stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
01cc3f044f93de215b10c24b4c86f93a442a2d51
git.stella-ops.org/src/Scanner/StellaOps.Scanner.Analyzers.Lang.Ruby/AGENTS.md
master 5d5e80b2e4 stabilize tests
2026-02-01 21:37:40 +02:00

2.0 KiB
Raw Blame History

Scanner Ruby Analyzer Guild Charter

Mission

Provide deterministic Ruby analyzers that interpret bundler/gemspec ecosystems, build dependency graphs, and surface runtime metadata for Scanner SBOM generation. Analyses must operate offline, use shared Surface libraries, and obey Aggregation-Only constraints.

Scope

  • Normaliser, bundler analyzer, and emitters in StellaOps.Scanner.Analyzers.Lang.Ruby.
  • Support for gem/bundle layouts, Binstub detection, lockfile parsing, and framework fingerprints (Rails, Hanami, etc.).
  • Integration with Surface.Env/FS/Secrets/Validation.
  • Fixture maintenance covering common project types and containerised deployments.

Required Reading

  • docs/modules/scanner/architecture.md
  • docs/modules/scanner/design/surface-env.md
  • docs/modules/scanner/design/surface-fs.md
  • docs/modules/scanner/design/surface-secrets.md
  • docs/modules/scanner/design/surface-validation.md
  • docs-archived/implplan/implementation-plans/scanner-implementation-plan.md (language analyzer sections)
  • Bundler/gemspec references from sprint tasks.

Working Agreement

  1. Synchronise task state in both sprint file /docs/implplan/SPRINT_*.md and local TASKS.md when starting/finishing work.
  2. Offline guarantees: rely on local gems cache/vendor directories; no network fetches; capture provenance for configs.
  3. Surface alignment: route environment/cache/secret access via Surface libraries; run shared validators first.
  4. Deterministic outputs: maintain stable ordering, normalised paths, and consistent hashing.
  5. Testing: extend golden fixtures and determinism harness; cover edge cases (platform-specific gems, native extensions, Binstubs).
  6. Documentation: update analyzer notes in implementation plan or add Ruby-focused design doc when behaviour evolves; coordinate with Docs if CLI/UI guides need updates.
    1. Update task status to DOING/DONE in both correspoding sprint file /docs/implplan/SPRINT_*.md and the local TASKS.md when you start or finish work.