Skip to main content

Library-first code compliance tooling for the IIL Platform (Django, HTMX, Docker, Nginx)

Project description

iil-codeguard

Library-first code compliance tooling for the IIL Platform.

Status: Skeleton (2026-05-10) — implementation per ADR-191 v1.1, ADR-192 v1.1, ADR-193 v1.1 Versioning: CalVer (YYYY.MM.PATCH) Python: 3.12+

What it checks

Category Rules Source
Service Layer SL-001..006 ADR-009 + ADR-192
HTMX Templates HX-001..009 ADR-048 + ADR-192
Docker Compose DC-001..009 ADR-021/022 + ADR-193
Dockerfile DF-001..009 ADR-056 + ADR-193
Nginx (optional) NX-001..005 ADR-060 + ADR-193

All rules emit findings in SARIF 2.1.0 (GitHub Code Scanning native).

Architecture

Core Library (stdlib-first: ast, html.parser, pyyaml)
    │
    ├── CLI: codeguard audit . --format sarif
    ├── Pre-commit Hook
    ├── GitHub Action: codeguard.yml
    └── MCP Server (2 tools: codeguard_audit, codeguard_check_file)

Quick Start (planned)

pip install iil-codeguard

# CLI
codeguard audit .                    # human-readable text
codeguard audit . --format sarif     # SARIF 2.1.0 for GitHub
codeguard check-file apps/views.py   # single file

# Pre-commit
echo '
- repo: https://github.com/achimdehnert/iil-codeguard
  rev: v2026.05.0
  hooks:
    - id: codeguard
' >> .pre-commit-config.yaml

# GitHub Action
# Copy .github/workflows/codeguard.yml from this repo

# MCP (in mcp_config.json)
"iil-codeguard": {
  "command": "iil-codeguard-mcp",
  "args": []
}

Why a separate package?

ADR-191 v1.1 explains the trade-offs vs. extending platform-context:

  • CLI ab Tag 1 → erfasst Dependabot, Web-UI-Edits, External Contributors
  • 2 MCP-Tools statt 4 → kein "god server"
  • Eigenes Repo = unabhängiger Release-Zyklus
  • Pattern wie iil-adrfw (ADR-190)

Empirical Foundation

The rule design is grounded in a 2026-05-10 stakeholder validation across 7 consumer repos:

  • 388 Views (110 CBV, 6 async, 272 FBV)
  • 940 HTMX elements (399 with Django tags inside attribute values)
  • 0 pathological cases ({% %} between HTMX attributes) — covered by HX-009 trip-wire

Status & Roadmap

See ROADMAP.md for the 8.5-day implementation plan.

License

MIT (consistent with other iil-* packages).

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

iil_codeguard-2026.5.0.tar.gz (19.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

iil_codeguard-2026.5.0-py3-none-any.whl (19.0 kB view details)

Uploaded Python 3

File details

Details for the file iil_codeguard-2026.5.0.tar.gz.

File metadata

  • Download URL: iil_codeguard-2026.5.0.tar.gz
  • Upload date:
  • Size: 19.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for iil_codeguard-2026.5.0.tar.gz
Algorithm Hash digest
SHA256 f605a98433f01e3ddc10b330f336df53cb847905485e98fb14e909526814fdd2
MD5 853188cbb1aa732ed79d623e525104d3
BLAKE2b-256 4ce21f1701aee6f295467fb62f203fc158fc31fb829f32c01668f46154a86e8e

See more details on using hashes here.

File details

Details for the file iil_codeguard-2026.5.0-py3-none-any.whl.

File metadata

File hashes

Hashes for iil_codeguard-2026.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 2d3c33d29eabf0e398ebca01bb64db5fffa555b8a0be7cfcba0dd029190556d2
MD5 bfe6795632b690ea34da89a3127b897c
BLAKE2b-256 0e5f68e75e98269efc3f8caebc67416cb40972f7642339b3089e27aff8e94f7f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page