gitgalaxy 2.0.5__tar.gz → 2.0.8__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- gitgalaxy-2.0.8/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +50 -0
- gitgalaxy-2.0.8/.github/dependabot.yml +19 -0
- gitgalaxy-2.0.8/.github/pull_request_template.md +9 -0
- gitgalaxy-2.0.8/.github/workflows/codeql.yml +40 -0
- gitgalaxy-2.0.8/.github/workflows/deploy-docs.yml +37 -0
- gitgalaxy-2.0.8/.github/workflows/publish.yml +40 -0
- gitgalaxy-2.0.8/.github/workflows/smoke-test.yml +66 -0
- gitgalaxy-2.0.8/.gitignore +73 -0
- gitgalaxy-2.0.8/CONTRIBUTING.md +63 -0
- {gitgalaxy-2.0.5/gitgalaxy.egg-info → gitgalaxy-2.0.8}/PKG-INFO +29 -2
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/README.md +27 -0
- gitgalaxy-2.0.8/action.yml +61 -0
- gitgalaxy-2.0.8/gitgalaxy/README.md +72 -0
- gitgalaxy-2.0.8/gitgalaxy/core/README.md +44 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/detector.py +27 -0
- gitgalaxy-2.0.8/gitgalaxy/physics/README.md +36 -0
- gitgalaxy-2.0.8/gitgalaxy/recorders/README.md +38 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/record_keeper.py +4 -0
- gitgalaxy-2.0.8/gitgalaxy/security/README.md +32 -0
- gitgalaxy-2.0.8/gitgalaxy/standards/README.md +55 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/analysis_lens.py +4 -4
- gitgalaxy-2.0.8/gitgalaxy/standards/how_to_add_a_language.md +199 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/language_standards.py +19 -12
- gitgalaxy-2.0.8/gitgalaxy/tools/README.md +63 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/ai_guardrails/README.md +81 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/cobol_to_cobol/README.md +172 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +60 -4
- gitgalaxy-2.0.8/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +185 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/cobol_to_java/README.md +107 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/compliance/README.md +115 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/network_auditing/README.md +119 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/supply_chain_security/README.md +163 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/terabyte_log_scanning/README.md +116 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8/gitgalaxy.egg-info}/PKG-INFO +29 -2
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/SOURCES.txt +54 -1
- gitgalaxy-2.0.8/mkdocs.yml +180 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/pyproject.toml +7 -3
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/.gitattributes +14 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/.gitignore +3 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/LICENSE +201 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/Makefile +30 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/README.md +66 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +842 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +1999 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +200 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +29 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +96 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +427 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +596 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/config.py +1 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/convert_em.F +167 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +138 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +37 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +27 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/iwubi.py +585 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +3 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +30 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/logconfig.py +30 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +25 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +65113 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
- gitgalaxy-2.0.8/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
- gitgalaxy-2.0.5/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -119
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/LICENSE +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/MANIFEST.in +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/cobol_refractor_controller.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/cobol_to_java_controller.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/aperture.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/guidestar_lens.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/network_risk_sensor.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/prism.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/core/state_rehydrator.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/galaxyscope.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/chronometer.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/neural_auditor.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/signal_processor.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/physics/spectral_auditor.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/audit_recorder.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/gpu_recorder.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/recorders/llm_recorder.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/security/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/security/security_auditor.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/security/security_lens.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/gitgalaxy_config.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/standards/language_lens.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/__init__.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/compliance/sbom_generator.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/network_auditing/full_api_network_map.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/dependency_links.txt +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/entry_points.txt +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/gitgalaxy.egg-info/top_level.txt +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/setup.cfg +0 -0
- {gitgalaxy-2.0.5 → gitgalaxy-2.0.8}/tests/test_galaxyscope.py +0 -0
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
name: 🐛 Report a Parsing/blAST Discrepancy
|
|
2
|
+
description: Report an issue where the blAST engine misidentified or failed to parse a repository structure.
|
|
3
|
+
title: "[Bug]: "
|
|
4
|
+
labels: ["bug", "triage"]
|
|
5
|
+
body:
|
|
6
|
+
- type: markdown
|
|
7
|
+
attributes:
|
|
8
|
+
value: |
|
|
9
|
+
Thanks for taking the time to report a discrepancy! Please provide the context we need to reproduce the issue.
|
|
10
|
+
- type: input
|
|
11
|
+
id: repo_link
|
|
12
|
+
attributes:
|
|
13
|
+
label: Repository Link
|
|
14
|
+
description: Provide a link to the public repository you were scanning (e.g., GitHub, GitLab URL).
|
|
15
|
+
placeholder: https://github.com/torvalds/linux
|
|
16
|
+
validations:
|
|
17
|
+
required: true
|
|
18
|
+
- type: dropdown
|
|
19
|
+
id: viewer_used
|
|
20
|
+
attributes:
|
|
21
|
+
label: Which Observatory viewer were you using?
|
|
22
|
+
description: Help us identify if this is a backend parsing issue or a frontend visual constraint.
|
|
23
|
+
options:
|
|
24
|
+
- GitGalaxy.io (Web Viewer)
|
|
25
|
+
- Airgap Observatory (Local Server)
|
|
26
|
+
- CLI Only (Did not use a visualizer)
|
|
27
|
+
validations:
|
|
28
|
+
required: true
|
|
29
|
+
- type: textarea
|
|
30
|
+
id: description
|
|
31
|
+
attributes:
|
|
32
|
+
label: Description of the Discrepancy
|
|
33
|
+
description: What did GitGalaxy report, and what should it have been? (e.g., "Flagged X files as Python, but they are actually Cython.")
|
|
34
|
+
validations:
|
|
35
|
+
required: true
|
|
36
|
+
- type: textarea
|
|
37
|
+
id: custom_standards
|
|
38
|
+
attributes:
|
|
39
|
+
label: Custom standards.py (If Applicable)
|
|
40
|
+
description: If you are using a custom `standards.py`, please paste its contents here, or drag and drop the file into this box.
|
|
41
|
+
render: python
|
|
42
|
+
validations:
|
|
43
|
+
required: false
|
|
44
|
+
- type: input
|
|
45
|
+
id: contact
|
|
46
|
+
attributes:
|
|
47
|
+
label: Contact Info
|
|
48
|
+
description: An email or Discord handle where we can reach you if we have questions about this specific codebase.
|
|
49
|
+
validations:
|
|
50
|
+
required: false
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
version: 2
|
|
2
|
+
updates:
|
|
3
|
+
# 1. Keep GitHub Actions up to date
|
|
4
|
+
- package-ecosystem: "github-actions"
|
|
5
|
+
directory: "/"
|
|
6
|
+
schedule:
|
|
7
|
+
interval: "weekly"
|
|
8
|
+
labels:
|
|
9
|
+
- "security"
|
|
10
|
+
- "github-actions"
|
|
11
|
+
|
|
12
|
+
# 2. Keep Python dependencies up to date
|
|
13
|
+
- package-ecosystem: "pip"
|
|
14
|
+
directory: "/"
|
|
15
|
+
schedule:
|
|
16
|
+
interval: "weekly"
|
|
17
|
+
labels:
|
|
18
|
+
- "security"
|
|
19
|
+
- "python"
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
### Description of Structural Changes
|
|
2
|
+
### Visual Observatory Testing
|
|
3
|
+
- [ ] I tested the output JSON on **GitGalaxy.io** OR the **Airgap Observatory**.
|
|
4
|
+
- [ ] Flexbox constraints, HUD elements, and 3D rendering remain intact.
|
|
5
|
+
|
|
6
|
+
### The Differential Scan Acknowledgement
|
|
7
|
+
- [ ] I understand that my PR will be subjected to a Full Differential Scan.
|
|
8
|
+
- [ ] I have provided the link to the specific repository this PR addresses so it can be tested alongside the 80-repo calibrated baseline.
|
|
9
|
+
- [ ] I believe these changes will measurably improve the engine's Accuracy, Speed, Utility, or Ethos without causing regressions.
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
name: "CodeQL Security Scan"
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ "main" ]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [ "main" ]
|
|
8
|
+
schedule:
|
|
9
|
+
- cron: '0 12 * * 1' # Runs every Monday at 12:00 UTC
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
analyze:
|
|
13
|
+
name: Analyze
|
|
14
|
+
runs-on: ubuntu-latest
|
|
15
|
+
permissions:
|
|
16
|
+
actions: read
|
|
17
|
+
contents: read
|
|
18
|
+
security-events: write
|
|
19
|
+
|
|
20
|
+
strategy:
|
|
21
|
+
fail-fast: false
|
|
22
|
+
matrix:
|
|
23
|
+
language: [ 'python' ]
|
|
24
|
+
|
|
25
|
+
steps:
|
|
26
|
+
- name: Checkout repository
|
|
27
|
+
uses: actions/checkout@v4
|
|
28
|
+
|
|
29
|
+
- name: Initialize CodeQL
|
|
30
|
+
uses: github/codeql-action/init@v3
|
|
31
|
+
with:
|
|
32
|
+
languages: ${{ matrix.language }}
|
|
33
|
+
# If you have specific queries you want to run, you can specify them here.
|
|
34
|
+
# "security-extended" adds deeper vulnerability hunting.
|
|
35
|
+
queries: security-extended,security-and-quality
|
|
36
|
+
|
|
37
|
+
- name: Perform CodeQL Analysis
|
|
38
|
+
uses: github/codeql-action/analyze@v3
|
|
39
|
+
with:
|
|
40
|
+
category: "/language:${{matrix.language}}"
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
name: Deploy Museum of Code Docs
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main # Triggers the action when you push to the main branch
|
|
7
|
+
workflow_dispatch: # Allows you to manually trigger the build from the GitHub UI
|
|
8
|
+
|
|
9
|
+
# Grants the action permission to push the built site to the gh-pages branch
|
|
10
|
+
permissions:
|
|
11
|
+
contents: write
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
deploy:
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
steps:
|
|
17
|
+
- name: Checkout Repository
|
|
18
|
+
uses: actions/checkout@v4
|
|
19
|
+
with:
|
|
20
|
+
fetch-depth: 0 # Required for git info/history (like last updated timestamps)
|
|
21
|
+
|
|
22
|
+
- name: Configure Git Credentials
|
|
23
|
+
run: |
|
|
24
|
+
git config user.name github-actions[bot]
|
|
25
|
+
git config user.email 41898282+github-actions[bot]@users.noreply.github.com
|
|
26
|
+
|
|
27
|
+
- name: Set up Python
|
|
28
|
+
uses: actions/setup-python@v5
|
|
29
|
+
with:
|
|
30
|
+
python-version: 3.x
|
|
31
|
+
|
|
32
|
+
- name: Install Dependencies
|
|
33
|
+
# Installs Material theme and the PyMdown extensions required by your mkdocs.yml
|
|
34
|
+
run: pip install mkdocs-material pymdown-extensions
|
|
35
|
+
|
|
36
|
+
- name: Build and Deploy Docs
|
|
37
|
+
run: mkdocs gh-deploy --force
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
name: Publish to PyPI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
release:
|
|
5
|
+
types: [published]
|
|
6
|
+
|
|
7
|
+
jobs:
|
|
8
|
+
pypi-publish:
|
|
9
|
+
name: Build and Publish to PyPI
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
|
+
|
|
12
|
+
# This matches the environment name you set in PyPI
|
|
13
|
+
environment:
|
|
14
|
+
name: pypi
|
|
15
|
+
url: https://pypi.org/p/gitgalaxy
|
|
16
|
+
|
|
17
|
+
# This specific permission is REQUIRED for Trusted Publishing
|
|
18
|
+
permissions:
|
|
19
|
+
id-token: write
|
|
20
|
+
contents: read
|
|
21
|
+
|
|
22
|
+
steps:
|
|
23
|
+
- name: Checkout repository
|
|
24
|
+
uses: actions/checkout@v4
|
|
25
|
+
with:
|
|
26
|
+
fetch-depth: 0 # <--- ADD THIS so it downloads your Git tags!
|
|
27
|
+
|
|
28
|
+
- name: Set up Python
|
|
29
|
+
uses: actions/setup-python@v5
|
|
30
|
+
with:
|
|
31
|
+
python-version: "3.10"
|
|
32
|
+
|
|
33
|
+
- name: Install build tools
|
|
34
|
+
run: python -m pip install --upgrade pip build
|
|
35
|
+
|
|
36
|
+
- name: Build the wheel and source distribution
|
|
37
|
+
run: python -m build
|
|
38
|
+
|
|
39
|
+
- name: Publish package to PyPI
|
|
40
|
+
uses: pypa/gh-action-pypi-publish@release/v1
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
name: GitGalaxy Smoke Tests
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ "main" ]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [ "main" ]
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
smoke-test:
|
|
11
|
+
runs-on: ${{ matrix.os }}
|
|
12
|
+
env:
|
|
13
|
+
PYTHONUTF8: "1" # <--- FIX 1: Forces Windows to render emojis without crashing
|
|
14
|
+
strategy:
|
|
15
|
+
fail-fast: false
|
|
16
|
+
matrix:
|
|
17
|
+
os: [ubuntu-latest, windows-latest, macos-latest]
|
|
18
|
+
python-version: ["3.9", "3.10", "3.11", "3.12"]
|
|
19
|
+
|
|
20
|
+
steps:
|
|
21
|
+
- name: Check out repository code
|
|
22
|
+
uses: actions/checkout@v6
|
|
23
|
+
|
|
24
|
+
- name: Set up Python ${{ matrix.python-version }}
|
|
25
|
+
uses: actions/setup-python@v6
|
|
26
|
+
with:
|
|
27
|
+
python-version: ${{ matrix.python-version }}
|
|
28
|
+
|
|
29
|
+
- name: Install macOS dependencies (OpenMP for XGBoost)
|
|
30
|
+
if: runner.os == 'macOS'
|
|
31
|
+
run: brew install libomp
|
|
32
|
+
|
|
33
|
+
- name: Install dependencies
|
|
34
|
+
shell: bash
|
|
35
|
+
run: |
|
|
36
|
+
python -m pip install --upgrade pip setuptools wheel
|
|
37
|
+
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
|
|
38
|
+
pip install PyYAML networkx tiktoken pandas xgboost pytest flake8
|
|
39
|
+
pip install --no-build-isolation -e . # <--- FIX 2: Bypasses the pip build bubble
|
|
40
|
+
|
|
41
|
+
- name: Global Syntax Sweep (Flake8)
|
|
42
|
+
run: |
|
|
43
|
+
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
|
|
44
|
+
|
|
45
|
+
- name: Smoke Test - Core Engine
|
|
46
|
+
# Using the -m flag is the safest way to run modules inside a package
|
|
47
|
+
run: python -m gitgalaxy.galaxyscope --help
|
|
48
|
+
|
|
49
|
+
- name: Smoke Test - Legacy Refractor Controller
|
|
50
|
+
run: python -m gitgalaxy.cobol_refractor_controller --help
|
|
51
|
+
|
|
52
|
+
- name: Smoke Test - Java Spring Forge Controller
|
|
53
|
+
run: python -m gitgalaxy.cobol_to_java_controller --help
|
|
54
|
+
|
|
55
|
+
- name: Smoke Test - SBOM Generator
|
|
56
|
+
run: python -m gitgalaxy.tools.compliance.sbom_generator --help
|
|
57
|
+
|
|
58
|
+
- name: Smoke Test - Supply Chain Firewall
|
|
59
|
+
run: python -m gitgalaxy.tools.supply_chain_security.supply_chain_firewall --help
|
|
60
|
+
|
|
61
|
+
- name: Smoke Test - API Network Map
|
|
62
|
+
run: python -m gitgalaxy.tools.network_auditing.full_api_network_map --help
|
|
63
|
+
|
|
64
|
+
- name: Golden Record Integration Test (Pytest)
|
|
65
|
+
run: |
|
|
66
|
+
pytest tests/ -v
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
# ==========================================
|
|
2
|
+
# SECURITY / SECRETS (CRITICAL)
|
|
3
|
+
.env
|
|
4
|
+
.env.*
|
|
5
|
+
*.pem
|
|
6
|
+
*.key
|
|
7
|
+
|
|
8
|
+
# PYTHON, FLASK & VIRTUAL ENVIRONMENTS
|
|
9
|
+
__pycache__/
|
|
10
|
+
*.py[cod]
|
|
11
|
+
*$py.class
|
|
12
|
+
*.so
|
|
13
|
+
venv/
|
|
14
|
+
env/
|
|
15
|
+
.venv/
|
|
16
|
+
flask_session/
|
|
17
|
+
|
|
18
|
+
# PYPI PACKAGING & BUILD ARTIFACTS
|
|
19
|
+
build/
|
|
20
|
+
dist/
|
|
21
|
+
*.egg-info/
|
|
22
|
+
|
|
23
|
+
# TESTING & LINTING (NEW)
|
|
24
|
+
.coverage
|
|
25
|
+
htmlcov/
|
|
26
|
+
.mypy_cache/
|
|
27
|
+
|
|
28
|
+
# LOGS & DATABASES
|
|
29
|
+
*.log
|
|
30
|
+
gitgalaxy_dropped_orders.log
|
|
31
|
+
*.sqlite3
|
|
32
|
+
*.sqlite3-journal
|
|
33
|
+
|
|
34
|
+
# FRONTEND & NODE
|
|
35
|
+
node_modules/
|
|
36
|
+
tailwindcss
|
|
37
|
+
|
|
38
|
+
# OS & EDITOR FILES
|
|
39
|
+
.DS_Store
|
|
40
|
+
Thumbs.db
|
|
41
|
+
.vscode/
|
|
42
|
+
.idea/
|
|
43
|
+
*.swp
|
|
44
|
+
*~
|
|
45
|
+
*.bak
|
|
46
|
+
.~lock.*
|
|
47
|
+
|
|
48
|
+
# PROJECT-SPECIFIC SCRIPTS & DRAFTS
|
|
49
|
+
get_ids.py
|
|
50
|
+
get_shop.py
|
|
51
|
+
histogram_matcher.py
|
|
52
|
+
archive/
|
|
53
|
+
*.odt
|
|
54
|
+
|
|
55
|
+
# GITGALAXY HEAVY DATA
|
|
56
|
+
data/
|
|
57
|
+
museum/
|
|
58
|
+
museum_2/
|
|
59
|
+
*.json
|
|
60
|
+
*_llm.md
|
|
61
|
+
venvs/
|
|
62
|
+
|
|
63
|
+
# Local data mounts
|
|
64
|
+
data/
|
|
65
|
+
museum/
|
|
66
|
+
docs_build/
|
|
67
|
+
updated_results/
|
|
68
|
+
utilities/
|
|
69
|
+
# Ignore local data symlinks
|
|
70
|
+
site/museum/
|
|
71
|
+
museum/
|
|
72
|
+
updated_results_expanded_story/
|
|
73
|
+
updated_results_2/
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
# Contributing to GitGalaxy
|
|
2
|
+
|
|
3
|
+
First off, thank you for considering contributing to GitGalaxy! The blAST engine is essentially a tunable scientific instrument, and calibrating it across the vast ecosystem of open-source software requires a community effort.
|
|
4
|
+
|
|
5
|
+
Whether you are reporting a taxonomic discrepancy, refining the parsing engine, or expanding the documentation, your input helps map the structural DNA of software more accurately.
|
|
6
|
+
|
|
7
|
+
## 🧬 The blAST Philosophy
|
|
8
|
+
|
|
9
|
+
Before diving in, please remember that GitGalaxy treats code as a living organism. The blAST engine evaluates structural logic and behavioral genetic markers, not just rigid syntax.
|
|
10
|
+
|
|
11
|
+
Sometimes, what appears to be a traditional parsing error might actually be blAST intentionally flagging a structural anomaly or a dense risk exposure. Please keep this in mind when reporting issues or proposing changes to the sequencing algorithms.
|
|
12
|
+
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
## 🔬 The Differential Scan (How We Review Pull Requests)
|
|
16
|
+
|
|
17
|
+
We do not merge structural backend changes based solely on subjective code review. GitGalaxy operates at hyper-scale, and every change to the parsing logic has cascading effects.
|
|
18
|
+
|
|
19
|
+
When you submit a Pull Request that alters the blAST engine, your candidate changes will be subjected to a **Full Differential Scan**.
|
|
20
|
+
|
|
21
|
+
* **The Control + Variable Test:** We run your branch against our calibrated baseline of ~80 massive open-source repositories, **plus** the specific repository your PR is designed to address.
|
|
22
|
+
* **Before and After:** We perform a strict comparison of the engine's output before and after your rule update across this entire dataset (80 + 1). This ensures your addition resolves the target discrepancy without degrading the established baseline.
|
|
23
|
+
* **The Metrics:** The output is assessed strictly on four vectors: **Accuracy, Speed, Utility, and Ethos.**
|
|
24
|
+
* Only changes that are mathematically and practically *measurably better* across the broader ecosystem will be incorporated.
|
|
25
|
+
|
|
26
|
+
---
|
|
27
|
+
|
|
28
|
+
## 🛠️ Submitting Pull Requests
|
|
29
|
+
|
|
30
|
+
To ensure your contribution integrates smoothly into the blAST ecosystem:
|
|
31
|
+
|
|
32
|
+
1. **Fork and Branch:** Create a feature branch from `main` (`git checkout -b feature/your-feature-name`).
|
|
33
|
+
2. **Maintain the Contract:** Ensure that any backend changes to the CLI do not break the universal JSON contract expected by the frontend Observatory.
|
|
34
|
+
3. **Test Visually:** Run your newly generated `_galaxy.json` through either **[GitGalaxy.io](https://gitgalaxy.io)** or your local **Airgap Observatory** to verify that visual rendering and flexbox constraints remain intact. Whichever is more convenient for you is fine.
|
|
35
|
+
4. **Document:** If you are adding new language phenotypes or altering the parsing logic, please update the Taxonomical Equivalence Map in the wiki.
|
|
36
|
+
5. **Submit:** Open a PR with a clear title. Explain the *why* behind your structural changes, not just the *what*. Be sure to include the link to the target repository so we can include it in the Differential Scan.
|
|
37
|
+
|
|
38
|
+
---
|
|
39
|
+
|
|
40
|
+
## 🐛 Reporting Discrepancies
|
|
41
|
+
|
|
42
|
+
If the galaxyscope misidentifies a repository's structure or fails to parse a specific file phenotype, please use our **[Parsing Discrepancy Form](https://github.com/squid-protocol/gitgalaxy/issues/new/choose)**.
|
|
43
|
+
|
|
44
|
+
To help us reproduce the issue with quantitative precision, you will be asked to provide:
|
|
45
|
+
* A direct link to the public repository being scanned.
|
|
46
|
+
* The Observatory viewer you were using (GitGalaxy.io or Airgap Observatory).
|
|
47
|
+
* A clear description of the expected vs. actual output.
|
|
48
|
+
* The contents of your custom `standards.py` file (if applicable).
|
|
49
|
+
* Contact information for follow-up questions.
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
## 🛡️ Security Vulnerabilities
|
|
54
|
+
|
|
55
|
+
If you discover a vulnerability within GitGalaxy itself (e.g., a way to bypass the local sandbox or an issue in the Airgap Observatory), **do not open a public issue.** Please reach out directly via the contact portal at [GitGalaxy.io](https://gitgalaxy.io) so the vulnerability can be patched securely before public disclosure.
|
|
56
|
+
|
|
57
|
+
---
|
|
58
|
+
|
|
59
|
+
## 📜 Licensing Reminder
|
|
60
|
+
|
|
61
|
+
GitGalaxy is released under the **PolyForm Noncommercial License 1.0.0**. By contributing to this repository, you agree that your contributions will be licensed under these same terms.
|
|
62
|
+
|
|
63
|
+
*Note: This tool is free for research, education, testing, and hobby projects. Any commercial use or integration into commercial SaaS products or corporate CI/CD pipelines requires a separate commercial license.*
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: gitgalaxy
|
|
3
|
-
Version: 2.0.
|
|
4
|
-
Summary: An AST-free, zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
3
|
+
Version: 2.0.8
|
|
4
|
+
Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
5
5
|
Author: Joe Esquibel
|
|
6
6
|
Project-URL: Homepage, https://gitgalaxy.io
|
|
7
7
|
Project-URL: Documentation, https://squid-protocol.github.io/gitgalaxy/
|
|
@@ -108,6 +108,33 @@ Point the GalaxyScope at any local repository or ZIP archive. The engine runs en
|
|
|
108
108
|
galaxyscope /path/to/your/local/repo
|
|
109
109
|
```
|
|
110
110
|
|
|
111
|
+
### 3. GitHub Actions CI/CD Integration
|
|
112
|
+
|
|
113
|
+
GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
|
|
114
|
+
|
|
115
|
+
Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
|
|
116
|
+
|
|
117
|
+
```yaml
|
|
118
|
+
name: GitGalaxy Security Audit
|
|
119
|
+
|
|
120
|
+
on:
|
|
121
|
+
pull_request:
|
|
122
|
+
branches: [ "main" ]
|
|
123
|
+
|
|
124
|
+
jobs:
|
|
125
|
+
gitgalaxy-scan:
|
|
126
|
+
runs-on: ubuntu-latest
|
|
127
|
+
steps:
|
|
128
|
+
- name: Checkout Repository
|
|
129
|
+
uses: actions/checkout@v4
|
|
130
|
+
|
|
131
|
+
- name: Run GitGalaxy Supply Chain Firewall
|
|
132
|
+
uses: squid-protocol/gitgalaxy@main
|
|
133
|
+
with:
|
|
134
|
+
tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
|
|
135
|
+
target: '.'
|
|
136
|
+
```
|
|
137
|
+
|
|
111
138
|
---
|
|
112
139
|
|
|
113
140
|
### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
|
|
@@ -85,6 +85,33 @@ Point the GalaxyScope at any local repository or ZIP archive. The engine runs en
|
|
|
85
85
|
galaxyscope /path/to/your/local/repo
|
|
86
86
|
```
|
|
87
87
|
|
|
88
|
+
### 3. GitHub Actions CI/CD Integration
|
|
89
|
+
|
|
90
|
+
GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
|
|
91
|
+
|
|
92
|
+
Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
|
|
93
|
+
|
|
94
|
+
```yaml
|
|
95
|
+
name: GitGalaxy Security Audit
|
|
96
|
+
|
|
97
|
+
on:
|
|
98
|
+
pull_request:
|
|
99
|
+
branches: [ "main" ]
|
|
100
|
+
|
|
101
|
+
jobs:
|
|
102
|
+
gitgalaxy-scan:
|
|
103
|
+
runs-on: ubuntu-latest
|
|
104
|
+
steps:
|
|
105
|
+
- name: Checkout Repository
|
|
106
|
+
uses: actions/checkout@v4
|
|
107
|
+
|
|
108
|
+
- name: Run GitGalaxy Supply Chain Firewall
|
|
109
|
+
uses: squid-protocol/gitgalaxy@main
|
|
110
|
+
with:
|
|
111
|
+
tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
|
|
112
|
+
target: '.'
|
|
113
|
+
```
|
|
114
|
+
|
|
88
115
|
---
|
|
89
116
|
|
|
90
117
|
### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
name: 'GitGalaxy Scanner'
|
|
2
|
+
description: 'High-velocity, AST-free DevSecOps scanner for zero-trust CI/CD, SBOMs, secret detection, and supply chain security.'
|
|
3
|
+
branding:
|
|
4
|
+
icon: 'shield'
|
|
5
|
+
color: 'purple'
|
|
6
|
+
|
|
7
|
+
inputs:
|
|
8
|
+
tool:
|
|
9
|
+
description: >
|
|
10
|
+
The GitGalaxy command to execute.
|
|
11
|
+
Options: galaxyscope, blast, vault-sentinel, supply-chain-firewall, xray-inspector, zero-trust-sbom, pii-leak-hunter, terabyte-log-scanner, api-network-map.
|
|
12
|
+
required: true
|
|
13
|
+
default: 'galaxyscope'
|
|
14
|
+
target:
|
|
15
|
+
description: 'The directory or file path to scan.'
|
|
16
|
+
required: true
|
|
17
|
+
default: '.'
|
|
18
|
+
args:
|
|
19
|
+
description: 'Any additional CLI arguments to pass to the tool (e.g., --output json, --paranoid).'
|
|
20
|
+
required: false
|
|
21
|
+
default: ''
|
|
22
|
+
version:
|
|
23
|
+
description: 'The version of GitGalaxy to install from PyPI. Defaults to latest.'
|
|
24
|
+
required: false
|
|
25
|
+
default: 'latest'
|
|
26
|
+
full_precision:
|
|
27
|
+
description: 'Opt-in to install heavy physics engines (networkx, tiktoken, xgboost) for Blast Radius and ML Threat Inference.'
|
|
28
|
+
required: false
|
|
29
|
+
default: 'false'
|
|
30
|
+
|
|
31
|
+
runs:
|
|
32
|
+
using: "composite"
|
|
33
|
+
steps:
|
|
34
|
+
- name: Set up Python
|
|
35
|
+
uses: actions/setup-python@v5
|
|
36
|
+
with:
|
|
37
|
+
python-version: '3.10'
|
|
38
|
+
|
|
39
|
+
- name: Install GitGalaxy
|
|
40
|
+
shell: bash
|
|
41
|
+
run: |
|
|
42
|
+
if [ "${{ inputs.version }}" = "latest" ]; then
|
|
43
|
+
echo "Installing latest GitGalaxy from PyPI..."
|
|
44
|
+
pip install gitgalaxy
|
|
45
|
+
else
|
|
46
|
+
echo "Installing GitGalaxy version ${{ inputs.version }}..."
|
|
47
|
+
pip install gitgalaxy==${{ inputs.version }}
|
|
48
|
+
fi
|
|
49
|
+
|
|
50
|
+
if [ "${{ inputs.full_precision }}" = "true" ]; then
|
|
51
|
+
echo "Unlocking Full Precision Mode..."
|
|
52
|
+
pip install networkx tiktoken xgboost pandas numpy
|
|
53
|
+
else
|
|
54
|
+
echo "Running in ultra-fast Zero-Dependency Mode."
|
|
55
|
+
fi
|
|
56
|
+
|
|
57
|
+
- name: Execute GitGalaxy Tool
|
|
58
|
+
shell: bash
|
|
59
|
+
run: |
|
|
60
|
+
echo "Running: ${{ inputs.tool }} ${{ inputs.target }} ${{ inputs.args }}"
|
|
61
|
+
${{ inputs.tool }} ${{ inputs.target }} ${{ inputs.args }}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
# GitGalaxy: The Core Engine & GalaxyScope Orchestrator
|
|
2
|
+
|
|
3
|
+
[](#)
|
|
4
|
+
[](#)
|
|
5
|
+
[](#)
|
|
6
|
+
|
|
7
|
+
Welcome to the internal source code for the **GitGalaxy Core Engine**.
|
|
8
|
+
|
|
9
|
+
This directory contains the central orchestrator—**GalaxyScope**—alongside the core physics, optical routing, and mathematical heuristics that power the entire system. If you are a developer looking to contribute, understand the pipeline, or run the primary CLI, here is your architectural map.
|
|
10
|
+
|
|
11
|
+
### 🗺️ The Developer Map (How the Pipeline Flows)
|
|
12
|
+
|
|
13
|
+
When you trigger the `galaxyscope` command, the data flows through these five physical directories:
|
|
14
|
+
|
|
15
|
+
* **`/core/` (The Frontline):** The optical routing layer. Contains the [Aperture Filter](https://squid-protocol.github.io/gitgalaxy/02-03-aperture-filter/) and [The Prism](https://squid-protocol.github.io/gitgalaxy/02-07-the-prism/), which break down source code into structural signals, separating executable logic from ghost mass (comments) and inert binaries.
|
|
16
|
+
* **`/physics/` (The Math):** The heuristics engine. Contains the [Signal Processor](https://squid-protocol.github.io/gitgalaxy/02-09-signal-processing/) and [Neural Auditor](https://squid-protocol.github.io/gitgalaxy/02-19-neural-auditor/), which apply GitGalaxy mathematics to score O(N) complexity, topological blast radius, and state flux without using ASTs.
|
|
17
|
+
* **`/recorders/` (The Exporters):** The translation layer. Converts the internal state maps into highly relational [SQLite Databases](https://squid-protocol.github.io/gitgalaxy/02-21-record-keeper/), AI-agent JSON tickets, and the final 3D WebGPU payload.
|
|
18
|
+
* **`/security/` (The Sentinel):** The zero-trust validation layer. Contains the [Security Lens](https://squid-protocol.github.io/gitgalaxy/02-06-security-lens/) responsible for intercepting embedded malware, hardcoded secrets, and logic bombs on the fly.
|
|
19
|
+
* **`/tools/` (The Spokes):** The enterprise automation layer. Contains specialized controllers for CI/CD pipelines—like the [Supply Chain Firewall](https://squid-protocol.github.io/gitgalaxy/04-03-supply-chain-firewall/) and [PII Leak Hunter](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)—that consume the core engine's telemetry.
|
|
20
|
+
|
|
21
|
+
---
|
|
22
|
+
|
|
23
|
+
### ⚡ Performance Showcase: NVDA (NonVisual Desktop Access)
|
|
24
|
+
|
|
25
|
+
To demonstrate the GalaxyScope orchestrator's capability on complex, cross-language system architecture, we unleashed it on **NVDA**, the open-source Windows screen reader.
|
|
26
|
+
|
|
27
|
+
Because NVDA relies heavily on bridging Python application logic with low-level C++ system hooks, it requires advanced polyglot dependency mapping. The blAST engine successfully parsed the mixed-language architecture, analyzing **236,754 lines of code** in just **5.59 seconds** (a velocity of 42,357 LOC/sec).
|
|
28
|
+
|
|
29
|
+
Crucially, during the import resolution phase, the Air-Gapped Dependency Radar successfully intercepted a structural naming collision (`fstream` vs `sstream`), proving the real-time typosquatting defenses are fully operational without relying on cloud APIs.
|
|
30
|
+
|
|
31
|
+
> **Note on False Positives:** Because `fstream` and `sstream` are both standard C++ libraries, this specific flag is a false positive. To prevent the engine from halting on trusted internal libraries, contributors can whitelist them by adding them to the global `approved_imports.json` registry (see [GitGalaxy Config](https://squid-protocol.github.io/gitgalaxy/06-01-gitgalaxy-config/)).
|
|
32
|
+
|
|
33
|
+

|
|
34
|
+
|
|
35
|
+
```text
|
|
36
|
+
[INFO] PASS_1.5: Running Air-Gapped Typosquatting & Dependency Confusion Radar...
|
|
37
|
+
[CRITICAL] 🚨 TYPOSQUATTING DETECTED: 'fstream' in nvdaHelper/vbufBase/storage.cpp closely matches anchor 'sstream'!
|
|
38
|
+
[WARNING] Intercepted 1 typosquatting attempts via repository baseline analysis.
|
|
39
|
+
...
|
|
40
|
+
[INFO] --- MISSION_SUCCESS: 849 files mapped in 5.59s ---
|
|
41
|
+
[INFO] --- ENGINE_TELEMETRY: Processed 236,754 lines of code at 42,357 LOC/s ---
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
---
|
|
45
|
+
|
|
46
|
+
### 🛠️ Local Development & GalaxyScope Execution
|
|
47
|
+
|
|
48
|
+
If you are modifying the internal physics or optical routing, it is highly recommended to install the package in editable mode so your CLI commands instantly reflect your local code changes.
|
|
49
|
+
|
|
50
|
+
From the **root directory** of the repository, run:
|
|
51
|
+
```bash
|
|
52
|
+
pip install -e .
|
|
53
|
+
```
|
|
54
|
+
|
|
55
|
+
Once installed, you can trigger the main orchestrator globally from your terminal. This command runs the full [Data Pipeline](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/) and outputs the final artifact.
|
|
56
|
+
```bash
|
|
57
|
+
galaxyscope /path/to/test/repo --debug
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
Before submitting a Pull Request, ensure your changes do not skew the core baseline risk equations by running the test suite:
|
|
61
|
+
```bash
|
|
62
|
+
python3 -m unittest discover tests/
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
---
|
|
66
|
+
### 🌌 Deep Dive into the Pipeline Architecture
|
|
67
|
+
To fully understand how GalaxyScope processes data, maps files, and applies risk exposures, explore the official documentation:
|
|
68
|
+
|
|
69
|
+
* 📖 **[GalaxyScope CLI Reference](https://squid-protocol.github.io/gitgalaxy/01-02-galaxyscope-cli-reference/)** (Flags, outputs, and behaviors)
|
|
70
|
+
* 📖 **[The Data Pipeline Overview](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/)** (Step-by-step breakdown of the runtime)
|
|
71
|
+
* 📖 **[Risk Exposures & Methodology](https://squid-protocol.github.io/gitgalaxy/08-01-methodology/)** (The math behind the heuristics)
|
|
72
|
+
* 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# GitGalaxy: Core Lexical Parsing & Topology Engine
|
|
2
|
+
|
|
3
|
+
[](#)
|
|
4
|
+
[](#)
|
|
5
|
+
[](#)
|
|
6
|
+
|
|
7
|
+
This directory contains the primary ingestion, lexical tokenization, and topological mapping layers for the **blAST Engine**.
|
|
8
|
+
|
|
9
|
+
These files form the core ingestion pipeline. They are responsible for reading raw source code from disk, filtering out irrelevant noise (like massive minified files or `.git` directories), slicing the code into measurable architectural components, and wiring the mathematical network graph.
|
|
10
|
+
|
|
11
|
+
> **⚠️ Configuration Warning:** Do not modify these core files to tune the engine's behavior. Almost all variables, thresholds, language regexes, and mathematical tuning parameters have been abstracted to the **[Standards Registry](../standards/README.md)**. If you need to tweak risk curves or add a language, do it there.
|
|
12
|
+
|
|
13
|
+
### 🗺️ The Architecture
|
|
14
|
+
|
|
15
|
+
Each file in this core represents a discrete phase in the GitGalaxy ingestion pipeline. Read the official documentation links for deep dives into the underlying mathematics.
|
|
16
|
+
|
|
17
|
+
* **`aperture.py` (The Boundary Filter):** The primary perimeter gate. It enforces Zero-Trust ingestion rules, blocking steganography, minified blobs, and infrastructure directories before they consume system memory.
|
|
18
|
+
* 📖 **[Read the Aperture Filter Specs](https://squid-protocol.github.io/gitgalaxy/02-03-aperture-filter/)**
|
|
19
|
+
|
|
20
|
+
* **`guidestar_lens.py` (The Metadata Resolver):** The contextual intelligence module. It parses standard project manifests (`package.json`, `Cargo.toml`), resolves explicit linguistic overrides via `.gitattributes`, and hunts for evasion tactics (like force-includes) hidden in `.gitignore`.
|
|
21
|
+
* 📖 **[Read the GuideStar Protocol Specs](https://squid-protocol.github.io/gitgalaxy/02-04-guidestar-protocol/)**
|
|
22
|
+
|
|
23
|
+
* **`prism.py` (The Lexical Tokenizer):** The structural separator. It surgically separates human intent (documentation/comments) from structural execution logic across multiple syntax families, all while safely preserving complex string literals.
|
|
24
|
+
* 📖 **[Read the Prism Optics Specs](https://squid-protocol.github.io/gitgalaxy/02-07-the-prism/)**
|
|
25
|
+
|
|
26
|
+
* **`detector.py` (The Function Slicer & Spatial Engine):** The architectural extractor. It splices files into discrete functions, calculates Big-O algorithmic nesting depth, tracks recursive functions, and assigns exact 3D coordinates using deterministic fractal distribution algorithms.
|
|
27
|
+
* 📖 **[Read the Detector Mechanics](https://squid-protocol.github.io/gitgalaxy/02-08-the-detector/)**
|
|
28
|
+
|
|
29
|
+
* **`network_risk_sensor.py` (The Topology Mapper):** The mathematical routing layer. It wires the ingested files into a directed graph, executing PageRank mathematics to determine absolute Blast Radius, betweenness centrality, and ecosystem roles (Producer vs. Consumer).
|
|
30
|
+
* 📖 **[Read the Network Risk Sensor Specs](https://squid-protocol.github.io/gitgalaxy/02-16-network-risk-sensor/)**
|
|
31
|
+
|
|
32
|
+
* **`state_rehydrator.py` (The Cache Manager):** The incremental differential scanner. It extracts the previous temporal state from the SQLite database and rehydrates it directly into RAM, enabling ultra-fast differential delta scanning for CI/CD pipelines.
|
|
33
|
+
* 📖 **[Read the State Rehydrator Specs](https://squid-protocol.github.io/gitgalaxy/02-22-state-rehydrator/)**
|
|
34
|
+
|
|
35
|
+
<br><br>
|
|
36
|
+
|
|
37
|
+
---
|
|
38
|
+
|
|
39
|
+
### 🌌 Powered by the blAST Engine
|
|
40
|
+
|
|
41
|
+
This documentation is part of the [GitGalaxy Ecosystem](https://github.com/squid-protocol/gitgalaxy), an AST-free, LLM-free heuristic knowledge graph engine.
|
|
42
|
+
|
|
43
|
+
* 🪐 **[Explore the GitHub Repository](https://github.com/squid-protocol/gitgalaxy)** for code, tools, and updates.
|
|
44
|
+
* 🔭 **[Visualize your own repository at GitGalaxy.io](https://gitgalaxy.io/)** using our interactive 3D WebGPU dashboard.
|