stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
docs/features/checked/scanner/gated-triage-contracts.md Normal file
View File

@@ -0,0 +1,43 @@
# Gated Triage Contracts (Quiet-by-Design Backend)
## Module
Scanner
## Status
VERIFIED
## Description
Backend contracts for Quiet-by-Design Triage that expose why findings are hidden by default (unreachable, policy_dismissed, backported, vex_not_affected) with links to evidence artifacts and gated bucket count summaries in bulk queries.
## Implementation Details
- **Gating Contracts**:
- `src/Scanner/StellaOps.Scanner.WebService/Contracts/GatingContracts.cs` - Gating reason contracts (unreachable, policy_dismissed, backported, vex_not_affected)
- **Gating Reason Service**:
- `src/Scanner/StellaOps.Scanner.WebService/Services/IGatingReasonService.cs` - Interface for gating reason queries
- `src/Scanner/StellaOps.Scanner.WebService/Services/GatingReasonService.cs` - Provides gating reasons with evidence links
- **Triage API**:
- `src/Scanner/StellaOps.Scanner.WebService/Controllers/TriageController.cs` - `TriageController` with `BulkGatingStatusRequest` for bulk queries
- `src/Scanner/StellaOps.Scanner.WebService/Endpoints/Triage/TriageStatusEndpoints.cs` - Triage status endpoints
- `src/Scanner/StellaOps.Scanner.WebService/Contracts/TriageContracts.cs` - Triage API contracts
- **VEX Gate Integration**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Gate/VexGateService.cs` - VEX gate service for determining gating status
- `src/Scanner/__Libraries/StellaOps.Scanner.Gate/VexGateResult.cs` - Gate result model
## E2E Test Plan
- [ ] Query findings and verify gated findings include the gating reason (unreachable, policy_dismissed, backported, vex_not_affected)
- [ ] Verify each gating reason includes links to supporting evidence artifacts
- [ ] Submit a bulk gating status request and verify gated bucket count summaries are returned
- [ ] Verify unreachable findings are gated with reachability evidence links
- [ ] Verify backported findings are gated with backport evidence links
- [ ] Verify VEX not_affected findings are gated with VEX document references
---
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |