stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
7503c19b8ffa7f2891e5e672f9cfbf7efa4e2efb
git.stella-ops.org/docs/README.md
StellaOps Bot 7503c19b8f Add determinism tests for verdict artifact generation and update SHA256 sums script 
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering.
- Created helper methods for generating sample verdict inputs and computing canonical hashes.
- Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics.
- Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
2025-12-24 02:17:34 +02:00

2.1 KiB
Executable File
Raw Blame History

StellaOps Documentation

StellaOps is a deterministic, offline-first container security platform: every verdict links back to concrete evidence (SBOM slices, advisory/VEX observations, reachability proofs, policy explain traces) and can be replayed for audits.

Two Levels of Documentation

  • High-level (canonical): the curated guides in docs/*.md (usually numbered).
  • Detailed (reference): deep dives under docs/** (module dossiers, architecture notes, API contracts/samples, runbooks, schemas). The entry point is docs/technical/README.md.

This documentation set is internal and does not keep compatibility stubs for old paths. Content is consolidated to reduce duplication and outdated pages.

Start Here

Goal Open this
Understand the product in 2 minutes overview.md
Run a first scan (CLI) quickstart.md
Browse capabilities key-features.md
Roadmap (priorities + definition of “done”) 05_ROADMAP.md
Architecture: high-level overview 40_ARCHITECTURE_OVERVIEW.md
Architecture: full reference map 07_HIGH_LEVEL_ARCHITECTURE.md
Offline / air-gap operations 24_OFFLINE_KIT.md
Security deployment hardening 17_SECURITY_HARDENING_GUIDE.md
Console (Web UI) operator guide 15_UI_GUIDE.md
VEX consensus and issuer trust 16_VEX_CONSENSUS_GUIDE.md
Vulnerability Explorer guide 20_VULNERABILITY_EXPLORER_GUIDE.md

Detailed Indexes

  • Technical index (everything): docs/technical/README.md
  • Module dossiers: docs/modules/
  • API contracts and samples: docs/api/
  • Architecture notes / ADRs: docs/architecture/, docs/adr/
  • Operations and deployment: docs/operations/, docs/deploy/, docs/deployment/
  • Air-gap workflows: docs/airgap/
  • Security deep dives: docs/security/
  • Benchmarks and fixtures: docs/benchmarks/, docs/assets/

Notes

  • The product is offline-first: docs and examples should avoid network dependencies and prefer deterministic fixtures.
  • Feature exposure is configuration-driven; module dossiers define authoritative schemas and contracts per component.