gitgalaxy 2.0.5__tar.gz → 2.0.8__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (123) hide show
  1. gitgalaxy-2.0.8/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +50 -0
  2. gitgalaxy-2.0.8/.github/dependabot.yml +19 -0
  3. gitgalaxy-2.0.8/.github/pull_request_template.md +9 -0
  4. gitgalaxy-2.0.8/.github/workflows/codeql.yml +40 -0
  5. gitgalaxy-2.0.8/.github/workflows/deploy-docs.yml +37 -0
  6. gitgalaxy-2.0.8/.github/workflows/publish.yml +40 -0
  7. gitgalaxy-2.0.8/.github/workflows/smoke-test.yml +66 -0
  8. gitgalaxy-2.0.8/.gitignore +73 -0
  9. gitgalaxy-2.0.8/CONTRIBUTING.md +63 -0
  10. {gitgalaxy-2.0.5/gitgalaxy.egg-info → gitgalaxy-2.0.8}/PKG-INFO +29 -2
  11. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/README.md +27 -0
  12. gitgalaxy-2.0.8/action.yml +61 -0
  13. gitgalaxy-2.0.8/gitgalaxy/README.md +72 -0
  14. gitgalaxy-2.0.8/gitgalaxy/core/README.md +44 -0
  15. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/detector.py +27 -0
  16. gitgalaxy-2.0.8/gitgalaxy/physics/README.md +36 -0
  17. gitgalaxy-2.0.8/gitgalaxy/recorders/README.md +38 -0
  18. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/record_keeper.py +4 -0
  19. gitgalaxy-2.0.8/gitgalaxy/security/README.md +32 -0
  20. gitgalaxy-2.0.8/gitgalaxy/standards/README.md +55 -0
  21. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/analysis_lens.py +4 -4
  22. gitgalaxy-2.0.8/gitgalaxy/standards/how_to_add_a_language.md +199 -0
  23. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/language_standards.py +19 -12
  24. gitgalaxy-2.0.8/gitgalaxy/tools/README.md +63 -0
  25. gitgalaxy-2.0.8/gitgalaxy/tools/ai_guardrails/README.md +81 -0
  26. gitgalaxy-2.0.8/gitgalaxy/tools/cobol_to_cobol/README.md +172 -0
  27. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +60 -4
  28. gitgalaxy-2.0.8/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +185 -0
  29. gitgalaxy-2.0.8/gitgalaxy/tools/cobol_to_java/README.md +107 -0
  30. gitgalaxy-2.0.8/gitgalaxy/tools/compliance/README.md +115 -0
  31. gitgalaxy-2.0.8/gitgalaxy/tools/network_auditing/README.md +119 -0
  32. gitgalaxy-2.0.8/gitgalaxy/tools/supply_chain_security/README.md +163 -0
  33. gitgalaxy-2.0.8/gitgalaxy/tools/terabyte_log_scanning/README.md +116 -0
  34. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8/gitgalaxy.egg-info}/PKG-INFO +29 -2
  35. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/SOURCES.txt +54 -1
  36. gitgalaxy-2.0.8/mkdocs.yml +180 -0
  37. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/pyproject.toml +7 -3
  38. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/.gitattributes +14 -0
  39. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/.gitignore +3 -0
  40. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/LICENSE +201 -0
  41. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/Makefile +30 -0
  42. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/README.md +66 -0
  43. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +842 -0
  44. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +1999 -0
  45. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +200 -0
  46. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +29 -0
  47. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +96 -0
  48. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +427 -0
  49. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +596 -0
  50. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/config.py +1 -0
  51. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/convert_em.F +167 -0
  52. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +138 -0
  53. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +37 -0
  54. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +27 -0
  55. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/iwubi.py +585 -0
  56. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +3 -0
  57. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +30 -0
  58. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/logconfig.py +30 -0
  59. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +25 -0
  60. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +65113 -0
  61. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
  62. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
  63. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
  64. gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
  65. gitgalaxy-2.0.5/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -119
  66. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/LICENSE +0 -0
  67. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/MANIFEST.in +0 -0
  68. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/__init__.py +0 -0
  69. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/cobol_refractor_controller.py +0 -0
  70. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/cobol_to_java_controller.py +0 -0
  71. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/__init__.py +0 -0
  72. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/aperture.py +0 -0
  73. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/guidestar_lens.py +0 -0
  74. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/network_risk_sensor.py +0 -0
  75. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/prism.py +0 -0
  76. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/state_rehydrator.py +0 -0
  77. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/galaxyscope.py +0 -0
  78. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/__init__.py +0 -0
  79. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/chronometer.py +0 -0
  80. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/neural_auditor.py +0 -0
  81. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/signal_processor.py +0 -0
  82. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/spectral_auditor.py +0 -0
  83. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/__init__.py +0 -0
  84. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/audit_recorder.py +0 -0
  85. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/gpu_recorder.py +0 -0
  86. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/llm_recorder.py +0 -0
  87. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/security/__init__.py +0 -0
  88. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/security/security_auditor.py +0 -0
  89. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/security/security_lens.py +0 -0
  90. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/__init__.py +0 -0
  91. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/gitgalaxy_config.py +0 -0
  92. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/language_lens.py +0 -0
  93. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/__init__.py +0 -0
  94. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
  95. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
  96. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
  97. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
  98. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
  99. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
  100. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
  101. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
  102. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
  103. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
  104. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
  105. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
  106. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
  107. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
  108. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +0 -0
  109. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
  110. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
  111. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
  112. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/compliance/sbom_generator.py +0 -0
  113. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/network_auditing/full_api_network_map.py +0 -0
  114. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
  115. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +0 -0
  116. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
  117. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +0 -0
  118. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +0 -0
  119. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/dependency_links.txt +0 -0
  120. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/entry_points.txt +0 -0
  121. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/top_level.txt +0 -0
  122. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/setup.cfg +0 -0
  123. {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/tests/test_galaxyscope.py +0 -0
@@ -0,0 +1,50 @@
1
+ name: 🐛 Report a Parsing/blAST Discrepancy
2
+ description: Report an issue where the blAST engine misidentified or failed to parse a repository structure.
3
+ title: "[Bug]: "
4
+ labels: ["bug", "triage"]
5
+ body:
6
+ - type: markdown
7
+ attributes:
8
+ value: |
9
+ Thanks for taking the time to report a discrepancy! Please provide the context we need to reproduce the issue.
10
+ - type: input
11
+ id: repo_link
12
+ attributes:
13
+ label: Repository Link
14
+ description: Provide a link to the public repository you were scanning (e.g., GitHub, GitLab URL).
15
+ placeholder: https://github.com/torvalds/linux
16
+ validations:
17
+ required: true
18
+ - type: dropdown
19
+ id: viewer_used
20
+ attributes:
21
+ label: Which Observatory viewer were you using?
22
+ description: Help us identify if this is a backend parsing issue or a frontend visual constraint.
23
+ options:
24
+ - GitGalaxy.io (Web Viewer)
25
+ - Airgap Observatory (Local Server)
26
+ - CLI Only (Did not use a visualizer)
27
+ validations:
28
+ required: true
29
+ - type: textarea
30
+ id: description
31
+ attributes:
32
+ label: Description of the Discrepancy
33
+ description: What did GitGalaxy report, and what should it have been? (e.g., "Flagged X files as Python, but they are actually Cython.")
34
+ validations:
35
+ required: true
36
+ - type: textarea
37
+ id: custom_standards
38
+ attributes:
39
+ label: Custom standards.py (If Applicable)
40
+ description: If you are using a custom `standards.py`, please paste its contents here, or drag and drop the file into this box.
41
+ render: python
42
+ validations:
43
+ required: false
44
+ - type: input
45
+ id: contact
46
+ attributes:
47
+ label: Contact Info
48
+ description: An email or Discord handle where we can reach you if we have questions about this specific codebase.
49
+ validations:
50
+ required: false
@@ -0,0 +1,19 @@
1
+ version: 2
2
+ updates:
3
+ # 1. Keep GitHub Actions up to date
4
+ - package-ecosystem: "github-actions"
5
+ directory: "/"
6
+ schedule:
7
+ interval: "weekly"
8
+ labels:
9
+ - "security"
10
+ - "github-actions"
11
+
12
+ # 2. Keep Python dependencies up to date
13
+ - package-ecosystem: "pip"
14
+ directory: "/"
15
+ schedule:
16
+ interval: "weekly"
17
+ labels:
18
+ - "security"
19
+ - "python"
@@ -0,0 +1,9 @@
1
+ ### Description of Structural Changes
2
+ ### Visual Observatory Testing
3
+ - [ ] I tested the output JSON on **GitGalaxy.io** OR the **Airgap Observatory**.
4
+ - [ ] Flexbox constraints, HUD elements, and 3D rendering remain intact.
5
+
6
+ ### The Differential Scan Acknowledgement
7
+ - [ ] I understand that my PR will be subjected to a Full Differential Scan.
8
+ - [ ] I have provided the link to the specific repository this PR addresses so it can be tested alongside the 80-repo calibrated baseline.
9
+ - [ ] I believe these changes will measurably improve the engine's Accuracy, Speed, Utility, or Ethos without causing regressions.
@@ -0,0 +1,40 @@
1
+ name: "CodeQL Security Scan"
2
+
3
+ on:
4
+ push:
5
+ branches: [ "main" ]
6
+ pull_request:
7
+ branches: [ "main" ]
8
+ schedule:
9
+ - cron: '0 12 * * 1' # Runs every Monday at 12:00 UTC
10
+
11
+ jobs:
12
+ analyze:
13
+ name: Analyze
14
+ runs-on: ubuntu-latest
15
+ permissions:
16
+ actions: read
17
+ contents: read
18
+ security-events: write
19
+
20
+ strategy:
21
+ fail-fast: false
22
+ matrix:
23
+ language: [ 'python' ]
24
+
25
+ steps:
26
+ - name: Checkout repository
27
+ uses: actions/checkout@v4
28
+
29
+ - name: Initialize CodeQL
30
+ uses: github/codeql-action/init@v3
31
+ with:
32
+ languages: ${{ matrix.language }}
33
+ # If you have specific queries you want to run, you can specify them here.
34
+ # "security-extended" adds deeper vulnerability hunting.
35
+ queries: security-extended,security-and-quality
36
+
37
+ - name: Perform CodeQL Analysis
38
+ uses: github/codeql-action/analyze@v3
39
+ with:
40
+ category: "/language:${{matrix.language}}"
@@ -0,0 +1,37 @@
1
+ name: Deploy Museum of Code Docs
2
+
3
+ on:
4
+ push:
5
+ branches:
6
+ - main # Triggers the action when you push to the main branch
7
+ workflow_dispatch: # Allows you to manually trigger the build from the GitHub UI
8
+
9
+ # Grants the action permission to push the built site to the gh-pages branch
10
+ permissions:
11
+ contents: write
12
+
13
+ jobs:
14
+ deploy:
15
+ runs-on: ubuntu-latest
16
+ steps:
17
+ - name: Checkout Repository
18
+ uses: actions/checkout@v4
19
+ with:
20
+ fetch-depth: 0 # Required for git info/history (like last updated timestamps)
21
+
22
+ - name: Configure Git Credentials
23
+ run: |
24
+ git config user.name github-actions[bot]
25
+ git config user.email 41898282+github-actions[bot]@users.noreply.github.com
26
+
27
+ - name: Set up Python
28
+ uses: actions/setup-python@v5
29
+ with:
30
+ python-version: 3.x
31
+
32
+ - name: Install Dependencies
33
+ # Installs Material theme and the PyMdown extensions required by your mkdocs.yml
34
+ run: pip install mkdocs-material pymdown-extensions
35
+
36
+ - name: Build and Deploy Docs
37
+ run: mkdocs gh-deploy --force
@@ -0,0 +1,40 @@
1
+ name: Publish to PyPI
2
+
3
+ on:
4
+ release:
5
+ types: [published]
6
+
7
+ jobs:
8
+ pypi-publish:
9
+ name: Build and Publish to PyPI
10
+ runs-on: ubuntu-latest
11
+
12
+ # This matches the environment name you set in PyPI
13
+ environment:
14
+ name: pypi
15
+ url: https://pypi.org/p/gitgalaxy
16
+
17
+ # This specific permission is REQUIRED for Trusted Publishing
18
+ permissions:
19
+ id-token: write
20
+ contents: read
21
+
22
+ steps:
23
+ - name: Checkout repository
24
+ uses: actions/checkout@v4
25
+ with:
26
+ fetch-depth: 0 # <--- ADD THIS so it downloads your Git tags!
27
+
28
+ - name: Set up Python
29
+ uses: actions/setup-python@v5
30
+ with:
31
+ python-version: "3.10"
32
+
33
+ - name: Install build tools
34
+ run: python -m pip install --upgrade pip build
35
+
36
+ - name: Build the wheel and source distribution
37
+ run: python -m build
38
+
39
+ - name: Publish package to PyPI
40
+ uses: pypa/gh-action-pypi-publish@release/v1
@@ -0,0 +1,66 @@
1
+ name: GitGalaxy Smoke Tests
2
+
3
+ on:
4
+ push:
5
+ branches: [ "main" ]
6
+ pull_request:
7
+ branches: [ "main" ]
8
+
9
+ jobs:
10
+ smoke-test:
11
+ runs-on: ${{ matrix.os }}
12
+ env:
13
+ PYTHONUTF8: "1" # <--- FIX 1: Forces Windows to render emojis without crashing
14
+ strategy:
15
+ fail-fast: false
16
+ matrix:
17
+ os: [ubuntu-latest, windows-latest, macos-latest]
18
+ python-version: ["3.9", "3.10", "3.11", "3.12"]
19
+
20
+ steps:
21
+ - name: Check out repository code
22
+ uses: actions/checkout@v6
23
+
24
+ - name: Set up Python ${{ matrix.python-version }}
25
+ uses: actions/setup-python@v6
26
+ with:
27
+ python-version: ${{ matrix.python-version }}
28
+
29
+ - name: Install macOS dependencies (OpenMP for XGBoost)
30
+ if: runner.os == 'macOS'
31
+ run: brew install libomp
32
+
33
+ - name: Install dependencies
34
+ shell: bash
35
+ run: |
36
+ python -m pip install --upgrade pip setuptools wheel
37
+ if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
38
+ pip install PyYAML networkx tiktoken pandas xgboost pytest flake8
39
+ pip install --no-build-isolation -e . # <--- FIX 2: Bypasses the pip build bubble
40
+
41
+ - name: Global Syntax Sweep (Flake8)
42
+ run: |
43
+ flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
44
+
45
+ - name: Smoke Test - Core Engine
46
+ # Using the -m flag is the safest way to run modules inside a package
47
+ run: python -m gitgalaxy.galaxyscope --help
48
+
49
+ - name: Smoke Test - Legacy Refractor Controller
50
+ run: python -m gitgalaxy.cobol_refractor_controller --help
51
+
52
+ - name: Smoke Test - Java Spring Forge Controller
53
+ run: python -m gitgalaxy.cobol_to_java_controller --help
54
+
55
+ - name: Smoke Test - SBOM Generator
56
+ run: python -m gitgalaxy.tools.compliance.sbom_generator --help
57
+
58
+ - name: Smoke Test - Supply Chain Firewall
59
+ run: python -m gitgalaxy.tools.supply_chain_security.supply_chain_firewall --help
60
+
61
+ - name: Smoke Test - API Network Map
62
+ run: python -m gitgalaxy.tools.network_auditing.full_api_network_map --help
63
+
64
+ - name: Golden Record Integration Test (Pytest)
65
+ run: |
66
+ pytest tests/ -v
@@ -0,0 +1,73 @@
1
+ # ==========================================
2
+ # SECURITY / SECRETS (CRITICAL)
3
+ .env
4
+ .env.*
5
+ *.pem
6
+ *.key
7
+
8
+ # PYTHON, FLASK & VIRTUAL ENVIRONMENTS
9
+ __pycache__/
10
+ *.py[cod]
11
+ *$py.class
12
+ *.so
13
+ venv/
14
+ env/
15
+ .venv/
16
+ flask_session/
17
+
18
+ # PYPI PACKAGING & BUILD ARTIFACTS
19
+ build/
20
+ dist/
21
+ *.egg-info/
22
+
23
+ # TESTING & LINTING (NEW)
24
+ .coverage
25
+ htmlcov/
26
+ .mypy_cache/
27
+
28
+ # LOGS & DATABASES
29
+ *.log
30
+ gitgalaxy_dropped_orders.log
31
+ *.sqlite3
32
+ *.sqlite3-journal
33
+
34
+ # FRONTEND & NODE
35
+ node_modules/
36
+ tailwindcss
37
+
38
+ # OS & EDITOR FILES
39
+ .DS_Store
40
+ Thumbs.db
41
+ .vscode/
42
+ .idea/
43
+ *.swp
44
+ *~
45
+ *.bak
46
+ .~lock.*
47
+
48
+ # PROJECT-SPECIFIC SCRIPTS & DRAFTS
49
+ get_ids.py
50
+ get_shop.py
51
+ histogram_matcher.py
52
+ archive/
53
+ *.odt
54
+
55
+ # GITGALAXY HEAVY DATA
56
+ data/
57
+ museum/
58
+ museum_2/
59
+ *.json
60
+ *_llm.md
61
+ venvs/
62
+
63
+ # Local data mounts
64
+ data/
65
+ museum/
66
+ docs_build/
67
+ updated_results/
68
+ utilities/
69
+ # Ignore local data symlinks
70
+ site/museum/
71
+ museum/
72
+ updated_results_expanded_story/
73
+ updated_results_2/
@@ -0,0 +1,63 @@
1
+ # Contributing to GitGalaxy
2
+
3
+ First off, thank you for considering contributing to GitGalaxy! The blAST engine is essentially a tunable scientific instrument, and calibrating it across the vast ecosystem of open-source software requires a community effort.
4
+
5
+ Whether you are reporting a taxonomic discrepancy, refining the parsing engine, or expanding the documentation, your input helps map the structural DNA of software more accurately.
6
+
7
+ ## 🧬 The blAST Philosophy
8
+
9
+ Before diving in, please remember that GitGalaxy treats code as a living organism. The blAST engine evaluates structural logic and behavioral genetic markers, not just rigid syntax.
10
+
11
+ Sometimes, what appears to be a traditional parsing error might actually be blAST intentionally flagging a structural anomaly or a dense risk exposure. Please keep this in mind when reporting issues or proposing changes to the sequencing algorithms.
12
+
13
+ ---
14
+
15
+ ## 🔬 The Differential Scan (How We Review Pull Requests)
16
+
17
+ We do not merge structural backend changes based solely on subjective code review. GitGalaxy operates at hyper-scale, and every change to the parsing logic has cascading effects.
18
+
19
+ When you submit a Pull Request that alters the blAST engine, your candidate changes will be subjected to a **Full Differential Scan**.
20
+
21
+ * **The Control + Variable Test:** We run your branch against our calibrated baseline of ~80 massive open-source repositories, **plus** the specific repository your PR is designed to address.
22
+ * **Before and After:** We perform a strict comparison of the engine's output before and after your rule update across this entire dataset (80 + 1). This ensures your addition resolves the target discrepancy without degrading the established baseline.
23
+ * **The Metrics:** The output is assessed strictly on four vectors: **Accuracy, Speed, Utility, and Ethos.**
24
+ * Only changes that are mathematically and practically *measurably better* across the broader ecosystem will be incorporated.
25
+
26
+ ---
27
+
28
+ ## 🛠️ Submitting Pull Requests
29
+
30
+ To ensure your contribution integrates smoothly into the blAST ecosystem:
31
+
32
+ 1. **Fork and Branch:** Create a feature branch from `main` (`git checkout -b feature/your-feature-name`).
33
+ 2. **Maintain the Contract:** Ensure that any backend changes to the CLI do not break the universal JSON contract expected by the frontend Observatory.
34
+ 3. **Test Visually:** Run your newly generated `_galaxy.json` through either **[GitGalaxy.io](https://gitgalaxy.io)** or your local **Airgap Observatory** to verify that visual rendering and flexbox constraints remain intact. Whichever is more convenient for you is fine.
35
+ 4. **Document:** If you are adding new language phenotypes or altering the parsing logic, please update the Taxonomical Equivalence Map in the wiki.
36
+ 5. **Submit:** Open a PR with a clear title. Explain the *why* behind your structural changes, not just the *what*. Be sure to include the link to the target repository so we can include it in the Differential Scan.
37
+
38
+ ---
39
+
40
+ ## 🐛 Reporting Discrepancies
41
+
42
+ If the galaxyscope misidentifies a repository's structure or fails to parse a specific file phenotype, please use our **[Parsing Discrepancy Form](https://github.com/squid-protocol/gitgalaxy/issues/new/choose)**.
43
+
44
+ To help us reproduce the issue with quantitative precision, you will be asked to provide:
45
+ * A direct link to the public repository being scanned.
46
+ * The Observatory viewer you were using (GitGalaxy.io or Airgap Observatory).
47
+ * A clear description of the expected vs. actual output.
48
+ * The contents of your custom `standards.py` file (if applicable).
49
+ * Contact information for follow-up questions.
50
+
51
+ ---
52
+
53
+ ## 🛡️ Security Vulnerabilities
54
+
55
+ If you discover a vulnerability within GitGalaxy itself (e.g., a way to bypass the local sandbox or an issue in the Airgap Observatory), **do not open a public issue.** Please reach out directly via the contact portal at [GitGalaxy.io](https://gitgalaxy.io) so the vulnerability can be patched securely before public disclosure.
56
+
57
+ ---
58
+
59
+ ## 📜 Licensing Reminder
60
+
61
+ GitGalaxy is released under the **PolyForm Noncommercial License 1.0.0**. By contributing to this repository, you agree that your contributions will be licensed under these same terms.
62
+
63
+ *Note: This tool is free for research, education, testing, and hobby projects. Any commercial use or integration into commercial SaaS products or corporate CI/CD pipelines requires a separate commercial license.*
@@ -1,7 +1,7 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: gitgalaxy
3
- Version: 2.0.5
4
- Summary: An AST-free, zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
3
+ Version: 2.0.8
4
+ Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
5
5
  Author: Joe Esquibel
6
6
  Project-URL: Homepage, https://gitgalaxy.io
7
7
  Project-URL: Documentation, https://squid-protocol.github.io/gitgalaxy/
@@ -108,6 +108,33 @@ Point the GalaxyScope at any local repository or ZIP archive. The engine runs en
108
108
  galaxyscope /path/to/your/local/repo
109
109
  ```
110
110
 
111
+ ### 3. GitHub Actions CI/CD Integration
112
+
113
+ GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
114
+
115
+ Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
116
+
117
+ ```yaml
118
+ name: GitGalaxy Security Audit
119
+
120
+ on:
121
+ pull_request:
122
+ branches: [ "main" ]
123
+
124
+ jobs:
125
+ gitgalaxy-scan:
126
+ runs-on: ubuntu-latest
127
+ steps:
128
+ - name: Checkout Repository
129
+ uses: actions/checkout@v4
130
+
131
+ - name: Run GitGalaxy Supply Chain Firewall
132
+ uses: squid-protocol/gitgalaxy@main
133
+ with:
134
+ tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
135
+ target: '.'
136
+ ```
137
+
111
138
  ---
112
139
 
113
140
  ### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
@@ -85,6 +85,33 @@ Point the GalaxyScope at any local repository or ZIP archive. The engine runs en
85
85
  galaxyscope /path/to/your/local/repo
86
86
  ```
87
87
 
88
+ ### 3. GitHub Actions CI/CD Integration
89
+
90
+ GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
91
+
92
+ Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
93
+
94
+ ```yaml
95
+ name: GitGalaxy Security Audit
96
+
97
+ on:
98
+ pull_request:
99
+ branches: [ "main" ]
100
+
101
+ jobs:
102
+ gitgalaxy-scan:
103
+ runs-on: ubuntu-latest
104
+ steps:
105
+ - name: Checkout Repository
106
+ uses: actions/checkout@v4
107
+
108
+ - name: Run GitGalaxy Supply Chain Firewall
109
+ uses: squid-protocol/gitgalaxy@main
110
+ with:
111
+ tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
112
+ target: '.'
113
+ ```
114
+
88
115
  ---
89
116
 
90
117
  ### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
@@ -0,0 +1,61 @@
1
+ name: 'GitGalaxy Scanner'
2
+ description: 'High-velocity, AST-free DevSecOps scanner for zero-trust CI/CD, SBOMs, secret detection, and supply chain security.'
3
+ branding:
4
+ icon: 'shield'
5
+ color: 'purple'
6
+
7
+ inputs:
8
+ tool:
9
+ description: >
10
+ The GitGalaxy command to execute.
11
+ Options: galaxyscope, blast, vault-sentinel, supply-chain-firewall, xray-inspector, zero-trust-sbom, pii-leak-hunter, terabyte-log-scanner, api-network-map.
12
+ required: true
13
+ default: 'galaxyscope'
14
+ target:
15
+ description: 'The directory or file path to scan.'
16
+ required: true
17
+ default: '.'
18
+ args:
19
+ description: 'Any additional CLI arguments to pass to the tool (e.g., --output json, --paranoid).'
20
+ required: false
21
+ default: ''
22
+ version:
23
+ description: 'The version of GitGalaxy to install from PyPI. Defaults to latest.'
24
+ required: false
25
+ default: 'latest'
26
+ full_precision:
27
+ description: 'Opt-in to install heavy physics engines (networkx, tiktoken, xgboost) for Blast Radius and ML Threat Inference.'
28
+ required: false
29
+ default: 'false'
30
+
31
+ runs:
32
+ using: "composite"
33
+ steps:
34
+ - name: Set up Python
35
+ uses: actions/setup-python@v5
36
+ with:
37
+ python-version: '3.10'
38
+
39
+ - name: Install GitGalaxy
40
+ shell: bash
41
+ run: |
42
+ if [ "${{ inputs.version }}" = "latest" ]; then
43
+ echo "Installing latest GitGalaxy from PyPI..."
44
+ pip install gitgalaxy
45
+ else
46
+ echo "Installing GitGalaxy version ${{ inputs.version }}..."
47
+ pip install gitgalaxy==${{ inputs.version }}
48
+ fi
49
+
50
+ if [ "${{ inputs.full_precision }}" = "true" ]; then
51
+ echo "Unlocking Full Precision Mode..."
52
+ pip install networkx tiktoken xgboost pandas numpy
53
+ else
54
+ echo "Running in ultra-fast Zero-Dependency Mode."
55
+ fi
56
+
57
+ - name: Execute GitGalaxy Tool
58
+ shell: bash
59
+ run: |
60
+ echo "Running: ${{ inputs.tool }} ${{ inputs.target }} ${{ inputs.args }}"
61
+ ${{ inputs.tool }} ${{ inputs.target }} ${{ inputs.args }}
@@ -0,0 +1,72 @@
1
+ # GitGalaxy: The Core Engine & GalaxyScope Orchestrator
2
+
3
+ [![Architecture](https://img.shields.io/badge/Architecture-blAST_Engine-00BFFF.svg)](#)
4
+ [![Velocity](https://img.shields.io/badge/Velocity-40k%2B_LOC%2Fsec-00C957.svg)](#)
5
+ [![CLI](https://img.shields.io/badge/Interface-GalaxyScope_CLI-8A2BE2.svg)](#)
6
+
7
+ Welcome to the internal source code for the **GitGalaxy Core Engine**.
8
+
9
+ This directory contains the central orchestrator—**GalaxyScope**—alongside the core physics, optical routing, and mathematical heuristics that power the entire system. If you are a developer looking to contribute, understand the pipeline, or run the primary CLI, here is your architectural map.
10
+
11
+ ### 🗺️ The Developer Map (How the Pipeline Flows)
12
+
13
+ When you trigger the `galaxyscope` command, the data flows through these five physical directories:
14
+
15
+ * **`/core/` (The Frontline):** The optical routing layer. Contains the [Aperture Filter](https://squid-protocol.github.io/gitgalaxy/02-03-aperture-filter/) and [The Prism](https://squid-protocol.github.io/gitgalaxy/02-07-the-prism/), which break down source code into structural signals, separating executable logic from ghost mass (comments) and inert binaries.
16
+ * **`/physics/` (The Math):** The heuristics engine. Contains the [Signal Processor](https://squid-protocol.github.io/gitgalaxy/02-09-signal-processing/) and [Neural Auditor](https://squid-protocol.github.io/gitgalaxy/02-19-neural-auditor/), which apply GitGalaxy mathematics to score O(N) complexity, topological blast radius, and state flux without using ASTs.
17
+ * **`/recorders/` (The Exporters):** The translation layer. Converts the internal state maps into highly relational [SQLite Databases](https://squid-protocol.github.io/gitgalaxy/02-21-record-keeper/), AI-agent JSON tickets, and the final 3D WebGPU payload.
18
+ * **`/security/` (The Sentinel):** The zero-trust validation layer. Contains the [Security Lens](https://squid-protocol.github.io/gitgalaxy/02-06-security-lens/) responsible for intercepting embedded malware, hardcoded secrets, and logic bombs on the fly.
19
+ * **`/tools/` (The Spokes):** The enterprise automation layer. Contains specialized controllers for CI/CD pipelines—like the [Supply Chain Firewall](https://squid-protocol.github.io/gitgalaxy/04-03-supply-chain-firewall/) and [PII Leak Hunter](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)—that consume the core engine's telemetry.
20
+
21
+ ---
22
+
23
+ ### ⚡ Performance Showcase: NVDA (NonVisual Desktop Access)
24
+
25
+ To demonstrate the GalaxyScope orchestrator's capability on complex, cross-language system architecture, we unleashed it on **NVDA**, the open-source Windows screen reader.
26
+
27
+ Because NVDA relies heavily on bridging Python application logic with low-level C++ system hooks, it requires advanced polyglot dependency mapping. The blAST engine successfully parsed the mixed-language architecture, analyzing **236,754 lines of code** in just **5.59 seconds** (a velocity of 42,357 LOC/sec).
28
+
29
+ Crucially, during the import resolution phase, the Air-Gapped Dependency Radar successfully intercepted a structural naming collision (`fstream` vs `sstream`), proving the real-time typosquatting defenses are fully operational without relying on cloud APIs.
30
+
31
+ > **Note on False Positives:** Because `fstream` and `sstream` are both standard C++ libraries, this specific flag is a false positive. To prevent the engine from halting on trusted internal libraries, contributors can whitelist them by adding them to the global `approved_imports.json` registry (see [GitGalaxy Config](https://squid-protocol.github.io/gitgalaxy/06-01-gitgalaxy-config/)).
32
+
33
+ ![NVDA Processing Demo](../../docs/wiki/assets/nvda_processing.gif)
34
+
35
+ ```text
36
+ [INFO] PASS_1.5: Running Air-Gapped Typosquatting & Dependency Confusion Radar...
37
+ [CRITICAL] 🚨 TYPOSQUATTING DETECTED: 'fstream' in nvdaHelper/vbufBase/storage.cpp closely matches anchor 'sstream'!
38
+ [WARNING] Intercepted 1 typosquatting attempts via repository baseline analysis.
39
+ ...
40
+ [INFO] --- MISSION_SUCCESS: 849 files mapped in 5.59s ---
41
+ [INFO] --- ENGINE_TELEMETRY: Processed 236,754 lines of code at 42,357 LOC/s ---
42
+ ```
43
+
44
+ ---
45
+
46
+ ### 🛠️ Local Development & GalaxyScope Execution
47
+
48
+ If you are modifying the internal physics or optical routing, it is highly recommended to install the package in editable mode so your CLI commands instantly reflect your local code changes.
49
+
50
+ From the **root directory** of the repository, run:
51
+ ```bash
52
+ pip install -e .
53
+ ```
54
+
55
+ Once installed, you can trigger the main orchestrator globally from your terminal. This command runs the full [Data Pipeline](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/) and outputs the final artifact.
56
+ ```bash
57
+ galaxyscope /path/to/test/repo --debug
58
+ ```
59
+
60
+ Before submitting a Pull Request, ensure your changes do not skew the core baseline risk equations by running the test suite:
61
+ ```bash
62
+ python3 -m unittest discover tests/
63
+ ```
64
+
65
+ ---
66
+ ### 🌌 Deep Dive into the Pipeline Architecture
67
+ To fully understand how GalaxyScope processes data, maps files, and applies risk exposures, explore the official documentation:
68
+
69
+ * 📖 **[GalaxyScope CLI Reference](https://squid-protocol.github.io/gitgalaxy/01-02-galaxyscope-cli-reference/)** (Flags, outputs, and behaviors)
70
+ * 📖 **[The Data Pipeline Overview](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/)** (Step-by-step breakdown of the runtime)
71
+ * 📖 **[Risk Exposures & Methodology](https://squid-protocol.github.io/gitgalaxy/08-01-methodology/)** (The math behind the heuristics)
72
+ * 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**
@@ -0,0 +1,44 @@
1
+ # GitGalaxy: Core Lexical Parsing & Topology Engine
2
+
3
+ [![Core](https://img.shields.io/badge/Core-Lexical_Parsing-00BFFF.svg)](#)
4
+ [![Velocity](https://img.shields.io/badge/Velocity-Zero_AST_Overhead-00C957.svg)](#)
5
+ [![Architecture](https://img.shields.io/badge/Architecture-Structural_Extraction-8A2BE2.svg)](#)
6
+
7
+ This directory contains the primary ingestion, lexical tokenization, and topological mapping layers for the **blAST Engine**.
8
+
9
+ These files form the core ingestion pipeline. They are responsible for reading raw source code from disk, filtering out irrelevant noise (like massive minified files or `.git` directories), slicing the code into measurable architectural components, and wiring the mathematical network graph.
10
+
11
+ > **⚠️ Configuration Warning:** Do not modify these core files to tune the engine's behavior. Almost all variables, thresholds, language regexes, and mathematical tuning parameters have been abstracted to the **[Standards Registry](../standards/README.md)**. If you need to tweak risk curves or add a language, do it there.
12
+
13
+ ### 🗺️ The Architecture
14
+
15
+ Each file in this core represents a discrete phase in the GitGalaxy ingestion pipeline. Read the official documentation links for deep dives into the underlying mathematics.
16
+
17
+ * **`aperture.py` (The Boundary Filter):** The primary perimeter gate. It enforces Zero-Trust ingestion rules, blocking steganography, minified blobs, and infrastructure directories before they consume system memory.
18
+ * 📖 **[Read the Aperture Filter Specs](https://squid-protocol.github.io/gitgalaxy/02-03-aperture-filter/)**
19
+
20
+ * **`guidestar_lens.py` (The Metadata Resolver):** The contextual intelligence module. It parses standard project manifests (`package.json`, `Cargo.toml`), resolves explicit linguistic overrides via `.gitattributes`, and hunts for evasion tactics (like force-includes) hidden in `.gitignore`.
21
+ * 📖 **[Read the GuideStar Protocol Specs](https://squid-protocol.github.io/gitgalaxy/02-04-guidestar-protocol/)**
22
+
23
+ * **`prism.py` (The Lexical Tokenizer):** The structural separator. It surgically separates human intent (documentation/comments) from structural execution logic across multiple syntax families, all while safely preserving complex string literals.
24
+ * 📖 **[Read the Prism Optics Specs](https://squid-protocol.github.io/gitgalaxy/02-07-the-prism/)**
25
+
26
+ * **`detector.py` (The Function Slicer & Spatial Engine):** The architectural extractor. It splices files into discrete functions, calculates Big-O algorithmic nesting depth, tracks recursive functions, and assigns exact 3D coordinates using deterministic fractal distribution algorithms.
27
+ * 📖 **[Read the Detector Mechanics](https://squid-protocol.github.io/gitgalaxy/02-08-the-detector/)**
28
+
29
+ * **`network_risk_sensor.py` (The Topology Mapper):** The mathematical routing layer. It wires the ingested files into a directed graph, executing PageRank mathematics to determine absolute Blast Radius, betweenness centrality, and ecosystem roles (Producer vs. Consumer).
30
+ * 📖 **[Read the Network Risk Sensor Specs](https://squid-protocol.github.io/gitgalaxy/02-16-network-risk-sensor/)**
31
+
32
+ * **`state_rehydrator.py` (The Cache Manager):** The incremental differential scanner. It extracts the previous temporal state from the SQLite database and rehydrates it directly into RAM, enabling ultra-fast differential delta scanning for CI/CD pipelines.
33
+ * 📖 **[Read the State Rehydrator Specs](https://squid-protocol.github.io/gitgalaxy/02-22-state-rehydrator/)**
34
+
35
+ <br><br>
36
+
37
+ ---
38
+
39
+ ### 🌌 Powered by the blAST Engine
40
+
41
+ This documentation is part of the [GitGalaxy Ecosystem](https://github.com/squid-protocol/gitgalaxy), an AST-free, LLM-free heuristic knowledge graph engine.
42
+
43
+ * 🪐 **[Explore the GitHub Repository](https://github.com/squid-protocol/gitgalaxy)** for code, tools, and updates.
44
+ * 🔭 **[Visualize your own repository at GitGalaxy.io](https://gitgalaxy.io/)** using our interactive 3D WebGPU dashboard.