100 % Open Source

Stella Ops ships under the AGPL‑3.0‑or‑later, built on .NET 10 LTS and Angular 20, with every release reproducibly built and accompanied by a signed SBOM.

Why openness matters

Auditability — source, build logs and SBOM are public.
Sovereignty — no mystery calls; runs offline. Air‑gap ready — see Offline Kit.
Fork‑friendliness — you can run your own branch, SaaS or on‑prem, provided improvements stay AGPL.
Community velocity — issues, discussions and CI pipelines live in the open.

What’s open in Stella Ops

Component	Licence	Repo / Proof
Core scanner (.NET 10)	AGPL‑3.0‑or‑later	Source
Web UI (Angular 20)	AGPL‑3.0‑or‑later	Source
Feed‑merge pipeline	AGPL‑3.0‑or‑later	Source
CI/CD definitions	Declarative YAML	Pipelines

Reproducible builds & signatures

Every build pin‑locks dependencies, runs docker build --sbom=spdx-json and signs the resulting digest with cosign. Anyone can rebuild and verify byte‑for‑byte:

BACKEND_DIGEST=sha256:… # from docker images --digests
cosign verify registry.stella-ops.org/stella-ops/scanner@$BACKEND_DIGEST \
--key https://stella-ops.org/keys/cosign.pub

Privacy snapshot

Zero telemetry — the stack calls home only for voluntary updates.
E‑mail retention — addresses stored max 7 days unless you opted‑in to updates.
IP logs — rotated & hashed after 7 days for abuse protection.

Full detail in the privacy policy.

Explore key features View public roadmap

100 % Open Source

Why openness matters

What’s open in Stella Ops

Reproducible builds & signatures

Privacy snapshot

100 % Open Source

What’s open in Stella Ops