30 lines
1.7 KiB
Markdown
30 lines
1.7 KiB
Markdown
# Triage lanes (visibility buckets: ACTIVE, BLOCKED, MUTED_REACH, MUTED_VEX, etc.)
|
|
|
|
## Module
|
|
Scanner
|
|
|
|
## Status
|
|
IMPLEMENTED
|
|
|
|
## Description
|
|
Triage lane toggle and quiet lane components implement visibility buckets for findings. Scanner Triage module provides the backend data model.
|
|
|
|
## Implementation Details
|
|
- **Triage Lane Enums**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Triage/Entities/TriageEnums.cs` - Triage lane definitions including ACTIVE, BLOCKED, MUTED_REACH, MUTED_VEX, and other visibility buckets
|
|
- **Triage Finding Model**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Triage/Entities/TriageFinding.cs` - `TriageFinding` entity with lane assignment for visibility bucketing
|
|
- **Triage Status Service**:
|
|
- `src/Scanner/StellaOps.Scanner.WebService/Services/TriageStatusService.cs` - `TriageStatusService` managing lane transitions and visibility state
|
|
- **Gating Integration**:
|
|
- `src/Scanner/StellaOps.Scanner.WebService/Services/FindingRationaleService.cs` - `FindingRationaleService` providing rationale for lane assignments
|
|
- `src/Scanner/StellaOps.Scanner.WebService/Contracts/RationaleContracts.cs` - Contracts for lane rationale
|
|
|
|
## E2E Test Plan
|
|
- [ ] Assign a finding to the ACTIVE lane and verify it appears in the active findings list
|
|
- [ ] Move a finding to MUTED_REACH lane (unreachable vulnerability) and verify it is filtered from the active view
|
|
- [ ] Move a finding to MUTED_VEX lane (VEX not_affected) and verify it is muted with VEX justification
|
|
- [ ] Toggle a finding between lanes and verify the transition history is preserved
|
|
- [ ] Verify BLOCKED lane findings are visible but marked as requiring action
|
|
- [ ] Verify lane assignments are reflected in the triage API response with correct rationale
|