git.stella-ops.org/docs/modules/web/README.md

# Web

**Status:** Implemented
**Source:** `src/Web/`
**Owner:** UI Guild

## Purpose

Web provides the Angular 17 single-page application (SPA) frontend for StellaOps. Delivers the user interface for vulnerability exploration, policy management, scan results, SBOM visualization, and administrative functions.

## Components

**Application:**
- `StellaOps.Web` - Angular 17 application with TypeScript, routing, and component library

**Key Features:**
- Dashboard and vulnerability overview
- Container scan results and SBOM explorer
- Policy editor and rule visualization
- VEX statement review and approval workflows
- Task pack execution monitoring
- Admin console for configuration and user management
- **Unified Triage Experience** - Smart-Diff Compare View, Triage Canvas, Risk Dashboard
- **Risk Budget Visualization** - Burn-up charts, heatmaps, exception ledger

## Configuration

Angular configuration in `angular.json` and environment files.

Key settings:
- Backend API URL (`STELLAOPS_BACKEND_URL`)
- Authority OAuth/OIDC endpoints
- Feature flags for module visibility
- Telemetry and error reporting

## Build and Development

```bash
# Install dependencies
cd src/Web/StellaOps.Web
npm install

# Development server
npm start

# Production build
npm run build

# Run tests
npm test

# Run E2E tests (Playwright)
npx playwright test
```

## Dependencies

- Gateway (API access)
- Authority (authentication and authorization)
- All backend services (via Gateway routing)

## Related Documentation

### Triage Experience
- [Unified Triage Specification](./unified-triage-specification.md) - Consolidated triage requirements
- [Smart-Diff UI Architecture](./smart-diff-ui-architecture.md) - Compare view design
- [Triage Component Catalog](./triage-component-catalog.md) - Angular component documentation
- [Competitive Triage Patterns](./competitive-triage-patterns.md) - Industry comparison

### Module Dependencies
- UI Module: `../ui/` (shared UI components)
- Gateway: `../gateway/` (API access)
- Authority: `../authority/` (authentication)
- VulnExplorer: `../vulnexplorer/` (vulnerability data)

### Implementation Sprints
- [Smart-Diff Compare](../../implplan/SPRINT_20251226_012_FE_smart_diff_compare.md)
- [Triage Canvas](../../implplan/SPRINT_20251226_013_FE_triage_canvas.md)
- [Risk Dashboard](../../implplan/SPRINT_20251226_004_FE_risk_dashboard.md)

## Current Status

Angular 17 application implemented with routing, authentication, and integration with backend services. Supports vulnerability exploration, scan results, SBOM visualization, and policy management. Playwright E2E tests configured.