stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
4bdc298ec1fc821ee0d9dda6d2d4643dcedf6b35
git.stella-ops.org/docs/features/unchecked/web/impact-first-vulnerability-detail.md

2.6 KiB
Raw Blame History

Impact-First Vulnerability Detail (EPSS/KEV)

Module

Web

Status

IMPLEMENTED

Description

Vulnerability detail page redesigned with impact-first layout showing EPSS probability, KEV catalog status, reachability state, and blast radius before technical details.

Implementation Details

  • Feature directory: src/Web/StellaOps.Web/src/app/features/vulnerabilities/
  • Components:
    • claim-table (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/claim-table.component.ts)
    • confidence-meter (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/confidence-meter.component.ts)
    • policy-chips (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/policy-chips.component.ts)
    • replay-button (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/replay-button.component.ts)
    • trust-algebra (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-algebra.component.ts)
    • trust-vector-bars (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-vector-bars.component.ts)
    • vuln-triage-dashboard (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/vuln-triage-dashboard/vuln-triage-dashboard.component.ts)
    • vulnerability-detail (src/Web/StellaOps.Web/src/app/features/vulnerabilities/vulnerability-detail.component.ts)
    • vulnerability-explorer (src/Web/StellaOps.Web/src/app/features/vulnerabilities/vulnerability-explorer.component.ts)
  • Services:
    • trust-algebra (src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-algebra.service.ts)
  • Models:
    • src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-algebra.models.ts
  • Source: SPRINT_20260118_007_FE_security_consolidation.md

E2E Test Plan

  • Setup:
    • Log in with a user that has appropriate permissions
    • Navigate to /vulnerabilities
    • Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
  • Core verification:
    • Verify the component renders correctly with sample data
    • Verify interactive elements respond to user input
    • Verify data is fetched and displayed from the correct API endpoints
  • Edge cases:
    • Verify graceful handling when backend API is unavailable (error state)
    • Verify responsive layout at different viewport sizes
    • Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)