stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
465 Commits 2 Branches 0 Tags
c8f3120174212e70ad217c339e8920dde04a5c76
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
StellaOps Bot c8f3120174 Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism 
- Implement `SbomVexOrderingDeterminismProperties` for testing component list and vulnerability metadata hash consistency.
- Create `UnicodeNormalizationDeterminismProperties` to validate NFC normalization and Unicode string handling.
- Add project file for `StellaOps.Testing.Determinism.Properties` with necessary dependencies.
- Introduce CI/CD template validation tests including YAML syntax checks and documentation content verification.
- Create validation script for CI/CD templates ensuring all required files and structures are present.
2025-12-26 15:17:15 +02:00
.claude
feat: Add in-memory implementations for issuer audit, key, repository, and trust management
2025-12-11 19:47:43 +02:00
.config
Add comprehensive security tests for OWASP A03 (Injection) and A10 (SSRF)
2025-12-16 13:11:57 +02:00
.gitea
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
.github
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
.venv
Add signal contracts for reachability, exploitability, trust, and unknown symbols
2025-12-05 00:27:00 +02:00
certificates
tam
2025-10-12 20:42:07 +00:00
config
up
2025-12-11 08:20:04 +02:00
deploy
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
docs
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
etc
save development progress
2025-12-25 23:10:09 +02:00
evidence-locker
Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org
2025-12-09 13:08:17 +02:00
offline
save development progress
2025-12-25 23:10:09 +02:00
ops
Add call graph fixtures for various languages and scenarios
2025-12-16 10:44:24 +02:00
opt/cryptopro/downloads
up
2025-12-09 00:20:52 +02:00
plugins/scanner/analyzers/lang
save dev progress
2025-12-26 00:32:58 +02:00
policies
feat: add security sink detection patterns for JavaScript/TypeScript
2025-12-22 23:21:21 +02:00
samples
stop syncing with TASKS.md
2025-12-26 11:44:40 +02:00
scripts
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
seed-data
feat: Implement BerkeleyDB reader for RPM databases
2025-12-07 16:24:45 +02:00
src
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
tests/cicd-templates
Add property-based tests for SBOM/VEX document ordering and Unicode normalization determinism
2025-12-26 15:17:15 +02:00
third_party/forks/AlexMAS.GostCryptography
up
2025-11-26 07:47:08 +02:00
third-party-licenses
Add Ruby language analyzer and related functionality
2025-11-03 01:15:43 +02:00
tools
nuget folder fixes
2025-12-25 19:51:56 +02:00
vendor
feat: Add new provenance and crypto registry documentation
2025-11-18 23:47:13 +02:00
.dockerignore
up
2025-12-09 00:20:52 +02:00
.editorconfig
feat: Add new provenance and crypto registry documentation
2025-11-18 23:47:13 +02:00
.gitattributes
up
2025-12-13 02:22:15 +02:00
.gitignore
consolidate the tests locations
2025-12-26 01:48:24 +02:00
.spectral.yaml
feat: Add in-memory implementations for issuer audit, key, repository, and trust management
2025-12-11 19:47:43 +02:00
AGENTS.md
feat(crypto): Complete Phase 2 - Configuration-driven crypto architecture with 100% compliance
2025-12-23 18:20:00 +02:00
CLAUDE.md
consolidate the tests locations
2025-12-26 01:48:24 +02:00
Directory.Build.props
up
2025-12-13 09:37:15 +02:00
Directory.Build.rsp
feat: Implement CVSS receipt management client and models
2025-12-07 01:14:28 +02:00
global.json
up the blokcing tasks
2025-12-11 02:32:18 +02:00
LICENSE
Initial commit (history squashed)
2025-10-11 23:28:35 +03:00
mirror-thin-v1.manifest.json
blockers 2
2025-11-23 14:54:17 +02:00
NOTICE.md
up the blokcing tasks
2025-12-11 02:32:18 +02:00
NuGet.config
nuget folder fixes
2025-12-25 19:51:56 +02:00
package-lock.json
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
package.json
up
2025-11-27 07:46:56 +02:00
StellaOps.Router.slnx
work work hard work
2025-12-18 00:47:24 +02:00
stryker-config.json
Add comprehensive security tests for OWASP A03 (Injection) and A10 (SSRF)
2025-12-16 13:11:57 +02:00
stryker-thresholds.json
Add comprehensive security tests for OWASP A02, A05, A07, and A08 categories
2025-12-16 16:40:44 +02:00

docs/README.md

StellaOps Documentation

StellaOps is a deterministic, offline-first container security platform: every verdict links back to concrete evidence (SBOM slices, advisory/VEX observations, reachability proofs, policy explain traces) and can be replayed for audits.

Two Levels of Documentation

  • High-level (canonical): the curated guides in docs/*.md (usually numbered).
  • Detailed (reference): deep dives under docs/** (module dossiers, architecture notes, API contracts/samples, runbooks, schemas). The entry point is docs/technical/README.md.

This documentation set is internal and does not keep compatibility stubs for old paths. Content is consolidated to reduce duplication and outdated pages.

Start Here

Goal Open this
Understand the product in 2 minutes overview.md
Run a first scan (CLI) quickstart.md
Browse capabilities key-features.md
Roadmap (priorities + definition of "done") 05_ROADMAP.md
Architecture: high-level overview 40_ARCHITECTURE_OVERVIEW.md
Architecture: full reference map 07_HIGH_LEVEL_ARCHITECTURE.md
Offline / air-gap operations 24_OFFLINE_KIT.md
Security deployment hardening 17_SECURITY_HARDENING_GUIDE.md
Ingest advisories (Concelier + CLI) 10_CONCELIER_CLI_QUICKSTART.md
Develop plugins/connectors 10_PLUGIN_SDK_GUIDE.md
Console (Web UI) operator guide 15_UI_GUIDE.md
VEX consensus and issuer trust 16_VEX_CONSENSUS_GUIDE.md
Vulnerability Explorer guide 20_VULNERABILITY_EXPLORER_GUIDE.md

Detailed Indexes

  • Technical index (everything): docs/technical/README.md
  • Module dossiers: docs/modules/
  • API contracts and samples: docs/api/
  • Architecture notes / ADRs: docs/architecture/, docs/adr/
  • Operations and deployment: docs/operations/, docs/deploy/, docs/deployment/
  • Air-gap workflows: docs/airgap/
  • Security deep dives: docs/security/
  • Benchmarks and fixtures: docs/benchmarks/, docs/assets/

Notes

  • The product is offline-first: docs and examples should avoid network dependencies and prefer deterministic fixtures.
  • Feature exposure is configuration-driven; module dossiers define authoritative schemas and contracts per component.
Description
No description provided
Readme AGPL-3.0 2.8 GiB
Languages
C# 91.7%
TypeScript 4.3%
Python 1%
Shell 0.8%
HTML 0.7%
Other 1.3%