stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

archive audit attempts

Browse Source
This commit is contained in:
master
2026-02-19 22:00:31 +02:00
parent c2f13fe588
commit b5829dce5c
19638 changed files with 6366 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
docs-archived/implplan-blocked/audits/csproj-standards/AirGap/StellaOps.AirGap.Time/StellaOps.AirGap.Time.md Normal file
View File

@@ -0,0 +1,46 @@
# Audit - StellaOps.AirGap.Time
## Project
- Path: `src/AirGap/StellaOps.AirGap.Time/StellaOps.AirGap.Time.csproj`
- Module: `AirGap`
- Kind: `WebService`
- SDK: `Microsoft.NET.Sdk.Web`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 2
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/AirGap/StellaOps.AirGap.Time/Services/RoughtimeVerifier.cs` (430 lines)
- `src/AirGap/StellaOps.AirGap.Time/Services/Rfc3161Verifier.cs` (339 lines)
- `src/AirGap/StellaOps.AirGap.Time/Services/TimeAnchorPolicyService.cs` (306 lines)
- Service locator matches:
- `src/AirGap/StellaOps.AirGap.Time/Hooks/StartupValidationExtensions.cs`:17 var validator = scope.ServiceProvider.GetRequiredService<SealedStartupValidator>();
- `src/AirGap/StellaOps.AirGap.Time/Hooks/StartupValidationExtensions.cs`:18 var logger = scope.ServiceProvider.GetRequiredService<ILoggerFactory>().CreateLogger("AirGap.Time.Startup");
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/AirGap/__Tests/StellaOps.AirGap.Time.Tests/StellaOps.AirGap.Time.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.