max/ai-sdlc-standards
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e323c45cb080f0d376ebfcfda313cbfedcea758c
ai-sdlc-standards/.demo/dependencies.txt
Max Mayfield e323c45cb0 Elevate requirements to organizational/architectural policy 
- Security: no IAM in service repos, no custom auth, no direct external calls
- Architecture: no cross-cloud SDKs, no cross-service DB access, no hardcoded tenant/env config
- DevOps: Foxtrot-compatible Helm (no custom ingress), no infra provisioning in service repos, no pinned infra versions
- Cost: resource tagging, no unbounded allocation, no per-tenant infra
- Updated checker and demo to match
- These are NOT static code analysis — they catch organizational policy violations that SonarQube/Checkstyle miss
2026-03-07 07:41:27 +00:00

7 lines
213 B
Plaintext
Raw Blame History

# ARCH-001 VIOLATION: Direct cloud SDK dependencies
com.amazonaws:aws-java-sdk-s3:1.12.400
com.google.cloud:google-cloud-storage:2.20.0
# SEC-002 VIOLATION: JWT library for custom auth
io.jsonwebtoken:jjwt:0.9.1
Reference in New Issue View Git Blame Copy Permalink