# Audit - StellaOps.Integrations.WebService

## Project
- Path: `src/Integrations/StellaOps.Integrations.WebService/StellaOps.Integrations.WebService.csproj`
- Module: `Integrations`
- Kind: `WebService`
- SDK: `Microsoft.NET.Sdk.Web`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30

## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 1
- Analyzer enforcement: missing repo-wide (see summary).

### Details
- 100-line files:
  - `src/Integrations/StellaOps.Integrations.WebService/IntegrationService.cs` (322 lines)
  - `src/Integrations/StellaOps.Integrations.WebService/IntegrationEndpoints.cs` (119 lines)
  - `src/Integrations/StellaOps.Integrations.WebService/IntegrationPluginLoader.cs` (105 lines)
- Service locator matches:
  - `src/Integrations/StellaOps.Integrations.WebService/Program.cs`:88 var dbContext = scope.ServiceProvider.GetRequiredService<IntegrationDbContext>();

### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.

## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: none
- Missing layers: Unit, Integration, Security, Offline

### Manual checks required
- Observability contract tests for WebService/Worker.
- Offline execution (tests must run without network access).

### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.