stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOps.Auth.Abstractions.md Normal file
View File

@@ -0,0 +1,46 @@
# Audit - StellaOps.Auth.Abstractions
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOps.Auth.Abstractions.csproj`
- Module: `Authority`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 6
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOpsScopes.cs` (625 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOpsPrincipalBuilder.cs` (287 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/NetworkMask.cs` (181 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOpsClaimTypes.cs` (152 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/NetworkMaskMatcher.cs` (139 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions/StellaOpsProblemResultFactory.cs` (114 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Auth.Abstractions.Tests/StellaOps.Auth.Abstractions.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

52
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOps.Auth.Client.md Normal file
View File

@@ -0,0 +1,52 @@
# Audit - StellaOps.Auth.Client
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOps.Auth.Client.csproj`
- Module: `Authority`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 7
- Service locator usage (BuildServiceProvider/GetService): 5
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOpsTokenClient.cs` (236 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOpsAuthClientOptions.cs` (205 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOpsBearerTokenHandler.cs` (177 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/FileTokenCache.cs` (166 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/ServiceCollectionExtensions.cs` (151 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOpsDiscoveryCache.cs` (145 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/StellaOpsJwksCache.cs` (119 lines)
- Service locator matches:
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/ServiceCollectionExtensions.cs`:67 var logger = provider.GetService<Microsoft.Extensions.Logging.ILogger<FileTokenCache>>();
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/ServiceCollectionExtensions.cs`:69 var timeProvider = provider.GetService<TimeProvider>();
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/ServiceCollectionExtensions.cs`:93 provider.GetService<TimeProvider>(),
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/ServiceCollectionExtensions.cs`:94 provider.GetService<ILogger<StellaOpsBearerTokenHandler>>()));
- `src/Authority/StellaOps.Authority/StellaOps.Auth.Client/ServiceCollectionExtensions.cs`:142 var policy = provider.GetService<IEgressPolicy>();
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Auth.Client.Tests/StellaOps.Auth.Client.Tests.csproj [CLI]
- Missing layers: Unit
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).

44
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOps.Auth.ServerIntegration.md Normal file
View File

@@ -0,0 +1,44 @@
# Audit - StellaOps.Auth.ServerIntegration
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOps.Auth.ServerIntegration.csproj`
- Module: `Authority`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 4
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOpsScopeAuthorizationHandler.cs` (1083 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOpsAuthorityConfigurationManager.cs` (209 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOpsResourceServerOptions.cs` (193 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/StellaOpsResourceServerPolicies.cs` (120 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration.Tests/StellaOps.Auth.ServerIntegration.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

52
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/StellaOps.Authority.Plugin.Ldap.md Normal file
View File

@@ -0,0 +1,52 @@
# Audit - StellaOps.Authority.Plugin.Ldap
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/StellaOps.Authority.Plugin.Ldap.csproj`
- Module: `Authority`
- Kind: `Plugin`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 9
- Service locator usage (BuildServiceProvider/GetService): 1
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/LdapPluginOptions.cs` (783 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/Credentials/LdapCredentialStore.cs` (667 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/ClientProvisioning/LdapClientProvisioningStore.cs` (438 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/Connections/DirectoryServicesLdapConnectionFactory.cs` (397 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/Claims/LdapClaimsEnricher.cs` (248 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/LdapIdentityProviderPlugin.cs` (239 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/ClientProvisioning/LdapCapabilityProbe.cs` (161 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/ClientProvisioning/LdapDistinguishedNameHelper.cs` (113 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/LdapPluginRegistrar.cs` (109 lines)
- Service locator matches:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/LdapPluginRegistrar.cs`:108 => services.GetService<TimeProvider>() ?? TimeProvider.System;
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap.Tests/StellaOps.Authority.Plugin.Ldap.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

45
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc/StellaOps.Authority.Plugin.Oidc.md Normal file
View File

@@ -0,0 +1,45 @@
# Audit - StellaOps.Authority.Plugin.Oidc
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc/StellaOps.Authority.Plugin.Oidc.csproj`
- Module: `Authority`
- Kind: `Plugin`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc/Credentials/OidcCredentialStore.cs` (302 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc/OidcPluginOptions.cs` (265 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc/OidcIdentityProviderPlugin.cs` (131 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc.Tests/StellaOps.Authority.Plugin.Oidc.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

45
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml/StellaOps.Authority.Plugin.Saml.md Normal file
View File

@@ -0,0 +1,45 @@
# Audit - StellaOps.Authority.Plugin.Saml
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml/StellaOps.Authority.Plugin.Saml.csproj`
- Module: `Authority`
- Kind: `Plugin`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml/Credentials/SamlCredentialStore.cs` (466 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml/SamlPluginOptions.cs` (247 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml/SamlIdentityProviderPlugin.cs` (134 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml.Tests/StellaOps.Authority.Plugin.Saml.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

49
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/StellaOps.Authority.Plugin.Standard.md Normal file
View File

@@ -0,0 +1,49 @@
# Audit - StellaOps.Authority.Plugin.Standard
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/StellaOps.Authority.Plugin.Standard.csproj`
- Module: `Authority`
- Kind: `Plugin`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 5
- Service locator usage (BuildServiceProvider/GetService): 2
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/Storage/StandardUserCredentialStore.cs` (603 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/Storage/StandardClientProvisioningStore.cs` (248 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/StandardPluginOptions.cs` (191 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/Security/StandardCredentialAuditLogger.cs` (178 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/StandardPluginRegistrar.cs` (127 lines)
- Service locator matches:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/Bootstrap/StandardPluginBootstrapper.cs`:30 var optionsMonitor = scope.ServiceProvider.GetRequiredService<IOptionsMonitor<StandardPluginOptions>>();
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/Bootstrap/StandardPluginBootstrapper.cs`:31 var credentialStore = scope.ServiceProvider.GetRequiredService<StandardUserCredentialStore>();
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard.Tests/StellaOps.Authority.Plugin.Standard.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

44
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Unified/StellaOps.Authority.Plugin.Unified.md Normal file
View File

@@ -0,0 +1,44 @@
# Audit - StellaOps.Authority.Plugin.Unified
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Unified/StellaOps.Authority.Plugin.Unified.csproj`
- Module: `Authority`
- Kind: `Plugin`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 1
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Unified/AuthPluginAdapter.cs` (220 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: none
- Missing layers: Unit, Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

45
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/StellaOps.Authority.Plugins.Abstractions.md Normal file
View File

@@ -0,0 +1,45 @@
# Audit - StellaOps.Authority.Plugins.Abstractions
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/StellaOps.Authority.Plugins.Abstractions.csproj`
- Module: `Authority`
- Kind: `Plugin`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/IdentityProviderContracts.cs` (900 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/AuthorityPluginContracts.cs` (227 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/AuthoritySecretHasher.cs` (128 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions.Tests/StellaOps.Authority.Plugins.Abstractions.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

111
docs/implplan-blocked/audits/csproj-standards/Authority/StellaOps.Authority/StellaOps.Authority/StellaOps.Authority.md Normal file
View File

@@ -0,0 +1,111 @@
# Audit - StellaOps.Authority
## Project
- Path: `src/Authority/StellaOps.Authority/StellaOps.Authority/StellaOps.Authority.csproj`
- Module: `Authority`
- Kind: `WebService`
- SDK: `Microsoft.NET.Sdk.Web`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 61
- Service locator usage (BuildServiceProvider/GetService): 8
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Program.cs` (3204 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/ClientCredentialsHandlers.cs` (2192 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/PasswordGrantHandlers.cs` (1783 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Console/ConsoleEndpointExtensions.cs` (940 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/DpopHandlers.cs` (762 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Console/Admin/ConsoleAdminEndpointExtensions.cs` (746 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/TokenValidationHandlers.cs` (675 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Console/ConsoleWorkspaceSampleService.cs` (623 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/LocalPolicy/BreakGlassSessionManager.cs` (551 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Storage/Postgres/PostgresTokenStore.cs` (539 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Console/ConsoleWorkspaceModels.cs` (484 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/LocalPolicy/FileBasedPolicyStore.cs` (483 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/AuthoritySigningKeyManager.cs` (427 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Notifications/Ack/AuthorityAckTokenKeyManager.cs` (425 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Console/Admin/ConsoleBrandingEndpointExtensions.cs` (401 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/LocalPolicy/PolicyStoreFallback.cs` (378 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Plugins/AuthorityPluginLoader.cs` (342 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Airgap/AirgapAuditEndpointExtensions.cs` (321 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/LocalPolicy/LocalPolicyModels.cs` (319 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenApi/AuthorityOpenApiDocumentProvider.cs` (319 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Security/AuthorityClientCertificateValidator.cs` (319 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/RateLimiting/AuthorityRateLimiterMetadataMiddleware.cs` (296 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/TokenPersistenceHandlers.cs` (283 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/ClientCredentialsAuditHelper.cs` (269 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Airgap/AuthoritySealedModeEvidenceValidator.cs` (269 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/LegacyAuthDeprecationMiddleware.cs` (254 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Notifications/Ack/AckTokenPayload.cs` (253 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Audit/AuthorityAuditSink.cs` (237 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Vulnerability/Workflow/VulnWorkflowAntiForgeryTokenIssuer.cs` (234 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Revocation/RevocationBundleBuilder.cs` (220 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Notifications/Ack/AuthorityAckTokenIssuer.cs` (210 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Permalinks/VulnPermalinkService.cs` (193 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/AuthorityJwksService.cs` (183 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/RefreshTokenHandlers.cs` (166 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityIdentityProviderRegistry.cs` (157 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/LocalPolicy/ILocalPolicyStore.cs` (156 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/AdvisoryAi/AuthorityAdvisoryAiConsentEvaluator.cs` (151 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Storage/Postgres/PostgresAirgapAuditStore.cs` (146 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Airgap/AuthorityAirgapAuditService.cs` (146 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Notifications/Ack/AuthorityAckTokenVerifier.cs` (143 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenApi/OpenApiDiscoveryEndpointExtensions.cs` (143 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Vulnerability/Attachments/VulnAttachmentTokenIssuer.cs` (143 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/Handlers/RevocationHandlers.cs` (142 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/FileAuthoritySigningKeySource.cs` (140 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Storage/Postgres/PostgresLoginAttemptStore.cs` (136 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/RateLimiting/AuthorityRateLimiterMetadataAccessor.cs` (129 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/TokenRequestTamperInspector.cs` (127 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Storage/Postgres/PostgresClientStore.cs` (124 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Revocation/RevocationBundleSigner.cs` (122 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Vulnerability/Workflow/VulnWorkflowAntiForgeryTokenVerifier.cs` (122 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Storage/Postgres/PostgresBootstrapInviteStore.cs` (120 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityRateLimiter.cs` (117 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/KmsAuthoritySigningKeySource.cs` (117 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Signing/AuthorityDsseStatementSigner.cs` (116 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Vulnerability/VulnTokenVerificationUtilities.cs` (115 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Vulnerability/Attachments/VulnAttachmentTokenVerifier.cs` (115 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Vulnerability/VulnTokenUtilities.cs` (110 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Notifications/AuthorityWebhookAllowlistEvaluator.cs` (107 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Bootstrap/BootstrapInviteCleanupService.cs` (106 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Observability/IncidentAuditEndpointExtensions.cs` (102 lines)
- `src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/AuthoritySenderConstraintHelper.cs` (102 lines)
- Service locator matches:
- `src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityRateLimiter.cs`:32 logger ??= httpContext.RequestServices.GetService(typeof(ILoggerFactory)) is ILoggerFactory loggerFactory
- `src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityRateLimiter.cs`:108 ? serviceProvider.GetService(typeof(IAuthorityRateLimiterPartitionKeyResolver)) as IAuthorityRateLimiterPartitionKeyResolver ?? FallbackPartitionKeyResolver
- `src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityIdentityProviderRegistry.cs`:30 var providerInstances = scope.ServiceProvider.GetServices<IIdentityProviderPlugin>();
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Program.cs`:172 builder.Services.TryAddSingleton<IDpopReplayCache>(provider => new InMemoryDpopReplayCache(provider.GetService<TimeProvider>()));
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Program.cs`:182 var timeProvider = provider.GetService<TimeProvider>();
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Program.cs`:190 var timeProvider = provider.GetService<TimeProvider>();
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Program.cs`:191 var nonceLogger = provider.GetService<ILogger<InMemoryDpopNonceStore>>();
- `src/Authority/StellaOps.Authority/StellaOps.Authority/Plugins/AuthorityPluginLoader.cs`:255 provider = services.BuildServiceProvider(new ServiceProviderOptions
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Authority/__Tests/StellaOps.Authority.Persistence.Tests/StellaOps.Authority.Persistence.Tests.csproj [Unit], src/Authority/__Tests/StellaOps.Authority.Core.Tests/StellaOps.Authority.Core.Tests.csproj [Unit], src/Authority/__Tests/StellaOps.Authority.ConfigDiff.Tests/StellaOps.Authority.ConfigDiff.Tests.csproj [Unit], src/Authority/StellaOps.Authority/StellaOps.Authority.Tests/StellaOps.Authority.Tests.csproj [Unit], src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions.Tests/StellaOps.Authority.Plugins.Abstractions.Tests.csproj [Unit], src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard.Tests/StellaOps.Authority.Plugin.Standard.Tests.csproj [Unit], src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml.Tests/StellaOps.Authority.Plugin.Saml.Tests.csproj [Unit], src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc.Tests/StellaOps.Authority.Plugin.Oidc.Tests.csproj [Unit], src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap.Tests/StellaOps.Authority.Plugin.Ldap.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

45
docs/implplan-blocked/audits/csproj-standards/Authority/__Libraries/StellaOps.Authority.Core/StellaOps.Authority.Core.md Normal file
View File

@@ -0,0 +1,45 @@
# Audit - StellaOps.Authority.Core
## Project
- Path: `src/Authority/__Libraries/StellaOps.Authority.Core/StellaOps.Authority.Core.csproj`
- Module: `Authority`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 5
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/__Libraries/StellaOps.Authority.Core/Verdicts/VerdictReplayVerifier.cs` (234 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Core/Verdicts/VerdictManifestBuilder.cs` (227 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Core/Verdicts/VerdictManifest.cs` (199 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Core/Verdicts/InMemoryVerdictManifestStore.cs` (155 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Core/Verdicts/IVerdictManifestStore.cs` (102 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Authority/__Tests/StellaOps.Authority.Core.Tests/StellaOps.Authority.Core.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

60
docs/implplan-blocked/audits/csproj-standards/Authority/__Libraries/StellaOps.Authority.Persistence/StellaOps.Authority.Persistence.md Normal file
View File

@@ -0,0 +1,60 @@
# Audit - StellaOps.Authority.Persistence
## Project
- Path: `src/Authority/__Libraries/StellaOps.Authority.Persistence/StellaOps.Authority.Persistence.csproj`
- Module: `Authority`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 20
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/InMemory/Stores/InMemoryStores.cs` (719 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/OidcTokenRepository.cs` (410 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/UserRepository.cs` (378 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/VerdictManifestStore.cs` (356 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/InMemory/Documents/AuthorityDocuments.cs` (287 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/TokenRepository.cs` (252 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/BootstrapInviteRepository.cs` (194 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/TenantRepository.cs` (194 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/ClientRepository.cs` (162 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/PermissionRepository.cs` (158 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/RoleRepository.cs` (156 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/InMemory/Driver/InMemoryDriverShim.cs` (153 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/ServiceAccountRepository.cs` (141 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/AuditRepository.cs` (139 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/ApiKeyRepository.cs` (139 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/SessionRepository.cs` (138 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/RevocationRepository.cs` (121 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Models/UserEntity.cs` (112 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/InMemory/Stores/IAuthorityStores.cs` (110 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Persistence/Postgres/Repositories/OfflineKitAuditRepository.cs` (103 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Authority/__Tests/StellaOps.Authority.Persistence.Tests/StellaOps.Authority.Persistence.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

45
docs/implplan-blocked/audits/csproj-standards/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/StellaOps.Authority.Timestamping.Abstractions.md Normal file
View File

@@ -0,0 +1,45 @@
# Audit - StellaOps.Authority.Timestamping.Abstractions
## Project
- Path: `src/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/StellaOps.Authority.Timestamping.Abstractions.csproj`
- Module: `Authority`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: inherited true
- Deterministic: inherited true
- 100-line rule violations: 5
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/TimeStampVerificationResult.cs` (247 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/TimeStampToken.cs` (164 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/TimeStampResponse.cs` (155 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/TsaClientOptions.cs` (142 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping.Abstractions/TimeStampRequest.cs` (123 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit
- Detected test projects: none
- Missing layers: Unit
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).

48
docs/implplan-blocked/audits/csproj-standards/Authority/__Libraries/StellaOps.Authority.Timestamping/StellaOps.Authority.Timestamping.md Normal file
View File

@@ -0,0 +1,48 @@
# Audit - StellaOps.Authority.Timestamping
## Project
- Path: `src/Authority/__Libraries/StellaOps.Authority.Timestamping/StellaOps.Authority.Timestamping.csproj`
- Module: `Authority`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: inherited true
- Deterministic: inherited true
- 100-line rule violations: 8
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/Asn1/TimeStampRespDecoder.cs` (362 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/TsaProviderRegistry.cs` (262 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/TimeStampTokenVerifier.cs` (223 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/ITsaProviderRegistry.cs` (219 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/HttpTsaClient.cs` (217 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/Asn1/TimeStampReqEncoder.cs` (165 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/Caching/InMemoryTsaCacheStore.cs` (120 lines)
- `src/Authority/__Libraries/StellaOps.Authority.Timestamping/TimestampingServiceCollectionExtensions.cs` (107 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit
- Detected test projects: none
- Missing layers: Unit
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).