stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

consolidation of some of the modules, localization fixes, product advisories work, qa work

Browse Source
This commit is contained in:
master
2026-03-05 03:54:22 +02:00
parent 7bafcc3eef
commit 8e1cb9448d
3878 changed files with 72600 additions and 46861 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/modules/cli/architecture.md
View File

@@ -694,7 +694,13 @@ the registry's Referrers API. `--offline` returns simulated data for testing.
### 21.4 Implementation
- `EvidenceReferrerCommands.cs` static command builder class following existing pattern
- Wired into `EvidenceCommandGroup.BuildEvidenceCommand()` alongside existing sub-commands
- Reuses `IOciRegistryClient` and OCI models from `StellaOps.Cli.Services`
- 25 unit tests in `EvidenceReferrerCommandTests.cs`
- `EvidenceReferrerCommands.cs` static command builder class following existing pattern
- Wired into `EvidenceCommandGroup.BuildEvidenceCommand()` alongside existing sub-commands
- Reuses `IOciRegistryClient` and OCI models from `StellaOps.Cli.Services`
- 25 unit tests in `EvidenceReferrerCommandTests.cs`
## 22) Advisory Commitments (2026-02-26 Batch)
- `SPRINT_20260226_222_Cli_proof_chain_verification_and_replay_parity` delivers cryptographic verification-first command behavior for `chain`, `bundle`, `sbom`, `timeline`, and `replay` flows.
- `SPRINT_20260226_223_Platform_score_explain_contract_and_replay_alignment` aligns CLI score replay calls with deterministic Platform explain/history contracts.
- `SPRINT_20260226_229_DOCS_advisory_hygiene_dedup_and_archival_translation` tracks advisory translation and archival state for this batch.

13
docs/modules/cli/cli-vs-ui-parity.md
View File

@@ -154,3 +154,16 @@ The script should emit a parity report that feeds into the Downloads workspace (
*Last updated: 2026-01-20 (Sprint 20260120).*
## 12. 2026-02-26 Batch Parity Update
Aligned sprints:
- `SPRINT_20260226_222_Cli_proof_chain_verification_and_replay_parity`
- `SPRINT_20260226_227_FE_triage_risk_score_widget_wiring_and_parity`
Parity outcomes in this batch:
- CLI proof verification flows now align with deterministic verification contracts used by UI evidence and score surfaces.
- UI risk and score widgets are covered by active E2E suites and no longer tracked as skipped test debt.
- Replay/score explain integration paths use the same deterministic error semantics across CLI and UI consumers.

5
docs/modules/cli/guides/commands/sbom.md
View File

@@ -59,6 +59,11 @@ The command performs the following verification checks:
4. **Tool Version**: Verifies tool version metadata is present and valid.
5. **Timestamp Validity**: Checks generation timestamp is within acceptable window.
### 2026-02-26 parity note
- `stella sbom verify` now follows verification-first behavior and no longer relies on structural placeholder checks.
- Deterministic failure reasons are surfaced for missing trust roots, malformed signatures, and verification mismatch paths.
### Exit Codes
| Code | Meaning |

5
docs/modules/cli/guides/commands/scan-replay.md
View File

@@ -146,6 +146,11 @@ stella scan replay \
--policy "sha256:policy321..."
```
## 2026-02-26 parity note
- Replay commands in UI and evidence exports are backend-generated and should be executed without placeholder edits.
- `scan replay`, `timeline query/export`, and score explain/replay flows are aligned with deterministic backend contracts and error taxonomy.
## Related Commands
| Command | Description |

5
docs/modules/cli/guides/output-and-exit-codes.md
View File

@@ -32,3 +32,8 @@ stella task-runner simulate --output table
## Observability signals
- When tracing headers are present (`traceparent`), CLI propagates them; otherwise it emits new span IDs only in verbose logs.
- Metrics are not emitted by the CLI itself; servers capture request telemetry and can be correlated via the returned correlation/trace IDs printed on errors in verbose mode.
## 2026-02-26 proof/replay contract note
- Proof verification surfaces (`chain verify`, `bundle verify`, `sbom verify`, `witness verify`) emit deterministic error bodies and stable non-zero exit behavior when cryptographic checks fail.
- Score explain/replay and scan replay flows avoid synthetic fallback payloads and return explicit contract errors for missing or malformed backend responses.