gitgalaxy 2.0.3__tar.gz → 2.0.7__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- gitgalaxy-2.0.7/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +50 -0
- gitgalaxy-2.0.7/.github/dependabot.yml +19 -0
- gitgalaxy-2.0.7/.github/pull_request_template.md +9 -0
- gitgalaxy-2.0.7/.github/workflows/codeql.yml +40 -0
- gitgalaxy-2.0.7/.github/workflows/publish.yml +40 -0
- gitgalaxy-2.0.7/.github/workflows/smoke-test.yml +66 -0
- gitgalaxy-2.0.7/.gitignore +73 -0
- gitgalaxy-2.0.7/CONTRIBUTING.md +63 -0
- {gitgalaxy-2.0.3/gitgalaxy.egg-info → gitgalaxy-2.0.7}/PKG-INFO +68 -32
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/README.md +64 -28
- gitgalaxy-2.0.7/action.yml +61 -0
- gitgalaxy-2.0.7/gitgalaxy/README.md +62 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/cobol_refractor_controller.py +9 -9
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/cobol_to_java_controller.py +6 -6
- gitgalaxy-2.0.7/gitgalaxy/core/README.md +44 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/aperture.py +1 -1
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/detector.py +27 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/galaxyscope.py +21 -10
- gitgalaxy-2.0.7/gitgalaxy/physics/README.md +36 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/physics/spectral_auditor.py +1 -1
- gitgalaxy-2.0.7/gitgalaxy/recorders/README.md +38 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/recorders/audit_recorder.py +1 -1
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/recorders/llm_recorder.py +2 -2
- gitgalaxy-2.0.7/gitgalaxy/security/README.md +32 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/security/security_lens.py +2 -28
- gitgalaxy-2.0.7/gitgalaxy/standards/README.md +55 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/standards/analysis_lens.py +4 -4
- gitgalaxy-2.0.7/gitgalaxy/standards/how_to_add_a_language.md +199 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/standards/language_standards.py +19 -12
- gitgalaxy-2.0.7/gitgalaxy/tools/README.md +63 -0
- gitgalaxy-2.0.7/gitgalaxy/tools/ai_guardrails/README.md +81 -0
- gitgalaxy-2.0.7/gitgalaxy/tools/cobol_to_cobol/README.md +171 -0
- gitgalaxy-2.0.7/gitgalaxy/tools/cobol_to_java/README.md +107 -0
- gitgalaxy-2.0.7/gitgalaxy/tools/compliance/README.md +115 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/compliance/sbom_generator.py +68 -1
- gitgalaxy-2.0.7/gitgalaxy/tools/network_auditing/README.md +118 -0
- gitgalaxy-2.0.7/gitgalaxy/tools/supply_chain_security/README.md +180 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +2 -2
- gitgalaxy-2.0.7/gitgalaxy/tools/terabyte_log_scanning/README.md +116 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +15 -3
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7/gitgalaxy.egg-info}/PKG-INFO +68 -32
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy.egg-info/SOURCES.txt +54 -1
- gitgalaxy-2.0.7/mkdocs.yml +189 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/pyproject.toml +9 -7
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/.gitattributes +14 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/.gitignore +3 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/LICENSE +201 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/Makefile +30 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/README.md +66 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +842 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +1999 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +200 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +29 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +96 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +427 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +596 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/config.py +1 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/convert_em.F +167 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +138 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +37 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +27 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/iwubi.py +585 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +3 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +30 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/logconfig.py +30 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +25 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +65113 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
- gitgalaxy-2.0.7/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
- gitgalaxy-2.0.7/tests/test_galaxyscope.py +61 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/LICENSE +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/MANIFEST.in +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/guidestar_lens.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/network_risk_sensor.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/prism.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/core/state_rehydrator.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/physics/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/physics/chronometer.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/physics/neural_auditor.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/physics/signal_processor.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/recorders/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/recorders/gpu_recorder.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/recorders/record_keeper.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/security/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/security/security_auditor.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/standards/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/standards/gitgalaxy_config.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/standards/language_lens.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/__init__.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/network_auditing/full_api_network_map.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy.egg-info/dependency_links.txt +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy.egg-info/entry_points.txt +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/gitgalaxy.egg-info/top_level.txt +0 -0
- {gitgalaxy-2.0.3 → gitgalaxy-2.0.7}/setup.cfg +0 -0
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
name: 🐛 Report a Parsing/blAST Discrepancy
|
|
2
|
+
description: Report an issue where the blAST engine misidentified or failed to parse a repository structure.
|
|
3
|
+
title: "[Bug]: "
|
|
4
|
+
labels: ["bug", "triage"]
|
|
5
|
+
body:
|
|
6
|
+
- type: markdown
|
|
7
|
+
attributes:
|
|
8
|
+
value: |
|
|
9
|
+
Thanks for taking the time to report a discrepancy! Please provide the context we need to reproduce the issue.
|
|
10
|
+
- type: input
|
|
11
|
+
id: repo_link
|
|
12
|
+
attributes:
|
|
13
|
+
label: Repository Link
|
|
14
|
+
description: Provide a link to the public repository you were scanning (e.g., GitHub, GitLab URL).
|
|
15
|
+
placeholder: https://github.com/torvalds/linux
|
|
16
|
+
validations:
|
|
17
|
+
required: true
|
|
18
|
+
- type: dropdown
|
|
19
|
+
id: viewer_used
|
|
20
|
+
attributes:
|
|
21
|
+
label: Which Observatory viewer were you using?
|
|
22
|
+
description: Help us identify if this is a backend parsing issue or a frontend visual constraint.
|
|
23
|
+
options:
|
|
24
|
+
- GitGalaxy.io (Web Viewer)
|
|
25
|
+
- Airgap Observatory (Local Server)
|
|
26
|
+
- CLI Only (Did not use a visualizer)
|
|
27
|
+
validations:
|
|
28
|
+
required: true
|
|
29
|
+
- type: textarea
|
|
30
|
+
id: description
|
|
31
|
+
attributes:
|
|
32
|
+
label: Description of the Discrepancy
|
|
33
|
+
description: What did GitGalaxy report, and what should it have been? (e.g., "Flagged X files as Python, but they are actually Cython.")
|
|
34
|
+
validations:
|
|
35
|
+
required: true
|
|
36
|
+
- type: textarea
|
|
37
|
+
id: custom_standards
|
|
38
|
+
attributes:
|
|
39
|
+
label: Custom standards.py (If Applicable)
|
|
40
|
+
description: If you are using a custom `standards.py`, please paste its contents here, or drag and drop the file into this box.
|
|
41
|
+
render: python
|
|
42
|
+
validations:
|
|
43
|
+
required: false
|
|
44
|
+
- type: input
|
|
45
|
+
id: contact
|
|
46
|
+
attributes:
|
|
47
|
+
label: Contact Info
|
|
48
|
+
description: An email or Discord handle where we can reach you if we have questions about this specific codebase.
|
|
49
|
+
validations:
|
|
50
|
+
required: false
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
version: 2
|
|
2
|
+
updates:
|
|
3
|
+
# 1. Keep GitHub Actions up to date
|
|
4
|
+
- package-ecosystem: "github-actions"
|
|
5
|
+
directory: "/"
|
|
6
|
+
schedule:
|
|
7
|
+
interval: "weekly"
|
|
8
|
+
labels:
|
|
9
|
+
- "security"
|
|
10
|
+
- "github-actions"
|
|
11
|
+
|
|
12
|
+
# 2. Keep Python dependencies up to date
|
|
13
|
+
- package-ecosystem: "pip"
|
|
14
|
+
directory: "/"
|
|
15
|
+
schedule:
|
|
16
|
+
interval: "weekly"
|
|
17
|
+
labels:
|
|
18
|
+
- "security"
|
|
19
|
+
- "python"
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
### Description of Structural Changes
|
|
2
|
+
### Visual Observatory Testing
|
|
3
|
+
- [ ] I tested the output JSON on **GitGalaxy.io** OR the **Airgap Observatory**.
|
|
4
|
+
- [ ] Flexbox constraints, HUD elements, and 3D rendering remain intact.
|
|
5
|
+
|
|
6
|
+
### The Differential Scan Acknowledgement
|
|
7
|
+
- [ ] I understand that my PR will be subjected to a Full Differential Scan.
|
|
8
|
+
- [ ] I have provided the link to the specific repository this PR addresses so it can be tested alongside the 80-repo calibrated baseline.
|
|
9
|
+
- [ ] I believe these changes will measurably improve the engine's Accuracy, Speed, Utility, or Ethos without causing regressions.
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
name: "CodeQL Security Scan"
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ "main" ]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [ "main" ]
|
|
8
|
+
schedule:
|
|
9
|
+
- cron: '0 12 * * 1' # Runs every Monday at 12:00 UTC
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
analyze:
|
|
13
|
+
name: Analyze
|
|
14
|
+
runs-on: ubuntu-latest
|
|
15
|
+
permissions:
|
|
16
|
+
actions: read
|
|
17
|
+
contents: read
|
|
18
|
+
security-events: write
|
|
19
|
+
|
|
20
|
+
strategy:
|
|
21
|
+
fail-fast: false
|
|
22
|
+
matrix:
|
|
23
|
+
language: [ 'python' ]
|
|
24
|
+
|
|
25
|
+
steps:
|
|
26
|
+
- name: Checkout repository
|
|
27
|
+
uses: actions/checkout@v4
|
|
28
|
+
|
|
29
|
+
- name: Initialize CodeQL
|
|
30
|
+
uses: github/codeql-action/init@v3
|
|
31
|
+
with:
|
|
32
|
+
languages: ${{ matrix.language }}
|
|
33
|
+
# If you have specific queries you want to run, you can specify them here.
|
|
34
|
+
# "security-extended" adds deeper vulnerability hunting.
|
|
35
|
+
queries: security-extended,security-and-quality
|
|
36
|
+
|
|
37
|
+
- name: Perform CodeQL Analysis
|
|
38
|
+
uses: github/codeql-action/analyze@v3
|
|
39
|
+
with:
|
|
40
|
+
category: "/language:${{matrix.language}}"
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
name: Publish to PyPI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
release:
|
|
5
|
+
types: [published]
|
|
6
|
+
|
|
7
|
+
jobs:
|
|
8
|
+
pypi-publish:
|
|
9
|
+
name: Build and Publish to PyPI
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
|
+
|
|
12
|
+
# This matches the environment name you set in PyPI
|
|
13
|
+
environment:
|
|
14
|
+
name: pypi
|
|
15
|
+
url: https://pypi.org/p/gitgalaxy
|
|
16
|
+
|
|
17
|
+
# This specific permission is REQUIRED for Trusted Publishing
|
|
18
|
+
permissions:
|
|
19
|
+
id-token: write
|
|
20
|
+
contents: read
|
|
21
|
+
|
|
22
|
+
steps:
|
|
23
|
+
- name: Checkout repository
|
|
24
|
+
uses: actions/checkout@v4
|
|
25
|
+
with:
|
|
26
|
+
fetch-depth: 0 # <--- ADD THIS so it downloads your Git tags!
|
|
27
|
+
|
|
28
|
+
- name: Set up Python
|
|
29
|
+
uses: actions/setup-python@v5
|
|
30
|
+
with:
|
|
31
|
+
python-version: "3.10"
|
|
32
|
+
|
|
33
|
+
- name: Install build tools
|
|
34
|
+
run: python -m pip install --upgrade pip build
|
|
35
|
+
|
|
36
|
+
- name: Build the wheel and source distribution
|
|
37
|
+
run: python -m build
|
|
38
|
+
|
|
39
|
+
- name: Publish package to PyPI
|
|
40
|
+
uses: pypa/gh-action-pypi-publish@release/v1
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
name: GitGalaxy Smoke Tests
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ "main" ]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [ "main" ]
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
smoke-test:
|
|
11
|
+
runs-on: ${{ matrix.os }}
|
|
12
|
+
env:
|
|
13
|
+
PYTHONUTF8: "1" # <--- FIX 1: Forces Windows to render emojis without crashing
|
|
14
|
+
strategy:
|
|
15
|
+
fail-fast: false
|
|
16
|
+
matrix:
|
|
17
|
+
os: [ubuntu-latest, windows-latest, macos-latest]
|
|
18
|
+
python-version: ["3.9", "3.10", "3.11", "3.12"]
|
|
19
|
+
|
|
20
|
+
steps:
|
|
21
|
+
- name: Check out repository code
|
|
22
|
+
uses: actions/checkout@v6
|
|
23
|
+
|
|
24
|
+
- name: Set up Python ${{ matrix.python-version }}
|
|
25
|
+
uses: actions/setup-python@v6
|
|
26
|
+
with:
|
|
27
|
+
python-version: ${{ matrix.python-version }}
|
|
28
|
+
|
|
29
|
+
- name: Install macOS dependencies (OpenMP for XGBoost)
|
|
30
|
+
if: runner.os == 'macOS'
|
|
31
|
+
run: brew install libomp
|
|
32
|
+
|
|
33
|
+
- name: Install dependencies
|
|
34
|
+
shell: bash
|
|
35
|
+
run: |
|
|
36
|
+
python -m pip install --upgrade pip setuptools wheel
|
|
37
|
+
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
|
|
38
|
+
pip install PyYAML networkx tiktoken pandas xgboost pytest flake8
|
|
39
|
+
pip install --no-build-isolation -e . # <--- FIX 2: Bypasses the pip build bubble
|
|
40
|
+
|
|
41
|
+
- name: Global Syntax Sweep (Flake8)
|
|
42
|
+
run: |
|
|
43
|
+
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
|
|
44
|
+
|
|
45
|
+
- name: Smoke Test - Core Engine
|
|
46
|
+
# Using the -m flag is the safest way to run modules inside a package
|
|
47
|
+
run: python -m gitgalaxy.galaxyscope --help
|
|
48
|
+
|
|
49
|
+
- name: Smoke Test - Legacy Refractor Controller
|
|
50
|
+
run: python -m gitgalaxy.cobol_refractor_controller --help
|
|
51
|
+
|
|
52
|
+
- name: Smoke Test - Java Spring Forge Controller
|
|
53
|
+
run: python -m gitgalaxy.cobol_to_java_controller --help
|
|
54
|
+
|
|
55
|
+
- name: Smoke Test - SBOM Generator
|
|
56
|
+
run: python -m gitgalaxy.tools.compliance.sbom_generator --help
|
|
57
|
+
|
|
58
|
+
- name: Smoke Test - Supply Chain Firewall
|
|
59
|
+
run: python -m gitgalaxy.tools.supply_chain_security.supply_chain_firewall --help
|
|
60
|
+
|
|
61
|
+
- name: Smoke Test - API Network Map
|
|
62
|
+
run: python -m gitgalaxy.tools.network_auditing.full_api_network_map --help
|
|
63
|
+
|
|
64
|
+
- name: Golden Record Integration Test (Pytest)
|
|
65
|
+
run: |
|
|
66
|
+
pytest tests/ -v
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
# ==========================================
|
|
2
|
+
# SECURITY / SECRETS (CRITICAL)
|
|
3
|
+
.env
|
|
4
|
+
.env.*
|
|
5
|
+
*.pem
|
|
6
|
+
*.key
|
|
7
|
+
|
|
8
|
+
# PYTHON, FLASK & VIRTUAL ENVIRONMENTS
|
|
9
|
+
__pycache__/
|
|
10
|
+
*.py[cod]
|
|
11
|
+
*$py.class
|
|
12
|
+
*.so
|
|
13
|
+
venv/
|
|
14
|
+
env/
|
|
15
|
+
.venv/
|
|
16
|
+
flask_session/
|
|
17
|
+
|
|
18
|
+
# PYPI PACKAGING & BUILD ARTIFACTS
|
|
19
|
+
build/
|
|
20
|
+
dist/
|
|
21
|
+
*.egg-info/
|
|
22
|
+
|
|
23
|
+
# TESTING & LINTING (NEW)
|
|
24
|
+
.coverage
|
|
25
|
+
htmlcov/
|
|
26
|
+
.mypy_cache/
|
|
27
|
+
|
|
28
|
+
# LOGS & DATABASES
|
|
29
|
+
*.log
|
|
30
|
+
gitgalaxy_dropped_orders.log
|
|
31
|
+
*.sqlite3
|
|
32
|
+
*.sqlite3-journal
|
|
33
|
+
|
|
34
|
+
# FRONTEND & NODE
|
|
35
|
+
node_modules/
|
|
36
|
+
tailwindcss
|
|
37
|
+
|
|
38
|
+
# OS & EDITOR FILES
|
|
39
|
+
.DS_Store
|
|
40
|
+
Thumbs.db
|
|
41
|
+
.vscode/
|
|
42
|
+
.idea/
|
|
43
|
+
*.swp
|
|
44
|
+
*~
|
|
45
|
+
*.bak
|
|
46
|
+
.~lock.*
|
|
47
|
+
|
|
48
|
+
# PROJECT-SPECIFIC SCRIPTS & DRAFTS
|
|
49
|
+
get_ids.py
|
|
50
|
+
get_shop.py
|
|
51
|
+
histogram_matcher.py
|
|
52
|
+
archive/
|
|
53
|
+
*.odt
|
|
54
|
+
|
|
55
|
+
# GITGALAXY HEAVY DATA
|
|
56
|
+
data/
|
|
57
|
+
museum/
|
|
58
|
+
museum_2/
|
|
59
|
+
*.json
|
|
60
|
+
*_llm.md
|
|
61
|
+
venvs/
|
|
62
|
+
|
|
63
|
+
# Local data mounts
|
|
64
|
+
data/
|
|
65
|
+
museum/
|
|
66
|
+
docs_build/
|
|
67
|
+
updated_results/
|
|
68
|
+
utilities/
|
|
69
|
+
# Ignore local data symlinks
|
|
70
|
+
site/museum/
|
|
71
|
+
museum/
|
|
72
|
+
updated_results_expanded_story/
|
|
73
|
+
updated_results_2/
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
# Contributing to GitGalaxy
|
|
2
|
+
|
|
3
|
+
First off, thank you for considering contributing to GitGalaxy! The blAST engine is essentially a tunable scientific instrument, and calibrating it across the vast ecosystem of open-source software requires a community effort.
|
|
4
|
+
|
|
5
|
+
Whether you are reporting a taxonomic discrepancy, refining the parsing engine, or expanding the documentation, your input helps map the structural DNA of software more accurately.
|
|
6
|
+
|
|
7
|
+
## 🧬 The blAST Philosophy
|
|
8
|
+
|
|
9
|
+
Before diving in, please remember that GitGalaxy treats code as a living organism. The blAST engine evaluates structural logic and behavioral genetic markers, not just rigid syntax.
|
|
10
|
+
|
|
11
|
+
Sometimes, what appears to be a traditional parsing error might actually be blAST intentionally flagging a structural anomaly or a dense risk exposure. Please keep this in mind when reporting issues or proposing changes to the sequencing algorithms.
|
|
12
|
+
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
## 🔬 The Differential Scan (How We Review Pull Requests)
|
|
16
|
+
|
|
17
|
+
We do not merge structural backend changes based solely on subjective code review. GitGalaxy operates at hyper-scale, and every change to the parsing logic has cascading effects.
|
|
18
|
+
|
|
19
|
+
When you submit a Pull Request that alters the blAST engine, your candidate changes will be subjected to a **Full Differential Scan**.
|
|
20
|
+
|
|
21
|
+
* **The Control + Variable Test:** We run your branch against our calibrated baseline of ~80 massive open-source repositories, **plus** the specific repository your PR is designed to address.
|
|
22
|
+
* **Before and After:** We perform a strict comparison of the engine's output before and after your rule update across this entire dataset (80 + 1). This ensures your addition resolves the target discrepancy without degrading the established baseline.
|
|
23
|
+
* **The Metrics:** The output is assessed strictly on four vectors: **Accuracy, Speed, Utility, and Ethos.**
|
|
24
|
+
* Only changes that are mathematically and practically *measurably better* across the broader ecosystem will be incorporated.
|
|
25
|
+
|
|
26
|
+
---
|
|
27
|
+
|
|
28
|
+
## 🛠️ Submitting Pull Requests
|
|
29
|
+
|
|
30
|
+
To ensure your contribution integrates smoothly into the blAST ecosystem:
|
|
31
|
+
|
|
32
|
+
1. **Fork and Branch:** Create a feature branch from `main` (`git checkout -b feature/your-feature-name`).
|
|
33
|
+
2. **Maintain the Contract:** Ensure that any backend changes to the CLI do not break the universal JSON contract expected by the frontend Observatory.
|
|
34
|
+
3. **Test Visually:** Run your newly generated `_galaxy.json` through either **[GitGalaxy.io](https://gitgalaxy.io)** or your local **Airgap Observatory** to verify that visual rendering and flexbox constraints remain intact. Whichever is more convenient for you is fine.
|
|
35
|
+
4. **Document:** If you are adding new language phenotypes or altering the parsing logic, please update the Taxonomical Equivalence Map in the wiki.
|
|
36
|
+
5. **Submit:** Open a PR with a clear title. Explain the *why* behind your structural changes, not just the *what*. Be sure to include the link to the target repository so we can include it in the Differential Scan.
|
|
37
|
+
|
|
38
|
+
---
|
|
39
|
+
|
|
40
|
+
## 🐛 Reporting Discrepancies
|
|
41
|
+
|
|
42
|
+
If the galaxyscope misidentifies a repository's structure or fails to parse a specific file phenotype, please use our **[Parsing Discrepancy Form](https://github.com/squid-protocol/gitgalaxy/issues/new/choose)**.
|
|
43
|
+
|
|
44
|
+
To help us reproduce the issue with quantitative precision, you will be asked to provide:
|
|
45
|
+
* A direct link to the public repository being scanned.
|
|
46
|
+
* The Observatory viewer you were using (GitGalaxy.io or Airgap Observatory).
|
|
47
|
+
* A clear description of the expected vs. actual output.
|
|
48
|
+
* The contents of your custom `standards.py` file (if applicable).
|
|
49
|
+
* Contact information for follow-up questions.
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
## 🛡️ Security Vulnerabilities
|
|
54
|
+
|
|
55
|
+
If you discover a vulnerability within GitGalaxy itself (e.g., a way to bypass the local sandbox or an issue in the Airgap Observatory), **do not open a public issue.** Please reach out directly via the contact portal at [GitGalaxy.io](https://gitgalaxy.io) so the vulnerability can be patched securely before public disclosure.
|
|
56
|
+
|
|
57
|
+
---
|
|
58
|
+
|
|
59
|
+
## 📜 Licensing Reminder
|
|
60
|
+
|
|
61
|
+
GitGalaxy is released under the **PolyForm Noncommercial License 1.0.0**. By contributing to this repository, you agree that your contributions will be licensed under these same terms.
|
|
62
|
+
|
|
63
|
+
*Note: This tool is free for research, education, testing, and hobby projects. Any commercial use or integration into commercial SaaS products or corporate CI/CD pipelines requires a separate commercial license.*
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: gitgalaxy
|
|
3
|
-
Version: 2.0.
|
|
4
|
-
Summary: An AST-free, zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
5
|
-
Author:
|
|
3
|
+
Version: 2.0.7
|
|
4
|
+
Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
5
|
+
Author: Joe Esquibel
|
|
6
6
|
Project-URL: Homepage, https://gitgalaxy.io
|
|
7
7
|
Project-URL: Documentation, https://squid-protocol.github.io/gitgalaxy/
|
|
8
8
|
Project-URL: Source, https://github.com/squid-protocol/gitgalaxy
|
|
@@ -16,7 +16,7 @@ Classifier: Topic :: Software Development :: Quality Assurance
|
|
|
16
16
|
Classifier: Topic :: Scientific/Engineering :: Visualization
|
|
17
17
|
Classifier: Intended Audience :: Developers
|
|
18
18
|
Classifier: Intended Audience :: Information Technology
|
|
19
|
-
Requires-Python: >=3.
|
|
19
|
+
Requires-Python: >=3.9
|
|
20
20
|
Description-Content-Type: text/markdown
|
|
21
21
|
License-File: LICENSE
|
|
22
22
|
Dynamic: license-file
|
|
@@ -38,32 +38,36 @@ Dynamic: license-file
|
|
|
38
38
|
[](https://pypi.org/project/gitgalaxy/)
|
|
39
39
|
[](#)
|
|
40
40
|
|
|
41
|
-
### **
|
|
41
|
+
### **AST-Free Static Analysis & Knowledge Graph Engine**
|
|
42
42
|
|
|
43
|
-
The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
|
|
43
|
+
The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
|
|
44
44
|
|
|
45
|
-
|
|
45
|
+
### Scanning Apollo-11 with the blAST Engine
|
|
46
46
|
|
|
47
|
-
|
|
47
|
+

|
|
48
|
+
|
|
49
|
+
By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
|
|
50
|
+
|
|
51
|
+
The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
|
|
48
52
|
|
|
49
53
|
Every assumption our system makes has been abstracted into over 300 tunable variables. Think of GitGalaxy as a highly calibrated telescope. You can query the number of active API network nodes, isolate unique external imports, or highlight functions exhibiting extreme cognitive load—all adjusted via custom whitelists and blacklists to eliminate false-positive fatigue. Field-tested on over 1,000 repositories spanning 50+ languages and 250+ extensions, the engine comes equipped with smart defaults ready for immediate deployment.
|
|
50
54
|
|
|
51
|
-
**Core Technology**
|
|
55
|
+
**Core Codebase Mapping Technology**
|
|
52
56
|
* Bypasses LLMs and rigid ASTs.
|
|
53
57
|
* Doesn't require code to compile (AST-free).
|
|
54
58
|
* Produces full function-to-function call chains.
|
|
55
59
|
* Deterministically maps code by 60+ keyword regex profiles (Structural markers, I/O intents, state mutations).
|
|
56
|
-
* Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
|
|
60
|
+
* Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
|
|
57
61
|
* Eliminates LLM architectural hallucinations and context window limits.
|
|
58
62
|
* Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](gitgalaxy/standards/HOW_TO_ADD_LANGUAGE.md))**
|
|
59
63
|
|
|
60
|
-
**
|
|
64
|
+
**Enterprise Scale & Performance Metrics**
|
|
61
65
|
* 100,000 LOC/sec code analysis.
|
|
62
66
|
* 0.07 GB/sec raw log ingestion.
|
|
63
67
|
* Full-system scans in minutes without data sampling.
|
|
64
68
|
* 100% daily system coverage.
|
|
65
69
|
|
|
66
|
-
**
|
|
70
|
+
**Methodology & Comparative Benchmarks**
|
|
67
71
|
GitGalaxy is backed by an academic-grade thesis detailing the equations powering the blAST engine.
|
|
68
72
|
|
|
69
73
|
* **[Optimum Search Strategies Evolve](https://squid-protocol.github.io/gitgalaxy/03-01-claim-1-search-strategies/):** AST-free mapping. Outperforms rigid parsers and LLM context windows.
|
|
@@ -71,15 +75,14 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
|
|
|
71
75
|
* **[All languages have keywords that roughly do the same thing, these can be grouped to make cross-language keyword maps](https://squid-protocol.github.io/gitgalaxy/03-03-claim-3-taxonomy-map/):** Standardizes 50+ languages into a single universal physical framework.
|
|
72
76
|
* **[Cross-Language Comparisons of over 1000 repos](https://squid-protocol.github.io/gitgalaxy/03-04-claim-4-comparing-languages/):** Deterministic 1:1 benchmarking of distinct syntax architectures.
|
|
73
77
|
* **[Universal File Archetypes by k-means clustering](https://squid-protocol.github.io/gitgalaxy/03-05-claim-5-file-archetypes/):** ML isolation of files into K-means clusters (e.g., "The God Nodes," "Declarative Glue").
|
|
74
|
-
* **[
|
|
75
|
-
* **Mainframe Proven:** Successful from-scratch translation of legacy COBOL monoliths to compiling Spring Boot architectures.
|
|
78
|
+
* **[Mainframe Proven: 100% CI/CD Translation Success Rate](https://github.com/squid-protocol/gitgalaxy/tree/main/examples/ibm_cics_translation):** Flawless architectural translation of 27 distinct legacy COBOL repositories (including IBM CICS benchmark apps) into compiling Java Spring Boot environments.
|
|
76
79
|
|
|
77
|
-
**
|
|
80
|
+
**Data Privacy & On-Premise Deployment**
|
|
78
81
|
* 100% air-gapped execution.
|
|
79
82
|
* On-premise deployment with zero IP exfiltration risk.
|
|
80
83
|
* Zero-trust processing model.
|
|
81
84
|
|
|
82
|
-
**
|
|
85
|
+
**Installation & Usage**
|
|
83
86
|
* Python-based: `pip install gitgalaxy`
|
|
84
87
|
* CLI execution
|
|
85
88
|
* Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
|
|
@@ -88,7 +91,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
|
|
|
88
91
|
|
|
89
92
|
---
|
|
90
93
|
|
|
91
|
-
## Quickstart
|
|
94
|
+
## Quickstart Guide
|
|
92
95
|
|
|
93
96
|
### 1. Install
|
|
94
97
|
|
|
@@ -105,41 +108,74 @@ Point the GalaxyScope at any local repository or ZIP archive. The engine runs en
|
|
|
105
108
|
galaxyscope /path/to/your/local/repo
|
|
106
109
|
```
|
|
107
110
|
|
|
111
|
+
### 3. GitHub Actions CI/CD Integration
|
|
112
|
+
|
|
113
|
+
GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
|
|
114
|
+
|
|
115
|
+
Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
|
|
116
|
+
|
|
117
|
+
```yaml
|
|
118
|
+
name: GitGalaxy Security Audit
|
|
119
|
+
|
|
120
|
+
on:
|
|
121
|
+
pull_request:
|
|
122
|
+
branches: [ "main" ]
|
|
123
|
+
|
|
124
|
+
jobs:
|
|
125
|
+
gitgalaxy-scan:
|
|
126
|
+
runs-on: ubuntu-latest
|
|
127
|
+
steps:
|
|
128
|
+
- name: Checkout Repository
|
|
129
|
+
uses: actions/checkout@v4
|
|
130
|
+
|
|
131
|
+
- name: Run GitGalaxy Supply Chain Firewall
|
|
132
|
+
uses: squid-protocol/gitgalaxy@main
|
|
133
|
+
with:
|
|
134
|
+
tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
|
|
135
|
+
target: '.'
|
|
136
|
+
```
|
|
137
|
+
|
|
108
138
|
---
|
|
109
139
|
|
|
110
|
-
### [
|
|
140
|
+
### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
|
|
111
141
|
The central blAST engine. It bypasses rigid ASTs using mathematical heuristics to map O(N) multi-dimensional relationships across 50+ languages, managing signal processing, spatial layout, and high-speed SQLite telemetry recording.
|
|
112
142
|
|
|
113
143
|
|
|
114
144
|
|
|
115
|
-
##
|
|
145
|
+
## Enterprise Codebase Tools & Use Cases
|
|
116
146
|
|
|
117
|
-
GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations.
|
|
147
|
+
GitGalaxy operates on a modular Hub-and-Spoke architecture. While the core engine provides the overarching physics and cartography, our specialized toolsets leverage that deterministic graph to execute enterprise-grade operations.
|
|
118
148
|
|
|
119
|
-
### [Legacy
|
|
149
|
+
### [Automated Legacy Migration: COBOL to Java Spring Boot](gitgalaxy/tools/cobol_to_java/)
|
|
120
150
|
A deterministic, high-fidelity translation pipeline. It converts legacy COBOL into fully compiling, modern Spring Boot architectures, mapping memory exactly and scaffolding JPA entities, REST controllers, and Maven builds before utilizing AI to translate isolated business logic.
|
|
151
|
+
* **Proven Metric:** Achieved a perfect 27/27 Maven compile success rate across a batch test of distinct legacy repos.
|
|
152
|
+
* **Verify for Yourself:** [Inspect the raw outputs of the IBM CICS Application Translation here.](examples/ibm_cics_translation/)
|
|
121
153
|
|
|
122
|
-
|
|
154
|
+

|
|
155
|
+
|
|
156
|
+
### [Mainframe Refactoring: COBOL & JCL Optimization](gitgalaxy/tools/cobol_to_cobol/)
|
|
123
157
|
A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutralizes legacy lexical traps, extracts dead "Graveyard" memory, maps topological DAG execution orders, and generates Zero-Trust JCL configurations for modern cloud deployments.
|
|
158
|
+
* **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
|
|
124
159
|
|
|
125
|
-
### [Supply Chain Security](gitgalaxy/tools/supply_chain_security/)
|
|
160
|
+
### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
|
|
126
161
|
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
|
|
127
162
|
|
|
128
|
-
### [
|
|
163
|
+
### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
|
|
164
|
+
A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
|
|
165
|
+
* **Proven Metric:** Successfully mapped and mathematically verified the physical internals of 170 unique Go modules inside the local Kubernetes repository.
|
|
166
|
+
|
|
167
|
+
### [API Security & Shadow API Detection](gitgalaxy/tools/network_auditing/)
|
|
129
168
|
A deterministic mapping tool that hunts undocumented vulnerabilities. It uses structural regex to find active physical routing logic (Express, Spring Boot, FastAPI) and applies set theory against official OpenAPI/Swagger documentation to isolate critical Shadow APIs and outdated Ghost APIs.
|
|
130
169
|
|
|
131
|
-
### [
|
|
170
|
+
### [High-Speed PII Detection & Log Analysis](gitgalaxy/tools/terabyte_log_scanning/)
|
|
132
171
|
Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive database dumps to deterministically hunt and mask PII (Credit Cards, SSNs, AWS Keys) and uses static architecture maps to prove exact runtime execution frequencies with ASCII time-series histograms.
|
|
133
172
|
|
|
134
|
-
### [
|
|
135
|
-
A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
|
|
136
|
-
|
|
137
|
-
### [AI Guardrails](gitgalaxy/tools/ai_guardrails/)
|
|
173
|
+
### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
|
|
138
174
|
Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
|
|
139
175
|
|
|
140
|
-
##
|
|
176
|
+
## Local Browser-Based 3D Codebase Visualization
|
|
141
177
|
|
|
142
|
-
If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
|
|
178
|
+
If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
|
|
143
179
|
|
|
144
180
|
Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
|
|
145
181
|
|
|
@@ -147,7 +183,7 @@ Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip
|
|
|
147
183
|
|
|
148
184
|

|
|
149
185
|
|
|
150
|
-
## Zero-Trust
|
|
186
|
+
## Zero-Trust Data Security
|
|
151
187
|
|
|
152
188
|
Your code never leaves your machine. GitGalaxy performs 100% of its scanning and vectorization locally.
|
|
153
189
|
|