stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
7600caea632e9e44571bc1661003948a5e1d22fb
git.stella-ops.org/docs/updates/2025-10-29-export-center-provenance.md
master 7b5bdcf4d3 feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules 
- Introduced AGENTS.md, README.md, TASKS.md, and implementation_plan.md for Vexer, detailing mission, responsibilities, key components, and operational notes.
- Established similar documentation structure for Vulnerability Explorer and Zastava modules, including their respective workflows, integrations, and observability notes.
- Created risk scoring profiles documentation outlining the core workflow, factor model, governance, and deliverables.
- Ensured all modules adhere to the Aggregation-Only Contract and maintain determinism and provenance in outputs.
2025-10-30 00:09:39 +02:00

736 B
Raw Blame History

2025-10-29 Export Center provenance/signing doc

Summary

  • Authored docs/modules/export-center/provenance-and-signing.md, covering manifest/provenance artefacts, cosign/SLSA signing pipeline, verification workflows (CLI/CI/offline), and compliance checklist.
  • Cross-linked the new guide from the docs index (docs/README.md) and referenced outstanding CLI automation (CLI-EXPORT-37-001) to keep verification guidance aligned with upcoming tooling.

Follow-ups

  • Revisit once CLI-EXPORT-37-001 lands to confirm command names/flags and update the verification section if necessary.
  • Sync with DevOps (DEVOPS-EXPORT-37-001) after dashboards/alerts ship to embed direct links in the failure handling section.