75c2bcafce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Implemented LdapDistinguishedNameHelper for escaping RDN and filter values. - Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context. - Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events. - Introduced AuthorityAuditSink for persisting audit records with structured logging. - Added CryptoPro related classes for certificate resolution and signing operations.
5.5 KiB
5.5 KiB
Sprint 134 - Scanner & Surface
Implementation order remains sequential across Sprint 130–139. Complete each sprint in order before pulling tasks from the next file.
5. Scanner.V — Scanner & Surface focus on Scanner (phase V).
Dependency: Sprint 133 - 4. Scanner.IV — Scanner & Surface focus on Scanner (phase IV).
| Task ID | State | Summary | Owner / Source | Depends On |
|---|---|---|---|---|
SCANNER-ANALYZERS-PHP-27-009 |
TODO | Fixture suite + performance benchmarks (Laravel, Symfony, WordPress, legacy, PHAR, container) with golden outputs. | PHP Analyzer Guild, QA Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | SCANNER-ANALYZERS-PHP-27-007 |
SCANNER-ANALYZERS-PHP-27-010 |
TODO | Optional runtime evidence hooks (if provided) to ingest audit logs or opcode cache stats with path hashing. | PHP Analyzer Guild, Signals Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | SCANNER-ANALYZERS-PHP-27-009 |
SCANNER-ANALYZERS-PHP-27-011 |
TODO | Package analyzer plug-in, add CLI (stella php inspect), refresh Offline Kit documentation. |
PHP Analyzer Guild, DevOps Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | SCANNER-ANALYZERS-PHP-27-010 |
SCANNER-ANALYZERS-PHP-27-012 |
TODO | Policy signal emitter: extension requirements/presence, dangerous constructs counters, stream wrapper usage, capability summaries. | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | SCANNER-ANALYZERS-PHP-27-011 |
SCANNER-ANALYZERS-PHP-27-008 |
TODO | Produce AOC-compliant observations: entrypoints, packages, extensions, modules, edges (require/autoload), capabilities, routes, configs. | PHP Analyzer Guild (src/Scanner/StellaOps.Scanner.Analyzers.Lang.Php) | SCANNER-ANALYZERS-PHP-27-002 |
SCANNER-ANALYZERS-PYTHON-23-001 |
TODO | Build input normalizer & virtual filesystem for wheels, sdists, editable installs, zipapps, site-packages trees, and container roots. Detect Python version targets (pyproject.toml, runtime.txt, Dockerfile) + virtualenv layout deterministically. |
Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | — |
SCANNER-ANALYZERS-PYTHON-23-002 |
TODO | Entrypoint discovery: module __main__, console_scripts entry points, scripts, zipapp main, manage.py/gunicorn/celery patterns. Capture invocation context (module vs package, argv wrappers). |
Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-001 |
SCANNER-ANALYZERS-PYTHON-23-003 |
TODO | Static import graph builder using AST and bytecode fallback. Support import, from ... import, relative imports, importlib.import_module, __import__ with literal args, pkgutil.extend_path. |
Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-002 |
SCANNER-ANALYZERS-PYTHON-23-004 |
TODO | Python resolver engine (importlib semantics) handling namespace packages (PEP 420), package discovery order, .pth files, sys.path composition, zipimport, and site-packages precedence across virtualenv/container roots. |
Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-003 |
SCANNER-ANALYZERS-PYTHON-23-005 |
TODO | Packaging adapters: pip editable (.egg-link), Poetry/Flit layout, Conda prefix, .dist-info/RECORD cross-check, container layer overlays. |
Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-004 |
SCANNER-ANALYZERS-PYTHON-23-006 |
TODO | Detect native extensions (*.so, *.pyd), CFFI modules, ctypes loaders, embedded WASM, and runtime capability signals (subprocess, multiprocessing, ctypes, eval). |
Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-005 |
SCANNER-ANALYZERS-PYTHON-23-007 |
TODO | Framework/config heuristics: Django, Flask, FastAPI, Celery, AWS Lambda handlers, Gunicorn, Click/Typer CLIs, logging configs, pyproject optional dependencies. Tagged as hints only. | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-006 |
SCANNER-ANALYZERS-PYTHON-23-008 |
TODO | Produce AOC-compliant observations: entrypoints, components (modules/packages/native), edges (import, namespace, dynamic-hint, native-extension) with reason codes/confidence and resolver traces. | Python Analyzer Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-007 |
SCANNER-ANALYZERS-PYTHON-23-009 |
TODO | Fixture suite + perf benchmarks covering virtualenv, namespace packages, zipapp, editable installs, containers, lambda handler. | Python Analyzer Guild, QA Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-008 |
SCANNER-ANALYZERS-PYTHON-23-010 |
TODO | Optional runtime evidence: import hook capturing module load events with path scrubbing, optional bytecode instrumentation for importlib hooks, multiprocessing tracer. |
Python Analyzer Guild, Signals Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-009 |
SCANNER-ANALYZERS-PYTHON-23-011 |
TODO | Package analyzer plug-in, add CLI commands (stella python inspect), refresh Offline Kit documentation. |
Python Analyzer Guild, DevOps Guild (src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Python) | SCANNER-ANALYZERS-PYTHON-23-010 |