ai-saas-guard 0.36.0 → 0.37.0

package/README.md

@@ -37,6 +37,8 @@ Start with the 30-second copy-paste demo: `npx ai-saas-guard@latest demo --summa
 npx ai-saas-guard@latest scan --root /path/to/your-saas --summary
 ```
 
+For AI-heavy PRs, run it in GitHub Actions to turn auth, billing, data, deploy, and test changes into a reviewer queue before merge.
+
 The output is meant to answer three practical questions before you invite users:
 
 - **Can a real user get access they should not have?** Check auth, tenant ownership, Supabase RLS, and Stripe entitlement paths first.
@@ -231,19 +233,19 @@ The CLI is published on npm as `ai-saas-guard`, and the GitHub Action is availab
 | Area | Status |
 | --- | --- |
 | Public GitHub repository | Available |
-| npm CLI | `ai-saas-guard@0.36.0` |
-| GitHub Action | `zr9959/ai-saas-guard@v0` or fixed tag `v0.36.0` |
+| npm CLI | `ai-saas-guard@0.37.0` |
+| GitHub Action | `zr9959/ai-saas-guard@v0` or fixed tag `v0.37.0` |
 | Outputs | Launch decision queue, short summary, terminal, JSON, SARIF, and PR-focused markdown |
 | Project config | `.ai-saas-guard.json` rule toggles, severity overrides, suppressions, and fail thresholds |
 | Privacy model | Local-first, read-only scan commands, no LLM calls, no code upload |
-| Versioned Action tags | `v0.36.0`, `v0` |
-| Current release | `0.36.0` turns Markdown and summary output into a clearer launch decision queue with ranking explanations, reviewer checklists, case-study flow, and local trust/resource statements |
+| Versioned Action tags | `v0.37.0`, `v0` |
+| Current release | `0.37.0` makes the GitHub Action path easier to copy into PR workflows, improves Check Run wording around the launch-risk middle layer, and keeps README first-screen guidance focused on AI-heavy PR review |
 | npm publishing | Trusted Publisher/OIDC, no long-lived publish token |
 | Repository trust hardening | Strict branch protection, Dependabot, CodeQL, fast-check fuzzing, signed release provenance assets, private vulnerability reporting, secret scanning, and push protection |
 | Cloudflare hosted ingress | Deployed at `https://ai-saas-guard-hosted.zr9959.workers.dev`; signed GitHub App webhook delivery and compact Check Run smoke now pass in staging |
 | Hosted GitHub App staging | Private App `ai-saas-guard-hosted` (`3834787`) installed on `zr9959/ai-saas-guard`; hosted operations evidence is in [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md) |
 | OpenSSF Best Practices | Passing badge, project `12955`; `.bestpractices.json` remains the conservative evidence record |
-| Next roadmap | v0.36.0 plan is tracked in [docs/v0.36-roadmap.md](docs/v0.36-roadmap.md) |
+| Previous roadmap | v0.36.0 plan is tracked in [docs/v0.36-roadmap.md](docs/v0.36-roadmap.md) |
 
 ## Example Finding
 
@@ -415,7 +417,7 @@ Use `suppressions` for narrower false-positive handling when one rule is noisy o
 
 ## GitHub Action
 
-The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.36.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
+The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.37.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
 
 ```yaml
 name: ai-saas-guard

package/dist/hosted/contracts.js

@@ -485,7 +485,7 @@ export function createHostedCheckRunSummary(input) {
         conclusion,
         output: {
             title: formatCheckRunTitle(totalFindings, conclusion, input.failOnSeverity),
-            summary: `Launch gate: ${launchGate}. Review first: What changed at the launch boundary? Manual proof required before release; it is not a full security audit, pentest, or certification.`,
+            summary: `Launch-risk gate: ${launchGate}. Launch gate: ${launchGate}. Review first: What changed at the launch boundary? Manual proof required before release. This is not an AI reviewer and not a full security audit, pentest, or certification.`,
             text: truncateMarkdown(formatCheckRunMarkdown(report, conclusion, localCliCommand, launchGate), input.maxMarkdownChars)
         },
         annotations: report.evidence.slice(0, MAX_CHECK_RUN_ANNOTATIONS).map((finding) => {
@@ -1146,21 +1146,31 @@ function formatCheckRunMarkdown(report, conclusion, localCliCommand, launchGate)
             ...report.evidence.map((finding) => `| ${escapeMarkdownTableCell(finding.severity)} | ${escapeMarkdownTableCell(finding.ruleId)} | ${escapeMarkdownTableCell(formatFindingLocation(finding))} |`)
         ];
     return [
-        "### AI SaaS Guard",
+        "### AI SaaS Guard Launch-risk gate",
         "",
-        "Review first: verify findings locally before launch. This hosted check is not a full security audit, pentest, or certification.",
+        "Review first: verify findings locally before launch or merge. Not an AI reviewer or full security audit.",
         "",
         `Launch gate: ${launchGate}`,
         `Conclusion: ${conclusion}`,
         `Local CLI: \`${localCliCommand}\``,
-        `Retention: compact report ${report.retentionDays} days; raw source, raw diffs, secrets, and customer payloads are not retained.`,
-        "",
-        "Summary:",
-        ...severityOrder.map((severity) => `- ${capitalize(severity)}: ${report.summaryCounts[severity] ?? 0}`),
+        `Retention: compact report ${report.retentionDays} days; no raw source, diffs, secrets, or customer payloads.`,
         "",
         "Review categories:",
         ...(categories.length === 0 ? ["- None"] : categories.map((category) => `- ${category}`)),
         "",
+        "Verification steps:",
+        "- Review listed files before release or merge.",
+        "- Reproduce locally with the CLI command above.",
+        "- Confirm behavior with app-specific tests.",
+        "",
+        "Launch decision queue:",
+        "- Can a real user get access they should not have?",
+        "- Can the app claim success when something failed?",
+        "- Can launch infrastructure do too much damage?",
+        "",
+        "Summary:",
+        ...severityOrder.map((severity) => `- ${capitalize(severity)}: ${report.summaryCounts[severity] ?? 0}`),
+        "",
         "Files to review first:",
         ...(filesToReview.length === 0 ? ["- None"] : filesToReview.map((file) => `- ${file}`)),
         "",
@@ -1169,11 +1179,6 @@ function formatCheckRunMarkdown(report, conclusion, localCliCommand, launchGate)
         "- Why this auth billing data or deploy decision is safe?",
         "- What manual test proves it fails closed?",
         "",
-        "Verification steps:",
-        "- Review each listed file before release or merge.",
-        "- Reproduce locally with the CLI command above.",
-        "- Treat findings as review prompts; confirm behavior with app-specific tests.",
-        "",
         "Findings:",
         ...findingLines
     ].join("\n");

package/docs/README.zh-CN.md

@@ -211,24 +211,24 @@ node dist/cli.js scan --root /path/to/your-saas
 
 这个仓库是公开 GitHub 仓库。
 
-CLI 已发布到 npm：`ai-saas-guard@0.36.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.36.0`。
+CLI 已发布到 npm：`ai-saas-guard@0.37.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.37.0`。
 
 | 模块 | 状态 |
 | --- | --- |
 | 公开 GitHub 仓库 | 已可用 |
-| npm CLI | `ai-saas-guard@0.36.0` |
-| GitHub Action | `zr9959/ai-saas-guard@v0` 或固定标签 `v0.36.0` |
+| npm CLI | `ai-saas-guard@0.37.0` |
+| GitHub Action | `zr9959/ai-saas-guard@v0` 或固定标签 `v0.37.0` |
 | 输出格式 | 上线决策队列、短 summary、Terminal、JSON、SARIF 和 PR markdown |
 | 项目配置 | `.ai-saas-guard.json` 支持规则开关、severity 覆盖、suppressions 和 fail threshold |
 | 隐私模型 | 本地优先、只读扫描、不调用 LLM、不上传代码 |
-| 当前版本 | `0.36.0` 将 Markdown 和 summary 输出升级成更清楚的上线决策队列，加入排序解释、reviewer checklist、case-study flow 和本地 trust/resource statement |
-| Action 标签 | `v0.36.0`、`v0` |
+| 当前版本 | `0.37.0` 让 GitHub Action PR workflow 更容易复制使用，优化 hosted Check Run 的 launch-risk middle layer 文案，并让 README 首屏更直接指向 AI 大 PR review 场景 |
+| Action 标签 | `v0.37.0`、`v0` |
 | npm 发布 | GitHub Actions Trusted Publisher/OIDC，无需长期 npm token |
 | 仓库可信度加固 | 严格 branch protection、Dependabot、CodeQL、fast-check fuzzing、signed release provenance assets、private vulnerability reporting、secret scanning 和 push protection |
 | Cloudflare hosted ingress | 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`；签名 GitHub App webhook delivery 和 compact Check Run staging smoke 已通过 |
 | Hosted GitHub App staging | 私有 App `ai-saas-guard-hosted`（`3834787`）已安装到 `zr9959/ai-saas-guard`；hosted operations evidence 见 [docs/hosted-operations-evidence.md](hosted-operations-evidence.md) |
 | OpenSSF Best Practices | 已获得 passing badge，项目 `12955`；`.bestpractices.json` 继续作为保守证据记录 |
-| 下一版路线 | v0.36.0 计划见 [v0.36-roadmap.md](v0.36-roadmap.md) |
+| 上一版路线 | v0.36.0 计划见 [v0.36-roadmap.md](v0.36-roadmap.md) |
 
 ## 主要命令
 

package/docs/github-action.md

@@ -6,6 +6,48 @@ Use `zr9959/ai-saas-guard@v0` for the latest compatible pre-1.0 Action. Use a sp
 
 The Action runs the same local scanner inside the GitHub-hosted runner. It reads the checked-out repository, does not call an LLM, and does not upload source code. For `pr-risk`, always use `actions/checkout` with `fetch-depth: 0` so the base branch comparison is available.
 
+## Copy-paste PR launch gate workflow
+
+Use this when you want one PR job to act as the launch-risk middle layer: Markdown goes to `$GITHUB_STEP_SUMMARY` for reviewers, while SARIF goes to GitHub code scanning for alert tracking. This is not an AI reviewer and it does not approve a PR; it translates trust-boundary changes into a reviewer queue.
+
+```yaml
+name: ai-saas-guard-pr-launch-gate
+
+on:
+  pull_request:
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  launch-gate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6.0.2
+        with:
+          fetch-depth: 0
+      - uses: zr9959/ai-saas-guard@v0
+        with:
+          command: pr-risk
+          root: ${{ github.workspace }}
+          base: origin/main
+          config: .ai-saas-guard.json
+          format: markdown
+          output: ai-saas-guard-pr.md
+      - run: cat ai-saas-guard-pr.md >> "$GITHUB_STEP_SUMMARY"
+      - uses: zr9959/ai-saas-guard@v0
+        with:
+          command: scan
+          root: ${{ github.workspace }}
+          config: .ai-saas-guard.json
+          format: sarif
+          output: ai-saas-guard.sarif
+      - uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: ai-saas-guard.sarif
+```
+
 ## PR Summary
 
 Use markdown when reviewers need a short, evidence-first launch decision queue: risky files, required verification, reviewer checklist, ranking explanation, and suggested PR split.

package/docs/npm-publishing.md

@@ -5,11 +5,11 @@
 ## Current State
 
 - Package name: `ai-saas-guard`
-- Current published version: `0.36.0`
+- Current published version: `0.37.0`
 - Next source candidate: none
 - npm registry state: published at <https://www.npmjs.com/package/ai-saas-guard>
 - First npm-published version: `0.1.1`
-- GitHub Release: `v0.36.0`
+- GitHub Release: `v0.37.0`
 - Publish workflow: `.github/workflows/npm-publish.yml`
 - Trusted Publisher: GitHub Actions, `zr9959/ai-saas-guard`, workflow `npm-publish.yml`, allowed action `npm publish`
 - Long-lived npm publish token: not required
@@ -18,7 +18,7 @@
 
 Use GitHub Actions with npm Trusted Publisher/OIDC:
 
-1. Create and review a release tag such as `v0.36.0`.
+1. Create and review a release tag such as `v0.37.0`.
 2. Publish from the GitHub Release or run the `Publish npm` workflow manually with `ref` set to that tag.
 3. Keep `permissions.id-token: write` in the workflow so npm can exchange the GitHub Actions OIDC identity for a short-lived publish credential.
 4. Run `npm publish --access public` from the workflow. Trusted publishing automatically generates provenance for this public package from this public repository.

package/hosted/cloudflare-worker/src/index.js

@@ -669,10 +669,15 @@ function summarizeFindings(findings) {
 
 function renderCheckRunSummary({ identity, report, scannerVersion }) {
   const lines = [
-    `Review first: ai-saas-guard found ${report.summary.total} PR risk signal(s) for ${identity.repositoryFullName}#${identity.pullRequestNumber}.`,
+    `Launch-risk gate: ai-saas-guard found ${report.summary.total} PR risk signal(s) for ${identity.repositoryFullName}#${identity.pullRequestNumber}. Review first: inspect the listed trust-boundary files before merge.`,
     `Scanner version: ${scannerVersion}.`,
     "",
-    "This is not a pentest, certification, or full security audit. Review the listed files before merge.",
+    "This is not an AI reviewer, pentest, certification, or full security audit. Review the listed files before merge.",
+    "",
+    "Launch decision queue:",
+    "- Can a real user get access they should not have?",
+    "- Can the app claim success when something failed?",
+    "- Can launch infrastructure do too much damage?",
     "",
     "Privacy: this Check Run stores compact file/category signals only. It does not store webhook payload bodies, PR title/body text, diff contents, source, secrets, checkout paths, or installation tokens."
   ];

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ai-saas-guard",
-  "version": "0.36.0",
+  "version": "0.37.0",
   "description": "Local-first CLI that catches launch blockers in AI-built Next.js/Supabase/Stripe SaaS apps.",
   "readmeFilename": "README.md",
   "type": "module",