stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
47890273170663b2236a1eb995d218fe5de6b11a
git.stella-ops.org/docs/INDEX.md
master 4789027317 docs consolidation and others
2026-01-06 19:07:48 +02:00

304 lines
17 KiB
Markdown
Raw Blame History

# StellaOps Documentation Index
> **Master index of all StellaOps documentation.**
> Last updated: 2026-01-06 (Pass 5 consolidation)
This index provides a complete map of documentation organized by audience and topic. The documentation follows a two-level hierarchy:
- **Canonical guides** (`docs/*.md`) - High-level entry points
- **Detailed references** (`docs/**/*`) - Module dossiers, API contracts, runbooks
---
## Quick Navigation by Audience
| Audience | Start Here |
|----------|------------|
| **New Users** | [quickstart.md](quickstart.md), [overview.md](overview.md) |
| **Developers** | [DEVELOPER_ONBOARDING.md](DEVELOPER_ONBOARDING.md), [CODING_STANDARDS.md](CODING_STANDARDS.md) |
| **Architects** | [ARCHITECTURE_OVERVIEW.md](ARCHITECTURE_OVERVIEW.md), [ARCHITECTURE_REFERENCE.md](ARCHITECTURE_REFERENCE.md) |
| **Operators/SREs** | [SECURITY_HARDENING_GUIDE.md](SECURITY_HARDENING_GUIDE.md), [OFFLINE_KIT.md](OFFLINE_KIT.md) |
| **Plugin Developers** | [PLUGIN_SDK_GUIDE.md](PLUGIN_SDK_GUIDE.md), [dev/](dev/) |
---
## Canonical Guides (docs/*.md)
### Getting Started
| Document | Purpose |
|----------|---------|
| [README.md](README.md) | Documentation overview and navigation |
| [overview.md](overview.md) | 2-minute product summary |
| [quickstart.md](quickstart.md) | First scan walkthrough |
| [DEVELOPER_ONBOARDING.md](DEVELOPER_ONBOARDING.md) | Developer setup guide |
| [CONCELIER_CLI_QUICKSTART.md](CONCELIER_CLI_QUICKSTART.md) | Advisory ingestion quickstart |
### Architecture
| Document | Purpose |
|----------|---------|
| [ARCHITECTURE_OVERVIEW.md](ARCHITECTURE_OVERVIEW.md) | 10-minute architecture tour |
| [ARCHITECTURE_REFERENCE.md](ARCHITECTURE_REFERENCE.md) | Full architecture index/map |
| [technical/architecture/](technical/architecture/) | Detailed architecture views |
### Features & Capabilities
| Document | Purpose |
|----------|---------|
| [key-features.md](key-features.md) | Capability cards with evidence |
| [FEATURE_MATRIX.md](FEATURE_MATRIX.md) | Tier-by-tier feature availability |
| [full-features-list.md](full-features-list.md) | Complete capability catalog |
### Product Strategy
| Document | Purpose |
|----------|---------|
| [product/](product/) | Product strategy and positioning hub |
| [product/competitive-landscape.md](product/competitive-landscape.md) | 15-vendor competitive analysis |
| [product/decision-capsules.md](product/decision-capsules.md) | Decision Capsules concept |
| [product/moat-strategy-summary.md](product/moat-strategy-summary.md) | Strategic positioning |
### Operations & Security
| Document | Purpose |
|----------|---------|
| [SECURITY_HARDENING_GUIDE.md](SECURITY_HARDENING_GUIDE.md) | Deployment security guide |
| [SECURITY_POLICY.md](SECURITY_POLICY.md) | Security incident policy |
| [OFFLINE_KIT.md](OFFLINE_KIT.md) | Air-gapped operation guide |
| [UI_GUIDE.md](UI_GUIDE.md) | Console operator guide |
### Development
| Document | Purpose |
|----------|---------|
| [CODING_STANDARDS.md](CODING_STANDARDS.md) | Code quality rules |
| [PLUGIN_SDK_GUIDE.md](PLUGIN_SDK_GUIDE.md) | Plugin development guide |
| [VEX_CONSENSUS_GUIDE.md](VEX_CONSENSUS_GUIDE.md) | VEX consensus and trust |
### Reference
| Document | Purpose |
|----------|---------|
| [API_CLI_REFERENCE.md](API_CLI_REFERENCE.md) | API and CLI reference hub |
| [GLOSSARY.md](GLOSSARY.md) | Platform terminology |
| [ROADMAP.md](ROADMAP.md) | Product roadmap |
---
## Module Documentation (docs/modules/)
Module dossiers contain architecture, operations, and API documentation per component.
> **Naming Convention:** Module directories use kebab-case (e.g., `binary-index`, `sbom-service`)
### Core Platform
| Module | Directory | Description |
|--------|-----------|-------------|
| Authority | [authority/](modules/authority/) | OAuth/OIDC, DPoP authentication |
| Gateway | [gateway/](modules/gateway/) | API gateway, routing |
| Router | [router/](modules/router/) | Transport-agnostic messaging |
| Platform | [platform/](modules/platform/) | Console backend aggregation |
### Data Ingestion
| Module | Directory | Description |
|--------|-----------|-------------|
| Concelier | [concelier/](modules/concelier/) | Advisory ingestion |
| Excititor | [excititor/](modules/excititor/) | VEX document ingestion |
| VexLens | [vex-lens/](modules/vex-lens/) | VEX consensus computation |
| VexHub | [vex-hub/](modules/vex-hub/) | VEX distribution hub |
| IssuerDirectory | [issuer-directory/](modules/issuer-directory/) | Issuer trust registry |
| Feedser | [feedser/](modules/feedser/) | Backport detection evidence |
### Scanning & Analysis
| Module | Directory | Description |
|--------|-----------|-------------|
| Scanner | [scanner/](modules/scanner/) | Container scanning, SBOM generation |
| BinaryIndex | [binary-index/](modules/binary-index/) | Binary fingerprinting |
| AdvisoryAI | [advisory-ai/](modules/advisory-ai/) | AI-assisted analysis |
| Symbols | [symbols/](modules/symbols/) | Symbol resolution |
| ReachGraph | [reach-graph/](modules/reach-graph/) | Reachability graphs |
### Artifacts & Evidence
| Module | Directory | Description |
|--------|-----------|-------------|
| Attestor | [attestor/](modules/attestor/) | DSSE/in-toto attestations |
| Signer | [signer/](modules/signer/) | Cryptographic signing |
| SbomService | [sbom-service/](modules/sbom-service/) | SBOM storage, lineage |
| EvidenceLocker | [evidence-locker/](modules/evidence-locker/) | Sealed evidence storage |
| ExportCenter | [export-center/](modules/export-center/) | Batch export |
| Provenance | [provenance/](modules/provenance/) | SLSA attestation |
### Policy & Risk
| Module | Directory | Description |
|--------|-----------|-------------|
| Policy | [policy/](modules/policy/) | K4 lattice policy engine |
| RiskEngine | [risk-engine/](modules/risk-engine/) | Risk scoring |
| VulnExplorer | [vuln-explorer/](modules/vuln-explorer/) | Vulnerability triage |
| Unknowns | [unknowns/](modules/unknowns/) | Unknown component tracking |
| FindingsLedger | [findings-ledger/](modules/findings-ledger/) | Findings tracking |
### Operations
| Module | Directory | Description |
|--------|-----------|-------------|
| Scheduler | [scheduler/](modules/scheduler/) | Job scheduling |
| Orchestrator | [orchestrator/](modules/orchestrator/) | Workflow orchestration |
| TaskRunner | [taskrunner/](modules/taskrunner/) | Task pack execution |
| Notify | [notify/](modules/notify/) | Notifications |
| Notifier | [notifier/](modules/notifier/) | Notifications Studio |
| PacksRegistry | [packs-registry/](modules/packs-registry/) | Task packs registry |
| TimelineIndexer | [timeline-indexer/](modules/timeline-indexer/) | Event indexing |
| Replay | [replay/](modules/replay/) | Deterministic replay |
### Integration
| Module | Directory | Description |
|--------|-----------|-------------|
| CLI | [cli/](modules/cli/) | Command-line interface |
| Zastava | [zastava/](modules/zastava/) | Registry webhooks |
| Web/UI | [ui/](modules/ui/), [web/](modules/web/) | Frontend SPA |
### Infrastructure
| Module | Directory | Description |
|--------|-----------|-------------|
| Cryptography | [cryptography/](modules/cryptography/) | Crypto profiles |
| Telemetry | [telemetry/](modules/telemetry/) | Observability |
| Graph | [graph/](modules/graph/) | Call graph structures |
| Signals | [signals/](modules/signals/) | Runtime signals |
| AirGap | [airgap/](modules/airgap/) | Air-gap support |
| AOC | [aoc/](modules/aoc/) | Append-Only Contract |
### Cross-Cutting Concepts
| Concept | Directory | Description |
|---------|-----------|-------------|
| Snapshot | [snapshot/](modules/snapshot/) | Point-in-time captures |
| Triage | [triage/](modules/triage/) | Vulnerability triage workflows |
| Provcache | [prov-cache/](modules/prov-cache/) | Provenance cache (library) |
| Benchmark | [benchmark/](modules/benchmark/) | Competitive benchmarking |
| Bench | [bench/](modules/bench/) | Performance benchmarks |
---
## Specialized Documentation Areas
### API Documentation
| Area | Path | Description |
|------|------|-------------|
| API Overview | [api/overview.md](api/overview.md) | API conventions |
| Gateway APIs | [api/gateway/](api/gateway/) | Gateway endpoints |
| Console APIs | [api/console/](api/console/) | Console endpoints |
| Signal Contracts | [api/signals/](api/signals/) | Signal contracts |
### Air-Gap Operations
| Area | Path | Description |
|------|------|-------------|
| Overview | [modules/airgap/](modules/airgap/) | Air-gap module dossier |
| Guides | [modules/airgap/guides/](modules/airgap/guides/) | Air-gap operational guides |
| Runbooks | [modules/airgap/runbooks/](modules/airgap/runbooks/) | Air-gap runbooks |
| Samples | [modules/airgap/samples/](modules/airgap/samples/) | Air-gap bundle samples |
### Database
| Area | Path | Description |
|------|------|-------------|
| Specification | [db/SPECIFICATION.md](db/SPECIFICATION.md) | Database spec |
| Migrations | [db/tasks/](db/tasks/) | Migration phases |
| Schemas | [db/schemas/](db/schemas/) | Schema definitions |
### CLI Reference
| Area | Path | Description |
|------|------|-------------|
| CLI Module | [modules/cli/](modules/cli/) | CLI module dossier |
| Quickstart | [modules/cli/guides/quickstart.md](modules/cli/guides/quickstart.md) | CLI quickstart guide |
| Command Reference | [modules/cli/guides/commands/reference.md](modules/cli/guides/commands/reference.md) | Complete CLI reference |
| Admin Commands | [modules/cli/guides/admin/admin-reference.md](modules/cli/guides/admin/admin-reference.md) | Admin commands |
| Crypto Commands | [modules/cli/guides/crypto/crypto-commands.md](modules/cli/guides/crypto/crypto-commands.md) | Crypto operations |
### End-to-End Flows
| Area | Path | Description |
|------|------|-------------|
| Flow Index | [flows/README.md](flows/README.md) | All workflow flows |
| Scan Flow | [flows/02-scan-submission-flow.md](flows/02-scan-submission-flow.md) | Scan submission |
| Policy Flow | [flows/04-policy-evaluation-flow.md](flows/04-policy-evaluation-flow.md) | Policy evaluation |
| CI/CD Flow | [flows/10-cicd-gate-flow.md](flows/10-cicd-gate-flow.md) | CI/CD gating |
### Technical Deep Dives
| Area | Path | Description |
|------|------|-------------|
| Architecture Index | [technical/architecture/](technical/architecture/) | Architecture views |
| User Flows | [technical/architecture/user-flows.md](technical/architecture/user-flows.md) | UML diagrams |
| Module Matrix | [technical/architecture/module-matrix.md](technical/architecture/module-matrix.md) | 46-module matrix |
### Contracts & ADRs
| Area | Path | Description |
|------|------|-------------|
| Contracts | [contracts/](contracts/) | Technical contracts |
| ADRs | [adr/](adr/) | Architecture decisions |
### Development Guides
| Area | Path | Description |
|------|------|-------------|
| Plugin Development | [dev/](dev/) | Plugin guides & templates |
| Scanner Engine | [dev/scanning-engine.md](dev/scanning-engine.md) | Scanner internals |
| SDK Documentation | [dev/sdks/](dev/sdks/) | Language SDKs and plugin templates |
### Testing & Quality
| Area | Path | Description |
|------|------|-------------|
| Testing Guides | [technical/testing/](technical/testing/) | Testing strategy and guides |
| Determinism | [technical/testing/DETERMINISM_DEVELOPER_GUIDE.md](technical/testing/DETERMINISM_DEVELOPER_GUIDE.md) | Determinism verification |
| Performance | [technical/testing/PERFORMANCE_BASELINES.md](technical/testing/PERFORMANCE_BASELINES.md) | Performance baselines |
| CI Quality Gates | [technical/testing/ci-quality-gates.md](technical/testing/ci-quality-gates.md) | CI quality gates |
### Migration & Upgrades
| Area | Path | Description |
|------|------|-------------|
| Migration Guides | [technical/migration/](technical/migration/) | Schema and API migrations |
| CycloneDX 1.6 to 1.7 | [technical/migration/cyclonedx-1-6-to-1-7.md](technical/migration/cyclonedx-1-6-to-1-7.md) | CycloneDX migration |
| Policy Parity | [technical/migration/policy-parity.md](technical/migration/policy-parity.md) | Policy migration |
### Benchmarks & Testing
| Area | Path | Description |
|------|------|-------------|
| Benchmarks | [benchmarks/](benchmarks/) | Performance & accuracy |
| Ground Truth | [benchmarks/ground-truth-corpus.md](benchmarks/ground-truth-corpus.md) | Test datasets |
### Risk Scoring
| Area | Path | Description |
|------|------|-------------|
| Risk Samples | [modules/risk-engine/samples/](modules/risk-engine/samples/) | Risk scoring examples |
### Operations & Deployment
| Area | Path | Description |
|------|------|-------------|
| Deployment | [operations/deployment/](operations/deployment/) | Docker, containers, version matrix |
| Runbooks | [operations/](operations/) | Operational runbooks |
| Releases | [releases/](releases/) | Release process, versioning |
### Security
| Area | Path | Description |
|------|------|-------------|
| Security Index | [security/README.md](security/README.md) | Security documentation hub |
| Threat Models | [security/](security/) | Authority, console security |
| Hardening | [SECURITY_HARDENING_GUIDE.md](SECURITY_HARDENING_GUIDE.md) | Deployment hardening |
---
## Implementation Planning
| Area | Path | Description |
|------|------|-------------|
| Sprint Files | [implplan/](implplan/) | Active implementation sprints |
| Archived Sprints | [../docs-archived/implplan/](../docs-archived/implplan/) | Completed sprints |
---
## External References
- **CLAUDE.md** (repository root) - Claude Code instructions and module table
- **src/__Tests/AGENTS.md** - Test infrastructure guidance
- **Module AGENTS.md files** - Per-module development instructions
---
## Changelog
| Date | Change |
|------|--------|
| 2026-01-06 | **Pass 5**: Reduced top-level directories from 41 to 22. Consolidated: docs/accessibility/ to modules/ui/guides/accessibility/; docs/advisories/ to modules/concelier/guides/; docs/events/ to modules/signals/events/; docs/handoff/ to operations/handoff/; docs/roadmap/ to product/roadmap/; docs/schemas/ to modules/attestor/schemas/; docs/sdks/ to dev/sdks/; docs/specs/ to modules/symbols/specs/; docs/task-packs/ to modules/packs-registry/guides/; docs/ux/ to modules/ui/guides/ux/; docs/rfcs/ to adr/; docs/architecture/ to technical/architecture/; docs/data/ to modules/replay/schemas/; docs/testing/ (26 files) to technical/testing/; docs/diagrams/ to technical/diagrams/; docs/migration/ to technical/migration/; docs/process/ to operations/process/; docs/samples/ distributed to respective module samples/ directories (airgap, platform, evidence-locker, excititor, binary-index, concelier, scanner, signals). Fixed ui/guides file to guides-overview.md. |
| 2026-01-06 | **Pass 4**: Consolidated docs/airgap/ (38 files) into modules/airgap/guides/, runbooks/, gaps/, schemas/, samples/; consolidated docs/aoc/ into modules/aoc/guides/; consolidated docs/policy/ (20 files + fixtures/schemas) into modules/policy/guides/, fixtures/, schemas/; consolidated docs/replay/ into modules/replay/guides/; consolidated docs/uncertainty/ into modules/unknowns/guides/; consolidated docs/forensics/ into modules/evidence-locker/, provenance/, timeline-indexer/ guides/; consolidated docs/ingestion/ into modules/concelier/guides/; consolidated docs/interop/ into modules/attestor/guides/; consolidated docs/observability/ (14 files + dashboards) into modules/telemetry/guides/ and dashboards/; consolidated docs/runtime/ into modules/scanner/guides/; consolidated docs/slo/ into modules/orchestrator/guides/; created modules/devportal/guides/; moved docs/evaluate/ to product/; moved docs/metrics/ to modules/telemetry/guides/ |
| 2026-01-06 | **Pass 3**: Consolidated docs/router/ into modules/router/ (archived 25 sprints to docs-archived/implplan/router/, moved transports/ and guides/); consolidated docs/reachability/ (23 files) into modules/reach-graph/guides/ and schemas/; consolidated docs/risk/ into modules/risk-engine/guides/ and samples/; consolidated docs/attestor/ and docs/provenance/ into respective modules; consolidated docs/vuln/ into modules/vuln-explorer/guides/; consolidated docs/sbom/ and docs/evidence-locker/ into respective modules; consolidated docs/marketing/ and docs/market/ into docs/product/ (strategy, competitive analysis); archived docs/artifacts/ to docs-archived/ |
| 2026-01-06 | **Pass 2**: Consolidated CLI docs into modules/cli/guides/ (removed docs/cli/); consolidated runbooks into operations/runbooks/ (removed docs/runbooks/); merged examples/ into samples/; consolidated signals/ into modules/signals/guides/; merged training/ into onboarding/ with concepts/ and faq/ subdirs; distributed guides/ into relevant module locations (risk-engine, signer, vex-lens, ui, authority); merged ci/ into cicd/; merged ops/ into operations/; moved faq/policy-faq.md to policy/faq.md |
| 2026-01-06 | Consolidated UI/Console docs into modules/ui/; consolidated deploy/deployment/install into operations/deployment/; consolidated docs/vex/ into modules/vex-lens/guides/; consolidated docs/release/ into docs/releases/; consolidated security docs (removed technical/security/) |
| 2026-01-05 | Created index; renamed module directories to kebab-case; updated CLAUDE.md with missing modules; fixed 80+ old numbered file references; consolidated docs/advisory-ai/ into docs/modules/advisory-ai/ |
Reference in New Issue View Git Blame Copy Permalink