stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
cef4cb2c5a2d29b5b40a4a25cd7f8426c8c5dd4f
git.stella-ops.org/docs/implplan/SPRINT_215_web_iv.md
master cef4cb2c5a Add support for ГОСТ Р 34.10 digital signatures 
- Implemented the GostKeyValue class for handling public key parameters in ГОСТ Р 34.10 digital signatures.
- Created the GostSignedXml class to manage XML signatures using ГОСТ 34.10, including methods for computing and checking signatures.
- Developed the GostSignedXmlImpl class to encapsulate the signature computation logic and public key retrieval.
- Added specific key value classes for ГОСТ Р 34.10-2001, ГОСТ Р 34.10-2012/256, and ГОСТ Р 34.10-2012/512 to support different signature algorithms.
- Ensured compatibility with existing XML signature standards while integrating ГОСТ cryptography.
2025-11-09 21:59:57 +02:00

4.5 KiB
Raw Blame History

Sprint 215 - Experience & SDKs · 180.F) Web.IV

Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).

[Experience & SDKs] 180.F) Web.IV Depends on: Sprint 180.F - Web.III Summary: Experience & SDKs focus on Web (phase IV).

Task ID State Task description Owners (Source)
WEB-ORCH-33-001 Control + backfill actions TODO Add POST action routes (`pause. Dependencies: WEB-ORCH-32-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-ORCH-34-001 Quotas & telemetry TODO Surface quotas/backfill APIs, queue/backpressure metrics, and error clustering routes with admin scope enforcement and audit logging. Dependencies: WEB-ORCH-33-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-POLICY-20-001 Policy endpoints TODO Implement Policy CRUD/compile/run/simulate/findings/explain endpoints with OpenAPI, tenant scoping, and service identity enforcement. BE-Base Platform Guild, Policy Guild (src/Web/StellaOps.Web)
WEB-POLICY-20-002 Pagination & filters TODO Add pagination, filtering, sorting, and tenant guards to listings for policies, runs, and findings; include deterministic ordering and query diagnostics. Dependencies: WEB-POLICY-20-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-POLICY-20-003 Error mapping TODO Map engine errors to ERR_POL_* responses with consistent payloads and contract tests; expose correlation IDs in headers. Dependencies: WEB-POLICY-20-002. BE-Base Platform Guild, QA Guild (src/Web/StellaOps.Web)
WEB-POLICY-20-004 Simulate rate limits TODO Introduce adaptive rate limiting + quotas for simulation endpoints, expose metrics, and document retry headers. Dependencies: WEB-POLICY-20-003. Platform Reliability Guild (src/Web/StellaOps.Web)
WEB-POLICY-23-001 Policy pack CRUD BLOCKED (2025-10-29) Implement API endpoints for creating/listing/fetching policy packs and revisions (/policy/packs, /policy/packs/{id}/revisions) with pagination, RBAC, and AOC metadata exposure. (Tracked via Sprint 18.5 gateway tasks.). Dependencies: WEB-POLICY-20-004. BE-Base Platform Guild, Policy Guild (src/Web/StellaOps.Web)
WEB-POLICY-23-002 Activation & scope BLOCKED (2025-10-29) Add activation endpoint with scope windows, conflict checks, and optional 2-person approval integration; emit events on success. (Tracked via Sprint 18.5 gateway tasks.). Dependencies: WEB-POLICY-23-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-POLICY-23-003 Simulation & evaluation TODO Provide /policy/simulate and /policy/evaluate endpoints with streaming responses, rate limiting, and error mapping. Dependencies: WEB-POLICY-23-002. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-POLICY-23-004 Explain retrieval TODO Expose explain history endpoints (/policy/runs, /policy/runs/{id}) including decision tree, sources consulted, and AOC chain. Dependencies: WEB-POLICY-23-003. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-POLICY-27-001 Policy registry proxy TODO Surface Policy Registry APIs (/policy/workspaces, /policy/versions, /policy/reviews, /policy/registry) through gateway with tenant scoping, RBAC, and request validation; ensure streaming downloads for evidence bundles. Dependencies: WEB-POLICY-23-004. BE-Base Platform Guild, Policy Registry Guild (src/Web/StellaOps.Web)
WEB-POLICY-27-002 Review & approval routes TODO Implement review lifecycle endpoints (open, comment, approve/reject) with audit headers, comment pagination, and webhook fan-out. Dependencies: WEB-POLICY-27-001. BE-Base Platform Guild (src/Web/StellaOps.Web)
WEB-POLICY-27-003 Simulation orchestration endpoints TODO Expose quick/batch simulation endpoints with SSE progress (/policy/simulations/{runId}/stream), cursor-based result pagination, and manifest download routes. Dependencies: WEB-POLICY-27-002. BE-Base Platform Guild, Scheduler Guild (src/Web/StellaOps.Web)
WEB-POLICY-27-004 Publish & promote controls TODO Add publish/sign/promote/rollback endpoints with idempotent request IDs, canary parameters, and environment bindings; enforce scope checks and emit structured events. Dependencies: WEB-POLICY-27-003. BE-Base Platform Guild, Security Guild (src/Web/StellaOps.Web)
WEB-POLICY-27-005 Policy Studio telemetry TODO Instrument metrics/logs for compile latency, simulation queue depth, approval latency, promotion actions; expose aggregated dashboards and correlation IDs for Console. Dependencies: WEB-POLICY-27-004. BE-Base Platform Guild, Observability Guild (src/Web/StellaOps.Web)