34 lines
1.6 KiB
Markdown
34 lines
1.6 KiB
Markdown
# AI Code Guard (Secrets Scanning + Attribution Check + License Hygiene)
|
|
|
|
## Module
|
|
Integrations
|
|
|
|
## Status
|
|
IMPLEMENTED
|
|
|
|
## Description
|
|
AI Code Guard has policy signal binding and annotation services. Evidence provider interfaces and annotation contracts exist. The advisory's proposed `stella guard run` CLI and full YAML-driven pipeline checks are partially represented through policy signal binding rather than a standalone CLI tool.
|
|
|
|
## What's Implemented
|
|
- **AI Code Guard annotation contracts**: `src/Integrations/__Libraries/StellaOps.Integrations.Contracts/AiCodeGuardAnnotationContracts.cs` -- annotation DTOs for AI code guard findings
|
|
- **AI Code Guard annotation service**: `src/Integrations/__Libraries/StellaOps.Integrations.Services/AiCodeGuard/AiCodeGuardAnnotationService.cs` -- annotation generation service
|
|
- **Tests**: `src/Integrations/__Libraries/__Tests/StellaOps.Integrations.Services.Tests/AiCodeGuard/AiCodeGuardAnnotationServiceTests.cs`
|
|
- Policy signal binding exists in `src/Policy/` for AI code guard policy evaluation
|
|
- Source: Feature matrix scan
|
|
|
|
## What's Missing
|
|
- `stella guard run` CLI command for standalone execution
|
|
- YAML-driven pipeline check configuration
|
|
- Full secrets scanning engine (currently annotation-only)
|
|
- Attribution check automation
|
|
- License hygiene scanning and enforcement
|
|
|
|
## Implementation Plan
|
|
- Add CLI command wrapping AI Code Guard annotation service
|
|
- Implement YAML-driven check configuration loader
|
|
- Build secrets scanning and attribution check engines
|
|
- Integrate license hygiene with SBOM/licensing data
|
|
|
|
## Related Documentation
|
|
- Source: See feature catalog
|