stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
fda92af9bcbaf6c1677f0d6b13609a8e04222bbc
git.stella-ops.org/docs2/security-and-governance.md
master fcb5ffe25d feat(scanner): Complete PoE implementation with Windows compatibility fix 
- Fix namespace conflicts (Subgraph → PoESubgraph)
- Add hash sanitization for Windows filesystem (colon → underscore)
- Update all test mocks to use It.IsAny<>()
- Add direct orchestrator unit tests
- All 8 PoE tests now passing (100% success rate)
- Complete SPRINT_3500_0001_0001 documentation

Fixes compilation errors and Windows filesystem compatibility issues.
Tests: 8/8 passing
Files: 8 modified, 1 new test, 1 completion report

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-23 14:52:08 +02:00

853 B
Raw Blame History

Security and governance

Security policy

  • Coordinated disclosure with a defined SLA and published keys.
  • Security fixes are prioritized for supported release lines.

Hardening guidance

  • Non-root containers and read-only filesystems.
  • TLS for all external traffic, optional mTLS internally.
  • DPoP or mTLS sender constraints for tokens.
  • Signed artifacts and verified plugin signatures.
  • No mandatory outbound traffic for core verification paths.

Governance

  • Lazy consensus with maintainer review for non-trivial changes.
  • Explicit security review for sensitive changes.
  • Contribution rules and code of conduct apply to all repos.

Compliance and evidence

  • Evidence is content-addressed, signed, and replayable.
  • Audit packages include decision traces, inputs, and signatures.
  • Unknowns are preserved and surfaced, not hidden.