stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
b1e78fe41273a80c09ca56e37f273fc64d2a0a32
git.stella-ops.org/src/UI/StellaOps.UI/TASKS.md
master 15b4a1de6a feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
2025-10-31 14:37:45 +02:00

13 KiB
Raw Blame History

UI Task Board (Sprints 13 & 19)

ID Status Owner(s) Depends on Description Exit Criteria
UI-POLICY-13-007 TODO UI Guild POLICY-CORE-09-006, SCANNER-WEB-09-103 Surface policy confidence metadata (band, age, quiet provenance) on preview and report views. UI renders new columns/tooltips, accessibility and responsive checks pass, Cypress regression updated.
UI-AOC-19-001 TODO UI Guild CONCELIER-WEB-AOC-19-001, EXCITITOR-WEB-AOC-19-001 Add Sources dashboard tiles showing AOC pass/fail, recent violation codes, and ingest throughput per tenant. Dashboard displays metrics from new endpoints, charts verified in e2e tests, accessibility checks pass.
UI-AOC-19-002 TODO UI Guild UI-AOC-19-001 Implement violation drill-down view highlighting offending document fields and provenance metadata. Drill-down renders formatted JSON with highlights; copy-to-clipboard works; tests cover forbidden key cases.
UI-AOC-19-003 TODO UI Guild UI-AOC-19-001, CLI-AOC-19-002 Add "Verify last 24h" action triggering AOC verifier endpoint and surfacing CLI parity guidance. Action wired to API, results rendered in toast/log panel, docs link to CLI usage, e2e test verifies flow.

Policy Engine v2 (Sprint 20)

ID Status Owner(s) Depends on Description Exit Criteria
UI-POLICY-20-001 TODO UI Guild WEB-POLICY-20-001 Ship Monaco-based policy editor with DSL syntax highlighting, inline diagnostics, and compliance checklist sidebar. Editor renders DSL with token colors + lint; accessibility review passes; diagnostics surfaced from API compile endpoint in tests.
UI-POLICY-20-002 TODO UI Guild UI-POLICY-20-001, WEB-POLICY-20-001, WEB-POLICY-20-002 Build simulation panel showing before/after counts, severity deltas, and rule hit summaries with deterministic diff rendering. Simulation view consumes API diff JSON, handles large datasets with virtualization, Cypress regression verifies charts/tables.
UI-POLICY-20-003 TODO UI Guild, Product Ops UI-POLICY-20-001, AUTH-POLICY-27-001 Implement submit/review/approve workflow with comments, approvals log, and RBAC checks aligned to new Policy Studio roles (policy:author/policy:review/policy:approve/policy:operate). Workflow passes e2e tests, audit trail rendered, unauthorized roles blocked, docs linked from UI help.
UI-POLICY-20-004 TODO UI Guild, Observability Guild WEB-POLICY-20-001, POLICY-ENGINE-20-006, POLICY-ENGINE-20-007 Add run viewer dashboards (rule heatmap, VEX wins, suppressions) with filter/search and export. Dashboards render aggregated metrics, export downloads CSV/JSON, accessibility/perf budgets met, telemetry charts validated.

Policy Studio RBAC Alignment (Sprint 27)

ID Status Owner(s) Depends on Description Exit Criteria
UI-POLICY-27-001 TODO UI Guild, Product Ops AUTH-POLICY-27-001, UI-POLICY-20-003 Update Console policy workspace RBAC guards, scope requests, and user messaging to reflect the new Policy Studio roles/scopes (policy:author/review/approve/operate/audit/simulate), including Cypress auth stubs and help text. UI requests tokens with new scopes, unauthorized messaging references updated roles, Cypress/e2e tests cover scope failures, and help tooltips/docs links refreshed.

Heads-up: Authority & Gateway configs now reject the old policy:write/policy:submit scopes—Console policy flows will error until they request the new bundles.

Graph Explorer v1 (Sprint 21)

ID Status Owner(s) Depends on Description Exit Criteria
UI-GRAPH-21-001 TODO UI Guild WEB-GRAPH-21-001, AUTH-GRAPH-21-001 Align Graph Explorer auth configuration with new graph:* scopes; consume scope identifiers from shared StellaOpsScopes exports (via generated SDK/config) instead of hard-coded strings. UI requests graph tokens using shared scope constants; configuration docs updated; Cypress auth stub updated accordingly.

Link-Not-Merge v1 (Sprint 22)

ID Status Owner(s) Depends on Description Exit Criteria
UI-LNM-22-001 TODO UI Guild, Policy Guild SCANNER-LNM-21-002, WEB-LNM-21-001 Build Evidence panel showing policy decision with advisory observations/linksets side-by-side, conflict badges, AOC chain, and raw doc download links. Docs DOCS-LNM-22-005 waiting on delivered UI for screenshots + flows. Panel renders multiple sources; conflict badges accessible; e2e tests cover high-volume linksets.
UI-LNM-22-002 TODO UI Guild UI-LNM-22-001 Implement filters (source, severity bucket, conflict-only, CVSS vector presence) and pagination/lazy loading for large linksets. Docs depend on finalized filtering UX. Filters respond within 500 ms; virtualization validated; unit/e2e tests added.
UI-LNM-22-003 TODO UI Guild, Excititor Guild UI-LNM-22-001, WEB-LNM-21-002 Add VEX tab with status/justification summaries, conflict indicators, and export actions. Required for DOCS-LNM-22-005 coverage of VEX evidence tab. VEX tab displays multiple observations; exports produce zipped OSV/CycloneDX; tests updated.
UI-LNM-22-004 TODO UI Guild UI-LNM-22-001 Provide permalink + copy-to-clipboard for selected component/linkset/policy combination; ensure high-contrast theme support. Permalink reproduces state; accessibility audit passes; telemetry events logged.

StellaOps Console (Sprint 23)

ID Status Owner(s) Depends on Description Exit Criteria

2025-10-31: Added authority console API client, session store/service, and access token metadata parsing in AuthorityAuthService. Signals expose tenant/scopes, and unit tests cover happy/error paths. 2025-10-31: Delivered ConsoleProfileComponent, hooked into navigation/header indicators, and styled cards for profile/token/tenant catalog with refresh + tenant switching.

Policy Engine + Editor v1 (Sprint 23)

ID Status Owner(s) Depends on Description Exit Criteria
UI-POLICY-23-001 TODO UI Guild, Policy Guild WEB-POLICY-23-001 Deliver Policy Editor workspace with pack list, revision history, and scoped metadata cards. Editor lists packs/revisions; navigation accessible; tests cover RBAC states.
UI-POLICY-23-002 TODO UI Guild UI-POLICY-23-001 Implement YAML editor with schema validation, lint diagnostics, and live canonicalization preview. YAML editor surfaces inline errors sourced from compiler; keyboard shortcuts and accessibility verified.
UI-POLICY-23-003 TODO UI Guild UI-POLICY-23-001, WEB-POLICY-23-003 Build guided rule builder (source preferences, severity mapping, VEX precedence, exceptions) with preview JSON output. Guided builder generates valid SPL, diff view matches YAML; tests cover rule permutations.
UI-POLICY-23-004 TODO UI Guild UI-POLICY-23-001, WEB-POLICY-23-002, POLICY-GATEWAY-18-002..003 Add review/approval workflow UI: checklists, comments, two-person approval indicator, scope scheduling. Workflow screens complete; approval restrictions enforced; e2e tests cover approval -> activation.
UI-POLICY-23-005 TODO UI Guild UI-POLICY-23-001, WEB-POLICY-23-003 Integrate simulator panel (SBOM/component/advisory selection), run diff vs active policy, show explain tree and overlays. Simulation results render diff/projection; explain tree interactive; performance <1s for sample data.
UI-POLICY-23-006 TODO UI Guild UI-POLICY-23-005 Implement explain view linking to evidence overlays and exceptions; provide export to JSON/PDF. Explain view accessible; exports generated; analytics instrumented.

Graph & Vuln Explorer v1 (Sprint 24)

ID Status Owner(s) Depends on Description Exit Criteria
UI-GRAPH-24-001 TODO UI Guild, SBOM Service Guild WEB-GRAPH-24-001 Build Graph Explorer canvas with layered/radial layouts, virtualization, zoom/pan, and scope toggles; initial render <1.5s for sample asset. Canvas meets perf budget; automated tests cover navigation; accessibility validation done.
UI-GRAPH-24-002 TODO UI Guild, Policy Guild UI-GRAPH-24-001, WEB-GRAPH-24-001, WEB-VEX-30-007 Implement overlays (Policy, Evidence, License, Exposure), simulation toggle, path view, and SBOM diff/time-travel with accessible tooltips/AOC indicators. Overlays + simulation toggle respond <250 ms; path view/diff export validated; accessibility tests cover keyboard + contrast; e2e covers overlay combos.
UI-GRAPH-24-003 TODO UI Guild UI-GRAPH-24-001 Deliver filters/search panel with facets, saved views, permalinks, and share modal. Filters update view <250ms; saved view persisted; permalinks reproduce state.
UI-GRAPH-24-004 TODO UI Guild UI-GRAPH-24-001 Add side panels (Details, What-if, History) with upgrade simulation integration and SBOM diff viewer. Simulation results display diff + policy impact; history shows added/removed nodes; tests cover flows.
UI-GRAPH-24-006 TODO UI Guild, Accessibility Guild UI-GRAPH-24-001..005 Ensure accessibility (keyboard nav, screen reader labels, contrast), add hotkeys (f,e,.), and analytics instrumentation. Accessibility audit passes; hotkeys documented; telemetry events captured.

Exceptions v1 (Sprint 25)

ID Status Owner(s) Depends on Description Exit Criteria
UI-EXC-25-001 TODO UI Guild, Governance Guild WEB-EXC-25-001 Build Exception Center (list + kanban) with filters, sorting, workflow transitions, and audit views. Exception Center functional; state transitions via UI; accessibility validated.
UI-EXC-25-002 TODO UI Guild UI-EXC-25-001 Implement exception creation wizard with scope preview, justification templates, timebox guardrails. Wizard enforces scope/timebox; previews impacted items; tests cover validation.
UI-EXC-25-003 TODO UI Guild UI-EXC-25-001, WEB-EXC-25-002 Add inline exception drafting/proposing from Vulnerability Explorer and Graph detail panels with live simulation. Inline flows produce drafts; preview shows policy delta; telemetry instrumented.
UI-EXC-25-004 TODO UI Guild UI-EXC-25-001 Surface exception badges, countdown timers, and explain integration across Graph/Vuln Explorer and policy views. Badges visible with SR labels; countdown updates; explain drawer shows exception info.
UI-EXC-25-005 TODO UI Guild, Accessibility Guild UI-EXC-25-001..004 Add keyboard shortcuts (x,a,r) and ensure screen-reader messaging for approvals/revocations. Shortcuts functional; accessibility audit passes.

Reachability v1 (Sprint 26)

ID Status Owner(s) Depends on Description Exit Criteria
UI-SIG-26-001 TODO UI Guild, Signals Guild WEB-SIG-26-001 Add reachability columns/badges to Vulnerability Explorer with filters and tooltips. Columns render with virtualization; filters update under 250 ms; badges accessible.
UI-SIG-26-002 TODO UI Guild UI-SIG-26-001, WEB-SIG-26-002 Enhance “Why” drawer with call path visualization, reachability timeline, and evidence list. Drawer displays call path breadcrumb; copyable details; tests cover states.
UI-SIG-26-003 TODO UI Guild UI-GRAPH-24-001, WEB-SIG-26-002 Add reachability overlay halos/time slider to SBOM Graph along with state legend. Overlay toggles; time slider compares snapshots; performance budget met.
UI-SIG-26-004 TODO UI Guild WEB-SIG-26-003 Build Reachability Center view showing asset coverage, missing sensors, and stale facts. Center lists assets with metrics; missing sensors highlighted; accessibility validated.

Orchestrator Dashboard (Sprint 32)

ID Status Owner(s) Depends on Description Exit Criteria
UI-ORCH-32-001 TODO UI Guild, Console Guild AUTH-ORCH-32-001, ORCH-SVC-32-003 Update Console RBAC mappings to surface Orch.Viewer, request orch:read scope in token flows, and gate dashboard access/messaging accordingly. Console role catalogue includes Orch.Viewer; auth helpers use shared scope constant; dashboard routes enforce scope and show actionable guidance; e2e tests cover authorized/unauthorized flows.

2025-10-31: Authority minted orch:read scope; ensure Console UX aligns before orchestrator dashboards ship.