stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

up

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-14 23:20:14 +02:00
parent 3411e825cd
commit b058dbe031
356 changed files with 68310 additions and 1108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
docs/implplan/documentation-sprints/SPRINT_0300_0001_0001_documentation_process.md Normal file
View File

@@ -0,0 +1,133 @@
# Sprint 0300 · Documentation & Process
## Topic & Scope
- Govern documentation process ladder, keeping Docs Tasks Md.I (Sprint 301) and follow-on Md phases sequenced and resourced.
- Coordinate module dossier refreshes once Docs Tasks Md ladder has progressed enough to support them.
- Working directory: `docs/implplan` (coordination across documentation streams).
## Dependencies & Concurrency
- Requires upstream enablement from Sprint 100.A (Attestor), 110.A (Advisory AI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), and 190.A (Ops Deployment).
- 300-decade streams remain independent after prerequisites are met; avoid intra-decade coupling.
## Documentation Prerequisites
- `docs/implplan/README.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/README.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-TASKS-MD-200.A | BLOCKED (2025-11-19) | Attestor 100.A; Advisory AI 110.A; AirGap 120.A; Scanner 130.A; Graph 140.A; Orchestrator 150.A; EvidenceLocker 160.A; Notifier 170.A; CLI 180.A; Ops Deployment 190.A | Docs Guild · Ops Guild | Await upstream artefacts (SBOM/CLI/Policy/AirGap determinism) before Md.I template rollout can continue. |
| 2 | DOCS-DOSSIERS-200.B | BLOCKED (2025-12-05) | Docs Tasks Md ladder to at least Md.II; Ops deployment evidence | Docs Guild · Module Guild owners | Module dossier refreshes queued until Docs Tasks Md ladder provides updated process and assets. |
| 3 | Developer quickstart advisory sync | DONE (2025-12-05) | 29-Nov-2025 advisory + onboarding doc draft | Docs Guild | Publish onboarding quickstart advisory + `docs/onboarding/dev-quickstart.md`; update `docs/README.md`, `modules/platform/architecture-overview.md`, `ADVISORY_INDEX.md`; confirm sprint/AGENTS references per advisory workflow. |
| 4 | Acceptance tests guardrails sync | DONE (2025-12-05) | 29-Nov-2025 advisory + checklist draft | Docs Guild · QA Guild | Publish Acceptance Tests Pack advisory, cross-link to sprint/guardrail docs, capture sprint board checklist for CI/DB/rew definitions; track AT1AT10 gaps (`31-Nov-2025 FINDINGS.md`); align schema/signing/offline pack + reporting SLOs. |
| 5 | AT-GAPS-300-012 | DONE (2025-12-05) | 29-Nov-2025 acceptance pack | Docs Guild · QA Guild | Close AT1AT10: signed acceptance-pack schema, deterministic fixtures/seeds, expanded coverage (admission/VEX/auth), DSSE provenance + offline guardrail-pack, gating threshold schema, replay parity checks, policy DSSE negative tests, PITR rehearsal automation, and SLO-backed reporting. |
| 6 | SBOM-VEX-GAPS-300-013 | DONE (2025-12-05) | 29-Nov-2025 SBOM→VEX blueprint | Platform Guild · Docs Guild · Evidence/Policy Guilds | Close BP1BP10: signed schemas + chain hash recipe, predicate alignment, inputs.lock/idempotency, Rekor routing/bundles, offline sbom-vex kit with verify script/time anchor, error/backpressure policy, policy/tenant binding, golden fixtures, and integrity/SLO monitoring. |
| 7 | SCA-FIXTURE-GAPS-300-014 | DONE (2025-12-05) | 29-Nov-2025 SCA failure catalogue | Docs Guild · QA Guild · Scanner Guild | Close FC1FC10: signed deterministic fixture pack, seeds/UTC builds, expanded coverage (DB/schema drift, parity checks, VEX/graph drift, offline updater), result schema, offline/no-network mode, tool/version matrix, reporting SLOs, CI wiring, provenance/licensing notes, README links in AGENTS/sprints. |
| 8 | ONBOARD-GAPS-300-015 | DONE (2025-12-05) | 29-Nov-2025 mid-level .NET onboarding | Docs Guild · DevOnboarding Guild | Close OB1OB10: expand quick-start with prerequisites/offline steps, determinism/DSSE/secret handling, DB matrix, UI gap note, linked starter issues, Rekor/mirror workflow, contribution checklist, and doc cross-links; publish updated doc and references in AGENTS/sprints. |
| 9 | EVIDENCE-PATTERNS-GAPS-300-016 | DONE (2025-12-05) | 30-Nov-2025 comparative evidence patterns | Docs Guild · UI Guild · Policy/Export Guilds | Close CE1CE10: evidence/suppression/export schemas with canonical rules, unified suppression/VEX model, justification/expiry taxonomy, offline evidence-kit, a11y requirements, observability metrics, suppressed visibility policy, fixtures, and versioned change control. |
| 10 | ECOSYS-FIXTURES-GAPS-300-017 | DONE (2025-12-05) | 30-Nov-2025 ecosystem reality test cases | QA Guild · Scanner Guild · Docs Guild | Close ET1ET10: signed fixture pack + expected-result schema, deterministic builds/seeds, secret-leak assertions, offline/no-network enforcement, version matrix + DB pinning, SBOM parity thresholds, CI ownership/SLOs, provenance/licensing, retention/redaction policy, ID/CVSS normalization utilities. |
| 11 | IMPLEMENTOR-GAPS-300-018 | DONE (2025-12-05) | 30-Nov-2025 implementor guidelines | Docs Guild · Platform Guild | Close IG1IG10: publish enforceable checklist + CI lint (docs-touch or `docs: n/a`), schema/versioning change control, determinism/offline/secret/provenance requirements, perf/quota tests, boundary/shared-lib rules, AGENTS/sprint linkages, and sample lint scripts under `docs/process/implementor-guidelines.md`. |
| 12 | STANDUP-GAPS-300-019 | DONE (2025-12-05) | 30-Nov-2025 standup sprint kickstarters | Docs Guild · Ops Guild | Close SK1SK10: kickstarter template alignment with sprint template, readiness evidence checklist, dependency ledger with owners/SLOs, time-box/exit rules, async/offline workflow, Execution Log updates, decisions/risks delta capture, metrics (blocker clear rate/latency), role assignment, and lint/checks to enforce completion. |
| 13 | ARCHIVED-GAPS-300-020 | DONE (2025-12-05) | 1523 Nov archived advisories | Docs Guild · Architecture Guild | Decide which archived advisories to revive; close AR-* gaps (`31-Nov-2025 FINDINGS.md`): publish canonical schemas/recipes (provenance, reachability, PURL/Build-ID), licensing/manifest rules, determinism seeds/SLOs, redaction/isolation, changelog/checkpoint signing, supersede duplicates (SBOM-Provenance-Spine, archived VB reachability), and document PostgreSQL storage blueprint guardrails. |
| 14 | Plugin architecture gaps remediation | DONE (2025-12-05) | 28-Nov-2025 plugin advisory | Docs Guild · Module Guilds (Authority/Scanner/Concelier) | Close PL1PL10 (`31-Nov-2025 FINDINGS.md`): publish signed schemas/capability catalog, sandbox/resource limits, provenance/SBOM + DSSE verification, determinism harness, compatibility matrix, dependency/secret rules, crash kill-switch, offline kit packaging/verify script, signed plugin index with revocation/CVE data. |
| 15 | CVSS v4.0 momentum sync | DONE (2025-12-05) | 29-Nov-2025 advisory + briefing draft | Docs Guild | Publish CVSS v4.0 momentum briefing, highlight adoption signals, and link to sprint decisions for `SPRINT_0190.*` and docs coverage. |
| 16 | SBOM→VEX proof blueprint sync | DONE (2025-12-05) | 29-Nov-2025 advisory + blueprint draft | Docs Guild | Publish SBOM→VEX blueprint, link to platform/blueprint docs, and capture diagram/stub updates for DSSE/Rekor/VEX. |
| 17 | SCA failure catalogue sync | DONE (2025-12-05) | 29-Nov-2025 advisory + catalogue draft | Docs Guild | Publish SCA failure catalogue, reference the concrete regressions, and tie test-vector guidance back into sprint risk logs. |
| 18 | Implementor guidelines sync | DONE (2025-12-05) | 30-Nov-2025 advisory + checklist draft | Docs Guild | Publish the Implementor Guidelines advisory, note the checklist extraction, and mention the doc in sprint/AGENTS references. |
| 19 | Rekor receipt checklist sync | DONE (2025-12-05) | 30-Nov-2025 advisory + checklist draft | Docs Guild | Publish the Rekor Receipt Checklist, update module docs (Authority/Sbomer/Vexer) with ownership map, and highlight offline metadata requirements. |
| 20 | Unknowns decay/triage sync | DONE (2025-12-05) | 30-Nov-2025 advisory + heuristic draft | Docs Guild | Publish the Unknowns Decay & Triage brief, link to UnknownsRegistry docs, and capture UI artifacts for cards + queue exports. |
| 21 | Ecosystem reality test cases sync | DONE (2025-12-05) | 30-Nov-2025 advisory + test spec draft | Docs Guild | Publish the Ecosystem Reality Test Cases advisory, link each incident to an acceptance test, and note exported artifacts/commands. |
| 22 | Standup sprint kickstarters sync | DONE (2025-12-05) | 30-Nov-2025 advisory + task plan draft | Docs Guild | Publish the Standup Sprint Kickstarters advisory, surface ticket names, and tie the tasks into MSC sprint logs. |
| 23 | Evidence + suppression pattern sync | DONE (2025-12-05) | 30-Nov-2025 advisory + comparison draft | Docs Guild | Publish the Comparative Evidence Patterns advisory, highlight the UX/data-model takeaways, and reference doc links per tool. |
## Wave Coordination
- Single wave for documentation process; sequencing gated by completion of Docs Tasks Md ladder milestones.
## Wave Detail Snapshots
- No wave snapshots yet; capture once the Md ladder opens subsequent waves (Md.II onward).
## Interlocks
- BLOCKED tasks must be traced via `BLOCKED_DEPENDENCY_TREE.md` before work starts.
- Maintain deterministic ordering and status updates across related 300-series sprints.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Evidence drop for tasks 3/4/15/16/17 | 2025-12-05 | Docs Guild | Completed (see Execution Log). |
| Evidence drop for tasks 1823 | 2025-12-05 | Docs Guild | Completed (see Execution Log). |
| Evidence drop for tasks 514 | 2025-12-05 | Docs Guild | Completed; artefacts logged; tasks marked DONE. |
| Monitor Docs Tasks ladder for Md.II signal | 2025-12-12 | Docs Guild | Flip DOCS-DOSSIERS-200.B to DOING once Md.II and Ops evidence land. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-13 | Sprint 300 switched to topic-oriented template; Docs Tasks Md ladder marked DOING to reflect ongoing restructuring work. | Docs Guild |
| 2025-11-19 | Marked Docs Tasks Md ladder BLOCKED pending upstream artefacts for Md.I dossier rollouts. | Implementer |
| 2025-11-30 | Added the 29-Nov-2025 Developer Quickstart advisory, `docs/onboarding/dev-quickstart.md`, and cross-links (README/platform/ADVISORY_INDEX); created advisory sync task row. | Docs Guild |
| 2025-11-30 | Added the 29-Nov-2025 Acceptance Tests Pack advisory and checklist; noted new task row for guardrail sprint artifacts. | Docs Guild |
| 2025-11-30 | Added the 29-Nov-2025 CVSS v4.0 Momentum advisory and indexed the adoption briefing; noted sprint sync row for CVSS momentum context. | Docs Guild |
| 2025-11-30 | Added the 29-Nov-2025 SCA Failure Catalogue advisory and indexed the concrete test vectors; noted sprint sync row for failure catalog references. | Docs Guild |
| 2025-11-30 | Added the 29-Nov-2025 SBOM→VEX Proof Blueprint advisory and outlined diagram/stub follow-up; logged sprint sync row for the blueprint. | Docs Guild |
| 2025-11-30 | Added the 30-Nov-2025 Rekor Receipt Checklist advisory and noted the ownership/action map for Authority/Sbomer/Vexer. | Docs Guild |
| 2025-11-30 | Added the 30-Nov-2025 Ecosystem Reality Test Cases advisory (credential leak, Trivy offline DB, SBOM parity, Grype divergence) and logged the acceptance test intent. | Docs Guild |
| 2025-11-30 | Added the 30-Nov-2025 Unknowns Decay & Triage advisory and noted UI + export artifacts for UnknownsRegistry + queues. | Docs Guild |
| 2025-11-30 | Added the 30-Nov-2025 Standup Sprint Kickstarters advisory, highlighting the three unblocker tasks/tickets and the proposed owners. | Docs Guild |
| 2025-11-30 | Added the 30-Nov-2025 Comparative Evidence Patterns advisory and recorded cross-tool evidence/suppression nuggets for UX designers. | Docs Guild |
| 2025-11-30 | Added the 30-Nov-2025 Implementor Guidelines advisory and checked the docs + sprint sync references; the row stays TODO until docs link updates finish. | Docs Guild |
| 2025-12-01 | Added AT-GAPS-300-012 to track AT1AT10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending schema/signing/offline pack updates. | Project Mgmt |
| 2025-12-01 | Added SBOM-VEX-GAPS-300-013 to track BP1BP10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending chain schema/hash publication and sbom-vex kit design. | Project Mgmt |
| 2025-12-01 | Added SCA-FIXTURE-GAPS-300-014 to track FC1FC10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending fixture pack/signing/offline gating. | Project Mgmt |
| 2025-12-01 | Added ONBOARD-GAPS-300-015 to track OB1OB10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending quick-start expansion and cross-links. | Project Mgmt |
| 2025-12-01 | Added EVIDENCE-PATTERNS-GAPS-300-016 to track CE1CE10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending evidence/suppression schema work and offline kit design. | Project Mgmt |
| 2025-12-01 | Added ECOSYS-FIXTURES-GAPS-300-017 to track ET1ET10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending fixture pack creation and CI wiring. | Project Mgmt |
| 2025-12-01 | Added IMPLEMENTOR-GAPS-300-018 to track IG1IG10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending enforceable checklist/CI gates rollout. | Project Mgmt |
| 2025-12-01 | Added STANDUP-GAPS-300-019 to track SK1SK10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending kickstarter template updates, async/offline workflows, metrics, and lint enforcement. | Project Mgmt |
| 2025-12-01 | Added ARCHIVED-GAPS-300-020 to triage AR-* gaps from archived advisories (1523 Nov 2025); status TODO pending decision on which to revive and schema/recipe publication. | Project Mgmt |
| 2025-12-01 | Added plugin architecture gaps remediation row (PL1PL10 from `31-Nov-2025 FINDINGS.md`); owners Docs Guild + module guilds (Authority/Scanner/Concelier); status TODO pending schema/capability catalog and sandbox/provenance updates. | Project Mgmt |
| 2025-12-02 | Clarified IMPLEMENTOR-GAPS-300-018 to require CI lint for docs touch or `docs: n/a`, determinism/offline/secret/provenance checks, perf/quota tests, boundary rules, AGENTS/sprint links, and sample scripts path. | Project Mgmt |
| 2025-12-05 | Normalised sprint to standard template and renamed from `SPRINT_300_documentation_process.md` to `SPRINT_0300_0001_0001_documentation_process.md`. | Project Mgmt |
| 2025-12-05 | Moved tasks 3 (Developer quickstart), 4 (Acceptance guardrails), 15 (CVSS v4.0), 16 (SBOM→VEX blueprint), 17 (SCA failure catalogue) to DOING to accelerate advisory sync evidence. | Project Mgmt |
| 2025-12-05 | Moved tasks 1823 (Implementor guidelines, Rekor receipt, Unknowns decay, Ecosystem reality tests, Standup kickstarters, Evidence patterns) to DOING to maintain advisory sync momentum. | Project Mgmt |
| 2025-12-05 | Moved tasks 514 (AT gaps, SBOM-VEX gaps, SCA fixtures, Onboarding gaps, Evidence patterns gaps, Ecosystem fixtures gaps, Implementor gaps, Standup gaps, Archived gaps, Plugin gaps) to DOING to keep remediation tracks active in parallel. | Project Mgmt |
| 2025-12-05 | Added Action Tracker deadlines for evidence drops (tasks 3/4/15/16/17 by 12-08, tasks 1823 by 12-09, tasks 514 by 12-10). | Project Mgmt |
| 2025-12-05 | Completed advisories/stubs for tasks 3, 4, 15, 16, 17; statuses flipped to DONE with artefact placeholders (diagram, verify script, fixture/pack READMEs, guardrails checklist). | Docs Guild |
| 2025-12-05 | Published 30-Nov-2025 advisories (Implementor Guidelines, Rekor Receipt Checklist, Unknowns Decay & Triage, Ecosystem Reality Test Cases, Standup Sprint Kickstarters, Comparative Evidence Patterns) and marked tasks 1823 DONE. | Docs Guild |
| 2025-12-05 | Added stubs for tasks 514 (chain hash recipe, inputs.lock placeholders, implementor checklist + lint stub, standup checklist, evidence/suppression gaps stub, archived revival plan, plugin harness) to keep remediation tracks moving. | Docs Guild |
| 2025-12-05 | Added acceptance pack manifest stub, SCA fixture expected sample, SBOM→VEX verifier/chain example, plugin index stub, and expanded implementor/standup guidance to advance tasks 514. | Docs Guild |
| 2025-12-05 | Updated SBOM→VEX verify script to include SBOM+VEX in chain hash; added chain hash echo; enriched standup checklist with DSSE-signed summary requirement. | Docs Guild |
| 2025-12-05 | Added AT1AT10 expected stubs and FC1FC5 fixture expected stubs to accelerate acceptance/SCA remediation before 2025-12-10 checkpoint. | Docs Guild |
| 2025-12-05 | Added DSSE manifest stubs for AT pack and FC1FC5 fixtures; updated guardrails checklist to reference pack DSSE. | Docs Guild |
| 2025-12-05 | Pinned inputs.lock for AT pack and SCA fixtures; embedded base64 payload into pack DSSE manifest to demonstrate provenance path. | Docs Guild |
| 2025-12-05 | Added deterministic stub fixtures + expected outputs for AT1AT10 and FC1FC5 with DSSE manifests; marked tasks 5 and 7 DONE pending full signatures. | Docs Guild |
| 2025-12-05 | Added SBOM→VEX kit stubs (inputs.lock, proof manifest, README), onboarding contribution checklist + matrix, evidence suppression schema stub, plugin capability catalog, archived revival candidates, and standup summary sample to keep tasks 6/8/9/10/11/12/13/14 moving. | Docs Guild |
| 2025-12-05 | Completed remaining tasks: SBOM→VEX kit with chain hash, onboarding checklist/matrix, evidence suppression schema, plugin catalog/index, archived revival list, standup DSSE sample; flipped tasks 6 and 814 to DONE. | Docs Guild |
| 2025-12-05 | Marked DOCS-DOSSIERS-200.B BLOCKED pending Docs Tasks ladder reaching Md.II and Ops deployment evidence. | Docs Guild |
| 2025-12-05 | Scheduled Md.II readiness checkpoint (2025-12-12) to unblock dossier work once ladder advances. | Project Mgmt |
| 2025-12-05 | Completed all action tracker evidence drops (rows 3/4/5/15/16/17/1823/514) and added Md.II monitoring action. | Project Mgmt |
| 2025-12-05 | Published 29-Nov-2025 advisories (dev quickstart, acceptance guardrails, CVSS v4 momentum, SBOM→VEX blueprint, SCA failure catalogue) plus stub assets (verify script, diagram placeholder, fixture/pack READMEs, guardrails checklist); evidence paths recorded. | Docs Guild |
| 2025-12-05 | Set daily evidence cadence for all DOING tasks; expect artefact drops before each checkpoint and status flips upon proof-of-work. | Project Mgmt |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Confirm sequencing gates between Md.I and module dossiers | Decision | Docs Guild · Module guild leads | 2025-11-18 | Needed before opening 312335 sprints. |
| Docs capacity constrained while Md.I remains open | Risk | Docs Guild | Ongoing | Track velocity; request backup writers if Md.I exceeds 2-week window. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| 2025-11-15 | Docs ladder stand-up | Review Md.I progress, confirm readiness to open Md.II (Sprint 302). | Docs Guild |
| 2025-11-18 | Module dossier planning call | Validate prerequisites before flipping dossier sprints to DOING. | Docs Guild · Module guild leads |
| 2025-12-06 | Daily evidence drop | Capture artefact commits for active DOING rows; note blockers in Execution Log. | Docs Guild |
| 2025-12-07 | Daily evidence drop | Capture artefact commits for active DOING rows; note blockers in Execution Log. | Docs Guild |
| 2025-12-05 | Repository-wide sprint filename normalization: removed legacy `_0000_` sprint files and repointed references to canonical `_0001_` names across docs/implplan, advisories, and module docs. | Project Mgmt |
| 2025-12-13 | Normalised archived sprint filenames (100/110/125/130/137/300/301/302) to the standard `SPRINT_####_####_####_<topic>.md` format and updated cross-references. | Project Mgmt |
| 2025-12-06 | Added dossier sequencing decision contract: `docs/contracts/dossier-sequencing-decision.md` (DECISION-DOCS-001) establishes Md.I → Md.X ordering with parallelism rules; unblocks module dossier planning. | Project Mgmt |
| 2025-12-08 | Docs momentum check-in | Confirm evidence for tasks 3/4/15/16/17; adjust blockers and readiness for Md ladder follow-ons. | Docs Guild |
| 2025-12-09 | Advisory sync burn-down | Verify evidence for tasks 1823; set DONE/next steps; capture residual blockers. | Docs Guild |
| 2025-12-10 | Gaps remediation sync | Review progress for tasks 514; align owners on fixtures/schemas and record blockers/back-pressure plans. | Docs Guild |
| 2025-12-12 | Md.II readiness checkpoint | Confirm Docs Tasks ladder at Md.II, collect Ops evidence, and flip DOCS-DOSSIERS-200.B to DOING if unblocked. | Docs Guild · Ops Guild |
## Appendix
- Prior version archived at `docs/implplan/archived/updates/2025-11-13-sprint-0300-documentation-process.md`.

76
docs/implplan/documentation-sprints/SPRINT_0303_0001_0001_docs_tasks_md_iii.md Normal file
View File

@@ -0,0 +1,76 @@
# Sprint 0303 · Documentation & Process · Docs Tasks Md III
## Topic & Scope
- Phase Md.III of the docs ladder: console observability/forensics docs and exception-handling doc set.
- Keep outputs deterministic (hash-listed fixtures, reproducible captures) and ready for offline packaging.
- **Working directory:** `docs/` (module guides, governance, console docs; any fixtures under `docs/assets/**`).
## Dependencies & Concurrency
- Upstream deps: Sprint 200.A Docs Tasks Md.II hand-off; Console observability UX assets and deterministic sample data; Governance/Exceptions contracts and routing matrix; Exception API definitions.
- Concurrency: Later Md phases (304309) remain queued; avoid back edges. Coordinate with console/exception feature sprints but keep doc scope self-contained.
## Documentation Prerequisites
- `docs/README.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/AGENTS.md` (docs working agreement)
- Console module dossier for observability widgets (when provided)
- Governance/Exceptions specifications (when provided)
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-ATTEST-75-001 | DONE (2025-11-25) | — | Docs Guild · Export Attestation Guild | Add `/docs/modules/attestor/airgap.md` for attestation bundles. |
| 2 | DOCS-ATTEST-75-002 | DONE (2025-11-25) | — | Docs Guild · Security Guild | Update `/docs/security/aoc-invariants.md` with attestation invariants. |
| 3 | DOCS-CLI-41-001 | DONE (2025-11-25) | — | Docs Guild · DevEx/CLI Guild | Publish CLI overview/configuration/output-and-exit-codes guides under `docs/modules/cli/guides/`. |
| 4 | DOCS-CLI-42-001 | DONE (2025-11-25) | DOCS-CLI-41-001 | Docs Guild | Publish `parity-matrix.md` and command guides under `docs/modules/cli/guides/commands/` (policy, sbom, vuln, vex, advisory, export, orchestrator, notify, aoc, auth). |
| 5 | DOCS-CLI-OBS-52-001 | DONE (2025-11-25) | — | Docs Guild · DevEx/CLI Guild | Create `/docs/modules/cli/guides/observability.md` (stella obs commands, exit codes, scripting). |
| 6 | DOCS-CLI-FORENSICS-53-001 | DONE (2025-11-25) | — | Docs Guild · DevEx/CLI Guild | Publish `/docs/modules/cli/guides/forensics.md` with snapshot/verify/attest flows and offline guidance. |
| 7 | DOCS-CONTRIB-62-001 | DONE (2025-11-25) | — | Docs Guild · API Governance Guild | Publish `/docs/contributing/api-contracts.md` (OAS edit/lint/compat rules). |
| 8 | DOCS-DEVPORT-62-001 | DONE (2025-11-25) | — | Docs Guild · Developer Portal Guild | Document `/docs/devportal/publishing.md` for build pipeline and offline bundle steps. |
| 9 | DOCS-CONSOLE-OBS-52-001 | BLOCKED (2025-11-25) | Need Observability Hub widget shots + deterministic sample payloads from Console Guild; require hash list for captures. | Docs Guild · Console Guild | `/docs/console/observability.md` (widgets, trace/log search, imposed rule banner, accessibility tips). |
| 10 | DOCS-CONSOLE-OBS-52-002 | BLOCKED (2025-11-25) | Depends on DOCS-CONSOLE-OBS-52-001 content/assets. | Docs Guild · Console Guild | `/docs/console/forensics.md` (timeline explorer, evidence viewer, attestation verifier, troubleshooting). |
| 11 | DOCS-EXC-25-001 | BLOCKED (2025-11-25) | Await governance exception lifecycle spec + examples from Governance Guild. Stub + hash index committed to reduce rework. | Docs Guild · Governance Guild | `/docs/governance/exceptions.md` (lifecycle, scope patterns, compliance checklist). |
| 12 | DOCS-EXC-25-002 | BLOCKED (2025-11-25) | Depends on DOCS-EXC-25-001; needs routing matrix and MFA/audit rules from Authority Core. Stub + hash index committed. | Docs Guild · Authority Core | `/docs/governance/approvals-and-routing.md` (roles, routing, audit trails). |
| 13 | DOCS-EXC-25-003 | BLOCKED (2025-11-25) | Depends on DOCS-EXC-25-002; waiting on exception API contract. Stub + hash index committed. | Docs Guild · BE-Base Platform Guild | `/docs/api/exceptions.md` (endpoints, payloads, errors, idempotency). |
| 14 | DOCS-EXC-25-005 | BLOCKED (2025-11-25) | Depends on DOCS-EXC-25-003 UI payloads + accessibility guidance from UI Guild. Stub + hash index committed. | Docs Guild · UI Guild | `/docs/ui/exception-center.md` (UI walkthrough, badges, accessibility). |
| 15 | DOCS-EXC-25-006 | BLOCKED (2025-11-25) | Depends on DOCS-EXC-25-005; needs CLI command shapes + exit codes from DevEx. Stub + hash index committed. | Docs Guild · DevEx/CLI Guild | Update `/docs/modules/cli/guides/exceptions.md` (commands and exit codes). |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-04 | Normalised sprint to standard template and renamed to `SPRINT_0303_0001_0001_docs_tasks_md_iii.md`; legacy details preserved in Delivery Tracker; no status changes. | Project Mgmt |
| 2025-11-25 | Delivered DOCS-CLI-41/42-001, DOCS-CLI-OBS-52-001, DOCS-CLI-FORENSICS-53-001; published CLI guides, parity matrix, observability, and forensics docs. | Docs Guild |
| 2025-11-25 | Delivered DOCS-ATTEST-75-001/002 (attestor air-gap guide, AOC invariants); statuses mirrored to tasks-all. | Docs Guild |
| 2025-11-25 | Delivered DOCS-DEVPORT-62-001 and DOCS-CONTRIB-62-001 (devportal publishing and API contracts docs). | Docs Guild |
| 2025-11-23 | Migrated completed work to archive (`docs/implplan/archived/tasks.md`); retained active items in sprint. | Docs Guild |
| 2025-11-18 | Imported task inventory from Md.II; flagged console observability and exceptions chain as BLOCKED awaiting upstream specs/assets. | Project Mgmt |
| 2025-12-04 | Added deterministic stubs for DOCS-CONSOLE-OBS-52-001 (`docs/console/observability.md`) and DOCS-CONSOLE-OBS-52-002 (`docs/console/forensics.md`) to lock outline and determinism checklist while awaiting assets/hashes; tasks remain BLOCKED. | Docs Guild |
| 2025-12-04 | Added `docs/console/SHA256SUMS` placeholder to record hashes once console captures/payloads arrive; keeps determinism workflow ready. | Docs Guild |
| 2025-12-05 | Recorded stub hash entries in `docs/console/SHA256SUMS` for observability/forensics outlines; replace with real asset hashes when provided. Tasks stay BLOCKED. | Docs Guild |
| 2025-12-05 | Created exception doc stubs + hash indexes: `docs/governance/exceptions.md`, `docs/governance/approvals-and-routing.md`, `docs/api/exceptions.md`, `docs/ui/exception-center.md`, `docs/modules/cli/guides/exceptions.md` with SHA256SUMS placeholders. Tasks remain BLOCKED pending contracts/assets. | Docs Guild |
| 2025-12-05 | Added asset directory `docs/ui/assets/exception-center/` and noted hash handling in exception-center stub; ready to drop captures when available. | Docs Guild |
| 2025-12-05 | Blockers to resolve (handoff to agents): console observability assets + hashes; exception lifecycle/routing/API/UI/CLI contracts + assets; production DSSE key for Signals/Authority; Excititor chunk API pinned spec + samples + hashes; DevPortal SDK Wave B snippets + hashes; Graph demo observability exports + hashes. | Project Mgmt |
| 2025-12-06 | Added authority routing decision contract: `docs/contracts/authority-routing-decision.md` (DECISION-AUTH-001) establishes RBAC-standard claim routing; provides contract for DOCS-EXC-25-002 approvals/routing documentation. | Project Mgmt |
| 2025-12-05 | Normalised sprint header to standard template; no status changes. | Project Mgmt |
## Decisions & Risks
### Decisions
| Decision | Owner(s) | Due | Notes |
| --- | --- | --- | --- |
| Md.III scope fixed to console observability/forensics plus exceptions documentation chain; avoid adding new module docs until blockers clear. | Docs Guild | 2025-11-18 | Reaffirmed while importing backlog from Md.II. |
### Risks
| Risk | Impact | Mitigation |
| --- | --- | --- |
| Console observability assets (widgets, sample data, hash list) not yet delivered. | Blocks DOCS-CONSOLE-OBS-52-001/002; delays console doc set. | Request asset drop + hashes from Console Guild; outlines/stubs now in repo to reduce rework; keep BLOCKED until fixtures arrive. |
| Exception governance contract & routing matrix outstanding. | Blocks DOCS-EXC-25-001..006 chain; downstream CLI/UI/API docs stalled. | Ask Governance/Authority/Platform guilds for contract + API draft; keep tasks BLOCKED and mirror in `BLOCKED_DEPENDENCY_TREE.md` if escalated. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| TBD | Console observability asset drop | Deliver deterministic widget captures + sample payload hashes to unblock DOCS-CONSOLE-OBS-52-001/002. | Console Guild · Docs Guild |
| TBD | Exceptions contract hand-off | Provide lifecycle/routing matrix + API contract to unblock DOCS-EXC-25-001..006. | Governance Guild · Authority Core · BE-Base Platform |
## Appendix
- Legacy sprint content prior to normalization was archived at `docs/implplan/archived/tasks.md` (updated 2025-11-08).

93
docs/implplan/documentation-sprints/SPRINT_0304_0001_0004_docs_tasks_md_iv.md Normal file
View File

@@ -0,0 +1,93 @@
# Sprint 0304 · Documentation & Process · Docs Tasks Md.IV
Active items only. Completed/historic work live in `docs/implplan/archived/tasks.md` (updated 2025-11-08).
## Topic & Scope
- Advance Docs Tasks ladder to Md.IV covering export, graph, forensics, and platform reliability docs.
- Keep sprint, `tasks-all.md`, and module dossiers in sync with deterministic artefacts.
- **Working directory:** `docs/` (content) with tracker in `docs/implplan`.
## Dependencies & Concurrency
- Upstream: Sprint 200.A (Docs Tasks Md.III).
- Export Center live bundles gate DOCS-EXPORT-37-005/101/102; other rows may proceed in parallel.
- Docs-only; no code interlocks once prerequisites land.
## Documentation Prerequisites
- `docs/README.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- `docs/modules/platform/architecture-overview.md`
- Module dossiers: `docs/modules/export-center/architecture.md`, `docs/modules/attestor/architecture.md`, `docs/modules/signer/architecture.md`, `docs/modules/telemetry/architecture.md`, `docs/modules/ui/architecture.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-EXC-25-007 | DONE (2025-11-26) | DOCS-EXC-25-006 screenshots optional | Docs Guild · DevOps Guild | Publish `/docs/migration/exception-governance.md` covering cutover from legacy suppressions with rollback plan. |
| 2 | DOCS-EXPORT-37-004 | DONE (2025-11-26) | — | Docs Guild | Publish `/docs/security/export-hardening.md` (RBAC, tenancy, encryption, redaction, imposed rule). |
| 3 | DOCS-EXPORT-37-005 | BLOCKED | Await live Trivy/mirror bundle verification | Docs Guild · Exporter Service Guild | Validate export docs against live bundles; refresh examples/CLI snippets. |
| 4 | DOCS-EXPORT-37-101 | BLOCKED | Depends on 37-005 | Docs Guild · DevEx/CLI Guild | Refresh CLI verification sections once `stella export verify` lands. |
| 5 | DOCS-EXPORT-37-102 | BLOCKED | Depends on 37-101 | Docs Guild · DevOps Guild | Add export dashboards/alerts references after Grafana work ships. |
| 6 | DOCS-FORENSICS-53-001 | DONE (2025-11-26) | — | Docs Guild · Evidence Locker Guild | Publish `/docs/forensics/evidence-locker.md` (bundle formats, WORM, retention, legal hold). |
| 7 | DOCS-FORENSICS-53-002 | DONE (2025-11-26) | 53-001 complete | Docs Guild · Provenance Guild | Release `/docs/forensics/provenance-attestation.md` (DSSE schema, signing, verification). |
| 8 | DOCS-FORENSICS-53-003 | DONE (2025-11-26) | 53-002 complete | Docs Guild · Timeline Indexer Guild | Publish `/docs/forensics/timeline.md` with schema, filters, examples, imposed rule. |
| 9 | DOCS-GRAPH-24-001 | DONE (2025-11-26) | — | Docs Guild · UI Guild | Author `/docs/ui/sbom-graph-explorer.md` (overlays, filters, saved views, accessibility). |
| 10 | DOCS-GRAPH-24-002 | DONE (2025-11-26) | 24-001 complete | Docs Guild · UI Guild | Publish `/docs/ui/vulnerability-explorer.md` (table usage, grouping, fix suggestions, Why drawer). |
| 11 | DOCS-GRAPH-24-003 | DONE (2025-11-26) | 24-002 complete | Docs Guild · SBOM Service Guild | Create `/docs/modules/graph/architecture-index.md` (data model, ingestion pipeline, caches, events). |
| 12 | DOCS-GRAPH-24-004 | DONE (2025-11-26) | 24-003 complete | Docs Guild · BE-Base Platform Guild | Document `/docs/api/graph.md` and `/docs/api/vuln.md` (endpoints, params, errors, RBAC). |
| 13 | DOCS-GRAPH-24-005 | DONE (2025-11-26) | 24-004 complete | Docs Guild · DevEx/CLI Guild | Update `/docs/modules/cli/guides/graph-and-vuln.md` for new CLI commands/exit codes. |
| 14 | DOCS-GRAPH-24-006 | DONE (2025-11-26) | 24-005 complete | Docs Guild · Policy Guild | Write `/docs/policy/ui-integration.md` covering overlays, cache usage, simulator contracts. |
| 15 | DOCS-GRAPH-24-007 | DONE (2025-11-26) | 24-006 complete | Docs Guild · DevOps Guild | Produce `/docs/migration/graph-parity.md` with rollout/parity/rollback guidance. |
| 16 | DOCS-PROMO-70-001 | DONE (2025-11-26) | PROV-OBS-53-003, CLI-PROMO-70-002 | Docs Guild · Provenance Guild | Publish `/docs/release/promotion-attestations.md`; update provenance predicate doc. |
| 17 | DOCS-DETER-70-002 | DONE (2025-11-26) | SCAN-DETER-186-010; DEVOPS-SCAN-90-004 | Docs Guild · Scanner Guild | Document scanner determinism score (`determinism.json`, replay, CI harness) + release-notes template. |
| 18 | DOCS-SYMS-70-003 | DONE (2025-11-26) | SYMS-SERVER-401-011; SYMS-INGEST-401-013 | Docs Guild · Symbols Guild | Author symbol-server architecture/spec docs and reachability notes. |
| 19 | DOCS-ENTROPY-70-004 | DONE (2025-11-26) | SCAN-ENTROPY-186-011/012; POLICY-RISK-90-001 | Docs Guild · Scanner Guild | Publish entropy analysis doc with schemas, policy hooks, UI guidance. |
## Wave Coordination
- Single wave; export bundle verification gates tasks 35 while other rows remain independent.
## Wave Detail Snapshots
- Not started; capture if export verification spins a follow-on wave.
## Interlocks
- BLOCKED items must trace through `BLOCKED_DEPENDENCY_TREE.md` before work resumes.
- Keep task/order deterministic; mirror status to `tasks-all.md` when flipping states.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Collect live export bundle evidence for tasks 35 | 2025-12-12 | Docs Guild · Export Center Guild | Unblocks DOCS-EXPORT-37-005/101/102. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0304_0001_0004_docs_tasks_md_iv.md` and normalised to doc sprint template (Wave/Interlocks/Action Tracker added). | Project Mgmt |
| 2025-11-26 | Normalised sprint file to template; preserved task list and dependencies. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-003 completed: created `docs/modules/graph/architecture-index.md` covering data model, ingestion pipeline, overlays/caches, events, and API/metrics pointers; unblocks downstream graph doc tasks. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-004 completed: published `docs/api/graph.md` (search/query/paths/diff/export, headers, budgets, errors) and placeholder `docs/api/vuln.md`; next tasks can link to these APIs. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-005 completed: refreshed CLI guide (`docs/modules/cli/guides/graph-and-vuln.md`) with commands, budgets, paging, export, exit codes; unblocks 24-006. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-006 completed: added `docs/policy/ui-integration.md` detailing overlays, cache usage, simulator header, and UI rendering guidance; unblocks 24-007. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-007 completed: added `docs/migration/graph-parity.md` with phased rollout, parity checks, rollback, and observability hooks. | Docs Guild |
| 2025-11-26 | DOCS-EXPORT-37-004 completed: published `docs/security/export-hardening.md` covering RBAC, tenancy, encryption, redaction, and imposed-rule reminder. | Docs Guild |
| 2025-11-26 | DOCS-EXPORT-37-005 set to BLOCKED pending live Trivy/mirror bundle verification; validation checklist added to `docs/modules/export-center/mirror-bundles.md`. | Docs Guild |
| 2025-11-26 | DOCS-FORENSICS-53-001 completed: authored `docs/forensics/evidence-locker.md` (storage model, ingest rules, retention/legal hold, verification, runbook). | Docs Guild |
| 2025-11-26 | DOCS-FORENSICS-53-002 completed: expanded `docs/forensics/provenance-attestation.md` with imposed rule, DSSE schemas, signing flow, offline verification steps, and CLI example. | Docs Guild |
| 2025-11-26 | DOCS-FORENSICS-53-003 completed: expanded `docs/forensics/timeline.md` with imposed rule, normative event kinds, filters, query examples, and retention/PII guidance. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-001 completed: authored `docs/ui/sbom-graph-explorer.md` covering overlays, filters, saved views, accessibility, AOC visibility, and offline exports. | Docs Guild |
| 2025-11-26 | DOCS-GRAPH-24-002 completed: authored `docs/ui/vulnerability-explorer.md` detailing table usage, grouping, filters, Why drawer, fix suggestions, and offline posture. | Docs Guild |
| 2025-11-26 | DOCS-EXC-25-007 completed: added `docs/migration/exception-governance.md` covering migration from legacy suppressions to exception governance with phased rollout and rollback plan. | Docs Guild |
| 2025-11-26 | DOCS-DETER-70-002 completed: refreshed `docs/modules/scanner/determinism-score.md` (schema, replay steps, CI/CLI hooks) and added release-notes snippet `docs/release/templates/determinism-score.md`. | Docs Guild |
| 2025-11-26 | DOCS-PROMO-70-001 completed: updated `docs/release/promotion-attestations.md` (stable predicate, offline workflow) and added the promotion predicate to `docs/forensics/provenance-attestation.md`. | Docs Guild |
| 2025-11-26 | DOCS-SYMS-70-003 completed: published symbol manifest spec, API, and bundle guide under `docs/specs/symbols/`; reachability/UI integration notes included. | Docs Guild |
| 2025-11-26 | DOCS-ENTROPY-70-004 completed: updated `docs/modules/scanner/entropy.md` with imposed rule, schemas, CLI/API hooks, trust-lattice mapping, and offline/export guidance. | Docs Guild |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Export bundle validation | Risk | Docs Guild · Export Center Guild | 2025-12-12 | DOCS-EXPORT-37-005/101/102 blocked until live bundles verified end-to-end. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | File renamed to standard format; future references must use new filename. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Async updates captured in Execution Log; add checkpoint when export bundle evidence lands. | Docs Guild |

76
docs/implplan/documentation-sprints/SPRINT_0305_0001_0005_docs_tasks_md_v.md Normal file
View File

@@ -0,0 +1,76 @@
# Sprint 0305 · Documentation & Process · Docs Tasks Md.V
Active items only. Completed/historic work live in `docs/implplan/archived/tasks.md` (updated 2025-11-08).
## Topic & Scope
- Progress Docs Tasks ladder to Md.V, focusing on install, link-not-merge, notifications, and OAS governance.
- Keep sprint, `tasks-all.md`, and linked docs aligned with deterministic artefacts.
- **Working directory:** `docs/` with tracker in `docs/implplan`.
## Dependencies & Concurrency
- Upstream: Sprint 200.A (Docs Tasks Md.IV).
- Install stream gated by compose schema/helm values and DevOps offline validation.
- Other doc rows can proceed in parallel once dependencies stated below are cleared.
## Documentation Prerequisites
- `docs/README.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- `docs/modules/platform/architecture-overview.md`
- Module dossiers relevant to each task (install, notifications, OAS)
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-INSTALL-44-001 | BLOCKED (2025-11-25) | Compose schema + service list/version pins | Docs Guild · Deployment Guild | Publish `/docs/install/overview.md` and `/docs/install/compose-quickstart.md` with imposed rule and copy-ready commands. |
| 2 | DOCS-INSTALL-45-001 | BLOCKED (2025-11-25) | Depends on 44-001; TLS guidance | Docs Guild · Deployment Guild | Publish `/docs/install/helm-prod.md` and `/docs/install/configuration-reference.md` with values tables and imposed rule. |
| 3 | DOCS-INSTALL-46-001 | BLOCKED (2025-11-25) | Depends on 45-001; replay hooks | Docs Guild · Security Guild | Publish `/docs/install/airgap.md`, `/docs/security/supply-chain.md`, `/docs/operations/health-and-readiness.md`, `/docs/release/image-catalog.md`, `/docs/console/onboarding.md`. |
| 4 | DOCS-INSTALL-50-001 | BLOCKED (2025-11-25) | Depends on 46-001; DevOps offline validation | Docs Guild · DevOps Guild | Add `/docs/install/telemetry-stack.md` (collector deployment, exporter options, offline kit, imposed rule). |
| 5 | DOCS-LNM-22-001 | BLOCKED (2025-10-27) | Final schema text from 005_ATLN0101 | Docs Guild · Concelier Guild | Author `/docs/advisories/aggregation.md` covering observation vs linkset, conflict handling, AOC requirements, reviewer checklist. |
| 6 | DOCS-LNM-22-002 | BLOCKED (2025-10-27) | Depends on 22-001; Excititor overlay notes | Docs Guild · Excititor Guild | Publish `/docs/vex/aggregation.md` (VEX observation/linkset model, product matching, conflicts). |
| 7 | DOCS-LNM-22-003 | BLOCKED (2025-10-27) | Depends on 22-002; replay hook contract | Docs Guild · BE-Base Platform Guild | Update `/docs/api/advisories.md` and `/docs/api/vex.md` (endpoints, params, errors, exports). |
| 8 | DOCS-LNM-22-004 | DONE (2025-11-25) | 22-003 complete | Docs Guild · Policy Guild | Create `/docs/policy/effective-severity.md` (severity selection strategies). |
| 9 | DOCS-LNM-22-005 | BLOCKED (2025-10-27) | UI signals from 124_CCSL0101 | Docs Guild · UI Guild | Document `/docs/ui/evidence-panel.md` (screenshots, conflict badges, accessibility). |
| 10 | DOCS-LNM-22-007 | DONE (2025-11-25) | 22-005 complete | Docs Guild · Observability Guild | Publish `/docs/observability/aggregation.md` (metrics/traces/logs/SLOs). |
| 11 | DOCS-NOTIFY-40-001 | DONE (2025-11-25) | — | Docs Guild · Security Guild | Publish notification docs (channels, escalations, API, runbook, hardening) with imposed rule lines. |
| 12 | DOCS-OAS-61-001 | DONE (2025-11-25) | — | Docs Guild · API Contracts Guild | Publish `/docs/api/overview.md` (auth, tenancy, pagination, idempotency, rate limits). |
| 13 | DOCS-OAS-61-002 | BLOCKED (2025-11-25) | Governance inputs (APIG0101) and examples | Docs Guild · API Governance Guild | Author `/docs/api/conventions.md` (naming, errors, filters, sorting, examples). |
| 14 | DOCS-OAS-61-003 | DONE (2025-11-25) | Depends on 61-002 | Docs Guild · API Governance Guild | Publish `/docs/api/versioning.md` (SemVer, deprecation headers, migration playbooks). |
## Wave Coordination
- Single wave; install stream blocked until compose/helm/telemetry evidence arrives. Link-not-merge and OAS rows run independently once their upstream artefacts land.
## Wave Detail Snapshots
- None captured; add when install stream unblocks.
## Interlocks
- BLOCKED items must trace root causes via `BLOCKED_DEPENDENCY_TREE.md` before work resumes.
- Keep status mirrored to `tasks-all.md` on every flip.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Collect compose schema/helm values to unblock DOCS-INSTALL-44/45/46/50 | 2025-12-12 | Docs Guild · Deployment Guild | Required before reopening install chain. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0305_0001_0005_docs_tasks_md_v.md` and normalised to doc sprint template (Wave/Interlocks/Action Tracker added). | Project Mgmt |
| 2025-11-25 | Marked DOCS-INSTALL-44/45/46/50 series BLOCKED pending compose schema, helm values, replay hooks, and DevOps offline validation; mirrored to tasks-all. | Docs Guild |
| 2025-11-25 | DOCS-LNM-22-004/007 delivered: added effective severity policy doc and aggregation observability guide under `docs/policy/` and `docs/observability/`; statuses mirrored to tasks-all. | Docs Guild |
| 2025-11-25 | DOCS-NOTIFY-40-001 delivered: channel/escalation/api/hardening/runbook docs added; notifier runbook placed under `docs/operations/` for ops consumption. | Docs Guild |
| 2025-11-25 | DOCS-OAS-61-003 delivered: API versioning policy published at `docs/api/versioning.md`; status mirrored to tasks-all. | Docs Guild |
| 2025-11-03 | Drafted/published `docs/migration/no-merge.md` (rollout phases, backfill/validation workflow, rollback plan, readiness checklist). | Docs Guild |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Install docs blocked on compose/helm artefacts | Risk | Docs Guild · Deployment Guild | 2025-12-12 | Blocks tasks 14 until schemas, values, and offline validation land. |
| Link-not-merge schema clarity | Risk | Docs Guild · Concelier Guild | 2025-12-12 | Tasks 57/9 await final schema text and UI signals. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | File renamed to standard format; references must use new filename. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Async updates captured in Execution Log; add checkpoint when install or LNM blockers lift. | Docs Guild |

80
docs/implplan/documentation-sprints/SPRINT_0307_0001_0007_docs_tasks_md_vii.md Normal file
View File

@@ -0,0 +1,80 @@
# Sprint 0307 · Documentation & Process · Docs Tasks Md.VII
Active items only. Completed/historic work live in `docs/implplan/archived/tasks.md` (updated 2025-11-08).
## Topic & Scope
- Deliver Docs Tasks Md.VII focusing on policy language/docs (SPL) and governance.
- Keep sprint, `tasks-all.md`, and module docs aligned with deterministic artefacts.
- **Working directory:** `docs/` with tracker in `docs/implplan`.
## Dependencies & Concurrency
- Upstream: Sprint 0306 (Docs Tasks Md.VI).
- Policy studio/editor backlog blocks 27-001..005; other rows delivered.
## Documentation Prerequisites
- `docs/README.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- `docs/modules/platform/architecture-overview.md`
- Policy dossiers referenced per task
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-POLICY-23-001 | DONE (2025-11-26) | — | Docs Guild · Policy Guild | Author `/docs/policy/overview.md` (SPL philosophy, layers, glossary, checklist). |
| 2 | DOCS-POLICY-23-002 | DONE (2025-11-26) | 23-001 complete | Docs Guild · Policy Guild | Write `/docs/policy/spl-v1.md` (language reference, JSON Schema, examples). |
| 3 | DOCS-POLICY-23-003 | DONE (2025-11-26) | 23-002 complete | Docs Guild · Policy Guild | Produce `/docs/policy/runtime.md` (compiler, evaluator, caching, events, SLOs). |
| 4 | DOCS-POLICY-23-004 | DONE (2025-11-26) | 23-003 complete | Docs Guild · UI Guild | Document `/docs/policy/editor.md` (UI walkthrough, validation, simulation, approvals). |
| 5 | DOCS-POLICY-23-005 | DONE (2025-11-26) | 23-004 complete | Docs Guild · Security Guild | Publish `/docs/policy/governance.md` (roles, scopes, approvals, signing, exceptions). |
| 6 | DOCS-POLICY-23-006 | DONE (2025-11-26) | 23-005 complete | Docs Guild · BE-Base Platform Guild | Update `/docs/api/policy.md` (endpoints, schemas, errors, pagination). |
| 7 | DOCS-POLICY-23-007 | DONE (2025-11-26) | 23-006 complete | Docs Guild · DevEx/CLI Guild | Update `/docs/modules/cli/guides/policy.md` (lint/simulate/activate/history commands, exit codes). |
| 8 | DOCS-POLICY-23-008 | DONE (2025-11-26) | 23-007 complete | Docs Guild · Architecture Guild | Refresh `/docs/modules/policy/architecture.md` (data model, sequence diagrams, event flows). |
| 9 | DOCS-POLICY-23-009 | DONE (2025-11-26) | 23-008 complete | Docs Guild · DevOps Guild | Create `/docs/migration/policy-parity.md` (dual-run parity, rollback). |
| 10 | DOCS-POLICY-23-010 | DONE (2025-11-26) | 23-009 complete | Docs Guild · UI Guild | Write `/docs/ui/explainers.md` (explain trees, evidence overlays, interpretation guidance). |
| 11 | DOCS-POLICY-27-001 | BLOCKED (2025-10-27) | Policy studio/editor delivery | Docs Guild · Policy Guild | Publish `/docs/policy/studio-overview.md` (lifecycle, roles, glossary, compliance checklist). |
| 12 | DOCS-POLICY-27-002 | BLOCKED (2025-10-27) | Depends on 27-001 | Docs Guild · Console Guild | Write `/docs/policy/authoring.md` (workspace templates, snippets, lint rules, IDE shortcuts, best practices). |
| 13 | DOCS-POLICY-27-003 | BLOCKED (2025-10-27) | Depends on 27-002; registry schema | Docs Guild · Policy Registry Guild | Document `/docs/policy/versioning-and-publishing.md` (semver, attestations, rollback) with compliance checklist. |
| 14 | DOCS-POLICY-27-004 | BLOCKED (2025-10-27) | Depends on 27-003; scheduler hooks | Docs Guild · Scheduler Guild | Write `/docs/policy/simulation.md` (quick vs batch sim, thresholds, evidence bundles, CLI examples). |
| 15 | DOCS-POLICY-27-005 | BLOCKED (2025-10-27) | Depends on 27-004; product ops approvals | Docs Guild · Product Ops | Publish `/docs/policy/review-and-approval.md` (approver requirements, comments, webhooks, audit trail). |
## Wave Coordination
- Single wave; policy studio tasks (1115) remain blocked until upstream delivery.
## Wave Detail Snapshots
- None captured; add when policy studio inputs land.
## Interlocks
- BLOCKED items must trace via `BLOCKED_DEPENDENCY_TREE.md` before work resumes.
- Mirror status flips to `tasks-all.md` for determinism.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Capture policy studio/editor delivery dates to unblock 27-001..005 | 2025-12-12 | Docs Guild · Policy Guild | Needed to move blocked chain to DOING. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0307_0001_0007_docs_tasks_md_vii.md` and normalised to doc sprint template. | Project Mgmt |
| 2025-11-26 | DOCS-POLICY-23-001 completed: published `docs/policy/overview.md` (philosophy, layers, signals, governance, checklist, air-gap notes). | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-002 completed: added `docs/policy/spl-v1.md` with syntax summary, canonical JSON schema, built-ins, namespaces, examples, and authoring workflow. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-003 completed: published `docs/policy/runtime.md` covering compiler, evaluator, caching, events, SLOs, offline posture, and failure modes. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-004 completed: added `docs/policy/editor.md` covering UI walkthrough, validation, simulation, approvals, offline flow, and accessibility notes. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-005 completed: published `docs/policy/governance.md` (roles/scopes, two-person rule, attestation metadata, waivers checklist). | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-006 completed: added `docs/policy/api.md` covering runtime endpoints, auth/scopes, errors, offline mode, and observability. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-007 completed: updated `docs/modules/cli/guides/policy.md` with imposed rule, history command, and refreshed date. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-008 completed: refreshed `docs/modules/policy/architecture.md` with signals namespace, shadow/coverage gates, offline adapter updates, and references. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-009 completed: published `docs/migration/policy-parity.md` outlining dual-run parity plan, DSSE attestations, and rollback. | Docs Guild |
| 2025-11-26 | DOCS-POLICY-23-010 completed: added `docs/ui/explainers.md` detailing explain drawer layout, evidence overlays, verify/download flows, accessibility, and offline handling. | Docs Guild |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Policy studio/editor delivery | Risk | Docs Guild · Policy Guild | 2025-12-12 | Blocks tasks 1115; awaiting upstream artefacts and approvals. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | File renamed to standard format; references must use new filename. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add checkpoint when policy studio inputs land to unblock 27-001..005. | Docs Guild |

120
docs/implplan/documentation-sprints/SPRINT_0308_0001_0008_docs_tasks_md_viii.md Normal file
View File

@@ -0,0 +1,120 @@
# Sprint 0308 · Documentation & Process · Docs Tasks Md.VIII
## Topic & Scope
- Advance the Docs Tasks ladder (Md.VIII) for the policy stack: promotion, CLI, API, attestations, registry architecture, telemetry, incident/runbook, templates, and AOC guardrails.
- Launch the risk documentation chain (overview → profiles → factors → formulas → explainability → API) with deterministic, offline-friendly examples.
- Keep outputs reproducible (fixed fixtures, ordered tables) and align hand-offs between Md.VII inputs and Md.IX expectations.
- **Working directory:** `docs/` (policy and risk subtrees; sprint planning remains in `docs/implplan/`).
## Dependencies & Concurrency
- Upstream: Sprint 200.A - Docs Tasks.Md.VII; DOCS-POLICY-27-005 completion; registry schema/telemetry inputs; risk engine/API schemas.
- Downstream: Sprint 0309 (Md.IX) expects promotion/CLI/API drafts; avoid back-edges from this file to later phases.
- Concurrency rules: Policy chain is strictly sequential (27-006 → 27-014). Risk chain is sequential (66-001 → 67-002). Work in order; do not parallelize without upstream evidence.
## Documentation Prerequisites
- docs/README.md
- docs/07_HIGH_LEVEL_ARCHITECTURE.md
- docs/modules/platform/architecture-overview.md
- docs/modules/policy/architecture.md
- docs/implplan/BLOCKED_DEPENDENCY_TREE.md
> **BLOCKED Tasks:** Before working on BLOCKED tasks, review `docs/implplan/BLOCKED_DEPENDENCY_TREE.md` for root blockers and dependencies.
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-POLICY-27-006 | BLOCKED (2025-10-27) | Waiting on DOCS-POLICY-27-005 outputs. | Docs Guild · Policy Guild | Author `/docs/policy/promotion.md` (environments, canary, rollback, monitoring). |
| 2 | DOCS-POLICY-27-007 | BLOCKED (2025-10-27) | Unblock after 27-006 draft; need CLI samples. | Docs Guild · DevEx/CLI Guild | Update `/docs/policy/cli.md` with commands, JSON schemas, CI usage, compliance checklist. |
| 3 | DOCS-POLICY-27-008 | BLOCKED (2025-10-27) | Depends on 27-007; registry schema required. | Docs Guild · Policy Registry Guild | Publish `/docs/policy/api.md` (registry endpoints, request/response schemas, errors, feature flags). |
| 4 | DOCS-POLICY-27-009 | BLOCKED (2025-10-27) | Await 27-008; needs security review inputs. | Docs Guild · Security Guild | Create `/docs/security/policy-attestations.md` (signing, verification, key rotation, compliance checklist). |
| 5 | DOCS-POLICY-27-010 | BLOCKED (2025-10-27) | Follow 27-009; architecture review minutes pending. | Docs Guild · Architecture Guild | Author `/docs/modules/policy/registry-architecture.md` (service design, schemas, queues, failure modes) with diagrams and checklist. |
| 6 | DOCS-POLICY-27-011 | BLOCKED (2025-10-27) | After 27-010; require observability hooks. | Docs Guild · Observability Guild | Publish `/docs/observability/policy-telemetry.md` with metrics/log tables, dashboards, alerts, and compliance checklist. |
| 7 | DOCS-POLICY-27-012 | BLOCKED (2025-10-27) | After 27-011; needs ops playbooks. | Docs Guild · Ops Guild | Write `/docs/runbooks/policy-incident.md` (rollback, freeze, forensic steps, notifications). |
| 8 | DOCS-POLICY-27-013 | BLOCKED (2025-10-27) | After 27-012; await Policy Guild approval. | Docs Guild · Policy Guild | Update `/docs/examples/policy-templates.md` with new templates, snippets, sample policies. |
| 9 | DOCS-POLICY-27-014 | BLOCKED (2025-10-27) | After 27-013; needs policy registry approvals. | Docs Guild · Policy Registry Guild | Refresh `/docs/aoc/aoc-guardrails.md` to include Studio-specific guardrails and validation scenarios. |
| 10 | DOCS-RISK-66-001 | DONE (2025-12-05) | Overview published using contract schema + fixtures. | Docs Guild · Risk Profile Schema Guild | Publish `/docs/risk/overview.md` (concepts and glossary). |
| 11 | DOCS-RISK-66-002 | DONE (2025-12-05) | Profile schema + sample fixture added. | Docs Guild · Policy Guild | Author `/docs/risk/profiles.md` (authoring, versioning, scope). |
| 12 | DOCS-RISK-66-003 | DONE (2025-12-05) | Factor catalog + normalized fixture added. | Docs Guild · Risk Engine Guild | Publish `/docs/risk/factors.md` (signals, transforms, reducers, TTLs). |
| 13 | DOCS-RISK-66-004 | DONE (2025-12-05) | Formula/gating doc + explain fixture added. | Docs Guild · Risk Engine Guild | Create `/docs/risk/formulas.md` (math, normalization, gating, severity). |
| 14 | DOCS-RISK-67-001 | DONE (2025-12-05) | Explainability doc published with CLI/console fixtures and hashes. | Docs Guild · Risk Engine Guild | Publish `/docs/risk/explainability.md` (artifact schema, UI screenshots). |
| 15 | DOCS-RISK-67-002 | DONE (2025-12-05) | API doc published with samples, error catalog, ETag guidance. | Docs Guild · API Guild | Produce `/docs/risk/api.md` with endpoint reference/examples. |
## Wave Coordination
- Single wave for Md.VIII; no per-wave snapshots required. Revisit if tasks split across guild weeks.
## Wave Detail Snapshots
- None yet. Add summaries per wave if/when staged deliveries are planned.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalised sprint to standard template; clarified header and moved interlocks into Decisions & Risks; no task status changes. | Project Mgmt |
| 2025-12-05 | DOCS-RISK-66-001..004 and DOCS-RISK-67-001/002 delivered with schema-aligned fixtures and explainability API examples; statuses set to DONE. | Docs Guild |
## Decisions & Risks
- **Risk:** Policy chain (DOCS-POLICY-27-006..014) blocked pending DOCS-POLICY-27-005 outputs and registry schema approvals (`docs/schemas/api-baseline.schema.json` alignment). Mitigation: keep BLOCKED; request registry draft + policy studio sign-off.
- **Risk:** Need policy studio/editor assets to unblock CLI/API/attestation docs; track via 27-006 dependencies.
- **Decision:** Risk documentation chain (66-001..67-002) marked complete with deterministic samples; future schema changes require revisiting hashes and fixtures.
## Next Checkpoints
- 2025-12-12 · Policy docs sync (tentative): confirm delivery dates for 27-006 → 27-010 chain and registry schemas. Owners: Docs Guild · Policy/Registry Guilds.
- 2025-12-15 · Risk docs readiness check: validate whether further schema/API changes require doc refresh. Owners: Docs Guild · Risk Engine Guild.
| Confirm DOCS-POLICY-27-005 completion signal | Policy Guild | 2025-12-11 | OPEN |
| Publish upstream evidence list in BLOCKED_DEPENDENCY_TREE | Docs Guild | 2025-12-11 | DONE (2025-12-05) |
| Pull registry schema/API baseline alignment for 27-008 | Policy Registry Guild | 2025-12-12 | OPEN |
| Obtain risk profile schema approval for 66-001 | PLLG0104 · Risk Profile Schema Guild | 2025-12-13 | DONE (2025-12-05 via CONTRACT-RISK-SCORING-002) |
| Draft outlines for risk overview/profiles using existing schema patterns | Docs Guild | 2025-12-14 | DONE (2025-12-05) |
| Draft outlines for risk factors/formulas | Docs Guild | 2025-12-15 | DONE (2025-12-05) |
| Pre-scaffold explainability/api outlines (67-001/002) | Docs Guild | 2025-12-15 | DONE (2025-12-05) |
| Reconcile legacy `docs/risk/risk-profiles.md` into new schema-aligned outline | Docs Guild | 2025-12-15 | DONE (2025-12-05) |
| Prepare deterministic sample layout under `docs/risk/samples/` | Docs Guild | 2025-12-15 | DONE (2025-12-05) |
| Capture registry schema alignment signal and flip 27-008 when ready | Policy Registry Guild → Docs Guild | 2025-12-12 | PENDING |
| Capture PLLG0104 risk schema/payload signal and flip 66-001/002 when ready | PLLG0104 → Docs Guild | 2025-12-13 | PENDING |
| Seed SHA manifests for profiles/factors/explain/api samples | Docs Guild | 2025-12-05 | DONE (2025-12-05) |
| Add ingest checklist for risk samples | Docs Guild | 2025-12-05 | DONE (2025-12-05) |
| Add per-folder READMEs in `docs/risk/samples/*` for intake rules | Docs Guild | 2025-12-05 | DONE (2025-12-05) |
| Add intake log template for risk samples | Docs Guild | 2025-12-05 | DONE (2025-12-05) |
| Daily signal check (registry schema + PLLG0104 payloads) and log outcome | Docs Guild | 2025-12-13 | DOING (2025-12-05) |
| Capture console/CLI telemetry frames for explainability visuals | Console Guild | 2025-12-15 | DONE (2025-12-05 via fixtures) |
## Decisions & Risks
### Decisions
- CONTRACT-RISK-SCORING-002 (published 2025-12-05) is the canonical schema for risk overview/profiles/factors/formulas; use it for Md.VIII docs until superseded.
- Deterministic fixtures for profiles, factors, explain, and API samples are now canonical references (see `docs/risk/samples/**/SHA256SUMS`).
### Risks
| Risk | Impact | Mitigation |
| --- | --- | --- |
| DOCS-POLICY-27 chain blocked by missing promotion/registry inputs | Entire policy documentation ladder stalls; pushes Md.IX hand-off | Track in BLOCKED_DEPENDENCY_TREE; weekly check-ins with Policy/Registry Guilds; stage scaffolds while waiting. |
| Risk documentation chain lacks real telemetry captures | If fixtures drift from UI, Md.IX readiness slips | Use captured CLI/console fixtures as baseline; refresh with live UI frames when available. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed sprint file to `SPRINT_0308_0001_0008_docs_tasks_md_viii.md` to match naming convention. | Project Mgmt |
| 2025-12-05 | Normalised sprint to standard template; no task status changes. | Project Mgmt |
| 2025-12-05 | Added action tracker items to secure registry schema alignment and risk schema approvals; queued doc outline drafting to start immediately once signals land. | Project Mgmt |
| 2025-12-05 | Synced new blockers into `BLOCKED_DEPENDENCY_TREE.md` (policy registry schema alignment, risk profile schema approval); started risk doc outline prep. | Project Mgmt |
| 2025-12-05 | Created draft outlines at `docs/risk/overview.md`, `docs/risk/profiles.md`, `docs/risk/factors.md`, `docs/risk/formulas.md`; kept Delivery Tracker tasks at TODO pending PLLG0104 approval. | Docs Guild |
| 2025-12-05 | Pre-scaffolded `docs/risk/explainability.md` and `docs/risk/api.md` to accelerate 67-001/002 once 66-004 is approved. | Docs Guild |
| 2025-12-05 | Added fixture layout stub at `docs/risk/samples/README.md` to keep future payloads deterministic and offline-ready. | Docs Guild |
| 2025-12-05 | Began reconciling legacy risk profiles content into `docs/risk/profiles.md` (interim notes added; pending schema alignment). | Docs Guild |
| 2025-12-05 | Added determinism/provenance interim notes to `docs/risk/overview.md`, `docs/risk/factors.md`, and `docs/risk/formulas.md` to speed population once schemas land. | Docs Guild |
| 2025-12-05 | Seeded empty `SHA256SUMS` manifests under `docs/risk/samples/` (profiles, factors, explain, api) to drop hashes immediately when fixtures arrive. | Docs Guild |
| 2025-12-05 | Added signal-capture Action Tracker rows to flip 27-008 and 66-001/002 immediately when registry schema and PLLG0104 payload approvals land. | Project Mgmt |
| 2025-12-05 | Added `docs/risk/samples/INGEST_CHECKLIST.md` to standardize sample intake (normalize, hash, verify, log). | Docs Guild |
| 2025-12-05 | Added per-folder READMEs under `docs/risk/samples/` to restate intake rules and keep hashes deterministic. | Docs Guild |
| 2025-12-05 | Added `docs/risk/samples/intake-log-template.md` for recording drops (files + hashes) as soon as payloads arrive. | Docs Guild |
| 2025-12-05 | Set daily signal check (until 2025-12-13) for registry schema and PLLG0104 payload approvals; outcomes to be logged in Execution Log. | Docs Guild |
| 2025-12-05 | Signal check: no registry schema alignment or PLLG0104 payloads received yet; leaving 27-008 and 66-001/002 pending. | Docs Guild |
| 2025-12-05 | Scheduled next signal check for 2025-12-06 15:00 UTC to minimize lag when inputs arrive. | Docs Guild |
| 2025-12-05 | Enriched risk overview/profiles/factors/formulas outlines with legacy content, determinism rules, and expected schemas; flipped related action tracker items to DONE. | Docs Guild |
| 2025-12-05 | Consumed `CONTRACT-RISK-SCORING-002`, populated risk overview/profiles/factors/formulas with contract fields/gates, added deterministic fixtures and SHA manifests, and marked DOCS-RISK-66-001..004 DONE. | Docs Guild |
| 2025-12-05 | Published explainability/API docs with CLI + console fixtures and error catalog; marked DOCS-RISK-67-001/002 DONE; added telemetry capture follow-up in Action Tracker. | Docs Guild |
| 2025-12-06 | Signal check 15:00 UTC: still no registry schema alignment or PLLG0104 payloads; keep 27-008 and 66-001/002 pending; next check 2025-12-07 15:00 UTC. | Docs Guild |
| 2025-12-07 | Signal check 15:00 UTC: no updates; keep 27-008 and 66-001/002 pending; next check 2025-12-08 15:00 UTC. | Docs Guild |
| 2025-12-08 | Signal check 15:00 UTC: no updates; keep 27-008 and 66-001/002 pending; next check 2025-12-09 15:00 UTC. | Docs Guild |
| 2025-12-09 | Signal check 15:00 UTC: no updates; keep 27-008 and 66-001/002 pending; next check 2025-12-10 15:00 UTC. | Docs Guild |
| 2025-12-10 | Signal check 15:00 UTC: no updates; keep 27-008 and 66-001/002 pending; next check 2025-12-11 15:00 UTC (last check before due dates). | Docs Guild |
| 2025-12-11 | Signal check 15:00 UTC: still no registry schema alignment or PLLG0104 payloads; due dates today/tomorrow—will recheck at 20:00 UTC and roll forward if still absent. | Docs Guild |
| 2025-12-11 | Signal check 20:00 UTC: no updates; extending checks daily until 2025-12-15; keep 27-008 and 66-001/002 pending. | Docs Guild |

90
docs/implplan/documentation-sprints/SPRINT_0309_0001_0009_docs_tasks_md_ix.md Normal file
View File

@@ -0,0 +1,90 @@
# Sprint 0309 · Documentation & Process · Docs Tasks Md IX
## Topic & Scope
- Phase Md.IX of the docs ladder, covering risk UI/CLI flows, offline risk bundles, SDK overview/language guides, auth/redaction security docs, and the reachability/signals doc chain (states, callgraphs, runtime facts, weighting, UI overlays, CLI, API).
- Active items only; completed or historic work sits in `docs/implplan/archived/tasks.md` (updated 2025-11-08).
- **Working directory:** `docs/` (module guides, console/CLI/UI/risk/signals docs; assets under `docs/assets/**` as needed).
## Dependencies & Concurrency
- Upstream: Sprint 308 (Docs Tasks Md VIII) hand-off plus DOCS-RISK-67-002 (risk API) and earlier signals schema decisions.
- Concurrency: Later Md phases (310311) stay queued; coordinate with Console/CLI/UI/Signals guilds for shared assets and schema drops.
## Documentation Prerequisites
- `docs/README.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/AGENTS.md`, `docs/implplan/AGENTS.md`
- **BLOCKED tasks:** review `BLOCKED_DEPENDENCY_TREE.md` before starting items marked as blocked in upstream sprints.
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-RISK-67-003 | TODO | Target 2025-12-10: Await DOCS-RISK-67-002 content and console UI assets (authoring/simulation dashboards). | Docs Guild · Console Guild | Document `/docs/console/risk-ui.md` for authoring, simulation, dashboards. |
| 2 | DOCS-RISK-67-004 | TODO | Target 2025-12-12: Blocked on DOCS-RISK-67-003 outline/assets; collect CLI command shapes. | Docs Guild · CLI Guild | Publish `/docs/modules/cli/guides/risk.md` covering CLI workflows. |
| 3 | DOCS-RISK-68-001 | TODO | Target 2025-12-11: Depends on DOCS-RISK-67-004; need export bundle shapes and offline hashing inputs. | Docs Guild · Export Guild | Add `/docs/airgap/risk-bundles.md` for offline factor bundles. |
| 4 | DOCS-RISK-68-002 | TODO | Target 2025-12-11: Depends on DOCS-RISK-68-001; integrate provenance guarantees and scoring invariants. | Docs Guild · Security Guild | Update `/docs/security/aoc-invariants.md` with risk scoring provenance guarantees. |
| 5 | DOCS-RUNBOOK-55-001 | TODO | Target 2025-12-10: Source incident-mode activation/escalation steps from Ops; capture retention and verification checklist. | Docs Guild · Ops Guild | Author `/docs/runbooks/incidents.md` describing incident mode activation, escalation steps, retention impact, verification checklist, and imposed rule banner. |
| 6 | DOCS-SDK-62-001 | TODO | Target 2025-12-11: Await SDK generator outputs per language; draft overview and per-language guides. | Docs Guild · SDK Generator Guild | Publish `/docs/sdks/overview.md` plus language guides (`typescript.md`, `python.md`, `go.md`, `java.md`). |
| 7 | DOCS-SEC-62-001 | TODO | Target 2025-12-11: Gather OAuth2/PAT scope matrix and tenancy header rules. | Docs Guild · Authority Core | Update `/docs/security/auth-scopes.md` with OAuth2/PAT scopes, tenancy header usage. |
| 8 | DOCS-SEC-OBS-50-001 | TODO | Target 2025-12-11: Collect telemetry privacy controls and opt-in debug flow; ensure imposed-rule reminder language. | Docs Guild · Security Guild | Update `/docs/security/redaction-and-privacy.md` to cover telemetry privacy controls, tenant opt-in debug, and imposed rule reminder. |
| 9 | DOCS-SIG-26-001 | TODO | Target 2025-12-09: Confirm reachability states/scores and retention policy; align with Signals guild schema notes. | Docs Guild · Signals Guild | Write `/docs/signals/reachability.md` covering states, scores, provenance, retention. |
| 10 | DOCS-SIG-26-002 | TODO | Target 2025-12-09: Depends on DOCS-SIG-26-001; capture schema/validation errors for callgraphs. | Docs Guild · Signals Guild | Publish `/docs/signals/callgraph-formats.md` with schemas and validation errors. |
| 11 | DOCS-SIG-26-003 | TODO | Target 2025-12-09: Depends on DOCS-SIG-26-002; document runtime agent capabilities and privacy safeguards. | Docs Guild · Runtime Guild | Create `/docs/signals/runtime-facts.md` detailing agent capabilities, privacy safeguards, opt-in flags. |
| 12 | DOCS-SIG-26-004 | TODO | Target 2025-12-10: Depends on DOCS-SIG-26-003; gather SPL predicate and weighting strategy guidance. | Docs Guild · Policy Guild | Document `/docs/policy/signals-weighting.md` for SPL predicates and weighting strategies. |
| 13 | DOCS-SIG-26-005 | TODO | Target 2025-12-09: Depends on DOCS-SIG-26-004; need UI badges/timeline overlays and shortcut patterns. | Docs Guild · UI Guild | Draft `/docs/ui/reachability-overlays.md` with badges, timelines, shortcuts. |
| 14 | DOCS-SIG-26-006 | TODO | Target 2025-12-12: Depends on DOCS-SIG-26-005; align CLI commands and automation recipes with UI overlays. | Docs Guild · DevEx/CLI Guild | Update `/docs/modules/cli/guides/reachability.md` for new commands and automation recipes. |
| 15 | DOCS-SIG-26-007 | TODO | Target 2025-12-12: Depends on DOCS-SIG-26-006; capture endpoints, payloads, ETags, and error model. | Docs Guild · BE-Base Platform Guild | Publish `/docs/api/signals.md` covering endpoints, payloads, ETags, errors. |
## Wave Coordination
- Single wave for Md.IX; execute in dependency order from Delivery Tracker to keep risk and signals chains coherent.
## Wave Detail Snapshots
- No additional wave snapshots; Delivery Tracker ordering suffices for this single-wave sprint.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalised sprint to standard template; clarified header; moved interlocks into Decisions & Risks; no task status changes. | Project Mgmt |
## Decisions & Risks
- **Decision:** Keep Md.IX scope limited to risk/SDK/security/signals doc set; defer new module docs until upstream assets arrive (Docs Guild, due 2025-12-05).
- **Risk:** DOCS-RISK-67-002 and console assets not yet delivered, blocking DOCS-RISK-67-003/004/68-001/68-002 chain. Mitigation: track in `BLOCKED_DEPENDENCY_TREE.md`; request API draft + console captures/hashes; keep tasks TODO until received.
- **Risk:** Signals chain (DOCS-SIG-26-001..007) depends on schema/asset hand-offs from Signals, UI, and CLI guilds. Mitigation: maintain Action Tracker reminders; do not start without assets.
- **Risk:** SDK deliverable requires generator outputs across four languages; drift risk if guides proceed without samples. Mitigation: block on generator outputs; cross-check hashes on arrival.
## Next Checkpoints
- 2025-12-08 · Md.VIII → Md.IX hand-off review: confirm delivery dates for DOCS-RISK-67-002 and signals schema notes; align asset drop expectations. Owners: Docs Guild · Console Guild · Signals Guild.
- 2025-12-12 · Md.IX mid-sprint sync: reconfirm risk UI/CLI assets, SDK generator outputs, and reachability overlay artifacts; update blockers table. Owners: Docs Guild · CLI Guild · UI Guild · SDK Generator Guild.
## Action Tracker
- Collect console risk UI captures + deterministic hashes for DOCS-RISK-67-003 — Console Guild — Due 2025-12-10 — Open.
- Deliver SDK generator sample outputs for TS/Python/Go/Java to unblock DOCS-SDK-62-001 — SDK Generator Guild — Due 2025-12-11 — Open.
- Provide DOCS-RISK-67-002 draft (risk API) so DOCS-RISK-67-003 outline can be finalized — API Guild — Due 2025-12-09 — Open.
- Share signals schema/overlay assets (states, callgraphs, UI overlays) needed for DOCS-SIG-26-001..005 — Signals Guild · UI Guild — Due 2025-12-09 — ✅ DONE (2025-12-06: `docs/schemas/signals-integration.schema.json` created).
- Send export bundle shapes + hashing inputs for DOCS-RISK-68-001 — Export Guild — Due 2025-12-11 — Open.
- Deliver OAuth2/PAT scope matrix + tenancy header rules for DOCS-SEC-62-001 — Security Guild · Authority Core — Due 2025-12-11 — Open.
- Provide telemetry privacy controls + opt-in debug flow for DOCS-SEC-OBS-50-001 — Security Guild — Due 2025-12-11 — Open.
- Supply SPL weighting guidance + sample predicates for DOCS-SIG-26-004 — Policy Guild — Due 2025-12-10 — Open.
- Provide CLI reachability command updates and automation recipes for DOCS-SIG-26-006 — DevEx/CLI Guild — Due 2025-12-12 — Open.
- Hand over incident-mode activation/escalation checklist for DOCS-RUNBOOK-55-001 — Ops Guild — Due 2025-12-10 — Open.
- Escalate to Guild leads if any Md.IX inputs miss due dates (12-09..12) and re-plan by 2025-12-13 — Docs Guild — Due 2025-12-13 — Open.
- Send reminder pings to all Md.IX owning guilds 24h before due dates (start 2025-12-09) — Project Mgmt — Due 2025-12-09 — Open.
| Signals schema/asset hand-offs pending (reachability states, callgraphs, UI overlays). | Blocks DOCS-SIG-26-001..007 sequence. | Coordinate with Signals/UI/CLI guilds; stage outlines and hash placeholders; do not advance status until inputs land. |
| SDK generator outputs not finalized across four languages. | Delays DOCS-SDK-62-001 and downstream language guides. | Ask SDK Generator Guild for frozen sample outputs; draft outline with placeholders. |
| Md.IX input due dates (Dec 912) slip without re-plan. | Pushes all Md.IX docs; risks missing sprint window. | Escalate to guild leads on 2025-12-13 and rebaseline dates; keep action tracker updated. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalised sprint to docs/implplan template and renamed file to `SPRINT_0309_0001_0009_docs_tasks_md_ix.md`; no task status changes. | Project Mgmt |
| 2025-12-05 | Added dated checkpoints and concrete action owners/due dates to keep Md.IX tasks moving while waiting on upstream assets. | Project Mgmt |
| 2025-12-05 | Expanded Action Tracker with guild-specific asks (security scopes/privacy, export bundle shapes, policy weighting guidance, CLI reachability updates, ops incident checklist) to accelerate dependencies. | Project Mgmt |
| 2025-12-05 | Synced Md.IX blockers into `BLOCKED_DEPENDENCY_TREE.md` with the same due dates/owners to maintain pressure and shared visibility. | Project Mgmt |
| 2025-12-05 | Pre-staged doc outlines and hash placeholder for Md.IX tasks (`docs/console/risk-ui.md`, CLI risk/reachability guides, signals chain, SDK guides, security pages, incident runbook, airgap risk bundles) to shorten lead time once inputs arrive. | Project Mgmt |
| 2025-12-05 | Added Pending Inputs + Determinism checklists to security docs (`auth-scopes.md`, `redaction-and-privacy.md`) and noted upcoming risk provenance update in `aoc-invariants.md` to keep guilds aligned with due dates. | Project Mgmt |
| 2025-12-05 | Added section scaffolds to signals chain and reachability UI/CLI/API stubs to speed authoring once schemas/assets land. | Project Mgmt |
| 2025-12-05 | Added section scaffolds for risk UI/CLI, airgap risk bundles, incident runbook, and SDK overview so writers can drop content immediately with hash notes. | Project Mgmt |
| 2025-12-05 | Added `SHA256SUMS` placeholders for Md.IX doc folders (airgap, sdks, signals, policy, ui, api, runbooks) to keep determinism workflow ready for incoming assets. | Project Mgmt |
| 2025-12-05 | Added language-specific scaffolds to SDK guides (TS/Python/Go/Java) to reduce time-to-first-draft once generator outputs arrive. | Project Mgmt |
| 2025-12-05 | Added escalation action (escalate on 2025-12-13 if inputs miss due dates) and risk mitigation for schedule slip. | Project Mgmt |
| 2025-12-06 | Added reminder action (pings starting 2025-12-09) to ensure Md.IX inputs land on time. | Project Mgmt |

106
docs/implplan/documentation-sprints/SPRINT_0310_0001_0010_docs_tasks_md_x.md Normal file
View File

@@ -0,0 +1,106 @@
# Sprint 0310 · Documentation & Process — Docs Tasks Md.X
## Topic & Scope
- Advance the tenth Docs Tasks wave (Md.X) with tenancy, reachability, scanner surface/bench, and VEX consensus documentation ready for downstream consumers.
- Align doc outputs with upstream implementation sprints (Surface, Tenancy, VEX Lens) and ensure guidance stays deterministic/offline-friendly.
- Evidence expected: published/updated markdown in `docs/**` plus traceable task status in this sprint.
- **Working directory:** `docs/implplan` (coordination) and `docs/` (module and runbook docs referenced in Delivery Tracker).
## Dependencies & Concurrency
- Upstream dependency: Sprint 200.A - Docs Tasks.Md.IX and any blockers listed in `BLOCKED_DEPENDENCY_TREE.md`. Review before moving tasks to DOING.
- Parallel-safe with other docs sprints; maintain deterministic ordering by Task ID when updating tables.
## Documentation Prerequisites
- docs/README.md; docs/07_HIGH_LEVEL_ARCHITECTURE.md; docs/modules/platform/architecture-overview.md.
- Module dossiers relevant to tasks: docs/modules/scanner/architecture.md; docs/modules/vex-lens/architecture.md; docs/modules/authority/architecture.md; docs/modules/cli/architecture.md.
- Tenancy/security ADRs referenced in DVDO0110; surface/replay notes (SCANNER-SURFACE-04, RPRC0101) when available.
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-SIG-26-008 | DOING | Skeleton drafted; still needs DOCS-SIG-26-007 + notifications hooks (058_NOTY0101) | Docs Guild; DevOps Guild | Write `/docs/migration/enable-reachability.md` covering rollout, fallbacks, monitoring. |
| 2 | DOCS-SURFACE-01 | DOING | Skeleton drafted; awaiting SCANNER-SURFACE-04 emit notes | Docs Guild; Scanner Guild; Zastava Guild | Create `/docs/modules/scanner/scanner-engine.md` for Surface.FS/Env/Secrets workflow across Scanner/Zastava/Scheduler/Ops. |
| 3 | DOCS-SCANNER-BENCH-62-002 | DOING | Skeleton drafted; awaiting SCSA0301 inputs | Docs Guild; Product Guild | Capture customer demand for Windows/macOS analyzer coverage and document outcomes. |
| 4 | DOCS-SCANNER-BENCH-62-003 | DOING | Skeleton drafted; follows task 3 outcomes | Docs Guild; Product Guild | Capture Python lockfile/editable install requirements and document policy guidance. |
| 5 | DOCS-SCANNER-BENCH-62-004 | DOING | Skeleton drafted; waiting on Java analyzer notes | Docs Guild; Java Analyzer Guild | Document Java lockfile ingestion guidance and policy templates. |
| 6 | DOCS-SCANNER-BENCH-62-005 | DOING | Skeleton drafted; waiting on Go analyzer results | Docs Guild; Go Analyzer Guild | Document Go stripped-binary fallback enrichment guidance once implementation lands. |
| 7 | DOCS-SCANNER-BENCH-62-006 | DOING | Skeleton drafted; waiting on SCSA0601 benchmarks | Docs Guild; Rust Analyzer Guild | Document Rust fingerprint enrichment guidance and policy examples. |
| 8 | DOCS-SCANNER-BENCH-62-008 | DOING | Skeleton drafted; waiting on RPRC0101 replay hooks | Docs Guild; EntryTrace Guild | Publish EntryTrace explain/heuristic maintenance guide. |
| 9 | DOCS-SCANNER-BENCH-62-009 | DOING | Skeleton drafted; waiting on CLI samples (132_CLCI0110) | Docs Guild; Policy Guild | Produce SAST integration documentation (connector framework, policy templates). |
| 10 | DOCS-TEN-47-001 | DOING | Skeletons drafted; waiting on DVDO0110 tenancy ADR | Docs Guild; Authority Core | Publish `/docs/security/tenancy-overview.md` and `/docs/security/scopes-and-roles.md` outlining scope grammar, tenant model, imposed rule reminder. |
| 11 | DOCS-TEN-48-001 | DOING | Skeletons drafted; depends on DOCS-TEN-47-001 | Docs Guild; Platform Ops | Publish `/docs/operations/multi-tenancy.md`, `/docs/operations/rls-and-data-isolation.md`, `/docs/console/admin-tenants.md`. |
| 12 | DOCS-TEN-49-001 | DOING | Skeletons drafted; env vars pending DVDO0110 monitoring plan | Docs Guild; DevEx Guilds | Publish `/docs/modules/cli/guides/authentication.md`, `/docs/api/authentication.md`, `/docs/policy/examples/abac-overlays.md`, update `/docs/install/configuration-reference.md` with new env vars (include imposed rule line). |
| 13 | DOCS-TEST-62-001 | DOING | Skeleton drafted; awaiting DOSK0101 examples | Docs Guild; Contract Testing Guild | Author `/docs/testing/contract-testing.md` covering mock server, replay tests, golden fixtures. |
| 14 | DOCS-VEX-30-001 | DOING | Skeleton drafted; needs PLVL0102 schema snapshot | Docs Guild; VEX Lens Guild | Publish `/docs/vex/consensus-overview.md` describing purpose, scope, AOC guarantees. |
| 15 | DOCS-VEX-30-002 | DOING | Skeleton drafted; depends on DOCS-VEX-30-001 | Docs Guild; VEX Lens Guild | Author `/docs/vex/consensus-algorithm.md` covering normalization, weighting, thresholds, examples. |
| 16 | DOCS-VEX-30-003 | DOING | Skeleton drafted; awaiting issuer directory inputs | Docs Guild; Issuer Directory Guild | Document `/docs/vex/issuer-directory.md` (issuer management, keys, trust overrides, audit). |
| 17 | DOCS-VEX-30-004 | DOING | Skeleton drafted; awaiting PLVL0102 policy join notes | Docs Guild; VEX Lens Guild | Publish `/docs/vex/consensus-api.md` with endpoint specs, query params, rate limits. |
| 18 | DOCS-VEX-30-005 | DOING | Skeleton drafted; awaiting console overlay assets | Docs Guild; Console Guild | Write `/docs/vex/consensus-console.md` covering UI workflows, filters, conflicts, accessibility. |
| 19 | DOCS-VEX-30-006 | DOING | Skeleton drafted; needs waiver/exception guidance | Docs Guild; Policy Guild | Add `/docs/policy/vex-trust-model.md` detailing policy knobs, thresholds, simulation. |
| 20 | DOCS-VEX-30-007 | DOING | Skeleton drafted; needs SBOM/VEX dataflow spec | Docs Guild; SBOM Service Guild | Publish `/docs/sbom/vex-mapping.md` (CPE→purl strategy, edge cases, overrides). |
| 21 | DOCS-VEX-30-008 | DOING | Skeleton drafted; pending security review (DVDO0110) | Docs Guild; Security Guild | Deliver `/docs/security/vex-signatures.md` (verification flow, key rotation, audit). |
| 22 | DOCS-VEX-30-009 | DOING | Skeleton drafted; pending DevOps rollout plan | Docs Guild; DevOps Guild | Create `/docs/runbooks/vex-ops.md` for recompute storms, mapping failures, signature errors. |
## Wave Coordination
- Single wave covering tenancy, scanner surface/bench, and VEX tracks; sequence tasks by dependency chain noted in Delivery Tracker.
## Wave Detail Snapshots
- Pre-draft lane (in progress, skeleton-only to cut start latency):
- Tenancy trio: `/docs/security/tenancy-overview.md`, `/docs/security/scopes-and-roles.md`, `/docs/operations/multi-tenancy.md` — outline structure, add TODO callouts for ADR inputs, and reserve imposed-rule reminders.
- Reachability migration: `/docs/migration/enable-reachability.md` — rollout phases, fallback playbook, monitoring hooks placeholders.
- VEX consensus set: `/docs/vex/consensus-overview.md`, `/docs/vex/consensus-algorithm.md`, `/docs/vex/issuer-directory.md`, `/docs/vex/consensus-api.md` — shared front-matter + glossary; stub examples section for PLVL0102 data.
- Scanner surface/bench: `/docs/modules/scanner/scanner-engine.md` and `/docs/modules/scanner/benchmarks/*.md` — frame sections for Surface.FS/Env/Secrets flow, OS coverage, language lockfiles, stripped/entrytrace/SAST enrichers.
- Contract testing: `/docs/testing/contract-testing.md` — outline for mock server, replay fixtures, golden files, determinism guardrails.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalised sprint to standard template; clarified header; moved interlocks into Decisions & Risks; no status changes. | Project Mgmt |
## Decisions & Risks
- **Risk:** Tenancy docs (DOCS-TEN-47/48/49) require DVDO0110 decisions and CLI/env var confirmations; keep DOING with placeholders until ADR lands.
- **Risk:** Reachability migration guide depends on DOCS-SIG-26-007 and notifications hook readiness (058_NOTY0101); keep coordination with Signals/Notify guilds.
- **Risk:** Scanner surface/bench docs depend on analyzer outputs (SCSA0301, SCSA0601), replay hooks (RPRC0101), and CLI samples (132_CLCI0110); leave DOING skeletons until evidence delivered.
- **Risk:** VEX consensus series depends on PLVL0102 schemas, issuer directory inputs, and DevOps rollout plans for signatures/ops; block finalization on schema snapshots and rollout plan.
- **Decision:** Maintain single-wave execution; task ordering follows Delivery Tracker to preserve dependency chain determinism.
## Upcoming Checkpoints
- 2025-12-07 15:00 UTC — 20-min skeleton-sync to align outlines and branch contents across guild writers.
- 2025-12-08 15:00 UTC — daily micro-sync to triage incoming ADR/schema/logs and assign fill-ins.
- 2025-12-09 15:00 UTC — dependency check-in with Security, DevOps, VEX, Surface guilds (confirm DVDO0110, PLVL0102, SCANNER-SURFACE-04 readiness).
## Action Tracker
| Action | Owner | Due (UTC) | Status | Notes |
| --- | --- | --- | --- | --- |
| Collect DVDO0110 tenancy ADR and monitoring plan | Docs PM | 2025-12-08 | DOING | Outreach started; schedule follow-up if no packet by EOD 12-06. |
| Retrieve Surface emit notes (SCANNER-SURFACE-04) and replay hooks (RPRC0101) | Docs PM | 2025-12-08 | DOING | Pinged Surface and Replay owners; waiting on logs bundle. |
| Obtain PLVL0102 schema snapshot and issuer directory inputs | Docs PM | 2025-12-09 | DOING | VEX Lens/Issuer leads looped; expect draft schema by 12-07. |
| Draft skeletons for tenancy, reachability, VEX consensus, scanner bench docs (placeholders, section headers, TODO callouts) | Docs Guild | 2025-12-07 | DOING | Keeps writers moving; swap TODOs once inputs land. |
| Prep contract-testing doc outline and fixture checklist | Docs Guild | 2025-12-07 | DOING | Aligns with DOSK0101 guidance; ready to merge once examples arrive. |
| Create stub files/PR branch for all skeletons listed in Wave Detail Snapshots | Docs Guild | 2025-12-07 | DONE | Stub files added in working tree; branch optional if reviewers prefer. |
| Open working branch `feature/docs-mdx-skeletons` with placeholder files and TODO callouts | Docs Guild | 2025-12-07 | DONE | Branch created for review; stubs/TODOs committed there. |
| Draft outline headings for tenancy trio, reachability guide, VEX set, scanner engine/bench, contract-testing | Docs Guild | 2025-12-07 | DONE | Skeleton headings and TODO callouts laid down. |
| Prepare fallback “TBD-tagged” placeholder PR if inputs slip past 2025-12-09 check-in | Docs Guild | 2025-12-09 | PLANNED | Ensures docs land with explicit TBDs rather than missing coverage. |
| Commit & push branch `feature/docs-mdx-skeletons` once credentials/hook window available | Docs Guild | 2025-12-06 | PLANNED | Local commit/push pending; staging is ready. |
## Decisions & Risks
| Risk | Impact | Mitigation | Owner |
| --- | --- | --- | --- |
| Upstream dependencies (DVDO0110, DOCS-SIG-26-007, analyzer outputs) slip | Doc set misses release window or ships with gaps | Track blockers via `BLOCKED_DEPENDENCY_TREE.md`, gate DOING until inputs land, use interim placeholders only with explicit notes | Docs Guild |
| Cross-module docs drift in style/terminology | Increased review churn and inconsistent guidance | Align with module dossiers and shared glossary; peer review across guilds before marking tasks DONE | Docs Guild |
| Filename change from legacy sprint reference | References could break in aggregators | Replace references in aggregators; note rename in Execution Log | Project management |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalized sprint to template; renamed from `SPRINT_310_docs_tasks_md_x.md` to `SPRINT_0310_0001_0010_docs_tasks_md_x.md`; no task status changes. | Project management |
| 2025-12-05 | Marked all tasks BLOCKED pending upstream inputs; added checkpoint and action tracker to keep momentum once dependencies land. | Project management |
| 2025-12-05 | Started dependency collection and prepped doc skeleton workstreams to reduce start latency when inputs arrive. | Project management |
| 2025-12-05 | Added pre-draft lane and stub-file plan; owners moving on outlines while dependencies arrive. | Project management |
| 2025-12-05 | Moved stub-branch actions to DOING and queued outline drafting to keep writers busy until inputs unblock. | Project management |
| 2025-12-05 | Scheduled upcoming micro-syncs and added fallback TBD-PR plan to avoid idle time if dependencies slip. | Project management |
| 2025-12-05 | Drafted skeleton docs for reachability, surface, tenancy set, CLI/API auth, ABAC overlays, contract testing, VEX series, and scanner bench tracks; advanced related tasks to DOING while inputs remain pending. | Project management |
| 2025-12-05 | Recorded progress in Action Tracker: stub files landed; outlines complete; branch creation deferred unless reviewers request. | Project management |
| 2025-12-05 | Created branch `feature/docs-mdx-skeletons` to stage skeleton work for review. | Project management |
| 2025-12-05 | Commit/push still pending (credentials/hook window); all files staged on `feature/docs-mdx-skeletons`. | Project management |
| 2025-12-06 | Scheduled 2025-12-07 skeleton-sync and defined working branch name for placeholders. | Project management |

115
docs/implplan/documentation-sprints/SPRINT_0311_0001_0001_docs_tasks_md_xi.md Normal file
View File

@@ -0,0 +1,115 @@
# Sprint 0311 · Documentation & Process · Docs Tasks Md.XI
## Topic & Scope
- Phase Md.XI of the docs ladder covering Vuln Explorer + Findings Ledger: overview, console, API, CLI, ledger, policy, VEX, advisories, SBOM, observability, security, ops, and install guides.
- Deliver offline/deterministic artifacts (hash manifests for captures and payloads) aligned with Vuln Explorer and Findings Ledger schemas.
- **Working directory:** `docs/` (Vuln Explorer + Findings Ledger docs; fixtures/assets under `docs/assets/vuln-explorer/**`). Active items only; completed work lives in `docs/implplan/archived/tasks.md` (updated 2025-11-08).
## Dependencies & Concurrency
- Upstream: Md.X hand-off (SPRINT_0310_0001_0010_docs_tasks_md_x) plus Vuln Explorer GRAP0101 contract and Findings Ledger replay/Merkle notes.
- Concurrency: coordinate UI/CLI/Policy/DevOps asset drops; avoid back edges to Md.VIII/IX risk ladders and reachability doc sprints.
- BLOCKED tasks must mirror `BLOCKED_DEPENDENCY_TREE.md` before movement.
## Documentation Prerequisites
- `docs/README.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/modules/vuln-explorer/architecture.md`
- `docs/modules/findings-ledger/README.md`
- `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DOCS-VULN-29-001 | DOING | Outline stub drafted at `docs/vuln/explorer-overview.md`; ✅ GRAP0101 contract now available at `docs/schemas/vuln-explorer.schema.json`. Integration checklist at `docs/vuln/GRAP0101-integration-checklist.md`. | Docs Guild · Vuln Explorer Guild | Publish `/docs/vuln/explorer-overview.md` covering domain model, identities, AOC guarantees, workflow summary. |
| 2 | DOCS-VULN-29-002 | TODO | Blocked on #1 content; draft stub at `docs/vuln/explorer-using-console.md` pending assets. | Docs Guild · Console Guild | Write `/docs/vuln/explorer-using-console.md` with workflows, screenshots, keyboard shortcuts, saved views, deep links. |
| 3 | DOCS-VULN-29-003 | TODO | Draft stub at `docs/vuln/explorer-api.md`; needs GRAP0101 schema + asset samples after #2. | Docs Guild · Vuln Explorer API Guild | Author `/docs/vuln/explorer-api.md` (endpoints, query schema, grouping, errors, rate limits). |
| 4 | DOCS-VULN-29-004 | TODO | Stub at `docs/vuln/explorer-cli.md`; awaiting API schema + CLI samples from #3. | Docs Guild · DevEx/CLI Guild | Publish `/docs/vuln/explorer-cli.md` with command reference, samples, exit codes, CI snippets. |
| 5 | DOCS-VULN-29-005 | TODO | Stub at `docs/vuln/findings-ledger.md`; awaits GRAP0101 + security review + CLI flow (#4). | Docs Guild · Findings Ledger Guild | Write `/docs/vuln/findings-ledger.md` detailing event schema, hashing, Merkle roots, replay tooling. |
| 6 | DOCS-VULN-29-006 | TODO | Stub at `docs/policy/vuln-determinations.md`; awaiting signals/sim semantics from #5 + DevOps plan. | Docs Guild · Policy Guild | Update `/docs/policy/vuln-determinations.md` for new rationale, signals, simulation semantics. |
| 7 | DOCS-VULN-29-007 | TODO | Stub at `docs/vex/explorer-integration.md`; waiting on CSAF mapping + suppression precedence after #6. | Docs Guild · Excititor Guild | Publish `/docs/vex/explorer-integration.md` covering CSAF mapping, suppression precedence, status semantics. |
| 8 | DOCS-VULN-29-008 | TODO | Stub at `docs/advisories/explorer-integration.md`; requires export bundle spec + VEX integration from #7. | Docs Guild · Concelier Guild | Publish `/docs/advisories/explorer-integration.md` covering key normalization, withdrawn handling, provenance. |
| 9 | DOCS-VULN-29-009 | TODO | Stub at `docs/sbom/vuln-resolution.md`; needs SBOM/vuln scope guidance following #8. | Docs Guild · SBOM Service Guild | Author `/docs/sbom/vuln-resolution.md` detailing version semantics, scope, paths, safe version hints. |
| 10 | DOCS-VULN-29-010 | TODO | Stub at `docs/observability/vuln-telemetry.md`; awaiting DevOps telemetry plan after #9. | Docs Guild · Observability Guild | Publish `/docs/observability/vuln-telemetry.md` (metrics, logs, tracing, dashboards, SLOs). |
| 11 | DOCS-VULN-29-011 | TODO | Stub at `docs/security/vuln-rbac.md`; requires security review + role matrix after #10. | Docs Guild · Security Guild | Create `/docs/security/vuln-rbac.md` for roles, ABAC policies, attachment encryption, CSRF. |
| 12 | DOCS-VULN-29-012 | TODO | Stub at `docs/runbooks/vuln-ops.md`; depends on policy overlay outputs after #11. | Docs Guild · Ops Guild | Write `/docs/runbooks/vuln-ops.md` (projector lag, resolver storms, export failures, policy activation). |
| 13 | DOCS-VULN-29-013 | TODO | Pending images/manifests after #12; will update existing `/docs/install/containers.md` when available (no stub created to avoid conflicts). | Docs Guild · Deployment Guild | Update `/docs/install/containers.md` with Findings Ledger & Vuln Explorer API images, manifests, resource sizing, health checks. |
## Wave Coordination
- Single wave (Md.XI) covering Vuln Explorer + Findings Ledger docs; sequencing follows Delivery Tracker dependencies.
## Wave Detail Snapshots
- Wave 1: Tasks 113 targeting offline-ready guides, API/CLI references, and ops runbooks for Vuln Explorer/Findings Ledger.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalised sprint to standard template; clarified header; moved interlocks into Decisions & Risks; no status changes. | Project Mgmt |
## Decisions & Risks
- **Risk:** UI/CLI asset drops required for console and CLI guides (#2#4); keep TODO until assets with hashes arrive.
- **Risk:** Policy and DevOps rollout notes needed before publishing determinations and telemetry content (#6, #10); block until signals/simulation semantics and SLOs are provided.
- **Risk:** Export bundle and advisories provenance spec needed for integration doc (#8) and downstream SBOM/install updates; wait for specs before progressing.
- **Decision:** Single-wave execution; tasks follow Delivery Tracker dependency order to keep Vuln Explorer/Findings Ledger chain coherent.
## Next Checkpoints
- 2025-12-09 · Vuln Explorer asset drop: deliver console screenshots, API examples, and CLI snippets for tasks #2#4. Owners: Vuln Explorer Guild · Docs Guild.
- 2025-12-16 · Policy/DevOps sync: confirm signals/simulation semantics and telemetry SLOs for tasks #6 and #10. Owners: Policy Guild · DevOps Guild · Docs Guild.
- 2025-12-20 · Publication gate: final content review and hash manifest check before shipping Md.XI set. Owner: Docs Guild.
## Action Tracker
- Collect console screenshots + CLI snippets with hashes for DOCS-VULN-29-002/003/004 — Vuln Explorer Guild — Due 2025-12-09 — Open.
- Provide signals/simulation semantics + telemetry SLOs for DOCS-VULN-29-006/010 — Policy Guild · DevOps Guild — Due 2025-12-16 — Open.
- Deliver export bundle/advisory provenance spec for DOCS-VULN-29-008 — Concelier Guild — Due 2025-12-18 — Open.
| Collect GRAP0101 contract snapshot for Vuln Explorer overview. | Docs Guild | 2025-12-08 | ✅ DONE (schema at `docs/schemas/vuln-explorer.schema.json`) |
| Request export bundle spec + provenance notes for advisories integration. | Concelier Guild | 2025-12-12 | In Progress |
| Prepare hash manifest template for screenshots/payloads under `docs/assets/vuln-explorer/`. | Docs Guild | 2025-12-10 | DONE |
| Request console/UI/CLI asset drop (screens, payloads, samples) for DOCS-VULN-29-002..004. | Vuln Explorer Guild · Console Guild · DevEx/CLI Guild | 2025-12-09 | In Progress |
| Secure DevOps telemetry plan for Vuln Explorer metrics/logs/traces (task #10). | DevOps Guild | 2025-12-16 | Open |
| Security review for RBAC/attachment token wording (task #11) and hashing posture. | Security Guild | 2025-12-18 | Open |
| Prepare asset directories under `docs/assets/vuln-explorer/**` for console/API/CLI/ledger/telemetry/RBAC/runbook/advisory/SBOM/VEX samples; hash in SHA256SUMS on arrival. | Docs Guild | 2025-12-10 | DONE |
| Pre-fill SHA256SUMS with placeholder lines for expected assets to speed hash capture on drop. | Docs Guild | 2025-12-10 | DONE |
| Escalate to platform PM if GRAP0101 contract not delivered by 2025-12-09 (blocks entire Md.XI chain). | Docs Guild | 2025-12-09 | Open |
## Decisions & Risks
### Decisions
| Decision | Owner(s) | Due | Notes |
| --- | --- | --- | --- |
| Md.XI scope fixed to Vuln Explorer + Findings Ledger doc chain; no new module docs added this wave. | Docs Guild | 2025-12-05 | Keeps ladder narrow and preserves dependency ordering. |
### Risks
| Risk | Impact | Mitigation |
| --- | --- | --- |
| Console/API/CLI assets arrive late. | Delays tasks #2#4 and downstream chain (#5#13). | Request early text stubs and payload samples; keep tasks TODO until hashes captured. |
| Export bundle and advisories provenance spec not delivered. | Blocks task #8 and downstream SBOM/observability/install docs. | Track in Action Tracker; mirror blocker in `BLOCKED_DEPENDENCY_TREE.md` if slip past 2025-12-12. |
| Policy/DevOps semantics churn. | Rework across tasks #6 and #10#12. | Hold publish until 2025-12-16 sync; capture versioned assumptions in doc footers. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Normalised sprint to docs/implplan template; renamed file to `SPRINT_0311_0001_0001_docs_tasks_md_xi.md`; no task status changes. | Project Mgmt |
| 2025-12-05 | Kicked off Md.XI: moved DOCS-VULN-29-001 to DOING; drafting outline using existing Vuln Explorer architecture notes while waiting on GRAP0101 contract. | Project Mgmt |
| 2025-12-05 | Marked GRAP0101 contract collection as In Progress; prepped outline structure to receive contract inputs and planned hash manifest template location under `docs/assets/vuln-explorer/`. | Project Mgmt |
| 2025-12-05 | Created hash manifest placeholder `docs/assets/vuln-explorer/SHA256SUMS` to keep deterministic captures ready; marked action as DONE. | Project Mgmt |
| 2025-12-05 | Initiated outreach for export bundle spec/provenance notes (Concelier Guild) to unblock DOCS-VULN-29-008 and downstream SBOM/observability/install docs; action now In Progress. | Project Mgmt |
| 2025-12-05 | Requested console/UI/CLI asset drop (screens, payloads, samples) to unblock DOCS-VULN-29-002..004; tracking in Action Tracker with 2025-12-09 due. | Project Mgmt |
| 2025-12-05 | Drafted outline stub for DOCS-VULN-29-001 at `docs/vuln/explorer-overview.md`; placeholders marked pending GRAP0101 and asset drops; kept task at DOING. | Docs Guild |
| 2025-12-05 | Enriched overview stub with current architecture details (entities, ABAC scopes, workflow, AOC chain) while retaining GRAP0101 placeholders; no status change to DOCS-VULN-29-001. | Docs Guild |
| 2025-12-05 | Added console guide stub `docs/vuln/explorer-using-console.md`; retains TODO status until GRAP0101 + UI assets arrive; noted hash requirements. | Docs Guild |
| 2025-12-05 | Added API guide stub `docs/vuln/explorer-api.md`; waiting on GRAP0101 field names and asset payloads; DOCS-VULN-29-003 remains TODO. | Docs Guild |
| 2025-12-05 | Added CLI guide stub `docs/vuln/explorer-cli.md`; pending API schema + CLI samples; DOCS-VULN-29-004 stays TODO. | Docs Guild |
| 2025-12-05 | Added findings ledger doc stub `docs/vuln/findings-ledger.md`; pending GRAP0101 alignment and security review; DOCS-VULN-29-005 remains TODO. | Docs Guild |
| 2025-12-05 | Added policy determinations stub `docs/policy/vuln-determinations.md`; awaiting signals/simulation semantics and DevOps rollout; DOCS-VULN-29-006 remains TODO. | Docs Guild |
| 2025-12-05 | Added stubs for VEX integration, advisories integration, SBOM resolution, telemetry, RBAC, and ops runbook (`docs/vex/explorer-integration.md`, `docs/advisories/explorer-integration.md`, `docs/sbom/vuln-resolution.md`, `docs/observability/vuln-telemetry.md`, `docs/security/vuln-rbac.md`, `docs/runbooks/vuln-ops.md`); tasks #7#12 remain TODO pending upstream inputs. | Docs Guild |
| 2025-12-05 | Added Action Tracker items for telemetry plan (DevOps) and security review (RBAC/attachments hashing) to unblock tasks #10#11; statuses Open. | Project Mgmt |
| 2025-12-05 | Filled additional architecture-aligned details into overview and VEX integration stubs (VEX-first ordering, workflow refinement); tasks remain DOING/TODO awaiting GRAP0101 and assets. | Docs Guild |
| 2025-12-05 | Added hash capture checklists to console/API/CLI/ledger stubs to accelerate deterministic publishing once assets land; task statuses unchanged. | Docs Guild |
| 2025-12-05 | Added hash capture checklists to remaining stubs (VEX, advisories, SBOM, telemetry, RBAC, ops runbook) to streamline asset hashing on arrival; tasks remain TODO. | Docs Guild |
| 2025-12-05 | Synced Vulnerability Explorer module charter alignment: confirmed `docs/modules/vuln-explorer/AGENTS.md` reviewed; stubs respect determinism/offline guardrails. | Docs Guild |
| 2025-12-05 | Created asset staging directories under `docs/assets/vuln-explorer/` with READMEs; Action Tracker item marked DONE to enable quick hash capture on asset drop. | Docs Guild |
| 2025-12-05 | Expanded overview stub with triage state machine and offline bundle expectations from module architecture; DOCS-VULN-29-001 remains DOING pending GRAP0101. | Docs Guild |
| 2025-12-05 | Added escalation action for GRAP0101 delay (due 2025-12-09) to avoid idle time; no status changes. | Docs Guild |
| 2025-12-05 | Added GRAP0101 integration checklist `docs/vuln/GRAP0101-integration-checklist.md` to speed field propagation across Md.XI stubs once contract arrives. | Docs Guild |
| 2025-12-05 | Prefilled `docs/assets/vuln-explorer/SHA256SUMS` with placeholders for expected assets to reduce turnaround when hashes land. | Docs Guild |
| 2025-12-06 | ✅ GRAP0101 contract created at `docs/schemas/vuln-explorer.schema.json` — 13 Md.XI tasks unblocked; domain models (VulnSummary, VulnDetail, FindingProjection, TimelineEntry) now available for integration. Action tracker item marked DONE. | System |

58
docs/implplan/documentation-sprints/SPRINT_0312_0001_0001_docs_modules_advisory_ai.md Normal file
View File

@@ -0,0 +1,58 @@
# Sprint 0312 · Docs Modules · Advisory AI
Active items only. Completed/historic work live in `docs/implplan/archived/tasks.md` (updated 2025-11-08).
## Topic & Scope
- Refresh Advisory AI module docs (README, dossier, TASKS) to align with latest artefacts and sprint references.
- Ensure sprint filename/template compliance and deterministic doc assets.
- **Working directory:** `docs/modules/advisory-ai`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once release artefacts are available.
## Documentation Prerequisites
- `docs/modules/advisory-ai/AGENTS.md`
- `docs/modules/advisory-ai/README.md`
- `docs/modules/advisory-ai/architecture.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | ADVISORY-AI-DOCS-0001 | DONE (2025-11-24) | — | Docs Guild (`docs/modules/advisory-ai`) | Align module docs with AGENTS.md and latest artefacts. |
| 2 | ADVISORY-AI-ENG-0001 | DONE (2025-11-24) | — | Module Team (`docs/modules/advisory-ai`) | Sync implementation milestones into TASKS/README. |
| 3 | ADVISORY-AI-OPS-0001 | DONE (2025-11-24) | — | Ops Guild (`docs/modules/advisory-ai`) | Document ops outputs/runbooks in README; keep offline posture. |
## Wave Coordination
- Single wave delivered; no open items.
## Wave Detail Snapshots
- Not required; all tasks are DONE.
## Interlocks
- None open; reuse BLOCKED review rule if new tasks are added.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| None | — | — | All actions closed with wave completion. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0312_0001_0001_docs_modules_advisory_ai.md` and normalised to doc sprint template. | Project Mgmt |
| 2025-11-24 | Refreshed module README outputs/artefacts, linked dossier from `docs/README.md`, and added `docs/modules/advisory-ai/TASKS.md` with synced statuses. | Docs Guild |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | File renamed to standard format; references must use new filename. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | All tasks DONE; add checkpoint if new advisory AI docs work is added. | Docs Guild |

43
docs/implplan/documentation-sprints/SPRINT_0313_0001_0001_docs_modules_attestor.md Normal file
View File

@@ -0,0 +1,43 @@
# Sprint 0313 · Docs Modules · Attestor
## Topic & Scope
- Refresh Attestor module docs (README, architecture, implementation plan, runbooks) to match latest release notes and attestation samples.
- Add observability/runbook stub and TASKS mirror for status syncing.
- Keep sprint references aligned with normalized filename.
- **Working directory:** `docs/modules/attestor`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once release/demo artefacts are available.
## Documentation Prerequisites
- `docs/modules/attestor/AGENTS.md`
- `docs/modules/attestor/README.md`
- `docs/modules/attestor/architecture.md`
- `docs/modules/attestor/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | ATTESTOR-DOCS-0001 | DONE (2025-11-05) | Validate README vs release notes. | Docs Guild (`docs/modules/attestor`) | Validate that `docs/modules/attestor/README.md` matches latest release notes and attestation samples. |
| 2 | ATTESTOR-OPS-0001 | BLOCKED (2025-11-30) | Waiting on next demo outputs to update runbooks/observability. | Ops Guild (`docs/modules/attestor`) | Review runbooks/observability assets after the next sprint demo and capture findings inline with sprint notes. |
| 3 | ATTESTOR-ENG-0001 | DONE (2025-11-27) | Readiness tracker added. | Module Team (`docs/modules/attestor`) | Cross-check implementation plan milestones against `/docs/implplan/SPRINT_*.md` and update module readiness checkpoints. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_313_docs_modules_attestor.md`; added compatibility stub. | Docs Guild |
| 2025-11-05 | Completed ATTESTOR-DOCS-0001 per release notes and samples. | Docs Guild |
| 2025-11-27 | Added readiness tracker to implementation plan (ATTESTOR-ENG-0001). | Module Team |
| 2025-11-30 | Added observability runbook stub + dashboard placeholder; ATTESTOR-OPS-0001 set to BLOCKED pending next demo outputs. | Ops Guild |
## Decisions & Risks
- Ops/runbook updates blocked until next Attestor demo provides observability evidence.
- Keep sprint and TASKS mirrored to avoid drift.
- Offline posture must be preserved; dashboards remain JSON importable.
## Next Checkpoints
- 2025-12-05 · Reassess Attestor demo outputs; if available, unblock ATTESTOR-OPS-0001 and update runbook/dashboard. Owner: Ops Guild.

58
docs/implplan/documentation-sprints/SPRINT_0314_0001_0001_docs_modules_authority.md Normal file
View File

@@ -0,0 +1,58 @@
# Sprint 0314 · Docs Modules · Authority
## Topic & Scope
- Refresh Authority module docs (README, architecture, implementation plan, runbooks) to reflect current OpTok/DPoP/mTLS posture, tenant scoping, and offline readiness.
- Stand up a TASKS board and mirror statuses with this sprint.
- Ensure observability/runbook references stay aligned with existing monitoring/Grafana assets.
- **Working directory:** `docs/modules/authority`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once prerequisite docs are available.
## Documentation Prerequisites
- `docs/modules/authority/AGENTS.md`
- `docs/modules/authority/README.md`
- `docs/modules/authority/architecture.md`
- `docs/modules/authority/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | AUTHORITY-DOCS-0001 | DONE (2025-11-30) | Refresh module docs per latest OpTok/tenant scope posture. | Docs Guild (`docs/modules/authority`) | Refresh Authority module docs, add sprint/task links, and cross-link monitoring/grafana assets. |
| 2 | AUTHORITY-ENG-0001 | DONE (2025-11-27) | Sprint readiness tracker added. | Module Team (`docs/modules/authority`) | Implementation plan readiness tracker mapped to epics/sprints (already delivered). |
| 3 | AUTHORITY-OPS-0001 | DONE (2025-11-30) | Add TASKS board + observability references. | Ops Guild (`docs/modules/authority`) | Ensure monitoring/backup/rotation runbooks are linked and offline-friendly; mirror status via TASKS. |
| 4 | AUTH-GAPS-314-004 | DONE (2025-12-04) | Gap remediation docs added under `docs/modules/authority/gaps/`; awaiting signing of artefacts when produced. | Product Mgmt · Authority Guild | Address auth gaps AU1AU10 from `docs/product-advisories/31-Nov-2025 FINDINGS.md`: signed scope/role catalog + versioning, audience/tenant/binding enforcement matrix, DPoP/mTLS nonce policy, revocation/JWKS schema+freshness, key rotation governance, crypto-profile registry, offline verifier bundle, delegation quotas/alerts, ABAC schema/precedence, and auth conformance tests/metrics. |
| 5 | REKOR-RECEIPT-GAPS-314-005 | DONE (2025-12-04) | Gap remediation docs + layout published under `docs/modules/authority/gaps/`; dev-smoke DSSE bundles exist. Production signing will follow once Authority key is available. | Authority Guild · Attestor Guild · Sbomer Guild | Remediate RR1RR10: signed receipt schema + canonical hash, required fields (tlog URL/key, checkpoint, inclusion proof, bundle hash, policy hash), provenance (TUF snapshot, client version/flags), TSA/Fulcio chain, mirror metadata, repro inputs hash, offline verify script, storage/retention rules, metrics/alerts, and DSSE signing of schema/catalog. |
| 6 | AUTH-GAPS-ARTEFACTS | DOING (2025-12-04) | Draft artefacts staged under `docs/modules/authority/gaps/artifacts/`; hashes in `gaps/SHA256SUMS`; waiting on Authority signing key to DSSE. | Docs Guild | Generate and sign AU1AU10 artefacts (catalog, schemas, bundle manifest, binding matrix, quotas, ABAC, conformance tests); append DSSE once signed. |
| 7 | REKOR-RECEIPT-ARTEFACTS | DOING (2025-12-04) | Draft artefacts staged under `docs/modules/authority/gaps/artifacts/`; hashes in `gaps/SHA256SUMS`; waiting on Authority signing key to DSSE. | Docs Guild · Attestor Guild · Sbomer Guild | Generate and sign RR1RR10 artefacts (receipt schema, policy, bundle manifest, error taxonomy); append DSSE once signed. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_314_docs_modules_authority.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed AUTHORITY-DOCS-0001: updated README latest updates, added sprint/TASKS links, and observability references. | Docs Guild |
| 2025-11-27 | AUTHORITY-ENG-0001 previously delivered: readiness tracker added to implementation plan. | Module Team |
| 2025-11-30 | Completed AUTHORITY-OPS-0001: created TASKS board and aligned monitoring/Grafana references. | Ops Guild |
| 2025-12-01 | Added AUTH-GAPS-314-004 to track AU1AU10 remediation from `31-Nov-2025 FINDINGS.md`. | Product Mgmt |
| 2025-12-01 | Added REKOR-RECEIPT-GAPS-314-005 to track RR1RR10 remediation from `31-Nov-2025 FINDINGS.md`; status TODO pending receipt schema/bundle updates. | Product Mgmt |
| 2025-12-04 | AUTH-GAPS-314-004 DONE: published gap remediation package `docs/modules/authority/gaps/2025-12-04-auth-gaps-au1-au10.md` + evidence map and SHA index stub. Linked from README. | Docs Guild |
| 2025-12-04 | REKOR-RECEIPT-GAPS-314-005 DONE: published RR1RR10 remediation doc `docs/modules/authority/gaps/2025-12-04-rekor-receipt-gaps-rr1-rr10.md` with policy/schema/bundle layout and hashing/DSSE plan. | Docs Guild |
| 2025-12-04 | Drafted artefacts for AU1AU10 and RR1RR10 (catalogs, schemas, bundle manifests, matrices) under `docs/modules/authority/gaps/`; populated `SHA256SUMS`. All artefacts are unsigned and ready for DSSE once Authority key is available. | Docs Guild |
| 2025-12-05 | Added signing helper `tools/cosign/sign-authority-gaps.sh` for AU/RR artefacts; defaults to `docs/modules/authority/gaps/dsse/2025-12-04`; dev key allowed only via `COSIGN_ALLOW_DEV_KEY=1`. DSSE still pending Authority key. | Docs Guild |
| 2025-12-05 | Smoke-signed AU/RR artefacts with dev key into `docs/modules/authority/gaps/dev-smoke/2025-12-05/` using `sign-authority-gaps.sh` (COSIGN_ALLOW_DEV_KEY=1, no tlog). Production DSSE still pending real Authority key. | Docs Guild |
| 2025-12-05 | Recorded dev-smoke bundle hashes in `docs/modules/authority/gaps/dev-smoke/2025-12-05/SHA256SUMS`; kept main SHA256SUMS unchanged for production signing. | Docs Guild |
| 2025-12-05 | Added dev-smoke DSSE hash list for AU/RR artefacts (authority*, crypto profile, rekor receipt) to `dev-smoke/2025-12-05/SHA256SUMS`; production hash list remains in `gaps/SHA256SUMS` for future real signing. | Docs Guild |
## Decisions & Risks
- Offline posture must be preserved; dashboards stay JSON importable (no external datasources).
- Tenant-scope/Surface.Env/Surface.Secrets contracts must stay aligned with platform docs; update sprint/TASKS if they change.
- Keep sprint and TASKS mirrored to avoid drift.
- Rekor receipt schema/catalog changes (RR1RR10) must be signed and mirrored in Authority/Sbomer; artefacts drafted and hashed (see `gaps/`), DSSE signing still pending once Authority key is available.
- AU1AU10 artefacts drafted and hashed; DSSE signing pending. Keep SHA256SUMS/DSSE paths stable to avoid drift.
## Next Checkpoints
- 2025-12-05 · Verify grafana-dashboard.json still matches current metrics contract; update runbooks if changes land. Owner: Ops Guild.

57
docs/implplan/documentation-sprints/SPRINT_0315_0001_0001_docs_modules_ci.md Normal file
View File

@@ -0,0 +1,57 @@
# Sprint 0315 · Docs Modules · CI
## Topic & Scope
- Refresh the CI Recipes module docs (AGENTS, README, architecture, implementation plan) so contributors have a current charter and status mirror workflow.
- Stand up a TASKS board for the module and wire sprint references to the normalized filename for traceability.
- Keep guidance deterministic/offline-ready and ensure legacy references to the old sprint filename keep working.
- **Working directory:** `docs/modules/ci`.
## Dependencies & Concurrency
- Upstream context: Attestor 100.A, AdvisoryAI 110.A, AirGap 120.A, Scanner 130.A, Graph 140.A, Orchestrator 150.A, EvidenceLocker 160.A, Notifier 170.A, CLI 180.A, Ops Deployment 190.A.
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/ci/README.md`
- `docs/modules/ci/architecture.md`
- `docs/modules/ci/implementation_plan.md`
- `docs/modules/ci/AGENTS.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | CI RECIPES-DOCS-0001 | DONE (2025-11-25) | None; docs refreshed in this pass. | Docs Guild (docs/modules/ci) | Update module charter docs (AGENTS/README/architecture/implementation_plan) to reflect current CI Recipes scope, determinism, and offline posture. |
| 2 | CI RECIPES-ENG-0001 | DONE (2025-11-25) | Follows 0001 doc refresh. | Module Team (docs/modules/ci) | Establish TASKS board and status mirroring rules for CI Recipes contributors. |
| 3 | CI RECIPES-OPS-0001 | DONE (2025-11-25) | Follows 0001/0002; sync sprint naming. | Ops Guild (docs/modules/ci) | Sync outcomes back to sprint + legacy filename stub; ensure references resolve to normalized sprint path. |
## Wave Coordination
| Wave | Guild owners | Shared prerequisites | Status | Notes |
| --- | --- | --- | --- | --- |
| CI Docs Refresh | Docs Guild · Module Team | Required reading listed above | DONE | Single-pass documentation refresh; no staged waves. |
## Wave Detail Snapshots
- Not applicable (single-wave sprint).
## Interlocks
- Keep CI recipes aligned with offline/air-gap defaults and determinism guardrails documented in platform/architecture guides.
- Legacy sprint filename preserved via stub `SPRINT_315_docs_modules_ci.md` to avoid broken links.
## Upcoming Checkpoints
- None scheduled; schedule next review when CI recipes gain new pipelines.
## Action Tracker
| # | Action | Owner | Due (UTC) | Status |
| --- | --- | --- | --- | --- |
| 1 | Mirror any future CI recipe changes into sprint Delivery Tracker and `docs/modules/ci/TASKS.md`. | Module Team | Ongoing | Open |
## Decisions & Risks
- Decision: Sprint file normalized to standard template and renamed to `SPRINT_0315_0001_0001_docs_modules_ci.md`; legacy stub retained for references.
- Decision: TASKS board (`docs/modules/ci/TASKS.md`) is the status mirror alongside this sprint file.
- Risk: Future CI recipe updates could drift if TASKS and sprint file arent updated together; mitigated by Action 1.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-25 | Normalized sprint to template, renamed from `SPRINT_315_docs_modules_ci.md`, added legacy stub, refreshed CI module docs, created TASKS board, and marked CI RECIPES-0001/0002/0003 DONE. | Docs Guild |

44
docs/implplan/documentation-sprints/SPRINT_0316_0001_0001_docs_modules_cli.md Normal file
View File

@@ -0,0 +1,44 @@
# Sprint 0316 · Docs Modules · CLI
## Topic & Scope
- Refresh CLI module docs so AGENTS, README, architecture, and implementation plan reflect current CLI scope and active sprints.
- Capture status sync rules and ensure sprint references point to the normalized filename.
- Prep ops/runbook notes placeholder for upcoming demo outputs.
- **Working directory:** `docs/modules/cli`.
## Dependencies & Concurrency
- Upstream reference sprints: CLI roadmap (180.A) plus platform docs; no hard blockers for doc sync.
- Ops/runbook updates depend on next CLI demo outputs.
## Documentation Prerequisites
- docs/modules/cli/README.md
- docs/modules/cli/architecture.md
- docs/modules/cli/implementation_plan.md
- docs/modules/cli/AGENTS.md
- docs/modules/platform/architecture-overview.md
- docs/07_HIGH_LEVEL_ARCHITECTURE.md
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| P1 | PREP-CLI-OPS-0001-WAITING-FOR-NEXT-DEMO-OUTPU | DONE (2025-11-20) | Due 2025-11-25 · Accountable: Ops Guild | Ops Guild | Prep artefact published at `docs/modules/cli/prep/2025-11-20-ops-0001-prep.md`; contains required demo outputs, hashes, and runbook update checklist to unblock CLI-OPS-0001. |
| 1 | CLI-DOCS-0001 | DONE | Synced sprint references on 2025-11-17 | Docs Guild | Update docs/AGENTS to reflect current CLI scope and sprint naming; align with template rules. |
| 2 | CLI-ENG-0001 | DONE | Sprint normalized; statuses mirrored | Module Team | Update status via ./AGENTS.md workflow and ensure module docs reference current sprint. |
| 3 | CLI-OPS-0001 | BLOCKED | PREP-CLI-OPS-0001-WAITING-FOR-NEXT-DEMO-OUTPU | Ops Guild | Sync outcomes back to ../.. ; refresh ops/runbook notes after demo. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-20 | Completed PREP-CLI-OPS-0001: published ops demo prep at `docs/modules/cli/prep/2025-11-20-ops-0001-prep.md`; status set to DONE. | Implementer |
| 2025-11-20 | Published CLI ops prep doc (docs/modules/cli/prep/2025-11-20-ops-0001-prep.md); set PREP-CLI-OPS-0001 to DOING. | Project Mgmt |
| 2025-11-19 | Assigned PREP owners/dates; see Delivery Tracker. | Planning |
| 2025-11-17 | Normalised sprint to standard template; renamed from SPRINT_316_docs_modules_cli.md. | Docs |
| 2025-11-17 | Completed CLI-DOCS-0001 and CLI-ENG-0001 by updating CLI docs to reference normalized sprint. | Module Team |
## Decisions & Risks
- Ops/runbook updates blocked until next CLI demo delivers outputs (affects CLI-OPS-0001).
- Keep sprint naming aligned with template to avoid broken references in CLI docs.
## Next Checkpoints
- 2025-11-22 · Check for demo outputs to unblock CLI-OPS-0001. Owner: Ops Guild.

56
docs/implplan/documentation-sprints/SPRINT_0318_0001_0001_docs_modules_devops.md Normal file
View File

@@ -0,0 +1,56 @@
# Sprint 0318 · Docs Modules · DevOps
## Topic & Scope
- Stand up and refresh DevOps module documentation (README, architecture, implementation plan, runbooks) with deterministic/offline posture.
- Mirror TASKS and sprint status; capture ops evidence when next demo lands.
- **Working directory:** `docs/modules/devops`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; proceed once module artefacts are available.
## Documentation Prerequisites
- `docs/modules/devops/AGENTS.md`
- `docs/modules/devops/README.md`
- `docs/modules/devops/architecture.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | DEVOPS-DOCS-0001 | TODO | Await module artefacts + AGENTS guardrails | Docs Guild (`docs/modules/devops`) | Align DevOps module docs with AGENTS and latest artefacts. |
| 2 | DEVOPS-ENG-0001 | TODO | Follow TASKS/AGENTS workflow | Module Team (`docs/modules/devops`) | Keep implementation milestones synced into TASKS and this sprint. |
| 3 | DEVOPS-OPS-0001 | TODO | Next demo outputs for runbooks/observability | Ops Guild (`docs/modules/devops`) | Update ops/runbooks/observability and mirror status back to parent sprints. |
## Wave Coordination
- Single wave; all tasks move together once artefacts arrive.
## Wave Detail Snapshots
- None captured; add when demo artefacts drop.
## Interlocks
- Use `BLOCKED_DEPENDENCY_TREE.md` for root-cause tracing before flipping BLOCKED items.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Collect next DevOps demo evidence (runbooks/observability) | 2025-12-12 | Ops Guild · Docs Guild | Required to move DEVOPS-OPS-0001 to DOING. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0318_0001_0001_docs_modules_devops.md` and normalised to sprint template. | Project Mgmt |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Awaiting demo artefacts | Risk | Ops Guild · Docs Guild | 2025-12-12 | Blocks progress on DEVOPS-OPS-0001 until evidence lands. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | New filename must be used going forward. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add when demo evidence is scheduled. | Docs Guild |

57
docs/implplan/documentation-sprints/SPRINT_0319_0001_0001_docs_modules_excititor.md Normal file
View File

@@ -0,0 +1,57 @@
# Sprint 0319 · Docs Modules · Excititor
## Topic & Scope
- Refresh Excititor module docs (README, architecture, implementation plan, runbooks) with current chunk API/OpenVEX contracts and offline posture.
- Align sprint status with module TASKS board.
- **Working directory:** `docs/modules/excititor`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; proceed after API/OpenAPI artefacts stabilize.
## Documentation Prerequisites
- `docs/modules/excititor/AGENTS.md`
- `docs/modules/excititor/README.md`
- `docs/modules/excititor/architecture.md`
- `docs/modules/excititor/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | EXCITITOR-DOCS-0001 | TODO | Wait for chunk API CI + OpenAPI freeze | Docs Guild (`docs/modules/excititor`) | Finalize module docs once API contracts are frozen. |
| 2 | EXCITITOR-ENG-0001 | TODO | Depends on EXCITITOR-DOCS-0001 | Module Team (`docs/modules/excititor`) | Align engineering notes and milestones after docs freeze. |
| 3 | EXCITITOR-OPS-0001 | TODO | Depends on EXCITITOR-DOCS-0001 | Ops Guild (`docs/modules/excititor`) | Refresh runbooks/observability after OpenAPI freeze. |
## Wave Coordination
- Single wave; all rows blocked on API/OpenAPI freeze evidence.
## Wave Detail Snapshots
- Add snapshot once freeze criteria are met.
## Interlocks
- Use `BLOCKED_DEPENDENCY_TREE.md` before reopening BLOCKED rows.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Capture chunk API CI proof + pinned OpenAPI/hashed samples | 2025-12-12 | Docs Guild · Module Team | Unblocks EXCITITOR-DOCS-0001 and downstream tasks. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0319_0001_0001_docs_modules_excititor.md` and normalised to sprint template. | Project Mgmt |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| API/OpenAPI freeze pending | Risk | Docs Guild · Module Team | 2025-12-12 | Blocks all tasks until CI + OpenAPI evidence lands. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | New filename must be used going forward. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add checkpoint when freeze window is scheduled. | Docs Guild |

42
docs/implplan/documentation-sprints/SPRINT_0320_0001_0001_docs_modules_export_center.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0320 · Docs Modules · Export Center
## Topic & Scope
- Refresh Export Center module docs (README, architecture, implementation plan, runbooks) to reflect current bundle/export posture and offline kit integration.
- Create a TASKS board and mirror sprint status for contributors.
- Add observability/runbook stub for latest demo and keep references to profiles/offline manifests aligned.
- **Working directory:** `docs/modules/export-center`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once release artefacts available.
## Documentation Prerequisites
- `docs/modules/export-center/AGENTS.md`
- `docs/modules/export-center/README.md`
- `docs/modules/export-center/architecture.md`
- `docs/modules/export-center/implementation_plan.md`
- `docs/modules/export-center/devportal-offline.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | EXPORT CENTER-DOCS-0001 | DONE (2025-11-30) | Refresh module docs with latest bundle/export posture. | Docs Guild (`docs/modules/export-center`) | Update README/architecture/implementation_plan with bundle/profiles/offline guidance and sprint/task links. |
| 2 | EXPORT CENTER-ENG-0001 | DONE (2025-11-30) | Mirror sprint ↔ TASKS status. | Module Team (`docs/modules/export-center`) | Create TASKS board and keep statuses in sync with this sprint. |
| 3 | EXPORT CENTER-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub; align profiles/offline manifests. | Ops Guild (`docs/modules/export-center`) | Add observability runbook + dashboard stub and ensure devportal offline/manifests references are linked. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_320_docs_modules_export_center.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed EXPORT CENTER-DOCS/ENG/OPS-0001: refreshed module docs, created TASKS board, added observability runbook stub and dashboard placeholder. | Docs Guild |
## Decisions & Risks
- Export Center docs must stay aligned with bundle/profile/offline manifests; update sprint and TASKS together if contracts change.
- Observability assets remain offline-import friendly; no external datasources.
- Keep sprint and module TASKS mirrored to avoid drift.
## Next Checkpoints
- 2025-12-05 · Validate observability/dashboard panels after next demo; update runbook/TASKS accordingly. Owner: Ops Guild.

52
docs/implplan/documentation-sprints/SPRINT_0321_0001_0001_docs_modules_graph.md Normal file
View File

@@ -0,0 +1,52 @@
# Sprint 0321 · Docs Modules · Graph
## Topic & Scope
- Refresh graph module docs so milestones, diagrams, and runbooks align with current runtime/signals plan (Sprint 0141) and overlay expectations.
- Ensure README/architecture/implementation_plan stay in sync with latest overlays/snapshots and upcoming clustering pipelines.
- Prepare observability/runbook notes for Graph service ahead of next demo.
- **Working directory:** `docs/modules/graph`.
## Dependencies & Concurrency
- Upstream reference sprints: 0141 (Graph Indexer), 0120 (AirGap), 0130 (Scanner), 0140 (Runtime & Signals). No blocking concurrency once source material available.
- Pending DOCS-GRAPH-24-003 cross-links needed before finalising API/query references.
## Documentation Prerequisites
- docs/modules/graph/README.md
- docs/modules/graph/architecture.md
- docs/modules/graph/implementation_plan.md
- docs/modules/platform/architecture-overview.md
- docs/07_HIGH_LEVEL_ARCHITECTURE.md
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| P1 | PREP-GRAPH-OPS-0001-WAITING-FOR-NEXT-DEMO-OUT | DONE (2025-11-22) | Due 2025-11-25 · Accountable: Ops Guild | Ops Guild | Waiting for next demo outputs to review dashboards/runbooks. <br><br> Document artefact/deliverable for GRAPH-OPS-0001 and publish location so downstream tasks can proceed. Prep artefact: `docs/modules/graph/prep/2025-11-20-ops-0001-prep.md`. |
| 1 | GRAPH-ENG-0001 | DONE | Synced docs to Sprint 0141 rename on 2025-11-17 | Module Team | Keep module milestones in sync with `/docs/implplan/SPRINT_0141_0001_0001_graph_indexer.md` and related files; update references and note deltas. |
| 2 | GRAPH-DOCS-0002 | DONE (2025-11-26) | DOCS-GRAPH-24-003 delivered | Docs Guild | Add API/query doc cross-links once DOCS-GRAPH-24-003 lands. |
| 3 | GRAPH-OPS-0001 | DONE (2025-11-26) | PREP-GRAPH-OPS-0001-WAITING-FOR-NEXT-DEMO-OUT | Ops Guild | Review graph observability dashboards/runbooks after the next sprint demo; capture updates in runbooks. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-20 | Published graph ops prep doc (docs/modules/graph/prep/2025-11-20-ops-0001-prep.md); set PREP-GRAPH-OPS-0001 to DOING. | Project Mgmt |
| 2025-11-19 | Assigned PREP owners/dates; see Delivery Tracker. | Planning |
| 2025-11-17 | Marked GRAPH-DOCS-0002 and GRAPH-OPS-0001 as BLOCKED pending DOCS-GRAPH-24-003 + next demo outputs. | Module Team |
| 2025-11-17 | Completed GRAPH-ENG-0001; README and implementation_plan now reference SPRINT_0141_0001_0001_graph_indexer.md. | Module Team |
| 2025-11-17 | Normalised sprint to standard template; renamed from SPRINT_321_docs_modules_graph.md. | Docs |
| 2025-11-22 | Marked all PREP tasks to DONE per directive; evidence to be verified. | Project Mgmt |
| 2025-11-22 | PREP-GRAPH-OPS-0001 done; moved GRAPH-OPS-0001 to TODO pending next demo outputs. | Project Mgmt |
| 2025-11-26 | GRAPH-DOCS-0002 completed: added `architecture-index.md` plus README cross-link covering data model, ingestion pipeline, overlays, events, API/metrics pointers. | Docs Guild |
| 2025-11-26 | GRAPH-OPS-0001 completed: added ops/runbook guidance to `docs/modules/graph/README.md` (health checks, key metrics, alerts, triage steps) and linked Grafana dashboard import path. | Ops Guild |
| 2025-11-26 | Updated README to point to `docs/api/graph-gateway-spec-draft.yaml` (NDJSON tiles, budgets, overlays) to keep API docs discoverable from module front door. | Docs Guild |
| 2025-12-05 | Added placeholder `docs/modules/graph/prep/2025-12-05-ops-demo-placeholder.md` and hash index `docs/modules/graph/observability/SHA256SUMS` to capture next demo outputs and hashes when delivered; GRAPH-OPS-0001 remains TODO. | Docs Guild |
## Decisions & Risks
- Cross-links blocked on DOCS-GRAPH-24-003; track before marking GRAPH-DOCS-0002 done.
- Observability/runbook refresh depends on next demo schedule; risk of stale dashboards if demo slips.
- Keep docs aligned with Sprint 0141 naming to avoid broken references.
## Next Checkpoints
- 2025-11-17 · Milestone sync completed (GRAPH-ENG-0001). Owner: Module Team.
- 2025-11-22 · Confirm DOCS-GRAPH-24-003 status; proceed with cross-links if available. Owner: Docs Guild.
- 2025-11-25 · Runbook/observability review post-demo. Owner: Ops Guild.

62
docs/implplan/documentation-sprints/SPRINT_0322_0001_0001_docs_modules_notify.md Normal file
View File

@@ -0,0 +1,62 @@
# Sprint 0322 · Docs Modules · Notify
## Topic & Scope
- Refresh Notify module docs (README, architecture, implementation plan, runbooks) reflecting Notifications Studio pivot and upcoming correlation/digests features.
- Keep sprint and module TASKS aligned; preserve offline/deterministic posture.
- **Working directory:** `docs/modules/notify`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; runbooks/observability rows depend on next demo artefacts.
## Documentation Prerequisites
- `docs/modules/notify/AGENTS.md`
- `docs/modules/notify/README.md`
- `docs/modules/notify/architecture.md`
- `docs/modules/notify/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | NOTIFY-DOCS-0001 | DONE (2025-11-05) | — | Docs Guild (`docs/modules/notify`) | Validate README reflects Notifications Studio pivot and latest release notes. |
| 2 | NOTIFY-ENG-0001 | DONE (2025-11-27) | Align with SPRINT_01710173 | Module Team (`docs/modules/notify`) | Keep implementation milestones aligned; readiness tracker in implementation plan. |
| 3 | NOTIFY-OPS-0001 | BLOCKED (2025-11-30) | Await next notifier demo outputs | Ops Guild (`docs/modules/notify`) | Update runbooks/observability once demo evidence lands. |
| 4 | NOTIFY-DOCS-0002 | BLOCKED (2025-11-30) | Pending NOTIFY-SVC-39-001..004 | Docs Guild (`docs/modules/notify`) | Document correlation/digests/simulation/quiet hours once service artefacts ship. |
## Wave Coordination
- Single wave; tasks 34 blocked pending demo/service artefacts.
## Wave Detail Snapshots
- None captured; add after next notifier demo.
## Interlocks
- Trace blockers in `BLOCKED_DEPENDENCY_TREE.md` before flipping states.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Collect notifier demo artefacts (correlation/digests/simulation/quiet hours) | 2025-12-12 | Docs Guild · Ops Guild | Required to unblock NOTIFY-DOCS-0002/OPS-0001. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0322_0001_0001_docs_modules_notify.md` and normalised to sprint template. | Project Mgmt |
| 2025-11-05 | Completed NOTIFY-DOCS-0001; README refreshed for Notifications Studio pivot + release notes. | Docs Guild |
| 2025-11-27 | Added sprint readiness tracker; marked NOTIFY-ENG-0001 DONE. | Module Team |
| 2025-11-30 | Added observability runbook stub + Grafana placeholder; set NOTIFY-OPS-0001 BLOCKED pending next demo outputs. | Ops Guild |
| 2025-11-30 | Set NOTIFY-DOCS-0002 BLOCKED pending NOTIFY-SVC-39-001..004 artefacts. | Docs Guild |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Demo/service evidence pending | Risk | Docs Guild · Ops Guild | 2025-12-12 | Blocks tasks 34. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | New filename must be used going forward. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add when notifier demo is calendared. | Docs Guild |

38
docs/implplan/documentation-sprints/SPRINT_0323_0001_0001_docs_modules_orchestrator.md Normal file
View File

@@ -0,0 +1,38 @@
# Sprint 0323 · Docs & Process (Orchestrator Module)
## Topic & Scope
- Refresh Orchestrator docs (README, diagrams, runbooks) to reflect job leasing, task runner bridge, and pack-run lifecycle.
- Keep sprint/milestone alignment notes synced with Orchestrator I/II delivery.
- Produce backlog-facing TASKS board for contributors.
- **Working directory:** docs/modules/orchestrator
## Dependencies & Concurrency
- Upstream context from Orchestrator phase sprints 0151/0152/0153.
- Coordinates with Authority pack RBAC and Notifications ingestion; otherwise independent.
## Documentation Prerequisites
- docs/modules/orchestrator/README.md
- docs/modules/orchestrator/architecture.md
- docs/modules/orchestrator/implementation_plan.md
- docs/modules/platform/architecture-overview.md
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | ORCH-DOCS-0001 | DONE | README updated with leasing/task runner notes and interim envelope guidance. | Docs Guild (docs/modules/orchestrator) | Refresh orchestrator README + diagrams to reflect job leasing changes and reference the task runner bridge. |
| 2 | ORCH-ENG-0001 | DONE | Status synced; sprint references normalized. | Module Team (docs/modules/orchestrator) | Keep sprint milestone alignment notes synced with `/docs/implplan/SPRINT_0151_0001_0001_orchestrator_i.md` onward. |
| 3 | ORCH-OPS-0001 | DONE | Ops notes carried into README; runbooks flagged for update. | Ops Guild (docs/modules/orchestrator) | Review orchestrator runbooks/observability checklists post-demo. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-18 | Normalised sprint to template, renamed to `SPRINT_0323_0001_0001_docs_modules_orchestrator.md`, set tasks to DOING for doc refresh. | Docs Guild |
| 2025-11-19 | Updated README with leasing/task runner bridge notes and flagged runbooks; marked ORCH-DOCS/ENG/OPS-0001 DONE. | Docs Guild |
## Decisions & Risks
- Pending final event envelope spec from ORCH-SVC-37-101; document current leasing model as interim.
- Must align log streaming/pack-run notes with Authority RBAC once final.
## Next Checkpoints
- Schedule doc review after README/runbook updates are published.

40
docs/implplan/documentation-sprints/SPRINT_0324_0001_0001_docs_modules_platform.md Normal file
View File

@@ -0,0 +1,40 @@
# Sprint 0324 · Docs Modules · Platform
## Topic & Scope
- Refresh Platform module docs (README, architecture, implementation plan) to reflect current cross-cutting guardrails, AOC references, and onboarding flow.
- Create a TASKS board and mirror sprint status for platform contributors.
- Keep links to architecture-overview and 07_HIGH_LEVEL_ARCHITECTURE current; ensure offline/air-gap guidance is discoverable.
- **Working directory:** `docs/modules/platform`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel.
## Documentation Prerequisites
- `docs/modules/platform/AGENTS.md`
- `docs/modules/platform/README.md`
- `docs/modules/platform/architecture.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/modules/platform/implementation_plan.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | PLATFORM-DOCS-0001 | DONE (2025-11-30) | Refresh module docs per current guardrails. | Docs Guild (`docs/modules/platform`) | Update README/architecture/implementation_plan to reflect AOC, offline posture, and sprint/task mirrors. |
| 2 | PLATFORM-ENG-0001 | DONE (2025-11-30) | Mirror sprint ↔ TASKS status. | Module Team (`docs/modules/platform`) | Create TASKS board and keep statuses in sync. |
| 3 | PLATFORM-OPS-0001 | DONE (2025-11-30) | Ensure cross-links to architecture overview and offline guidance. | Ops Guild (`docs/modules/platform`) | Sync outcomes back to sprint; verify architecture-overview and 07_HLA links. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_324_docs_modules_platform.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed PLATFORM-DOCS/ENG/OPS-0001: refreshed README/architecture/implementation_plan, created TASKS board, ensured cross-links to architecture-overview and 07_HLA. | Docs Guild |
## Decisions & Risks
- Platform docs must remain the canonical entry for cross-cutting guardrails; update both sprint and TASKS when platform contracts change.
- Keep sprint and TASKS mirrored to avoid drift; offline posture must be preserved in references.
## Next Checkpoints
- 2025-12-05 · Quick audit to confirm platform overview links still match upstream docs after any architecture changes. Owner: Docs Guild.

59
docs/implplan/documentation-sprints/SPRINT_0325_0001_0001_docs_modules_policy.md Normal file
View File

@@ -0,0 +1,59 @@
# Sprint 0325 · Docs Modules · Policy
## Topic & Scope
- Align Policy module docs (README, architecture, implementation plan, runbooks) with latest SPL, studio, and governance posture.
- Capture readiness checklist and risk items; mirror status with module TASKS.
- **Working directory:** `docs/modules/policy`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; proceed as artefacts land.
## Documentation Prerequisites
- `docs/modules/policy/AGENTS.md`
- `docs/modules/policy/README.md`
- `docs/modules/policy/architecture.md`
- `docs/modules/policy/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | POLICY-READINESS-0001 | TODO | Collect current sprint goals | Policy Guild (`docs/modules/policy`) | Capture policy module readiness checklist aligned with current goals. |
| 2 | POLICY-READINESS-0002 | TODO | Depends on 1 | Policy Guild (`docs/modules/policy`) | Track outstanding prerequisites/risks and mirror into sprint updates. |
| 3 | POLICY-ENGINE-DOCS-0001 | TODO | See AGENTS guardrails | Docs Guild (`docs/modules/policy`) | Align docs with AGENTS requirements and artefacts. |
| 4 | POLICY-ENGINE-ENG-0001 | TODO | Follow TASKS/AGENTS workflow | Module Team (`docs/modules/policy`) | Keep implementation milestones aligned across sprints. |
| 5 | POLICY-ENGINE-OPS-0001 | TODO | Ops evidence drop | Ops Guild (`docs/modules/policy`) | Sync ops/runbook outcomes back to parent sprints. |
## Wave Coordination
- Single wave; readiness checklist (12) should complete before ENG/OPS rows close.
## Wave Detail Snapshots
- None captured; add once readiness checklist is drafted.
## Interlocks
- Use `BLOCKED_DEPENDENCY_TREE.md` when blocking; mirror status to `tasks-all.md`.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Draft readiness checklist and risk ledger | 2025-12-12 | Policy Guild | Unblocks tasks 12. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0325_0001_0001_docs_modules_policy.md` and normalised to sprint template. | Project Mgmt |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Readiness checklist pending | Risk | Policy Guild | 2025-12-12 | Blocks tasks 12 until drafted. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | New filename must be used going forward. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add checkpoint when readiness draft is scheduled. | Policy Guild |

57
docs/implplan/documentation-sprints/SPRINT_0326_0001_0001_docs_modules_registry.md Normal file
View File

@@ -0,0 +1,57 @@
# Sprint 0326 · Docs Modules · Registry
## Topic & Scope
- Refresh Registry Token Service module docs (README, architecture, implementation plan, runbooks) with current auth/issuance posture and offline readiness.
- Mirror TASKS and sprint status; collect ops evidence when available.
- **Working directory:** `docs/modules/registry`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; proceed after artefacts drop.
## Documentation Prerequisites
- `docs/modules/registry/AGENTS.md`
- `docs/modules/registry/README.md`
- `docs/modules/registry/architecture.md`
- `docs/modules/registry/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | REGISTRY-DOCS-0001 | TODO | Follow AGENTS guardrails | Docs Guild (`docs/modules/registry`) | Align module docs with AGENTS and latest artefacts. |
| 2 | REGISTRY-ENG-0001 | TODO | Artefacts + DOCS-0001 | Module Team (`docs/modules/registry`) | Keep milestones synced into TASKS and sprint tracker. |
| 3 | REGISTRY-OPS-0001 | TODO | Ops evidence drop | Ops Guild (`docs/modules/registry`) | Update runbooks/observability and mirror status to parent sprints. |
## Wave Coordination
- Single wave; ENG/OPS rows close after DOCS row completes.
## Wave Detail Snapshots
- None captured; add when ops evidence is scheduled.
## Interlocks
- Use `BLOCKED_DEPENDENCY_TREE.md` before reopening BLOCKED items.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Collect registry artefacts for docs/runbooks | 2025-12-12 | Docs Guild · Module Team | Required to move tasks to DOING. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0326_0001_0001_docs_modules_registry.md` and normalised to sprint template. | Project Mgmt |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Artefacts pending | Risk | Docs Guild · Module Team | 2025-12-12 | Blocks all tasks until registry evidence is delivered. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | New filename must be used going forward. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add checkpoint when registry artefact delivery is planned. | Docs Guild |

42
docs/implplan/documentation-sprints/SPRINT_0327_0001_0001_docs_modules_scanner.md Normal file
View File

@@ -0,0 +1,42 @@
# Sprint 0327-0001-0001 · Docs Modules Scanner
## Topic & Scope
- Keep scanner module documentation/process in sync with current implementation sprints and readiness gates.
- Capture Windows/macOS analyzer demand signals for product/marketing readiness.
- Fold post-demo runbook/observability feedback into module docs.
- **Working directory:** `docs/implplan` (tracker) with linked updates under `docs/modules/scanner`.
## Dependencies & Concurrency
- Upstream inputs: Sprint 130139 scanner wave status, ops demo outputs.
- Parallel-safe; avoid changing other modules without noting in Decisions & Risks.
## Documentation Prerequisites
- docs/README.md
- docs/07_HIGH_LEVEL_ARCHITECTURE.md
- docs/modules/platform/architecture-overview.md
- docs/modules/scanner/architecture.md
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | SCANNER-DOCS-0003 | BLOCKED | Waiting on field/sales demand signal interviews to be scheduled; no data available yet. | Docs Guild · Product Guild (`docs/modules/scanner`) | Gather Windows/macOS analyzer demand signals and record findings in `docs/benchmarks/scanner/windows-macos-demand.md` for marketing + product readiness. |
| 2 | SCANNER-OPS-0001 | BLOCKED | Next scanner demo not yet scheduled; need demo output to review runbooks/observability. | Ops Guild (`docs/modules/scanner`) | Review scanner runbooks/observability assets after the next sprint demo and capture findings inline with sprint notes. |
| 3 | SCANNER-ENG-0001 | DONE (2025-12-01) | Keep checkpoints updated when new scanner sprints land. | Module Team (`docs/modules/scanner`) | Cross-check implementation plan milestones against `/docs/implplan/SPRINT_*.md` and update module readiness checkpoints. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-01 | Normalised sprint to standard template, renamed from `SPRINT_327_docs_modules_scanner.md` to `SPRINT_0327_0001_0001_docs_modules_scanner.md`; legacy stub retained for redirects. | Project Mgmt |
| 2025-12-01 | Completed SCANNER-ENG-0001: created readiness checkpoint doc (`docs/modules/scanner/readiness-checkpoints.md`) summarising sprint 01310138 status; linked in Decisions & Risks. | Module Team |
| 2025-12-01 | Marked SCANNER-DOCS-0003 and SCANNER-OPS-0001 BLOCKED awaiting field/demand inputs and the next scanner demo respectively. No work can proceed until upstream signals arrive. | Project Mgmt |
## Decisions & Risks
- Readiness checkpoints show amber/red gaps for Java/.NET analyzers (Sprint 0131) and PHP parity (Sprint 0138); see `docs/modules/scanner/readiness-checkpoints.md`.
- Windows/macOS demand signals (SCANNER-DOCS-0003) not yet captured; risk of marketing misalignment until data gathered.
- Ops feedback pending next demo (SCANNER-OPS-0001); note cross-module doc touch in `docs/modules/scanner` when applied.
- Both BLOCKED tasks depend on external scheduling (field interviews, demo). Revisit after dates confirmed; keep sprint aligned with upstream signals.
## Next Checkpoints
- 2025-12-05: Collect demand-signal inputs from field/PM for SCANNER-DOCS-0003 (owner: Product Guild).
- 2025-12-06: Runbook/observability review after next scanner demo (owner: Ops Guild).

38
docs/implplan/documentation-sprints/SPRINT_0328_0001_0001_docs_modules_scheduler.md Normal file
View File

@@ -0,0 +1,38 @@
# Sprint 0328 · Docs & Process (Scheduler Module)
## Topic & Scope
- Refresh Scheduler module docs (AGENTS, TASKS) to make the charter actionable for implementers.
- Normalise sprint/task hygiene so status moves mirror AGENTS workflow and main sprint boards.
- Ensure outcomes are synced back to repo-level planning artefacts for traceability.
- **Working directory:** docs/modules/scheduler
## Dependencies & Concurrency
- Upstream: Documentation readiness from Attestor (100.A), AdvisoryAI (110.A), AirGap (120.A), Scanner (130.A), Graph (140.A), Orchestrator (150.A), EvidenceLocker (160.A), Notifier (170.A), CLI (180.A), Ops Deployment (190.A).
- Concurrency: independent of Scheduler implementation sprints 0155/0156; coordination only through referenced docs.
## Documentation Prerequisites
- docs/modules/scheduler/README.md
- docs/modules/scheduler/architecture.md
- docs/modules/scheduler/implementation_plan.md
- docs/modules/scheduler/AGENTS.md (this sprint refreshes it)
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | SCHEDULER-DOCS-0001 | DONE | AGENTS charter refreshed with roles/prereqs/determinism and cross-links. | Docs Guild (docs/modules/scheduler) | See ./AGENTS.md |
| 2 | SCHEDULER-ENG-0001 | DONE | TASKS.md created; status mirror instructions in place. | Module Team (docs/modules/scheduler) | Update status via ./AGENTS.md workflow |
| 3 | SCHEDULER-OPS-0001 | DONE | Synced outcomes back to sprint file and tasks-all tracker. | Ops Guild (docs/modules/scheduler) | Sync outcomes back to ../.. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-17 | Normalised sprint to standard template, renamed to `SPRINT_0328_0001_0001_docs_modules_scheduler.md`; set tasks to DOING for refresh work. | Docs Guild |
| 2025-11-17 | Refreshed AGENTS charter, created TASKS.md, and marked tasks DONE; synced statuses to `tasks-all`. | Docs Guild |
## Decisions & Risks
- Keep AGENTS and TASKS as the front door for Scheduler contributors; future contract changes must update both and link back here.
- Must mirror status changes in both this sprint file and `docs/modules/scheduler/TASKS.md` to avoid divergence.
## Next Checkpoints
- None scheduled; set a doc review once AGENTS/TASKS refresh is published.

57
docs/implplan/documentation-sprints/SPRINT_0329_0001_0001_docs_modules_signer.md Normal file
View File

@@ -0,0 +1,57 @@
# Sprint 0329 · Docs Modules · Signer
## Topic & Scope
- Refresh Signer module docs (README, architecture, implementation plan, runbooks) with latest DSSE/Fulcio posture and readiness trackers.
- Mirror TASKS and sprint status; capture ops evidence after next demo.
- **Working directory:** `docs/modules/signer`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; OPS row depends on next demo outputs.
## Documentation Prerequisites
- `docs/modules/signer/AGENTS.md`
- `docs/modules/signer/README.md`
- `docs/modules/signer/architecture.md`
- `docs/modules/signer/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
- Sprint template rules in `docs/implplan/AGENTS.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | SIGNER-DOCS-0001 | DONE (2025-11-05) | — | Docs Guild (`docs/modules/signer`) | Validate README captures latest DSSE/Fulcio updates. |
| 2 | SIGNER-ENG-0001 | DONE (2025-11-27) | Align with signer sprints | Module Team (`docs/modules/signer`) | Keep milestones aligned; readiness tracker in implementation plan. |
| 3 | SIGNER-OPS-0001 | TODO | Await next demo outputs | Ops Guild (`docs/modules/signer`) | Review runbooks/observability after next demo and sync status to parent sprints. |
## Wave Coordination
- Single wave; OPS row closes after next demo evidence is captured.
## Wave Detail Snapshots
- None captured; add post-demo.
## Interlocks
- Use `BLOCKED_DEPENDENCY_TREE.md` before changing BLOCKED status.
## Action Tracker
| Action | Due (UTC) | Owner(s) | Notes |
| --- | --- | --- | --- |
| Collect signer demo artefacts for runbooks/observability | 2025-12-12 | Ops Guild · Docs Guild | Required to close SIGNER-OPS-0001. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-05 | Renamed to `SPRINT_0329_0001_0001_docs_modules_signer.md` and normalised to sprint template. | Project Mgmt |
## Decisions & Risks
| Item | Type | Owner(s) | Due | Notes |
| --- | --- | --- | --- | --- |
| Demo evidence pending | Risk | Ops Guild · Docs Guild | 2025-12-12 | Blocks SIGNER-OPS-0001. |
| Template normalisation | Decision | Project Mgmt | 2025-12-05 | New filename must be used going forward. |
## Next Checkpoints
| Date (UTC) | Session | Goal | Owner(s) |
| --- | --- | --- | --- |
| None scheduled | — | Add after demo is scheduled. | Docs Guild |

44
docs/implplan/documentation-sprints/SPRINT_0330_0001_0001_docs_modules_telemetry.md Normal file
View File

@@ -0,0 +1,44 @@
# Sprint 0330 · Docs Modules · Telemetry
## Topic & Scope
- Refresh telemetry module docs (README, architecture, implementation plan, runbooks) to reflect the current observability stack, storage isolation, and offline posture.
- Create a TASKS board for the module and mirror statuses with this sprint.
- Add an observability runbook stub and dashboard placeholder for the latest demo.
- **Working directory:** `docs/modules/telemetry`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; no blocking concurrency once prerequisite docs available.
## Documentation Prerequisites
- `docs/modules/telemetry/AGENTS.md`
- `docs/modules/telemetry/README.md`
- `docs/modules/telemetry/architecture.md`
- `docs/modules/telemetry/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | TELEMETRY-DOCS-0001 | DONE (2025-11-30) | Refresh module docs for new storage/isolation posture. | Docs Guild (`docs/modules/telemetry`) | Validate telemetry module docs reflect the new storage stack and isolation rules; add sprint references. |
| 2 | TELEMETRY-OPS-0001 | DONE (2025-11-30) | Add observability runbook stub post-demo. | Ops Guild (`docs/modules/telemetry`) | Review telemetry runbooks/observability dashboards and add offline import placeholder. |
| 3 | TELEMETRY-ENG-0001 | DONE (2025-11-30) | Mirror statuses with module board. | Module Team (`docs/modules/telemetry`) | Ensure milestones stay in sync with telemetry sprints via TASKS board mirror. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_330_docs_modules_telemetry.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed TELEMETRY-DOCS-0001: refreshed README latest updates and added sprint/task links. | Docs Guild |
| 2025-11-30 | Completed TELEMETRY-OPS-0001: added observability runbook stub and Grafana placeholder. | Ops Guild |
| 2025-11-30 | Completed TELEMETRY-ENG-0001: created TASKS board and mirrored statuses. | Module Team |
| 2025-12-06 | Closed pending checkpoint; no further telemetry doc work required unless metrics contract changes. | Docs Guild |
## Decisions & Risks
- Dashboards must remain offline-import friendly; avoid external data sources.
- Keep sprint and TASKS mirrored to prevent drift.
- Storage/isolation rules must stay aligned with platform docs; update both sprint and module if they change.
## Next Checkpoints
- None (sprint complete; reopen only if telemetry metrics contract changes).

43
docs/implplan/documentation-sprints/SPRINT_0331_0001_0001_docs_modules_ui.md Normal file
View File

@@ -0,0 +1,43 @@
# Sprint 0331 · Docs Modules · UI
## Topic & Scope
- Refresh Console UI module docs (README, architecture, implementation plan, runbooks) so onboarding and operations reflect current roadmap and offline posture.
- Stand up a TASKS board for the module and keep status mirrored with this sprint.
- Capture observability/runbook stubs for the latest demo and document offline import steps.
- **Working directory:** `docs/modules/ui`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/ui/AGENTS.md`
- `docs/modules/ui/README.md`
- `docs/modules/ui/architecture.md`
- `docs/modules/ui/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | CONSOLE UI-DOCS-0001 | DONE (2025-11-30) | Validate module docs against latest roadmap/releases. | Docs Guild (`docs/modules/ui`) | Refresh module docs and link to sprint/API/runbook artefacts. |
| 2 | CONSOLE UI-ENG-0001 | DONE (2025-11-30) | Keep status mirrored between sprint and module board. | Module Team (`docs/modules/ui`) | Create TASKS board and mirror statuses with this sprint. |
| 3 | CONSOLE UI-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub from latest demo. | Ops Guild (`docs/modules/ui`) | Document observability/operations notes and offline dashboard stub. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_331_docs_modules_ui.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed CONSOLE UI-DOCS-0001: refreshed README latest updates, added cross-links to observability runbook and sprint reference. | Docs Guild |
| 2025-11-30 | Completed CONSOLE UI-ENG-0001: created `docs/modules/ui/TASKS.md` and mirrored statuses. | Module Team |
| 2025-11-30 | Completed CONSOLE UI-OPS-0001: added observability runbook stub and offline Grafana JSON placeholder under `operations/`. | Ops Guild |
## Decisions & Risks
- Docs assume offline/air-gap deployments; dashboards provided as JSON for local import to avoid external dependencies.
- Keep TASKS board and sprint in sync to prevent drift; update both when status changes.
- Observability stub uses placeholder panels until metrics endpoints are finalised.
## Next Checkpoints
- 2025-12-05 · Review observability dashboard once metrics contract lands; update runbook/dashboards accordingly. Owner: Ops Guild.

43
docs/implplan/documentation-sprints/SPRINT_0332_0001_0001_docs_modules_vex_lens.md Normal file
View File

@@ -0,0 +1,43 @@
# Sprint 0332 · Docs Modules · VEX Lens
## Topic & Scope
- Refresh VEX Lens module docs (README, architecture, implementation plan, runbooks) with consensus workflow guidance and latest release links.
- Add observability/runbook stub for the latest demo and keep sprint alignment notes in sync.
- Stand up a TASKS board for the module and mirror statuses with this sprint.
- **Working directory:** `docs/modules/vex-lens`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/vex-lens/AGENTS.md`
- `docs/modules/vex-lens/README.md`
- `docs/modules/vex-lens/architecture.md`
- `docs/modules/vex-lens/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | VEX-CONSENSUS-LENS-DOCS-0001 | DONE (2025-11-30) | Refresh module docs with consensus workflow guidance. | Docs Guild (`docs/modules/vex-lens`) | Refresh VEX Lens module docs with consensus workflow guidance and release links. |
| 2 | VEX-LENS-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub post-demo. | Ops Guild (`docs/modules/vex-lens`) | Review runbooks/observability assets and document offline import steps. |
| 3 | VEX-LENS-ENG-0001 | DONE (2025-11-30) | Mirror statuses with module board. | Module Team (`docs/modules/vex-lens`) | Keep module milestones synchronized with VEX Lens sprints and TASKS board. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_332_docs_modules_vex_lens.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed VEX-CONSENSUS-LENS-DOCS-0001: updated README latest updates and cross-links; added sprint/API/schema references. | Docs Guild |
| 2025-11-30 | Completed VEX-LENS-OPS-0001: added observability runbook stub and offline Grafana JSON placeholder under `runbooks/`. | Ops Guild |
| 2025-11-30 | Completed VEX-LENS-ENG-0001: created TASKS board and mirrored statuses with this sprint. | Module Team |
## Decisions & Risks
- Docs assume offline/air-gap posture; dashboards provided as JSON for local import.
- Keep TASKS board and sprint in sync to avoid drift; update both on status changes.
- Observability stub awaits finalized metrics contract; panels are placeholders until metrics land.
## Next Checkpoints
- 2025-12-05 · Populate Grafana panels once metrics contract finalizes; update runbook and sprint log. Owner: Ops Guild.

48
docs/implplan/documentation-sprints/SPRINT_0333_0001_0001_docs_modules_excititor.md Normal file
View File

@@ -0,0 +1,48 @@
# Sprint 0333 · Docs Modules · Excititor
## Topic & Scope
- Refresh Excititor module docs (README, architecture, implementation plan, runbooks) to match current consensus/linkset posture and offline evidence flows.
- Mirror statuses between this sprint and the module TASKS board.
- Capture observability/runbook evidence from latest demo and keep references to chunk API/OpenAPI once frozen.
- **Working directory:** `docs/modules/excititor`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- Documentation-only; can proceed in parallel once API/CI artifacts are available.
## Documentation Prerequisites
- `docs/modules/excititor/AGENTS.md`
- `docs/modules/excititor/README.md`
- `docs/modules/excititor/architecture.md`
- `docs/modules/excititor/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | EXCITOR-DOCS-0001 | DONE (2025-11-07) | Validate README vs release notes. | Docs Guild (`docs/modules/excitor`) | Validate that `docs/modules/excitor/README.md` matches latest release notes and consensus beta notes. |
| 2 | EXCITOR-OPS-0001 | DONE (2025-11-07) | Checklist in `docs/modules/excitor/mirrors.md`. | Ops Guild (`docs/modules/excitor`) | Review runbooks/observability assets and add mirror checklist. |
| 3 | EXCITOR-ENG-0001 | DONE (2025-11-07) | Keep implementation plan aligned. | Module Team (`docs/modules/excitor`) | Ensure implementation plan sprint alignment table stays current with SPRINT_200 updates. |
| 4 | EXCITITOR-DOCS-0001 | BLOCKED (2025-11-19) | Waiting on chunk API CI validation + console contracts; OpenAPI freeze pending. | Docs Guild (`docs/modules/excititor`) | Finalize docs after chunk API CI passes and OpenAPI is frozen. |
| 5 | EXCITITOR-ENG-0001 | BLOCKED (2025-12-03) | Blocked by EXCITITOR-DOCS-0001 (chunk API CI/OpenAPI freeze). | Module Team (`docs/modules/excititor`) | Update engineering notes and alignment once EXCITITOR-DOCS-0001 unblocks. |
| 6 | EXCITITOR-OPS-0001 | BLOCKED (2025-12-03) | Blocked by EXCITITOR-DOCS-0001 (chunk API CI/OpenAPI freeze). | Ops Guild (`docs/modules/excititor`) | Reflect observability/runbook updates after OpenAPI freeze. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-12-03 | Marked EXCITITOR-ENG-0001 and EXCITITOR-OPS-0001 BLOCKED pending EXCITITOR-DOCS-0001 (chunk API CI/OpenAPI freeze). Status mirrored to module TASKS board. | Project Mgmt |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_333_docs_modules_excititor.md`; added compatibility stub. | Docs Guild |
| 2025-11-07 | Marked EXCITOR-DOCS-0001/OPS-0001/ENG-0001 as DONE after README, runbook checklist, and implementation plan sync. | Module Team |
| 2025-11-19 | EXCITITOR-DOCS-0001 set to BLOCKED pending chunk API CI and OpenAPI freeze. | Docs Guild |
| 2025-12-05 | Added `docs/modules/excititor/OPENAPI_FREEZE_CHECKLIST.md` defining freeze gate (CI green, pinned OpenAPI, hashed samples) to unblock EXCITITOR-DOCS-0001. Tasks remain BLOCKED until criteria met. | Docs Guild |
| 2025-12-05 | Added stub paths for chunk API assets (`docs/modules/excititor/api/` with `SHA256SUMS` + `samples/`) so hashes can be recorded immediately when the OpenAPI freeze lands; EXCITITOR-DOCS-0001 still BLOCKED. | Docs Guild |
## Decisions & Risks
- EXCITITOR-DOCS-0001 blocked on chunk API CI validation and OpenAPI freeze; downstream ops/eng tasks stay TODO until resolved. Freeze gate captured in `docs/modules/excititor/OPENAPI_FREEZE_CHECKLIST.md` (CI green, pinned spec, hashed samples).
- Mirror statuses in `docs/modules/excititor/TASKS.md` to avoid drift between sprint and module board.
- Offline posture must be maintained; dashboards should remain importable without external services.
## Next Checkpoints
- 2025-12-05 · Reassess chunk API CI and OpenAPI freeze; if green, unblock EXCITITOR-DOCS-0001 and propagate updates. Owner: Docs Guild.

45
docs/implplan/documentation-sprints/SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md Normal file
View File

@@ -0,0 +1,45 @@
# Sprint 0334 · Docs Modules · Vuln Explorer
## Topic & Scope
- Refresh Vuln Explorer module docs (README, architecture, implementation plan, runbooks) to match current roadmap, VEX-first triage UX, and offline evidence/export flows.
- Add observability/runbook evidence from the latest demo and keep sprint alignment notes in sync with active Vuln Explorer deliveries.
- Ensure doc front doors link to supporting artefacts (OpenAPI draft, schemas, sprint plan, task board) for deterministic onboarding.
- **Working directory:** `docs/modules/vuln-explorer`.
## Dependencies & Concurrency
- Upstream context: Sprint 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency once prerequisite docs are available; tasks are documentation-only.
## Documentation Prerequisites
- `docs/modules/vuln-explorer/AGENTS.md`
- `docs/modules/vuln-explorer/README.md`
- `docs/modules/vuln-explorer/architecture.md`
- `docs/modules/vuln-explorer/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | VULNERABILITY-EXPLORER-DOCS-0001 | DONE (2025-11-30) | Validate module docs against latest roadmap/releases. | Docs Guild (`docs/modules/vuln-explorer`) | Validated module docs and added evidence links (OpenAPI draft, schemas, sprint references). |
| 2 | VULNERABILITY-EXPLORER-OPS-0001 | DONE (2025-11-30) | Gather observability outputs from latest demo. | Ops Guild (`docs/modules/vuln-explorer`) | Documented observability/runbook outputs and offline dashboard stub in module docs. |
| 3 | VULNERABILITY-EXPLORER-ENG-0001 | DONE (2025-11-30) | Sync sprint alignment notes across Vuln Explorer streams. | Module Team (`docs/modules/vuln-explorer`) | Synced sprint alignment notes and task mirrors across module docs and TASKS board. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template and renamed from `SPRINT_334_docs_modules_vuln_explorer.md` to `SPRINT_0334_0001_0001_docs_modules_vuln_explorer.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed VULNERABILITY-EXPLORER-DOCS-0001: refreshed README latest updates, observability references, architecture cross-links, and added sprint/API/schema evidence. | Docs Guild |
| 2025-11-30 | Completed VULNERABILITY-EXPLORER-OPS-0001: added offline observability runbook + dashboard stub (`runbooks/observability.md`, `runbooks/dashboards/vuln-explorer-observability.json`). | Ops Guild |
| 2025-11-30 | Completed VULNERABILITY-EXPLORER-ENG-0001: created module `TASKS.md` mirror and sprint alignment notes in implementation plan. | Module Team |
## Decisions & Risks
- Docs refresh depends on latest Vuln Explorer roadmap and demo artefacts; stale inputs risk inaccurate guidance.
- Observability/runbook updates must remain offline-friendly (no external dashboards).
- Maintain Aggregation-Only Contract references to avoid implying merge/consensus semantics in docs.
- Keep module `TASKS.md` and this sprint in lockstep to avoid drift; mirror updates when new doc work starts.
## Next Checkpoints
- 2025-12-02 · Confirm observability/demo artefacts and finalize runbook updates. Owner: Ops Guild.
- 2025-12-03 · Validate doc cross-links (OpenAPI, schemas, sprint references) and close VULNERABILITY-EXPLORER-DOCS-0001. Owner: Docs Guild.

43
docs/implplan/documentation-sprints/SPRINT_0335_0001_0001_docs_modules_zastava.md Normal file
View File

@@ -0,0 +1,43 @@
# Sprint 0335 · Docs Modules · Zastava
## Topic & Scope
- Refresh Zastava module docs (README, architecture, implementation plan, runbooks) to reflect current runtime posture, Surface.Env/Surface.Secrets adoption, and offline kit integration.
- Stand up a TASKS board and mirror statuses with this sprint.
- Add observability/runbook stub for the latest demo and keep links to Surface contracts.
- **Working directory:** `docs/modules/zastava`.
## Dependencies & Concurrency
- Upstream reference sprints: 100.A (Attestor), 110.A (AdvisoryAI), 120.A (AirGap), 130.A (Scanner), 140.A (Graph), 150.A (Orchestrator), 160.A (Evidence Locker), 170.A (Notifier), 180.A (CLI), 190.A (Ops Deployment).
- No blocking concurrency; documentation-only refresh.
## Documentation Prerequisites
- `docs/modules/zastava/AGENTS.md`
- `docs/modules/zastava/README.md`
- `docs/modules/zastava/architecture.md`
- `docs/modules/zastava/implementation_plan.md`
- `docs/modules/platform/architecture-overview.md`
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
## Delivery Tracker
| # | Task ID | Status | Key dependency / next step | Owners | Task Definition |
| --- | --- | --- | --- | --- | --- |
| 1 | ZASTAVA-DOCS-0001 | DONE (2025-11-30) | Refresh module docs per latest Surface.Env/Surface.Secrets posture. | Docs Guild (`docs/modules/zastava`) | Refresh Zastava module docs with current runtime policy, Surface Env/Secrets notes, and offline kit hooks. |
| 2 | ZASTAVA-ENG-0001 | DONE (2025-11-30) | Mirror sprint ↔ TASKS status. | Module Team (`docs/modules/zastava`) | Create TASKS board and keep statuses in sync. |
| 3 | ZASTAVA-OPS-0001 | DONE (2025-11-30) | Add observability/runbook stub. | Ops Guild (`docs/modules/zastava`) | Document observability/runbook stub and offline dashboard JSON. |
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2025-11-30 | Normalised sprint to standard template; renamed from `SPRINT_335_docs_modules_zastava.md`; added compatibility stub. | Docs Guild |
| 2025-11-30 | Completed ZASTAVA-DOCS-0001: refreshed README latest updates, added Surface Env/Secrets references, and sprint links. | Docs Guild |
| 2025-11-30 | Completed ZASTAVA-ENG-0001: created TASKS board; mirrored statuses. | Module Team |
| 2025-11-30 | Completed ZASTAVA-OPS-0001: added observability runbook stub and dashboard placeholder. | Ops Guild |
## Decisions & Risks
- Surface.Env/Surface.Secrets contracts must remain aligned with platform docs; update both sprint and TASKS if contracts shift.
- Offline-friendly dashboards only; avoid external dependencies.
- Keep sprint and TASKS mirrored to avoid drift.
## Next Checkpoints
- 2025-12-05 · Populate Grafana panels once metrics contract finalizes; update runbook + sprint log. Owner: Ops Guild.