stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity
Files
35c5614eb758daf386196fc82bd1c55caefef3ca
git.stella-ops.org/src/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md
master 35c5614eb7 feat(rust): Implement RustCargoLockParser and RustFingerprintScanner 
- Added RustCargoLockParser to parse Cargo.lock files and extract package information.
- Introduced RustFingerprintScanner to scan for Rust fingerprint records in JSON files.
- Created test fixtures for Rust language analysis, including Cargo.lock and fingerprint JSON files.
- Developed tests for RustLanguageAnalyzer to ensure deterministic output based on provided fixtures.
- Added expected output files for both simple and signed Rust applications.
2025-10-22 18:11:01 +03:00

1.8 KiB
Raw Blame History

Rust Analyzer Task Flow

Seq ID Status Depends on Description Exit Criteria
1 SCANNER-ANALYZERS-LANG-10-306A DONE (2025-10-22) SCANNER-ANALYZERS-LANG-10-307 Parse Cargo metadata (Cargo.lock, .fingerprint, .metadata) and map crates to components with evidence. Fixtures confirm crate attribution ≥85% coverage; metadata normalized; evidence includes path + hash.
2 SCANNER-ANALYZERS-LANG-10-306B DONE (2025-10-22) SCANNER-ANALYZERS-LANG-10-306A Implement heuristic classifier using ELF section names, symbol mangling, and .comment data for stripped binaries. Heuristic output flagged as heuristic; regression tests ensure no false “observed” classifications.
3 SCANNER-ANALYZERS-LANG-10-306C DONE (2025-10-22) SCANNER-ANALYZERS-LANG-10-306B Integrate binary hash fallback (bin:{sha256}) and tie into shared quiet provenance helpers. Fallback path deterministic; shared helpers reused; tests verify consistent hashing.
4 SCANNER-ANALYZERS-LANG-10-307R TODO SCANNER-ANALYZERS-LANG-10-306C Finalize shared helper usage (license, usage flags) and concurrency-safe caches. Analyzer uses shared utilities; concurrency tests pass; no race conditions.
5 SCANNER-ANALYZERS-LANG-10-308R TODO SCANNER-ANALYZERS-LANG-10-307R Determinism fixtures + performance benchmarks; compare against competitor heuristic coverage. Fixtures Fixtures/lang/rust/ committed; determinism guard; benchmark shows ≥15% better coverage vs competitor.
6 SCANNER-ANALYZERS-LANG-10-309R TODO SCANNER-ANALYZERS-LANG-10-308R Package plug-in manifest + Offline Kit documentation; ensure Worker integration. Manifest copied; Worker loads analyzer; Offline Kit doc updated.