stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs: module dossier + install/quickstart sync for truthful cutover sprints

Browse Source 
- API_CLI_REFERENCE.md, INSTALL_GUIDE.md, quickstart.md, architecture/integrations.md, dev/DEV_ENVIRONMENT_SETUP.md, integrations/LOCAL_SERVICES.md: reflect real-service wiring.
- docs/modules/**: module dossier updates across the modules touched by SPRINT_20260415_001..007 + SPRINT_20260416_003..017 + SPRINT_20260417_018..024 + SPRINT_20260418_025 + SPRINT_20260419_026.
- docs/features/checked/web/**: update feature notes where UI changed.
- docs/qa/feature-checks/runs/web/evidence-presentation-ux/: QA evidence artifacts.
- docs/setup/**, docs/technical/**: align with setup wizard contracts.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-04-19 14:45:09 +03:00
parent ad62ba7f76
commit fdf95e0f46
67 changed files with 590 additions and 360 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/modules/authority/architecture.md
View File

@@ -33,8 +33,10 @@
* **Device Code** (CLI login on headless agents; optional when enabled by the deployment profile)
* **Authorization Code + PKCE** (browser login for UI and future human CLI flows; optional)
* **Password** (current local/dev bootstrap compatibility path for human CLI login; not the target long-term operator flow)
* **Current local/dev standard-plugin seed** (`etc/authority/plugins/standard.yaml`):
* **Current local/dev standard-plugin bootstrap** (`etc/authority/plugins/standard.yaml`):
* generic tenant anchor: `default`
* no pre-seeded human admin user; the first administrator is created through the setup wizard
* `stella-ops-ui`: `authorization_code refresh_token`
* `stellaops-cli`: public human client with `authorization_code password refresh_token`; localhost redirect URIs are PKCE-required, and the CLI currently uses this client for fresh-shell interactive username/password login
* `stellaops-cli-automation`: confidential automation client with `client_credentials`
@@ -153,7 +155,7 @@ plan? = <plan name> // optional hint for UIs; not used for e
* `POST /revoke` → revokes refresh tokens or opaque access tokens.
> Requests targeting the legacy `/oauth/{introspect|revoke}` paths receive deprecation headers and are scheduled for removal after 1 May 2026.
* **Replay prevention**: maintain **DPoP `jti` cache** (TTL ≤ 10 min) to reject duplicate proofs when services supply DPoP nonces (Signer requires nonce for highvalue operations).
* **Replay prevention**: maintain **DPoP `jti` cache** (TTL ≤ 10 min) to reject duplicate proofs when services supply DPoP nonces (Signer requires nonce for highvalue operations). In non-testing Authority runtime, this replay/nonce state must be durable and shared (Valkey-backed); in-memory state is reserved for `Testing` only.
### 3.4 UserInfo (optional for UI)
@@ -556,6 +558,8 @@ Manages trusted VEX/CSAF publisher metadata. Owns:
**Compiled models:** IssuerDirectoryDbContext also uses EF Core compiled models. The `<Compile Remove>` directive for `EfCore/CompiledModels/IssuerDirectoryDbContextAssemblyAttributes.cs` lives in `src/Authority/__Libraries/StellaOps.IssuerDirectory.Persistence/StellaOps.IssuerDirectory.Persistence.csproj` (relocated from `src/IssuerDirectory/` by Sprint 216).
Non-testing IssuerDirectory web runtime now requires PostgreSQL persistence; in-memory repositories remain a testing-only path.
### 21.3 No-merge security rationale
**Decision:** Schemas remain permanently separate. No cross-schema DB merge.