stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
900 Commits 1 Branch 0 Tags
0c723b4e072d9b41a538e90285707868fbaca0ed
Commit Graph

900 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
master
0c723b4e07 Add advisory source catalog UI, mirror wizard, and mirror dashboard 
Source catalog component: browsable catalog of 75 advisory sources grouped
by 14 categories with search, filter, enable/disable toggles, batch
operations, health checks, and category descriptions.

Mirror domain builder: 3-step wizard (select sources → configure domain →
review & create) with category-level selection, auto-naming, format
choice, rate limits, signing options, and optional immediate generation.

Mirror dashboard: domain cards with staleness indicators, regenerate and
delete actions, consumer config panel, endpoint viewer, and empty-state
CTA leading to the wizard.

Catalog mirror header: mode badge, domain stats, and quick-access buttons
for mirror configuration integrated into the source catalog.

Supporting: source management API client (9 endpoints), mirror management
API client (12 endpoints), integration hub route wiring, onboarding hub
advisory section, security page health display fix, E2E Playwright tests.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-15 13:31:04 +02:00
master
3931b7e2cf Expand advisory source catalog to 75 sources and add mirror management backend 
Source catalog: add 28 sources across 6 new categories (Exploit, Container,
Hardware, ICS, PackageManager, additional CERTs) plus RU/CIS promotion and
threat intel frameworks. Register 25 new HTTP clients.

Source management API: 9 endpoints under /api/v1/sources for catalog browsing,
connectivity checks, and enable/disable controls.

Mirror domain API: 12 endpoints under /api/v1/mirror for domain CRUD, export
management, on-demand bundle generation, and connectivity testing.

Filter model: multi-value sourceVendor (comma-separated OR), sourceCategory
and sourceTag shorthand resolution via ResolveFilters(). Backward-compatible
with existing single-value filters. Deterministic query signatures.

Mirror export scheduler: BackgroundService with configurable refresh interval,
per-domain staleness detection, error isolation, and air-gap disable toggle.

VEX ingestion backoff: exponential backoff for failed sources (1hr → 24hr cap)
with jitter. New DB migration for tracking columns.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-15 13:26:52 +02:00
master
27d27b1952 Align release create wizard with canonical bundle lifecycle 
Wire orch:operate scope into console bootstrap so the browser token can
execute release-control actions. Replace the silent-redirect fallback
with the canonical createBundle → publishVersion → materialize flow and
surface truthful error messages on 403/409/503. Add focused Angular
tests and Playwright journey evidence for standard and hotfix paths.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-15 13:26:20 +02:00
master
08390f0ca4 Repair first-time identity and trust operator journeys 2026-03-15 12:33:56 +02:00
master
7bdfcd5055 Stabilize release confidence approval decision journey 2026-03-15 04:04:36 +02:00
master
4a5185121d Stabilize setup admin onboarding journeys 2026-03-15 03:38:48 +02:00
master
2661bfefa4 Close iteration 013 release confidence operator journey repairs 2026-03-15 02:16:29 +02:00
master
ac817a0597 Record clean scratch iteration 012 2026-03-14 22:24:12 +02:00
master
bd78523564 Widen scratch iteration 011 with fixture-backed integrations QA 2026-03-14 03:11:45 +02:00
master
3b1b7dad80 Record clean scratch iteration 010 2026-03-13 22:33:21 +02:00
master
bf4ff5bfd7 Close scratch iteration 009 grouped policy and VEX audit repairs 2026-03-13 19:25:48 +02:00
master
6954ac7967 Use cmd-based redirection in scratch runner 2026-03-13 13:59:00 +02:00
master
024b162b55 Use PowerShell 5 compatible argument handling in scratch runner 2026-03-13 13:55:30 +02:00
master
7c955dce3a Use direct process streaming in scratch runner 2026-03-13 13:54:01 +02:00
master
481231e685 Fix scratch runner redirected exit code capture 2026-03-13 13:16:12 +02:00
master
2be86fef03 Fix scratch runner single-change worktree handling 2026-03-13 11:01:19 +02:00
master
c9a30331ce Close scratch iteration 008 and enforce full surface audits 2026-03-13 11:00:12 +02:00
master
fe35801cc5 Close scratch iteration 007 and harden runner output contracts 2026-03-13 08:14:53 +02:00
master
407ab84cbb Isolate scratch runner setup from strict mode 2026-03-13 02:50:54 +02:00
master
27d0247058 Close scratch iteration 006 grouped readiness repairs 2026-03-13 02:27:03 +02:00
master
9c3d1f8d4a Stabilize scratch iteration 005 aggregate audit 2026-03-12 23:03:19 +02:00
master
317e55e623 Complete scratch iteration 004 setup and grouped route-action fixes 2026-03-12 19:28:42 +02:00
master
d8d3133060 Share shadow mode state and fix operations quota routing 2026-03-12 13:13:06 +02:00
master
19b9c90a8d Retry microservice startup and validate async Valkey connects 2026-03-12 13:12:54 +02:00
master
509b97a1a7 Harden scratch setup bootstrap and authority admin scopes 2026-03-12 13:12:32 +02:00
master
29b68f5bee Repair search result routing and advisory query ranking 2026-03-12 11:57:40 +02:00
master
6964a046a5 Close admin trust audit gaps and stabilize live sweeps 2026-03-12 10:14:00 +02:00
master
a00efb7ab2 Record clean scratch setup iteration 002 2026-03-11 22:12:27 +02:00
master
ebc70a3611 Make notifications action sweep wait for cold-load shell 2026-03-11 21:19:54 +02:00
master
66e67f1a97 Restore Doctor search after AdvisoryAI cold-start race 2026-03-11 21:19:42 +02:00
master
08006100a5 Repair scratch setup preflight for repo-local host processes 2026-03-11 21:19:25 +02:00
master
4a84f901ab Harden changed-surfaces registry-admin selector 2026-03-11 19:17:12 +02:00
master
8eec0a9dee Make registry-admin audit route self-identifying 2026-03-11 19:09:46 +02:00
master
6afd8f951e Harden canonical route sweep rechecks 2026-03-11 18:44:38 +02:00
master
f0b2ef3319 Align live evidence export with audit bundles 2026-03-11 18:21:47 +02:00
master
8cf132798d Repair setup admin branding and action routes 2026-03-11 17:05:49 +02:00
master
dc98d5a758 Throttle sidebar pending approvals badge refresh 2026-03-11 15:51:22 +02:00
master
9dd8592a2a Repair triage artifact scope and evidence contracts 2026-03-11 14:25:59 +02:00
master
4dc5db4efb Harden scratch-stack live QA sweeps 2026-03-11 12:07:00 +02:00
master
568a1df468 Fix watchlist draft hydration and update contracts 2026-03-11 10:56:31 +02:00
master
5c874c8f64 Make remote localization startup non-blocking 2026-03-11 10:07:30 +02:00
master
7a1c090f2e Harden live Playwright action sweeps for cold-loaded surfaces 2026-03-11 09:44:42 +02:00
master
ae09af4e65 Fix scratch setup image builder switch forwarding 2026-03-11 09:44:36 +02:00
master
3865b93091 Repair live jobs queues action handoffs 2026-03-10 20:46:55 +02:00
master
f727ec24fd Auto-rebuild AdvisoryAI knowledge corpus on startup 2026-03-10 20:18:12 +02:00
master
d93006a8fa Align release publisher scopes and preserve promotion submit context 2026-03-10 19:01:16 +02:00
master
f401a7182c Repair hotfix route and action flows 2026-03-10 18:06:14 +02:00
master
bb8327087d Harden live route ownership verification 2026-03-10 17:27:26 +02:00
master
6ef5ff5b43 Restructure navigation UX: sidebar groups, route aliases, and phase 3-6 polish 
Sidebar (phases 1-4, committed in parent sprint):
- Dashboard childless; Releases gains Health child
- Operations moved to release-control group with 8 promoted children
- Evidence renamed to Audit; Logs/Bundles as canonical sub-items
- Setup Notifications removed (consolidated)

Route fixes and canonical restore (Sprint 030):
- releases.routes: /health loads EnvironmentPosturePageComponent;
  /environments and /environments/:environmentId kept as canonical Releases routes
- legacy-redirects: release-orchestrator/environments and
  release-control/environments both redirect to /releases/environments
- app.routes: release-control/{environments,regions} alias → /releases/environments
- route-surface-ownership spec updated to match canonical Releases paths
- live-route-surface-ownership-check expected paths aligned

Phase 3: Remove in-page "Create Hotfix" button from hotfixes-queue component;
  topbar action is the sole create affordance.

Phase 6 UX polish:
- security-reports-page: stub link-list → tabbed layout (Risk, VEX, Export)
- filter-bar: Search button + Enter key trigger; top-row / filter-row layout
- approvals-inbox: horizontal chip-style status filters replacing pill buttons

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-10 17:16:26 +02:00
master
8a1fb9bd9b OpenAPI query param discovery and header cleanup completion 
Backend: ExtractParameters() now discovers query params from [AsParameters]
records and [FromQuery] attributes via handler method reflection. Gateway
OpenApiDocumentGenerator emits parameters arrays in the aggregated spec.
QueryParameterInfo added to EndpointSchemaInfo for HELLO payload transport.

Frontend: Remaining spec files and straggler services updated to canonical
X-Stella-Ops-* header names. Sprint 026 archived (tasks 01-06 DONE,
07-09 TODO for backend service rename pass).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-10 17:13:58 +02:00