stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
05597616d6c82ba8d9c41021c2fe7b6b3a946105
git.stella-ops.org/docs/assets/vuln-explorer/console/CAPTURES.md
StellaOps Bot 05597616d6 feat: Add Go module and workspace test fixtures 
- Created expected JSON files for Go modules and workspaces.
- Added go.mod and go.sum files for example projects.
- Implemented private module structure with expected JSON output.
- Introduced vendored dependencies with corresponding expected JSON.
- Developed PostgresGraphJobStore for managing graph jobs.
- Established SQL migration scripts for graph jobs schema.
- Implemented GraphJobRepository for CRUD operations on graph jobs.
- Created IGraphJobRepository interface for repository abstraction.
- Added unit tests for GraphJobRepository to ensure functionality.
2025-12-06 20:04:03 +02:00

4.2 KiB
Raw Blame History

Console Asset Captures for Vuln Explorer Documentation

Status: Ready for capture Last Updated: 2025-12-06 Owner: Console Guild Hash Manifest: See SHA256SUMS after capture

Capture Instructions

Run the console app locally and capture each screen:

# Start the dev environment
docker compose -f deploy/compose/docker-compose.dev.yaml up -d

# Access console at https://localhost:8443
# Log in with dev credentials
# Navigate to each section below and capture

Required Captures

1. Dashboard Overview

File: dashboard-overview.png Description: Main dashboard showing vulnerability counts, risk scores, and recent activity.

![Dashboard Overview](./dashboard-overview.png)

The dashboard provides:
- Total vulnerability count by severity (Critical, High, Medium, Low)
- Risk score trend over time
- Top affected components
- Recent scan activity

2. Vulnerability Explorer List

File: vuln-explorer-list.png Description: Vulnerability list view with filters and sorting.

![Vulnerability Explorer List](./vuln-explorer-list.png)

The vulnerability list shows:
- CVE ID, severity, CVSS score
- Affected package and version
- Fix availability status
- VEX status (affected, not_affected, fixed, under_investigation)

3. Vulnerability Detail View

File: vuln-detail.png Description: Single vulnerability detail page with full context.

![Vulnerability Detail](./vuln-detail.png)

The detail view includes:
- Full vulnerability description
- CVSS vector breakdown
- Affected components
- Reachability analysis
- VEX statements
- Remediation guidance

4. Findings Ledger Timeline

File: findings-timeline.png Description: Timeline view of vulnerability findings and state changes.

![Findings Timeline](./findings-timeline.png)

The timeline shows:
- Finding discovery events
- Status transitions
- Evidence snapshots
- Attestation links

5. Risk Score Panel

File: risk-score-panel.png Description: Risk score breakdown with contributing factors.

![Risk Score Panel](./risk-score-panel.png)

The risk panel displays:
- Overall risk score (0-100)
- Factor breakdown (severity, exploitability, asset criticality)
- Score history
- Policy compliance status

6. VEX Consensus View

File: vex-consensus.png Description: VEX consensus display showing multiple issuer statements.

![VEX Consensus](./vex-consensus.png)

The VEX consensus view shows:
- Aggregated status from multiple issuers
- Issuer trust levels
- Statement timestamps
- Rationale summaries

7. Policy Studio Editor

File: policy-studio-editor.png Description: Policy Studio with Monaco editor and rule builder.

![Policy Studio Editor](./policy-studio-editor.png)

The Policy Studio includes:
- Monaco editor with StellaOps DSL highlighting
- Rule builder sidebar
- Simulation panel
- Lint/compile feedback

8. Air-Gap Status Panel

File: airgap-status.png Description: Air-gap mode status and bundle information.

![Air-Gap Status](./airgap-status.png)

The air-gap panel shows:
- Sealed mode status
- Last advisory update timestamp
- Bundle version
- Time anchor validity

After Capture

  1. Place captured images in this directory
  2. Generate hashes: 
    sha256sum *.png > SHA256SUMS
  3. Update docs/assets/vuln-explorer/SHA256SUMS with new entries
  4. Mark DOCS-CONSOLE-OBS-52-001 as DONE in sprint file

Sample SHA256SUMS Entry

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  dashboard-overview.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  vuln-explorer-list.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  vuln-detail.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  findings-timeline.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  risk-score-panel.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  vex-consensus.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  policy-studio-editor.png
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  airgap-status.png