gitgalaxy 2.0.8__tar.gz → 2.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (141) hide show
  1. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/codeql.yml +3 -3
  2. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/deploy-docs.yml +2 -2
  3. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/publish.yml +2 -2
  4. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.gitignore +14 -0
  5. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/PKG-INFO +9 -8
  6. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/README.md +8 -7
  7. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/action.yml +1 -1
  8. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/network_risk_sensor.py +6 -6
  9. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/galaxyscope.py +50 -3
  10. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/signal_processor.py +6 -6
  11. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/language_lens.py +7 -0
  12. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/language_standards.py +4 -4
  13. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +6 -0
  14. gitgalaxy-2.1.0/gitgalaxy/tools/cobol_to_java/cobol_to_java_test_forge.py +104 -0
  15. gitgalaxy-2.1.0/gitgalaxy/tools/terabyte_log_scanning/README.md +109 -0
  16. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +81 -28
  17. gitgalaxy-2.1.0/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +209 -0
  18. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/PKG-INFO +9 -8
  19. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/SOURCES.txt +17 -0
  20. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/mkdocs.yml +132 -0
  21. gitgalaxy-2.1.0/tests/test_agent_forge.py +60 -0
  22. gitgalaxy-2.1.0/tests/test_api_network_map.py +80 -0
  23. gitgalaxy-2.1.0/tests/test_batch_test_harness.py +102 -0
  24. gitgalaxy-2.1.0/tests/test_binary_anomaly_detector.py +102 -0
  25. gitgalaxy-2.1.0/tests/test_chronometer_timeout.py +73 -0
  26. gitgalaxy-2.1.0/tests/test_decoder_forge.py +103 -0
  27. gitgalaxy-2.1.0/tests/test_golden_forge.py +113 -0
  28. gitgalaxy-2.1.0/tests/test_gpu_recorder.py +51 -0
  29. gitgalaxy-2.1.0/tests/test_language_lens.py +48 -0
  30. gitgalaxy-2.1.0/tests/test_neural_auditor.py +60 -0
  31. gitgalaxy-2.1.0/tests/test_redos_poison.py +74 -0
  32. gitgalaxy-2.1.0/tests/test_sbom_generator.py +101 -0
  33. gitgalaxy-2.1.0/tests/test_service_forge.py +60 -0
  34. gitgalaxy-2.1.0/tests/test_supply_chain_firewall.py +93 -0
  35. gitgalaxy-2.1.0/tests/test_vault_sentinel.py +101 -0
  36. gitgalaxy-2.1.0/tests/test_zero_dependency.py +85 -0
  37. gitgalaxy-2.0.8/gitgalaxy/tools/terabyte_log_scanning/README.md +0 -116
  38. gitgalaxy-2.0.8/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +0 -139
  39. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +0 -0
  40. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/dependabot.yml +0 -0
  41. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/pull_request_template.md +0 -0
  42. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/smoke-test.yml +0 -0
  43. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/CONTRIBUTING.md +0 -0
  44. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/LICENSE +0 -0
  45. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/MANIFEST.in +0 -0
  46. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/README.md +0 -0
  47. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/__init__.py +0 -0
  48. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/cobol_refractor_controller.py +0 -0
  49. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/cobol_to_java_controller.py +0 -0
  50. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/README.md +0 -0
  51. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/__init__.py +0 -0
  52. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/aperture.py +0 -0
  53. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/detector.py +0 -0
  54. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/guidestar_lens.py +0 -0
  55. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/prism.py +0 -0
  56. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/state_rehydrator.py +0 -0
  57. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/README.md +0 -0
  58. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/__init__.py +0 -0
  59. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/chronometer.py +0 -0
  60. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/neural_auditor.py +0 -0
  61. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/spectral_auditor.py +0 -0
  62. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/README.md +0 -0
  63. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/__init__.py +0 -0
  64. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/audit_recorder.py +0 -0
  65. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/gpu_recorder.py +0 -0
  66. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/llm_recorder.py +0 -0
  67. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/record_keeper.py +0 -0
  68. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/README.md +0 -0
  69. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/__init__.py +0 -0
  70. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/security_auditor.py +0 -0
  71. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/security_lens.py +0 -0
  72. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/README.md +0 -0
  73. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/__init__.py +0 -0
  74. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/analysis_lens.py +0 -0
  75. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/gitgalaxy_config.py +0 -0
  76. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/how_to_add_a_language.md +0 -0
  77. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/README.md +0 -0
  78. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/__init__.py +0 -0
  79. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/ai_guardrails/README.md +0 -0
  80. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
  81. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
  82. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/README.md +0 -0
  83. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
  84. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
  85. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
  86. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
  87. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
  88. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +0 -0
  89. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -0
  90. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
  91. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
  92. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
  93. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
  94. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/README.md +0 -0
  95. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
  96. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
  97. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
  98. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
  99. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
  100. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
  101. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/compliance/README.md +0 -0
  102. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/compliance/sbom_generator.py +0 -0
  103. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/network_auditing/README.md +0 -0
  104. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/network_auditing/full_api_network_map.py +0 -0
  105. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/README.md +0 -0
  106. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
  107. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +0 -0
  108. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
  109. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/dependency_links.txt +0 -0
  110. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/entry_points.txt +0 -0
  111. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/top_level.txt +0 -0
  112. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/pyproject.toml +0 -0
  113. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/setup.cfg +0 -0
  114. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/.gitattributes +0 -0
  115. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/.gitignore +0 -0
  116. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/LICENSE +0 -0
  117. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/Makefile +0 -0
  118. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/README.md +0 -0
  119. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +0 -0
  120. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +0 -0
  121. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +0 -0
  122. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +0 -0
  123. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +0 -0
  124. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +0 -0
  125. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +0 -0
  126. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/config.py +0 -0
  127. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/convert_em.F +0 -0
  128. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +0 -0
  129. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +0 -0
  130. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +0 -0
  131. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/iwubi.py +0 -0
  132. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +0 -0
  133. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +0 -0
  134. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/logconfig.py +0 -0
  135. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +0 -0
  136. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +0 -0
  137. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
  138. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
  139. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
  140. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
  141. {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/test_galaxyscope.py +0 -0
@@ -24,10 +24,10 @@ jobs:
24
24
 
25
25
  steps:
26
26
  - name: Checkout repository
27
- uses: actions/checkout@v4
27
+ uses: actions/checkout@v6
28
28
 
29
29
  - name: Initialize CodeQL
30
- uses: github/codeql-action/init@v3
30
+ uses: github/codeql-action/init@v4
31
31
  with:
32
32
  languages: ${{ matrix.language }}
33
33
  # If you have specific queries you want to run, you can specify them here.
@@ -35,6 +35,6 @@ jobs:
35
35
  queries: security-extended,security-and-quality
36
36
 
37
37
  - name: Perform CodeQL Analysis
38
- uses: github/codeql-action/analyze@v3
38
+ uses: github/codeql-action/analyze@v4
39
39
  with:
40
40
  category: "/language:${{matrix.language}}"
@@ -15,7 +15,7 @@ jobs:
15
15
  runs-on: ubuntu-latest
16
16
  steps:
17
17
  - name: Checkout Repository
18
- uses: actions/checkout@v4
18
+ uses: actions/checkout@v6
19
19
  with:
20
20
  fetch-depth: 0 # Required for git info/history (like last updated timestamps)
21
21
 
@@ -25,7 +25,7 @@ jobs:
25
25
  git config user.email 41898282+github-actions[bot]@users.noreply.github.com
26
26
 
27
27
  - name: Set up Python
28
- uses: actions/setup-python@v5
28
+ uses: actions/setup-python@v6
29
29
  with:
30
30
  python-version: 3.x
31
31
 
@@ -21,12 +21,12 @@ jobs:
21
21
 
22
22
  steps:
23
23
  - name: Checkout repository
24
- uses: actions/checkout@v4
24
+ uses: actions/checkout@v6
25
25
  with:
26
26
  fetch-depth: 0 # <--- ADD THIS so it downloads your Git tags!
27
27
 
28
28
  - name: Set up Python
29
- uses: actions/setup-python@v5
29
+ uses: actions/setup-python@v6
30
30
  with:
31
31
  python-version: "3.10"
32
32
 
@@ -71,3 +71,17 @@ site/museum/
71
71
  museum/
72
72
  updated_results_expanded_story/
73
73
  updated_results_2/
74
+ gitgalaxy/README gitgalaxy.md
75
+ gitgalaxy/core/README core.md
76
+ gitgalaxy/physics/README physics.md
77
+ gitgalaxy/recorders/README recorder.md
78
+ gitgalaxy/security/README security.md
79
+ gitgalaxy/standards/README standards.md
80
+ gitgalaxy/tools/README tools.md
81
+ gitgalaxy/tools/ai_guardrails/README ai.md
82
+ gitgalaxy/tools/cobol_to_cobol/README c2c.md
83
+ gitgalaxy/tools/cobol_to_java/README c2j.md
84
+ gitgalaxy/tools/compliance/README sbom.md
85
+ gitgalaxy/tools/network_auditing/README network.md
86
+ gitgalaxy/tools/supply_chain_security/README supply_chain.md
87
+ gitgalaxy/tools/terabyte_log_scanning/README terabyte.md
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: gitgalaxy
3
- Version: 2.0.8
3
+ Version: 2.1.0
4
4
  Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
5
5
  Author: Joe Esquibel
6
6
  Project-URL: Homepage, https://gitgalaxy.io
@@ -173,15 +173,20 @@ Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive da
173
173
  ### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
174
174
  Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
175
175
 
176
- ## Local Browser-Based 3D Codebase Visualization
176
+ ## Local Browser-Based 3D Codebase Visualization
177
177
 
178
178
  If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
179
179
 
180
180
  Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
181
181
 
182
- ![GitGalaxy 3D structural mapping of API exposure and state flux risks in the Apollo 11 legacy codebase](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/apollo-11_state_flux.png)
182
+ ### 🔭 Watch GitGalaxy in Action
183
183
 
184
- ![GitGalaxy native SQLite3 database schema for AST-free enterprise codebase mapping and cybersecurity auditing](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/sqlite_overview.png)
184
+ **Mapping 3.2 Million Lines of C++ in 11 Seconds | OpenCV** [![OpenCV Demo](https://img.youtube.com/vi/3ScQCSUBdZw/maxresdefault.jpg)](https://youtu.be/3ScQCSUBdZw)
185
+
186
+ **Visualizing Architectural Risk | Ruby on Rails** [![Ruby on Rails Demo](https://img.youtube.com/vi/3ScQCSUBdZw/maxresdefault.jpg)](https://youtu.be/3ScQCSUBdZw)
187
+ *(Note: Replace the video IDs in this link with your actual Rails video ID)*
188
+
189
+ ![GitGalaxy Meta Visualizer 3D star map rendering complex software repository structures and K-means clustering archetypes in the browser](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/metavisualizer.png)
185
190
 
186
191
  ## Zero-Trust Data Security
187
192
 
@@ -191,10 +196,6 @@ Your code never leaves your machine. GitGalaxy performs 100% of its scanning and
191
196
  * **Ephemeral Memory Processing:** Repositories are unpacked into a volatile memory buffer (RAM) and are automatically purged when the browser tab is closed.
192
197
  * **Privacy-by-Design:** Even when using the web-based viewer, the data remains behind the user's firewall at all times.
193
198
 
194
- ![GitGalaxy interactive WebGPU data HUD displaying real-time software architecture metrics, forensic analysis, and file-level risk telemetry](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/data_hud.png)
195
-
196
- ![GitGalaxy Meta Visualizer 3D star map rendering complex software repository structures and K-means clustering archetypes in the browser](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/metavisualizer.png)
197
-
198
199
  ## License & Copyright
199
200
 
200
201
  Copyright (c) 2026 Joe Esquibel
@@ -150,15 +150,20 @@ Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive da
150
150
  ### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
151
151
  Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
152
152
 
153
- ## Local Browser-Based 3D Codebase Visualization
153
+ ## Local Browser-Based 3D Codebase Visualization
154
154
 
155
155
  If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
156
156
 
157
157
  Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
158
158
 
159
- ![GitGalaxy 3D structural mapping of API exposure and state flux risks in the Apollo 11 legacy codebase](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/apollo-11_state_flux.png)
159
+ ### 🔭 Watch GitGalaxy in Action
160
160
 
161
- ![GitGalaxy native SQLite3 database schema for AST-free enterprise codebase mapping and cybersecurity auditing](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/sqlite_overview.png)
161
+ **Mapping 3.2 Million Lines of C++ in 11 Seconds | OpenCV** [![OpenCV Demo](https://img.youtube.com/vi/3ScQCSUBdZw/maxresdefault.jpg)](https://youtu.be/3ScQCSUBdZw)
162
+
163
+ **Visualizing Architectural Risk | Ruby on Rails** [![Ruby on Rails Demo](https://img.youtube.com/vi/3ScQCSUBdZw/maxresdefault.jpg)](https://youtu.be/3ScQCSUBdZw)
164
+ *(Note: Replace the video IDs in this link with your actual Rails video ID)*
165
+
166
+ ![GitGalaxy Meta Visualizer 3D star map rendering complex software repository structures and K-means clustering archetypes in the browser](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/metavisualizer.png)
162
167
 
163
168
  ## Zero-Trust Data Security
164
169
 
@@ -168,10 +173,6 @@ Your code never leaves your machine. GitGalaxy performs 100% of its scanning and
168
173
  * **Ephemeral Memory Processing:** Repositories are unpacked into a volatile memory buffer (RAM) and are automatically purged when the browser tab is closed.
169
174
  * **Privacy-by-Design:** Even when using the web-based viewer, the data remains behind the user's firewall at all times.
170
175
 
171
- ![GitGalaxy interactive WebGPU data HUD displaying real-time software architecture metrics, forensic analysis, and file-level risk telemetry](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/data_hud.png)
172
-
173
- ![GitGalaxy Meta Visualizer 3D star map rendering complex software repository structures and K-means clustering archetypes in the browser](https://raw.githubusercontent.com/squid-protocol/gitgalaxy/main/docs/wiki/assets/metavisualizer.png)
174
-
175
176
  ## License & Copyright
176
177
 
177
178
  Copyright (c) 2026 Joe Esquibel
@@ -32,7 +32,7 @@ runs:
32
32
  using: "composite"
33
33
  steps:
34
34
  - name: Set up Python
35
- uses: actions/setup-python@v5
35
+ uses: actions/setup-python@v6
36
36
  with:
37
37
  python-version: '3.10'
38
38
 
@@ -275,16 +275,16 @@ class NetworkRiskSensor:
275
275
 
276
276
  if "telemetry" not in s: s["telemetry"] = {}
277
277
  s["telemetry"]["network_metrics"] = {
278
- "pagerank_score": None,
279
- "normalized_blast_radius": None,
280
- "betweenness_score": None,
281
- "closeness_score": None,
278
+ "pagerank_score": 0.0,
279
+ "normalized_blast_radius": 0.0,
280
+ "betweenness_score": 0.0,
281
+ "closeness_score": 0.0,
282
282
  "in_degree": in_d,
283
283
  "out_degree": out_d,
284
284
  "producer_ratio": round(producer_ratio, 3),
285
285
  "ecosystem_role": ecosystem_role,
286
- "systemic_threat_vector": None,
287
- "is_algorithmic_bottleneck": None
286
+ "systemic_threat_vector": [],
287
+ "is_algorithmic_bottleneck": False
288
288
  }
289
289
  s["telemetry"]["popularity"] = in_d
290
290
 
@@ -371,20 +371,38 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
371
371
  if is_file_profiling: phase_times["5.5_Security_Lens"] = time.perf_counter() - t_security
372
372
  # ----------------------------------------------------
373
373
 
374
- # Phase 6: Raw Imports
374
+ # Phase 6: Raw Imports & Named Tokens
375
375
  t_imports = time.perf_counter()
376
376
  raw_imports = set()
377
+ named_tokens = set() # <--- NEW: Initialize token tracker
378
+
377
379
  if not is_inert:
380
+ # 1. Extract raw file dependencies
378
381
  import_regex = lang_defs.get(lang_id, {}).get("rules", {}).get("_dependency_capture")
379
382
  if import_regex:
380
383
  try:
381
384
  for match in import_regex.finditer(content_buffer):
382
- # Grab the first non-empty capture group (the actual dependency name)
383
385
  extracted_path = next((g for g in match.groups() if g), None)
384
386
  if extracted_path:
385
387
  raw_imports.add(extracted_path)
386
388
  except Exception:
387
389
  pass
390
+
391
+ # 2. ---> NEW: Extract Named Imports (TS/JS/Python) <---
392
+ try:
393
+ # Captures 'import { a, b }' and 'from x import a, b'
394
+ import_blocks = re.findall(r'(?:import\s+\{([^}]+)\}|from\s+[\w.]+\s+import\s+([^({\n]+))', content_buffer)
395
+ for block in import_blocks:
396
+ for match in block:
397
+ if match:
398
+ # Split by comma, handle 'as' aliases
399
+ for token in match.split(','):
400
+ clean_token = token.split(' as ')[0].strip()
401
+ if clean_token:
402
+ named_tokens.add(clean_token)
403
+ except Exception:
404
+ pass
405
+
388
406
  if is_file_profiling: phase_times["6_Import_Regex"] = time.perf_counter() - t_imports
389
407
 
390
408
  # Phase 7: Tokenization & Census
@@ -429,7 +447,8 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
429
447
  "prior_lock": has_prior,
430
448
  "coding_loc": refraction["coding_loc"],
431
449
  "doc_loc": refraction["doc_loc"],
432
- "raw_imports": list(raw_imports),
450
+ "raw_imports": list(raw_imports),
451
+ "named_tokens": list(named_tokens), # <--- NEW: Send tokens to Orchestrator
433
452
  "popularity_hits": popularity_hits,
434
453
  "regex_telemetry": logic_data.pop("regex_telemetry", {}) if is_profiling else {}
435
454
  }
@@ -1247,6 +1266,15 @@ class Orchestrator:
1247
1266
  # --- NEW: CALCULATE THE GLOBAL TEST UMBRELLA ---
1248
1267
  total_loc = 0
1249
1268
  test_loc = 0
1269
+
1270
+ # ==============================================================
1271
+ # ---> NEW: BUILD GLOBAL TOKEN TRACKER <---
1272
+ # ==============================================================
1273
+ self.used_tokens = set()
1274
+ for meta in self.cryolink.values():
1275
+ self.used_tokens.update(meta.get("named_tokens", []))
1276
+ # ==============================================================
1277
+
1250
1278
  for rel_path, meta in self.cryolink.items():
1251
1279
  loc = meta.get("coding_loc", 0)
1252
1280
  total_loc += loc
@@ -1273,6 +1301,25 @@ class Orchestrator:
1273
1301
  meta["metadata"]["folder_dominant_lang"] = folder_dominant_langs.get(folder, meta.get("lang_id", "unknown"))
1274
1302
  # -----------------------------------------------------------------
1275
1303
 
1304
+ # =================================================================
1305
+ # ---> THE NETWORK GRAVITY FIX <---
1306
+ # If the file is imported by the ecosystem, its "orphans" are actually its API.
1307
+ # =================================================================
1308
+ popularity = self.popularity_scores.get(rel_path, 0)
1309
+ if popularity > 0 and "equations" in meta:
1310
+ orphans = meta["equations"].get("design_slop_orphans", 0)
1311
+ if orphans > 0:
1312
+ # 1. Convert the dead weight into API Exposure
1313
+ meta["equations"]["api"] = meta["equations"].get("api", 0) + orphans
1314
+ # 2. Wipe the Technical Debt
1315
+ meta["equations"]["design_slop_orphans"] = 0
1316
+
1317
+ # 3. Heal the function metadata
1318
+ for func in meta.get("functions", []):
1319
+ if func.get("usage_status") == 1:
1320
+ func["usage_status"] = 0
1321
+ # =================================================================
1322
+
1276
1323
  meta["temporal_telemetry"] = self.chronometer.get_temporal_signals(rel_path)
1277
1324
  meta["authors"] = meta["temporal_telemetry"].get("authors", {})
1278
1325
  stem = Path(rel_path).stem.lower()
@@ -837,13 +837,13 @@ class SignalProcessor:
837
837
  # ---> N-DIMENSIONAL AI NETWORK POSTURE <---
838
838
  if ai_files:
839
839
  # Find the most heavily relied-upon AI node in the graph
840
- ai_files.sort(key=lambda x: x.get("telemetry", {}).get("network_metrics", {}).get("pagerank_score", 0.0), reverse=True)
840
+ ai_files.sort(key=lambda x: x.get("telemetry", {}).get("network_metrics", {}).get("pagerank_score") or 0.0, reverse=True)
841
841
  primary_ai_node = ai_files[0]
842
842
  net_mets = primary_ai_node.get("telemetry", {}).get("network_metrics", {})
843
843
 
844
844
  role = net_mets.get("ecosystem_role", "Unknown")
845
- pr = net_mets.get("normalized_blast_radius", 0.0)
846
- btw = net_mets.get("betweenness_score", 0.0)
845
+ pr = net_mets.get("normalized_blast_radius") or 0.0
846
+ btw = net_mets.get("betweenness_score") or 0.0
847
847
 
848
848
  ai_topology["insights"].append(f"Structural Posture: The primary AI integration acts as a '{role}' within the repository.")
849
849
 
@@ -1675,9 +1675,9 @@ class SignalProcessor:
1675
1675
  rv = file_data.get("risk_vector", [])
1676
1676
  p = file_data.get("path", "")
1677
1677
 
1678
- btw = net.get("betweenness_score", 0.0)
1679
- close = net.get("closeness_score", 0.0)
1680
- pr = net.get("normalized_blast_radius", 0.0)
1678
+ btw = net.get("betweenness_score") or 0.0
1679
+ close = net.get("closeness_score") or 0.0
1680
+ pr = net.get("normalized_blast_radius") or 0.0
1681
1681
 
1682
1682
  flux_risk = rv[flux_idx] if flux_idx >= 0 and len(rv) > flux_idx else 0.0
1683
1683
  err_risk = rv[err_idx] if err_idx >= 0 and len(rv) > err_idx else 0.0
@@ -202,6 +202,13 @@ class LanguageDetector:
202
202
 
203
203
  # We explicitly add .txt and .log to the prose override list
204
204
  if ext in {'.md', '.mdx', '.rst', '.rtf', '.txt', '.log'}:
205
+ # ---> THE FIX: Catch disguised payloads before the early exit! <---
206
+ shebang_lang = self._tier_2_fingerprint_check(content_sample, ext)
207
+ if shebang_lang and shebang_lang != "undeterminable":
208
+ self.logger.warning(f"[{name}] IDENTITY CRISIS: Prose Ext '{ext}' contradicts Shebang '{shebang_lang}'")
209
+ result["anomaly_flags"].append(f"Identity Masking: Prose Extension ({ext}) vs Shebang ({shebang_lang})")
210
+ return self._forge_result("undeterminable", 0.0, 5, f"Identity Conflict ({ext} != {shebang_lang})", result, content_sample)
211
+
205
212
  target_id = "markdown" if ext in {'.md', '.mdx'} else "plaintext"
206
213
  return self._forge_result(target_id, self.thresholds.get("PROSE_CONFIDENCE", 0.95), 1, f"Prose Extension ({ext})", result, content_sample)
207
214
 
@@ -1242,7 +1242,7 @@ LANGUAGE_DEFINITIONS = {
1242
1242
  # ONLY executable logic blocks. EXCLUDES types/classes.
1243
1243
  #
1244
1244
  # =====================================================================
1245
- # [LLM CONTEXT: C# "IRON WALL" FUNCTION EXTRACTOR & REDOS SHIELD]
1245
+ # [ CONTEXT: C# "IRON WALL" FUNCTION EXTRACTOR & REDOS SHIELD]
1246
1246
  # PURPOSE: Anchors executable logic blocks (methods) in C# up to C# 14.
1247
1247
  # VULNERABILITY: C# allows massive return types (e.g., nested tuples),
1248
1248
  # generics, and explicit interface implementations. If spaces are allowed
@@ -2007,7 +2007,7 @@ LANGUAGE_DEFINITIONS = {
2007
2007
  ),
2008
2008
  "func_start": re.compile(
2009
2009
  # =====================================================================
2010
- # [LLM CONTEXT: C++ FUNCTION AST EXTRACTOR & REDOS SHIELD]
2010
+ # [ CONTEXT: C++ FUNCTION AST EXTRACTOR & REDOS SHIELD]
2011
2011
  # PURPOSE: Anchors executable logic blocks (methods/functions) in C++.
2012
2012
  # VULNERABILITY: C++ allows multi-line function signatures and complex
2013
2013
  # return types (e.g., `std::vector<int> \n myFunc()`). In files with
@@ -4857,7 +4857,7 @@ LANGUAGE_DEFINITIONS = {
4857
4857
  ),
4858
4858
  # 4. func_start (The Satellite Spawner)
4859
4859
  # =====================================================================
4860
- # [LLM CONTEXT: FORTRAN FUNCTION AST EXTRACTOR & REDOS SHIELD]
4860
+ # [ CONTEXT: FORTRAN FUNCTION AST EXTRACTOR & REDOS SHIELD]
4861
4861
  # PURPOSE: Anchors executable logic blocks (Program, Subroutine, Function, Entry)
4862
4862
  # across 60+ years of Fortran dialects (F77 through F2018).
4863
4863
  # VULNERABILITY: Fortran allows extreme signature variability: prefix stacking
@@ -6535,7 +6535,7 @@ LANGUAGE_DEFINITIONS = {
6535
6535
  ),
6536
6536
  # 4. func_start: Satellite Spawner. Anchors logic blocks (Paragraphs and Sections).
6537
6537
  # =====================================================================
6538
- # [LLM CONTEXT: COBOL FUNCTION/PARAGRAPH AST EXTRACTOR & REDOS SHIELD]
6538
+ # [ CONTEXT: COBOL FUNCTION/PARAGRAPH AST EXTRACTOR & REDOS SHIELD]
6539
6539
  # PURPOSE: Anchors executable logic blocks (Paragraphs and Sections) in COBOL.
6540
6540
  # VULNERABILITY: COBOL spans 60 years of formatting rules (Fixed vs Free format).
6541
6541
  # Without strict column boundaries, standard verbs or data definitions
@@ -72,6 +72,12 @@ def generate_pom_xml(group_id: str, artifact_id: str) -> str:
72
72
  <artifactId>spring-boot-starter-test</artifactId>
73
73
  <scope>test</scope>
74
74
  </dependency>
75
+
76
+ <dependency>
77
+ <groupId>com.h2database</groupId>
78
+ <artifactId>h2</artifactId>
79
+ <scope>test</scope>
80
+ </dependency>
75
81
  </dependencies>
76
82
 
77
83
  <build>
@@ -0,0 +1,104 @@
1
+ #!/usr/bin/env python3
2
+ # ==============================================================================
3
+ # GitGalaxy Spoke: Java Spring Test Forge (Phase 3)
4
+ # Purpose: Auto-generates JUnit 5 and Spring Boot integration tests to
5
+ # mathematically prove the translated architecture compiles and runs.
6
+ # ==============================================================================
7
+ import argparse
8
+ import sys
9
+ import json
10
+ from pathlib import Path
11
+
12
+ def generate_context_test(package_name: str, class_name: str) -> str:
13
+ """Forges a @SpringBootTest to ensure the entire dependency injection context loads."""
14
+ return f"""package {package_name};
15
+
16
+ import org.junit.jupiter.api.Test;
17
+ import org.springframework.boot.test.context.SpringBootTest;
18
+
19
+ @SpringBootTest
20
+ class {class_name}ApplicationTests {{
21
+
22
+ @Test
23
+ void contextLoads() {{
24
+ // If the application.yml is broken or a @Service is missing,
25
+ // this test will fail immediately, catching structural regressions.
26
+ }}
27
+ }}
28
+ """
29
+
30
+ def generate_controller_test(package_name: str, class_name: str, endpoint_path: str) -> str:
31
+ """Forges a @WebMvcTest to verify REST API mappings without booting the full server."""
32
+ service_var = class_name[0].lower() + class_name[1:]
33
+
34
+ return f"""package {package_name}.controller;
35
+
36
+ import {package_name}.service.{class_name}Service;
37
+ import org.junit.jupiter.api.Test;
38
+ import org.springframework.beans.factory.annotation.Autowired;
39
+ import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
40
+ import org.springframework.boot.test.mock.mockito.MockBean;
41
+ import org.springframework.test.web.servlet.MockMvc;
42
+
43
+ import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
44
+ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
45
+
46
+ @WebMvcTest({class_name}Controller.class)
47
+ class {class_name}ControllerTest {{
48
+
49
+ @Autowired
50
+ private MockMvc mockMvc;
51
+
52
+ @MockBean
53
+ private {class_name}Service {service_var}Service;
54
+
55
+ @Test
56
+ void testEndpointRouting() throws Exception {{
57
+ // Verifies the @RequestMapping and @PostMapping forged by the API Contract script
58
+ mockMvc.perform(post("/api/v1/{endpoint_path}/execute")
59
+ .contentType("application/json")
60
+ .content("{{}}")) // Empty JSON payload for structural routing test
61
+ .andExpect(status().isOk()); // Or isNoContent() based on outputs
62
+ }}
63
+ }}
64
+ """
65
+
66
+ def main():
67
+ parser = argparse.ArgumentParser(description="GitGalaxy Java Test Forge")
68
+ parser.add_argument("ir_file", help="Path to the GitGalaxy _ir.json state dump")
69
+ parser.add_argument("--pkg", default="com.gitgalaxy.modernized", help="Base Java package name")
70
+ args = parser.parse_args()
71
+
72
+ ir_path = Path(args.ir_file).resolve()
73
+ if not ir_path.exists():
74
+ sys.exit(1)
75
+
76
+ try:
77
+ ir_state = json.loads(ir_path.read_text(encoding='utf-8'))
78
+
79
+ # Determine class names
80
+ prog_id = ir_state.get("metadata", {}).get("file_name", "Unknown").split('.')[0]
81
+ class_name = "".join(word.capitalize() for word in prog_id.split('-'))
82
+ endpoint_path = prog_id.lower()
83
+
84
+ # Target output directories (Assuming standard Maven layout)
85
+ test_dir = ir_path.parent / "src" / "test" / "java" / args.pkg.replace('.', '/')
86
+ test_dir.mkdir(parents=True, exist_ok=True)
87
+
88
+ # 1. Forge Context Test
89
+ context_code = generate_context_test(args.pkg, class_name)
90
+ (test_dir / f"{class_name}ApplicationTests.java").write_text(context_code, encoding='utf-8')
91
+
92
+ # 2. Forge Controller Test
93
+ controller_test_dir = test_dir / "controller"
94
+ controller_test_dir.mkdir(exist_ok=True)
95
+ controller_code = generate_controller_test(args.pkg, class_name, endpoint_path)
96
+ (controller_test_dir / f"{class_name}ControllerTest.java").write_text(controller_code, encoding='utf-8')
97
+
98
+ print(f"🧪 Spring Boot Test Suite Forged for {class_name}")
99
+
100
+ except Exception as e:
101
+ print(f"Error forging Java tests: {e}")
102
+
103
+ if __name__ == "__main__":
104
+ main()
@@ -0,0 +1,109 @@
1
+ # GitGalaxy: High-Velocity Log Scanning & PII Detection
2
+
3
+ [![Velocity](https://img.shields.io/badge/Velocity-2%2B_GB%2Fmin-00C957.svg)](#)
4
+ [![Scale](https://img.shields.io/badge/Tested-10GB%2B_Files-00BFFF.svg)](#)
5
+ [![Architecture](https://img.shields.io/badge/Architecture-Single__Pass_Stream-8A2BE2.svg)](#)
6
+
7
+ During an active incident response or catastrophic data breach, standard tools fail. Basic `grep` lacks time-series context. Modern SIEMs (Splunk, ElasticSearch) require you to ingest and index data first—taking hours or days for massive database dumps.
8
+
9
+ This suite provides a tactical, pipeline-ready solution: **ultra-high-velocity, unindexed binary streaming.** Running at over 2 GB per minute, our custom stream-processing engine reads data continuously without loading massive files into RAM. Perfect for active breach triage or automated CI/CD pipeline sanitization.
10
+
11
+ ---
12
+
13
+ ## Part 1: The PII Data Leak Hunter (`pii-leak-hunter`)
14
+ [📖 Official Documentation](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)
15
+
16
+ A specialized incident response tool. Designed to find hemorrhaging Personally Identifiable Information inside massive, raw data dumps.
17
+
18
+ **How it works:**
19
+ * **Binary-Level Regex:** Compiles structural patterns to raw bytes. Extreme CPU efficiency.
20
+ * **Automated Masking:** Redacts toxic payloads before writing to safe evidence logs.
21
+ * **Exfiltration Histograms:** Generates ASCII charts. Pinpoints exact breach minutes.
22
+
23
+ **Performance Showcase:** Streamed a raw **1.00 GB compromised log file**. Completed in **25.72 seconds**. Detected and actively masked over **420,000 sensitive records**. Immediately exposed two distinct attack vectors (Customer data at 14:00, AWS Keys at 09:00).
24
+
25
+ ### Targeted Patterns
26
+ The stream engine currently bypasses standard indexing to hunt and actively mask:
27
+ * **VISA** (Credit Cards)
28
+ * **MASTERCARD** (Credit Cards)
29
+ * **SSN** (US Social Security Numbers)
30
+ * **AWS_KEY** (AKIA, ASIA, AGPA, etc.)
31
+
32
+ ### Quickstart & Integration
33
+ **Local CLI Execution:**
34
+ By default, the tool saves the masked evidence log in the same directory as the target.
35
+ ```bash
36
+ pii-leak-hunter /path/to/massive_database_dump.sql
37
+ ```
38
+
39
+ **Using the `--out` Flag:**
40
+ Route the safe, masked telemetry to a secure directory for analysis.
41
+ ```bash
42
+ pii-leak-hunter /path/to/production.log --out /var/secure_logs/
43
+ ```
44
+
45
+ **GitHub Actions CI/CD Integration:**
46
+ Automate sanitization before archiving logs.
47
+ ```yaml
48
+ - name: Run PII Leak Hunter
49
+ uses: squid-protocol/gitgalaxy@main
50
+ with:
51
+ tool: 'pii-leak-hunter'
52
+ target: './logs/production_dump.sql'
53
+ args: '--out ./sanitized_logs/'
54
+ ```
55
+
56
+ ---
57
+
58
+ ## Part 2: The Terabyte Log Scanner (`terabyte-log-scanner`)
59
+ [📖 Official Documentation](https://squid-protocol.github.io/gitgalaxy/04-07-terabyte-log-scanner/)
60
+
61
+ A runtime execution tracer. Connects static codebase architecture to physical runtime reality. Parses massive mainframe SMF logs or distributed traces to prove what code actually executes.
62
+
63
+ **How it works:**
64
+ * **Single-Pass Streaming:** Never loads the full file into RAM.
65
+ * **Execution Verification:** Proves exact runtime execution frequencies.
66
+ * **Zero-Hit Detection:** Mathematically proves if compiled legacy code is abandoned.
67
+ * **Dynamic Sidecars:** Outputs telemetry JSON for 3D WebGPU traffic heatmaps.
68
+
69
+ **Performance Showcase:**
70
+ Ran against a raw **2.1GB production stream log**. Completed single-pass scan in **30.07 seconds**. Dynamically scaled ASCII histograms instantly exposed a massive brute-force anomaly isolated from background noise:
71
+
72
+ ```text
73
+ === TIME-SERIES: ERROR ===
74
+ (Filtering to Top 15 Highest Volume Spikes)
75
+ [2026-04-16 14:00] ███████████████████████████████████████ (5,759 hits) <-- ANOMALY SPIKE
76
+ [2026-04-27 14:00] ███████████████████████████████████████ (5,753 hits) <-- ANOMALY SPIKE
77
+ [2026-05-02 14:00] ███████████████████████████████████████ (5,718 hits) <-- ANOMALY SPIKE
78
+ ```
79
+
80
+ ### Input Methods: Manual vs. Automated
81
+ The tool requires one of two input methods to function. It will not run without a target list.
82
+
83
+ **1. Manual Mode (`-k` or `--keywords`)**
84
+ Best for quick, grep-style tactical hunts. Supply a space-separated list of targets.
85
+ ```bash
86
+ terabyte-log-scanner /path/to/production.log -k ERROR TIMEOUT "DATA EXCEPTION"
87
+ ```
88
+
89
+ **2. Automated Pipeline Mode (`--input_state`)**
90
+ Best for CI/CD modernization pipelines. Supply a GitGalaxy Intermediate Representation (IR) JSON file. The script will automatically extract the targets from the `known_programs` array to hunt for dead code.
91
+ ```bash
92
+ terabyte-log-scanner /path/to/production.log --input_state ../core/ir_state.json
93
+ ```
94
+
95
+ *Required JSON Schema for Automated Mode:*
96
+ ```json
97
+ {
98
+ "analysis": {
99
+ "known_programs": ["PROGRAM1", "PROGRAM2"]
100
+ }
101
+ }
102
+ ```
103
+
104
+ ---
105
+ ### 🌌 Powered by the blAST Engine (Bypassing LLMs and ASTs)
106
+ This suite is driven by our custom deterministic heuristics engine. It processes multi-dimensional data at extreme velocity without requiring rigid ASTs or hallucinating LLMs.
107
+
108
+ * 📖 **[The blAST Paradigm (ASTs vs LLMs)](https://squid-protocol.github.io/gitgalaxy/01-03-the-blast-paradigm/)**
109
+ * 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**