Files

StellaOps Bot b6b9ffc050

Docs CI / lint-and-preview (push) Has been cancelled

Details

Add PHP Analyzer Plugin and Composer Lock Data Handling

- Implemented the PhpAnalyzerPlugin to analyze PHP projects.
- Created ComposerLockData class to represent data from composer.lock files.
- Developed ComposerLockReader to load and parse composer.lock files asynchronously.
- Introduced ComposerPackage class to encapsulate package details.
- Added PhpPackage class to represent PHP packages with metadata and evidence.
- Implemented PhpPackageCollector to gather packages from ComposerLockData.
- Created PhpLanguageAnalyzer to perform analysis and emit results.
- Added capability signals for known PHP frameworks and CMS.
- Developed unit tests for the PHP language analyzer and its components.
- Included sample composer.lock and expected output for testing.
- Updated project files for the new PHP analyzer library and tests.

2025-11-22 14:02:49 +02:00

analyzer-prep-0132.md

Add new features and tests for AirGap and Time modules

2025-11-20 23:29:54 +02:00

deno-runtime-shim.md

Add PHP Analyzer Plugin and Composer Lock Data Handling

2025-11-22 14:02:49 +02:00

deno-runtime-signals.md

feat: Add initial implementation of Vulnerability Resolver Jobs

2025-11-18 07:52:15 +02:00

macos-analyzer.md

feat: Implement vulnerability token signing and verification utilities

2025-11-03 10:04:10 +02:00

node-bundle-phase22.md

feat: Enhance MongoDB storage with event publishing and outbox support

2025-11-20 23:08:45 +02:00

README.md

nuget reorganization

2025-11-18 23:45:25 +02:00

ruby-analyzer.md

Add inline DSSE provenance documentation and Mongo schema

2025-11-13 00:20:33 +02:00

surface-env.md

Implement ledger metrics for observability and add tests for Ruby packages endpoints

2025-11-13 09:29:09 +02:00

surface-fs-consumers.md

feat: Add documentation and task tracking for Sprints 508 to 514 in Ops & Offline

2025-11-08 23:18:28 +02:00

surface-fs.md

Implement Advisory Canonicalization and Backfill Migration

2025-11-07 19:54:02 +02:00

surface-secrets.md

Add Authority Advisory AI and API Lifecycle Configuration

2025-11-02 13:50:25 +02:00

surface-validation.md

Add Authority Advisory AI and API Lifecycle Configuration

2025-11-02 13:50:25 +02:00

windows-analyzer.md

feat: Implement vulnerability token signing and verification utilities

2025-11-03 10:04:10 +02:00

README.md

Scanner Design Dossiers

This directory contains deep technical designs for current and upcoming analyzers and surface components.

Language analyzers

ruby-analyzer.md — lockfile, runtime graph, capability signals for Ruby.
deno-runtime-signals.md — runtime trace + policy signal contract for Deno analyzer.
deno-runtime-shim.md — loader/trace shim plan for runtime NDJSON capture in Deno analyzer.

Surface & platform contracts

surface-fs.md
surface-env.md
surface-validation.md
surface-secrets.md

OS ecosystem designs

macos-analyzer.md — Homebrew, pkgutil, .app bundle plan.
windows-analyzer.md — MSI, WinSxS, Chocolatey, registry collectors.

Demand & dashboards

../../benchmarks/scanner/windows-macos-demand.md — demand tracker.
../../benchmarks/scanner/windows-macos-interview-template.md — interview template.
../../api/scanner/windows-coverage.md — coverage summary dashboard.
../../api/scanner/windows-macos-summary.md — metric snapshot.

Utility & reference

../operations/field-engagement.md — SE workflow guidance.
../operations/analyzers.md — operational runbook.
../operations/rustfs-migration.md — storage migration notes.

Maintenance tips

Keep demand tracker (../../benchmarks/scanner/windows-macos-demand.md) and API dashboards in sync when updating macOS/Windows designs.
Cross-reference policy readiness briefs for associated predicates and waiver models.

Policy readiness

../policy/secret-leak-detection-readiness.md — secret leak pipeline decisions.
../policy/windows-package-readiness.md — Windows analyzer policy decisions.