stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
5fc469ad98760bda73590cc6f6c47836a024f956
git.stella-ops.org/src/Scanner/__Libraries/StellaOps.Scanner.EntryTrace/TASKS.completed.md
master 15b4a1de6a feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
2025-10-31 14:37:45 +02:00

2.8 KiB
Raw Blame History

Completed Tasks

ID Status Owner(s) Depends on Description Exit Criteria
SCANNER-ENTRYTRACE-10-401 DONE (2025-10-19) EntryTrace Guild Scanner Core contracts Implement deterministic POSIX shell AST parser covering exec/command/source/run-parts/case/if used by ENTRYPOINT scripts. Parser emits stable AST and serialization tests prove determinism for representative fixtures; see ShellParserTests.
SCANNER-ENTRYTRACE-10-402 DONE (2025-10-19) EntryTrace Guild SCANNER-ENTRYTRACE-10-401 Resolve commands across layered rootfs, tracking evidence per hop (PATH hit, layer origin, shebang). Resolver returns terminal program path with layer attribution for fixtures; deterministic traversal asserted in EntryTraceAnalyzerTests.ResolveAsync_IsDeterministic.
SCANNER-ENTRYTRACE-10-403 DONE (2025-10-19) EntryTrace Guild SCANNER-ENTRYTRACE-10-402 Follow interpreter wrappers (shell → Python/Node/Java launchers) to terminal target, including module/jar detection. Interpreter tracer reports correct module/script for language launchers; tests cover Python/Node/Java wrappers.
SCANNER-ENTRYTRACE-10-404 DONE (2025-10-19) EntryTrace Guild SCANNER-ENTRYTRACE-10-403 Build Python entry analyzer detecting venv shebangs, module invocations, -m usage and record usage flag. Python fixtures produce expected module metadata (python-module edge) and diagnostics for missing scripts.
SCANNER-ENTRYTRACE-10-405 DONE (2025-10-19) EntryTrace Guild SCANNER-ENTRYTRACE-10-403 Implement Node/Java launcher analyzer capturing script/jar targets including npm lifecycle wrappers. Node/Java fixtures resolved with evidence chain; RunParts coverage ensures child scripts traced.
SCANNER-ENTRYTRACE-10-406 DONE (2025-10-19) EntryTrace Guild SCANNER-ENTRYTRACE-10-402 Surface explainability + diagnostics for unresolved constructs and emit metrics counters. Diagnostics catalog enumerates unknown reasons; metrics wired via EntryTraceMetrics; explainability doc updated.
SCANNER-ENTRYTRACE-10-407 DONE (2025-10-19) EntryTrace Guild SCANNER-ENTRYTRACE-10-401..406 Package EntryTrace analyzers as restart-time plug-ins with manifest + host registration. Plug-in manifest under plugins/scanner/entrytrace/; restart-only policy documented; DI extension exposes AddEntryTraceAnalyzer.
SCANNER-ENTRYTRACE-18-501 DONE (2025-10-29) EntryTrace Guild SCANNER-ENTRYTRACE-10-407 Build OCI config reader and layered rootfs adapter so EntryTrace can hydrate PATH, WorkingDir, User, and provenance from real images. Fixtures covering tar/dir inputs produce deterministic IRootFileSystem descriptors (whiteouts, symlinks, shebangs) and EntrypointSpecification derived from config merges with default PATH fallbacks.