b444284be5
Archive completed sprint documentation and deliverables: ## SPRINT_3500 - Proof of Exposure (PoE) Implementation (COMPLETE ✅) - Windows filesystem hash sanitization (colon → underscore) - Namespace conflict resolution (Subgraph → PoESubgraph) - Mock test improvements with It.IsAny<>() - Direct orchestrator unit tests - 8/8 PoE tests passing (100% success) - Archived to: docs/implplan/archived/2025-12-23-sprint-3500-poe/ ## SPRINT_7100.0001 - Proof-Driven Moats Core (COMPLETE ✅) - Four-tier backport detection system - 9 production modules (4,044 LOC) - Binary fingerprinting (TLSH + instruction hashing) - VEX integration with proof-carrying verdicts - 42+ unit tests passing (100% success) - Archived to: docs/implplan/archived/2025-12-23-sprint-7100-proof-moats/ ## SPRINT_7100.0002 - Proof Moats Storage Layer (COMPLETE ✅) - PostgreSQL repository implementations - Database migrations (4 evidence tables + audit) - Test data seed scripts (12 evidence records, 3 CVEs) - Integration tests with Testcontainers - <100ms proof generation performance - Archived to: docs/implplan/archived/2025-12-23-sprint-7100-proof-moats/ ## SPRINT_3000_0200 - Authority Admin & Branding (COMPLETE ✅) - Console admin RBAC UI components - Branding editor with tenant isolation - Authority backend endpoints - Archived to: docs/implplan/archived/ ## Additional Documentation - CLI command reference and compliance guides - Module architecture docs (26 modules documented) - Data schemas and contracts - Operations runbooks - Security risk models - Product roadmap All archived sprints achieved 100% completion of planned deliverables. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
41 lines
1.6 KiB
Markdown
41 lines
1.6 KiB
Markdown
# API overview
|
|
|
|
## Conventions
|
|
- JSON payloads use camelCase and RFC 7807 for problem details.
|
|
- Streaming endpoints support SSE or NDJSON.
|
|
- Timestamps are UTC ISO 8601.
|
|
|
|
## Major API groups
|
|
- Scanner: scan submission, status, SBOM retrieval, diffs, reports.
|
|
- Policy: policy import/export, validation, preview, and simulation.
|
|
- Scheduler: schedules, runs, and impact selection.
|
|
- Notify: rules, channels, deliveries, and test sends.
|
|
- VEX and consensus: consensus evaluation and exports.
|
|
- Signals: reachability, runtime facts, unknowns.
|
|
- Export Center: export runs and offline bundles.
|
|
- Authority: token issuance and administrative endpoints.
|
|
|
|
## OpenAPI specifications
|
|
- docs/api/delta-compare-openapi.yaml
|
|
- docs/api/evidence-decision-api.openapi.yaml
|
|
- docs/api/graph-gateway-spec-draft.yaml
|
|
- docs/api/notify-openapi.yaml
|
|
- docs/api/proofs-openapi.yaml
|
|
- docs/api/taskrunner-openapi.yaml
|
|
- docs/api/vexlens-openapi.yaml
|
|
- docs/modules/export-center/openapi/export-center.v1.yaml
|
|
- docs/modules/findings-ledger/openapi/findings-ledger.v1.yaml
|
|
- docs/modules/vuln-explorer/openapi/vuln-explorer.v1.yaml
|
|
- docs/schemas/excititor-chunk-api.openapi.yaml
|
|
- docs/schemas/findings-evidence-api.openapi.yaml
|
|
- docs/schemas/findings-ledger-api.openapi.yaml
|
|
- docs/schemas/graph-platform-api.openapi.yaml
|
|
- docs/schemas/ledger-time-travel-api.openapi.yaml
|
|
- docs/schemas/policy-engine-rest.openapi.yaml
|
|
- docs/schemas/policy-registry-api.openapi.yaml
|
|
|
|
## Schema and contract catalogs
|
|
- docs/schemas: JSON schemas and OpenAPI fragments.
|
|
- docs/contracts: protocol and contract definitions.
|
|
- docs/api: API references and gateway specs.
|