stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
286c1f758a299e720b20e2368b6d4fcbe8b0ee86
git.stella-ops.org/src/Findings
History
master 257e29355b fix(findings-ledger): make initial migration idempotent for replay 
Wraps ENUM type creation in findings.ledger schema with DO blocks that catch
duplicate_object so migration 001 can re-run on a partially-provisioned DB
without crashing. Minor corrections to 002 and 005 (syntax alignment).
Updates RLS contract + operations docs to reflect the replay-safe semantics.
WebService + persistence csproj get the Infrastructure.Postgres migration
reference needed for StartupMigrationHost wiring.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-13 21:57:31 +03:00
..
__Libraries/StellaOps.RiskEngine.Infrastructure
refactor: DB schema fixes + container renames + compose include + audit sprint
2026-04-08 16:10:36 +03:00
__Tests
refactor: DB schema fixes + container renames + compose include + audit sprint
2026-04-08 16:10:36 +03:00
StellaOps.Findings.Ledger
fix(findings-ledger): make initial migration idempotent for replay
2026-04-13 21:57:31 +03:00
StellaOps.Findings.Ledger.Tests
wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10
2026-02-23 15:30:50 +02:00
StellaOps.Findings.Ledger.WebService
fix(findings-ledger): make initial migration idempotent for replay
2026-04-13 21:57:31 +03:00
StellaOps.RiskEngine.Core
consolidation of some of the modules, localization fixes, product advisories work, qa work
2026-03-05 03:54:22 +02:00
StellaOps.RiskEngine.WebService
refactor(audit): replace magic strings with AuditModules/AuditActions constants
2026-04-09 12:40:18 +03:00
StellaOps.RiskEngine.Worker
consolidation of some of the modules, localization fixes, product advisories work, qa work
2026-03-05 03:54:22 +02:00
StellaOps.VulnExplorer.Api
fix(findings): wire VulnExplorer adapters to Postgres + fix route mismatch
2026-04-08 18:29:09 +03:00
StellaOps.VulnExplorer.WebService/Contracts
consolidation of some of the modules, localization fixes, product advisories work, qa work
2026-03-05 03:54:22 +02:00
tools/LedgerReplayHarness
stabilize tests
2026-02-01 21:37:40 +02:00
AGENTS.md
stabilizaiton work - projects rework for maintenanceability and ui livening
2026-02-03 23:40:04 +02:00
README.md
docs: add service README.md files + update AGENTS.md decisions
2026-04-08 13:45:03 +03:00
StellaOps.Findings.sln
consolidation of some of the modules, localization fixes, product advisories work, qa work
2026-03-05 03:54:22 +02:00

README.md

Findings

Container(s): stellaops-findings-ledger-web, stellaops-riskengine-web, stellaops-riskengine-worker, stellaops-api (VulnExplorer) Slot: 25 (ledger), 16 (riskengine), 13 (vulnexplorer) | Port: 8080 | Consumer Group: findings-ledger, riskengine, vulnexplorer Resource Tier: medium (ledger, riskengine), light (vulnexplorer, riskengine-worker)

Purpose

The Findings module provides an append-only event ledger for security findings, a risk scoring engine with pluggable providers (CVSS/KEV/EPSS/VEX/fix-exposure), and a vulnerability explorer API. The Ledger tracks finding lifecycle with Merkle-tree integrity, incident management, and scoring APIs. The RiskEngine computes risk scores via job queue. VulnExplorer provides the UI-facing query API.

API Surface

  • findings-ledger (via Router) — finding event ingestion, queries, export, incident management, EWS scoring, Merkle proofs, attachment management
  • riskengine (via Router) — risk score providers listing, job submission, simulation, exploit maturity
  • vulnexplorer (via Router) — vulnerability search and investigation queries

Storage

PostgreSQL (ConnectionStrings:Default / ConnectionStrings:FindingsLedger); RiskEngine supports PostgreSQL or in-memory

Background Workers

  • riskengine-worker — background risk score computation (Worker hosted service)