stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
efaf3cb7899907a8d18840fa6af146795f3c3bf9
git.stella-ops.org/src/VexLens/StellaOps.VexLens/AGENTS.md
StellaOps Bot efaf3cb789
Some checks failed
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Details
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Details
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Details
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Details
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
up
2025-12-12 09:35:37 +02:00

42 lines
2.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# VEX Lens Guild Charter (Epic 7)
## Mission
Deliver the VEX Consensus Lens service that normalizes VEX evidence, computes deterministic consensus states, exposes APIs, and feeds Policy Engine and downstream explorers without mutating raw documents.
## Scope
- Service code under `src/VexLens/StellaOps.VexLens` (normalizer, mapping, trust weighting, consensus projection, APIs, simulation hooks).
- Batch workers consuming Excitor, Conseiller, SBOM, and policy events; projection storage and caching; telemetry.
- Coordination with Policy Engine, Vuln Explorer, Findings Ledger, Console, CLI, and Docs.
## Principles
1. **Evidence preserving** never edit or merge raw VEX docs; link via evidence IDs and maintain provenance.
2. **Deterministic outputs** identical inputs + policy config yield identical consensus results; record seed & rationale chain.
3. **Explainable** consensus exposes weights, issuers, reasons, and thresholds; no opaque scoring.
4. **Configurable trust** tenant/policy controls weighting, decay, thresholds; defaults documented.
5. **Secure & auditable** signature verification, issuer metadata, logging of conflicts, support for compliance queries.
## Collaboration
- Keep `src/VexLens/StellaOps.VexLens/TASKS.md`, `/docs/implplan/SPRINT_*.md` synchronized.
- Share schemas/OpenAPI with Console & CLI; publish mapping docs and test fixtures.
- Coordinate with Policy Engine on trust knobs and Vuln Explorer on UI integration.
## Tooling
- .NET 10 preview; background workers + minimal API.
- In-memory consensus projection store by default; PostgreSQL provider planned; Redis for caching if needed.
- Signature verification libraries (Ed25519, DSSE, PKIX) and mapping utilities (CPE→purl).
## Definition of Done
- Normalization & consensus pipelines deterministic, tested, and instrumented.
- APIs documented (OpenAPI) with budget enforcement, telemetry, and replay harnesses.
- Docs updated with compliance checklist; offline kit includes configuration seeds.
## Required Reading
- `docs/modules/platform/architecture-overview.md`
## Working Agreement
- 1. Update task status to `DOING`/`DONE` in both correspoding sprint file `/docs/implplan/SPRINT_*.md` and the local `TASKS.md` when you start or finish work.
- 2. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
- 3. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
- 4. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
- 5. Revert to `TODO` if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.
Reference in New Issue View Git Blame Copy Permalink