stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
d71c81e45d5a129e572dd3e481e7ce43827f0f3d
git.stella-ops.org/docs/implplan/SPRINT_123_policy_reasoning.md
master ae69b1a8a1 feat: Add documentation and task tracking for Sprints 508 to 514 in Ops & Offline 
- Created detailed markdown files for Sprints 508 (Ops Offline Kit), 509 (Samples), 510 (AirGap), 511 (Api), 512 (Bench), 513 (Provenance), and 514 (Sovereign Crypto Enablement) outlining tasks, dependencies, and owners.
- Introduced a comprehensive Reachability Evidence Delivery Guide to streamline the reachability signal process.
- Implemented unit tests for Advisory AI to block known injection patterns and redact secrets.
- Added AuthoritySenderConstraintHelper to manage sender constraints in OpenIddict transactions.
2025-11-08 23:18:28 +02:00

4.3 KiB
Raw Blame History

Sprint 123 - Policy & Reasoning

Last updated: November 8, 2025. Implementation order is DOING → TODO → BLOCKED.

Focus areas below were split out of the previous combined sprint; execute sections in order unless noted.

Policy.I

Dependency: Sprint 110.A - AdvisoryAI (must land before this track). Focus: Policy & Reasoning focus on Policy (phase I).

# Task ID & handle State Key dependency / next step Owners
1 EXPORT-CONSOLE-23-001 TODO Build evidence bundle/export generator producing signed manifests, CSV/JSON replay endpoints, and trace attachments; integrate with scheduler jobs and expose progress telemetry Policy Guild, Scheduler Guild, Observability Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
2 POLICY-AIRGAP-56-001 TODO Support policy pack imports from Mirror Bundles, track bundle_id metadata, and ensure deterministic caching Policy Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
3 POLICY-AIRGAP-56-002 TODO Export policy sub-bundles (stella policy bundle export) with DSSE signatures for outbound transfer (Deps: POLICY-AIRGAP-56-001) Policy Guild, Policy Studio Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
4 POLICY-AIRGAP-57-001 TODO Enforce sealed-mode guardrails in evaluation (no outbound fetch), surface AIRGAP_EGRESS_BLOCKED errors with remediation (Deps: POLICY-AIRGAP-56-002) Policy Guild, AirGap Policy Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
5 POLICY-AIRGAP-57-002 TODO Annotate rule explanations with staleness information and fallback data (cached EPSS, vendor risk) (Deps: POLICY-AIRGAP-57-001) Policy Guild, AirGap Time Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
6 POLICY-AIRGAP-58-001 TODO Emit notifications when policy packs near staleness thresholds or missing required bundles (Deps: POLICY-AIRGAP-57-002) Policy Guild, Notifications Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
7 POLICY-AOC-19-001 TODO Add Roslyn/CI lint preventing ingestion projects from referencing Policy merge/severity helpers; block forbidden writes at compile time Policy Guild / src/Policy/__Libraries/StellaOps.Policy/TASKS.md
8 POLICY-AOC-19-002 TODO Enforce effective_finding_* write gate ensuring only Policy Engine identity can create/update materializations (Deps: POLICY-AOC-19-001) Policy Guild, Platform Security / src/Policy/__Libraries/StellaOps.Policy/TASKS.md
9 POLICY-AOC-19-003 TODO Update readers/processors to consume only content.raw, identifiers, and linkset. Remove dependencies on legacy normalized fields and refresh fixtures (Deps: POLICY-AOC-19-002) Policy Guild / src/Policy/__Libraries/StellaOps.Policy/TASKS.md
10 POLICY-AOC-19-004 TODO Add regression tests ensuring policy derived outputs remain deterministic when ingesting revised raw docs (supersedes) and when violations occur (Deps: POLICY-AOC-19-003) Policy Guild, QA Guild / src/Policy/__Libraries/StellaOps.Policy/TASKS.md
11 POLICY-ATTEST-73-001 TODO Introduce VerificationPolicy object: schema, persistence, versioning, and lifecycle Policy Guild, Attestor Service Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
12 POLICY-ATTEST-73-002 TODO Provide Policy Studio editor with validation, dry-run simulation, and version diff (Deps: POLICY-ATTEST-73-001) Policy Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
13 POLICY-ATTEST-74-001 TODO Integrate verification policies into attestor verification pipeline with caching and waiver support (Deps: POLICY-ATTEST-73-002) Policy Guild, Attestor Service Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
14 POLICY-ATTEST-74-002 TODO Surface policy evaluations in Console verification reports with rule explanations (Deps: POLICY-ATTEST-74-001) Policy Guild, Console Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md
15 POLICY-CONSOLE-23-001 TODO Optimize findings/explain APIs for Console: cursor-based pagination at scale, global filter parameters (severity bands, policy version, time window), rule trace summarization, and aggregation hints for dashboard cards. Ensure deterministic ordering and expose provenance refs Policy Guild, BE-Base Platform Guild / src/Policy/StellaOps.Policy.Engine/TASKS.md