gitgalaxy 2.2.0__tar.gz → 2.2.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (200) hide show
  1. gitgalaxy-2.2.2/.flake8 +3 -0
  2. gitgalaxy-2.2.2/.github/workflows/gitgalaxy.yml +72 -0
  3. gitgalaxy-2.2.2/CONTRIBUTING.md +75 -0
  4. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/PKG-INFO +34 -15
  5. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/README.md +33 -14
  6. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/README.md +8 -3
  7. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/cobol_refractor_controller.py +144 -98
  8. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/cobol_to_java_controller.py +104 -66
  9. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/aperture.py +198 -142
  10. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/detector.py +931 -561
  11. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/guidestar_lens.py +234 -118
  12. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/network_risk_sensor.py +91 -65
  13. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/prism.py +210 -172
  14. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/state_rehydrator.py +24 -21
  15. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/galaxyscope.py +805 -524
  16. gitgalaxy-2.2.2/gitgalaxy/licensing.py +81 -0
  17. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/physics/chronometer.py +160 -110
  18. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/physics/neural_auditor.py +53 -37
  19. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/physics/signal_processor.py +988 -478
  20. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/physics/spectral_auditor.py +182 -123
  21. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/recorders/audit_recorder.py +199 -127
  22. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/recorders/gpu_recorder.py +135 -98
  23. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/recorders/llm_recorder.py +708 -364
  24. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/recorders/record_keeper.py +369 -163
  25. gitgalaxy-2.2.2/gitgalaxy/requirements.txt +142 -0
  26. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/security/security_auditor.py +109 -75
  27. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/security/security_lens.py +160 -125
  28. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/standards/README.md +1 -1
  29. gitgalaxy-2.2.2/gitgalaxy/standards/analysis_lens.py +8332 -0
  30. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/standards/gitgalaxy_config.py +328 -136
  31. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/standards/how_to_add_a_language.md +29 -18
  32. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/standards/language_lens.py +489 -307
  33. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/standards/language_standards.py +1426 -2170
  34. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +18 -17
  35. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +28 -18
  36. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +21 -19
  37. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +97 -76
  38. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +36 -29
  39. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +73 -59
  40. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +63 -30
  41. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +68 -29
  42. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +83 -59
  43. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +16 -19
  44. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +46 -34
  45. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +63 -47
  46. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +21 -11
  47. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/README.md +4 -3
  48. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +49 -23
  49. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +8 -9
  50. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +44 -37
  51. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +4 -1
  52. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +2 -2
  53. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +22 -15
  54. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +124 -76
  55. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_java/cobol_to_java_test_forge.py +21 -13
  56. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/compliance/sbom_generator.py +131 -92
  57. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/network_auditing/full_api_network_map.py +94 -47
  58. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +92 -63
  59. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +96 -49
  60. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +42 -31
  61. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +65 -36
  62. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +58 -40
  63. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy.egg-info/PKG-INFO +34 -15
  64. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy.egg-info/SOURCES.txt +8 -0
  65. gitgalaxy-2.2.2/github-action-readme.md +189 -0
  66. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/mkdocs.yml +0 -0
  67. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/pyproject.toml +11 -0
  68. gitgalaxy-2.2.2/tests/README.md +48 -0
  69. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/readme.md +2 -0
  70. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_agent_task_forge.py +30 -33
  71. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_compiler_forge.py +24 -21
  72. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_dag_architect.py +37 -29
  73. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_etl_unpacker.py +60 -46
  74. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_graveyard_finder.py +30 -27
  75. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_jcl_auditor.py +33 -34
  76. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_jcl_forge.py +28 -25
  77. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_lexical_patcher.py +20 -16
  78. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_microservice_slicer.py +34 -24
  79. gitgalaxy-2.2.2/tests/cobol_mainframe/test_cobol_refractor_controller.py +250 -0
  80. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_schema_forge.py +55 -22
  81. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/cobol_mainframe/test_cobol_system_limits_reporter.py +23 -20
  82. gitgalaxy-2.2.2/tests/core_engine/readme.md +40 -0
  83. gitgalaxy-2.2.2/tests/core_engine/test_aperture.py +333 -0
  84. gitgalaxy-2.2.2/tests/core_engine/test_chronometer.py +161 -0
  85. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/core_engine/test_chronometer_timeout.py +29 -20
  86. gitgalaxy-2.2.2/tests/core_engine/test_detector.py +705 -0
  87. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/core_engine/test_galaxyscope.py +14 -7
  88. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/core_engine/test_guidestar_lens.py +37 -33
  89. gitgalaxy-2.2.2/tests/core_engine/test_language_lens.py +335 -0
  90. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/core_engine/test_language_standards_strict.py +72 -30
  91. gitgalaxy-2.2.2/tests/core_engine/test_prism.py +287 -0
  92. gitgalaxy-2.2.2/tests/core_engine/test_signal_processor.py +381 -0
  93. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/core_engine/test_state_rehydrator.py +12 -8
  94. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/core_engine/test_zero_dependency.py +53 -36
  95. gitgalaxy-2.2.2/tests/extraction/readme.md +76 -0
  96. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/extraction/test_args_extraction_strict.py +130 -70
  97. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/extraction/test_class_extraction_strict.py +147 -112
  98. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/extraction/test_dependency_extraction_strict.py +165 -189
  99. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/extraction/test_function_extraction_strict.py +201 -133
  100. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +0 -0
  101. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +0 -0
  102. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +0 -0
  103. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +0 -0
  104. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +0 -0
  105. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +0 -0
  106. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +0 -0
  107. gitgalaxy-2.2.2/tests/fixtures/iwubi_frankenstein_test/config.py +1 -0
  108. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +8 -7
  109. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/iwubi.py +96 -59
  110. gitgalaxy-2.2.2/tests/fixtures/iwubi_frankenstein_test/logconfig.py +39 -0
  111. gitgalaxy-2.2.2/tests/security_auditing/readme.md +39 -0
  112. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_ai_appsec_sensor.py +56 -44
  113. gitgalaxy-2.2.2/tests/security_auditing/test_api_network_map.py +289 -0
  114. gitgalaxy-2.2.2/tests/security_auditing/test_binary_anomaly_detector.py +259 -0
  115. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_dev_agent_firewall.py +68 -59
  116. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_network_risk_sensor.py +34 -24
  117. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_neural_auditor.py +43 -27
  118. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_pii_leak_hunter.py +17 -15
  119. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_redos_poison.py +28 -25
  120. gitgalaxy-2.2.2/tests/security_auditing/test_sbom_generator.py +255 -0
  121. gitgalaxy-2.2.2/tests/security_auditing/test_security_auditor.py +168 -0
  122. gitgalaxy-2.2.2/tests/security_auditing/test_security_lens.py +210 -0
  123. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_spectral_auditor.py +51 -36
  124. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_supply_chain_firewall.py +26 -19
  125. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_terabyte_log_scanner.py +41 -34
  126. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/security_auditing/test_vault_sentinel.py +23 -16
  127. gitgalaxy-2.2.2/tests/tools_recorders/readme.md +34 -0
  128. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/tools_recorders/test_agent_forge.py +29 -20
  129. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/tools_recorders/test_batch_test_harness.py +24 -20
  130. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/tools_recorders/test_decoder_forge.py +9 -5
  131. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/tools_recorders/test_golden_forge.py +23 -15
  132. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/tools_recorders/test_gpu_recorder.py +34 -19
  133. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/tools_recorders/test_service_forge.py +11 -9
  134. gitgalaxy-2.2.0/CONTRIBUTING.md +0 -63
  135. gitgalaxy-2.2.0/gitgalaxy/standards/analysis_lens.py +0 -1125
  136. gitgalaxy-2.2.0/tests/README.md +0 -94
  137. gitgalaxy-2.2.0/tests/cobol_mainframe/test_cobol_refractor_controller.py +0 -88
  138. gitgalaxy-2.2.0/tests/core_engine/readme.md +0 -76
  139. gitgalaxy-2.2.0/tests/core_engine/test_aperture.py +0 -165
  140. gitgalaxy-2.2.0/tests/core_engine/test_detector.py +0 -161
  141. gitgalaxy-2.2.0/tests/core_engine/test_language_lens.py +0 -48
  142. gitgalaxy-2.2.0/tests/core_engine/test_prism.py +0 -165
  143. gitgalaxy-2.2.0/tests/core_engine/test_signal_processor.py +0 -161
  144. gitgalaxy-2.2.0/tests/extraction/readme.md +0 -72
  145. gitgalaxy-2.2.0/tests/fixtures/iwubi_frankenstein_test/config.py +0 -1
  146. gitgalaxy-2.2.0/tests/fixtures/iwubi_frankenstein_test/logconfig.py +0 -30
  147. gitgalaxy-2.2.0/tests/security_auditing/readme.md +0 -45
  148. gitgalaxy-2.2.0/tests/security_auditing/test_api_network_map.py +0 -80
  149. gitgalaxy-2.2.0/tests/security_auditing/test_binary_anomaly_detector.py +0 -102
  150. gitgalaxy-2.2.0/tests/security_auditing/test_sbom_generator.py +0 -101
  151. gitgalaxy-2.2.0/tests/tools_recorders/readme.md +0 -36
  152. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +0 -0
  153. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/dependabot.yml +0 -0
  154. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/pull_request_template.md +0 -0
  155. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/workflows/codeql.yml +0 -0
  156. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/workflows/deploy-docs.yml +0 -0
  157. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/workflows/publish.yml +0 -0
  158. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.github/workflows/smoke-test.yml +0 -0
  159. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/.gitignore +0 -0
  160. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/LICENSE +0 -0
  161. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/MANIFEST.in +0 -0
  162. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/action.yml +0 -0
  163. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/__init__.py +0 -0
  164. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/README.md +0 -0
  165. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/core/__init__.py +0 -0
  166. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/physics/README.md +0 -0
  167. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/physics/__init__.py +0 -0
  168. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/recorders/README.md +0 -0
  169. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/recorders/__init__.py +0 -0
  170. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/security/README.md +0 -0
  171. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/security/__init__.py +0 -0
  172. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/standards/__init__.py +0 -0
  173. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/README.md +0 -0
  174. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/__init__.py +0 -0
  175. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/ai_guardrails/README.md +0 -0
  176. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/cobol_to_cobol/README.md +0 -0
  177. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/compliance/README.md +0 -0
  178. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/network_auditing/README.md +0 -0
  179. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/supply_chain_security/README.md +0 -0
  180. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy/tools/terabyte_log_scanning/README.md +0 -0
  181. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy.egg-info/dependency_links.txt +0 -0
  182. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy.egg-info/entry_points.txt +0 -0
  183. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/gitgalaxy.egg-info/top_level.txt +0 -0
  184. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/setup.cfg +0 -0
  185. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/.gitattributes +0 -0
  186. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/.gitignore +0 -0
  187. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/LICENSE +0 -0
  188. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/Makefile +0 -0
  189. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/README.md +0 -0
  190. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/convert_em.F +0 -0
  191. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +0 -0
  192. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +0 -0
  193. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +0 -0
  194. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +0 -0
  195. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +0 -0
  196. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +0 -0
  197. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
  198. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
  199. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
  200. {gitgalaxy-2.2.0 → gitgalaxy-2.2.2}/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
@@ -0,0 +1,3 @@
1
+ [flake8]
2
+ max-line-length = 120
3
+ extend-ignore = E203, W503, E501, E741, W291, W293, F401, F841
@@ -0,0 +1,72 @@
1
+ name: GitGalaxy Zero-Trust Pipeline
2
+
3
+ on:
4
+ push:
5
+ branches:
6
+ - main
7
+
8
+ jobs:
9
+ vault-sentinel:
10
+ name: Vault Sentinel
11
+ runs-on: ubuntu-latest
12
+ steps:
13
+ - uses: actions/checkout@v4
14
+ - uses: squid-protocol/gitgalaxy@main
15
+ with:
16
+ tool: 'vault-sentinel'
17
+ target: '.'
18
+
19
+ xray-inspector:
20
+ name: X-Ray Inspector
21
+ runs-on: ubuntu-latest
22
+ steps:
23
+ - uses: actions/checkout@v4
24
+ - uses: squid-protocol/gitgalaxy@main
25
+ with:
26
+ tool: 'xray-inspector'
27
+ target: '.'
28
+
29
+ supply-chain-firewall:
30
+ name: Supply Chain Firewall
31
+ runs-on: ubuntu-latest
32
+ steps:
33
+ - uses: actions/checkout@v4
34
+ - uses: squid-protocol/gitgalaxy@main
35
+ with:
36
+ tool: 'supply-chain-firewall'
37
+ target: '.'
38
+
39
+ architectural-report:
40
+ name: LLM Structural Brief
41
+ needs: [vault-sentinel, xray-inspector, supply-chain-firewall]
42
+ runs-on: ubuntu-latest
43
+ permissions:
44
+ contents: write # Critical: Grants the Action permission to push to main
45
+ steps:
46
+ - uses: actions/checkout@v4
47
+ with:
48
+ fetch-depth: 0
49
+
50
+ - name: Generate GalaxyScope LLM Brief
51
+ uses: squid-protocol/gitgalaxy@main
52
+ with:
53
+ tool: 'galaxyscope'
54
+ target: '.'
55
+ args: '--llm-only'
56
+ full_precision: 'true'
57
+
58
+ - name: Commit and Push LLM Brief to Main
59
+ run: |
60
+ # Move the report to the docs folder for clean organization
61
+ mkdir -p docs
62
+ mv *_galaxy_llm.md docs/gitgalaxy_architecture_brief.md || true
63
+
64
+ # Configure the GitHub Actions bot identity
65
+ git config --global user.name "github-actions[bot]"
66
+ git config --global user.email "github-actions[bot]@users.noreply.github.com"
67
+
68
+ # Stage the file
69
+ git add docs/gitgalaxy_architecture_brief.md
70
+
71
+ # Only commit and push if there are actual changes to prevent pipeline failures
72
+ git diff --quiet && git diff --staged --quiet || (git commit -m "docs: auto-update LLM architectural brief" && git push)
@@ -0,0 +1,75 @@
1
+ # 🤝 Contributing to GitGalaxy
2
+
3
+ First off, thank you for considering contributing to GitGalaxy! The blAST engine is a highly calibrated, deterministic mathematical instrument. Calibrating it across the vast ecosystem of open-source software requires a dedicated community of systems engineers.
4
+
5
+ Whether you are reporting a taxonomic discrepancy, refining the parsing engine, or expanding the documentation, your input helps map the architectural physics of software more accurately.
6
+
7
+ ---
8
+
9
+ ## ⚙️ The blAST Philosophy (Physics over ASTs)
10
+
11
+ Before diving in, please remember that GitGalaxy treats code as a physical structure governed by thermodynamic laws. The blAST engine evaluates structural logic, algorithmic complexity, and calculated **risk exposures**—not just rigid syntax.
12
+
13
+ Sometimes, what appears to be a traditional parsing error might actually be the blAST engine intentionally flagging a structural anomaly or a dense risk exposure. Please keep this in mind when reporting issues or proposing changes to the extraction heuristics.
14
+
15
+ ---
16
+
17
+ ## 🌐 Expanding the blAST Engine (Adding Languages)
18
+
19
+ GitGalaxy uses an AST-free, mathematical heuristics engine to build a comparative lexical taxonomical map across all programming languages. We do not write traditional parsers; we map thermodynamic language physics using bounded regular expressions.
20
+
21
+ If you want to add native support for a new language (e.g., Lua, Haskell, or a proprietary DSL), do not start writing regex from scratch. We use a strict LLM-driven calibration protocol to guarantee ReDoS immunity.
22
+
23
+ **Please read the strict engine calibration guide here:** **[Architecting a New Language (Extending the blAST Engine)](gitgalaxy/standards/how_to_add_a_language.md)**
24
+
25
+ ---
26
+
27
+ ## 🔬 The Differential Scan (Our PR Protocol)
28
+
29
+ We do not merge structural backend changes based solely on subjective code review. GitGalaxy operates at planetary scale, and every change to the parsing logic has cascading effects.
30
+
31
+ When you submit a Pull Request that alters the blAST engine, your candidate changes will be subjected to a **Full Differential Scan**.
32
+
33
+ * **The Control + Variable Test:** We run your branch against our calibrated baseline of ~80 massive open-source repositories, **plus** the specific repository your PR is designed to address.
34
+ * **Before and After:** We perform a strict mathematical comparison of the engine's output before and after your rule update across this entire dataset. This ensures your addition resolves the target discrepancy without degrading the established baseline or triggering Catastrophic Backtracking (ReDoS).
35
+ * **The Metrics:** The output is assessed strictly on four vectors: **Accuracy, Speed, Utility, and Ethos.**
36
+ * Only changes that are mathematically and practically *measurably better* across the broader ecosystem will be incorporated into the `main` branch.
37
+
38
+ ---
39
+
40
+ ## 🛠️ Submitting Pull Requests
41
+
42
+ To ensure your contribution integrates smoothly into the Zero-Trust ecosystem:
43
+
44
+ 1. **Fork and Branch:** Create a feature branch from `main` (`git checkout -b feature/your-feature-name`).
45
+ 2. **Maintain the Contract:** Ensure that any backend changes to the CLI do not break the universal JSON schema contract expected by the frontend Observatory.
46
+ 3. **Test Visually:** Run your newly generated `_galaxy.json` through either **[GitGalaxy.io](https://gitgalaxy.io)** or your local **Airgap Observatory** to verify that 3D WebGPU rendering and visual physics constraints remain intact.
47
+ 4. **Document:** If you are adding new language phenotypes or altering the parsing logic, please update the [Language Lens](docs/wiki/02-05-language-lens.md) documentation in the wiki.
48
+ 5. **Submit:** Open a PR with a clear title. Explain the *why* behind your structural changes, not just the *what*. Be sure to include the link to the target repository so we can include it in the Differential Scan.
49
+
50
+ ---
51
+
52
+ ## 🐛 Reporting Discrepancies
53
+
54
+ If the GalaxyScope CLI misidentifies a repository's structure or fails to parse a specific file phenotype, please use our **[Parsing Discrepancy Form](https://github.com/squid-protocol/gitgalaxy/issues/new/choose)**.
55
+
56
+ To help us reproduce the issue with quantitative precision, you will be asked to provide:
57
+ * A direct link to the public repository being scanned.
58
+ * The Observatory viewer you were using ([GitGalaxy.io](https://gitgalaxy.io) or Airgap Observatory).
59
+ * A clear description of the expected vs. actual output.
60
+ * The contents of your custom `gitgalaxy_config.py` file (if applicable).
61
+ * Contact information for follow-up questions.
62
+
63
+ ---
64
+
65
+ ## 🛡️ Security Vulnerabilities
66
+
67
+ If you discover a vulnerability within GitGalaxy itself (e.g., a way to bypass the local sandbox, a ReDoS vector, or an issue in the Airgap Observatory), **do not open a public issue.** Please reach out directly via the contact portal at [GitGalaxy.io](https://gitgalaxy.io) so the vulnerability can be patched securely before public disclosure.
68
+
69
+ ---
70
+
71
+ ## 📜 Licensing Reminder
72
+
73
+ GitGalaxy is released under the **PolyForm Noncommercial License 1.0.0**. By contributing to this repository, you agree that your contributions will be licensed under these same terms.
74
+
75
+ *Note: This tool is free for research, education, testing, and hobby projects. Any commercial use or integration into commercial SaaS products or corporate CI/CD pipelines requires a separate commercial license.*
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: gitgalaxy
3
- Version: 2.2.0
3
+ Version: 2.2.2
4
4
  Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
5
5
  Author: Joe Esquibel
6
6
  Project-URL: Homepage, https://gitgalaxy.io
@@ -24,7 +24,7 @@ Dynamic: license-file
24
24
  # GitGalaxy
25
25
 
26
26
  [![PyPI version](https://badge.fury.io/py/gitgalaxy.svg)](https://badge.fury.io/py/gitgalaxy)
27
- [![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
27
+ [![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
28
28
  [![License: PolyForm Noncommercial](https://img.shields.io/badge/License-PolyForm%20Noncommercial-blue.svg)](https://polyformproject.org/licenses/noncommercial/1.0.0/)
29
29
 
30
30
  [![Engine](https://img.shields.io/badge/Engine-blAST-8A2BE2.svg)](#)
@@ -33,35 +33,38 @@ Dynamic: license-file
33
33
  [![Threat Hunting](https://img.shields.io/badge/Threat_Hunting-Behavioral-FF4500.svg)](#)
34
34
  [![Architecture](https://img.shields.io/badge/Architecture-Zero__Trust-teal.svg)](#)
35
35
  [![Coverage](https://img.shields.io/badge/Coverage-50%2B_Languages-00C957.svg)](#)
36
- [![Scale](https://img.shields.io/badge/Scale-100k%2B_LOC%2Fsec-00BFFF.svg)](#)
37
36
 
38
37
  [![Zero Dependencies](https://img.shields.io/badge/Dependencies-0-brightgreen.svg)](https://pypi.org/project/gitgalaxy/)
39
38
  [![Airgap Ready](https://img.shields.io/badge/Security-Airgap_Ready-teal.svg)](#)
39
+ [![Downloads](https://static.pepy.tech/badge/gitgalaxy)](https://pepy.tech/project/gitgalaxy)
40
40
 
41
- ### **AST-Free Static Analysis & Knowledge Graph Engine**
41
+ ### **Whole-Repository Understanding & DevSecOps Physics**
42
42
 
43
- The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
43
+ Most tools analyze code line-by-line. GitGalaxy maps the entire architectural ecosystem. By tracking the exact flow of information across network dependencies, identifying local folder constraints, and natively recognizing 50+ languages—even mid-file—GitGalaxy provides a deterministic, 10,000-foot view of your software's physical architecture.
44
44
 
45
45
  ### Scanning Apollo-11 with the blAST Engine
46
46
 
47
47
  ![GitGalaxy CLI Scan](./docs/wiki/assets/apollo11_scan.gif)
48
48
 
49
- By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
49
+ **Why we built a custom physics engine:**
50
+ Standard Abstract Syntax Trees (ASTs) are great for finding syntax errors, but they require compilable code and miss the forest for the trees when mapping massive-scale information flow. LLMs, on the other hand, suffer from severe hallucination when analyzing large context windows and yield probabilistic, fluctuating answers.
50
51
 
51
- The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
52
+ The **blAST (Bypassing LLMs and ASTs) engine** solves this. It reads code as raw structural text, scanning for semantic anchors to build a deterministic 3D knowledge graph of your entire repository. It instantly calculates the ratio of test boundaries to core logic, maps network blast radiuses, and extracts the vital project structure data that rigid linters ignore.
52
53
 
53
- Every assumption our system makes has been abstracted into over 300 tunable variables. Think of GitGalaxy as a highly calibrated telescope. You can query the number of active API network nodes, isolate unique external imports, or highlight functions exhibiting extreme cognitive load—all adjusted via custom whitelists and blacklists to eliminate false-positive fatigue. Field-tested on over 1,000 repositories spanning 50+ languages and 250+ extensions, the engine comes equipped with smart defaults ready for immediate deployment.
54
+ Think of GitGalaxy as a highly calibrated telescope for codebase risk. Every assumption the system makes is abstracted into over 300 tunable variables. You can query active API nodes, isolate supply chain threats, or highlight functions exhibiting extreme cognitive load—all adjusted via custom shields to eliminate false-positive fatigue. Field-tested on over 1,000 repositories, the engine comes equipped with enterprise-grade defaults ready for immediate CI/CD deployment.
54
55
 
55
56
  **Core Codebase Mapping Technology**
56
57
  * Bypasses LLMs and rigid ASTs.
57
58
  * Doesn't require code to compile (AST-free).
58
- * Produces full function-to-function call chains.
59
+ * Produces full network mapping via imports with generlized function calls per file.
59
60
  * Deterministically maps code by 60+ keyword regex profiles (Structural markers, I/O intents, state mutations).
60
61
  * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
61
62
  * Eliminates LLM architectural hallucinations and context window limits.
62
63
  * Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](gitgalaxy/standards/HOW_TO_ADD_LANGUAGE.md))**
63
64
 
64
65
  **Enterprise Scale & Performance Metrics**
66
+ * **Active Pipeline Integration:** Over 11,000 PyPI downloads, driven heavily by automated CI/CD security sweeps and zero-trust DevSecOps workflows.
67
+ * **Production Tested:** Backed by an active early-adopter community on GitHub driving real-world issue resolution, architectural forks, and continuous engine hardening.
65
68
  * 100,000 LOC/sec code analysis.
66
69
  * 0.07 GB/sec raw log ingestion.
67
70
  * Full-system scans in minutes without data sampling.
@@ -85,6 +88,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
85
88
  **Installation & Usage**
86
89
  * Python-based: `pip install gitgalaxy`
87
90
  * CLI execution
91
+ * CI/CD Integration: Native **[GitHub Action](github-action-read-me.md)** available for zero-trust DevSecOps pipelines.
88
92
  * Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
89
93
 
90
94
  > **📖 Official Documentation:** Read the full technical specifications, architecture blueprints, and the Taxonomical Equivalence Map at **[squid-protocol.github.io/gitgalaxy](https://squid-protocol.github.io/gitgalaxy/)**.
@@ -112,8 +116,11 @@ galaxyscope /path/to/your/local/repo
112
116
 
113
117
  GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
114
118
 
115
- Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
119
+ **🚀 [View the Full GitHub Action Integration Guide](github-action-read-me.md)**
116
120
 
121
+ Check out our comprehensive guide to set up the **"Golden Path" Pipeline** (Parallel Enforcement & Autonomous Reporting). It covers all available Sentinel tools, AI guardrails, and advanced configuration options like our hyper-sensitive `--paranoid` threat-hunting mode.
122
+
123
+ *Minimal Example (Running a single Sentinel):*
117
124
  ```yaml
118
125
  name: GitGalaxy Security Audit
119
126
 
@@ -131,7 +138,7 @@ jobs:
131
138
  - name: Run GitGalaxy Supply Chain Firewall
132
139
  uses: squid-protocol/gitgalaxy@main
133
140
  with:
134
- tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
141
+ tool: 'supply-chain-firewall' # View the Integration Guide for the full tool directory
135
142
  target: '.'
136
143
  ```
137
144
 
@@ -158,7 +165,7 @@ A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutral
158
165
  * **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
159
166
 
160
167
  ### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
161
- Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
168
+ Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline. **[Deploy directly via our GitHub Action](github-action-read-me.md).**
162
169
 
163
170
  ### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
164
171
  A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
@@ -196,10 +203,22 @@ Your code never leaves your machine. GitGalaxy performs 100% of its scanning and
196
203
  * **Ephemeral Memory Processing:** Repositories are unpacked into a volatile memory buffer (RAM) and are automatically purged when the browser tab is closed.
197
204
  * **Privacy-by-Design:** Even when using the web-based viewer, the data remains behind the user's firewall at all times.
198
205
 
199
- ## License & Copyright
206
+ ## ⚖️ Licensing & Usage
200
207
 
201
208
  Copyright (c) 2026 Joe Esquibel
202
209
 
203
- GitGalaxy is released under the PolyForm Noncommercial License 1.0.0. It is completely free for personal use, research, experiment, testing, and hobby projects. Use by educational or charitable organizations is also permitted.
210
+ GitGalaxy is distributed under the **PolyForm Noncommercial License 1.0.0**.
211
+
212
+ ### 🎓 Community Free Tier (Academic, Research, & Hobbyist)
213
+ We are deeply committed to the open-source and academic communities. If you are using GitGalaxy for personal projects, academic research, or non-commercial development, the engine is 100% free to use.
214
+
215
+ To suppress the commercial licensing delays in your terminal or personal CI/CD pipelines, simply set the following environment variable:
216
+
217
+ ```bash
218
+ export GITGALAXY_LICENSE_KEY="COMMUNITY_FREE_TIER"
219
+ ```
220
+
221
+ ### 🏢 Commercial & Enterprise Use
222
+ Running GitGalaxy in corporate environments, proprietary codebases, or commercial CI/CD pipelines requires an enterprise license. Unlicensed corporate pipelines will experience intentional execution friction, and attempting to use the Community Free Tier key in a corporate environment will trigger explicit non-compliance warnings in your audit logs.
204
223
 
205
- Any commercial use or integration into commercial SaaS products or corporate CI/CD pipelines requires a separate commercial license. Please reach out via gitgalaxy.io to discuss commercial integration.
224
+ To acquire a zero-trust commercial key for your organization and ensure clean compliance logs, please contact: **joe@gitgalaxy.io**
@@ -1,7 +1,7 @@
1
1
  # GitGalaxy
2
2
 
3
3
  [![PyPI version](https://badge.fury.io/py/gitgalaxy.svg)](https://badge.fury.io/py/gitgalaxy)
4
- [![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
4
+ [![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
5
5
  [![License: PolyForm Noncommercial](https://img.shields.io/badge/License-PolyForm%20Noncommercial-blue.svg)](https://polyformproject.org/licenses/noncommercial/1.0.0/)
6
6
 
7
7
  [![Engine](https://img.shields.io/badge/Engine-blAST-8A2BE2.svg)](#)
@@ -10,35 +10,38 @@
10
10
  [![Threat Hunting](https://img.shields.io/badge/Threat_Hunting-Behavioral-FF4500.svg)](#)
11
11
  [![Architecture](https://img.shields.io/badge/Architecture-Zero__Trust-teal.svg)](#)
12
12
  [![Coverage](https://img.shields.io/badge/Coverage-50%2B_Languages-00C957.svg)](#)
13
- [![Scale](https://img.shields.io/badge/Scale-100k%2B_LOC%2Fsec-00BFFF.svg)](#)
14
13
 
15
14
  [![Zero Dependencies](https://img.shields.io/badge/Dependencies-0-brightgreen.svg)](https://pypi.org/project/gitgalaxy/)
16
15
  [![Airgap Ready](https://img.shields.io/badge/Security-Airgap_Ready-teal.svg)](#)
16
+ [![Downloads](https://static.pepy.tech/badge/gitgalaxy)](https://pepy.tech/project/gitgalaxy)
17
17
 
18
- ### **AST-Free Static Analysis & Knowledge Graph Engine**
18
+ ### **Whole-Repository Understanding & DevSecOps Physics**
19
19
 
20
- The blAST (Bypassing LLMs and ASTs) engine is a custom-made knowledge graph engine that resolves repositories at the function level. It scores each function based on 50 unique metrics, rolls that data up to score the file, and finally summarizes the entire repository.
20
+ Most tools analyze code line-by-line. GitGalaxy maps the entire architectural ecosystem. By tracking the exact flow of information across network dependencies, identifying local folder constraints, and natively recognizing 50+ languages—even mid-file—GitGalaxy provides a deterministic, 10,000-foot view of your software's physical architecture.
21
21
 
22
22
  ### Scanning Apollo-11 with the blAST Engine
23
23
 
24
24
  ![GitGalaxy CLI Scan](./docs/wiki/assets/apollo11_scan.gif)
25
25
 
26
- By utilizing a custom engine, we retain full control over the search space. We built it to be exceptionally fast, capable of assessing your entire repository without requiring compilable code—a fundamental limitation of standard Abstract Syntax Trees (ASTs). ASTs are great for finding missing commas and memory overflows, but they miss the forest for the trees when generating knowledge graphs. LLMs, on the other hand, suffer from hallucination during large context windows and yield probabilistic, fluctuating answers.
26
+ **Why we built a custom physics engine:**
27
+ Standard Abstract Syntax Trees (ASTs) are great for finding syntax errors, but they require compilable code and miss the forest for the trees when mapping massive-scale information flow. LLMs, on the other hand, suffer from severe hallucination when analyzing large context windows and yield probabilistic, fluctuating answers.
27
28
 
28
- The blAST engine solves this. Because all programming languages utilize keywords and functions, our engine treats code files as text, scanning for these structural anchors to build a deterministic 3D knowledge graph. It seamlessly handles mid-file language switching, assesses the architectural ratio of test files to logic, and extracts invaluable project structure data that ASTs ignore.
29
+ The **blAST (Bypassing LLMs and ASTs) engine** solves this. It reads code as raw structural text, scanning for semantic anchors to build a deterministic 3D knowledge graph of your entire repository. It instantly calculates the ratio of test boundaries to core logic, maps network blast radiuses, and extracts the vital project structure data that rigid linters ignore.
29
30
 
30
- Every assumption our system makes has been abstracted into over 300 tunable variables. Think of GitGalaxy as a highly calibrated telescope. You can query the number of active API network nodes, isolate unique external imports, or highlight functions exhibiting extreme cognitive load—all adjusted via custom whitelists and blacklists to eliminate false-positive fatigue. Field-tested on over 1,000 repositories spanning 50+ languages and 250+ extensions, the engine comes equipped with smart defaults ready for immediate deployment.
31
+ Think of GitGalaxy as a highly calibrated telescope for codebase risk. Every assumption the system makes is abstracted into over 300 tunable variables. You can query active API nodes, isolate supply chain threats, or highlight functions exhibiting extreme cognitive load—all adjusted via custom shields to eliminate false-positive fatigue. Field-tested on over 1,000 repositories, the engine comes equipped with enterprise-grade defaults ready for immediate CI/CD deployment.
31
32
 
32
33
  **Core Codebase Mapping Technology**
33
34
  * Bypasses LLMs and rigid ASTs.
34
35
  * Doesn't require code to compile (AST-free).
35
- * Produces full function-to-function call chains.
36
+ * Produces full network mapping via imports with generlized function calls per file.
36
37
  * Deterministically maps code by 60+ keyword regex profiles (Structural markers, I/O intents, state mutations).
37
38
  * Regex keyword profiles allow us to classify functions, files, classes, folders and repos.
38
39
  * Eliminates LLM architectural hallucinations and context window limits.
39
40
  * Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](gitgalaxy/standards/HOW_TO_ADD_LANGUAGE.md))**
40
41
 
41
42
  **Enterprise Scale & Performance Metrics**
43
+ * **Active Pipeline Integration:** Over 11,000 PyPI downloads, driven heavily by automated CI/CD security sweeps and zero-trust DevSecOps workflows.
44
+ * **Production Tested:** Backed by an active early-adopter community on GitHub driving real-world issue resolution, architectural forks, and continuous engine hardening.
42
45
  * 100,000 LOC/sec code analysis.
43
46
  * 0.07 GB/sec raw log ingestion.
44
47
  * Full-system scans in minutes without data sampling.
@@ -62,6 +65,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
62
65
  **Installation & Usage**
63
66
  * Python-based: `pip install gitgalaxy`
64
67
  * CLI execution
68
+ * CI/CD Integration: Native **[GitHub Action](github-action-read-me.md)** available for zero-trust DevSecOps pipelines.
65
69
  * Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
66
70
 
67
71
  > **📖 Official Documentation:** Read the full technical specifications, architecture blueprints, and the Taxonomical Equivalence Map at **[squid-protocol.github.io/gitgalaxy](https://squid-protocol.github.io/gitgalaxy/)**.
@@ -89,8 +93,11 @@ galaxyscope /path/to/your/local/repo
89
93
 
90
94
  GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
91
95
 
92
- Create a file in your repository at `.github/workflows/gitgalaxy-scan.yml`:
96
+ **🚀 [View the Full GitHub Action Integration Guide](github-action-read-me.md)**
93
97
 
98
+ Check out our comprehensive guide to set up the **"Golden Path" Pipeline** (Parallel Enforcement & Autonomous Reporting). It covers all available Sentinel tools, AI guardrails, and advanced configuration options like our hyper-sensitive `--paranoid` threat-hunting mode.
99
+
100
+ *Minimal Example (Running a single Sentinel):*
94
101
  ```yaml
95
102
  name: GitGalaxy Security Audit
96
103
 
@@ -108,7 +115,7 @@ jobs:
108
115
  - name: Run GitGalaxy Supply Chain Firewall
109
116
  uses: squid-protocol/gitgalaxy@main
110
117
  with:
111
- tool: 'supply-chain-firewall' # Options: galaxyscope, zero-trust-sbom, pii-leak-hunter, etc.
118
+ tool: 'supply-chain-firewall' # View the Integration Guide for the full tool directory
112
119
  target: '.'
113
120
  ```
114
121
 
@@ -135,7 +142,7 @@ A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutral
135
142
  * **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
136
143
 
137
144
  ### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
138
- Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
145
+ Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline. **[Deploy directly via our GitHub Action](github-action-read-me.md).**
139
146
 
140
147
  ### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
141
148
  A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
@@ -173,10 +180,22 @@ Your code never leaves your machine. GitGalaxy performs 100% of its scanning and
173
180
  * **Ephemeral Memory Processing:** Repositories are unpacked into a volatile memory buffer (RAM) and are automatically purged when the browser tab is closed.
174
181
  * **Privacy-by-Design:** Even when using the web-based viewer, the data remains behind the user's firewall at all times.
175
182
 
176
- ## License & Copyright
183
+ ## ⚖️ Licensing & Usage
177
184
 
178
185
  Copyright (c) 2026 Joe Esquibel
179
186
 
180
- GitGalaxy is released under the PolyForm Noncommercial License 1.0.0. It is completely free for personal use, research, experiment, testing, and hobby projects. Use by educational or charitable organizations is also permitted.
187
+ GitGalaxy is distributed under the **PolyForm Noncommercial License 1.0.0**.
188
+
189
+ ### 🎓 Community Free Tier (Academic, Research, & Hobbyist)
190
+ We are deeply committed to the open-source and academic communities. If you are using GitGalaxy for personal projects, academic research, or non-commercial development, the engine is 100% free to use.
191
+
192
+ To suppress the commercial licensing delays in your terminal or personal CI/CD pipelines, simply set the following environment variable:
193
+
194
+ ```bash
195
+ export GITGALAXY_LICENSE_KEY="COMMUNITY_FREE_TIER"
196
+ ```
197
+
198
+ ### 🏢 Commercial & Enterprise Use
199
+ Running GitGalaxy in corporate environments, proprietary codebases, or commercial CI/CD pipelines requires an enterprise license. Unlicensed corporate pipelines will experience intentional execution friction, and attempting to use the Community Free Tier key in a corporate environment will trigger explicit non-compliance warnings in your audit logs.
181
200
 
182
- Any commercial use or integration into commercial SaaS products or corporate CI/CD pipelines requires a separate commercial license. Please reach out via gitgalaxy.io to discuss commercial integration.
201
+ To acquire a zero-trust commercial key for your organization and ensure clean compliance logs, please contact: **joe@gitgalaxy.io**
@@ -16,7 +16,7 @@ When you trigger the `galaxyscope` command, the data flows through these five ph
16
16
  * **`/physics/` (The Math):** The heuristics engine. Contains the [Signal Processor](https://squid-protocol.github.io/gitgalaxy/02-09-signal-processing/) and [Neural Auditor](https://squid-protocol.github.io/gitgalaxy/02-19-neural-auditor/), which apply GitGalaxy mathematics to score O(N) complexity, topological blast radius, and state flux without using ASTs.
17
17
  * **`/recorders/` (The Exporters):** The translation layer. Converts the internal state maps into highly relational [SQLite Databases](https://squid-protocol.github.io/gitgalaxy/02-21-record-keeper/), AI-agent JSON tickets, and the final 3D WebGPU payload.
18
18
  * **`/security/` (The Sentinel):** The zero-trust validation layer. Contains the [Security Lens](https://squid-protocol.github.io/gitgalaxy/02-06-security-lens/) responsible for intercepting embedded malware, hardcoded secrets, and logic bombs on the fly.
19
- * **`/tools/` (The Spokes):** The enterprise automation layer. Contains specialized controllers for CI/CD pipelines—like the [Supply Chain Firewall](https://squid-protocol.github.io/gitgalaxy/04-03-supply-chain-firewall/) and [PII Leak Hunter](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)—that consume the core engine's telemetry.
19
+ * **`/tools/` (The Spokes):** The enterprise automation layer. Contains specialized controllers for CI/CD pipelines—like the [Supply Chain Firewall](https://squid-protocol.github.io/gitgalaxy/04-03-supply-chain-firewall/) and [PII Leak Hunter](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)—that consume the core engine's telemetry. **These specialized tools power our official [Zero-Trust DevSecOps GitHub Action](../github-action-read-me.md).**
20
20
 
21
21
  ---
22
22
 
@@ -52,7 +52,12 @@ From the **root directory** of the repository, run:
52
52
  pip install -e .
53
53
  ```
54
54
 
55
- Once installed, you can trigger the main orchestrator globally from your terminal. This command runs the full [Data Pipeline](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/) and outputs the final artifact.
55
+ **Important:** GitGalaxy contains an embedded commercial licensing guardrail. To prevent a 5-second execution delay while testing your code locally, you must export the Community Free Tier key into your development environment before running the orchestrator:
56
+ ```bash
57
+ export GITGALAXY_LICENSE_KEY="COMMUNITY_FREE_TIER"
58
+ ```
59
+
60
+ Once installed and the key is set, you can trigger the main orchestrator globally from your terminal. This command runs the full [Data Pipeline](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/) and outputs the final artifact.
56
61
  ```bash
57
62
  galaxyscope /path/to/test/repo --debug
58
63
  ```
@@ -69,4 +74,4 @@ To fully understand how GalaxyScope processes data, maps files, and applies risk
69
74
  * 📖 **[GalaxyScope CLI Reference](https://squid-protocol.github.io/gitgalaxy/01-02-galaxyscope-cli-reference/)** (Flags, outputs, and behaviors)
70
75
  * 📖 **[The Data Pipeline Overview](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/)** (Step-by-step breakdown of the runtime)
71
76
  * 📖 **[Risk Exposures & Methodology](https://squid-protocol.github.io/gitgalaxy/08-01-methodology/)** (The math behind the heuristics)
72
- * 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**
77
+ * 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**