gitgalaxy 2.2.1__tar.gz → 2.2.3__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- gitgalaxy-2.2.3/.github/workflows/gitgalaxy.yml +72 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/PKG-INFO +16 -12
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/README.md +14 -11
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/README.md +2 -2
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/guidestar_lens.py +68 -1
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/galaxyscope.py +62 -2
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/physics/signal_processor.py +55 -16
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/recorders/record_keeper.py +4 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/requirements.txt +15 -15
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/analysis_lens.py +10 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/gitgalaxy_config.py +13 -1
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/language_standards.py +6 -1
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/network_auditing/full_api_network_map.py +9 -1
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy.egg-info/PKG-INFO +16 -12
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy.egg-info/SOURCES.txt +3 -1
- gitgalaxy-2.2.3/gitgalaxy.egg-info/requires.txt +1 -0
- gitgalaxy-2.2.3/github-action-readme.md +189 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/pyproject.toml +3 -1
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_galaxyscope.py +1 -2
- gitgalaxy-2.2.1/cure_dead_ends.py +0 -51
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.flake8 +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/dependabot.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/pull_request_template.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/workflows/codeql.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/workflows/deploy-docs.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/workflows/publish.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.github/workflows/smoke-test.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/.gitignore +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/CONTRIBUTING.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/LICENSE +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/MANIFEST.in +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/action.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/cobol_refractor_controller.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/cobol_to_java_controller.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/aperture.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/detector.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/network_risk_sensor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/prism.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/core/state_rehydrator.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/licensing.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/physics/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/physics/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/physics/chronometer.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/physics/neural_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/physics/spectral_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/recorders/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/recorders/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/recorders/audit_recorder.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/recorders/gpu_recorder.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/recorders/llm_recorder.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/security/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/security/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/security/security_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/security/security_lens.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/how_to_add_a_language.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/standards/language_lens.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/__init__.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/ai_guardrails/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/cobol_to_java/cobol_to_java_test_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/compliance/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/compliance/sbom_generator.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/network_auditing/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/supply_chain_security/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/terabyte_log_scanning/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy.egg-info/dependency_links.txt +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy.egg-info/entry_points.txt +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/gitgalaxy.egg-info/top_level.txt +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/mkdocs.yml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/setup.cfg +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/readme.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_agent_task_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_compiler_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_dag_architect.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_etl_unpacker.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_graveyard_finder.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_jcl_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_jcl_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_lexical_patcher.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_microservice_slicer.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_refractor_controller.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_schema_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/cobol_mainframe/test_cobol_system_limits_reporter.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/readme.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_aperture.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_chronometer.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_chronometer_timeout.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_detector.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_guidestar_lens.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_language_lens.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_language_standards_strict.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_prism.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_signal_processor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_state_rehydrator.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/core_engine/test_zero_dependency.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/extraction/readme.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/extraction/test_args_extraction_strict.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/extraction/test_class_extraction_strict.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/extraction/test_dependency_extraction_strict.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/extraction/test_function_extraction_strict.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/.gitattributes +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/.gitignore +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/LICENSE +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/Makefile +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/README.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/config.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/convert_em.F +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/iwubi.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/logconfig.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/readme.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_ai_appsec_sensor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_api_network_map.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_binary_anomaly_detector.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_dev_agent_firewall.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_network_risk_sensor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_neural_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_pii_leak_hunter.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_redos_poison.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_sbom_generator.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_security_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_security_lens.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_spectral_auditor.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_supply_chain_firewall.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_terabyte_log_scanner.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/security_auditing/test_vault_sentinel.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/readme.md +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/test_agent_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/test_batch_test_harness.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/test_decoder_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/test_golden_forge.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/test_gpu_recorder.py +0 -0
- {gitgalaxy-2.2.1 → gitgalaxy-2.2.3}/tests/tools_recorders/test_service_forge.py +0 -0
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
name: GitGalaxy Zero-Trust Pipeline
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
|
|
8
|
+
jobs:
|
|
9
|
+
vault-sentinel:
|
|
10
|
+
name: Vault Sentinel
|
|
11
|
+
runs-on: ubuntu-latest
|
|
12
|
+
steps:
|
|
13
|
+
- uses: actions/checkout@v4
|
|
14
|
+
- uses: squid-protocol/gitgalaxy@v2.2.3
|
|
15
|
+
with:
|
|
16
|
+
tool: 'vault-sentinel'
|
|
17
|
+
target: '.'
|
|
18
|
+
|
|
19
|
+
xray-inspector:
|
|
20
|
+
name: X-Ray Inspector
|
|
21
|
+
runs-on: ubuntu-latest
|
|
22
|
+
steps:
|
|
23
|
+
- uses: actions/checkout@v4
|
|
24
|
+
- uses: squid-protocol/gitgalaxy@v2.2.3
|
|
25
|
+
with:
|
|
26
|
+
tool: 'xray-inspector'
|
|
27
|
+
target: '.'
|
|
28
|
+
|
|
29
|
+
supply-chain-firewall:
|
|
30
|
+
name: Supply Chain Firewall
|
|
31
|
+
runs-on: ubuntu-latest
|
|
32
|
+
steps:
|
|
33
|
+
- uses: actions/checkout@v4
|
|
34
|
+
- uses: squid-protocol/gitgalaxy@v2.2.3
|
|
35
|
+
with:
|
|
36
|
+
tool: 'supply-chain-firewall'
|
|
37
|
+
target: '.'
|
|
38
|
+
|
|
39
|
+
architectural-report:
|
|
40
|
+
name: LLM Structural Brief
|
|
41
|
+
needs: [vault-sentinel, xray-inspector, supply-chain-firewall]
|
|
42
|
+
runs-on: ubuntu-latest
|
|
43
|
+
permissions:
|
|
44
|
+
contents: write # Critical: Grants the Action permission to push to main
|
|
45
|
+
steps:
|
|
46
|
+
- uses: actions/checkout@v4
|
|
47
|
+
with:
|
|
48
|
+
fetch-depth: 0
|
|
49
|
+
|
|
50
|
+
- name: Generate GalaxyScope LLM Brief
|
|
51
|
+
uses: squid-protocol/gitgalaxy@v2.2.3
|
|
52
|
+
with:
|
|
53
|
+
tool: 'galaxyscope'
|
|
54
|
+
target: '.'
|
|
55
|
+
args: '--llm-only'
|
|
56
|
+
full_precision: 'true'
|
|
57
|
+
|
|
58
|
+
- name: Commit and Push LLM Brief to Main
|
|
59
|
+
run: |
|
|
60
|
+
# Move the report to the docs folder for clean organization
|
|
61
|
+
mkdir -p docs
|
|
62
|
+
mv *_galaxy_llm.md docs/gitgalaxy_architecture_brief.md || true
|
|
63
|
+
|
|
64
|
+
# Configure the GitHub Actions bot identity
|
|
65
|
+
git config --global user.name "github-actions[bot]"
|
|
66
|
+
git config --global user.email "github-actions[bot]@users.noreply.github.com"
|
|
67
|
+
|
|
68
|
+
# Stage the file
|
|
69
|
+
git add docs/gitgalaxy_architecture_brief.md
|
|
70
|
+
|
|
71
|
+
# Only commit and push if there are actual changes to prevent pipeline failures
|
|
72
|
+
git diff --quiet && git diff --staged --quiet || (git commit -m "docs: auto-update LLM architectural brief" && git push)
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: gitgalaxy
|
|
3
|
-
Version: 2.2.
|
|
3
|
+
Version: 2.2.3
|
|
4
4
|
Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
5
5
|
Author: Joe Esquibel
|
|
6
6
|
Project-URL: Homepage, https://gitgalaxy.io
|
|
@@ -19,12 +19,13 @@ Classifier: Intended Audience :: Information Technology
|
|
|
19
19
|
Requires-Python: >=3.9
|
|
20
20
|
Description-Content-Type: text/markdown
|
|
21
21
|
License-File: LICENSE
|
|
22
|
+
Requires-Dist: PyYAML>=6.0
|
|
22
23
|
Dynamic: license-file
|
|
23
24
|
|
|
24
25
|
# GitGalaxy
|
|
25
26
|
|
|
26
27
|
[](https://badge.fury.io/py/gitgalaxy)
|
|
27
|
-
[](https://www.python.org/downloads/)
|
|
28
29
|
[](https://polyformproject.org/licenses/noncommercial/1.0.0/)
|
|
29
30
|
|
|
30
31
|
[](#)
|
|
@@ -33,26 +34,25 @@ Dynamic: license-file
|
|
|
33
34
|
[](#)
|
|
34
35
|
[](#)
|
|
35
36
|
[](#)
|
|
36
|
-
[](#)
|
|
37
37
|
|
|
38
38
|
[](https://pypi.org/project/gitgalaxy/)
|
|
39
39
|
[](#)
|
|
40
40
|
[](https://pepy.tech/project/gitgalaxy)
|
|
41
|
-
[](https://github.com/squid-protocol/gitgalaxy/stargazers)
|
|
42
41
|
|
|
43
|
-
### **
|
|
42
|
+
### **Whole-Repository Understanding & DevSecOps Physics**
|
|
44
43
|
|
|
45
|
-
|
|
44
|
+
Most tools analyze code line-by-line. GitGalaxy maps the entire architectural ecosystem. By tracking the exact flow of information across network dependencies, identifying local folder constraints, and natively recognizing 50+ languages—even mid-file—GitGalaxy provides a deterministic, 10,000-foot view of your software's physical architecture.
|
|
46
45
|
|
|
47
46
|
### Scanning Apollo-11 with the blAST Engine
|
|
48
47
|
|
|
49
48
|

|
|
50
49
|
|
|
51
|
-
|
|
50
|
+
**Why we built a custom physics engine:**
|
|
51
|
+
Standard Abstract Syntax Trees (ASTs) are great for finding syntax errors, but they require compilable code and miss the forest for the trees when mapping massive-scale information flow. LLMs, on the other hand, suffer from severe hallucination when analyzing large context windows and yield probabilistic, fluctuating answers.
|
|
52
52
|
|
|
53
|
-
The blAST engine solves this.
|
|
53
|
+
The **blAST (Bypassing LLMs and ASTs) engine** solves this. It reads code as raw structural text, scanning for semantic anchors to build a deterministic 3D knowledge graph of your entire repository. It instantly calculates the ratio of test boundaries to core logic, maps network blast radiuses, and extracts the vital project structure data that rigid linters ignore.
|
|
54
54
|
|
|
55
|
-
Every assumption
|
|
55
|
+
Think of GitGalaxy as a highly calibrated telescope for codebase risk. Every assumption the system makes is abstracted into over 300 tunable variables. You can query active API nodes, isolate supply chain threats, or highlight functions exhibiting extreme cognitive load—all adjusted via custom shields to eliminate false-positive fatigue. Field-tested on over 1,000 repositories, the engine comes equipped with enterprise-grade defaults ready for immediate CI/CD deployment.
|
|
56
56
|
|
|
57
57
|
**Core Codebase Mapping Technology**
|
|
58
58
|
* Bypasses LLMs and rigid ASTs.
|
|
@@ -89,6 +89,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
|
|
|
89
89
|
**Installation & Usage**
|
|
90
90
|
* Python-based: `pip install gitgalaxy`
|
|
91
91
|
* CLI execution
|
|
92
|
+
* CI/CD Integration: Native **[GitHub Action](github-action-read-me.md)** available for zero-trust DevSecOps pipelines.
|
|
92
93
|
* Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
|
|
93
94
|
|
|
94
95
|
> **📖 Official Documentation:** Read the full technical specifications, architecture blueprints, and the Taxonomical Equivalence Map at **[squid-protocol.github.io/gitgalaxy](https://squid-protocol.github.io/gitgalaxy/)**.
|
|
@@ -116,8 +117,11 @@ galaxyscope /path/to/your/local/repo
|
|
|
116
117
|
|
|
117
118
|
GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
|
|
118
119
|
|
|
119
|
-
|
|
120
|
+
**🚀 [View the Full GitHub Action Integration Guide](github-action-read-me.md)**
|
|
120
121
|
|
|
122
|
+
Check out our comprehensive guide to set up the **"Golden Path" Pipeline** (Parallel Enforcement & Autonomous Reporting). It covers all available Sentinel tools, AI guardrails, and advanced configuration options like our hyper-sensitive `--paranoid` threat-hunting mode.
|
|
123
|
+
|
|
124
|
+
*Minimal Example (Running a single Sentinel):*
|
|
121
125
|
```yaml
|
|
122
126
|
name: GitGalaxy Security Audit
|
|
123
127
|
|
|
@@ -135,7 +139,7 @@ jobs:
|
|
|
135
139
|
- name: Run GitGalaxy Supply Chain Firewall
|
|
136
140
|
uses: squid-protocol/gitgalaxy@main
|
|
137
141
|
with:
|
|
138
|
-
tool: 'supply-chain-firewall' #
|
|
142
|
+
tool: 'supply-chain-firewall' # View the Integration Guide for the full tool directory
|
|
139
143
|
target: '.'
|
|
140
144
|
```
|
|
141
145
|
|
|
@@ -162,7 +166,7 @@ A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutral
|
|
|
162
166
|
* **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
|
|
163
167
|
|
|
164
168
|
### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
|
|
165
|
-
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
|
|
169
|
+
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline. **[Deploy directly via our GitHub Action](github-action-read-me.md).**
|
|
166
170
|
|
|
167
171
|
### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
|
|
168
172
|
A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# GitGalaxy
|
|
2
2
|
|
|
3
3
|
[](https://badge.fury.io/py/gitgalaxy)
|
|
4
|
-
[](https://www.python.org/downloads/)
|
|
5
5
|
[](https://polyformproject.org/licenses/noncommercial/1.0.0/)
|
|
6
6
|
|
|
7
7
|
[](#)
|
|
@@ -10,26 +10,25 @@
|
|
|
10
10
|
[](#)
|
|
11
11
|
[](#)
|
|
12
12
|
[](#)
|
|
13
|
-
[](#)
|
|
14
13
|
|
|
15
14
|
[](https://pypi.org/project/gitgalaxy/)
|
|
16
15
|
[](#)
|
|
17
16
|
[](https://pepy.tech/project/gitgalaxy)
|
|
18
|
-
[](https://github.com/squid-protocol/gitgalaxy/stargazers)
|
|
19
17
|
|
|
20
|
-
### **
|
|
18
|
+
### **Whole-Repository Understanding & DevSecOps Physics**
|
|
21
19
|
|
|
22
|
-
|
|
20
|
+
Most tools analyze code line-by-line. GitGalaxy maps the entire architectural ecosystem. By tracking the exact flow of information across network dependencies, identifying local folder constraints, and natively recognizing 50+ languages—even mid-file—GitGalaxy provides a deterministic, 10,000-foot view of your software's physical architecture.
|
|
23
21
|
|
|
24
22
|
### Scanning Apollo-11 with the blAST Engine
|
|
25
23
|
|
|
26
24
|

|
|
27
25
|
|
|
28
|
-
|
|
26
|
+
**Why we built a custom physics engine:**
|
|
27
|
+
Standard Abstract Syntax Trees (ASTs) are great for finding syntax errors, but they require compilable code and miss the forest for the trees when mapping massive-scale information flow. LLMs, on the other hand, suffer from severe hallucination when analyzing large context windows and yield probabilistic, fluctuating answers.
|
|
29
28
|
|
|
30
|
-
The blAST engine solves this.
|
|
29
|
+
The **blAST (Bypassing LLMs and ASTs) engine** solves this. It reads code as raw structural text, scanning for semantic anchors to build a deterministic 3D knowledge graph of your entire repository. It instantly calculates the ratio of test boundaries to core logic, maps network blast radiuses, and extracts the vital project structure data that rigid linters ignore.
|
|
31
30
|
|
|
32
|
-
Every assumption
|
|
31
|
+
Think of GitGalaxy as a highly calibrated telescope for codebase risk. Every assumption the system makes is abstracted into over 300 tunable variables. You can query active API nodes, isolate supply chain threats, or highlight functions exhibiting extreme cognitive load—all adjusted via custom shields to eliminate false-positive fatigue. Field-tested on over 1,000 repositories, the engine comes equipped with enterprise-grade defaults ready for immediate CI/CD deployment.
|
|
33
32
|
|
|
34
33
|
**Core Codebase Mapping Technology**
|
|
35
34
|
* Bypasses LLMs and rigid ASTs.
|
|
@@ -66,6 +65,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
|
|
|
66
65
|
**Installation & Usage**
|
|
67
66
|
* Python-based: `pip install gitgalaxy`
|
|
68
67
|
* CLI execution
|
|
68
|
+
* CI/CD Integration: Native **[GitHub Action](github-action-read-me.md)** available for zero-trust DevSecOps pipelines.
|
|
69
69
|
* Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
|
|
70
70
|
|
|
71
71
|
> **📖 Official Documentation:** Read the full technical specifications, architecture blueprints, and the Taxonomical Equivalence Map at **[squid-protocol.github.io/gitgalaxy](https://squid-protocol.github.io/gitgalaxy/)**.
|
|
@@ -93,8 +93,11 @@ galaxyscope /path/to/your/local/repo
|
|
|
93
93
|
|
|
94
94
|
GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
|
|
95
95
|
|
|
96
|
-
|
|
96
|
+
**🚀 [View the Full GitHub Action Integration Guide](github-action-read-me.md)**
|
|
97
97
|
|
|
98
|
+
Check out our comprehensive guide to set up the **"Golden Path" Pipeline** (Parallel Enforcement & Autonomous Reporting). It covers all available Sentinel tools, AI guardrails, and advanced configuration options like our hyper-sensitive `--paranoid` threat-hunting mode.
|
|
99
|
+
|
|
100
|
+
*Minimal Example (Running a single Sentinel):*
|
|
98
101
|
```yaml
|
|
99
102
|
name: GitGalaxy Security Audit
|
|
100
103
|
|
|
@@ -112,7 +115,7 @@ jobs:
|
|
|
112
115
|
- name: Run GitGalaxy Supply Chain Firewall
|
|
113
116
|
uses: squid-protocol/gitgalaxy@main
|
|
114
117
|
with:
|
|
115
|
-
tool: 'supply-chain-firewall' #
|
|
118
|
+
tool: 'supply-chain-firewall' # View the Integration Guide for the full tool directory
|
|
116
119
|
target: '.'
|
|
117
120
|
```
|
|
118
121
|
|
|
@@ -139,7 +142,7 @@ A mathematical x-ray suite for sanitizing mainframe monoliths. It safely neutral
|
|
|
139
142
|
* **Proven Metric:** The Graveyard Reaper engine extracted over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
|
|
140
143
|
|
|
141
144
|
### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
|
|
142
|
-
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline.
|
|
145
|
+
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, sub-atomic XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline. **[Deploy directly via our GitHub Action](github-action-read-me.md).**
|
|
143
146
|
|
|
144
147
|
### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
|
|
145
148
|
A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
|
|
@@ -16,7 +16,7 @@ When you trigger the `galaxyscope` command, the data flows through these five ph
|
|
|
16
16
|
* **`/physics/` (The Math):** The heuristics engine. Contains the [Signal Processor](https://squid-protocol.github.io/gitgalaxy/02-09-signal-processing/) and [Neural Auditor](https://squid-protocol.github.io/gitgalaxy/02-19-neural-auditor/), which apply GitGalaxy mathematics to score O(N) complexity, topological blast radius, and state flux without using ASTs.
|
|
17
17
|
* **`/recorders/` (The Exporters):** The translation layer. Converts the internal state maps into highly relational [SQLite Databases](https://squid-protocol.github.io/gitgalaxy/02-21-record-keeper/), AI-agent JSON tickets, and the final 3D WebGPU payload.
|
|
18
18
|
* **`/security/` (The Sentinel):** The zero-trust validation layer. Contains the [Security Lens](https://squid-protocol.github.io/gitgalaxy/02-06-security-lens/) responsible for intercepting embedded malware, hardcoded secrets, and logic bombs on the fly.
|
|
19
|
-
* **`/tools/` (The Spokes):** The enterprise automation layer. Contains specialized controllers for CI/CD pipelines—like the [Supply Chain Firewall](https://squid-protocol.github.io/gitgalaxy/04-03-supply-chain-firewall/) and [PII Leak Hunter](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)—that consume the core engine's telemetry.
|
|
19
|
+
* **`/tools/` (The Spokes):** The enterprise automation layer. Contains specialized controllers for CI/CD pipelines—like the [Supply Chain Firewall](https://squid-protocol.github.io/gitgalaxy/04-03-supply-chain-firewall/) and [PII Leak Hunter](https://squid-protocol.github.io/gitgalaxy/04-06-pii-leak-hunter/)—that consume the core engine's telemetry. **These specialized tools power our official [Zero-Trust DevSecOps GitHub Action](../github-action-read-me.md).**
|
|
20
20
|
|
|
21
21
|
---
|
|
22
22
|
|
|
@@ -74,4 +74,4 @@ To fully understand how GalaxyScope processes data, maps files, and applies risk
|
|
|
74
74
|
* 📖 **[GalaxyScope CLI Reference](https://squid-protocol.github.io/gitgalaxy/01-02-galaxyscope-cli-reference/)** (Flags, outputs, and behaviors)
|
|
75
75
|
* 📖 **[The Data Pipeline Overview](https://squid-protocol.github.io/gitgalaxy/02-01-pipeline-overview/)** (Step-by-step breakdown of the runtime)
|
|
76
76
|
* 📖 **[Risk Exposures & Methodology](https://squid-protocol.github.io/gitgalaxy/08-01-methodology/)** (The math behind the heuristics)
|
|
77
|
-
* 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**
|
|
77
|
+
* 🪐 **[Return to the Main GitGalaxy Hub](https://github.com/squid-protocol/gitgalaxy)**
|
|
@@ -8,6 +8,7 @@
|
|
|
8
8
|
# of this project, or at https://polyformproject.org/licenses/noncommercial/1.0.0/
|
|
9
9
|
# ==============================================================================
|
|
10
10
|
import re
|
|
11
|
+
import os
|
|
11
12
|
import json
|
|
12
13
|
import logging
|
|
13
14
|
import fnmatch
|
|
@@ -68,6 +69,9 @@ class GuideStarLens:
|
|
|
68
69
|
# Pattern Prior Map for .gitattributes (e.g., *.h)
|
|
69
70
|
self.pattern_priors: Dict[str, Dict[str, Any]] = {}
|
|
70
71
|
|
|
72
|
+
# Spatial Documentation Map: Dict[directory_path, shield_strength_float]
|
|
73
|
+
self.doc_umbrellas: Dict[str, float] = {}
|
|
74
|
+
|
|
71
75
|
self.logger.debug(f"GuideStar Lens Online | Sector: {self.root.name}")
|
|
72
76
|
|
|
73
77
|
def align_telescope(self):
|
|
@@ -83,8 +87,11 @@ class GuideStarLens:
|
|
|
83
87
|
# 3. The Evasion Scout (.gitignore)
|
|
84
88
|
self._survey_gitignore()
|
|
85
89
|
|
|
90
|
+
# 4. The Knowledge Scout (Documentation Umbrellas)
|
|
91
|
+
self._survey_knowledge_anchors()
|
|
92
|
+
|
|
86
93
|
self.logger.info(
|
|
87
|
-
f"GuideStar: Alignment complete. Cached {len(self.priors)} intent priors
|
|
94
|
+
f"GuideStar: Alignment complete. Cached {len(self.priors)} intent priors, {len(self.pattern_priors)} pattern rules, and {len(self.doc_umbrellas)} documentation shields."
|
|
88
95
|
)
|
|
89
96
|
|
|
90
97
|
def get_intent_status(self, path: Union[str, Path]) -> Tuple[bool, Dict[str, Any]]:
|
|
@@ -425,3 +432,63 @@ class GuideStarLens:
|
|
|
425
432
|
|
|
426
433
|
except Exception as e:
|
|
427
434
|
self.logger.debug(f"GuideStar: Evasion inspection failed for .gitignore: {e}")
|
|
435
|
+
|
|
436
|
+
# ==============================================================================
|
|
437
|
+
# KNOWLEDGE ANCHORS (The Documentation Scout)
|
|
438
|
+
# ==============================================================================
|
|
439
|
+
|
|
440
|
+
def _survey_knowledge_anchors(self):
|
|
441
|
+
"""
|
|
442
|
+
Scans the repository for high-value architectural literature.
|
|
443
|
+
Calculates the physical mass of the documentation to project a
|
|
444
|
+
defensive umbrella shield over the surrounding directory.
|
|
445
|
+
"""
|
|
446
|
+
anchor_patterns = {
|
|
447
|
+
"README.md",
|
|
448
|
+
"README.txt",
|
|
449
|
+
"README.rst",
|
|
450
|
+
"ARCHITECTURE.md",
|
|
451
|
+
"DESIGN.md",
|
|
452
|
+
"SPEC.md",
|
|
453
|
+
"swagger.json",
|
|
454
|
+
"openapi.yaml",
|
|
455
|
+
"openapi.json",
|
|
456
|
+
"CONTRIBUTING.md",
|
|
457
|
+
"USAGE.md",
|
|
458
|
+
}
|
|
459
|
+
|
|
460
|
+
for root_dir, dirs, files in os.walk(self.root):
|
|
461
|
+
dir_path = Path(root_dir)
|
|
462
|
+
|
|
463
|
+
# Skip known black holes to avoid wasting I/O
|
|
464
|
+
if any(part in self._gs_config.get("BLACK_HOLES", set()) for part in dir_path.parts):
|
|
465
|
+
continue
|
|
466
|
+
|
|
467
|
+
local_shield_mass = 0
|
|
468
|
+
|
|
469
|
+
for file in files:
|
|
470
|
+
if file in anchor_patterns or file.lower().endswith(".md"):
|
|
471
|
+
file_path = dir_path / file
|
|
472
|
+
try:
|
|
473
|
+
# Fetch the physical byte size of the documentation
|
|
474
|
+
size_bytes = file_path.stat().st_size
|
|
475
|
+
|
|
476
|
+
# Ignore stubs (e.g., "# Project Title" and nothing else)
|
|
477
|
+
if size_bytes > 150:
|
|
478
|
+
local_shield_mass += size_bytes
|
|
479
|
+
except OSError:
|
|
480
|
+
pass
|
|
481
|
+
|
|
482
|
+
if local_shield_mass > 0:
|
|
483
|
+
# Calculate Shield Strength:
|
|
484
|
+
# 3000+ bytes of documentation provides a 100% (1.0) shield for this folder.
|
|
485
|
+
shield_strength = min(local_shield_mass / 3000.0, 1.0)
|
|
486
|
+
|
|
487
|
+
rel_dir = str(dir_path.relative_to(self.root)).replace("\\", "/")
|
|
488
|
+
if rel_dir == ".":
|
|
489
|
+
rel_dir = "__root__"
|
|
490
|
+
|
|
491
|
+
self.doc_umbrellas[rel_dir] = round(shield_strength, 3)
|
|
492
|
+
self.logger.debug(
|
|
493
|
+
f"GuideStar: Projected {shield_strength*100:.1f}% Documentation Shield over '{rel_dir}'"
|
|
494
|
+
)
|
|
@@ -44,6 +44,13 @@ from gitgalaxy.recorders.llm_recorder import LLMRecorder
|
|
|
44
44
|
from gitgalaxy.recorders.record_keeper import RecordKeeper
|
|
45
45
|
from gitgalaxy.security.security_lens import SecurityLens
|
|
46
46
|
from gitgalaxy.security.security_auditor import SecurityAuditor, ML_AVAILABLE
|
|
47
|
+
|
|
48
|
+
try:
|
|
49
|
+
import yaml
|
|
50
|
+
HAS_PYYAML = True
|
|
51
|
+
except ImportError:
|
|
52
|
+
HAS_PYYAML = False
|
|
53
|
+
|
|
47
54
|
from gitgalaxy.tools.ai_guardrails.dev_agent_firewall import DevAgentFirewall
|
|
48
55
|
from gitgalaxy.tools.ai_guardrails.ai_appsec_sensor import AIAppSecSensor
|
|
49
56
|
from gitgalaxy.standards.gitgalaxy_config import (
|
|
@@ -396,6 +403,15 @@ def _process_file_worker(rel_path: str) -> Dict[str, Any]:
|
|
|
396
403
|
if is_file_profiling:
|
|
397
404
|
phase_times["5_Logic_Splicer"] = time.perf_counter() - t_splicer
|
|
398
405
|
|
|
406
|
+
# ---> INJECT THE KNOWLEDGE SHIELD <---
|
|
407
|
+
dir_path = str(Path(rel_path).parent).replace("\\", "/")
|
|
408
|
+
if dir_path == ".":
|
|
409
|
+
dir_path = "__root__"
|
|
410
|
+
|
|
411
|
+
if "metadata" not in logic_data:
|
|
412
|
+
logic_data["metadata"] = {}
|
|
413
|
+
logic_data["metadata"]["doc_umbrella"] = guidestar.doc_umbrellas.get(dir_path, 0.0)
|
|
414
|
+
|
|
399
415
|
logger.debug(f"[WORKER-TRACE] <<< EXITING SPLICER: {rel_path}")
|
|
400
416
|
|
|
401
417
|
# --- Phase 5.5: Security Lens (Passive Observers) ---
|
|
@@ -615,7 +631,7 @@ class Orchestrator:
|
|
|
615
631
|
start_time = time.time()
|
|
616
632
|
logger.info(f"--- MISSION_IGNITION: {self.root.name} (v{self.version}) ---")
|
|
617
633
|
|
|
618
|
-
if not HAS_NETWORKX or not HAS_TIKTOKEN or not ML_AVAILABLE:
|
|
634
|
+
if not HAS_NETWORKX or not HAS_TIKTOKEN or not ML_AVAILABLE or not HAS_PYYAML:
|
|
619
635
|
missing_libs = []
|
|
620
636
|
if not HAS_NETWORKX:
|
|
621
637
|
missing_libs.append("networkx")
|
|
@@ -623,6 +639,8 @@ class Orchestrator:
|
|
|
623
639
|
missing_libs.append("tiktoken")
|
|
624
640
|
if not ML_AVAILABLE:
|
|
625
641
|
missing_libs.extend(["xgboost", "pandas", "numpy"])
|
|
642
|
+
if not HAS_PYYAML:
|
|
643
|
+
missing_libs.append("pyyaml")
|
|
626
644
|
|
|
627
645
|
pip_cmd = f"pip install {' '.join(missing_libs)}"
|
|
628
646
|
|
|
@@ -637,6 +655,8 @@ class Orchestrator:
|
|
|
637
655
|
logger.warning(" ┃ - tiktoken (Absolute Token Mass, Financial Read Cost) ┃")
|
|
638
656
|
if not ML_AVAILABLE:
|
|
639
657
|
logger.warning(" ┃ - xgboost, pandas (Advanced ML Threat Inference & Taxonomy) ┃")
|
|
658
|
+
if not HAS_PYYAML:
|
|
659
|
+
logger.warning(" ┃ - pyyaml (Required for parsing .yaml/.yml Swagger/OpenAPI specs) ┃")
|
|
640
660
|
logger.warning(" ┃ ┃")
|
|
641
661
|
logger.warning(" ┃ To unlock absolute precision, run: ┃")
|
|
642
662
|
logger.warning(f" ┃ {pip_cmd}".ljust(75) + "┃")
|
|
@@ -741,8 +761,9 @@ class Orchestrator:
|
|
|
741
761
|
"networkx": not HAS_NETWORKX,
|
|
742
762
|
"tiktoken": not HAS_TIKTOKEN,
|
|
743
763
|
"xgboost": not ML_AVAILABLE,
|
|
764
|
+
"pyyaml": not HAS_PYYAML,
|
|
744
765
|
},
|
|
745
|
-
"zero_dependency_mode": (not HAS_NETWORKX or not HAS_TIKTOKEN or not ML_AVAILABLE),
|
|
766
|
+
"zero_dependency_mode": (not HAS_NETWORKX or not HAS_TIKTOKEN or not ML_AVAILABLE or not HAS_PYYAML),
|
|
746
767
|
}
|
|
747
768
|
|
|
748
769
|
if "unparsable_files" not in summary:
|
|
@@ -1433,6 +1454,45 @@ class Orchestrator:
|
|
|
1433
1454
|
self.used_tokens.update(meta.get("named_tokens", []))
|
|
1434
1455
|
# ==============================================================
|
|
1435
1456
|
|
|
1457
|
+
# ==============================================================
|
|
1458
|
+
# ---> NEW: CALCULATE INSTRUCTIONAL DENSITY MULTIPLIERS <---
|
|
1459
|
+
# Aggregate markdown heuristics to upgrade the doc_umbrella shields
|
|
1460
|
+
# ==============================================================
|
|
1461
|
+
instructional_multipliers = {}
|
|
1462
|
+
for rel_path, meta in self.cryolink.items():
|
|
1463
|
+
if meta.get("lang_id") == "markdown":
|
|
1464
|
+
folder = str(Path(rel_path).parent).replace("\\", "/")
|
|
1465
|
+
if folder == ".":
|
|
1466
|
+
folder = "__root__"
|
|
1467
|
+
|
|
1468
|
+
eq = meta.get("equations", {})
|
|
1469
|
+
|
|
1470
|
+
# Instructional Mass = Diagrams (10x) + Code Blocks (5x) + Headers (1x) + Links (0.5x)
|
|
1471
|
+
instructional_mass = (
|
|
1472
|
+
(eq.get("lit_diagrams", 0) * 10.0)
|
|
1473
|
+
+ (eq.get("lit_code_blocks", 0) * 5.0)
|
|
1474
|
+
+ (eq.get("lit_headers", 0) * 1.0)
|
|
1475
|
+
+ (eq.get("lit_links", 0) * 0.5)
|
|
1476
|
+
)
|
|
1477
|
+
|
|
1478
|
+
# Base Multiplier is 1.0. High-quality docs can double the shield (2.0)
|
|
1479
|
+
multiplier = 1.0 + min(instructional_mass / 50.0, 1.0)
|
|
1480
|
+
|
|
1481
|
+
if folder not in instructional_multipliers or multiplier > instructional_multipliers.get(folder, 0.0):
|
|
1482
|
+
instructional_multipliers[folder] = multiplier
|
|
1483
|
+
|
|
1484
|
+
# Apply the multiplier to the existing doc_umbrellas
|
|
1485
|
+
for rel_path, meta in self.cryolink.items():
|
|
1486
|
+
folder = str(Path(rel_path).parent).replace("\\", "/")
|
|
1487
|
+
if folder == ".":
|
|
1488
|
+
folder = "__root__"
|
|
1489
|
+
|
|
1490
|
+
if "metadata" in meta and "doc_umbrella" in meta["metadata"]:
|
|
1491
|
+
base_shield = meta["metadata"]["doc_umbrella"]
|
|
1492
|
+
mult = instructional_multipliers.get(folder, 1.0)
|
|
1493
|
+
meta["metadata"]["doc_umbrella"] = min(base_shield * mult, 1.0)
|
|
1494
|
+
# ==============================================================
|
|
1495
|
+
|
|
1436
1496
|
for rel_path, meta in self.cryolink.items():
|
|
1437
1497
|
loc = meta.get("coding_loc", 0)
|
|
1438
1498
|
total_loc += loc
|
|
@@ -683,7 +683,21 @@ class SignalProcessor:
|
|
|
683
683
|
popularity=popularity,
|
|
684
684
|
)
|
|
685
685
|
|
|
686
|
-
|
|
686
|
+
# Calculate Silo Risk early for the Documentation N-Dimensional Math
|
|
687
|
+
silo_exposure = self._calculate_silo_risk(meta.get("authors", {}))
|
|
688
|
+
|
|
689
|
+
doc_score = self._calc_documentation(
|
|
690
|
+
loc,
|
|
691
|
+
doc_lines,
|
|
692
|
+
equations,
|
|
693
|
+
fc,
|
|
694
|
+
irc,
|
|
695
|
+
mp_map.get("doc", 1.0),
|
|
696
|
+
functions,
|
|
697
|
+
doc_umbrella=ghost_meta.get("doc_umbrella", 0.0),
|
|
698
|
+
popularity=popularity,
|
|
699
|
+
silo_exposure=silo_exposure,
|
|
700
|
+
)
|
|
687
701
|
spec_score = self._calc_spec_alignment(equations, mp_map.get("spec", 1.0))
|
|
688
702
|
|
|
689
703
|
bureaucracy_dampener = min(loc / 15.0, 1.0)
|
|
@@ -1481,35 +1495,60 @@ class SignalProcessor:
|
|
|
1481
1495
|
irc: int,
|
|
1482
1496
|
mp: float,
|
|
1483
1497
|
functions: List[Dict[str, Any]] = None,
|
|
1498
|
+
doc_umbrella: float = 0.0,
|
|
1499
|
+
popularity: int = 0,
|
|
1500
|
+
silo_exposure: float = 0.0,
|
|
1484
1501
|
) -> float:
|
|
1485
1502
|
t = self.risk_tuning.get("documentation", {})
|
|
1486
|
-
|
|
1503
|
+
|
|
1504
|
+
# 1. THE DEFENSE (The Knowledge Shield)
|
|
1505
|
+
# GuideStar Umbrella projection: 1.0 shield = 50 lines of virtual documentation
|
|
1506
|
+
umbrella_defense = doc_umbrella * 50.0
|
|
1507
|
+
|
|
1508
|
+
defense_hits = (
|
|
1487
1509
|
(eq.get("doc", 0) * t.get("doc_weight", 1.0))
|
|
1488
1510
|
+ (eq.get("ownership", 0) * t.get("ownership_weight", 0.5))
|
|
1489
1511
|
+ (doc_loc * t.get("doc_loc_weight", 0.33))
|
|
1490
|
-
|
|
1512
|
+
+ umbrella_defense
|
|
1513
|
+
) * fc
|
|
1514
|
+
|
|
1515
|
+
# 2. THE RISK (Kinetic Blindness)
|
|
1516
|
+
kinetic_blindness = 0.0
|
|
1517
|
+
api_exposure = eq.get("api", 0) * 2.0
|
|
1491
1518
|
|
|
1492
|
-
# ---> THE BLIND COMPLEXITY PENALTY <---
|
|
1493
|
-
# If the file contains incredibly heavy logic blocks or bad Big-O
|
|
1494
|
-
# but the specific functions lack docstrings, the baseline coverage is a lie.
|
|
1495
|
-
blind_penalty = 0.0
|
|
1496
1519
|
if functions:
|
|
1497
1520
|
for func in functions:
|
|
1498
|
-
|
|
1499
|
-
|
|
1521
|
+
impact = func.get("impact", 0.0)
|
|
1522
|
+
big_o = func.get("big_o_depth", 1)
|
|
1523
|
+
|
|
1524
|
+
# If a load-bearing or deeply nested block lacks a semantic tether
|
|
1525
|
+
if (impact > 50.0 or big_o >= 3) and not func.get("docstring"):
|
|
1526
|
+
kinetic_blindness += 5.0 + (math.log1p(impact) * (big_o * 0.5))
|
|
1527
|
+
|
|
1528
|
+
# Add Implicit Risk Correction (Opacity Tax) to the risk
|
|
1529
|
+
risk_hits = kinetic_blindness + api_exposure + irc
|
|
1530
|
+
|
|
1531
|
+
# 3. UNIVERSAL DENSITY EQUATION
|
|
1532
|
+
net_exposure = max(0.0, risk_hits - (defense_hits / 2.0))
|
|
1533
|
+
density = (net_exposure / max(loc, 1)) * 100.0
|
|
1534
|
+
|
|
1535
|
+
# 4. THE MULTIPLIERS (Blast Radius & Bus Factor)
|
|
1536
|
+
# Undocumented code is exponentially more dangerous if it is highly
|
|
1537
|
+
# integrated (popularity) or siloed to a single developer.
|
|
1538
|
+
network_multiplier = 1.0 + (popularity / 10.0)
|
|
1539
|
+
silo_multiplier = 1.0 + (silo_exposure / 200.0)
|
|
1500
1540
|
|
|
1501
|
-
|
|
1541
|
+
final_multiplier = network_multiplier * silo_multiplier * mp
|
|
1502
1542
|
|
|
1503
|
-
|
|
1504
|
-
return 0
|
|
1543
|
+
threshold = t.get("threshold_base", 10.0)
|
|
1505
1544
|
|
|
1506
|
-
threshold = (t.get("threshold_base", 10.0) + irc) * mp
|
|
1507
1545
|
try:
|
|
1508
|
-
|
|
1546
|
+
# We use a negative slope because high density = high risk exposure
|
|
1547
|
+
raw_risk = 100.0 / (1.0 + math.exp(-t.get("sigmoid_slope", 0.2) * (density - threshold)))
|
|
1509
1548
|
except OverflowError:
|
|
1510
|
-
raw_risk =
|
|
1549
|
+
raw_risk = 100.0 if density > threshold else 0.0
|
|
1511
1550
|
|
|
1512
|
-
return min(
|
|
1551
|
+
return min(raw_risk * final_multiplier, 100.0)
|
|
1513
1552
|
|
|
1514
1553
|
def _calc_verification(
|
|
1515
1554
|
self,
|
|
@@ -94,6 +94,10 @@ class RecordKeeper:
|
|
|
94
94
|
"telemetry": "def_telemetry",
|
|
95
95
|
"ownership": "def_ownership",
|
|
96
96
|
"spec_exposure": "def_spec_exposure",
|
|
97
|
+
"lit_code_blocks": "lit_code_blocks",
|
|
98
|
+
"lit_diagrams": "lit_diagrams",
|
|
99
|
+
"lit_headers": "lit_headers",
|
|
100
|
+
"lit_links": "lit_links",
|
|
97
101
|
"sec_private_info": "threat_private_info",
|
|
98
102
|
"sec_tainted_injection": "threat_tainted_injection",
|
|
99
103
|
"sec_heat_triggers": "threat_obfuscated",
|