securegit 0.6.1

Zero-trust git replacement with 12 built-in security scanners, universal undo, durable backups, and a 32-tool MCP server
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

# Licensing

SecureGit uses layered licensing to protect different artifacts
appropriately for the AI-driven software era.

## Implementation (`/src/`)

Licensed under either of:

- MIT License ([LICENSE-MIT](LICENSE-MIT))
- Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE))

at your option.

This covers all Rust source code, compiled binaries, and build artifacts.

## Specifications & Documentation (`/docs/`)

Licensed under the Specification Commons License, Version 0.1
([LICENSE-SCL](LICENSE-SCL)).

This covers all behavioral specifications, architectural documentation,
plugin ecosystem specifications, usage guides, and any document intended
to describe *what* SecureGit does or should do.

**Evaluation Scenario Tier: Open**

All specifications and documentation in this repository are released
under the Open Scenarios tier — free to read, use, modify, and
distribute, including as input to Generative Systems.

## Tests & Evaluation Scenarios (`/tests/`)

Licensed under the Specification Commons License, Version 0.1
([LICENSE-SCL](LICENSE-SCL)) — **Restricted Scenarios** tier.

Test suites encode domain knowledge about what "correct" means for
security scanning, git operations, and supply-chain protection. These
may be read and referenced but may not be used as input to a Generative
System or incorporated into automated evaluation pipelines without
written permission from ArmyKnife Labs.

## Workflow Scripts (`/scripts/`, `/workflows/`)

Licensed under MIT License ([LICENSE-MIT](LICENSE-MIT)).

## Provenance

If implementation in this repository was generated using AI agents from
specifications, see `PROVENANCE.json` for the Generative Bill of
Materials documenting what was consumed during generation.

## Summary

| Layer | Directory | License | Identifier |
|---|---|---|---|
| Implementation | `/src/` | MIT OR Apache-2.0 | `MIT OR Apache-2.0` |
| Specifications | `/docs/` | SCL-0.1 (Open) | `SCL-0.1-OS` |
| Tests/Scenarios | `/tests/` | SCL-0.1 (Restricted) | `SCL-0.1-RS` |
| Scripts | `/scripts/`, `/workflows/` | MIT | `MIT` |
| License Text | `LICENSE-SCL` | SCL-0.1 | `SCL-0.1` |

## Why Layered Licensing?

Traditional open source licenses protect source code — the
implementation layer. But when AI agents can re-implement software from
a well-written specification in minutes, the valuable artifacts are the
specifications, domain insights, and evaluation criteria — not the code.

SecureGit's specifications describe *what* a zero-trust git replacement
should do: the security scanning behaviors, the supply-chain protections,
the undo semantics. That knowledge is worth protecting and sharing on
its own terms, independent of the Rust code that implements it.

The Specification Commons License ensures:

- Specifications flow freely for learning and reference
- Anyone generating code from our specs must track provenance
- Our test suites (which encode deep security domain knowledge) are
  protected as Restricted Scenarios
- Derivative specifications must also be openly licensed
- The implementation remains under standard open source terms

Learn more: [Specification Commons License v0.1](LICENSE-SCL)