stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
9ca2de05dff9c7db11eb49df6d4e47bbfe7a99f6
git.stella-ops.org/docs/implplan-blocked/audits/csproj-standards/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/StellaOps.Scanner.Sbomer.BuildXPlugin.md

2.8 KiB
Raw Blame History

Audit - StellaOps.Scanner.Sbomer.BuildXPlugin

Project

  • Path: src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/StellaOps.Scanner.Sbomer.BuildXPlugin.csproj
  • Module: Scanner
  • Kind: Service
  • SDK: Microsoft.NET.Sdk
  • TargetFramework: net10.0
  • Audit date (UTC): 2026-01-30

Coding Standards Findings

  • Status: FAIL
  • Nullable: enable
  • TreatWarningsAsErrors: explicit true
  • Deterministic: inherited true
  • 100-line rule violations: 5
  • Service locator usage (BuildServiceProvider/GetService): 9
  • Analyzer enforcement: missing repo-wide (see summary).

Details

  • 100-line files:
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs (627 lines)
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Surface/SurfaceManifestWriter.cs (234 lines)
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Descriptor/DescriptorGenerator.cs (198 lines)
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Manifest/BuildxPluginManifestLoader.cs (189 lines)
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Surface/SurfaceCasLayout.cs (112 lines)
  • Service locator matches:
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:397 using var provider = services.BuildServiceProvider();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:398 var env = provider.GetService();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:434 using var provider = services.BuildServiceProvider();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:435 var secretProvider = provider.GetService();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:436 var env = provider.GetService();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:487 using var provider = services.BuildServiceProvider();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:488 var secretProvider = provider.GetService();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:489 var env = provider.GetService();
    • src/Scanner/StellaOps.Scanner.Sbomer.BuildXPlugin/Program.cs:602 var provider = services.BuildServiceProvider();

Fix Guidance

  • Split files over 100 lines into smaller types or partials.
  • Replace service locator usage with constructor injection.

Testing Fullness Findings

  • Status: FAIL
  • Expected layers: Unit, Performance
  • Detected test projects: src/Scanner/__Tests/StellaOps.Scanner.Sbomer.BuildXPlugin.Tests/StellaOps.Scanner.Sbomer.BuildXPlugin.Tests.csproj [Unit]
  • Missing layers: Performance

Manual checks required

  • Observability contract tests for WebService/Worker.
  • Offline execution (tests must run without network access).

Fix Guidance

  • Add performance regression coverage for scanner/export/release paths.