feat(ui): ship triage explainability workspace

docs/features/checked/web/triage-explainability-workspace-ui.md

@@ -0,0 +1,60 @@
+# Triage Explainability Workspace UI
+
+## Module
+Web
+
+## Status
+VERIFIED
+
+## Description
+Shipped the canonical triage artifact workspace with lane-based queue segmentation, contextual explainability panels, canonical `/triage/*` ownership, and a sibling `Audit Bundles` page. The preserved workbench ideas now live inside one usable operator shell instead of orphan routes. Security artifact entry points deep-link into the same canonical workspace instead of owning a second surface.
+
+## Implementation Details
+- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/triage/`
+- **Primary components**:
+  - `triage-artifacts` (`src/Web/StellaOps.Web/src/app/features/triage/triage-artifacts.component.ts`)
+  - `triage-workspace` (`src/Web/StellaOps.Web/src/app/features/triage/triage-workspace.component.ts`)
+  - `triage-audit-bundles` (`src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundles.component.ts`)
+  - `triage-audit-bundle-new` (`src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundle-new.component.ts`)
+- **Canonical routes**:
+  - `/triage/artifacts`
+  - `/triage/artifacts/:artifactId`
+  - `/triage/audit-bundles`
+  - `/triage/audit-bundles/new`
+- **Route state**:
+  - `lane=active|quiet|review`
+  - `panel=ai|reason|provenance|history`
+  - `findingId=<vulnId>`
+  - `tab=evidence|overview|reachability|delta|policy|attestations`
+- **Preserved functionality**:
+  - lane-based queue management with row and bulk transitions
+  - explainability rail for AI recommendations, reason capsule, provenance, and decision history
+  - audit-bundle list and create flow
+  - security alias cutover from `/security/artifacts*`
+- **Secondary entry points**:
+  - `Security > Triage`
+  - `Security > Findings`
+  - `Evidence`
+
+## E2E Test Plan
+- **Setup**:
+  - [ ] Log in with a user that can access `Security`, `Triage`, and `Evidence`.
+  - [ ] Navigate to `/triage/artifacts?lane=review`.
+  - [ ] Ensure vulnerability and audit-bundle fixtures are available.
+- **Core verification**:
+  - [ ] Verify `Active`, `Quiet Lane`, and `Needs Review` lanes load and keep query state.
+  - [ ] Verify bulk lane movement and `Build audit bundle` operate from the live list.
+  - [ ] Verify workspace detail preserves `tab` and `panel` state while showing evidence-first advisory UX.
+- **Legacy verification**:
+  - [ ] Verify `/security/artifacts` and `/security/artifacts/:artifactId` canonicalize into `/triage/*`.
+  - [ ] Verify alias redirects preserve `artifactId`, query params, and fragments.
+  - [ ] Verify audit-bundle creation remains reachable from list and detail entry points.
+
+## Verification
+- Run:
+  - `npx ng test --watch=false --include src/tests/triage/triage-artifacts.component.spec.ts --include src/tests/triage/triage-workspace-with-proof-tree.behavior.spec.ts --include src/tests/audit_bundle/triage-routes.spec.ts --include src/tests/security-risk/security-risk-routes.spec.ts --include src/tests/navigation/legacy-redirects.spec.ts --include src/tests/routes/legacy-route-migration-framework.component.spec.ts --include src/tests/audit_bundle/audit-bundles.client.contract.spec.ts --include src/tests/audit_bundle/triage-audit-bundle-new.component.spec.ts --include src/tests/audit_bundle/triage-audit-bundles.component.spec.ts`
+  - `npx playwright test tests/e2e/triage-explainability-workspace.spec.ts --workers=1`
+- Tier 0 (source): pass
+- Tier 1 (build/tests): pass
+- Tier 2 (behavior): pass
+- Verified on (UTC): 2026-03-07T19:40:00Z