consolidation of some of the modules, localization fixes, product advisories work, qa work

docs/modules/concelier/architecture.md

@@ -273,7 +273,7 @@ public interface IFeedConnector {
 
 * **Fetch**: windowed (cursor), conditional GET (ETag/Last‑Modified), retry/backoff, rate limiting.
 * **Parse**: schema validation (JSON Schema, XSD/CSAF), content type checks; write **DTO** with normalized casing.
-* **Map**: build canonical records; all outputs carry **provenance** (doc digest, URI, anchors). KEV references use `reference` provenance anchored to the catalog search URL.
+* **Map**: build canonical records; all outputs carry **provenance** (doc digest, URI, anchors). KEV references use `reference` provenance anchored to the catalog search URL.
 
 ### 4.2 Version range normalization
 
@@ -631,3 +631,29 @@ concelier:
    - Advisory evidence attestation parameters and path rules are documented in `docs/modules/concelier/attestation.md`.
 4. **Scale & diagnostics**: provider dashboards, staleness alerts, export cache reuse.
 5. **Offline kit**: end‑to‑end verified bundles for air‑gap.
+
+---
+
+## ADR: Advisory Domain Source Consolidation (Sprint 203, 2026-03-04)
+
+### Decision
+
+Absorb `src/Feedser/` (4 projects) and `src/Excititor/` (38+ projects) into `src/Concelier/` as a **source-only consolidation**. No namespace renames. No database schema merge. No service identity changes.
+
+### Context
+
+The advisory domain spans three service-level source directories (Concelier, Feedser, Excititor) that all contribute to the same logical pipeline: raw advisory ingestion, proof evidence generation, and VEX observation correlation. Keeping them as separate top-level directories created confusion about domain ownership and complicated cross-module reference tracking for 17+ dependent projects.
+
+### Rationale for no DB merge
+
+All three DbContexts (`ConcelierDbContext`, `ExcititorDbContext`, `ProofServiceDbContext`) connect to the same PostgreSQL database (`stellaops_platform`) but own distinct schemas (`vuln`/`concelier`, `vex`/`excititor`, `vuln`/`feedser`). The 49 entities across 5 schemas have distinct write lifecycles (raw ingestion vs. proof generation vs. VEX processing). Merging DbContexts would couple unrelated write patterns for zero operational benefit. Schema isolation is a feature.
+
+### Consequences
+
+- `src/Concelier/` is now the single domain root for all advisory-related source code.
+- Feedser projects live at `src/Concelier/StellaOps.Feedser.*` and `src/Concelier/__Tests/StellaOps.Feedser.*`.
+- Excititor projects live at `src/Concelier/StellaOps.Excititor.*`, `src/Concelier/__Libraries/StellaOps.Excititor.*`, and `src/Concelier/__Tests/StellaOps.Excititor.*`.
+- Runtime service identities are unchanged: Excititor WebService and Worker deploy as separate containers with the same Docker image names and HTTP paths.
+- Deployment boundary is frozen: Concelier and Excititor remain independently deployable services.
+- CI path-filters updated: `excititor` section replaced with comment pointing to `concelier` paths.
+- `src/Feedser/` and `src/Excititor/` top-level directories have been deleted.

docs/modules/concelier/prep/2025-11-20-orchestrator-registry-prep.md

@@ -6,7 +6,7 @@ This prep note was consolidated into the current Concelier and Orchestrator docu
 - `docs/modules/concelier/architecture.md`
 - `docs/modules/concelier/connectors.md`
 - `docs/modules/concelier/operations/authority-audit-runbook.md`
-- `docs/modules/orchestrator/architecture.md`
+- `docs/modules/jobengine/architecture.md`
 
 ## Scope
 - Registry/control-plane assumptions for ingestion scheduling.