stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
c2c6b58b416bc36020cc9d593f44c75e7401fbb7
git.stella-ops.org/docs/implplan/SPRINT_202_cli_ii.md
master c2c6b58b41 feat: Add Promotion-Time Attestations for Stella Ops 
- Introduced a new document for promotion-time attestations, detailing the purpose, predicate schema, producer workflow, verification flow, APIs, and security considerations.
- Implemented the `stella.ops/promotion@v1` predicate schema to capture promotion evidence including image digest, SBOM/VEX artifacts, and Rekor proof.
- Defined producer responsibilities and workflows for CLI orchestration, signer responsibilities, and Export Center integration.
- Added verification steps for auditors to validate promotion attestations offline.

feat: Create Symbol Manifest v1 Specification

- Developed a specification for Symbol Manifest v1 to provide a deterministic format for publishing debug symbols and source maps.
- Defined the manifest structure, including schema, entries, source maps, toolchain, and provenance.
- Outlined upload and verification processes, resolve APIs, runtime proxy, caching, and offline bundle generation.
- Included security considerations and related tasks for implementation.

chore: Add Ruby Analyzer with Git Sources

- Created a Gemfile and Gemfile.lock for Ruby analyzer with dependencies on git-gem, httparty, and path-gem.
- Implemented main application logic to utilize the defined gems and output their versions.
- Added expected JSON output for the Ruby analyzer to validate the integration of the new gems and their functionalities.
- Developed internal observation classes for Ruby packages, runtime edges, and capabilities, including serialization logic for observations.

test: Add tests for Ruby Analyzer

- Created test fixtures for Ruby analyzer, including Gemfile, Gemfile.lock, main application, and expected JSON output.
- Ensured that the tests validate the correct integration and functionality of the Ruby analyzer with the specified gems.
2025-11-11 15:30:22 +02:00

4.1 KiB
Raw Blame History

Sprint 202 - Experience & SDKs · 180.A) Cli.II

Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).

[Experience & SDKs] 180.A) Cli.II Depends on: Sprint 180.A - Cli.I Summary: Experience & SDKs focus on Cli (phase II).

Task ID State Task description Owners (Source)
CLI-CORE-41-001 TODO Implement CLI core features: config precedence, profiles/contexts, auth flows, output renderer (json/yaml/table), error mapping, global flags, telemetry opt-in. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-EXC-25-001 TODO Implement `stella exceptions list DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-EXC-25-002 TODO Extend stella policy simulate with --with-exception/--without-exception flags to preview exception impact. Dependencies: CLI-EXC-25-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-EXPORT-35-001 BLOCKED (2025-10-29) Implement `stella export profiles DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-EXPORT-36-001 TODO Add distribution commands (stella export distribute, run download --resume enhancements) and improved status polling with progress bars. Dependencies: CLI-EXPORT-35-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-EXPORT-37-001 TODO Provide scheduling (stella export schedule), retention, and export verify commands performing signature/hash validation. Dependencies: CLI-EXPORT-36-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-FORENSICS-53-001 TODO Implement stella forensic snapshot create --case and snapshot list/show commands invoking evidence locker APIs, surfacing manifest digests, and storing local cache metadata. DevEx/CLI Guild, Evidence Locker Guild (src/Cli/StellaOps.Cli)
CLI-FORENSICS-54-001 TODO Provide stella forensic verify <bundle> command validating checksums, DSSE signatures, and timeline chain-of-custody. Support JSON/pretty output and exit codes for CI. Dependencies: CLI-FORENSICS-53-001. DevEx/CLI Guild, Provenance Guild (src/Cli/StellaOps.Cli)
CLI-FORENSICS-54-002 TODO Implement stella forensic attest show <artifact> listing attestation details (signer, timestamp, subjects) and verifying signatures. Dependencies: CLI-FORENSICS-54-001. DevEx/CLI Guild, Provenance Guild (src/Cli/StellaOps.Cli)
CLI-PROMO-70-001 TODO Add stella promotion assemble command that resolves image digests, hashes SBOM/VEX artifacts, fetches Rekor proofs from Attestor, and emits the stella.ops/promotion@v1 JSON payload (see docs/release/promotion-attestations.md). DevEx/CLI Guild, Provenance Guild (src/Cli/StellaOps.Cli)
CLI-DETER-70-003 TODO Provide stella detscore run that executes the determinism harness locally (fixed clock, seeded RNG, canonical hashes) and writes determinism.json, supporting CI/non-zero threshold exit codes (docs/modules/scanner/determinism-score.md). DevEx/CLI Guild, Scanner Guild (src/Cli/StellaOps.Cli)
CLI-LNM-22-001 TODO Implement stella advisory obs get/linkset show/export commands with JSON/OSV output, pagination, and conflict display; ensure ERR_AGG_* mapping. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-LNM-22-002 TODO Implement stella vex obs get/linkset show commands with product filters, status filters, and JSON output for CI usage. Dependencies: CLI-LNM-22-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-NOTIFY-38-001 BLOCKED (2025-10-29) Implement `stella notify rules DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-NOTIFY-39-001 BLOCKED (2025-10-29) Add simulation (stella notify simulate) and digest commands with diff output and schedule triggering, including dry-run mode. Dependencies: CLI-NOTIFY-38-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-NOTIFY-40-001 TODO Provide ack token redemption workflow, escalation management, localization previews, and channel health checks. Dependencies: CLI-NOTIFY-39-001. DevEx/CLI Guild (src/Cli/StellaOps.Cli)
CLI-OBS-50-001 TODO Ensure CLI HTTP client propagates traceparent headers for all commands, prints correlation IDs on failure, and records trace IDs in verbose logs (scrubbed). DevEx/CLI Guild (src/Cli/StellaOps.Cli)