docs consolidation, big sln build fixes, new advisories and sprints/tasks
This commit is contained in:
master
@@ -320,4 +320,4 @@ When schemas/adapters change:
|
||||
- Sprint: `docs/implplan/SPRINT_0186_0001_0001_record_deterministic_execution.md` (SC10)
|
||||
- Roadmap: `docs/modules/scanner/design/standards-convergence-roadmap.md` (SC1)
|
||||
- Governance: `docs/modules/scanner/design/schema-governance.md` (SC9)
|
||||
- Offline Operation: `docs/24_OFFLINE_KIT.md`
|
||||
- Offline Operation: `docs/OFFLINE_KIT.md`
|
||||
|
||||
@@ -277,4 +277,4 @@ Stripped binaries may lack Build-IDs. Options:
|
||||
- [BinaryIndex Architecture](../../binaryindex/architecture.md)
|
||||
- [Scanner Architecture](../architecture.md)
|
||||
- [Proof Chain Specification](../../attestor/proof-chain-specification.md)
|
||||
- [CLI Reference](../../../09_API_CLI_REFERENCE.md)
|
||||
- [CLI Reference](../../../API_CLI_REFERENCE.md)
|
||||
|
||||
@@ -411,4 +411,4 @@ var payload = await _payloadStore.GetAsync(artifact.Uri, ct);
|
||||
- [Surface.FS Design](../design/surface-fs.md)
|
||||
- [Surface.Env Design](../design/surface-env.md)
|
||||
- [Surface.Validation Guide](./surface-validation-extensibility.md)
|
||||
- [Offline Kit Documentation](../../../../24_OFFLINE_KIT.md)
|
||||
- [Offline Kit Documentation](../../../../OFFLINE_KIT.md)
|
||||
|
||||
@@ -23,7 +23,7 @@
|
||||
| Rekor v2 (managed or self-hosted) | Transparency log providing UUIDs + inclusion proofs. | `docs/ops/rekor/README.md` (if self-hosted) |
|
||||
| `StellaOps.Scanner` (WebService/Worker) | Requests attestations per scan, stores Rekor metadata next to SBOM artefacts. | `docs/modules/scanner/architecture.md` |
|
||||
| Export Center | Packages DSSE payloads + proofs into Offline Kit bundles and mirrors license notices. | `docs/modules/export-center/architecture.md` |
|
||||
| Policy Engine + CLI | Enforce “attested only” promotion, expose CLI verification verbs. | `docs/modules/policy/architecture.md`, `docs/09_API_CLI_REFERENCE.md` |
|
||||
| Policy Engine + CLI | Enforce “attested only” promotion, expose CLI verification verbs. | `docs/modules/policy/architecture.md`, `docs/API_CLI_REFERENCE.md` |
|
||||
|
||||
---
|
||||
|
||||
@@ -210,4 +210,4 @@ stellaops-cli attest verify --envelope artifacts/scan123/attest/sbom.dsse.json \
|
||||
- Scanner architecture (§Signer → Attestor → Rekor): `docs/modules/scanner/architecture.md`
|
||||
- Export Center profiles: `docs/modules/export-center/architecture.md`
|
||||
- Policy Engine predicates: `docs/modules/policy/architecture.md`
|
||||
- CLI reference: `docs/09_API_CLI_REFERENCE.md`
|
||||
- CLI reference: `docs/API_CLI_REFERENCE.md`
|
||||
|
||||
@@ -371,5 +371,5 @@ The bundle was created without the `--sign` flag. Either:
|
||||
- `docs/modules/policy/secret-leak-detection-readiness.md`
|
||||
- `docs/benchmarks/scanner/deep-dives/secrets.md`
|
||||
- `docs/modules/scanner/design/surface-secrets.md`
|
||||
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md` - Runtime inventory (Scanner)
|
||||
- `docs/ARCHITECTURE_OVERVIEW.md` - Runtime inventory (Scanner)
|
||||
- [Secrets Bundle Rotation](./secrets-bundle-rotation.md)
|
||||
|
||||
Reference in New Issue
Block a user