[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-1858":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":13,"stars7d":13,"stars30d":16,"stars90d":15,"forks30d":15,"starsTrendScore":17,"compositeScore":18,"rankGlobal":10,"rankLanguage":10,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":20,"hasPages":20,"topics":22,"createdAt":10,"pushedAt":10,"updatedAt":35,"readmeContent":36,"aiSummary":37,"trendingCount":15,"starSnapshotCount":15,"syncStatus":38,"lastSyncTime":39,"discoverSource":40},1858,"ai-attestation","Korext\u002Fai-attestation","Korext","Track AI generated code in your repository. Open standard. Detects 19 AI coding tools. CC0 spec.","https:\u002F\u002Foss.korext.com\u002Fai-attestation",null,"JavaScript",23,3,1,0,5,9,49.81,"Apache License 2.0",false,"main",[23,24,25,26,27,28,29,30,31,32,33,34],"ai","attestation","claude-code","compliance","copilot","cursor","developer-tools","git-hook","governance","open-standard","transparency","yaml","2026-06-12 04:00:11","# AI Attestation\n\n> **An open standard for tracking AI generated code in your repository.**\n\n[![AI Attestation](https:\u002F\u002Foss.korext.com\u002Fapi\u002Fbadge\u002FKorext\u002Fai-attestation)](https:\u002F\u002Foss.korext.com\u002Fai-attestation\u002Freport\u002FKorext\u002Fai-attestation)\n[![License: Apache-2.0](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-Apache%202.0-blue.svg)](LICENSE)\n[![Spec: CC0-1.0](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FSpec-CC0%201.0-lightgrey.svg)](LICENSE-SPEC)\n[![npm](https:\u002F\u002Fimg.shields.io\u002Fnpm\u002Fv\u002F@korext\u002Fai-attestation)](https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002F@korext\u002Fai-attestation)\n\nAI Attestation is a machine readable YAML file placed in your repository root\nthat tracks which AI coding tools were used, how much code they generated,\nand whether that code has been governance scanned.\n\n## Why\n\nEnterprises, open source maintainers, and compliance teams increasingly need\nto answer:\n\n- **How much of this codebase was written by AI?**\n- **Which AI tools were used?**\n- **Has the AI generated code been reviewed or scanned?**\n\nAI Attestation provides a single, standardized file that answers all three.\n\n## Quick Start\n\n```bash\nnpx @korext\u002Fai-attestation init\n```\n\nThis will:\n\n1. Scan your git history for AI tool signatures\n2. Create `.ai-attestation.yaml` in your repo root\n3. Install a post-commit hook to keep it updated\n\nThat's it. The file updates automatically on every commit.\n\n## What It Detects\n\nAI Attestation identifies tools through publicly observable signals:\n\n| Method | Description | Reliability |\n|--------|-------------|-------------|\n| **Co-author trailer** | `Co-authored-by: Copilot \u003Ccopilot@github.com>` | ✅ High |\n| **Commit message pattern** | `Generated by Copilot`, `via Cursor` | ⚠️ Medium |\n| **Metadata header** | `\u002F\u002F @cursor-generated` | ⚠️ Medium |\n| **Git config** | `copilot.enabled = true` | ℹ️ Low |\n\n### Supported Tools\n\n| Tool | Identifier | Detection |\n|------|-----------|-----------|\n| GitHub Copilot | `copilot` | Co-author, commit message, config |\n| Cursor | `cursor` | Co-author, commit message |\n| Claude Code | `claude-code` | Co-author, commit message |\n| Windsurf | `windsurf` | Commit message, file header |\n| Codeium | `codeium` | Commit message, file header |\n| Aider | `aider` | Co-author, commit message |\n| Devin | `devin` | Co-author, commit message |\n| OpenHands | `openhands` | Co-author, commit message |\n| Amazon Q Developer | `amazon-q` | Commit message, file header |\n| OpenAI Codex CLI | `codex-cli` | Commit message, file header |\n| Gemini Code Assist | `gemini-code-assist` | Commit message |\n| JetBrains AI | `jetbrains-ai` | Commit message, file header |\n| Sourcegraph Cody | `sourcegraph-cody` | Co-author, commit message |\n| Tabnine | `tabnine` | Commit message, file header |\n| Replit AI | `replit-ai` | Commit message, file header |\n| Cline | `cline` | Co-author, commit message |\n| Continue | `continue` | Commit message, config |\n| GPT Engineer | `gpt-engineer` | Co-author, commit message |\n| Bolt | `bolt` | Commit message, file header |\n\nMissing a tool? [Add it](CONTRIBUTING.md)\n\n## The File\n\n```yaml\n# AI Attestation\n# https:\u002F\u002Foss.korext.com\u002Fai-attestation\n\nschema: https:\u002F\u002Foss.korext.com\u002Fai-attestation\u002Fschema\nversion: \"1.0\"\n\nrepo:\n  owner: acme\n  name: payments-service\n  url: https:\u002F\u002Fgithub.com\u002Facme\u002Fpayments-service\n\ngenerated: \"2026-04-15T12:00:00Z\"\n\nrange:\n  from: \"2025-01-01T00:00:00Z\"\n  to: \"2026-04-15T12:00:00Z\"\n  commits: 1247\n\nai:\n  assisted_commits: 438\n  percentage: 35.1\n  tools:\n    - name: GitHub Copilot\n      identifier: copilot\n      first_seen: \"2025-09-01\"\n      last_seen: \"2026-04-15\"\n      commit_count: 312\n\n    - name: Cursor\n      identifier: cursor\n      first_seen: \"2026-01-15\"\n      last_seen: \"2026-04-14\"\n      commit_count: 89\n\n  detection_methods:\n    - co-author-trailer\n    - commit-message-pattern\n```\n\nSee more examples in [`examples\u002F`](examples\u002F).\n\n## CLI Commands\n\n```bash\n# Initialize (scan + create file + install hook)\nai-attestation init\n\n# Re-scan and update\nai-attestation scan\n\n# Print attestation summary\nai-attestation report\n\n# Generate badge markdown\nai-attestation badge\n\n# Manage git hooks\nai-attestation hook install\nai-attestation hook remove\nai-attestation hook install --type pre-commit\n```\n\n## GitHub Action\n\nEnforce AI code policies in CI:\n\n```yaml\n# .github\u002Fworkflows\u002Fai-attestation.yml\nname: AI Attestation\non: [push, pull_request]\n\njobs:\n  check:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions\u002Fcheckout@v4\n      - uses: korext\u002Fai-attestation@v1\n        with:\n          minimum-governance-score: 80\n          block-unscanned: true\n          mandatory-packs: security\n```\n\n### Action Inputs\n\n| Input | Default | Description |\n|-------|---------|-------------|\n| `fail-on-missing` | `true` | Fail if `.ai-attestation.yaml` is missing |\n| `minimum-governance-score` | | Minimum score to pass (0-100) |\n| `block-unscanned` | | Block AI code without governance scan |\n| `require-review` | | Require human review for AI code |\n| `mandatory-packs` | | Comma-separated required governance packs |\n| `attestation-path` | `.ai-attestation.yaml` | Path to attestation file |\n\n### Action Outputs\n\n| Output | Description |\n|--------|-------------|\n| `result` | `PASS`, `WARN`, or `FAIL` |\n| `ai-percentage` | Percentage of AI assisted commits |\n| `governance-score` | Current governance score |\n| `tools-detected` | Comma separated list of tools |\n| `summary` | Human readable summary |\n\n## Governance\n\nThe `governance` section is designed to be populated by any governance engine.\nWhen configured, a governance engine reads the attestation file, scans the\nAI generated code, and writes its results back:\n\n```yaml\ngovernance:\n  engine: KOREXT\n  last_scan: \"2026-04-15T10:00:00Z\"\n  result: PASS\n  score: 94\n  packs:\n    - security\n    - modernization\n  findings:\n    critical: 0\n    high: 1\n    medium: 3\n    low: 7\n```\n\nThe governance section is engine-agnostic. Any tool can populate it.\n\n## Privacy\n\nAI Attestation processes **git metadata only**:\n\n- Commit messages\n- Author names and emails\n- Commit dates\n\nIt **never** reads source code. All processing happens locally. No network\ncalls. No telemetry. The output file contains only aggregate counts.\n\n## Specification\n\nThe full specification is available at [SPEC.md](SPEC.md).\nThe JSON Schema is available at [schema.json](schema.json).\n\nBoth are released under [CC0 1.0 Universal](LICENSE-SPEC) (public domain).\n\n## Badge\n\nAdd a badge to your README after running `ai-attestation init`:\n\n```bash\nai-attestation badge\n```\n\nThis outputs markdown you can paste into your README:\n\n```markdown\n[![AI Attestation](https:\u002F\u002Foss.korext.com\u002Fapi\u002Fbadge\u002Fowner\u002Frepo)](https:\u002F\u002Foss.korext.com\u002Fai-attestation\u002Freport\u002Fowner\u002Frepo)\n```\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on adding new tools,\nreporting false positives, and proposing spec changes.\n\n## License\n\n- **Code** (CLI, action, tools): [Apache License 2.0](LICENSE)\n- **Specification & Schema**: [CC0 1.0 Universal](LICENSE-SPEC) (public domain)\n\n## Related Projects\n\n| Project | Description |\n|---------|-------------|\n| [AI License Notice](https:\u002F\u002Fgithub.com\u002Fkorext\u002Fai-license) | Declare AI provenance in open source projects |\n| [Supply Chain Attestation](https:\u002F\u002Fgithub.com\u002Fkorext\u002Fsupply-chain-attestation) | AI provenance across your dependency tree |\n| [AI Incident Registry](https:\u002F\u002Fgithub.com\u002Fkorext\u002Fai-incident-registry) | Public registry for AI code failures |\n\n---\n\nBuilt by [Korext](https:\u002F\u002Fkorext.com) | [oss.korext.com\u002Fai-attestation](https:\u002F\u002Foss.korext.com\u002Fai-attestation)\n","AI Attestation 是一个用于追踪代码库中由AI生成代码的开放标准项目。它通过在仓库根目录放置一个机器可读的YAML文件来记录使用了哪些AI编码工具、生成了多少代码以及这些代码是否经过治理审查。该项目支持检测19种不同的AI编码工具，利用诸如共同作者标注、提交信息模式和元数据头等方法进行识别。适用于企业、开源维护者及合规团队需要了解代码库中AI参与程度的场景，帮助回答关于AI生成代码量、使用的具体工具及其审查状态等问题。",2,"2026-06-11 02:46:28","CREATED_QUERY"]