stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

chore(docs+devops): cross-module doc sync + sprint archival moves + compose updates

Browse Source 
Bundled pre-session doc + ops work:
- docs/modules/**: sync across advisory-ai, airgap, cli, excititor,
  export-center, findings-ledger, notifier, notify, platform, router,
  sbom-service, ui, web (architectural + operational updates)
- docs/features/**: updates to checked excititor vex pipeline,
  developer workspace, quick verify drawer
- docs top-level: README, quickstart, API_CLI_REFERENCE, UI_GUIDE,
  code-of-conduct/TESTING_PRACTICES updates
- docs/qa/feature-checks/: FLOW.md + excititor state update
- docs/implplan/: remaining sprint updates + new Concelier source
  credentials sprint (SPRINT_20260422_003)
- docs-archived/implplan/: 30 sprint archival moves (ElkSharp series,
  misc completed sprints)
- devops/compose: .env + services compose + env example + router gateway
  config updates

File-level granularity preserved.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-04-22 16:06:39 +03:00
parent ad77711ac2
commit 7943cfb3af
121 changed files with 10483 additions and 387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/modules/export-center/README.md
View File

@@ -37,6 +37,12 @@ Export Center packages reproducible evidence bundles (JSON, Trivy DB, mirror) wi
- Telemetry dashboards for export latency and retry rates.
- Testing-only in-memory runtime switches are explicit (`Export:AllowInMemoryRepositories`, `Export:UseInMemoryEvidenceLocker`, `Export:UseInMemoryVerificationArtifactStore`, `Export:UseInMemoryAttestationStore`, `Export:UseInMemoryPromotionAttestationStore`, `Export:UseInMemoryIncidentManager`, `Export:UseInMemoryRiskBundleJobHandler`, `Export:UseInMemorySimulationExporter`, `Export:UseInMemoryAuditBundleJobHandler`, `Export:UseInMemoryExceptionReportGenerator`, `Export:UseInMemoryTimelineNotificationSink`). Non-testing runtime must use durable services or truthful `501` gaps.
## Remaining truthful unsupported runtime surfaces
- `UnsupportedExportArtifactStore`, `UnsupportedExportAttestationService`, and `UnsupportedPromotionAttestationAssembler` are the current shipped truth for verification and attestation readback: outside `Testing` they return `501 problem+json` instead of simulating persistence.
- `UnsupportedExportIncidentManager`, `UnsupportedRiskBundleJobHandler`, `UnsupportedSimulationReportExporter`, `UnsupportedAuditBundleJobHandler`, and `UnsupportedExceptionReportGenerator` are the current shipped truth for the remaining admin/job surfaces: outside `Testing` they return `501 problem+json` instead of keeping process-local state.
- `UnsupportedExportNotificationSink` is the current shipped truth for timeline publication: outside `Testing` publish attempts report delivery failure instead of buffering in memory.
- These surfaces remain durable-backend backlog, but they are no longer mock/stub runtime debt because the host does not fabricate success or persist canonical state in process.
## Related resources
- ./operations/runbook.md
- ./devportal-offline.md (bundle structure, verification workflow, DSSE signature details)