more audit work

2026-01-08 10:21:51 +02:00
parent 43c02081ef
commit 51cf4bc16c
546 changed files with 36721 additions and 4003 deletions
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Sources/AGENTS.md
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Sources/AGENTS.md
@@ -0,0 +1,31 @@
+# Scanner Sources Charter
+
+## Mission
+Manage SBOM source definitions, scheduling, trigger dispatch, and connection testing for scanner ingestion.
+
+## Responsibilities
+- Maintain domain models, configuration validation, handlers, connection testers, triggers, scheduling, and persistence.
+- Preserve tenant scoping and deterministic behavior.
+- Keep `TASKS.md` and sprint tracker statuses in sync.
+
+## Key Paths
+- `Configuration/`
+- `ConnectionTesters/`
+- `Domain/`
+- `Handlers/`
+- `Persistence/`
+- `Scheduling/`
+- `Services/`
+- `Triggers/`
+
+## Required Reading
+- `docs/modules/scanner/architecture.md`
+- `docs/modules/scanner/byos-ingestion.md`
+- `docs/modules/scanner/design/runtime-alignment-scanner-zastava.md`
+- `docs/implplan/permament/SPRINT_20251229_049_BE_csproj_audit_maint_tests.md`
+
+## Working Agreement
+- 1. Update task status to DOING/DONE in the sprint file and `TASKS.md`.
+- 2. Enforce tenant scoping on source and run queries.
+- 3. Use injected TimeProvider/IGuidGenerator and invariant parsing for deterministic output.
+- 4. Keep connection tests offline-safe and avoid logging credentials.
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Sources/TASKS.md
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Sources/TASKS.md
@@ -0,0 +1,10 @@
+# Scanner Sources Task Board
+
+This board mirrors active sprint tasks for this module.
+Source of truth: `docs/implplan/permament/SPRINT_20251229_049_BE_csproj_audit_maint_tests.md`.
+
+| Task ID | Status | Notes |
+| --- | --- | --- |
+| AUDIT-0766-M | DONE | Revalidated 2026-01-07. |
+| AUDIT-0766-T | DONE | Revalidated 2026-01-07. |
+| AUDIT-0766-A | DONE | Already compliant (revalidated 2026-01-07). |