git.stella-ops.org/docs/features/dropped/evidence-ttl-and-staleness-policy.md

Evidence TTL and staleness policy

Module

Signals

Status

PARTIALLY_IMPLEMENTED

Description

Retention options and lifecycle services exist for evidence expiry, but the advisory noted TTL strategy at 50% coverage.

What's Implemented

• Modules: src/Signals/StellaOps.Signals/Services/, src/Signals/StellaOps.Signals/Options/
• Key Classes:
  • UnknownsDecayService (src/Signals/StellaOps.Signals/Services/UnknownsDecayService.cs) - applies decay to stale unknown findings (related TTL behavior)
  • UnknownsDecayOptions (src/Signals/StellaOps.Signals/Options/UnknownsDecayOptions.cs) - configurable decay/TTL thresholds
  • NightlyDecayWorker (src/Signals/StellaOps.Signals/Services/NightlyDecayWorker.cs) - scheduled worker for TTL processing
• Source: Feature matrix scan

What's Missing

• Comprehensive evidence TTL policy engine covering all evidence types (callgraph, runtime, SBOM correlation, attestation)
• Per-evidence-type configurable TTL with different retention periods
• Staleness detection that marks evidence as stale before hard expiry
• Automated evidence archival workflow (move to cold storage before deletion)
• TTL policy dashboard showing evidence age distribution and upcoming expirations

Implementation Plan

• Implement EvidenceTtlPolicyEngine with per-type configurable retention periods
• Add staleness detection service that marks evidence nearing TTL as stale
• Implement evidence archival pipeline for cold storage migration
• Add TTL policy configuration UI and monitoring dashboard
• Extend NightlyDecayWorker to handle evidence expiry across all evidence types

Related Documentation

• Source: See feature catalog