stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
1,295 Commits 2 Branches 0 Tags
a81b524a8927439c9f7881a72c258b5a6a80d423
Commit Graph

84 Commits

Author SHA1 Message Date
master
786d09b88f feat(policy): persist gate evaluation queue, snapshots, orchestrator jobs 
Policy Engine: moves gate evaluation, snapshots, orchestrator job tracking,
and ledger export from in-memory state to Postgres-backed stores.

- New persistence migrations 007 (runtime state), 008 (snapshot artifact
  identity), 009 (orchestrator jobs).
- New repositories: PolicyEngineSnapshotRepository,
  PolicyEngineLedgerExportRepository, PolicyEngineOrchestratorJobRepository,
  WorkerResultRepository.
- Gateway services: GateEvaluationJobDispatchService,
  GateEvaluationJobStatusService, GateEvaluationJobWorker,
  SchedulerBackedGateEvaluationQueue (plus Unsupported fallback),
  GateTargetSnapshotMaterializer, PersistedKnowledgeSnapshotStore,
  GateBaselineBootstrapper, PolicyGateEvaluationJobExecutor.
- New endpoints: GateJobEndpoints for job status + dispatch.
- Worker host: PolicyOrchestratorJobWorkerHost to drain the persistent queue.
- PersistedOrchestratorStores + DeltaSnapshotServiceAdapter swap in the
  persistent implementations via DI.

Tests: PersistedDeltaRuntimeTests, PolicyEngineGateTargetSnapshotRuntimeTests,
PolicyEngineRegistryWebhookRuntimeTests, PostgresLedgerExportStoreTests,
PostgresSnapshotStoreTests, PolicyGatewayPersistedDeltaRuntimeTests,
RegistryWebhookQueueRuntimeTests. Archives the old S001 demo seed.

Docs: policy API + architecture pages updated.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-15 11:14:41 +03:00
master
c1ecc75ace refactor(policy): merge policy gateway into policy-engine 
- Move 24 gateway source files (endpoints, services, contracts) into engine
  under Endpoints/Gateway/, Services/Gateway/, Contracts/Gateway/ namespaces
- Add gateway DI registrations and endpoint mappings to engine Program.cs
- Add missing project references (StellaOps.Policy.Scoring, DeltaVerdict, Localization)
- Remove HTTP proxy layer (PolicyEngineClient, DPoP, forwarding context not copied)
- Update gateway routes in router appsettings to point to policy-engine
- Comment out policy service in docker-compose, add backwards-compat network alias
- Update services-matrix (gateway build line commented out)
- Update all codebase references: AdvisoryAI, JobEngine, CLI, router tests, helm
- Update docs: OFFLINE_KIT, configuration-migration, gateway guide, port-registry
- Deprecate etc/policy-gateway.yaml.sample with notice
- Eliminates 1 container, 9 HTTP round-trips, DPoP token flow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-08 13:19:09 +03:00
master
a6ffb38ecf Update module architecture docs and workflow tutorials 
- Module dossiers: attestor, authority, cli, graph, scanner
- Policy assistant parameters guide
- UI v2-rewire navigation rendering policy
- Test suite overview update
- Workflow engine requirements and tutorial series (01-08)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-30 17:25:37 +03:00
master
bf4ff5bfd7 Close scratch iteration 009 grouped policy and VEX audit repairs 2026-03-13 19:25:48 +02:00
master
1df79ac75e Restore policy simulation history compatibility 2026-03-10 00:42:18 +02:00
master
8e1cb9448d consolidation of some of the modules, localization fixes, product advisories work, qa work 2026-03-05 03:54:22 +02:00
master
b07d27772e search and ai stabilization work, localization stablized. 2026-02-24 23:29:36 +02:00
master
e746577380 wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10 2026-02-23 15:30:50 +02:00
master
04cacdca8a Gaps fill up, fixes, ui restructuring 2026-02-19 22:10:54 +02:00
master
cf5b72974f save checkpoint 2026-02-11 01:32:14 +02:00
master
4bdc298ec1 partly or unimplemented features - now implemented 2026-02-09 08:53:51 +02:00
master
5d5e80b2e4 stabilize tests 2026-02-01 21:37:40 +02:00
master
55744f6a39 tests fixes and some product advisories tunes ups 2026-01-30 07:57:43 +02:00
master
c70e83719e finish off sprint advisories and sprints 2026-01-24 00:12:43 +02:00
master
726d70dc7f tests fixes and sprints work 2026-01-22 19:08:46 +02:00
master
c32fff8f86 license switch agpl -> busl1, sprints work, new product advisories 2026-01-20 15:32:20 +02:00
master
17419ba7c4 doctor enhancements, setup, enhancements, ui functionality and design consolidation and , test projects fixes , product advisory attestation/rekor and delta verfications enhancements 2026-01-19 09:02:59 +02:00
master
77ff029205 todays product advirories implemented 2026-01-16 23:30:47 +02:00
master
4ca3ce8fb4 sprints completion. new product advisories prepared 2026-01-16 16:30:03 +02:00
master
88a85cdd92 old sprints work, new sprints for exposing functionality via cli, improve code_of_conduct and other agents instructions 2026-01-15 18:38:18 +02:00
master
15aeac8e8b new advisories work and features gaps work 2026-01-14 18:39:19 +02:00
master
95d5898650 audit notes work completed, test fixes work (95% done), new sprints, new data sources setup and configuration 2026-01-14 10:48:00 +02:00
master
d7be6ba34b audit, advisories and doctors/setup work 2026-01-13 18:53:39 +02:00
master
7f7eb8b228 Complete batch 012 (golden set diff) and 013 (advisory chat), fix build errors 
Sprints completed:
- SPRINT_20260110_012_* (golden set diff layer - 10 sprints)
- SPRINT_20260110_013_* (advisory chat - 4 sprints)

Build fixes applied:
- Fix namespace conflicts with Microsoft.Extensions.Options.Options.Create
- Fix VexDecisionReachabilityIntegrationTests API drift (major rewrite)
- Fix VexSchemaValidationTests FluentAssertions method name
- Fix FixChainGateIntegrationTests ambiguous type references
- Fix AdvisoryAI test files required properties and namespace aliases
- Add stub types for CveMappingController (ICveSymbolMappingService)
- Fix VerdictBuilderService static context issue

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-11 10:09:07 +02:00
master
51cf4bc16c more audit work 2026-01-08 20:46:43 +02:00
Codex Assistant
8f0320edd5 product advisories add change contiang folder 2026-01-08 09:06:03 +02:00
master
608a7f85c0 audit work, fixed StellaOps.sln warnings/errors, fixed tests, sprints work, new advisories 2026-01-07 18:50:11 +02:00
master
04ec098046 Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org 2026-01-07 10:25:34 +02:00
master
044cf0923c docs consolidation 2026-01-07 10:23:21 +02:00
StellaOps Bot
ab364c6032 sprints and audit work 2026-01-07 09:43:12 +02:00
StellaOps Bot
05833e0af2 Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org 2026-01-06 21:03:06 +02:00
master
4789027317 docs consolidation and others 2026-01-06 19:07:48 +02:00
StellaOps Bot
37e11918e0 save progress 2026-01-06 09:42:20 +02:00
StellaOps Bot
f7d27c6fda feat(secrets): Implement secret leak policies and signal binding 
- Added `spl-secret-block@1.json` to block deployments with critical or high severity secret findings.
- Introduced `spl-secret-warn@1.json` to warn on secret findings without blocking deployments.
- Created `SecretSignalBinder.cs` to bind secret evidence to policy evaluation signals.
- Developed unit tests for `SecretEvidenceContext` and `SecretSignalBinder` to ensure correct functionality.
- Enhanced `SecretSignalContextExtensions` to integrate secret evidence into signal contexts.
 2026-01-04 15:44:49 +02:00
StellaOps Bot
75de089ee8 Refactor compare-view component to use observables for data loading, enhancing performance and responsiveness. Update compare service interfaces and methods for improved delta computation. Modify audit log component to handle optional event properties gracefully. Optimize Monaco editor worker loading to reduce bundle size. Introduce shared SCSS mixins for consistent styling across components. Add Gitea test instance setup and NuGet package publishing test scripts for CI/CD validation. Update documentation paths and ensure all references are accurate. 2025-12-26 21:39:36 +02:00
StellaOps Bot
b4fc66feb6 Refactor code structure and optimize performance across multiple modules 2025-12-26 21:38:12 +02:00
StellaOps Bot
41f3ac7aba Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org 2025-12-26 15:27:29 +02:00
StellaOps Bot
907783f625 Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism 
- Implement `SbomVexOrderingDeterminismProperties` for testing component list and vulnerability metadata hash consistency.
- Create `UnicodeNormalizationDeterminismProperties` to validate NFC normalization and Unicode string handling.
- Add project file for `StellaOps.Testing.Determinism.Properties` with necessary dependencies.
- Introduce CI/CD template validation tests including YAML syntax checks and documentation content verification.
- Create validation script for CI/CD templates ensuring all required files and structures are present.
 2025-12-26 15:17:58 +02:00
StellaOps Bot
c8f3120174 Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism 
- Implement `SbomVexOrderingDeterminismProperties` for testing component list and vulnerability metadata hash consistency.
- Create `UnicodeNormalizationDeterminismProperties` to validate NFC normalization and Unicode string handling.
- Add project file for `StellaOps.Testing.Determinism.Properties` with necessary dependencies.
- Introduce CI/CD template validation tests including YAML syntax checks and documentation content verification.
- Create validation script for CI/CD templates ensuring all required files and structures are present.
 2025-12-26 15:17:15 +02:00
StellaOps Bot
22390057fc stop syncing with TASKS.md 2025-12-26 11:44:40 +02:00
StellaOps Bot
0103defcff docs consolidation work 2025-12-25 19:09:48 +02:00
StellaOps Bot
2a06f780cf sprints work 2025-12-25 12:19:12 +02:00
StellaOps Bot
223843f1d1 docs consolidation 2025-12-25 12:16:13 +02:00
StellaOps Bot
deb82b4f03 docs consolidation work 2025-12-25 10:54:10 +02:00
StellaOps Bot
5540ce9430 docs consoliation work 2025-12-24 14:19:46 +02:00
StellaOps Bot
9a08d10b89 docs consolidation 2025-12-24 12:38:14 +02:00
StellaOps Bot
5146204f1b feat: add security sink detection patterns for JavaScript/TypeScript 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
 2025-12-22 23:21:21 +02:00
master
4602ccc3a3 Refactor code structure for improved readability and maintainability; optimize performance in key functions. 2025-12-22 19:10:27 +02:00
StellaOps Bot
dfaa2079aa test 2025-12-22 09:56:20 +02:00
StellaOps Bot
5fc469ad98 feat: Add VEX Status Chip component and integration tests for reachability drift detection 
- Introduced `VexStatusChipComponent` to display VEX status with color coding and tooltips.
- Implemented integration tests for reachability drift detection, covering various scenarios including drift detection, determinism, and error handling.
- Enhanced `ScannerToSignalsReachabilityTests` with a null implementation of `ICallGraphSyncService` for better test isolation.
- Updated project references to include the new Reachability Drift library.
 2025-12-20 01:26:42 +02:00