Skip to content

feat: ARCHITECTURE.md + expand SAST CWE map (10 → 52)#303

Merged
andres-linero merged 2 commits intomainfrom
feat/contributor-readiness
Mar 7, 2026
Merged

feat: ARCHITECTURE.md + expand SAST CWE map (10 → 52)#303
andres-linero merged 2 commits intomainfrom
feat/contributor-readiness

Conversation

@msaad00
Copy link
Owner

@msaad00 msaad00 commented Mar 7, 2026

Summary

  • Add ARCHITECTURE.md — module dependency map, data flow diagram, and contributor guides (how to add new compliance frameworks, CIS benchmarks, runtime detectors, discovery parsers, CWE mappings)
  • Expand SAST_CWE_MAP from 10 to 52 CWE entries covering OWASP/SANS Top 25

CWE expansion categories

Category New CWEs Examples
Injection variants 11 CWE-77, CWE-90, CWE-91, CWE-352, CWE-434, CWE-444, CWE-601
Auth/authorization 7 CWE-269, CWE-276, CWE-287, CWE-306, CWE-639, CWE-862, CWE-863
Sensitive data 7 CWE-200, CWE-209, CWE-215, CWE-312, CWE-319, CWE-497, CWE-538
Cryptography 4 CWE-295, CWE-326, CWE-330, CWE-347
Memory safety 8 CWE-119, CWE-125, CWE-190, CWE-362, CWE-400, CWE-416, CWE-476, CWE-787
Supply chain 5 CWE-426, CWE-427, CWE-501, CWE-776, CWE-829, CWE-942

Test plan

  • All 28 SAST tests pass
  • No ruff/format issues
  • CI passes

Closes #291, closes #300

@msaad00
feat: ARCHITECTURE.md + expand SAST CWE map to 52 entries
b4537a6 
- Add ARCHITECTURE.md with module dependency map, data flow, and
  contributor guides (how to add frameworks, benchmarks, detectors)
- Expand SAST_CWE_MAP from 10 to 52 CWE entries covering OWASP/SANS
  Top 25: injection variants, auth/authz, sensitive data exposure,
  cryptography, memory safety, supply chain trust boundaries

Closes #291, closes #300
@msaad00 msaad00 requested a review from andres-linero as a code owner March 7, 2026 07:28
@github-actions
Copy link
Contributor

github-actions bot commented Mar 7, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@msaad00
docs: expand ARCHITECTURE.md with full module inventory
5f6e54a 
Add cloud/infra providers (14 modules), API/storage layer, integrations,
alerts/SIEM, output/visualization, and module stats (148 files, 12 cloud
providers). Fix API entry point path.
@andres-linero andres-linero merged commit 98c4017 into main Mar 7, 2026
15 checks passed
@andres-linero andres-linero deleted the feat/contributor-readiness branch March 7, 2026 07:33
@msaad00 msaad00 mentioned this pull request Mar 7, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andres-linero andres-linero andres-linero approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

docs: ARCHITECTURE.md — module dependency map for contributors feat: compliance evidence export for auditors (PDF/CSV)

2 participants

@msaad00 @andres-linero