691028fe69
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Added completed tasks documentation for Scheduler WebService, ImpactIndex, Models, Queue, Storage.Mongo, Worker, Signals, Signer, UI, Zastava.Observer, Zastava.Webhook, Zastava.Core, Cryptography.Kms, Cryptography, and Plugin. - Each task includes ID, status, owners, dependencies, descriptions, and exit criteria to ensure clarity and traceability. - Enhanced integration and unit testing coverage across various components to validate functionality and compliance with specifications.
20 KiB
20 KiB
Completed Tasks
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-VISITOR-30-001 | DONE (2025-10-30) | Docs Guild | — | Reorganize visitor-facing documentation (README, overview, quickstart, key features) for rapid evaluation flow. | ✅ New visitor doc stack published; ✅ README links updated; ✅ Legacy pages slotted into deeper-read tier. |
| DOC7.README-INDEX | DONE (2025-10-17) | Docs Guild | — | Refresh index docs (docs/README.md + root README) after architecture dossier split and Offline Kit overhaul. | ✅ ToC reflects new component architecture docs; ✅ root README highlights updated doc set; ✅ Offline Kit guide linked correctly. |
| DOC4.AUTH-PDG | DONE (2025-10-19) | Docs Guild, Plugin Team | PLG6.DOC | Copy-edit docs/dev/31_AUTHORITY_PLUGIN_DEVELOPER_GUIDE.md, export lifecycle diagram, add LDAP RFC cross-link. |
✅ PR merged with polish; ✅ Diagram committed; ✅ Slack handoff posted. |
| DOC1.AUTH | DONE (2025-10-12) | Docs Guild, Authority Core | CORE5B.DOC | Draft docs/11_AUTHORITY.md covering architecture, configuration, bootstrap flows. |
✅ Architecture + config sections approved by Core; ✅ Samples reference latest options; ✅ Offline note added. |
| DOC3.Concelier-Authority | DONE (2025-10-12) | Docs Guild, DevEx | FSR4 | Polish operator/runbook sections (DOC3/DOC5) to document Concelier authority rollout, bypass logging, and enforcement checklist. | ✅ DOC3/DOC5 updated with audit runbook references; ✅ enforcement deadline highlighted; ✅ Docs guild sign-off. |
| DOC5.Concelier-Runbook | DONE (2025-10-12) | Docs Guild | DOC3.Concelier-Authority | Produce dedicated Concelier authority audit runbook covering log fields, monitoring recommendations, and troubleshooting steps. | ✅ Runbook published; ✅ linked from DOC3/DOC5; ✅ alerting guidance included. |
| FEEDDOCS-DOCS-05-001 | DONE (2025-10-11) | Docs Guild | FEEDMERGE-ENGINE-04-001, FEEDMERGE-ENGINE-04-002 | Publish Concelier conflict resolution runbook covering precedence workflow, merge-event auditing, and Sprint 3 metrics. | ✅ docs/modules/concelier/operations/conflict-resolution.md committed; ✅ metrics/log tables align with latest merge code; ✅ Ops alert guidance handed to Concelier team. |
| FEEDDOCS-DOCS-05-002 | DONE (2025-10-16) | Docs Guild, Concelier Ops | FEEDDOCS-DOCS-05-001 | Ops sign-off captured: conflict runbook circulated, alert thresholds tuned, and rollout decisions documented in change log. | ✅ Ops review recorded; ✅ alert thresholds finalised using docs/modules/concelier/operations/authority-audit-runbook.md; ✅ change-log entry linked from runbook once GHSA/NVD/OSV regression fixtures land. |
| DOCS-ADR-09-001 | DONE (2025-10-19) | Docs Guild, DevEx | — | Establish ADR process (docs/adr/0000-template.md) and document usage guidelines. |
Template published; README snippet linking ADR process; announcement posted (docs/updates/2025-10-18-docs-guild.md). |
| DOCS-EVENTS-09-002 | DONE (2025-10-19) | Docs Guild, Platform Events | SCANNER-EVENTS-15-201 | Publish event schema catalog (docs/events/) for scanner.report.ready@1, scheduler.rescan.delta@1, attestor.logged@1. |
Schemas validated (Ajv CI hooked); docs/events/README summarises usage; Platform Events notified via docs/updates/2025-10-18-docs-guild.md. |
| DOCS-EVENTS-09-003 | DONE (2025-10-19) | Docs Guild | DOCS-EVENTS-09-002 | Add human-readable envelope field references and canonical payload samples for published events, including offline validation workflow. | Tables explain common headers/payload segments; versioned sample payloads committed; README links to validation instructions and samples. |
| DOCS-EVENTS-09-004 | DONE (2025-10-19) | Docs Guild, Scanner WebService | SCANNER-EVENTS-15-201 | Refresh scanner event docs to mirror DSSE-backed report fields, document scanner.scan.completed, and capture canonical sample validation. |
Schemas updated for new payload shape; README references DSSE reuse and validation test; samples align with emitted events. |
| PLATFORM-EVENTS-09-401 | DONE (2025-10-21) | Platform Events Guild | DOCS-EVENTS-09-003 | Embed canonical event samples into contract/integration tests and ensure CI validates payloads against published schemas. | Notify models tests now run schema validation against docs/events/*.json, event schemas allow optional attributes, and docs capture the new validation workflow. |
| RUNTIME-GUILD-09-402 | DONE (2025-10-19) | Runtime Guild | SCANNER-POLICY-09-107 | Confirm Scanner WebService surfaces quietedFindingCount and progress hints to runtime consumers; document readiness checklist. |
Runtime verification run captures enriched payload; checklist/doc updates merged; stakeholders acknowledge availability. |
| DOCS-CONCELIER-07-201 | DONE (2025-10-22) | Docs Guild, Concelier WebService | FEEDWEB-DOCS-01-001 | Final editorial review and publish pass for Concelier authority toggle documentation (Quickstart + operator guide). | Review feedback resolved, publish PR merged, release notes updated with documentation pointer. |
| DOCS-RUNTIME-17-004 | DONE (2025-10-26) | Docs Guild, Runtime Guild | SCANNER-EMIT-17-701, ZASTAVA-OBS-17-005, DEVOPS-REL-17-002 | Document build-id workflows: SBOM exposure, runtime event payloads (process.buildId), Scanner /policy/runtime response (buildIds list), debug-store layout, and operator guidance for symbol retrieval. |
Architecture + operator docs updated with build-id sections (Observer, Scanner, CLI), examples show readelf output + debuginfod usage, references linked from Offline Kit/Release guides + CLI help. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-AOC-19-001 | DONE (2025-10-26) | Docs Guild, Concelier Guild | CONCELIER-WEB-AOC-19-001, EXCITITOR-WEB-AOC-19-001 | Author /docs/ingestion/aggregation-only-contract.md covering philosophy, invariants, schemas, error codes, migration, observability, and security checklist. |
New doc published with compliance checklist; cross-links from existing docs added. |
| DOCS-AOC-19-002 | DONE (2025-10-26) | Docs Guild, Architecture Guild | DOCS-AOC-19-001 | Update /docs/modules/platform/architecture-overview.md to include AOC boundary, raw stores, and sequence diagram (fetch → guard → raw insert → policy evaluation). |
Overview doc updated with diagrams/text; lint passes; stakeholders sign off. |
| DOCS-AOC-19-003 | DONE (2025-10-26) | Docs Guild, Policy Guild | POLICY-AOC-19-003 | Refresh /docs/modules/policy/architecture.md clarifying ingestion boundary, raw inputs, and policy-only derived data. |
Doc highlights raw-only ingestion contract, updated diagrams merge, compliance checklist added. |
| DOCS-AOC-19-004 | DONE (2025-10-26) | Docs Guild, UI Guild | UI-AOC-19-001 | Extend /docs/ui/console.md with Sources dashboard tiles, violation drill-down workflow, and verification action. |
UI doc updated with screenshots/flow descriptions, compliance checklist appended. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
| ---- | -------- | ---------- | ------------ | ------------- | --------------- |
| DOCS-POLICY-20-001 | DONE (2025-10-26) | Docs Guild, Policy Guild | POLICY-ENGINE-20-000 | Author /docs/policy/overview.md covering concepts, inputs/outputs, determinism, and compliance checklist. |
Doc published with diagrams + glossary; lint passes; checklist included. |
| DOCS-POLICY-20-002 | DONE (2025-10-26) | Docs Guild, Policy Guild | POLICY-ENGINE-20-001 | Write /docs/policy/dsl.md with grammar, built-ins, examples, anti-patterns. |
DSL doc includes grammar tables, examples, compliance checklist; validated against parser tests. |
| DOCS-POLICY-20-003 | DONE (2025-10-26) | Docs Guild, Authority Core | AUTH-POLICY-20-001 | Publish /docs/policy/lifecycle.md describing draft→approve workflow, roles, audit, compliance list. |
Lifecycle doc linked from UI/CLI help; approvals roles documented; checklist appended. |
| DOCS-POLICY-20-004 | DONE (2025-10-26) | Docs Guild, Scheduler Guild | SCHED-MODELS-20-001 | Create /docs/policy/runs.md detailing run modes, incremental mechanics, cursors, replay. |
Run doc includes sequence diagrams + compliance checklist; cross-links to scheduler docs. |
| DOCS-POLICY-20-005 | DONE (2025-10-26) | Docs Guild, BE-Base Platform Guild | WEB-POLICY-20-001 | Draft /docs/api/policy.md describing endpoints, schemas, error codes. |
API doc validated against OpenAPI; examples included; checklist appended. |
| DOCS-POLICY-20-006 | DONE (2025-10-26) | Docs Guild, DevEx/CLI Guild | CLI-POLICY-20-002 | Produce /docs/modules/cli/guides/policy.md with command usage, exit codes, JSON output contracts. |
CLI doc includes examples, exit codes, compliance checklist. |
| DOCS-POLICY-20-007 | DONE (2025-10-26) | Docs Guild, UI Guild | UI-POLICY-20-001 | Document /docs/ui/policy-editor.md covering editor, simulation, diff workflows, approvals. |
UI doc includes screenshots/placeholders, accessibility notes, compliance checklist. |
| DOCS-POLICY-20-008 | DONE (2025-10-26) | Docs Guild, Architecture Guild | POLICY-ENGINE-20-003 | Write /docs/modules/policy/architecture.md (new epic content) with sequence diagrams, selection strategy, schema. |
Architecture doc merged with diagrams; compliance checklist appended; references updated. |
| DOCS-POLICY-20-009 | DONE (2025-10-26) | Docs Guild, Observability Guild | POLICY-ENGINE-20-007 | Add /docs/observability/policy.md for metrics/traces/logs, sample dashboards. |
Observability doc includes metrics tables, dashboard screenshots, checklist. |
| DOCS-POLICY-20-010 | DONE (2025-10-26) | Docs Guild, Security Guild | AUTH-POLICY-20-002 | Publish /docs/security/policy-governance.md covering scopes, approvals, tenancy, least privilege. |
Security doc merged; compliance checklist appended; reviewed by Security Guild. |
| DOCS-POLICY-20-011 | DONE (2025-10-26) | Docs Guild, Policy Guild | POLICY-ENGINE-20-001 | Populate /docs/examples/policies/ with baseline/serverless/internal-only samples and commentary. |
Example policies committed with explanations; lint passes; compliance checklist per file. |
| DOCS-POLICY-20-012 | DONE (2025-10-26) | Docs Guild, Support Guild | WEB-POLICY-20-003 | Draft /docs/faq/policy-faq.md addressing common pitfalls, VEX conflicts, determinism issues. |
FAQ published with Q/A entries, cross-links, compliance checklist. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-CONSOLE-23-001 | DONE (2025-10-26) | Docs Guild, Console Guild | CONSOLE-CORE-23-004 | Publish /docs/ui/console-overview.md covering IA, tenant model, global filters, and AOC alignment with compliance checklist. |
Doc merged with diagrams + overview tables; checklist appended; Console Guild sign-off. |
| DOCS-CONSOLE-23-002 | DONE (2025-10-26) | Docs Guild, Console Guild | DOCS-CONSOLE-23-001 | Author /docs/ui/navigation.md detailing routes, breadcrumbs, keyboard shortcuts, deep links, and tenant context switching. |
Navigation doc merged with shortcut tables and screenshots; accessibility checklist satisfied. |
| DOCS-CONSOLE-23-003 | DONE (2025-10-26) | Docs Guild, SBOM Service Guild, Console Guild | SBOM-CONSOLE-23-001, CONSOLE-FEAT-23-102 | Document /docs/ui/sbom-explorer.md (catalog, detail, graph overlays, exports) including compliance checklist and performance tips. |
Doc merged with annotated screenshots, export instructions, and overlay examples; checklist appended. |
| DOCS-CONSOLE-23-004 | DONE (2025-10-26) | Docs Guild, Concelier Guild, Excititor Guild | CONCELIER-CONSOLE-23-001, EXCITITOR-CONSOLE-23-001 | Produce /docs/ui/advisories-and-vex.md explaining aggregation-not-merge, conflict indicators, raw viewers, and provenance banners. |
Doc merged; raw JSON examples included; compliance checklist complete. |
| DOCS-CONSOLE-23-005 | DONE (2025-10-26) | Docs Guild, Policy Guild | POLICY-CONSOLE-23-001, CONSOLE-FEAT-23-104 | Write /docs/ui/findings.md describing filters, saved views, explain drawer, exports, and CLI parity callouts. |
Doc merged with filter matrix + explain walkthrough; checklist appended. |
| DOCS-CONSOLE-23-006 | DONE (2025-10-26) | Docs Guild, Policy Guild, Product Ops | POLICY-CONSOLE-23-002, CONSOLE-FEAT-23-105 | Publish /docs/ui/policies.md with editor, simulation, approvals, compliance checklist, and RBAC mapping. |
Doc merged; Monaco screenshots + simulation diff examples included; approval flow described; checklist appended. |
| DOCS-CONSOLE-23-007 | DONE (2025-10-26) | Docs Guild, Scheduler Guild | SCHED-CONSOLE-23-001, CONSOLE-FEAT-23-106 | Document /docs/ui/runs.md covering queues, live progress, diffs, retries, evidence downloads, and troubleshooting. |
Doc merged with SSE troubleshooting, metrics references, compliance checklist. |
| DOCS-CONSOLE-23-008 | DONE (2025-10-26) | Docs Guild, Authority Guild | AUTH-CONSOLE-23-002, CONSOLE-FEAT-23-108 | Draft /docs/ui/admin.md describing users/roles, tenants, tokens, integrations, fresh-auth prompts, and RBAC mapping. |
Doc merged with tables for scopes vs roles, screenshots, compliance checklist. |
| DOCS-CONSOLE-23-009 | DONE (2025-10-27) | Docs Guild, DevOps Guild | DOWNLOADS-CONSOLE-23-001, CONSOLE-FEAT-23-109 | Publish /docs/ui/downloads.md listing product images, commands, offline instructions, parity with CLI, and compliance checklist. |
Doc merged; manifest sample included; copy-to-clipboard guidance documented; checklist complete. |
| DOCS-CONSOLE-23-010 | DONE (2025-10-27) | Docs Guild, Deployment Guild, Console Guild | DEVOPS-CONSOLE-23-002, CONSOLE-REL-23-301 | Write /docs/deploy/console.md (Helm, ingress, TLS, CSP, env vars, health checks) with compliance checklist. |
Deploy doc merged; templates validated; CSP guidance included; checklist appended. |
| DOCS-CONSOLE-23-011 | DONE (2025-10-28) | Docs Guild, Deployment Guild | DOCS-CONSOLE-23-010 | Update /docs/install/docker.md to cover Console image, Compose/Helm usage, offline tarballs, parity with CLI. |
Doc updated with new sections; commands validated; compliance checklist appended. |
| DOCS-CONSOLE-23-012 | DONE (2025-10-28) | Docs Guild, Security Guild | AUTH-CONSOLE-23-003, WEB-CONSOLE-23-002 | Publish /docs/security/console-security.md detailing OIDC flows, scopes, CSP, fresh-auth, evidence handling, and compliance checklist. |
Security doc merged; threat model notes included; checklist appended. |
| DOCS-CONSOLE-23-013 | DONE (2025-10-28) | Docs Guild, Observability Guild | TELEMETRY-CONSOLE-23-001, CONSOLE-QA-23-403 | Write /docs/observability/ui-telemetry.md cataloguing metrics/logs/traces, dashboards, alerts, and feature flags. |
Doc merged with instrumentation tables, dashboard screenshots, checklist appended. |
| DOCS-CONSOLE-23-014 | DONE (2025-10-28) | Docs Guild, Console Guild, CLI Guild | CONSOLE-DOC-23-502 | Maintain /docs/cli-vs-ui-parity.md matrix and integrate CI check guidance. |
Matrix published with parity status, CI workflow documented, compliance checklist appended. |
| DOCS-CONSOLE-23-017 | DONE (2025-10-27) | Docs Guild, Console Guild | CONSOLE-FEAT-23-101..109 | Create /docs/examples/ui-tours.md providing triage, audit, policy rollout walkthroughs with annotated screenshots and GIFs. | UI tours doc merged; capture instructions + asset placeholders committed; compliance checklist appended. |
| DOCS-CONSOLE-23-018 | DONE (2025-10-27) | Docs Guild, Security Guild | DOCS-CONSOLE-23-012 | Execute console security compliance checklist and capture Security Guild sign-off in Sprint 23 log. | Checklist completed; findings addressed or tickets filed; sign-off noted in updates file. |
| DOCS-LNM-22-006 | DONE (2025-10-27) | Docs Guild, Architecture Guild | CONCELIER-LNM-21-001..005, EXCITITOR-LNM-21-001..005 | Refresh /docs/modules/concelier/architecture.md and /docs/modules/excititor/architecture.md describing observation/linkset pipelines and event contracts. | Architecture docs updated with observation/linkset flow + event tables; revisit once service implementations land. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-EXC-25-004 | DONE (2025-10-27) | Docs Guild, Policy Guild | POLICY-ENGINE-70-001 | Document /docs/policy/exception-effects.md explaining evaluation order, conflicts, simulation. |
Doc merged; tests cross-referenced; checklist appended. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-EXPORT-35-001 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-35-001..006 | Author /docs/modules/export-center/overview.md covering purpose, profiles, security, AOC alignment, surfaces, ending with imposed rule statement. |
Doc merged with diagrams/examples; imposed rule line present; index updated. |
| DOCS-EXPORT-35-002 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-35-002..005 | Publish /docs/modules/export-center/architecture.md describing planner, adapters, manifests, signing, distribution flows, restating imposed rule. |
Architecture doc merged; sequence diagrams included; rule statement appended. |
| DOCS-EXPORT-35-003 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-35-003..004 | Publish /docs/modules/export-center/profiles.md detailing schema fields, examples, compatibility, and imposed rule reminder. |
Profiles doc merged; JSON schemas linked; imposed rule noted. |
| DOCS-EXPORT-36-004 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-36-001..004, WEB-EXPORT-36-001 | Publish /docs/modules/export-center/api.md covering endpoints, payloads, errors, and mention imposed rule. |
API doc merged; examples validated; rule included. |
| DOCS-EXPORT-36-005 | DONE (2025-10-29) | Docs Guild | CLI-EXPORT-35-001, CLI-EXPORT-36-001 | Publish /docs/modules/export-center/cli.md with command reference, CI scripts, verification steps, restating imposed rule. |
CLI doc merged; script snippets tested; rule appended. |
| DOCS-EXPORT-36-006 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-36-001, DEVOPS-EXPORT-36-001 | Publish /docs/modules/export-center/trivy-adapter.md covering field mappings, compatibility matrix, and imposed rule reminder. |
Doc merged; mapping tables validated; rule included. |
| DOCS-EXPORT-37-001 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-37-001, DEVOPS-EXPORT-37-001 | Publish /docs/modules/export-center/mirror-bundles.md describing filesystem/OCI layouts, delta/encryption, import guide, ending with imposed rule. |
Doc merged; diagrams provided; verification steps tested; rule stated. |
| DOCS-EXPORT-37-002 | DONE (2025-10-29) | Docs Guild | EXPORT-SVC-35-005, EXPORT-SVC-37-002 | Publish /docs/modules/export-center/provenance-and-signing.md detailing manifests, attestation flow, verification, reiterating imposed rule. |
Doc merged; signature examples validated; rule appended. |
| DOCS-EXPORT-37-003 | DONE (2025-10-29) | Docs Guild | DEVOPS-EXPORT-37-001 | Publish /docs/operations/export-runbook.md covering failures, tuning, capacity planning, with imposed rule reminder. |
Runbook merged; procedures validated; rule included. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-NOTIFY-38-001 | DONE (2025-10-29) | Docs Guild, Notifications Service Guild | NOTIFY-SVC-38-001..004 | Publish /docs/notifications/overview.md and /docs/notifications/architecture.md, each ending with imposed rule reminder. |
Docs merged; diagrams verified; imposed rule appended. |
| DOCS-NOTIFY-39-002 | DONE (2025-10-29) | Docs Guild, Notifications Service Guild | NOTIFY-SVC-39-001..004 | Publish /docs/notifications/rules.md, /docs/notifications/templates.md, /docs/notifications/digests.md with examples and imposed rule line. |
Docs merged; examples validated; imposed rule appended. |
| ID | Status | Owner(s) | Depends on | Description | Exit Criteria |
|---|---|---|---|---|---|
| DOCS-PACKS-43-001 | DONE (2025-10-27) | Docs Guild, Task Runner Guild | PACKS-REG-42-001, TASKRUN-42-001 | Publish /docs/task-packs/spec.md, /docs/task-packs/authoring-guide.md, /docs/task-packs/registry.md, /docs/task-packs/runbook.md, /docs/security/pack-signing-and-rbac.md, /docs/operations/cli-release-and-packaging.md with imposed rule statements. |
Docs merged; tutorials validated; imposed rule appended; cross-links added. |