stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
8f4337831723e97cc69a4a728efac33eac3c512b
git.stella-ops.org/docs/features/checked/web/triage-explainability-workspace-ui.md

3.4 KiB
Raw Blame History

Triage Explainability Workspace UI

Module

Web

Status

VERIFIED

Description

Shipped the canonical triage artifact workspace with lane-based queue segmentation, contextual explainability panels, canonical /triage/* ownership, and a sibling Audit Bundles page. The preserved workbench ideas now live inside one usable operator shell instead of orphan routes. Security artifact entry points deep-link into the same canonical workspace instead of owning a second surface.

Implementation Details

  • Feature directory: src/Web/StellaOps.Web/src/app/features/triage/
  • Primary components:
    • triage-artifacts (src/Web/StellaOps.Web/src/app/features/triage/triage-artifacts.component.ts)
    • triage-workspace (src/Web/StellaOps.Web/src/app/features/triage/triage-workspace.component.ts)
    • triage-audit-bundles (src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundles.component.ts)
    • triage-audit-bundle-new (src/Web/StellaOps.Web/src/app/features/triage/triage-audit-bundle-new.component.ts)
  • Canonical routes:
    • /triage/artifacts
    • /triage/artifacts/:artifactId
    • /triage/audit-bundles
    • /triage/audit-bundles/new
  • Route state:
    • lane=active|quiet|review
    • panel=ai|reason|provenance|history
    • findingId=<vulnId>
    • tab=evidence|overview|reachability|delta|policy|attestations
  • Preserved functionality:
    • lane-based queue management with row and bulk transitions
    • explainability rail for AI recommendations, reason capsule, provenance, and decision history
    • audit-bundle list and create flow
    • security alias cutover from /security/artifacts*
  • Secondary entry points:
    • Security > Triage
    • Security > Findings
    • Evidence

E2E Test Plan

  • Setup:
    • Log in with a user that can access Security, Triage, and Evidence.
    • Navigate to /triage/artifacts?lane=review.
    • Ensure vulnerability and audit-bundle fixtures are available.
  • Core verification:
    • Verify Active, Quiet Lane, and Needs Review lanes load and keep query state.
    • Verify bulk lane movement and Build audit bundle operate from the live list.
    • Verify workspace detail preserves tab and panel state while showing evidence-first advisory UX.
  • Legacy verification:
    • Verify /security/artifacts and /security/artifacts/:artifactId canonicalize into /triage/*.
    • Verify alias redirects preserve artifactId, query params, and fragments.
    • Verify audit-bundle creation remains reachable from list and detail entry points.

Verification

  • Run:
    • npx ng test --watch=false --include src/tests/triage/triage-artifacts.component.spec.ts --include src/tests/triage/triage-workspace-with-proof-tree.behavior.spec.ts --include src/tests/audit_bundle/triage-routes.spec.ts --include src/tests/security-risk/security-risk-routes.spec.ts --include src/tests/navigation/legacy-redirects.spec.ts --include src/tests/routes/legacy-route-migration-framework.component.spec.ts --include src/tests/audit_bundle/audit-bundles.client.contract.spec.ts --include src/tests/audit_bundle/triage-audit-bundle-new.component.spec.ts --include src/tests/audit_bundle/triage-audit-bundles.component.spec.ts
    • npx playwright test tests/e2e/triage-explainability-workspace.spec.ts --workers=1
  • Tier 0 (source): pass
  • Tier 1 (build/tests): pass
  • Tier 2 (behavior): pass
  • Verified on (UTC): 2026-03-07T19:40:00Z