stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
ba4c935182406c64d22111f005ecd9528bc27250
git.stella-ops.org/docs/implplan/SPRINT_133_scanner_surface.md
master ae69b1a8a1 feat: Add documentation and task tracking for Sprints 508 to 514 in Ops & Offline 
- Created detailed markdown files for Sprints 508 (Ops Offline Kit), 509 (Samples), 510 (AirGap), 511 (Api), 512 (Bench), 513 (Provenance), and 514 (Sovereign Crypto Enablement) outlining tasks, dependencies, and owners.
- Introduced a comprehensive Reachability Evidence Delivery Guide to streamline the reachability signal process.
- Implemented unit tests for Advisory AI to block known injection patterns and redact secrets.
- Added AuthoritySenderConstraintHelper to manage sender constraints in OpenIddict transactions.
2025-11-08 23:18:28 +02:00

4.7 KiB
Raw Blame History

Sprint 133 - Scanner & Surface

Implementation order remains sequential across Sprint 130139. Complete each sprint in order before pulling tasks from the next file.

4. Scanner.IV — Scanner & Surface focus on Scanner (phase IV).

Dependency: Sprint 132 - 3. Scanner.III — Scanner & Surface focus on Scanner (phase III).

Task ID State Summary Owner / Source Depends On
SCANNER-ANALYZERS-NODE-22-006 TODO Detect bundles + source maps, reconstruct module specifiers, and correlate to original paths; support dual CJS/ESM graphs with conditions. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-005
SCANNER-ANALYZERS-NODE-22-007 TODO Scan for native addons (.node), WASM modules, and core capability signals (child_process, vm, worker_threads); emit hint edges and native metadata. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-006
SCANNER-ANALYZERS-NODE-22-008 TODO Produce AOC-compliant observations: entrypoints, components (pkg/native/wasm), edges (esm-import, cjs-require, exports, json, native-addon, wasm, worker) with reason codes/confidence and resolver traces. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-007
SCANNER-ANALYZERS-NODE-22-009 TODO Author fixture suite + performance benchmarks (npm, pnpm, PnP, bundle, electron, worker) with golden outputs and latency budgets. Node Analyzer Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-008
SCANNER-ANALYZERS-NODE-22-010 TODO Implement optional runtime evidence hooks (ESM loader, CJS require hook) with path scrubbing and loader ID hashing; emit runtime-* edges. Node Analyzer Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-009
SCANNER-ANALYZERS-NODE-22-011 TODO Package updated analyzer as restart-time plug-in, expose Scanner CLI (stella node *) commands, refresh Offline Kit documentation. Node Analyzer Guild, DevOps Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-010
SCANNER-ANALYZERS-NODE-22-012 TODO Integrate container filesystem adapter (OCI layers, Dockerfile hints) and record NODE_OPTIONS/env warnings. Node Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Node/TASKS.md) SCANNER-ANALYZERS-NODE-22-011
SCANNER-ANALYZERS-PHP-27-001 TODO Build input normalizer & VFS for PHP projects: merge source trees, composer manifests, vendor/, php.ini/conf.d, .htaccess, FPM configs, container layers. Detect framework/CMS fingerprints deterministically. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md)
SCANNER-ANALYZERS-PHP-27-002 TODO Composer/Autoload analyzer: parse composer.json/lock/installed.json, generate package nodes, autoload edges (psr-4/0/classmap/files), bin entrypoints, composer plugins. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md) SCANNER-ANALYZERS-PHP-27-001
SCANNER-ANALYZERS-PHP-27-003 TODO Include/require graph builder: resolve static includes, capture dynamic include patterns, bootstrap chains, merge with autoload edges. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md) SCANNER-ANALYZERS-PHP-27-002
SCANNER-ANALYZERS-PHP-27-004 TODO Runtime capability scanner: detect exec/fs/net/env/serialization/crypto/database usage, stream wrappers, uploads; record evidence snippets. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md) SCANNER-ANALYZERS-PHP-27-003
SCANNER-ANALYZERS-PHP-27-005 TODO PHAR/Archive inspector: parse phar manifests/stubs, hash files, detect embedded vendor trees and phar:// usage. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md) SCANNER-ANALYZERS-PHP-27-004
SCANNER-ANALYZERS-PHP-27-006 TODO Framework/CMS surface mapper: extract routes, controllers, middleware, CLI/cron entrypoints for Laravel/Symfony/Slim/WordPress/Drupal/Magento. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md) SCANNER-ANALYZERS-PHP-27-005
SCANNER-ANALYZERS-PHP-27-007 TODO Container & extension detector: parse php.ini/conf.d, map extensions to .so/.dll, collect web server/FPM settings, upload limits, disable_functions. PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php/TASKS.md) SCANNER-ANALYZERS-PHP-27-006