stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
8355e2ff7575b8fa5a1bc137850b018701c51373
git.stella-ops.org/docs/implplan/SPRINT_0161_0001_0001_evidencelocker.md
master 8355e2ff75
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Add initial implementation of Vulnerability Resolver Jobs 
- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies.
- Documented roles and guidelines in AGENTS.md for Scheduler module.
- Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs.
- Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics.
- Developed API endpoints for managing resolver jobs and retrieving metrics.
- Defined models for resolver job requests and responses.
- Integrated dependency injection for resolver job services.
- Implemented ImpactIndexSnapshot for persisting impact index data.
- Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring.
- Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService.
- Created dotnet-filter.sh script to handle command-line arguments for dotnet.
- Established nuget-prime project for managing package downloads.
2025-11-18 07:52:15 +02:00

5.5 KiB
Raw Blame History

Sprint 0161_0001_0001 · EvidenceLocker

Topic & Scope

  • Advance 160.A EvidenceLocker stream: finalize bundle packaging, replay ingest/retention, CLI/ops readiness, and sovereign crypto routing.
  • Produce ready-to-execute task definitions that unblock downstream ExportCenter/TimelineIndexer once upstream schemas land.
  • Working directory: docs/implplan (coordination for EvidenceLocker; code lives in src/EvidenceLocker & CLI modules tracked elsewhere).

Dependencies & Concurrency

  • Upstream: AdvisoryAI evidence bundle schema + payload notes (Sprint 110.A); Orchestrator/Notifications capsule schemas (Sprint 150.A / 140); Replay Ledger rules in docs/replay/DETERMINISTIC_REPLAY.md; crypto audit docs/security/crypto-routing-audit-2025-11-07.md.
  • Concurrency: runs alongside Sprint 160 coordination; blocks ExportCenter (Sprint 162/163) and TimelineIndexer (Sprint 165) until manifests/envelopes freeze.
  • Ready signals required before DOING: (1) AdvisoryAI schema freeze, (2) Orchestrator envelopes freeze, (3) crypto registry plan approved at 2025-11-18 review.

Documentation Prerequisites

  • docs/modules/evidence-locker/architecture.md
  • docs/modules/evidence-locker/bundle-packaging.md
  • docs/modules/evidence-locker/incident-mode.md
  • docs/replay/DETERMINISTIC_REPLAY.md
  • docs/runbooks/replay_ops.md
  • docs/security/crypto-routing-audit-2025-11-07.md
  • docs/events/orchestrator-scanner-events.md
  • docs/modules/cli/architecture.md

Delivery Tracker

# Task ID Status Key dependency / next step Owners Task Definition
1 EVID-OBS-54-002 BLOCKED Await AdvisoryAI schema + orchestrator envelopes to freeze bundle packaging/DSSE fields. Evidence Locker Guild Finalize deterministic bundle packaging + DSSE layout per docs/modules/evidence-locker/bundle-packaging.md, including portable/incident modes.
2 EVID-REPLAY-187-001 BLOCKED Need orchestrator + AdvisoryAI payloads and replay ledger retention shape. Evidence Locker Guild · Replay Delivery Guild Implement replay bundle ingestion + retention APIs; update storage policy per docs/replay/DETERMINISTIC_REPLAY.md.
3 CLI-REPLAY-187-002 BLOCKED EvidenceLocker APIs & schemas needed to wire CLI verbs. CLI Guild Add CLI scan --record, verify, replay, diff with offline bundle resolution; align golden tests.
4 RUNBOOK-REPLAY-187-004 BLOCKED Depends on retention APIs + CLI behavior to document. Docs Guild · Ops Guild Publish /docs/runbooks/replay_ops.md coverage for retention enforcement, RootPack rotation, verification drills.
5 EVID-CRYPTO-90-001 BLOCKED Pending 2025-11-18 sovereign crypto readiness review. Evidence Locker Guild · Security Guild Route hashing/signing/bundle encryption through ICryptoProviderRegistry/ICryptoHash for sovereign crypto providers.

Action Tracker

Action Owner(s) Due Status
Capture AdvisoryAI + orchestrator schema deltas into this sprint and attach sample payloads. Evidence Locker Guild 2025-11-15 BLOCKED (schemas not yet delivered)
Draft Replay Ledger API + CLI notes to unblock EVID-REPLAY-187-001/002. Evidence Locker Guild · Replay Delivery Guild 2025-11-16 BLOCKED (awaiting schema signals)
Validate ICryptoProviderRegistry plan at readiness review. Evidence Locker Guild · Security Guild 2025-11-18 Pending

Interlocks & Readiness Signals

Dependency Impacts Status / Next signal
AdvisoryAI evidence bundle schema & payload notes (Sprint 110.A) EVID-OBS-54-002, EVID-REPLAY-187-001/002 Pending; expected at 2025-11-14 stand-up. Required before DOING.
Orchestrator + Notifications capsule schema (docs/events/orchestrator-scanner-events.md) All tasks Pending; expected 2025-11-15 handoff. Required before DOING.
Sovereign crypto readiness review EVID-CRYPTO-90-001 Scheduled 2025-11-18; blocks sovereign routing.
Replay Ledger spec alignment (docs/replay/DETERMINISTIC_REPLAY.md) EVID-REPLAY-187-001/002, RUNBOOK-REPLAY-187-004 Sections 2,8,9 must be reflected once schemas land.

Decisions & Risks

Item Status / Decision Notes
Schema readiness BLOCKED Waiting on AdvisoryAI + orchestrator envelopes; no DOING until frozen.
Crypto routing approval PENDING Review on 2025-11-18 to approve ICryptoProviderRegistry wiring.
Template & filename normalization DONE (2025-11-17) Renamed to SPRINT_0161_0001_0001_evidencelocker.md; structure aligned to sprint template.

Risk table

Risk Severity Mitigation / Owner
AdvisoryAI schema slips past 2025-11-14, delaying DSSE manifest freeze. High AdvisoryAI Guild to provide interim sample payloads; EvidenceLocker to stub adapters.
Orchestrator/Notifications schema handoff misses 2025-11-15. High Escalate to Wave 150/140; keep tasks BLOCKED and schedule daily stand-ups until envelopes land.
Sovereign crypto routing design not ready by 2025-11-18. Medium Security to publish reference implementation; EvidenceLocker to nominate fallback providers.
Replay Ledger alignment drifts from CLI behavior. Medium Sync docs/runbooks with CLI/EvidenceLocker changes once schemas land; add deterministic test cases.

Execution Log

Date (UTC) Update Owner
2025-11-12 Snapshot captured (pre-template) with tasks TODO. Planning
2025-11-17 Normalized sprint to standard template, renamed file, and set all tasks BLOCKED pending schemas/crypto review. Implementer