stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs consolidation

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-24 12:38:14 +02:00
parent 7503c19b8f
commit 9a08d10b89
215 changed files with 2188 additions and 9623 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/roadmap/maturity-model.md
View File

@@ -1,6 +1,6 @@
# Capability maturity model
This document defines what shipped means for StellaOps capabilities. Each area progresses through the same maturity levels; the concrete evidence differs by domain.
This document defines what "shipped" means for StellaOps capabilities. Each area progresses through the same maturity levels; the concrete evidence differs by domain.
## Maturity levels
@@ -16,7 +16,7 @@ This document defines what “shipped” means for StellaOps capabilities. Each
| Level | What exists | Minimum evidence |
| --- | --- | --- |
| Foundation | Deterministic SBOM generation and stable identifiers. | Fixture-backed scans producing byte-stable SBOMs and normalized findings. |
| Hardened | Deterministic replay of scans and decisions. | Replay test vectors and a documented, versioned artifact layout. |
| Hardened | Deterministic "replay" of scans and decisions. | Replay test vectors and a documented, versioned artifact layout. |
| Sovereign | Offline-ready feeds and trust roots. | Fully air-gapped scan runbook and importer/controller workflows. |
| Ecosystem | Extensible analyzers and outputs. | Compatibility tests for plugins and exporters; no network required. |
@@ -53,7 +53,7 @@ This document defines what “shipped” means for StellaOps capabilities. Each
| --- | --- | --- |
| Foundation | Documented offline concepts and supported workflows. | `docs/24_OFFLINE_KIT.md` plus importer/controller docs and examples. |
| Hardened | Deterministic imports and verified indexes. | Byte-stable indexes with reproducible hash outputs across machines. |
| Sovereign | Independent trust anchors and mirrors. | Trust-root provisioning docs and an air-gapped day-2 ops runbook. |
| Sovereign | Independent trust anchors and mirrors. | Trust-root provisioning docs and an air-gapped "day-2 ops" runbook. |
| Ecosystem | Third-party bundles and toolchain integrations. | Conformance tests and offline bundle validation tooling. |
## Operations, observability, and security