* (regex routes instead of exact match) - Fix VexHub PostgresVexSourceRepository missing interface method - Fix advisory-vex-sources sweep text expectation - Fix mirror operator journey auth (session storage token extraction) Verified: 110/111 canonical routes passing (1 unrelated stale approval ref) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-16 02:05:38 +02:00
parent f4d3ef76db
commit 534aabfa2a
21 changed files with 3195 additions and 304 deletions
--- a/src/Concelier/__Libraries/StellaOps.Concelier.Core/Sources/SourceDefinitions.cs
+++ b/src/Concelier/__Libraries/StellaOps.Concelier.Core/Sources/SourceDefinitions.cs
@@ -611,7 +611,8 @@ public static class SourceDefinitions
        HttpClientName = "NpmClient",
        RequiresAuthentication = false,
        DefaultPriority = 50,
-        Tags = ImmutableArray.Create("npm", "ecosystem", "javascript", "node")
+        Tags = ImmutableArray.Create("npm", "ecosystem", "javascript", "node"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition PyPi = new()
@@ -626,7 +627,8 @@ public static class SourceDefinitions
        HttpClientName = "PyPiClient",
        RequiresAuthentication = false,
        DefaultPriority = 52,
-        Tags = ImmutableArray.Create("pypi", "ecosystem", "python")
+        Tags = ImmutableArray.Create("pypi", "ecosystem", "python"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Go = new()
@@ -641,7 +643,8 @@ public static class SourceDefinitions
        HttpClientName = "GoClient",
        RequiresAuthentication = false,
        DefaultPriority = 54,
-        Tags = ImmutableArray.Create("go", "ecosystem", "golang")
+        Tags = ImmutableArray.Create("go", "ecosystem", "golang"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition RubyGems = new()
@@ -656,7 +659,8 @@ public static class SourceDefinitions
        HttpClientName = "RubyGemsClient",
        RequiresAuthentication = false,
        DefaultPriority = 56,
-        Tags = ImmutableArray.Create("rubygems", "ecosystem", "ruby")
+        Tags = ImmutableArray.Create("rubygems", "ecosystem", "ruby"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Nuget = new()
@@ -672,7 +676,8 @@ public static class SourceDefinitions
        RequiresAuthentication = true,
        CredentialEnvVar = "GITHUB_PAT",
        DefaultPriority = 58,
-        Tags = ImmutableArray.Create("nuget", "ecosystem", "dotnet", "csharp")
+        Tags = ImmutableArray.Create("nuget", "ecosystem", "dotnet", "csharp"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Maven = new()
@@ -687,7 +692,8 @@ public static class SourceDefinitions
        HttpClientName = "MavenClient",
        RequiresAuthentication = false,
        DefaultPriority = 60,
-        Tags = ImmutableArray.Create("maven", "ecosystem", "java")
+        Tags = ImmutableArray.Create("maven", "ecosystem", "java"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Crates = new()
@@ -702,7 +708,8 @@ public static class SourceDefinitions
        HttpClientName = "CratesClient",
        RequiresAuthentication = false,
        DefaultPriority = 62,
-        Tags = ImmutableArray.Create("crates", "ecosystem", "rust")
+        Tags = ImmutableArray.Create("crates", "ecosystem", "rust"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Packagist = new()
@@ -717,7 +724,8 @@ public static class SourceDefinitions
        HttpClientName = "PackagistClient",
        RequiresAuthentication = false,
        DefaultPriority = 64,
-        Tags = ImmutableArray.Create("packagist", "ecosystem", "php")
+        Tags = ImmutableArray.Create("packagist", "ecosystem", "php"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Hex = new()
@@ -732,7 +740,8 @@ public static class SourceDefinitions
        HttpClientName = "HexClient",
        RequiresAuthentication = false,
        DefaultPriority = 66,
-        Tags = ImmutableArray.Create("hex", "ecosystem", "elixir", "erlang")
+        Tags = ImmutableArray.Create("hex", "ecosystem", "elixir", "erlang"),
+        EnabledByDefault = false
    };

    // ===== CSAF/VEX Sources =====
@@ -927,7 +936,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        DocumentationUrl = "https://www.exploit-db.com/",
        DefaultPriority = 110,
-        Tags = ImmutableArray.Create("exploit", "poc", "offensive")
+        Tags = ImmutableArray.Create("exploit", "poc", "offensive"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition PocGithub = new()
@@ -943,7 +953,8 @@ public static class SourceDefinitions
        RequiresAuthentication = true,
        CredentialEnvVar = "GITHUB_PAT",
        DefaultPriority = 112,
-        Tags = ImmutableArray.Create("exploit", "poc", "github")
+        Tags = ImmutableArray.Create("exploit", "poc", "github"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Metasploit = new()
@@ -958,7 +969,8 @@ public static class SourceDefinitions
        HttpClientName = "MetasploitClient",
        RequiresAuthentication = false,
        DefaultPriority = 114,
-        Tags = ImmutableArray.Create("exploit", "metasploit", "rapid7")
+        Tags = ImmutableArray.Create("exploit", "metasploit", "rapid7"),
+        EnabledByDefault = false
    };

    // ===== Cloud Provider Advisories =====
@@ -1054,7 +1066,8 @@ public static class SourceDefinitions
        HttpClientName = "IntelClient",
        RequiresAuthentication = false,
        DefaultPriority = 130,
-        Tags = ImmutableArray.Create("intel", "hardware", "firmware", "cpu")
+        Tags = ImmutableArray.Create("intel", "hardware", "firmware", "cpu"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Amd = new()
@@ -1069,7 +1082,8 @@ public static class SourceDefinitions
        HttpClientName = "AmdClient",
        RequiresAuthentication = false,
        DefaultPriority = 132,
-        Tags = ImmutableArray.Create("amd", "hardware", "firmware", "cpu")
+        Tags = ImmutableArray.Create("amd", "hardware", "firmware", "cpu"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Arm = new()
@@ -1084,7 +1098,8 @@ public static class SourceDefinitions
        HttpClientName = "ArmClient",
        RequiresAuthentication = false,
        DefaultPriority = 134,
-        Tags = ImmutableArray.Create("arm", "hardware", "firmware", "cpu")
+        Tags = ImmutableArray.Create("arm", "hardware", "firmware", "cpu"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Siemens = new()
@@ -1099,7 +1114,8 @@ public static class SourceDefinitions
        HttpClientName = "SiemensClient",
        RequiresAuthentication = false,
        DefaultPriority = 136,
-        Tags = ImmutableArray.Create("siemens", "ics", "scada", "hardware")
+        Tags = ImmutableArray.Create("siemens", "ics", "scada", "hardware"),
+        EnabledByDefault = false
    };

    // ===== Package Manager Native Advisories =====
@@ -1116,7 +1132,8 @@ public static class SourceDefinitions
        HttpClientName = "RustSecClient",
        RequiresAuthentication = false,
        DefaultPriority = 63,
-        Tags = ImmutableArray.Create("rustsec", "package-manager", "rust", "cargo")
+        Tags = ImmutableArray.Create("rustsec", "package-manager", "rust", "cargo"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition PyPa = new()
@@ -1131,7 +1148,8 @@ public static class SourceDefinitions
        HttpClientName = "PyPaClient",
        RequiresAuthentication = false,
        DefaultPriority = 53,
-        Tags = ImmutableArray.Create("pypa", "package-manager", "python", "pip")
+        Tags = ImmutableArray.Create("pypa", "package-manager", "python", "pip"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition GoVuln = new()
@@ -1146,7 +1164,8 @@ public static class SourceDefinitions
        HttpClientName = "GoVulnClient",
        RequiresAuthentication = false,
        DefaultPriority = 55,
-        Tags = ImmutableArray.Create("govuln", "package-manager", "go", "golang")
+        Tags = ImmutableArray.Create("govuln", "package-manager", "go", "golang"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition BundlerAudit = new()
@@ -1161,7 +1180,8 @@ public static class SourceDefinitions
        HttpClientName = "BundlerAuditClient",
        RequiresAuthentication = false,
        DefaultPriority = 57,
-        Tags = ImmutableArray.Create("bundler", "package-manager", "ruby", "rubysec")
+        Tags = ImmutableArray.Create("bundler", "package-manager", "ruby", "rubysec"),
+        EnabledByDefault = false
    };

    // ===== Additional CERTs =====
@@ -1179,7 +1199,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("UA"),
        DefaultPriority = 95,
-        Tags = ImmutableArray.Create("cert", "ukraine")
+        Tags = ImmutableArray.Create("cert", "ukraine"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition CertPl = new()
@@ -1195,7 +1216,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("PL", "EU"),
        DefaultPriority = 96,
-        Tags = ImmutableArray.Create("cert", "poland", "eu")
+        Tags = ImmutableArray.Create("cert", "poland", "eu"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition AusCert = new()
@@ -1211,7 +1233,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("AU", "APAC"),
        DefaultPriority = 97,
-        Tags = ImmutableArray.Create("cert", "australia", "apac")
+        Tags = ImmutableArray.Create("cert", "australia", "apac"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition KrCert = new()
@@ -1227,7 +1250,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("KR", "APAC"),
        DefaultPriority = 98,
-        Tags = ImmutableArray.Create("cert", "korea", "apac")
+        Tags = ImmutableArray.Create("cert", "korea", "apac"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition CertIn = new()
@@ -1243,7 +1267,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("IN", "APAC"),
        DefaultPriority = 99,
-        Tags = ImmutableArray.Create("cert", "india", "apac")
+        Tags = ImmutableArray.Create("cert", "india", "apac"),
+        EnabledByDefault = false
    };

    // ===== Russian/CIS Sources =====
@@ -1261,7 +1286,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("RU", "CIS"),
        DefaultPriority = 100,
-        Tags = ImmutableArray.Create("fstec", "bdu", "russia", "cis")
+        Tags = ImmutableArray.Create("fstec", "bdu", "russia", "cis"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition Nkcki = new()
@@ -1277,7 +1303,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("RU", "CIS"),
        DefaultPriority = 101,
-        Tags = ImmutableArray.Create("nkcki", "russia", "cis", "cert")
+        Tags = ImmutableArray.Create("nkcki", "russia", "cis", "cert"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition KasperskyIcs = new()
@@ -1293,7 +1320,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("RU", "CIS", "GLOBAL"),
        DefaultPriority = 102,
-        Tags = ImmutableArray.Create("kaspersky", "ics", "russia", "cis", "scada")
+        Tags = ImmutableArray.Create("kaspersky", "ics", "russia", "cis", "scada"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition AstraLinux = new()
@@ -1309,7 +1337,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        Regions = ImmutableArray.Create("RU", "CIS"),
        DefaultPriority = 48,
-        Tags = ImmutableArray.Create("astra", "distro", "linux", "fstec", "russia")
+        Tags = ImmutableArray.Create("astra", "distro", "linux", "fstec", "russia"),
+        EnabledByDefault = false
    };

    // ===== Threat Intelligence =====
@@ -1327,7 +1356,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        DocumentationUrl = "https://attack.mitre.org/",
        DefaultPriority = 140,
-        Tags = ImmutableArray.Create("mitre", "attack", "threat-intel", "tactics")
+        Tags = ImmutableArray.Create("mitre", "attack", "threat-intel", "tactics"),
+        EnabledByDefault = false
    };

    public static readonly SourceDefinition MitreD3fend = new()
@@ -1343,7 +1373,8 @@ public static class SourceDefinitions
        RequiresAuthentication = false,
        DocumentationUrl = "https://d3fend.mitre.org/",
        DefaultPriority = 142,
-        Tags = ImmutableArray.Create("mitre", "d3fend", "threat-intel", "defensive")
+        Tags = ImmutableArray.Create("mitre", "d3fend", "threat-intel", "defensive"),
+        EnabledByDefault = false
    };

    // ===== StellaOps Mirror =====
@@ -1362,7 +1393,8 @@ public static class SourceDefinitions
        StatusPageUrl = "https://status.stella-ops.org/",
        DocumentationUrl = "https://docs.stella-ops.org/mirror/",
        DefaultPriority = 1, // Highest priority when using mirror mode
-        Tags = ImmutableArray.Create("stella", "mirror", "aggregated")
+        Tags = ImmutableArray.Create("stella", "mirror", "aggregated"),
+        EnabledByDefault = false
    };

    // ===== All Sources Collection =====