docs re-org, audit fixes, build fixes

docs/technical/architecture/README.md

@@ -3,11 +3,11 @@
 Use this index to locate platform-level architecture references and per-module dossiers.
 
 ## Core views
-- [Architecture overview (10-minute tour)](../../40_ARCHITECTURE_OVERVIEW.md)
-- [High-level architecture (reference map)](../../07_HIGH_LEVEL_ARCHITECTURE.md)
+- [Architecture overview (10-minute tour)](../../ARCHITECTURE_OVERVIEW.md)
+- [High-level architecture (reference map)](../../ARCHITECTURE_REFERENCE.md)
 - [Scanner core contracts](../../scanner-core-contracts.md)
-- [Authority (legacy overview)](../../11_AUTHORITY.md)
-- [Console operator guide](../../15_UI_GUIDE.md) and deep dives under [console](../../console/) and [ux](../../ux/)
+- [Authority (legacy overview)](../../AUTHORITY.md)
+- [Console operator guide](../../UI_GUIDE.md) and deep dives under [console](../../console/) and [ux](../../ux/)
 - [Component map](component-map.md) (quick descriptions of every module under `src/`)
 
 ## Detailed references

docs/technical/architecture/component-map.md

@@ -5,7 +5,7 @@ Concise descriptions of every top-level component under `src/`, summarising the
 ## Advisory & Evidence Services
 - **AdvisoryAI** — Experimental intelligence helpers that summarise and prioritise advisory data for humans. Ingests canonical observations from Concelier/Excititor, adds explainable insights, and feeds UI/CLI and Policy workflows. See `docs/modules/advisory-ai/architecture.md`.
 - **Concelier** — Canonical advisory ingestion engine enforcing the Aggregation-Only Contract (AOC). Produces immutable observations/linksets consumed by Policy Engine, Graph, Scheduler, and Export Center. Docs in `docs/modules/concelier/architecture.md` and `docs/aoc/aggregation-only-contract.md`.
-- **Excititor** — VEX statement normaliser applying AOC guardrails. Supplies VEX observations to Policy Engine, VEX Lens, Scheduler, and UI. Reference `docs/modules/excititor/architecture.md` and `docs/16_VEX_CONSENSUS_GUIDE.md`.
+- **Excititor** — VEX statement normaliser applying AOC guardrails. Supplies VEX observations to Policy Engine, VEX Lens, Scheduler, and UI. Reference `docs/modules/excititor/architecture.md` and `docs/VEX_CONSENSUS_GUIDE.md`.
 - **VexLens** — Provides focused exploration of VEX evidence, conflict analysis, and waiver insights for UI/CLI. Backed by Excititor and Policy Engine (`docs/modules/vex-lens/architecture.md`).
 - **EvidenceLocker** — Long-term store for signed evidence bundles (DSSE, SRM, policy waivers). Integrates with Attestor, Export Center, Policy, and replay tooling (`docs/forensics/evidence-locker.md`). 
 - **ExportCenter** — Packages reproducible evidence bundles and mirror artefacts for online/offline distribution. Pulls from Concelier, Excititor, Policy, Scanner, Attestor, and Registry (`docs/modules/export-center/architecture.md`). 
@@ -26,7 +26,7 @@ Concise descriptions of every top-level component under `src/`, summarising the
 - **Governance components** (Authority scopes, Policy governance, Console policy UI) are covered in `docs/security/policy-governance.md` and `docs/modules/ui/policies.md`.
 
 ## Identity, Signing & Provenance
-- **Authority** — Identity provider issuing short-lived OpToks, enforcing scopes/tenancy, and powering every module’s authentication story (`docs/11_AUTHORITY.md`, `docs/modules/authority/architecture.md`). 
+- **Authority** — Identity provider issuing short-lived OpToks, enforcing scopes/tenancy, and powering every module's authentication story (`docs/AUTHORITY.md`, `docs/modules/authority/architecture.md`). 
 - **Signer** — DSSE signing backend supporting keyless/keyful modes with Authority-managed trust roots (`docs/modules/signer/architecture.md`). 
 - **Attestor** — Manages proof bundles, optional Rekor mirror, and distribution to consumers (`docs/modules/attestor/architecture.md`). 
 - **Provenance** — Utilities and services for DSSE/SLSA provenance verification, consumed by Export Center, EvidenceLocker, and Replay (`docs/modules/export-center/provenance-and-signing.md`). 
@@ -49,10 +49,10 @@ Concise descriptions of every top-level component under `src/`, summarising the
 - **Registry** — Anonymous registry/token service hosting platform images and Offline Kit artefacts (`docs/modules/registry/architecture.md`). 
 - **Zastava** — Runtime observer/admission controller ensuring signed images, SBOM availability, and policy verdict enforcement in live clusters (`docs/modules/zastava/architecture.md`). 
 - **Signals** (shared above) plus runtime components integrate tightly with Zastava and Policy Engine. 
-- **Bench** — Performance benchmarking toolset validating platform SLAs (`docs/12_PERFORMANCE_WORKBOOK.md`). 
+- **Bench** — Performance benchmarking toolset validating platform SLAs (`docs/PERFORMANCE_WORKBOOK.md`). 
 
 ## Offline, Telemetry & Infrastructure
-- **AirGap** — Bundles Offline Update Kits, enforces sealed-mode operations, and distributes trust roots/feeds (`docs/24_OFFLINE_KIT.md`, `docs/airgap/`). 
+- **AirGap** — Bundles Offline Update Kits, enforces sealed-mode operations, and distributes trust roots/feeds (`docs/OFFLINE_KIT.md`, `docs/airgap/`). 
 - **Telemetry** — OpenTelemetry collector/storage deployment tooling, observability integrations, and offline metrics packages (`docs/modules/telemetry/architecture.md`, `docs/observability/`). 
 - **Mirror** and **ExportCenter** (above) complement AirGap by keeping offline mirrors in sync. 
 - **Tools** — Collection of utility programs (fixture generators, smoke tests, migration scripts) supporting all modules (`docs/dev/fixtures.md`, module-specific tooling sections). 
@@ -67,7 +67,7 @@ Concise descriptions of every top-level component under `src/`, summarising the
 - **Aoc** library (mentioned above) is reused by ingestion components and verification tooling to enforce the Aggregation-Only Contract. 
 
 ## How It All Connects
-High-level flows (see `docs/40_ARCHITECTURE_OVERVIEW.md` for the 10-minute tour):
+High-level flows (see `docs/ARCHITECTURE_OVERVIEW.md` for the 10-minute tour):
 1. **Ingest** — Concelier and Excititor use AOC to ingest advisories/VEX; Scheduler observes deltas. 
 2. **Scan & Evaluate** — Scanner generates SBOM evidence and hands to Signer/Attestor; Policy Engine merges SBOM, advisory, VEX, runtime signals; RiskEngine prioritises. 
 3. **Store & Export** — EvidenceLocker and Export Center package results; Registry serves artefacts; AirGap bundles offline editions. 

docs/technical/architecture/sbom-analyzer-inventory.md

@@ -88,11 +88,11 @@ This document provides a complete inventory of all analyzers used in StellaOps S
 │  2. Parse legacy packages.config XML                                    │
 │  3. Parse *.deps.json for runtime dependencies                          │
 │  4. Resolve transitive dependencies from asset files                    │
-│  5. Extract framework targeting (net6.0, net8.0, etc.)                  │
+│  5. Extract framework targeting (net8.0, net10.0, etc.)                 │
 │                                                                          │
 │  PURL Format:                                                           │
 │  pkg:nuget/Newtonsoft.Json@13.0.1                                       │
-│  pkg:nuget/Microsoft.Extensions.Logging@8.0.0?framework=net8.0          │
+│  pkg:nuget/Microsoft.Extensions.Logging@10.0.0?framework=net10.0        │
 │                                                                          │
 │  Special Handling:                                                       │
 │  • Framework-specific dependencies                                      │

docs/technical/development/README.md

@@ -3,15 +3,15 @@
 Resources for contributors building features, plug-ins, connectors, and tests.
 
 ## Engineering Standards & Quality
-- [../18_CODING_STANDARDS.md](../../18_CODING_STANDARDS.md) – language guidelines, project layout, review expectations.
-- [../19_TEST_SUITE_OVERVIEW.md](../../19_TEST_SUITE_OVERVIEW.md) – unit, integration, golden, and determinism test strategy.
-- [../12_PERFORMANCE_WORKBOOK.md](../../12_PERFORMANCE_WORKBOOK.md) – benchmark targets and reference rigs.
+- [../CODING_STANDARDS.md](../../CODING_STANDARDS.md) – language guidelines, project layout, review expectations.
+- [../TEST_SUITE_OVERVIEW.md](../../TEST_SUITE_OVERVIEW.md) – unit, integration, golden, and determinism test strategy.
+- [../PERFORMANCE_WORKBOOK.md](../../PERFORMANCE_WORKBOOK.md) – benchmark targets and reference rigs.
 - [../cli-vs-ui-parity.md](../../cli-vs-ui-parity.md) – CLI vs Console feature parity tracking.
 - [../scanner-core-contracts.md](../../scanner-core-contracts.md) – DTO fixtures consumed by tests.
 
 ## Plug-ins, Connectors & Extensions
-- [../10_PLUGIN_SDK_GUIDE.md](../../10_PLUGIN_SDK_GUIDE.md) – plug-in lifecycle, manifests, packaging.
-- [../10_CONCELIER_CLI_QUICKSTART.md](../../10_CONCELIER_CLI_QUICKSTART.md) – local Concelier + CLI workflow for advisory ingestion.
+- [../PLUGIN_SDK_GUIDE.md](../../PLUGIN_SDK_GUIDE.md) – plug-in lifecycle, manifests, packaging.
+- [../CONCELIER_CLI_QUICKSTART.md](../../CONCELIER_CLI_QUICKSTART.md) – local Concelier + CLI workflow for advisory ingestion.
 - Developer guides under [../dev/](../../dev/):
   - Connector playbooks (`30_EXCITITOR_CONNECTOR_GUIDE.md`, `kisa_connector_notes.md`).
   - Authority and DPoP guidance (`31_AUTHORITY_PLUGIN_DEVELOPER_GUIDE.md`, `32_AUTH_CLIENT_GUIDE.md`).
@@ -20,7 +20,7 @@ Resources for contributors building features, plug-ins, connectors, and tests.
   - Operational templates and fixtures (`templates/`, `fixtures.md`).
 
 ## CLI, SDKs & Automation
-- [../09_API_CLI_REFERENCE.md](../../09_API_CLI_REFERENCE.md) – authoritative CLI commands and flags (use for scripting).
+- [../API_CLI_REFERENCE.md](../../API_CLI_REFERENCE.md) – authoritative CLI commands and flags (use for scripting).
 - [../api/sdk-openapi-program.md](../../api/sdk-openapi-program.md) – guidance for downstream SDK generation.
 - [../policy/gateway.md](../../policy/gateway.md) & [../policy/dsl.md](../../policy/dsl.md) – foundations for automating policy programs.
 

docs/technical/operations/README.md

@@ -3,22 +3,22 @@
 Deployment, runtime operations, and air-gap playbooks for running Stella Ops in production.
 
 ## Install & Upgrade
-- [../21_INSTALL_GUIDE.md](../../21_INSTALL_GUIDE.md) – canonical install guide (Docker, air-gap considerations).
+- [../INSTALL_GUIDE.md](../../INSTALL_GUIDE.md) – canonical install guide (Docker, air-gap considerations).
 - [../operations/console-docker-install.md](../../operations/console-docker-install.md) – Docker install recipes.
 - [../deploy/containers.md](../../deploy/containers.md) – container deployment guidance for AOC environments.
 - [../deploy/console.md](../../deploy/console.md) – console deployment specifics.
-- [../13_RELEASE_ENGINEERING_PLAYBOOK.md](../../13_RELEASE_ENGINEERING_PLAYBOOK.md) – release automation, signing, reproducibility.
+- [../RELEASE_ENGINEERING_PLAYBOOK.md](../../RELEASE_ENGINEERING_PLAYBOOK.md) – release automation, signing, reproducibility.
 - [../artifacts/bom-index/README.md](../../artifacts/bom-index/README.md) – BOM index artifact layout for Offline Kit exports.
 
 ## Offline & Sovereign Operations
 - [../quickstart.md](../../quickstart.md) – 5-minute path to first scan (useful for smoke testing installs).
-- [../24_OFFLINE_KIT.md](../../24_OFFLINE_KIT.md) – bundle contents, import/export workflow.
+- [../OFFLINE_KIT.md](../../OFFLINE_KIT.md) – bundle contents, import/export workflow.
 - [../airgap/airgap-mode.md](../../airgap/airgap-mode.md) – configuration for sealed environments.
 - [../license-jwt-quota.md](../../license-jwt-quota.md) – offline quota token lifecycle.
-- [../10_CONCELIER_CLI_QUICKSTART.md](../../10_CONCELIER_CLI_QUICKSTART.md) – workstation ingest/export workflow (operators).
+- [../CONCELIER_CLI_QUICKSTART.md](../../CONCELIER_CLI_QUICKSTART.md) – workstation ingest/export workflow (operators).
 
 ## Hardening & Governance
-- [../17_SECURITY_HARDENING_GUIDE.md](../../17_SECURITY_HARDENING_GUIDE.md) – platform hardening checklist.
+- [../SECURITY_HARDENING_GUIDE.md](../../SECURITY_HARDENING_GUIDE.md) – platform hardening checklist.
 - [../accessibility.md](../../accessibility.md) – accessibility checklist for console deployments.
 - [../security/console-security.md](../../security/console-security.md) – console-specific controls.
 - [../security/authority-scopes.md](../../security/authority-scopes.md) – Authority scope model.

docs/technical/security/README.md

@@ -3,13 +3,13 @@
 Authoritative sources for threat models, governance, compliance, and security operations.
 
 ## Policies & Governance
-- [../13_SECURITY_POLICY.md](../../13_SECURITY_POLICY.md) – responsible disclosure, support windows.
-- [../11_GOVERNANCE.md](../../11_GOVERNANCE.md) – project governance charter.
-- [../12_CODE_OF_CONDUCT.md](../../12_CODE_OF_CONDUCT.md) – community expectations.
-- [../17_SECURITY_HARDENING_GUIDE.md](../../17_SECURITY_HARDENING_GUIDE.md) – deployment hardening steps.
+- [../SECURITY_POLICY.md](../../SECURITY_POLICY.md) – responsible disclosure, support windows.
+- [../GOVERNANCE.md](../../GOVERNANCE.md) – project governance charter.
+- [../CODE_OF_CONDUCT.md](../../CODE_OF_CONDUCT.md) – community expectations.
+- [../SECURITY_HARDENING_GUIDE.md](../../SECURITY_HARDENING_GUIDE.md) – deployment hardening steps.
 - [../security/policy-governance.md](../../security/policy-governance.md) – policy governance specifics.
-- [../29_LEGAL_FAQ_QUOTA.md](../../29_LEGAL_FAQ_QUOTA.md) – legal interpretation of quota.
-- [../33_333_QUOTA_OVERVIEW.md](../../33_333_QUOTA_OVERVIEW.md) – quota policy reference.
+- [../LEGAL_FAQ_QUOTA.md](../../LEGAL_FAQ_QUOTA.md) – legal interpretation of quota.
+- [../QUOTA_OVERVIEW.md](../../QUOTA_OVERVIEW.md) – quota policy reference.
 - [../risk/risk-profiles.md](../../risk/risk-profiles.md) – organisational risk personas.
 
 ## Threat Models & Security Architecture
@@ -25,8 +25,8 @@ Authoritative sources for threat models, governance, compliance, and security op
 - [../security/audit-events.md](../../security/audit-events.md) – audit event taxonomy.
 - [../security/revocation-bundle.md](../../security/revocation-bundle.md) & [../security/revocation-bundle-example.json](../../security/revocation-bundle-example.json) – revocation process.
 - [../license-jwt-quota.md](../../license-jwt-quota.md) – licence/quota enforcement controls.
-- [../30_QUOTA_ENFORCEMENT_FLOW1.md](../../30_QUOTA_ENFORCEMENT_FLOW1.md) – quota enforcement sequence.
-- [../24_OFFLINE_KIT.md](../../24_OFFLINE_KIT.md) – tamper-evident offline artefacts.
+- [../QUOTA_ENFORCEMENT_FLOW.md](../../QUOTA_ENFORCEMENT_FLOW.md) – quota enforcement sequence.
+- [../OFFLINE_KIT.md](../../OFFLINE_KIT.md) – tamper-evident offline artefacts.
 - [../security/](../../security/) – browse for additional deep dives (audit, scopes, rate limits).
 
 ## Supporting Material

docs/technical/strategy/README.md

@@ -2,19 +2,19 @@
 
 Foundational, high-level documents that define StellaOps direction, scope, and differentiators.
 
-- [Vision](../../03_VISION.md) — north-star goals, KPIs, and themes.
-- [Feature matrix](../../04_FEATURE_MATRIX.md) — capability matrix by tier.
-- [System requirements spec](../../05_SYSTEM_REQUIREMENTS_SPEC.md) — functional and non-functional requirements baseline.
-- [Roadmap](../../05_ROADMAP.md) — date-free capability roadmap and definition of “done”.
-- [Architecture overview](../../40_ARCHITECTURE_OVERVIEW.md) — platform principles and module map.
+- [Vision](../../VISION.md) — north-star goals, KPIs, and themes.
+- [Feature matrix](../../FEATURE_MATRIX.md) — capability matrix by tier.
+- [System requirements spec](../../SYSTEM_REQUIREMENTS_SPEC.md) — functional and non-functional requirements baseline.
+- [Roadmap](../../ROADMAP.md) — date-free capability roadmap and definition of "done".
+- [Architecture overview](../../ARCHITECTURE_OVERVIEW.md) — platform principles and module map.
 - [Moat](../../moat.md) — differentiating workstreams (determinism, policy lattice, sovereign crypto readiness, attestation graph).
-- [Offline Kit](../../24_OFFLINE_KIT.md) — offline story and workflows.
-- [Security policy](../../13_SECURITY_POLICY.md) — disclosure and support expectations.
-- [Glossary](../../14_GLOSSARY_OF_TERMS.md) — canonical vocabulary.
-- [UI guide](../../15_UI_GUIDE.md) — console UX overview for evaluators.
-- [FAQ matrix](../../23_FAQ_MATRIX.md) — stakeholder FAQ.
+- [Offline Kit](../../OFFLINE_KIT.md) — offline story and workflows.
+- [Security policy](../../SECURITY_POLICY.md) — disclosure and support expectations.
+- [Glossary](../../GLOSSARY.md) — canonical vocabulary.
+- [UI guide](../../UI_GUIDE.md) — console UX overview for evaluators.
+- [FAQ matrix](../../FAQ_MATRIX.md) — stakeholder FAQ.
 
 ## Related concepts
-- [Quota framing](../../33_333_QUOTA_OVERVIEW.md) and [enforcement flow](../../30_QUOTA_ENFORCEMENT_FLOW1.md) align business policy with enforcement diagrams.
-- [Legal FAQ (quota)](../../29_LEGAL_FAQ_QUOTA.md) captures the AGPL-3.0 interpretation of quota enforcement.
+- [Quota framing](../../QUOTA_OVERVIEW.md) and [enforcement flow](../../QUOTA_ENFORCEMENT_FLOW.md) align business policy with enforcement diagrams.
+- [Legal FAQ (quota)](../../LEGAL_FAQ_QUOTA.md) captures the AGPL-3.0 interpretation of quota enforcement.
 - [License/JWT quota narrative](../../license-jwt-quota.md) documents the offline licensing story for quota tokens.