stabilize tests
This commit is contained in:
master
@@ -1,7 +1,7 @@
|
||||
# Scanner Native Analyzer Guild Charter
|
||||
|
||||
## Mission
|
||||
Deliver deterministic native binary analyzers that detect entrypoints, dependency edges, and loader behaviours across ELF, PE/COFF, and Mach-O formats. Outputs feed Scanner’s SBOM and runtime posture workflows and must integrate with shared Surface libraries while satisfying Aggregation-Only constraints.
|
||||
Deliver deterministic native binary analyzers that detect entrypoints, dependency edges, and loader behaviours across ELF, PE/COFF, and Mach-O formats. Outputs feed Scanner???s SBOM and runtime posture workflows and must integrate with shared Surface libraries while satisfying Aggregation-Only constraints.
|
||||
|
||||
## Scope
|
||||
- Format detectors, parsers, and resolver engines in `StellaOps.Scanner.Analyzers.Native`.
|
||||
@@ -15,13 +15,14 @@ Deliver deterministic native binary analyzers that detect entrypoints, dependenc
|
||||
- `docs/modules/scanner/design/surface-fs.md`
|
||||
- `docs/modules/scanner/design/surface-secrets.md`
|
||||
- `docs/modules/scanner/design/surface-validation.md`
|
||||
- `docs/modules/scanner/implementation_plan.md` (native analyzer sections)
|
||||
- `docs-archived/implplan/implementation-plans/scanner-implementation-plan.md` (native analyzer sections)
|
||||
- Platform-specific loader references cited in sprint notes (e.g., ld.so, SafeDll search, dyld).
|
||||
|
||||
## Working Agreement
|
||||
1. **Status sync** – set task state to `DOING`/`DONE` in both sprint file `/docs/implplan/SPRINT_*.md` and local `TASKS.md` when starting/finishing work.
|
||||
2. **Surface usage** – run Surface.Validation, use Surface.Env for configuration, Surface.FS for cached artefacts, and Surface.Secrets for protected inputs.
|
||||
3. **Determinism** – no host filesystem lookups; rely on virtual image roots; stabilise ordering and timestamps.
|
||||
4. **AOC compliance** – emit observations/edges without severity or policy interpretation; include provenance and reason codes.
|
||||
5. **Testing** – maintain golden fixtures per platform, determinism harness, runtime capture simulations, and performance budgets.
|
||||
6. **Documentation** – update implementation plan or create dedicated design notes when algorithms change; coordinate with Docs/Signals guilds for runtime adapters.
|
||||
1. **Status sync** ??? set task state to `DOING`/`DONE` in both sprint file `/docs/implplan/SPRINT_*.md` and local `TASKS.md` when starting/finishing work.
|
||||
2. **Surface usage** ??? run Surface.Validation, use Surface.Env for configuration, Surface.FS for cached artefacts, and Surface.Secrets for protected inputs.
|
||||
3. **Determinism** ??? no host filesystem lookups; rely on virtual image roots; stabilise ordering and timestamps.
|
||||
4. **AOC compliance** ??? emit observations/edges without severity or policy interpretation; include provenance and reason codes.
|
||||
5. **Testing** ??? maintain golden fixtures per platform, determinism harness, runtime capture simulations, and performance budgets.
|
||||
6. **Documentation** ??? update implementation plan or create dedicated design notes when algorithms change; coordinate with Docs/Signals guilds for runtime adapters.
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Text;
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Collections.Immutable;
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
// Description: Extracts security hardening flags from macOS Mach-O binaries
|
||||
// -----------------------------------------------------------------------------
|
||||
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Collections.Immutable;
|
||||
|
||||
|
||||
@@ -7,6 +7,7 @@
|
||||
// Description: Extracts security hardening flags from Windows PE binaries
|
||||
// -----------------------------------------------------------------------------
|
||||
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Collections.Immutable;
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Text;
|
||||
using System.Text.RegularExpressions;
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
using System.Collections.Frozen;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text.Json;
|
||||
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Replay.Core;
|
||||
using StellaOps.Scanner.ProofSpine;
|
||||
using System.Collections.Frozen;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text.Json;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.Index;
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Text;
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System;
|
||||
using System.Buffers.Binary;
|
||||
using System.IO;
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Text;
|
||||
using System.Xml;
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
|
||||
using System.Buffers.Binary;
|
||||
using System.Text;
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
|
||||
using Microsoft.Extensions.Logging;
|
||||
using System.Runtime.CompilerServices;
|
||||
using StellaOps.Scanner.Analyzers.Native.Observations;
|
||||
using System.Runtime.CompilerServices;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.Plugin;
|
||||
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
using System.Reflection;
|
||||
|
||||
using Microsoft.Extensions.Logging;
|
||||
using System.Reflection;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.Plugin;
|
||||
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
|
||||
using StellaOps.Scanner.Analyzers.Native.Observations;
|
||||
using System.Collections.Immutable;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using StellaOps.Scanner.Analyzers.Native.Observations;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.Reachability;
|
||||
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
|
||||
using StellaOps.Determinism;
|
||||
using System.Collections.Concurrent;
|
||||
using System.Diagnostics;
|
||||
using System.Globalization;
|
||||
@@ -5,7 +7,6 @@ using System.Runtime.InteropServices;
|
||||
using System.Runtime.Versioning;
|
||||
using System.Text;
|
||||
using System.Text.RegularExpressions;
|
||||
using StellaOps.Determinism;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.RuntimeCapture;
|
||||
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
|
||||
using StellaOps.Determinism;
|
||||
using System.Collections.Concurrent;
|
||||
using System.Diagnostics;
|
||||
using System.Globalization;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Runtime.Versioning;
|
||||
using System.Text.RegularExpressions;
|
||||
using StellaOps.Determinism;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.RuntimeCapture;
|
||||
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
|
||||
using StellaOps.Determinism;
|
||||
using System.Collections.Concurrent;
|
||||
using System.Diagnostics;
|
||||
using System.Globalization;
|
||||
@@ -5,7 +7,6 @@ using System.Runtime.InteropServices;
|
||||
using System.Runtime.Versioning;
|
||||
using System.Security.Principal;
|
||||
using System.Text.RegularExpressions;
|
||||
using StellaOps.Determinism;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native.RuntimeCapture;
|
||||
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.Scanner.Contracts;
|
||||
using System.Buffers.Binary;
|
||||
using System.Collections.Immutable;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Cryptography;
|
||||
using StellaOps.Scanner.Contracts;
|
||||
|
||||
namespace StellaOps.Scanner.Analyzers.Native;
|
||||
|
||||
|
||||
@@ -13,3 +13,4 @@ Source of truth: `docs/implplan/SPRINT_20260113_001_001_SCANNER_elf_section_hash
|
||||
| ELF-SECTION-TESTS-0001 | DONE | Add unit tests for section hashing. |
|
||||
| ELF-SECTION-FIXTURES-0001 | DONE | Add ELF fixtures with golden hashes. |
|
||||
| ELF-SECTION-DETERMINISM-0001 | DONE | Add determinism regression test. |
|
||||
| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
|
||||
|
||||
Reference in New Issue
Block a user