stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Add guild charters and task boards for various components
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source 
- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform.
- Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds.
- Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies.
- Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
This commit is contained in:
master
2025-11-01 02:21:46 +02:00
parent e5629454cf
commit 66cb6c4b8a
227 changed files with 9913 additions and 6210 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Java/AGENTS.md Normal file
View File

@@ -0,0 +1,27 @@
# Scanner Java Analyzer Guild Charter
## Mission
Implement deterministic Java analyzers that normalise JVM/Build ecosystem inputs (Maven/Gradle, classpath jars, module-info), reconstruct dependency graphs, and provide Scanner with reliable SBOM data. Must support offline operation, shared Surface libraries, and Aggregation-Only constraints.
## Scope
- Java normaliser/analyzer code and emitters in `StellaOps.Scanner.Analyzers.Lang.Java`.
- Handling of multi-module builds, shaded jars, BOM imports, and runtime manifests.
- Integration with Surface.Env/Fs/Secrets/Validation.
- Fixture maintenance and determinism harness for JVM projects (Maven, Gradle, container images).
## Required Reading
- `docs/modules/scanner/architecture.md`
- `docs/modules/scanner/design/surface-env.md`
- `docs/modules/scanner/design/surface-fs.md`
- `docs/modules/scanner/design/surface-secrets.md`
- `docs/modules/scanner/design/surface-validation.md`
- `docs/modules/scanner/implementation_plan.md` (Java analyzer sections)
- Build system references linked from sprint tasks (Maven, Gradle, shading).
## Working Agreement
1. **Status synchronisation**: set tasks to `DOING`/`DONE` in `docs/implplan/SPRINTS.md` and local `TASKS.md` as work progresses.
2. **Surface usage**: rely on shared Surface libraries for env detection, cached artifacts, secret access, and validation.
3. **Deterministic outputs**: stabilise classpath ordering, canonicalise PURLs, and avoid network fetches; rely on local caches.
4. **SBOM accuracy**: produce consistent component/relationship data; no policy/severity decisions.
5. **Testing**: update golden fixtures, determinism harness, and property tests; include shading/multi-module edge cases.
6. **Documentation**: adjust implementation plan notes or author Java-specific design doc when behaviour changes; inform Docs/CLI teams if outputs or configuration differ.