2.2.0: test: finalize enterprise v1.0.0 test matrix (84 to 441 tests)

🚀 v2.2.0: The Enterprise Matrix & Structural Rigor
A Foundation of Absolute Proof
In our v2.1.0 release, we pushed a critical hotfix inspired by an excellent bug report from @Abramel regarding sparse repository collapses. That interaction sparked an internal reckoning. We realized that simply patching edge cases wasn't enough; if GitGalaxy is going to make bold claims about AST-free parsing, deterministic AI guardrails, and legacy mainframe extraction, we needed an undeniable wall of proof to back them up.

This release represents a massive paradigm shift in our engineering rigor. We have expanded the GitGalaxy testing pipeline from 84 baseline tests to a punishing 443-test adversarial matrix, mathematically validating our boldest architectural claims to ensure absolute data integrity for our users.

The most exciting part? The entire 443-test polyglot matrix executes in ~3.05 seconds.

🛡️ The Empirical Validation Suite
We have completely restructured the testing architecture into specialized domain gauntlets, proving the engine’s stability across 30+ programming languages:

AST-Free Precision (The Extraction Gauntlets): We subject the core engine to positive, negative, and pathologically fragmented code payloads. This proves GitGalaxy accurately maps functions, classes, arguments, and dependencies with AST-level precision—without requiring a compiler.

Catastrophic Backtracking (ReDoS) Immunity: We introduced "The Blast Chamber." The engine is now bombarded with isolated, pathological formatting (e.g., C++ Macro Spirals, C# Iron Wall overlaps, C/C++ K&R Ambiguity traps). O(1) boundaries and strict timeouts guarantee the regex engine will never lock the CPU in a death spiral.

Bayesian Refutation & The 50/0 Law: The Spectral Auditor now actively defends against data-dumps and hallucinated code. We empirically prove that massive, inert files are successfully stripped of their execution claims and relegated to "Dark Matter," actively bypassing the Ecosystem Orphan guards via Bayesian Refutation.

Autonomous AI & AppSec Guardrails: Verified the detection of RCE (Remote Code Execution) funnels, God-mode agent prompts, exfiltration camouflage, and hallucination zones to ensure LLM integrations remain bounded.

Legacy Mainframe Hardening: Locked in byte-for-byte verification for the COBOL DAG Architect, EBCDIC/COMP-3 payload unpacker, and the Code Graveyard dead-logic finder.

🧹 Pristine Execution Hygiene
Alongside the test expansion, the core engine Python modules were hardened to achieve a 100% clean CI/CD pipeline.

Resolved all Python 3.12+ SyntaxWarnings (invalid escape sequences) by enforcing strict raw string constraints across the regex pattern dictionaries.

Patched Flake8 static analysis warnings for flawless linter compliance.

GitGalaxy is now strictly deterministic, fully tested, and enterprise-ready.

Run pip install --upgrade gitgalaxy to pull the latest version!

Contributors
@Abramel - For the initial spark that catalyzed this massive architectural hardening.

v2.1.0

🥇 Community Spotlight & Hotfixes
First and foremost, a massive thank you to @Abramel for an incredibly detailed and well-researched bug report regarding the FATAL_SYSTEM_COLLAPSE on small/sparse Python repositories (#19).

The issue tracked back to the central physics processor where net.get() failed to guard against NoneType edge cases on graphs with low edge-density. We wanted to get this fix shipped immediately to ensure the community remains unblocked when scanning smaller repositories.

Fix: Applied strict or 0.0 fallbacks to betweenness_score, closeness_score, and normalized_blast_radius during forensic report generation. Small repositories will now accurately process and persist to SQLite without crashing.

🛡️ The Zero-Trust Test Suite Expansion
While pushing the community hotfix, we took the opportunity to completely overhaul the structural integrity of the GitGalaxy engine.

We have expanded from a single Golden Image test to a 16-file, 31-invariant test suite. This ensures the absolute stability of the translation pipelines and security spokes. We plan to add more but wanted the hotfix pushed live quickly.

New Test Coverage Includes:

Security & Compliance Spokes: Full @ patch integration testing for the Supply Chain Firewall, Vault Sentinel, X-Ray Inspector, and SBOM generator.

COBOL-to-Java Forge: Golden Image byte-for-byte verification for Mainframe decoders, Spring Boot Entities, Controllers, and DAG-resolved Services.

AI Hallucination Guards: Mathematical verification that our intermediate representation (IR) strictly forces non-deterministic LLM agents to obey architectural constraints.

Resilience: Verified defense against ReDoS (Regular Expression Denial of Service) poisoning and Zombie Process OS-level timeouts.

🏗️ Architectural Rollup (Since v2.x)
For users upgrading from older versions, GitGalaxy has undergone a massive evolution. The engine now operates as a multi-phase, AST-free analytical platform. Key pillars introduced in recent cycles include:

The Java Forge: A fully automated pipeline capable of translating legacy mainframe architectures into modernized, dependency-injected Java Spring environments.

The API Network Mapper: Auto-discovery of Swagger/OpenAPI documentation matched against physical codebase routers to detect undocumented "Shadow APIs."

Zero-Dependency Mode Fallbacks: Ensuring the Cartographer and Signal Processor gracefully degrade without crashing if third-party binaries are missing.

Run pip install --upgrade gitgalaxy to pull the latest version!

v2.0.9

What's Changed

• visibility by @squid-protocol in #13
  Added clarity to terabyte_log_scanner section

Full Changelog: v2.0.8...v2.0.9

v2.0.8

What's Changed

• jcl transparency by @squid-protocol in #10
• feat: migrate Museum of Code to HTML and setup MkDocs CI/CD by @squid-protocol in #11
• Fix cascade delete hang by adding indexes to class and function tables by @squid-protocol in #12

Full Changelog: v2.0.7...v2.0.8

GitGalaxy Scanner v2.0.7

The official GitHub Action for the GitGalaxy DevSecOps Suite.

This release brings GitGalaxy's AST-free, zero-trust static analysis directly into your CI/CD pipelines, allowing you to block poisoned builds and generate forensic artifacts in seconds.

🛡️ Available Pipeline Sentinels

• Supply Chain Firewall (supply-chain-firewall): Blocks typosquatting and malicious imports.
• Vault Sentinel (vault-sentinel): Hyper-speed hardcoded secrets detection.
• X-Ray Inspector (xray-inspector): Triage for encrypted payloads and binary anomalies.
• Zero-Trust SBOM (zero-trust-sbom): Generates mathematically verified CycloneDX manifests.
• API Network Map (api-network-map): Hunts for undocumented Shadow APIs.
• AI Guardrails: Automatically evaluates LLM AppSec risks and Agentic context limits via galaxyscope.

🪶 Zero-Dependency Native

Executes in seconds utilizing Python's standard library. The optional full_precision input flag seamlessly unlocks heavy physics engines (NetworkX, TikToken, XGBoost) for ML threat inference and Blast Radius calculations.

🚀 Quickstart Example

- name: Run GitGalaxy Supply Chain Firewall
  uses: squid-protocol/gitgalaxy@v2.0.7
  with:
    tool: 'supply-chain-firewall'

What's Changed

• pypi fix by @squid-protocol in #5
• Add descriptive message about what you changed by @squid-protocol in #6
• Potential fix for code scanning alert no. 1: Bad HTML filtering regexp by @squid-protocol in #7
• feat: add CI/CD YAML AppSec sensors for supply chain defense by @squid-protocol in #8
• feat: add GitGalaxy composite action and modernize Spoke CI/CD docume… by @squid-protocol in #9

Full Changelog: v2.0.6...v2.0.7

v2.0.6 - Dynamic Versioning

Full Changelog: v2.0.5...v2.0.6

v2.0.5 - pypi sync

Full Changelog: v2.0.4...v2.0.5

v2.0.4 - Matrix Hardened & Enterprise Security

What's Changed

• ci: implement cross-platform matrix testing by @squid-protocol in #1
• Bump actions/setup-python from 5 to 6 by @dependabot[bot] in #3
• Bump actions/checkout from 4 to 6 by @dependabot[bot] in #2
• ci: implement CodeQL static application security testing by @squid-protocol in #4

New Contributors

• @squid-protocol made their first contribution in #1
• @dependabot[bot] made their first contribution in #3

Full Changelog: v2.0.0...v2.0.4