stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9e5e958d42ecddbe3e5a321ea0c0d31d1088ce20
git.stella-ops.org/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.DotNet/TASKS.md
master 9e5e958d42
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries 
- Added detailed task completion records for KMS interface implementation and CLI support for file-based keys.
- Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations.
- Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.
2025-10-31 14:33:05 +02:00

2.6 KiB
Raw Blame History

.NET Analyzer Task Flow

Seq ID Status Depends on Description Exit Criteria

.NET Entry-Point & Dependency Resolver (Sprint 11)

ID Status Owner(s) Depends on Description Exit Criteria
SCANNER-ANALYZERS-LANG-11-001 TODO StellaOps.Scanner EPDR Guild, Language Analyzer Guild - Build entrypoint resolver that maps project/publish artifacts to entrypoint identities (assembly name, MVID, TFM, RID) and environment profiles (publish mode, host kind, probing paths). Output normalized entrypoints[] records with deterministic IDs. Entrypoint records produced for fixtures (framework-dependent, self-contained, single-file, multi-TFM/RID); determinism check passes; docs updated.
SCANNER-ANALYZERS-LANG-11-002 TODO StellaOps.Scanner EPDR Guild SCANNER-ANALYZERS-LANG-11-001 Implement static analyzer (IL + reflection heuristics) capturing AssemblyRef, ModuleRef/PInvoke, DynamicDependency, reflection literals, DI patterns, and custom AssemblyLoadContext probing hints. Emit dependency edges with reason codes and confidence. Static analysis coverage demonstrated on fixtures; edges carry reason codes (il-assemblyref, il-moduleref, reflection-literal, alc-probing); tests cover trimmed/single-file cases.
SCANNER-ANALYZERS-LANG-11-003 TODO StellaOps.Scanner EPDR Guild, Signals Guild SCANNER-ANALYZERS-LANG-11-002 Ingest optional runtime evidence (AssemblyLoad, Resolving, P/Invoke) via event listener harness; merge runtime edges with static/declared ones and attach reason codes/confidence. Runtime listener service pluggable; fixtures record runtime edges; merged output shows combined reason set with confidence per edge.
SCANNER-ANALYZERS-LANG-11-004 TODO StellaOps.Scanner EPDR Guild, SBOM Service Guild SCANNER-ANALYZERS-LANG-11-002 Produce normalized observation export to Scanner writer: entrypoints + dependency edges + environment profiles (AOC compliant). Wire to SBOM service entrypoint tagging. Analyzer writes observation records consumed by SBOM service tests; AOC compliance docs updated; determinism checked.
SCANNER-ANALYZERS-LANG-11-005 TODO StellaOps.Scanner EPDR Guild, QA Guild SCANNER-ANALYZERS-LANG-11-004 Add comprehensive fixtures/benchmarks covering framework-dependent, self-contained, single-file, trimmed, NativeAOT, multi-RID scenarios; include explain traces and perf benchmarks vs previous analyzer. Fixtures stored under fixtures/lang/dotnet/epdr; determinism + perf thresholds validated; benchmark results documented.