stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
docs/features/unchecked/scanner/proc-snapshot-collectors.md Normal file
View File

@@ -0,0 +1,28 @@
# Proc Snapshot Collectors (Java/DotNet/PHP Runtime Inventory)
## Module
Scanner
## Status
IMPLEMENTED
## Description
Runtime process snapshot collection for Java classpath, .NET assemblies, and PHP autoload paths, providing runtime-observed library inventories that feed into SBOM reconciliation.
## Implementation Details
- **Process Snapshot**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Runtime/ProcFileSystemSnapshot.cs` - `ProcFileSystemSnapshot` collects runtime process state from /proc filesystem entries (Java classpath, .NET assemblies, PHP autoload paths)
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Runtime/ProcProcess.cs` - `ProcProcess` model representing a discovered runtime process with its loaded libraries
- **Process Graph**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Runtime/ProcGraph.cs` - `ProcGraph` represents the runtime process dependency graph
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Runtime/ProcGraphBuilder.cs` - `ProcGraphBuilder` constructs the process graph from snapshot data
- **Reconciliation**:
- `src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/Runtime/EntryTraceRuntimeReconciler.cs` - `EntryTraceRuntimeReconciler` reconciles runtime-observed libraries with static SBOM analysis
## E2E Test Plan
- [ ] Collect a process snapshot from a running Java container and verify classpath entries are captured
- [ ] Collect a process snapshot from a running .NET container and verify loaded assembly paths are captured
- [ ] Collect a process snapshot from a running PHP container and verify autoload paths are captured
- [ ] Verify the runtime reconciler correctly matches runtime-observed libraries to static SBOM components
- [ ] Verify runtime-observed libraries not in the static SBOM are flagged as "runtime-only" discoveries
- [ ] Verify the process graph correctly models parent-child process relationships