stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
e69b57d467ffe665754fa93f5a0853e6e96bd526
git.stella-ops.org/docs/implplan/blocked-all.md
master 9075bad2d9 Add unit tests and implementations for MongoDB index models and OpenAPI metadata 
- Implemented `MongoIndexModelTests` to verify index models for various stores.
- Created `OpenApiMetadataFactory` with methods to generate OpenAPI metadata.
- Added tests for `OpenApiMetadataFactory` to ensure expected defaults and URL overrides.
- Introduced `ObserverSurfaceSecrets` and `WebhookSurfaceSecrets` for managing secrets.
- Developed `RuntimeSurfaceFsClient` and `WebhookSurfaceFsClient` for manifest retrieval.
- Added dependency injection tests for `SurfaceEnvironmentRegistration` in both Observer and Webhook contexts.
- Implemented tests for secret resolution in `ObserverSurfaceSecretsTests` and `WebhookSurfaceSecretsTests`.
- Created `EnsureLinkNotMergeCollectionsMigrationTests` to validate MongoDB migration logic.
- Added project files for MongoDB tests and NuGet package mirroring.
2025-11-17 21:21:56 +02:00

27 KiB
Raw Blame History

Blocked / dependency-linked tasks (as of 2025-11-17)

Decisions to unblock (ordered by blast-radius reduction)

  1. Ratify Link-Not-Merge schema (Concelier + Cartographer) — unblocks Concelier GRAPH-21-001/002, CONCELIER-AIRGAP/CONSOLE/ATTEST, SBOM-SERVICE-21-001..004, SBOM-AIAI-31-002/003, Excititor AIAI chunk/attestation, Graph 140.A, Signals ingest overlays. Options: (A) Freeze current schema with examples and fixtures this week; (B) Publish interim “mock schema” + feature flag while full review completes; (C) Slip one sprint and re-baseline all dependents.
  2. Publish Sprint 130 scanner surface artifacts + cache drop ETA — unblocks GRAPH-INDEX-28-007..010 (Sprint 141), ZASTAVA-SURFACE-01/02 (Sprint 0144), runtime signals 140.D, build/test for Zastava Env/Secrets. Options: (A) Deliver real analyzer caches + hashes; (B) Ship deterministic mock bundle within 24h plus firm delivery date; (C) Declare slip and set new start dates in downstream sprints.
  3. Staff MIRROR-CRT-56-001 assembler — prerequisite for MIRROR-CRT-56/57/58, Exporter OBS-51/54, CLI-AIRGAP-56, PROV-OBS-53, ExportCenter timeline. Options: (A) Assign primary + backup engineer today and start thin bundle; (B) Re-scope to “minimal thin bundle” to unblock EvidenceLocker/ExportCenter first; (C) Escalate staffing if no owner by EOD.
  4. Expose SBOM-AIAI-31-001 contract — required for SBOM-AIAI-31-003, DOCS-AIAI-31-008/009, AIAI-31-008 packaging. Options: (A) Ship production with auth header contract; (B) Provide sandbox/mock endpoint + recorded responses with “beta” label; (C) Slip and re-forecast dependent docs/devops tasks.
  5. Ops span sink deployment for Excititor telemetry (31-003) — gates observability export. Options: (A) Deploy span sink on 2025-11-18; (B) Approve temporary counters/logs-only path until sink is live.
  6. Complete CAS checklist + signed manifest rollout (Signals) — unblocks SIGNALS-24-002 → 24-004/005. Options: (A) Accept current manifest after spot-check; (B) Time-box remediation with risk waiver; (C) Keep RED/BLOCKED and re-plan delivery.
  7. Orchestrator ledger export contract — pre-req for LEDGER-34-101, EvidenceLocker/ExportCenter (160.A/B/C), TimelineIndexer. Options: (A) Ship minimal ledger payload (job_id, capsule_digest, tenant) now; (B) Wait for full capsule envelope from Orchestrator/Notifications and slip dependents; (C) Provide mock export + fixtures for Ledger tests meantime.
  8. AdvisoryAI evidence bundle schema freeze (Nov 14 sync slip) — needed by EvidenceLocker ingest and ExportCenter profiles. Options: (A) Freeze DSSE manifest + payload notes immediately; (B) Provide sample bundle + checksum for contract testing; (C) Move related tasks to BLOCKED-w/escalation with new date.
  9. Policy risk export availability — blocks NOTIFY-RISK-66/67/68. Options: (A) Release minimal read-only profile feed now; (B) Add history metadata with ≤4 day slip; (C) Freeze schema and allow Notifications to mock results.
  10. Telemetry SLO webhook schema (TELEMETRY-OBS-50) — blocks NOTIFY-OBS-51/55. Options: (A) Freeze current draft and hand to Notifications; (B) Provide stub contract + fixtures and allow coding against mocks; (C) Slip and re-baseline notifier tasks.
  11. Language analyzer design kickoffs (PHP/Deno/Dart/Swift) & Java 21-008 dependency — blocks SCANNER-ENG-0010..0014 and SCANNER-ANALYZERS-JAVA-21-008. Options: (A) Run design triage per language this week and staff leads; (B) De-scope to one language per sprint, mark others slipped; (C) Provide interim capability matrix and mock outputs for dependency unlocks.
  12. Surface.FS cache/mirror availability — needed to validate ZASTAVA ENV/SECRETS/SURFACE tasks and unblock SURFACE-01/02 execution. Options: (A) Stand up temporary local cache/mirror in CI; (B) Accept “code complete, unvalidated” with dated follow-up window; (C) Slip validation to align with scanner cache drop.
  13. Timeline schema review OBS-52-001 — blocks excititor timeline overlays. Options: (A) Approve current envelope; (B) Add required fields (e.g., provenance buckets) with ≤2 day slip; (C) Provide mock topic for early pipeline tests.
  14. SCHED-WORKER-20-301 delivery — prerequisite for SCHED-WEB-20-002 sim trigger endpoint. Options: (A) Prioritize worker fix to unblock web; (B) Let web mock worker response for integration tests; (C) Re-scope to deliver read-only preview first.
  15. PacksRegistry tenancy scaffolding (150.B) — needed before PacksRegistry work starts. Options: (A) Land orchestrator tenancy scaffolding now; (B) Allow PacksRegistry to target single-tenant mode temporarily; (C) Slip PacksRegistry wave and note in sprint.
  16. Authority pack RBAC approvals/log-stream APIs (AUTH-PACKS-43-001) — blocking Sprint 153 start. Options: (A) Approve current RBAC model; (B) Provide interim token-scoped access; (C) Slip sprint with new date and escalation.
  17. Export Center bootstrap (EXPORT-SVC-35-001) — blocked on upstream Orchestrator/Scheduler telemetry readiness. Options: (A) Provide synthetic telemetry feeds for bootstrap; (B) Start migrations/config in isolation; (C) Slip with dated dependency.
  18. Notifications OAS / SDK parity ( → ) — SDK generator blocked on schema. Options: (A) Freeze rules schema; (B) Provide placeholder schema with versioned breaking-change flag; (C) Re-baseline SDK work.

SPRINT_0110_0001_0001_ingestion_evidence.md

  • AIAI-31-008 — Status: BLOCKED (2025-11-16); Depends on: AIAI-31-006/007; DEVOPS-AIAI-31-001; Owners: Advisory AI Guild · DevOps Guild; Notes: Package inference on-prem container, remote toggle, Helm/Compose manifests, scaling/offline guidance.
  • SBOM-AIAI-31-003 — Status: BLOCKED (2025-11-16); Depends on: SBOM-AIAI-31-001; CLI-VULN-29-001; CLI-VEX-30-001; Owners: SBOM Service Guild · Advisory AI Guild; Notes: Advisory AI hand-off kit for /v1/sbom/context; smoke test with tenants.
  • DOCS-AIAI-31-005/006/008/009 — Status: BLOCKED; Depends on: CLI-VULN-29-001; CLI-VEX-30-001; POLICY-ENGINE-31-001; DEVOPS-AIAI-31-001; Owners: Docs Guild; Notes: CLI/policy/ops docs paused pending upstream artefacts.
  • CONCELIER-AIRGAP-56-001..58-001 — Status: BLOCKED; Depends on: Link-Not-Merge schema; Evidence Locker contract; Owners: Concelier Core · AirGap Guilds; Notes: Mirror/offline provenance chain.
  • CONCELIER-CONSOLE-23-001..003 — Status: BLOCKED; Depends on: Link-Not-Merge schema; Owners: Concelier Console Guild; Notes: Console advisory aggregation/search helpers.
  • CONCELIER-ATTEST-73-001/002 — Status: BLOCKED; Depends on: CONCELIER-AIAI-31-002; Evidence Locker contract; Owners: Concelier Core · Evidence Locker Guild; Notes: Attestation inputs + transparency metadata.
  • FEEDCONN-ICSCISA-02-012 / KISA-02-008 — Status: BLOCKED; Depends on: Feed owner remediation plan; Owners: Concelier Feed Owners; Notes: Overdue provenance refreshes.
  • EXCITITOR-AIAI-31-002 — Status: BLOCKED; Depends on: Link-Not-Merge schema; Evidence Locker contract; Owners: Excititor Web/Core Guilds; Notes: Chunk API for Advisory AI feeds.
  • EXCITITOR-AIAI-31-003 — Status: BLOCKED; Depends on: EXCITITOR-AIAI-31-002; Owners: Excititor Observability Guild; Notes: Telemetry gated on chunk API.
  • EXCITITOR-AIAI-31-004 — Status: BLOCKED; Depends on: EXCITITOR-AIAI-31-002; Owners: Docs Guild · Excititor Guild; Notes: Chunk API docs.
  • EXCITITOR-ATTEST-01-003 / 73-001 / 73-002 — Status: BLOCKED; Depends on: EXCITITOR-AIAI-31-002; Evidence Locker contract; Owners: Excititor Guild · Evidence Locker Guild; Notes: Attestation scope + payloads.
  • EXCITITOR-AIRGAP-56/57/58 · CONN-TRUST-01-001 — Status: BLOCKED; Depends on: Link-Not-Merge schema; attestation plan; Owners: Excititor Guild · AirGap Guilds; Notes: Air-gap ingest + connector trust tasks.
  • MIRROR-CRT-56-001 — Status: BLOCKED; Depends on: Staffing decision overdue; Owners: Mirror Creator Guild; Notes: Kickoff slipped past 2025-11-15.
  • MIRROR-CRT-56-002 — Status: BLOCKED; Depends on: MIRROR-CRT-56-001; PROV-OBS-53-001; Owners: Mirror Creator · Security Guilds; Notes: Needs assembler owner first.
  • MIRROR-CRT-57-001/002 — Status: BLOCKED; Depends on: MIRROR-CRT-56-001; AIRGAP-TIME-57-001; Owners: Mirror Creator Guild · AirGap Time Guild; Notes: Waiting on staffing.
  • MIRROR-CRT-58-001/002 — Status: BLOCKED; Depends on: MIRROR-CRT-56-001; EXPORT-OBS-54-001; CLI-AIRGAP-56-001; Owners: Mirror Creator · CLI · Exporter Guilds; Notes: Requires assembler staffing + upstream contracts.
  • EXPORT-OBS-51-001 / 54-001 · AIRGAP-TIME-57-001 · CLI-AIRGAP-56-001 · PROV-OBS-53-001 — Status: BLOCKED; Depends on: MIRROR-CRT-56-001 ownership; Owners: Exporter Guild · AirGap Time · CLI Guild; Notes: Blocked until assembler staffed.

SPRINT_0111_0001_0001_advisoryai.md

  • DOCS-AIAI-31-008 — Status: BLOCKED (2025-11-03); Depends on: SBOM-AIAI-31-001; Owners: Docs Guild · SBOM Service Guild (docs); Notes: Publish /docs/sbom/remediation-heuristics.md (feasibility scoring, blast radius).
  • DOCS-AIAI-31-009 — Status: BLOCKED (2025-11-03); Depends on: DEVOPS-AIAI-31-001; Owners: Docs Guild · DevOps Guild (docs); Notes: Create /docs/runbooks/assistant-ops.md for warmup, cache priming, outages, scaling.
  • SBOM-AIAI-31-003 — Status: BLOCKED (2025-11-16); Depends on: SBOM-AIAI-31-001; Owners: SBOM Service Guild · Advisory AI Guild (src/SbomService/StellaOps.SbomService); Notes: Publish Advisory AI hand-off kit for /v1/sbom/context, provide base URL/API key + tenant header contract, run smoke test.
  • AIAI-31-008 — Status: BLOCKED (2025-11-16); Depends on: AIAI-31-006/007; DEVOPS-AIAI-31-001; Owners: Advisory AI Guild · DevOps Guild (src/AdvisoryAI/StellaOps.AdvisoryAI); Notes: Package inference on-prem container, remote toggle, Helm/Compose manifests, scaling/offline guidance.
  • DOCS-AIAI-31-004 — Status: BLOCKED (2025-11-16); Depends on: CONSOLE-VULN-29-001; CONSOLE-VEX-30-001; EXCITITOR-CONSOLE-23-001; Owners: Docs Guild · Console Guild (docs); Notes: /docs/advisory-ai/console.md screenshots, a11y, copy-as-ticket instructions.
  • DOCS-AIAI-31-005 — Status: BLOCKED (2025-11-03); Depends on: CLI-VULN-29-001; CLI-VEX-30-001; AIAI-31-004C; Owners: Docs Guild · CLI Guild (docs); Notes: Publish /docs/advisory-ai/cli.md covering commands, exit codes, scripting patterns.

SPRINT_0112_0001_0001_concelier_i.md

  • CONCELIER-CONSOLE-23-001 — Status: TODO; Depends on: Blocked by Link-Not-Merge schema; Owners: Concelier WebService Guild · BE-Base Platform Guild; Notes: /console/advisories groups linksets with severity/status chips and provenance {documentId, observationPath}.

SPRINT_0113_0001_0002_concelier_ii.md

  • CONCELIER-GRAPH-21-001 — Status: BLOCKED (2025-10-27); Depends on: Waiting for Link-Not-Merge schema finalization; Owners: Concelier Core Guild · Cartographer Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core); Notes: Extend SBOM normalization so relationships/scopes are stored as raw observation metadata with provenance pointers for graph joins.
  • CONCELIER-GRAPH-21-002 — Status: BLOCKED (2025-10-27); Depends on: Depends on 21-001; Owners: Concelier Core Guild · Scheduler Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core); Notes: Publish sbom.observation.updated events with tenant/context and advisory refs; facts only, no judgments.

SPRINT_0119_0001_0001_excititor_i.md

  • EXCITITOR-AIRGAP-57-001 — Status: TODO; Depends on: Blocked on 56-001; define sealed-mode errors.; Owners: Excititor Core Guild · AirGap Policy Guild; Notes: Enforce sealed-mode policies, remediation errors, and staleness annotations surfaced to Advisory AI.
  • EXCITITOR-ATTEST-73-001 — Status: DONE (2025-11-17); Depends on: Unblocked by 01-003; implement payload records.; Owners: Excititor Core · Attestation Payloads Guild; Notes: Emit attestation payloads capturing supplier identity, justification summary, and scope metadata for trust chaining.
  • Connector provenance schema review (Connectors + Security Guilds) — Status: Approve signer fingerprint + issuer tier schema for CONN-TRUST-01-001.; Depends on: If schema not ready, keep task blocked and request interim metadata list from connectors.; Owners: ; Notes:
  • Attestation verifier rehearsal (Excititor Attestation Guild) — Status: Demo IVexAttestationVerifier harness + diagnostics to unblock 73-* tasks.; Depends on: If issues persist, log BLOCKED status in attestation plan and re-forecast completion.; Owners: ; Notes:
  • Observability span sink deploy (Ops/Signals Guild) — Status: Enable telemetry pipeline needed for 31-003.; Depends on: If deploy slips, implement temporary counters/logs and keep action tracker flagged as blocked.; Owners: ; Notes:

SPRINT_0119_0001_0002_excititor_ii.md

  • EXCITITOR-CORE-AOC-19-003 — Status: TODO; Depends on: Blocked on 19-002; design supersede chains.; Owners: Excititor Core Guild; Notes: Enforce uniqueness + append-only versioning of raw VEX docs.
  • EXCITITOR-GRAPH-21-001 — Status: BLOCKED (2025-10-27); Depends on: Needs Cartographer API contract + data availability.; Owners: Excititor Core · Cartographer Guild; Notes: Batched VEX/advisory reference fetches by PURL for inspector linkouts.
  • EXCITITOR-GRAPH-21-002 — Status: BLOCKED (2025-10-27); Depends on: Blocked on 21-001.; Owners: Excititor Core Guild; Notes: Overlay metadata includes justification summaries + versions; fixtures/tests.
  • EXCITITOR-GRAPH-21-005 — Status: BLOCKED (2025-10-27); Depends on: Blocked on 21-002.; Owners: Excititor Storage Guild; Notes: Indexes/materialized views for VEX lookups by PURL/policy for inspector perf.
  • Cartographer schema sync — Status: Unblock GRAPH-21-* inspector/linkout contracts.; Depends on: Maintain BLOCKED status; deliver sample payloads for early testing.; Owners: ; Notes:

SPRINT_0119_0001_0004_excititor_iv.md

  • Timeline schema review — Status: Approve OBS-52-001 event envelope.; Depends on: Iterate with provisional event topic if blocked.; Owners: ; Notes:

SPRINT_0120_0000_0001_policy_reasoning.md

  • LEDGER-34-101 — Status: BLOCKED; Depends on: Orchestrator ledger export contract (Sprint 150.A) pending; Owners: Findings Ledger Guild / src/Findings/StellaOps.Findings.Ledger; Notes: Link orchestrator run ledger exports into Findings Ledger provenance chain, index by artifact hash, and expose audit queries.
  • LEDGER-AIRGAP-56-001 — Status: BLOCKED; Depends on: Mirror bundle schema freeze; Owners: Findings Ledger Guild / src/Findings/StellaOps.Findings.Ledger; Notes: Record bundle provenance (bundle_id, merkle_root, time_anchor) on ledger events for advisories/VEX/policies imported via Mirror Bundles.
  • LEDGER-AIRGAP-56-002 — Status: BLOCKED; Depends on: Waits on LEDGER-AIRGAP-56-001 schema freeze; Owners: Findings Ledger Guild, AirGap Time Guild / src/Findings/StellaOps.Findings.Ledger; Notes: Surface staleness metrics for findings and block risk-critical exports when stale beyond thresholds; provide remediation messaging.
  • LEDGER-AIRGAP-57-001 — Status: BLOCKED; Depends on: Waits on LEDGER-AIRGAP-56-002; Owners: Findings Ledger Guild, Evidence Locker Guild / src/Findings/StellaOps.Findings.Ledger; Notes: Link findings evidence snapshots to portable evidence bundles and ensure cross-enclave verification works.
  • LEDGER-AIRGAP-58-001 — Status: BLOCKED; Depends on: Waits on LEDGER-AIRGAP-57-001; Owners: Findings Ledger Guild, AirGap Controller Guild / src/Findings/StellaOps.Findings.Ledger; Notes: Emit timeline events for bundle import impacts (new findings, remediation changes) with sealed-mode context.
  • LEDGER-ATTEST-73-001 — Status: BLOCKED; Depends on: Attestation pointer schema alignment with NOTIFY-ATTEST-74-001; Owners: Findings Ledger Guild, Attestor Service Guild / src/Findings/StellaOps.Findings.Ledger; Notes: Persist pointers from findings to verification reports and attestation envelopes for explainability.

SPRINT_0138_0000_0001_scanner_ruby_parity.md

  • SCANNER-ENG-0010 — Status: BLOCKED; Depends on: Await composer/autoload graph design + staffing; no PHP analyzer scaffolding exists yet.; Owners: PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php); Notes: Ship the PHP analyzer pipeline (composer lock, autoload graph, capability signals) to close comparison gaps.
  • SCANNER-ENG-0011 — Status: BLOCKED; Depends on: Needs Deno runtime analyzer scope + lockfile/import graph design; pending competitive review.; Owners: Language Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Deno); Notes: Scope the Deno runtime analyzer (lockfile resolver, import graphs) beyond Sprint 130 coverage.
  • SCANNER-ENG-0012 — Status: BLOCKED; Depends on: Define Dart analyzer requirements (pubspec parsing, AOT artifacts) and split into tasks.; Owners: Language Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Dart); Notes: Evaluate Dart analyzer requirements (pubspec parsing, AOT artifacts) and split implementation tasks.
  • SCANNER-ENG-0013 — Status: BLOCKED; Depends on: Draft SwiftPM coverage plan; align policy hooks; awaiting design kick-off.; Owners: Swift Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Native); Notes: Plan Swift Package Manager coverage (Package.resolved, xcframeworks, runtime hints) with policy hooks.
  • SCANNER-ENG-0014 — Status: BLOCKED; Depends on: Needs joint roadmap with Zastava/Runtime guilds for Kubernetes/VM alignment.; Owners: Runtime Guild, Zastava Guild (docs/modules/scanner); Notes: Align Kubernetes/VM target coverage between Scanner and Zastava per comparison findings; publish joint roadmap.

SPRINT_0144_0001_0001_zastava_runtime_signals.md

  • ZASTAVA-ENV-01 — Status: BLOCKED-w/escalation; Depends on: Code landed; execution wait on Surface.FS cache plan + package mirrors to validate.; Owners: Zastava Observer Guild (src/Zastava/StellaOps.Zastava.Observer); Notes: Adopt Surface.Env helpers for cache endpoints, secret refs, and feature toggles.
  • ZASTAVA-ENV-02 — Status: BLOCKED-w/escalation; Depends on: Code landed; validation blocked on Surface.FS cache availability/mirrors.; Owners: Zastava Webhook Guild (src/Zastava/StellaOps.Zastava.Webhook); Notes: Switch to Surface.Env helpers for webhook configuration (cache endpoint, secret refs, feature toggles).
  • ZASTAVA-SECRETS-01 — Status: BLOCKED-w/escalation; Depends on: Code landed; requires cache/nuget mirrors to execute tests.; Owners: Zastava Observer Guild, Security Guild (src/Zastava/StellaOps.Zastava.Observer); Notes: Retrieve CAS/attestation access via Surface.Secrets instead of inline secret stores.
  • ZASTAVA-SECRETS-02 — Status: BLOCKED-w/escalation; Depends on: Code landed; waiting on same cache/mirror prerequisites for validation.; Owners: Zastava Webhook Guild, Security Guild (src/Zastava/StellaOps.Zastava.Webhook); Notes: Retrieve attestation verification secrets via Surface.Secrets.
  • ZASTAVA-SURFACE-01 — Status: BLOCKED-w/escalation; Depends on: Code landed; blocked on Sprint 130 analyzer artifact/cache drop and local gRPC mirrors to run tests.; Owners: Zastava Observer Guild (src/Zastava/StellaOps.Zastava.Observer); Notes: Integrate Surface.FS client for runtime drift detection (lookup cached layer hashes/entry traces).
  • ZASTAVA-SURFACE-02 — Status: BLOCKED-w/escalation; Depends on: Depends on SURFACE-01 validation; blocked on Surface.FS cache drop.; Owners: Zastava Webhook Guild (src/Zastava/StellaOps.Zastava.Webhook); Notes: Enforce Surface.FS availability during admission (deny when cache missing/stale) and embed pointer checks in webhook response.

SPRINT_123_policy_reasoning.md

  • POLICY-AIRGAP-57-001 — Status: TODO; Depends on: Enforce sealed-mode guardrails in evaluation (no outbound fetch), surface AIRGAP_EGRESS_BLOCKED errors with remediation (Deps: POLICY-AIRGAP-56-002); Owners: Policy Guild, AirGap Policy Guild / src/Policy/StellaOps.Policy.Engine; Notes:

SPRINT_124_policy_reasoning.md

  • POLICY-ENGINE-20-002 — Status: BLOCKED (2025-10-26); Depends on: Build deterministic evaluator honoring lexical/priority order, first-match semantics, and safe value types (no wall-clock/network access); Owners: Policy Guild / src/Policy/StellaOps.Policy.Engine; Notes:

SPRINT_125_mirror.md

  • Mirror Creator Guild · Exporter Guild — Status: 2025-11-15 kickoff; Depends on: Without an owner the assembler cannot start and all downstream tasks remain blocked.; Owners: ; Notes:

SPRINT_140_runtime_signals.md

  • Graph Indexer Guild · Observability Guild — Status: Sprint 120.A AirGap; Sprint 130.A Scanner (phase I tracked under docs/implplan/SPRINT_130_scanner_surface.md); Depends on: BLOCKED; Owners: Analyzer artifact ETA from Sprint 130 is overdue (sync 2025-11-13); GRAPH-INDEX-28-007+ cannot start without it.; Notes:
  • Zastava Observer/Webhook Guilds · Security Guild — Status: Sprint 120.A AirGap; Sprint 130.A Scanner; Depends on: BLOCKED; Owners: Surface.FS cache drop plan still missing (overdue from 2025-11-13 sync); SURFACE tasks cannot start.; Notes:
  • OVERDUE — Status: Analyzer artifact publication schedule not published after 2025-11-13 sync; Graph/Zastava blocked awaiting ETA or mock payloads.; Depends on: Scanner Guild · Graph Indexer Guild · Zastava Guilds; Owners: ; Notes:
  • GRAPH-INDEX-28-007 — Status: BLOCKED; Depends on: Sprint 130 analyzer artifacts ETA overdue (missed 2025-11-13 sync); proceed once cache manifests land or mocks are provided.; Owners: Graph Indexer Guild · Observability Guild; Notes: Clustering/centrality jobs staged for execution.
  • GRAPH-INDEX-28-008 — Status: BLOCKED; Depends on: Depends on 28-007 artifacts; blocked until analyzer payloads available.; Owners: Graph Indexer Guild; Notes: Retry/backoff plumbing sketched but blocked.
  • GRAPH-INDEX-28-009 — Status: BLOCKED; Depends on: Upstream graph job data unavailable while 28-007 is blocked.; Owners: Graph Indexer Guild; Notes: Test/fixture/chaos coverage for graph jobs.
  • GRAPH-INDEX-28-010 — Status: BLOCKED; Depends on: Requires outputs from blocked graph jobs to bundle offline artifacts.; Owners: Graph Indexer Guild; Notes: Packaging/offline bundles for graph jobs.
  • SBOM-SERVICE-21-001 — Status: BLOCKED; Depends on: Concelier Link-Not-Merge (CONCELIER-GRAPH-21-001) not delivered.; Owners: SBOM Service Guild · Concelier Core · Cartographer Guild; Notes: Normalized SBOM projection schema.
  • SBOM-SERVICE-21-002 — Status: BLOCKED; Depends on: Waits on 21-001 contract + event outputs.; Owners: SBOM Service Guild; Notes: SBOM change events.
  • SBOM-SERVICE-21-003 — Status: BLOCKED; Depends on: Depends on 21-002 event payloads.; Owners: SBOM Service Guild; Notes: Entry point/service node management.
  • SBOM-SERVICE-21-004 — Status: BLOCKED; Depends on: Follows projection + event pipelines.; Owners: SBOM Service Guild; Notes: Observability wiring for SBOM service.
  • SIGNALS-24-004 — Status: BLOCKED (2025-10-27); Depends on: Wait for 24-002/003 completion and Authority scope validation.; Owners: Signals Guild; Notes: Reachability scoring.
  • SIGNALS-24-005 — Status: BLOCKED (2025-10-27); Depends on: Depends on scoring outputs (24-004).; Owners: Signals Guild; Notes: Cache + signals.fact.updated events.
  • ZASTAVA-SURFACE-01 — Status: BLOCKED; Depends on: Requires Scanner layer metadata + cache drop ETA (overdue).; Owners: Zastava Guilds · Scanner Guild; Notes: Surface.FS client integration with tests.
  • ZASTAVA-SURFACE-02 — Status: BLOCKED; Depends on: Depends on SURFACE-01; blocked while cache plan is missing.; Owners: Zastava Guilds; Notes: Admission enforcement using Surface.FS caches.
  • 2025-11-13 (overdue) — Status: TODO; Depends on: Scanner to publish Sprint 130 surface roadmap; Graph/Zastava blocked until then.; Owners: ; Notes:
  • 2025-11-14 (overdue) — Status: BLOCKED; Depends on: Requires CONCELIER-GRAPH-21-001 + CARTO-GRAPH-21-002 agreement; AirGap review scheduled after sign-off.; Owners: ; Notes:
  • Marked Graph/Zastava waves BLOCKED; escalation sent to Scanner leadership per contingency. — Status: Await ETA or mock payload commitment; if none by 2025-11-18, log new target date and adjust downstream start dates; move impacted tasks to BLOCKED-with-escalation in downstream sprints.; Depends on: Graph Guild · Zastava Guilds · Scanner Guild; Owners: ; Notes:
  • Overdue — Status: Publish analyzer artifact ETA or mark GRAPH-INDEX-28-007 as BLOCKED with mock data plan.; Depends on: Scanner Guild · Graph Indexer Guild; Owners: 2025-11-16 (overdue); Notes:
  • Overdue — Status: Record whether Link-Not-Merge schema was ratified; if not, set SBOM-SERVICE-21-001..004 to BLOCKED with new ETA.; Depends on: Concelier Core · Cartographer Guild · SBOM Service Guild · AirGap Guild; Owners: 2025-11-16 (overdue); Notes:

SPRINT_160_export_evidence.md

  • Evidence Locker Guild · Security Guild · Docs Guild — Status: Sprint 110.A AdvisoryAI; Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 150.A Orchestrator; Depends on: BLOCKED (2025-11-12); Owners: Waiting for orchestrator capsule data and AdvisoryAI evidence bundles to stabilize before wiring ingestion APIs.; Notes:
  • Exporter Service Guild · Mirror Creator Guild · DevOps Guild — Status: Sprint 110.A AdvisoryAI; Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 150.A Orchestrator; Depends on: BLOCKED (2025-11-12); Owners: Profiles can begin once EvidenceLocker contracts are published; keep DSSE/attestation specs ready.; Notes:
  • Timeline Indexer Guild · Evidence Locker Guild · Security Guild — Status: Sprint 110.A AdvisoryAI; Sprint 120.A AirGap; Sprint 130.A Scanner; Sprint 150.A Orchestrator; Depends on: BLOCKED (2025-11-12); Owners: Postgres/RLS scaffolding drafted; hold for event schemas from orchestrator/notifications.; Notes:
  • AdvisoryAI stand-up (AdvisoryAI Guild) — Status: Freeze evidence bundle schema + payload notes so EvidenceLocker can finalize DSSE manifests (blocked).; Depends on: If schema slips, log BLOCKED status in Sprint 110 tracker and re-evaluate at 2025-11-18 review.; Owners: ; Notes:
  • Orchestrator + Notifications schema handoff (Orchestrator Service + Notifications Guilds) — Status: Publish capsule envelopes & notification contracts required by EvidenceLocker ingest, ExportCenter notifications, TimelineIndexer ordering (blocked).; Depends on: If envelopes not ready, escalate to Wave 150/140 leads and leave blockers noted here; defer DOING flips.; Owners: ; Notes:
  • Sovereign crypto readiness review (Security Guild + Evidence/Export teams) — Status: Validate ICryptoProviderRegistry wiring plan for EVID-CRYPTO-90-001 & EXPORT-CRYPTO-90-001; green-light sovereign modes (blocked).; Depends on: If gating issues remain, file action items in Security board and hold related sprint tasks in TODO.; Owners: ; Notes:
  • DevPortal Offline CLI dry run (DevPortal Offline + AirGap Controller Guilds) — Status: Demo stella devportal verify bundle.tgz using sample manifest to prove readiness once EvidenceLocker spec lands (blocked awaiting schema).; Depends on: If CLI not ready, update DVOFF-64-002 description with new ETA and note risk in Sprint 162 doc.; Owners: ; Notes:
  • 160.A, 160.B, 160.C — Status: High; Depends on: Escalate to Wave 150/140 leads, record BLOCKED status in both sprint docs, and schedule daily schema stand-ups until envelopes land.; Owners: ; Notes: