feat(ui): ship triage explainability workspace

2026-03-07 21:43:55 +02:00
parent 437d26c47c
commit 8f43378317
32 changed files with 2296 additions and 259 deletions
--- a/docs/features/checked/web/triage-explainability-workspace-ui.md
+++ b/docs/features/checked/web/triage-explainability-workspace-ui.md
@@ -0,0 +1,60 @@
+# Triage Explainability Workspace UI
+
+## Module
+Web
+
+## Status
+VERIFIED
+
+## Description
+Shipped the canonical triage artifact workspace with lane-based queue segmentation, contextual explainability panels, canonical `/triage/*` ownership, and a sibling `Audit Bundles` page. The preserved workbench ideas now live inside one usable operator shell instead of orphan routes. Security artifact entry points deep-link into the same canonical workspace instead of owning a second surface.
+
+## Implementation Details
+- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/triage/`
+- **Primary components**:
+  - `triage-artifacts` (`src/Web/StellaOps.Web/src/app/features/triage/triage-artifacts.component.ts`)
+  - `triage-workspace` (`src/Web/StellaOps.Web/src/app/features/triage/triage-workspace.component.ts`)
+  - `triage-audit-bundles` (`src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundles.component.ts`)
+  - `triage-audit-bundle-new` (`src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundle-new.component.ts`)
+- **Canonical routes**:
+  - `/triage/artifacts`
+  - `/triage/artifacts/:artifactId`
+  - `/triage/audit-bundles`
+  - `/triage/audit-bundles/new`
+- **Route state**:
+  - `lane=active|quiet|review`
+  - `panel=ai|reason|provenance|history`
+  - `findingId=<vulnId>`
+  - `tab=evidence|overview|reachability|delta|policy|attestations`
+- **Preserved functionality**:
+  - lane-based queue management with row and bulk transitions
+  - explainability rail for AI recommendations, reason capsule, provenance, and decision history
+  - audit-bundle list and create flow
+  - security alias cutover from `/security/artifacts*`
+- **Secondary entry points**:
+  - `Security > Triage`
+  - `Security > Findings`
+  - `Evidence`
+
+## E2E Test Plan
+- **Setup**:
+  - [ ] Log in with a user that can access `Security`, `Triage`, and `Evidence`.
+  - [ ] Navigate to `/triage/artifacts?lane=review`.
+  - [ ] Ensure vulnerability and audit-bundle fixtures are available.
+- **Core verification**:
+  - [ ] Verify `Active`, `Quiet Lane`, and `Needs Review` lanes load and keep query state.
+  - [ ] Verify bulk lane movement and `Build audit bundle` operate from the live list.
+  - [ ] Verify workspace detail preserves `tab` and `panel` state while showing evidence-first advisory UX.
+- **Legacy verification**:
+  - [ ] Verify `/security/artifacts` and `/security/artifacts/:artifactId` canonicalize into `/triage/*`.
+  - [ ] Verify alias redirects preserve `artifactId`, query params, and fragments.
+  - [ ] Verify audit-bundle creation remains reachable from list and detail entry points.
+
+## Verification
+- Run:
+  - `npx ng test --watch=false --include src/tests/triage/triage-artifacts.component.spec.ts --include src/tests/triage/triage-workspace-with-proof-tree.behavior.spec.ts --include src/tests/audit_bundle/triage-routes.spec.ts --include src/tests/security-risk/security-risk-routes.spec.ts --include src/tests/navigation/legacy-redirects.spec.ts --include src/tests/routes/legacy-route-migration-framework.component.spec.ts --include src/tests/audit_bundle/audit-bundles.client.contract.spec.ts --include src/tests/audit_bundle/triage-audit-bundle-new.component.spec.ts --include src/tests/audit_bundle/triage-audit-bundles.component.spec.ts`
+  - `npx playwright test tests/e2e/triage-explainability-workspace.spec.ts --workers=1`
+- Tier 0 (source): pass
+- Tier 1 (build/tests): pass
+- Tier 2 (behavior): pass
+- Verified on (UTC): 2026-03-07T19:40:00Z
--- a/docs/implplan/SPRINT_20260307_027_FE_triage_explainability_workspace.md
+++ b/docs/implplan/SPRINT_20260307_027_FE_triage_explainability_workspace.md
@@ -1,129 +0,0 @@
-# Sprint 20260307-027 - Triage Explainability Workspace
-
-## Topic & Scope
- Merge the dropped triage workbench ideas into one canonical artifact workspace plus a sibling `Audit Bundles` page.
- Ship a fully usable artifact workspace with lane segmentation, detail-side explainability panels, and a working `Audit Bundles` page.
- Complete the missing triage functionality end to end so the operator can actually use quiet lane, explanation panels, and audit packaging from the active shell.
- Working directory: `src/Web/StellaOps.Web/src/app/features/triage`.
- Allowed coordination edits: `src/Web/StellaOps.Web/src/app/routes/security-risk.routes.ts`, `src/Web/StellaOps.Web/src/app/features/security-risk/`, `src/Web/StellaOps.Web/src/app/features/evidence/`, `docs/modules/ui/triage-explainability-workspace`, and `docs/modules/ui/TASKS.md`.
- Expected evidence: working lane tabs, working detail-side explainability panels, working audit-bundle flows, migrated supporting components, tests, and updated docs.
-
-## Dependencies & Concurrency
- Depends on:
-  - `docs/modules/ui/triage-explainability-workspace/README.md`
-  - `docs/UI_GUIDE.md`
-  - `docs/ui-analysis/03_TRIAGE_POLICY_OPS_SCREENS.md`
-  - `docs/ui-analysis/05_ROUTE_SUMMARY_AND_OBSERVATIONS.md`
-  - `src/Web/StellaOps.Web/src/app/features/triage/triage-artifacts.component.ts`
-  - `src/Web/StellaOps.Web/src/app/features/triage/triage-workspace.component.ts`
-  - `src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundles.component.ts`
- Safe parallelism:
-  - route, lane, and panel contracts should freeze before FE implementation begins
-  - list-lane work and detail-panel work can proceed in parallel after the contract is stable
-  - audit-bundle page work can proceed in parallel with supporting component absorption
-
-## Documentation Prerequisites
- `docs/modules/ui/triage-explainability-workspace/README.md`
- `docs/modules/ui/contextual-actions-patterns/README.md`
- `docs/modules/ui/restoration-topics/triage-explainability-workbench.md`
- `docs/modules/ui/component-preservation-map/RESTORATION_PRIORITIES.md`
-
-## Delivery Tracker
-
-### FE-TX-001 - Wire the canonical artifact workspace and route state
-Status: TODO
-Dependency: none
-Owners: Product Manager, FE Architect
-Task description:
- Implement the canonical artifact workspace route family, lane query params, panel query params, and sibling `Audit Bundles` page ownership.
- Ensure the active shell exposes the triage workspace operators should actually use.
-
-Completion criteria:
- [ ] Canonical artifact and audit-bundle routes are active in the router.
- [ ] Lane and panel query params work in the shipped UI.
- [ ] Separate workbench brands are no longer required for triage access.
-
-### FE-TX-002 - Ship the list-lane workflows
-Status: TODO
-Dependency: FE-TX-001
-Owners: Developer, FE Architect
-Task description:
- Implement the list-layer experience for `Active`, `Quiet Lane`, and `Needs Review`.
- Ensure row actions, bulk actions, and lane transitions are usable from the active artifact list.
-
-Completion criteria:
- [ ] Lane tabs or segmented controls are working in the shipped UI.
- [ ] Row and bulk actions work from the artifact list.
- [ ] Quiet-lane behavior is usable as queue state, not a detached page.
-
-### FE-TX-003 - Ship the detail-side explainability workspace
-Status: TODO
-Dependency: FE-TX-001
-Owners: Developer, Product Manager
-Task description:
- Implement artifact detail panels for AI recommendations, reason capsule, provenance, and decision history.
- Make them usable beside the central artifact summary and evidence trail instead of leaving them as unmounted workbench ideas.
-
-Completion criteria:
- [ ] Detail-side panels render and open via the active workspace route state.
- [ ] Panel actions and return-to-context behavior work in the shipped UI.
- [ ] AI remains advisory and evidence-first in the shipped detail experience.
-
-### FE-TX-004 - Ship the Audit Bundles page and create flow
-Status: TODO
-Dependency: FE-TX-001
-Owners: Developer, Documentation author
-Task description:
- Implement the `Audit Bundles` list, create flow, and download/verify behavior as a real sibling page.
- Ensure operators can build and retrieve audit bundles from the active triage and evidence flows.
-
-Completion criteria:
- [ ] Bundle list and create flow are usable in the shipped UI.
- [ ] Cross-links from artifact detail and evidence open the working page.
- [ ] Audit bundles remain a visible sibling page, not a hidden modal flow.
-
-### FE-TX-005 - Migrate supporting components and retire workbench wrappers
-Status: TODO
-Dependency: FE-TX-003
-Owners: Developer, Documentation author
-Task description:
- Migrate dropped triage components such as quiet lane workbench, AI recommendation workbench, reason capsule, snapshot viewer, unknowns list, and AI badge into the target workspace.
- Retire wrapper shells only after their preserved behavior is working in the active artifact workspace.
-
-Completion criteria:
- [ ] Supporting components are visible in the working list or detail surfaces.
- [ ] Wrapper shells slated for retirement are no longer needed for preserved behavior.
- [ ] No preserved triage functionality depends on an orphan workbench route.
-
-### FE-TX-006 - Verify, document, and cut over the workspace
-Status: TODO
-Dependency: FE-TX-004
-Owners: QA, Documentation author
-Task description:
- Add Playwright scenarios for list-lane navigation, detail panels, cross-links to reachability and evidence, and audit-bundle creation.
- Update triage and UI docs so the artifact workspace ships as the usable owner of these workflows.
-
-Completion criteria:
- [ ] Verification covers lane changes, detail panels, and audit bundles.
- [ ] Cross-shell deep links are included in testing.
- [ ] Docs reflect the shipped artifact workspace and audit-bundle flows.
-
-## Execution Log
-| Date (UTC) | Update | Owner |
-| --- | --- | --- |
-| 2026-03-07 | Sprint created to ship one artifact workspace with lane segmentation, detail-side explainability, and a sibling Audit Bundles page instead of keeping those capabilities in dropped workbench shells. | Project Manager |
-
-## Decisions & Risks
- Decision: triage stays one workspace with contextual explainability, not multiple workbench brands.
- Decision: audit bundles remain a real page because they carry lifecycle, export, and audit semantics.
- Risk: AI recommendation UI may expand beyond advisory use and obscure evidence-first operator decisions.
- Mitigation: require explicit advisory-only copy and evidence panels in the detail contract.
- Risk: quiet-lane behavior may get over-specialized into another shell.
- Mitigation: freeze it as list segmentation plus row or bulk actions only.
- Delivery rule: this sprint is only complete when the active triage workspace provides the preserved explainability and audit workflows without depending on orphan workbench pages.
- Reference design note: `docs/modules/ui/triage-explainability-workspace/README.md`.
-
-## Next Checkpoints
- 2026-03-08: confirm lane model, detail-side panel set, and Audit Bundles ownership.
- 2026-03-09: freeze supporting component merge matrix and route/query contract.
- 2026-03-10: finalize QA and rollout contract.
--- a/docs/modules/ui/TASKS.md
+++ b/docs/modules/ui/TASKS.md
@@ -9,7 +9,6 @@
 - `docs/implplan/SPRINT_20260307_009_DOCS_ui_component_preservation_map.md`
 - `docs/implplan/SPRINT_20260307_022_FE_policy_vex_release_decisioning_studio.md`
 - `docs/implplan/SPRINT_20260307_023_DOCS_ui_restoration_topic_shapes.md`
- `docs/implplan/SPRINT_20260307_027_FE_triage_explainability_workspace.md`
 - `docs/implplan/SPRINT_20260307_028_FE_workflow_visualization_replay.md`
 - `docs/implplan/SPRINT_20260307_029_FE_contextual_actions_and_stray_surfaces.md`

@@ -87,12 +86,12 @@
 - [DONE] FE-PO-004 Route cleanup and alias migration contract for Operations
 - [DONE] FE-PO-005 Setup boundary and deep-link contract for Operations
 - [DONE] FE-PO-006 QA, rollout, and docs sync for Platform Ops consolidation
- [TODO] FE-TX-001 Freeze artifact workspace route, lane, and panel contract
- [TODO] FE-TX-002 List-lane segmentation slice for Artifact Workspace
- [TODO] FE-TX-003 Detail-side explainability rail slice
- [TODO] FE-TX-004 Audit bundles page and create-flow slice
- [TODO] FE-TX-005 Supporting component merge matrix for Triage explainability
- [TODO] FE-TX-006 QA, rollout, and docs sync for Triage explainability
+- [DONE] FE-TX-001 Freeze artifact workspace route, lane, and panel contract
+- [DONE] FE-TX-002 List-lane segmentation slice for Artifact Workspace
+- [DONE] FE-TX-003 Detail-side explainability rail slice
+- [DONE] FE-TX-004 Audit bundles page and create-flow slice
+- [DONE] FE-TX-005 Supporting component merge matrix for Triage explainability
+- [DONE] FE-TX-006 QA, rollout, and docs sync for Triage explainability
 - [TODO] FE-WV-001 Freeze run-detail tab and route contract for workflow visualization
 - [TODO] FE-WV-002 Graph, timeline, and critical-path slice
 - [TODO] FE-WV-003 Replay and evidence integration slice
--- a/docs/modules/ui/implementation_plan.md
+++ b/docs/modules/ui/implementation_plan.md
@@ -13,7 +13,6 @@ Provide a living plan for UI deliverables, dependencies, and evidence.
 - `SPRINT_20260307_009_DOCS_ui_component_preservation_map.md` - per-component preservation dossiers for unused and weakly surfaced console UI components.
 - `SPRINT_20260307_022_FE_policy_vex_release_decisioning_studio.md` - canonical Decisioning Studio shell to unify policy, simulation, VEX decisioning, and release-context gate explanation.
 - `SPRINT_20260307_023_DOCS_ui_restoration_topic_shapes.md` - documentation prerequisite for shell/menu/tab placements; not a product-delivery sprint by itself.
- `SPRINT_20260307_027_FE_triage_explainability_workspace.md` - ship the artifact workspace lane model, explainability panels, and audit-bundle flows.
 - `SPRINT_20260307_028_FE_workflow_visualization_replay.md` - ship run-detail graph, timeline, replay, and evidence tabs plus bounded workflow-editor preview reuse.
 - `SPRINT_20260307_029_FE_contextual_actions_and_stray_surfaces.md` - ship the shared tabs, drawers, right rails, split views, and contextual detail primitives adopted by the restoration features.

@@ -27,6 +26,7 @@ Provide a living plan for UI deliverables, dependencies, and evidence.
 - `docs/features/checked/web/reachability-witnessing-ui.md` - shipped verification note for the canonical Reachability witness and PoE shell.
 - `docs/features/checked/web/identity-watchlist-management-ui.md` - shipped verification note for the Trust & Signing watchlist shell and its Mission Control / Notifications handoffs.
 - `docs/features/checked/web/operations-consolidation-ui.md` - shipped verification note for the canonical Operations shell, overview grouping, and legacy alias cutover.
+- `docs/features/checked/web/triage-explainability-workspace-ui.md` - shipped verification note for the canonical triage artifact workspace, explainability rail, audit bundles, and security alias cutover.
 - `docs/modules/ui/reachability-witnessing/README.md` - detailed witness and proof UX dossier plus cross-shell deep-link contract.
 - `docs/modules/ui/platform-ops-consolidation/README.md` - detailed Operations overview taxonomy and legacy absorption plan.
 - `docs/modules/ui/triage-explainability-workspace/README.md` - detailed artifact workspace and audit-bundle UX dossier.
--- a/docs/modules/ui/triage-explainability-workspace/README.md
+++ b/docs/modules/ui/triage-explainability-workspace/README.md
@@ -1,5 +1,19 @@
 # Triage Explainability Workspace

+## Status
+
+Shipped on 2026-03-07 as the canonical triage owner shell.
+
+- Canonical list route: `/triage/artifacts`
+- Canonical detail route: `/triage/artifacts/:artifactId`
+- Sibling supporting routes:
+  - `/triage/audit-bundles`
+  - `/triage/audit-bundles/new`
+- Security alias routes:
+  - `/security/artifacts`
+  - `/security/artifacts/:artifactId`
+- Verification note: `docs/features/checked/web/triage-explainability-workspace-ui.md`
+
 ## Recommendation

 Restore the useful triage workbench ideas by folding them into one canonical artifact workspace plus a sibling `Audit Bundles` page.