Refactor compare-view component to use observables for data loading, enhancing performance and responsiveness. Update compare service interfaces and methods for improved delta computation. Modify audit log component to handle optional event properties gracefully. Optimize Monaco editor worker loading to reduce bundle size. Introduce shared SCSS mixins for consistent styling across components. Add Gitea test instance setup and NuGet package publishing test scripts for CI/CD validation. Update documentation paths and ensure all references are accurate.

docs/modules/concelier/operations/connectors/certbund.md

@@ -96,7 +96,7 @@ curl -s -b cookies.txt \
 
 Iterate `page` until the response `content` array is empty. Pages 0–9 currently cover 2014→present. Persist JSON responses (plus SHA256) for Offline Kit parity.
 
-> **Shortcut** – run `python src/Tools/certbund_offline_snapshot.py --output seed-data/cert-bund`
+> **Shortcut** – run `python src/Tools/certbund_offline_snapshot.py --output src/__Tests/__Datasets/seed-data/cert-bund`
 > to bootstrap the session, capture the paginated search responses, and regenerate
 > the manifest/checksum files automatically. Supply `--cookie-file` and `--xsrf-token`
 > if the portal requires a browser-derived session (see options via `--help`).
@@ -105,14 +105,14 @@ Iterate `page` until the response `content` array is empty. Pages 0–9 currentl
 
 ```bash
 python src/Tools/certbund_offline_snapshot.py \
-  --output seed-data/cert-bund \
+  --output src/__Tests/__Datasets/seed-data/cert-bund \
   --start-year 2014 \
   --end-year "$(date -u +%Y)"
 ```
 
-The helper stores yearly exports under `seed-data/cert-bund/export/`,
-captures paginated search snapshots in `seed-data/cert-bund/search/`,
-and generates the manifest + SHA files in `seed-data/cert-bund/manifest/`.
+The helper stores yearly exports under `src/__Tests/__Datasets/seed-data/cert-bund/export/`,
+captures paginated search snapshots in `src/__Tests/__Datasets/seed-data/cert-bund/search/`,
+and generates the manifest + SHA files in `src/__Tests/__Datasets/seed-data/cert-bund/manifest/`.
 Split ranges according to your compliance window (default: one file per
 calendar year). Concelier can ingest these JSON payloads directly when
 operating offline.

docs/modules/concelier/operations/connectors/cve-kev.md

@@ -18,7 +18,7 @@ concelier:
       apiOrg: "ORG123"
       apiUser: "user@example.org"
       apiKeyFile: "/var/run/secrets/concelier/cve-api-key"
-      seedDirectory: "./seed-data/cve"
+      seedDirectory: "./src/__Tests/__Datasets/seed-data/cve"
       pageSize: 200
       maxPagesPerFetch: 5
       initialBackfill: "30.00:00:00"
@@ -28,7 +28,7 @@ concelier:
 
 > ℹ️  Store the API key outside source control. When using `apiKeyFile`, mount the secret file into the container/host; alternatively supply `apiKey` via `CONCELIER_SOURCES__CVE__APIKEY`.
 
-> 🪙  When credentials are not yet available, configure `seedDirectory` to point at mirrored CVE JSON (for example, the repo’s `seed-data/cve/` bundle). The connector will ingest those records and log a warning instead of failing the job; live fetching resumes automatically once `apiOrg` / `apiUser` / `apiKey` are supplied.
+> 🪙  When credentials are not yet available, configure `seedDirectory` to point at mirrored CVE JSON (for example, the repo's `src/__Tests/__Datasets/seed-data/cve/` bundle). The connector will ingest those records and log a warning instead of failing the job; live fetching resumes automatically once `apiOrg` / `apiUser` / `apiKey` are supplied.
 
 ### 1.2 Smoke Test (staging)
 

docs/modules/concelier/operations/connectors/ics-cisa.md

@@ -65,7 +65,7 @@ Optional tuning keys (set only when needed):
 
 If credentials are still pending, populate the connector with the community CSV dataset before enabling the live fetch:
 
-1. Run `./scripts/fetch-ics-cisa-seed.sh` (or `.ps1`) to download the latest `CISA_ICS_ADV_*.csv` files into `seed-data/ics-cisa/`.
+1. Run `./devops/tools/fetch-ics-cisa-seed.sh` (or `.ps1`) to download the latest `CISA_ICS_ADV_*.csv` files into `src/__Tests/__Datasets/seed-data/ics-cisa/`.
 2. Copy the CSVs (and the generated `.sha256` files) into your Offline Kit staging area so they ship alongside the other feeds.
 3. Import the kit as usual. The connector can parse the seed data for historical context, but **live GovDelivery credentials are still required** for fresh advisories.
 4. Once credentials arrive, update `concelier:sources:icscisa:govDelivery:code` and re-trigger `source:ics-cisa:fetch` so the connector switches to the authorised feed.
@@ -79,7 +79,7 @@ If credentials are still pending, populate the connector with the community CSV
    ```bash
    CONCELIER_SOURCES_ICSCISA_GOVDELIVERY_CODE=... \ 
    CONCELIER_SOURCES_ICSCISA_ENABLEDETAILSCRAPE=1 \ 
-   Run `stella db fetch --source ics-cisa --stage fetch`, then `--stage parse`, then `--stage map`.
+   Run `stella db fetch --source ics-cisa --stage fetch`, then `--stage parse`, then `--stage map`.
    ```
 3. Confirm logs contain `ics-cisa detail fetch` entries and that new documents/DTOs include attachments (see `docs/artifacts/icscisa`). Canonical advisories should expose PDF links as `references.kind == "attachment"` and affected packages should surface `primitives.semVer.exactValue` for single-version hits.
 4. If Akamai blocks direct fetches, set `concelier:sources:icscisa:proxyUri` to your allow-listed egress proxy and rerun the dry-run.