Files

master 7b5bdcf4d3 feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules

- Introduced AGENTS.md, README.md, TASKS.md, and implementation_plan.md for Vexer, detailing mission, responsibilities, key components, and operational notes.
- Established similar documentation structure for Vulnerability Explorer and Zastava modules, including their respective workflows, integrations, and observability notes.
- Created risk scoring profiles documentation outlining the core workflow, factor model, governance, and deliverables.
- Ensured all modules adhere to the Aggregation-Only Contract and maintain determinism and provenance in outputs.

2025-10-30 00:09:39 +02:00

70 KiB

Raw Blame History

Docs Guild Task Board (UTC 2025-10-10)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOC7.README-INDEX	DONE (2025-10-17)	Docs Guild	—	Refresh index docs (docs/README.md + root README) after architecture dossier split and Offline Kit overhaul.	✅ ToC reflects new component architecture docs; ✅ root README highlights updated doc set; ✅ Offline Kit guide linked correctly.
DOC4.AUTH-PDG	DONE (2025-10-19)	Docs Guild, Plugin Team	PLG6.DOC	Copy-edit `docs/dev/31_AUTHORITY_PLUGIN_DEVELOPER_GUIDE.md`, export lifecycle diagram, add LDAP RFC cross-link.	✅ PR merged with polish; ✅ Diagram committed; ✅ Slack handoff posted.
DOC1.AUTH	DONE (2025-10-12)	Docs Guild, Authority Core	CORE5B.DOC	Draft `docs/11_AUTHORITY.md` covering architecture, configuration, bootstrap flows.	✅ Architecture + config sections approved by Core; ✅ Samples reference latest options; ✅ Offline note added.
DOC3.Concelier-Authority	DONE (2025-10-12)	Docs Guild, DevEx	FSR4	Polish operator/runbook sections (DOC3/DOC5) to document Concelier authority rollout, bypass logging, and enforcement checklist.	✅ DOC3/DOC5 updated with audit runbook references; ✅ enforcement deadline highlighted; ✅ Docs guild sign-off.
DOC5.Concelier-Runbook	DONE (2025-10-12)	Docs Guild	DOC3.Concelier-Authority	Produce dedicated Concelier authority audit runbook covering log fields, monitoring recommendations, and troubleshooting steps.	✅ Runbook published; ✅ linked from DOC3/DOC5; ✅ alerting guidance included.
FEEDDOCS-DOCS-05-001	DONE (2025-10-11)	Docs Guild	FEEDMERGE-ENGINE-04-001, FEEDMERGE-ENGINE-04-002	Publish Concelier conflict resolution runbook covering precedence workflow, merge-event auditing, and Sprint 3 metrics.	✅ `docs/modules/concelier/operations/conflict-resolution.md` committed; ✅ metrics/log tables align with latest merge code; ✅ Ops alert guidance handed to Concelier team.
FEEDDOCS-DOCS-05-002	DONE (2025-10-16)	Docs Guild, Concelier Ops	FEEDDOCS-DOCS-05-001	Ops sign-off captured: conflict runbook circulated, alert thresholds tuned, and rollout decisions documented in change log.	✅ Ops review recorded; ✅ alert thresholds finalised using `docs/modules/concelier/operations/authority-audit-runbook.md`; ✅ change-log entry linked from runbook once GHSA/NVD/OSV regression fixtures land.
DOCS-ADR-09-001	DONE (2025-10-19)	Docs Guild, DevEx	—	Establish ADR process (`docs/adr/0000-template.md`) and document usage guidelines.	Template published; README snippet linking ADR process; announcement posted (`docs/updates/2025-10-18-docs-guild.md`).
DOCS-EVENTS-09-002	DONE (2025-10-19)	Docs Guild, Platform Events	SCANNER-EVENTS-15-201	Publish event schema catalog (`docs/events/`) for `scanner.report.ready@1`, `scheduler.rescan.delta@1`, `attestor.logged@1`.	Schemas validated (Ajv CI hooked); docs/events/README summarises usage; Platform Events notified via `docs/updates/2025-10-18-docs-guild.md`.
DOCS-EVENTS-09-003	DONE (2025-10-19)	Docs Guild	DOCS-EVENTS-09-002	Add human-readable envelope field references and canonical payload samples for published events, including offline validation workflow.	Tables explain common headers/payload segments; versioned sample payloads committed; README links to validation instructions and samples.
DOCS-EVENTS-09-004	DONE (2025-10-19)	Docs Guild, Scanner WebService	SCANNER-EVENTS-15-201	Refresh scanner event docs to mirror DSSE-backed report fields, document `scanner.scan.completed`, and capture canonical sample validation.	Schemas updated for new payload shape; README references DSSE reuse and validation test; samples align with emitted events.
PLATFORM-EVENTS-09-401	DONE (2025-10-21)	Platform Events Guild	DOCS-EVENTS-09-003	Embed canonical event samples into contract/integration tests and ensure CI validates payloads against published schemas.	Notify models tests now run schema validation against `docs/events/*.json`, event schemas allow optional `attributes`, and docs capture the new validation workflow.
RUNTIME-GUILD-09-402	DONE (2025-10-19)	Runtime Guild	SCANNER-POLICY-09-107	Confirm Scanner WebService surfaces `quietedFindingCount` and progress hints to runtime consumers; document readiness checklist.	Runtime verification run captures enriched payload; checklist/doc updates merged; stakeholders acknowledge availability.
DOCS-CONCELIER-07-201	DONE (2025-10-22)	Docs Guild, Concelier WebService	FEEDWEB-DOCS-01-001	Final editorial review and publish pass for Concelier authority toggle documentation (Quickstart + operator guide).	Review feedback resolved, publish PR merged, release notes updated with documentation pointer.
DOCS-RUNTIME-17-004	DONE (2025-10-26)	Docs Guild, Runtime Guild	SCANNER-EMIT-17-701, ZASTAVA-OBS-17-005, DEVOPS-REL-17-002	Document build-id workflows: SBOM exposure, runtime event payloads (`process.buildId`), Scanner `/policy/runtime` response (`buildIds` list), debug-store layout, and operator guidance for symbol retrieval.	Architecture + operator docs updated with build-id sections (Observer, Scanner, CLI), examples show `readelf` output + debuginfod usage, references linked from Offline Kit/Release guides + CLI help.
DOCS-OBS-50-001	BLOCKED (2025-10-26)	Docs Guild, Observability Guild	TELEMETRY-OBS-50-001	Publish `/docs/observability/overview.md` introducing scope, imposed rule banner, architecture diagram, and tenant guarantees.	Doc merged with imposed rule banner; diagram committed; cross-links to telemetry stack + evidence locker docs.

Blocked: waiting on telemetry core deliverable (TELEMETRY-OBS-50-001) to finalise architecture details and diagrams. | DOCS-OBS-50-002 | TODO | Docs Guild, Security Guild | TELEMETRY-OBS-50-002 | Author /docs/observability/telemetry-standards.md detailing common fields, scrubbing policy, sampling defaults, and redaction override procedure. | Doc merged; imposed rule banner present; examples validated with telemetry fixtures; security review sign-off captured. | | DOCS-OBS-50-003 | TODO | Docs Guild, Observability Guild | TELEMETRY-OBS-50-001 | Create /docs/observability/logging.md covering structured log schema, dos/don'ts, tenant isolation, and copyable examples. | Doc merged with banner; sample logs redacted; lint passes; linked from coding standards. | | DOCS-OBS-50-004 | TODO | Docs Guild, Observability Guild | TELEMETRY-OBS-50-002 | Draft /docs/observability/tracing.md explaining context propagation, async linking, CLI header usage, and sampling strategies. | Doc merged; imposed rule banner included; diagrams updated; references to CLI/Console features added. | | DOCS-OBS-51-001 | TODO | Docs Guild, DevOps Guild | WEB-OBS-51-001, DEVOPS-OBS-51-001 | Publish /docs/observability/metrics-and-slos.md cataloging metrics, SLO targets, burn rate policies, and alert runbooks. | Doc merged with banner; SLO tables verified; alert workflows linked to incident runbook. | | DOCS-SEC-OBS-50-001 | TODO | Docs Guild, Security Guild | TELEMETRY-OBS-51-002 | Update /docs/security/redaction-and-privacy.md to cover telemetry privacy controls, tenant opt-in debug, and imposed rule reminder. | Doc merged; redaction matrix updated; banner present; security sign-off recorded. | | DOCS-INSTALL-50-001 | TODO | Docs Guild, DevOps Guild | DEVOPS-OBS-50-003 | Add /docs/install/telemetry-stack.md with collector deployment, exporter options, offline kit notes, and imposed rule banner. | Doc merged; install steps verified on air-gapped profile; banner present; screenshots attached. | | DOCS-FORENSICS-53-001 | TODO | Docs Guild, Evidence Locker Guild | EVID-OBS-53-003 | Publish /docs/forensics/evidence-locker.md describing bundle formats, WORM options, retention, legal hold, and imposed rule banner. | Doc merged; manifest examples validated; banner present; legal hold steps aligned with API. | | DOCS-FORENSICS-53-002 | TODO | Docs Guild, Provenance Guild | PROV-OBS-54-001 | Release /docs/forensics/provenance-attestation.md covering DSSE schema, signing process, verification workflow, and imposed rule banner. | Doc merged; sample statements reference fixtures; banner included; verification steps tested. | | DOCS-FORENSICS-53-003 | TODO | Docs Guild, Timeline Indexer Guild | TIMELINE-OBS-52-003 | Publish /docs/forensics/timeline.md with schema, event kinds, filters, query examples, and imposed rule banner. | Doc merged; query examples validated; banner present; linked from Console/CLI docs. | | DOCS-CONSOLE-OBS-52-001 | TODO | Docs Guild, Console Guild | CONSOLE-OBS-51-001 | Document /docs/console/observability.md showcasing Observability Hub widgets, trace/log search, imposed rule banner, and accessibility tips. | Doc merged; screenshots updated; banner present; navigation steps verified. | | DOCS-CONSOLE-OBS-52-002 | TODO | Docs Guild, Console Guild | CONSOLE-OBS-52-002, CONSOLE-OBS-53-001 | Publish /docs/console/forensics.md covering timeline explorer, evidence viewer, attestation verifier, imposed rule banner, and troubleshooting. | Doc merged; banner included; workflows validated via Playwright capture; troubleshooting section populated. | | DOCS-CLI-OBS-52-001 | TODO | Docs Guild, DevEx/CLI Guild | CLI-OBS-52-001 | Create /docs/modules/cli/guides/observability.md detailing stella obs commands, examples, exit codes, imposed rule banner, and scripting tips. | Doc merged; examples tested; banner included; CLI parity matrix updated. | | DOCS-CLI-FORENSICS-53-001 | TODO | Docs Guild, DevEx/CLI Guild | CLI-FORENSICS-54-001 | Publish /docs/modules/cli/guides/forensics.md for snapshot/verify/attest commands with sample outputs, imposed rule banner, and offline workflows. | Doc merged; sample bundles verified; banner present; offline notes cross-linked. | | DOCS-RUNBOOK-55-001 | TODO | Docs Guild, Ops Guild | DEVOPS-OBS-55-001, WEB-OBS-55-001 | Author /docs/runbooks/incidents.md describing incident mode activation, escalation steps, retention impact, verification checklist, and imposed rule banner. | Doc merged; runbook rehearsed; banner included; linked from alerts. | | DOCS-AOC-19-001 | DONE (2025-10-26) | Docs Guild, Concelier Guild | CONCELIER-WEB-AOC-19-001, EXCITITOR-WEB-AOC-19-001 | Author /docs/ingestion/aggregation-only-contract.md covering philosophy, invariants, schemas, error codes, migration, observability, and security checklist. | New doc published with compliance checklist; cross-links from existing docs added. | | DOCS-AOC-19-002 | DONE (2025-10-26) | Docs Guild, Architecture Guild | DOCS-AOC-19-001 | Update /docs/modules/platform/architecture-overview.md to include AOC boundary, raw stores, and sequence diagram (fetch → guard → raw insert → policy evaluation). | Overview doc updated with diagrams/text; lint passes; stakeholders sign off. | | DOCS-AOC-19-003 | DONE (2025-10-26) | Docs Guild, Policy Guild | POLICY-AOC-19-003 | Refresh /docs/modules/policy/architecture.md clarifying ingestion boundary, raw inputs, and policy-only derived data. | Doc highlights raw-only ingestion contract, updated diagrams merge, compliance checklist added. | | DOCS-AOC-19-004 | DONE (2025-10-26) | Docs Guild, UI Guild | UI-AOC-19-001 | Extend /docs/ui/console.md with Sources dashboard tiles, violation drill-down workflow, and verification action. | UI doc updated with screenshots/flow descriptions, compliance checklist appended. | DOCS-AOC-19-004: Architecture overview & policy-engine updates landed 2025-10-26; incorporate the new AOC boundary diagrams and metrics references. | DOCS-AOC-19-005 | DONE (2025-10-26) | Docs Guild, CLI Guild | CLI-AOC-19-003 | Update /docs/modules/cli/guides/cli-reference.md with stella sources ingest --dry-run and stella aoc verify usage, exit codes, and offline notes. | CLI reference + quickstart sections updated; examples validated; compliance checklist added. | DOCS-AOC-19-005: New ingestion reference + architecture overview published 2025-10-26; ensure CLI docs link to both and surface AOC exit codes mapping. | DOCS-AOC-19-006 | DONE (2025-10-26) | Docs Guild, Observability Guild | CONCELIER-WEB-AOC-19-002, EXCITITOR-WEB-AOC-19-002 | Document new metrics/traces/log keys in /docs/observability/observability.md. | Observability doc lists new metrics/traces/log fields; dashboards referenced; compliance checklist appended. | | DOCS-AOC-19-007 | DONE (2025-10-26) | Docs Guild, Authority Core | AUTH-AOC-19-001 | Update /docs/security/authority-scopes.md with new ingestion scopes and tenancy enforcement notes. | Doc reflects new scopes, sample policies updated, compliance checklist added. | | DOCS-AOC-19-008 | DONE (2025-10-26) | Docs Guild, DevOps Guild | DEVOPS-AOC-19-002 | Refresh /docs/deploy/containers.md to cover validator enablement, guard env flags, and read-only verify user. | Deploy doc updated; offline kit section mentions validator scripts; compliance checklist appended. | | DOCS-AOC-19-009 | DONE (2025-10-26) | Docs Guild, Authority Core | AUTH-AOC-19-001 | Update AOC docs/samples to reflect new advisory:*, vex:*, and aoc:verify scopes. | Docs reference new scopes, samples aligned, compliance checklist updated. |

Air-Gapped Mode (Epic 16)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-AIRGAP-56-001	TODO	Docs Guild, AirGap Controller Guild	AIRGAP-CTL-56-002	Publish `/docs/airgap/overview.md` outlining modes, lifecycle, responsibilities, and imposed rule banner.	Doc merged; banner present; diagrams included.
DOCS-AIRGAP-56-002	TODO	Docs Guild, DevOps Guild	DEVOPS-AIRGAP-56-001	Author `/docs/airgap/sealing-and-egress.md` covering network policies, EgressPolicy facade usage, and verification steps.	Doc merged; examples validated; banner included.
DOCS-AIRGAP-56-003	TODO	Docs Guild, Exporter Guild	EXPORT-AIRGAP-56-001	Create `/docs/airgap/mirror-bundles.md` describing bundle format, DSSE/TUF/Merkle validation, creation/import workflows.	Doc merged; sample commands verified; banner present.
DOCS-AIRGAP-56-004	TODO	Docs Guild, Deployment Guild	DEVOPS-AIRGAP-56-003	Publish `/docs/airgap/bootstrap.md` detailing Bootstrap Pack creation, validation, and install procedures.	Doc merged; checklist appended; screenshots verified.
DOCS-AIRGAP-57-001	TODO	Docs Guild, AirGap Time Guild	AIRGAP-TIME-58-001	Write `/docs/airgap/staleness-and-time.md` explaining time anchors, drift policies, staleness budgets, and UI indicators.	Doc merged; math checked; banner included.
DOCS-AIRGAP-57-002	TODO	Docs Guild, Console Guild	CONSOLE-AIRGAP-57-001	Publish `/docs/console/airgap.md` covering sealed badge, import wizard, staleness dashboards.	Doc merged; screenshots captured; banner present.
DOCS-AIRGAP-57-003	TODO	Docs Guild, CLI Guild	CLI-AIRGAP-57-001	Publish `/docs/modules/cli/guides/airgap.md` documenting commands, examples, exit codes.	Doc merged; examples validated; banner present.
DOCS-AIRGAP-57-004	TODO	Docs Guild, Ops Guild	DEVOPS-AIRGAP-56-002	Create `/docs/airgap/operations.md` with runbooks for imports, failure recovery, and auditing.	Doc merged; runbooks rehearsed; banner included.
DOCS-AIRGAP-58-001	TODO	Docs Guild, Product Guild	CONSOLE-AIRGAP-58-002	Provide `/docs/airgap/degradation-matrix.md` enumerating feature availability, fallbacks, remediation.	Doc merged; matrix reviewed; banner included.
DOCS-AIRGAP-58-002	TODO	Docs Guild, Security Guild	PROV-OBS-54-001	Update `/docs/security/trust-and-signing.md` with DSSE/TUF roots, rotation, and signed time tokens.	Doc merged; security sign-off recorded; banner present.
DOCS-AIRGAP-58-003	TODO	Docs Guild, DevEx Guild	AIRGAP-POL-56-001	Publish `/docs/dev/airgap-contracts.md` describing EgressPolicy usage, sealed-mode tests, linting.	Doc merged; sample code validated; banner included.
DOCS-AIRGAP-58-004	TODO	Docs Guild, Evidence Locker Guild	EVID-OBS-55-001	Document `/docs/airgap/portable-evidence.md` for exporting/importing portable evidence bundles across enclaves.	Doc merged; verification steps tested; banner present.

SDKs & OpenAPI (Epic 17)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-OAS-61-001	TODO	Docs Guild, API Contracts Guild	OAS-61-002	Publish `/docs/api/overview.md` covering auth, tenancy, pagination, idempotency, rate limits with banner.	Doc merged; examples validated; banner present.
DOCS-OAS-61-002	TODO	Docs Guild, API Governance Guild	APIGOV-61-001	Author `/docs/api/conventions.md` capturing naming, errors, filters, sorting, examples.	Doc merged; lint passes; banner included.
DOCS-OAS-61-003	TODO	Docs Guild, API Governance Guild	APIGOV-63-001	Publish `/docs/api/versioning.md` describing SemVer, deprecation headers, migration playbooks.	Doc merged; example headers validated; banner present.
DOCS-OAS-62-001	TODO	Docs Guild, Developer Portal Guild	DEVPORT-62-002	Stand up `/docs/api/reference/` auto-generated site; integrate with portal nav.	Reference site builds; search works; banner included.
DOCS-SDK-62-001	TODO	Docs Guild, SDK Generator Guild	SDKGEN-63-001	Publish `/docs/sdks/overview.md` plus language guides (`typescript.md`, `python.md`, `go.md`, `java.md`).	Docs merged; code samples pulled from tested examples; banner present.
DOCS-DEVPORT-62-001	TODO	Docs Guild, Developer Portal Guild	DEVPORT-62-001	Document `/docs/devportal/publishing.md` for build pipeline, offline bundle steps.	Doc merged; cross-links validated; banner included.
DOCS-CONTRIB-62-001	TODO	Docs Guild, API Governance Guild	APIGOV-61-001	Publish `/docs/contributing/api-contracts.md` detailing how to edit OAS, lint rules, compatibility checks.	Doc merged; banner present; examples validated.
DOCS-TEST-62-001	TODO	Docs Guild, Contract Testing Guild	CONTR-62-001	Author `/docs/testing/contract-testing.md` covering mock server, replay tests, golden fixtures.	Doc merged; references to tooling validated; banner present.
DOCS-SEC-62-001	TODO	Docs Guild, Authority Core	AUTH-AIRGAP-56-001	Update `/docs/security/auth-scopes.md` with OAuth2/PAT scopes, tenancy header usage.	Doc merged; scope tables verified; banner included.
DOCS-AIRGAP-DEVPORT-64-001	TODO	Docs Guild, DevPortal Offline Guild	DVOFF-64-001	Create `/docs/airgap/devportal-offline.md` describing offline bundle usage and verification.	Doc merged; verification steps tested; banner present.

Risk Profiles (Epic 18)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-RISK-66-001	TODO	Docs Guild, Risk Profile Schema Guild	POLICY-RISK-66-001	Publish `/docs/risk/overview.md` covering concepts and glossary.	Doc merged with banner; terminology reviewed.
DOCS-RISK-66-002	TODO	Docs Guild, Policy Guild	POLICY-RISK-66-003	Author `/docs/risk/profiles.md` (authoring, versioning, scope).	Doc merged; schema examples validated; banner present.
DOCS-RISK-66-003	TODO	Docs Guild, Risk Engine Guild	RISK-ENGINE-67-001	Publish `/docs/risk/factors.md` cataloging signals, transforms, reducers, TTLs.	Document merged; tables verified; banner included.
DOCS-RISK-66-004	TODO	Docs Guild, Risk Engine Guild	RISK-ENGINE-66-002	Create `/docs/risk/formulas.md` detailing math, normalization, gating, severity.	Doc merged; equations rendered; banner present.
DOCS-RISK-67-001	TODO	Docs Guild, Risk Engine Guild	RISK-ENGINE-68-001	Publish `/docs/risk/explainability.md` showing artifact schema and UI screenshots.	Doc merged; CLI examples validated; banner included.
DOCS-RISK-67-002	TODO	Docs Guild, API Guild	POLICY-RISK-67-002	Produce `/docs/risk/api.md` with endpoint reference/examples.	Doc merged; OAS examples synced; banner present.
DOCS-RISK-67-003	TODO	Docs Guild, Console Guild	CONSOLE-RISK-66-001	Document `/docs/console/risk-ui.md` for authoring, simulation, dashboards.	Doc merged; screenshots updated; banner included.
DOCS-RISK-67-004	TODO	Docs Guild, CLI Guild	CLI-RISK-66-001	Publish `/docs/modules/cli/guides/risk.md` covering CLI workflows.	Doc merged; command examples validated; banner present.
DOCS-RISK-68-001	TODO	Docs Guild, Export Guild	RISK-BUNDLE-69-001	Add `/docs/airgap/risk-bundles.md` for offline factor bundles.	Doc merged; verification steps confirmed; banner included.
DOCS-RISK-68-002	TODO	Docs Guild, Security Guild	POLICY-RISK-66-003	Update `/docs/security/aoc-invariants.md` with risk scoring provenance guarantees.	Doc merged; audit references updated; banner present.

Attestor Console (Epic 19)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-ATTEST-73-001	TODO	Docs Guild, Attestor Service Guild	ATTEST-TYPES-73-001	Publish `/docs/modules/attestor/overview.md` with imposed rule banner.	Doc merged; terminology validated.
DOCS-ATTEST-73-002	TODO	Docs Guild, Attestation Payloads Guild	ATTEST-TYPES-73-002	Write `/docs/modules/attestor/payloads.md` with schemas/examples.	Doc merged; examples validated via tests.
DOCS-ATTEST-73-003	TODO	Docs Guild, Policy Guild	POLICY-ATTEST-73-002	Publish `/docs/modules/attestor/policies.md` covering verification policies.	Doc merged; policy examples validated.
DOCS-ATTEST-73-004	TODO	Docs Guild, Attestor Service Guild	ATTESTOR-73-002	Add `/docs/modules/attestor/workflows.md` detailing ingest, verify, bulk operations.	Doc merged; workflows tested.
DOCS-ATTEST-74-001	TODO	Docs Guild, KMS Guild	KMS-73-001	Publish `/docs/modules/attestor/keys-and-issuers.md`.	Doc merged; rotation guidance verified.
DOCS-ATTEST-74-002	TODO	Docs Guild, Transparency Guild	TRANSP-74-001	Document `/docs/modules/attestor/transparency.md` with witness usage/offline validation.	Doc merged; proofs validated.
DOCS-ATTEST-74-003	TODO	Docs Guild, Attestor Console Guild	CONSOLE-ATTEST-73-001	Write `/docs/console/attestor-ui.md` with screenshots/workflows.	Doc merged; screenshots captured; banner present.
DOCS-ATTEST-74-004	TODO	Docs Guild, CLI Attestor Guild	CLI-ATTEST-73-001	Publish `/docs/modules/cli/guides/attest.md` covering CLI usage.	Doc merged; commands validated.
DOCS-ATTEST-75-001	TODO	Docs Guild, Export Attestation Guild	EXPORT-ATTEST-75-002	Add `/docs/modules/attestor/airgap.md` for attestation bundles.	Doc merged; verification steps confirmed.
DOCS-ATTEST-75-002	TODO	Docs Guild, Security Guild	ATTESTOR-73-002	Update `/docs/security/aoc-invariants.md` with attestation invariants.	Doc merged; invariants detailed.

Policy Engine v2

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-POLICY-20-001	DONE (2025-10-26)	Docs Guild, Policy Guild	POLICY-ENGINE-20-000	Author `/docs/policy/overview.md` covering concepts, inputs/outputs, determinism, and compliance checklist.	Doc published with diagrams + glossary; lint passes; checklist included.
DOCS-POLICY-20-002	DONE (2025-10-26)	Docs Guild, Policy Guild	POLICY-ENGINE-20-001	Write `/docs/policy/dsl.md` with grammar, built-ins, examples, anti-patterns.	DSL doc includes grammar tables, examples, compliance checklist; validated against parser tests.
DOCS-POLICY-20-003	DONE (2025-10-26)	Docs Guild, Authority Core	AUTH-POLICY-20-001	Publish `/docs/policy/lifecycle.md` describing draft→approve workflow, roles, audit, compliance list.	Lifecycle doc linked from UI/CLI help; approvals roles documented; checklist appended.
DOCS-POLICY-20-004	DONE (2025-10-26)	Docs Guild, Scheduler Guild	SCHED-MODELS-20-001	Create `/docs/policy/runs.md` detailing run modes, incremental mechanics, cursors, replay.	Run doc includes sequence diagrams + compliance checklist; cross-links to scheduler docs.
DOCS-POLICY-20-005	DONE (2025-10-26)	Docs Guild, BE-Base Platform Guild	WEB-POLICY-20-001	Draft `/docs/api/policy.md` describing endpoints, schemas, error codes.	API doc validated against OpenAPI; examples included; checklist appended.
DOCS-POLICY-20-006	DONE (2025-10-26)	Docs Guild, DevEx/CLI Guild	CLI-POLICY-20-002	Produce `/docs/modules/cli/guides/policy.md` with command usage, exit codes, JSON output contracts.	CLI doc includes examples, exit codes, compliance checklist.
DOCS-POLICY-20-007	DONE (2025-10-26)	Docs Guild, UI Guild	UI-POLICY-20-001	Document `/docs/ui/policy-editor.md` covering editor, simulation, diff workflows, approvals.	UI doc includes screenshots/placeholders, accessibility notes, compliance checklist.
DOCS-POLICY-20-008	DONE (2025-10-26)	Docs Guild, Architecture Guild	POLICY-ENGINE-20-003	Write `/docs/modules/policy/architecture.md` (new epic content) with sequence diagrams, selection strategy, schema.	Architecture doc merged with diagrams; compliance checklist appended; references updated.
DOCS-POLICY-20-009	DONE (2025-10-26)	Docs Guild, Observability Guild	POLICY-ENGINE-20-007	Add `/docs/observability/policy.md` for metrics/traces/logs, sample dashboards.	Observability doc includes metrics tables, dashboard screenshots, checklist.
DOCS-POLICY-20-010	DONE (2025-10-26)	Docs Guild, Security Guild	AUTH-POLICY-20-002	Publish `/docs/security/policy-governance.md` covering scopes, approvals, tenancy, least privilege.	Security doc merged; compliance checklist appended; reviewed by Security Guild.
DOCS-POLICY-20-011	DONE (2025-10-26)	Docs Guild, Policy Guild	POLICY-ENGINE-20-001	Populate `/docs/examples/policies/` with baseline/serverless/internal-only samples and commentary.	Example policies committed with explanations; lint passes; compliance checklist per file.
DOCS-POLICY-20-012	DONE (2025-10-26)	Docs Guild, Support Guild	WEB-POLICY-20-003	Draft `/docs/faq/policy-faq.md` addressing common pitfalls, VEX conflicts, determinism issues.	FAQ published with Q/A entries, cross-links, compliance checklist.

Graph Explorer v1

ID	Status	Owner(s)	Depends on	Description	Exit Criteria

Link-Not-Merge v1

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-LNM-22-001	BLOCKED (2025-10-27)	Docs Guild, Concelier Guild	CONCELIER-LNM-21-001..003	Author `/docs/advisories/aggregation.md` covering observation vs linkset, conflict handling, AOC requirements, and reviewer checklist.	Draft doc merged with examples + checklist; final sign-off blocked until Concelier schema/API tasks land.

Blocker (2025-10-27): CONCELIER-LNM-21-001..003 still TODO; update doc + fixtures once schema/API implementations are available. | DOCS-LNM-22-002 | BLOCKED (2025-10-27) | Docs Guild, Excititor Guild | EXCITITOR-LNM-21-001..003 | Publish /docs/vex/aggregation.md describing VEX observation/linkset model, product matching, conflicts. | Draft doc merged with fixtures; final approval blocked until Excititor observation/linkset work ships. | Blocker (2025-10-27): EXCITITOR-LNM-21-001..003 remain TODO; refresh doc, fixtures, and examples post-implementation. | DOCS-LNM-22-003 | BLOCKED (2025-10-27) | Docs Guild, BE-Base Platform Guild | WEB-LNM-21-001..003 | Update /docs/api/advisories.md and /docs/api/vex.md for new endpoints, parameters, errors, exports. | Draft pending gateway/API delivery; unblock once endpoints + OpenAPI specs are available. | Blocker (2025-10-27): WEB-LNM-21-001..003 all TODO—no gateway endpoints/OpenAPI to document yet. | DOCS-LNM-22-004 | TODO | Docs Guild, Policy Guild | POLICY-ENGINE-40-001 | Create /docs/policy/effective-severity.md detailing severity selection strategies from multiple sources. | Doc merged with policy examples; checklist included. | | DOCS-LNM-22-005 | BLOCKED (2025-10-27) | Docs Guild, UI Guild | UI-LNM-22-001..003 | Document /docs/ui/evidence-panel.md with screenshots, conflict badges, accessibility guidance. | Awaiting UI implementation to capture screenshots + flows; unblock once Evidence panel ships. | Blocker (2025-10-27): UI-LNM-22-001..003 all TODO; documentation requires final UI states and accessibility audit artifacts.

StellaOps Console (Sprint 23)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-CONSOLE-23-001	DONE (2025-10-26)	Docs Guild, Console Guild	CONSOLE-CORE-23-004	Publish `/docs/ui/console-overview.md` covering IA, tenant model, global filters, and AOC alignment with compliance checklist.	Doc merged with diagrams + overview tables; checklist appended; Console Guild sign-off.
DOCS-CONSOLE-23-002	DONE (2025-10-26)	Docs Guild, Console Guild	DOCS-CONSOLE-23-001	Author `/docs/ui/navigation.md` detailing routes, breadcrumbs, keyboard shortcuts, deep links, and tenant context switching.	Navigation doc merged with shortcut tables and screenshots; accessibility checklist satisfied.
DOCS-CONSOLE-23-003	DONE (2025-10-26)	Docs Guild, SBOM Service Guild, Console Guild	SBOM-CONSOLE-23-001, CONSOLE-FEAT-23-102	Document `/docs/ui/sbom-explorer.md` (catalog, detail, graph overlays, exports) including compliance checklist and performance tips.	Doc merged with annotated screenshots, export instructions, and overlay examples; checklist appended.
DOCS-CONSOLE-23-004	DONE (2025-10-26)	Docs Guild, Concelier Guild, Excititor Guild	CONCELIER-CONSOLE-23-001, EXCITITOR-CONSOLE-23-001	Produce `/docs/ui/advisories-and-vex.md` explaining aggregation-not-merge, conflict indicators, raw viewers, and provenance banners.	Doc merged; raw JSON examples included; compliance checklist complete.
DOCS-CONSOLE-23-005	DONE (2025-10-26)	Docs Guild, Policy Guild	POLICY-CONSOLE-23-001, CONSOLE-FEAT-23-104	Write `/docs/ui/findings.md` describing filters, saved views, explain drawer, exports, and CLI parity callouts.	Doc merged with filter matrix + explain walkthrough; checklist appended.
DOCS-CONSOLE-23-006	DONE (2025-10-26)	Docs Guild, Policy Guild, Product Ops	POLICY-CONSOLE-23-002, CONSOLE-FEAT-23-105	Publish `/docs/ui/policies.md` with editor, simulation, approvals, compliance checklist, and RBAC mapping.	Doc merged; Monaco screenshots + simulation diff examples included; approval flow described; checklist appended.
DOCS-CONSOLE-23-007	DONE (2025-10-26)	Docs Guild, Scheduler Guild	SCHED-CONSOLE-23-001, CONSOLE-FEAT-23-106	Document `/docs/ui/runs.md` covering queues, live progress, diffs, retries, evidence downloads, and troubleshooting.	Doc merged with SSE troubleshooting, metrics references, compliance checklist.
DOCS-CONSOLE-23-008	DONE (2025-10-26)	Docs Guild, Authority Guild	AUTH-CONSOLE-23-002, CONSOLE-FEAT-23-108	Draft `/docs/ui/admin.md` describing users/roles, tenants, tokens, integrations, fresh-auth prompts, and RBAC mapping.	Doc merged with tables for scopes vs roles, screenshots, compliance checklist.
DOCS-CONSOLE-23-009	DONE (2025-10-27)	Docs Guild, DevOps Guild	DOWNLOADS-CONSOLE-23-001, CONSOLE-FEAT-23-109	Publish `/docs/ui/downloads.md` listing product images, commands, offline instructions, parity with CLI, and compliance checklist.	Doc merged; manifest sample included; copy-to-clipboard guidance documented; checklist complete.
DOCS-CONSOLE-23-010	DONE (2025-10-27)	Docs Guild, Deployment Guild, Console Guild	DEVOPS-CONSOLE-23-002, CONSOLE-REL-23-301	Write `/docs/deploy/console.md` (Helm, ingress, TLS, CSP, env vars, health checks) with compliance checklist.	Deploy doc merged; templates validated; CSP guidance included; checklist appended.
DOCS-CONSOLE-23-011	DONE (2025-10-28)	Docs Guild, Deployment Guild	DOCS-CONSOLE-23-010	Update `/docs/install/docker.md` to cover Console image, Compose/Helm usage, offline tarballs, parity with CLI.	Doc updated with new sections; commands validated; compliance checklist appended.
DOCS-CONSOLE-23-012	DONE (2025-10-28)	Docs Guild, Security Guild	AUTH-CONSOLE-23-003, WEB-CONSOLE-23-002	Publish `/docs/security/console-security.md` detailing OIDC flows, scopes, CSP, fresh-auth, evidence handling, and compliance checklist.	Security doc merged; threat model notes included; checklist appended.
DOCS-CONSOLE-23-013	DONE (2025-10-28)	Docs Guild, Observability Guild	TELEMETRY-CONSOLE-23-001, CONSOLE-QA-23-403	Write `/docs/observability/ui-telemetry.md` cataloguing metrics/logs/traces, dashboards, alerts, and feature flags.	Doc merged with instrumentation tables, dashboard screenshots, checklist appended.
DOCS-CONSOLE-23-014	DONE (2025-10-28)	Docs Guild, Console Guild, CLI Guild	CONSOLE-DOC-23-502	Maintain `/docs/cli-vs-ui-parity.md` matrix and integrate CI check guidance.	Matrix published with parity status, CI workflow documented, compliance checklist appended.

2025-10-28: Install Docker guide references pending CLI commands (stella downloads manifest, stella downloads mirror, stella console status). Update once CLI parity lands. | DOCS-CONSOLE-23-015 | DONE (2025-10-27) | Docs Guild, Architecture Guild | CONSOLE-CORE-23-001, WEB-CONSOLE-23-001 | Produce /docs/modules/ui/console-architecture.md describing frontend packages, data flow diagrams, SSE design, performance budgets. | Architecture doc merged with diagrams + compliance checklist; reviewers approve. | | DOCS-CONSOLE-23-016 | DONE (2025-10-28) | Docs Guild, Accessibility Guild | CONSOLE-QA-23-402, CONSOLE-FEAT-23-102 | Refresh /docs/accessibility.md with Console-specific keyboard flows, color tokens, testing tools, and compliance checklist updates. | Accessibility doc updated; audits referenced; checklist appended. | 2025-10-28: Added guide covering keyboard matrix, screen reader behaviour, colour/focus tokens, testing workflow, offline guidance, and compliance checklist. | DOCS-CONSOLE-23-017 | DONE (2025-10-27) | Docs Guild, Console Guild | CONSOLE-FEAT-23-101..109 | Create /docs/examples/ui-tours.md providing triage, audit, policy rollout walkthroughs with annotated screenshots and GIFs. | UI tours doc merged; capture instructions + asset placeholders committed; compliance checklist appended. | | DOCS-CONSOLE-23-018 | DONE (2025-10-27) | Docs Guild, Security Guild | DOCS-CONSOLE-23-012 | Execute console security compliance checklist and capture Security Guild sign-off in Sprint 23 log. | Checklist completed; findings addressed or tickets filed; sign-off noted in updates file. | | DOCS-LNM-22-006 | DONE (2025-10-27) | Docs Guild, Architecture Guild | CONCELIER-LNM-21-001..005, EXCITITOR-LNM-21-001..005 | Refresh /docs/modules/concelier/architecture.md and /docs/modules/excititor/architecture.md describing observation/linkset pipelines and event contracts. | Architecture docs updated with observation/linkset flow + event tables; revisit once service implementations land. | Follow-up: align diagrams/examples after CONCELIER-LNM-21 & EXCITITOR-LNM-21 work merges (currently TODO). | DOCS-LNM-22-007 | TODO | Docs Guild, Observability Guild | CONCELIER-LNM-21-005, EXCITITOR-LNM-21-005, DEVOPS-LNM-22-002 | Publish /docs/observability/aggregation.md with metrics/traces/logs/SLOs. | Observability doc merged; dashboards referenced; checklist appended. | | DOCS-LNM-22-008 | TODO | Docs Guild, DevOps Guild | MERGE-LNM-21-001, CONCELIER-LNM-21-102 | Write /docs/migration/no-merge.md describing migration plan, backfill steps, rollback, feature flags. | Migration doc approved by stakeholders; checklist appended. |

Policy Engine + Editor v1

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-POLICY-23-001	TODO	Docs Guild, Policy Guild	POLICY-SPL-23-001..003	Author `/docs/policy/overview.md` describing SPL philosophy, layering, and glossary with reviewer checklist.	Doc merged; lint passes; checklist appended.
DOCS-POLICY-23-002	TODO	Docs Guild, Policy Guild	POLICY-SPL-23-001	Write `/docs/policy/spl-v1.md` (language reference, JSON Schema, examples).	Reference published with schema snippets; checklist completed.
DOCS-POLICY-23-003	TODO	Docs Guild, Policy Guild	POLICY-ENGINE-50-001..004	Produce `/docs/policy/runtime.md` covering compiler, evaluator, caching, events, SLOs.	Runtime doc merged with diagrams; observability references included.
DOCS-POLICY-23-004	TODO	Docs Guild, UI Guild	UI-POLICY-23-001..006	Document `/docs/policy/editor.md` (UI walkthrough, validation, simulation, approvals).	Editor doc merged with screenshots; accessibility checklist satisfied.
DOCS-POLICY-23-005	TODO	Docs Guild, Security Guild	AUTH-POLICY-23-001..002	Publish `/docs/policy/governance.md` (roles, scopes, approvals, signing, exceptions).	Governance doc merged; checklist appended.
DOCS-POLICY-23-006	TODO	Docs Guild, BE-Base Platform Guild	WEB-POLICY-23-001..004	Update `/docs/api/policy.md` with new endpoints, schemas, errors, pagination.	API doc aligns with OpenAPI; examples validated; checklist included.
DOCS-POLICY-23-007	TODO	Docs Guild, DevEx/CLI Guild	CLI-POLICY-23-004..006	Update `/docs/modules/cli/guides/policy.md` for lint/simulate/activate/history commands, exit codes.	CLI doc updated; samples verified; checklist appended.
DOCS-POLICY-23-008	TODO	Docs Guild, Architecture Guild	POLICY-ENGINE-50-005..006	Refresh `/docs/modules/policy/architecture.md` with data model, sequence diagrams, event flows.	Architecture doc merged with diagrams; checklist appended.
DOCS-POLICY-23-009	TODO	Docs Guild, DevOps Guild	MERGE-LNM-21-001, DEVOPS-LNM-22-001	Create `/docs/migration/policy-parity.md` covering dual-run parity plan and rollback.	Migration doc approved; checklist appended.
DOCS-POLICY-23-010	TODO	Docs Guild, UI Guild	UI-POLICY-23-006	Write `/docs/ui/explainers.md` showing explain trees, evidence overlays, interpretation guidance.	Doc merged with annotated screenshots; checklist appended.

Graph & Vuln Explorer v1

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-GRAPH-24-001	TODO	Docs Guild, UI Guild	UI-GRAPH-24-001..006	Author `/docs/ui/sbom-graph-explorer.md` detailing overlays, filters, saved views, accessibility, and AOC visibility.	Doc merged; screenshots included; checklist appended.
DOCS-GRAPH-24-002	TODO	Docs Guild, UI Guild	UI-GRAPH-24-005	Publish `/docs/ui/vulnerability-explorer.md` covering table usage, grouping, fix suggestions, Why drawer.	Doc merged with annotated images; accessibility checklist satisfied.
DOCS-GRAPH-24-003	TODO	Docs Guild, SBOM Service Guild	SBOM-GRAPH-24-001..003	Create `/docs/modules/graph/architecture-index.md` describing data model, ingestion pipeline, caches, events.	Architecture doc merged with diagrams; checklist appended.
DOCS-GRAPH-24-004	TODO	Docs Guild, BE-Base Platform Guild	WEB-GRAPH-24-001..003	Document `/docs/api/graph.md` and `/docs/api/vuln.md` avec endpoints, parameters, errors, RBAC.	API docs aligned with OpenAPI; examples validated; checklist appended.
DOCS-GRAPH-24-005	TODO	Docs Guild, DevEx/CLI Guild	CLI-GRAPH-24-001..003	Update `/docs/modules/cli/guides/graph-and-vuln.md` covering new CLI commands, exit codes, scripting.	CLI doc merged; examples tested; checklist appended.
DOCS-GRAPH-24-006	TODO	Docs Guild, Policy Guild	POLICY-ENGINE-60-001..002	Write `/docs/policy/ui-integration.md` explaining overlays, cache usage, simulator contracts.	Doc merged; references cross-linked; checklist appended.
DOCS-GRAPH-24-007	TODO	Docs Guild, DevOps Guild	DEVOPS-GRAPH-24-001..003	Produce `/docs/migration/graph-parity.md` with rollout plan, parity checks, fallback guidance.	Migration doc approved; checklist appended.

Exceptions v1

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-EXC-25-001	TODO	Docs Guild, Governance Guild	WEB-EXC-25-001	Author `/docs/governance/exceptions.md` covering lifecycle, scope patterns, examples, compliance checklist.	Doc merged; reviewers sign off; checklist included.
DOCS-EXC-25-002	TODO	Docs Guild, Authority Core	AUTH-EXC-25-001	Publish `/docs/governance/approvals-and-routing.md` detailing roles, routing matrix, MFA rules, audit trails.	Doc merged; routing examples validated; checklist appended.
DOCS-EXC-25-003	TODO	Docs Guild, BE-Base Platform Guild	WEB-EXC-25-001..003	Create `/docs/api/exceptions.md` with endpoints, payloads, errors, idempotency notes.	API doc aligned with OpenAPI; examples tested; checklist appended.
DOCS-EXC-25-004	DONE (2025-10-27)	Docs Guild, Policy Guild	POLICY-ENGINE-70-001	Document `/docs/policy/exception-effects.md` explaining evaluation order, conflicts, simulation.	Doc merged; tests cross-referenced; checklist appended.
DOCS-EXC-25-005	TODO	Docs Guild, UI Guild	UI-EXC-25-001..004	Write `/docs/ui/exception-center.md` with UI walkthrough, badges, accessibility, shortcuts.	Doc merged with screenshots; accessibility checklist completed.
DOCS-EXC-25-006	TODO	Docs Guild, DevEx/CLI Guild	CLI-EXC-25-001..002	Update `/docs/modules/cli/guides/exceptions.md` covering command usage and exit codes.	CLI doc updated; examples validated; checklist appended.
DOCS-EXC-25-007	TODO	Docs Guild, DevOps Guild	SCHED-WORKER-25-101, DEVOPS-GRAPH-24-003	Publish `/docs/migration/exception-governance.md` describing cutover from legacy suppressions, notifications, rollback.	Migration doc approved; checklist included.

Update statuses (TODO/DOING/REVIEW/DONE/BLOCKED) as progress changes. Keep guides in sync with configuration samples under etc/.

Remark (2025-10-13, DOC4.AUTH-PDG): Rate limit guide published (docs/security/rate-limits.md) and handed to plugin docs team for diagram uplift once PLG6.DIAGRAM lands.

Orchestrator Dashboard (Epic 9)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-ORCH-32-001	TODO	Docs Guild	ORCH-SVC-32-001, AUTH-ORCH-32-001	Author `/docs/orchestrator/overview.md` covering mission, roles, AOC alignment, governance, with imposed rule reminder.	Doc merged with diagrams; imposed rule statement included; entry linked from docs index.
DOCS-ORCH-32-002	TODO	Docs Guild	ORCH-SVC-32-002	Author `/docs/orchestrator/architecture.md` detailing scheduler, DAGs, rate limits, data model, message bus, storage layout, restating imposed rule.	Architecture doc merged; diagrams reviewed; imposed rule noted.
DOCS-ORCH-33-001	TODO	Docs Guild	ORCH-SVC-33-001..004, WEB-ORCH-33-001	Publish `/docs/orchestrator/api.md` (REST/WebSocket endpoints, payloads, error codes) with imposed rule note.	API doc merged; examples validated; imposed rule appended.
DOCS-ORCH-33-002	TODO	Docs Guild	CONSOLE-ORCH-32-002, CONSOLE-ORCH-33-001..002	Publish `/docs/orchestrator/console.md` covering screens, a11y, live updates, control actions, reiterating imposed rule.	Console doc merged with screenshots; accessibility checklist done; imposed rule statement present.
DOCS-ORCH-33-003	TODO	Docs Guild	CLI-ORCH-33-001	Publish `/docs/orchestrator/cli.md` documenting commands, options, exit codes, streaming output, offline usage, and imposed rule.	CLI doc merged; examples tested; imposed rule appended.
DOCS-ORCH-34-001	TODO	Docs Guild	ORCH-SVC-34-002, LEDGER-34-101	Author `/docs/orchestrator/run-ledger.md` covering ledger schema, provenance chain, audit workflows, with imposed rule reminder.	Run-ledger doc merged; payload samples validated; imposed rule included; cross-links added.
DOCS-ORCH-34-002	TODO	Docs Guild	AUTH-ORCH-32-001, AUTH-ORCH-34-001	Update `/docs/security/secrets-handling.md` for orchestrator KMS refs, redaction badges, operator hygiene, reiterating imposed rule.	Security doc merged; checklists updated; imposed rule restated; references from Console/CLI docs added.
DOCS-ORCH-34-003	TODO	Docs Guild	ORCH-SVC-33-003, ORCH-SVC-34-001, DEVOPS-ORCH-34-001	Publish `/docs/operations/orchestrator-runbook.md` (incident playbook, backfill guide, circuit breakers, throttling) with imposed rule statement.	Runbook merged; steps validated with DevOps; imposed rule included; runbook linked from ops index.
DOCS-ORCH-34-004	TODO	Docs Guild	ORCH-SVC-32-005, WORKER-GO-33-001, WORKER-PY-33-001	Document `/docs/schemas/artifacts.md` describing artifact kinds, schema versions, hashing, storage layout, restating imposed rule.	Schema doc merged; JSON schema provided; imposed rule included; sample payload validated.
DOCS-ORCH-34-005	TODO	Docs Guild	ORCH-SVC-34-001, DEVOPS-ORCH-34-001	Author `/docs/slo/orchestrator-slo.md` defining SLOs, burn alerts, measurement, and reiterating imposed rule.	SLO doc merged; dashboard screenshots embedded; imposed rule appended; alerts documented.

Export Center (Epic 10)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-EXPORT-35-001	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-35-001..006	Author `/docs/modules/export-center/overview.md` covering purpose, profiles, security, AOC alignment, surfaces, ending with imposed rule statement.	Doc merged with diagrams/examples; imposed rule line present; index updated.
DOCS-EXPORT-35-002	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-35-002..005	Publish `/docs/modules/export-center/architecture.md` describing planner, adapters, manifests, signing, distribution flows, restating imposed rule.	Architecture doc merged; sequence diagrams included; rule statement appended.
DOCS-EXPORT-35-003	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-35-003..004	Publish `/docs/modules/export-center/profiles.md` detailing schema fields, examples, compatibility, and imposed rule reminder.	Profiles doc merged; JSON schemas linked; imposed rule noted.
DOCS-EXPORT-36-004	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-36-001..004, WEB-EXPORT-36-001	Publish `/docs/modules/export-center/api.md` covering endpoints, payloads, errors, and mention imposed rule.	API doc merged; examples validated; rule included.
DOCS-EXPORT-36-005	DONE (2025-10-29)	Docs Guild	CLI-EXPORT-35-001, CLI-EXPORT-36-001	Publish `/docs/modules/export-center/cli.md` with command reference, CI scripts, verification steps, restating imposed rule.	CLI doc merged; script snippets tested; rule appended.
DOCS-EXPORT-36-006	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-36-001, DEVOPS-EXPORT-36-001	Publish `/docs/modules/export-center/trivy-adapter.md` covering field mappings, compatibility matrix, and imposed rule reminder.	Doc merged; mapping tables validated; rule included.
DOCS-EXPORT-37-001	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-37-001, DEVOPS-EXPORT-37-001	Publish `/docs/modules/export-center/mirror-bundles.md` describing filesystem/OCI layouts, delta/encryption, import guide, ending with imposed rule.	Doc merged; diagrams provided; verification steps tested; rule stated.
DOCS-EXPORT-37-002	DONE (2025-10-29)	Docs Guild	EXPORT-SVC-35-005, EXPORT-SVC-37-002	Publish `/docs/modules/export-center/provenance-and-signing.md` detailing manifests, attestation flow, verification, reiterating imposed rule.	Doc merged; signature examples validated; rule appended.
DOCS-EXPORT-37-003	DONE (2025-10-29)	Docs Guild	DEVOPS-EXPORT-37-001	Publish `/docs/operations/export-runbook.md` covering failures, tuning, capacity planning, with imposed rule reminder.	Runbook merged; procedures validated; rule included.
DOCS-EXPORT-37-004	TODO	Docs Guild	AUTH-EXPORT-37-001, EXPORT-SVC-37-002	Publish `/docs/security/export-hardening.md` outlining RBAC, tenancy, encryption, redaction, restating imposed rule.	Security doc merged; checklist updated; rule appended.
DOCS-EXPORT-37-101	TODO	Docs Guild, DevEx/CLI Guild	CLI-EXPORT-37-001	Refresh CLI verification sections once `stella export verify` lands (flags, exit codes, samples).	`docs/modules/export-center/cli.md` & `docs/modules/export-center/provenance-and-signing.md` updated with final command syntax; examples tested; rule reminder retained.
DOCS-EXPORT-37-102	TODO	Docs Guild, DevOps Guild	DEVOPS-EXPORT-37-001	Embed export dashboards/alerts references into provenance/runbook docs after Grafana work ships.	Docs updated with dashboard IDs/alert notes; update logged; rule reminder present.
DOCS-EXPORT-37-005	TODO	Docs Guild, Exporter Service Guild	EXPORT-SVC-35-006, DEVOPS-EXPORT-36-001	Validate Export Center docs against live Trivy/mirror bundles once implementation lands; refresh examples and CLI snippets accordingly.	Real bundle examples recorded; docs updated; verification steps confirmed with production artefacts.

Note (2025-10-29): Blocked until exporter API (EXPORT-SVC-35-006) and Trivy/mirror adapters (EXPORT-SVC-36-001, EXPORT-SVC-37-001) ship. Requires access to CI smoke outputs (DEVOPS-EXPORT-36-001) for verification artifacts.

Reachability v1

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-SIG-26-001	TODO	Docs Guild, Signals Guild	SIGNALS-24-004	Write `/docs/signals/reachability.md` covering states, scores, provenance, retention.	Doc merged with diagrams/examples; checklist appended.
DOCS-SIG-26-002	TODO	Docs Guild, Signals Guild	SIGNALS-24-002	Publish `/docs/signals/callgraph-formats.md` with schemas and validation errors.	Doc merged; examples tested; checklist included.
DOCS-SIG-26-003	TODO	Docs Guild, Runtime Guild	SIGNALS-24-003	Create `/docs/signals/runtime-facts.md` detailing agent capabilities, privacy safeguards, opt-in flags.	Doc merged; privacy review done; checklist appended.
DOCS-SIG-26-004	TODO	Docs Guild, Policy Guild	POLICY-ENGINE-80-001	Document `/docs/policy/signals-weighting.md` for SPL predicates and weighting strategies.	Doc merged; sample policies validated; checklist appended.
DOCS-SIG-26-005	TODO	Docs Guild, UI Guild	UI-SIG-26-001..003	Draft `/docs/ui/reachability-overlays.md` with badges, timelines, shortcuts.	Doc merged with screenshots; accessibility checklist completed.
DOCS-SIG-26-006	TODO	Docs Guild, DevEx/CLI Guild	CLI-SIG-26-001..002	Update `/docs/modules/cli/guides/reachability.md` for new commands and automation recipes.	Doc merged; examples verified; checklist appended.
DOCS-SIG-26-007	TODO	Docs Guild, BE-Base Platform Guild	WEB-SIG-26-001..003	Publish `/docs/api/signals.md` covering endpoints, payloads, ETags, errors.	API doc aligned with OpenAPI; examples tested; checklist appended.
DOCS-SIG-26-008	TODO	Docs Guild, DevOps Guild	DEVOPS-SIG-26-001..002	Write `/docs/migration/enable-reachability.md` guiding rollout, fallbacks, monitoring.	Migration doc approved; checklist appended.

Policy Studio (Sprint 27)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-POLICY-27-001	BLOCKED (2025-10-27)	Docs Guild, Policy Guild	REGISTRY-API-27-001, POLICY-ENGINE-27-001	Publish `/docs/policy/studio-overview.md` covering lifecycle, roles, glossary, and compliance checklist.	Doc merged with diagrams + lifecycle table; checklist appended; stakeholders sign off.

Blocked by REGISTRY-API-27-001 and POLICY-ENGINE-27-001; need spec + compile data. Blocker: Registry OpenAPI (REGISTRY-API-27-001) and policy compile enrichments (POLICY-ENGINE-27-001) are still TODO; need final interfaces before drafting overview. | DOCS-POLICY-27-002 | BLOCKED (2025-10-27) | Docs Guild, Console Guild | CONSOLE-STUDIO-27-001 | Write /docs/policy/authoring.md detailing workspace templates, snippets, lint rules, IDE shortcuts, and best practices. | Authoring doc includes annotated screenshots, snippet catalog, compliance checklist. | Blocked by CONSOLE-STUDIO-27-001 Studio authoring UI pending. Blocker: Console Studio authoring UI (CONSOLE-STUDIO-27-001) not implemented; awaiting UX to capture flows/snippets. | DOCS-POLICY-27-003 | BLOCKED (2025-10-27) | Docs Guild, Policy Registry Guild | REGISTRY-API-27-007 | Document /docs/policy/versioning-and-publishing.md (semver rules, attestations, rollback) with compliance checklist. | Doc merged with flow diagrams; attestation steps documented; checklist appended. | Blocked by REGISTRY-API-27-007 publish/sign pipeline outstanding. Blocker: Registry publish/sign workflow (REGISTRY-API-27-007) pending. | DOCS-POLICY-27-004 | BLOCKED (2025-10-27) | Docs Guild, Scheduler Guild | REGISTRY-API-27-005, SCHED-WORKER-27-301 | Write /docs/policy/simulation.md covering quick vs batch sim, thresholds, evidence bundles, CLI examples. | Simulation doc includes charts, sample manifests, checklist appended. | Blocked by REGISTRY-API-27-005/SCHED-WORKER-27-301 batch simulation not ready. Blocker: Batch simulation APIs/workers (REGISTRY-API-27-005, SCHED-WORKER-27-301) still TODO. | DOCS-POLICY-27-005 | BLOCKED (2025-10-27) | Docs Guild, Product Ops | REGISTRY-API-27-006 | Publish /docs/policy/review-and-approval.md with approver requirements, comments, webhooks, audit trail guidance. | Doc merged with role matrix + webhook schema; checklist appended. | Blocked by REGISTRY-API-27-006 review workflow not implemented. Blocker: Review workflow (REGISTRY-API-27-006) not landed. | DOCS-POLICY-27-006 | BLOCKED (2025-10-27) | Docs Guild, Policy Guild | REGISTRY-API-27-008 | Author /docs/policy/promotion.md covering environments, canary, rollback, and monitoring steps. | Promotion doc includes examples + checklist; verified by Policy Ops. | Blocked by REGISTRY-API-27-008 promotion APIs pending. Blocker: Promotion/canary APIs (REGISTRY-API-27-008) outstanding. | DOCS-POLICY-27-007 | BLOCKED (2025-10-27) | Docs Guild, DevEx/CLI Guild | CLI-POLICY-27-001..004 | Update /docs/policy/cli.md with new commands, JSON schemas, CI usage, and compliance checklist. | CLI doc merged with transcripts; schema references validated; checklist appended. | Blocked by CLI-POLICY-27-001..004 CLI commands missing. Blocker: Policy CLI commands (CLI-POLICY-27-001..004) yet to implement. | DOCS-POLICY-27-008 | BLOCKED (2025-10-27) | Docs Guild, Policy Registry Guild | REGISTRY-API-27-001..008 | Publish /docs/policy/api.md describing Registry endpoints, request/response schemas, errors, and feature flags. | API doc aligned with OpenAPI; examples validated; checklist appended. | Blocked by REGISTRY-API-27-001..008 OpenAPI + endpoints incomplete. Blocker: Registry OpenAPI/spec suite (REGISTRY-API-27-001..008) incomplete. | DOCS-POLICY-27-009 | BLOCKED (2025-10-27) | Docs Guild, Security Guild | AUTH-POLICY-27-002 | Create /docs/security/policy-attestations.md covering signing, verification, key rotation, and compliance checklist. | Security doc approved by Security Guild; verifier steps documented; checklist appended. | Blocked by AUTH-POLICY-27-002 signing enforcement pending. Blocker: Authority signing enforcement (AUTH-POLICY-27-002) pending. | DOCS-POLICY-27-010 | BLOCKED (2025-10-27) | Docs Guild, Architecture Guild | REGISTRY-API-27-001, SCHED-WORKER-27-301 | Author /docs/modules/policy/registry-architecture.md (service design, schemas, queues, failure modes) with diagrams and checklist. | Architecture doc merged; diagrams committed; checklist appended. | Blocked by REGISTRY-API-27-001 & SCHED-WORKER-27-301 need delivery. Blocker: Policy Registry schema/workers not delivered (see REGISTRY-API-27-001, SCHED-WORKER-27-301). | DOCS-POLICY-27-011 | BLOCKED (2025-10-27) | Docs Guild, Observability Guild | DEVOPS-POLICY-27-004 | Publish /docs/observability/policy-telemetry.md with metrics/log tables, dashboards, alerts, and compliance checklist. | Observability doc merged; dashboards linked; checklist appended. | Blocked by DEVOPS-POLICY-27-004 observability dashboards outstanding. Blocker: Observability dashboards (DEVOPS-POLICY-27-004) not built. | DOCS-POLICY-27-012 | BLOCKED (2025-10-27) | Docs Guild, Ops Guild | DEPLOY-POLICY-27-002 | Write /docs/runbooks/policy-incident.md detailing rollback, freeze, forensic steps, notifications. | Runbook merged; rehearsal recorded; checklist appended. | Blocked by DEPLOY-POLICY-27-002 incident runbook inputs pending. Blocker: Ops runbook inputs (DEPLOY-POLICY-27-002) pending. | DOCS-POLICY-27-013 | BLOCKED (2025-10-27) | Docs Guild, Policy Guild | CONSOLE-STUDIO-27-001, REGISTRY-API-27-002 | Update /docs/examples/policy-templates.md with new templates, snippets, and sample policies. | Examples committed with commentary; lint passes; checklist appended. | Blocked by CONSOLE-STUDIO-27-001/REGISTRY-API-27-002 templates missing. Blocker: Studio templates and registry storage (CONSOLE-STUDIO-27-001, REGISTRY-API-27-002) not available. | DOCS-POLICY-27-014 | BLOCKED (2025-10-27) | Docs Guild, Policy Registry Guild | REGISTRY-API-27-003, WEB-POLICY-27-001 | Refresh /docs/aoc/aoc-guardrails.md to include Studio-specific guardrails and validation scenarios. | Doc updated with Studio guardrails; compliance checklist appended. | Blocked by REGISTRY-API-27-003 & WEB-POLICY-27-001 guardrails not implemented. Blocker: Registry compile pipeline/web proxy (REGISTRY-API-27-003, WEB-POLICY-27-001) outstanding.

Vulnerability Explorer (Sprint 29)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-VULN-29-001	TODO	Docs Guild, Vuln Explorer Guild	VULN-API-29-001	Publish `/docs/vuln/explorer-overview.md` covering domain model, identities, AOC guarantees, workflow summary.	Doc merged with diagrams/table; compliance checklist appended.
DOCS-VULN-29-002	TODO	Docs Guild, Console Guild	CONSOLE-VULN-29-001..006	Write `/docs/vuln/explorer-using-console.md` with workflows, screenshots, keyboard shortcuts, saved views, deep links.	Doc merged; images stored; WCAG notes included; checklist appended.
DOCS-VULN-29-003	TODO	Docs Guild, Vuln Explorer API Guild	VULN-API-29-001..009	Author `/docs/vuln/explorer-api.md` (endpoints, query schema, grouping, errors, rate limits).	Doc aligned with OpenAPI; examples validated; checklist appended.
DOCS-VULN-29-004	TODO	Docs Guild, DevEx/CLI Guild	CLI-VULN-29-001..005	Publish `/docs/vuln/explorer-cli.md` with command reference, samples, exit codes, CI snippets.	CLI doc merged; transcripts/JSON outputs validated; checklist appended.
DOCS-VULN-29-005	TODO	Docs Guild, Findings Ledger Guild	LEDGER-29-001..009	Write `/docs/vuln/findings-ledger.md` detailing event schema, hashing, Merkle roots, replay tooling.	Doc merged; compliance checklist appended; audit team sign-off.
DOCS-VULN-29-006	TODO	Docs Guild, Policy Guild	POLICY-ENGINE-29-001..003	Update `/docs/policy/vuln-determinations.md` for new rationale, signals, simulation semantics.	Doc updated; examples validated; checklist appended.
DOCS-VULN-29-007	TODO	Docs Guild, Excititor Guild	EXCITITOR-VULN-29-001..004	Publish `/docs/vex/explorer-integration.md` covering CSAF mapping, suppression precedence, status semantics.	Doc merged; compliance checklist appended.
DOCS-VULN-29-008	TODO	Docs Guild, Concelier Guild	CONCELIER-VULN-29-001..004	Publish `/docs/advisories/explorer-integration.md` covering key normalization, withdrawn handling, provenance.	Doc merged; checklist appended.
DOCS-VULN-29-009	TODO	Docs Guild, SBOM Service Guild	SBOM-VULN-29-001..002	Author `/docs/sbom/vuln-resolution.md` detailing version semantics, scope, paths, safe version hints.	Doc merged; ecosystem tables validated; checklist appended.
DOCS-VULN-29-010	TODO	Docs Guild, Observability Guild	VULN-API-29-009, DEVOPS-VULN-29-002	Publish `/docs/observability/vuln-telemetry.md` (metrics, logs, tracing, dashboards, SLOs).	Doc merged; dashboards linked; checklist appended.
DOCS-VULN-29-011	TODO	Docs Guild, Security Guild	AUTH-VULN-29-001..003	Create `/docs/security/vuln-rbac.md` for roles, ABAC policies, attachment encryption, CSRF.	Security doc approved; checklist appended.
DOCS-VULN-29-012	TODO	Docs Guild, Ops Guild	DEVOPS-VULN-29-002, SCHED-WORKER-29-003	Write `/docs/runbooks/vuln-ops.md` (projector lag, resolver storms, export failures, policy activation).	Runbook merged; rehearsal recorded; checklist appended.
DOCS-VULN-29-013	TODO	Docs Guild, Deployment Guild	DEPLOY-VULN-29-001..002	Update `/docs/install/containers.md` with Findings Ledger & Vuln Explorer API images, manifests, resource sizing, health checks.	Install doc updated; validation commands included; checklist appended.

VEX Lens (Sprint 30)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-VEX-30-001	TODO	Docs Guild, VEX Lens Guild	VEXLENS-30-005	Publish `/docs/vex/consensus-overview.md` describing purpose, scope, AOC guarantees.	Doc merged with diagrams/terminology tables; compliance checklist appended.
DOCS-VEX-30-002	TODO	Docs Guild, VEX Lens Guild	VEXLENS-30-005	Author `/docs/vex/consensus-algorithm.md` covering normalization, weighting, thresholds, examples.	Doc merged; math reviewed by Policy; checklist appended.
DOCS-VEX-30-003	TODO	Docs Guild, Issuer Directory Guild	ISSUER-30-001..003	Document `/docs/vex/issuer-directory.md` (issuer management, keys, trust overrides, audit).	Doc merged; security review done; checklist appended.
DOCS-VEX-30-004	TODO	Docs Guild, VEX Lens Guild	VEXLENS-30-007	Publish `/docs/vex/consensus-api.md` with endpoint specs, query params, rate limits.	API doc aligned with OpenAPI; examples validated; checklist appended.
DOCS-VEX-30-005	TODO	Docs Guild, Console Guild	CONSOLE-VEX-30-001	Write `/docs/vex/consensus-console.md` covering UI workflows, filters, conflicts, accessibility.	Doc merged; screenshots added; checklist appended.
DOCS-VEX-30-006	TODO	Docs Guild, Policy Guild	POLICY-ENGINE-29-001, VEXLENS-30-004	Add `/docs/policy/vex-trust-model.md` detailing policy knobs, thresholds, simulation.	Doc merged; policy review completed; checklist appended.
DOCS-VEX-30-007	TODO	Docs Guild, SBOM Service Guild	VEXLENS-30-002	Publish `/docs/sbom/vex-mapping.md` (CPE→purl strategy, edge cases, overrides).	Doc merged; mapping tables validated; checklist appended.
DOCS-VEX-30-008	TODO	Docs Guild, Security Guild	ISSUER-30-002, VEXLENS-30-003	Deliver `/docs/security/vex-signatures.md` (verification flow, key rotation, audit).	Doc approved by Security; checklist appended.
DOCS-VEX-30-009	TODO	Docs Guild, DevOps Guild	VEXLENS-30-009, DEVOPS-VEX-30-001	Create `/docs/runbooks/vex-ops.md` for recompute storms, mapping failures, signature errors.	Runbook merged; rehearsal logged; checklist appended.

Advisory AI (Sprint 31)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-AIAI-31-001	TODO	Docs Guild, Advisory AI Guild	AIAI-31-006	Publish `/docs/advisory-ai/overview.md` covering capabilities, guardrails, RBAC.	Doc merged with diagrams; compliance checklist appended.
DOCS-AIAI-31-002	TODO	Docs Guild, Advisory AI Guild	AIAI-31-004	Author `/docs/advisory-ai/architecture.md` detailing RAG pipeline, deterministics, caching, model options.	Doc merged; architecture review done; checklist appended.
DOCS-AIAI-31-003	TODO	Docs Guild, Advisory AI Guild	AIAI-31-006	Write `/docs/advisory-ai/api.md` describing endpoints, schemas, errors, rate limits.	API doc aligned with OpenAPI; examples validated; checklist appended.
DOCS-AIAI-31-004	TODO	Docs Guild, Console Guild	CONSOLE-VULN-29-001, CONSOLE-VEX-30-001	Create `/docs/advisory-ai/console.md` with screenshots, a11y notes, copy-as-ticket instructions.	Doc merged; images stored; checklist appended.
DOCS-AIAI-31-005	TODO	Docs Guild, DevEx/CLI Guild	CLI-VULN-29-001, CLI-VEX-30-001	Publish `/docs/advisory-ai/cli.md` covering commands, exit codes, scripting patterns.	Doc merged; examples tested; checklist appended.
DOCS-AIAI-31-006	TODO	Docs Guild, Policy Guild	POLICY-ENGINE-31-001	Update `/docs/policy/assistant-parameters.md` covering temperature, token limits, ranking weights, TTLs.	Doc merged; policy review done; checklist appended.
DOCS-AIAI-31-007	TODO	Docs Guild, Security Guild	AIAI-31-005	Write `/docs/security/assistant-guardrails.md` detailing redaction, injection defense, logging.	Doc approved by Security; checklist appended.
DOCS-AIAI-31-008	TODO	Docs Guild, SBOM Service Guild	SBOM-AIAI-31-001	Publish `/docs/sbom/remediation-heuristics.md` (feasibility scoring, blast radius).	Doc merged; heuristics reviewed; checklist appended.
DOCS-AIAI-31-009	TODO	Docs Guild, DevOps Guild	DEVOPS-AIAI-31-001	Create `/docs/runbooks/assistant-ops.md` for warmup, cache priming, model outages, scaling.	Runbook merged; rehearsal logged; checklist appended.

Notifications Studio

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-NOTIFY-38-001	DONE (2025-10-29)	Docs Guild, Notifications Service Guild	NOTIFY-SVC-38-001..004	Publish `/docs/notifications/overview.md` and `/docs/notifications/architecture.md`, each ending with imposed rule reminder.	Docs merged; diagrams verified; imposed rule appended.
DOCS-NOTIFY-39-002	DONE (2025-10-29)	Docs Guild, Notifications Service Guild	NOTIFY-SVC-39-001..004	Publish `/docs/notifications/rules.md`, `/docs/notifications/templates.md`, `/docs/notifications/digests.md` with examples and imposed rule line.	Docs merged; examples validated; imposed rule appended.
DOCS-NOTIFY-40-001	TODO	Docs Guild, Security Guild	AUTH-NOTIFY-38-001, NOTIFY-SVC-40-001..004	Publish `/docs/notifications/channels.md`, `/docs/notifications/escalations.md`, `/docs/notifications/api.md`, `/docs/operations/notifier-runbook.md`, `/docs/security/notifications-hardening.md`; each ends with imposed rule line.	Docs merged; accessibility checks passed; imposed rule appended.

CLI Parity & Task Packs

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-CLI-41-001	TODO	Docs Guild, DevEx/CLI Guild	CLI-CORE-41-001	Publish `/docs/modules/cli/guides/overview.md`, `/docs/modules/cli/guides/configuration.md`, `/docs/modules/cli/guides/output-and-exit-codes.md` with imposed rule statements.	Docs merged; examples verified; imposed rule appended.
DOCS-CLI-42-001	TODO	Docs Guild	DOCS-CLI-41-001, CLI-PARITY-41-001	Publish `/docs/modules/cli/guides/parity-matrix.md` and command guides under `/docs/modules/cli/guides/commands/*.md` (policy, sbom, vuln, vex, advisory, export, orchestrator, notify, aoc, auth).	Guides merged; parity automation documented; imposed rule appended.
DOCS-PACKS-43-001	DONE (2025-10-27)	Docs Guild, Task Runner Guild	PACKS-REG-42-001, TASKRUN-42-001	Publish `/docs/task-packs/spec.md`, `/docs/task-packs/authoring-guide.md`, `/docs/task-packs/registry.md`, `/docs/task-packs/runbook.md`, `/docs/security/pack-signing-and-rbac.md`, `/docs/operations/cli-release-and-packaging.md` with imposed rule statements.	Docs merged; tutorials validated; imposed rule appended; cross-links added.

Containerized Distribution (Epic 13)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-INSTALL-44-001	TODO	Docs Guild, Deployment Guild	COMPOSE-44-001	Publish `/docs/install/overview.md` and `/docs/install/compose-quickstart.md` with imposed rule line and copy-ready commands.	Docs merged; screenshots/commands verified; imposed rule appended.
DOCS-INSTALL-45-001	TODO	Docs Guild, Deployment Guild	HELM-45-001	Publish `/docs/install/helm-prod.md` and `/docs/install/configuration-reference.md` with values tables and imposed rule reminder.	Docs merged; configuration matrix verified; imposed rule appended.
DOCS-INSTALL-46-001	TODO	Docs Guild, Security Guild	DEPLOY-PACKS-43-001, CLI-PACKS-43-001	Publish `/docs/install/airgap.md`, `/docs/security/supply-chain.md`, `/docs/operations/health-and-readiness.md`, `/docs/release/image-catalog.md`, `/docs/console/onboarding.md` (each with imposed rule).	Docs merged; checksum/signature sections validated; imposed rule appended.

Authority-Backed Scopes & Tenancy (Epic 14)

ID	Status	Owner(s)	Depends on	Description	Exit Criteria
DOCS-TEN-47-001	TODO	Docs Guild, Authority Core	AUTH-TEN-47-001	Publish `/docs/security/tenancy-overview.md` and `/docs/security/scopes-and-roles.md` outlining scope grammar, tenant model, imposed rule reminder.	Docs merged; diagrams included; imposed rule appended.
DOCS-TEN-48-001	TODO	Docs Guild, Platform Ops	WEB-TEN-48-001	Publish `/docs/operations/multi-tenancy.md`, `/docs/operations/rls-and-data-isolation.md`, `/docs/console/admin-tenants.md`.	Docs merged; examples validated; imposed rule appended.
DOCS-TEN-49-001	TODO	Docs & DevEx Guilds	CLI-TEN-47-001, AUTH-TEN-49-001	Publish `/docs/modules/cli/guides/authentication.md`, `/docs/api/authentication.md`, `/docs/policy/examples/abac-overlays.md`, update `/docs/install/configuration-reference.md` with new env vars, all ending with imposed rule line.	Docs merged; command examples verified; imposed rule appended.

70 KiB Raw Blame History

Docs Guild Task Board (UTC 2025-10-10)

Air-Gapped Mode (Epic 16)

SDKs & OpenAPI (Epic 17)

Risk Profiles (Epic 18)

Attestor Console (Epic 19)

Policy Engine v2

Graph Explorer v1

Link-Not-Merge v1

StellaOps Console (Sprint 23)

Policy Engine + Editor v1

Graph & Vuln Explorer v1

Exceptions v1

Orchestrator Dashboard (Epic 9)

Export Center (Epic 10)

Reachability v1

Policy Studio (Sprint 27)

Vulnerability Explorer (Sprint 29)

VEX Lens (Sprint 30)

Advisory AI (Sprint 31)

Notifications Studio

CLI Parity & Task Packs

Containerized Distribution (Epic 13)

Authority-Backed Scopes & Tenancy (Epic 14)

70 KiB

Raw Blame History