stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
docs/features/checked/reachgraph/static-sbom-call-graph-pruning.md Normal file
View File

@@ -0,0 +1,29 @@
# Static SBOM Call-Graph Pruning
## Module
ReachGraph
## Status
IMPLEMENTED
## Description
SBOM-based reachability filtering is implemented as a pipeline stage in the Scanner worker, with dependency reachability reporting and ReachGraph storage.
## Implementation Details
- **IReachabilityIndex**: `src/__Libraries/StellaOps.Reachability.Core/IReachabilityIndex.cs` -- `QueryStaticAsync` for static call-graph reachability analysis; `QueryHybridAsync` with batch support for SBOM-wide analysis
- **ReachabilityIndex**: `src/__Libraries/StellaOps.Reachability.Core/ReachabilityIndex.cs` -- implementation using adapters for graph and signals data
- **LatticeState.StaticReachable / StaticUnreachable**: `src/__Libraries/StellaOps.Reachability.Core/LatticeState.cs` -- static analysis determines SR or SU lattice state for each symbol
- **ReachabilityLattice**: `src/__Libraries/StellaOps.Reachability.Core/ReachabilityLattice.cs` -- transitions from Unknown to StaticReachable (confidence 0.30) or StaticUnreachable (confidence 0.40) based on call graph evidence
- **SymbolRef**: `src/__Libraries/StellaOps.Reachability.Core/SymbolRef.cs` -- symbol reference for graph queries
- **Symbol canonicalization**: `src/__Libraries/StellaOps.Reachability.Core/Symbols/SymbolCanonicalizer.cs`, `SymbolMatcher.cs` -- language-aware symbol normalization for accurate graph matching
- **ReachGraphStoreService**: `src/ReachGraph/StellaOps.ReachGraph.WebService/Services/ReachGraphStoreService.cs` -- stores pruned/filtered reachability graphs
- **ReachGraphSliceService**: `src/ReachGraph/StellaOps.ReachGraph.WebService/Services/ReachGraphSliceService.cs` -- slice queries for accessing filtered results by package
- **Tests**: `src/__Libraries/__Tests/StellaOps.Reachability.Core.Tests/`
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Verify static call-graph analysis correctly identifies reachable symbols (SR state)
- [ ] Test unreachable symbols are pruned with StaticUnreachable (SU) state
- [ ] Verify SBOM-based batch query prunes findings for all packages in SBOM
- [ ] Test symbol canonicalization handles cross-language symbol formats
- [ ] Verify pruned results are stored in ReachGraph and queryable via slice API