stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

up
Some checks failed
api-governance / spectral-lint (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
oas-ci / oas-validate (push) Has been cancelled
Details
SDK Publish & Sign / sdk-publish (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Policy Simulation / policy-simulate (push) Has been cancelled
Details
devportal-offline / build-offline (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-11-26 20:23:28 +02:00
parent 4831c7fcb0
commit d63af51f84
139 changed files with 8010 additions and 2795 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Policy/__Libraries/StellaOps.Policy/Schemas/spl-sample@1.json
View File

@@ -24,6 +24,10 @@
"epss": 0.42,
"kev": false
},
"weighting": {
"reachability": 1.0,
"exploitability": 0.9
},
"conditions": [
{
"field": "request.tenant",

18
src/Policy/__Libraries/StellaOps.Policy/Schemas/spl-schema@1.json
View File

@@ -111,6 +111,24 @@
}
}
},
"weighting": {
"type": "object",
"additionalProperties": false,
"properties": {
"reachability": {
"type": "number",
"minimum": 0,
"maximum": 1,
"description": "Multiplier to apply when reachability is present (default 1)."
},
"exploitability": {
"type": "number",
"minimum": 0,
"maximum": 1,
"description": "Multiplier to apply when exploitability evidence exists (default 1)."
}
}
},
"conditions": {
"type": "array",
"items": {

1
src/Policy/__Libraries/StellaOps.Policy/TASKS.completed.md
View File

@@ -8,3 +8,4 @@
| POLICY-SPL-23-003 | DONE (2025-11-26) | Policy Guild | POLICY-SPL-23-002 | Layering/override engine + tests. | `SplLayeringEngine` merges base/overlay with deterministic output and metadata merge; covered by `SplLayeringEngineTests`. |
| POLICY-SPL-23-004 | DONE (2025-11-26) | Policy Guild, Audit Guild | POLICY-SPL-23-003 | Explanation tree model + persistence hooks. | `PolicyExplanation`/`PolicyExplanationNode` produced from evaluation with structured nodes; persistence ready for follow-on wiring. |
| POLICY-SPL-23-005 | DONE (2025-11-26) | Policy Guild, DevEx Guild | POLICY-SPL-23-004 | Migration tool to baseline SPL packs. | `SplMigrationTool` converts PolicyDocument to canonical SPL JSON; covered by `SplMigrationToolTests`. |
| POLICY-SPL-24-001 | DONE (2025-11-26) | Policy Guild, Signals Guild | POLICY-SPL-23-005 | Extend SPL with reachability/exploitability predicates. | SPL schema/sample extended with reachability + exploitability, schema guard tests added. |