chore(sprints): archive 20260226 advisories and expand deterministic tests
This commit is contained in:
master
10
docs/product/advisories/README.md
Normal file
10
docs/product/advisories/README.md
Normal file
@@ -0,0 +1,10 @@
|
||||
# Open Product Advisories
|
||||
|
||||
This directory contains only advisories that are not yet translated into sprint execution.
|
||||
|
||||
Current status:
|
||||
- No open advisories in the 2026-02-20 through 2026-02-26 batch.
|
||||
|
||||
Related records:
|
||||
- Translation register: `docs/product/advisory-translation-20260226.md`
|
||||
- Archive log: `docs-archived/product/advisories/ARCHIVE_LOG_20260303.md`
|
||||
34
docs/product/advisory-translation-20260226.md
Normal file
34
docs/product/advisory-translation-20260226.md
Normal file
@@ -0,0 +1,34 @@
|
||||
# Advisory Translation Register (2026-02-26 Batch)
|
||||
|
||||
This register maps each advisory from the 2026-02-20 through 2026-02-26 batch to implementation sprints and module documentation commitments.
|
||||
|
||||
Archival status (2026-03-03):
|
||||
- Advisory source files are archived under `docs-archived/product/advisories/`.
|
||||
- Completed sprint artifacts are archived under `docs-archived/implplan/2026-03-03-completed-sprints/`.
|
||||
|
||||
## Advisory to Sprint Mapping
|
||||
|
||||
| Advisory | Primary Sprint(s) | Module Doc Commitments |
|
||||
| --- | --- | --- |
|
||||
| `20260220 - OCI 1.1 referrers compatibility across major registries` | `SPRINT_20260226_224_Scanner_oci_referrers_runtime_stack_and_replay_data` | `docs/modules/scanner/architecture.md` |
|
||||
| `20260221 - Building a verifiable SBOM and attestation spine` | `SPRINT_20260226_222_Cli_proof_chain_verification_and_replay_parity`, `SPRINT_20260226_225_Attestor_signature_trust_and_verdict_api_hardening`, `SPRINT_20260226_226_Symbols_dsse_rekor_merkle_and_hash_integrity` | `docs/modules/cli/architecture.md`, `docs/modules/attestor/architecture.md`, `docs/modules/binary-index/architecture.md` |
|
||||
| `20260221 - Four novel, testable moat hypotheses` | `SPRINT_20260226_227_FE_triage_risk_score_widget_wiring_and_parity`, `SPRINT_20260226_229_DOCS_advisory_hygiene_dedup_and_archival_translation` | `docs/modules/ui/architecture.md`, `docs/modules/platform/architecture.md` |
|
||||
| `20260222 - Fuzz & mutation hardening suite` | `SPRINT_20260226_228_Tools_supply_chain_fuzz_mutation_hardening_suite` | `docs/modules/tools/supply-chain-hardening-suite.md` |
|
||||
| `20260223 - Auditor UX experiments: measurement plan` | `SPRINT_20260226_227_FE_triage_risk_score_widget_wiring_and_parity`, `SPRINT_20260226_229_DOCS_advisory_hygiene_dedup_and_archival_translation` | `docs/modules/ui/architecture.md` |
|
||||
| `20260223 - Unified symbolization across platforms and vendors` | `SPRINT_20260226_226_Symbols_dsse_rekor_merkle_and_hash_integrity` | `docs/modules/binary-index/architecture.md` |
|
||||
| `20260224 - Deterministic tile verification with Rekor v2` | `SPRINT_20260226_226_Symbols_dsse_rekor_merkle_and_hash_integrity`, `SPRINT_20260226_225_Attestor_signature_trust_and_verdict_api_hardening` | `docs/modules/binary-index/architecture.md`, `docs/modules/attestor/architecture.md` |
|
||||
| `20260224 - Turning defensibility into measurable business moats` | `SPRINT_20260226_223_Platform_score_explain_contract_and_replay_alignment`, `SPRINT_20260226_227_FE_triage_risk_score_widget_wiring_and_parity` | `docs/modules/platform/architecture.md`, `docs/modules/ui/architecture.md` |
|
||||
| `20260226 - Deterministic call-stack analysis and resolver strategy` | `SPRINT_20260226_224_Scanner_oci_referrers_runtime_stack_and_replay_data` | `docs/modules/scanner/architecture.md` |
|
||||
| `20260226 - Deterministic score service and replay control` | `SPRINT_20260226_223_Platform_score_explain_contract_and_replay_alignment`, `SPRINT_20260226_222_Cli_proof_chain_verification_and_replay_parity`, `SPRINT_20260226_227_FE_triage_risk_score_widget_wiring_and_parity` | `docs/modules/platform/architecture.md`, `docs/modules/cli/architecture.md`, `docs/modules/ui/architecture.md` |
|
||||
| `20260226 - Deterministic tile verification with Rekor v2` | Canonicalized duplicate target for `20260224` advisory; implemented via same sprint set | `docs/modules/binary-index/architecture.md`, `docs/modules/attestor/architecture.md` |
|
||||
| `20260226 - Triage explainability: four measurable fixes` | `SPRINT_20260226_227_FE_triage_risk_score_widget_wiring_and_parity` | `docs/modules/ui/architecture.md` |
|
||||
|
||||
## Deduplication Decisions
|
||||
|
||||
1. `20260224 - Deterministic tile verification with Rekor v2` is superseded by `20260226 - Deterministic tile verification with Rekor v2`.
|
||||
2. `20260223 - Auditor UX experiments` was malformed and replaced with a repaired measurement-plan advisory before archival.
|
||||
|
||||
## Translation Status
|
||||
|
||||
- All advisories from the 2026-02-20 through 2026-02-26 batch have mapped sprint execution and are archived.
|
||||
- Sprint trackers for this batch are `DONE` and archived.
|
||||
Reference in New Issue
Block a user