stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
cbdc05b24dd756786201635a0bfac960ac5d24d2
git.stella-ops.org/docs/modules/scanner/design
History
master 79b8e53441
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Add new features and tests for AirGap and Time modules 
- Introduced `SbomService` tasks documentation.
- Updated `StellaOps.sln` to include new projects: `StellaOps.AirGap.Time` and `StellaOps.AirGap.Importer`.
- Added unit tests for `BundleImportPlanner`, `DsseVerifier`, `ImportValidator`, and other components in the `StellaOps.AirGap.Importer.Tests` namespace.
- Implemented `InMemoryBundleRepositories` for testing bundle catalog and item repositories.
- Created `MerkleRootCalculator`, `RootRotationPolicy`, and `TufMetadataValidator` tests.
- Developed `StalenessCalculator` and `TimeAnchorLoader` tests in the `StellaOps.AirGap.Time.Tests` namespace.
- Added `fetch-sbomservice-deps.sh` script for offline dependency fetching.
2025-11-20 23:29:54 +02:00
..
analyzer-prep-0132.md
Add new features and tests for AirGap and Time modules
2025-11-20 23:29:54 +02:00
deno-runtime-shim.md
nuget reorganization
2025-11-18 23:45:25 +02:00
deno-runtime-signals.md
feat: Add initial implementation of Vulnerability Resolver Jobs
2025-11-18 07:52:15 +02:00
macos-analyzer.md
feat: Implement vulnerability token signing and verification utilities
2025-11-03 10:04:10 +02:00
node-bundle-phase22.md
feat: Enhance MongoDB storage with event publishing and outbox support
2025-11-20 23:08:45 +02:00
README.md
nuget reorganization
2025-11-18 23:45:25 +02:00
ruby-analyzer.md
Add inline DSSE provenance documentation and Mongo schema
2025-11-13 00:20:33 +02:00
surface-env.md
Implement ledger metrics for observability and add tests for Ruby packages endpoints
2025-11-13 09:29:09 +02:00
surface-fs-consumers.md
feat: Add documentation and task tracking for Sprints 508 to 514 in Ops & Offline
2025-11-08 23:18:28 +02:00
surface-fs.md
Implement Advisory Canonicalization and Backfill Migration
2025-11-07 19:54:02 +02:00
surface-secrets.md
Add Authority Advisory AI and API Lifecycle Configuration
2025-11-02 13:50:25 +02:00
surface-validation.md
Add Authority Advisory AI and API Lifecycle Configuration
2025-11-02 13:50:25 +02:00
windows-analyzer.md
feat: Implement vulnerability token signing and verification utilities
2025-11-03 10:04:10 +02:00

README.md

Scanner Design Dossiers

This directory contains deep technical designs for current and upcoming analyzers and surface components.

Language analyzers

  • ruby-analyzer.md — lockfile, runtime graph, capability signals for Ruby.
  • deno-runtime-signals.md — runtime trace + policy signal contract for Deno analyzer.
  • deno-runtime-shim.md — loader/trace shim plan for runtime NDJSON capture in Deno analyzer.

Surface & platform contracts

  • surface-fs.md
  • surface-env.md
  • surface-validation.md
  • surface-secrets.md

OS ecosystem designs

  • macos-analyzer.md — Homebrew, pkgutil, .app bundle plan.
  • windows-analyzer.md — MSI, WinSxS, Chocolatey, registry collectors.

Demand & dashboards

  • ../../benchmarks/scanner/windows-macos-demand.md — demand tracker.
  • ../../benchmarks/scanner/windows-macos-interview-template.md — interview template.
  • ../../api/scanner/windows-coverage.md — coverage summary dashboard.
  • ../../api/scanner/windows-macos-summary.md — metric snapshot.

Utility & reference

  • ../operations/field-engagement.md — SE workflow guidance.
  • ../operations/analyzers.md — operational runbook.
  • ../operations/rustfs-migration.md — storage migration notes.

Maintenance tips

  • Keep demand tracker (../../benchmarks/scanner/windows-macos-demand.md) and API dashboards in sync when updating macOS/Windows designs.
  • Cross-reference policy readiness briefs for associated predicates and waiver models.

Policy readiness

  • ../policy/secret-leak-detection-readiness.md — secret leak pipeline decisions.
  • ../policy/windows-package-readiness.md — Windows analyzer policy decisions.