git.stella-ops.org/docs/features/checked/web/vuln-explorer-with-evidence-tree-and-citation-links.md

Vuln Explorer with Evidence Tree and Citation Links

Module

Web

Status

VERIFIED

Description

Vulnerability exploration surface with evidence tree navigation, citation-link rendering, evidence subgraph visualization, triage action cards, verdict explanation rendering, and URL-synchronized triage preset filters.

Implementation Details

• Feature directory: src/Web/StellaOps.Web/src/app/features/vuln-explorer/
• Primary components:
  • citation-link (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/citation-link/citation-link.component.ts)
  • evidence-subgraph (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/evidence-subgraph/evidence-subgraph.component.ts)
  • evidence-tree (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/evidence-tree/evidence-tree.component.ts)
  • filter-preset-pills (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/filter-preset-pills/filter-preset-pills.component.ts)
  • triage-card (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/triage-card/triage-card.component.ts)
  • triage-filters (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/triage-filters/triage-filters.component.ts)
  • verdict-explanation (src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/verdict-explanation/verdict-explanation.component.ts)
• Services:
  • evidence-subgraph (src/Web/StellaOps.Web/src/app/features/vuln-explorer/services/evidence-subgraph.service.ts)
  • filter-url-sync (src/Web/StellaOps.Web/src/app/features/vuln-explorer/services/filter-url-sync.service.ts)
• Models:
  • src/Web/StellaOps.Web/src/app/features/vuln-explorer/components/filter-preset-pills/filter-preset.models.ts
  • src/Web/StellaOps.Web/src/app/features/vuln-explorer/models/evidence-subgraph.models.ts
• Mounted user surface:
  • src/Web/StellaOps.Web/src/app/features/vulnerabilities/vulnerability-detail.component.html
  • src/Web/StellaOps.Web/src/app/features/vulnerabilities/vulnerability-detail.component.ts
• Behavior coverage:
  • src/Web/StellaOps.Web/src/tests/vuln_explorer/vuln-explorer-with-evidence-tree-and-citation-links.behavior.spec.ts
  • src/Web/StellaOps.Web/src/tests/vuln_explorer/filter-preset-pills-with-url-synchronization.component.spec.ts
• Source: Feature matrix scan

E2E Test Plan

• Setup:
  • Log in with a user that has appropriate permissions
  • Navigate to /vulnerabilities and open a vulnerability detail page
  • Ensure finding/evidence data exists for selected vulnerability
• Core verification:
  • Verify evidence explorer section is present on vulnerability detail page
  • Verify citation links expand/collapse and expose source metadata
  • Verify verdict explanation renders reasoning and action affordances
  • Verify filter preset pills apply/reset/copy URL synchronization behavior
• Edge cases:
  • Verify graceful handling when backend API is unavailable (error state)
  • Verify responsive layout at different viewport sizes
  • Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)

Verification

• Run ID: docs/qa/feature-checks/runs/web/vuln-explorer-with-evidence-tree-and-citation-links/run-001/
• Date (UTC): 2026-02-11
• Tier 0: PASS (all referenced vuln-explorer paths exist; user-route mounting gap fixed by wiring evidence explorer section into vulnerability detail page).
• Tier 1: PASS (npm run test focused + vuln_explorer regression include suite passed; npm run build passed with baseline workspace warnings only).
• Tier 2: PASS (citation-link behavior, verdict explanation interactions, and filter-preset URL-sync behavior verified through supported Angular behavior harnesses in src/tests/**).