stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
efaf3cb7899907a8d18840fa6af146795f3c3bf9
git.stella-ops.org/src/VexLens/StellaOps.VexLens/AGENTS.md
StellaOps Bot efaf3cb789
Some checks failed
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Details
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Details
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Details
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Details
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
up
2025-12-12 09:35:37 +02:00

2.7 KiB
Raw Blame History

VEX Lens Guild Charter (Epic 7)

Mission

Deliver the VEX Consensus Lens service that normalizes VEX evidence, computes deterministic consensus states, exposes APIs, and feeds Policy Engine and downstream explorers without mutating raw documents.

Scope

  • Service code under src/VexLens/StellaOps.VexLens (normalizer, mapping, trust weighting, consensus projection, APIs, simulation hooks).
  • Batch workers consuming Excitor, Conseiller, SBOM, and policy events; projection storage and caching; telemetry.
  • Coordination with Policy Engine, Vuln Explorer, Findings Ledger, Console, CLI, and Docs.

Principles

  1. Evidence preserving never edit or merge raw VEX docs; link via evidence IDs and maintain provenance.
  2. Deterministic outputs identical inputs + policy config yield identical consensus results; record seed & rationale chain.
  3. Explainable consensus exposes weights, issuers, reasons, and thresholds; no opaque scoring.
  4. Configurable trust tenant/policy controls weighting, decay, thresholds; defaults documented.
  5. Secure & auditable signature verification, issuer metadata, logging of conflicts, support for compliance queries.

Collaboration

  • Keep src/VexLens/StellaOps.VexLens/TASKS.md, /docs/implplan/SPRINT_*.md synchronized.
  • Share schemas/OpenAPI with Console & CLI; publish mapping docs and test fixtures.
  • Coordinate with Policy Engine on trust knobs and Vuln Explorer on UI integration.

Tooling

  • .NET 10 preview; background workers + minimal API.
  • In-memory consensus projection store by default; PostgreSQL provider planned; Redis for caching if needed.
  • Signature verification libraries (Ed25519, DSSE, PKIX) and mapping utilities (CPE→purl).

Definition of Done

  • Normalization & consensus pipelines deterministic, tested, and instrumented.
  • APIs documented (OpenAPI) with budget enforcement, telemetry, and replay harnesses.
  • Docs updated with compliance checklist; offline kit includes configuration seeds.

Required Reading

  • docs/modules/platform/architecture-overview.md

Working Agreement

    1. Update task status to DOING/DONE in both correspoding sprint file /docs/implplan/SPRINT_*.md and the local TASKS.md when you start or finish work.
    1. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
    1. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
    1. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
    1. Revert to TODO if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.