korext

v1.0.1

Published

6 hours ago

KOREXT CLI. AI Code Governance. Enforce compliance policies on human written and AI generated code. 72 policy packs. 532 rules. 13 languages. Signed proof bundles.

Downloads

2,627

0High
0Medium
0Low

tbrunoh

governance compliance security SAST linter code-quality AI policy PCI-DSS HIPAA GDPR proof-bundle sovereignty

KOREXT CLI

AI Code Governance for your terminal and CI/CD pipelines.

Enforce compliance policies on human written and AI generated code. 72 policy packs. 532 detection rules. 13 languages. Cryptographically signed proof bundles.

Install

npm install -g korext

Quick Start

# Sign in
korext login

# Initialize your project
korext init

# Enforce policies on your code
korext enforce .

# Enforce with specific packs
korext enforce . --pack web,pci-dss-v1

# Enforce with a specific region
korext enforce . --region eu --pack web

# Generate a signed proof bundle
korext enforce . --pack web --sign

Commands

| Command | Description | |---------|-------------| | korext login | Sign in to your KOREXT account | | korext init | Initialize a project with korext.json | | korext enforce <path> | Run policy enforcement on files | | korext packs list | List all available policy packs | | korext industries | List industries and their packs | | korext bundle list | List your recent proof bundles | | korext bundle export <id> | Download a proof bundle as PDF | | korext bundle verify <id> | Verify a proof bundle signature | | korext status | Show current configuration and region |

Enforce Options

| Flag | Description | Default | |------|-------------|---------| | --pack <ids> | Comma separated pack IDs | web | | --region <name> | Data region (us, eu, apac) | us | | --format <type> | Output format (text, json, sarif) | text | | --sign | Request signed proof bundle | false | | --industry <name> | Select packs by industry | (none) | | --offline | Run with local engine only | false |

Output Formats

Text (default): Human readable violation list with governance context.

JSON: Machine readable output with full violation details, confidence scores, and proof bundle metadata.

SARIF: Static Analysis Results Interchange Format for CI/CD integration. Compatible with GitHub Code Scanning, Azure DevOps, and other SARIF consumers.

CI/CD Integration

GitHub Actions

- uses: korext/enforce-action@v3
  with:
    pack: web,pci-dss-v1
    region: eu
  env:
    KOREXT_API_TOKEN: ${{ secrets.KOREXT_API_TOKEN }}

Pre-commit Hook

# .husky/pre-commit
korext enforce . --pack web

Generic CI

npm install -g korext
korext login --token $KOREXT_API_TOKEN
korext enforce . --pack web --format sarif --sign

Exit Codes

| Code | Meaning | |------|---------| | 0 | PASS (no violations) | | 1 | BLOCK (violations found) | | 2 | ERROR (invalid input, network, auth) |

CI pipelines should fail on exit code 1 to block non-compliant code from merging.

Configuration

korext.json

{
  "project": "my-app",
  "targetPacks": ["web", "pci-dss-v1"],
  "region": "eu",
  "industry": "finance"
}

Environment Variables

| Variable | Description | |----------|-------------| | KOREXT_API_TOKEN | API token for CI/CD (from dashboard) |

Data Sovereignty

Choose your data processing region: US, EU, or Asia Pacific. Set via --region flag, korext.json, or korext init. All enforcement data stays in your chosen region.

License

Proprietary. See Terms of Service.