56c687253f
feat(ruby): Add RubyVendorArtifactCollector to collect vendor artifacts test(deno): Add golden tests for Deno analyzer with various fixtures test(deno): Create Deno module and package files for testing test(deno): Implement Deno lock and import map for dependency management test(deno): Add FFI and worker scripts for Deno testing feat(ruby): Set up Ruby workspace with Gemfile and dependencies feat(ruby): Add expected output for Ruby workspace tests feat(signals): Introduce CallgraphManifest model for signal processing
3.5 KiB
Sprint 143 - Runtime & Signals · 140.C) Signals
Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08).
[Runtime & Signals] 140.C) Signals Depends on: Sprint 120.A - AirGap, Sprint 130.A - Scanner Summary: Runtime & Signals focus on Signals — reachability ingestion and scoring. Notes:
- 2025-10-29: Skeleton live with scope policies, stub endpoints, and integration tests; sample configuration committed under
etc/signals.yaml.sample. - 2025-10-29: JSON parsers for Java/Node.js/Python/Go implemented; artifacts stored on filesystem with SHA-256 and callgraphs upserted into Mongo.
Task ID State Task description Owners (Source) SIGNALS-24-001 DONE (2025-11-09) Stand up Signals API skeleton with RBAC, sealed-mode config, DPoP/mTLS enforcement, and /factsscaffolding so downstream ingestion work can begin. Dependencies: AUTH-SIG-26-001.Signals Guild, Authority Guild (src/Signals/StellaOps.Signals)
2025-11-09: Signals host now registers sealed-mode evidence validation, exposes
/readyz//statusindicators, enforces scope policies, and adds/signals/facts/{subjectKey}retrieval plus runtime-facts ingestion backing services. SIGNALS-24-002 | DOING (2025-11-07) | Implement callgraph ingestion/normalization (Java/Node/Python/Go) with CAS persistence and retrieval APIs to feed reachability scoring. Dependencies: SIGNALS-24-001. | Signals Guild (src/Signals/StellaOps.Signals) 2025-11-09: Added/signals/callgraphs/{id}retrieval, sealed-mode gating, and CAS-backed artifact metadata responses; remaining work is CAS bucket promotion + signed graph manifests. SIGNALS-24-003 | DOING (2025-11-09) | Implement runtime facts ingestion endpoint and normalizer (process, sockets, container metadata) populatingcontext_factswith AOC provenance.
2025-11-09: Initial JSON ingestion service + persistence landed; NDJSON/gzip + context enrichment remain TODO. | Signals Guild, Runtime Guild (src/Signals/StellaOps.Signals) 2025-11-07: Waiting on SIGNALS-24-001 / SIGNALS-24-002 DOING work to land before flipping this to DOING. 2025-11-07: Upstream SIGNALS-24-001 / SIGNALS-24-002 now DOING; this flips to DOING once host + callgraph ingestion merge. 2025-11-08: Targeting 2025-11-09 merge for SIGNALS-24-001/002; schema + AOC contract drafted so SIGNALS-24-003 can move to DOING immediately after those PRs land (dependencies confirmed, none missing). 2025-11-09: Added runtime facts ingestion service + endpoint, aggregated runtime hit storage, and unit tests; next steps are NDJSON/gzip ingestion and provenance metadata wiring. 2025-11-09: Added/signals/runtime-facts/ndjsonstreaming endpoint (JSON/NDJSON + gzip) with sealed-mode gating; provenance/context enrichment + scoring linkage remain. SIGNALS-24-004 | BLOCKED (2025-10-27) | Deliver reachability scoring engine producing states/scores and writing toreachability_facts; expose configuration for weights. Dependencies: SIGNALS-24-003.
2025-10-27: Upstream ingestion pipelines (SIGNALS-24-002/003) blocked; scoring engine cannot proceed. | Signals Guild, Data Science (src/Signals/StellaOps.Signals) SIGNALS-24-005 | BLOCKED (2025-10-27) | Implement Redis caches (reachability_cache:*), invalidation on new facts, and publishsignals.fact.updatedevents. Dependencies: SIGNALS-24-004.
2025-10-27: Awaiting scoring engine and ingestion layers before wiring cache/events. | Signals Guild, Platform Events Guild (src/Signals/StellaOps.Signals)