stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
b9f71fc7e9e1fb9b1c366ebd75f92483b2f94b67
git.stella-ops.org/docs/modules/findings-ledger
History
StellaOps Bot 43e2af88f6 docs consolidation
2025-12-24 21:45:46 +02:00
..
contracts
feat: Add VEX Status Chip component and integration tests for reachability drift detection
2025-12-20 01:26:42 +02:00
openapi
feat(graph-api): Add schema review notes for upcoming Graph API changes
2025-11-22 19:22:30 +02:00
operations
feat: Add Bun language analyzer and related functionality
2025-12-06 11:20:35 +02:00
airgap-provenance.md
Add PHP Analyzer Plugin and Composer Lock Data Handling
2025-11-22 14:02:49 +02:00
deployment.md
feat: Implement Wine CSP HTTP provider for GOST cryptographic operations
2025-12-07 14:02:42 +02:00
dsse-policy-linkage.md
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
export-http-surface.md
Add new features and tests for AirGap and Time modules
2025-11-20 23:29:54 +02:00
gaps-FL1-FL10.md
up
2025-12-03 00:10:19 +02:00
golden-checksums.json
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
implementation_plan.md
Implement ledger metrics for observability and add tests for Ruby packages endpoints
2025-11-13 09:29:09 +02:00
merkle-anchor-policy.md
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
oas-baseline.md
Add new features and tests for AirGap and Time modules
2025-11-20 23:29:54 +02:00
observability.md
up
2025-12-09 00:20:52 +02:00
README.md
docs consolidation
2025-12-24 21:45:46 +02:00
redaction-manifest.json
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
redaction-manifest.yaml
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
replay-checksums.sample.json
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
replay-harness.md
Implement ledger metrics for observability and add tests for Ruby packages endpoints
2025-11-13 09:29:09 +02:00
schema-catalog.md
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
schema.md
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
tenant-isolation-redaction.md
feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports
2025-12-02 21:08:01 +02:00
workflow-inference.md
Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case
2025-11-08 20:53:45 +02:00

README.md

Findings Ledger

Immutable, append-only event ledger for tracking vulnerability findings, policy decisions, and workflow state changes across the StellaOps platform.

Purpose

  • Audit trail: Every finding state change (open, triage, suppress, resolve) is recorded with cryptographic hashes and actor metadata.
  • Deterministic replay: Events can be replayed to reconstruct finding states at any point in time.
  • Merkle anchoring: Event chains are Merkle-linked for tamper-evident verification.
  • Tenant isolation: All events are partitioned by tenant with cross-tenant access forbidden.

Quick links

  • FL1FL10 remediation tracker: gaps-FL1-FL10.md
  • Schema catalog (events/projections/exports): schema-catalog.md
  • Merkle & external anchor policy: merkle-anchor-policy.md
  • Tenant isolation & redaction manifest: tenant-isolation-redaction.md