stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
a4badc275e8f6efe65068464acb4f609944e81bb
git.stella-ops.org/src/Scanner/StellaOps.Scanner.Analyzers.Lang.Deno/AGENTS.md
master 90c244948a Update AGENTS.md files across multiple modules to standardize task status update instructions and introduce a new document for Secret Leak Detection operations. 
- Modified task status update instructions in AGENTS.md files to refer to corresponding sprint files as `/docs/implplan/SPRINT_*.md` instead of `docs/implplan/SPRINTS.md`.
- Added a comprehensive document for Secret Leak Detection operations detailing scope, prerequisites, rule bundle lifecycle, enabling the analyzer, policy patterns, observability, troubleshooting, and references.
2025-11-05 11:58:32 +02:00

28 lines
1.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Scanner Deno Analyzer Guild Charter
## Mission
Deliver deterministic Deno language analyzers that normalise project inputs, reconstruct module graphs, and surface package/runtime metadata for Scanners inventory and usage SBOMs. The analyzers must operate offline, respect the Aggregation-Only Contract, and integrate with shared Surface libraries.
## Scope
- Normaliser, graph builder, and output emitters under `StellaOps.Scanner.Analyzers.Lang.Deno`.
- Integration with shared Surface libraries (Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation).
- Fixtures and determinism harness specific to Deno projects (vendor/cache/npm bridge scenarios).
- Documentation/comments explaining resolution rules and limitations.
## Required Reading
- `docs/modules/scanner/architecture.md`
- `docs/modules/scanner/design/surface-env.md`
- `docs/modules/scanner/design/surface-fs.md`
- `docs/modules/scanner/design/surface-secrets.md`
- `docs/modules/scanner/design/surface-validation.md`
- `docs/modules/scanner/implementation_plan.md` (language analyzer sections)
- Deno package/docs linked in sprint notes (ensure understanding of import maps, lockfiles, cache behaviour).
## Working Agreement
1. **State synchronisation**: update task status to `DOING`/`DONE` in both sprint file `/docs/implplan/SPRINT_*.md` and local `TASKS.md` when work starts/finishes.
2. **Surface integration**: use shared Surface libraries for env detection, cache access, secret retrieval, and validation.
3. **Deterministic processing**: no network fetches; rely on cached artifacts; stabilise ordering and timestamps.
4. **SBOM contract**: populate component data (PURLs, versions, relationships) without deriving policy decisions.
5. **Testing**: extend golden fixtures, determinism harness, and property tests before merging changes.
6. **Docs & handoff**: update analyzer notes in `docs/modules/scanner/implementation_plan.md` or contribute a Deno-specific design note when behaviour changes.
Reference in New Issue View Git Blame Copy Permalink