stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
44171930ff7ea4aece1d8a1effa08e26bf100f32
git.stella-ops.org/src/Scanner/AGENTS.md
master d519782a8f
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
prep docs and service updates
2025-11-21 06:56:36 +00:00

2.9 KiB
Raw Blame History

AGENTS · Scanner Module

Roles

  • Backend / Analyzer Engineer: .NET 10 (preview) for analyzers, worker, web service, plug-ins; keep outputs deterministic.
  • QA / Bench Engineer: Adds golden fixtures, regression tests, and perf/determinism benchmarks under __Tests / __Benchmarks.
  • Docs Touches (light): Update module docs under src/Scanner/docs when behavior/contracts change; mirror in sprint notes.

Required Reading

  • docs/README.md
  • docs/07_HIGH_LEVEL_ARCHITECTURE.md
  • docs/modules/platform/architecture-overview.md
  • docs/modules/scanner/architecture.md
  • docs/reachability/DELIVERY_GUIDE.md (sections 5.55.9 for native/JS/PHP updates)
  • docs/reachability/purl-resolved-edges.md
  • docs/reachability/patch-oracles.md
  • Current sprint file (e.g., docs/implplan/SPRINT_401_reachability_evidence_chain.md).

Working Directory & Boundaries

  • Primary scope: src/Scanner/** (analyzers, worker, web service, plugins, __Libraries, __Tests, __Benchmarks, docs).
  • Avoid cross-module edits unless sprint explicitly permits; note any cross-module change in sprint tracker.
  • Keep fixtures minimal/deterministic; store under src/Scanner/__Tests/Fixtures or __Benchmarks.

Engineering Rules

  • Target net10.0; prefer latest C# preview allowed in repo.
  • Offline-first: no new external network calls; use cached feeds (/local-nugets).
  • Determinism: stable ordering, UTC ISO-8601 timestamps, no DateTime.Now/random without seed; normalize path separators.
  • Logging: structured (ILogger message templates); avoid secrets/paths leakage.
  • Security: no executing untrusted payloads; keep analyzers pure; include redaction guidance for runtime capture adapters.
  • Native analyzers: capture .note.gnu.build-id when present and thread into SymbolID/code_id; add synthetic roots for .preinit_array/.init_array/_init; emit purl+symbol-digest on call edges; emit Unknowns when symbol→purl or edges are unresolved.
  • Tests: keep patch-oracle fixtures deterministic (strip binaries; stable compilers); add/maintain tests/reachability/patch-oracles/** when touching native analyzers.

Testing & Verification

  • Default: dotnet test src/Scanner/StellaOps.Scanner.sln.
  • Add/extend tests in src/Scanner/__Tests/**; golden outputs should be deterministic (sorted keys, stable ordering).
  • Benchmarks under src/Scanner/__Benchmarks/**; document input and expected ceilings in comments.
  • Cover multi-RID, trimmed/NativeAOT, self-contained vs framework-dependent cases where applicable.

Workflow Expectations

  • Mirror task state in sprint tracker (TODO → DOING → DONE/BLOCKED); note blockers with the specific decision needed.
  • Keep resolvers/analyzers parametric on environment data (RID, TFM, search paths); avoid host-global state.
  • When adding DI/manifest registrations, ensure restart-time and worker compatibility; update module docs if contracts change.