stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
42d9d2d860f82a18b1ac989986857d6851ba6d93
git.stella-ops.org/docs/04_FEATURE_MATRIX.md

4.9 KiB
Raw Blame History

#4 · FeatureMatrix — StellaOps
(rev2.0 · 14Jul2025)

Category Capability Free Tier (≤333 scans/day) Community Plugin Commercial AddOn Notes / ETA
SBOM Ingestion TrivyJSON, SPDXJSON, CycloneDXJSON Autodetect on upload
DeltaSBOM Cache Warm scans <1s
Scanning CVE lookup via local DB Update job ships weekly feeds
Licencerisk detection  (roadmap Q42025) SPDX licence list
Policy Engine YAML rules InUI editor
OPA / Rego  (βQ12026) plugin Plugin enables Rego
Registry Anonymous internal registry StellaOps.Registry image
Attestation Cosign signing  (Q12026) Requires StellaOpsAttestor
SLSA provenance v1.0  (commercial 2026) Enterprise need
Rekor transparency log plugin Airgap replica support
Quota & Throttling 333 scans/day soft limit Yellow banner at200, waitwall postlimit
Usage API (/quota) CI can poll remaining scans
User Interface Dark / light mode Autodetect OS theme
Russian localisation Default if AcceptLanguage: ru
Audit trail Mongo history
Deployment Docker Compose bundle Singlenode
Helm chart (K8s) Horizontal scaling
Highavailability split services (AddOn) HA Redis & Mongo
Extensibility .NET hotload plugins N/A AGPL reference SDK
Community plugin marketplace  (βQ22026) Moderated listings
Telemetry Optin anonymous metrics Required for quota satisfaction KPI
Quota & Tokens ClientJWT issuance (online 12h token) /connect/token
Offline ClientJWT (30d) via OUK Refreshed monthly in OUK

Legend: =Included=Planned=Not applicable
Rows marked “Commercial AddOn” are optional paid components shipping outside the AGPLcore; everything else is FOSS.

Last updated: 14 Jul 2025 (quota rev2.0).