docs consolidation work

docs/modules/excititor/AGENTS.md

@@ -16,7 +16,7 @@ Excititor converts heterogeneous VEX feeds into raw observations and linksets th
 4. Coordinate cross-module changes in the main /AGENTS.md description and through the sprint plan.
 
 ## Guardrails
-- Honour the Aggregation-Only Contract where applicable (see ../../ingestion/aggregation-only-contract.md).
+- Honour the Aggregation-Only Contract where applicable (see ../../aoc/aggregation-only-contract.md).
 - Preserve determinism: sort outputs, normalise timestamps (UTC ISO-8601), and avoid machine-specific artefacts.
 - Keep Offline Kit parity in mind—document air-gapped workflows for any new feature.
 - Update runbooks/observability assets when operational characteristics change.

docs/modules/excititor/README.md

@@ -6,17 +6,17 @@ Excititor converts heterogeneous VEX feeds into raw observations and linksets th
 - Chunk API documentation remains blocked until CI is green and a pinned OpenAPI spec + deterministic samples are available.
 - Sprint tracker `docs/implplan/SPRINT_0333_0001_0001_docs_modules_excititor.md` and module `TASKS.md` mirror status.
 - Observability/runbook assets remain in `operations/observability.md` and `observability/` (timeline, locker manifests); dashboards stay offline-import friendly.
-- Prior updates (2025-11-05): Link-Not-Merge readiness and consensus beta note (`../../updates/2025-11-05-excitor-consensus-beta.md`), observability guide additions, DSSE packaging guidance, and Policy/CLI follow-ups tracked in SPRINT_200.
-- Link-Not-Merge readiness: release note [Excitor consensus beta](../../updates/2025-11-05-excitor-consensus-beta.md) captures how Excititor feeds power the Excititor consensus beta (sample payload in [consensus JSON](../../vex/consensus-json.md)).
+- Prior updates (2025-11-05): Link-Not-Merge readiness and consensus beta note (`../../implplan/archived/updates/2025-11-05-excitor-consensus-beta.md`), observability guide additions, DSSE packaging guidance, and Policy/CLI follow-ups tracked in SPRINT_200.
+- Link-Not-Merge readiness: release note [Excitor consensus beta](../../implplan/archived/updates/2025-11-05-excitor-consensus-beta.md) captures how Excititor feeds power the Excititor consensus beta (sample payload in [consensus JSON](../../vex/consensus-json.md)).
 - Added [observability guide](operations/observability.md) describing the evidence metrics emitted by `EXCITITOR-AIAI-31-003` (request counters, statement histogram, signature status, guard violations) so Ops/Lens can alert on misuse.
 - README now points policy/UI teams to the upcoming consensus integration work.
-- DSSE packaging for consensus bundles and Export Center hooks are documented in the [beta release note](../../updates/2025-11-05-excitor-consensus-beta.md); operators mirroring Excititor exports must verify detached JWS artefacts (`bundle.json.jws`) alongside each bundle.
+- DSSE packaging for consensus bundles and Export Center hooks are documented in the [beta release note](../../implplan/archived/updates/2025-11-05-excitor-consensus-beta.md); operators mirroring Excititor exports must verify detached JWS artefacts (`bundle.json.jws`) alongside each bundle.
 - Follow-ups called out in the release note (Policy weighting knobs `POLICY-ENGINE-30-101`, CLI verb `CLI-VEX-30-002`) remain in-flight and are tracked in `/docs/implplan/SPRINT_200_documentation_process.md`.
 
 ## Release references
 - Consensus beta payload reference: [docs/vex/consensus-json.md](../../vex/consensus-json.md)
 - Export Center offline packaging: [docs/modules/export-center/devportal-offline.md](../export-center/devportal-offline.md)
-- Historical release log: [docs/updates/](../../updates/)
+- Historical release log: [docs/implplan/archived/updates/](../../implplan/archived/updates/)
 
 ## Responsibilities
 - Fetch OpenVEX/CSAF/CycloneDX statements via restart-only connectors.

docs/modules/excititor/schemas/vex_raw.schema.json

@@ -2,6 +2,7 @@
   "$schema": "http://json-schema.org/draft-07/schema#",
   "$id": "https://stellaops.dev/schemas/excititor/vex_raw.schema.json",
   "title": "Excititor VEX Raw Document",
+  "$comment": "Note (2025-12): The gridFsObjectId field is legacy. Since Sprint 4400, all large content is stored in PostgreSQL with RustFS. This field exists only for backward compatibility with migrated data.",
   "type": "object",
   "additionalProperties": true,
   "required": ["_id", "providerId", "format", "sourceUri", "retrievedAt", "digest"],

docs/modules/excititor/vex_observations.md

@@ -1,6 +1,6 @@
 # VEX Observation Model (`vex_observations`)
 
-> Authored 2025-11-14 for Sprint 120 (`EXCITITOR-LNM-21-001`). This document is the canonical schema description for Excititor’s immutable observation records. It unblocks downstream documentation tasks (`DOCS-LNM-22-002`) and aligns the WebService/Worker data structures with Mongo persistence.
+> Authored 2025-11-14 for Sprint 120 (`EXCITITOR-LNM-21-001`). This document is the canonical schema description for Excititor's immutable observation records. It unblocks downstream documentation tasks (`DOCS-LNM-22-002`) and aligns the WebService/Worker data structures with PostgreSQL persistence.
 
 Excititor ingests heterogeneous VEX statements, normalizes them under the Aggregation-Only Contract (AOC), and persists each normalized statement as a **VEX observation**. These observations are the source of truth for:
 
@@ -15,7 +15,7 @@ All observation documents are immutable. New information creates a new observati
 
 | Aspect | Value |
 | --- | --- |
-| Collection | `vex_observations` (Mongo) |
+| Table | `vex_observations` (PostgreSQL) |
 | Upstream generator | `VexObservationProjectionService` (WebService) and Worker normalization pipeline |
 | Primary key | `{tenant, observationId}` |
 | Required indexes | `{tenant, vulnerabilityId}`, `{tenant, productKey}`, `{tenant, document.digest}`, `{tenant, providerId, status}` |
@@ -114,7 +114,7 @@ All observation documents are immutable. New information creates a new observati
 2. **Sorted collections** – arrays (`anchors`, `purls`, `cpes`) are sorted lexicographically before persistence.
 3. **Guard metadata** – `aoc.guardVersion` records the guard library version (`docs/aoc/guard-library.md`), enabling audits.
 4. **Signatures** – only verification metadata proven by the Worker is stored; WebService never recomputes trust.
-5. **Time normalization** – all timestamps stored as UTC ISO-8601 strings (Mongo `DateTime`).
+5. **Time normalization** – all timestamps stored as UTC ISO-8601 strings (PostgreSQL `timestamptz`).
 
 ## API mapping