Files

StellaOps Bot 7792749bb4 feat: Add archived advisories and implement smart-diff as a core evidence primitive

- Introduced new advisory documents for archived superseded advisories, including detailed descriptions of features already implemented or covered by existing sprints.
- Added "Smart-Diff as a Core Evidence Primitive" advisory outlining the treatment of SBOM diffs as first-class evidence objects, enhancing vulnerability verdicts with deterministic replayability.
- Created "Visual Diffs for Explainable Triage" advisory to improve user experience in understanding policy decisions and reachability changes through visual diffs.
- Implemented "Weighted Confidence for VEX Sources" advisory to rank conflicting vulnerability evidence based on freshness and confidence, facilitating better decision-making.
- Established a signer module charter detailing the mission, expectations, key components, and signing modes for cryptographic signing services in StellaOps.
- Consolidated overlapping concepts from triage UI, visual diffs, and risk budget visualization advisories into a unified specification for better clarity and implementation tracking.

2025-12-26 13:01:43 +02:00

README.md

docs consolidation work

2025-12-25 19:09:48 +02:00

smart-diff-ui-architecture.md

feat: Implement distro-native version comparison for RPM, Debian, and Alpine packages

2025-12-22 09:50:12 +02:00

unified-triage-specification.md

feat: Add archived advisories and implement smart-diff as a core evidence primitive

2025-12-26 13:01:43 +02:00

README.md

Web

Status: Implemented Source: src/Web/ Owner: UI Guild

Purpose

Web provides the Angular 17 single-page application (SPA) frontend for StellaOps. Delivers the user interface for vulnerability exploration, policy management, scan results, SBOM visualization, and administrative functions.

Components

Application:

StellaOps.Web - Angular 17 application with TypeScript, routing, and component library

Key Features:

Dashboard and vulnerability overview
Container scan results and SBOM explorer
Policy editor and rule visualization
VEX statement review and approval workflows
Task pack execution monitoring
Admin console for configuration and user management

Configuration

Angular configuration in angular.json and environment files.

Key settings:

Backend API URL (STELLAOPS_BACKEND_URL)
Authority OAuth/OIDC endpoints
Feature flags for module visibility
Telemetry and error reporting

Build and Development

# Install dependencies
cd src/Web/StellaOps.Web
npm install

# Development server
npm start

# Production build
npm run build

# Run tests
npm test

# Run E2E tests (Playwright)
npx playwright test

Dependencies

Gateway (API access)
Authority (authentication and authorization)
All backend services (via Gateway routing)

Architecture: ./architecture.md (if exists)
UI Module: ../ui/ (shared UI components)
Gateway: ../gateway/
Authority: ../authority/

Current Status

Angular 17 application implemented with routing, authentication, and integration with backend services. Supports vulnerability exploration, scan results, SBOM visualization, and policy management. Playwright E2E tests configured.

README.md

Web

Purpose

Components

Configuration

Build and Development

Dependencies

Related Documentation

Current Status