108d1c64b3
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
cryptopro-linux-csp / build-and-test (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
sm-remote-ci / build-and-test (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
41 lines
2.0 KiB
Markdown
41 lines
2.0 KiB
Markdown
# Deno Analyzer Scope Note (2025-12-09)
|
|
|
|
## Goals
|
|
- Define deterministic, offline-friendly scope for the Deno analyzer to move readiness from “status mismatch” to planned execution.
|
|
- Enumerate fixtures and evidence needed to mark Amber→Green once implemented.
|
|
|
|
## Inputs
|
|
- `deno.json` / `deno.jsonc` (config and import maps).
|
|
- `deno.lock` (v2) with integrity hashes.
|
|
- Source tree for `import`/`export` graph; `node_modules/` when `npm:` specifiers are used (npm compatibility mode).
|
|
- Optional: cache dir (`~/.cache/deno`) when present in extracted images.
|
|
|
|
## Outputs
|
|
- Inventory of modules:
|
|
- `pkg:deno/<specifier>@<version>` for remote modules (normalize to URL without fragment).
|
|
- `pkg:npm/<name>@<version>` for `npm:` dependencies with lock hash.
|
|
- `pkg:file/<path>` for local modules (relative POSIX paths).
|
|
- Dependency edges:
|
|
- From importer to imported specifier with resolved path/URL.
|
|
- Include type (remote/local/npm), integrity (sha256 from lock), and media type when available.
|
|
- Metadata:
|
|
- Deno version (from lock/config if present).
|
|
- Import map path and hash.
|
|
- NPM compatibility flag + resolved registry scope when npm used.
|
|
|
|
## Determinism & Offline
|
|
- Never fetch network resources; rely solely on `deno.lock` + on-disk files.
|
|
- Normalize paths to POSIX; stable sorting (source path, then target).
|
|
- Hashes: prefer lock integrity; otherwise SHA-256 over file bytes for local modules.
|
|
|
|
## Fixtures / Backlog
|
|
1) Remote-only project with `deno.lock` (http imports) and import map.
|
|
2) Mixed project using `npm:` specifiers with `node_modules/` present.
|
|
3) Local-only project (relative imports) without lockfile → expect finding + no inventory.
|
|
4) Image/extracted cache with populated `~/.cache/deno` to verify offline reuse.
|
|
|
|
## Status & Next Steps
|
|
- Implement parser to ingest `deno.lock` v2 and import map; add graph builder over source files.
|
|
- Add fixtures under `src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/**` with goldens; keep hashes stable.
|
|
- Update readiness checkpoints once fixtures land and TRX/binlogs captured.
|