stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
docs/features/checked/scanner/vex-exception-approval-flow.md Normal file
View File

@@ -0,0 +1,41 @@
# VEX Exception Approval Flow
## Module
Scanner
## Status
VERIFIED
## Description
Approval endpoints for VEX exception workflows with propose/approve two-step process are implemented.
## Implementation Details
- **VEX Gate Controller**:
- `src/Scanner/StellaOps.Scanner.WebService/Controllers/VexGateController.cs` - `VexGateController` REST API including exception proposal and approval endpoints for VEX exception workflows
- **VEX Gate Query Service**:
- `src/Scanner/StellaOps.Scanner.WebService/Services/VexGateQueryService.cs` - `VexGateQueryService` querying VEX gate decisions including exception status
- **Contracts**:
- `src/Scanner/StellaOps.Scanner.WebService/Contracts/VexGateContracts.cs` - API contracts for VEX gate operations including exception proposal and approval
- **VEX Gate Service**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Gate/VexGateService.cs` - `VexGateService` processing VEX gate decisions and exception workflows
- `src/Scanner/__Libraries/StellaOps.Scanner.Gate/IVexGateService.cs` - Interface for VEX gate operations
- `src/Scanner/__Libraries/StellaOps.Scanner.Gate/VexGateDecision.cs` - `VexGateDecision` model including exception status
- `src/Scanner/__Libraries/StellaOps.Scanner.Gate/VexGateAuditLogger.cs` - `VexGateAuditLogger` logging exception proposals and approvals for audit trail
## E2E Test Plan
- [ ] Propose a VEX exception for a blocked finding and verify it enters the "proposed" state awaiting approval
- [ ] Approve a proposed VEX exception and verify the finding's gate decision changes from Block to Pass
- [ ] Reject a proposed VEX exception and verify the finding remains in Block state with rejection reason
- [ ] Verify the audit logger captures all exception proposals and approvals with user attribution and timestamps
- [ ] Verify the two-step process prevents a single user from both proposing and approving the same exception
---
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |