Merge branch 'main' into issue-929

Author: yrobla

.github/workflows/ci.yml

@@ -36,7 +36,7 @@ jobs:
 
     - name: Load cached venv
       id: cached-poetry-dependencies
-      uses: actions/cache@0c907a75c2c80ebcb7f088228285e798b750cf8f # v4
+      uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
       with:
         path: .venv
         key: venv-${{ runner.os }}-${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}

.github/workflows/image-build.yml

@@ -29,12 +29,12 @@ jobs:
       - name: Set up QEMU for cross-platform builds
         # Only set up QEMU if the platform is not linux/amd64
         if: ${{ inputs.platform != 'linux/amd64' }}
-        uses: docker/setup-qemu-action@5964de0df58d5ad28b04d8fe2e6b80ad47105b91 # v3
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
       - name: Download artifact
         id: download-artifact
-        uses: dawidd6/action-download-artifact@20319c5641d495c8a52e688b7dc5fada6c3a9fbc # v8
+        uses: dawidd6/action-download-artifact@07ab29fd4a977ae4d2b275087cf67563dfdf0295 # v9
         with:
           github_token: ${{ github.token }}
           workflow: ".github/workflows/import_packages.yml"

.github/workflows/image-publish.yml

@@ -22,7 +22,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - name: Set up QEMU for cross-platform builds
-        uses: docker/setup-qemu-action@5964de0df58d5ad28b04d8fe2e6b80ad47105b91 # v3
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
       - name: Compute version number
@@ -57,7 +57,7 @@ jobs:
             type=semver,pattern=v{{major}}.{{minor}}
       - name: Download artifact
         id: download-artifact
-        uses: dawidd6/action-download-artifact@20319c5641d495c8a52e688b7dc5fada6c3a9fbc # v8
+        uses: dawidd6/action-download-artifact@07ab29fd4a977ae4d2b275087cf67563dfdf0295 # v9
         with:
           github_token: ${{ github.token }}
           workflow: ".github/workflows/import_packages.yml"

.github/workflows/integration-tests.yml

@@ -148,7 +148,7 @@ jobs:
 
       - name: Load cached venv
         id: cached-poetry-dependencies
-        uses: actions/cache@0c907a75c2c80ebcb7f088228285e798b750cf8f # v4
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
         with:
           path: .venv
           key: venv-${{ runner.os }}-${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}

Dockerfile

@@ -27,7 +27,7 @@ COPY . /app
 RUN sed -i "s/_VERSION =.*/_VERSION = \"${CODEGATE_VERSION}\"/g" /app/src/codegate/__init__.py
 
 # Build the webapp
-FROM docker.io/library/node:23-slim@sha256:59de3d6646e7b8d02637499e4f38b9f9c5fef6bef4965dbe95e37b640160900b AS webbuilder
+FROM docker.io/library/node:23-slim@sha256:dcacc1ee3b03a497c2096b0084d3a67b856e777b55ffccfcc76bcdab9cc65906 AS webbuilder
 
 
 

README.md

@@ -21,34 +21,36 @@
 
 ---
 
-# CodeGate: secure AI code generation
+# CodeGate: Security, Workspaces and Muxing for AI Applications, coding assistants, and agentic frameworks.
 
 **By [Stacklok](https://stacklok.com)**
 
-CodeGate is a **local gateway** that makes AI agents and coding assistants safer. It
-ensures AI-generated recommendations adhere to best practices while safeguarding
-your code's integrity and protecting your privacy. With CodeGate, you can
-confidently leverage AI in your development workflow without sacrificing
-security or productivity.
+CodeGate is an agent designed to make AI applications, coding assistants and agentic frameworks, safer and easier to consume and manage. It provides a centralized, abstracted environment for managing prompts, model provider configurations, model muxing, and more. Additionally, CodeGate offers security analysis of AI-generated code, ensuring that recommendations follow best practices and safeguard your code's integrity.
+
+With CodeGate, you can configure all your AI coding assistants and agents to use a single workspace
+and benefit from a unified view of all the interactions between your AI coding assistants and your
+models.
 
 <picture>
   <source media="(prefers-color-scheme: dark)" srcset="./static/diagram-dark.png">
   <img alt="CodeGate dashboard" src="./static/diagram-light.png" width="1100px" style="max-width: 100%;">
 </picture>
 
 ---
-## ✨ Why choose CodeGate?
+## Why choose CodeGate?
 
-AI coding assistants are powerful, but they can inadvertently introduce risks.
-CodeGate protects your development process by:
+AI coding assistants are powerful, but they can inadvertently introduce risks and configurations
+can sprawl across multiple IDE extensions, plugins and agent systems. CodeGate simplifies the management of AI model and provider configurations and provides additional features to help you keep your development process safe.
 
-- 🔒 Preventing accidental exposure of secrets and sensitive data
-- 🛡️ Ensuring AI suggestions follow secure coding practices
-- ⚠️ Blocking recommendations of known malicious or deprecated libraries
-- 🔍 Providing real-time security analysis of AI suggestions
+-  Centralize and manage all your AI coding assistants in one place
+-  Mux / Route prompts to different AI models based on workspaces or file types 
+-  Centrally configure and manage your provider credentials and API keys
+-  Protect your development process from accidental exposure of secrets and sensitive personal data to the cloud
+-  Ensure that the recommendations provided by your AI coding assistants follow secure coding practices
+-  Prevent malicious or deprecated libraries from being recommended to you by an LLM
 
 ---
-## 🚀 Quickstart
+##  Quickstart
 
 ### Prerequisites
 
@@ -81,7 +83,7 @@ Now it's time to configure your preferred AI coding assistant to use CodeGate
 documentation.
 
 ---
-## 🖥️ Dashboard
+##  Dashboard
 
 CodeGate includes a web dashboard that provides:
 
@@ -102,15 +104,35 @@ To learn more, visit the
 [CodeGate Dashboard documentation](https://docs.codegate.ai/how-to/dashboard).
 
 ---
-## 🔐 Features
+## Features
+
+### Workspace management
+
+CodeGate allows you to create workspaces, each with its own set of AI
+models, configurations, prompts and chat history to help you manage your AI application
+and development environment more effectively. [Learn more](https://docs.codegate.ai/features/workspaces)
+
+### Model Muxing
 
-### Secrets encryption
+CodeGate lets you route traffic between multiple AI models using a configurable
+model muxer. This feature is useful when you want to use different models for
+different purposes, such as code generation, summarization, documentation, etc.
+[Learn more](https://docs.codegate.ai/features/model-muxing)
+
+### Secrets Redaction
 
 CodeGate helps you protect sensitive information from being accidentally exposed
 to AI models and third-party AI provider systems by redacting detected secrets
-from your prompts using encryption.
+from your prompts.
 [Learn more](https://docs.codegate.ai/features/secrets-encryption)
 
+### Personal Identifiable Information (PII) detection and redaction
+
+CodeGate helps you protect personal data from being accidentally exposed to AI
+models and third-party AI provider systems by redacting detected PII from your prompts.
+
+Should CodeGate sense that a prompt contains PII, such as credit card numbers, social security numbers, or other sensitive information, it will automatically redact the PII from the prompt before sending it to the AI model, to then unredact the response before sending it back to the client.
+
 ### Dependency risk awareness
 
 LLMs’ knowledge cutoff date is often months or even years in the past. They
@@ -165,19 +187,27 @@ or potential vulnerabilities to help you adopt more secure coding practices.
 - The Copilot plugin works with **Visual Studio Code (VS Code)** (JetBrains is
   coming soon!)
 
+### OpenIntepreter
+
+- **Local / self-managed:**
+  - Ollama
+- **Hosted:**
+  - Anthropic
+  - OpenAI and compatible APIs
+
 ---
-## 🛡️ Privacy first
+## Privacy first
 
 Unlike other tools, with CodeGate **your code never leaves your machine**.
 CodeGate is built with privacy at its core:
 
-- 🏠 **Everything stays local**
-- 🚫 **No external data collection**
-- 🔐 **No calling home or telemetry**
-- 💪 **Complete control over your data**
+-  **Everything stays local**
+-  **No external data collection**
+-  **No calling home or telemetry**
+-  **Complete control over your data**
 
 ---
-## 🛠️ Development
+## Development
 
 Are you a developer looking to contribute? Dive into our technical resources:
 
@@ -187,21 +217,21 @@ Are you a developer looking to contribute? Dive into our technical resources:
 - [Logging system](https://github.com/stacklok/codegate/blob/main/docs/logging.md)
 
 ---
-## 📜 License
+## License
 
 CodeGate is licensed under the terms specified in the
 [LICENSE file](https://github.com/stacklok/codegate/blob/main/LICENSE).
 
 ---
-## 🌟 Support us
+## Support us
 
 Love CodeGate? Starring this repository and sharing it with others helps
 CodeGate grow 🌱
 
 [![Star on GitHub](https://img.shields.io/github/stars/stacklok/codegate.svg?style=social)](https://github.com/stacklok/codegate)
 
 ---
-## 🤝 Contributing
+## Contributing
 
 We welcome contributions! Whether you're submitting bug reports, feature
 requests, or code contributions, your input makes CodeGate better for everyone.