stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
7be4e855d69f59ea7837af96fef37fdac63a41fe
git.stella-ops.org/docs/features/checked/web/vex-trust-column-in-findings-and-triage-lists.md
master 5bca406787 save checkpoint: save features
2026-02-12 10:27:23 +02:00

2.7 KiB
Raw Blame History

VEX Trust Column in Findings and Triage Lists

Module

Web

Status

VERIFIED

Description

New sortable Trust column added to findings-list and triage-list grids. Shows a VexTrustChipComponent with color-coded confidence level (high/medium/low/unknown) and a VexTrustPopoverComponent on hover with detailed breakdown of issuer trust, statement quality, and coverage scores. Includes Storybook stories for design documentation.

Implementation Details

  • Feature directory: src/Web/StellaOps.Web/src/app/shared/components/vex-trust-chip/
  • Components:
    • vex-trust-chip (src/Web/StellaOps.Web/src/app/shared/components/vex-trust-chip/vex-trust-chip.component.ts)
    • vex-trust-popover (src/Web/StellaOps.Web/src/app/shared/components/vex-trust-popover/vex-trust-popover.component.ts)
  • Integration surfaces:
    • Findings list: src/Web/StellaOps.Web/src/app/features/findings/findings-list.component.ts
    • Findings template: src/Web/StellaOps.Web/src/app/features/findings/findings-list.component.html
    • Triage list: src/Web/StellaOps.Web/src/app/features/triage/components/triage-list/triage-list.component.ts
    • Triage model contract: src/Web/StellaOps.Web/src/app/features/triage/services/vulnerability-list.service.ts
  • Behavior coverage:
    • src/Web/StellaOps.Web/src/tests/triage/vex-trust-column-in-findings-and-triage-lists.behavior.spec.ts
  • Source: SPRINT_1227_0004_0002_FE_trust_column.md

E2E Test Plan

  • Setup:
    • Log in with a user that has appropriate permissions
    • Navigate to the relevant page/section where this feature appears
    • Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
  • Core verification:
    • Verify the triage list loads with findings/items to review
    • Verify triaging actions (accept, dismiss, override) update item status
    • Verify keyboard shortcuts work for rapid triage navigation
  • Edge cases:
    • Verify graceful handling when backend API is unavailable (error state)
    • Verify responsive layout at different viewport sizes
    • Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)

Verification

  • Run ID: docs/qa/feature-checks/runs/web/vex-trust-column-in-findings-and-triage-lists/run-001/
  • Date (UTC): 2026-02-11
  • Tier 0: PASS (path map corrected to include findings-list and triage-list trust integrations; symbols verified).
  • Tier 1: PASS (npm run test focused + regression include suite: 39 files / 179 tests; npm run build passed with baseline warnings only).
  • Tier 2: PASS (findings/triage trust rendering, trust sort semantics with deterministic tie-breaks, and hover/click trust popover interactions verified via Angular behavior harness).