gitgalaxy 2.0.8__tar.gz → 2.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/codeql.yml +3 -3
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/deploy-docs.yml +2 -2
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/publish.yml +2 -2
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.gitignore +14 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/PKG-INFO +9 -8
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/README.md +8 -7
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/action.yml +1 -1
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/network_risk_sensor.py +6 -6
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/galaxyscope.py +50 -3
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/signal_processor.py +6 -6
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/language_lens.py +7 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/language_standards.py +4 -4
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +6 -0
- gitgalaxy-2.1.0/gitgalaxy/tools/cobol_to_java/cobol_to_java_test_forge.py +104 -0
- gitgalaxy-2.1.0/gitgalaxy/tools/terabyte_log_scanning/README.md +109 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +81 -28
- gitgalaxy-2.1.0/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +209 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/PKG-INFO +9 -8
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/SOURCES.txt +17 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/mkdocs.yml +132 -0
- gitgalaxy-2.1.0/tests/test_agent_forge.py +60 -0
- gitgalaxy-2.1.0/tests/test_api_network_map.py +80 -0
- gitgalaxy-2.1.0/tests/test_batch_test_harness.py +102 -0
- gitgalaxy-2.1.0/tests/test_binary_anomaly_detector.py +102 -0
- gitgalaxy-2.1.0/tests/test_chronometer_timeout.py +73 -0
- gitgalaxy-2.1.0/tests/test_decoder_forge.py +103 -0
- gitgalaxy-2.1.0/tests/test_golden_forge.py +113 -0
- gitgalaxy-2.1.0/tests/test_gpu_recorder.py +51 -0
- gitgalaxy-2.1.0/tests/test_language_lens.py +48 -0
- gitgalaxy-2.1.0/tests/test_neural_auditor.py +60 -0
- gitgalaxy-2.1.0/tests/test_redos_poison.py +74 -0
- gitgalaxy-2.1.0/tests/test_sbom_generator.py +101 -0
- gitgalaxy-2.1.0/tests/test_service_forge.py +60 -0
- gitgalaxy-2.1.0/tests/test_supply_chain_firewall.py +93 -0
- gitgalaxy-2.1.0/tests/test_vault_sentinel.py +101 -0
- gitgalaxy-2.1.0/tests/test_zero_dependency.py +85 -0
- gitgalaxy-2.0.8/gitgalaxy/tools/terabyte_log_scanning/README.md +0 -116
- gitgalaxy-2.0.8/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +0 -139
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/dependabot.yml +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/pull_request_template.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/.github/workflows/smoke-test.yml +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/CONTRIBUTING.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/LICENSE +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/MANIFEST.in +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/cobol_refractor_controller.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/cobol_to_java_controller.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/aperture.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/detector.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/guidestar_lens.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/prism.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/core/state_rehydrator.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/chronometer.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/neural_auditor.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/physics/spectral_auditor.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/audit_recorder.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/gpu_recorder.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/llm_recorder.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/recorders/record_keeper.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/security_auditor.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/security/security_lens.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/analysis_lens.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/gitgalaxy_config.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/standards/how_to_add_a_language.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/__init__.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/ai_guardrails/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/compliance/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/compliance/sbom_generator.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/network_auditing/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/network_auditing/full_api_network_map.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/dependency_links.txt +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/entry_points.txt +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy.egg-info/top_level.txt +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/pyproject.toml +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/setup.cfg +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/.gitattributes +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/.gitignore +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/LICENSE +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/Makefile +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/README.md +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/config.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/convert_em.F +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/iwubi.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/logconfig.py +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
- {gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/tests/test_galaxyscope.py +0 -0
|
@@ -24,10 +24,10 @@ jobs:
|
|
|
24
24
|
|
|
25
25
|
steps:
|
|
26
26
|
- name: Checkout repository
|
|
27
|
-
uses: actions/checkout@
|
|
27
|
+
uses: actions/checkout@v6
|
|
28
28
|
|
|
29
29
|
- name: Initialize CodeQL
|
|
30
|
-
uses: github/codeql-action/init@
|
|
30
|
+
uses: github/codeql-action/init@v4
|
|
31
31
|
with:
|
|
32
32
|
languages: ${{ matrix.language }}
|
|
33
33
|
# If you have specific queries you want to run, you can specify them here.
|
|
@@ -35,6 +35,6 @@ jobs:
|
|
|
35
35
|
queries: security-extended,security-and-quality
|
|
36
36
|
|
|
37
37
|
- name: Perform CodeQL Analysis
|
|
38
|
-
uses: github/codeql-action/analyze@
|
|
38
|
+
uses: github/codeql-action/analyze@v4
|
|
39
39
|
with:
|
|
40
40
|
category: "/language:${{matrix.language}}"
|
|
@@ -15,7 +15,7 @@ jobs:
|
|
|
15
15
|
runs-on: ubuntu-latest
|
|
16
16
|
steps:
|
|
17
17
|
- name: Checkout Repository
|
|
18
|
-
uses: actions/checkout@
|
|
18
|
+
uses: actions/checkout@v6
|
|
19
19
|
with:
|
|
20
20
|
fetch-depth: 0 # Required for git info/history (like last updated timestamps)
|
|
21
21
|
|
|
@@ -25,7 +25,7 @@ jobs:
|
|
|
25
25
|
git config user.email 41898282+github-actions[bot]@users.noreply.github.com
|
|
26
26
|
|
|
27
27
|
- name: Set up Python
|
|
28
|
-
uses: actions/setup-python@
|
|
28
|
+
uses: actions/setup-python@v6
|
|
29
29
|
with:
|
|
30
30
|
python-version: 3.x
|
|
31
31
|
|
|
@@ -21,12 +21,12 @@ jobs:
|
|
|
21
21
|
|
|
22
22
|
steps:
|
|
23
23
|
- name: Checkout repository
|
|
24
|
-
uses: actions/checkout@
|
|
24
|
+
uses: actions/checkout@v6
|
|
25
25
|
with:
|
|
26
26
|
fetch-depth: 0 # <--- ADD THIS so it downloads your Git tags!
|
|
27
27
|
|
|
28
28
|
- name: Set up Python
|
|
29
|
-
uses: actions/setup-python@
|
|
29
|
+
uses: actions/setup-python@v6
|
|
30
30
|
with:
|
|
31
31
|
python-version: "3.10"
|
|
32
32
|
|
|
@@ -71,3 +71,17 @@ site/museum/
|
|
|
71
71
|
museum/
|
|
72
72
|
updated_results_expanded_story/
|
|
73
73
|
updated_results_2/
|
|
74
|
+
gitgalaxy/README gitgalaxy.md
|
|
75
|
+
gitgalaxy/core/README core.md
|
|
76
|
+
gitgalaxy/physics/README physics.md
|
|
77
|
+
gitgalaxy/recorders/README recorder.md
|
|
78
|
+
gitgalaxy/security/README security.md
|
|
79
|
+
gitgalaxy/standards/README standards.md
|
|
80
|
+
gitgalaxy/tools/README tools.md
|
|
81
|
+
gitgalaxy/tools/ai_guardrails/README ai.md
|
|
82
|
+
gitgalaxy/tools/cobol_to_cobol/README c2c.md
|
|
83
|
+
gitgalaxy/tools/cobol_to_java/README c2j.md
|
|
84
|
+
gitgalaxy/tools/compliance/README sbom.md
|
|
85
|
+
gitgalaxy/tools/network_auditing/README network.md
|
|
86
|
+
gitgalaxy/tools/supply_chain_security/README supply_chain.md
|
|
87
|
+
gitgalaxy/tools/terabyte_log_scanning/README terabyte.md
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: gitgalaxy
|
|
3
|
-
Version: 2.0
|
|
3
|
+
Version: 2.1.0
|
|
4
4
|
Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
5
5
|
Author: Joe Esquibel
|
|
6
6
|
Project-URL: Homepage, https://gitgalaxy.io
|
|
@@ -173,15 +173,20 @@ Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive da
|
|
|
173
173
|
### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
|
|
174
174
|
Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
|
|
175
175
|
|
|
176
|
-
|
|
176
|
+
## Local Browser-Based 3D Codebase Visualization
|
|
177
177
|
|
|
178
178
|
If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
|
|
179
179
|
|
|
180
180
|
Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
|
|
181
181
|
|
|
182
|
-
|
|
182
|
+
### 🔭 Watch GitGalaxy in Action
|
|
183
183
|
|
|
184
|
-
|
|
184
|
+
**Mapping 3.2 Million Lines of C++ in 11 Seconds | OpenCV** [](https://youtu.be/3ScQCSUBdZw)
|
|
185
|
+
|
|
186
|
+
**Visualizing Architectural Risk | Ruby on Rails** [](https://youtu.be/3ScQCSUBdZw)
|
|
187
|
+
*(Note: Replace the video IDs in this link with your actual Rails video ID)*
|
|
188
|
+
|
|
189
|
+

|
|
185
190
|
|
|
186
191
|
## Zero-Trust Data Security
|
|
187
192
|
|
|
@@ -191,10 +196,6 @@ Your code never leaves your machine. GitGalaxy performs 100% of its scanning and
|
|
|
191
196
|
* **Ephemeral Memory Processing:** Repositories are unpacked into a volatile memory buffer (RAM) and are automatically purged when the browser tab is closed.
|
|
192
197
|
* **Privacy-by-Design:** Even when using the web-based viewer, the data remains behind the user's firewall at all times.
|
|
193
198
|
|
|
194
|
-

|
|
195
|
-
|
|
196
|
-

|
|
197
|
-
|
|
198
199
|
## License & Copyright
|
|
199
200
|
|
|
200
201
|
Copyright (c) 2026 Joe Esquibel
|
|
@@ -150,15 +150,20 @@ Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive da
|
|
|
150
150
|
### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
|
|
151
151
|
Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous over context token-draining files. Helps identify which files need to be chunked to reduce context overload.
|
|
152
152
|
|
|
153
|
-
|
|
153
|
+
## Local Browser-Based 3D Codebase Visualization
|
|
154
154
|
|
|
155
155
|
If you prefer visual analytics, we've built a non-numerical dashboard where each file represents a star, sized and colored according to specific risk metrics.
|
|
156
156
|
|
|
157
157
|
Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
|
|
158
158
|
|
|
159
|
-
|
|
159
|
+
### 🔭 Watch GitGalaxy in Action
|
|
160
160
|
|
|
161
|
-
|
|
161
|
+
**Mapping 3.2 Million Lines of C++ in 11 Seconds | OpenCV** [](https://youtu.be/3ScQCSUBdZw)
|
|
162
|
+
|
|
163
|
+
**Visualizing Architectural Risk | Ruby on Rails** [](https://youtu.be/3ScQCSUBdZw)
|
|
164
|
+
*(Note: Replace the video IDs in this link with your actual Rails video ID)*
|
|
165
|
+
|
|
166
|
+

|
|
162
167
|
|
|
163
168
|
## Zero-Trust Data Security
|
|
164
169
|
|
|
@@ -168,10 +173,6 @@ Your code never leaves your machine. GitGalaxy performs 100% of its scanning and
|
|
|
168
173
|
* **Ephemeral Memory Processing:** Repositories are unpacked into a volatile memory buffer (RAM) and are automatically purged when the browser tab is closed.
|
|
169
174
|
* **Privacy-by-Design:** Even when using the web-based viewer, the data remains behind the user's firewall at all times.
|
|
170
175
|
|
|
171
|
-

|
|
172
|
-
|
|
173
|
-

|
|
174
|
-
|
|
175
176
|
## License & Copyright
|
|
176
177
|
|
|
177
178
|
Copyright (c) 2026 Joe Esquibel
|
|
@@ -275,16 +275,16 @@ class NetworkRiskSensor:
|
|
|
275
275
|
|
|
276
276
|
if "telemetry" not in s: s["telemetry"] = {}
|
|
277
277
|
s["telemetry"]["network_metrics"] = {
|
|
278
|
-
"pagerank_score":
|
|
279
|
-
"normalized_blast_radius":
|
|
280
|
-
"betweenness_score":
|
|
281
|
-
"closeness_score":
|
|
278
|
+
"pagerank_score": 0.0,
|
|
279
|
+
"normalized_blast_radius": 0.0,
|
|
280
|
+
"betweenness_score": 0.0,
|
|
281
|
+
"closeness_score": 0.0,
|
|
282
282
|
"in_degree": in_d,
|
|
283
283
|
"out_degree": out_d,
|
|
284
284
|
"producer_ratio": round(producer_ratio, 3),
|
|
285
285
|
"ecosystem_role": ecosystem_role,
|
|
286
|
-
"systemic_threat_vector":
|
|
287
|
-
"is_algorithmic_bottleneck":
|
|
286
|
+
"systemic_threat_vector": [],
|
|
287
|
+
"is_algorithmic_bottleneck": False
|
|
288
288
|
}
|
|
289
289
|
s["telemetry"]["popularity"] = in_d
|
|
290
290
|
|
|
@@ -371,20 +371,38 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
|
|
|
371
371
|
if is_file_profiling: phase_times["5.5_Security_Lens"] = time.perf_counter() - t_security
|
|
372
372
|
# ----------------------------------------------------
|
|
373
373
|
|
|
374
|
-
# Phase 6: Raw Imports
|
|
374
|
+
# Phase 6: Raw Imports & Named Tokens
|
|
375
375
|
t_imports = time.perf_counter()
|
|
376
376
|
raw_imports = set()
|
|
377
|
+
named_tokens = set() # <--- NEW: Initialize token tracker
|
|
378
|
+
|
|
377
379
|
if not is_inert:
|
|
380
|
+
# 1. Extract raw file dependencies
|
|
378
381
|
import_regex = lang_defs.get(lang_id, {}).get("rules", {}).get("_dependency_capture")
|
|
379
382
|
if import_regex:
|
|
380
383
|
try:
|
|
381
384
|
for match in import_regex.finditer(content_buffer):
|
|
382
|
-
# Grab the first non-empty capture group (the actual dependency name)
|
|
383
385
|
extracted_path = next((g for g in match.groups() if g), None)
|
|
384
386
|
if extracted_path:
|
|
385
387
|
raw_imports.add(extracted_path)
|
|
386
388
|
except Exception:
|
|
387
389
|
pass
|
|
390
|
+
|
|
391
|
+
# 2. ---> NEW: Extract Named Imports (TS/JS/Python) <---
|
|
392
|
+
try:
|
|
393
|
+
# Captures 'import { a, b }' and 'from x import a, b'
|
|
394
|
+
import_blocks = re.findall(r'(?:import\s+\{([^}]+)\}|from\s+[\w.]+\s+import\s+([^({\n]+))', content_buffer)
|
|
395
|
+
for block in import_blocks:
|
|
396
|
+
for match in block:
|
|
397
|
+
if match:
|
|
398
|
+
# Split by comma, handle 'as' aliases
|
|
399
|
+
for token in match.split(','):
|
|
400
|
+
clean_token = token.split(' as ')[0].strip()
|
|
401
|
+
if clean_token:
|
|
402
|
+
named_tokens.add(clean_token)
|
|
403
|
+
except Exception:
|
|
404
|
+
pass
|
|
405
|
+
|
|
388
406
|
if is_file_profiling: phase_times["6_Import_Regex"] = time.perf_counter() - t_imports
|
|
389
407
|
|
|
390
408
|
# Phase 7: Tokenization & Census
|
|
@@ -429,7 +447,8 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
|
|
|
429
447
|
"prior_lock": has_prior,
|
|
430
448
|
"coding_loc": refraction["coding_loc"],
|
|
431
449
|
"doc_loc": refraction["doc_loc"],
|
|
432
|
-
"raw_imports": list(raw_imports),
|
|
450
|
+
"raw_imports": list(raw_imports),
|
|
451
|
+
"named_tokens": list(named_tokens), # <--- NEW: Send tokens to Orchestrator
|
|
433
452
|
"popularity_hits": popularity_hits,
|
|
434
453
|
"regex_telemetry": logic_data.pop("regex_telemetry", {}) if is_profiling else {}
|
|
435
454
|
}
|
|
@@ -1247,6 +1266,15 @@ class Orchestrator:
|
|
|
1247
1266
|
# --- NEW: CALCULATE THE GLOBAL TEST UMBRELLA ---
|
|
1248
1267
|
total_loc = 0
|
|
1249
1268
|
test_loc = 0
|
|
1269
|
+
|
|
1270
|
+
# ==============================================================
|
|
1271
|
+
# ---> NEW: BUILD GLOBAL TOKEN TRACKER <---
|
|
1272
|
+
# ==============================================================
|
|
1273
|
+
self.used_tokens = set()
|
|
1274
|
+
for meta in self.cryolink.values():
|
|
1275
|
+
self.used_tokens.update(meta.get("named_tokens", []))
|
|
1276
|
+
# ==============================================================
|
|
1277
|
+
|
|
1250
1278
|
for rel_path, meta in self.cryolink.items():
|
|
1251
1279
|
loc = meta.get("coding_loc", 0)
|
|
1252
1280
|
total_loc += loc
|
|
@@ -1273,6 +1301,25 @@ class Orchestrator:
|
|
|
1273
1301
|
meta["metadata"]["folder_dominant_lang"] = folder_dominant_langs.get(folder, meta.get("lang_id", "unknown"))
|
|
1274
1302
|
# -----------------------------------------------------------------
|
|
1275
1303
|
|
|
1304
|
+
# =================================================================
|
|
1305
|
+
# ---> THE NETWORK GRAVITY FIX <---
|
|
1306
|
+
# If the file is imported by the ecosystem, its "orphans" are actually its API.
|
|
1307
|
+
# =================================================================
|
|
1308
|
+
popularity = self.popularity_scores.get(rel_path, 0)
|
|
1309
|
+
if popularity > 0 and "equations" in meta:
|
|
1310
|
+
orphans = meta["equations"].get("design_slop_orphans", 0)
|
|
1311
|
+
if orphans > 0:
|
|
1312
|
+
# 1. Convert the dead weight into API Exposure
|
|
1313
|
+
meta["equations"]["api"] = meta["equations"].get("api", 0) + orphans
|
|
1314
|
+
# 2. Wipe the Technical Debt
|
|
1315
|
+
meta["equations"]["design_slop_orphans"] = 0
|
|
1316
|
+
|
|
1317
|
+
# 3. Heal the function metadata
|
|
1318
|
+
for func in meta.get("functions", []):
|
|
1319
|
+
if func.get("usage_status") == 1:
|
|
1320
|
+
func["usage_status"] = 0
|
|
1321
|
+
# =================================================================
|
|
1322
|
+
|
|
1276
1323
|
meta["temporal_telemetry"] = self.chronometer.get_temporal_signals(rel_path)
|
|
1277
1324
|
meta["authors"] = meta["temporal_telemetry"].get("authors", {})
|
|
1278
1325
|
stem = Path(rel_path).stem.lower()
|
|
@@ -837,13 +837,13 @@ class SignalProcessor:
|
|
|
837
837
|
# ---> N-DIMENSIONAL AI NETWORK POSTURE <---
|
|
838
838
|
if ai_files:
|
|
839
839
|
# Find the most heavily relied-upon AI node in the graph
|
|
840
|
-
ai_files.sort(key=lambda x: x.get("telemetry", {}).get("network_metrics", {}).get("pagerank_score"
|
|
840
|
+
ai_files.sort(key=lambda x: x.get("telemetry", {}).get("network_metrics", {}).get("pagerank_score") or 0.0, reverse=True)
|
|
841
841
|
primary_ai_node = ai_files[0]
|
|
842
842
|
net_mets = primary_ai_node.get("telemetry", {}).get("network_metrics", {})
|
|
843
843
|
|
|
844
844
|
role = net_mets.get("ecosystem_role", "Unknown")
|
|
845
|
-
pr = net_mets.get("normalized_blast_radius"
|
|
846
|
-
btw = net_mets.get("betweenness_score"
|
|
845
|
+
pr = net_mets.get("normalized_blast_radius") or 0.0
|
|
846
|
+
btw = net_mets.get("betweenness_score") or 0.0
|
|
847
847
|
|
|
848
848
|
ai_topology["insights"].append(f"Structural Posture: The primary AI integration acts as a '{role}' within the repository.")
|
|
849
849
|
|
|
@@ -1675,9 +1675,9 @@ class SignalProcessor:
|
|
|
1675
1675
|
rv = file_data.get("risk_vector", [])
|
|
1676
1676
|
p = file_data.get("path", "")
|
|
1677
1677
|
|
|
1678
|
-
btw = net.get("betweenness_score"
|
|
1679
|
-
close = net.get("closeness_score"
|
|
1680
|
-
pr = net.get("normalized_blast_radius"
|
|
1678
|
+
btw = net.get("betweenness_score") or 0.0
|
|
1679
|
+
close = net.get("closeness_score") or 0.0
|
|
1680
|
+
pr = net.get("normalized_blast_radius") or 0.0
|
|
1681
1681
|
|
|
1682
1682
|
flux_risk = rv[flux_idx] if flux_idx >= 0 and len(rv) > flux_idx else 0.0
|
|
1683
1683
|
err_risk = rv[err_idx] if err_idx >= 0 and len(rv) > err_idx else 0.0
|
|
@@ -202,6 +202,13 @@ class LanguageDetector:
|
|
|
202
202
|
|
|
203
203
|
# We explicitly add .txt and .log to the prose override list
|
|
204
204
|
if ext in {'.md', '.mdx', '.rst', '.rtf', '.txt', '.log'}:
|
|
205
|
+
# ---> THE FIX: Catch disguised payloads before the early exit! <---
|
|
206
|
+
shebang_lang = self._tier_2_fingerprint_check(content_sample, ext)
|
|
207
|
+
if shebang_lang and shebang_lang != "undeterminable":
|
|
208
|
+
self.logger.warning(f"[{name}] IDENTITY CRISIS: Prose Ext '{ext}' contradicts Shebang '{shebang_lang}'")
|
|
209
|
+
result["anomaly_flags"].append(f"Identity Masking: Prose Extension ({ext}) vs Shebang ({shebang_lang})")
|
|
210
|
+
return self._forge_result("undeterminable", 0.0, 5, f"Identity Conflict ({ext} != {shebang_lang})", result, content_sample)
|
|
211
|
+
|
|
205
212
|
target_id = "markdown" if ext in {'.md', '.mdx'} else "plaintext"
|
|
206
213
|
return self._forge_result(target_id, self.thresholds.get("PROSE_CONFIDENCE", 0.95), 1, f"Prose Extension ({ext})", result, content_sample)
|
|
207
214
|
|
|
@@ -1242,7 +1242,7 @@ LANGUAGE_DEFINITIONS = {
|
|
|
1242
1242
|
# ONLY executable logic blocks. EXCLUDES types/classes.
|
|
1243
1243
|
#
|
|
1244
1244
|
# =====================================================================
|
|
1245
|
-
# [
|
|
1245
|
+
# [ CONTEXT: C# "IRON WALL" FUNCTION EXTRACTOR & REDOS SHIELD]
|
|
1246
1246
|
# PURPOSE: Anchors executable logic blocks (methods) in C# up to C# 14.
|
|
1247
1247
|
# VULNERABILITY: C# allows massive return types (e.g., nested tuples),
|
|
1248
1248
|
# generics, and explicit interface implementations. If spaces are allowed
|
|
@@ -2007,7 +2007,7 @@ LANGUAGE_DEFINITIONS = {
|
|
|
2007
2007
|
),
|
|
2008
2008
|
"func_start": re.compile(
|
|
2009
2009
|
# =====================================================================
|
|
2010
|
-
# [
|
|
2010
|
+
# [ CONTEXT: C++ FUNCTION AST EXTRACTOR & REDOS SHIELD]
|
|
2011
2011
|
# PURPOSE: Anchors executable logic blocks (methods/functions) in C++.
|
|
2012
2012
|
# VULNERABILITY: C++ allows multi-line function signatures and complex
|
|
2013
2013
|
# return types (e.g., `std::vector<int> \n myFunc()`). In files with
|
|
@@ -4857,7 +4857,7 @@ LANGUAGE_DEFINITIONS = {
|
|
|
4857
4857
|
),
|
|
4858
4858
|
# 4. func_start (The Satellite Spawner)
|
|
4859
4859
|
# =====================================================================
|
|
4860
|
-
# [
|
|
4860
|
+
# [ CONTEXT: FORTRAN FUNCTION AST EXTRACTOR & REDOS SHIELD]
|
|
4861
4861
|
# PURPOSE: Anchors executable logic blocks (Program, Subroutine, Function, Entry)
|
|
4862
4862
|
# across 60+ years of Fortran dialects (F77 through F2018).
|
|
4863
4863
|
# VULNERABILITY: Fortran allows extreme signature variability: prefix stacking
|
|
@@ -6535,7 +6535,7 @@ LANGUAGE_DEFINITIONS = {
|
|
|
6535
6535
|
),
|
|
6536
6536
|
# 4. func_start: Satellite Spawner. Anchors logic blocks (Paragraphs and Sections).
|
|
6537
6537
|
# =====================================================================
|
|
6538
|
-
# [
|
|
6538
|
+
# [ CONTEXT: COBOL FUNCTION/PARAGRAPH AST EXTRACTOR & REDOS SHIELD]
|
|
6539
6539
|
# PURPOSE: Anchors executable logic blocks (Paragraphs and Sections) in COBOL.
|
|
6540
6540
|
# VULNERABILITY: COBOL spans 60 years of formatting rules (Fixed vs Free format).
|
|
6541
6541
|
# Without strict column boundaries, standard verbs or data definitions
|
{gitgalaxy-2.0.8 → gitgalaxy-2.1.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py
RENAMED
|
@@ -72,6 +72,12 @@ def generate_pom_xml(group_id: str, artifact_id: str) -> str:
|
|
|
72
72
|
<artifactId>spring-boot-starter-test</artifactId>
|
|
73
73
|
<scope>test</scope>
|
|
74
74
|
</dependency>
|
|
75
|
+
|
|
76
|
+
<dependency>
|
|
77
|
+
<groupId>com.h2database</groupId>
|
|
78
|
+
<artifactId>h2</artifactId>
|
|
79
|
+
<scope>test</scope>
|
|
80
|
+
</dependency>
|
|
75
81
|
</dependencies>
|
|
76
82
|
|
|
77
83
|
<build>
|
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
#!/usr/bin/env python3
|
|
2
|
+
# ==============================================================================
|
|
3
|
+
# GitGalaxy Spoke: Java Spring Test Forge (Phase 3)
|
|
4
|
+
# Purpose: Auto-generates JUnit 5 and Spring Boot integration tests to
|
|
5
|
+
# mathematically prove the translated architecture compiles and runs.
|
|
6
|
+
# ==============================================================================
|
|
7
|
+
import argparse
|
|
8
|
+
import sys
|
|
9
|
+
import json
|
|
10
|
+
from pathlib import Path
|
|
11
|
+
|
|
12
|
+
def generate_context_test(package_name: str, class_name: str) -> str:
|
|
13
|
+
"""Forges a @SpringBootTest to ensure the entire dependency injection context loads."""
|
|
14
|
+
return f"""package {package_name};
|
|
15
|
+
|
|
16
|
+
import org.junit.jupiter.api.Test;
|
|
17
|
+
import org.springframework.boot.test.context.SpringBootTest;
|
|
18
|
+
|
|
19
|
+
@SpringBootTest
|
|
20
|
+
class {class_name}ApplicationTests {{
|
|
21
|
+
|
|
22
|
+
@Test
|
|
23
|
+
void contextLoads() {{
|
|
24
|
+
// If the application.yml is broken or a @Service is missing,
|
|
25
|
+
// this test will fail immediately, catching structural regressions.
|
|
26
|
+
}}
|
|
27
|
+
}}
|
|
28
|
+
"""
|
|
29
|
+
|
|
30
|
+
def generate_controller_test(package_name: str, class_name: str, endpoint_path: str) -> str:
|
|
31
|
+
"""Forges a @WebMvcTest to verify REST API mappings without booting the full server."""
|
|
32
|
+
service_var = class_name[0].lower() + class_name[1:]
|
|
33
|
+
|
|
34
|
+
return f"""package {package_name}.controller;
|
|
35
|
+
|
|
36
|
+
import {package_name}.service.{class_name}Service;
|
|
37
|
+
import org.junit.jupiter.api.Test;
|
|
38
|
+
import org.springframework.beans.factory.annotation.Autowired;
|
|
39
|
+
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
|
|
40
|
+
import org.springframework.boot.test.mock.mockito.MockBean;
|
|
41
|
+
import org.springframework.test.web.servlet.MockMvc;
|
|
42
|
+
|
|
43
|
+
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
|
44
|
+
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
|
45
|
+
|
|
46
|
+
@WebMvcTest({class_name}Controller.class)
|
|
47
|
+
class {class_name}ControllerTest {{
|
|
48
|
+
|
|
49
|
+
@Autowired
|
|
50
|
+
private MockMvc mockMvc;
|
|
51
|
+
|
|
52
|
+
@MockBean
|
|
53
|
+
private {class_name}Service {service_var}Service;
|
|
54
|
+
|
|
55
|
+
@Test
|
|
56
|
+
void testEndpointRouting() throws Exception {{
|
|
57
|
+
// Verifies the @RequestMapping and @PostMapping forged by the API Contract script
|
|
58
|
+
mockMvc.perform(post("/api/v1/{endpoint_path}/execute")
|
|
59
|
+
.contentType("application/json")
|
|
60
|
+
.content("{{}}")) // Empty JSON payload for structural routing test
|
|
61
|
+
.andExpect(status().isOk()); // Or isNoContent() based on outputs
|
|
62
|
+
}}
|
|
63
|
+
}}
|
|
64
|
+
"""
|
|
65
|
+
|
|
66
|
+
def main():
|
|
67
|
+
parser = argparse.ArgumentParser(description="GitGalaxy Java Test Forge")
|
|
68
|
+
parser.add_argument("ir_file", help="Path to the GitGalaxy _ir.json state dump")
|
|
69
|
+
parser.add_argument("--pkg", default="com.gitgalaxy.modernized", help="Base Java package name")
|
|
70
|
+
args = parser.parse_args()
|
|
71
|
+
|
|
72
|
+
ir_path = Path(args.ir_file).resolve()
|
|
73
|
+
if not ir_path.exists():
|
|
74
|
+
sys.exit(1)
|
|
75
|
+
|
|
76
|
+
try:
|
|
77
|
+
ir_state = json.loads(ir_path.read_text(encoding='utf-8'))
|
|
78
|
+
|
|
79
|
+
# Determine class names
|
|
80
|
+
prog_id = ir_state.get("metadata", {}).get("file_name", "Unknown").split('.')[0]
|
|
81
|
+
class_name = "".join(word.capitalize() for word in prog_id.split('-'))
|
|
82
|
+
endpoint_path = prog_id.lower()
|
|
83
|
+
|
|
84
|
+
# Target output directories (Assuming standard Maven layout)
|
|
85
|
+
test_dir = ir_path.parent / "src" / "test" / "java" / args.pkg.replace('.', '/')
|
|
86
|
+
test_dir.mkdir(parents=True, exist_ok=True)
|
|
87
|
+
|
|
88
|
+
# 1. Forge Context Test
|
|
89
|
+
context_code = generate_context_test(args.pkg, class_name)
|
|
90
|
+
(test_dir / f"{class_name}ApplicationTests.java").write_text(context_code, encoding='utf-8')
|
|
91
|
+
|
|
92
|
+
# 2. Forge Controller Test
|
|
93
|
+
controller_test_dir = test_dir / "controller"
|
|
94
|
+
controller_test_dir.mkdir(exist_ok=True)
|
|
95
|
+
controller_code = generate_controller_test(args.pkg, class_name, endpoint_path)
|
|
96
|
+
(controller_test_dir / f"{class_name}ControllerTest.java").write_text(controller_code, encoding='utf-8')
|
|
97
|
+
|
|
98
|
+
print(f"🧪 Spring Boot Test Suite Forged for {class_name}")
|
|
99
|
+
|
|
100
|
+
except Exception as e:
|
|
101
|
+
print(f"Error forging Java tests: {e}")
|
|
102
|
+
|
|
103
|
+
if __name__ == "__main__":
|
|
104
|
+
main()
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
# GitGalaxy: High-Velocity Log Scanning & PII Detection
|
|
2
|
+
|
|
3
|
+
[](#)
|
|
4
|
+
[](#)
|
|
5
|
+
[](#)
|
|
6
|
+
|
|
7
|
+
During an active incident response or catastrophic data breach, standard tools fail. Basic `grep` lacks time-series context. Modern SIEMs (Splunk, ElasticSearch) require you to ingest and index data first—taking hours or days for massive database dumps.
|
|
8
|
+
|
|
9
|
+
This suite provides a tactical, pipeline-ready solution: **ultra-high-velocity, unindexed binary streaming.** Running at over 2 GB per minute, our custom stream-processing engine reads data continuously without loading massive files into RAM. Perfect for active breach triage or automated CI/CD pipeline sanitization.
|
|
10
|
+
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
## Part 1: The PII Data Leak Hunter (`pii-leak-hunter`)
|
|
14
|
+
[📖 Official Documentation](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)
|
|
15
|
+
|
|
16
|
+
A specialized incident response tool. Designed to find hemorrhaging Personally Identifiable Information inside massive, raw data dumps.
|
|
17
|
+
|
|
18
|
+
**How it works:**
|
|
19
|
+
* **Binary-Level Regex:** Compiles structural patterns to raw bytes. Extreme CPU efficiency.
|
|
20
|
+
* **Automated Masking:** Redacts toxic payloads before writing to safe evidence logs.
|
|
21
|
+
* **Exfiltration Histograms:** Generates ASCII charts. Pinpoints exact breach minutes.
|
|
22
|
+
|
|
23
|
+
**Performance Showcase:** Streamed a raw **1.00 GB compromised log file**. Completed in **25.72 seconds**. Detected and actively masked over **420,000 sensitive records**. Immediately exposed two distinct attack vectors (Customer data at 14:00, AWS Keys at 09:00).
|
|
24
|
+
|
|
25
|
+
### Targeted Patterns
|
|
26
|
+
The stream engine currently bypasses standard indexing to hunt and actively mask:
|
|
27
|
+
* **VISA** (Credit Cards)
|
|
28
|
+
* **MASTERCARD** (Credit Cards)
|
|
29
|
+
* **SSN** (US Social Security Numbers)
|
|
30
|
+
* **AWS_KEY** (AKIA, ASIA, AGPA, etc.)
|
|
31
|
+
|
|
32
|
+
### Quickstart & Integration
|
|
33
|
+
**Local CLI Execution:**
|
|
34
|
+
By default, the tool saves the masked evidence log in the same directory as the target.
|
|
35
|
+
```bash
|
|
36
|
+
pii-leak-hunter /path/to/massive_database_dump.sql
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
**Using the `--out` Flag:**
|
|
40
|
+
Route the safe, masked telemetry to a secure directory for analysis.
|
|
41
|
+
```bash
|
|
42
|
+
pii-leak-hunter /path/to/production.log --out /var/secure_logs/
|
|
43
|
+
```
|
|
44
|
+
|
|
45
|
+
**GitHub Actions CI/CD Integration:**
|
|
46
|
+
Automate sanitization before archiving logs.
|
|
47
|
+
```yaml
|
|
48
|
+
- name: Run PII Leak Hunter
|
|
49
|
+
uses: squid-protocol/gitgalaxy@main
|
|
50
|
+
with:
|
|
51
|
+
tool: 'pii-leak-hunter'
|
|
52
|
+
target: './logs/production_dump.sql'
|
|
53
|
+
args: '--out ./sanitized_logs/'
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
---
|
|
57
|
+
|
|
58
|
+
## Part 2: The Terabyte Log Scanner (`terabyte-log-scanner`)
|
|
59
|
+
[📖 Official Documentation](https://squid-protocol.github.io/gitgalaxy/04-07-terabyte-log-scanner/)
|
|
60
|
+
|
|
61
|
+
A runtime execution tracer. Connects static codebase architecture to physical runtime reality. Parses massive mainframe SMF logs or distributed traces to prove what code actually executes.
|
|
62
|
+
|
|
63
|
+
**How it works:**
|
|
64
|
+
* **Single-Pass Streaming:** Never loads the full file into RAM.
|
|
65
|
+
* **Execution Verification:** Proves exact runtime execution frequencies.
|
|
66
|
+
* **Zero-Hit Detection:** Mathematically proves if compiled legacy code is abandoned.
|
|
67
|
+
* **Dynamic Sidecars:** Outputs telemetry JSON for 3D WebGPU traffic heatmaps.
|
|
68
|
+
|
|
69
|
+
**Performance Showcase:**
|
|
70
|
+
Ran against a raw **2.1GB production stream log**. Completed single-pass scan in **30.07 seconds**. Dynamically scaled ASCII histograms instantly exposed a massive brute-force anomaly isolated from background noise:
|
|
71
|
+
|
|
72
|
+
```text
|
|
73
|
+
=== TIME-SERIES: ERROR ===
|
|
74
|
+
(Filtering to Top 15 Highest Volume Spikes)
|
|
75
|
+
[2026-04-16 14:00] ███████████████████████████████████████ (5,759 hits) <-- ANOMALY SPIKE
|
|
76
|
+
[2026-04-27 14:00] ███████████████████████████████████████ (5,753 hits) <-- ANOMALY SPIKE
|
|
77
|
+
[2026-05-02 14:00] ███████████████████████████████████████ (5,718 hits) <-- ANOMALY SPIKE
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
### Input Methods: Manual vs. Automated
|
|
81
|
+
The tool requires one of two input methods to function. It will not run without a target list.
|
|
82
|
+
|
|
83
|
+
**1. Manual Mode (`-k` or `--keywords`)**
|
|
84
|
+
Best for quick, grep-style tactical hunts. Supply a space-separated list of targets.
|
|
85
|
+
```bash
|
|
86
|
+
terabyte-log-scanner /path/to/production.log -k ERROR TIMEOUT "DATA EXCEPTION"
|
|
87
|
+
```
|
|
88
|
+
|
|
89
|
+
**2. Automated Pipeline Mode (`--input_state`)**
|
|
90
|
+
Best for CI/CD modernization pipelines. Supply a GitGalaxy Intermediate Representation (IR) JSON file. The script will automatically extract the targets from the `known_programs` array to hunt for dead code.
|
|
91
|
+
```bash
|
|
92
|
+
terabyte-log-scanner /path/to/production.log --input_state ../core/ir_state.json
|
|
93
|
+
```
|
|
94
|
+
|
|
95
|
+
*Required JSON Schema for Automated Mode:*
|
|
96
|
+
```json
|
|
97
|
+
{
|
|
98
|
+
"analysis": {
|
|
99
|
+
"known_programs": ["PROGRAM1", "PROGRAM2"]
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
```
|
|
103
|
+
|
|
104
|
+
---
|
|
105
|
+
### 🌌 Powered by the blAST Engine (Bypassing LLMs and ASTs)
|
|
106
|
+
This suite is driven by our custom deterministic heuristics engine. It processes multi-dimensional data at extreme velocity without requiring rigid ASTs or hallucinating LLMs.
|
|
107
|
+
|
|
108
|
+
* 📖 **[The blAST Paradigm (ASTs vs LLMs)](https://squid-protocol.github.io/gitgalaxy/01-03-the-blast-paradigm/)**
|
|
109
|
+
* 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**
|