master
4d8a48a05f
Sprint 7+8: Journey UX fixes + identity envelope shared middleware
...
Sprint 7 — Deep journey fixes:
S7-T01: Trust & Signing empty state with "Go to Signing Keys" CTA
S7-T02: Notifications 3-step setup guide (channel→rule→test)
S7-T03: Topology validate step skip — "Skip Validation" when API fails,
with validateSkipped signal matching agentSkipped pattern
S7-T04: VEX export note on Risk Report tab linking to VEX Ledger
Sprint 8 — Identity envelope shared middleware (ARCHITECTURE):
S8-T01: New UseIdentityEnvelopeAuthentication() extension in
StellaOps.Router.AspNet. Reads X-StellaOps-Identity-Envelope headers,
verifies HMAC-SHA256 via GatewayIdentityEnvelopeCodec, creates
ClaimsPrincipal with sub/tenant/scopes/roles. 5min clock skew.
S8-T02: Concelier refactored — removed 78 lines of inline impl,
now uses shared one-liner
S8-T03: Scanner — UseIdentityEnvelopeAuthentication() added
S8-T04: JobEngine — UseIdentityEnvelopeAuthentication() added
S8-T05: Timeline — UseIdentityEnvelopeAuthentication() added
S8-T06: Integrations — UseIdentityEnvelopeAuthentication() added
S8-T07: docs/modules/router/IDENTITY_ENVELOPE_MIDDLEWARE.md
All services now authenticate ReverseProxy requests via gateway envelope.
Scanner scan submit should now work with authenticated identity.
Angular: 0 errors. .NET (6 services): 0 errors.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-16 18:27:46 +02:00
master
bd78523564
Widen scratch iteration 011 with fixture-backed integrations QA
2026-03-14 03:11:45 +02:00
master
b7cfdbd553
Recover integrations startup migrations and enum persistence
2026-03-07 02:45:40 +02:00
master
54753bfd41
qa iteration 2
2026-03-06 00:40:59 +02:00
master
63c70a6d37
Search/AdvisoryAI and DAL conversion to EF finishes up. Preparation for microservices consolidation.
2026-02-25 18:19:22 +02:00
master
b07d27772e
search and ai stabilization work, localization stablized.
2026-02-24 23:29:36 +02:00
master
e746577380
wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10
2026-02-23 15:30:50 +02:00
master
bd8fee6ed8
stela ops usage fixes roles propagation and timoeut, one account to support multi tenants, migrations consolidation, search to support documentation, doctor and open api vector db search
2026-02-22 19:27:54 +02:00
master
04cacdca8a
Gaps fill up, fixes, ui restructuring
2026-02-19 22:10:54 +02:00
master
49cdebe2f1
compose and authority fixes. finish sprints.
2026-02-18 12:00:10 +02:00
master
4bdc298ec1
partly or unimplemented features - now implemented
2026-02-09 08:53:51 +02:00
master
557feefdc3
stabilizaiton work - projects rework for maintenanceability and ui livening
2026-02-03 23:40:04 +02:00
master
5d5e80b2e4
stabilize tests
2026-02-01 21:37:40 +02:00
master
582a41d7a9
sprints work
2026-01-11 11:19:40 +02:00
StellaOps Bot
ab364c6032
sprints and audit work
2026-01-07 09:43:12 +02:00
StellaOps Bot
e411fde1a9
feat(audit): Apply TreatWarningsAsErrors=true to 160+ production csproj files
...
Sprint: SPRINT_20251229_049_BE_csproj_audit_maint_tests
Tasks: AUDIT-0001 through AUDIT-0147 APPLY tasks (approved decisions 1-9)
Changes:
- Set TreatWarningsAsErrors=true for all production .NET projects
- Fixed nullable warnings in Scanner.EntryTrace, Scanner.Evidence,
Scheduler.Worker, Concelier connectors, and other modules
- Injected TimeProvider/IGuidProvider for deterministic time/ID generation
- Added path traversal validation in AirGap.Bundle
- Fixed NULL handling in various cursor classes
- Third-party GostCryptography retains TreatWarningsAsErrors=false (preserves original)
- Test projects excluded per user decision (rejected decision 10)
Note: All 17 ACSC connector tests pass after snapshot fixture sync
2026-01-04 11:21:16 +02:00
StellaOps Bot
7a5210e2aa
Frontend gaps fill work. Testing fixes work. Auditing in progress.
2025-12-30 01:22:58 +02:00
