Skip to content

feat: scan runner pipeline (Plans 1-5) + performance optimizations #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Emperiusm merged 64 commits into from
Apr 13, 2026
Merged

feat: scan runner pipeline (Plans 1-5) + performance optimizations #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
64 commits
Select commit Hold shift + click to select a range
43f38d6
docs: scan-runner design specification
Emperiusm Apr 12, 2026
3b77cd5
docs: fold final review additions into scan-runner spec
Emperiusm Apr 12, 2026
1ada784
docs: scan-runner Plan 1 — Foundation (models, store, shared infra)
Emperiusm Apr 12, 2026
9fed0d5
feat(scanner): create scanner package with enums, core models, and pa…
Emperiusm Apr 12, 2026
88ef880
feat(scanner): CancellationToken — cooperative async cancellation
Emperiusm Apr 12, 2026
72eef15
feat(scanner): static data files — CWE hierarchy, aliases, severity m…
Emperiusm Apr 12, 2026
df0b365
feat(shared): async subprocess with streaming, timeout, cancellation
Emperiusm Apr 12, 2026
e5c7bfd
feat(shared): retry with exponential backoff and error pattern matching
Emperiusm Apr 12, 2026
ad3f810
feat(shared): EventBus — async progress event fan-out with backpressure
Emperiusm Apr 12, 2026
49a2ed5
feat(scanner): ScanStoreProtocol + SqliteScanStore — scan and task CRUD
Emperiusm Apr 12, 2026
5a1d1f1
feat(shared): AdaptiveResourcePool — priority heap with per-group limits
Emperiusm Apr 12, 2026
86643f9
feat(scanner): TaskExecutor protocol + TaskOutput model
Emperiusm Apr 12, 2026
0ef506f
feat(scanner): ShellExecutor — subprocess with streaming
Emperiusm Apr 12, 2026
bce46a7
fix(shared): run_streaming — watchdog pattern fixes cancel-task hang
Emperiusm Apr 12, 2026
b885eb0
feat(scanner): DockerExecExecutor — docker exec with streaming
Emperiusm Apr 12, 2026
dcf9bd2
feat(scanner): McpExecutor — MCP client with connection pool, tool di…
Emperiusm Apr 12, 2026
a07a5b3
feat(scanner): OutputBuffer — backpressure with disk spillover
Emperiusm Apr 12, 2026
8a6d767
feat(scanner): ScanEngine — DAG graph, readiness tracking, task dispatch
Emperiusm Apr 12, 2026
27e4f88
test(scanner): ScanEngine integration tests — complex DAG, caching, e…
Emperiusm Apr 12, 2026
da945ab
chore(scanner): executor package re-exports all executor types
Emperiusm Apr 12, 2026
c79b590
docs: Plan 2 — executors + engine implementation plan
Emperiusm Apr 12, 2026
979641a
feat(scanner): TargetDetector — pattern-based target type detection
Emperiusm Apr 12, 2026
5fbda50
feat(scanner): TargetValidator — async target validation
Emperiusm Apr 12, 2026
772fa5c
feat(scanner): profile models + YAML loading
Emperiusm Apr 12, 2026
8109fdd
feat(scanner): built-in scan profile YAML definitions
Emperiusm Apr 12, 2026
73f6c9e
feat(scanner): builtin reactive edge evaluators
Emperiusm Apr 13, 2026
9bf5640
feat(scanner): SteeringInterface protocol + SteeringThrottle
Emperiusm Apr 13, 2026
e13fa37
feat(scanner): ScanPlanner — profile-to-DAG graph builder
Emperiusm Apr 13, 2026
8a10a00
feat(scanner): ScanAPI — unified scan entry point
Emperiusm Apr 13, 2026
8ff5ca2
docs: Plan 3 — planner, profiles, target detection
Emperiusm Apr 13, 2026
cc2f596
feat(scanner): ParserPlugin protocol + ParserRouter + semgrep parser
Emperiusm Apr 13, 2026
7c71c88
feat(scanner): parsers for gitleaks, nmap, trivy, generic JSON
Emperiusm Apr 13, 2026
bff14c7
feat(scanner): NormalizationEngine — paths, CWEs, severities, titles
Emperiusm Apr 13, 2026
1c54bc9
feat(scanner): DedupEngine — strict + fuzzy multi-pass dedup
Emperiusm Apr 13, 2026
e6a3c23
feat(scanner): EngagementDedupEngine — cross-scan reconciliation
Emperiusm Apr 13, 2026
7ee34f6
feat(scanner): CorroborationScorer + ConfidenceDecay
Emperiusm Apr 13, 2026
96ea6f7
feat(scanner): SuppressionEngine — path, CWE, severity, tool rules
Emperiusm Apr 13, 2026
a8f373d
feat(scanner): FindingLifecycle — auto state transitions
Emperiusm Apr 13, 2026
e78d05f
feat(scanner): FindingCorrelationEngine + RemediationGrouper
Emperiusm Apr 13, 2026
cb9d548
feat(scanner): ScanDiffEngine — baseline comparison
Emperiusm Apr 13, 2026
e133b13
feat(scanner): ScanResultExporter — JSON, SARIF, CSV, Markdown
Emperiusm Apr 13, 2026
6829f6e
test(scanner): pipeline integration test — full finding flow
Emperiusm Apr 13, 2026
6e386b4
docs: Plan 4 — parsing pipeline implementation plan
Emperiusm Apr 13, 2026
d0f3b2c
feat(scanner): extended ScanStore — findings, events, suppression, cache
Emperiusm Apr 13, 2026
ef8d9ad
feat(scanner): ScanPipeline — engine-to-pipeline wiring
Emperiusm Apr 13, 2026
ecca78b
feat(scanner): CLI scan command group
Emperiusm Apr 13, 2026
6db5432
feat(scanner): web API scan router — CRUD, control, SSE
Emperiusm Apr 13, 2026
6e12f08
feat(scanner): Alembic migration 006_scan_runner
Emperiusm Apr 13, 2026
4fc42a4
feat(scanner): ScanAPI execute — full engine integration
Emperiusm Apr 13, 2026
f56ab20
docs: Plan 5 — surfaces implementation plan
Emperiusm Apr 13, 2026
376d136
perf(scanner): cache parsed YAML profiles in load_builtin_profile
Emperiusm Apr 13, 2026
394071b
perf(store): add get_sidebar_summaries batch query
Emperiusm Apr 13, 2026
5d175a6
perf(dashboard): selective tab refresh + batch sidebar query
Emperiusm Apr 13, 2026
b90f878
perf(cwe): pre-build lowercase alias index for O(1) resolution
Emperiusm Apr 13, 2026
d4a3b4c
perf(dashboard): lazy data fetching — only query for visible tab
Emperiusm Apr 13, 2026
e395095
perf(dashboard): skip no-op table rebuilds via data snapshots
Emperiusm Apr 13, 2026
385e1c9
perf(scans): singleton SqliteScanStore — stop per-request connection …
Emperiusm Apr 13, 2026
4cf54ca
perf(scans): SSE exponential backoff — stop 1s fixed polling
Emperiusm Apr 13, 2026
5a4997d
perf(pipeline): batch finding saves — executemany instead of serial a…
Emperiusm Apr 13, 2026
2017d9c
perf(pipeline): direct mutation instead of model_copy — zero allocation
Emperiusm Apr 13, 2026
9f0d70f
perf(dedup): single composite index replaces four parallel dicts
Emperiusm Apr 13, 2026
98e0c6f
perf(planner): task-tool reverse index — O(n*m) to O(n+m)
Emperiusm Apr 13, 2026
19504d8
perf(engine): future-to-task reverse mapping — O(n) to O(1)
Emperiusm Apr 13, 2026
5fd80fd
feat: async store protocol, scan service, profiling scripts, and perf…
Emperiusm Apr 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,14 @@ node_modules/

# Git worktrees
.worktrees/

# Profiling output
profiles/

# TypeScript build output
*.tsbuildinfo
.tsc-out/
vite.config.d.ts

# Claude Code local state
.claude/
Loading
Loading