feat: Add comprehensive product advisories for improved scanner functionality

- Introduced a blueprint for explainable quiet alerts, detailing phases for SBOM, VEX readiness, and attestations.
- Developed a roadmap for deterministic diff-aware rescans, enhancing scanner speed and efficiency.
- Implemented a hash-based SBOM layer cache to optimize container scans by reusing previous results.
- Created a multi-runtime reachability corpus to validate function-level reachability across various programming languages.
- Proposed a stable SBOM model using SPDX 3.0.1 for persistence and CycloneDX 1.6 for interchange.
- Established a validation plan for quiet scans, focusing on provenance and CI integration.
- Documented guidelines for the Findings Ledger module, outlining roles, execution rules, and testing protocols.

docs/implplan/archived/updates/2025-10-26-authority-graph-scopes.md

@@ -0,0 +1,15 @@
+# 2025-10-26 — Authority graph scopes documentation refresh
+
+## Summary
+
+- Documented least-privilege guidance for the new `graph:*` scopes in `docs/11_AUTHORITY.md` (scope mapping, tenant propagation, and DPoP expectations).
+- Extended the sample client table/config to include Cartographer and Graph API registrations so downstream teams can copy/paste the correct defaults.
+- Highlighted the requirement to consume `StellaOpsScopes` constants instead of hard-coded scope strings across services.
+
+## Next steps
+
+| Team | Follow-up | Target |
+|------|-----------|--------|
+| Authority Core | Ensure `/jwks` changelog references graph scope rollout in next release note. | 2025-10-28 |
+| Graph API Guild | Update gateway scaffolding to request scopes from `StellaOpsScopes` once the host project lands. | Sprint 21 stand-up |
+| Scheduler Guild | Confirm Cartographer client onboarding uses the new sample secret templates. | Sprint 21 stand-up |