Authority: StellaOpsLocalHostnameExtensions gains additional local aliases
for the IssuerDirectory service; new StellaOpsLocalHostnameExtensionsTests
cover the alias table. IssuerDirectory.WebService Program.cs wires the
IssuerDirectory host against the shared auth integration.
Scanner: WebService swaps in-memory score replay tracking for
PersistedScoreReplayRepositories (Postgres-backed) in Program.cs.
Docs: scanner architecture page updated.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Excititor: new migration 003_vex_claim_store.sql and PostgresVexClaimStore
replace the in-memory claim tracking. ExcititorPersistenceExtensions wires
the store; ExcititorMigrationTests updated. Archives S001 demo seed.
VexLens: new migration 002_noise_gating_state.sql with
PostgresGatingStatisticsStore, PostgresSnapshotStore, and
PostgresNoiseGatingJson bring noise-gating state onto disk. New
VexLensRuntimeDatabaseOptions + AuthorityIssuerDirectoryAdapter +
VexHubStatementProvider provide the runtime wiring. WebService tests cover
the persistence, the issuer-directory adapter, and the statement provider.
VexHub: WebService Program, endpoints, middleware, models, and policies
tightened; VexExportCompatibilityTests exercise the Concelier↔VexHub export
contract.
Docs: excititor, vex-hub (architecture + integration guide), and vex-lens
architecture pages updated to match the new persistence and verification
paths.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Introduces IGraphRuntimeRepository + PostgresGraphRuntimeRepository that back
runtime-path graph reads with real persistence. Graph.Api Program.cs wires
the new repository into the DI graph. InMemory* services get small cleanups
so they remain viable for tests and local dev.
CompatibilityEndpoints: extends the integration-test surface.
Tests: GraphPostgresRuntimeIntegrationTests,
GraphRuntimeRepositoryRegistrationTests, expanded
GraphCompatibilityEndpointsIntegrationTests.
Docs: graph architecture page updated.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
docs/modules/workflow/analyzer.md — user-facing reference for
WF001-WF006 + WF010: one section per rule with a "bad" example and
the canonical fix. Covers activation, scope (Spec property is the
entry point; helpers walked transitively), trusted-assembly prefix
rule, cross-project WF010 indirection, and non-goals (no source
generator, no severity config, no escape hatch).
The DiagnosticDescriptors' HelpLinkUri already points at sections in
this doc (e.g., #wf005), so users who hit a build error can click
through to the exact rule explanation.
Golden tests (GoldenWorkflowShapeTests) exercise three patterns
lifted from the Bulstrad corpus:
1. static readonly LegacyRabbitAddress fields + nested
WhenExpression(Gt, Len, ...) + .Call + OnComplete with
WhenExpression(Eq, ...) + ActivateTask/Complete
2. SetBusinessReference(new WorkflowBusinessReferenceDeclaration
{ KeyExpression, Parts = new WorkflowNamedExpressionDefinition[] { ... } })
3. WorkflowExpr.Func("bulstrad.normalizeCustomer", path)
— custom runtime function dispatch
Each asserts zero WF* diagnostics. A regression that rejects these
patterns would break the entire Serdica corpus.
30/30 tests pass.
Integration hub: extends integration.models with fields needed by the wizard
(capabilities, credentials, readiness), updates the shell and list components,
adds routing for the new hub flow, and broadens the integration-list spec.
Integration wizard: new integrations-hub.component, extended wizard with
capability/credential handling, updated template + type models, and broader
spec coverage.
Sprint docs: SPRINT_20260413_003 (UI-driven local setup rerun) updated with
wiring notes; SPRINT_20260410_001 (no-mocks) adjusted. ReleaseOrchestrator
architecture doc gets a minor clarification.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SPRINT_20260408_005_Audit_endpoint_filters_deprecation: FILTER-004, -006,
-008 marked DONE with commit 54e7f871a; FILTER-005, -007 DONE with
d4d75200c; FILTER-010 DONE with 665bd6db4. DEPRECATE-001/002/003 still
TODO with mandatory 30-day + 90-day wait windows; CAPSULE-001 stays
BLOCKED. Sprint cannot be archived until the verification windows pass.
- SPRINT_20260408_002_Findings_vulnexplorer_ledger_merge: corrected VXLM-003
and VXLM-004 from DONE → DOING. Adapters still back VEX decisions,
fix verifications, and audit bundles with ConcurrentDictionary; the
VulnExplorer.Api and VulnExplorer.WebService project directories were not
deleted; migration 010 is present but unused. Execution log records the
finding; commit 414049ef8 message was misleading.
- SPRINT_20260408_004_Timeline_unified_audit_sink: scope confirmation logged.
AUDIT-002 through AUDIT-007 remain TODO (~15–25 hr breadth work); too
large for a single session. Sprint stays active.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
TASK-013: SchedulerPersistenceExtensions now calls AddStartupMigrations so
the embedded SQL files (including 007 job_kind + 008 doctor_trends) run on
every cold start. Deletes duplicate migrations 007_add_job_kind_plugin_config
(kept 007_add_schedule_job_kind.sql with tenant-scoped index) and
008_doctor_trends_table (kept 008_add_doctor_trends.sql with RLS + BRIN
time-series index).
TASK-010: Doctor UI trend service now calls
/api/v1/scheduler/doctor/trends/categories/{category} (was
/api/v1/doctor/scheduler/...) so it routes through the scheduler plugin
endpoints rather than the deprecated standalone doctor-scheduler path.
TASK-009: New DoctorJobPluginTests exercises plugin lifecycle: identity,
config validation for full/quick/categories/plugins modes, plan creation,
JSON schema shape, and PluginConfig round-trip (including alerts). 10 tests
added, all pass (26/26 in Plugin.Tests project).
Archives the sprint — all 13 tasks now DONE — and archives the platform
retest sprint (SPRINT_20260409_002) whose RETEST-008 completed via the
earlier feed-mirror cleanup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds PowerShell helpers to seed the local Stella Ops stack with a working
GitLab + integrations configuration:
- bootstrap-local-gitlab-secrets.ps1 provisions GitLab's JWT signing secret
and admin PAT into Vault/Authority.
- register-local-integrations.ps1 POSTs the canonical integration records
(GitLab, Jenkins, Harbor, Gitea, Nexus, etc.) against the Integrations
service for first-run local environments.
Docs: INSTALL_GUIDE.md + integrations/LOCAL_SERVICES.md document the new
helpers. devops/compose README and router-gateway-local.json get the
corresponding route wiring. Two new sprint files track the follow-on work
(SPRINT_20260413_002, SPRINT_20260413_003).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Wraps ENUM type creation in findings.ledger schema with DO blocks that catch
duplicate_object so migration 001 can re-run on a partially-provisioned DB
without crashing. Minor corrections to 002 and 005 (syntax alignment).
Updates RLS contract + operations docs to reflect the replay-safe semantics.
WebService + persistence csproj get the Infrastructure.Postgres migration
reference needed for StartupMigrationHost wiring.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds MigrationSqlTransactionClassifier to recognize migration SQL that opens
its own transactions (BEGIN/COMMIT/ROLLBACK) so MigrationRunner can skip
wrapping those files in an outer transaction. StartupMigrationHost now surfaces
a MigrationCategory indicator for runtime-aligned bootstrap. Test harness
extended with an explicit-transaction fixture and execution scenario coverage.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Scripts module now owns its PostgreSQL schema lifecycle: ScriptsPostgresOptions,
ServiceCollectionExtensions.AddReleaseOrchestratorScripts(), embedded SQL migration,
and MigrationServiceExtensions fix to register multiple IHostedService migrations
without deduplication. Fresh installs auto-converge the scripts catalog without
depending on Scheduler-owned bootstrap SQL.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
StandardPluginBootstrapper now retries up to 15 times (2s delay) so the
admin user and client seeds converge after PostgreSQL becomes reachable.
Exceptions bubble through the retry loop instead of being swallowed per-step.
Tests cover the retry path with a FlakyUserRepository that fails once then
succeeds.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Map 532 state-changing endpoints across 9 services for AuditActionFilter
- Plan 5-batch migration: convention helper → complex services → dual-write →
read migration → drop local tables
- Reclassify Authority auth-protocol and Policy gate-bypass audit as domain evidence
- 24 days active work + 120-day verification pipeline
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Mark CP-005 DONE: TenantAwareCryptoProviderRegistry decorator, ITenantCryptoPreferenceProvider
interface, AddTenantAwareCryptoResolution DI extension, PlatformCryptoPreferenceProvider,
14 unit tests (all pass), and sprint tracker update.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create timeline.unified_audit_events table with SHA-256 hash chain
- Create timeline.unified_audit_sequences for per-tenant tracking
- Replace IngestAuditEventStore (in-memory) with PostgresUnifiedAuditEventStore
- Preserve chain integrity via serializable isolation
- Mark AUDIT-001 as DONE in sprint tracker
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Create ISchedulerJobPlugin abstraction with JobKind routing
- Add SchedulerPluginRegistry for plugin discovery and resolution
- Wrap existing scan logic as ScanJobPlugin (zero behavioral change)
- Extend Schedule model with JobKind (default "scan") and PluginConfig (jsonb)
- Add SQL migrations 007 (job_kind/plugin_config) and 008 (doctor_trends table)
- Implement DoctorJobPlugin replacing standalone doctor-scheduler service
- Add PostgresDoctorTrendRepository for persistent trend storage
- Register Doctor trend endpoints at /api/v1/scheduler/doctor/trends/*
- Seed 3 default Doctor schedules (daily full, hourly quick, weekly compliance)
- Comment out doctor-scheduler container in compose and services-matrix
- Update Doctor architecture docs and AGENTS.md with scheduling migration info
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add crypto provider panel to Platform Settings at /setup/crypto-providers
- Show provider health status with status dots, latency, and last-checked time
- Collapsible start commands with copy-to-clipboard for stopped providers
- Auto-refresh every 30s using interval+switchMap, stopped on destroy
- Provider selection with confirmation dialog via existing ConfirmDialogComponent
- Priority ordering via number input per provider preference
- Active provider banner and per-card active badge
- Disabled "Set as Active" for stopped/unreachable providers with tooltip
- Algorithm scope mapping table for configured preferences
- Backward-compatible redirect from /settings/crypto-providers
- Setup overview card added for Crypto Providers
- Sprint CP-003/CP-004 marked DONE with execution log
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Import now supports three sources: server-side path (USB/NFS volumes),
backend URL download, and browser file upload. Export/import workflows
refactored from routed pages to overlay dialogs. Docs updated with
volume mount instructions and source comparison table.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Major edge routing improvements including corridor spacing, crossing reduction,
focused gateway boundary repairs, setter families, and advanced restabilization.
Adds workflow renderer tests for document-processing and artifact inspection.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Target-join and boundary-slot detection now use ResolveNodeSizeClearance
(node dimensions only), while under-node/proximity use
ResolveMinLineClearance (scales with NodeSpacing via ElkLayoutClearance).
Face slot gaps depend on node face geometry, not inter-node spacing.
Routing corridors should scale with spacing for visual breathing room.
Created sprint 008 for wider spacing robustness. NodeSpacing=50 still
fails on target-join (scoring/test detection mismatch needs investigation).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace string-based conflict keys (source:{nodeId}, target:{nodeId}) with
geometric bounding-box overlap detection. Edges now conflict only when their
routed path bounding boxes overlap spatially (with 40px margin) or share a
repeat-collector label on the same source-target pair.
This enables true spatial parallelism: edges using different sides of the
same node can now be repaired in parallel instead of being serialized.
Sprint 006 TASK-001 final criterion met. All 4 tasks DONE.
Tests verified: StraightExit 2/2, HybridDeterministicMode 3/3,
DocumentProcessingWorkflow artifact 1/1 (all 44+ assertions pass).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
