stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
651b8e0fa3a1276d9f51430bbe1d19644ed5478f
git.stella-ops.org/EXECPLAN.md
master 651b8e0fa3 feat: Add new projects to solution and implement contract testing documentation 
- Added "StellaOps.Policy.Engine", "StellaOps.Cartographer", and "StellaOps.SbomService" projects to the StellaOps solution.
- Created AGENTS.md to outline the Contract Testing Guild Charter, detailing mission, scope, and definition of done.
- Established TASKS.md for the Contract Testing Task Board, outlining tasks for Sprint 62 and Sprint 63 related to mock servers and replay testing.
2025-10-27 07:57:55 +02:00

1832 lines
152 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Execution Tree for Open Backlog
Generated from SPRINTS.md and module TASKS.md files on 2025-10-19. Waves cluster tasks by dependency depth; Wave 0 has no unresolved blockers and later waves depend on earlier ones.
## Wave Instructions
### Wave 0
- Team Authority Core & Security Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Authority/TASKS.md`. Focus on AUTH-DPOP-11-001 (DONE 2025-10-20), AUTH-MTLS-11-002 (DONE 2025-10-23). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Authority Core & Storage Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Authority/TASKS.md`. Focus on AUTHSTORAGE-MONGO-08-001 (DONE 2025-10-19). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team DevEx/CLI: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Cli/TASKS.md`. Focus on EXCITITOR-CLI-01-002 (TODO), CLI-RUNTIME-13-005 (TODO). Confirm prerequisites (external: EXCITITOR-CLI-01-001, EXCITITOR-EXPORT-01-001) before starting and report status in module TASKS.md.
- Team DevOps Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `ops/devops/TASKS.md`. Focus on DEVOPS-SEC-10-301 (DONE 2025-10-20); Wave0A prerequisites reconfirmed so remediation work may proceed. Keep module TASKS.md/Sprints in sync as patches land.
- Team Diff Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scanner.Diff/TASKS.md`. SCANNER-DIFF-10-501/502/503 all closed on 2025-10-19; keep determinism fixtures green and sync downstream consumers as Emit/Diff integration tickets arise.
- Team Docs Guild, Plugin Team: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `docs/TASKS.md`. Focus on DOC4.AUTH-PDG (REVIEW). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Docs/CLI: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Cli/TASKS.md`. Focus on EXCITITOR-CLI-01-003 (TODO). Confirm prerequisites (external: EXCITITOR-CLI-01-001) before starting and report status in module TASKS.md.
- Team Emit Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scanner.Emit/TASKS.md`. Sprint 10 composition milestones (10-601..10-606) wrapped 2025-10-22 and SCANNER-EMIT-10-607 completed alongside; remaining watch item is SCANNER-EMIT-17-701 (Wave1) with build-id enrichment.
- Team EntryTrace Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scanner.EntryTrace/TASKS.md`. SCANNER-ENTRYTRACE-10-401..407 landed 2025-10-19; continue monitoring determinism harness outputs and raise follow-ups if new interpreter cases appear.
- Team Language Analyzer Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang/SPRINTS_LANG_IMPLEMENTATION_PLAN.md`, `src/StellaOps.Scanner.Analyzers.Lang/TASKS.md`. Java, shared helpers, determinism harness, and the Sprint10 analyzers (10-301..10-309) are DONE (latest 2025-10-22); keep fixture refresh notes current and pivot to Wave1 benchmarking/packaging follow-ups.
- Team Notify Models Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Notify.Models/TASKS.md`. Focus on NOTIFY-MODELS-15-101 (TODO), NOTIFY-MODELS-15-102 (TODO), NOTIFY-MODELS-15-103 (TODO). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Notify Storage Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Notify.Storage.Mongo/TASKS.md`. Focus on NOTIFY-STORAGE-15-201 (TODO), NOTIFY-STORAGE-15-202 (TODO), NOTIFY-STORAGE-15-203 (TODO). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Notify WebService Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Notify.WebService/TASKS.md`. Focus on NOTIFY-WEB-15-101 (TODO), NOTIFY-WEB-15-102 (TODO). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Platform Events Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `docs/TASKS.md`. Focus on PLATFORM-EVENTS-09-401 (TODO). Confirm prerequisites (external: DOCS-EVENTS-09-003) before starting and report status in module TASKS.md.
- Team Plugin Platform Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Plugin/TASKS.md`. Focus on PLUGIN-DI-08-002.COORD (DONE 2025-10-20), PLUGIN-DI-08-002 (DONE 2025-10-20), PLUGIN-DI-08-003 (DONE 2025-10-20), PLUGIN-DI-08-004 (DONE 2025-10-20), and PLUGIN-DI-08-005 (DONE 2025-10-20). Confirm prerequisites (PLUGIN-DI-08-001) before starting and report status in module TASKS.md.
- Team Plugin Platform Guild, Authority Core: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Plugin/TASKS.md`. Coordination session for PLUGIN-DI-08-002 implementation completed on 2025-10-20 15:0016:05UTC and scoped-service changes have shipped with regression coverage; subsequent tasks (PLUGIN-DI-08-003/004/005) remain green.
- Team Policy Guild: Sprint9 core tasks (POLICY-CORE-09-004/005/006) closed on 2025-10-19; ensure downstream consumers refresh against the published scoring config + quiet/unknown outputs and raise follow-up tasks if additional polish is required.
- Team Runtime Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `docs/TASKS.md`. Focus on RUNTIME-GUILD-09-402 (TODO). Confirm prerequisites (external: SCANNER-POLICY-09-107) before starting and report status in module TASKS.md.
- Team Scanner WebService Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scanner.WebService/TASKS.md`. Focus on SCANNER-EVENTS-15-201 (DONE 2025-10-20). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Scheduler ImpactIndex Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scheduler.ImpactIndex/TASKS.md`. Focus on SCHED-IMPACT-16-300 (DONE 2025-10-20) and ensure the temporary stub removal note stays tracked. Confirm prerequisites (external: SAMPLES-10-001) before starting and report status in module TASKS.md.
- Team Scheduler Models Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scheduler.Models/TASKS.md`. SCHED-MODELS-16-103 completed (2025-10-20); ensure downstream teams consume the migration helpers and log upgrade warnings.
- Team Scheduler Queue Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scheduler.Queue/TASKS.md`. SCHED-QUEUE-16-401 completed (2025-10-20); proceed with Wave 1 queue enhancements.
- Team Scheduler Storage Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scheduler.Storage.Mongo/TASKS.md`. Focus on SCHED-STORAGE-16-201 (TODO). Confirm prerequisites (external: SCHED-MODELS-16-101) before starting and report status in module TASKS.md.
- Team Scheduler WebService Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scheduler.WebService/TASKS.md`. Focus on SCHED-WEB-16-101 (TODO). Confirm prerequisites (external: SCHED-MODELS-16-101) before starting and report status in module TASKS.md.
- Team Signer Guild: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Signer/TASKS.md`. Focus on SIGNER-API-11-101 (DONE 2025-10-21), SIGNER-REF-11-102 (DONE 2025-10-21), SIGNER-QUOTA-11-103 (DONE 2025-10-21). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team TBD: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`. Focus on SCANNER-ANALYZERS-LANG-10-302C (TODO). Confirm prerequisites (external: SCANNER-ANALYZERS-LANG-10-302B) before starting and report status in module TASKS.md.
- Team Team Connector Resumption CERT/RedHat: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Concelier.Connector.Distro.RedHat/TASKS.md`. Focus on FEEDCONN-REDHAT-02-001 (DOING). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Team Excititor Attestation: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Attestation/TASKS.md`. Focus on EXCITITOR-ATTEST-01-003 (TODO). Confirm prerequisites (external: EXCITITOR-ATTEST-01-002) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors Cisco: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.Cisco.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-CISCO-01-003 (TODO). Confirm prerequisites (external: EXCITITOR-CONN-CISCO-01-002, EXCITITOR-POLICY-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors MSRC: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.MSRC.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-MS-01-002 (TODO). Confirm prerequisites (external: EXCITITOR-CONN-MS-01-001, EXCITITOR-STORAGE-01-003) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors Oracle: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.Oracle.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-ORACLE-01-001 (DOING). Confirm prerequisites (external: EXCITITOR-CONN-ABS-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors SUSE: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.SUSE.RancherVEXHub/TASKS.md`. Focus on EXCITITOR-CONN-SUSE-01-002 (TODO). Confirm prerequisites (external: EXCITITOR-CONN-SUSE-01-001, EXCITITOR-STORAGE-01-003) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors Ubuntu: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.Ubuntu.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-UBUNTU-01-002 (TODO). Confirm prerequisites (external: EXCITITOR-CONN-UBUNTU-01-001, EXCITITOR-STORAGE-01-003) before starting and report status in module TASKS.md.
- Team Team Excititor Export: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Export/TASKS.md`. Focus on EXCITITOR-EXPORT-01-005 (DONE 2025-10-21). Confirm prerequisites (external: EXCITITOR-CORE-02-001, EXCITITOR-EXPORT-01-004) before starting and report status in module TASKS.md.
- Team Team Excititor Formats: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Formats.CSAF/TASKS.md`, `src/StellaOps.Excititor.Formats.CycloneDX/TASKS.md`, `src/StellaOps.Excititor.Formats.OpenVEX/TASKS.md`. Focus on EXCITITOR-FMT-CSAF-01-002 (TODO), EXCITITOR-FMT-CSAF-01-003 (TODO), EXCITITOR-FMT-CYCLONE-01-002 (TODO), EXCITITOR-FMT-CYCLONE-01-003 (TODO), EXCITITOR-FMT-OPENVEX-01-002 (TODO), EXCITITOR-FMT-OPENVEX-01-003 (TODO). Confirm prerequisites (external: EXCITITOR-EXPORT-01-001, EXCITITOR-FMT-CSAF-01-001, EXCITITOR-FMT-CYCLONE-01-001, EXCITITOR-FMT-OPENVEX-01-001, EXCITITOR-POLICY-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Storage: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Storage.Mongo/TASKS.md`. Focus on EXCITITOR-STORAGE-MONGO-08-001 (DONE 2025-10-19), EXCITITOR-STORAGE-03-001 (TODO). Confirm prerequisites (external: EXCITITOR-STORAGE-01-003, EXCITITOR-STORAGE-02-001) before starting and report status in module TASKS.md.
- Team Team Excititor WebService: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.WebService/TASKS.md`. Focus on EXCITITOR-WEB-01-002 (DONE 2025-10-20), EXCITITOR-WEB-01-003 (TODO), EXCITITOR-WEB-01-004 (DONE 2025-10-20). Confirm prerequisites (external: EXCITITOR-ATTEST-01-001, EXCITITOR-EXPORT-01-001, EXCITITOR-WEB-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Worker: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Excititor.Worker/TASKS.md`. Focus on EXCITITOR-WORKER-01-004 (DONE 2025-10-21); EXCITITOR-WORKER-01-002 (DONE 2025-10-21) and EXCITITOR-WORKER-02-001 (DONE 2025-10-21) recorded. Confirm prerequisites (external: EXCITITOR-CORE-02-001, EXCITITOR-WORKER-01-001) before starting and report status in module TASKS.md.
- Team Team Merge & QA Enforcement: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Concelier.Merge/TASKS.md`. Focus on FEEDMERGE-COORD-02-900 (DOING). Confirm prerequisites (none) before starting and report status in module TASKS.md. **2025-10-19:** Coordination refreshed; connector owners notified and TASKS.md entries updated. **2025-10-20:** Coordination matrix + rollout dashboard refreshed with connector due dates (Cccs/Cisco 2025-10-21, CertBund 2025-10-22, ICS-CISA 2025-10-23, KISA 2025-10-24) and escalation plan logged.
- Team Team Normalization & Storage Backbone: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Concelier.Storage.Mongo/TASKS.md`. Focus on FEEDSTORAGE-MONGO-08-001 (DONE 2025-10-19). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Team WebService & Authority: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/TASKS.md`, `src/StellaOps.Concelier.WebService/TASKS.md`. Focus on SEC2.PLG (DOING), SEC3.PLG (DOING), SEC5.PLG (DOING), PLG4-6.CAPABILITIES (BLOCKED), PLG6.DIAGRAM (TODO), PLG7.RFC (REVIEW), FEEDWEB-DOCS-01-001 (DOING), FEEDWEB-OPS-01-006 (TODO), FEEDWEB-OPS-01-007 (BLOCKED). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team Tools Guild, BE-Conn-MSRC: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Concelier.Connector.Common/TASKS.md`. Focus on FEEDCONN-SHARED-STATE-003 (**TODO). Confirm prerequisites (none) before starting and report status in module TASKS.md.
- Team UX Specialist, Angular Eng: read EXECPLAN.md Wave 0 and SPRINTS.md rows for `src/StellaOps.Web/TASKS.md`. Focus on WEB1.TRIVY-SETTINGS (DONE 2025-10-21), WEB1.TRIVY-SETTINGS-TESTS (DONE 2025-10-21), and WEB1.DEPS-13-001 (DONE 2025-10-21). Confirm prerequisites (none) before starting and report status in module TASKS.md.
### Wave 1
- Team Concelier WebService Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Concelier.WebService/TASKS.md`. Focus on CONCELIER-WEB-AOC-19-001/002/003/004 (TODO). Confirm prerequisites (WEB-AOC-19-001, CONCELIER-CORE-AOC-19-001, CONCELIER-STORE-AOC-19-001) before starting and record progress in TASKS.md.
- Team Concelier Core Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Concelier.Core/TASKS.md`. Focus on CONCELIER-CORE-AOC-19-001/002/003/004 (TODO). Coordinate with Policy team on derived-data removal.
- Team Concelier Storage Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Concelier.Storage.Mongo/TASKS.md`. Prioritise CONCELIER-STORE-AOC-19-001/002/003/004 (TODO) and align validator rollout with DevOps.
- Team Excititor WebService Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.WebService/TASKS.md`. Focus on EXCITITOR-WEB-AOC-19-001/002/003/004 (TODO). Ensure parity with Concelier ingestion guard.
- Team Excititor Core Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Core/TASKS.md`. Focus on EXCITITOR-CORE-AOC-19-001/002/003/004 (TODO).
- Team Excititor Storage Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Storage.Mongo/TASKS.md`. Work on EXCITITOR-STORE-AOC-19-001/002/003/004 (TODO) with migration dry-run plans.
- Team Excititor Worker Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Worker/TASKS.md`. Focus on EXCITITOR-WORKER-AOC-19-001/002/003 (TODO) coordinating signature enforcement with storage guard.
- Team BE-Base Platform Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Web/TASKS.md`. Deliver WEB-AOC-19-001/002/003 (TODO) to unblock ingestion services.
- Team Policy Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Policy/TASKS.md`. Work on POLICY-AOC-19-001/002/003/004 (TODO) to keep derived data policy-only.
- Team Authority Core & Security Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Authority/TASKS.md`. Prioritise AUTH-AOC-19-001/002/003 (TODO) for new scopes + tenancy.
- Team DevEx/CLI Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Cli/TASKS.md`. Focus on CLI-AOC-19-001/002/003 (TODO) and sync exit codes with services.
- Team UI Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.UI/TASKS.md`. Execute UI-AOC-19-001/002/003 (TODO) using new verify endpoints.
- Team DevOps Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `ops/devops/TASKS.md`. Implement DEVOPS-AOC-19-001/002/003 (TODO) to gate CI with new guards.
- Team Docs Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `docs/TASKS.md`. Cover DOCS-AOC-19-001..008 (TODO) aligning docs with new ingestion contract.
- Team Bench Guild, Language Analyzer Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Bench/TASKS.md`. Focus on BENCH-SCANNER-10-002 (TODO). Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-301 (Wave 0)) before starting and report status in module TASKS.md.
- Team DevEx/CLI, QA Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Cli/TASKS.md`. Focus on CLI-RUNTIME-13-009 (TODO). Confirm prerequisites (internal: CLI-RUNTIME-13-005 (Wave 0)) before starting and report status in module TASKS.md.
- Team DevOps Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `ops/devops/TASKS.md`. Focus on DEVOPS-REL-14-001 (DOING 2025-10-23). Confirm prerequisites (internal: SIGNER-API-11-101 (Wave 0)) before starting and report status in module TASKS.md.
- Team DevOps Guild, Scanner WebService Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `ops/devops/TASKS.md`. Focus on DEVOPS-SCANNER-09-204 (TODO). Confirm prerequisites (internal: SCANNER-EVENTS-15-201 (Wave 0)) before starting and report status in module TASKS.md.
- Team Emit Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scanner.Emit/TASKS.md`. SCANNER-EMIT-10-607 shipped 2025-10-22; remaining focus is SCANNER-EMIT-17-701 (build-id enrichment). Confirm prerequisites (internal: POLICY-CORE-09-005 (Wave 0), SCANNER-EMIT-10-602 (Wave 0), SCANNER-EMIT-10-604 (Wave 0)) before starting and report status in module TASKS.md.
- Team Language Analyzer Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang/TASKS.md`. Sprint10 language analyzers (10-303..10-306) wrapped by 2025-10-22; shift to Wave1 benchmarking/packaging follow-ups (10-308+/309 variants) and ensure shared helpers stay stable. Node stream (tasks 10-302/309) closed on 2025-10-21; verify prereqs SCANNER-ANALYZERS-LANG-10-301/307 remain satisfied before new work.
- Team Licensing Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `ops/licensing/TASKS.md`. Focus on DEVOPS-LIC-14-004 (TODO). Confirm prerequisites (internal: AUTH-MTLS-11-002 (Wave 0)) before starting and report status in module TASKS.md.
- Team Notify Engine Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Notify.Engine/TASKS.md`. Focus on NOTIFY-ENGINE-15-301 (TODO). Confirm prerequisites (internal: NOTIFY-MODELS-15-101 (Wave 0)) before starting and report status in module TASKS.md.
- Team Notify WebService Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Notify.WebService/TASKS.md`. Focus on NOTIFY-WEB-15-103 (DONE). Confirm prerequisites (internal: NOTIFY-WEB-15-102 (Wave 0)) before starting and report status in module TASKS.md.
- Team Scheduler ImpactIndex Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scheduler.ImpactIndex/TASKS.md`. Focus on SCHED-IMPACT-16-301 (TODO). Confirm prerequisites (internal: SCANNER-EMIT-10-605 (Wave 0)) before starting and report status in module TASKS.md.
- Team Scheduler Queue Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scheduler.Queue/TASKS.md`. SCHED-QUEUE-16-402 completed (2025-10-20); next focus is SCHED-QUEUE-16-403.
- Team Scheduler Storage Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scheduler.Storage.Mongo/TASKS.md`. Focus on SCHED-STORAGE-16-203 (TODO), SCHED-STORAGE-16-202 (TODO). Confirm prerequisites (internal: SCHED-STORAGE-16-201 (Wave 0)) before starting and report status in module TASKS.md.
- Team Scheduler WebService Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scheduler.WebService/TASKS.md`. Focus on SCHED-WEB-16-104 (TODO), SCHED-WEB-16-102 (TODO). Confirm prerequisites (internal: SCHED-QUEUE-16-401 (Wave 0), SCHED-STORAGE-16-201 (Wave 0), SCHED-WEB-16-101 (Wave 0)) before starting and report status in module TASKS.md.
- Team Scheduler Worker Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scheduler.Worker/TASKS.md`. Focus on SCHED-WORKER-16-201 (TODO). Confirm prerequisites (internal: SCHED-QUEUE-16-401 (Wave 0)) before starting and report status in module TASKS.md.
- Team TBD: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`. SCANNER-ANALYZERS-LANG-10-305A/304A/303A/306A all closed by 2025-10-22; use this slot to review cross-language fixture hygiene and prep Wave1 benchmarking tickets. Node add-ons 10-307N/10-308N/10-309N remain DONE with restart-time packaging verified 2025-10-21. Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-302C (Wave 0), SCANNER-ANALYZERS-LANG-10-307 (Wave 0)) before starting any new follow-ups and report status in module TASKS.md.
- Team Team Excititor Connectors MSRC: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.MSRC.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-MS-01-003 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-MS-01-002 (Wave 0); external: EXCITITOR-POLICY-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors Oracle: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.Oracle.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-ORACLE-01-002 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-ORACLE-01-001 (Wave 0); external: EXCITITOR-STORAGE-01-003) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors SUSE: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.SUSE.RancherVEXHub/TASKS.md`. Focus on EXCITITOR-CONN-SUSE-01-003 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-SUSE-01-002 (Wave 0); external: EXCITITOR-POLICY-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Connectors Ubuntu: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.Ubuntu.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-UBUNTU-01-003 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-UBUNTU-01-002 (Wave 0); external: EXCITITOR-POLICY-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Export: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Export/TASKS.md`. Focus on EXCITITOR-EXPORT-01-006 (DONE 2025-10-21). Confirm prerequisites (internal: EXCITITOR-EXPORT-01-005 (Wave 0), POLICY-CORE-09-005 (Wave 0)) before starting and report status in module TASKS.md.
- Team Team Excititor Worker: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.Excititor.Worker/TASKS.md`. Focus on EXCITITOR-WORKER-01-003 (TODO). Confirm prerequisites (internal: EXCITITOR-ATTEST-01-003 (Wave 0); external: EXCITITOR-EXPORT-01-002, EXCITITOR-WORKER-01-001) before starting and report status in module TASKS.md.
- Team UI Guild: read EXECPLAN.md Wave 1 and SPRINTS.md rows for `src/StellaOps.UI/TASKS.md`. Focus on UI-SCANS-13-002 (TODO), UI-VEX-13-003 (TODO), UI-ADMIN-13-004 (TODO), UI-SCHED-13-005 (TODO). Confirm prerequisites (internal: AUTH-DPOP-11-001 (Wave 0), AUTH-MTLS-11-002 (Wave 0), EXCITITOR-EXPORT-01-005 (Wave 0), NOTIFY-WEB-15-101 (Wave 0), POLICY-CORE-09-006 (Wave 0), SCHED-WEB-16-101 (Wave 0), SIGNER-API-11-101 (Wave 0); external: EXCITITOR-CORE-02-001, SCANNER-WEB-09-102, SCANNER-WEB-09-103) before starting and report status in module TASKS.md.
### Wave 2
- Team Bench Guild, Notify Team: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Bench/TASKS.md`. Focus on BENCH-NOTIFY-15-001 (TODO). Confirm prerequisites (internal: NOTIFY-ENGINE-15-301 (Wave 1)) before starting and report status in module TASKS.md.
- Team Bench Guild, Scheduler Team: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Bench/TASKS.md`. Focus on BENCH-IMPACT-16-001 (TODO). Confirm prerequisites (internal: SCHED-IMPACT-16-301 (Wave 1)) before starting and report status in module TASKS.md.
- Team Deployment Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `ops/deployment/TASKS.md`. Focus on DEVOPS-OPS-14-003 (TODO). Confirm prerequisites (internal: DEVOPS-REL-14-001 (Wave 1)) before starting and report status in module TASKS.md.
- Team DevOps Guild, Notify Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `ops/devops/TASKS.md`. Focus on DEVOPS-SCANNER-09-205 (TODO). Confirm prerequisites (internal: DEVOPS-SCANNER-09-204 (Wave 1)) before starting and report status in module TASKS.md.
- Team Notify Engine Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Notify.Engine/TASKS.md`. Focus on NOTIFY-ENGINE-15-302 (TODO). Confirm prerequisites (internal: NOTIFY-ENGINE-15-301 (Wave 1)) before starting and report status in module TASKS.md.
- Team Offline Kit Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `ops/offline-kit/TASKS.md`. Focus on DEVOPS-OFFLINE-14-002 (TODO), DEVOPS-OFFLINE-18-003 (TODO), and DEVOPS-OFFLINE-18-005 (TODO). Confirm prerequisites (internal: DEVOPS-REL-14-001 (Wave 1), DEVOPS-REL-14-004 (Wave 2)) before starting and report status in module TASKS.md.
- Team Samples Guild, Policy Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `samples/TASKS.md`. Focus on SAMPLES-13-004 (TODO). Confirm prerequisites (internal: POLICY-CORE-09-006 (Wave 0), UI-POLICY-13-007 (Wave 1)) before starting and report status in module TASKS.md.
- Team Scheduler ImpactIndex Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Scheduler.ImpactIndex/TASKS.md`. Focus on SCHED-IMPACT-16-303 (TODO), SCHED-IMPACT-16-302 (TODO). Confirm prerequisites (internal: SCHED-IMPACT-16-301 (Wave 1)) before starting and report status in module TASKS.md.
- Team Scheduler WebService Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Scheduler.WebService/TASKS.md`. Focus on SCHED-WEB-16-103 (TODO). Confirm prerequisites (internal: SCHED-WEB-16-102 (Wave 1)) before starting and report status in module TASKS.md.
- Team Scheduler Worker Guild: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Scheduler.Worker/TASKS.md`. Focus on SCHED-WORKER-16-202 (TODO), SCHED-WORKER-16-205 (TODO). Confirm prerequisites (internal: SCHED-IMPACT-16-301 (Wave 1), SCHED-WORKER-16-201 (Wave 1)) before starting and report status in module TASKS.md.
- Team TBD: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`. SCANNER-ANALYZERS-LANG-10-305B/304B/303B/306B wrapped on 2025-10-22; next focus moves to `10-307*` shared helper integration and Wave2 benchmark polish. Node packaging milestone 10-308N closed 2025-10-21. Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-303A (Wave 1), SCANNER-ANALYZERS-LANG-10-304A (Wave 1), SCANNER-ANALYZERS-LANG-10-305A (Wave 1), SCANNER-ANALYZERS-LANG-10-306A (Wave 1), SCANNER-ANALYZERS-LANG-10-307N (Wave 1)) before starting new work and report status in module TASKS.md.
- Team Team Excititor Connectors Oracle: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.Oracle.CSAF/TASKS.md`. Focus on EXCITITOR-CONN-ORACLE-01-003 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-ORACLE-01-002 (Wave 1); external: EXCITITOR-POLICY-01-001) before starting and report status in module TASKS.md.
- Team Team Excititor Export: read EXECPLAN.md Wave 2 and SPRINTS.md rows for `src/StellaOps.Excititor.Export/TASKS.md`. Focus on EXCITITOR-EXPORT-01-007 (DONE 2025-10-21). Confirm prerequisites (internal: EXCITITOR-EXPORT-01-006 (Wave 1)) before starting and report status in module TASKS.md.
### Wave 3
- Team DevEx/CLI: read EXECPLAN.md Wave 3 and SPRINTS.md rows for `src/StellaOps.Cli/TASKS.md`. Focus on CLI-OFFLINE-13-006 (DONE 2025-10-21). Confirm prerequisites (internal: DEVOPS-OFFLINE-14-002 (Wave 2)) before starting and report status in module TASKS.md.
- Team Excititor Connectors Stella: read EXECPLAN.md Wave 3 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.StellaOpsMirror/TASKS.md`. Focus on EXCITITOR-CONN-STELLA-07-001 (DONE 2025-10-21). Confirm prerequisites (internal: EXCITITOR-EXPORT-01-007 (Wave 2)) before starting and report status in module TASKS.md.
- Team Notify Engine Guild: read EXECPLAN.md Wave 3 and SPRINTS.md rows for `src/StellaOps.Notify.Engine/TASKS.md`. Focus on NOTIFY-ENGINE-15-303 (TODO). Confirm prerequisites (internal: NOTIFY-ENGINE-15-302 (Wave 2)) before starting and report status in module TASKS.md.
- Team Notify Worker Guild: read EXECPLAN.md Wave 3 and SPRINTS.md rows for `src/StellaOps.Notify.Worker/TASKS.md`. Focus on NOTIFY-WORKER-15-203 (TODO). Confirm prerequisites (internal: NOTIFY-ENGINE-15-302 (Wave 2)) before starting and report status in module TASKS.md.
- Team Scheduler Worker Guild: read EXECPLAN.md Wave 3 and SPRINTS.md rows for `src/StellaOps.Scheduler.Worker/TASKS.md`. Focus on SCHED-WORKER-16-203 (TODO). Confirm prerequisites (internal: SCHED-WORKER-16-202 (Wave 2)) before starting and report status in module TASKS.md.
- Team TBD: read EXECPLAN.md Wave 3 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`. SCANNER-ANALYZERS-LANG-10-305C/304C/309N/303C/306C are all DONE (latest 2025-10-22); remaining Wave3 attention shifts to 10-307* helper consolidation and subsequent benchmarking tickets. Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-303B (Wave 2), SCANNER-ANALYZERS-LANG-10-304B (Wave 2), SCANNER-ANALYZERS-LANG-10-305B (Wave 2), SCANNER-ANALYZERS-LANG-10-306B (Wave 2), SCANNER-ANALYZERS-LANG-10-308N (Wave 2)) before scheduling new work and report status in module TASKS.md.
### Wave 4
- Team DevEx/CLI: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Cli/TASKS.md`. Focus on CLI-PLUGIN-13-007 (DONE 2025-10-22). Confirm prerequisites (internal: CLI-OFFLINE-13-006 (Wave 3), CLI-RUNTIME-13-005 (Wave 0)) before starting and report status in module TASKS.md.
- Team Excititor Connectors Stella: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.StellaOpsMirror/TASKS.md`. Focus on EXCITITOR-CONN-STELLA-07-002 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-STELLA-07-001 (Wave 3)) before starting and report status in module TASKS.md.
- Team Notify Connectors Guild: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Notify.Connectors.Email/TASKS.md`, `src/StellaOps.Notify.Connectors.Slack/TASKS.md`, `src/StellaOps.Notify.Connectors.Teams/TASKS.md`, `src/StellaOps.Notify.Connectors.Webhook/TASKS.md`. Focus on NOTIFY-CONN-SLACK-15-501 (TODO), NOTIFY-CONN-TEAMS-15-601 (TODO), NOTIFY-CONN-EMAIL-15-701 (TODO), NOTIFY-CONN-WEBHOOK-15-801 (TODO). Confirm prerequisites (internal: NOTIFY-ENGINE-15-303 (Wave 3)) before starting and report status in module TASKS.md.
- Team Notify Engine Guild: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Notify.Engine/TASKS.md`. Focus on NOTIFY-ENGINE-15-304 (TODO). Confirm prerequisites (internal: NOTIFY-ENGINE-15-303 (Wave 3)) before starting and report status in module TASKS.md.
- Team Notify Worker Guild: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Notify.Worker/TASKS.md`. Focus on NOTIFY-WORKER-15-204 (TODO). Confirm prerequisites (internal: NOTIFY-WORKER-15-203 (Wave 3)) before starting and report status in module TASKS.md.
- Team Scheduler Worker Guild: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Scheduler.Worker/TASKS.md`. Focus on SCHED-WORKER-16-204 (TODO). Confirm prerequisites (internal: SCHED-WORKER-16-203 (Wave 3)) before starting and report status in module TASKS.md.
- Team TBD: read EXECPLAN.md Wave 4 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`. SCANNER-ANALYZERS-LANG-10-307D/G/P are DONE (latest 2025-10-23); remaining focus is SCANNER-ANALYZERS-LANG-10-307R (TODO). Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-303C (Wave 3), SCANNER-ANALYZERS-LANG-10-304C (Wave 3), SCANNER-ANALYZERS-LANG-10-305C (Wave 3), SCANNER-ANALYZERS-LANG-10-306C (Wave 3)) before progressing and report status in module TASKS.md.
### Wave 5
- **Sprint 23-28** · StellaOps Console, Policy Studio, Graph Explorer
- Team: Policy Registry Guild
- Path: `src/StellaOps.Policy.Registry/TASKS.md`
1. [TODO] REGISTRY-API-27-001..010 — Deliver Registry service (OpenAPI, workspace storage, compile/sim integration, review workflow, publish/attest, promotion, telemetry, testing). Coordinate closely with Policy Engine, Scheduler, Authority, Console, CLI, Docs, and DevOps.
- Team: Findings Ledger Guild
- Path: `src/StellaOps.Findings.Ledger/TASKS.md`
1. [TODO] LEDGER-29-001..009 — Stand up immutable ledger, projector, workflow handlers, hashing/Merkle anchoring, and deployment tooling powering Vuln Explorer.
- Team: VEX Lens Guild
- Path: `src/StellaOps.VexLens/TASKS.md`
1. [TODO] VEXLENS-30-001..011 — Build VEX normalization, mapping, trust weighting, consensus projection, APIs, simulation, telemetry, and deployment.
- Team: Issuer Directory Guild
- Path: `src/StellaOps.IssuerDirectory/TASKS.md`
1. [TODO] ISSUER-30-001..006 — Provide issuer/key management, trust overrides, integration with VEX Lens, telemetry, and deployment guidance.
- Team: Advisory AI Guild
- Path: `src/StellaOps.AdvisoryAI/TASKS.md`
1. [TODO] AIAI-31-001..009 — Implement retrievers, deterministics, guardrails, APIs, telemetry, and deployment for Advisory AI summaries/conflict explain/remediation.
- Team: Graph Indexer Guild
- Path: `src/StellaOps.Graph.Indexer/TASKS.md`
1. [TODO] GRAPH-INDEX-28-001..010 — Build graph ingestion (SBOM, advisory, VEX, policy overlays), snapshots, clustering, incremental updates, and deployment artifacts. Maintain deterministic identity + tenant isolation.
- Team: Graph API Guild
- Path: `src/StellaOps.Graph.Api/TASKS.md`
1. [TODO] GRAPH-API-28-001..011 — Ship streaming query/search/paths/diff/export endpoints with cost enforcement, overlays, RBAC, telemetry, and deployment docs.
- Team: Vuln Explorer API Guild
- Path: `src/StellaOps.VulnExplorer.Api/TASKS.md`
1. [TODO] VULN-API-29-001..011 — Provide policy-aware list/detail/workflow/simulation/export APIs atop the ledger with deterministic outputs and auditable telemetry.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-CORE-23-001..CONSOLE-REL-23-303, CONSOLE-DOC-23-501/502, TELEMETRY-CONSOLE-23-001 — Bootstrap the Next.js workspace, build shell/navigation, deliver feature modules (Dashboard, SBOM, Advisories/VEX, Findings, Policies, Runs, Reports, Admin, Downloads), wire telemetry, QA (Playwright, Storybook a11y, Lighthouse), release artifacts, and support docs/parity automation. Sequence: finish core scaffolding (23-001..005) before picking up feature modules; hold Reports/Downloads until backend export + manifest tasks signal ready.
2. [TODO] CONSOLE-STUDIO-27-001..007, CONSOLE-GRAPH-28-001..008, TELEMETRY-CONSOLE-27-001 — Deliver Policy Studio editor experience and Graph Explorer WebGL module (semantic zoom, overlays, diff, exports, saved queries, accessibility, telemetry).
3. [TODO] CONSOLE-VULN-29-001..007 — Ship Vuln Explorer UI enhancements (list/detail/workflow/simulation/export) with telemetry and accessibility.
4. [TODO] CONSOLE-VEX-30-001..005 — Provide VEX Lens console experience with quorum/conflict visualization and telemetry.
5. [TODO] CONSOLE-AIAI-31-001..005 — Build Advisory AI side panel (summary/conflict/remediation) with copy-as-ticket, a11y, and telemetry integration.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-CONSOLE-23-001..005 — Stand up `/console/*` aggregates, SSE proxy, export orchestrator, global search, and downloads manifest endpoints. Coordinate closely with Policy, Scheduler, Concelier, Excititor, SBOM services to validate payloads.
2. [TODO] WEB-GRAPH-24-001..004 — Route `/graph/*` APIs to Graph service, enforce scopes, provide overlay/export proxies, and aggregate telemetry.
3. [TODO] WEB-VULN-29-001..004 — Provide Vuln Explorer routing, ledger proxying, simulation/export orchestration, and telemetry.
4. [TODO] WEB-AIAI-31-001..003 — Route Advisory AI endpoints, batch orchestration, and telemetry/audit pipelines.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-CONSOLE-23-001..003 — Register Console OIDC client, expose tenant/profile endpoints, refresh security docs. PKCE + short-lived tokens must land before Console auth wiring can start.
2. [TODO] AUTH-POLICY-27-001..003, AUTH-GRAPH-21-001..003 — Roll out Policy Studio scopes + signing enforcement and ensure Graph scopes/RBAC stay in sync.
3. [TODO] AUTH-VULN-29-001..003 — Deliver Vuln Explorer scopes, CSRF enforcement, attachment signing, and documentation.
4. [TODO] AUTH-AIAI-31-001..002 — Define Advisory AI scopes/consent controls and enforce anonymized logging/audit flows.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-CONSOLE-23-001/002, EXPORT-CONSOLE-23-001 — Optimize findings/explain APIs, expose simulation diff + approvals metadata, and deliver evidence bundle generator feeding Web gateway + Console Reports.
2. [TODO] POLICY-ENGINE-27-001..004, POLICY-ENGINE-30-001..003 — Provide Studio compile metadata, simulation enhancements, complexity limits, and graph overlay contracts/events.
3. [TODO] POLICY-ENGINE-29-001..004 — Supply batch evaluation/simulation for Vuln Explorer and consensus overlays with telemetry.
4. [TODO] POLICY-ENGINE-31-001..002 — Surface Advisory AI parameters and policy context endpoints consumed by the assistant.
- Team: SBOM Service Guild
- Path: `src/StellaOps.SbomService/TASKS.md`
1. [TODO] SBOM-CONSOLE-23-001/002 — Provide Console catalog + component lookup endpoints (filters, overlays, raw projections). Coordinate caching hints with Web + Console teams.
2. [TODO] SBOM-GRAPH-24-001..004 — Maintain graph node/edge collections, builders, diff events, and caches feeding Graph Explorer.
3. [TODO] SBOM-VULN-29-001/002 — Emit enriched inventory evidence (scope/runtime/path/safe versions) and resolver feeds for Vuln Explorer.
4. [TODO] SBOM-AIAI-31-001/002 — Deliver path/timeline APIs and telemetry for Advisory AI remediation hints.
- Team: Concelier WebService Guild
- Path: `src/StellaOps.Concelier.WebService/TASKS.md`
1. [TODO] CONCELIER-CONSOLE-23-001..003 — Deliver advisory aggregation views, delta metrics feed, and search helpers backing Dashboard/Search modules.
2. [TODO] CONCELIER-VULN-29-001..004 — Normalize advisory keys, expose raw evidence, publish safe fix hints, and instrument metrics for Vuln Explorer.
3. [TODO] CONCELIER-AIAI-31-001..003 — Provide paragraph anchors, structured fields, and telemetry required by Advisory AI.
- Team: Excititor WebService Guild
- Path: `src/StellaOps.Excititor.WebService/TASKS.md`
1. [TODO] EXCITITOR-CONSOLE-23-001..003 — Provide VEX aggregation, override deltas, and search helpers for Console UX.
2. [TODO] EXCITITOR-GRAPH-24-101/102 — Supply VEX summaries for Graph Explorer overlays and inspectors.
3. [TODO] EXCITITOR-VULN-29-001..004 — Canonicalize VEX keys, surface evidence APIs, suppression metadata, and telemetry for Vuln Explorer.
4. [TODO] EXCITITOR-AIAI-31-001..003 — Serve VEX chunks/justifications/signature metadata and telemetry for Advisory AI.
- Team: Scheduler WebService Guild
- Path: `src/StellaOps.Scheduler.WebService/TASKS.md`
1. [TODO] SCHED-CONSOLE-23-001 — Extend runs API with SSE progress stream, queue lag summaries, RBAC-gated actions.
2. [TODO] SCHED-CONSOLE-27-001/002, SCHED-WEB-21-001/002 — Surface policy batch sim orchestration and graph build/overlay monitoring endpoints.
3. [TODO] SCHED-VULN-29-001/002 — Provide resolver job APIs and lag metrics for Vulnerability Explorer recomputation.
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-CONSOLE-23-201/202 — Publish run progress events and coordinate evidence bundle jobs consumed by Console + gateway.
2. [TODO] SCHED-WORKER-27-301..303, SCHED-WORKER-21-201..203 — Execute policy batch simulation sharding/reduction and graph build/overlay workers with telemetry + security controls.
3. [TODO] SCHED-WORKER-29-001..003 — Run vulnerability resolver/evaluation workers and monitoring to keep projections fresh.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-CONSOLE-23-001/002 — Add console CI workflow (pnpm lint/test/Playwright/Lighthouse) and produce `stella-console` container + Helm overlays with SBOM/provenance and offline packaging.
2. [TODO] DEVOPS-POLICY-27-001..004 — Wire policy lint/compile/test jobs, optional batch simulation CI, signing key management, and telemetry dashboards/alerts.
3. [TODO] DEVOPS-GRAPH-28-001..003 — Stand up graph perf/load tests, rate limiting/backpressure controls, and observability dashboards/alerts.
4. [TODO] DEVOPS-VULN-29-001..003 — Establish ledger CI/backups/anchoring, Vuln Explorer performance dashboards/alerts, and telemetry privacy safeguards.
5. [TODO] DEVOPS-VEX-30-001 — Provision CI/perf/dashboards/alerts for VEX Lens & Issuer Directory.
6. [TODO] DEVOPS-AIAI-31-001 — Provide CI, inference monitoring, privacy review, perf dashboards, and alerts for Advisory AI service.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DOWNLOADS-CONSOLE-23-001 — Maintain signed downloads manifest pipeline used by Console `/downloads` and docs parity checks.
2. [TODO] DEPLOY-POLICY-27-001/002 — Provide Policy Registry deployment overlays and publish policy rollout/rollback runbook.
3. [TODO] DEPLOY-GRAPH-28-001 — Create deployment/offline instructions for Graph Indexer/API (including cache seeds).
4. [TODO] DEPLOY-VULN-29-001/002 — Package Findings Ledger and Vuln Explorer API deployments with migrations/backups/offline guidance.
5. [TODO] DEPLOY-VEX-30-001/002 — Provide deployments/offline instructions for VEX Lens and Issuer Directory.
6. [TODO] DEPLOY-AIAI-31-001 — Deliver Advisory AI deployment manifests, GPU toggle guidance, and offline kit instructions.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-CONSOLE-23-001..017 — Publish the Console doc suite (overview, navigation, module guides, deploy/install, security, observability, parity matrix, accessibility, UI tours). Coordinate media capture with Console Guild.
2. [TODO] DOCS-POLICY-27-001..014 — Deliver Policy Studio documentation set (overview, authoring, versioning, simulation, review, promotion, CLI/API/security/observability/runbooks/templates/AOC guardrails).
3. [TODO] DOCS-GRAPH-28-001..012 — Produce Graph Explorer documentation (overview, console usage, query language, API, CLI, overlays, advisory/VEX integration, architecture, telemetry, runbooks, security).
4. [TODO] DOCS-VULN-29-001..013 — Author Vulnerability Explorer documents (overview, console usage, API/CLI, ledger, policy mapping, advisory/VEX integration, SBOM resolution, telemetry, security, runbooks, install updates).
5. [TODO] DOCS-VEX-30-001..009 — Publish VEX Lens documentation set (overview, algorithm, issuer directory, APIs, console, policy trust model, mapping, signatures, runbooks).
6. [TODO] DOCS-AIAI-31-001..009 — Publish Advisory AI documentation suite (overview, architecture, APIs, console, CLI, policy parameters, guardrails, remediation heuristics, ops runbook).
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-POLICY-27-001..005 — Implement Policy Studio CLI lifecycle (init→lint→simulate→submit→approve→publish→promote/rollback), enhance simulation reporting, and update documentation with CI-friendly outputs.
2. [TODO] CLI-GRAPH-28-001..003 — Implement Graph Explorer CLI commands, saved query management, and updated docs/examples.
3. [TODO] CLI-VULN-29-001..006 — Deliver Vuln Explorer CLI commands (list/show/workflow/simulate/export) and documentation updates.
4. [TODO] CLI-VEX-30-001..004 — Provide VEX Lens CLI commands (consensus list/show/simulate/export).
5. [TODO] CLI-AIAI-31-001..004 — Implement Advisory AI CLI commands (`stella advise *`) with docs and tests.
2. [TODO] CLI-GRAPH-28-001..003 — Implement Graph Explorer CLI commands, saved query management, and updated docs/examples.
3. [TODO] CLI-VULN-29-001..006 — Deliver Vuln Explorer CLI commands (list/show/workflow/simulate/export) and documentation updates.
- Team Excititor Connectors Stella: read EXECPLAN.md Wave 5 and SPRINTS.md rows for `src/StellaOps.Excititor.Connectors.StellaOpsMirror/TASKS.md`. Focus on EXCITITOR-CONN-STELLA-07-003 (TODO). Confirm prerequisites (internal: EXCITITOR-CONN-STELLA-07-002 (Wave 4)) before starting and report status in module TASKS.md.
- Team Notify Connectors Guild: read EXECPLAN.md Wave 5 and SPRINTS.md rows for `src/StellaOps.Notify.Connectors.Email/TASKS.md`, `src/StellaOps.Notify.Connectors.Slack/TASKS.md`, `src/StellaOps.Notify.Connectors.Teams/TASKS.md`, `src/StellaOps.Notify.Connectors.Webhook/TASKS.md`. Focus on NOTIFY-CONN-SLACK-15-502 (DONE), NOTIFY-CONN-TEAMS-15-602 (DONE), NOTIFY-CONN-EMAIL-15-702 (BLOCKED 2025-10-20), NOTIFY-CONN-WEBHOOK-15-802 (BLOCKED 2025-10-20). Confirm prerequisites (internal: NOTIFY-CONN-EMAIL-15-701 (Wave 4), NOTIFY-CONN-SLACK-15-501 (Wave 4), NOTIFY-CONN-TEAMS-15-601 (Wave 4), NOTIFY-CONN-WEBHOOK-15-801 (Wave 4)) before starting and report status in module TASKS.md.
- Team TBD: read EXECPLAN.md Wave 5 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`. SCANNER-ANALYZERS-LANG-10-308D/G/P completed (2025-10-23/2025-10-22/2025-10-23); pending items are SCANNER-ANALYZERS-LANG-10-308R (TODO). Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-307D (Wave 4), SCANNER-ANALYZERS-LANG-10-307G (Wave 4), SCANNER-ANALYZERS-LANG-10-307P (Wave 4), SCANNER-ANALYZERS-LANG-10-307R (Wave 4)) before starting and report status in module TASKS.md.
### Wave 6
- Team Notify Connectors Guild: read EXECPLAN.md Wave 6 and SPRINTS.md rows for `src/StellaOps.Notify.Connectors.Email/TASKS.md`, `src/StellaOps.Notify.Connectors.Slack/TASKS.md`, `src/StellaOps.Notify.Connectors.Teams/TASKS.md`, `src/StellaOps.Notify.Connectors.Webhook/TASKS.md`. Focus on NOTIFY-CONN-SLACK-15-503 (DONE), NOTIFY-CONN-TEAMS-15-603 (DONE), NOTIFY-CONN-EMAIL-15-703 (DONE), NOTIFY-CONN-WEBHOOK-15-803 (DONE). Confirm packaging outputs remain deterministic while upstream implementation tasks (15-702/802) stay blocked.
- Team TBD: read EXECPLAN.md Wave 6 and SPRINTS.md rows for `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`, `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`. SCANNER-ANALYZERS-LANG-10-309D/G/P completed (2025-10-23/2025-10-22/2025-10-23); remaining item is SCANNER-ANALYZERS-LANG-10-309R (TODO). Confirm prerequisites (internal: SCANNER-ANALYZERS-LANG-10-308D (Wave 5), SCANNER-ANALYZERS-LANG-10-308G (Wave 5), SCANNER-ANALYZERS-LANG-10-308P (Wave 5), SCANNER-ANALYZERS-LANG-10-308R (Wave 5)) before starting and report status in module TASKS.md.
### Wave 7
- Team Team Core Engine & Storage Analytics: read EXECPLAN.md Wave 7 and SPRINTS.md rows for `src/StellaOps.Concelier.Core/TASKS.md`. Focus on FEEDCORE-ENGINE-07-001 (DONE 2025-10-19). Confirm prerequisites (internal: FEEDSTORAGE-DATA-07-001 (Wave 10)) before starting and report status in module TASKS.md.
### Wave 8
- Team Team Core Engine & Data Science: read EXECPLAN.md Wave 8 and SPRINTS.md rows for `src/StellaOps.Concelier.Core/TASKS.md`. Focus on FEEDCORE-ENGINE-07-002 (DONE 2025-10-21). Confirm prerequisites (internal: FEEDCORE-ENGINE-07-001 (Wave 7)) before starting and report status in module TASKS.md.
### Wave 9
- Team Team Core Engine & Storage Analytics: read EXECPLAN.md Wave 9 and SPRINTS.md rows for `src/StellaOps.Concelier.Core/TASKS.md`. FEEDCORE-ENGINE-07-003 marked DONE (2025-10-21); share ledger heuristics with Policy when integrating confidence decay.
### Wave 10
- Team Team Normalization & Storage Backbone: read EXECPLAN.md Wave 10 and SPRINTS.md rows for `src/StellaOps.Concelier.Storage.Mongo/TASKS.md`. Focus on FEEDSTORAGE-DATA-07-001 (DONE 2025-10-19). Confirm prerequisites (internal: FEEDMERGE-ENGINE-07-001 (Wave 11)) before starting and report status in module TASKS.md.
### Wave 11 — 48 task(s) ready after Wave 10
- **Sprint 25** · Exceptions v1
- Team: Policy Guild
- Paths: `src/StellaOps.Policy/TASKS.md`, `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-EXC-25-001, POLICY-ENGINE-70-001..005 — SPL updates, evaluation layer, storage, cache, observability, worker hooks.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-EXC-25-001..003 — Exceptions API workflow, policy integration, events/notifications.
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-EXC-25-001..005 — Exception Center, creation wizard, inline flows, badges, accessibility.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-EXC-25-001/002 — CLI workflow commands and simulation overrides.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-EXC-25-001/002 — Exception scopes, routing matrix, docs.
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-25-101/102 — Exception lifecycle + expiring notification jobs.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-EXC-25-001..007 — Governance, approvals, API, policy effects, UI, CLI, migration docs.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] (future) exception monitoring/notifications integration if needed (track under DEVOPS-LNM-22-003 extension).
- Team BE-Merge: read EXECPLAN.md Wave 11 and SPRINTS.md rows for `src/StellaOps.Concelier.Merge/TASKS.md`. FEEDMERGE-ENGINE-07-001 marked DONE (2025-10-20); share conflict explainer rollout notes with Storage before Wave 10 resumes.
### Wave 12 — 40 task(s) ready after Wave 11
- **Sprint 26** · Reachability v1
- Team: Signals Guild
- Path: `src/StellaOps.Signals/TASKS.md`
1. [TODO] SIGNALS-24-001..005 — Signals service API, parsers, runtime ingest, scoring, caching/events.
- Team: Policy Guild
- Paths: `src/StellaOps.Policy/TASKS.md`, `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-SPL-24-001, POLICY-ENGINE-80-001..004 — SPL updates, evaluation integration, cache optimization, metrics.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-SIG-26-001..003 — Signals endpoints, reachability joins, simulation overrides.
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-SIG-26-001..004 — Reachability columns/overlays, explain drawer, center.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-SIG-26-001/002 — CLI commands for reachability upload/list/simulate.
- Team: Authority Core
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-SIG-26-001 — Signals scopes/roles with AOC requirements.
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-26-201/202 — Reachability joiner and staleness monitor jobs.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-SIG-26-001/002 — Deployment pipelines and observability for Signals.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-SIG-26-001..008 — Reachability concepts, formats, runtime, policy weighting, UI, CLI, API, migration docs.
- Team: Concelier/Excititor Guilds
- Paths: `src/StellaOps.Concelier.Core/TASKS.md`, `src/StellaOps.Excititor.Core/TASKS.md`
1. [TODO] CONCELIER-SIG-26-001, EXCITITOR-SIG-26-001 — Provide symbol/exploitability metadata to Signals.
- Team: Bench Guild
- Path: `src/StellaOps.Bench/TASKS.md`
1. [TODO] BENCH-SIG-26-001/002 — Performance benchmarks for Signals and policy evaluation overhead.
- Team Concelier Export Guild: read EXECPLAN.md Wave 12 and SPRINTS.md rows for `src/StellaOps.Concelier.Exporter.Json/TASKS.md`. Focus on CONCELIER-EXPORT-08-201 (TODO). Confirm prerequisites (internal: FEEDCORE-ENGINE-07-001 (Wave 7)) before starting and report status in module TASKS.md.
### Wave 13
- Team Concelier Export Guild: read EXECPLAN.md Wave 13 and SPRINTS.md rows for `src/StellaOps.Concelier.Exporter.TrivyDb/TASKS.md`. Focus on CONCELIER-EXPORT-08-202 (DONE 2025-10-19). Confirm prerequisites (internal: CONCELIER-EXPORT-08-201 (Wave 12)) before starting and report status in module TASKS.md.
### Wave 14
- Team Concelier WebService Guild: read EXECPLAN.md Wave 14 and SPRINTS.md rows for `src/StellaOps.Concelier.WebService/TASKS.md`. CONCELIER-WEB-08-201 closed (2025-10-20); coordinate with DevOps for mirror smoke before promoting to stable.
### Wave 15
- Team BE-Conn-Stella: read EXECPLAN.md Wave 15 and SPRINTS.md rows for `src/StellaOps.Concelier.Connector.StellaOpsMirror/TASKS.md`. Focus on FEEDCONN-STELLA-08-001 (DONE 2025-10-20). Confirm prerequisites (internal: CONCELIER-EXPORT-08-201 (Wave 12)) before starting and report status in module TASKS.md.
### Wave 16
- Team BE-Conn-Stella: read EXECPLAN.md Wave 16 and SPRINTS.md rows for `src/StellaOps.Concelier.Connector.StellaOpsMirror/TASKS.md`. FEEDCONN-STELLA-08-002 completed (2025-10-20) with canonical DTO mapper + provenance fixtures.
### Wave 17
- Team BE-Conn-Stella: read EXECPLAN.md Wave 17 and SPRINTS.md rows for `src/StellaOps.Concelier.Connector.StellaOpsMirror/TASKS.md`. Focus on FEEDCONN-STELLA-08-003 (TODO). Confirm prerequisites (internal: FEEDCONN-STELLA-08-002 (Wave 16)) before starting and report status in module TASKS.md.
## Wave 0 — 98 task(s) ready now
- **Sprint 1** · Backlog
- Team: UX Specialist, Angular Eng
- Path: `src/StellaOps.Web/TASKS.md`
• Prereqs: WEB1.TRIVY-SETTINGS
• Current: DONE (2025-10-21) ChromeHeadless launcher + README updates merged; dependency hardening completed via WEB1.DEPS-13-001.
• Prereqs: WEB1.TRIVY-SETTINGS-TESTS
• Current: DONE (2025-10-21) Lockfile generated via `npm ci`, Chromium auto-detection/verification scripts added, and deterministic install guide published for offline runners.
- **Sprint 1** · Developer Tooling
- Team: DevEx/CLI
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] EXCITITOR-CLI-01-002 — EXCITITOR-CLI-01-002 Export download & attestation UX
• Prereqs: EXCITITOR-CLI-01-001 (external/completed), EXCITITOR-EXPORT-01-001 (external/completed)
• Current: TODO Display export metadata (sha256, size, Rekor link), support optional artifact download path, and handle cache hits gracefully.
- Team: Docs/CLI
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] EXCITITOR-CLI-01-003 — EXCITITOR-CLI-01-003 CLI docs & examples for Excititor
• Prereqs: EXCITITOR-CLI-01-001 (external/completed)
• Current: TODO Update docs/09_API_CLI_REFERENCE.md and quickstart snippets to cover Excititor verbs, offline guidance, and attestation verification workflow.
- **Sprint 1** · Stabilize In-Progress Foundations
- Team: Team Connector Resumption CERT/RedHat
- Path: `src/StellaOps.Concelier.Connector.Distro.RedHat/TASKS.md`
1. [DOING] FEEDCONN-REDHAT-02-001 — Fixture validation sweep — Instructions to work: — Regenerating RHSA fixtures awaits remaining range provenance patches; review snapshot diffs and update docs once upstream helpers land. Conflict resolver deltas logged in src/StellaOps.Concelier.Connector.Distro.RedHat/CONFLICT_RESOLVER_NOTES.md for Sprint 3 consumers.
• Prereqs: —
• Current: DOING (2025-10-10)
- Team: Team WebService & Authority
- Path: `src/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/TASKS.md`
1. [DOING] SEC2.PLG — Emit audit events from password verification outcomes and persist via `IAuthorityLoginAttemptStore`; Serilog enrichment complete, storage durability tests in flight.
• Prereqs: —
• Current: DOING (2025-10-14)
2. [DOING] SEC3.PLG — Ensure lockout responses carry rate-limit metadata through plugin logs/events; retry-after propagation and limiter tests underway.
• Prereqs: —
• Current: DOING (2025-10-14)
3. [DOING] SEC5.PLG — Address plugin-specific mitigations in threat model backlog; mitigation items tracked, docs updates pending.
• Prereqs: —
• Current: DOING (2025-10-14)
4. [BLOCKED] PLG4-6.CAPABILITIES — Finalise capability metadata exposure and docs once Authority rate-limiter stream (CORE8/SEC3) is stable; awaiting dependency unblock.
• Prereqs: —
• Current: BLOCKED (2025-10-12)
5. [TODO] PLG6.DIAGRAM — Export final sequence/component diagrams for the developer guide and add offline-friendly assets under `docs/assets/authority`.
• Prereqs: —
• Current: TODO
6. [REVIEW] PLG7.RFC — Socialize LDAP plugin RFC and capture guild feedback; awaiting final review sign-off and follow-up issue tracking.
• Prereqs: —
• Current: REVIEW (2025-10-13)
- Path: `src/StellaOps.Concelier.WebService/TASKS.md`
1. [DOING] FEEDWEB-DOCS-01-001 — Document authority toggle & scope requirements — Quickstart updates are staged; awaiting Docs guild review before publishing operator guide refresh.
• Prereqs: —
• Current: DOING (2025-10-10)
3. [BLOCKED] FEEDWEB-OPS-01-007 — Authority resilience adoption — Roll out retry/offline knobs to deployment docs and align CLI parity once LIB5 resilience options land; unblock when library release is available and docs review completes.
• Prereqs: —
• Current: BLOCKED (2025-10-10)
- **Sprint 2** · Connector & Data Implementation Wave
- Team: Docs Guild, Plugin Team
- Path: `docs/TASKS.md`
1. [REVIEW] DOC4.AUTH-PDG — Copy-edit `docs/dev/31_AUTHORITY_PLUGIN_DEVELOPER_GUIDE.md`, export lifecycle diagram, add LDAP RFC cross-link.
• Prereqs: —
• Current: REVIEW
- Team: Team Merge & QA Enforcement
- Path: `src/StellaOps.Concelier.Merge/TASKS.md`
1. [DOING] FEEDMERGE-COORD-02-900 — Range primitives rollout coordination — Coordinate remaining connectors (`Acsc`, `Cccs`, `CertBund`, `CertCc`, `Cve`, `Ghsa`, `Ics.Cisa`, `Kisa`, `Ru.Bdu`, `Ru.Nkcki`, `Vndr.Apple`, `Vndr.Cisco`, `Vndr.Msrc`) to emit canonical range primitives with provenance tags; fixtures tracked in `RANGE_PRIMITIVES_COORDINATION.md`.
• Prereqs: —
• Current: DOING (2025-10-20) Coordination docs refreshed with connector due dates (Cccs/Cisco 2025-10-21, CertBund 2025-10-22, ICS-CISA 2025-10-23, KISA 2025-10-24); escalation plan defined if deadlines slip.
- **Sprint 3** · Backlog
- Team: Tools Guild, BE-Conn-MSRC
- Path: `src/StellaOps.Concelier.Connector.Common/TASKS.md`
1. [**TODO] FEEDCONN-SHARED-STATE-003 — FEEDCONN-SHARED-STATE-003 Source state seeding helper
• Prereqs: —
• Current: **TODO (2025-10-15)** Provide a reusable CLI/utility to seed `pendingDocuments`/`pendingMappings` for connectors (MSRC backfills require scripted CVRF + detail injection). Coordinate with MSRC team for expected JSON schema and handoff once prototype lands.
- **Sprint 5** · Excititor Core Foundations
- Team: Team Excititor Attestation
- Path: `src/StellaOps.Excititor.Attestation/TASKS.md`
1. [TODO] EXCITITOR-ATTEST-01-003 — EXCITITOR-ATTEST-01-003 Verification suite & observability
• Prereqs: EXCITITOR-ATTEST-01-002 (external/completed)
• Current: TODO Add verification helpers for Worker/WebService, metrics/logging hooks, and negative-path regression tests.
- Team: Team Excititor WebService
- Path: `src/StellaOps.Excititor.WebService/TASKS.md`
2. [TODO] EXCITITOR-WEB-01-003 — EXCITITOR-WEB-01-003 Export & verify endpoints
• Prereqs: EXCITITOR-WEB-01-001 (external/completed), EXCITITOR-EXPORT-01-001 (external/completed), EXCITITOR-ATTEST-01-001 (external/completed)
• Current: TODO Add `/excititor/export`, `/excititor/export/{id}`, `/excititor/export/{id}/download`, `/excititor/verify`, returning artifact + attestation metadata with cache awareness.
- **Sprint 6** · Excititor Ingest & Formats
- Team: Team Excititor Connectors Cisco
- Path: `src/StellaOps.Excititor.Connectors.Cisco.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-CISCO-01-003 — EXCITITOR-CONN-CISCO-01-003 Provider trust metadata
• Prereqs: EXCITITOR-CONN-CISCO-01-002 (external/completed), EXCITITOR-POLICY-01-001 (external/completed)
• Current: TODO Emit cosign/PGP trust metadata and advisory provenance hints for policy weighting.
- Team: Team Excititor Connectors MSRC
- Path: `src/StellaOps.Excititor.Connectors.MSRC.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-MS-01-002 — EXCITITOR-CONN-MS-01-002 CSAF download pipeline
• Prereqs: EXCITITOR-CONN-MS-01-001 (external/completed), EXCITITOR-STORAGE-01-003 (external/completed)
• Current: TODO Fetch CSAF packages with retry/backoff, checksum verification, and raw document persistence plus quarantine for schema failures.
- Team: Team Excititor Connectors Oracle
- Path: `src/StellaOps.Excititor.Connectors.Oracle.CSAF/TASKS.md`
1. [DOING] EXCITITOR-CONN-ORACLE-01-001 — EXCITITOR-CONN-ORACLE-01-001 Oracle CSAF catalogue discovery
• Prereqs: EXCITITOR-CONN-ABS-01-001 (external/completed)
• Current: DOING (2025-10-17) Implement catalogue discovery, CPU calendar awareness, and offline snapshot import for Oracle CSAF feeds.
- Team: Team Excititor Connectors SUSE
- Path: `src/StellaOps.Excititor.Connectors.SUSE.RancherVEXHub/TASKS.md`
1. [TODO] EXCITITOR-CONN-SUSE-01-002 — EXCITITOR-CONN-SUSE-01-002 Checkpointed event ingestion
• Prereqs: EXCITITOR-CONN-SUSE-01-001 (external/completed), EXCITITOR-STORAGE-01-003 (external/completed)
• Current: TODO Process hub events with resume checkpoints, deduplication, and quarantine path for malformed payloads.
- Team: Team Excititor Connectors Ubuntu
- Path: `src/StellaOps.Excititor.Connectors.Ubuntu.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-UBUNTU-01-002 — EXCITITOR-CONN-UBUNTU-01-002 Incremental fetch & deduplication
• Prereqs: EXCITITOR-CONN-UBUNTU-01-001 (external/completed), EXCITITOR-STORAGE-01-003 (external/completed)
• Current: TODO Fetch CSAF bundles with ETag handling, checksum validation, deduplication, and raw persistence.
- Team: Team Excititor Formats
- Path: `src/StellaOps.Excititor.Formats.CSAF/TASKS.md`
1. [TODO] EXCITITOR-FMT-CSAF-01-002 — EXCITITOR-FMT-CSAF-01-002 Status/justification mapping
• Prereqs: EXCITITOR-FMT-CSAF-01-001 (external/completed), EXCITITOR-POLICY-01-001 (external/completed)
• Current: TODO Normalize CSAF `product_status` + `justification` values into policy-aware enums with audit diagnostics for unsupported codes.
2. [TODO] EXCITITOR-FMT-CSAF-01-003 — EXCITITOR-FMT-CSAF-01-003 CSAF export adapter
• Prereqs: EXCITITOR-EXPORT-01-001 (external/completed), EXCITITOR-FMT-CSAF-01-001 (external/completed)
• Current: TODO Provide CSAF export writer producing deterministic documents (per vuln/product) and manifest metadata for attestation.
- Path: `src/StellaOps.Excititor.Formats.CycloneDX/TASKS.md`
1. [TODO] EXCITITOR-FMT-CYCLONE-01-002 — EXCITITOR-FMT-CYCLONE-01-002 Component reference reconciliation
• Prereqs: EXCITITOR-FMT-CYCLONE-01-001 (external/completed)
• Current: TODO Implement helpers to reconcile component/service references against policy expectations and emit diagnostics for missing SBOM links.
2. [TODO] EXCITITOR-FMT-CYCLONE-01-003 — EXCITITOR-FMT-CYCLONE-01-003 CycloneDX export serializer
• Prereqs: EXCITITOR-EXPORT-01-001 (external/completed), EXCITITOR-FMT-CYCLONE-01-001 (external/completed)
• Current: TODO Provide exporters producing CycloneDX VEX output with canonical ordering and hash-stable manifests.
- Path: `src/StellaOps.Excititor.Formats.OpenVEX/TASKS.md`
1. [TODO] EXCITITOR-FMT-OPENVEX-01-002 — EXCITITOR-FMT-OPENVEX-01-002 Statement merge utilities
• Prereqs: EXCITITOR-FMT-OPENVEX-01-001 (external/completed)
• Current: TODO Add reducers merging multiple OpenVEX statements, resolving conflicts deterministically, and emitting policy diagnostics.
2. [TODO] EXCITITOR-FMT-OPENVEX-01-003 — EXCITITOR-FMT-OPENVEX-01-003 OpenVEX export writer
• Prereqs: EXCITITOR-EXPORT-01-001 (external/completed), EXCITITOR-FMT-OPENVEX-01-001 (external/completed)
• Current: TODO Provide export serializer generating canonical OpenVEX documents with optional SBOM references and hash-stable ordering.
- **Sprint 7** · Contextual Truth Foundations
- Team: Team Excititor Export
- Path: `src/StellaOps.Excititor.Export/TASKS.md`
• Prereqs: EXCITITOR-EXPORT-01-004 (external/completed), EXCITITOR-CORE-02-001 (external/completed)
• Current: TODO Emit consensus+score envelopes in export manifests, include policy/scoring digests, and update offline bundle/ORAS layouts to carry signed VEX responses.
- **Sprint 9** · Docs & Governance
- Team: Runtime Guild
- Path: `docs/TASKS.md`
1. [TODO] RUNTIME-GUILD-09-402 — Confirm Scanner WebService surfaces `quietedFindingCount` and progress hints to runtime consumers; document readiness checklist.
• Prereqs: SCANNER-POLICY-09-107 (external/completed)
• Current: TODO
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-302B (external/completed)
• Current: DONE — Telemetry counter wired, lifecycle script evidence emitted; see Node analyzer fixtures.
- **Sprint 10** · Scanner Analyzers & SBOM
- Team: Diff Guild
- Path: `src/StellaOps.Scanner.Diff/TASKS.md`
• Prereqs: —
• Current: DONE — Diff engine produces deterministic add/remove/version deltas; regression suite covers warm/cold path parity.
• Prereqs: —
• Current: DONE — Layer attribution recorded on every change; fixtures assert provenance integrity.
• Prereqs: —
• Current: DONE — JSON serializer emits stable ordering; golden outputs locked in tests.
- Team: Emit Guild
- Path: `src/StellaOps.Scanner.Emit/TASKS.md`
• Prereqs: —
• Current: DONE — Inventory builder validated against CycloneDX schema; deterministic fixtures added.
• Prereqs: —
• Current: DONE — Usage view toggles wired; tests confirm subset alignment with EntryTrace signals.
• Prereqs: —
• Current: DONE — BOM Index format published with roaring bitmap helpers; golden fixtures locked.
• Prereqs: —
• Current: DONE — Export packaging deterministic; integration test with storage succeeds.
• Prereqs: —
• Current: DONE — `bom-index@1` schema + fixtures published; Scheduler notes updated.
• Prereqs: —
• Current: DONE — EntryTrace usage bits round-trip in BOM Index; regression harness verified.
- Team: EntryTrace Guild
- Path: `src/StellaOps.Scanner.EntryTrace/TASKS.md`
• Prereqs: —
• Current: DONE — Parser emits stable AST; determinism tests captured.
• Prereqs: —
• Current: DONE — Resolver walks layered PATH with provenance evidence; fixtures validate.
• Prereqs: —
• Current: DONE — Interpreter tracer resolves Python/Node/Java hand-offs; golden graphs updated.
• Prereqs: —
• Current: DONE — Python analyzer surfaces venv/module details; usage flag propagated.
• Prereqs: —
• Current: DONE — Node/Java launchers traced end-to-end; evidence attached for each hop.
• Prereqs: —
• Current: DONE — Diagnostics enumerated, metrics emitted via `EntryTraceMetrics`.
• Prereqs: —
• Current: DONE — Plug-in manifests under `plugins/scanner/entrytrace`; restart-only guard documented.
- Team: Language Analyzer Guild
- Path: `src/StellaOps.Scanner.Analyzers.Lang/SPRINTS_LANG_IMPLEMENTATION_PLAN.md`
• Prereqs: —
• Current: DONE — Implementation plan captured per language with progress notes through 2025-10-22.
- Path: `src/StellaOps.Scanner.Analyzers.Lang/TASKS.md`
• Prereqs: —
• Current: DONE — Java analyzer shipped with deterministic fixtures.
• Prereqs: —
• Current: DONE — Shared helpers live under Lang.Core and are consumed by Java/Node analyzers.
• Prereqs: —
• Current: DONE — Determinism harness + fixtures checked in; CI guard active.
- **Sprint 13** · UX & CLI Experience
- Team: DevEx/CLI
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-RUNTIME-13-005 — Add runtime policy test verbs that consume `/policy/runtime` and display verdicts.
• Prereqs: —
• Current: TODO
- **Sprint 15** · Notify Foundations
- Team: Notify Models Guild
- Path: `src/StellaOps.Notify.Models/TASKS.md`
1. [TODO] NOTIFY-MODELS-15-101 — Define core Notify DTOs, validation helpers, canonical serialization.
• Prereqs: —
• Current: TODO
2. [TODO] NOTIFY-MODELS-15-102 — Publish schema docs and sample payloads for Notify.
• Prereqs: —
• Current: TODO
3. [TODO] NOTIFY-MODELS-15-103 — Versioning/migration helpers for rules/templates/deliveries.
• Prereqs: —
• Current: TODO
- Team: Notify Storage Guild
- Path: `src/StellaOps.Notify.Storage.Mongo/TASKS.md`
1. [TODO] NOTIFY-STORAGE-15-201 — Mongo schemas/indexes for rules, channels, deliveries, digests, locks, audit.
• Prereqs: —
• Current: TODO
2. [TODO] NOTIFY-STORAGE-15-202 — Repositories with tenant scoping, soft delete, TTL, causal consistency options.
• Prereqs: —
• Current: TODO
3. [TODO] NOTIFY-STORAGE-15-203 — Delivery history retention and query APIs.
• Prereqs: —
• Current: TODO
- Team: Notify WebService Guild
- Path: `src/StellaOps.Notify.WebService/TASKS.md`
1. [TODO] NOTIFY-WEB-15-101 — Minimal API host with Authority enforcement and plug-in loading.
• Prereqs: —
• Current: TODO
2. [TODO] NOTIFY-WEB-15-102 — Rules/channel/template CRUD with audit logging.
• Prereqs: —
• Current: TODO
- Team: Scanner WebService Guild
- Path: `src/StellaOps.Scanner.WebService/TASKS.md`
2. [BLOCKED] SCANNER-EVENTS-16-301 — Redis publisher integration tests once Notify queue adapter ships.
• Current: BLOCKED waiting on Notify queue abstraction and Redis adapter deliverables for end-to-end validation.
- **Sprint 16** · Scheduler Intelligence
- Team: Scheduler Storage Guild
- Path: `src/StellaOps.Scheduler.Storage.Mongo/TASKS.md`
1. [TODO] SCHED-STORAGE-16-201 — Create Mongo collections (schedules, runs, impact_cursors, locks, audit) with indexes/migrations per architecture.
• Prereqs: SCHED-MODELS-16-101 (external/completed)
• Current: TODO
- Team: Scheduler WebService Guild
- Path: `src/StellaOps.Scheduler.WebService/TASKS.md`
1. [TODO] SCHED-WEB-16-101 — Bootstrap Minimal API host with Authority OpTok + DPoP, health endpoints, plug-in discovery per architecture §§12.
• Prereqs: SCHED-MODELS-16-101 (external/completed)
• Current: TODO
- **Sprint 18** · Launch Readiness
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-LAUNCH-18-100 - Finalise production environment footprint (clusters, secrets, network overlays) for full-platform go-live.
• Prereqs: —
• Current: TODO
2. [TODO] DEVOPS-LAUNCH-18-900 - Collect "full implementation" sign-off from module owners and consolidate the launch readiness checklist.
• Prereqs: Wave 0 completion
• Current: TODO
3. [TODO] DEVOPS-LAUNCH-18-001 - Production launch cutover rehearsal and runbook publication.
• Prereqs: DEVOPS-LAUNCH-18-100, DEVOPS-LAUNCH-18-900
• Current: TODO
- Team: Offline Kit Guild, UX Specialist
- Path: `ops/offline-kit/TASKS.md`
1. [TODO] DEVOPS-OFFLINE-18-003 — Capture Angular workspace npm cache + Chromium bundle for Offline Kit distribution and document refresh cadence.
• Prereqs: DEVOPS-OFFLINE-14-002 (Wave 2)
• Current: TODO
## Wave 1 — 45 task(s) ready after Wave 0
- **Sprint 6** · Excititor Ingest & Formats
- Team: Team Excititor Connectors MSRC
- Path: `src/StellaOps.Excititor.Connectors.MSRC.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-MS-01-003 — EXCITITOR-CONN-MS-01-003 Trust metadata & provenance hints
• Prereqs: EXCITITOR-CONN-MS-01-002 (Wave 0), EXCITITOR-POLICY-01-001 (external/completed)
• Current: TODO Emit cosign/AAD issuer metadata, attach provenance details, and document policy integration.
- Team: Team Excititor Connectors Oracle
- Path: `src/StellaOps.Excititor.Connectors.Oracle.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-ORACLE-01-002 — EXCITITOR-CONN-ORACLE-01-002 CSAF download & dedupe pipeline
• Prereqs: EXCITITOR-CONN-ORACLE-01-001 (Wave 0), EXCITITOR-STORAGE-01-003 (external/completed)
• Current: TODO Fetch CSAF documents with retry/backoff, checksum validation, revision deduplication, and raw persistence.
- Team: Team Excititor Connectors SUSE
- Path: `src/StellaOps.Excititor.Connectors.SUSE.RancherVEXHub/TASKS.md`
1. [TODO] EXCITITOR-CONN-SUSE-01-003 — EXCITITOR-CONN-SUSE-01-003 Trust metadata & policy hints
• Prereqs: EXCITITOR-CONN-SUSE-01-002 (Wave 0), EXCITITOR-POLICY-01-001 (external/completed)
• Current: TODO Emit provider trust configuration (signers, weight overrides) and attach provenance hints for consensus engine.
- Team: Team Excititor Connectors Ubuntu
- Path: `src/StellaOps.Excititor.Connectors.Ubuntu.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-UBUNTU-01-003 — EXCITITOR-CONN-UBUNTU-01-003 Trust metadata & provenance
• Prereqs: EXCITITOR-CONN-UBUNTU-01-002 (Wave 0), EXCITITOR-POLICY-01-001 (external/completed)
• Current: TODO Emit Ubuntu signing metadata (GPG fingerprints) plus provenance hints for policy weighting and diagnostics.
- Team: Team Excititor Worker
- Path: `src/StellaOps.Excititor.Worker/TASKS.md`
1. [TODO] EXCITITOR-WORKER-01-003 — EXCITITOR-WORKER-01-003 Verification & cache GC loops
• Prereqs: EXCITITOR-WORKER-01-001 (external/completed), EXCITITOR-ATTEST-01-003 (Wave 0), EXCITITOR-EXPORT-01-002 (external/completed)
• Current: TODO Add scheduled attestation re-verification and cache pruning routines, surfacing metrics for export reuse ratios.
- **Sprint 7** · Contextual Truth Foundations
- Team: Team Excititor Export
- Path: `src/StellaOps.Excititor.Export/TASKS.md`
• Prereqs: EXCITITOR-EXPORT-01-005 (Wave 0), POLICY-CORE-09-005 (Wave 0)
• Current: TODO Attach `quietedBy` statement IDs, signers, and justification codes to exports/offline bundles, mirror metadata into attested manifest, and add regression fixtures.
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — RID-aware deps/runtimeconfig parser emitting deterministic NuGet components with tests landed.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE Varint build-info decoder implemented with fixtures and determinism harness coverage.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-302C (Wave 0)
• Current: DONE — Node analyzer now reuses shared metadata/evidence helpers.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — Python analyzer ingests METADATA/WHEEL/entry_points with deterministic ordering and UTF-8 normalization. Fixtures updated (`simple-venv`).
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — Cargo metadata walker emits `pkg:cargo` components with provenance and deterministic fixtures.
- **Sprint 10** · Scanner Analyzers & SBOM
- Team: Emit Guild
- Path: `src/StellaOps.Scanner.Emit/TASKS.md`
• Prereqs: SCANNER-EMIT-10-604 (Wave 0), POLICY-CORE-09-005 (Wave 0)
• Current: DONE — SBOM/attestation fixtures include scoring metadata and serialize deterministically.
- Team: Language Analyzer Guild
- Path: `src/StellaOps.Scanner.Analyzers.Lang/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-301 (Wave 0)
• Current: DONE — Manifest published under `plugins/scanner/analyzers/lang/`, Worker loader wired, integration tests updated.
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — Rust analyzer emits cargo components with provenance and deterministic fallbacks.
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — Workspace/symlink coverage validated via determinism fixtures; metrics + lifecycle script evidence landed.
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — Buildinfo decoder + DWARF fallbacks captured; fixtures and benchmarks green.
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — RID-aware deps/runtimeconfig parser emits deterministic NuGet components; tests landed.
• Prereqs: SCANNER-ANALYZERS-LANG-10-307 (Wave 0)
• Current: DONE — Dist-info parser, RECORD verifier, editable install metadata, and entrypoint usage hints shipped with deterministic fixture/tests.
- **Sprint 13** · UX & CLI Experience
- Team: DevEx/CLI, QA Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-RUNTIME-13-009 — CLI-RUNTIME-13-009 Runtime policy smoke fixture
• Prereqs: CLI-RUNTIME-13-005 (Wave 0)
• Current: TODO Build Spectre test harness exercising `runtime policy test` against a stubbed backend to lock output shape (table + `--json`) and guard regressions. Integrate into `dotnet test` suite.
- Team: UX Specialist, Angular Eng, DevEx
- Path: `src/StellaOps.Web/TASKS.md`
• Prereqs: WEB1.TRIVY-SETTINGS-TESTS (Wave 0)
• Current: TODO Capture deterministic lockfile flow, cache Puppeteer downloads, validate `npm test` from clean checkout offline, and update README.
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-VEX-13-003 — Implement VEX explorer + policy editor with preview integration.
• Prereqs: EXCITITOR-CORE-02-001 (external/completed), EXCITITOR-EXPORT-01-005 (Wave 0)
• Current: TODO
2. [TODO] UI-POLICY-13-007 — Surface policy confidence metadata (band, age, quiet provenance) on preview and report views.
• Prereqs: POLICY-CORE-09-006 (Wave 0), SCANNER-WEB-09-103 (external/completed)
• Current: TODO
3. [TODO] UI-ADMIN-13-004 — Deliver admin area (tenants/clients/quotas/licensing) with RBAC + audit hooks.
• Prereqs: AUTH-MTLS-11-002 (Wave 0)
• Current: TODO
• Prereqs: AUTH-DPOP-11-001 (Wave 0), AUTH-MTLS-11-002 (Wave 0)
• Current: TODO
5. [TODO] UI-SCANS-13-002 — Build scans module (list/detail/SBOM/diff/attestation) with performance + accessibility targets.
• Prereqs: SCANNER-WEB-09-102 (external/completed), SIGNER-API-11-101 (Wave 0)
• Current: TODO
• Prereqs: NOTIFY-WEB-15-101 (Wave 0)
• Current: TODO
7. [TODO] UI-SCHED-13-005 — Scheduler panel: schedules CRUD, run history, dry-run preview using API/mocks.
• Prereqs: SCHED-WEB-16-101 (Wave 0)
• Current: TODO
- **Sprint 13** · Platform Reliability
- Team: DevOps Guild, Platform Leads
- Path: `ops/devops/TASKS.md`
• Prereqs: DEVOPS-REL-14-001 (Wave 1)
• Current: DOING Mirror preview packages into Offline Kit/allowlisted feeds, update NuGet.config mapping, and refresh restore documentation.
2. [TODO] DEVOPS-UI-13-006 — Add Playwright-based UI auth smoke job to CI/offline pipelines, wiring sample `/config.json` provisioning and reporting.
• Current: TODO Extend release/offline pipelines to run `npm run test:e2e`, publish traces on failure, and ensure stub config assets ship alongside the UI bundle.
- **Sprint 14** · Release & Offline Ops
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [DOING 2025-10-23] DEVOPS-REL-14-001 — Deterministic build/release pipeline with SBOM/provenance, signing, manifest generation.
• Current: TODO
- Team: Licensing Guild
- Path: `ops/licensing/TASKS.md`
1. [TODO] DEVOPS-LIC-14-004 — Implement registry token service tied to Authority (DPoP/mTLS), plan gating, revocation handling, and monitoring per architecture.
• Prereqs: AUTH-MTLS-11-002 (Wave 0)
• Current: TODO
- **Sprint 15** · Notify Foundations
- Team: Notify Engine Guild
- Path: `src/StellaOps.Notify.Engine/TASKS.md`
1. [DOING (2025-10-24)] NOTIFY-ENGINE-15-301 — Rules evaluation core: tenant/kind filters, severity/delta gates, VEX gating, throttling, idempotency key generation.
• Prereqs: NOTIFY-MODELS-15-101 (Wave 0)
• Current: DOING (2025-10-24)
- Team: Notify Queue Guild
- Path: `src/StellaOps.Notify.Queue/TASKS.md`
• Prereqs: NOTIFY-MODELS-15-101 (Wave 0)
• Current: DONE — Redis transport, queue contracts, and integration tests delivered (2025-10-23).
- **Sprint 16** · Scheduler Intelligence
- Team: Scheduler ImpactIndex Guild
- Path: `src/StellaOps.Scheduler.ImpactIndex/TASKS.md`
1. [TODO] SCHED-IMPACT-16-301 — Implement ingestion of per-image BOM-Index sidecars into roaring bitmap store (contains/usedBy).
• Prereqs: SCANNER-EMIT-10-605 (Wave 0)
• Current: TODO
- Team: Scheduler Storage Guild
- Path: `src/StellaOps.Scheduler.Storage.Mongo/TASKS.md`
1. [TODO] SCHED-STORAGE-16-203 — Audit/logging pipeline + run stats materialized views for UI.
• Prereqs: SCHED-STORAGE-16-201 (Wave 0)
• Current: TODO
2. [TODO] SCHED-STORAGE-16-202 — Implement repositories/services with tenant scoping, soft delete, TTL for completed runs, and causal consistency options.
• Prereqs: SCHED-STORAGE-16-201 (Wave 0)
• Current: TODO
- Team: Scheduler WebService Guild
- Path: `src/StellaOps.Scheduler.WebService/TASKS.md`
1. [TODO] SCHED-WEB-16-104 — Webhook endpoints for Feedser/Vexer exports with mTLS/HMAC validation and rate limiting.
• Prereqs: SCHED-QUEUE-16-401 (Wave 0), SCHED-STORAGE-16-201 (Wave 0)
• Current: TODO
2. [TODO] SCHED-WEB-16-102 — Implement schedules CRUD (tenant-scoped) with cron validation, pause/resume, audit logging.
• Prereqs: SCHED-WEB-16-101 (Wave 0)
• Current: TODO
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-16-201 — Planner loop (cron + event triggers) with lease management, fairness, and rate limiting (§6).
• Prereqs: SCHED-QUEUE-16-401 (Wave 0)
• Current: TODO
- **Sprint 17** · Symbol Intelligence & Forensics
- Team: Emit Guild
- Path: `src/StellaOps.Scanner.Emit/TASKS.md`
1. [TODO] SCANNER-EMIT-17-701 — Record GNU build-id for ELF components and surface it in inventory/usage SBOM plus diff payloads with deterministic ordering.
• Prereqs: SCANNER-EMIT-10-602 (Wave 0)
• Current: TODO
## Wave 2 — 29 task(s) ready after Wave 1
- **Sprint 6** · Excititor Ingest & Formats
- Team: Team Excititor Connectors Oracle
- Path: `src/StellaOps.Excititor.Connectors.Oracle.CSAF/TASKS.md`
1. [TODO] EXCITITOR-CONN-ORACLE-01-003 — EXCITITOR-CONN-ORACLE-01-003 Trust metadata + provenance
• Prereqs: EXCITITOR-CONN-ORACLE-01-002 (Wave 1), EXCITITOR-POLICY-01-001 (external/completed)
• Current: TODO Emit Oracle signing metadata (PGP/cosign) and provenance hints for consensus weighting.
- **Sprint 7** · Contextual Truth Foundations
- Team: Team Excititor Export
- Path: `src/StellaOps.Excititor.Export/TASKS.md`
• Prereqs: EXCITITOR-EXPORT-01-006 (Wave 1)
• Current: TODO Create per-domain mirror bundles with consensus/score artifacts, publish signed index for downstream Excititor sync, and ensure deterministic digests + fixtures.
- **Sprint 9** · DevOps Foundations
- Team: DevOps Guild, Notify Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-SCANNER-09-205 — Add Notify smoke stage that tails the Redis stream and asserts `scanner.report.ready`/`scanner.scan.completed` reach Notify WebService in staging.
• Prereqs: DEVOPS-SCANNER-09-204 (Wave 1)
• Current: TODO
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-305A (Wave 1)
• Current: DONE — Assembly metadata now emits strong-name, file/product info, and optional Authenticode signals with deterministic fixtures/tests.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-304A (Wave 1)
• Current: DONE — DWARF fallback parses vcs.* markers, cache reuses metadata keyed by file identity.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307N (Wave 1)
• Current: DONE — Harness + fixtures merged; benchmark CSV recorded under `src/StellaOps.Bench/Scanner.Analyzers`.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-303A (Wave 1)
• Current: DONE — Streaming SHA-256 verification with deterministic mismatch evidence; unsupported algorithms tracked; fixtures validated.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-306A (Wave 1)
• Current: DONE — Heuristic classifier flags stripped binaries, regression tests guard false positives.
- **Sprint 10** · DevOps Perf
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
• Prereqs: BENCH-SCANNER-10-002 (Wave 1)
• Current: DONE (2025-10-23)
- **Sprint 10** · Samples
- Team: Samples Guild, Policy Guild
- Path: `samples/TASKS.md`
• Prereqs: POLICY-CORE-09-006 (Wave 0), UI-POLICY-13-007 (Wave 1)
• Current: DONE (2025-10-23)
- Team: UI Guild
- Path: `src/StellaOps.Web/TASKS.md`
• Prereqs: SAMPLES-13-004 (Wave 0)
• Current: DONE (2025-10-23)
- **Sprint 14** · Release & Offline Ops
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEVOPS-OPS-14-003 — Document and script upgrade/rollback flows, channel management, and compatibility matrices per architecture.
• Prereqs: DEVOPS-REL-14-001 (Wave 1)
• Current: TODO
- Team: Offline Kit Guild
- Path: `ops/offline-kit/TASKS.md`
1. [TODO] DEVOPS-OFFLINE-14-002 — Build offline kit packaging workflow (artifact bundling, manifest generation, signature verification).
• Prereqs: DEVOPS-REL-14-001 (Wave 1)
• Current: TODO
- **Sprint 15** · Benchmarks
- Team: Bench Guild, Notify Team
- Path: `src/StellaOps.Bench/TASKS.md`
1. [TODO] BENCH-NOTIFY-15-001 — Notify dispatch throughput bench (vary rule density) with results CSV.
• Prereqs: NOTIFY-ENGINE-15-301 (Wave 1)
• Current: TODO
- **Sprint 15** · Notify Foundations
- Team: Notify Engine Guild
- Path: `src/StellaOps.Notify.Engine/TASKS.md`
1. [TODO] NOTIFY-ENGINE-15-302 — Action planner + digest coalescer with window management and dedupe per architecture §4.
• Prereqs: NOTIFY-ENGINE-15-301 (Wave 1)
• Current: TODO
- Team: Notify Queue Guild
- Path: `src/StellaOps.Notify.Queue/TASKS.md`
• Current: DONE — delivery queue + retry/dead-letter pipeline shipped with integration tests and metrics (2025-10-23).
• Current: DONE — JetStream transport, DI binding, health check, and integration tests delivered (2025-10-23).
- Team: Notify WebService Guild
- Path: `src/StellaOps.Notify.WebService/TASKS.md`
1. [TODO] NOTIFY-WEB-15-104 — Configuration binding for Mongo/queue/secrets; startup diagnostics.
• Current: TODO
- Team: Notify Worker Guild
- Path: `src/StellaOps.Notify.Worker/TASKS.md`
• Current: DONE — worker leasing loop wired to queue adapters with retry/backoff telemetry (2025-10-23).
2. [TODO] NOTIFY-WORKER-15-202 — Wire rules evaluation pipeline (tenant scoping, filters, throttles, digests, idempotency) with deterministic decisions.
• Prereqs: NOTIFY-ENGINE-15-301 (Wave 1)
• Current: TODO
- **Sprint 16** · Benchmarks
- Team: Bench Guild, Scheduler Team
- Path: `src/StellaOps.Bench/TASKS.md`
1. [TODO] BENCH-IMPACT-16-001 — ImpactIndex throughput bench (resolve 10k productKeys) + RAM profile.
• Prereqs: SCHED-IMPACT-16-301 (Wave 1)
• Current: TODO
- **Sprint 16** · Scheduler Intelligence
- Team: Scheduler ImpactIndex Guild
- Path: `src/StellaOps.Scheduler.ImpactIndex/TASKS.md`
1. [TODO] SCHED-IMPACT-16-303 — Snapshot/compaction + invalidation for removed images; persistence to RocksDB/Redis per architecture.
• Prereqs: SCHED-IMPACT-16-301 (Wave 1)
• Current: TODO
2. [TODO] SCHED-IMPACT-16-302 — Provide query APIs (ResolveByPurls, ResolveByVulns, ResolveAll, selectors) with tenant/namespace filters.
• Prereqs: SCHED-IMPACT-16-301 (Wave 1)
• Current: TODO
- Team: Scheduler WebService Guild
- Path: `src/StellaOps.Scheduler.WebService/TASKS.md`
1. [TODO] SCHED-WEB-16-103 — Runs API (list/detail/cancel), ad-hoc run POST, and impact preview endpoints.
• Prereqs: SCHED-WEB-16-102 (Wave 1)
• Current: TODO
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-16-202 — Wire ImpactIndex targeting (ResolveByPurls/vulns), dedupe, shard planning.
• Prereqs: SCHED-IMPACT-16-301 (Wave 1)
• Current: TODO
2. [TODO] SCHED-WORKER-16-205 — Metrics/telemetry: run stats, queue depth, planner latency, delta counts.
• Prereqs: SCHED-WORKER-16-201 (Wave 1)
• Current: TODO
- **Sprint 17** · Symbol Intelligence & Forensics
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-REL-17-002 — Persist stripped-debug artifacts organised by GNU build-id and bundle them into release/offline kits with checksum manifests.
• Prereqs: DEVOPS-REL-14-001 (Wave 1), SCANNER-EMIT-17-701 (Wave 1)
• Current: TODO
## Wave 3 — 14 task(s) ready after Wave 2
- **Sprint 7** · Contextual Truth Foundations
- Team: Excititor Connectors Stella
- Path: `src/StellaOps.Excititor.Connectors.StellaOpsMirror/TASKS.md`
• Prereqs: EXCITITOR-EXPORT-01-007 (Wave 2)
• Current: TODO
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-305A (Wave 1)
• Current: DONE — Self-contained fixtures emit components with RID flags; EntryTrace usage hints preserved.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-304B (Wave 2)
• Current: DONE — `bin:{sha256}` fallback + quiet provenance docs shipped with determinism fixtures.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-308N (Wave 2)
• Current: DONE — Manifest shipped, Worker catalog integration complete, Offline Kit docs updated.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-303B (Wave 2)
• Current: DONE — `direct_url.json` editable insights surfaced; EntryTrace usage hints mark console scripts; deterministic fixture covers editable vs wheel installs.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-306B (Wave 2)
• Current: DONE — Hash fallback wired through shared helpers; fixtures ensure deterministic output.
- **Sprint 13** · UX & CLI Experience
- Team: DevEx/CLI, Scanner WebService Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-RUNTIME-13-008 — CLI-RUNTIME-13-008 Runtime policy contract sync
• Current: TODO Once `/api/v1/scanner/policy/runtime` exits TODO, verify CLI output against final schema (field names, metadata) and update formatter/tests if the contract moves. Capture joint review notes in docs/09 and link Scanner task sign-off.
- **Sprint 15** · Notify Foundations
- Team: Notify Engine Guild
- Path: `src/StellaOps.Notify.Engine/TASKS.md`
1. [TODO] NOTIFY-ENGINE-15-303 — Template rendering engine (Slack, Teams, Email, Webhook) with helpers and i18n support.
• Prereqs: NOTIFY-ENGINE-15-302 (Wave 2)
• Current: TODO
- Team: Notify Worker Guild
- Path: `src/StellaOps.Notify.Worker/TASKS.md`
1. [TODO] NOTIFY-WORKER-15-203 — Channel dispatch orchestration: invoke connectors, manage retries/jitter, record delivery outcomes.
• Prereqs: NOTIFY-ENGINE-15-302 (Wave 2)
• Current: TODO
- **Sprint 16** · Scheduler Intelligence
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-16-203 — Runner execution: call Scanner `/reports` (analysis-only) or `/scans` when configured; collect deltas; handle retries.
• Prereqs: SCHED-WORKER-16-202 (Wave 2)
• Current: TODO
- **Sprint 17** · Symbol Intelligence & Forensics
- Team: Zastava Observer Guild
- Path: `src/StellaOps.Zastava.Observer/TASKS.md`
• Current: DONE — Build-id capture wired through RuntimeProcessCollector + RuntimeEventFactory; docs/runbook updated with debug-store workflow.
## Wave 4 — 15 task(s) ready after Wave 3
- **Sprint 7** · Contextual Truth Foundations
- Team: Excititor Connectors Stella
- Path: `src/StellaOps.Excititor.Connectors.StellaOpsMirror/TASKS.md`
1. [TODO] EXCITITOR-CONN-STELLA-07-002 — Normalize mirror bundles into VexClaim sets referencing original provider metadata and mirror provenance.
• Prereqs: EXCITITOR-CONN-STELLA-07-001 (Wave 3)
• Current: TODO
- **Sprint 9** · Policy Foundations
- Team: Policy Guild, Scanner WebService Guild
- Path: `src/StellaOps.Policy/TASKS.md`
• Current: TODO
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-305C (Wave 3)
• Current: DONE 2025-10-22
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-304C (Wave 3)
• Current: DONE — Shared helpers integrated; concurrency tests verify buffer reuse.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`
1. [TODO] SCANNER-ANALYZERS-LANG-10-307P — Shared helper integration (license metadata, quiet provenance, component merging).
• Prereqs: SCANNER-ANALYZERS-LANG-10-303C (Wave 3)
• Current: TODO
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`
1. [TODO] SCANNER-ANALYZERS-LANG-10-307R — Finalize shared helper usage (license, usage flags) and concurrency-safe caches.
• Prereqs: SCANNER-ANALYZERS-LANG-10-306C (Wave 3)
• Current: TODO
- **Sprint 13** · UX & CLI Experience
- Team: DevEx/CLI
- Path: `src/StellaOps.Cli/TASKS.md`
• Prereqs: CLI-RUNTIME-13-005 (Wave 0), CLI-OFFLINE-13-006 (Wave 3)
• Current: TODO Package non-core verbs as restart-time plug-ins (manifest + loader updates, tests ensuring no hot reload).
- **Sprint 15** · Notify Foundations
- Team: Notify Connectors Guild
- Path: `src/StellaOps.Notify.Connectors.Email/TASKS.md`
1. [TODO] NOTIFY-CONN-EMAIL-15-701 — Implement SMTP connector with STARTTLS/implicit TLS support, HTML+text rendering, attachment policy enforcement.
• Prereqs: NOTIFY-ENGINE-15-303 (Wave 3)
• Current: TODO
- Path: `src/StellaOps.Notify.Connectors.Slack/TASKS.md`
1. [TODO] NOTIFY-CONN-SLACK-15-501 — Implement Slack connector with bot token auth, message rendering (blocks), rate limit handling, retries/backoff.
• Prereqs: NOTIFY-ENGINE-15-303 (Wave 3)
• Current: TODO
- Path: `src/StellaOps.Notify.Connectors.Teams/TASKS.md`
1. [TODO] NOTIFY-CONN-TEAMS-15-601 — Implement Teams connector using Adaptive Cards 1.5, handle webhook auth, size limits, retries.
• Prereqs: NOTIFY-ENGINE-15-303 (Wave 3)
• Current: TODO
- Path: `src/StellaOps.Notify.Connectors.Webhook/TASKS.md`
1. [TODO] NOTIFY-CONN-WEBHOOK-15-801 — Implement webhook connector: JSON payload, signature (HMAC/Ed25519), retries/backoff, status code handling.
• Prereqs: NOTIFY-ENGINE-15-303 (Wave 3)
• Current: TODO
- Team: Notify Engine Guild
- Path: `src/StellaOps.Notify.Engine/TASKS.md`
1. [TODO] NOTIFY-ENGINE-15-304 — Test-send sandbox + preview utilities for WebService.
• Prereqs: NOTIFY-ENGINE-15-303 (Wave 3)
• Current: TODO
- Team: Notify Worker Guild
- Path: `src/StellaOps.Notify.Worker/TASKS.md`
1. [TODO] NOTIFY-WORKER-15-204 — Metrics/telemetry: `notify.sent_total`, `notify.dropped_total`, latency histograms, tracing integration.
• Prereqs: NOTIFY-WORKER-15-203 (Wave 3)
• Current: TODO
- **Sprint 16** · Scheduler Intelligence
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-16-204 — Emit events (`scheduler.rescan.delta`, `scanner.report.ready`) for Notify/UI with summaries.
• Prereqs: SCHED-WORKER-16-203 (Wave 3)
• Current: TODO
- **Sprint 17** · Symbol Intelligence & Forensics
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-RUNTIME-17-004 — Document build-id workflows: SBOM exposure, runtime event payloads, debug-store layout, and operator guidance for symbol retrieval.
• Current: TODO
## Wave 5 — 10 task(s) ready after Wave 4
- **Sprint 7** · Contextual Truth Foundations
- Team: Excititor Connectors Stella
- Path: `src/StellaOps.Excititor.Connectors.StellaOpsMirror/TASKS.md`
1. [TODO] EXCITITOR-CONN-STELLA-07-003 — Implement incremental cursor handling per-export digest, support resume, and document configuration for downstream Excititor mirrors.
• Prereqs: EXCITITOR-CONN-STELLA-07-002 (Wave 4)
• Current: TODO
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307D (Wave 4)
• Current: DONE — fixtures + benchmarks merged 2025-10-23
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307G (Wave 4)
• Current: DONE — Fixtures and benchmark harness merged; perf delta captured vs competitor.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-307P (Wave 4)
• Current: DONE — Fixtures `simple-venv`, `pip-cache`, `layered-editable` + hash throughput benchmarks merged 2025-10-23.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`
1. [TODO] SCANNER-ANALYZERS-LANG-10-308R — Determinism fixtures + performance benchmarks; compare against competitor heuristic coverage.
• Prereqs: SCANNER-ANALYZERS-LANG-10-307R (Wave 4)
• Current: TODO
- **Sprint 15** · Notify Foundations
- Team: Notify Connectors Guild
- Path: `src/StellaOps.Notify.Connectors.Email/TASKS.md`
1. [BLOCKED] NOTIFY-CONN-EMAIL-15-702 — Add DKIM signing optional support and health/test-send flows.
• Prereqs: NOTIFY-CONN-EMAIL-15-701 (Wave 4)
• Current: BLOCKED waiting on base SMTP connector implementation (NOTIFY-CONN-EMAIL-15-701).
- Path: `src/StellaOps.Notify.Connectors.Slack/TASKS.md`
- Path: `src/StellaOps.Notify.Connectors.Teams/TASKS.md`
- Path: `src/StellaOps.Notify.Connectors.Webhook/TASKS.md`
1. [DOING] NOTIFY-CONN-WEBHOOK-15-802 — Health/test-send support with signature validation hints and secret management.
• Prereqs: NOTIFY-CONN-WEBHOOK-15-801 (Wave 4)
• Current: TODO
- **Sprint 17** · Symbol Intelligence & Forensics
- Team: Scanner WebService Guild
- Path: `src/StellaOps.Scanner.WebService/TASKS.md`
• Current: DONE — runtime events normalize digests/build IDs, policy responses/CLI emit `buildIds`, docs/tests updated for debug-store workflows.
## Wave 6 — 8 task(s) ready after Wave 5
- **Sprint 10** · Backlog
- Team: TBD
- Path: `src/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-308D (Wave 5)
• Current: DONE — manifest + Offline Kit docs updated 2025-10-23
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Go/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-308G (Wave 5)
• Current: DONE — Manifest copied, Worker DI registration verified, Offline Kit docs updated.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Python/TASKS.md`
• Prereqs: SCANNER-ANALYZERS-LANG-10-308P (Wave 5)
• Current: DONE — Manifest copied, Worker integration verified, Offline Kit docs updated with Python plug-in guidance.
- Path: `src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md`
1. [TODO] SCANNER-ANALYZERS-LANG-10-309R — Package plug-in manifest + Offline Kit documentation; ensure Worker integration.
• Prereqs: SCANNER-ANALYZERS-LANG-10-308R (Wave 5)
• Current: TODO
- **Sprint 7** · Contextual Truth Foundations
- Team: Team Normalization & Storage Backbone
- Path: `src/StellaOps.Concelier.Storage.Mongo/TASKS.md`
• Prereqs: FEEDMERGE-ENGINE-07-001 (Wave 11)
• Current: TODO Create `advisory_statements` (immutable) and `advisory_conflicts` collections, define `asOf`/`vulnerabilityKey` indexes, and document migration/rollback steps for event-sourced merge.
## Wave 7 — 52 task(s) ready after Wave 6
- **Sprint 20** · Policy Engine v2
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-20-000 — New Policy Engine service host, DI bootstrap, Authority scaffolding.
• Prereqs: POLICY-AOC-19-001 (Wave 1)
• Current: TODO
2. [TODO] POLICY-ENGINE-20-001 — `stella-dsl@1` parser + IR compiler with diagnostics/checksums.
• Prereqs: POLICY-ENGINE-20-000 (Wave 7)
• Current: TODO
3. [TODO] POLICY-ENGINE-20-002 — Deterministic evaluator (priority/first-match, safe intrinsics).
• Prereqs: POLICY-ENGINE-20-001 (Wave 7)
• Current: TODO
4. [TODO] POLICY-ENGINE-20-005 — Determinism guard preventing wall-clock/network/RNG usage.
• Prereqs: POLICY-ENGINE-20-002 (Wave 7)
• Current: TODO
5. [TODO] POLICY-ENGINE-20-008 — Unit/property/golden/perf suites proving determinism + SLA.
• Prereqs: POLICY-ENGINE-20-002/003/004/005/006/007 (Wave 7)
• Current: TODO
6. [TODO] POLICY-ENGINE-20-007 — Metrics/traces/log sampling for policy runs/rule hits.
• Prereqs: POLICY-ENGINE-20-002 (Wave 7)
• Current: TODO
7. [TODO] POLICY-ENGINE-20-009 — Mongo schemas/indexes + migrations for policies/runs/findings.
• Prereqs: POLICY-ENGINE-20-000 & POLICY-ENGINE-20-004 (Wave 7)
• Current: TODO
- Team: Policy Guild · Data Joiners
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-20-003 — SBOM↔advisory↔VEX joiners using linksets.
• Prereqs: POLICY-ENGINE-20-001 (Wave 7), CONCELIER-POLICY-20-002 (Wave 7), EXCITITOR-POLICY-20-002 (Wave 7)
• Current: TODO
2. [TODO] POLICY-ENGINE-20-004 — Materialization writer to `effective_finding_*` with append-only history.
• Prereqs: POLICY-ENGINE-20-003 (Wave 7), CONCELIER-POLICY-20-003 (Wave 7), EXCITITOR-POLICY-20-003 (Wave 7)
• Current: TODO
3. [TODO] POLICY-ENGINE-20-006 — Incremental orchestrator reacting to change streams.
• Prereqs: POLICY-ENGINE-20-003/004 (Wave 7), SCHED-WORKER-20-301 (Wave 7)
• Current: TODO
- **Sprint 20** · Policy API Surface
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-POLICY-20-001 — Policy CRUD/compile/run/simulate/findings/explain endpoints.
• Prereqs: POLICY-ENGINE-20-001/004 (Wave 7), AUTH-POLICY-20-001 (Wave 7)
• Current: TODO
2. [TODO] WEB-POLICY-20-002 — Pagination, filters, deterministic ordering.
• Prereqs: WEB-POLICY-20-001 (Wave 7)
• Current: TODO
3. [TODO] WEB-POLICY-20-003 — Error mapping to `ERR_POL_*` with contract tests.
• Prereqs: WEB-POLICY-20-001 (Wave 7)
• Current: TODO
4. [TODO] WEB-POLICY-20-004 — Simulation rate limits + metrics/headers.
• Prereqs: WEB-POLICY-20-001/002 (Wave 7)
• Current: TODO
- **Sprint 20** · Policy Console
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-POLICY-20-001 — Monaco editor with inline diagnostics/compliance checklist.
• Prereqs: WEB-POLICY-20-001 (Wave 7)
• Current: TODO
2. [TODO] UI-POLICY-20-002 — Simulation diff panel with virtualization + deltas.
• Prereqs: UI-POLICY-20-001 (Wave 7), WEB-POLICY-20-001/002 (Wave 7)
• Current: TODO
3. [TODO] UI-POLICY-20-003 — Submit/review/approve workflow with RBAC + audit log.
• Prereqs: UI-POLICY-20-001 (Wave 7), AUTH-POLICY-20-001 (Wave 7)
• Current: TODO
4. [TODO] UI-POLICY-20-004 — Run viewer dashboards (rule heatmap, VEX wins, suppressions).
• Prereqs: POLICY-ENGINE-20-006/007 (Wave 7), WEB-POLICY-20-001 (Wave 7)
• Current: TODO
- **Sprint 20** · Policy CLI
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-POLICY-20-001 — `policy new|edit|submit|approve` commands.
• Prereqs: WEB-POLICY-20-001 (Wave 7), AUTH-POLICY-20-001 (Wave 7)
• Current: TODO
2. [TODO] CLI-POLICY-20-002 — `policy simulate` with diff rendering + exit codes.
• Prereqs: CLI-POLICY-20-001 (Wave 7), POLICY-ENGINE-20-006 (Wave 7)
• Current: TODO
3. [TODO] CLI-POLICY-20-003 — `findings ls|get` policy-aware filters + explain output.
• Prereqs: WEB-POLICY-20-001/002 (Wave 7)
• Current: TODO
- **Sprint 20** · Policy Selection Services
- Team: Concelier WebService Guild
- Path: `src/StellaOps.Concelier.WebService/TASKS.md`
1. [TODO] CONCELIER-POLICY-20-001 — Advisory selection endpoints for policy engine.
• Prereqs: CONCELIER-CORE-AOC-19-004 (Wave 1), WEB-POLICY-20-001 (Wave 7)
• Current: TODO
- Team: Concelier Core Guild
- Path: `src/StellaOps.Concelier.Core/TASKS.md`
1. [TODO] CONCELIER-POLICY-20-002 — Linkset enrichment with equivalence tables/ranges.
• Prereqs: CONCELIER-CORE-AOC-19-002 (Wave 1), POLICY-ENGINE-20-001 (Wave 7)
• Current: TODO
- Team: Concelier Storage Guild
- Path: `src/StellaOps.Concelier.Storage.Mongo/TASKS.md`
1. [TODO] CONCELIER-POLICY-20-003 — Selection cursors + change-stream checkpoints.
• Prereqs: CONCELIER-STORE-AOC-19-002 (Wave 1), POLICY-ENGINE-20-003 (Wave 7)
• Current: TODO
- Team: Excititor WebService Guild
- Path: `src/StellaOps.Excititor.WebService/TASKS.md`
1. [TODO] EXCITITOR-POLICY-20-001 — VEX selection APIs (batch PURL/ID, tenant filters).
• Prereqs: EXCITITOR-CORE-AOC-19-004 (Wave 1), WEB-POLICY-20-001 (Wave 7)
• Current: TODO
- Team: Excititor Core Guild
- Path: `src/StellaOps.Excititor.Core/TASKS.md`
1. [TODO] EXCITITOR-POLICY-20-002 — Scope-aware linksets + version range handling.
• Prereqs: EXCITITOR-CORE-AOC-19-002 (Wave 1), POLICY-ENGINE-20-001 (Wave 7)
• Current: TODO
- Team: Excititor Storage Guild
- Path: `src/StellaOps.Excititor.Storage.Mongo/TASKS.md`
1. [TODO] EXCITITOR-POLICY-20-003 — Selection cursors + checkpoints for VEX change streams.
• Prereqs: EXCITITOR-STORE-AOC-19-002 (Wave 1), POLICY-ENGINE-20-003 (Wave 7)
• Current: TODO
- **Sprint 20** · Scheduler Integration
- Team: Scheduler Models Guild
- Path: `src/StellaOps.Scheduler.Models/TASKS.md`
1. [TODO] SCHED-MODELS-20-001 — Policy run/diff DTOs + validation helpers.
• Prereqs: POLICY-ENGINE-20-000 (Wave 7)
• Current: TODO
2. [TODO] SCHED-MODELS-20-002 — Schema docs/sample payloads for policy runs.
• Prereqs: SCHED-MODELS-20-001 (Wave 7)
• Current: TODO
- Team: Scheduler WebService Guild
- Path: `src/StellaOps.Scheduler.WebService/TASKS.md`
1. [TODO] SCHED-WEB-20-001 — Policy run scheduling APIs with `policy:run` enforcement.
• Prereqs: SCHED-WEB-16-101 (Wave 1), AUTH-POLICY-20-001 (Wave 7)
• Current: TODO
2. [TODO] SCHED-WEB-20-002 — Simulation trigger endpoint returning diff metadata.
• Prereqs: SCHED-WEB-20-001 (Wave 7), POLICY-ENGINE-20-006 (Wave 7)
• Current: TODO
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-20-301 — Trigger policy runs (full/incremental/simulate) via API.
• Prereqs: SCHED-WORKER-16-201 (Wave 1), POLICY-ENGINE-20-000 (Wave 7)
• Current: TODO
2. [TODO] SCHED-WORKER-20-302 — Delta targeting for policy reruns using change streams.
• Prereqs: SCHED-WORKER-20-301 (Wave 7), POLICY-ENGINE-20-006 (Wave 7)
• Current: TODO
3. [TODO] SCHED-WORKER-20-303 — Metrics/logs for scheduled policy runs.
• Prereqs: SCHED-WORKER-20-301 (Wave 7)
• Current: TODO
- **Sprint 20** · Authority & Security
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-POLICY-20-001 — Introduce policy scopes (`policy:*`, `findings:read`, `effective:write`).
• Prereqs: AUTH-AOC-19-001 (Wave 1)
• Current: TODO
2. [TODO] AUTH-POLICY-20-002 — Enforce Policy Engine identity + gateway scope checks.
• Prereqs: AUTH-POLICY-20-001 (Wave 7), AUTH-AOC-19-002 (Wave 1)
• Current: TODO
3. [TODO] AUTH-POLICY-20-003 — Update Authority docs/config samples for new scopes.
• Prereqs: AUTH-POLICY-20-001 (Wave 7)
• Current: TODO
- **Sprint 20** · CI/CD & Observability
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-POLICY-20-001 — Integrate DSL lint/compile checks in CI.
• Prereqs: POLICY-ENGINE-20-001 (Wave 7)
• Current: TODO
2. [TODO] DEVOPS-POLICY-20-002 — Run `stella policy simulate` stage on golden SBOMs.
• Prereqs: DEVOPS-POLICY-20-001 (Wave 7), POLICY-ENGINE-20-006 (Wave 7)
• Current: TODO
3. [TODO] DEVOPS-POLICY-20-003 — Determinism CI diffing repeated policy runs.
• Prereqs: DEVOPS-POLICY-20-001 (Wave 7), POLICY-ENGINE-20-005 (Wave 7)
• Current: TODO
- **Sprint 20** · Documentation
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-POLICY-20-001 — `/docs/policy/overview.md`.
• Prereqs: POLICY-ENGINE-20-000 (Wave 7)
• Current: TODO
2. [TODO] DOCS-POLICY-20-002 — `/docs/policy/dsl.md` grammar + examples.
• Prereqs: POLICY-ENGINE-20-001 (Wave 7)
• Current: TODO
3. [TODO] DOCS-POLICY-20-003 — `/docs/policy/lifecycle.md` workflow/roles.
• Prereqs: AUTH-POLICY-20-001 (Wave 7), WEB-POLICY-20-001 (Wave 7)
• Current: TODO
4. [TODO] DOCS-POLICY-20-004 — `/docs/policy/runs.md` run modes + cursors.
• Prereqs: POLICY-ENGINE-20-006 (Wave 7), SCHED-WEB-20-001 (Wave 7)
• Current: TODO
5. [TODO] DOCS-POLICY-20-005 — `/docs/api/policy.md` endpoints + schemas.
• Prereqs: WEB-POLICY-20-001 (Wave 7)
• Current: TODO
6. [TODO] DOCS-POLICY-20-006 — `/docs/cli/policy.md` with command usage.
• Prereqs: CLI-POLICY-20-002 (Wave 7)
• Current: TODO
7. [TODO] DOCS-POLICY-20-007 — `/docs/ui/policy-editor.md` flows + screenshots.
• Prereqs: UI-POLICY-20-001/002/003 (Wave 7)
• Current: TODO
8. [TODO] DOCS-POLICY-20-008 — `/docs/architecture/policy-engine.md` with diagrams.
• Prereqs: POLICY-ENGINE-20-003/006 (Wave 7)
• Current: TODO
9. [TODO] DOCS-POLICY-20-009 — `/docs/observability/policy.md` metrics/traces/logs.
• Prereqs: POLICY-ENGINE-20-007 (Wave 7), DEVOPS-POLICY-20-002 (Wave 7)
• Current: TODO
10. [TODO] DOCS-POLICY-20-010 — `/docs/security/policy-governance.md` scopes/approvals.
• Prereqs: AUTH-POLICY-20-002 (Wave 7)
• Current: TODO
11. [TODO] DOCS-POLICY-20-011 — `/docs/examples/policies/` sample policies + commentary.
• Prereqs: POLICY-ENGINE-20-001/002 (Wave 7)
• Current: TODO
12. [TODO] DOCS-POLICY-20-012 — `/docs/faq/policy-faq.md` common pitfalls.
• Prereqs: WEB-POLICY-20-003 (Wave 7), POLICY-ENGINE-20-005 (Wave 7)
• Current: TODO
- **Sprint 20** · Samples & Benchmarks
- Team: Samples Guild
- Path: `samples/TASKS.md`
1. [TODO] SAMPLES-POLICY-20-001 — Baseline/serverless/internal-only policy samples + fixtures.
• Prereqs: POLICY-ENGINE-20-002 (Wave 7), DOCS-POLICY-20-011 (Wave 7)
• Current: TODO
2. [TODO] SAMPLES-POLICY-20-002 — Simulation diff fixtures for UI/CLI tests.
• Prereqs: UI-POLICY-20-002 (Wave 7)
• Current: TODO
- Team: Bench Guild
- Path: `src/StellaOps.Bench/TASKS.md`
1. [TODO] BENCH-POLICY-20-001 — Policy evaluation performance benchmark suite.
• Prereqs: POLICY-ENGINE-20-002/006 (Wave 7)
• Current: TODO
2. [TODO] BENCH-POLICY-20-002 — Incremental run benchmark tracking delta SLA.
• Prereqs: BENCH-POLICY-20-001 (Wave 7), SCHED-WORKER-20-302 (Wave 7)
• Current: TODO
## Wave 8 — 60 task(s) ready after Wave 7
- **Sprint 21** · Graph Explorer v1
- Team: Cartographer Guild
- Path: `src/StellaOps.Cartographer/TASKS.md`
1. [TODO] CARTO-GRAPH-21-001/002/003/004 — Schema, projection reader, graph constructor, and layout tiling are ready once SBOM projections ship (Wave 7 prereqs).
2. [TODO] CARTO-GRAPH-21-005/006/007/008/009 — Overlay worker, API surface, backfill/overlay jobs, testing, and deployment artefacts depend on Cartographer infrastructure plus Policy Engine 30-series work.
- Team: SBOM Service Guild
- Path: `src/StellaOps.SbomService/TASKS.md`
1. [TODO] SBOM-SERVICE-21-001/002/003/004 — Normalized projection API, change events, entrypoint management, and observability unblock Cartographers ingestion.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-30-001/002/003 — Graph overlay contract, simulation bridge, and change events rely on Policy Engine v2 core (Wave 7) and feed Cartographer overlays.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-GRAPH-21-001..004 — Graph gateway routes, validation, exports, and simulation bridging activate once Cartographer endpoints exist.
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-GRAPH-21-001..006 — Canvas, inspector, filters, paths, diff, and accessibility depend on Cartographer/Web graph APIs and Samples fixtures.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-GRAPH-21-001..003 — CLI commands, path/simulation options, and docs require Cartographer/Web readiness.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-GRAPH-21-001..003 — Graph scope issuance, enforcement, and documentation unblock service deployments.
- Team: Scheduler Guilds
- Paths: `src/StellaOps.Scheduler.Models/TASKS.md`, `src/StellaOps.Scheduler.WebService/TASKS.md`, `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-MODELS-21-001/002, SCHED-WEB-21-001/002, SCHED-WORKER-21-201..203 — Graph job DTOs, APIs, workers, and metrics coordinate Cartographer runs after SBOM change events.
- Team: Concelier Guild
- Paths: `src/StellaOps.Concelier.Core/TASKS.md`, `src/StellaOps.Concelier.WebService/TASKS.md`
1. [TODO] CONCELIER-GRAPH-21-001..004 — SBOM projection enrichment and entrypoint APIs feed SBOM Service/Cartographer.
- Team: Excititor Guild
- Paths: `src/StellaOps.Excititor.Core/TASKS.md`, `src/StellaOps.Excititor.WebService/TASKS.md`, `src/StellaOps.Excititor.Storage.Mongo/TASKS.md`
1. [TODO] EXCITITOR-GRAPH-21-001..005 — Provide VEX inspector data, overlay enrichment, events, and indexes for Graph Explorer.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-GRAPH-21-001..003 — Perf tests, visual regression captures, and offline kit bundling align with Cartographer/SBOM readiness.
- Team: Docs/Samples/Bench Guilds
- Paths: `docs/TASKS.md`, `samples/TASKS.md`, `src/StellaOps.Bench/TASKS.md`
1. [TODO] DOCS-GRAPH-21-001..009, SAMPLES-GRAPH-21-001..002, BENCH-GRAPH-21-001..002 — Publish documentation set, sample assets, and benchmarks once API/UI stabilize.
## Wave 9 — 58 task(s) ready after Wave 8
- **Sprint 22** · Link-Not-Merge v1
- Team: Concelier Core Guild
- Path: `src/StellaOps.Concelier.Core/TASKS.md`
1. [TODO] CONCELIER-LNM-21-001/002/003/004/005 — Observation schema, linkset builder, conflict annotator, merge removal, and event emission follow Graph wave completion and AOC guard readiness.
- Team: Concelier Storage Guild
- Path: `src/StellaOps.Concelier.Storage.Mongo/TASKS.md`
1. [TODO] CONCELIER-LNM-21-101/102/103 — Collections, backfill tooling, and blob storage wiring depend on core schema finalization.
- Team: Concelier WebService Guild
- Path: `src/StellaOps.Concelier.WebService/TASKS.md`
1. [TODO] CONCELIER-LNM-21-201/202/203 — Advisory observation/linkset APIs and event publishing follow storage readiness.
- Team: BE-Merge
- Path: `src/StellaOps.Concelier.Merge/TASKS.md`
1. [TODO] MERGE-LNM-21-001/002/003 — Decommission merge pipeline once observation/linkset flow validated.
- Team: Excititor Core Guild
- Path: `src/StellaOps.Excititor.Core/TASKS.md`
1. [TODO] EXCITITOR-LNM-21-001..005 — VEX observations/linksets, conflicts, merge removal, and events mirror advisory work.
- Team: Excititor Storage Guild
- Path: `src/StellaOps.Excititor.Storage.Mongo/TASKS.md`
1. [TODO] EXCITITOR-LNM-21-101/102 — Collections and backfill for VEX data prepared after schema finalization.
- Team: Excititor WebService Guild
- Path: `src/StellaOps.Excititor.WebService/TASKS.md`
1. [TODO] EXCITITOR-LNM-21-201..203 — VEX observation/linkset APIs and event publishing.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-40-001..003 — Effective severity adjustments, VEX conflict handling, and consumer utilities once observation/linkset data shape is fixed.
- Team: Scanner WebService Guild
- Path: `src/StellaOps.Scanner.WebService/TASKS.md`
1. [TODO] SCANNER-LNM-21-001/002 — Report/runtime updates and evidence endpoint leveraging new linksets.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-LNM-21-001..003 — Gateway exposure for advisory/vex APIs and policy evidence combos.
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-LNM-22-001..004 — Evidence panel, filters, VEX tab, permalinks after API readiness.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-LNM-22-001/002 — CLI support for observations/linksets and exports.
- Team: Authority Core Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-AOC-19-001 — Scope rollout (`advisory/vex ingest/read`) enabling new APIs.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-LNM-22-001..003 — Migration automation, monitoring, and SLA alerts for observation pipelines.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-LNM-22-001..008 — Publish aggregation philosophy, API docs, UI guides, migration playbook.
- Team: Samples Guild
- Path: `samples/TASKS.md`
1. [TODO] SAMPLES-LNM-22-001/002 — Observation/linkset fixtures for advisories and VEX.
- Team: Bench Guild
- Path: `src/StellaOps.Bench/TASKS.md`
1. [TODO] BENCH-LNM-22-001/002 — Ingest/correlation performance benchmarks to enforce SLA.
## Wave 10 — 54 task(s) ready after Wave 9
- **Sprint 23** · Policy Engine + Editor v1
- Team: Policy Guild (Library)
- Path: `src/StellaOps.Policy/TASKS.md`
1. [TODO] POLICY-SPL-23-001..005 — SPL schema/canonicalizer/layering/explain model/migration tooling once Link-Not-Merge data model is stable.
- Team: Policy Engine Service
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-50-001..007 — Compiler, evaluator, observability, event pipeline, storage schemas, explainer persistence, worker orchestration.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-POLICY-23-001..004 — Policy pack CRUD, activation, simulation/evaluation, explain history APIs.
- Team: UI Guild
- Path: `src/StellaOps.UI/TASKS.md`
1. [TODO] UI-POLICY-23-001..006 — Policy editor workspace, YAML builder, guided builder, approvals, simulator, explain view.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-POLICY-23-004..006 — CLI lint/activate/history + explain commands aligned with new APIs.
- Team: Authority Core Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-POLICY-23-001..003 — Policy scopes, two-person activation, documentation.
- Team: SBOM Service Guild
- Path: `src/StellaOps.SbomService/TASKS.md`
1. [TODO] SBOM-SERVICE-23-001/002 — Asset metadata projection + `sbom.asset.updated` events feeding evaluator.
- Team: Concelier & Excititor Guilds
- Paths: `src/StellaOps.Concelier.Core/TASKS.md`, `src/StellaOps.Excititor.Core/TASKS.md`, `src/StellaOps.Concelier.WebService/TASKS.md`, `src/StellaOps.Excititor.WebService/TASKS.md`
1. [TODO] CONCELIER-POLICY-23-001/002 and EXCITITOR-POLICY-23-001/002 plus CONCELIER/EXCITITOR-LNM-21-201..203 — Evidence indexes, enriched events, observation/linkset APIs supporting policy runtime.
- Team: Scheduler Worker Guild
- Path: `src/StellaOps.Scheduler.Worker/TASKS.md`
1. [TODO] SCHED-WORKER-23-101/102 — Policy re-evaluation worker + reconciliation job post activation.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-LNM-22-001..003 (migration/monitoring) and future policy deployment automation for SPL bundles.
- Team: Docs Guild, Samples, Bench
- Paths: `docs/TASKS.md`, `samples/TASKS.md`, `src/StellaOps.Bench/TASKS.md`
1. [TODO] DOCS-POLICY-23-001..010, SAMPLES-LNM-22-001/002, BENCH-LNM-22-001/002 — Documentation set, policy fixtures, performance benchmarks.
## Wave 11 — 1 task(s) ready after Wave 10
- **Sprint 32** · Orchestrator Dashboard Phase 1 (Foundations)
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-32-001..005 — Stand up the orchestrator service (schema, scheduler, read-only APIs, SSE, worker endpoints). Coordinate with DevOps (DEVOPS-ORCH-32-001) for Postgres + message bus availability before enabling progression.
- Team: Worker SDK Guild
- Paths: `src/StellaOps.Orchestrator.WorkerSdk.Go/TASKS.md`, `src/StellaOps.Orchestrator.WorkerSdk.Python/TASKS.md`
1. [TODO] WORKER-GO-32-001/002, WORKER-PY-32-001/002 — Deliver baseline job claim/heartbeat libraries. These unblock Concelier/Excititor/SBOM adoption tasks and should validate against ORCH-SVC-32-005 contract.
- Team: Concelier Core Guild
- Path: `src/StellaOps.Concelier.Core/TASKS.md`
1. [TODO] CONCELIER-ORCH-32-001/002 — Register sources and embed SDK hooks in ingestion loops. Depends on Worker SDK handshake and orchestrator read APIs.
- Team: Excititor Worker Guild
- Path: `src/StellaOps.Excititor.Worker/TASKS.md`
1. [TODO] EXCITITOR-ORCH-32-001 — Adopt worker SDK for VEX ingestion. Requires ORCH-SVC-32-005 and Worker SDK readiness.
- Team: SBOM Service Guild
- Path: `src/StellaOps.SbomService/TASKS.md`
1. [TODO] SBOM-ORCH-32-001 — Emit orchestrator job metadata and artifact hashes for SBOM ingest/index jobs; depends on orchestrator schema finalization.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-32-101 — Define `policy_eval` job contract and enqueue hooks so orchestrator DAGs can plan downstream work.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-ORCH-32-001 — Surface read-only orchestrator APIs through the gateway with tenant scoping once service endpoints exist.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-ORCH-32-001 — Introduce `orch:read` scope and `Orch.Viewer` role so CLI/Console work can proceed safely.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-ORCH-32-001 — Provide read-only `stella orch` listings after gateway routes/scopes are available; validate against imposed rule requirement.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-ORCH-32-001/002 — Overview + Sources pages (read-only) rely on SSE stream, viewer scope, and CLI/gateway parity.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-ORCH-32-001/002 — Publish overview/architecture docs (each closing with imposed rule statement) to align cross-team implementation.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-ORCH-32-001 — Stand up Postgres/message bus environments and seed Grafana dashboards; prerequisite for orchestrator integration workstreams.
- **Sprint 33** · Orchestrator Dashboard Phase 2 (Controls & Recovery)
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-33-001..004 — Add control actions, adaptive rate limiter, watermark/backfill manager, and dead-letter replay. Requires Phase 1 completion and Worker SDK control hooks.
- Team: Worker SDK Guild
- Paths: `src/StellaOps.Orchestrator.WorkerSdk.Go/TASKS.md`, `src/StellaOps.Orchestrator.WorkerSdk.Python/TASKS.md`
1. [TODO] WORKER-GO-33-001/002, WORKER-PY-33-001/002 — Provide artifact upload, idempotency guards, and error classification so orchestrator controls function safely.
- Team: Concelier Core Guild
- Path: `src/StellaOps.Concelier.Core/TASKS.md`
1. [TODO] CONCELIER-ORCH-33-001 — Honor orchestrator throttles and retry semantics; unblocker for circuit breaker work in Sprint 34.
- Team: Excititor Worker Guild
- Path: `src/StellaOps.Excititor.Worker/TASKS.md`
1. [TODO] EXCITITOR-ORCH-33-001 — Surface error classes and throttling compliance; depends on Worker SDK error helpers.
- Team: SBOM Service Guild
- Path: `src/StellaOps.SbomService/TASKS.md`
1. [TODO] SBOM-ORCH-33-001 — Report backpressure metrics and respect orchestrator pause/backfill signals.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-33-101 — Implement orchestrator-driven evaluation workers with SLO metrics; prerequisites: ORCH-SVC-32-003/005 and Worker SDK upgrades.
- Team: VEX Lens Guild
- Path: `src/StellaOps.VexLens/TASKS.md`
1. [TODO] VEXLENS-ORCH-33-001 — Register `consensus_compute` job type and worker integration so orchestrator can schedule consensus batches.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-ORCH-33-001 — Wire control/backfill endpoints through gateway with proper error mapping and SSE bridging; relies on AUTH-ORCH-33-001.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-ORCH-33-001 — Add `Orch.Operator` role/scopes and enforce reason strings; prerequisite for CLI/Console control surfaces.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-ORCH-33-001 — Implement action verbs (`pause|resume|test`, `retry|cancel`, `jobs tail`) with streaming output and scope enforcement.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-ORCH-33-001/002 — Runs timeline/DAG and Jobs tail views with action buttons. Requires SSE, operator scopes, and orchestrator control endpoints.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-ORCH-33-001..003 — Publish API, Console, and CLI guides (each reiterating imposed rule) once control endpoints stabilize.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-ORCH-33-001 — Deliver Grafana dashboards/alerts (rate limiter, queue depth, error clustering) gated by orchestrator metrics.
- **Sprint 34** · Orchestrator Dashboard Phase 3 (Backfills, Quotas, GA)
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-34-001..004 — Quotas/SLOs, audit ledger export, scale tests, and packaging. Requires Phase 2 controls plus DevOps support for perf/load validation.
- Team: Worker SDK Guild
- Paths: `src/StellaOps.Orchestrator.WorkerSdk.Go/TASKS.md`, `src/StellaOps.Orchestrator.WorkerSdk.Python/TASKS.md`
1. [TODO] WORKER-GO-34-001, WORKER-PY-34-001 — Backfill range execution and dedupe verification; prerequisites: ORCH-SVC-33-003 and service artifact schemas.
- Team: Concelier Core Guild
- Path: `src/StellaOps.Concelier.Core/TASKS.md`
1. [TODO] CONCELIER-ORCH-34-001 — Execute orchestrator-driven backfills with ledger linkage; ensure idempotency before GA sign-off.
- Team: Excititor Worker Guild
- Path: `src/StellaOps.Excititor.Worker/TASKS.md`
1. [TODO] EXCITITOR-ORCH-34-001 — Backfill + circuit breaker reset logic; depends on Worker SDK backfill support.
- Team: SBOM Service Guild
- Path: `src/StellaOps.SbomService/TASKS.md`
1. [TODO] SBOM-ORCH-34-001 — Watermark reconciliation and coverage metrics for sbom backfills.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-34-101 — Surface run ledger exports and SLO burn metrics to orchestrator; coordinates with Findings Ledger.
- Team: VEX Lens Guild
- Path: `src/StellaOps.VexLens/TASKS.md`
1. [TODO] VEXLENS-ORCH-34-001 — Emit consensus completion events into orchestrator ledger + provenance chain.
- Team: Findings Ledger Guild
- Path: `src/StellaOps.Findings.Ledger/TASKS.md`
1. [TODO] LEDGER-34-101 — Consume orchestrator ledger entries for provenance exports; must align with ORCH-SVC-34-002 hashing.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-ORCH-34-001 — Route quotas/backfill/error clustering APIs; prerequisite for CLI/Console GA features.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-ORCH-34-001 — Add `Orch.Admin` role, quota scopes, and audit reason enforcement; required before exposing admin controls.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-ORCH-34-001 — Implement backfill/quota commands with dry-run preview; depends on ORCH-SVC-34-001/003 and AUTH-ORCH-34-001.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-ORCH-34-001..003 — Queues/backpressure dashboard, backfill wizard, and error clustering view; align with API + metrics outputs.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-ORCH-34-001..005 — Final documentation set (run ledger, secrets handling, runbook, schema, SLO) — each must restate imposed rule and cross-link to services adopting orchestrator.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-ORCH-34-001 — Harden production dashboards/alerts and synthetic probes prior to GA.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-ORCH-34-001 — Package orchestrator Helm/Compose, scaling defaults, offline guidance; depends on ORCH-SVC-34-004.
- Team: Offline Kit Guild
- Path: `ops/offline-kit/TASKS.md`
1. [TODO] DEVOPS-OFFLINE-34-006 — Bundle orchestrator service artifacts, worker SDK samples, and Postgres snapshot into Offline Kit with integrity checks.
- **Sprint 35** · Export Center Phase 1 (Foundations)
- Team: Exporter Service Guild
- Path: `src/StellaOps.ExportCenter/TASKS.md`
1. [TODO] EXPORT-SVC-35-001..006 — Bootstrap exporter service, planner, JSON/mirror adapters, manifests/signing, and download APIs. Blocks downstream integrations (Findings Ledger, Policy, VEX Lens, Web, CLI, Console).
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-35-101 — Register export job type, quotas, and telemetry to support exporter workers.
- Team: Findings Ledger Guild
- Path: `src/StellaOps.Findings.Ledger/TASKS.md`
1. [TODO] LEDGER-EXPORT-35-001 — Provide streaming endpoints for advisories/VEX/SBOM/findings filtered per export scopes. Required before planner work can complete.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-35-201 — Supply deterministic policy snapshot + evaluated findings endpoint for policy-aware exports.
- Team: VEX Lens Guild
- Path: `src/StellaOps.VexLens/TASKS.md`
1. [TODO] VEXLENS-EXPORT-35-001 — Produce consensus snapshot API consumed by mirror bundles.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-EXPORT-35-001 — Route export APIs and downloads through gateway once exporter endpoints are live.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-EXPORT-35-001 — Publish Export Viewer/Operator/Admin scopes and issuer templates before Console/CLI ship.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-EXPORT-35-001 — Read-only CLI commands for profiles/runs/downloads; depends on WEB-EXPORT-35-001 and AUTH-EXPORT-35-001.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-EXPORT-35-001 — Profiles + overview UI; requires gateway routes and scopes.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-EXPORT-35-001..003 — Publish overview, architecture, and profiles docs with imposed rule reminders to align teams.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-EXPORT-35-001 — Establish exporter CI/perf smoke and dashboards; prerequisite for later alerting.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-EXPORT-35-001 — Package exporter service/worker Helm overlays for download-only phase.
- **Sprint 36** · Export Center Phase 2 (Trivy + Distribution)
- Team: Exporter Service Guild
- Path: `src/StellaOps.ExportCenter/TASKS.md`
1. [TODO] EXPORT-SVC-36-001..004 — Trivy adapters, OCI/object storage distribution, planner updates. Trivy bundles require DEVOPS-EXPORT-36-001 validation.
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-36-101 — Extend orchestrator telemetry/retention fields for export runs.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-EXPORT-36-001 — Distribution endpoints must land before CLI/Console actions move forward.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-EXPORT-36-001 — Distribute/download resume features depend on WEB-EXPORT-36-001 and AUTH scopes.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-EXPORT-36-001 — Runs detail + distribution UI after API support exists.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-EXPORT-36-004..006 — API/CLI/Trivy docs to support rollout; each must restate imposed rule.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-EXPORT-36-001 — CI validation for Trivy compatibility and OCI pushes.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-EXPORT-36-001 — Document registry credentials and automation for distributions.
- **Sprint 37** · Export Center Phase 3 (Delta, Encryption, Scheduling, GA)
- Team: Exporter Service Guild
- Path: `src/StellaOps.ExportCenter/TASKS.md`
1. [TODO] EXPORT-SVC-37-001..004 — Mirror delta/encryption, scheduling+retention, verification API. Depends on DEVOPS-EXPORT-37-001 for chaos/alert readiness.
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-37-101 — Scheduling + retention hooks required for exporter automation.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-EXPORT-37-001 — Surface scheduling, retention, verification, encryption parameters once exporter endpoints exist.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-EXPORT-37-001 — Admin scope enforcement for scheduling, retention, encryption.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-EXPORT-37-001 — Scheduling and verification commands with signature/hash checks; relies on WEB-EXPORT-37-001.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-EXPORT-37-001 — Verification panel, scheduling UI, retention controls, encryption workflows.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-EXPORT-37-001..004 — Mirror bundles, provenance & signing, operations runbook, security hardening docs (all reiterate imposed rule).
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-EXPORT-37-001 — Finalize dashboards/alerts, chaos testing, retention monitoring.
- Team: Offline Kit Guild
- Path: `ops/offline-kit/TASKS.md`
1. [TODO] DEVOPS-OFFLINE-37-001 — Bundle export tooling and sample mirror bundles into Offline Kit.
- **Sprint 38** · Notifications Studio Phase 1 (Foundations)
- Team: Notifications Service Guild
- Path: `src/StellaOps.Notifier/TASKS.md`
1. [TODO] NOTIFY-SVC-38-001..004 — Bootstrap notifier service, migrations, ingestion, templates, channel adapters, initial APIs. Requires orchestrator event envelope updates and policy violation enrichment.
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-38-101 — Standardize event publication (policy/export/job lifecycle) with idempotency keys for notifier.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-38-201 — Emit enriched policy violation events (decision rationale IDs) for notifier ingestion.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-NOTIFY-38-001 — Gateway routing for notifier APIs with tenant RBAC.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-NOTIFY-38-001 — Publish Notify Viewer/Operator/Admin scopes and issuer templates.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-NOTIFY-38-001 — CLI commands for rules/templates/incidents.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-NOTIFY-38-001 — Studio home, rule editor, incidents UI (phase 1).
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-NOTIFY-38-001 — Overview + architecture docs (imposed rule).
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-NOTIFY-38-001 — Notifier CI pipeline, base dashboards.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-NOTIFY-38-001 — Helm overlays and rollout guide for notifier foundations.
- **Sprint 39** · Notifications Studio Phase 2 (Correlation, Digests, Simulation)
- Team: Notifications Service Guild
- Path: `src/StellaOps.Notifier/TASKS.md`
1. [TODO] NOTIFY-SVC-39-001..004 — Correlation, throttling, quiet hours, digest generator, simulation engine.
- Team: Findings Ledger Guild
- Path: `src/StellaOps.Findings.Ledger/TASKS.md`
1. [TODO] LEDGER-NOTIFY-39-001 — Digest query optimization endpoints.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-NOTIFY-39-001 — Gateway updates for digests, simulation, throttles.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-NOTIFY-39-001 — CLI simulation/digest commands.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-NOTIFY-39-001 — Template editor, digest profiles, quiet calendar, storm banner.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-NOTIFY-39-002 — Rules/templates/digests docs (imposed rule).
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-NOTIFY-39-002 — Throttle/quiet/digest dashboards.
- **Sprint 40** · Notifications Studio Phase 3 (Escalations, Localization, Hardening)
- Team: Notifications Service Guild
- Path: `src/StellaOps.Notifier/TASKS.md`
1. [TODO] NOTIFY-SVC-40-001..004 — Escalations, ack bridge, PagerDuty/OpsGenie adapters, localization, security hardening, chaos tests.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-NOTIFY-40-001 — Ack token signing/rotation, webhook allowlists, admin enforcement.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-NOTIFY-40-001 — Expose escalation/localization/channel health endpoints.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-NOTIFY-40-001 — Ack redemption, escalation management, localization previews.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-NOTIFY-40-001 — Escalation settings, on-call schedules, localization UI, incident Kanban enhancements.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-NOTIFY-40-001 — Channels, escalations, API, runbook, security docs (imposed rule).
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-NOTIFY-40-001 — Escalation/ack latency dashboards, chaos tooling.
- **Sprint 41** · CLI Parity & Task Packs Phase 1
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-CORE-41-001, CLI-PARITY-41-001/002 — Implement CLI core config/auth/output foundations and initial parity command groups.
- Team: Task Runner Guild
- Path: `src/StellaOps.TaskRunner/TASKS.md`
1. [TODO] TASKRUN-41-001 — Bootstrap Task Runner service, run API, local executor, approvals pause, artifact capture.
- Team: Packs Registry Guild
- Path: `src/StellaOps.PacksRegistry/TASKS.md`
1. [TODO] PACKS-REG-41-001 — Registry API, signature verification, provenance storage, RBAC.
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-41-101 — Register `pack-run` job type, integrate logs/artifacts, expose metadata.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-PACKS-41-001 — Define CLI/pack scopes, discovery metadata, offline defaults.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-CLI-41-001 — Publish CLI overview/config/output docs.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-CLI-41-001 — Multi-platform build pipeline, SBOM/checksums, parity CI gate.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-CLI-41-001 — Package CLI release artifacts and distribution docs.
- **Sprint 42** · CLI Parity & Task Packs Phase 2
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-PARITY-41-001/002, CLI-PACKS-42-001 — Close remaining parity gaps and ship Task Pack CLI commands.
- Team: Task Runner Guild
- Path: `src/StellaOps.TaskRunner/TASKS.md`
1. [TODO] TASKRUN-42-001 — Loops, conditionals, simulation mode, policy gates.
- Team: Packs Registry Guild
- Path: `src/StellaOps.PacksRegistry/TASKS.md`
1. [TODO] PACKS-REG-42-001 — Version lifecycle, allowlists, provenance export, signature rotation.
- Team: Orchestrator Service Guild
- Path: `src/StellaOps.Orchestrator/TASKS.md`
1. [TODO] ORCH-SVC-42-101 — Stream pack run logs, expose manifolds, enforce quotas.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-ENGINE-42-201 — Stable rationale IDs/APIs for CLI `--explain` and packs.
- Team: Findings Ledger Guild
- Path: `src/StellaOps.Findings.Ledger/TASKS.md`
1. [TODO] LEDGER-PACKS-42-001 — Snapshot/time-travel APIs for pack simulation.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-CLI-42-001 — Copy CLI buttons, parity hints, pack browser.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-CLI-42-001 — Parity matrix & command guides; DOCS-PACKS-43-001 groundwork.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-CLI-42-001 — CLI golden outputs, parity diff automation, pack run CI harness.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-PACKS-42-001 — Deploy packs registry/task runner with secrets templates.
- **Sprint 43** · CLI Parity & Task Packs Phase 3
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-PACKS-43-001 — Advanced pack features (approvals pause/resume, secrets, localization, man pages).
- Team: Task Runner Guild
- Path: `src/StellaOps.TaskRunner/TASKS.md`
1. [TODO] TASKRUN-43-001 — Approvals workflow, notifications integration, chaos resilience.
- Team: Packs Registry Guild
- Path: `src/StellaOps.PacksRegistry/TASKS.md`
1. [TODO] PACKS-REG-43-001 — Mirroring, signing policies, attestation integration.
- Team: Exporter Service Guild
- Path: `src/StellaOps.ExportCenter/TASKS.md`
1. [TODO] EXPORT-SVC-35-005, EXPORT-SVC-37-001 — Include pack run manifests in exports.
- Team: Notifications Service Guild
- Path: `src/StellaOps.Notifier/TASKS.md`
1. [TODO] NOTIFY-SVC-40-001 — Emit pack run notifications.
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-PACKS-43-001 — Enforce pack signing/approval policies, CLI CI scopes.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-PACKS-43-001 — Task Pack spec/authoring/registry/runbook/security/release docs.
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-CLI-43-001 — Final release automation, SBOM signing, parity gating, chaos tests.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY-PACKS-43-001 — Remote execution rollout guidance, Offline kit instructions.
- Team: Offline Kit Guild
- Path: `ops/offline-kit/TASKS.md`
1. [TODO] CLI-PACKS-43-002 — Bundle CLI, pack samples, registry mirror into Offline Kit with manifests.
- **Sprint 47-49** · Authority-Backed Scopes & Tenancy
- Team: Authority Core & Security Guild
- Path: `src/StellaOps.Authority/TASKS.md`
1. [TODO] AUTH-TEN-47-001 — JWT/OIDC alignment, scope grammar, tenant/project claims.
2. [TODO] AUTH-TEN-49-001 — Service accounts, delegation, quotas, audit streaming.
- Team: BE-Base Platform Guild
- Path: `src/StellaOps.Web/TASKS.md`
1. [TODO] WEB-TEN-47-001/48-001/49-001 — Middleware enforcement, tenant context propagation, ABAC overlay, audit API.
- Team: DevEx/CLI Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CLI-TEN-47-001/49-001 — Auth CLI flows, tenant switching, service tokens, delegation.
- Team: Console Guild
- Path: `src/StellaOps.Cli/TASKS.md`
1. [TODO] CONSOLE-TEN-48-001/49-001 — Tenant switcher, admin screens, audit viewer.
- Team: Policy Guild
- Path: `src/StellaOps.Policy.Engine/TASKS.md`
1. [TODO] POLICY-TEN-48-001 — Tenant-aware policy storage, RLS, rationale IDs.
- Team: Findings Ledger Guild
- Path: `src/StellaOps.Findings.Ledger/TASKS.md`
1. [TODO] LEDGER-TEN-48-001 — Tenant partitioning and RLS.
- Team: Exporter/Notifications/Orchestrator/Task Runner/Concelier/Excititor Guilds
- Paths: `src/StellaOps.ExportCenter/TASKS.md`, `src/StellaOps.Notifier/TASKS.md`, `src/StellaOps.Orchestrator/TASKS.md`, `src/StellaOps.TaskRunner/TASKS.md`, `src/StellaOps.Concelier.Core/TASKS.md`, `src/StellaOps.Excititor.Core/TASKS.md`
1. [TODO] Export/Notify tasks (EXPORT-TEN-48-001, NOTIFY-TEN-48-001) — Tenant stamping.
2. [TODO] ORCH-TEN-48-001, TASKRUN-TEN-48-001 — Job context enforcement.
3. [TODO] CONCELIER/EXCITITOR-TEN-48-001 — Tenant-aware linking with aggregation-only guarantee.
- Team: Docs Guild
- Path: `docs/TASKS.md`
1. [TODO] DOCS-TEN-47-001/48-001/49-001 — Tenancy docs suite (overview, operations, authentication, ABAC).
- Team: DevOps Guild
- Path: `ops/devops/TASKS.md`
1. [TODO] DEVOPS-TEN-47-001/48-001/49-001 — JWKS caching, RLS tests, audit pipeline, chaos tests.
- Team: Deployment Guild
- Path: `ops/deployment/TASKS.md`
1. [TODO] DEPLOY updates (if needed) for tenant configuration.
Reference in New Issue View Git Blame Copy Permalink