stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

feat: Add comprehensive product advisories for improved scanner functionality
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source 
- Introduced a blueprint for explainable quiet alerts, detailing phases for SBOM, VEX readiness, and attestations.
- Developed a roadmap for deterministic diff-aware rescans, enhancing scanner speed and efficiency.
- Implemented a hash-based SBOM layer cache to optimize container scans by reusing previous results.
- Created a multi-runtime reachability corpus to validate function-level reachability across various programming languages.
- Proposed a stable SBOM model using SPDX 3.0.1 for persistence and CycloneDX 1.6 for interchange.
- Established a validation plan for quiet scans, focusing on provenance and CI integration.
- Documented guidelines for the Findings Ledger module, outlining roles, execution rules, and testing protocols.
This commit is contained in:
master
2025-11-17 00:09:26 +02:00
parent 08b27b8a26
commit 7b01c7d6ac
73 changed files with 3993 additions and 697 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
docs/implplan/archived/updates/2025-10-29-scheduler-policy-doc-refresh.md Normal file
View File

@@ -0,0 +1,21 @@
# 2025-10-29 — Scheduler/Policy Guild Doc Refresh
## Summary
- Extended `SCHED-MODELS-20-001` with environment metadata guidance, lifecycle semantics, and diff payload breakdown for Policy Engine runs.
- Confirmed `StellaOps.Scheduler.Models.Tests` to keep sample fixtures in sync with the documentation.
- Ready for distribution to Scheduler (Models/Worker/WebService) and Policy Engine guilds; link this update when posting to internal channels.
## Suggested announcement
> **Channel(s):** `#scheduler-guild`, `#policy-engine`
> **Message:**
> ```
> Policy Engine run DTO docs just picked up a refresh (environment metadata, lifecycle+retry table, diff payload notes).
> • Doc: src/Scheduler/__Libraries/StellaOps.Scheduler.Models/docs/SCHED-MODELS-20-001-POLICY-RUNS.md
> • Samples: samples/api/scheduler/policy-*.json
> • Tests: dotnet test src/Scheduler/__Tests/StellaOps.Scheduler.Models.Tests
> Please review for orchestration + API consumer work; ping back if other fields need coverage.
> ```
## Follow-up
- [ ] Confirm both guilds acknowledge the documentation update.
- [ ] Fold any feedback into Sprint21 scheduler schema backlog if additional DTO changes are requested.