stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
cef4cb2c5a2d29b5b40a4a25cd7f8426c8c5dd4f
git.stella-ops.org/docs/implplan/SPRINT_116_concelier_v.md
master cef4cb2c5a Add support for ГОСТ Р 34.10 digital signatures 
- Implemented the GostKeyValue class for handling public key parameters in ГОСТ Р 34.10 digital signatures.
- Created the GostSignedXml class to manage XML signatures using ГОСТ 34.10, including methods for computing and checking signatures.
- Developed the GostSignedXmlImpl class to encapsulate the signature computation logic and public key retrieval.
- Added specific key value classes for ГОСТ Р 34.10-2001, ГОСТ Р 34.10-2012/256, and ГОСТ Р 34.10-2012/512 to support different signature algorithms.
- Ensured compatibility with existing XML signature standards while integrating ГОСТ cryptography.
2025-11-09 21:59:57 +02:00

5.1 KiB
Raw Blame History

Sprint 116 - Ingestion & Evidence · 110.B) Concelier.V

Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).

[Ingestion & Evidence] 110.B) Concelier.V Depends on: Sprint 110.B - Concelier.IV Summary: Ingestion & Evidence focus on Concelier (phase V).

Task ID State Task description Owners (Source)
CONCELIER-VULN-29-004 Observability enhancements TODO Instrument observation/linkset pipelines with metrics for identifier collisions, withdrawn statements, and chunk latencies; stream them to Vuln Explorer without altering evidence payloads. Depends on CONCELIER-VULN-29-001. Concelier WebService Guild, Observability Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AIRGAP-56-001 Mirror import APIs TODO Extend ingestion endpoints to register mirror bundle sources, expose bundle catalogs, and enforce sealed-mode by blocking direct internet feeds. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AIRGAP-56-002 Airgap status surfaces TODO Add staleness + bundle provenance metadata to /advisories/observations and /advisories/linksets so operators can see freshness without Excitior deriving outcomes. Depends on CONCELIER-WEB-AIRGAP-56-001. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AIRGAP-57-001 Error remediation TODO Map sealed-mode violations to consistent AIRGAP_EGRESS_BLOCKED payloads that explain how to remediate, leaving advisory content untouched. Depends on CONCELIER-WEB-AIRGAP-56-002. Concelier WebService Guild, AirGap Policy Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AIRGAP-58-001 Import timeline emission TODO Emit timeline events for bundle imports (bundle ID, scope, actor) so audit trails capture every evidence change. Depends on CONCELIER-WEB-AIRGAP-57-001. Concelier WebService Guild, AirGap Importer Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AOC-19-003 Schema/guard unit tests TODO Add unit tests for schema validators, forbidden-field guards (ERR_AOC_001/2/6/7), and supersedes chains to keep ingestion append-only. Depends on CONCELIER-WEB-AOC-19-002. QA Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AOC-19-004 End-to-end ingest verification TODO Create integration tests that ingest large advisory batches (cold/warm), verify reproducible linksets, and record metrics/fixtures for Offline Kit rehearsals. Depends on CONCELIER-WEB-AOC-19-003. Concelier WebService Guild, QA Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AOC-19-005 Chunk evidence regression TODO (2025-11-08) Fix /advisories/{key}/chunks test data so pre-seeded raw docs resolve correctly; ensure Mongo migrations stop logging “Unable to locate advisory_raw documents” during tests. Depends on CONCELIER-WEB-AOC-19-002. Concelier WebService Guild, QA Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AOC-19-006 Allowlist ingest auth parity TODO (2025-11-08) Align default auth/tenant configs with the test fixtures so allowlisted tenants can ingest before forbidden tenants are rejected, closing the gap in AdvisoryIngestEndpoint_RejectsTenantOutsideAllowlist. Depends on CONCELIER-WEB-AOC-19-002. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-AOC-19-007 AOC verify violation codes TODO (2025-11-08) Update AOC verify logic so guard failures emit ERR_AOC_001 (not _004) and keep mapper/guard parity covered by regression tests. Depends on CONCELIER-WEB-AOC-19-002. Concelier WebService Guild, QA Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OAS-61-002 Error envelope migration TODO Ensure every API returns the standardized error envelope and update controllers/tests accordingly (prereq for SDK/doc alignment). Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OAS-62-001 Examples expansion TODO Publish curated examples for observations/linksets/conflicts and wire them into the developer portal. Depends on CONCELIER-WEB-OAS-61-002. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OAS-63-001 Deprecation headers TODO Emit deprecation headers + notifications for retiring endpoints, steering clients toward Link-Not-Merge APIs. Depends on CONCELIER-WEB-OAS-62-001. Concelier WebService Guild, API Governance Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OBS-51-001 Observability APIs TODO Add /obs/concelier/health surfaces for ingest health, queue depth, and SLO status so Console widgets can display real-time evidence pipeline stats. Depends on CONCELIER-WEB-OBS-50-001. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)
CONCELIER-WEB-OBS-52-001 Timeline streaming TODO Provide SSE stream /obs/concelier/timeline with paging tokens, guardrails, and audit logging so operators can monitor evidence changes live. Depends on CONCELIER-WEB-OBS-51-001. Concelier WebService Guild (src/Concelier/StellaOps.Concelier.WebService)