gitgalaxy 2.0.3__tar.gz → 2.0.5__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. {gitgalaxy-2.0.3/gitgalaxy.egg-info → gitgalaxy-2.0.5}/PKG-INFO +40 -31
  2. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/README.md +37 -28
  3. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/cobol_refractor_controller.py +9 -9
  4. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/cobol_to_java_controller.py +6 -6
  5. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/aperture.py +1 -1
  6. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/galaxyscope.py +21 -10
  7. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/physics/spectral_auditor.py +1 -1
  8. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/recorders/audit_recorder.py +1 -1
  9. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/recorders/llm_recorder.py +2 -2
  10. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/security/security_lens.py +2 -28
  11. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/compliance/sbom_generator.py +68 -1
  12. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +2 -2
  13. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +15 -3
  14. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5/gitgalaxy.egg-info}/PKG-INFO +40 -31
  15. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy.egg-info/SOURCES.txt +2 -1
  16. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/pyproject.toml +3 -5
  17. gitgalaxy-2.0.5/tests/test_galaxyscope.py +61 -0
  18. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/LICENSE +0 -0
  19. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/MANIFEST.in +0 -0
  20. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/__init__.py +0 -0
  21. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/__init__.py +0 -0
  22. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/detector.py +0 -0
  23. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/guidestar_lens.py +0 -0
  24. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/network_risk_sensor.py +0 -0
  25. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/prism.py +0 -0
  26. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/core/state_rehydrator.py +0 -0
  27. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/physics/__init__.py +0 -0
  28. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/physics/chronometer.py +0 -0
  29. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/physics/neural_auditor.py +0 -0
  30. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/physics/signal_processor.py +0 -0
  31. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/recorders/__init__.py +0 -0
  32. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/recorders/gpu_recorder.py +0 -0
  33. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/recorders/record_keeper.py +0 -0
  34. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/security/__init__.py +0 -0
  35. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/security/security_auditor.py +0 -0
  36. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/standards/__init__.py +0 -0
  37. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/standards/analysis_lens.py +0 -0
  38. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/standards/gitgalaxy_config.py +0 -0
  39. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/standards/language_lens.py +0 -0
  40. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/standards/language_standards.py +0 -0
  41. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/__init__.py +0 -0
  42. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
  43. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
  44. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
  45. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
  46. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
  47. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
  48. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
  49. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +0 -0
  50. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -0
  51. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
  52. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
  53. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
  54. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
  55. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
  56. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
  57. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
  58. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +0 -0
  59. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
  60. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
  61. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
  62. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/network_auditing/full_api_network_map.py +0 -0
  63. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
  64. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
  65. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +0 -0
  66. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy.egg-info/dependency_links.txt +0 -0
  67. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy.egg-info/entry_points.txt +0 -0
  68. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/gitgalaxy.egg-info/top_level.txt +0 -0
  69. {gitgalaxy-2.0.3 → gitgalaxy-2.0.5}/setup.cfg +0 -0
@@ -1,8 +1,8 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: gitgalaxy
3
- Version: 2.0.3
3
+ Version: 2.0.5
4
4
  Summary: An AST-free, zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
5
- Author: Joseph Michael Esquibel
5
+ Author: Joe Esquibel
6
6
  Project-URL: Homepage, https://gitgalaxy.io
7
7
  Project-URL: Documentation, https://squid-protocol.github.io/gitgalaxy/
8
8
  Project-URL: Source, https://github.com/squid-protocol/gitgalaxy
@@ -16,7 +16,7 @@ Classifier: Topic :: Software Development :: Quality Assurance
16
16
  Classifier: Topic :: Scientific/Engineering :: Visualization
17
17
  Classifier: Intended Audience :: Developers
18
18
  Classifier: Intended Audience :: Information Technology
19
- Requires-Python: >=3.8
19
+ Requires-Python: >=3.9
20
20
  Description-Content-Type: text/markdown
21
21
  License-File: LICENSE
22
22
  Dynamic: license-file
@@ -38,32 +38,36 @@ Dynamic: license-file
38
38
  [![Zero Dependencies](https://img.shields.io/badge/Dependencies-0-brightgreen.svg)](https://pypi.org/project/gitgalaxy/)
39
39
  [![Airgap Ready](https://img.shields.io/badge/Security-Airgap_Ready-teal.svg)](#)
40
40
 
41
- ### **The blAST Engine: A custom heuristics-based AST-free Knowledge Graph Generator**
41
+ ### **AST-Free Static Analysis & Knowledge Graph Engine**
42
42
 
43
- The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
43
+ The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
44
44
 
45
- By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
45
+ ### Scanning Apollo-11 with the blAST Engine
46
46
 
47
- The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
47
+ ![GitGalaxy CLI Scan](./docs/wiki/assets/apollo11_scan.gif)
48
+
49
+ By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
50
+
51
+ The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
48
52
 
49
53
  Every assumption our system makes has been abstracted into over 300 tunable variables. Think of GitGalaxy as a highly calibrated telescope. You can query the number of active API network nodes, isolate unique external imports, or highlight functions exhibiting extreme cognitive load—all adjusted via custom whitelists and blacklists to eliminate false-positive fatigue. Field-tested on over 1,000 repositories spanning 50+ languages and 250+ extensions, the engine comes equipped with smart defaults ready for immediate deployment.
50
54
 
51
- **Core Technology**
55
+ **Core Codebase Mapping Technology**
52
56
  * Bypasses LLMs and rigid ASTs.
53
57
  * Doesn't require code to compile (AST-free).
54
58
  * Produces full function-to-function call chains.
55
59
  * Deterministically maps code by 60+ keyword regex profiles (Structural markers, I/O intents, state mutations).
56
- * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
60
+ * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
57
61
  * Eliminates LLM architectural hallucinations and context window limits.
58
62
  * Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](gitgalaxy/standards/HOW_TO_ADD_LANGUAGE.md))**
59
63
 
60
- **Extreme Velocity & Scale**
64
+ **Enterprise Scale & Performance Metrics**
61
65
  * 100,000 LOC/sec code analysis.
62
66
  * 0.07 GB/sec raw log ingestion.
63
67
  * Full-system scans in minutes without data sampling.
64
68
  * 100% daily system coverage.
65
69
 
66
- **Scientific Claims & Validation**
70
+ **Methodology & Comparative Benchmarks**
67
71
  GitGalaxy is backed by an academic-grade thesis detailing the equations powering the blAST engine.
68
72
 
69
73
  * **[Optimum Search Strategies Evolve](https://squid-protocol.github.io/gitgalaxy/03-01-claim-1-search-strategies/):** AST-free mapping. Outperforms rigid parsers and LLM context windows.
@@ -71,15 +75,14 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
71
75
  * **[All languages have keywords that roughly do the same thing, these can be grouped to make cross-language keyword maps](https://squid-protocol.github.io/gitgalaxy/03-03-claim-3-taxonomy-map/):** Standardizes 50+ languages into a single universal physical framework.
72
76
  * **[Cross-Language Comparisons of over 1000 repos](https://squid-protocol.github.io/gitgalaxy/03-04-claim-4-comparing-languages/):** Deterministic 1:1 benchmarking of distinct syntax architectures.
73
77
  * **[Universal File Archetypes by k-means clustering](https://squid-protocol.github.io/gitgalaxy/03-05-claim-5-file-archetypes/):** ML isolation of files into K-means clusters (e.g., "The God Nodes," "Declarative Glue").
74
- * **[Assessing the blAST engines cross-language capbility over 10 different DOOM ports](https://squid-protocol.github.io/gitgalaxy/03-07-claim-7-doom-comparisons/):** Comparative function analysis across 10 distinct DOOM source ports.
75
- * **Mainframe Proven:** Successful from-scratch translation of legacy COBOL monoliths to compiling Spring Boot architectures.
78
+ * **[Mainframe Proven: 100% CI/CD Translation Success Rate](https://github.com/squid-protocol/gitgalaxy/tree/main/examples/ibm_cics_translation):** Flawless architectural translation of 27 distinct legacy COBOL repositories (including IBM CICS benchmark apps) into compiling Java Spring Boot environments.
76
79
 
77
- **Security & Deployment**
80
+ **Data Privacy & On-Premise Deployment**
78
81
  * 100% air-gapped execution.
79
82
  * On-premise deployment with zero IP exfiltration risk.
80
83
  * Zero-trust processing model.
81
84
 
82
- **How to use**
85
+ **Installation & Usage**
83
86
  * Python-based: `pip install gitgalaxy`
84
87
  * CLI execution
85
88
  * Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
@@ -88,7 +91,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
88
91
 
89
92
  ---
90
93
 
91
- ## Quickstart
94
+ ## Quickstart Guide
92
95
 
93
96
  ### 1. Install
94
97
 
@@ -107,39 +110,45 @@ galaxyscope /path/to/your/local/repo
107
110
 
108
111
  ---
109
112
 
110
- ### [Project Overview](docs/wiki/01-project-overview.md)
113
+ ### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
111
114
  The central blAST engine. It bypasses rigid ASTs using mathematical heuristics to map O(N) multi-dimensional relationships across 50+ languages, managing signal processing, spatial layout, and high-speed SQLite telemetry recording.
112
115
 
113
116
 
114
117
 
115
- ## The GitGalaxy Ecosystem
118
+ ## Enterprise Codebase Tools & Use Cases
116
119
 
117
- GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations. The following toolsets provide novel heuristic solutions to several open problems in computing.
120
+ GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations.
118
121
 
119
- ### [Legacy Modernization: Converting Raw Cobol Repos to Java Spring Boots](gitgalaxy/tools/cobol_to_java/)
122
+ ### [Automated Legacy Migration: COBOL to Java Spring Boot](gitgalaxy/tools/cobol_to_java/)
120
123
  A deterministic, high-fidelity translation pipeline. It converts legacy COBOL into fully compiling, modern Spring Boot architectures, mapping memory exactly and scaffolding JPA entities, REST controllers, and Maven builds before utilizing AI to translate isolated business logic.
124
+ * **Proven Metric:** Achieved a perfect 27/27 Maven compile success rate across a batch test of distinct legacy repos.
125
+ * **Verify for Yourself:** [Inspect the raw outputs of the IBM CICS Application Translation here.](examples/ibm_cics_translation/)
121
126
 
122
- ### [Legacy Modernization: Converting Raw Cobol Repos to cleaner Cobol Repos](gitgalaxy/tools/cobol_to_cobol/)
127
+ ![Java Forge & Batch Test](./docs/wiki/assets/java_forge_and_batch_test.gif)
128
+
129
+ ### [Mainframe Refactoring: COBOL & JCL Optimization](gitgalaxy/tools/cobol_to_cobol/)
123
130
  A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutralizes legacy lexical traps, extracts dead "Graveyard" memory, maps topological DAG execution orders, and generates Zero-Trust JCL configurations for modern cloud deployments.
131
+ * **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
124
132
 
125
- ### [Supply Chain Security](gitgalaxy/tools/supply_chain_security/)
133
+ ### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
126
134
  Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
127
135
 
128
- ### [Network Auditing](gitgalaxy/tools/network_auditing/)
136
+ ### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
137
+ A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
138
+ * **Proven Metric:** Successfully mapped and mathematically verified the physical internals of 170 unique Go modules inside the local Kubernetes repository.
139
+
140
+ ### [API Security & Shadow API Detection](gitgalaxy/tools/network_auditing/)
129
141
  A deterministic mapping tool that hunts undocumented vulnerabilities. It uses structural regex to find active physical routing logic (Express, Spring Boot, FastAPI) and applies set theory against official OpenAPI/Swagger documentation to isolate critical Shadow APIs and outdated Ghost APIs.
130
142
 
131
- ### [Terabyte Log Scanning](gitgalaxy/tools/terabyte_log_scanning/)
143
+ ### [High-Speed PII Detection & Log Analysis](gitgalaxy/tools/terabyte_log_scanning/)
132
144
  Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive database dumps to deterministically hunt and mask PII (Credit Cards, SSNs, AWS Keys) and uses static architecture maps to prove exact runtime execution frequencies with ASCII time-series histograms.
133
145
 
134
- ### [Compliance Operations - SBOM Generators](gitgalaxy/tools/compliance/)
135
- A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
136
-
137
- ### [AI Guardrails](gitgalaxy/tools/ai_guardrails/)
146
+ ### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
138
147
  Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
139
148
 
140
- ## The Web Viewer (Frictionless Dashboards)
149
+ ## Local Browser-Based 3D Codebase Visualization
141
150
 
142
- If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
151
+ If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
143
152
 
144
153
  Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
145
154
 
@@ -147,7 +156,7 @@ Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip
147
156
 
148
157
  ![GitGalaxy native SQLite3 database schema for AST-free enterprise codebase mapping and cybersecurity auditing](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/sqlite_overview.png)
149
158
 
150
- ## Zero-Trust Architecture
159
+ ## Zero-Trust Data Security
151
160
 
152
161
  Your code never leaves your machine. GitGalaxy performs 100% of its scanning and vectorization locally.
153
162
 
@@ -15,32 +15,36 @@
15
15
  [![Zero Dependencies](https://img.shields.io/badge/Dependencies-0-brightgreen.svg)](https://pypi.org/project/gitgalaxy/)
16
16
  [![Airgap Ready](https://img.shields.io/badge/Security-Airgap_Ready-teal.svg)](#)
17
17
 
18
- ### **The blAST Engine: A custom heuristics-based AST-free Knowledge Graph Generator**
18
+ ### **AST-Free Static Analysis & Knowledge Graph Engine**
19
19
 
20
- The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
20
+ The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
21
21
 
22
- By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
22
+ ### Scanning Apollo-11 with the blAST Engine
23
23
 
24
- The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
24
+ ![GitGalaxy CLI Scan](./docs/wiki/assets/apollo11_scan.gif)
25
+
26
+ By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
27
+
28
+ The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
25
29
 
26
30
  Every assumption our system makes has been abstracted into over 300 tunable variables. Think of GitGalaxy as a highly calibrated telescope. You can query the number of active API network nodes, isolate unique external imports, or highlight functions exhibiting extreme cognitive load—all adjusted via custom whitelists and blacklists to eliminate false-positive fatigue. Field-tested on over 1,000 repositories spanning 50+ languages and 250+ extensions, the engine comes equipped with smart defaults ready for immediate deployment.
27
31
 
28
- **Core Technology**
32
+ **Core Codebase Mapping Technology**
29
33
  * Bypasses LLMs and rigid ASTs.
30
34
  * Doesn't require code to compile (AST-free).
31
35
  * Produces full function-to-function call chains.
32
36
  * Deterministically maps code by 60+ keyword regex profiles (Structural markers, I/O intents, state mutations).
33
- * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
37
+ * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
34
38
  * Eliminates LLM architectural hallucinations and context window limits.
35
39
  * Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](gitgalaxy/standards/HOW_TO_ADD_LANGUAGE.md))**
36
40
 
37
- **Extreme Velocity & Scale**
41
+ **Enterprise Scale & Performance Metrics**
38
42
  * 100,000 LOC/sec code analysis.
39
43
  * 0.07 GB/sec raw log ingestion.
40
44
  * Full-system scans in minutes without data sampling.
41
45
  * 100% daily system coverage.
42
46
 
43
- **Scientific Claims & Validation**
47
+ **Methodology & Comparative Benchmarks**
44
48
  GitGalaxy is backed by an academic-grade thesis detailing the equations powering the blAST engine.
45
49
 
46
50
  * **[Optimum Search Strategies Evolve](https://squid-protocol.github.io/gitgalaxy/03-01-claim-1-search-strategies/):** AST-free mapping. Outperforms rigid parsers and LLM context windows.
@@ -48,15 +52,14 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
48
52
  * **[All languages have keywords that roughly do the same thing, these can be grouped to make cross-language keyword maps](https://squid-protocol.github.io/gitgalaxy/03-03-claim-3-taxonomy-map/):** Standardizes 50+ languages into a single universal physical framework.
49
53
  * **[Cross-Language Comparisons of over 1000 repos](https://squid-protocol.github.io/gitgalaxy/03-04-claim-4-comparing-languages/):** Deterministic 1:1 benchmarking of distinct syntax architectures.
50
54
  * **[Universal File Archetypes by k-means clustering](https://squid-protocol.github.io/gitgalaxy/03-05-claim-5-file-archetypes/):** ML isolation of files into K-means clusters (e.g., "The God Nodes," "Declarative Glue").
51
- * **[Assessing the blAST engines cross-language capbility over 10 different DOOM ports](https://squid-protocol.github.io/gitgalaxy/03-07-claim-7-doom-comparisons/):** Comparative function analysis across 10 distinct DOOM source ports.
52
- * **Mainframe Proven:** Successful from-scratch translation of legacy COBOL monoliths to compiling Spring Boot architectures.
55
+ * **[Mainframe Proven: 100% CI/CD Translation Success Rate](https://github.com/squid-protocol/gitgalaxy/tree/main/examples/ibm_cics_translation):** Flawless architectural translation of 27 distinct legacy COBOL repositories (including IBM CICS benchmark apps) into compiling Java Spring Boot environments.
53
56
 
54
- **Security & Deployment**
57
+ **Data Privacy & On-Premise Deployment**
55
58
  * 100% air-gapped execution.
56
59
  * On-premise deployment with zero IP exfiltration risk.
57
60
  * Zero-trust processing model.
58
61
 
59
- **How to use**
62
+ **Installation & Usage**
60
63
  * Python-based: `pip install gitgalaxy`
61
64
  * CLI execution
62
65
  * Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
@@ -65,7 +68,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
65
68
 
66
69
  ---
67
70
 
68
- ## Quickstart
71
+ ## Quickstart Guide
69
72
 
70
73
  ### 1. Install
71
74
 
@@ -84,39 +87,45 @@ galaxyscope /path/to/your/local/repo
84
87
 
85
88
  ---
86
89
 
87
- ### [Project Overview](docs/wiki/01-project-overview.md)
90
+ ### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
88
91
  The central blAST engine. It bypasses rigid ASTs using mathematical heuristics to map O(N) multi-dimensional relationships across 50+ languages, managing signal processing, spatial layout, and high-speed SQLite telemetry recording.
89
92
 
90
93
 
91
94
 
92
- ## The GitGalaxy Ecosystem
95
+ ## Enterprise Codebase Tools & Use Cases
93
96
 
94
- GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations. The following toolsets provide novel heuristic solutions to several open problems in computing.
97
+ GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations.
95
98
 
96
- ### [Legacy Modernization: Converting Raw Cobol Repos to Java Spring Boots](gitgalaxy/tools/cobol_to_java/)
99
+ ### [Automated Legacy Migration: COBOL to Java Spring Boot](gitgalaxy/tools/cobol_to_java/)
97
100
  A deterministic, high-fidelity translation pipeline. It converts legacy COBOL into fully compiling, modern Spring Boot architectures, mapping memory exactly and scaffolding JPA entities, REST controllers, and Maven builds before utilizing AI to translate isolated business logic.
101
+ * **Proven Metric:** Achieved a perfect 27/27 Maven compile success rate across a batch test of distinct legacy repos.
102
+ * **Verify for Yourself:** [Inspect the raw outputs of the IBM CICS Application Translation here.](examples/ibm_cics_translation/)
98
103
 
99
- ### [Legacy Modernization: Converting Raw Cobol Repos to cleaner Cobol Repos](gitgalaxy/tools/cobol_to_cobol/)
104
+ ![Java Forge & Batch Test](./docs/wiki/assets/java_forge_and_batch_test.gif)
105
+
106
+ ### [Mainframe Refactoring: COBOL & JCL Optimization](gitgalaxy/tools/cobol_to_cobol/)
100
107
  A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutralizes legacy lexical traps, extracts dead "Graveyard" memory, maps topological DAG execution orders, and generates Zero-Trust JCL configurations for modern cloud deployments.
108
+ * **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
101
109
 
102
- ### [Supply Chain Security](gitgalaxy/tools/supply_chain_security/)
110
+ ### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
103
111
  Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
104
112
 
105
- ### [Network Auditing](gitgalaxy/tools/network_auditing/)
113
+ ### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
114
+ A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
115
+ * **Proven Metric:** Successfully mapped and mathematically verified the physical internals of 170 unique Go modules inside the local Kubernetes repository.
116
+
117
+ ### [API Security & Shadow API Detection](gitgalaxy/tools/network_auditing/)
106
118
  A deterministic mapping tool that hunts undocumented vulnerabilities. It uses structural regex to find active physical routing logic (Express, Spring Boot, FastAPI) and applies set theory against official OpenAPI/Swagger documentation to isolate critical Shadow APIs and outdated Ghost APIs.
107
119
 
108
- ### [Terabyte Log Scanning](gitgalaxy/tools/terabyte_log_scanning/)
120
+ ### [High-Speed PII Detection & Log Analysis](gitgalaxy/tools/terabyte_log_scanning/)
109
121
  Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive database dumps to deterministically hunt and mask PII (Credit Cards, SSNs, AWS Keys) and uses static architecture maps to prove exact runtime execution frequencies with ASCII time-series histograms.
110
122
 
111
- ### [Compliance Operations - SBOM Generators](gitgalaxy/tools/compliance/)
112
- A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
113
-
114
- ### [AI Guardrails](gitgalaxy/tools/ai_guardrails/)
123
+ ### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
115
124
  Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
116
125
 
117
- ## The Web Viewer (Frictionless Dashboards)
126
+ ## Local Browser-Based 3D Codebase Visualization
118
127
 
119
- If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
128
+ If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
120
129
 
121
130
  Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
122
131
 
@@ -124,7 +133,7 @@ Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip
124
133
 
125
134
  ![GitGalaxy native SQLite3 database schema for AST-free enterprise codebase mapping and cybersecurity auditing](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/sqlite_overview.png)
126
135
 
127
- ## Zero-Trust Architecture
136
+ ## Zero-Trust Data Security
128
137
 
129
138
  Your code never leaves your machine. GitGalaxy performs 100% of its scanning and vectorization locally.
130
139
 
@@ -13,15 +13,15 @@ from pathlib import Path
13
13
  from datetime import datetime
14
14
 
15
15
  # Import the core logic functions directly
16
- from tools.cobol_jcl_forge import analyze_cobol_intent, generate_zero_trust_jcl
17
- from tools.cobol_dag_architect import extract_lineage
18
- from tools.cobol_graveyard_finder import x_ray_dead_code
19
- from tools.cobol_schema_forge import forge_schemas
20
- from tools.cobol_microservice_slicer import slice_business_logic
21
- from tools.cobol_system_limits_reporter import scan_system_limits
22
- from tools.cobol_lexical_patcher import patch_lexical_traps
23
- from tools.cobol_jcl_auditor import audit_zero_trust_jcls
24
- from tools.cobol_agent_task_forge import forge_agent_jobs
16
+ from gitgalaxy.tools.cobol_to_cobol.cobol_jcl_forge import analyze_cobol_intent, generate_zero_trust_jcl
17
+ from gitgalaxy.tools.cobol_to_cobol.cobol_dag_architect import extract_lineage
18
+ from gitgalaxy.tools.cobol_to_cobol.cobol_graveyard_finder import x_ray_dead_code
19
+ from gitgalaxy.tools.cobol_to_cobol.cobol_schema_forge import forge_schemas
20
+ from gitgalaxy.tools.cobol_to_cobol.cobol_microservice_slicer import slice_business_logic
21
+ from gitgalaxy.tools.cobol_to_cobol.cobol_system_limits_reporter import scan_system_limits
22
+ from gitgalaxy.tools.cobol_to_cobol.cobol_lexical_patcher import patch_lexical_traps
23
+ from gitgalaxy.tools.cobol_to_cobol.cobol_jcl_auditor import audit_zero_trust_jcls
24
+ from gitgalaxy.tools.cobol_to_cobol.cobol_agent_task_forge import forge_agent_jobs
25
25
 
26
26
  # ==============================================================================
27
27
  # THE SCALE SENSOR & HYBRID STATE MANAGER
@@ -13,12 +13,12 @@ import shutil
13
13
  from pathlib import Path
14
14
 
15
15
  # Current Imports
16
- from tools.cobol_to_java_spring_forge import generate_java_entity
17
- from tools.cobol_to_java_api_contract_forge import generate_rest_controller
18
- from tools.cobol_to_java_agent_forge import generate_java_agent_ticket
19
- from tools.cobol_to_java_build_forge import generate_pom_xml, generate_application_yml, generate_main_class
20
- from tools.cobol_to_java_service_forge import generate_service_skeleton
21
- from tools.cobol_to_java_decoder_forge import generate_decoder_util
16
+ from gitgalaxy.tools.cobol_to_java.cobol_to_java_spring_forge import generate_java_entity
17
+ from gitgalaxy.tools.cobol_to_java.cobol_to_java_api_contract_forge import generate_rest_controller
18
+ from gitgalaxy.tools.cobol_to_java.cobol_to_java_agent_forge import generate_java_agent_ticket
19
+ from gitgalaxy.tools.cobol_to_java.cobol_to_java_build_forge import generate_pom_xml, generate_application_yml, generate_main_class
20
+ from gitgalaxy.tools.cobol_to_java.cobol_to_java_service_forge import generate_service_skeleton
21
+ from gitgalaxy.tools.cobol_to_java.cobol_to_java_decoder_forge import generate_decoder_util
22
22
 
23
23
  def build_spring_boot_scaffold(output_dir: Path, package_name: str) -> dict:
24
24
  """Creates the standard Spring Boot directory architecture."""
@@ -443,7 +443,7 @@ class ApertureFilter:
443
443
 
444
444
  return True
445
445
 
446
- def _load_gitignore_patterns(self) -> list[str]:
446
+ def _load_gitignore_patterns(self) -> List[str]:
447
447
  """Reads local .gitignore files to identify Radio Noise."""
448
448
  patterns = []
449
449
  ignore_file = self.root / ".gitignore"
@@ -75,7 +75,6 @@ def _init_worker(root_str: str, config: Dict[str, Any], ext_tally: Dict[str, int
75
75
  Force-warms pseudo-languages (plaintext/markdown) to kill the 'Plaintext Stutter'.
76
76
  This prevents [AUTO-HEAL] log spam and redundant regex compilation.
77
77
  """
78
- global _worker_state
79
78
 
80
79
  logging.getLogger().setLevel(log_level)
81
80
  worker_logger = logging.getLogger("GalaxyScope.Worker")
@@ -139,7 +138,6 @@ def _init_worker(root_str: str, config: Dict[str, Any], ext_tally: Dict[str, int
139
138
 
140
139
  def _process_file_worker(rel_path: str) -> Dict[str, Any]:
141
140
  """Processes a single file path using the worker's cached hardware modules."""
142
- global _worker_state
143
141
 
144
142
  # ---> START THE CLOCK FOR THE MICRO-PROFILER <---
145
143
  t_start = time.time()
@@ -271,12 +269,18 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
271
269
  observation["processing_time"] = time.time() - t_start
272
270
  return observation
273
271
 
274
- # =========================================================================
272
+ # =========================================================================
275
273
  # THE HARDWARE GUILLOTINE (GLOBAL ReDoS Protection)
276
274
  # =========================================================================
277
- import signal # Explicit local import just in case global import was missed
278
- signal.signal(signal.SIGALRM, redos_guillotine)
279
- signal.alarm(15) # 15-second fuse for the ENTIRE analysis pipeline
275
+ import signal
276
+ import sys
277
+
278
+ # Check if the operating system is not Windows
279
+ is_posix = sys.platform != "win32"
280
+
281
+ if is_posix:
282
+ signal.signal(signal.SIGALRM, redos_guillotine)
283
+ signal.alarm(15) # 15-second fuse for POSIX systems
280
284
 
281
285
  try:
282
286
  # Phase 3: Linguistic Detector
@@ -408,7 +412,8 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
408
412
  return observation
409
413
  finally:
410
414
  # IMPORTANT: Defuse the bomb immediately upon success!
411
- signal.alarm(0)
415
+ if is_posix:
416
+ signal.alarm(0)
412
417
  # =========================================================================
413
418
 
414
419
  data_payload = {
@@ -721,8 +726,8 @@ class Orchestrator:
721
726
  logger.info(f"SQLITE: Generating repository-specific database -> {db_output}")
722
727
 
723
728
  self.db_recorder.record_mission(
724
- parsed_files=repository_graph,
725
- unparsable_files=total_unparsable,
729
+ parsed_files=list(repository_graph) if repository_graph else [], # <--- PASS A COPY
730
+ unparsable_files=list(total_unparsable) if total_unparsable else [], # <--- PASS A COPY
726
731
  summary=summary,
727
732
  session_meta=session_meta,
728
733
  output_path=db_output
@@ -764,7 +769,13 @@ class Orchestrator:
764
769
 
765
770
  # --- THE FINAL CALL TO ACTION (CLI BILLBOARD) ---
766
771
  print("\n" + "="*75)
767
- print(" 🌌 READY FOR VISUALIZATION (100% LOCAL / ZERO UPLOAD)")
772
+
773
+ # Windows command prompts crash on emojis, so we strip it for them
774
+ if sys.platform == "win32":
775
+ print(" READY FOR VISUALIZATION (100% LOCAL / ZERO UPLOAD)")
776
+ else:
777
+ print(" 🌌 READY FOR VISUALIZATION (100% LOCAL / ZERO UPLOAD)")
778
+
768
779
  print("="*75)
769
780
  print(" 1. Open your browser to: \033[94m\033[4mhttps://gitgalaxy.io/\033[0m")
770
781
  print(f" 2. Drag and drop '{output_file}'")
@@ -187,7 +187,7 @@ class SpectralAuditor:
187
187
  for lid, group in by_lang.items():
188
188
  if lid in ("undeterminable", "unknown"):
189
189
  for s in group:
190
- singularity.append(self._format_for_singularity(s, "Already Dark Matter (Pre-Audit)"))
190
+ unparsable_files.append(self._format_for_singularity(s, "Already Dark Matter (Pre-Audit)"))
191
191
  self.logger.debug(f"[{lid}] Bypassed {len(group)} artifacts (already Dark Matter).")
192
192
  continue
193
193
 
@@ -13,7 +13,7 @@ import os
13
13
  import re
14
14
  from datetime import datetime
15
15
  from pathlib import Path
16
- from typing import Any
16
+ from typing import Any, Dict, Tuple
17
17
  from gitgalaxy.standards import analysis_lens as config
18
18
 
19
19
  # ==============================================================================
@@ -12,7 +12,7 @@ import logging
12
12
  import statistics
13
13
  from pathlib import Path
14
14
  from datetime import datetime
15
- from typing import List, Dict, Any, Optional
15
+ from typing import List, Dict, Any, Optional, Tuple
16
16
  from gitgalaxy.standards import analysis_lens as config
17
17
 
18
18
  # ==============================================================================
@@ -45,7 +45,7 @@ class LLMRecorder:
45
45
  self.RISK_SCHEMA = schemas.get("RISK_SCHEMA", [])
46
46
  self.SIGNAL_SCHEMA = schemas.get("SIGNAL_SCHEMA", [])
47
47
 
48
- def _parse_threat_score(self, star: Dict) -> tuple[float, str]:
48
+ def _parse_threat_score(self, star: Dict) -> Tuple[float, str]:
49
49
  """Safely extracts and converts the AI threat score string to a float."""
50
50
  score_str = star.get("telemetry", {}).get("domain_context", {}).get("AI Threat Score", "0.0%")
51
51
  try:
@@ -131,10 +131,10 @@ class SecurityLens:
131
131
  r'\b(?:import|from|require|include|require_once|fetch|XMLHttpRequest)\b'
132
132
  r'[^\n]*?(?:[\u0400-\u04FF]|'
133
133
  r'[\u0370-\u03FF]|'
134
- r'[\u1D400-\u1D7FF]|'
134
+ r'[\U0001D400-\U0001D7FF]|'
135
135
  r'\u3164)',
136
136
  re.I
137
- ),
137
+ ),
138
138
 
139
139
  # 10. THE VAULT DOOR (Credential & Secret Leaks)
140
140
  "private_info": re.compile(
@@ -374,32 +374,6 @@ class SecurityLens:
374
374
 
375
375
  return exposures
376
376
 
377
- # 2. Logic Bomb / Sabotage Risk
378
- sabotage_hits = aggregated_hits.get("graveyard", 0) + (aggregated_hits.get("danger", 0) * 1.5)
379
- sabotage_density = sabotage_hits / loc_safe
380
- if sabotage_density >= self.policy["logic_bomb_threshold"]:
381
- exposures["Logic Bomb Risk"] = sabotage_density
382
-
383
- # 3. Data Injection Risk
384
- injection_hits = aggregated_hits.get("io", 0) + aggregated_hits.get("danger", 0) + aggregated_hits.get("flux", 0)
385
- injection_density = injection_hits / loc_safe
386
- if injection_density >= self.policy["injection_surface_threshold"]:
387
- exposures["Data Injection Risk"] = injection_density
388
-
389
- # 4. Memory Corruption Risk
390
- memory_hits = aggregated_hits.get("memory_corruption", 0)
391
- memory_density = memory_hits / loc_safe
392
- if memory_density >= self.policy["memory_corruption_threshold"]:
393
- exposures["Memory Corruption Risk"] = memory_density
394
-
395
- # 5. Secrets Risk
396
- secrets_hits = aggregated_hits.get("private_info", 0)
397
- secrets_density = secrets_hits / loc_safe
398
- if secrets_density >= self.policy["secrets_risk_threshold"]:
399
- exposures["Secrets Leak Risk"] = secrets_density
400
-
401
- return exposures
402
-
403
377
  def scan_binary(self, raw_bytes: bytes, ext: str) -> dict:
404
378
  """
405
379
  X-Rays binary chunks for embedded execution headers, magic byte mismatches,
@@ -68,8 +68,52 @@ class UniversalManifestSlicer:
68
68
  for line in block.splitlines():
69
69
  line = line.strip()
70
70
  if line and not line.startswith('#') and '=' in line:
71
+ pkg_name = line.split('=')[0].strip()
71
72
  pkg_name = line.split('=')[0].strip()
72
73
  deps[pkg_name] = "latest" # Simplified version extraction
74
+
75
+ elif filename == "go.mod":
76
+ ecosystem = "golang"
77
+ with open(manifest_path, 'r', encoding='utf-8') as f:
78
+ in_require_block = False
79
+ for line in f:
80
+ line = line.strip()
81
+ if line.startswith('require ('):
82
+ in_require_block = True
83
+ continue
84
+ if line == ')':
85
+ in_require_block = False
86
+ continue
87
+ if in_require_block and line and not line.startswith('//'):
88
+ parts = line.split()
89
+ if len(parts) >= 2:
90
+ deps[parts[0]] = parts[1]
91
+ elif line.startswith('require ') and not in_require_block:
92
+ parts = line.split()
93
+ if len(parts) >= 3:
94
+ deps[parts[1]] = parts[2]
95
+
96
+ elif filename == "Gemfile":
97
+ ecosystem = "rubygems"
98
+ with open(manifest_path, 'r', encoding='utf-8') as f:
99
+ for line in f:
100
+ line = line.strip()
101
+ # Extract: gem 'nokogiri', '~> 1.11'
102
+ if line.startswith("gem "):
103
+ parts = line.split(',')
104
+ pkg_name = parts[0].replace("gem", "").strip(" '\"")
105
+ version = parts[1].strip(" '\"") if len(parts) > 1 else "latest"
106
+ deps[pkg_name] = version
107
+
108
+ elif filename == "pom.xml":
109
+ ecosystem = "maven"
110
+ with open(manifest_path, 'r', encoding='utf-8') as f:
111
+ content = f.read()
112
+ # Extract artifactId and version from XML blocks
113
+ deps_raw = re.findall(r'<dependency>.*?<artifactId>([^<]+)</artifactId>(?:.*?<version>([^<]+)</version>)?.*?</dependency>', content, re.DOTALL)
114
+ for artifact, version in deps_raw:
115
+ deps[artifact] = version if version else "latest"
116
+
73
117
  except Exception:
74
118
  pass
75
119
 
@@ -99,6 +143,29 @@ class UniversalManifestSlicer:
99
143
  for d in dirs:
100
144
  if d.lower() == safe_pkg_name or d.lower().startswith(f"{safe_pkg_name}-"):
101
145
  return Path(root) / d
146
+
147
+ elif ecosystem == "golang":
148
+ # Go packages are often vendored in the project's root 'vendor/' directory
149
+ target = target_path / 'vendor' / pkg_name
150
+ return target if target.exists() else None
151
+
152
+ elif ecosystem == "rubygems":
153
+ # Ruby often vendors gems locally here
154
+ target = target_path / 'vendor' / 'bundle'
155
+ if target.exists():
156
+ for root, dirs, _ in os.walk(target):
157
+ if pkg_name in dirs: return Path(root) / pkg_name
158
+ return None
159
+
160
+ elif ecosystem == "maven":
161
+ # Java local dependency pulls usually land here
162
+ target = target_path / 'target' / 'dependency'
163
+ if target.exists():
164
+ # Just verifying the jar/folder exists loosely
165
+ for file in target.iterdir():
166
+ if pkg_name.lower() in file.name.lower(): return file
167
+ return None
168
+
102
169
  return None
103
170
 
104
171
  def main():
@@ -124,7 +191,7 @@ def main():
124
191
  total_verified = 0
125
192
 
126
193
  # 1. Harvest Manifests Universally
127
- manifest_targets = ["package.json", "composer.json", "requirements.txt", "Cargo.toml"]
194
+ manifest_targets = ["package.json", "composer.json", "requirements.txt", "Cargo.toml", "go.mod", "Gemfile", "pom.xml"]
128
195
  found_manifests = [target_path / m for m in manifest_targets if (target_path / m).exists()]
129
196
 
130
197
  if not found_manifests:
@@ -140,8 +140,8 @@ def main():
140
140
  loc = max(len(content.splitlines()), 1)
141
141
  sec_results = security.scan_content(content, loc)
142
142
 
143
- # THE INERT DATA SHIELD
144
- if ext in ['.json', '.md', '.txt', '.csv', '.yaml', '.yml', '.css', '.less']:
143
+ # THE INERT DATA SHIELD & MINIFIED BYPASS
144
+ if ext in ['.json', '.md', '.txt', '.csv', '.yaml', '.yml', '.css', '.less', '.h'] or '.d.ts' in file_path.name or '.min.' in file_path.name or '.umd.' in file_path.name:
145
145
  for key in sec_results["counts"].keys():
146
146
  sec_results["counts"][key] = 0
147
147
 
@@ -81,13 +81,21 @@ def main():
81
81
  keyword_patterns = {}
82
82
  for kw in search_targets:
83
83
  # Example: looking for "PGM=NAME" or "STARTED NAME"
84
- pattern_str = fr"(?:PGM=|STARTED\s+){kw}"
84
+ pattern_str = fr"{kw}"
85
85
  keyword_patterns[kw] = re.compile(pattern_str.encode('utf-8'), re.IGNORECASE)
86
86
 
87
87
  ts_pattern = re.compile(br'(\d{4}-\d{2}-\d{2}[T\s]\d{2}|\b[A-Z][a-z]{2}\s+\d{1,2}\s\d{2})')
88
88
  histograms = {kw: defaultdict(int) for kw in search_targets}
89
89
 
90
- # ... [Keep your existing file path setup and start_time logic here] ...
90
+ if args.out:
91
+ out_dir = Path(args.out).resolve()
92
+ out_dir.mkdir(parents=True, exist_ok=True)
93
+ results_path = out_dir / f"{target_path.stem}_results.txt"
94
+ else:
95
+ results_path = target_path.parent / f"{target_path.stem}_results.txt"
96
+
97
+ start_time = time.time()
98
+ print(f"🚀 Scanning {target_path.name} for {len(search_targets)} keywords...")
91
99
 
92
100
  # 2. The Memory Shield
93
101
  with open(target_path, 'rb') as f_in, open(results_path, 'w', encoding='utf-8') as f_out:
@@ -103,7 +111,11 @@ def main():
103
111
 
104
112
  time_elapsed = time.time() - start_time
105
113
 
106
- # ... [Keep your existing ASCII Histogram and Executive Summary printing here] ...
114
+ for kw, buckets in histograms.items():
115
+ draw_ascii_histogram(buckets, kw)
116
+
117
+ print(f"\n✅ Scan completed in {time_elapsed:.2f} seconds.")
118
+ print(f"📄 Filtered results saved to: {results_path}")
107
119
 
108
120
  total_counts = {kw: sum(buckets.values()) for kw, buckets in histograms.items()}
109
121
 
@@ -1,8 +1,8 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: gitgalaxy
3
- Version: 2.0.3
3
+ Version: 2.0.5
4
4
  Summary: An AST-free, zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
5
- Author: Joseph Michael Esquibel
5
+ Author: Joe Esquibel
6
6
  Project-URL: Homepage, https://gitgalaxy.io
7
7
  Project-URL: Documentation, https://squid-protocol.github.io/gitgalaxy/
8
8
  Project-URL: Source, https://github.com/squid-protocol/gitgalaxy
@@ -16,7 +16,7 @@ Classifier: Topic :: Software Development :: Quality Assurance
16
16
  Classifier: Topic :: Scientific/Engineering :: Visualization
17
17
  Classifier: Intended Audience :: Developers
18
18
  Classifier: Intended Audience :: Information Technology
19
- Requires-Python: >=3.8
19
+ Requires-Python: >=3.9
20
20
  Description-Content-Type: text/markdown
21
21
  License-File: LICENSE
22
22
  Dynamic: license-file
@@ -38,32 +38,36 @@ Dynamic: license-file
38
38
  [![Zero Dependencies](https://img.shields.io/badge/Dependencies-0-brightgreen.svg)](https://pypi.org/project/gitgalaxy/)
39
39
  [![Airgap Ready](https://img.shields.io/badge/Security-Airgap_Ready-teal.svg)](#)
40
40
 
41
- ### **The blAST Engine: A custom heuristics-based AST-free Knowledge Graph Generator**
41
+ ### **AST-Free Static Analysis & Knowledge Graph Engine**
42
42
 
43
- The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
43
+ The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
44
44
 
45
- By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
45
+ ### Scanning Apollo-11 with the blAST Engine
46
46
 
47
- The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
47
+ ![GitGalaxy CLI Scan](./docs/wiki/assets/apollo11_scan.gif)
48
+
49
+ By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
50
+
51
+ The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
48
52
 
49
53
  Every assumption our system makes has been abstracted into over 300 tunable variables. Think of GitGalaxy as a highly calibrated telescope. You can query the number of active API network nodes, isolate unique external imports, or highlight functions exhibiting extreme cognitive load—all adjusted via custom whitelists and blacklists to eliminate false-positive fatigue. Field-tested on over 1,000 repositories spanning 50+ languages and 250+ extensions, the engine comes equipped with smart defaults ready for immediate deployment.
50
54
 
51
- **Core Technology**
55
+ **Core Codebase Mapping Technology**
52
56
  * Bypasses LLMs and rigid ASTs.
53
57
  * Doesn't require code to compile (AST-free).
54
58
  * Produces full function-to-function call chains.
55
59
  * Deterministically maps code by 60+ keyword regex profiles (Structural markers, I/O intents, state mutations).
56
- * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
60
+ * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
57
61
  * Eliminates LLM architectural hallucinations and context window limits.
58
62
  * Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](gitgalaxy/standards/HOW_TO_ADD_LANGUAGE.md))**
59
63
 
60
- **Extreme Velocity & Scale**
64
+ **Enterprise Scale & Performance Metrics**
61
65
  * 100,000 LOC/sec code analysis.
62
66
  * 0.07 GB/sec raw log ingestion.
63
67
  * Full-system scans in minutes without data sampling.
64
68
  * 100% daily system coverage.
65
69
 
66
- **Scientific Claims & Validation**
70
+ **Methodology & Comparative Benchmarks**
67
71
  GitGalaxy is backed by an academic-grade thesis detailing the equations powering the blAST engine.
68
72
 
69
73
  * **[Optimum Search Strategies Evolve](https://squid-protocol.github.io/gitgalaxy/03-01-claim-1-search-strategies/):** AST-free mapping. Outperforms rigid parsers and LLM context windows.
@@ -71,15 +75,14 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
71
75
  * **[All languages have keywords that roughly do the same thing, these can be grouped to make cross-language keyword maps](https://squid-protocol.github.io/gitgalaxy/03-03-claim-3-taxonomy-map/):** Standardizes 50+ languages into a single universal physical framework.
72
76
  * **[Cross-Language Comparisons of over 1000 repos](https://squid-protocol.github.io/gitgalaxy/03-04-claim-4-comparing-languages/):** Deterministic 1:1 benchmarking of distinct syntax architectures.
73
77
  * **[Universal File Archetypes by k-means clustering](https://squid-protocol.github.io/gitgalaxy/03-05-claim-5-file-archetypes/):** ML isolation of files into K-means clusters (e.g., "The God Nodes," "Declarative Glue").
74
- * **[Assessing the blAST engines cross-language capbility over 10 different DOOM ports](https://squid-protocol.github.io/gitgalaxy/03-07-claim-7-doom-comparisons/):** Comparative function analysis across 10 distinct DOOM source ports.
75
- * **Mainframe Proven:** Successful from-scratch translation of legacy COBOL monoliths to compiling Spring Boot architectures.
78
+ * **[Mainframe Proven: 100% CI/CD Translation Success Rate](https://github.com/squid-protocol/gitgalaxy/tree/main/examples/ibm_cics_translation):** Flawless architectural translation of 27 distinct legacy COBOL repositories (including IBM CICS benchmark apps) into compiling Java Spring Boot environments.
76
79
 
77
- **Security & Deployment**
80
+ **Data Privacy & On-Premise Deployment**
78
81
  * 100% air-gapped execution.
79
82
  * On-premise deployment with zero IP exfiltration risk.
80
83
  * Zero-trust processing model.
81
84
 
82
- **How to use**
85
+ **Installation & Usage**
83
86
  * Python-based: `pip install gitgalaxy`
84
87
  * CLI execution
85
88
  * Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
@@ -88,7 +91,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
88
91
 
89
92
  ---
90
93
 
91
- ## Quickstart
94
+ ## Quickstart Guide
92
95
 
93
96
  ### 1. Install
94
97
 
@@ -107,39 +110,45 @@ galaxyscope /path/to/your/local/repo
107
110
 
108
111
  ---
109
112
 
110
- ### [Project Overview](docs/wiki/01-project-overview.md)
113
+ ### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
111
114
  The central blAST engine. It bypasses rigid ASTs using mathematical heuristics to map O(N) multi-dimensional relationships across 50+ languages, managing signal processing, spatial layout, and high-speed SQLite telemetry recording.
112
115
 
113
116
 
114
117
 
115
- ## The GitGalaxy Ecosystem
118
+ ## Enterprise Codebase Tools & Use Cases
116
119
 
117
- GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations. The following toolsets provide novel heuristic solutions to several open problems in computing.
120
+ GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations.
118
121
 
119
- ### [Legacy Modernization: Converting Raw Cobol Repos to Java Spring Boots](gitgalaxy/tools/cobol_to_java/)
122
+ ### [Automated Legacy Migration: COBOL to Java Spring Boot](gitgalaxy/tools/cobol_to_java/)
120
123
  A deterministic, high-fidelity translation pipeline. It converts legacy COBOL into fully compiling, modern Spring Boot architectures, mapping memory exactly and scaffolding JPA entities, REST controllers, and Maven builds before utilizing AI to translate isolated business logic.
124
+ * **Proven Metric:** Achieved a perfect 27/27 Maven compile success rate across a batch test of distinct legacy repos.
125
+ * **Verify for Yourself:** [Inspect the raw outputs of the IBM CICS Application Translation here.](examples/ibm_cics_translation/)
121
126
 
122
- ### [Legacy Modernization: Converting Raw Cobol Repos to cleaner Cobol Repos](gitgalaxy/tools/cobol_to_cobol/)
127
+ ![Java Forge & Batch Test](./docs/wiki/assets/java_forge_and_batch_test.gif)
128
+
129
+ ### [Mainframe Refactoring: COBOL & JCL Optimization](gitgalaxy/tools/cobol_to_cobol/)
123
130
  A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutralizes legacy lexical traps, extracts dead "Graveyard" memory, maps topological DAG execution orders, and generates Zero-Trust JCL configurations for modern cloud deployments.
131
+ * **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
124
132
 
125
- ### [Supply Chain Security](gitgalaxy/tools/supply_chain_security/)
133
+ ### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
126
134
  Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
127
135
 
128
- ### [Network Auditing](gitgalaxy/tools/network_auditing/)
136
+ ### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
137
+ A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
138
+ * **Proven Metric:** Successfully mapped and mathematically verified the physical internals of 170 unique Go modules inside the local Kubernetes repository.
139
+
140
+ ### [API Security & Shadow API Detection](gitgalaxy/tools/network_auditing/)
129
141
  A deterministic mapping tool that hunts undocumented vulnerabilities. It uses structural regex to find active physical routing logic (Express, Spring Boot, FastAPI) and applies set theory against official OpenAPI/Swagger documentation to isolate critical Shadow APIs and outdated Ghost APIs.
130
142
 
131
- ### [Terabyte Log Scanning](gitgalaxy/tools/terabyte_log_scanning/)
143
+ ### [High-Speed PII Detection & Log Analysis](gitgalaxy/tools/terabyte_log_scanning/)
132
144
  Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive database dumps to deterministically hunt and mask PII (Credit Cards, SSNs, AWS Keys) and uses static architecture maps to prove exact runtime execution frequencies with ASCII time-series histograms.
133
145
 
134
- ### [Compliance Operations - SBOM Generators](gitgalaxy/tools/compliance/)
135
- A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
136
-
137
- ### [AI Guardrails](gitgalaxy/tools/ai_guardrails/)
146
+ ### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
138
147
  Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
139
148
 
140
- ## The Web Viewer (Frictionless Dashboards)
149
+ ## Local Browser-Based 3D Codebase Visualization
141
150
 
142
- If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
151
+ If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
143
152
 
144
153
  Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
145
154
 
@@ -147,7 +156,7 @@ Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip
147
156
 
148
157
  ![GitGalaxy native SQLite3 database schema for AST-free enterprise codebase mapping and cybersecurity auditing](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/sqlite_overview.png)
149
158
 
150
- ## Zero-Trust Architecture
159
+ ## Zero-Trust Data Security
151
160
 
152
161
  Your code never leaves your machine. GitGalaxy performs 100% of its scanning and vectorization locally.
153
162
 
@@ -63,4 +63,5 @@ gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py
63
63
  gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py
64
64
  gitgalaxy/tools/supply_chain_security/vault_sentinel.py
65
65
  gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py
66
- gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py
66
+ gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py
67
+ tests/test_galaxyscope.py
@@ -4,15 +4,13 @@ build-backend = "setuptools.build_meta"
4
4
 
5
5
  [project]
6
6
  name = "gitgalaxy"
7
- version = "2.0.3"
7
+ version = "2.0.5"
8
8
  authors = [
9
- { name="Joseph Michael Esquibel" },
9
+ { name="Joe Esquibel" },
10
10
  ]
11
11
  description = "An AST-free, zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths."
12
12
  readme = "README.md"
13
- requires-python = ">=3.8"
14
-
15
- license-files = ["LICENSE"]
13
+ requires-python = ">=3.9"
16
14
 
17
15
  keywords = [
18
16
  "static-analysis",
@@ -0,0 +1,61 @@
1
+ import subprocess
2
+ import json
3
+ from pathlib import Path
4
+
5
+ def test_galaxyscope_python_fixture(tmp_path):
6
+ """
7
+ Tests that GalaxyScope can parse a micro-repo (iwubi),
8
+ complete its mission, and trigger all 4 recorders successfully.
9
+ """
10
+ # 1. Dynamically get the absolute path to the GitGalaxy root
11
+ test_dir = Path(__file__).parent
12
+ project_root = test_dir.parent
13
+
14
+ # 2. Build absolute paths for the script and the fixture
15
+ script_path = project_root / "gitgalaxy" / "galaxyscope.py"
16
+ fixture_path = test_dir / "fixtures" / "iwubi_frankenstein_test"
17
+
18
+ # Force output to a temporary directory
19
+ output_dir = tmp_path / "test_run"
20
+
21
+ # 3. Pass the absolute paths to the subprocess
22
+ result = subprocess.run(
23
+ ["python", str(script_path), str(fixture_path), "--output", str(output_dir)],
24
+ capture_output=True,
25
+ text=True
26
+ )
27
+
28
+ # INVARIANT 1: CLI Exit Code & Billboard Output
29
+ assert result.returncode == 0, f"GalaxyScope crashed! Stderr: {result.stderr}"
30
+ assert "MISSION_SUCCESS" in result.stdout, "CLI did not print the success billboard."
31
+
32
+ # The engine uses the target folder name to build the filenames automatically
33
+ target_name = "iwubi_frankenstein_test"
34
+
35
+ gpu_file = output_dir / f"{target_name}_galaxy_gpu.json"
36
+ audit_file = output_dir / f"{target_name}_galaxy_audit.json"
37
+ llm_file = output_dir / f"{target_name}_galaxy_llm.md"
38
+ db_file = output_dir / f"{target_name}_galaxy_master.db"
39
+
40
+ # INVARIANT 2: File Generation (Did all 4 recorders fire?)
41
+ assert gpu_file.exists(), f"GPU Recorder failed to output JSON at {gpu_file}"
42
+ assert audit_file.exists(), f"Audit Recorder failed to output JSON at {audit_file}"
43
+ assert llm_file.exists(), f"LLM Recorder failed to output Markdown at {llm_file}"
44
+ assert db_file.exists(), f"SQLite Recorder failed to output DB at {db_file}"
45
+
46
+ # INVARIANT 3: GPU Recorder Internals (Non-blank structural check)
47
+ with open(gpu_file, "r", encoding="utf-8") as f:
48
+ gpu_data = json.load(f)
49
+ assert "meta" in gpu_data, "GPU JSON missing 'meta' object"
50
+ assert "galaxy" in gpu_data, "GPU JSON missing 'galaxy' object"
51
+ assert len(gpu_data["galaxy"]["names"]) >= 1, "GPU Recorder found 0 files"
52
+ assert "iwubi.py" in gpu_data["galaxy"]["names"], "Failed to identify iwubi.py"
53
+
54
+ # INVARIANT 4: LLM Recorder Internals (Text check)
55
+ with open(llm_file, "r", encoding="utf-8") as f:
56
+ md_content = f.read()
57
+ assert "# ARCHITECTURAL_BRIEF" in md_content, "LLM Markdown missing main header"
58
+ assert "MACRO STATE" in md_content, "LLM Markdown missing MACRO STATE section"
59
+
60
+ # INVARIANT 5: SQLite Database (Byte check)
61
+ assert db_file.stat().st_size > 1000, "SQLite database appears to be empty"
File without changes
File without changes
File without changes