stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
0c9e8d5d188ee7216bf8f95c01c8a913c90ab605
git.stella-ops.org/docs/implplan/SPRINT_133_scanner_surface.md
StellaOps Bot 3b96b2e3ea
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
up
2025-11-27 23:45:09 +02:00

4.6 KiB
Raw Blame History

Sprint 133 - Scanner & Surface

Implementation order remains sequential across Sprint 130139. Complete each sprint in order before pulling tasks from the next file.

4. Scanner.IV — Scanner & Surface focus on Scanner (phase IV).

Dependency: Sprint 132 - 3. Scanner.III — Scanner & Surface focus on Scanner (phase III).

Task ID State Summary Owner / Source Depends On
SCANNER-ANALYZERS-NODE-22-006 TODO Detect bundles + source maps, reconstruct module specifiers, and correlate to original paths; support dual CJS/ESM graphs with conditions. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-005
SCANNER-ANALYZERS-NODE-22-007 TODO Scan for native addons (.node), WASM modules, and core capability signals (child_process, vm, worker_threads); emit hint edges and native metadata. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-006
SCANNER-ANALYZERS-NODE-22-008 TODO Produce AOC-compliant observations: entrypoints, components (pkg/native/wasm), edges (esm-import, cjs-require, exports, json, native-addon, wasm, worker) with reason codes/confidence and resolver traces. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-007
SCANNER-ANALYZERS-NODE-22-009 TODO Author fixture suite + performance benchmarks (npm, pnpm, PnP, bundle, electron, worker) with golden outputs and latency budgets. Node Analyzer Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-008
SCANNER-ANALYZERS-NODE-22-010 TODO Implement optional runtime evidence hooks (ESM loader, CJS require hook) with path scrubbing and loader ID hashing; emit runtime-* edges. Node Analyzer Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-009
SCANNER-ANALYZERS-NODE-22-011 TODO Package updated analyzer as restart-time plug-in, expose Scanner CLI (stella node *) commands, refresh Offline Kit documentation. Node Analyzer Guild, DevOps Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-010
SCANNER-ANALYZERS-NODE-22-012 TODO Integrate container filesystem adapter (OCI layers, Dockerfile hints) and record NODE_OPTIONS/env warnings. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node) SCANNER-ANALYZERS-NODE-22-011
SCANNER-ANALYZERS-PHP-27-001 DONE Build input normalizer & VFS for PHP projects: merge source trees, composer manifests, vendor/, php.ini/conf.d, .htaccess, FPM configs, container layers. Detect framework/CMS fingerprints deterministically. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php)
SCANNER-ANALYZERS-PHP-27-002 DONE Composer/Autoload analyzer: parse composer.json/lock/installed.json, generate package nodes, autoload edges (psr-4/0/classmap/files), bin entrypoints, composer plugins. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) SCANNER-ANALYZERS-PHP-27-001
SCANNER-ANALYZERS-PHP-27-003 DONE Include/require graph builder: resolve static includes, capture dynamic include patterns, bootstrap chains, merge with autoload edges. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) SCANNER-ANALYZERS-PHP-27-002
SCANNER-ANALYZERS-PHP-27-004 DONE Runtime capability scanner: detect exec/fs/net/env/serialization/crypto/database usage, stream wrappers, uploads; record evidence snippets. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) SCANNER-ANALYZERS-PHP-27-003
SCANNER-ANALYZERS-PHP-27-005 DONE PHAR/Archive inspector: parse phar manifests/stubs, hash files, detect embedded vendor trees and phar:// usage. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) SCANNER-ANALYZERS-PHP-27-004
SCANNER-ANALYZERS-PHP-27-006 DONE Framework/CMS surface mapper: extract routes, controllers, middleware, CLI/cron entrypoints for Laravel/Symfony/Slim/WordPress/Drupal/Magento. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) SCANNER-ANALYZERS-PHP-27-005
SCANNER-ANALYZERS-PHP-27-007 DONE Container & extension detector: parse php.ini/conf.d, map extensions to .so/.dll, collect web server/FPM settings, upload limits, disable_functions. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) SCANNER-ANALYZERS-PHP-27-006