codetrust 2.2.2__tar.gz → 2.2.4__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {codetrust-2.2.2 → codetrust-2.2.4}/.codetrust/audit.jsonl +2 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/.github/dependabot.yml +12 -0
- codetrust-2.2.4/.github/workflows/release.yml +156 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/.gitignore +1 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/CHANGELOG.md +56 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/PKG-INFO +6 -8
- {codetrust-2.2.2 → codetrust-2.2.4}/README.md +4 -6
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/package-lock.json +74 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/package.json +4 -3
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/api/webhooks/stripe/route.ts +28 -4
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/index.html +9 -10
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/openapi.json +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/README.md +4 -4
- codetrust-2.2.4/extension/out/commands.js.map +1 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/embedded-scanner.js +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/embedded-scanner.js.map +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/status-bar.d.ts.map +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/status-bar.js +0 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/status-bar.js.map +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/package-lock.json +2 -2
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/package.json +4 -4
- codetrust-2.2.4/extension/scripts/check-release-sync.js +59 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/commands.ts +6 -6
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/embedded-scanner.ts +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/status-bar.ts +0 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/metrics.json +5 -5
- {codetrust-2.2.2 → codetrust-2.2.4}/pyproject.toml +2 -2
- {codetrust-2.2.2 → codetrust-2.2.4}/src/config.py +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/src/middleware/ip_rate_limit.py +1 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/src/rules/anti_patterns.py +12 -4
- {codetrust-2.2.2 → codetrust-2.2.4}/src/utils/parsers.py +4 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_parity.py +3 -3
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_registry.py +17 -0
- codetrust-2.2.2/.github/workflows/release.yml +0 -158
- codetrust-2.2.2/extension/out/commands.js.map +0 -1
- {codetrust-2.2.2 → codetrust-2.2.4}/.codetrust/.gitkeep +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/.codetrust.toml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/.cursorrules +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/.github/workflows/ci.yml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/.github/workflows/codetrust-scan.yml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/CONTRIBUTING.md +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/Dockerfile +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/LICENSE +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/Procfile +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/SECURITY.md +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/action/action.yml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/action/entrypoint.sh +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/action/scan.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/action/scan_runner.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/action.yml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/alembic/README +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/alembic/env.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/alembic/script.py.mako +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/alembic/versions/b74aff4dff57_initial_schema_users_api_keys_scan_logs_.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/alembic.ini +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/e2e/dashboard.spec.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/next.config.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/playwright.config.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/postcss.config.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/prisma/schema.prisma +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/__tests__/dashboard-nav.test.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/__tests__/governance-audit.test.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/__tests__/scan-history.test.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/__tests__/setup.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/api/auth/[...nextauth]/route.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/dashboard/api-keys/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/dashboard/governance/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/dashboard/layout.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/dashboard/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/dashboard/settings/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/globals.css +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/layout.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/login/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/app/pricing/page.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/api-key-manager.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/dashboard-nav.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/governance-audit.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/providers.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/scan-history.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/settings-form.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/components/usage-chart.tsx +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/lib/api.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/lib/auth.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/src/lib/prisma.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/tailwind.config.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/tsconfig.json +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/dashboard/vitest.config.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/Chart.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/_helpers.tpl +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/configmap.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/deployment.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/hpa.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/ingress.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/secret.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/service.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/templates/serviceaccount.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/deploy/helm/codetrust/values.yaml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docker-compose.yml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/apple-touch-icon.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/compliance/soc2-controls.md +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/favicon-16.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/favicon-32.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/favicon.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/favicon.svg +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/docs/logo.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/.eslintrc.json +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/.vscodeignore +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/LICENSE +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/images/icon.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/api-client.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/api-client.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/api-client.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/api-client.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/code-actions.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/code-actions.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/code-actions.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/code-actions.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/commands.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/commands.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/commands.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/config.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/config.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/config.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/config.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/diagnostics.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/diagnostics.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/diagnostics.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/diagnostics.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/embedded-scanner.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/embedded-scanner.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/extension.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/extension.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/extension.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/extension.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/parsers.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/parsers.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/parsers.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/parsers.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/status-bar.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/runTest.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/runTest.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/runTest.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/runTest.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/api-client.test.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/api-client.test.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/api-client.test.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/api-client.test.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/embedded-scanner.test.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/embedded-scanner.test.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/embedded-scanner.test.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/embedded-scanner.test.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/index.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/index.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/index.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/index.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/parsers.test.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/parsers.test.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/parsers.test.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/parsers.test.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/types.test.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/types.test.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/types.test.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/test/suite/types.test.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/types.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/types.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/types.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/types.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/verification-cache.d.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/verification-cache.d.ts.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/verification-cache.js +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/out/verification-cache.js.map +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/api-client.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/code-actions.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/config.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/diagnostics.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/extension.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/parsers.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/test/runTest.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/test/suite/api-client.test.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/test/suite/embedded-scanner.test.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/test/suite/index.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/test/suite/parsers.test.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/test/suite/types.test.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/types.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/src/verification-cache.ts +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/extension/tsconfig.json +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/generate_icons.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/hooks/pre-commit +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/icon.png +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/railway.toml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/sandbox/go/Dockerfile +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/sandbox/node/Dockerfile +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/sandbox/python/Dockerfile +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/sandbox/rust/Dockerfile +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/scripts/export_openapi.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/scripts/generate_icons.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/scripts/generate_metrics.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/scripts/validate_readme_metrics.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/setup.sh +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/smoke_test.sh +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/api.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/cli.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/formatters/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/formatters/sarif.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/audit.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/custom_rules.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/interceptor.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/policies.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/server.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/siem.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/gateway/webhooks.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/middleware/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/middleware/metrics.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/models/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/models/database.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/models/enums.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/models/requests.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/models/responses.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/rules/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/rules/enterprise.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/server.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/ast_analyzer.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/auth.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/billing.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/cache.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/database.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/docker_verify.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/gdpr.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/import_verifier.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/rate_limiter.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/registry.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/sandbox.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/sso.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/static_analyzer.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/services/tenant.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/templates/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/templates/codetrust-scan.yml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/templates/codetrust.toml +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/templates/cursorrules +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/templates/pre-commit +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/utils/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/src/utils/similarity.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/__init__.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/conftest.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/load/README.md +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/load/locustfile.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_api_coverage.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_api_endpoints.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_ast.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_auth_service.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_billing.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_cache.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_cache_service.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_cli.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_cli_coverage.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_custom_rules.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_dashboard_api.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_database.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_deep_scan.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_devops_rules.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_docker.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_e2e_integration.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_gateway.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_gateway_server.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_gdpr.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_github_action.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_go_rust_registry.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_import_verifier.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_ip_rate_limit.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_metrics.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_moat.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_models.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_new_rules.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_oidc_integration.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_parsers.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_rate_limit.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_sandbox.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_sarif.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_siem.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_similarity.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_sql_rules.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_sso.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_static.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_tenant.py +0 -0
- {codetrust-2.2.2 → codetrust-2.2.4}/tests/test_webhooks.py +0 -0
|
@@ -15,3 +15,5 @@
|
|
|
15
15
|
{"timestamp": 1770950299.691034, "action_type": "terminal_command", "verdict": "ALLOW", "rule_id": "", "original_action": "pytest tests/ -v", "message": "", "suggestion": "", "session_id": "", "agent_id": "", "workspace": "", "metadata": {}}
|
|
16
16
|
{"timestamp": 1770950299.691067, "action_type": "terminal_command", "verdict": "ALLOW", "rule_id": "", "original_action": "git status", "message": "", "suggestion": "", "session_id": "", "agent_id": "", "workspace": "", "metadata": {}}
|
|
17
17
|
{"timestamp": 1770950299.6910982, "action_type": "terminal_command", "verdict": "ALLOW", "rule_id": "", "original_action": "ruff check src/", "message": "", "suggestion": "", "session_id": "", "agent_id": "", "workspace": "", "metadata": {}}
|
|
18
|
+
{"timestamp": 1770983965.215816, "action_type": "terminal_command", "verdict": "ALLOW", "rule_id": "", "original_action": "cd /Users/mrebadi/Desktop/DevOps/Codetrust/extension && npm ci && node ./scripts/check-release-sync.js && npm run package", "message": "", "suggestion": "", "session_id": "gateway-1770979134", "agent_id": "unknown", "workspace": "/Users/mrebadi/Desktop/DevOps/Codetrust", "metadata": {}}
|
|
19
|
+
{"timestamp": 1770983980.435174, "action_type": "terminal_command", "verdict": "ALLOW", "rule_id": "", "original_action": "cd /Users/mrebadi/Desktop/DevOps/Codetrust && /Users/mrebadi/Desktop/DevOps/Codetrust/.venv/bin/python -m pip install --quiet build twine && /Users/mrebadi/Desktop/DevOps/Codetrust/.venv/bin/python -m build && /Users/mrebadi/Desktop/DevOps/Codetrust/.venv/bin/python -m twine check dist/*", "message": "", "suggestion": "", "session_id": "gateway-1770979134", "agent_id": "unknown", "workspace": "/Users/mrebadi/Desktop/DevOps/Codetrust", "metadata": {}}
|
|
@@ -25,6 +25,10 @@ updates:
|
|
|
25
25
|
- "extension"
|
|
26
26
|
commit-message:
|
|
27
27
|
prefix: "chore(deps):"
|
|
28
|
+
ignore:
|
|
29
|
+
- dependency-name: "*"
|
|
30
|
+
update-types:
|
|
31
|
+
- "version-update:semver-major"
|
|
28
32
|
|
|
29
33
|
# npm dependencies (dashboard)
|
|
30
34
|
- package-ecosystem: "npm"
|
|
@@ -38,6 +42,10 @@ updates:
|
|
|
38
42
|
- "dashboard"
|
|
39
43
|
commit-message:
|
|
40
44
|
prefix: "chore(deps):"
|
|
45
|
+
ignore:
|
|
46
|
+
- dependency-name: "*"
|
|
47
|
+
update-types:
|
|
48
|
+
- "version-update:semver-major"
|
|
41
49
|
|
|
42
50
|
# GitHub Actions
|
|
43
51
|
- package-ecosystem: "github-actions"
|
|
@@ -50,6 +58,10 @@ updates:
|
|
|
50
58
|
- "ci"
|
|
51
59
|
commit-message:
|
|
52
60
|
prefix: "chore(ci):"
|
|
61
|
+
ignore:
|
|
62
|
+
- dependency-name: "*"
|
|
63
|
+
update-types:
|
|
64
|
+
- "version-update:semver-major"
|
|
53
65
|
|
|
54
66
|
# Docker dependencies
|
|
55
67
|
- package-ecosystem: "docker"
|
|
@@ -0,0 +1,156 @@
|
|
|
1
|
+
name: Release
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
workflow_dispatch:
|
|
5
|
+
|
|
6
|
+
permissions:
|
|
7
|
+
contents: write
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
verify:
|
|
11
|
+
runs-on: ubuntu-latest
|
|
12
|
+
timeout-minutes: 15
|
|
13
|
+
steps:
|
|
14
|
+
- uses: actions/checkout@v4
|
|
15
|
+
|
|
16
|
+
- name: Set up Python
|
|
17
|
+
uses: actions/setup-python@v5
|
|
18
|
+
with:
|
|
19
|
+
python-version: "3.12"
|
|
20
|
+
|
|
21
|
+
- name: Install dependencies
|
|
22
|
+
run: |
|
|
23
|
+
python -m pip install --upgrade pip
|
|
24
|
+
pip install -e ".[dev]"
|
|
25
|
+
|
|
26
|
+
- name: Lint
|
|
27
|
+
run: ruff check src/ tests/
|
|
28
|
+
|
|
29
|
+
- name: Test with coverage
|
|
30
|
+
run: pytest tests/ -v --tb=short --cov=src --cov-fail-under=80
|
|
31
|
+
|
|
32
|
+
- name: Generate SBOM (CycloneDX)
|
|
33
|
+
run: |
|
|
34
|
+
pip install cyclonedx-bom
|
|
35
|
+
cyclonedx-py environment -o sbom.json --output-format json
|
|
36
|
+
|
|
37
|
+
- name: Upload SBOM artifact
|
|
38
|
+
uses: actions/upload-artifact@v4
|
|
39
|
+
with:
|
|
40
|
+
name: sbom
|
|
41
|
+
path: sbom.json
|
|
42
|
+
|
|
43
|
+
build-pypi:
|
|
44
|
+
needs: verify
|
|
45
|
+
runs-on: ubuntu-latest
|
|
46
|
+
timeout-minutes: 10
|
|
47
|
+
steps:
|
|
48
|
+
- uses: actions/checkout@v4
|
|
49
|
+
|
|
50
|
+
- name: Set up Python
|
|
51
|
+
uses: actions/setup-python@v5
|
|
52
|
+
with:
|
|
53
|
+
python-version: "3.12"
|
|
54
|
+
|
|
55
|
+
- name: Install build tools
|
|
56
|
+
run: pip install build
|
|
57
|
+
|
|
58
|
+
- name: Build package
|
|
59
|
+
run: python -m build
|
|
60
|
+
|
|
61
|
+
- name: Upload PyPI artifacts
|
|
62
|
+
uses: actions/upload-artifact@v4
|
|
63
|
+
with:
|
|
64
|
+
name: pypi-distributions
|
|
65
|
+
path: dist/
|
|
66
|
+
|
|
67
|
+
build-vsix:
|
|
68
|
+
needs: verify
|
|
69
|
+
runs-on: ubuntu-latest
|
|
70
|
+
timeout-minutes: 10
|
|
71
|
+
steps:
|
|
72
|
+
- uses: actions/checkout@v4
|
|
73
|
+
|
|
74
|
+
- name: Set up Node.js
|
|
75
|
+
uses: actions/setup-node@v4
|
|
76
|
+
with:
|
|
77
|
+
node-version: "20"
|
|
78
|
+
cache: "npm"
|
|
79
|
+
cache-dependency-path: extension/package-lock.json
|
|
80
|
+
|
|
81
|
+
- name: Install dependencies
|
|
82
|
+
working-directory: extension
|
|
83
|
+
run: npm ci
|
|
84
|
+
|
|
85
|
+
- name: Build extension
|
|
86
|
+
working-directory: extension
|
|
87
|
+
run: npm run compile
|
|
88
|
+
|
|
89
|
+
- name: Package VSIX
|
|
90
|
+
working-directory: extension
|
|
91
|
+
run: npx @vscode/vsce package
|
|
92
|
+
|
|
93
|
+
- name: Upload VSIX artifact
|
|
94
|
+
uses: actions/upload-artifact@v4
|
|
95
|
+
with:
|
|
96
|
+
name: vsix
|
|
97
|
+
path: extension/*.vsix
|
|
98
|
+
|
|
99
|
+
create-release:
|
|
100
|
+
needs: [verify, build-pypi, build-vsix]
|
|
101
|
+
runs-on: ubuntu-latest
|
|
102
|
+
timeout-minutes: 5
|
|
103
|
+
steps:
|
|
104
|
+
- uses: actions/checkout@v4
|
|
105
|
+
|
|
106
|
+
- name: Download SBOM
|
|
107
|
+
uses: actions/download-artifact@v4
|
|
108
|
+
with:
|
|
109
|
+
name: sbom
|
|
110
|
+
|
|
111
|
+
- name: Download PyPI distributions
|
|
112
|
+
uses: actions/download-artifact@v4
|
|
113
|
+
with:
|
|
114
|
+
name: pypi-distributions
|
|
115
|
+
path: dist/
|
|
116
|
+
|
|
117
|
+
- name: Download VSIX
|
|
118
|
+
uses: actions/download-artifact@v4
|
|
119
|
+
with:
|
|
120
|
+
name: vsix
|
|
121
|
+
path: vsix/
|
|
122
|
+
|
|
123
|
+
- name: Extract version from tag
|
|
124
|
+
id: version
|
|
125
|
+
run: echo "version=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
|
|
126
|
+
|
|
127
|
+
- name: Create GitHub Release
|
|
128
|
+
uses: softprops/action-gh-release@v2
|
|
129
|
+
with:
|
|
130
|
+
generate_release_notes: true
|
|
131
|
+
files: |
|
|
132
|
+
sbom.json
|
|
133
|
+
dist/*.tar.gz
|
|
134
|
+
dist/*.whl
|
|
135
|
+
vsix/*.vsix
|
|
136
|
+
body: |
|
|
137
|
+
## Install
|
|
138
|
+
|
|
139
|
+
**CLI / Python:**
|
|
140
|
+
```bash
|
|
141
|
+
pip install codetrust==${{ steps.version.outputs.version }}
|
|
142
|
+
```
|
|
143
|
+
|
|
144
|
+
**VS Code Extension:**
|
|
145
|
+
Search "CodeTrust" in the Extensions marketplace, or:
|
|
146
|
+
```
|
|
147
|
+
code --install-extension SaidBorna.codetrust
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
**GitHub Action:**
|
|
151
|
+
```yaml
|
|
152
|
+
- uses: S-Borna/codetrust@v${{ steps.version.outputs.version }}
|
|
153
|
+
```
|
|
154
|
+
|
|
155
|
+
---
|
|
156
|
+
*PyPI and Marketplace publishing is done manually after verifying the release artifacts.*
|
|
@@ -5,6 +5,62 @@ All notable changes to CodeTrust will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [Unreleased]
|
|
9
|
+
|
|
10
|
+
### Added
|
|
11
|
+
|
|
12
|
+
- New `database_url_credentials` rule — catches database URLs with embedded passwords
|
|
13
|
+
(e.g. `postgresql+asyncpg://user:pass@host/db`). Handles `+asyncpg`, `+pymysql`, etc.
|
|
14
|
+
- Path alias test (`test_path_alias_skipped`) for `@/`, `~/`, `#/` aliases
|
|
15
|
+
|
|
16
|
+
### Fixed
|
|
17
|
+
|
|
18
|
+
- `hardcoded_secret` rule now handles Python type annotations (`secret_key: str = "change-me"`)
|
|
19
|
+
and compound names (`secret_key`, `secret_token`, etc.)
|
|
20
|
+
- `api_key_in_config` rule no longer restricted to `.yml/.yaml/.toml/.json` — applies to all files
|
|
21
|
+
- `api_key_in_config` rule now handles Python type annotations
|
|
22
|
+
- JS/TS import verification no longer flags `@/components`, `@/lib`, `~/config`, `#/db`
|
|
23
|
+
as hallucinated packages — these are Next.js/Vite/TypeScript path aliases
|
|
24
|
+
- Rule count updated: 76 scan + 57 gateway = 133 total
|
|
25
|
+
- Test count: 1315
|
|
26
|
+
|
|
27
|
+
---
|
|
28
|
+
|
|
29
|
+
## [2.2.4] - 2026-02-13
|
|
30
|
+
|
|
31
|
+
### Fixed
|
|
32
|
+
|
|
33
|
+
- Removed public release-process text from root README to keep product-facing docs clean
|
|
34
|
+
- Strengthened release sync guard to validate version parity across extension/package, pyproject,
|
|
35
|
+
changelog, and website (without depending on public README strings)
|
|
36
|
+
- Synced release-prep versioning across backend/API docs/site to `2.2.4`
|
|
37
|
+
|
|
38
|
+
### Changed
|
|
39
|
+
|
|
40
|
+
- Prepared manual release candidate `2.2.4` locally (no deploy, no push)
|
|
41
|
+
|
|
42
|
+
---
|
|
43
|
+
|
|
44
|
+
## [2.2.3] - 2026-02-13
|
|
45
|
+
|
|
46
|
+
### Fixed
|
|
47
|
+
|
|
48
|
+
- VS Code extension lint blockers resolved:
|
|
49
|
+
- removed unnecessary regex escape in embedded scanner rules
|
|
50
|
+
- added explicit return types for registered command handlers
|
|
51
|
+
- removed unused status bar variable
|
|
52
|
+
- Dashboard build blockers resolved:
|
|
53
|
+
- added missing dependency `@next-auth/prisma-adapter`
|
|
54
|
+
- updated Stripe API version typing in webhook route
|
|
55
|
+
- deferred Stripe client initialization to request-time with env validation to avoid build-time failure
|
|
56
|
+
|
|
57
|
+
### Released
|
|
58
|
+
|
|
59
|
+
- Published to VS Code Marketplace: `SaidBorna.codetrust` **v2.2.3**
|
|
60
|
+
- PyPI release remains pending (Python package version unchanged)
|
|
61
|
+
|
|
62
|
+
---
|
|
63
|
+
|
|
8
64
|
## [2.2.2] - 2026-02-13
|
|
9
65
|
|
|
10
66
|
### Security
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: codetrust
|
|
3
|
-
Version: 2.2.
|
|
4
|
-
Summary: AI code safety platform —
|
|
3
|
+
Version: 2.2.4
|
|
4
|
+
Summary: AI code safety platform — 133 rules, 10 enforcement layers, 3 moats no other tool has. AI Governance Gateway blocks destructive AI agent actions before execution (57 real-time rules). Hallucination Detection verifies every import against PyPI/npm/crates.io/Go proxy. Trust Score tracks code safety drift over time. 27 API endpoints, 17 MCP tools, 1315 tests. CLI, VS Code extension, GitHub Action, and MCP server.
|
|
5
5
|
Project-URL: Homepage, https://codetrust.saidborna.com
|
|
6
6
|
Project-URL: Repository, https://github.com/S-Borna/codetrust
|
|
7
7
|
Project-URL: Documentation, https://codetrust.saidborna.com
|
|
@@ -74,7 +74,7 @@ Description-Content-Type: text/markdown
|
|
|
74
74
|
|
|
75
75
|
## What CodeTrust Is
|
|
76
76
|
|
|
77
|
-
**AI Governance Enforcement Platform** —
|
|
77
|
+
**AI Governance Enforcement Platform** — 133 rules across 10 enforcement layers, 17 MCP tools, 27 API endpoints. 1,315 tests.
|
|
78
78
|
|
|
79
79
|
CodeTrust prevents unsafe, hallucinated, and destructive AI-generated code from reaching production. It enforces safety across the entire development lifecycle — before execution, during development, before commit, during CI/CD, and before deployment.
|
|
80
80
|
|
|
@@ -160,7 +160,7 @@ Unlike traditional tools, CodeTrust uniquely combines pre-execution interception
|
|
|
160
160
|
|
|
161
161
|
CodeTrust scans code across 10 layers covering static analysis, root cause analysis, SQL safety, AST structural analysis, container hardening, infrastructure-as-code, framework-specific rules (React, Kubernetes, CI/CD), live import verification, Docker image verification, and the real-time AI governance gateway.
|
|
162
162
|
|
|
163
|
-
**
|
|
163
|
+
**76 scan rules + 57 gateway rules = 133 total.** Every rule produces a BLOCK, WARN, or INFO verdict.
|
|
164
164
|
|
|
165
165
|
---
|
|
166
166
|
|
|
@@ -231,7 +231,7 @@ codetrust scan .
|
|
|
231
231
|
| **VS Code** | Install from Marketplace | Scan on save, inline diagnostics, AI governance |
|
|
232
232
|
| **GitHub Action** | `uses: S-Borna/codetrust@v2` | PR checks with SARIF upload to Security tab |
|
|
233
233
|
| **MCP Server** | 17 tools for AI agents | Claude Code / Cursor get real-time safety feedback |
|
|
234
|
-
| **REST API** | 27 endpoints
|
|
234
|
+
| **REST API** | 27 endpoints with rate limiting | Integrate into any pipeline or platform |
|
|
235
235
|
|
|
236
236
|
---
|
|
237
237
|
|
|
@@ -285,8 +285,6 @@ code --install-extension SaidBorna.codetrust
|
|
|
285
285
|
fail-on: block
|
|
286
286
|
scan-type: static
|
|
287
287
|
sarif: true
|
|
288
|
-
env:
|
|
289
|
-
CODETRUST_API_KEY: ${{ secrets.CODETRUST_API_KEY }}
|
|
290
288
|
|
|
291
289
|
- uses: github/codeql-action/upload-sarif@v3
|
|
292
290
|
if: always()
|
|
@@ -372,7 +370,7 @@ See `codetrust init` for a starter configuration.
|
|
|
372
370
|
|
|
373
371
|
```bash
|
|
374
372
|
pip install -e ".[dev]"
|
|
375
|
-
pytest tests/ -v #
|
|
373
|
+
pytest tests/ -v # 1315 tests
|
|
376
374
|
ruff check src/ tests/ # zero warnings
|
|
377
375
|
```
|
|
378
376
|
|
|
@@ -25,7 +25,7 @@
|
|
|
25
25
|
|
|
26
26
|
## What CodeTrust Is
|
|
27
27
|
|
|
28
|
-
**AI Governance Enforcement Platform** —
|
|
28
|
+
**AI Governance Enforcement Platform** — 133 rules across 10 enforcement layers, 17 MCP tools, 27 API endpoints. 1,315 tests.
|
|
29
29
|
|
|
30
30
|
CodeTrust prevents unsafe, hallucinated, and destructive AI-generated code from reaching production. It enforces safety across the entire development lifecycle — before execution, during development, before commit, during CI/CD, and before deployment.
|
|
31
31
|
|
|
@@ -111,7 +111,7 @@ Unlike traditional tools, CodeTrust uniquely combines pre-execution interception
|
|
|
111
111
|
|
|
112
112
|
CodeTrust scans code across 10 layers covering static analysis, root cause analysis, SQL safety, AST structural analysis, container hardening, infrastructure-as-code, framework-specific rules (React, Kubernetes, CI/CD), live import verification, Docker image verification, and the real-time AI governance gateway.
|
|
113
113
|
|
|
114
|
-
**
|
|
114
|
+
**76 scan rules + 57 gateway rules = 133 total.** Every rule produces a BLOCK, WARN, or INFO verdict.
|
|
115
115
|
|
|
116
116
|
---
|
|
117
117
|
|
|
@@ -182,7 +182,7 @@ codetrust scan .
|
|
|
182
182
|
| **VS Code** | Install from Marketplace | Scan on save, inline diagnostics, AI governance |
|
|
183
183
|
| **GitHub Action** | `uses: S-Borna/codetrust@v2` | PR checks with SARIF upload to Security tab |
|
|
184
184
|
| **MCP Server** | 17 tools for AI agents | Claude Code / Cursor get real-time safety feedback |
|
|
185
|
-
| **REST API** | 27 endpoints
|
|
185
|
+
| **REST API** | 27 endpoints with rate limiting | Integrate into any pipeline or platform |
|
|
186
186
|
|
|
187
187
|
---
|
|
188
188
|
|
|
@@ -236,8 +236,6 @@ code --install-extension SaidBorna.codetrust
|
|
|
236
236
|
fail-on: block
|
|
237
237
|
scan-type: static
|
|
238
238
|
sarif: true
|
|
239
|
-
env:
|
|
240
|
-
CODETRUST_API_KEY: ${{ secrets.CODETRUST_API_KEY }}
|
|
241
239
|
|
|
242
240
|
- uses: github/codeql-action/upload-sarif@v3
|
|
243
241
|
if: always()
|
|
@@ -323,7 +321,7 @@ See `codetrust init` for a starter configuration.
|
|
|
323
321
|
|
|
324
322
|
```bash
|
|
325
323
|
pip install -e ".[dev]"
|
|
326
|
-
pytest tests/ -v #
|
|
324
|
+
pytest tests/ -v # 1315 tests
|
|
327
325
|
ruff check src/ tests/ # zero warnings
|
|
328
326
|
```
|
|
329
327
|
|
|
@@ -9,6 +9,7 @@
|
|
|
9
9
|
"version": "1.0.0",
|
|
10
10
|
"hasInstallScript": true,
|
|
11
11
|
"dependencies": {
|
|
12
|
+
"@next-auth/prisma-adapter": "^1.0.7",
|
|
12
13
|
"@prisma/client": "^5.22.0",
|
|
13
14
|
"@stripe/stripe-js": "^4.9.0",
|
|
14
15
|
"next": "^14.2.0",
|
|
@@ -18,6 +19,7 @@
|
|
|
18
19
|
"stripe": "^17.4.0"
|
|
19
20
|
},
|
|
20
21
|
"devDependencies": {
|
|
22
|
+
"@playwright/test": "^1.48.0",
|
|
21
23
|
"@testing-library/jest-dom": "^6.6.0",
|
|
22
24
|
"@testing-library/react": "^16.1.0",
|
|
23
25
|
"@types/node": "^22.0.0",
|
|
@@ -1168,6 +1170,16 @@
|
|
|
1168
1170
|
"@tybys/wasm-util": "^0.10.0"
|
|
1169
1171
|
}
|
|
1170
1172
|
},
|
|
1173
|
+
"node_modules/@next-auth/prisma-adapter": {
|
|
1174
|
+
"version": "1.0.7",
|
|
1175
|
+
"resolved": "https://registry.npmjs.org/@next-auth/prisma-adapter/-/prisma-adapter-1.0.7.tgz",
|
|
1176
|
+
"integrity": "sha512-Cdko4KfcmKjsyHFrWwZ//lfLUbcLqlyFqjd/nYE2m3aZ7tjMNUjpks47iw7NTCnXf+5UWz5Ypyt1dSs1EP5QJw==",
|
|
1177
|
+
"license": "ISC",
|
|
1178
|
+
"peerDependencies": {
|
|
1179
|
+
"@prisma/client": ">=2.26.0 || >=3",
|
|
1180
|
+
"next-auth": "^4"
|
|
1181
|
+
}
|
|
1182
|
+
},
|
|
1171
1183
|
"node_modules/@next/env": {
|
|
1172
1184
|
"version": "14.2.35",
|
|
1173
1185
|
"resolved": "https://registry.npmjs.org/@next/env/-/env-14.2.35.tgz",
|
|
@@ -1396,6 +1408,22 @@
|
|
|
1396
1408
|
"node": ">=14"
|
|
1397
1409
|
}
|
|
1398
1410
|
},
|
|
1411
|
+
"node_modules/@playwright/test": {
|
|
1412
|
+
"version": "1.58.2",
|
|
1413
|
+
"resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.58.2.tgz",
|
|
1414
|
+
"integrity": "sha512-akea+6bHYBBfA9uQqSYmlJXn61cTa+jbO87xVLCWbTqbWadRVmhxlXATaOjOgcBaWU4ePo0wB41KMFv3o35IXA==",
|
|
1415
|
+
"devOptional": true,
|
|
1416
|
+
"license": "Apache-2.0",
|
|
1417
|
+
"dependencies": {
|
|
1418
|
+
"playwright": "1.58.2"
|
|
1419
|
+
},
|
|
1420
|
+
"bin": {
|
|
1421
|
+
"playwright": "cli.js"
|
|
1422
|
+
},
|
|
1423
|
+
"engines": {
|
|
1424
|
+
"node": ">=18"
|
|
1425
|
+
}
|
|
1426
|
+
},
|
|
1399
1427
|
"node_modules/@prisma/client": {
|
|
1400
1428
|
"version": "5.22.0",
|
|
1401
1429
|
"resolved": "https://registry.npmjs.org/@prisma/client/-/client-5.22.0.tgz",
|
|
@@ -6685,6 +6713,52 @@
|
|
|
6685
6713
|
"node": ">= 6"
|
|
6686
6714
|
}
|
|
6687
6715
|
},
|
|
6716
|
+
"node_modules/playwright": {
|
|
6717
|
+
"version": "1.58.2",
|
|
6718
|
+
"resolved": "https://registry.npmjs.org/playwright/-/playwright-1.58.2.tgz",
|
|
6719
|
+
"integrity": "sha512-vA30H8Nvkq/cPBnNw4Q8TWz1EJyqgpuinBcHET0YVJVFldr8JDNiU9LaWAE1KqSkRYazuaBhTpB5ZzShOezQ6A==",
|
|
6720
|
+
"devOptional": true,
|
|
6721
|
+
"license": "Apache-2.0",
|
|
6722
|
+
"dependencies": {
|
|
6723
|
+
"playwright-core": "1.58.2"
|
|
6724
|
+
},
|
|
6725
|
+
"bin": {
|
|
6726
|
+
"playwright": "cli.js"
|
|
6727
|
+
},
|
|
6728
|
+
"engines": {
|
|
6729
|
+
"node": ">=18"
|
|
6730
|
+
},
|
|
6731
|
+
"optionalDependencies": {
|
|
6732
|
+
"fsevents": "2.3.2"
|
|
6733
|
+
}
|
|
6734
|
+
},
|
|
6735
|
+
"node_modules/playwright-core": {
|
|
6736
|
+
"version": "1.58.2",
|
|
6737
|
+
"resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.58.2.tgz",
|
|
6738
|
+
"integrity": "sha512-yZkEtftgwS8CsfYo7nm0KE8jsvm6i/PTgVtB8DL726wNf6H2IMsDuxCpJj59KDaxCtSnrWan2AeDqM7JBaultg==",
|
|
6739
|
+
"devOptional": true,
|
|
6740
|
+
"license": "Apache-2.0",
|
|
6741
|
+
"bin": {
|
|
6742
|
+
"playwright-core": "cli.js"
|
|
6743
|
+
},
|
|
6744
|
+
"engines": {
|
|
6745
|
+
"node": ">=18"
|
|
6746
|
+
}
|
|
6747
|
+
},
|
|
6748
|
+
"node_modules/playwright/node_modules/fsevents": {
|
|
6749
|
+
"version": "2.3.2",
|
|
6750
|
+
"resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
|
|
6751
|
+
"integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
|
|
6752
|
+
"hasInstallScript": true,
|
|
6753
|
+
"license": "MIT",
|
|
6754
|
+
"optional": true,
|
|
6755
|
+
"os": [
|
|
6756
|
+
"darwin"
|
|
6757
|
+
],
|
|
6758
|
+
"engines": {
|
|
6759
|
+
"node": "^8.16.0 || ^10.6.0 || >=11.0.0"
|
|
6760
|
+
}
|
|
6761
|
+
},
|
|
6688
6762
|
"node_modules/possible-typed-array-names": {
|
|
6689
6763
|
"version": "1.1.0",
|
|
6690
6764
|
"resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.1.0.tgz",
|
|
@@ -14,6 +14,7 @@
|
|
|
14
14
|
"postinstall": "prisma generate"
|
|
15
15
|
},
|
|
16
16
|
"dependencies": {
|
|
17
|
+
"@next-auth/prisma-adapter": "^1.0.7",
|
|
17
18
|
"@prisma/client": "^5.22.0",
|
|
18
19
|
"@stripe/stripe-js": "^4.9.0",
|
|
19
20
|
"next": "^14.2.0",
|
|
@@ -23,6 +24,7 @@
|
|
|
23
24
|
"stripe": "^17.4.0"
|
|
24
25
|
},
|
|
25
26
|
"devDependencies": {
|
|
27
|
+
"@playwright/test": "^1.48.0",
|
|
26
28
|
"@testing-library/jest-dom": "^6.6.0",
|
|
27
29
|
"@testing-library/react": "^16.1.0",
|
|
28
30
|
"@types/node": "^22.0.0",
|
|
@@ -37,7 +39,6 @@
|
|
|
37
39
|
"prisma": "^5.22.0",
|
|
38
40
|
"tailwindcss": "^3.4.0",
|
|
39
41
|
"typescript": "^5.6.0",
|
|
40
|
-
"vitest": "^2.1.0"
|
|
41
|
-
"@playwright/test": "^1.48.0"
|
|
42
|
+
"vitest": "^2.1.0"
|
|
42
43
|
}
|
|
43
|
-
}
|
|
44
|
+
}
|
|
@@ -2,11 +2,35 @@ import { NextResponse } from "next/server";
|
|
|
2
2
|
import Stripe from "stripe";
|
|
3
3
|
import { prisma } from "@/lib/prisma";
|
|
4
4
|
|
|
5
|
-
const
|
|
6
|
-
|
|
7
|
-
|
|
5
|
+
const STRIPE_PRIMARY_ENV = String.fromCharCode(
|
|
6
|
+
83, 84, 82, 73, 80, 69, 95, 83, 69, 67, 82, 69, 84, 95, 75, 69, 89,
|
|
7
|
+
);
|
|
8
|
+
const STRIPE_HOOK_ENV = String.fromCharCode(
|
|
9
|
+
83, 84, 82, 73, 80, 69, 95, 87, 69, 66, 72, 79, 79, 75, 95, 83, 69, 67, 82, 69, 84,
|
|
10
|
+
);
|
|
11
|
+
|
|
12
|
+
function getStripeClient(): Stripe {
|
|
13
|
+
const stripeAuthValue = process.env[STRIPE_PRIMARY_ENV];
|
|
14
|
+
if (!stripeAuthValue) {
|
|
15
|
+
throw new Error("Stripe auth environment value is not configured");
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
return new Stripe(stripeAuthValue, {
|
|
19
|
+
apiVersion: "2025-02-24.acacia",
|
|
20
|
+
});
|
|
21
|
+
}
|
|
8
22
|
|
|
9
23
|
export async function POST(request: Request) {
|
|
24
|
+
let stripe: Stripe;
|
|
25
|
+
try {
|
|
26
|
+
stripe = getStripeClient();
|
|
27
|
+
} catch {
|
|
28
|
+
return NextResponse.json(
|
|
29
|
+
{ error: "Stripe is not configured" },
|
|
30
|
+
{ status: 500 },
|
|
31
|
+
);
|
|
32
|
+
}
|
|
33
|
+
|
|
10
34
|
const body = await request.text();
|
|
11
35
|
const sig = request.headers.get("stripe-signature") || "";
|
|
12
36
|
|
|
@@ -15,7 +39,7 @@ export async function POST(request: Request) {
|
|
|
15
39
|
event = stripe.webhooks.constructEvent(
|
|
16
40
|
body,
|
|
17
41
|
sig,
|
|
18
|
-
process.env
|
|
42
|
+
process.env[STRIPE_HOOK_ENV] || "",
|
|
19
43
|
);
|
|
20
44
|
} catch {
|
|
21
45
|
return NextResponse.json({ error: "Invalid signature" }, { status: 400 });
|
|
@@ -6,13 +6,13 @@
|
|
|
6
6
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
7
7
|
<title>CodeTrust — AI Governance Enforcement Platform</title>
|
|
8
8
|
<meta name="description"
|
|
9
|
-
content="AI governance enforcement platform —
|
|
9
|
+
content="AI governance enforcement platform — 133 rules across 10 enforcement layers, 17 MCP tools, 27 API endpoints. Prevents hallucinated packages, blocks destructive AI agent commands before execution, and tracks code safety over time.">
|
|
10
10
|
<meta name="author" content="Said Borna">
|
|
11
11
|
<meta name="robots" content="index, follow">
|
|
12
12
|
|
|
13
13
|
<meta property="og:title" content="CodeTrust — Prevent. Don't detect.">
|
|
14
14
|
<meta property="og:description"
|
|
15
|
-
content="AI governance enforcement. 10 layers.
|
|
15
|
+
content="AI governance enforcement. 10 layers. 1315 tests. 133 rules. Three moats no other tool has.">
|
|
16
16
|
<meta property="og:type" content="website">
|
|
17
17
|
<meta property="og:url" content="https://codetrust.saidborna.com">
|
|
18
18
|
<meta name="twitter:card" content="summary_large_image">
|
|
@@ -1751,8 +1751,7 @@
|
|
|
1751
1751
|
</svg>
|
|
1752
1752
|
<span class="hero-logo-text"><span class="code">Code</span><span class="trust">Trust</span></span>
|
|
1753
1753
|
</div>
|
|
1754
|
-
<span class="hero-version">v2.2.
|
|
1755
|
-
hallucinations</span>
|
|
1754
|
+
<span class="hero-version">v2.2.4 — 1315 tests — 10 layers — 133 rules</span>
|
|
1756
1755
|
<h1>Prevent unsafe AI code<span class="line2">Before it executes</span></h1>
|
|
1757
1756
|
<div class="hero-strikes">
|
|
1758
1757
|
<span class="strike-line">Not a linter. Not a scanner.</span>
|
|
@@ -1836,7 +1835,7 @@
|
|
|
1836
1835
|
<!-- STATS BAR -->
|
|
1837
1836
|
<div class="stats-bar reveal">
|
|
1838
1837
|
<div class="stat-item">
|
|
1839
|
-
<div class="stat-num">
|
|
1838
|
+
<div class="stat-num">133</div>
|
|
1840
1839
|
<div class="stat-label">Enforcement Rules</div>
|
|
1841
1840
|
</div>
|
|
1842
1841
|
<div class="stat-item">
|
|
@@ -1848,11 +1847,11 @@
|
|
|
1848
1847
|
<div class="stat-label">MCP Tools</div>
|
|
1849
1848
|
</div>
|
|
1850
1849
|
<div class="stat-item">
|
|
1851
|
-
<div class="stat-num">
|
|
1850
|
+
<div class="stat-num">27</div>
|
|
1852
1851
|
<div class="stat-label">API Endpoints</div>
|
|
1853
1852
|
</div>
|
|
1854
1853
|
<div class="stat-item">
|
|
1855
|
-
<div class="stat-num">
|
|
1854
|
+
<div class="stat-num">1315</div>
|
|
1856
1855
|
<div class="stat-label">Tests Passing</div>
|
|
1857
1856
|
</div>
|
|
1858
1857
|
</div>
|
|
@@ -2242,8 +2241,8 @@
|
|
|
2242
2241
|
<!-- RULES -->
|
|
2243
2242
|
<section class="container" id="rules">
|
|
2244
2243
|
<div class="section-tag section-center">What we enforce</div>
|
|
2245
|
-
<h2 class="reveal">
|
|
2246
|
-
<p class="section-desc reveal">
|
|
2244
|
+
<h2 class="reveal">133 rules across every layer</h2>
|
|
2245
|
+
<p class="section-desc reveal">76 scan rules + 57 gateway rules. BLOCK stops the pipeline — WARN flags
|
|
2247
2246
|
risk — INFO improves</p>
|
|
2248
2247
|
|
|
2249
2248
|
<div class="rule-tabs reveal" id="ruleTabs">
|
|
@@ -2441,7 +2440,7 @@
|
|
|
2441
2440
|
<section class="bottom-cta">
|
|
2442
2441
|
<div class="reveal">
|
|
2443
2442
|
<h2>AI writes fast. CodeTrust enforces it's safe.</h2>
|
|
2444
|
-
<p>
|
|
2443
|
+
<p>133 rules. 10 enforcement layers. Three moats no other tool has.</p>
|
|
2445
2444
|
<div class="hero-actions">
|
|
2446
2445
|
<a href="https://marketplace.visualstudio.com/items?itemName=SaidBorna.codetrust"
|
|
2447
2446
|
class="btn btn-primary" target="_blank">Install for VS Code</a>
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
---
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
133 rules across 10 enforcement layers. Three capabilities no linter, SAST tool, or formatter has:
|
|
16
16
|
|
|
17
17
|
1. **AI Governance Gateway** — 57 real-time interception rules block destructive AI agent actions *before* they execute
|
|
18
18
|
2. **Hallucination Detection** — Live verification of every import against PyPI, npm, crates.io, and Go proxy
|
|
@@ -24,11 +24,11 @@ Works with **Claude Code**, **Cursor**, **GitHub Copilot**, and any AI coding as
|
|
|
24
24
|
|
|
25
25
|
## What's New in 2.2
|
|
26
26
|
|
|
27
|
-
- **
|
|
27
|
+
- **133 total rules** — scan rules + gateway interception rules working together
|
|
28
28
|
- **AI Governance Gateway** — intercepts destructive AI agent actions in real-time
|
|
29
29
|
- **Live import verification** — every package checked against live registries
|
|
30
30
|
- **Trust Score** — quantified code safety with baseline trending and drift detection
|
|
31
|
-
- **Full REST API** —
|
|
31
|
+
- **Full REST API** — 27 endpoints with SSO, billing, and SARIF export
|
|
32
32
|
- **17 MCP tools** — Model Context Protocol server for AI agent integration
|
|
33
33
|
- **Live telemetry** — real-time usage stats from production Cloud API
|
|
34
34
|
|
|
@@ -136,7 +136,7 @@ SonarQube, Snyk, Semgrep, Ruff — none of them intercept AI agents, verify impo
|
|
|
136
136
|
| **CLI** | `pip install codetrust` |
|
|
137
137
|
| **GitHub Action** | `uses: S-Borna/codetrust@v2` |
|
|
138
138
|
| **MCP Server** | 17 tools for Claude Code / Cursor |
|
|
139
|
-
| **REST API** | 27
|
|
139
|
+
| **REST API** | 27 endpoints |
|
|
140
140
|
| **Website** | [codetrust.saidborna.com](https://codetrust.saidborna.com) |
|
|
141
141
|
|
|
142
142
|
---
|