feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries

- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys. - Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations. - Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
2025-10-31 14:33:05 +02:00
parent 240e8ff25d
commit 9e5e958d42
312 changed files with 6399 additions and 3319 deletions
--- a/docs/examples/ui-tours.md
+++ b/docs/examples/ui-tours.md
@@ -40,14 +40,10 @@ These tours stitch together the primary Console workspaces so trainers can deliv
 8. **Wrap with CLI:** Pop terminal and run `stella findings explain --policy <id> --finding <key> --format markdown` to show reproducibility.

 ### 2.3 Capture checklist
- `docs/assets/ui/tours/triage-step-01.png` — dashboard ticker highlighting new criticals.  
-  ![Tour A – dashboard criticals](../assets/ui/tours/triage-step-01.png)
- `docs/assets/ui/tours/triage-step-03.png` — filter tray with severity/time window applied.  
-  ![Tour A – filter tray](../assets/ui/tours/triage-step-03.png)
- `docs/assets/ui/tours/triage-step-04.png` — explain drawer evidence tab.  
-  ![Tour A – explain drawer evidence](../assets/ui/tours/triage-step-04.png)
- `docs/assets/ui/tours/triage-flow.gif` — 20 s screen recording of steps 1–5 with annotations.  
-  ![Tour A – walkthrough GIF](../assets/ui/tours/triage-flow.gif)
+- `docs/assets/ui/tours/triage-step-01.png` — dashboard ticker highlighting new criticals. *(capture pending)*
+- `docs/assets/ui/tours/triage-step-03.png` — filter tray with severity/time window applied. *(capture pending)*
+- `docs/assets/ui/tours/triage-step-04.png` — explain drawer evidence tab. *(capture pending)*
+- `docs/assets/ui/tours/triage-flow.gif` — 20 s screen recording of steps 1–5 with annotations. *(capture pending)*

 ### 2.4 Talking points & callouts
 - Call out Aggregation-Only boundaries: findings reference Concelier/Excititor provenance, UI stays read-only.  
@@ -78,12 +74,9 @@ These tours stitch together the primary Console workspaces so trainers can deliv
 8. **CLI parity close-out:** Run `stella downloads manifest --channel stable` to mirror UI manifest retrieval. Confirm digests match.

 ### 3.3 Capture checklist
- `docs/assets/ui/tours/audit-step-02.png` — manifest verification banner (green).  
-  ![Tour B – manifest verification](../assets/ui/tours/audit-step-02.png)
- `docs/assets/ui/tours/audit-step-05.png` — exports tab showing evidence bundle ready.  
-  ![Tour B – exports tab](../assets/ui/tours/audit-step-05.png)
- `docs/assets/ui/tours/audit-flow.gif` — 25 s capture from manifest view through export download.  
-  ![Tour B – walkthrough GIF](../assets/ui/tours/audit-flow.gif)
+- `docs/assets/ui/tours/audit-step-02.png` — manifest verification banner (green). *(capture pending)*
+- `docs/assets/ui/tours/audit-step-05.png` — exports tab showing evidence bundle ready. *(capture pending)*
+- `docs/assets/ui/tours/audit-flow.gif` — 25 s capture from manifest view through export download. *(capture pending)*

 ### 3.4 Talking points & callouts
 - Stress deterministic manifests and Cosign signatures; reference deployment doc for TLS/CSP alignment.  
@@ -114,12 +107,9 @@ These tours stitch together the primary Console workspaces so trainers can deliv
 8. **Publish CLI parity:** Execute `stella policy promote --policy <id> --revision <rev> --run-mode full` to reinforce reproducibility.

 ### 4.3 Capture checklist
- `docs/assets/ui/tours/policy-step-02.png` — editor checklist with lint/simulation statuses.  
-  ![Tour C – editor checklist](../assets/ui/tours/policy-step-02.png)
- `docs/assets/ui/tours/policy-step-04.png` — simulation diff comparing Active vs Staged.  
-  ![Tour C – simulation diff](../assets/ui/tours/policy-step-04.png)
- `docs/assets/ui/tours/policy-flow.gif` — 30 s clip from draft view through promotion confirmation.  
-  ![Tour C – walkthrough GIF](../assets/ui/tours/policy-flow.gif)
+- `docs/assets/ui/tours/policy-step-02.png` — editor checklist with lint/simulation statuses. *(capture pending)*
+- `docs/assets/ui/tours/policy-step-04.png` — simulation diff comparing Active vs Staged. *(capture pending)*
+- `docs/assets/ui/tours/policy-flow.gif` — 30 s clip from draft view through promotion confirmation. *(capture pending)*

 ### 4.4 Talking points & callouts
 - Stress governance: approvals logged with correlation IDs, fresh-auth enforced.