Skip to content

MS33834/autoship-cli

Repository files navigation

AutoShip-CLI

English | 中文 | 日本語

AutoShip keeps your project shippable from the command line — clean, verify, commit, and upload without sending source code to the cloud.

PyPI Python Downloads License CI Nightly Coverage Docs

Official site: ms33834.github.io/autoship-cli

Enterprise: SSO / SCIM / RBAC

Opt-in enterprise features, all default-off and fully backward-compatible:

SSO binds CLI invocations and audit records to a corporate identity. The builtin stub provider reads from a local token cache or env vars, and real SAML/OIDC providers plug in via autoship-sdk.SsoProvider. On top of that, RBAC ships 4 builtin roles (viewer / developer / maintainer / admin) and 15 granular permissions; sensitive commands (upload, audit cleanup, registry sync, config telemetry) are gated and denials are audit-logged. SCIM syncs users and groups from a SCIM source for group-based role bindings — stub mode reads a local JSON, real SCIM servers plug in via autoship-sdk.ScimClient. Once SSO is on, every audit record (and SIEM bundle export) carries user / role / sso_subject / sso_provider fields, so the audit trail doubles as SOC2 evidence.

See docs/commands/team.md (team sso / team scim / team role) and docs/configuration.md ([sso] / [rbac] / [scim] sections).

Why AutoShip

AutoShip is local-first: code never leaves your machine unless you explicitly configure an external model or upload target. The pluggy-based plugin system chains clean → verify → commit → upload into one command, with AI-generated Conventional Commits messages from local models (Ollama, LM Studio) — no API keys needed to start.

Where AutoShip fits (see the full comparison):

Need AutoShip husky pre-commit GitHub Actions commitizen
Local AI commit messages ⚠️ template-only
One-command clean → ship ⚠️ cloud-only
Built-in security scan ⚠️ third-party ⚠️ DIY
Offline by default ⚠️ first fetch
Trilingual docs (zh/en/ja) ⚠️ partial

AutoShip does not replace your CI — it complements it. Run AutoShip locally to ship clean commits; let GitHub Actions handle the cloud side.

Installation

Recommended: pipx

pipx install autoship

Using pip

pip install autoship

From source

git clone https://github.com/MS33834/autoship-cli.git
cd autoship-cli
uv sync --all-extras --dev
uv run autoship --help

Binary download

Pre-built binaries for all platforms are available from GitHub Releases:

Binaries are published automatically by CI.

Quick Start

# Initialize project configuration
autoship init

# Clean and format code
autoship clean

# Generate commit message and commit
autoship commit

# Run verification (pytest example)
autoship verify pytest

# Upload artifacts (example: Docker image)
autoship upload --target docker --image myapp --tag latest

Core Features

  • Local-first: Uses local AI models and local toolchains by default; code does not leave your machine.
  • Plugin system: Hook-based architecture powered by pluggy for extending clean, verify, upload, and other phases.
  • Plugin development SDK: autoship-sdk provides base classes, hook decorators, and testing helpers.
  • Model tiers: Automatically routes tasks across different model tiers based on hardware and task type.
  • Security scanning: Runs dependency vulnerability and code security scans before commit.
  • Audit logging: Records command execution, model calls, and configuration changes with structured export and auto cleanup.
  • Environment diagnostics: autoship doctor checks Python, Git, model backends, toolchains, and directory permissions in one command.
  • Multi-language CLI: Built-in English, Chinese, and Japanese support via --lang zh|en|ja or the locale config option.
  • Telemetry off by default: Anonymous usage data is only reported after explicit opt-in.
  • Enterprise-ready (opt-in): SSO identity, SCIM group sync, and role-based access control (team sso / team scim / team role) gate sensitive commands and stamp every audit record with the actor identity for SOC2 evidence.

Documentation

FAQ

Does AutoShip upload my code?

No. All core processing runs locally by default; only when you explicitly configure an external model or upload target (such as Docker Registry or PyPI) will necessary data be sent to those services.

Does AutoShip require internet access?

Core commands (init, clean, commit, verify) can run offline. upload and features that depend on web search or external models require internet access.

How do I disable telemetry?

Telemetry is disabled by default, so no extra action is needed. To enable it, set telemetry.enabled = true in .autoship.toml.

For telemetry fields and endpoint security rules, see docs/telemetry.md. For the full privacy policy and user rights, see docs/privacy.md.

How do I develop a custom plugin?

See docs/plugin-development.md and the example plugin at examples/custom-plugin/.

Can AutoShip be used for commercial projects?

Yes. This project is released under the MIT License. See LICENSE.

Contributing and Security

License

MIT

About

Local-first intelligent delivery assistant — automated clean, verify, commit, and upload workflows powered by AI

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

52 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors