docs: add AI coding tools policy (#1454)

* docs: add AI coding tools policy Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: remove symlinks Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(AGENTS): make compatible with opencode Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: update spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>
2026-04-11 11:08:48 +00:00 · 2026-02-15 15:08:59 +00:00
parent 03f5e0d542
commit a98f721957
5 changed files with 96 additions and 1 deletions
--- a/.github/actions/spelling/expect.txt
+++ b/.github/actions/spelling/expect.txt
@@ -2,6 +2,7 @@ acs
 Actorified
 actorifiedstore
 actorify
+agentic
 Aibrew
 alibaba
 alrest
@@ -61,6 +62,7 @@ checkresult
 chibi
 cidranger
 ckie
+CLAUDE
 cloudflare
 Codespaces
 confd
@@ -357,6 +359,7 @@ unbreakdocker
 unifiedjs
 unmarshal
 unparseable
+updown
 uvx
 UXP
 valkey
--- a/.prettierignore
+++ b/.prettierignore
@@ -1,2 +1,4 @@
 lib/config/testdata/bad/*
-*.inc
+*.inc
+AGENTS.md
+CLAUDE.md
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -0,0 +1,75 @@
+# Agent instructions
+
+Primary agent documentation is in `CONTRIBUTING.md`. You MUST read this file before proceeding.
+
+## Useful Commands
+
+```shell
+npm ci           # install node dependencies
+npm run assets   # build JS/CSS (required before any Go build/test)
+npm run build    # assets + go build -> ./var/anubis
+npm run dev      # assets + run locally with --use-remote-address
+```
+
+## Testing
+
+```shell
+npm run test
+```
+
+## Linting
+
+```shell
+go vet ./...
+go tool staticcheck ./...
+go tool govulncheck ./...
+```
+
+## Commit Messages
+
+Commit messages follow the [**Conventional Commits**](https://www.conventionalcommits.org/en/v1.0.0/) format:
+
+```text
+<type>[optional scope]: <description>
+
+[optional body]
+
+[optional footer(s)]
+```
+
+**Types**: `feat`, `fix`, `docs`, `style`, `refactor`, `perf`, `test`, `build`, `ci`, `chore`, `revert`
+
+- Add `!` after type/scope for breaking changes or include `BREAKING CHANGE:` in the footer.
+- Keep descriptions concise, imperative, lowercase, and without a trailing period.
+- Reference issues/PRs in the footer when applicable.
+- **ALL git commits MUST be made with `--signoff`.** This is mandatory.
+
+### Attribution Requirements
+
+AI agents must disclose what tool and model they are using in the "Assisted-by" commit footer:
+
+```text
+Assisted-by: [Model Name] via [Tool Name]
+```
+
+Example:
+
+```text
+Assisted-by: GLM 4.6 via Claude Code
+```
+
+## PR Checklist
+
+- Add description of changes to `[Unreleased]` in `docs/docs/CHANGELOG.md`.
+- Add test cases for bug fixes and behavior changes.
+- Run integration tests: `npm run test:integration`.
+- All commits must have verified (signed) signatures.
+
+## Key Conventions
+
+- **Security-first**: This is security software. Code reviews are strict. Always add tests for bug fixes. Consider adversarial inputs.
+- **Configuration**: YAML-based policy files. Config structs validate via `Valid() error` methods returning sentinel errors.
+- **Store interface**: `lib/store.Interface` abstracts key-value storage.
+- **Environment variables**: Parsed from flags via `flagenv`. Use `.env` files locally (loaded by `godotenv/autoload`). Never commit `.env` files.
+- **Assets must be built first**: JS/CSS assets are embedded into the Go binary. Always run `npm run assets` before `go test` or `go build`.
+- **CEL expressions**: Policy rules support CEL (Common Expression Language) expressions for advanced matching. See `lib/policy/expressions/`.
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -0,0 +1,2 @@
+@AGENTS.md
+@CONTRIBUTING.md
--- a/docs/docs/developer/ai-coding-policy.md
+++ b/docs/docs/developer/ai-coding-policy.md
@@ -0,0 +1,13 @@
+# AI Coding Policy
+
+At some level it would be nice to be able to have the following AI coding policy from an ideological standpoint:
+
+> Anubis does not accept code made primarily with the use of agentic AI tools such as Claude Code, Gemini CLI, GitHub Copilot, Zed, OpenCode, or any other similar tools. Please do not use them when contributing to this repo.
+
+However, I'd be in violation by doing this because I have knowingly committed minor bits of code to the Anubis repo that were generated by AI tools (mostly things for smoke tests).
+
+As such, Anubis is taking more of a centrist approach with regards to AI coding tools: regardless of what tool you use to make contributions to Anubis, when you sign off your code, you are taking responsibility for what you commit. You are also expected to understand what you are changing, what the implications are, and all other relevant factors.
+
+If you use AI coding tools for a majority of your committed work, you MUST disclose it with [the `Assisted-by` footer](https://xeiaso.net/notes/2025/assisted-by-footer/). The Anubis maintainers will be using tooling that looks for these footers and will prioritize scrutiny and level of attention appropriately.
+
+In order to ensure compliance with this policy, language has been placed in `AGENTS.md` and `CLAUDE.md` to entice AI coding tools to add these footers.