stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: add security sink detection patterns for JavaScript/TypeScript

Browse Source 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
This commit is contained in:
StellaOps Bot
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docs/implplan/SPRINT_7000_0001_0003_explainability.md
View File

@@ -8,7 +8,7 @@
| **Topic** | Explainability with Assumptions & Falsifiability |
| **Duration** | 2 weeks |
| **Priority** | HIGH |
| **Status** | TODO |
| **Status** | DOING |
| **Owner** | Scanner Team + Policy Team |
| **Working Directory** | `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/`, `src/Policy/__Libraries/StellaOps.Policy.Explainability/` |
@@ -38,13 +38,13 @@ This addresses the advisory gap: "No existing scanner answers #4."
| ID | Task | Status | Assignee | Notes |
|----|------|--------|----------|-------|
| 7000.0003.01 | Design assumption-set model (compiler flags, runtime config, feature gates) | TODO | | |
| 7000.0003.02 | Implement `AssumptionSet` record in findings | TODO | | |
| 7000.0003.03 | Design falsifiability criteria model | TODO | | |
| 7000.0003.04 | Add "what would disprove this?" to `RiskExplainer` output | TODO | | |
| 7000.0003.05 | Implement evidence-density confidence scorer | TODO | | |
| 7000.0003.06 | Add assumption-set to DSSE predicate schema | TODO | | |
| 7000.0003.07 | UI: Explainability widget with assumption drill-down | TODO | | |
| 7000.0003.01 | Design assumption-set model (compiler flags, runtime config, feature gates) | DONE | Agent | Assumption.cs with enums |
| 7000.0003.02 | Implement `AssumptionSet` record in findings | DONE | Agent | AssumptionSet.cs, IAssumptionCollector.cs |
| 7000.0003.03 | Design falsifiability criteria model | DONE | Agent | FalsifiabilityCriteria.cs with enums |
| 7000.0003.04 | Add "what would disprove this?" to `RiskExplainer` output | DONE | Agent | FalsifiabilityGenerator.cs, RiskReport.cs |
| 7000.0003.05 | Implement evidence-density confidence scorer | DONE | Agent | EvidenceDensityScorer.cs with 8 factors |
| 7000.0003.06 | Add assumption-set to DSSE predicate schema | DONE | Agent | finding-explainability-predicate.schema.json + ExplainabilityPredicateSerializer |
| 7000.0003.07 | UI: Explainability widget with assumption drill-down | TODO | | Deferred - Angular |
---
@@ -315,6 +315,7 @@ This addresses the advisory gap: "No existing scanner answers #4."
| Date (UTC) | Update | Owner |
|------------|--------|-------|
| 2025-12-22 | Sprint created from advisory gap analysis | Agent |
| 2025-12-22 | Tasks 1-6 complete: Assumption models, AssumptionCollector, Falsifiability models, FalsifiabilityGenerator, EvidenceDensityScorer, RiskReport, DSSE predicate schema with serializer. 93 tests passing. Task 7 (Angular UI) deferred. | Agent |
---