Metadata-Version: 2.4
Name: iil-codeguard
Version: 2026.5.0
Summary: Library-first code compliance tooling for the IIL Platform (Django, HTMX, Docker, Nginx)
Project-URL: Homepage, https://github.com/achimdehnert/iil-codeguard
Project-URL: Issues, https://github.com/achimdehnert/iil-codeguard/issues
Project-URL: ADR, https://github.com/achimdehnert/platform/blob/main/docs/adr/ADR-191-adopt-iil-codeguard-library-first.md
Author-email: Achim Dehnert <achim@iil.pet>
License-Expression: MIT
License-File: LICENSE
Keywords: compliance,django,htmx,linter,mcp,sarif
Classifier: Development Status :: 2 - Pre-Alpha
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Software Development :: Quality Assurance
Requires-Python: >=3.12
Requires-Dist: pyyaml>=6.0
Provides-Extra: dev
Requires-Dist: mypy>=1.10; extra == 'dev'
Requires-Dist: pytest-cov>=5.0; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: ruff>=0.6; extra == 'dev'
Provides-Extra: mcp
Requires-Dist: fastmcp>=3.2.0; extra == 'mcp'
Description-Content-Type: text/markdown

# iil-codeguard

Library-first code compliance tooling for the IIL Platform.

> **Status**: Skeleton (2026-05-10) — implementation per ADR-191 v1.1, ADR-192 v1.1, ADR-193 v1.1
> **Versioning**: CalVer (`YYYY.MM.PATCH`)
> **Python**: 3.12+

## What it checks

| Category | Rules | Source |
|----------|-------|--------|
| **Service Layer** | `SL-001..006` | ADR-009 + ADR-192 |
| **HTMX Templates** | `HX-001..009` | ADR-048 + ADR-192 |
| **Docker Compose** | `DC-001..009` | ADR-021/022 + ADR-193 |
| **Dockerfile** | `DF-001..009` | ADR-056 + ADR-193 |
| **Nginx** (optional) | `NX-001..005` | ADR-060 + ADR-193 |

All rules emit findings in **SARIF 2.1.0** (GitHub Code Scanning native).

## Architecture

```
Core Library (stdlib-first: ast, html.parser, pyyaml)
    │
    ├── CLI: codeguard audit . --format sarif
    ├── Pre-commit Hook
    ├── GitHub Action: codeguard.yml
    └── MCP Server (2 tools: codeguard_audit, codeguard_check_file)
```

## Quick Start (planned)

```bash
pip install iil-codeguard

# CLI
codeguard audit .                    # human-readable text
codeguard audit . --format sarif     # SARIF 2.1.0 for GitHub
codeguard check-file apps/views.py   # single file

# Pre-commit
echo '
- repo: https://github.com/achimdehnert/iil-codeguard
  rev: v2026.05.0
  hooks:
    - id: codeguard
' >> .pre-commit-config.yaml

# GitHub Action
# Copy .github/workflows/codeguard.yml from this repo

# MCP (in mcp_config.json)
"iil-codeguard": {
  "command": "iil-codeguard-mcp",
  "args": []
}
```

## Why a separate package?

ADR-191 v1.1 explains the trade-offs vs. extending `platform-context`:
- CLI ab Tag 1 → erfasst Dependabot, Web-UI-Edits, External Contributors
- 2 MCP-Tools statt 4 → kein "god server"
- Eigenes Repo = unabhängiger Release-Zyklus
- Pattern wie `iil-adrfw` (ADR-190)

## Empirical Foundation

The rule design is grounded in a 2026-05-10 stakeholder validation across 7 consumer repos:
- 388 Views (110 CBV, 6 async, 272 FBV)
- 940 HTMX elements (399 with Django tags inside attribute values)
- 0 pathological cases (`{% %}` between HTMX attributes) — covered by HX-009 trip-wire

## Status & Roadmap

See [ROADMAP.md](ROADMAP.md) for the 8.5-day implementation plan.

## License

MIT (consistent with other `iil-*` packages).
