master
66cb6c4b8a
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform. - Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds. - Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies. - Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
Stella Ops
Stella Ops is the sovereign, SBOM‑first security platform that proves every container decision with deterministic scans, explainable policy verdicts, and offline‑ready provenance.
- Sovereign by design – bring your own trust roots, vulnerability advisory sources, VEX sources, regional crypto, and Offline Update Kits that never phone home.
- Deterministic + replayable – every scan can be reproduced bit‑for‑bit with DSSE + OpenVEX evidence.
- Actionable signal – lattice logic ranks exploitability, and the policy engine lets you tailor VEX handling, muting, and expiration rules for your environment.
Proof points: SBOM dependency and vulnerability dependency cartographing work, deterministic replay manifests, lattice policy UI with OpenVEX, and post‑quantum trust packs ready for regulated sectors.
Choose Your Path
| If you want to… | Open this | Read time |
|---|---|---|
| Understand the promise and pain we solve | overview.md |
≈ 2 min |
| Run a first scan and see the CLI | quickstart.md |
≈ 5 min |
| Browse key capabilities at a glance | key-features.md |
≈ 3 min |
| Check architecture, road to production, or evaluate fit | See “Dig deeper” below | ≤ 30 min curated set |
Explore the Essentials
- Value in context – Overview compresses the “Why” + “What” stories and shows how Stella Ops stands apart.
- Try it fast – Quickstart walks through fetching the signed bundles, configuring
.env, and verifying the first scan. - Feature confidence – Key Features gives five capability cards covering Delta SBOM, VEX‑first policy, Sovereign crypto, Deterministic replay, and Transparent quotas.
- Up‑next checkpoints – Evaluation checklist helps teams plan Day‑0 to Day‑30 adoption milestones.
Dig Deeper (curated reading)
- Install & operations: Installation guide, Offline Update Kit, Security hardening.
- Architecture & modules: High‑level architecture, Module dossiers, Strategic differentiators.
- Policy & governance: Policy templates, Legal & quota FAQ, Governance charter.
- UI & glossary: Console guide, Accessibility, Glossary.
- Technical documentation: Full technical index for architecture, APIs, module dossiers, and operations playbooks.
- FAQs & readiness: FAQ matrix, Roadmap (external), Release engineering playbook.
Need more? The full documentation tree – ADRs, per‑module operations, schemas, developer references – stays untouched under the existing directories (modules/, api/, dev/, ops/), ready when you are.
© 2025 Stella Ops contributors – AGPL‑3.0‑or‑later