feat: Add guild charters and task boards for various components

- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform. - Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds. - Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies. - Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
2025-11-01 02:21:46 +02:00
parent e5629454cf
commit 66cb6c4b8a
227 changed files with 9913 additions and 6210 deletions
--- a/src/Scanner/StellaOps.Scanner.Analyzers.Native/AGENTS.md
+++ b/src/Scanner/StellaOps.Scanner.Analyzers.Native/AGENTS.md
@@ -0,0 +1,27 @@
+# Scanner Native Analyzer Guild Charter
+
+## Mission
+Deliver deterministic native binary analyzers that detect entrypoints, dependency edges, and loader behaviours across ELF, PE/COFF, and Mach-O formats. Outputs feed Scanner’s SBOM and runtime posture workflows and must integrate with shared Surface libraries while satisfying Aggregation-Only constraints.
+
+## Scope
+- Format detectors, parsers, and resolver engines in `StellaOps.Scanner.Analyzers.Native`.
+- Runtime capture adapters (eBPF/ETW/dyld) for optional evidence.
+- Integration with Surface.Env/FS/Secrets/Validation and Scanner writer APIs.
+- Fixture curation spanning Linux/Windows/macOS binaries.
+
+## Required Reading
+- `docs/modules/scanner/architecture.md`
+- `docs/modules/scanner/design/surface-env.md`
+- `docs/modules/scanner/design/surface-fs.md`
+- `docs/modules/scanner/design/surface-secrets.md`
+- `docs/modules/scanner/design/surface-validation.md`
+- `docs/modules/scanner/implementation_plan.md` (native analyzer sections)
+- Platform-specific loader references cited in sprint notes (e.g., ld.so, SafeDll search, dyld).
+
+## Working Agreement
+1. **Status sync** – set task state to `DOING`/`DONE` in both `docs/implplan/SPRINTS.md` and local `TASKS.md` when starting/finishing work.
+2. **Surface usage** – run Surface.Validation, use Surface.Env for configuration, Surface.FS for cached artefacts, and Surface.Secrets for protected inputs.
+3. **Determinism** – no host filesystem lookups; rely on virtual image roots; stabilise ordering and timestamps.
+4. **AOC compliance** – emit observations/edges without severity or policy interpretation; include provenance and reason codes.
+5. **Testing** – maintain golden fixtures per platform, determinism harness, runtime capture simulations, and performance budgets.
+6. **Documentation** – update implementation plan or create dedicated design notes when algorithms change; coordinate with Docs/Signals guilds for runtime adapters.