Skip to content

devr-tools/codeguard

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

154 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

codeguard placeholder banner

CI status CD status Go Report Card LinkedIn

codeguard is a standalone Go service and CLI for repository checks across code quality, design boundaries, security, CI/CD hygiene, AI prompt governance, and repo-specific policy rules.

It now supports repository exclusions, baselines, waivers, changed-lines diff scans, SARIF output, GitHub annotations, custom rule packs, natural-language custom rules through an optional AI runtime, policy profiles, scan caching, doctor checks, rule discovery from the CLI, native TypeScript/Python quality, design, and security heuristics, and language-specific command checks.

AI-generated-code quality coverage includes an AI-failure-mode rule pack, slop_score artifacts, provenance-aware review policy hooks, local idiom drift checks, optional provider-backed hybrid triage and semantic review passes, natural-language custom rules through an optional AI runtime, and a verified-fix flow that only returns patches after isolated patch validation plus test reruns succeed.

Rule discovery APIs expose per-check metadata, including execution_model (go-native, language-agnostic, or command-driven) and language_coverage (fixed target languages, repository-wide, or configurable).

Installation

go install github.com/devr-tools/codeguard/cmd/codeguard@latest

Or build from source:

make build

Other install paths:

  • GitHub Releases: tagged archives for direct download
  • Homebrew: brew install devr-tools/tap/codeguard
  • GitHub Marketplace Action: Devr Codeguard

npm (installs a prebuilt binary, no Go toolchain required):

npm install -g @devr-tools/codeguard
codeguard version

pip (installs a prebuilt binary per platform; the project is devr-codeguard because the plain codeguard name is taken, but the command is still codeguard):

pip install devr-codeguard
codeguard version
- name: Devr Codeguard
  uses: devr-tools/codeguard@v0.8.1

Or run in Docker:

docker build -t codeguard .
docker run --rm -v "$PWD:/workspace" -w /workspace codeguard scan

For local release automation:

make commit
make release
make release-check
make deploy

For SDK consumers:

go get github.com/devr-tools/codeguard/pkg/codeguard

Quick Start

codeguard init
codeguard validate -config codeguard.yaml
codeguard doctor -config codeguard.yaml
codeguard scan -config codeguard.yaml
codeguard scan-history
codeguard rules
codeguard profiles
codeguard explain security.hardcoded-credential
codeguard baseline -config codeguard.yaml -output codeguard-baseline.json

codeguard rules prints each rule's level, execution model, language coverage, section, and title. codeguard explain <rule-id> includes the same metadata for a single rule.

By default, codeguard looks for codeguard.yaml, codeguard.yml, or codeguard.json in the repository root. If those are missing, it also checks .codeguard/codeguard.yaml, .codeguard/codeguard.yml, and .codeguard/codeguard.json.

If you point -config at a directory such as .codeguard, codeguard will look inside it for codeguard.* or config.* files.

Text output includes ANSI color and emoji markers by default. Set NO_COLOR=1 if you want plain terminal output.

If you want a JSON starting point instead, use examples/codeguard.json.

SDK

Import the SDK from github.com/devr-tools/codeguard/pkg/codeguard.

package main

import (
	"context"
	"log"

	"github.com/devr-tools/codeguard/pkg/codeguard"
)

func main() {
	cfg := codeguard.ExampleConfig()
	report, err := codeguard.Run(context.Background(), cfg)
	if err != nil {
		log.Fatal(err)
	}
	_ = report
}

Docs

About

devr's codeguard tool for ci, testing and deployment

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Contributors

Languages