gitgalaxy 2.2.6__tar.gz → 2.3.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/.github/dependabot.yml +5 -3
- gitgalaxy-2.3.0/.github/workflows/codeql.yml +41 -0
- gitgalaxy-2.3.0/.github/workflows/deploy-docs.yml +38 -0
- gitgalaxy-2.3.0/.github/workflows/gitgalaxy.yml +81 -0
- gitgalaxy-2.3.0/.github/workflows/golden-crucible.yml +54 -0
- gitgalaxy-2.3.0/.github/workflows/muninn.yml +36 -0
- gitgalaxy-2.3.0/.github/workflows/publish.yml +40 -0
- gitgalaxy-2.3.0/.github/workflows/smoke-test.yml +67 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/.gitignore +17 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/PKG-INFO +42 -42
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/README.md +42 -42
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/action.yml +16 -8
- gitgalaxy-2.3.0/gitgalaxy/README.md +80 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/cobol_refractor_controller.py +13 -13
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/cobol_to_java_controller.py +50 -39
- gitgalaxy-2.3.0/gitgalaxy/core/README.md +77 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/aperture.py +101 -112
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/detector.py +155 -377
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/guidestar_lens.py +100 -118
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/network_risk_sensor.py +131 -60
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/prism.py +168 -125
- gitgalaxy-2.3.0/gitgalaxy/core/spatial_mapper.py +232 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/state_rehydrator.py +33 -10
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/galaxyscope.py +427 -292
- gitgalaxy-2.3.0/gitgalaxy/licensing.py +201 -0
- gitgalaxy-2.3.0/gitgalaxy/metrics/README.md +63 -0
- {gitgalaxy-2.2.6/gitgalaxy/physics → gitgalaxy-2.3.0/gitgalaxy/metrics}/chronometer.py +58 -45
- {gitgalaxy-2.2.6/gitgalaxy/physics → gitgalaxy-2.3.0/gitgalaxy/metrics}/signal_processor.py +487 -300
- gitgalaxy-2.2.6/gitgalaxy/physics/spectral_auditor.py → gitgalaxy-2.3.0/gitgalaxy/metrics/statistical_auditor.py +179 -187
- gitgalaxy-2.2.6/gitgalaxy/physics/neural_auditor.py → gitgalaxy-2.3.0/gitgalaxy/metrics/tensor_scanner.py +28 -12
- gitgalaxy-2.3.0/gitgalaxy/recorders/README.md +43 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/recorders/audit_recorder.py +77 -87
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/recorders/gpu_recorder.py +128 -130
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/recorders/llm_recorder.py +168 -247
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/recorders/record_keeper.py +71 -64
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/requirements.txt +12 -12
- gitgalaxy-2.3.0/gitgalaxy/security/README.md +68 -0
- gitgalaxy-2.3.0/gitgalaxy/security/manifest_parser.py +167 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/security/security_auditor.py +99 -78
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/security/security_lens.py +78 -56
- gitgalaxy-2.3.0/gitgalaxy/standards/README.md +75 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/standards/analysis_lens.py +109 -85
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/standards/gitgalaxy_config.py +87 -44
- gitgalaxy-2.3.0/gitgalaxy/standards/how_to_add_a_language.md +206 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/standards/language_lens.py +162 -155
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/standards/language_standards.py +2879 -2622
- gitgalaxy-2.3.0/gitgalaxy/tools/README.md +84 -0
- gitgalaxy-2.3.0/gitgalaxy/tools/ai_guardrails/README.md +97 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/ai_guardrails/ai_appsec_sensor.py +26 -19
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/ai_guardrails/dev_agent_firewall.py +27 -16
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/README.md +56 -55
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_agent_task_forge.py +36 -22
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_compiler_forge.py +40 -23
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_dag_architect.py +34 -17
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_etl_unpacker.py +27 -12
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_graveyard_finder.py +41 -21
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_auditor.py +43 -31
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_jcl_forge.py +33 -17
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_lexical_patcher.py +24 -15
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_microservice_slicer.py +35 -17
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_schema_forge.py +29 -14
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_cobol/cobol_system_limits_reporter.py +28 -11
- gitgalaxy-2.3.0/gitgalaxy/tools/cobol_to_java/README.md +208 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/batch_test_harness.py +34 -18
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_agent_forge.py +17 -7
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_api_contract_forge.py +30 -12
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_build_forge.py +19 -15
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_decoder_forge.py +21 -8
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_service_forge.py +29 -12
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_spring_forge.py +49 -51
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/cobol_to_java/cobol_to_java_test_forge.py +31 -16
- gitgalaxy-2.3.0/gitgalaxy/tools/compliance/README.md +84 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/compliance/sbom_generator.py +2 -2
- gitgalaxy-2.3.0/gitgalaxy/tools/network_auditing/README.md +128 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/network_auditing/full_api_network_map.py +48 -23
- gitgalaxy-2.3.0/gitgalaxy/tools/supply_chain_security/README.md +154 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/supply_chain_security/binary_anomaly_detector.py +83 -50
- gitgalaxy-2.3.0/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +233 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/supply_chain_security/vault_sentinel.py +34 -32
- gitgalaxy-2.3.0/gitgalaxy/tools/terabyte_log_scanning/README.md +208 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/terabyte_log_scanning/pii_leak_hunter.py +23 -22
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/terabyte_log_scanning/terabyte_log_scanner.py +25 -25
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy.egg-info/PKG-INFO +42 -42
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy.egg-info/SOURCES.txt +23 -36
- gitgalaxy-2.3.0/gitgalaxy.egg-info/scm_file_list.json +591 -0
- gitgalaxy-2.3.0/gitgalaxy.egg-info/scm_version.json +8 -0
- gitgalaxy-2.3.0/muninn.yml +81 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/pyproject.toml +12 -1
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_agent_task_forge.py +12 -6
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_compiler_forge.py +15 -7
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_dag_architect.py +9 -4
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_etl_unpacker.py +6 -4
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_graveyard_finder.py +20 -10
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_jcl_auditor.py +18 -8
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_jcl_forge.py +10 -7
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_lexical_patcher.py +19 -8
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_microservice_slicer.py +12 -6
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_refractor_controller.py +60 -26
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_schema_forge.py +12 -6
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/test_cobol_system_limits_reporter.py +17 -6
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_aperture.py +28 -25
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_chronometer.py +35 -36
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_chronometer_timeout.py +9 -8
- gitgalaxy-2.3.0/tests/core_engine/test_detector.py +1425 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_guidestar_lens.py +31 -28
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_language_lens.py +163 -62
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_language_standards_strict.py +71 -29
- gitgalaxy-2.3.0/tests/core_engine/test_licensing.py +178 -0
- gitgalaxy-2.3.0/tests/core_engine/test_manifest_parser.py +236 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_prism.py +67 -73
- gitgalaxy-2.3.0/tests/core_engine/test_signal_processor.py +1493 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_state_rehydrator.py +16 -9
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/test_zero_dependency.py +3 -4
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/extraction/test_args_extraction_strict.py +9 -5
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/extraction/test_class_extraction_strict.py +27 -21
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/extraction/test_dependency_extraction_strict.py +85 -61
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/extraction/test_function_extraction_strict.py +30 -22
- gitgalaxy-2.3.0/tests/golden_diff.py +92 -0
- gitgalaxy-2.3.0/tests/golden_master_audit.json +369361 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_ai_appsec_sensor.py +38 -25
- gitgalaxy-2.3.0/tests/security_auditing/test_api_network_map.py +418 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_binary_anomaly_detector.py +98 -43
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_dev_agent_firewall.py +20 -10
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_network_risk_sensor.py +68 -38
- gitgalaxy-2.3.0/tests/security_auditing/test_pii_leak_hunter.py +185 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_redos_poison.py +3 -3
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_sbom_generator.py +6 -4
- gitgalaxy-2.3.0/tests/security_auditing/test_security_auditor.py +232 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/test_security_lens.py +96 -52
- gitgalaxy-2.3.0/tests/security_auditing/test_statistical_auditor.py +307 -0
- gitgalaxy-2.3.0/tests/security_auditing/test_supply_chain_firewall.py +218 -0
- gitgalaxy-2.2.6/tests/security_auditing/test_neural_auditor.py → gitgalaxy-2.3.0/tests/security_auditing/test_tensor_auditor.py +30 -25
- gitgalaxy-2.3.0/tests/security_auditing/test_terabyte_log_scanner.py +258 -0
- gitgalaxy-2.3.0/tests/security_auditing/test_vault_sentinel.py +214 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/tools_recorders/test_agent_forge.py +5 -3
- gitgalaxy-2.3.0/tests/tools_recorders/test_audit_recorder.py +194 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/tools_recorders/test_batch_test_harness.py +3 -2
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/tools_recorders/test_decoder_forge.py +7 -7
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/tools_recorders/test_golden_forge.py +13 -12
- gitgalaxy-2.3.0/tests/tools_recorders/test_gpu_recorder.py +197 -0
- gitgalaxy-2.3.0/tests/tools_recorders/test_llm_recorder.py +283 -0
- gitgalaxy-2.3.0/tests/tools_recorders/test_record_keeper.py +278 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/tools_recorders/test_service_forge.py +9 -8
- gitgalaxy-2.3.0/zizmor.yml +5 -0
- gitgalaxy-2.2.6/.github/workflows/codeql.yml +0 -40
- gitgalaxy-2.2.6/.github/workflows/deploy-docs.yml +0 -37
- gitgalaxy-2.2.6/.github/workflows/gitgalaxy.yml +0 -72
- gitgalaxy-2.2.6/.github/workflows/publish.yml +0 -40
- gitgalaxy-2.2.6/.github/workflows/smoke-test.yml +0 -66
- gitgalaxy-2.2.6/gitgalaxy/README.md +0 -77
- gitgalaxy-2.2.6/gitgalaxy/core/README.md +0 -44
- gitgalaxy-2.2.6/gitgalaxy/licensing.py +0 -81
- gitgalaxy-2.2.6/gitgalaxy/physics/README.md +0 -36
- gitgalaxy-2.2.6/gitgalaxy/recorders/README.md +0 -38
- gitgalaxy-2.2.6/gitgalaxy/security/README.md +0 -32
- gitgalaxy-2.2.6/gitgalaxy/standards/README.md +0 -55
- gitgalaxy-2.2.6/gitgalaxy/standards/how_to_add_a_language.md +0 -210
- gitgalaxy-2.2.6/gitgalaxy/tools/README.md +0 -63
- gitgalaxy-2.2.6/gitgalaxy/tools/ai_guardrails/README.md +0 -81
- gitgalaxy-2.2.6/gitgalaxy/tools/cobol_to_java/README.md +0 -108
- gitgalaxy-2.2.6/gitgalaxy/tools/compliance/README.md +0 -115
- gitgalaxy-2.2.6/gitgalaxy/tools/network_auditing/README.md +0 -119
- gitgalaxy-2.2.6/gitgalaxy/tools/supply_chain_security/README.md +0 -163
- gitgalaxy-2.2.6/gitgalaxy/tools/supply_chain_security/supply_chain_firewall.py +0 -272
- gitgalaxy-2.2.6/gitgalaxy/tools/terabyte_log_scanning/README.md +0 -109
- gitgalaxy-2.2.6/tests/core_engine/test_detector.py +0 -705
- gitgalaxy-2.2.6/tests/core_engine/test_galaxyscope.py +0 -68
- gitgalaxy-2.2.6/tests/core_engine/test_signal_processor.py +0 -381
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/.gitattributes +0 -14
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/.gitignore +0 -3
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/LICENSE +0 -201
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/Makefile +0 -30
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/README.md +0 -66
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/bufio.go +0 -842
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/bufio_test.go +0 -1999
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/example_test.go +0 -200
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/export_test.go +0 -29
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/net_test.go +0 -96
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/scan.go +0 -427
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/bufio/scan_test.go +0 -596
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/config.py +0 -1
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/convert_em.F +0 -167
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/dnn_converters.cpp +0 -138
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/dnn_converters.hpp +0 -37
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/insert_pinyin_to_db.py +0 -28
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/iwubi.py +0 -622
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/iwubi.svg +0 -3
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/iwubi.xml +0 -30
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/logconfig.py +0 -39
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/logconfig.yaml +0 -25
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/pinyin_simp.dict.csv +0 -65113
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/screenshot/add.png +0 -0
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/screenshot/iwubi.gif +0 -0
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/screenshot/set_ibus.png +0 -0
- gitgalaxy-2.2.6/tests/fixtures/iwubi_frankenstein_test/wubi-jidian86.db +0 -0
- gitgalaxy-2.2.6/tests/security_auditing/test_api_network_map.py +0 -289
- gitgalaxy-2.2.6/tests/security_auditing/test_pii_leak_hunter.py +0 -80
- gitgalaxy-2.2.6/tests/security_auditing/test_security_auditor.py +0 -168
- gitgalaxy-2.2.6/tests/security_auditing/test_spectral_auditor.py +0 -162
- gitgalaxy-2.2.6/tests/security_auditing/test_supply_chain_firewall.py +0 -100
- gitgalaxy-2.2.6/tests/security_auditing/test_terabyte_log_scanner.py +0 -134
- gitgalaxy-2.2.6/tests/security_auditing/test_vault_sentinel.py +0 -108
- gitgalaxy-2.2.6/tests/tools_recorders/test_gpu_recorder.py +0 -66
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/.flake8 +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/.github/ISSUE_TEMPLATE/parsing_discrepancy.yml +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/.github/pull_request_template.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/CONTRIBUTING.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/LICENSE +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/MANIFEST.in +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/__init__.py +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/core/__init__.py +0 -0
- {gitgalaxy-2.2.6/gitgalaxy/physics → gitgalaxy-2.3.0/gitgalaxy/metrics}/__init__.py +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/recorders/__init__.py +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/security/__init__.py +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/standards/__init__.py +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy/tools/__init__.py +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy.egg-info/dependency_links.txt +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy.egg-info/entry_points.txt +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy.egg-info/requires.txt +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/gitgalaxy.egg-info/top_level.txt +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/github-action-readme.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/mkdocs.yml +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/setup.cfg +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/README.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/cobol_mainframe/readme.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/core_engine/readme.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/extraction/readme.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/security_auditing/readme.md +0 -0
- {gitgalaxy-2.2.6 → gitgalaxy-2.3.0}/tests/tools_recorders/readme.md +0 -0
|
@@ -1,19 +1,21 @@
|
|
|
1
1
|
version: 2
|
|
2
2
|
updates:
|
|
3
|
-
# 1. Keep GitHub Actions up to date
|
|
4
3
|
- package-ecosystem: "github-actions"
|
|
5
4
|
directory: "/"
|
|
6
5
|
schedule:
|
|
7
6
|
interval: "weekly"
|
|
7
|
+
cooldown:
|
|
8
|
+
default-days: 7
|
|
8
9
|
labels:
|
|
9
10
|
- "security"
|
|
10
11
|
- "github-actions"
|
|
11
12
|
|
|
12
|
-
# 2. Keep Python dependencies up to date
|
|
13
13
|
- package-ecosystem: "pip"
|
|
14
14
|
directory: "/"
|
|
15
15
|
schedule:
|
|
16
16
|
interval: "weekly"
|
|
17
|
+
cooldown:
|
|
18
|
+
default-days: 7
|
|
17
19
|
labels:
|
|
18
20
|
- "security"
|
|
19
|
-
- "python"
|
|
21
|
+
- "python"
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
name: "CodeQL Security Scan"
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
branches: [main]
|
|
6
|
+
schedule:
|
|
7
|
+
- cron: '0 12 * * 1'
|
|
8
|
+
|
|
9
|
+
permissions:
|
|
10
|
+
contents: read
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
analyze:
|
|
14
|
+
name: Analyze
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
permissions:
|
|
17
|
+
actions: read
|
|
18
|
+
contents: read
|
|
19
|
+
security-events: write
|
|
20
|
+
|
|
21
|
+
strategy:
|
|
22
|
+
fail-fast: false
|
|
23
|
+
matrix:
|
|
24
|
+
language: ['python']
|
|
25
|
+
|
|
26
|
+
steps:
|
|
27
|
+
- name: Checkout repository
|
|
28
|
+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
29
|
+
with:
|
|
30
|
+
persist-credentials: false
|
|
31
|
+
|
|
32
|
+
- name: Initialize CodeQL
|
|
33
|
+
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4
|
|
34
|
+
with:
|
|
35
|
+
languages: ${{ matrix.language }}
|
|
36
|
+
queries: security-extended,security-and-quality
|
|
37
|
+
|
|
38
|
+
- name: Perform CodeQL Analysis
|
|
39
|
+
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4
|
|
40
|
+
with:
|
|
41
|
+
category: "/language:${{matrix.language}}"
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
name: Deploy Museum of Code Docs
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
workflow_dispatch:
|
|
8
|
+
|
|
9
|
+
permissions:
|
|
10
|
+
contents: read
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
deploy:
|
|
14
|
+
permissions:
|
|
15
|
+
contents: write
|
|
16
|
+
runs-on: ubuntu-latest
|
|
17
|
+
steps:
|
|
18
|
+
- name: Checkout Repository
|
|
19
|
+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
20
|
+
with:
|
|
21
|
+
fetch-depth: 0
|
|
22
|
+
persist-credentials: true
|
|
23
|
+
|
|
24
|
+
- name: Configure Git Credentials
|
|
25
|
+
run: |
|
|
26
|
+
git config user.name github-actions[bot]
|
|
27
|
+
git config user.email 41898282+github-actions[bot]@users.noreply.github.com
|
|
28
|
+
|
|
29
|
+
- name: Set up Python
|
|
30
|
+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
|
|
31
|
+
with:
|
|
32
|
+
python-version: "3.x"
|
|
33
|
+
|
|
34
|
+
- name: Install Dependencies
|
|
35
|
+
run: pip install "mkdocs<2.0" mkdocs-material pymdown-extensions
|
|
36
|
+
|
|
37
|
+
- name: Build and Deploy Docs
|
|
38
|
+
run: mkdocs gh-deploy --force
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
name: GitGalaxy Zero-Trust Pipeline
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
branches: [main]
|
|
6
|
+
|
|
7
|
+
permissions:
|
|
8
|
+
contents: read
|
|
9
|
+
|
|
10
|
+
jobs:
|
|
11
|
+
vault-sentinel:
|
|
12
|
+
name: Vault Sentinel
|
|
13
|
+
runs-on: ubuntu-latest
|
|
14
|
+
steps:
|
|
15
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
16
|
+
with:
|
|
17
|
+
persist-credentials: false
|
|
18
|
+
|
|
19
|
+
- uses: squid-protocol/gitgalaxy@c5ae49362540d53bb85809ff4547d2c6feb9deba # v2.2.6
|
|
20
|
+
with:
|
|
21
|
+
tool: vault-sentinel
|
|
22
|
+
target: .
|
|
23
|
+
|
|
24
|
+
xray-inspector:
|
|
25
|
+
name: X-Ray Inspector
|
|
26
|
+
runs-on: ubuntu-latest
|
|
27
|
+
steps:
|
|
28
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
29
|
+
with:
|
|
30
|
+
persist-credentials: false
|
|
31
|
+
|
|
32
|
+
- uses: squid-protocol/gitgalaxy@c5ae49362540d53bb85809ff4547d2c6feb9deba # v2.2.6
|
|
33
|
+
with:
|
|
34
|
+
tool: xray-inspector
|
|
35
|
+
target: .
|
|
36
|
+
|
|
37
|
+
supply-chain-firewall:
|
|
38
|
+
name: Supply Chain Firewall
|
|
39
|
+
runs-on: ubuntu-latest
|
|
40
|
+
steps:
|
|
41
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
42
|
+
with:
|
|
43
|
+
persist-credentials: false
|
|
44
|
+
|
|
45
|
+
- uses: squid-protocol/gitgalaxy@c5ae49362540d53bb85809ff4547d2c6feb9deba # v2.2.6
|
|
46
|
+
with:
|
|
47
|
+
tool: supply-chain-firewall
|
|
48
|
+
target: .
|
|
49
|
+
|
|
50
|
+
architectural-report:
|
|
51
|
+
name: LLM Structural Brief
|
|
52
|
+
needs: [vault-sentinel, xray-inspector, supply-chain-firewall]
|
|
53
|
+
runs-on: ubuntu-latest
|
|
54
|
+
if: github.event_name == 'push'
|
|
55
|
+
permissions:
|
|
56
|
+
contents: write
|
|
57
|
+
steps:
|
|
58
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
59
|
+
with:
|
|
60
|
+
fetch-depth: 0
|
|
61
|
+
# zizmor: ignore[artipacked]
|
|
62
|
+
|
|
63
|
+
- name: Generate GalaxyScope LLM Brief
|
|
64
|
+
uses: squid-protocol/gitgalaxy@c5ae49362540d53bb85809ff4547d2c6feb9deba # v2.2.6
|
|
65
|
+
with:
|
|
66
|
+
tool: galaxyscope
|
|
67
|
+
target: .
|
|
68
|
+
args: --llm-only
|
|
69
|
+
full_precision: 'true'
|
|
70
|
+
|
|
71
|
+
- name: Commit and Push LLM Brief to Main
|
|
72
|
+
run: |
|
|
73
|
+
mkdir -p docs
|
|
74
|
+
mv *_galaxy_llm.md docs/gitgalaxy_architecture_brief.md || true
|
|
75
|
+
|
|
76
|
+
git config --global user.name "github-actions[bot]"
|
|
77
|
+
git config --global user.email "github-actions[bot]@users.noreply.github.com"
|
|
78
|
+
|
|
79
|
+
git add docs/gitgalaxy_architecture_brief.md
|
|
80
|
+
|
|
81
|
+
git diff --quiet && git diff --staged --quiet || (git commit -m "docs: auto-update LLM architectural brief" && git push)
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
name: Golden Crucible Resilience Test
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
- v6-dev
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
crucible-audit:
|
|
11
|
+
runs-on: ubuntu-latest
|
|
12
|
+
|
|
13
|
+
steps:
|
|
14
|
+
- name: Checkout GitGalaxy PR
|
|
15
|
+
uses: actions/checkout@v4
|
|
16
|
+
with:
|
|
17
|
+
path: gitgalaxy
|
|
18
|
+
persist-credentials: false
|
|
19
|
+
|
|
20
|
+
- name: Setup Python 3.11
|
|
21
|
+
uses: actions/setup-python@v5
|
|
22
|
+
with:
|
|
23
|
+
python-version: '3.11'
|
|
24
|
+
cache: 'pip'
|
|
25
|
+
|
|
26
|
+
- name: Install GitGalaxy Environment
|
|
27
|
+
run: |
|
|
28
|
+
cd gitgalaxy
|
|
29
|
+
python -m pip install --upgrade pip setuptools wheel
|
|
30
|
+
# Explicitly install heavy engines so GitGalaxy doesn't run in Zero-Dependency Mode
|
|
31
|
+
pip install PyYAML networkx tiktoken pandas xgboost
|
|
32
|
+
pip install -e .
|
|
33
|
+
|
|
34
|
+
- name: Fetch Golden Test Repo (Language Crucible)
|
|
35
|
+
run: |
|
|
36
|
+
echo "Cloning Language Crucible repository..."
|
|
37
|
+
git clone https://github.com/squid-protocol/language-crucible.git language-crucible
|
|
38
|
+
- name: Execute Resilience Engine
|
|
39
|
+
run: |
|
|
40
|
+
echo "Initiating GitGalaxy Golden Test Sequence..."
|
|
41
|
+
mkdir -p telemetry_out
|
|
42
|
+
|
|
43
|
+
# language-crucible is in the runner's root directory
|
|
44
|
+
timeout 180s galaxyscope ./language-crucible --output ./telemetry_out/ --file-speed --splicing-speed
|
|
45
|
+
|
|
46
|
+
- name: Debug File System (Tree)
|
|
47
|
+
if: always() # This ensures the tree prints even if the previous step fails
|
|
48
|
+
run: |
|
|
49
|
+
echo "=== ROOT DIRECTORY TREE ==="
|
|
50
|
+
tree -L 2
|
|
51
|
+
echo "=== TELEMETRY OUT CONTENTS ==="
|
|
52
|
+
ls -lh telemetry_out/
|
|
53
|
+
|
|
54
|
+
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
name: Muninn Security Scan
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
push:
|
|
6
|
+
branches: [main]
|
|
7
|
+
|
|
8
|
+
permissions:
|
|
9
|
+
contents: read
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
muninn:
|
|
13
|
+
runs-on: ubuntu-latest
|
|
14
|
+
permissions:
|
|
15
|
+
contents: read
|
|
16
|
+
security-events: write
|
|
17
|
+
pull-requests: write
|
|
18
|
+
|
|
19
|
+
steps:
|
|
20
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
21
|
+
with:
|
|
22
|
+
persist-credentials: false
|
|
23
|
+
|
|
24
|
+
- name: Run Muninn
|
|
25
|
+
# zizmor: ignore[github_action_from_unverified_creator_used]
|
|
26
|
+
uses: skaldlab/muninn@c3b5b13e4599d1c3f68280d24d64e403a306f542 # v0.3.4
|
|
27
|
+
with:
|
|
28
|
+
token: ${{ secrets.GITHUB_TOKEN }}
|
|
29
|
+
fail-on: info
|
|
30
|
+
format: sarif,comment
|
|
31
|
+
|
|
32
|
+
- name: Upload SARIF
|
|
33
|
+
if: always() && hashFiles('muninn.sarif') != ''
|
|
34
|
+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4
|
|
35
|
+
with:
|
|
36
|
+
sarif_file: muninn.sarif
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
name: Publish to PyPI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
release:
|
|
5
|
+
types: [published]
|
|
6
|
+
|
|
7
|
+
permissions:
|
|
8
|
+
contents: read
|
|
9
|
+
|
|
10
|
+
jobs:
|
|
11
|
+
pypi-publish:
|
|
12
|
+
name: Build and Publish to PyPI
|
|
13
|
+
runs-on: ubuntu-latest
|
|
14
|
+
environment:
|
|
15
|
+
name: pypi
|
|
16
|
+
url: https://pypi.org/p/gitgalaxy
|
|
17
|
+
permissions:
|
|
18
|
+
id-token: write
|
|
19
|
+
contents: read
|
|
20
|
+
|
|
21
|
+
steps:
|
|
22
|
+
- name: Checkout repository
|
|
23
|
+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
24
|
+
with:
|
|
25
|
+
fetch-depth: 0
|
|
26
|
+
persist-credentials: false
|
|
27
|
+
|
|
28
|
+
- name: Set up Python
|
|
29
|
+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
|
|
30
|
+
with:
|
|
31
|
+
python-version: "3.10"
|
|
32
|
+
|
|
33
|
+
- name: Install build tools
|
|
34
|
+
run: python -m pip install --upgrade pip build
|
|
35
|
+
|
|
36
|
+
- name: Build the wheel and source distribution
|
|
37
|
+
run: python -m build
|
|
38
|
+
|
|
39
|
+
- name: Publish package to PyPI
|
|
40
|
+
uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # release/v1
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
name: GitGalaxy Smoke Tests
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
branches: [main]
|
|
6
|
+
|
|
7
|
+
permissions:
|
|
8
|
+
contents: read
|
|
9
|
+
|
|
10
|
+
jobs:
|
|
11
|
+
smoke-test:
|
|
12
|
+
runs-on: ${{ matrix.os }}
|
|
13
|
+
env:
|
|
14
|
+
PYTHONUTF8: "1"
|
|
15
|
+
strategy:
|
|
16
|
+
fail-fast: false
|
|
17
|
+
matrix:
|
|
18
|
+
os: [ubuntu-latest, windows-latest, macos-latest]
|
|
19
|
+
python-version: ["3.9", "3.10", "3.11", "3.12"]
|
|
20
|
+
|
|
21
|
+
steps:
|
|
22
|
+
- name: Check out repository code
|
|
23
|
+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
24
|
+
with:
|
|
25
|
+
persist-credentials: false
|
|
26
|
+
|
|
27
|
+
- name: Set up Python ${{ matrix.python-version }}
|
|
28
|
+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
|
|
29
|
+
with:
|
|
30
|
+
python-version: ${{ matrix.python-version }}
|
|
31
|
+
|
|
32
|
+
- name: Install macOS dependencies (OpenMP for XGBoost)
|
|
33
|
+
if: runner.os == 'macOS'
|
|
34
|
+
run: brew install libomp
|
|
35
|
+
|
|
36
|
+
- name: Install dependencies
|
|
37
|
+
shell: bash
|
|
38
|
+
run: |
|
|
39
|
+
python -m pip install --upgrade pip setuptools wheel
|
|
40
|
+
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
|
|
41
|
+
pip install PyYAML networkx tiktoken pandas xgboost pytest flake8
|
|
42
|
+
pip install --no-build-isolation -e .
|
|
43
|
+
|
|
44
|
+
- name: Global Syntax Sweep (Flake8)
|
|
45
|
+
run: |
|
|
46
|
+
flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
|
|
47
|
+
|
|
48
|
+
- name: Smoke Test - Core Engine
|
|
49
|
+
run: python -m gitgalaxy.galaxyscope --help
|
|
50
|
+
|
|
51
|
+
- name: Smoke Test - Legacy Refractor Controller
|
|
52
|
+
run: python -m gitgalaxy.cobol_refractor_controller --help
|
|
53
|
+
|
|
54
|
+
- name: Smoke Test - Java Spring Forge Controller
|
|
55
|
+
run: python -m gitgalaxy.cobol_to_java_controller --help
|
|
56
|
+
|
|
57
|
+
- name: Smoke Test - SBOM Generator
|
|
58
|
+
run: python -m gitgalaxy.tools.compliance.sbom_generator --help
|
|
59
|
+
|
|
60
|
+
- name: Smoke Test - Supply Chain Firewall
|
|
61
|
+
run: python -m gitgalaxy.tools.supply_chain_security.supply_chain_firewall --help
|
|
62
|
+
|
|
63
|
+
- name: Smoke Test - API Network Map
|
|
64
|
+
run: python -m gitgalaxy.tools.network_auditing.full_api_network_map --help
|
|
65
|
+
|
|
66
|
+
- name: Golden Record Integration Test (Pytest)
|
|
67
|
+
run: pytest tests/ -v
|
|
@@ -4,6 +4,8 @@
|
|
|
4
4
|
.env.*
|
|
5
5
|
*.pem
|
|
6
6
|
*.key
|
|
7
|
+
muninn.json
|
|
8
|
+
muninn.sarif
|
|
7
9
|
|
|
8
10
|
# PYTHON, FLASK & VIRTUAL ENVIRONMENTS
|
|
9
11
|
__pycache__/
|
|
@@ -85,3 +87,18 @@ gitgalaxy/tools/compliance/README sbom.md
|
|
|
85
87
|
gitgalaxy/tools/network_auditing/README network.md
|
|
86
88
|
gitgalaxy/tools/supply_chain_security/README supply_chain.md
|
|
87
89
|
gitgalaxy/tools/terabyte_log_scanning/README terabyte.md
|
|
90
|
+
*.sqlite
|
|
91
|
+
*.db
|
|
92
|
+
LM-Notebook files.md
|
|
93
|
+
terminology_updates.md
|
|
94
|
+
|
|
95
|
+
# GitGalaxy Recorders Ephemeral Output
|
|
96
|
+
telemetry_out/
|
|
97
|
+
tests/telemetry_out/
|
|
98
|
+
|
|
99
|
+
# GitGalaxy Recorders Ephemeral Output
|
|
100
|
+
telemetry_out/
|
|
101
|
+
tests/telemetry_out/
|
|
102
|
+
|
|
103
|
+
# Force tracking of the Golden Master despite global *.json ignore
|
|
104
|
+
!tests/golden_master_audit.json
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: gitgalaxy
|
|
3
|
-
Version: 2.
|
|
3
|
+
Version: 2.3.0
|
|
4
4
|
Summary: An AST-free, LLM-free zero-trust static analysis engine for mapping architectural risk, securing CI/CD pipelines, and modernizing legacy monoliths.
|
|
5
5
|
Author: Joe Esquibel
|
|
6
6
|
Project-URL: Homepage, https://gitgalaxy.io
|
|
@@ -30,7 +30,7 @@ Dynamic: license-file
|
|
|
30
30
|
|
|
31
31
|
[](#)
|
|
32
32
|
[](#)
|
|
33
|
-
[](#)
|
|
34
34
|
[](#)
|
|
35
35
|
[](#)
|
|
36
36
|
[](#)
|
|
@@ -39,29 +39,32 @@ Dynamic: license-file
|
|
|
39
39
|
[](#)
|
|
40
40
|
[](https://pepy.tech/project/gitgalaxy)
|
|
41
41
|
|
|
42
|
-
### **Whole-Repository Understanding & DevSecOps
|
|
42
|
+
### **Whole-Repository Understanding & DevSecOps Topology**
|
|
43
43
|
|
|
44
|
-
Most tools analyze code line-by-line. GitGalaxy maps the entire architectural ecosystem. By tracking the exact flow of information across network dependencies, identifying local folder constraints, and natively recognizing 50+ languages—even mid-file—GitGalaxy provides a deterministic,
|
|
44
|
+
Most tools analyze code line-by-line. GitGalaxy maps the entire architectural ecosystem. By tracking the exact flow of information across network dependencies, identifying local folder constraints, and natively recognizing 50+ languages—even mid-file—GitGalaxy provides a deterministic, macro-level view of your software's structural architecture.
|
|
45
45
|
|
|
46
46
|
### Scanning Apollo-11 with the blAST Engine
|
|
47
47
|
|
|
48
|
-

|
|
49
49
|
|
|
50
|
-
**Why we built a custom
|
|
51
|
-
Standard Abstract Syntax Trees (ASTs) are
|
|
50
|
+
**Why we built a custom parsing engine:**
|
|
51
|
+
Standard Abstract Syntax Trees (ASTs) are excellent for finding syntax errors, but they require fully compilable code and struggle to map massive-scale information flow efficiently. LLMs suffer from context window saturation and yield probabilistic, fluctuating answers.
|
|
52
52
|
|
|
53
|
-
The **blAST (Bypassing LLMs and ASTs) engine** solves this
|
|
53
|
+
The **blAST (Bypassing LLMs and ASTs) engine** solves this by adopting the search philosophy of computational biology. Just as genomic BLAST sequencing scans billions of DNA base pairs to identify protein domains without "executing" the organism, GitGalaxy blAST sequences raw source code to identify **Structural Signatures**.
|
|
54
54
|
|
|
55
|
-
|
|
55
|
+
Instead of mapping gene starts and genetic mutations, the engine deterministically sequences coding intent, execution boundaries, and architectural risk exposures. This enables the engine to build a deterministic 3D knowledge graph of your entire repository in linear O(N) time without ever requiring the code to compile. It instantly calculates the ratio of test boundaries to core logic, maps network blast radiuses, and extracts the vital project structure data that rigid linters ignore.
|
|
56
56
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
*
|
|
63
|
-
*
|
|
64
|
-
*
|
|
57
|
+
*(Note: Raw structural signatures are simply data points. True risk exposures in GitGalaxy are calculated metrics derived from these structural alignments combined with topological network gravity).*
|
|
58
|
+
|
|
59
|
+
Think of GitGalaxy as a highly calibrated macro-analyzer for codebase risk. Every assumption the system makes is abstracted into over 300 tunable variables. You can query active API nodes, isolate supply chain threats, or highlight functions exhibiting extreme cognitive load—all adjusted via custom thresholds to eliminate false-positive fatigue. Field-tested on over 1,000 repositories, the engine comes equipped with enterprise-grade defaults ready for immediate CI/CD deployment.
|
|
60
|
+
|
|
61
|
+
**Core Repository Mapping Technology**
|
|
62
|
+
* **Heuristic Structural Alignment:** Bypasses LLMs and rigid ASTs. Sequences code in raw text without requiring it to compile.
|
|
63
|
+
* **Deterministic Sequencing:** Maps code using 60+ bounded structural signatures (I/O intents, state mutations, execution wrappers) exactly like sequencing genetic markers.
|
|
64
|
+
* **Taxonomical Classification:** These structural profiles allow us to classify functions, files, classes, and entire repositories into distinct architectural archetypes.
|
|
65
|
+
* **Topological Cartography:** Produces full network mapping via imports and dynamic execution markers.
|
|
66
|
+
* **Zero-Hallucination:** Eliminates LLM architectural hallucinations and context window limits by relying strictly on mathematical constraints.
|
|
67
|
+
* **Polyglot Sequencing:** Scans 50+ languages, 250+ extensions, fully folder-aware. **([How to add a language in 1 minute and 1 prompt](https://github.com/squid-protocol/gitgalaxy/blob/main/gitgalaxy/standards/how_to_add_a_language.md))**
|
|
65
68
|
|
|
66
69
|
**Enterprise Scale & Performance Metrics**
|
|
67
70
|
* **Active Pipeline Integration:** Over 11,000 PyPI downloads, driven heavily by automated CI/CD security sweeps and zero-trust DevSecOps workflows.
|
|
@@ -78,7 +81,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
|
|
|
78
81
|
* **[Languages are getting easier to regex for meaning and intent](https://squid-protocol.github.io/gitgalaxy/03-02-claim-2-explicitness/):** Quantifies linguistic opacity. Assigns mathematical "trust dampeners" to implicit languages.
|
|
79
82
|
* **[All languages have keywords that roughly do the same thing, these can be grouped to make cross-language keyword maps](https://squid-protocol.github.io/gitgalaxy/03-03-claim-3-taxonomy-map/):** Standardizes 50+ languages into a single universal physical framework.
|
|
80
83
|
* **[Cross-Language Comparisons of over 1000 repos](https://squid-protocol.github.io/gitgalaxy/03-04-claim-4-comparing-languages/):** Deterministic 1:1 benchmarking of distinct syntax architectures.
|
|
81
|
-
* **[Universal File Archetypes by k-means clustering](https://squid-protocol.github.io/gitgalaxy/03-05-claim-5-file-archetypes/):** ML isolation of files into K-means clusters
|
|
84
|
+
* **[Universal File Archetypes by k-means clustering](https://squid-protocol.github.io/gitgalaxy/03-05-claim-5-file-archetypes/):** ML isolation of files into K-means clusters.
|
|
82
85
|
* **[Mainframe Proven: 100% CI/CD Translation Success Rate](https://github.com/squid-protocol/gitgalaxy/tree/main/examples/ibm_cics_translation):** Flawless architectural translation of 27 distinct legacy COBOL repositories (including IBM CICS benchmark apps) into compiling Java Spring Boot environments.
|
|
83
86
|
|
|
84
87
|
**Data Privacy & On-Premise Deployment**
|
|
@@ -89,7 +92,7 @@ GitGalaxy is backed by an academic-grade thesis detailing the equations powering
|
|
|
89
92
|
**Installation & Usage**
|
|
90
93
|
* Python-based: `pip install gitgalaxy`
|
|
91
94
|
* CLI execution
|
|
92
|
-
* CI/CD Integration: Native **[GitHub Action](github-action-
|
|
95
|
+
* CI/CD Integration: Native **[GitHub Action](https://github.com/squid-protocol/gitgalaxy/blob/main/github-action-readme.md)** available for zero-trust DevSecOps pipelines.
|
|
93
96
|
* Outputs forensic JSONs (optimized for AI-agent summary reports) and a native SQLite3 database for robust querying and storage.
|
|
94
97
|
|
|
95
98
|
> **📖 Official Documentation:** Read the full technical specifications, architecture blueprints, and the Taxonomical Equivalence Map at **[squid-protocol.github.io/gitgalaxy](https://squid-protocol.github.io/gitgalaxy/)**.
|
|
@@ -117,11 +120,11 @@ galaxyscope /path/to/your/local/repo
|
|
|
117
120
|
|
|
118
121
|
GitGalaxy can be integrated directly into your GitHub Actions pipeline for automated DevSecOps auditing, Zero-Trust SBOM generation, or Pre-Commit firewalls.
|
|
119
122
|
|
|
120
|
-
**🚀 [View the Full GitHub Action Integration Guide](github-action-
|
|
123
|
+
**🚀 [View the Full GitHub Action Integration Guide](https://github.com/squid-protocol/gitgalaxy/blob/main/github-action-readme.md)**
|
|
121
124
|
|
|
122
|
-
Check out our comprehensive guide to set up the **
|
|
125
|
+
Check out our comprehensive guide to set up the **Pipeline Architecture** (Parallel Enforcement & Autonomous Reporting). It covers all available inspection tools, AI guardrails, and advanced configuration options like our hyper-sensitive `--paranoid` threat-hunting mode.
|
|
123
126
|
|
|
124
|
-
*Minimal Example (Running a single
|
|
127
|
+
*Minimal Example (Running a single inspection tool):*
|
|
125
128
|
```yaml
|
|
126
129
|
name: GitGalaxy Security Audit
|
|
127
130
|
|
|
@@ -145,45 +148,45 @@ jobs:
|
|
|
145
148
|
|
|
146
149
|
---
|
|
147
150
|
|
|
148
|
-
### [GitGalaxy Core Analysis Engine](docs/wiki/01-project-overview.md)
|
|
151
|
+
### [GitGalaxy Core Analysis Engine](https://github.com/squid-protocol/gitgalaxy/blob/main/docs/wiki/01-project-overview.md)
|
|
149
152
|
The central blAST engine. It bypasses rigid ASTs using mathematical heuristics to map O(N) multi-dimensional relationships across 50+ languages, managing signal processing, spatial layout, and high-speed SQLite telemetry recording.
|
|
150
153
|
|
|
151
154
|
|
|
152
155
|
|
|
153
156
|
## Enterprise Codebase Tools & Use Cases
|
|
154
157
|
|
|
155
|
-
GitGalaxy operates on a
|
|
158
|
+
GitGalaxy operates on a Decoupled Architecture. While the core engine provides the overarching structural mechanics and topological mapping, our specialized Decoupled Execution Controllers leverage that deterministic graph to execute enterprise-grade operations.
|
|
156
159
|
|
|
157
|
-
### [Automated Legacy Migration: COBOL to Java Spring Boot](gitgalaxy/tools/cobol_to_java/)
|
|
160
|
+
### [Automated Legacy Migration: COBOL to Java Spring Boot](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/cobol_to_java/)
|
|
158
161
|
A deterministic, high-fidelity translation pipeline. It converts legacy COBOL into fully compiling, modern Spring Boot architectures, mapping memory exactly and scaffolding JPA entities, REST controllers, and Maven builds before utilizing AI to translate isolated business logic.
|
|
159
162
|
* **Proven Metric:** Achieved a perfect 27/27 Maven compile success rate across a batch test of distinct legacy repos.
|
|
160
|
-
* **Verify for Yourself:** [Inspect the raw outputs of the IBM CICS Application Translation here.](examples/ibm_cics_translation/)
|
|
163
|
+
* **Verify for Yourself:** [Inspect the raw outputs of the IBM CICS Application Translation here.](https://github.com/squid-protocol/gitgalaxy/tree/main/examples/ibm_cics_translation/)
|
|
161
164
|
|
|
162
|
-

|
|
163
166
|
|
|
164
|
-
### [Mainframe Refactoring: COBOL & JCL Optimization](gitgalaxy/tools/cobol_to_cobol/)
|
|
165
|
-
|
|
166
|
-
* **Proven Metric:** The
|
|
167
|
+
### [Mainframe Refactoring: COBOL & JCL Optimization](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/cobol_to_cobol/)
|
|
168
|
+
An analytical suite for sanitizing mainframe monoliths. It safely neutralizes legacy lexical traps, extracts dead execution memory, maps topological DAG execution orders, and generates Zero-Trust JCL configurations for modern cloud deployments.
|
|
169
|
+
* **Proven Metric:** The dead-code extraction engine removed over 6,700 lines of dead execution blocks and orphaned variables from the standard IBM CICS benchmark app in seconds.
|
|
167
170
|
|
|
168
|
-
### [Software Supply Chain Security & Pre-Commit Firewalls](gitgalaxy/tools/supply_chain_security/)
|
|
169
|
-
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography,
|
|
171
|
+
### [Software Supply Chain Security & Pre-Commit Firewalls](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/supply_chain_security/)
|
|
172
|
+
Extreme-velocity pre-commit firewalls. Instead of trusting manifest files, it scans physical internals to block steganography, byte-level XOR decryption loops, homoglyph typosquatting, and exposed cryptographic vaults before they ever enter your CI/CD pipeline. **[Deploy directly via our GitHub Action](https://github.com/squid-protocol/gitgalaxy/blob/main/github-action-readme.md).**
|
|
170
173
|
|
|
171
|
-
### [Zero-Trust SBOM Generation & Dependency Auditing](gitgalaxy/tools/compliance/)
|
|
174
|
+
### [Zero-Trust SBOM Generation & Dependency Auditing](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/compliance/)
|
|
172
175
|
A Zero-Trust Software Bill of Materials (SBOM) generator. It refuses to blindly trust `package.json` or `requirements.txt` files, instead locating the physical dependencies on disk, mathematically verifying their entropy and linguistic identity, and generating strict CycloneDX 1.4 JSON reports.
|
|
173
176
|
* **Proven Metric:** Successfully mapped and mathematically verified the physical internals of 170 unique Go modules inside the local Kubernetes repository.
|
|
174
177
|
|
|
175
|
-
### [API Security & Shadow API Detection](gitgalaxy/tools/network_auditing/)
|
|
178
|
+
### [API Security & Shadow API Detection](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/network_auditing/)
|
|
176
179
|
A deterministic mapping tool that hunts undocumented vulnerabilities. It uses structural regex to find active physical routing logic (Express, Spring Boot, FastAPI) and applies set theory against official OpenAPI/Swagger documentation to isolate critical Shadow APIs and outdated Ghost APIs.
|
|
177
180
|
|
|
178
|
-
### [High-Speed PII Detection & Log Analysis](gitgalaxy/tools/terabyte_log_scanning/)
|
|
181
|
+
### [High-Speed PII Detection & Log Analysis](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/terabyte_log_scanning/)
|
|
179
182
|
Unindexed, tactical log analysis operating at 0.07 GB/sec. It streams massive database dumps to deterministically hunt and mask PII (Credit Cards, SSNs, AWS Keys) and uses static architecture maps to prove exact runtime execution frequencies with ASCII time-series histograms.
|
|
180
183
|
|
|
181
|
-
### [AI Agent Guardrails & Codebase Protection](gitgalaxy/tools/ai_guardrails/)
|
|
182
|
-
Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous
|
|
184
|
+
### [AI Agent Guardrails & Codebase Protection](https://github.com/squid-protocol/gitgalaxy/tree/main/gitgalaxy/tools/ai_guardrails/)
|
|
185
|
+
Specialized keyword sensors protecting both your application and your codebase. The AppSec Sensor detects weaponized LLM features (RCE funnels, exfiltration risks), while the Dev Agent Firewall evaluates token mass and blast radius to restrict autonomous coding agents from modifying dangerous or context-token-draining files. Helps identify which files need to be chunked to reduce context overload.
|
|
183
186
|
|
|
184
187
|
## Local Browser-Based 3D Codebase Visualization
|
|
185
188
|
|
|
186
|
-
If you prefer visual analytics, we've built a
|
|
189
|
+
If you prefer visual analytics, we've built a topological dashboard where each file represents a node, sized and colored according to specific risk metrics.
|
|
187
190
|
|
|
188
191
|
Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip` of your raw repository) directly into [GitGalaxy.io](https://gitgalaxy.io/). All rendering and scanning happens entirely in your browser's local memory.
|
|
189
192
|
|
|
@@ -191,10 +194,7 @@ Simply drag and drop your generated `your_repo_GPU_galaxy.json` file (or a `.zip
|
|
|
191
194
|
|
|
192
195
|
**Mapping 3.2 Million Lines of C++ in 11 Seconds | OpenCV** [](https://youtu.be/3ScQCSUBdZw)
|
|
193
196
|
|
|
194
|
-
|
|
195
|
-
*(Note: Replace the video IDs in this link with your actual Rails video ID)*
|
|
196
|
-
|
|
197
|
-

|
|
197
|
+

|
|
198
198
|
|
|
199
199
|
## Zero-Trust Data Security
|
|
200
200
|
|