master
66cb6c4b8a
Some checks are pending
Docs CI / lint-and-preview (push) Waiting to run
- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform. - Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds. - Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies. - Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
49 KiB
49 KiB
Docs Guild Task Board (UTC 2025-10-10)
Blocked: waiting on telemetry core deliverable (TELEMETRY-OBS-50-001) to finalise architecture details and diagrams.
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-OBS-50-002 | TODO | Docs Guild, Security Guild | TELEMETRY-OBS-50-002 | Author /docs/observability/telemetry-standards.md detailing common fields, scrubbing policy, sampling defaults, and redaction override procedure. |
Doc merged; imposed rule banner present; examples validated with telemetry fixtures; security review sign-off captured. |
| DOCS-OBS-50-003 | TODO | Docs Guild, Observability Guild | TELEMETRY-OBS-50-001 | Create /docs/observability/logging.md covering structured log schema, dos/don'ts, tenant isolation, and copyable examples. |
Doc merged with banner; sample logs redacted; lint passes; linked from coding standards. |
| DOCS-OBS-50-004 | TODO | Docs Guild, Observability Guild | TELEMETRY-OBS-50-002 | Draft /docs/observability/tracing.md explaining context propagation, async linking, CLI header usage, and sampling strategies. |
Doc merged; imposed rule banner included; diagrams updated; references to CLI/Console features added. |
| DOCS-OBS-51-001 | TODO | Docs Guild, DevOps Guild | WEB-OBS-51-001, DEVOPS-OBS-51-001 | Publish /docs/observability/metrics-and-slos.md cataloging metrics, SLO targets, burn rate policies, and alert runbooks. |
Doc merged with banner; SLO tables verified; alert workflows linked to incident runbook. |
| DOCS-SEC-OBS-50-001 | TODO | Docs Guild, Security Guild | TELEMETRY-OBS-51-002 | Update /docs/security/redaction-and-privacy.md to cover telemetry privacy controls, tenant opt-in debug, and imposed rule reminder. |
Doc merged; redaction matrix updated; banner present; security sign-off recorded. |
| DOCS-INSTALL-50-001 | TODO | Docs Guild, DevOps Guild | DEVOPS-OBS-50-003 | Add /docs/install/telemetry-stack.md with collector deployment, exporter options, offline kit notes, and imposed rule banner. |
Doc merged; install steps verified on air-gapped profile; banner present; screenshots attached. |
| DOCS-FORENSICS-53-001 | TODO | Docs Guild, Evidence Locker Guild | EVID-OBS-53-003 | Publish /docs/forensics/evidence-locker.md describing bundle formats, WORM options, retention, legal hold, and imposed rule banner. |
Doc merged; manifest examples validated; banner present; legal hold steps aligned with API. |
| DOCS-FORENSICS-53-002 | TODO | Docs Guild, Provenance Guild | PROV-OBS-54-001 | Release /docs/forensics/provenance-attestation.md covering DSSE schema, signing process, verification workflow, and imposed rule banner. |
Doc merged; sample statements reference fixtures; banner included; verification steps tested. |
| DOCS-FORENSICS-53-003 | TODO | Docs Guild, Timeline Indexer Guild | TIMELINE-OBS-52-003 | Publish /docs/forensics/timeline.md with schema, event kinds, filters, query examples, and imposed rule banner. |
Doc merged; query examples validated; banner present; linked from Console/CLI docs. |
| DOCS-CONSOLE-OBS-52-001 | TODO | Docs Guild, Console Guild | CONSOLE-OBS-51-001 | Document /docs/console/observability.md showcasing Observability Hub widgets, trace/log search, imposed rule banner, and accessibility tips. |
Doc merged; screenshots updated; banner present; navigation steps verified. |
| DOCS-CONSOLE-OBS-52-002 | TODO | Docs Guild, Console Guild | CONSOLE-OBS-52-002, CONSOLE-OBS-53-001 | Publish /docs/console/forensics.md covering timeline explorer, evidence viewer, attestation verifier, imposed rule banner, and troubleshooting. |
Doc merged; banner included; workflows validated via Playwright capture; troubleshooting section populated. |
| DOCS-CLI-OBS-52-001 | TODO | Docs Guild, DevEx/CLI Guild | CLI-OBS-52-001 | Create /docs/modules/cli/guides/observability.md detailing stella obs commands, examples, exit codes, imposed rule banner, and scripting tips. |
Doc merged; examples tested; banner included; CLI parity matrix updated. |
| DOCS-CLI-FORENSICS-53-001 | TODO | Docs Guild, DevEx/CLI Guild | CLI-FORENSICS-54-001 | Publish /docs/modules/cli/guides/forensics.md for snapshot/verify/attest commands with sample outputs, imposed rule banner, and offline workflows. |
Doc merged; sample bundles verified; banner present; offline notes cross-linked. |
| DOCS-RUNBOOK-55-001 | TODO | Docs Guild, Ops Guild | DEVOPS-OBS-55-001, WEB-OBS-55-001 | Author /docs/runbooks/incidents.md describing incident mode activation, escalation steps, retention impact, verification checklist, and imposed rule banner. |
Doc merged; runbook rehearsed; banner included; linked from alerts. |
| DOCS-SURFACE-01 | TODO | Docs Guild, Scanner Guild, Zastava Guild | SURFACE-FS-01, SURFACE-ENV-01, SURFACE-SECRETS-01 | Create /docs/modules/scanner/scanner-engine.md covering Surface.FS/Env/Secrets workflow between Scanner, Zastava, Scheduler, and Ops. |
Guide merged; linked from scanner/zastava architecture dossiers and component map; diagrams committed. |
Air-Gapped Mode (Epic 16)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-AIRGAP-56-001 | TODO | Docs Guild, AirGap Controller Guild | AIRGAP-CTL-56-002 | Publish /docs/airgap/overview.md outlining modes, lifecycle, responsibilities, and imposed rule banner. |
Doc merged; banner present; diagrams included. |
| DOCS-AIRGAP-56-002 | TODO | Docs Guild, DevOps Guild | DEVOPS-AIRGAP-56-001 | Author /docs/airgap/sealing-and-egress.md covering network policies, EgressPolicy facade usage, and verification steps. |
Doc merged; examples validated; banner included. |
| DOCS-AIRGAP-56-003 | TODO | Docs Guild, Exporter Guild | EXPORT-AIRGAP-56-001 | Create /docs/airgap/mirror-bundles.md describing bundle format, DSSE/TUF/Merkle validation, creation/import workflows. |
Doc merged; sample commands verified; banner present. |
| DOCS-AIRGAP-56-004 | TODO | Docs Guild, Deployment Guild | DEVOPS-AIRGAP-56-003 | Publish /docs/airgap/bootstrap.md detailing Bootstrap Pack creation, validation, and install procedures. |
Doc merged; checklist appended; screenshots verified. |
| DOCS-AIRGAP-57-001 | TODO | Docs Guild, AirGap Time Guild | AIRGAP-TIME-58-001 | Write /docs/airgap/staleness-and-time.md explaining time anchors, drift policies, staleness budgets, and UI indicators. |
Doc merged; math checked; banner included. |
| DOCS-AIRGAP-57-002 | TODO | Docs Guild, Console Guild | CONSOLE-AIRGAP-57-001 | Publish /docs/console/airgap.md covering sealed badge, import wizard, staleness dashboards. |
Doc merged; screenshots captured; banner present. |
| DOCS-AIRGAP-57-003 | TODO | Docs Guild, CLI Guild | CLI-AIRGAP-57-001 | Publish /docs/modules/cli/guides/airgap.md documenting commands, examples, exit codes. |
Doc merged; examples validated; banner present. |
| DOCS-AIRGAP-57-004 | TODO | Docs Guild, Ops Guild | DEVOPS-AIRGAP-56-002 | Create /docs/airgap/operations.md with runbooks for imports, failure recovery, and auditing. |
Doc merged; runbooks rehearsed; banner included. |
| DOCS-AIRGAP-58-001 | TODO | Docs Guild, Product Guild | CONSOLE-AIRGAP-58-002 | Provide /docs/airgap/degradation-matrix.md enumerating feature availability, fallbacks, remediation. |
Doc merged; matrix reviewed; banner included. |
| DOCS-AIRGAP-58-002 | TODO | Docs Guild, Security Guild | PROV-OBS-54-001 | Update /docs/security/trust-and-signing.md with DSSE/TUF roots, rotation, and signed time tokens. |
Doc merged; security sign-off recorded; banner present. |
| DOCS-AIRGAP-58-003 | TODO | Docs Guild, DevEx Guild | AIRGAP-POL-56-001 | Publish /docs/dev/airgap-contracts.md describing EgressPolicy usage, sealed-mode tests, linting. |
Doc merged; sample code validated; banner included. |
| DOCS-AIRGAP-58-004 | TODO | Docs Guild, Evidence Locker Guild | EVID-OBS-55-001 | Document /docs/airgap/portable-evidence.md for exporting/importing portable evidence bundles across enclaves. |
Doc merged; verification steps tested; banner present. |
SDKs & OpenAPI (Epic 17)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-OAS-61-001 | TODO | Docs Guild, API Contracts Guild | OAS-61-002 | Publish /docs/api/overview.md covering auth, tenancy, pagination, idempotency, rate limits with banner. |
Doc merged; examples validated; banner present. |
| DOCS-OAS-61-002 | TODO | Docs Guild, API Governance Guild | APIGOV-61-001 | Author /docs/api/conventions.md capturing naming, errors, filters, sorting, examples. |
Doc merged; lint passes; banner included. |
| DOCS-OAS-61-003 | TODO | Docs Guild, API Governance Guild | APIGOV-63-001 | Publish /docs/api/versioning.md describing SemVer, deprecation headers, migration playbooks. |
Doc merged; example headers validated; banner present. |
| DOCS-OAS-62-001 | TODO | Docs Guild, Developer Portal Guild | DEVPORT-62-002 | Stand up /docs/api/reference/ auto-generated site; integrate with portal nav. |
Reference site builds; search works; banner included. |
| DOCS-SDK-62-001 | TODO | Docs Guild, SDK Generator Guild | SDKGEN-63-001 | Publish /docs/sdks/overview.md plus language guides (typescript.md, python.md, go.md, java.md). |
Docs merged; code samples pulled from tested examples; banner present. |
| DOCS-DEVPORT-62-001 | TODO | Docs Guild, Developer Portal Guild | DEVPORT-62-001 | Document /docs/devportal/publishing.md for build pipeline, offline bundle steps. |
Doc merged; cross-links validated; banner included. |
| DOCS-CONTRIB-62-001 | TODO | Docs Guild, API Governance Guild | APIGOV-61-001 | Publish /docs/contributing/api-contracts.md detailing how to edit OAS, lint rules, compatibility checks. |
Doc merged; banner present; examples validated. |
| DOCS-TEST-62-001 | TODO | Docs Guild, Contract Testing Guild | CONTR-62-001 | Author /docs/testing/contract-testing.md covering mock server, replay tests, golden fixtures. |
Doc merged; references to tooling validated; banner present. |
| DOCS-SEC-62-001 | TODO | Docs Guild, Authority Core | AUTH-AIRGAP-56-001 | Update /docs/security/auth-scopes.md with OAuth2/PAT scopes, tenancy header usage. |
Doc merged; scope tables verified; banner included. |
| DOCS-AIRGAP-DEVPORT-64-001 | TODO | Docs Guild, DevPortal Offline Guild | DVOFF-64-001 | Create /docs/airgap/devportal-offline.md describing offline bundle usage and verification. |
Doc merged; verification steps tested; banner present. |
Risk Profiles (Epic 18)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-RISK-66-001 | TODO | Docs Guild, Risk Profile Schema Guild | POLICY-RISK-66-001 | Publish /docs/risk/overview.md covering concepts and glossary. |
Doc merged with banner; terminology reviewed. |
| DOCS-RISK-66-002 | TODO | Docs Guild, Policy Guild | POLICY-RISK-66-003 | Author /docs/risk/profiles.md (authoring, versioning, scope). |
Doc merged; schema examples validated; banner present. |
| DOCS-RISK-66-003 | TODO | Docs Guild, Risk Engine Guild | RISK-ENGINE-67-001 | Publish /docs/risk/factors.md cataloging signals, transforms, reducers, TTLs. |
Document merged; tables verified; banner included. |
| DOCS-RISK-66-004 | TODO | Docs Guild, Risk Engine Guild | RISK-ENGINE-66-002 | Create /docs/risk/formulas.md detailing math, normalization, gating, severity. |
Doc merged; equations rendered; banner present. |
| DOCS-RISK-67-001 | TODO | Docs Guild, Risk Engine Guild | RISK-ENGINE-68-001 | Publish /docs/risk/explainability.md showing artifact schema and UI screenshots. |
Doc merged; CLI examples validated; banner included. |
| DOCS-RISK-67-002 | TODO | Docs Guild, API Guild | POLICY-RISK-67-002 | Produce /docs/risk/api.md with endpoint reference/examples. |
Doc merged; OAS examples synced; banner present. |
| DOCS-RISK-67-003 | TODO | Docs Guild, Console Guild | CONSOLE-RISK-66-001 | Document /docs/console/risk-ui.md for authoring, simulation, dashboards. |
Doc merged; screenshots updated; banner included. |
| DOCS-RISK-67-004 | TODO | Docs Guild, CLI Guild | CLI-RISK-66-001 | Publish /docs/modules/cli/guides/risk.md covering CLI workflows. |
Doc merged; command examples validated; banner present. |
| DOCS-RISK-68-001 | TODO | Docs Guild, Export Guild | RISK-BUNDLE-69-001 | Add /docs/airgap/risk-bundles.md for offline factor bundles. |
Doc merged; verification steps confirmed; banner included. |
| DOCS-RISK-68-002 | TODO | Docs Guild, Security Guild | POLICY-RISK-66-003 | Update /docs/security/aoc-invariants.md with risk scoring provenance guarantees. |
Doc merged; audit references updated; banner present. |
Attestor Console (Epic 19)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-ATTEST-73-001 | TODO | Docs Guild, Attestor Service Guild | ATTEST-TYPES-73-001 | Publish /docs/modules/attestor/overview.md with imposed rule banner. |
Doc merged; terminology validated. |
| DOCS-ATTEST-73-002 | TODO | Docs Guild, Attestation Payloads Guild | ATTEST-TYPES-73-002 | Write /docs/modules/attestor/payloads.md with schemas/examples. |
Doc merged; examples validated via tests. |
| DOCS-ATTEST-73-003 | TODO | Docs Guild, Policy Guild | POLICY-ATTEST-73-002 | Publish /docs/modules/attestor/policies.md covering verification policies. |
Doc merged; policy examples validated. |
| DOCS-ATTEST-73-004 | TODO | Docs Guild, Attestor Service Guild | ATTESTOR-73-002 | Add /docs/modules/attestor/workflows.md detailing ingest, verify, bulk operations. |
Doc merged; workflows tested. |
| DOCS-ATTEST-74-001 | TODO | Docs Guild, KMS Guild | KMS-73-001 | Publish /docs/modules/attestor/keys-and-issuers.md. |
Doc merged; rotation guidance verified. |
| DOCS-ATTEST-74-002 | TODO | Docs Guild, Transparency Guild | TRANSP-74-001 | Document /docs/modules/attestor/transparency.md with witness usage/offline validation. |
Doc merged; proofs validated. |
| DOCS-ATTEST-74-003 | TODO | Docs Guild, Attestor Console Guild | CONSOLE-ATTEST-73-001 | Write /docs/console/attestor-ui.md with screenshots/workflows. |
Doc merged; screenshots captured; banner present. |
| DOCS-ATTEST-74-004 | TODO | Docs Guild, CLI Attestor Guild | CLI-ATTEST-73-001 | Publish /docs/modules/cli/guides/attest.md covering CLI usage. |
Doc merged; commands validated. |
| DOCS-ATTEST-75-001 | TODO | Docs Guild, Export Attestation Guild | EXPORT-ATTEST-75-002 | Add /docs/modules/attestor/airgap.md for attestation bundles. |
Doc merged; verification steps confirmed. |
| DOCS-ATTEST-75-002 | TODO | Docs Guild, Security Guild | ATTESTOR-73-002 | Update /docs/security/aoc-invariants.md with attestation invariants. |
Doc merged; invariants detailed. |
Policy Engine v2
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|
Graph Explorer v1
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|
Link-Not-Merge v1
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-LNM-22-001 | BLOCKED (2025-10-27) | Docs Guild, Concelier Guild | CONCELIER-LNM-21-001..003 | Author /docs/advisories/aggregation.md covering observation vs linkset, conflict handling, AOC requirements, and reviewer checklist. |
Draft doc merged with examples + checklist; final sign-off blocked until Concelier schema/API tasks land. |
Blocker (2025-10-27):
CONCELIER-LNM-21-001..003still TODO; update doc + fixtures once schema/API implementations are available. | DOCS-LNM-22-002 | BLOCKED (2025-10-27) | Docs Guild, Excititor Guild | EXCITITOR-LNM-21-001..003 | Publish/docs/vex/aggregation.mddescribing VEX observation/linkset model, product matching, conflicts. | Draft doc merged with fixtures; final approval blocked until Excititor observation/linkset work ships. | Blocker (2025-10-27):EXCITITOR-LNM-21-001..003remain TODO; refresh doc, fixtures, and examples post-implementation. | DOCS-LNM-22-003 | BLOCKED (2025-10-27) | Docs Guild, BE-Base Platform Guild | WEB-LNM-21-001..003 | Update/docs/api/advisories.mdand/docs/api/vex.mdfor new endpoints, parameters, errors, exports. | Draft pending gateway/API delivery; unblock once endpoints + OpenAPI specs are available. | Blocker (2025-10-27):WEB-LNM-21-001..003all TODO—no gateway endpoints/OpenAPI to document yet. | DOCS-LNM-22-004 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-40-001 | Create/docs/policy/effective-severity.mddetailing severity selection strategies from multiple sources. | Doc merged with policy examples; checklist included. | | DOCS-LNM-22-005 | BLOCKED (2025-10-27) | Docs Guild, UI Guild | UI-LNM-22-001..003 | Document/docs/ui/evidence-panel.mdwith screenshots, conflict badges, accessibility guidance. | Awaiting UI implementation to capture screenshots + flows; unblock once Evidence panel ships. | Blocker (2025-10-27):UI-LNM-22-001..003all TODO; documentation requires final UI states and accessibility audit artifacts.
StellaOps Console (Sprint 23)
2025-10-28: Install Docker guide references pending CLI commands (
stella downloads manifest,stella downloads mirror,stella console status). Update once CLI parity lands. 2025-10-28: Added guide covering keyboard matrix, screen reader behaviour, colour/focus tokens, testing workflow, offline guidance, and compliance checklist. Follow-up: align diagrams/examples afterCONCELIER-LNM-21&EXCITITOR-LNM-21work merges (currently TODO).
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-LNM-22-007 | TODO | Docs Guild, Observability Guild | CONCELIER-LNM-21-005, EXCITITOR-LNM-21-005, DEVOPS-LNM-22-002 | Publish /docs/observability/aggregation.md with metrics/traces/logs/SLOs. |
Observability doc merged; dashboards referenced; checklist appended. |
| DOCS-LNM-22-008 | TODO | Docs Guild, DevOps Guild | MERGE-LNM-21-001, CONCELIER-LNM-21-102 | Write /docs/migration/no-merge.md describing migration plan, backfill steps, rollback, feature flags. |
Migration doc approved by stakeholders; checklist appended. |
Policy Engine + Editor v1
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-POLICY-23-001 | TODO | Docs Guild, Policy Guild | POLICY-SPL-23-001..003 | Author /docs/policy/overview.md describing SPL philosophy, layering, and glossary with reviewer checklist. |
Doc merged; lint passes; checklist appended. |
| DOCS-POLICY-23-002 | TODO | Docs Guild, Policy Guild | POLICY-SPL-23-001 | Write /docs/policy/spl-v1.md (language reference, JSON Schema, examples). |
Reference published with schema snippets; checklist completed. |
| DOCS-POLICY-23-003 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-50-001..004 | Produce /docs/policy/runtime.md covering compiler, evaluator, caching, events, SLOs. |
Runtime doc merged with diagrams; observability references included. |
| DOCS-POLICY-23-004 | TODO | Docs Guild, UI Guild | UI-POLICY-23-001..006 | Document /docs/policy/editor.md (UI walkthrough, validation, simulation, approvals). |
Editor doc merged with screenshots; accessibility checklist satisfied. |
| DOCS-POLICY-23-005 | TODO | Docs Guild, Security Guild | AUTH-POLICY-23-001..002 | Publish /docs/policy/governance.md (roles, scopes, approvals, signing, exceptions). |
Governance doc merged; checklist appended. |
| DOCS-POLICY-23-006 | TODO | Docs Guild, BE-Base Platform Guild | WEB-POLICY-23-001..004 | Update /docs/api/policy.md with new endpoints, schemas, errors, pagination. |
API doc aligns with OpenAPI; examples validated; checklist included. |
| DOCS-POLICY-23-007 | TODO | Docs Guild, DevEx/CLI Guild | CLI-POLICY-23-004..006 | Update /docs/modules/cli/guides/policy.md for lint/simulate/activate/history commands, exit codes. |
CLI doc updated; samples verified; checklist appended. |
| DOCS-POLICY-23-008 | TODO | Docs Guild, Architecture Guild | POLICY-ENGINE-50-005..006 | Refresh /docs/modules/policy/architecture.md with data model, sequence diagrams, event flows. |
Architecture doc merged with diagrams; checklist appended. |
| DOCS-POLICY-23-009 | TODO | Docs Guild, DevOps Guild | MERGE-LNM-21-001, DEVOPS-LNM-22-001 | Create /docs/migration/policy-parity.md covering dual-run parity plan and rollback. |
Migration doc approved; checklist appended. |
| DOCS-POLICY-23-010 | TODO | Docs Guild, UI Guild | UI-POLICY-23-006 | Write /docs/ui/explainers.md showing explain trees, evidence overlays, interpretation guidance. |
Doc merged with annotated screenshots; checklist appended. |
Graph & Vuln Explorer v1
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-GRAPH-24-001 | TODO | Docs Guild, UI Guild | UI-GRAPH-24-001..006 | Author /docs/ui/sbom-graph-explorer.md detailing overlays, filters, saved views, accessibility, and AOC visibility. |
Doc merged; screenshots included; checklist appended. |
| DOCS-GRAPH-24-002 | TODO | Docs Guild, UI Guild | UI-GRAPH-24-005 | Publish /docs/ui/vulnerability-explorer.md covering table usage, grouping, fix suggestions, Why drawer. |
Doc merged with annotated images; accessibility checklist satisfied. |
| DOCS-GRAPH-24-003 | TODO | Docs Guild, SBOM Service Guild | SBOM-GRAPH-24-001..003 | Create /docs/modules/graph/architecture-index.md describing data model, ingestion pipeline, caches, events. |
Architecture doc merged with diagrams; checklist appended. |
| DOCS-GRAPH-24-004 | TODO | Docs Guild, BE-Base Platform Guild | WEB-GRAPH-24-001..003 | Document /docs/api/graph.md and /docs/api/vuln.md avec endpoints, parameters, errors, RBAC. |
API docs aligned with OpenAPI; examples validated; checklist appended. |
| DOCS-GRAPH-24-005 | TODO | Docs Guild, DevEx/CLI Guild | CLI-GRAPH-24-001..003 | Update /docs/modules/cli/guides/graph-and-vuln.md covering new CLI commands, exit codes, scripting. |
CLI doc merged; examples tested; checklist appended. |
| DOCS-GRAPH-24-006 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-60-001..002 | Write /docs/policy/ui-integration.md explaining overlays, cache usage, simulator contracts. |
Doc merged; references cross-linked; checklist appended. |
| DOCS-GRAPH-24-007 | TODO | Docs Guild, DevOps Guild | DEVOPS-GRAPH-24-001..003 | Produce /docs/migration/graph-parity.md with rollout plan, parity checks, fallback guidance. |
Migration doc approved; checklist appended. |
Exceptions v1
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-EXC-25-001 | TODO | Docs Guild, Governance Guild | WEB-EXC-25-001 | Author /docs/governance/exceptions.md covering lifecycle, scope patterns, examples, compliance checklist. |
Doc merged; reviewers sign off; checklist included. |
| DOCS-EXC-25-002 | TODO | Docs Guild, Authority Core | AUTH-EXC-25-001 | Publish /docs/governance/approvals-and-routing.md detailing roles, routing matrix, MFA rules, audit trails. |
Doc merged; routing examples validated; checklist appended. |
| DOCS-EXC-25-003 | TODO | Docs Guild, BE-Base Platform Guild | WEB-EXC-25-001..003 | Create /docs/api/exceptions.md with endpoints, payloads, errors, idempotency notes. |
API doc aligned with OpenAPI; examples tested; checklist appended. |
| DOCS-EXC-25-005 | TODO | Docs Guild, UI Guild | UI-EXC-25-001..004 | Write /docs/ui/exception-center.md with UI walkthrough, badges, accessibility, shortcuts. |
Doc merged with screenshots; accessibility checklist completed. |
| DOCS-EXC-25-006 | TODO | Docs Guild, DevEx/CLI Guild | CLI-EXC-25-001..002 | Update /docs/modules/cli/guides/exceptions.md covering command usage and exit codes. |
CLI doc updated; examples validated; checklist appended. |
| DOCS-EXC-25-007 | TODO | Docs Guild, DevOps Guild | SCHED-WORKER-25-101, DEVOPS-GRAPH-24-003 | Publish /docs/migration/exception-governance.md describing cutover from legacy suppressions, notifications, rollback. |
Migration doc approved; checklist included. |
Update statuses (TODO/DOING/REVIEW/DONE/BLOCKED) as progress changes. Keep guides in sync with configuration samples under
etc/.
Remark (2025-10-13, DOC4.AUTH-PDG): Rate limit guide published (
docs/security/rate-limits.md) and handed to plugin docs team for diagram uplift once PLG6.DIAGRAM lands.
Orchestrator Dashboard (Epic 9)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-ORCH-32-001 | TODO | Docs Guild | ORCH-SVC-32-001, AUTH-ORCH-32-001 | Author /docs/orchestrator/overview.md covering mission, roles, AOC alignment, governance, with imposed rule reminder. |
Doc merged with diagrams; imposed rule statement included; entry linked from docs index. |
| DOCS-ORCH-32-002 | TODO | Docs Guild | ORCH-SVC-32-002 | Author /docs/orchestrator/architecture.md detailing scheduler, DAGs, rate limits, data model, message bus, storage layout, restating imposed rule. |
Architecture doc merged; diagrams reviewed; imposed rule noted. |
| DOCS-ORCH-33-001 | TODO | Docs Guild | ORCH-SVC-33-001..004, WEB-ORCH-33-001 | Publish /docs/orchestrator/api.md (REST/WebSocket endpoints, payloads, error codes) with imposed rule note. |
API doc merged; examples validated; imposed rule appended. |
| DOCS-ORCH-33-002 | TODO | Docs Guild | CONSOLE-ORCH-32-002, CONSOLE-ORCH-33-001..002 | Publish /docs/orchestrator/console.md covering screens, a11y, live updates, control actions, reiterating imposed rule. |
Console doc merged with screenshots; accessibility checklist done; imposed rule statement present. |
| DOCS-ORCH-33-003 | TODO | Docs Guild | CLI-ORCH-33-001 | Publish /docs/orchestrator/cli.md documenting commands, options, exit codes, streaming output, offline usage, and imposed rule. |
CLI doc merged; examples tested; imposed rule appended. |
| DOCS-ORCH-34-001 | TODO | Docs Guild | ORCH-SVC-34-002, LEDGER-34-101 | Author /docs/orchestrator/run-ledger.md covering ledger schema, provenance chain, audit workflows, with imposed rule reminder. |
Run-ledger doc merged; payload samples validated; imposed rule included; cross-links added. |
| DOCS-ORCH-34-002 | TODO | Docs Guild | AUTH-ORCH-32-001, AUTH-ORCH-34-001 | Update /docs/security/secrets-handling.md for orchestrator KMS refs, redaction badges, operator hygiene, reiterating imposed rule. |
Security doc merged; checklists updated; imposed rule restated; references from Console/CLI docs added. |
| DOCS-ORCH-34-003 | TODO | Docs Guild | ORCH-SVC-33-003, ORCH-SVC-34-001, DEVOPS-ORCH-34-001 | Publish /docs/operations/orchestrator-runbook.md (incident playbook, backfill guide, circuit breakers, throttling) with imposed rule statement. |
Runbook merged; steps validated with DevOps; imposed rule included; runbook linked from ops index. |
| DOCS-ORCH-34-004 | TODO | Docs Guild | ORCH-SVC-32-005, WORKER-GO-33-001, WORKER-PY-33-001 | Document /docs/schemas/artifacts.md describing artifact kinds, schema versions, hashing, storage layout, restating imposed rule. |
Schema doc merged; JSON schema provided; imposed rule included; sample payload validated. |
| DOCS-ORCH-34-005 | TODO | Docs Guild | ORCH-SVC-34-001, DEVOPS-ORCH-34-001 | Author /docs/slo/orchestrator-slo.md defining SLOs, burn alerts, measurement, and reiterating imposed rule. |
SLO doc merged; dashboard screenshots embedded; imposed rule appended; alerts documented. |
Export Center (Epic 10)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-EXPORT-37-004 | TODO | Docs Guild | AUTH-EXPORT-37-001, EXPORT-SVC-37-002 | Publish /docs/security/export-hardening.md outlining RBAC, tenancy, encryption, redaction, restating imposed rule. |
Security doc merged; checklist updated; rule appended. |
| DOCS-EXPORT-37-101 | TODO | Docs Guild, DevEx/CLI Guild | CLI-EXPORT-37-001 | Refresh CLI verification sections once stella export verify lands (flags, exit codes, samples). |
docs/modules/export-center/cli.md & docs/modules/export-center/provenance-and-signing.md updated with final command syntax; examples tested; rule reminder retained. |
| DOCS-EXPORT-37-102 | TODO | Docs Guild, DevOps Guild | DEVOPS-EXPORT-37-001 | Embed export dashboards/alerts references into provenance/runbook docs after Grafana work ships. | Docs updated with dashboard IDs/alert notes; update logged; rule reminder present. |
| DOCS-EXPORT-37-005 | TODO | Docs Guild, Exporter Service Guild | EXPORT-SVC-35-006, DEVOPS-EXPORT-36-001 | Validate Export Center docs against live Trivy/mirror bundles once implementation lands; refresh examples and CLI snippets accordingly. | Real bundle examples recorded; docs updated; verification steps confirmed with production artefacts. |
Note (2025-10-29): Blocked until exporter API (
EXPORT-SVC-35-006) and Trivy/mirror adapters (EXPORT-SVC-36-001,EXPORT-SVC-37-001) ship. Requires access to CI smoke outputs (DEVOPS-EXPORT-36-001) for verification artifacts.
Reachability v1
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-SIG-26-001 | TODO | Docs Guild, Signals Guild | SIGNALS-24-004 | Write /docs/signals/reachability.md covering states, scores, provenance, retention. |
Doc merged with diagrams/examples; checklist appended. |
| DOCS-SIG-26-002 | TODO | Docs Guild, Signals Guild | SIGNALS-24-002 | Publish /docs/signals/callgraph-formats.md with schemas and validation errors. |
Doc merged; examples tested; checklist included. |
| DOCS-SIG-26-003 | TODO | Docs Guild, Runtime Guild | SIGNALS-24-003 | Create /docs/signals/runtime-facts.md detailing agent capabilities, privacy safeguards, opt-in flags. |
Doc merged; privacy review done; checklist appended. |
| DOCS-SIG-26-004 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-80-001 | Document /docs/policy/signals-weighting.md for SPL predicates and weighting strategies. |
Doc merged; sample policies validated; checklist appended. |
| DOCS-SIG-26-005 | TODO | Docs Guild, UI Guild | UI-SIG-26-001..003 | Draft /docs/ui/reachability-overlays.md with badges, timelines, shortcuts. |
Doc merged with screenshots; accessibility checklist completed. |
| DOCS-SIG-26-006 | TODO | Docs Guild, DevEx/CLI Guild | CLI-SIG-26-001..002 | Update /docs/modules/cli/guides/reachability.md for new commands and automation recipes. |
Doc merged; examples verified; checklist appended. |
| DOCS-SIG-26-007 | TODO | Docs Guild, BE-Base Platform Guild | WEB-SIG-26-001..003 | Publish /docs/api/signals.md covering endpoints, payloads, ETags, errors. |
API doc aligned with OpenAPI; examples tested; checklist appended. |
| DOCS-SIG-26-008 | TODO | Docs Guild, DevOps Guild | DEVOPS-SIG-26-001..002 | Write /docs/migration/enable-reachability.md guiding rollout, fallbacks, monitoring. |
Migration doc approved; checklist appended. |
Policy Studio (Sprint 27)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-POLICY-27-001 | BLOCKED (2025-10-27) | Docs Guild, Policy Guild | REGISTRY-API-27-001, POLICY-ENGINE-27-001 | Publish /docs/policy/studio-overview.md covering lifecycle, roles, glossary, and compliance checklist. |
Doc merged with diagrams + lifecycle table; checklist appended; stakeholders sign off. |
Blocked by
REGISTRY-API-27-001andPOLICY-ENGINE-27-001; need spec + compile data. Blocker: Registry OpenAPI (REGISTRY-API-27-001) and policy compile enrichments (POLICY-ENGINE-27-001) are still TODO; need final interfaces before drafting overview. | DOCS-POLICY-27-002 | BLOCKED (2025-10-27) | Docs Guild, Console Guild | CONSOLE-STUDIO-27-001 | Write/docs/policy/authoring.mddetailing workspace templates, snippets, lint rules, IDE shortcuts, and best practices. | Authoring doc includes annotated screenshots, snippet catalog, compliance checklist. | Blocked byCONSOLE-STUDIO-27-001Studio authoring UI pending. Blocker: Console Studio authoring UI (CONSOLE-STUDIO-27-001) not implemented; awaiting UX to capture flows/snippets. | DOCS-POLICY-27-003 | BLOCKED (2025-10-27) | Docs Guild, Policy Registry Guild | REGISTRY-API-27-007 | Document/docs/policy/versioning-and-publishing.md(semver rules, attestations, rollback) with compliance checklist. | Doc merged with flow diagrams; attestation steps documented; checklist appended. | Blocked byREGISTRY-API-27-007publish/sign pipeline outstanding. Blocker: Registry publish/sign workflow (REGISTRY-API-27-007) pending. | DOCS-POLICY-27-004 | BLOCKED (2025-10-27) | Docs Guild, Scheduler Guild | REGISTRY-API-27-005, SCHED-WORKER-27-301 | Write/docs/policy/simulation.mdcovering quick vs batch sim, thresholds, evidence bundles, CLI examples. | Simulation doc includes charts, sample manifests, checklist appended. | Blocked byREGISTRY-API-27-005/SCHED-WORKER-27-301batch simulation not ready. Blocker: Batch simulation APIs/workers (REGISTRY-API-27-005,SCHED-WORKER-27-301) still TODO. | DOCS-POLICY-27-005 | BLOCKED (2025-10-27) | Docs Guild, Product Ops | REGISTRY-API-27-006 | Publish/docs/policy/review-and-approval.mdwith approver requirements, comments, webhooks, audit trail guidance. | Doc merged with role matrix + webhook schema; checklist appended. | Blocked byREGISTRY-API-27-006review workflow not implemented. Blocker: Review workflow (REGISTRY-API-27-006) not landed. | DOCS-POLICY-27-006 | BLOCKED (2025-10-27) | Docs Guild, Policy Guild | REGISTRY-API-27-008 | Author/docs/policy/promotion.mdcovering environments, canary, rollback, and monitoring steps. | Promotion doc includes examples + checklist; verified by Policy Ops. | Blocked byREGISTRY-API-27-008promotion APIs pending. Blocker: Promotion/canary APIs (REGISTRY-API-27-008) outstanding. | DOCS-POLICY-27-007 | BLOCKED (2025-10-27) | Docs Guild, DevEx/CLI Guild | CLI-POLICY-27-001..004 | Update/docs/policy/cli.mdwith new commands, JSON schemas, CI usage, and compliance checklist. | CLI doc merged with transcripts; schema references validated; checklist appended. | Blocked byCLI-POLICY-27-001..004CLI commands missing. Blocker: Policy CLI commands (CLI-POLICY-27-001..004) yet to implement. | DOCS-POLICY-27-008 | BLOCKED (2025-10-27) | Docs Guild, Policy Registry Guild | REGISTRY-API-27-001..008 | Publish/docs/policy/api.mddescribing Registry endpoints, request/response schemas, errors, and feature flags. | API doc aligned with OpenAPI; examples validated; checklist appended. | Blocked byREGISTRY-API-27-001..008OpenAPI + endpoints incomplete. Blocker: Registry OpenAPI/spec suite (REGISTRY-API-27-001..008) incomplete. | DOCS-POLICY-27-009 | BLOCKED (2025-10-27) | Docs Guild, Security Guild | AUTH-POLICY-27-002 | Create/docs/security/policy-attestations.mdcovering signing, verification, key rotation, and compliance checklist. | Security doc approved by Security Guild; verifier steps documented; checklist appended. | Blocked byAUTH-POLICY-27-002signing enforcement pending. Blocker: Authority signing enforcement (AUTH-POLICY-27-002) pending. | DOCS-POLICY-27-010 | BLOCKED (2025-10-27) | Docs Guild, Architecture Guild | REGISTRY-API-27-001, SCHED-WORKER-27-301 | Author/docs/modules/policy/registry-architecture.md(service design, schemas, queues, failure modes) with diagrams and checklist. | Architecture doc merged; diagrams committed; checklist appended. | Blocked byREGISTRY-API-27-001&SCHED-WORKER-27-301need delivery. Blocker: Policy Registry schema/workers not delivered (seeREGISTRY-API-27-001,SCHED-WORKER-27-301). | DOCS-POLICY-27-011 | BLOCKED (2025-10-27) | Docs Guild, Observability Guild | DEVOPS-POLICY-27-004 | Publish/docs/observability/policy-telemetry.mdwith metrics/log tables, dashboards, alerts, and compliance checklist. | Observability doc merged; dashboards linked; checklist appended. | Blocked byDEVOPS-POLICY-27-004observability dashboards outstanding. Blocker: Observability dashboards (DEVOPS-POLICY-27-004) not built. | DOCS-POLICY-27-012 | BLOCKED (2025-10-27) | Docs Guild, Ops Guild | DEPLOY-POLICY-27-002 | Write/docs/runbooks/policy-incident.mddetailing rollback, freeze, forensic steps, notifications. | Runbook merged; rehearsal recorded; checklist appended. | Blocked byDEPLOY-POLICY-27-002incident runbook inputs pending. Blocker: Ops runbook inputs (DEPLOY-POLICY-27-002) pending. | DOCS-POLICY-27-013 | BLOCKED (2025-10-27) | Docs Guild, Policy Guild | CONSOLE-STUDIO-27-001, REGISTRY-API-27-002 | Update/docs/examples/policy-templates.mdwith new templates, snippets, and sample policies. | Examples committed with commentary; lint passes; checklist appended. | Blocked byCONSOLE-STUDIO-27-001/REGISTRY-API-27-002templates missing. Blocker: Studio templates and registry storage (CONSOLE-STUDIO-27-001,REGISTRY-API-27-002) not available. | DOCS-POLICY-27-014 | BLOCKED (2025-10-27) | Docs Guild, Policy Registry Guild | REGISTRY-API-27-003, WEB-POLICY-27-001 | Refresh/docs/aoc/aoc-guardrails.mdto include Studio-specific guardrails and validation scenarios. | Doc updated with Studio guardrails; compliance checklist appended. | Blocked byREGISTRY-API-27-003&WEB-POLICY-27-001guardrails not implemented. Blocker: Registry compile pipeline/web proxy (REGISTRY-API-27-003,WEB-POLICY-27-001) outstanding.
Vulnerability Explorer (Sprint 29)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-VULN-29-001 | TODO | Docs Guild, Vuln Explorer Guild | VULN-API-29-001 | Publish /docs/vuln/explorer-overview.md covering domain model, identities, AOC guarantees, workflow summary. |
Doc merged with diagrams/table; compliance checklist appended. |
| DOCS-VULN-29-002 | TODO | Docs Guild, Console Guild | CONSOLE-VULN-29-001..006 | Write /docs/vuln/explorer-using-console.md with workflows, screenshots, keyboard shortcuts, saved views, deep links. |
Doc merged; images stored; WCAG notes included; checklist appended. |
| DOCS-VULN-29-003 | TODO | Docs Guild, Vuln Explorer API Guild | VULN-API-29-001..009 | Author /docs/vuln/explorer-api.md (endpoints, query schema, grouping, errors, rate limits). |
Doc aligned with OpenAPI; examples validated; checklist appended. |
| DOCS-VULN-29-004 | TODO | Docs Guild, DevEx/CLI Guild | CLI-VULN-29-001..005 | Publish /docs/vuln/explorer-cli.md with command reference, samples, exit codes, CI snippets. |
CLI doc merged; transcripts/JSON outputs validated; checklist appended. |
| DOCS-VULN-29-005 | TODO | Docs Guild, Findings Ledger Guild | LEDGER-29-001..009 | Write /docs/vuln/findings-ledger.md detailing event schema, hashing, Merkle roots, replay tooling. |
Doc merged; compliance checklist appended; audit team sign-off. |
| DOCS-VULN-29-006 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-29-001..003 | Update /docs/policy/vuln-determinations.md for new rationale, signals, simulation semantics. |
Doc updated; examples validated; checklist appended. |
| DOCS-VULN-29-007 | TODO | Docs Guild, Excititor Guild | EXCITITOR-VULN-29-001..004 | Publish /docs/vex/explorer-integration.md covering CSAF mapping, suppression precedence, status semantics. |
Doc merged; compliance checklist appended. |
| DOCS-VULN-29-008 | TODO | Docs Guild, Concelier Guild | CONCELIER-VULN-29-001..004 | Publish /docs/advisories/explorer-integration.md covering key normalization, withdrawn handling, provenance. |
Doc merged; checklist appended. |
| DOCS-VULN-29-009 | TODO | Docs Guild, SBOM Service Guild | SBOM-VULN-29-001..002 | Author /docs/sbom/vuln-resolution.md detailing version semantics, scope, paths, safe version hints. |
Doc merged; ecosystem tables validated; checklist appended. |
| DOCS-VULN-29-010 | TODO | Docs Guild, Observability Guild | VULN-API-29-009, DEVOPS-VULN-29-002 | Publish /docs/observability/vuln-telemetry.md (metrics, logs, tracing, dashboards, SLOs). |
Doc merged; dashboards linked; checklist appended. |
| DOCS-VULN-29-011 | TODO | Docs Guild, Security Guild | AUTH-VULN-29-001..003 | Create /docs/security/vuln-rbac.md for roles, ABAC policies, attachment encryption, CSRF. |
Security doc approved; checklist appended. |
| DOCS-VULN-29-012 | TODO | Docs Guild, Ops Guild | DEVOPS-VULN-29-002, SCHED-WORKER-29-003 | Write /docs/runbooks/vuln-ops.md (projector lag, resolver storms, export failures, policy activation). |
Runbook merged; rehearsal recorded; checklist appended. |
| DOCS-VULN-29-013 | TODO | Docs Guild, Deployment Guild | DEPLOY-VULN-29-001..002 | Update /docs/install/containers.md with Findings Ledger & Vuln Explorer API images, manifests, resource sizing, health checks. |
Install doc updated; validation commands included; checklist appended. |
VEX Lens (Sprint 30)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-VEX-30-001 | TODO | Docs Guild, VEX Lens Guild | VEXLENS-30-005 | Publish /docs/vex/consensus-overview.md describing purpose, scope, AOC guarantees. |
Doc merged with diagrams/terminology tables; compliance checklist appended. |
| DOCS-VEX-30-002 | TODO | Docs Guild, VEX Lens Guild | VEXLENS-30-005 | Author /docs/vex/consensus-algorithm.md covering normalization, weighting, thresholds, examples. |
Doc merged; math reviewed by Policy; checklist appended. |
| DOCS-VEX-30-003 | TODO | Docs Guild, Issuer Directory Guild | ISSUER-30-001..003 | Document /docs/vex/issuer-directory.md (issuer management, keys, trust overrides, audit). |
Doc merged; security review done; checklist appended. |
| DOCS-VEX-30-004 | TODO | Docs Guild, VEX Lens Guild | VEXLENS-30-007 | Publish /docs/vex/consensus-api.md with endpoint specs, query params, rate limits. |
API doc aligned with OpenAPI; examples validated; checklist appended. |
| DOCS-VEX-30-005 | TODO | Docs Guild, Console Guild | CONSOLE-VEX-30-001 | Write /docs/vex/consensus-console.md covering UI workflows, filters, conflicts, accessibility. |
Doc merged; screenshots added; checklist appended. |
| DOCS-VEX-30-006 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-29-001, VEXLENS-30-004 | Add /docs/policy/vex-trust-model.md detailing policy knobs, thresholds, simulation. |
Doc merged; policy review completed; checklist appended. |
| DOCS-VEX-30-007 | TODO | Docs Guild, SBOM Service Guild | VEXLENS-30-002 | Publish /docs/sbom/vex-mapping.md (CPE→purl strategy, edge cases, overrides). |
Doc merged; mapping tables validated; checklist appended. |
| DOCS-VEX-30-008 | TODO | Docs Guild, Security Guild | ISSUER-30-002, VEXLENS-30-003 | Deliver /docs/security/vex-signatures.md (verification flow, key rotation, audit). |
Doc approved by Security; checklist appended. |
| DOCS-VEX-30-009 | TODO | Docs Guild, DevOps Guild | VEXLENS-30-009, DEVOPS-VEX-30-001 | Create /docs/runbooks/vex-ops.md for recompute storms, mapping failures, signature errors. |
Runbook merged; rehearsal logged; checklist appended. |
Advisory AI (Sprint 31)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-AIAI-31-001 | TODO | Docs Guild, Advisory AI Guild | AIAI-31-006 | Publish /docs/advisory-ai/overview.md covering capabilities, guardrails, RBAC. |
Doc merged with diagrams; compliance checklist appended. |
| DOCS-AIAI-31-002 | TODO | Docs Guild, Advisory AI Guild | AIAI-31-004 | Author /docs/advisory-ai/architecture.md detailing RAG pipeline, deterministics, caching, model options. |
Doc merged; architecture review done; checklist appended. |
| DOCS-AIAI-31-003 | TODO | Docs Guild, Advisory AI Guild | AIAI-31-006 | Write /docs/advisory-ai/api.md describing endpoints, schemas, errors, rate limits. |
API doc aligned with OpenAPI; examples validated; checklist appended. |
| DOCS-AIAI-31-004 | TODO | Docs Guild, Console Guild | CONSOLE-VULN-29-001, CONSOLE-VEX-30-001 | Create /docs/advisory-ai/console.md with screenshots, a11y notes, copy-as-ticket instructions. |
Doc merged; images stored; checklist appended. |
| DOCS-AIAI-31-005 | TODO | Docs Guild, DevEx/CLI Guild | CLI-VULN-29-001, CLI-VEX-30-001 | Publish /docs/advisory-ai/cli.md covering commands, exit codes, scripting patterns. |
Doc merged; examples tested; checklist appended. |
| DOCS-AIAI-31-006 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-31-001 | Update /docs/policy/assistant-parameters.md covering temperature, token limits, ranking weights, TTLs. |
Doc merged; policy review done; checklist appended. |
| DOCS-AIAI-31-007 | TODO | Docs Guild, Security Guild | AIAI-31-005 | Write /docs/security/assistant-guardrails.md detailing redaction, injection defense, logging. |
Doc approved by Security; checklist appended. |
| DOCS-AIAI-31-008 | TODO | Docs Guild, SBOM Service Guild | SBOM-AIAI-31-001 | Publish /docs/sbom/remediation-heuristics.md (feasibility scoring, blast radius). |
Doc merged; heuristics reviewed; checklist appended. |
| DOCS-AIAI-31-009 | TODO | Docs Guild, DevOps Guild | DEVOPS-AIAI-31-001 | Create /docs/runbooks/assistant-ops.md for warmup, cache priming, model outages, scaling. |
Runbook merged; rehearsal logged; checklist appended. |
Notifications Studio
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-NOTIFY-40-001 | TODO | Docs Guild, Security Guild | AUTH-NOTIFY-38-001, NOTIFY-SVC-40-001..004 | Publish /docs/notifications/channels.md, /docs/notifications/escalations.md, /docs/notifications/api.md, /docs/operations/notifier-runbook.md, /docs/security/notifications-hardening.md; each ends with imposed rule line. |
Docs merged; accessibility checks passed; imposed rule appended. |
CLI Parity & Task Packs
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-CLI-41-001 | TODO | Docs Guild, DevEx/CLI Guild | CLI-CORE-41-001 | Publish /docs/modules/cli/guides/overview.md, /docs/modules/cli/guides/configuration.md, /docs/modules/cli/guides/output-and-exit-codes.md with imposed rule statements. |
Docs merged; examples verified; imposed rule appended. |
| DOCS-CLI-42-001 | TODO | Docs Guild | DOCS-CLI-41-001, CLI-PARITY-41-001 | Publish /docs/modules/cli/guides/parity-matrix.md and command guides under /docs/modules/cli/guides/commands/*.md (policy, sbom, vuln, vex, advisory, export, orchestrator, notify, aoc, auth). |
Guides merged; parity automation documented; imposed rule appended. |
Containerized Distribution (Epic 13)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-INSTALL-44-001 | TODO | Docs Guild, Deployment Guild | COMPOSE-44-001 | Publish /docs/install/overview.md and /docs/install/compose-quickstart.md with imposed rule line and copy-ready commands. |
Docs merged; screenshots/commands verified; imposed rule appended. |
| DOCS-INSTALL-45-001 | TODO | Docs Guild, Deployment Guild | HELM-45-001 | Publish /docs/install/helm-prod.md and /docs/install/configuration-reference.md with values tables and imposed rule reminder. |
Docs merged; configuration matrix verified; imposed rule appended. |
| DOCS-INSTALL-46-001 | TODO | Docs Guild, Security Guild | DEPLOY-PACKS-43-001, CLI-PACKS-43-001 | Publish /docs/install/airgap.md, /docs/security/supply-chain.md, /docs/operations/health-and-readiness.md, /docs/release/image-catalog.md, /docs/console/onboarding.md (each with imposed rule). |
Docs merged; checksum/signature sections validated; imposed rule appended. |
Authority-Backed Scopes & Tenancy (Epic 14)
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-TEN-47-001 | TODO | Docs Guild, Authority Core | AUTH-TEN-47-001 | Publish /docs/security/tenancy-overview.md and /docs/security/scopes-and-roles.md outlining scope grammar, tenant model, imposed rule reminder. |
Docs merged; diagrams included; imposed rule appended. |
| DOCS-TEN-48-001 | TODO | Docs Guild, Platform Ops | WEB-TEN-48-001 | Publish /docs/operations/multi-tenancy.md, /docs/operations/rls-and-data-isolation.md, /docs/console/admin-tenants.md. |
Docs merged; examples validated; imposed rule appended. |
| DOCS-TEN-49-001 | TODO | Docs & DevEx Guilds | CLI-TEN-47-001, AUTH-TEN-49-001 | Publish /docs/modules/cli/guides/authentication.md, /docs/api/authentication.md, /docs/policy/examples/abac-overlays.md, update /docs/install/configuration-reference.md with new env vars, all ending with imposed rule line. |
Docs merged; command examples verified; imposed rule appended. |