up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
console-runner-image / build-runner-image (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
console-runner-image / build-runner-image (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -302,7 +302,7 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 11 | Signing Chain Bring-up | src/Attestor/StellaOps.Attestor | DONE (2025-10-19) | Attestor Guild | ATTESTOR-VERIFY-11-202 | `/rekor/verify` + retrieval endpoints validating signatures and Merkle proofs. |
|
||||
| Sprint 11 | Signing Chain Bring-up | src/Attestor/StellaOps.Attestor | DONE (2025-10-19) | Attestor Guild | ATTESTOR-OBS-11-203 | Telemetry, alerting, mTLS hardening, and archive workflow for Attestor. |
|
||||
| Sprint 11 | Storage Platform Hardening | src/Scanner/__Libraries/StellaOps.Scanner.Storage | DONE (2025-10-23) | Scanner Storage Guild | SCANNER-STORAGE-11-401 | Migrate scanner object storage integration from MinIO to RustFS with data migration plan. |
|
||||
| Sprint 11 | UI Integration | src/UI/StellaOps.UI | DONE (2025-10-23) | UI Guild | UI-ATTEST-11-005 | Attestation visibility (Rekor id, status) on Scan Detail. |
|
||||
| Sprint 11 | UI Integration | src/Web/StellaOps.Web | DONE (2025-10-23) | UI Guild | UI-ATTEST-11-005 | Attestation visibility (Rekor id, status) on Scan Detail. |
|
||||
| Sprint 12 | Runtime Guardrails | src/Zastava/__Libraries/StellaOps.Zastava.Core | DONE (2025-10-23) | Zastava Core Guild | ZASTAVA-CORE-12-201 | Define runtime event/admission DTOs, hashing helpers, and versioning strategy. |
|
||||
| Sprint 12 | Runtime Guardrails | src/Zastava/__Libraries/StellaOps.Zastava.Core | DONE (2025-10-23) | Zastava Core Guild | ZASTAVA-CORE-12-202 | Provide configuration/logging/metrics utilities shared by Observer/Webhook. |
|
||||
| Sprint 12 | Runtime Guardrails | src/Zastava/__Libraries/StellaOps.Zastava.Core | DONE (2025-10-23) | Zastava Core Guild | ZASTAVA-CORE-12-203 | Authority client helpers, OpTok caching, and security guardrails for runtime services. |
|
||||
@@ -319,8 +319,8 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 12 | Runtime Guardrails | src/Scanner/StellaOps.Scanner.WebService | DONE (2025-10-24) | Scanner WebService Guild | SCANNER-RUNTIME-12-303 | Align `/policy/runtime` verdicts with canonical policy evaluation (Conselier/Excitor). |
|
||||
| Sprint 12 | Runtime Guardrails | src/Scanner/StellaOps.Scanner.WebService | DONE (2025-10-24) | Scanner WebService Guild | SCANNER-RUNTIME-12-304 | Integrate attestation verification into runtime policy metadata. |
|
||||
| Sprint 12 | Runtime Guardrails | src/Scanner/StellaOps.Scanner.WebService | DONE (2025-10-24) | Scanner WebService Guild | SCANNER-RUNTIME-12-305 | Deliver shared fixtures + e2e validation with Zastava/CLI teams. |
|
||||
| Sprint 13 | UX & CLI Experience | src/UI/StellaOps.UI | DONE (2025-10-23) | UI Guild | UI-AUTH-13-001 | Integrate Authority OIDC + DPoP flows with session management. |
|
||||
| Sprint 13 | UX & CLI Experience | src/UI/StellaOps.UI | DONE (2025-10-25) | UI Guild | UI-NOTIFY-13-006 | Notify panel: channels/rules CRUD, deliveries view, test send. |
|
||||
| Sprint 13 | UX & CLI Experience | src/Web/StellaOps.Web | DONE (2025-10-23) | UI Guild | UI-AUTH-13-001 | Integrate Authority OIDC + DPoP flows with session management. |
|
||||
| Sprint 13 | UX & CLI Experience | src/Web/StellaOps.Web | DONE (2025-10-25) | UI Guild | UI-NOTIFY-13-006 | Notify panel: channels/rules CRUD, deliveries view, test send. |
|
||||
| Sprint 13 | Platform Reliability | ops/devops | DONE (2025-10-25) | DevOps Guild, Platform Leads | DEVOPS-NUGET-13-001 | Wire up .NET 10 preview feeds/local mirrors so `dotnet restore` succeeds offline; document updated NuGet bootstrap. |
|
||||
| Sprint 15 | Notify Foundations | src/Notify/__Libraries/StellaOps.Notify.Queue | DONE (2025-10-23) | Notify Queue Guild | NOTIFY-QUEUE-15-401 | Bus abstraction + Redis Streams adapter with ordering/idempotency. |
|
||||
| Sprint 15 | Notify Foundations | src/Notify/__Libraries/StellaOps.Notify.Queue | DONE (2025-10-23) | Notify Queue Guild | NOTIFY-QUEUE-15-402 | NATS JetStream adapter with health probes and failover. |
|
||||
@@ -488,9 +488,9 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Policy/__Libraries/StellaOps.Policy | TODO | Policy Guild, Security Guild | POLICY-AOC-19-002 | Enforce Policy-only writes to `effective_finding_*` collections. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Policy/__Libraries/StellaOps.Policy | TODO | Policy Guild | POLICY-AOC-19-003 | Update Policy readers to consume only raw document fields. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Policy/__Libraries/StellaOps.Policy | TODO | Policy Guild, QA Guild | POLICY-AOC-19-004 | Add determinism tests for raw-driven policy recomputation. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/UI/StellaOps.UI | TODO | UI Guild | UI-AOC-19-001 | Add Sources dashboard tiles surfacing AOC status and violations. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/UI/StellaOps.UI | TODO | UI Guild | UI-AOC-19-002 | Build violation drill-down view for offending documents. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/UI/StellaOps.UI | TODO | UI Guild | UI-AOC-19-003 | Wire "Verify last 24h" action and CLI parity messaging. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Web/StellaOps.Web | TODO | UI Guild | UI-AOC-19-001 | Add Sources dashboard tiles surfacing AOC status and violations. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Web/StellaOps.Web | TODO | UI Guild | UI-AOC-19-002 | Build violation drill-down view for offending documents. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Web/StellaOps.Web | TODO | UI Guild | UI-AOC-19-003 | Wire "Verify last 24h" action and CLI parity messaging. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Web/StellaOps.Web | DOING (2025-10-26) | BE-Base Platform Guild | WEB-AOC-19-001 | Provide shared AOC forbidden key set and guard middleware. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-AOC-19-002 | Ship provenance builder and signature helpers for ingestion services. |
|
||||
| Sprint 19 | Aggregation-Only Contract Enforcement | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild, QA Guild | WEB-AOC-19-003 | Author analyzer + shared test fixtures for guard compliance. |
|
||||
@@ -518,10 +518,10 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 20 | Policy Engine v2 | src/Scheduler/__Libraries/StellaOps.Scheduler.Worker | TODO | Scheduler Worker Guild | SCHED-WORKER-20-301 | Schedule policy runs via API with idempotent job tracking. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Scheduler/__Libraries/StellaOps.Scheduler.Worker | TODO | Scheduler Worker Guild | SCHED-WORKER-20-302 | Implement delta targeting leveraging change streams + policy metadata. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Scheduler/__Libraries/StellaOps.Scheduler.Worker | TODO | Scheduler Worker Guild, Observability Guild | SCHED-WORKER-20-303 | Expose policy scheduling metrics/logs with policy/run identifiers. |
|
||||
| Sprint 20 | Policy Engine v2 | src/UI/StellaOps.UI | TODO | UI Guild | UI-POLICY-20-001 | Ship Monaco-based policy editor with inline diagnostics + checklists. |
|
||||
| Sprint 20 | Policy Engine v2 | src/UI/StellaOps.UI | TODO | UI Guild | UI-POLICY-20-002 | Build simulation panel with deterministic diff rendering + virtualization. |
|
||||
| Sprint 20 | Policy Engine v2 | src/UI/StellaOps.UI | TODO | UI Guild, Product Ops | UI-POLICY-20-003 | Implement submit/review/approve workflow with RBAC + audit trail. |
|
||||
| Sprint 20 | Policy Engine v2 | src/UI/StellaOps.UI | TODO | UI Guild, Observability Guild | UI-POLICY-20-004 | Add run dashboards (heatmap/VEX wins/suppressions) with export. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | UI Guild | UI-POLICY-20-001 | Ship Monaco-based policy editor with inline diagnostics + checklists. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | UI Guild | UI-POLICY-20-002 | Build simulation panel with deterministic diff rendering + virtualization. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | UI Guild, Product Ops | UI-POLICY-20-003 | Implement submit/review/approve workflow with RBAC + audit trail. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | UI Guild, Observability Guild | UI-POLICY-20-004 | Add run dashboards (heatmap/VEX wins/suppressions) with export. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-POLICY-20-001 | Implement Policy CRUD/compile/run/simulate/findings/explain endpoints. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-POLICY-20-002 | Add pagination, filters, deterministic ordering to policy listings. |
|
||||
| Sprint 20 | Policy Engine v2 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild, QA Guild | WEB-POLICY-20-003 | Map engine errors to `ERR_POL_*` responses with contract tests. |
|
||||
@@ -570,8 +570,8 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-ENGINE-40-001 | Update severity selection to handle multiple source severities per linkset. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild, Excititor Guild | POLICY-ENGINE-40-002 | Integrate VEX linkset conflicts into effective findings/explain traces. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Scanner/StellaOps.Scanner.WebService | TODO | Scanner WebService Guild | SCANNER-LNM-21-001 | Update report/runtime payloads to consume linksets and surface source evidence. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-LNM-22-001 | Deliver Evidence panel with policy banner and source observations. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-LNM-22-003 | Add VEX evidence tab with conflict indicators and exports. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-LNM-22-001 | Deliver Evidence panel with policy banner and source observations. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-LNM-22-003 | Add VEX evidence tab with conflict indicators and exports. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-LNM-21-001 | Surface advisory observation/linkset APIs through gateway with RBAC. |
|
||||
| Sprint 22 | Link-Not-Merge v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-LNM-21-002 | Expose VEX observation/linkset endpoints with export handling. |
|
||||
| Sprint 23 | StellaOps Console | docs | TODO | Docs Guild | DOCS-CONSOLE-23-015 | Produce `/docs/architecture/console.md` describing packages, data flow, SSE design. |
|
||||
@@ -609,8 +609,8 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/Excititor/__Libraries/StellaOps.Excititor.Core | TODO | Excititor Core Guild | EXCITITOR-GRAPH-24-001 | Surface raw VEX statements/linksets for overlay services (no suppression/precedence logic here). |
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-ENGINE-60-001 | Maintain Redis effective decision maps for overlays. |
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-ENGINE-60-002 | Provide simulation bridge for graph what-if APIs. |
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-GRAPH-24-001 | Build Graph Explorer canvas with virtualization. |
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-GRAPH-24-002 | Implement overlays (Policy/Evidence/License/Exposure). |
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-GRAPH-24-001 | Build Graph Explorer canvas with virtualization. |
|
||||
| Sprint 24 | Graph & Vuln Explorer v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-GRAPH-24-002 | Implement overlays (Policy/Evidence/License/Exposure). |
|
||||
| Sprint 25 | Exceptions v1 | docs | TODO | Docs Guild | DOCS-EXC-25-001 | Document exception governance concepts/workflow. |
|
||||
| Sprint 25 | Exceptions v1 | docs | TODO | Docs Guild | DOCS-EXC-25-002 | Document approvals routing / MFA requirements. |
|
||||
| Sprint 25 | Exceptions v1 | docs | TODO | Docs Guild | DOCS-EXC-25-003 | Publish API documentation for exceptions endpoints. |
|
||||
@@ -627,10 +627,10 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 25 | Exceptions v1 | src/Policy/StellaOps.Policy.Engine | TODO | Policy Guild | POLICY-ENGINE-70-005 | Hook workers/events for activation/expiry. |
|
||||
| Sprint 25 | Exceptions v1 | src/Scheduler/__Libraries/StellaOps.Scheduler.Worker | TODO | Scheduler Worker Guild | SCHED-WORKER-25-101 | Implement exception lifecycle worker for activation/expiry. |
|
||||
| Sprint 25 | Exceptions v1 | src/Scheduler/__Libraries/StellaOps.Scheduler.Worker | TODO | Scheduler Worker Guild | SCHED-WORKER-25-102 | Add expiring notification job & metrics. |
|
||||
| Sprint 25 | Exceptions v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-EXC-25-001 | Deliver Exception Center (list/kanban) with workflows. |
|
||||
| Sprint 25 | Exceptions v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-EXC-25-002 | Build exception creation wizard with scope/timebox guardrails. |
|
||||
| Sprint 25 | Exceptions v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-EXC-25-003 | Add inline exception drafting/proposing from explorers. |
|
||||
| Sprint 25 | Exceptions v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-EXC-25-004 | Surface badges/countdowns/explain integration. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-EXC-25-001 | Deliver Exception Center (list/kanban) with workflows. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-EXC-25-002 | Build exception creation wizard with scope/timebox guardrails. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-EXC-25-003 | Add inline exception drafting/proposing from explorers. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-EXC-25-004 | Surface badges/countdowns/explain integration. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-EXC-25-001 | Ship exception CRUD + workflow API endpoints. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-EXC-25-002 | Extend policy endpoints to include exception metadata. |
|
||||
| Sprint 25 | Exceptions v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-EXC-25-003 | Emit exception events/notifications with rate limits. |
|
||||
@@ -661,10 +661,10 @@ This file describe implementation of Stella Ops (docs/README.md). Implementation
|
||||
| Sprint 26 | Reachability v1 | src/Signals/StellaOps.Signals | BLOCKED (2025-10-27) | Signals Guild | SIGNALS-24-003 | Ingest runtime facts and persist context data with AOC provenance. Depends on SIGNALS-24-001 base host. |
|
||||
| Sprint 26 | Reachability v1 | src/Signals/StellaOps.Signals | BLOCKED (2025-10-27) | Signals Guild | SIGNALS-24-004 | Deliver reachability scoring engine writing reachability facts. Blocked until ingestion pipelines unblock. |
|
||||
| Sprint 26 | Reachability v1 | src/Signals/StellaOps.Signals | BLOCKED (2025-10-27) | Signals Guild | SIGNALS-24-005 | Implement caches + signals events. Downstream of SIGNALS-24-004. |
|
||||
| Sprint 26 | Reachability v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-SIG-26-001 | Add reachability columns/badges to Vulnerability Explorer. |
|
||||
| Sprint 26 | Reachability v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-SIG-26-002 | Enhance Why drawer with call path/timeline. |
|
||||
| Sprint 26 | Reachability v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-SIG-26-003 | Add reachability overlay/time slider to SBOM Graph. |
|
||||
| Sprint 26 | Reachability v1 | src/UI/StellaOps.UI | TODO | UI Guild | UI-SIG-26-004 | Build Reachability Center + missing sensor view. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-SIG-26-001 | Add reachability columns/badges to Vulnerability Explorer. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-SIG-26-002 | Enhance Why drawer with call path/timeline. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-SIG-26-003 | Add reachability overlay/time slider to SBOM Graph. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | UI Guild | UI-SIG-26-004 | Build Reachability Center + missing sensor view. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-SIG-26-001 | Expose signals proxy endpoints with pagination and RBAC. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-SIG-26-002 | Join reachability data into policy/vuln responses. |
|
||||
| Sprint 26 | Reachability v1 | src/Web/StellaOps.Web | TODO | BE-Base Platform Guild | WEB-SIG-26-003 | Support reachability overrides in simulate APIs. |
|
||||
|
||||
Reference in New Issue
Block a user