codetrust 2.3.2__tar.gz → 2.5.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (111) hide show
  1. {codetrust-2.3.2 → codetrust-2.5.0}/.env.example +18 -0
  2. {codetrust-2.3.2 → codetrust-2.5.0}/.gitignore +17 -0
  3. codetrust-2.5.0/.vscode/mcp.json +15 -0
  4. codetrust-2.5.0/.vscode/settings.json +5 -0
  5. codetrust-2.5.0/CHANGELOG.md +764 -0
  6. codetrust-2.5.0/CLAUDE.md +251 -0
  7. {codetrust-2.3.2 → codetrust-2.5.0}/CONTRIBUTING.md +22 -33
  8. codetrust-2.5.0/PKG-INFO +681 -0
  9. codetrust-2.5.0/PLAN.md +457 -0
  10. codetrust-2.5.0/README.md +628 -0
  11. {codetrust-2.3.2 → codetrust-2.5.0}/SECURITY.md +6 -9
  12. codetrust-2.5.0/SPEC.md +758 -0
  13. {codetrust-2.3.2 → codetrust-2.5.0}/action/action.yml +6 -1
  14. {codetrust-2.3.2 → codetrust-2.5.0}/action/entrypoint.sh +1 -1
  15. {codetrust-2.3.2 → codetrust-2.5.0}/action/scan.py +49 -1
  16. {codetrust-2.3.2 → codetrust-2.5.0}/action/scan_runner.py +1 -1
  17. {codetrust-2.3.2 → codetrust-2.5.0}/action.yml +1 -1
  18. codetrust-2.5.0/alembic/versions/7e0e30d20d6a_add_telemetry_events.py +76 -0
  19. codetrust-2.5.0/alembic/versions/9c1f6d1a2b44_add_telemetry_raw_and_metrics_counters.py +67 -0
  20. {codetrust-2.3.2 → codetrust-2.5.0}/dashboard/.env.example +1 -1
  21. codetrust-2.5.0/metrics.json +16 -0
  22. {codetrust-2.3.2 → codetrust-2.5.0}/pyproject.toml +13 -7
  23. {codetrust-2.3.2 → codetrust-2.5.0}/scripts/validate_readme_metrics.py +1 -1
  24. {codetrust-2.3.2 → codetrust-2.5.0}/setup.sh +1 -1
  25. {codetrust-2.3.2 → codetrust-2.5.0}/smoke_test.sh +16 -0
  26. {codetrust-2.3.2 → codetrust-2.5.0}/src/api.py +1073 -117
  27. codetrust-2.5.0/src/cli.py +4039 -0
  28. {codetrust-2.3.2 → codetrust-2.5.0}/src/config.py +10 -3
  29. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/audit.py +71 -75
  30. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/custom_rules.py +34 -36
  31. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/interceptor.py +278 -53
  32. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/policies.py +102 -83
  33. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/server.py +240 -47
  34. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/webhooks.py +55 -44
  35. {codetrust-2.3.2 → codetrust-2.5.0}/src/middleware/ip_rate_limit.py +43 -19
  36. {codetrust-2.3.2 → codetrust-2.5.0}/src/middleware/metrics.py +50 -41
  37. codetrust-2.5.0/src/models/database.py +278 -0
  38. {codetrust-2.3.2 → codetrust-2.5.0}/src/models/enums.py +13 -0
  39. {codetrust-2.3.2 → codetrust-2.5.0}/src/models/requests.py +161 -0
  40. {codetrust-2.3.2 → codetrust-2.5.0}/src/models/responses.py +181 -0
  41. codetrust-2.5.0/src/rules/anti_patterns.py +1637 -0
  42. {codetrust-2.3.2 → codetrust-2.5.0}/src/server.py +477 -71
  43. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/ast_analyzer.py +134 -1
  44. codetrust-2.5.0/src/services/autofix.py +518 -0
  45. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/cache.py +7 -0
  46. codetrust-2.5.0/src/services/cross_file_analyzer.py +668 -0
  47. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/database.py +236 -6
  48. codetrust-2.5.0/src/services/gdpr.py +278 -0
  49. codetrust-2.5.0/src/services/import_verifier.py +441 -0
  50. codetrust-2.5.0/src/services/license_checker.py +484 -0
  51. codetrust-2.5.0/src/services/public_stats.py +271 -0
  52. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/registry.py +566 -0
  53. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/sso.py +27 -22
  54. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/static_analyzer.py +225 -156
  55. codetrust-2.5.0/src/services/team.py +677 -0
  56. codetrust-2.5.0/src/services/telemetry.py +766 -0
  57. codetrust-2.5.0/src/services/vulnerability.py +461 -0
  58. codetrust-2.5.0/src/telemetry_client.py +111 -0
  59. {codetrust-2.3.2 → codetrust-2.5.0}/src/utils/parsers.py +400 -0
  60. {codetrust-2.3.2 → codetrust-2.5.0}/src/utils/similarity.py +188 -0
  61. codetrust-2.3.2/CHANGELOG.md +0 -601
  62. codetrust-2.3.2/PKG-INFO +0 -419
  63. codetrust-2.3.2/README.md +0 -371
  64. codetrust-2.3.2/metrics.json +0 -16
  65. codetrust-2.3.2/src/cli.py +0 -3052
  66. codetrust-2.3.2/src/models/database.py +0 -127
  67. codetrust-2.3.2/src/rules/anti_patterns.py +0 -639
  68. codetrust-2.3.2/src/services/gdpr.py +0 -278
  69. codetrust-2.3.2/src/services/import_verifier.py +0 -315
  70. {codetrust-2.3.2 → codetrust-2.5.0}/.codetrust.toml +0 -0
  71. {codetrust-2.3.2 → codetrust-2.5.0}/.cursorrules +0 -0
  72. {codetrust-2.3.2 → codetrust-2.5.0}/Dockerfile +0 -0
  73. {codetrust-2.3.2 → codetrust-2.5.0}/LICENSE +0 -0
  74. {codetrust-2.3.2 → codetrust-2.5.0}/Procfile +0 -0
  75. {codetrust-2.3.2 → codetrust-2.5.0}/alembic/README +0 -0
  76. {codetrust-2.3.2 → codetrust-2.5.0}/alembic/env.py +0 -0
  77. {codetrust-2.3.2 → codetrust-2.5.0}/alembic/script.py.mako +0 -0
  78. {codetrust-2.3.2 → codetrust-2.5.0}/alembic/versions/b74aff4dff57_initial_schema_users_api_keys_scan_logs_.py +0 -0
  79. {codetrust-2.3.2 → codetrust-2.5.0}/alembic.ini +0 -0
  80. {codetrust-2.3.2 → codetrust-2.5.0}/docker-compose.yml +0 -0
  81. {codetrust-2.3.2 → codetrust-2.5.0}/hooks/pre-commit +0 -0
  82. {codetrust-2.3.2 → codetrust-2.5.0}/icon.png +0 -0
  83. {codetrust-2.3.2 → codetrust-2.5.0}/railway.toml +0 -0
  84. {codetrust-2.3.2 → codetrust-2.5.0}/scripts/export_openapi.py +0 -0
  85. {codetrust-2.3.2 → codetrust-2.5.0}/scripts/generate_icons.py +0 -0
  86. {codetrust-2.3.2 → codetrust-2.5.0}/scripts/generate_metrics.py +0 -0
  87. {codetrust-2.3.2 → codetrust-2.5.0}/src/__init__.py +0 -0
  88. {codetrust-2.3.2 → codetrust-2.5.0}/src/formatters/__init__.py +0 -0
  89. {codetrust-2.3.2 → codetrust-2.5.0}/src/formatters/sarif.py +0 -0
  90. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/__init__.py +0 -0
  91. {codetrust-2.3.2 → codetrust-2.5.0}/src/gateway/siem.py +0 -0
  92. {codetrust-2.3.2 → codetrust-2.5.0}/src/middleware/__init__.py +0 -0
  93. {codetrust-2.3.2 → codetrust-2.5.0}/src/models/__init__.py +0 -0
  94. {codetrust-2.3.2 → codetrust-2.5.0}/src/rules/__init__.py +0 -0
  95. {codetrust-2.3.2 → codetrust-2.5.0}/src/rules/enterprise.py +0 -0
  96. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/__init__.py +0 -0
  97. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/auth.py +0 -0
  98. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/billing.py +0 -0
  99. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/docker_verify.py +0 -0
  100. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/rate_limiter.py +0 -0
  101. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/sandbox.py +0 -0
  102. {codetrust-2.3.2 → codetrust-2.5.0}/src/services/tenant.py +0 -0
  103. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/CLAUDE.md +0 -0
  104. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/__init__.py +0 -0
  105. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/codetrust-scan.yml +0 -0
  106. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/codetrust.schema.json +0 -0
  107. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/codetrust.toml +0 -0
  108. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/cursorrules +0 -0
  109. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/pre-commit +0 -0
  110. {codetrust-2.3.2 → codetrust-2.5.0}/src/templates/taplo.toml +0 -0
  111. {codetrust-2.3.2 → codetrust-2.5.0}/src/utils/__init__.py +0 -0
{codetrust-2.3.2 → codetrust-2.5.0}/.env.example RENAMED
@@ -69,6 +69,24 @@ CODETRUST_JWT_EXPIRE_MINUTES=1440
69
69
  # --- Dashboard ---
70
70
  CODETRUST_DASHBOARD_URL=http://localhost:3000
71
71
 
72
+ # --- External Stats ---
73
+ # Pepy.tech API key for PyPI download stats (https://pepy.tech/account)
74
+ CODETRUST_PEPY_API_KEY=
75
+
72
76
  # --- SARIF ---
73
77
  CODETRUST_SARIF_SCHEMA_URL=https://json.schemastore.org/sarif-2.1.0.json
74
78
  CODETRUST_TOOL_INFO_URI=https://github.com/codetrust-ai/codetrust
79
+
80
+ # --- OIDC / SSO (Azure AD, Okta, Auth0, Google, Keycloak) ---
81
+ CODETRUST_OIDC_ISSUER=
82
+ CODETRUST_OIDC_CLIENT_ID=
83
+ CODETRUST_OIDC_CLIENT_SECRET=
84
+ CODETRUST_OIDC_REDIRECT_URI=
85
+ CODETRUST_OIDC_SCOPES=openid profile email
86
+
87
+ # --- IP Rate Limiting ---
88
+ CODETRUST_IP_RATE_LIMIT=600
89
+ CODETRUST_IP_BURST_LIMIT=200
90
+ CODETRUST_IP_BURST_WINDOW=10
91
+ CODETRUST_IP_BAN_THRESHOLD=10
92
+ CODETRUST_IP_BAN_DURATION=120
{codetrust-2.3.2 → codetrust-2.5.0}/.gitignore RENAMED
@@ -17,6 +17,7 @@ env/
17
17
  .vscode/*
18
18
  !.vscode/extensions.json
19
19
  !.vscode/settings.json
20
+ !.vscode/mcp.json
20
21
  .idea/
21
22
  *.swp
22
23
  *.swo
@@ -61,3 +62,19 @@ codetrust-results.sarif
61
62
  # VS Code Extension builds
62
63
  *.vsix
63
64
  CTfavicon.png
65
+
66
+ # Generated docs
67
+ docs/CODETRUST_OVERVIEW.md
68
+ docs/CODETRUST_OVERVIEW.pdf
69
+ docs/_generate_pdf.py
70
+
71
+ # Internal docs — not part of published product
72
+ docs/CODETRUST_OVERVIEW.md
73
+ docs/RELEASE_CHECKLIST.md
74
+
75
+ # Internal business/planning docs — not for public repo
76
+ PITCH.md
77
+ COMPARISON.md
78
+ PRODUCT.md
79
+ TEST_EVIDENCE.md
80
+ scan_all_projects.py
codetrust-2.5.0/.vscode/mcp.json ADDED
@@ -0,0 +1,15 @@
1
+ {
2
+ "servers": {
3
+ "codetrust-gateway": {
4
+ "command": "/Users/mrebadi/Desktop/DevOps/Codetrust/.venv/bin/python",
5
+ "args": [
6
+ "-m",
7
+ "src.gateway.server"
8
+ ],
9
+ "cwd": "/Users/mrebadi/Desktop/DevOps/Codetrust",
10
+ "env": {
11
+ "CODETRUST_WORKSPACE": "/Users/mrebadi/Desktop/DevOps/Codetrust"
12
+ }
13
+ }
14
+ }
15
+ }
codetrust-2.5.0/.vscode/settings.json ADDED
@@ -0,0 +1,5 @@
1
+ {
2
+ "codetrust.apiUrl": "https://codetrust-api-production.up.railway.app",
3
+ "codetrust.scanOnSave": true,
4
+ "codetrust.severityThreshold": "INFO"
5
+ }