docs(platform): add policy configs, runbooks, ops scripts and platform documentation

Config policies (16 files): alert_routing, architecture_pressure, backlog, cost_weights, data_governance, incident_escalation, incident_intelligence, network_allowlist, nodes_registry, observability_sources, rbac_tools_matrix, release_gate, risk_attribution, risk_policy, slo_policy, tool_limits, tools_rollout Ops (22 files): Caddyfile, calendar compose, grafana voice dashboard, deployments/incidents logs, runbooks for alerts/audit/backlog/incidents/sofiia/voice, cron jobs, scripts (alert_triage, audit_cleanup, migrate_*, governance, schedule), task_registry, voice alerts/ha/latency/policy Docs (30+ files): HUMANIZED_STEPAN v2.7-v3 changelogs and runbooks, NODA1/NODA2 status and setup, audit index and traces, backlog, incident, supervisor, tools, voice, opencode, release, risk, aistalk, spacebot Made-with: Cursor
2026-03-03 07:14:53 -08:00
parent 129e4ea1fc
commit 67225a39fa
102 changed files with 20060 additions and 0 deletions
--- a/ops/cache/osv_cache.json
+++ b/ops/cache/osv_cache.json
@@ -0,0 +1,84 @@
+{
+  "version": 1,
+  "updated_at": "2026-02-23T00:00:00+00:00",
+  "description": "Offline OSV vulnerability cache. Keys: 'ecosystem:package:version'. Populate via dependency_scanner_tool with vuln_mode=online.",
+  "entries": {
+    "PyPI:requests:2.31.0": {
+      "vulns": [],
+      "cached_at": "2026-02-23T00:00:00+00:00"
+    },
+    "PyPI:cryptography:41.0.0": {
+      "vulns": [
+        {
+          "id": "GHSA-jfh8-c2jp-5v3q",
+          "aliases": ["CVE-2023-49083"],
+          "summary": "cryptography vulnerable to NULL-dereference when loading PKCS12 files",
+          "database_specific": {"severity": "MEDIUM"},
+          "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],
+          "affected": [
+            {
+              "package": {"name": "cryptography", "ecosystem": "PyPI"},
+              "ranges": [
+                {
+                  "type": "ECOSYSTEM",
+                  "events": [{"introduced": "0"}, {"fixed": "41.0.6"}]
+                }
+              ]
+            }
+          ]
+        }
+      ],
+      "cached_at": "2026-02-23T00:00:00+00:00"
+    },
+    "npm:lodash:4.17.20": {
+      "vulns": [
+        {
+          "id": "GHSA-35jh-r3h4-6jhm",
+          "aliases": ["CVE-2021-23337"],
+          "summary": "Command Injection in lodash",
+          "database_specific": {"severity": "HIGH"},
+          "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],
+          "affected": [
+            {
+              "package": {"name": "lodash", "ecosystem": "npm"},
+              "ranges": [
+                {
+                  "type": "ECOSYSTEM",
+                  "events": [{"introduced": "0"}, {"fixed": "4.17.21"}]
+                }
+              ]
+            }
+          ]
+        }
+      ],
+      "cached_at": "2026-02-23T00:00:00+00:00"
+    },
+    "npm:lodash:4.17.21": {
+      "vulns": [],
+      "cached_at": "2026-02-23T00:00:00+00:00"
+    },
+    "PyPI:pyyaml:5.4.1": {
+      "vulns": [
+        {
+          "id": "GHSA-8q59-q68h-6hv4",
+          "aliases": ["CVE-2022-42966"],
+          "summary": "PyYAML vulnerable to ReDoS in FullLoader",
+          "database_specific": {"severity": "HIGH"},
+          "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],
+          "affected": [
+            {
+              "package": {"name": "pyyaml", "ecosystem": "PyPI"},
+              "ranges": [
+                {
+                  "type": "ECOSYSTEM",
+                  "events": [{"introduced": "0"}, {"fixed": "6.0"}]
+                }
+              ]
+            }
+          ]
+        }
+      ],
+      "cached_at": "2026-02-23T00:00:00+00:00"
+    }
+  }
+}