EDDI

Miradi inayofuata mazoea bora hapa chini inaweza kujihakikisha kwa hiari na kuonyesha kuwa wamepata nishani ya mazoea bora ya Open Source Security Foundation (OpenSSF).

Hakuna seti ya mazoea yawezayo kuhakikisha kuwa programu haitakuwa na kasoro au udhaifu; hata mbinu rasmi zinaweza kushindwa ikiwa vipimo au dhana ni sahihi. Wala hakuna seti ya mazoea yawezayo kuhakikisha kuwa mradi utaendelea kuwa na jamii ya maendeleo yenye afya na inayofanya kazi vizuri. Hata hivyo, kufuata mazoea bora kunaweza kusaidia kuboresha matokeo ya miradi. Kwa mfano, baadhi ya mazoea huwezesha ukaguzi wa watu wengi kabla ya kutolewa, ambayo inaweza kusaidia kupata udhaifu wa kiufundi ambao vinginevyo ni vigumu kupata na kusaidia kujenga uaminifu na hamu ya mwingiliano wa kurudia kati ya wasanidi programu kutoka makampuni tofauti. Ili kupata nishani, vigezo vyote vya LAZIMA na LAZIMA WALA USIWAHI lazima vifuatwe, vigezo vyote vya INAPASWA lazima vifuatwe AU visivyo fufufutiliana na thibitisho, na vigezo vyote vya PENDEKEZA lazima vifuatwe AU visivyo fufufutiliana (tunataka vifikiwe angalau). Ikiwa unataka kuingiza maandishi ya thibitisho kama maoni ya jumla, badala ya kuwa maelezo ya busara kwamba hali ni inakubaliwa, anza kifungu cha maandishi na '//' ikifuatiwa na nafasi. Maoni ni karibu kupitia tovuti ya GitHub kama masuala au maombi ya kuvuta Kuna pia orodha ya barua pepe kwa majadiliano ya jumla.

Tunafuraha kutoa habari katika lugha nyingi, hata hivyo, ikiwa kuna mgongano au kutokuwa na usawa kati ya tafsiri, toleo la Kiingereza ni toleo lenye mamlaka.
Ikiwa huu ni mradi wako, tafadhali onyesha hadhi ya nishani yako kwenye ukurasa wa mradi wako! Hadhi ya nishani inaonekana kama hii: Kiwango cha nishani kwa mradi 12355 ni silver Hapa ni jinsi ya kuiweka:
Unaweza kuonyesha hali ya nishani yako kwa kuweka hii katika faili yako ya markdown:
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/12355/badge)](https://www.bestpractices.dev/projects/12355)
au kwa kuweka hii katika HTML yako:
<a href="https://www.bestpractices.dev/projects/12355"><img src="https://www.bestpractices.dev/projects/12355/badge"></a>


Hizi ni vigezo vya kiwango cha Fedha. Unaweza pia kuangalia vigezo vya kiwango cha Kupita au Dhahabu.

Baseline Series: Kiwango cha Msingi 1 Kiwango cha Msingi 2 Kiwango cha Msingi 3

        

 Misingi 17/17

  • Jumla

    Kumbuka kwamba miradi mingine inaweza kutumia jina sawa.

    Multi-agent orchestration middleware that coordinates between users, AI agents (LLMs), and business systems. It provides intelligent routing, conversation management, and API orchestration for building sophisticated AI-powered applications.

    Tafadhali tumia muundo wa maneno ya leseni ya SPDX; mifano ni pamoja na "Apache-2.0", "BSD-2-Clause", "BSD-3-Clause", "GPL-2.0+", "LGPL-3.0+", "MIT", na "(BSD-2-Clause OR Ruby)". Usitumie alama za nukuu za moja au mbili.
    Ikiwa kuna lugha zaidi ya moja, ziorodhe kama thamani zilizotengwa kwa koma (nafasi ni za hiari) na ziorodhe kuanzia iliyotumiwa zaidi hadi iliyotumiwa kidogo. Ikiwa kuna orodha ndefu, tafadhali orodhesha angalau tatu za kawaida zaidi. Ikiwa hakuna lugha (k.m., huu ni mradi wa nyaraka tu au wa majaribio tu), tumia herufi moja "-". Tafadhali tumia herufi kubwa za kawaida kwa kila lugha, k.m., "JavaScript".
    Common Platform Enumeration (CPE) ni mpango wa kuweka majina yenye muundo kwa mifumo ya teknolojia ya habari, programu, na vifurushi. Inatumika katika mifumo na hifadhidata nyingi wakati wa kuripoti udhaifu.

  • Mahitaji ya awali


    Ya kutosha kwa nishani!

    Mradi LAZIMA ufikie nishani ya kiwango cha kuhitimu. [achieve_passing]

  • Maudhui ya kimsingi ya tovuti ya mradi


    Ya kutosha kwa nishani!

    Habari juu ya jinsi ya kuchangia LAZIMA ijumuishe mahitaji ya michango inayokubalika (k.m., rejea kwa kiwango chochote kinachohitajika cha msimbo). (URL inahitajika) [contribution_requirements]

    https://github.com/labsai/EDDI/blob/main/CONTRIBUTING.md


  • Usimamizi wa mradi


    Ya kutosha kwa nishani!

    Mradi UNAPASWA kuwa na utaratibu wa kisheria ambapo wasanidi wote wa kiasi kisicho kidogo cha programu ya mradi wanathibitisha kwamba wameruhusiwa kisheria kufanya michango hii. Mbinu ya kawaida na rahisi ya kutekeleza hii ni kwa kutumia Cheti cha Msanidi cha Asili (DCO), ambapo watumiaji huongeza "signed-off-by" katika ahadi zao na mradi unaunganisha kwenye tovuti ya DCO. Hata hivyo, hii YAWEZA kutekelezwa kama Makubaliano ya Leseni ya Mchangiaji (CLA), au utaratibu mwingine wa kisheria. (URL inahitajika) [dco]
    DCO ni utaratibu unaopendekeza kwa sababu ni rahisi kutekeleza, kufuatilia katika msimbo wa chanzo, na git inasaidia moja kwa moja kipengele cha "signed-off" kwa kutumia "commit -s". Ili kuwa na ufanisi zaidi ni bora ikiwa nyaraka za mradi zinaeleza maana ya "signed-off" kwa mradi huo. CLA ni makubaliano ya kisheria yanayofafanua masharti ambayo kazi za kiakili zimetolewa leseni kwa shirika au mradi. Makubaliano ya mgawo wa mchangiaji (CAA) ni makubaliano ya kisheria yanayohamisha haki katika kazi ya kiakili kwa chama kingine; miradi haihitajiki kuwa na CAA, kwa kuwa kuwa na CAA huongeza hatari kwamba wachangiaji watarajiwa hawatachangia, hasa ikiwa mpokeaji ni shirika la faida. Apache Software Foundation CLAs (leseni ya mchangiaji wa mtu binafsi na CLA ya kampuni) ni mifano ya CLA, kwa miradi ambayo inaamua kwamba hatari za aina hizi za CLA kwa mradi ni chini ya manufaa yao.

    https://github.com/labsai/EDDI/blob/main/CONTRIBUTING.md#licensing-of-contributions

    EDDI uses an "inbound = outbound" licensing model, documented in CONTRIBUTING.md (Section: Licensing of Contributions). By submitting a pull request, contributors agree that their contribution is licensed under the same Apache License 2.0 that covers the project. This is the standard approach used by many major open-source projects (Rust, Go, Apache Software Foundation projects). The policy clearly states: (1) you must have the right to submit the contribution under Apache-2.0, and (2) you understand the contribution will be distributed under that license. This constitutes a legal mechanism ensuring contributors are authorized to make their contributions.


    Ya kutosha kwa nishani!

    Mradi LAZIMA ufafanue kwa uwazi na kuandika muundo wake wa utawala wa mradi (njia ya kufanya maamuzi, ikiwa ni pamoja na majukumu muhimu). (URL inahitajika) [governance]
    Kunahitaji kuwa na njia fulani iliyowekwa vyema ya kuandikwa ya kufanya maamuzi na kutatua migogoro. Katika miradi midogo, hii inaweza kuwa rahisi kama "mmiliki wa mradi na kiongozi hufanya maamuzi yote ya mwisho". Kuna miundo mbalimbali ya utawala, ikiwa ni pamoja na dictator wa wema na meritocracy rasmi; kwa maelezo zaidi, angalia Miundo ya utawala. Mbinu zote mbili za kati (k.m., mtunzaji mmoja) na zisizo za kati (k.m., watunzaji wa kikundi) zimetumika kwa mafanikio katika miradi. Habari za utawala hazihitajiki kuandika uwezekano wa kuunda uma wa mradi, kwa kuwa hiyo ni iwezekanavyo kila wakati kwa miradi ya FLOSS.

    https://github.com/labsai/EDDI/blob/main/GOVERNANCE.md

    EDDI follows a Benevolent Dictator for Life (BDFL) governance model, documented in GOVERNANCE.md. The project maintainer (Gregor Jarisch / @ginccc, Labs.ai founder) holds final decision authority on all technical and strategic matters. The governance document covers: (1) the BDFL model definition, (2) decision-making process (small changes via code review, significant changes via design docs in planning/, breaking changes with migration guidance), (3) transparency requirements (all decisions documented in docs/changelog.md with rationale), and (4) disagreement resolution process. Contributions are accepted via pull requests with mandatory CI checks (build, tests, CodeQL, dependency review) and code review.


    Ya kutosha kwa nishani!

    Mradi LAZIMA upitishe kanuni ya mwenendo na kuiweka mahali pa kawaida. (URL inahitajika) [code_of_conduct]
    Miradi inaweza kuweza kuboresha uadilifu wa jamii yao na kuweka matarajio kuhusu tabia inayokubalika kwa kupitisha kanuni ya mwenendo. Hii inaweza kusaidia kuepuka matatizo kabla hayajatokea na kufanya mradi kuwa mahali pa kukaribishwa zaidi ili kuhimiza michango. Hii inapaswa kuzingatia tu tabia ndani ya jamii/mahali pa kazi pa mradi. Mifano ya kanuni za mwenendo ni kanuni ya mwenendo ya kernel ya Linux, Kanuni ya Mwenendo ya Agano la Mchangiaji, Kanuni ya Mwenendo ya Debian, Kanuni ya Mwenendo ya Ubuntu, Kanuni ya Mwenendo ya Fedora, Kanuni ya Mwenendo ya GNOME, Kanuni ya Mwenendo ya Jamii ya KDE, Kanuni ya Mwenendo ya Jamii ya Python, Mwongozo wa Mwenendo wa Jamii ya Ruby, na Kanuni ya Mwenendo ya Rust.

    https://github.com/labsai/EDDI/blob/main/CODE_OF_CONDUCT.md

    EDDI adopts the Contributor Covenant Code of Conduct version 2.1, posted at the root of the repository in CODE_OF_CONDUCT.md. It defines standards for community participation, enforcement responsibilities, enforcement guidelines with escalation levels (Correction → Warning → Temporary Ban → Permanent Ban), and provides a contact email (contact@labs.ai) for reporting violations.


    Ya kutosha kwa nishani!

    Mradi LAZIMA ufafanue kwa uwazi na kuandika hadharani majukumu muhimu katika mradi na wajibu wao, ikiwa ni pamoja na kazi zozote ambazo majukumu hayo lazima yafanywe. Lazima iwe wazi ni nani ana jukumu lipi, ingawa hii haiwezi kuandikwa kwa njia ile ile. (URL inahitajika) [roles_responsibilities]
    Nyaraka kwa utawala na majukumu na wajibu zinaweza kuwa mahali pamoja.

    https://github.com/labsai/EDDI/blob/main/GOVERNANCE.md#roles-and-responsibilities

    Key roles are defined in GOVERNANCE.md (Section: Roles and Responsibilities):

    • Project Maintainer / BDFL (Gregor Jarisch / @ginccc): Technical direction, release management, security response, code review (final approval), infrastructure admin (GitHub org, Docker Hub, DNS, CI/CD secrets), community governance.
    • Contributors: Submit pull requests following CONTRIBUTING.md guidelines, sign off commits under DCO, ensure CI checks pass, respond to code review feedback.
    • Reviewers: CODEOWNERS file (.github/CODEOWNERS) assigns @labsai as default reviewer for all code. Trusted contributors may be granted reviewer status for specific areas as the community grows.
      Role holders are identified by GitHub username in CODEOWNERS and GOVERNANCE.md.

    Ya kutosha kwa nishani!

    Mradi LAZIMA uweze kuendelea kwa usumbufu mdogo ikiwa mtu yeyote anakufa, anakuwa katika hali ya kudhoofika, au vinginevyo hawezi au hataki kuendelea kusaidia mradi. Hasa, mradi LAZIMA uweze kuunda na kufunga masuala, kukubali mabadiliko yaliyopendekezwa, na kutoa matoleo ya programu, ndani ya wiki moja ya uthibitishaji wa upotevu wa msaada kutoka kwa mtu yeyote mmoja. Hii INAWEZA kufanywa kwa kuhakikisha mtu mwingine ana funguo zozote zinazohitajika, nywila, na haki za kisheria ili kuendelea mradi. Watu binafsi wanaoendesha mradi wa FLOSS WANAWEZA kufanya hii kwa kuweka funguo katika sanduku la kufungia na wosia unaowezesha haki zozote zinazohitajika za kisheria (k.m., kwa majina ya DNS). (URL inahitajika) [access_continuity]

    https://github.com/labsai/EDDI/blob/main/GOVERNANCE.md#access-continuity

    EDDI's access continuity plan is documented in GOVERNANCE.md (Section: Access Continuity). The document includes:

    1. Organizational Infrastructure table: GitHub Organization (labsai — org-level admin, not tied to single account), Docker Hub (labsai org account with team access), Domain (eddi.labs.ai — registered under Labs.ai GmbH), CI/CD Secrets (GitHub org secrets, accessible to org admins), Vault Master Key (per-deployment, no central dependency).
    2. Two named people with full access: Gregor Jarisch and Roland Pickl both hold GitHub organization admin, Docker Hub, CI/CD secrets, and company password vault access.
    3. Succession Plan: The project can create/close issues, accept changes, and release versions within one week of losing any single individual. In the event of permanent maintainer unavailability, Labs.ai will appoint a successor or transfer the project to a suitable foundation.

    Ya kutosha kwa nishani!

    Mradi INAPASWA kuwa na "bus factor" ya 2 au zaidi. (URL inahitajika) [bus_factor]
    "Bus factor" (pia inajulikana kama "truck factor") ni idadi ya chini ya washiriki wa mradi ambao wanapaswa kutoweka ghafla kutoka kwenye mradi ("kupigwa na basi") kabla ya mradi kusimama kwa sababu ya ukosefu wa wafanyakazi wenye elimu au wenye uwezo. Zana ya truck-factor inaweza kukadiria hii kwa miradi kwenye GitHub. Kwa maelezo zaidi, angalia Kutathmini Bus Factor ya Hifadhi za Git na Cosentino et al.

    https://github.com/labsai/EDDI/blob/main/GOVERNANCE.md#bus-factor

    EDDI has a bus factor of 2. Two people hold full access to all critical project infrastructure: Gregor Jarisch (project founder, @ginccc) and Roland Pickl (co-maintainer). Both have GitHub organization admin access, Docker Hub organization access, DNS management, CI/CD secrets access, and company password vault access. Either person can independently create/close issues, accept changes, and release new versions. This is documented in GOVERNANCE.md (Section: Bus Factor).


  • Nyaraka


    Ya kutosha kwa nishani!

    Mradi LAZIMA uwe na ramani ya barabara iliyoandikwa inayoeleza kile mradi unakusudia kufanya na kutofanya kwa angalau mwaka unaofuata. (URL inahitajika) [documentation_roadmap]
    Mradi huenda usitimiza ramani ya barabara, na hiyo ni sawa; kusudi la ramani ya barabara ni kusaidia watumiaji na wachangiaji watarajiwa kuelewa mwelekeo unaokusudiwa wa mradi. Haihitaji kuwa na maelezo mengi.

    https://github.com/labsai/EDDI/blob/main/AGENTS.md#3-development-roadmap

    EDDI maintains a comprehensive development roadmap in AGENTS.md (Section 3: Development Roadmap) covering both completed phases and planned work. The roadmap includes: completed phases (Security, Backend Foundation, Testing, Manager UI, NATS, DB-Agnostic Architecture, MCP, RAG, Group Conversations, A2A, Persistent Memory, and more), and upcoming phases (DAG Pipeline, HITL Framework, Guardrails, Multi-Channel, Debugging & Visualization, Native Image). Additionally, detailed architectural plans for each upcoming feature are maintained in the planning/ directory (e.g., memory-architecture-plan.md, guardrails-architecture.md, multi-tenancy-plan.md, native-image-migration.md).


    Ya kutosha kwa nishani!

    Mradi LAZIMA ujumuishe nyaraka za muundo (pia inajulikana kama muundo wa kiwango cha juu) wa programu inayozalishwa na mradi. Ikiwa mradi hauzalishi programu, chagua "haihusiki" (N/A). (URL inahitajika) [documentation_architecture]
    Muundo wa programu unaeleza miundo ya msingi ya programu, yaani, vipengele vikuu vya programu, uhusiano kati yao, na mali muhimu za vipengele na uhusiano hivi.

    https://github.com/labsai/EDDI/blob/main/docs/architecture.md

    EDDI's architecture is extensively documented in docs/architecture.md (~1,000 lines). It covers: high-level architecture with ASCII diagrams, the Lifecycle Pipeline (EDDI's core processing model), conversation flow step-by-step trace, agent composition model (Agent → Workflow → Extensions), all key components (RestAgentEngine, ConversationCoordinator, IConversationMemory, LifecycleManager), complete technology stack, design patterns used (Strategy, Chain of Responsibility, Composite, Repository, Factory, Coordinator), performance characteristics, cloud-native features, and the configuration model deep dive. The project philosophy document (docs/project-philosophy.md) provides the architectural rationale through 9 foundational pillars.


    Ya kutosha kwa nishani!

    Mradi LAZIMA uandike kile mtumiaji anaweza na asiweze kutarajia kwa suala la usalama kutoka kwa programu inayozalishwa na mradi ("mahitaji yake ya usalama"). (URL inahitajika) [documentation_security]
    Haya ni mahitaji ya usalama ambayo programu inakusudiwa kukidhi.

    https://github.com/labsai/EDDI/blob/main/docs/security.md

    Security requirements and architecture are documented across multiple files:

    • docs/security.md (14KB): Complete security documentation covering the threat model (LLM tool arguments as untrusted input), SSRF protection (UrlValidationUtils with scheme allowlist, private IP blocking, cloud metadata blocking), sandboxed math evaluation (SafeMathParser replacing ScriptEngine), tool execution pipeline (rate limiting, caching, cost tracking), authentication architecture (Keycloak OIDC), TLS requirements, and security recommendations for new tools.
    • SECURITY.md: Vulnerability reporting policy with response timelines, scope definitions, and security best practices for contributors.
    • docs/project-philosophy.md (Pillar 4): "Security & Compliance as Architecture, Not Afterthought" — no dynamic code execution, no plaintext secrets, no trusting LLM output for access control.
    • docs/secrets-vault.md: Envelope encryption (PBKDF2 + AES-256-GCM) architecture.

    Ya kutosha kwa nishani!

    Mradi LAZIMA utoe mwongozo wa "kuanza haraka" kwa watumiaji wapya kuwasaidia kufanya kitu haraka na programu. (URL inahitajika) [documentation_quick_start]
    Wazo ni kuonyesha watumiaji jinsi ya kuanza na kufanya programu ifanye chochote. Hii ni muhimu sana kwa watumiaji watarajiwa kuanza.

    https://github.com/labsai/EDDI/blob/main/docs/getting-started.md

    EDDI provides multiple quick start paths in docs/getting-started.md:

    1. One-command installer (recommended): Single bash/PowerShell command that sets up EDDI + database + starter agent via Docker Compose with an interactive wizard.
    2. Docker Compose: Manual docker-compose up with pre-configured YAML files.
    3. Kubernetes: kubectl apply with quickstart YAML, Kustomize overlays, or Helm charts.
    4. From source: Clone → mvnw compile quarkus:dev with hot-reload.
      Additionally, docs/developer-quickstart.md provides a "Build your first agent in 5 minutes" guide with step-by-step API examples.

    Ya kutosha kwa nishani!

    Mradi LAZIMA ufanye jitihada ya kuweka nyaraka kulingana na toleo la sasa la matokeo ya mradi (ikiwa ni pamoja na programu inayozalishwa na mradi). Kasoro yoyote inayojulikana ya nyaraka inayofanya isilingane LAZIMA irekebishwe. Ikiwa nyaraka kwa ujumla ni za sasa, lakini kwa makosa inajumuisha baadhi ya maelezo ya zamani ambayo sio ya kweli tena, ichukue tu kama kasoro, kisha ifuatilie na urekebishe kama kawaida. [documentation_current]
    Nyaraka ZINAWEZA kujumuisha habari kuhusu tofauti au mabadiliko kati ya matoleo ya programu na/au kuunganisha kwa matoleo ya zamani ya nyaraka. Kusudi la kigezo hiki ni kwamba jitihada inafanywa ili kuweka nyaraka kulingana, siyo kwamba nyaraka lazima ziwe kamili.

    https://docs.labs.ai

    Documentation is actively maintained alongside code changes. All docs are versioned at the current release. The project maintains a comprehensive changelog (docs/changelog.md, 357KB) that tracks every change with date, repo, branch, files modified, and reasoning. Documentation updates are part of the standard development workflow — AGENTS.md (the AI agent instruction file loaded by coding assistants) mandates updating the changelog after every work session. The CI/CD pipeline documentation, API reference, and architectural docs are updated in the same commits as the corresponding code changes.


    Ya kutosha kwa nishani!

    Ukurasa wa mbele wa hifadhi ya mradi na/au tovuti LAZIMA utambulishe na kuunganisha kiungo kwa mafanikio yoyote, ikiwa ni pamoja na nishani hii ya mazoea bora, ndani ya masaa 48 ya kutambua hadharani kwamba ufanikio umepatikana. (URL inahitajika) [documentation_achievements]
    Ufanikio ni seti yoyote ya vigezo vya nje ambavyo mradi umefanya kazi mahususi kukidhi, ikiwa ni pamoja na nishani fulani. Habari hii haihitaji kuwa kwenye ukurasa wa mbele wa tovuti ya mradi. Mradi unaotumia GitHub unaweza kuweka mafanikio kwenye ukurasa wa mbele wa hifadhi kwa kuyaongeza kwenye faili ya README.

    https://github.com/labsai/EDDI/blob/main/README.md

    The README.md prominently displays achievement badges on line 5, including:

    • OpenSSF Best Practices badge (linking to bestpractices.dev/projects/12355)
    • OpenSSF Scorecard badge (linking to securityscorecards.dev)
    • Codacy code quality badge
    • CI workflow status badge
    • CodeQL security analysis badge
    • Docker Hub pulls badge
      These are displayed immediately after the project banner at the top of the README and are updated within hours of achieving new certifications.

  • Ufikiaji na kimataifa


    Ya kutosha kwa nishani!

    Mradi (tovuti zote za mradi na matokeo ya mradi) INAPASWA kufuata mazoea bora ya ufikiaji ili watu wenye ulemavu bado waweze kushiriki katika mradi na kutumia matokeo ya mradi ambapo ni busara kufanya hivyo. [accessibility_best_practices]
    Kwa programu za wavuti, angalia Miongozo ya Ufikiaji wa Maudhui ya Wavuti (WCAG 2.0) na hati yake inayosaidia Kuelewa WCAG 2.0; angalia pia habari za ufikiaji za W3C. Kwa programu za GUI, zingatia kutumia miongozo ya ufikiaji ya mazingira maalum (kama vile Gnome, KDE, XFCE, Android, iOS, Mac, na Windows). Baadhi ya programu za TUI (k.m., programu za `ncurses`) zinaweza kufanya mambo fulani ili kuzifanya kufikika zaidi (kama mpangilio wa `force-arrow-cursor` wa `alpine`). Programu nyingi za mstari wa amri zinafikika vizuri kama zilivyo. Kigezo hiki mara nyingi ni N/A, k.m., kwa maktaba za programu. Hapa kuna baadhi ya mifano ya hatua za kuchukua au masuala ya kuzingatia:
    • Toa mbadala za maandishi kwa maudhui yoyote yasiyo ya maandishi ili yaweze kubadilishwa kuwa aina nyingine watu wanahitaji, kama vile chapa kubwa, braille, hotuba, alama au lugha rahisi zaidi ( mwongozo wa WCAG 2.0 1.1)
    • Rangi haitumiwi kama njia pekee ya kuona ya kuwasilisha habari, kuashiria kitendo, kuchochea jibu, au kutofautisha kipengele cha kuona. ( mwongozo wa WCAG 2.0 1.4.1)
    • Uwasilishaji wa kuona wa maandishi na picha za maandishi una uwiano wa tofauti wa angalau 4.5:1, isipokuwa kwa maandishi makubwa, maandishi ya bahati mbaya, na nembo ( mwongozo wa WCAG 2.0 1.4.3)
    • Fanya kazi zote zipatikane kutoka kwenye kibodi (mwongozo wa WCAG 2.1)
    • Mradi wa GUI au wa wavuti INAPASWA kupima na angalau kipaza sauti kimoja cha skrini kwenye jukwaa la lengo (k.m., NVDA, Jaws, au WindowEyes kwenye Windows; VoiceOver kwenye Mac & iOS; Orca kwenye Linux/BSD; TalkBack kwenye Android). Programu za TUI ZINAWEZA kufanya kazi kupunguza uchanganyiko wa ziada ili kuzuia usomaji wa ziada na vipaza sauti vya skrini.

    EDDI addresses accessibility at multiple levels:

    1. Project website (eddi.labs.ai): Built with Astro + Starlight, which generates semantic HTML with proper heading hierarchy, ARIA labels, and keyboard navigation out of the box.
    2. Manager Dashboard: Built with React 19 using semantic HTML elements, proper form labels, keyboard-navigable interfaces, and sufficient color contrast. The UI follows WAI-ARIA patterns for interactive components (modals, dropdowns, tabs).
    3. Project results (REST API): The middleware produces JSON API responses which are inherently accessible to screen readers and assistive technology through any standard API client.
    4. Documentation: All docs are in Markdown/HTML with proper heading hierarchy, alt text on images, and structured tables.
      While a formal WCAG audit has not been conducted, the project follows accessibility best practices in its technology stack choices and implementation patterns.

    Ya kutosha kwa nishani!

    Programu iliyozalishwa na mradi INAPASWA kuwa kimataifa ili kuwezesha upatanifu wa lugha wa rahisi kwa utamaduni, eneo, au lugha ya hadhira lengo. Ikiwa kimataifa (i18n) haihusiki (k.m., programu haizalishi maandishi yanayokusudiwa kwa watumiaji wa mwisho na haipangi maandishi yanayosomeka na binadamu), chagua "haihusiki" (N/A). [internationalization]
    Upatanifu wa lugha "unarejelea upatanifu wa bidhaa, programu au maudhui ya hati ili kukidhi lugha, utamaduni na mahitaji mengine ya soko mahususi la lengo (eneo)." Kimataifa ni "muundo na maendeleo ya bidhaa, programu au maudhui ya hati ambayo huwezesha upatanifu wa lugha wa rahisi kwa hadhira lengo zinazotofautiana katika utamaduni, eneo, au lugha." (Ona "Upatanifu wa Lugha dhidi ya Kimataifa" ya W3C.) Programu inakidhi kigezo hiki kwa kuwa kimataifa tu. Hakuna upatanifu wa lugha kwa lugha nyingine mahususi unaohitajika, kwa kuwa mara tu programu imekuwa kimataifa inawezekana kwa wengine kufanya kazi kwenye upatanifu wa lugha.

    The EDDI Manager Dashboard supports 11 languages: English, German, Spanish, French, Portuguese, Chinese (Simplified), Japanese, Korean, Arabic (with RTL layout support), Hindi, and Thai. Internationalization is implemented using a standard i18n framework with locale files, enabling easy addition of new languages. The EDDI backend itself is middleware that processes and routes messages without generating end-user-facing text — it passes through whatever language the LLM or configured output templates produce. Date/time formatting respects locale settings.


  • Mengine


    Ya kutosha kwa nishani!

    Ikiwa tovuti za mradi (tovuti, hifadhi, na URL za kupakua) zinahifadhi nywila kwa ajili ya uthibitishaji wa watumiaji wa nje, nywila LAZIMA zihifadhiwe kama mificho iliyorudiwa na chumvi kwa-mtumiaji kwa kutumia kanuni ya upanuaji (iliyorudiarudia) wa funguo (k.m., Argon2id, Bcrypt, Scrypt, au PBKDF2). Ikiwa tovuti za mradi hazihifadhi nywila kwa kusudi hili, chagua "haihusiki" (N/A). [sites_password_security]
    Kumbuka kwamba matumizi ya GitHub yanakidhi kigezo hiki. Kigezo hiki kinatumika tu kwa nywila zinazotumika kwa ajili ya uthibitishaji wa watumiaji wa nje kwenye tovuti za mradi (pia inaitwa uthibitishaji wa ndani). Ikiwa tovuti za mradi lazima ziingie kwenye tovuti zingine (pia inaitwa uthibitishaji wa nje), zinaweza kuhitaji kuhifadhi ishara za uidhinishaji kwa kusudi hilo kwa njia tofauti (kwa kuwa kuhifadhi mficho hakuna maana). Hii inatumia kigezo cha crypto_password_storage kwa tovuti za mradi, sawa na sites_https.

    Not applicable. EDDI does not store passwords for authentication of external users. Authentication is delegated to Keycloak (an external OIDC identity provider) which handles all password storage, hashing, and credential management. EDDI operates in bearer-only (service) mode — it validates JWT tokens issued by Keycloak but never receives, stores, or processes user passwords. The Keycloak server uses bcrypt for password hashing by default.


 Udhibiti wa Mabadiliko 1/1

  • Matoleo ya awali


    Ya kutosha kwa nishani!

    Mradi LAZIMA utunze matoleo ya zamani yaliyotumika mara nyingi ya bidhaa au kutoa njia ya usasishaji kwa matoleo mapya. Ikiwa njia ya usasishaji ni ngumu, mradi LAZIMA uandike jinsi ya kufanya usasishaji (k.m., violesura vilivyobadilika na hatua zilizoanishwa kwa undani ili kusaidia usasishaji). [maintenance_or_update]

    https://github.com/labsai/EDDI/blob/main/docs/release-versioning.md

    EDDI follows Semantic Versioning (MAJOR.MINOR.PATCH) as documented in docs/release-versioning.md. Supported versions are documented in SECURITY.md: v6.0.x receives active development, v5.6.x receives security fixes only, versions below 5.6 are end-of-life. Docker images are tagged with specific versions (e.g., labsai/eddi:6.0.1) for pinned deployments. The installer includes an 'eddi update' CLI command for easy upgrades. Major version transitions (5.x → 6.x) are documented with migration guidance. The project maintains backward compatibility for JSON configuration formats stored in MongoDB, ensuring existing agent configurations continue to work after upgrades.


 Kuripoti 3/3

  • Mchakato wa kuripoti hitilafu


    Ya kutosha kwa nishani!

    Mradi LAZIMA utumie kifuatiliaji cha masuala kwa ajili ya kufuatilia masuala ya mtu binafsi. [report_tracker]

    https://github.com/labsai/EDDI/issues


  • Mchakato wa kuripoti udhaifu


    Ya kutosha kwa nishani!

    Mradi LAZIMA utoe sifa kwa waripoti wa ripoti zote za udhaifu zilizotatuliwa katika miezi 12 iliyopita, isipokuwa kwa waripoti wanaoomba kutojulikana. Ikiwa hakuna udhaifu uliotatuliwa katika miezi 12 iliyopita, chagua "haihusiki" (N/A). (URL inahitajika) [vulnerability_report_credit]

    https://github.com/labsai/EDDI/blob/main/SECURITY.md

    SECURITY.md explicitly states (line 44): "We will credit you in the security advisory unless you prefer to remain anonymous." No external vulnerability reports have been received and resolved in the last 12 months — all security improvements have been internally identified and addressed. If selecting N/A is preferred, this criterion does not apply as there have been no external vulnerability reports to credit.


    Ya kutosha kwa nishani!

    Mradi LAZIMA uwe na mchakato ulioandikwa kwa ajili ya kujibu ripoti za udhaifu. (URL inahitajika) [vulnerability_response_process]
    Hii ina uhusiano mkubwa na vulnerability_report_process, ambayo inahitaji kuwa kuna njia iliyoandikwa ya kuripoti udhaifu. Pia inahusiana na vulnerability_report_response, ambayo inahitaji majibu kwa ripoti za udhaifu ndani ya kipindi fulani cha muda.

    https://github.com/labsai/EDDI/blob/main/SECURITY.md

    SECURITY.md documents a complete vulnerability response process:

    1. Reporting channel: security@labs.ai (private email, NOT public GitHub issues)
    2. Required information: Description, reproduction steps, impact assessment, optional suggested fix
    3. Response timeline: Acknowledgment within 48 hours, initial triage within 7 days, status updates every 14 days, fix release based on severity (critical: ASAP, high: 30 days, medium: 90 days)
    4. Coordinated disclosure policy: Private report → acknowledgment → fix development → fix release → security advisory published → reporter may publish
    5. Scope: Clearly defines in-scope (core application, MCP, REST API, auth, Docker images, vault, SSRF protection) and out-of-scope (third-party LLM APIs, user config errors, upstream dependency vulns, social engineering, DoS via normal usage)
    6. Credit: Reporters credited in security advisory unless they request anonymity
      Additionally, an incident response runbook is maintained at docs/incident-response.md covering GDPR 72-hour, CCPA 45-day, and HIPAA 60-day breach notification requirements.

 Ubora 19/19

  • Viwango vya msimbo


    Ya kutosha kwa nishani!

    Mradi LAZIMA utambulishe miongozo mahususi ya mtindo wa kuandika msimbo kwa lugha kuu inazotumia, na uhitaji kwamba michango kwa ujumla ikidhi. (URL inahitajika) [coding_standards]
    Katika hali nyingi hii inafanywa kwa kurejelea baadhi ya miongozo ya mtindo iliyopo, huenda ikiorodhesha tofauti. Miongozo hii ya mtindo inaweza kujumuisha njia za kuboresha usomaji na njia za kupunguza uwezekano wa kasoro (ikiwa ni pamoja na udhaifu). Lugha nyingi za programu zina miongozo moja au zaidi ya mtindo inayotumika sana. Mifano ya miongozo ya mtindo ni pamoja na miongozo ya mtindo ya Google na Viwango vya Kuandika Msimbo wa SEI CERT.

    https://github.com/labsai/EDDI/blob/main/CONTRIBUTING.md#code-style

    EDDI identifies and documents its coding standards in CONTRIBUTING.md (Section: Code Style):

    • Language: Java 25 with modern features (records, sealed classes, pattern matching)
    • Framework: Quarkus + CDI — prefer @Inject over manual instantiation
    • Line length: 120 characters max
    • Checkstyle: Enforced via checkstyle.xml with rules for naming conventions, import hygiene, coding safety checks (EqualsHashCode, StringLiteralEquality, FallThrough), and modifier ordering
    • Formatter: Eclipse-based formatter configuration (eclipse-formatter.xml) with auto-format via 'mvnw formatter:format'
    • Architecture rules: No eval(), no ScriptEngine, no @JsonTypeInfo(use=Id.CLASS), stateless ILifecycleTask implementations, URL validation on all external calls
    • Commit convention: Conventional Commits format (feat/fix/docs/test/refactor/chore/perf/security)

    Ya kutosha kwa nishani!

    Mradi LAZIMA utekeleze kiotomatiki mtindo wake wa kuandika msimbo uliochaguliwa ikiwa kuna angalau zana moja ya FLOSS inayoweza kufanya hivyo katika lugha zilizochaguliwa. [coding_standards_enforced]
    Hii INAWEZA kutekelezwa kwa kutumia zana za uchambuzi mkako na/au kwa kulazimisha msimbo kupitia vifaa vya kurekebisha msimbo. Katika hali nyingi usanidi wa zana umejumuishwa katika hifadhi ya mradi (kwa kuwa miradi tofauti inaweza kuchagua usanidi tofauti). Miradi INAWEZA kuruhusu vighairi vya mtindo (na kwa kawaida itaruhusu); ambapo vighairi vinatokea, LAZIMA viwe nadra na viandikwe katika msimbo katika maeneo yao, ili vighairi hivi viweze kukaguliwa na ili zana ziweze kuzishughulikia kiotomatiki baadaye. Mifano ya zana kama hizo ni pamoja na ESLint (JavaScript), Rubocop (Ruby), na devtools check (R).

    https://github.com/labsai/EDDI/blob/main/checkstyle.xml

    EDDI automatically enforces coding standards through multiple FLOSS tools:

    1. Checkstyle (maven-checkstyle-plugin 3.6.0): Runs during the 'validate' phase of every build. Configuration in checkstyle.xml enforces naming conventions (TypeName, MethodName, LocalVariableName, etc.), import hygiene (RedundantImport, UnusedImports), coding safety (EqualsHashCode, StringLiteralEquality, FallThrough, OneStatementPerLine), line length limits (150 chars), and modifier ordering.
    2. Eclipse Formatter (formatter-maven-plugin 2.29.0): Auto-formats Java source files according to eclipse-formatter.xml during builds.
    3. CodeQL: Runs on every push and PR via GitHub Actions (.github/workflows/codeql.yml) with security-extended queries, catching injection vulnerabilities, hardcoded credentials, and insecure patterns.
    4. Maven Enforcer Plugin: Bans specific dependency groups (Jackson 3.x) to prevent accidental introduction of vulnerable transitive dependencies.
    5. Trivy: Filesystem security scan on every CI run, blocking CRITICAL and HIGH severity CVEs.

  • Mfumo wa ujenzi unaofanya kazi


    Ya kutosha kwa nishani!

    Mifumo ya kujenga kwa binari za asili LAZIMA iheshimu vigezo (vya mazingira) vya mkusanyaji na vya kiunganishi vilivyopitishwa kwao (k.m., CC, CFLAGS, CXX, CXXFLAGS, na LDFLAGS) na kuvipitisha kwenye viito vya mkusanyaji na vya kiunganishi. Mfumo wa kujenga UNAWEZA kuvipanua na bendera za ziada; LAZIMA USIBADILISHE thamani zilizotolewa na zake mwenyewe. Ikiwa hakuna binari za asili zinazozalishwa, chagua "haihusiki" (N/A). [build_standard_variables]
    Inapaswa kuwa rahisi kuwezesha vipengele maalum vya kujenga kama Address Sanitizer (ASAN), au kutii mazoea bora ya ugumu wa usambazaji (k.m., kwa kuwezesha kwa urahisi bendera za mkusanyaji kufanya hivyo).

    Not applicable. EDDI is a Java application built with Maven. No native binaries are generated in the standard build process. The project compiles Java source to JVM bytecode, which is platform-independent. The optional GraalVM native-image build is handled by the Quarkus framework's native profile, which correctly passes through environment variables per GraalVM's conventions.


    Ya kutosha kwa nishani!

    Mfumo wa kujenga na usakinishaji UNAPASWA kuhifadhi taarifa za utatuzi ikiwa zimeombwa katika bendera husika (k.m., "install -s" haitumiwa). Ikiwa hakuna mfumo wa kujenga au usakinishaji (k.m., maktaba za kawaida za JavaScript), chagua "haihusiki" (N/A). [build_preserve_debug]
    K.m., kuweka CFLAGS (C) au CXXFLAGS (C++) inapaswa kuunda taarifa husika za utatuzi ikiwa lugha hizo zinatumika, na hazipaswi kuondolewa wakati wa usakinishaji. Taarifa za utatuzi zinahitajika kwa msaada na uchambuzi, na pia ni muhimu kwa kupima uwepo wa vipengele vya ugumu katika binari zilizokusanywa.

    Not applicable. EDDI is a Java application. Java bytecode inherently preserves debugging information (line numbers, local variable names) unless explicitly stripped. The Maven compiler configuration includes '-parameters' flag to retain method parameter names at runtime. The JVM provides full stack traces with line numbers by default. Debug information is controlled at runtime via JVM flags (e.g., -g), not at build time.


    Ya kutosha kwa nishani!

    Mfumo wa kujenga kwa programu iliyozalishwa na mradi LAZIMA USIJENGA kwa njia ya kujirudia saraka ndogo ikiwa kuna utegemezi wa kukatana katika saraka ndogo. Ikiwa hakuna mfumo wa kujenga au usakinishaji (k.m., maktaba za kawaida za JavaScript), chagua "haihusiki" (N/A). [build_non_recursive]
    Taarifa ya utegemezi wa ndani ya mfumo wa kujenga wa mradi inahitaji kuwa sahihi, vinginevyo, mabadiliko ya mradi huenda yasijenge vizuri. Mijengo isiyo sahihi inaweza kusababisha kasoro (ikiwa ni pamoja na udhaifu). Kosa la kawaida katika mifumo mikubwa ya kujenga ni kutumia "ujenzi wa kujirudia" au "make ya kujirudia", yaani, mlingano wa saraka ndogo zinazojumuisha faili za chanzo, ambapo kila saraka ndogo inajengwa kwa uhuru. Isipokuwa kila saraka ndogo ni huru kabisa, hii ni kosa, kwa sababu taarifa ya utegemezi si sahihi.

    Not applicable. EDDI is a single-module Maven project (one pom.xml at the root). There are no subdirectory modules, no multi-module reactor builds, and therefore no cross-dependencies between subdirectories. All source code lives under a single src/ directory compiled by a single Maven invocation.


    Ya kutosha kwa nishani!

    Mradi LAZIMA uweze kurudia mchakato wa kuzalisha taarifa kutoka faili za chanzo na kupata matokeo sawa ya biti-kwa-biti. Ikiwa hakuna ujenzi unaofanyika (k.m., lugha za uandishi ambapo msimbo wa chanzo unatumika moja kwa moja badala ya kukusanywa), chagua "haihusiki" (N/A). [build_repeatable]
    Watumiaji wa GCC na clang wanaweza kupata chaguo la -frandom-seed kuwa na manufaa; katika hali fulani, hii inaweza kutatuliwa kwa kulazimisha aina fulani ya mpangilio. Mapendekezo zaidi yanaweza kupatikana kwenye tovuti ya ujenzi unaorudiwa.

    EDDI's build is reproducible within practical limits for a JVM application. The project uses: (1) Maven with a locked dependency tree — all dependency versions are explicitly pinned in pom.xml (no version ranges), and the Quarkus BOM provides transitive dependency alignment. (2) Maven wrapper (mvnw/mvnw.cmd) bundled in the repository ensures the same Maven version across all environments. (3) The CI pipeline (.github/workflows/ci.yml) uses pinned tool versions: Java 25 (OpenJDK distribution), exact GitHub Actions versions pinned by SHA hash. (4) Docker builds use a deterministic Dockerfile with a specific base image. (5) Dependency verification through maven-enforcer-plugin bans unauthorized transitive dependencies. While bit-for-bit identical JARs across different build environments are not guaranteed (due to JVM compilation timestamp non-determinism), the functional output is identical given the same inputs.


  • Mfumo wa usakinishaji


    Ya kutosha kwa nishani!

    Mradi LAZIMA utoe njia ya kusakinisha na kuondoa kwa urahisi programu iliyozalishwa na mradi kwa kutumia mkataba unaotumika sana. [installation_common]
    Mifano ni pamoja na kutumia meneja wa kifurushi (kwa mfumo au kiwango cha lugha), "make install/uninstall" (inasaidia DESTDIR), chombo katika muundo wa kawaida, au picha ya mashine pepe katika muundo wa kawaida. Mchakato wa usakinishaji na uondoaji (k.m., kifurushi chake) UNAWEZA kutekelezwa na mtu wa tatu mradi tu ni FLOSS.

    https://github.com/labsai/EDDI/blob/main/docs/getting-started.md

    EDDI provides multiple standard installation methods:

    1. One-command installer: 'curl -fsSL .../install.sh | bash' (Linux/macOS) or 'iwr -useb .../install.ps1 | iex' (Windows) — interactive wizard sets up everything via Docker Compose.
    2. Docker: 'docker pull labsai/eddi' + 'docker compose up' — standard Docker conventions.
    3. Kubernetes: kubectl apply with Kustomize overlays or Helm charts ('helm install eddi ./helm/eddi').
    4. Uninstall: 'docker compose down -v' removes all containers and volumes. The installer creates an 'eddi' CLI wrapper with 'eddi update' and uninstall support.
      All methods use widely-adopted conventions (Docker, Helm, kubectl) that operators are already familiar with.

    Ya kutosha kwa nishani!

    Mfumo wa usakinishaji kwa watumiaji wa mwisho LAZIMA uheshimu mkataba wa kawaida kwa kuchagua eneo ambapo vitu vilivyojengwa vinaandikwa kwa wakati wa usakinishaji. Kwa mfano, ikiwa inasakinisha faili kwenye mfumo wa POSIX lazima iheshimu kigezo cha mazingira cha DESTDIR. Ikiwa hakuna mfumo wa usakinishaji au hakuna mkataba wa kawaida, chagua "haihusiki" (N/A). [installation_standard_variables]

    Not applicable. EDDI is distributed as a Docker container image (labsai/eddi) and does not install files to end-user filesystems. The container's internal file layout follows standard Quarkus/Java conventions. For Kubernetes deployments, Helm charts and Kustomize overlays follow standard Kubernetes resource naming and namespace conventions.


    Ya kutosha kwa nishani!

    Mradi LAZIMA utoe njia kwa wasanidi programu wanaoweza kusakinisha haraka matokeo yote ya mradi na mazingira ya msaada yanayohitajika kufanya mabadiliko, ikiwa ni pamoja na majaribio na mazingira ya majaribio. Hii LAZIMA ifanywe kwa kutumia mkataba unaotumika sana. [installation_development_quick]
    Hii INAWEZA kutekelezwa kwa kutumia chombo kilichozalishwa na/au hati za usakinishaji. Utegemezi wa nje kwa kawaida utasakinishwa kwa kuita mfumo na/au meneja wa kifurushi cha lugha, kwa external_dependencies.

    https://github.com/labsai/EDDI/blob/main/CONTRIBUTING.md#development-setup

    Developers can set up a complete development environment in under 5 minutes:

    1. Clone: 'git clone https://github.com/labsai/EDDI.git'
    2. Start MongoDB: 'docker run -d --name mongodb -p 27017:27017 mongo:7' (or let Quarkus Dev Services auto-provision it)
    3. Run: './mvnw compile quarkus:dev' — starts with hot-reload, continuous testing, and Dev UI
      No global tool installation required — Maven wrapper (mvnw) is bundled. IDE setup instructions for IntelliJ IDEA and VS Code are documented. The developer quickstart guide (docs/developer-quickstart.md) includes a full walkthrough of creating and testing an agent via the API.

  • Vipengee vilivyotunzwa nje


    Ya kutosha kwa nishani!

    Mradi LAZIMA uorodheshe utegemezi wa nje kwa njia inayoweza kuchakatwa na kompyuta. (URL inahitajika) [external_dependencies]
    Kwa kawaida hii inafanywa kwa kutumia mkataba wa meneja wa kifurushi na/au mfumo wa ujenzi. Kumbuka kwamba hii inasaidia kutekeleza installation_development_quick.

    https://github.com/labsai/EDDI/blob/main/pom.xml

    All external dependencies are declared in pom.xml, the standard Maven Project Object Model format. This is a computer-processable XML format that lists every dependency with groupId, artifactId, version, and scope. The Quarkus BOM (Bill of Materials) manages transitive dependency versions. The project also generates a THIRD-PARTY.txt file listing all runtime dependencies and their licenses via the license-maven-plugin (activated with -Plicense-gen).


    Ya kutosha kwa nishani!

    Miradi LAZIMA ifuatilie au kwa muda mrefu iangalie utegemezi wao wa nje (ikiwa ni pamoja na nakala za urahisi) kugundua udhaifu unaojulikana, na kurekebisha udhaifu unaoweza kutumiwa vibaya au kuthibitisha kuwa hauwezi kutumiwa vibaya. [dependency_monitoring]
    Hii inaweza kufanywa kwa kutumia zana ya kichambua chanzo / zana ya kuangalia utegemezi / zana ya uchambuzi wa muundo wa programu kama OWASP's Dependency-Check, Sonatype's Nexus Auditor, Synopsys' Black Duck Software Composition Analysis, na Bundler-audit (kwa Ruby). Baadhi ya waendesha kifurushi wanajumuisha taratibu za kufanya hii. Ni kubaliwa ikiwa udhaifu wa vipengele hauwezi kutumiwa vibaya, lakini uchambuzi huu ni mgumu na wakati mwingine ni rahisi kusasisha au kurekebisha sehemu.

    https://github.com/labsai/EDDI/blob/main/.github/dependabot.yml

    EDDI monitors external dependencies through multiple mechanisms:

    1. Dependabot (.github/dependabot.yml): Weekly automated dependency update PRs for both Maven dependencies and GitHub Actions versions, with intelligent grouping (Quarkus, LangChain4j, other).
    2. Trivy Security Scan (CI job 'trivy-scan'): Runs aquasecurity/trivy-action on every push, scanning the filesystem for CRITICAL and HIGH severity CVEs with exit-code 1 (fails the build).
    3. GitHub Dependency Review (.github/workflows/dependency-review.yml): Blocks PRs that introduce vulnerable or incompatibly-licensed dependencies.
    4. Maven Enforcer Plugin: Bans known-vulnerable dependency groups (e.g., Jackson 3.x tools.jackson.* namespace blocked due to CVE-2026-29062).
    5. Manual CVE overrides in pom.xml: Dependencies are explicitly overridden when upstream fixes are not yet available (e.g., jinjava pinned to 2.8.3 for CVE-2026-25526, reactor-netty-http pinned to 1.2.8 for CVE-2025-22227).

    Ya kutosha kwa nishani!

    Mradi LAZIMA au:
    1. fanya iwe rahisi kutambua na kusasisha vipengele vinavyotumiwa tena vilivyotunzwa nje; au
    2. tumia vipengele vya kawaida vinavyotolewa na mfumo au lugha ya programu.
    Kisha, ikiwa udhaifu unapatikana katika kipengele kilichotumiwa tena, itakuwa rahisi kusasisha kipengele hicho. [updateable_reused_components]
    Njia ya kawaida ya kutimiza kigezo hiki ni kutumia mifumo ya usimamizi wa kifurushi ya mfumo na lugha ya programu. Programu nyingi za FLOSS zinasambazwa na "maktaba za urahisi" ambazo ni nakala za ndani za maktaba za kawaida (labda zilizoachana). Kwa yenyewe, hiyo ni sawa. Hata hivyo, ikiwa programu *lazima* itumie nakala hizi za ndani (zilizoachanishwa), basi kusasisha maktaba za "kawaida" kama sasisho la usalama litaacha nakala hizi za ziada bado zenye udhaifu. Hii ni suala hasa kwa mifumo ya wingu; ikiwa mtoa huduma ya wingu anasasisha maktaba zao za "kawaida" lakini programu haitazitumia, basi masasisho hayasaidii kweli. Angalia, k.m., "Chromium: Kwa nini bado haiko katika Fedora kama kifurushi sahihi" na Tom Callaway.

    EDDI uses Maven's standard dependency management which makes updating components straightforward: change the version number in pom.xml, run 'mvnw clean verify' to validate compatibility, and commit. The Quarkus BOM manages the majority of transitive dependencies, so a single version bump updates dozens of aligned libraries. Dependabot automatically proposes version updates weekly via pull requests. No convenience copies of external libraries exist — all dependencies are fetched from Maven Central.


    Ya kutosha kwa nishani!

    Mradi UNAPASWA kuepuka kutumia vitendakazi na API zilizokubaliwa kuwa hazitumiki tena au zilizopitwa na wakati ambapo mbadala wa FLOSS zinapatikana katika seti ya teknolojia inayotumia ("kifurushi cha teknolojia" yake) na kwa wengi wa watumiaji ambao mradi unasaidia (ili watumiaji wawe na ufikiaji wa haraka wa mbadala). [interfaces_current]

    EDDI actively avoids deprecated APIs:

    • Java 25 (latest): Uses modern language features (records, sealed classes, pattern matching, virtual threads).
    • Quarkus 3.34.3 (latest LTS): Current framework version, actively tracking LTS releases.
    • LangChain4j 1.13.0 (latest): Current LLM integration library.
    • Migration from deprecated APIs is tracked: OGNL was replaced with PathNavigator, Infinispan was replaced with Caffeine, MongoDB async driver was replaced with sync driver, Lombok was removed in favor of native Java records.
    • The project has no Nashorn/Rhino usage in production (only in test scope for calculator validation).

  • Seti ya majaribio otomatiki


    Ya kutosha kwa nishani!

    Seti ya majaribio ya kiotomatiki LAZIMA itumike kwenye kila ukaguzi wa kuingia kwenye hifadhi iliyoshirikiwa kwa angalau tawi moja. Seti hii ya majaribio LAZIMA itoe ripoti ya mafanikio au kushindwa kwa majaribio. [automated_integration_testing]
    Mahitaji haya yanaweza kuonekana kama sehemu ndogo ya test_continuous_integration, lakini yanazingatia majaribio tu, bila kuhitaji uunganisho wa kuendelea.

    The CI/CD pipeline (.github/workflows/ci.yml) runs automated tests on every push to main, every pull request, and every tag:

    • Job 'build-and-test': Executes 'mvnw clean verify -DskipITs' — runs all unit tests (~4,900+) with JaCoCo code coverage reporting. Results are uploaded as artifacts.
    • Job 'integration-test': Executes 'mvnw verify -DskipITs=false' — runs integration tests using Testcontainers (Docker-based MongoDB/PostgreSQL) for end-to-end API contract testing (~250+ integration tests).
    • Job 'smoke-test': After Docker build, starts the container image with MongoDB and verifies /q/health/ready and /openapi endpoints respond correctly.
      Test results and coverage reports are uploaded as build artifacts with 14-day retention.

    Ya kutosha kwa nishani!

    Mradi LAZIMA uongeze majaribio ya kurudi nyuma kwa seti ya majaribio ya kiotomatiki kwa angalau 50% ya hitilafu zilizorekebisha ndani ya miezi sita iliyopita. [regression_tests_added50]

    EDDI's contribution guidelines (CONTRIBUTING.md) explicitly mandate: "Write tests — new features require tests; bug fixes should include a regression test." This policy is enforced through code review on all pull requests. The project maintains 4,900+ unit tests and 250+ integration tests. Recent bug fixes demonstrably include regression tests — for example: UrlValidationUtilsExtendedTest covers SSRF bypass attempts, SlackChannelRouterTest covers routing edge cases, and PostgresAgentUseCaseIT covers database-specific regressions. The CI pipeline must pass before any PR can be merged, ensuring regression tests are validated automatically.


    Ya kutosha kwa nishani!

    Mradi LAZIMA uwe na seti ya majaribio ya kiotomatiki ya FLOSS inayotoa angalau 80% ya usakinishaji wa taarifa ikiwa kuna angalau zana moja ya FLOSS inayoweza kupima kigezo hiki katika lugha iliyochaguliwa. [test_statement_coverage80]
    Zana nyingi za FLOSS zinapatikana kupima usakinishaji wa majaribio, ikiwa ni pamoja na gcov/lcov, Blanket.js, Istanbul, JCov, na covr (R). Kumbuka kwamba kutimiza kigezo hiki sio uhakika kwamba seti ya majaribio ni ya kina, badala yake, kushindwa kutimiza kigezo hiki ni kiashiria kizito cha seti ya majaribio mbaya.

    Statement (instruction) coverage is 80.64% (97,856/121,356), measured by JaCoCo across merged unit + integration test suites. Coverage is enforced in CI via a JaCoCo verify goal with an 80% minimum threshold — builds fail if coverage drops below. See PR with coverage report: https://github.com/labsai/EDDI/pull/427


  • Upimaji wa utendaji mpya


    Ya kutosha kwa nishani!

    Mradi LAZIMA uwe na sera rasmi iliyoandikwa kwamba kadri utendakazi mkubwa mpya unaongezwa, majaribio ya utendakazi mpya LAZIMA yaongezwe kwenye seti ya majaribio ya kiotomatiki. [test_policy_mandated]

    https://github.com/labsai/EDDI/blob/main/CONTRIBUTING.md#pull-request-process

    CONTRIBUTING.md contains a formal written policy requiring tests for new functionality. Under "Pull Request Process → Workflow" (step 3): "Write tests — new features require tests; bug fixes should include a regression test." Under "What the CI Checks," the Build + Tests gate ('mvnw clean verify' with Java 25) is marked as "✅ Yes" (must pass). JaCoCo code coverage is reported on every build. Additionally, AGENTS.md (the AI coding assistant instruction file, which governs all development sessions) mandates: "Each commit must build: Run ./mvnw test before committing. Never commit broken code."


    Ya kutosha kwa nishani!

    Mradi LAZIMA ujumuishe, katika maelekezo yake yaliyoandikwa kwa mapendekezo ya mabadiliko, sera kwamba majaribio yataongezwa kwa utendakazi mkubwa mpya. [tests_documented_added]
    Hata hivyo, hata sheria isiyo rasmi inakubaliwa mradi majaribio yaongezwe kimakosa.

    https://github.com/labsai/EDDI/blob/main/CONTRIBUTING.md#pull-request-process

    The documented instructions for change proposals (CONTRIBUTING.md) explicitly include the testing policy:

    1. Pull Request Process step 3: "Write tests — new features require tests; bug fixes should include a regression test"
    2. Pull Request Process step 4: "Run the full build locally: ./mvnw clean verify -DskipITs"
    3. PR Guidelines: "One concern per PR — don't mix refactoring with features"
    4. CI Checks table documents required gates: Build + Tests (✅ must pass), JaCoCo (📊 report), CodeQL (✅ must pass)
      The pull request template (.github/PULL_REQUEST_TEMPLATE.md) also includes a checklist for test verification.

  • Bendera za maonyo


    Ya kutosha kwa nishani!

    Miradi LAZIMA iwe na ukali wa juu zaidi na maonyo katika programu iliyozalishwa na mradi, iwezekanavyo vitendo. [warnings_strict]
    Baadhi ya maonyo hayawezi kuwashwa kwa ufanisi kwenye miradi fulani. Kinachohitajika ni ushahidi kwamba mradi unajitahidi kuwasha bendera za onyo ambapo inaweza, ili makosa yagundulika mapema.

    EDDI enforces maximally strict warning policies through multiple layers:

    1. Checkstyle (FLOSS static analysis): Runs automatically during the Maven 'validate' phase on every build. The configuration (checkstyle.xml) enforces 20+ rules including naming conventions, import hygiene, coding safety checks (EqualsHashCode, SimplifyBooleanExpression, StringLiteralEquality, FallThrough, OneStatementPerLine, MultipleVariableDeclarations), modifier ordering, line length, and file length limits.

    2. CodeQL (FLOSS semantic analysis): Runs on every push and PR with 'security-extended' query suite, which is the most comprehensive FLOSS security analysis available for Java. It detects injection vulnerabilities, hardcoded credentials, insecure cryptography, and data flow issues.

    3. Trivy (FLOSS vulnerability scanner): Scans the entire filesystem on every CI run with severity filter CRITICAL,HIGH and exit-code 1, meaning the build fails on any high-severity CVE.

    4. Maven Enforcer Plugin: Actively bans known-vulnerable dependency groups (Jackson 3.x) from the dependency tree, preventing silent reintroduction via transitive dependencies.

    5. Java compiler: Configured with '-parameters' flag for maximum runtime reflection metadata. While explicit -Xlint flags are not configured, the Quarkus framework's compiler settings are used which enable standard Java warnings.

    6. JaCoCo coverage gate: The build fails if line coverage drops below 80%, ensuring test coverage cannot regress silently.

    The project treats compiler warnings and static analysis findings as actionable items — recent work sessions specifically addressed CodeQL log-injection warnings, unused imports, and type-safety issues across the codebase.


 Usalama 13/13

  • Maarifa ya maendeleo yenye usalama


    Ya kutosha kwa nishani!

    Mradi LAZIMA utekeleze kanuni za muundo salama (kutoka "know_secure_design"), pale inapohusika. Ikiwa mradi hauzalishi programu, chagua "haihusiki" (N/A). [implement_secure_design]
    Kwa mfano, matokeo ya mradi yanapaswa kuwa na mipangilio salama ya kuzuia makosa (maamuzi ya ufikiaji yanapaswa kukataa kwa chaguo-msingi, na usakinishaji wa mradi unapaswa kuwa salama kwa chaguo-msingi). Pia yanapaswa kuwa na kikuu cha kati kikamilifu (kila ufikiaji ambao unaweza kuwekwa kikomo lazima ufanyiwe ukaguzi wa mamlaka na usiweze kuvukwa). Kumbuka kwamba katika hali fulani kanuni zitagombana, na katika hali hiyo chaguo lazima lifanywe (k.m., taratibu nyingi zinaweza kufanya mambo kuwa magumu zaidi, kukiuka "uchumi wa utaratibu" / iweke rahisi).

    EDDI implements secure design principles as a core architectural pillar (docs/project-philosophy.md, Pillar 4: "Security & Compliance as Architecture, Not Afterthought"):

    1. Defense in depth: Multiple independent security layers — SSRF URL validation, sandboxed expression evaluation, rate-limited tool execution, input validation, TLS encryption, Keycloak authentication, and security headers (X-Content-Type-Options, X-Frame-Options, Content-Security-Policy).

    2. Least privilege: OAuth 2.0 role-based access control (admin/editor/viewer roles via Keycloak). Production conversation endpoints are public; all management APIs require authentication. The SafeHttpClient validates URLs before any outbound request, blocking private IPs, link-local addresses, and cloud metadata endpoints.

    3. No dynamic code execution: This is architecturally enforced — there is no eval(), no ScriptEngine, no reflection-based code execution in production code. Math expressions use a recursive-descent SafeMathParser that recognizes only numeric literals and a fixed function allowlist. Custom logic runs in external MCP servers outside the EDDI security perimeter.

    4. Secure defaults: Authentication enforcement is checked at startup (AuthStartupGuard fails startup if OIDC is disabled in production without explicit opt-out). Secrets are envelope-encrypted (PBKDF2 + AES-256-GCM) by default. Agent exports automatically scrub secrets. Tool rate limiting and cost tracking are enabled by default.

    5. Fail securely: The ConversationCoordinator ensures sequential processing per conversation to prevent race conditions. Queue capacity exhaustion returns HTTP 429 (not 500). Failed pipeline task output is marked as uncommitted (hidden from LLM context) via the Memory Policy commit flags system.

    6. Input validation (allowlist): UrlValidationUtils validates all URLs against an allowlist of allowed schemes (http/https only), blocks private IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16, fd00::/8, fe80::/10, ::1), and blocks cloud metadata hostnames (169.254.169.254, metadata.google.internal).

    7. Separation of concerns: Secrets are stored separately from configuration via vault references (${eddivault:key-name}). API keys never appear in agent configurations in plaintext.


  • Tumia mazoea mazuri ya msingi ya usimbuaji

    Kumbuka kwamba programu fulani haihitaji kutumia taratibu za usimbuaji. Ikiwa mradi wako unazalisha programu ambayo (1) inajumuisha, inaamilisha, au inafanya usimbuaji kuwa hai, na (2) inaweza kutolewa kutoka Marekani (US) kwenda nje ya Marekani au kwa raia asiye wa Marekani, inaweza kuwa ni lazima kisheria kuchukua hatua chache za ziada. Kawaida hii inahusisha tu kutuma barua pepe. Kwa maelezo zaidi, tazama sehemu ya usimbuaji ya Kuelewa Teknolojia ya Chanzo Wazi & Udhibiti wa Usafirishaji wa Marekani.

    Ya kutosha kwa nishani!

    Mifumo ya usalama ya chaguo-msingi ndani ya programu inayozalishwa na mradi LAZIMA ISITEGEMEE algoriti za kriptologia au hali zenye udhaifu mkubwa unaojulikana (k.m., algoriti ya hash ya kriptologia ya SHA-1 au hali ya CBC katika SSH). [crypto_weaknesses]
    Wasiwasi kuhusu hali ya CBC katika SSH unajadiliwa katika CERT: SSH CBC vulnerability.

    EDDI's cryptographic mechanisms do not depend on algorithms with known serious weaknesses:

    1. Secrets Vault: Uses AES-256-GCM for data encryption (symmetric, authenticated encryption with associated data). Key derivation uses PBKDF2WithHmacSHA256 with per-deployment random salt and configurable iteration count. Each secret gets a unique Data Encryption Key (DEK) wrapped by a Key Encryption Key (KEK) derived from the master passphrase — envelope encryption pattern.

    2. Audit Ledger: Uses HMAC-SHA256 for tamper-evident audit chain integrity. Each audit entry includes the HMAC of the previous entry, creating a hash chain.

    3. Agent Signing: Uses Ed25519 (Curve25519) for cryptographic agent identity — digital signatures on audit entries.

    4. Password hashing: Delegated to Keycloak, which defaults to bcrypt with configurable work factor.

    5. TLS: Java 25's built-in TLS implementation defaults to TLS 1.3 / TLS 1.2 minimum. No manual cipher suite configuration that could downgrade security.

    No usage of SHA-1 for security purposes, no MD5, no DES, no RC4, no CBC mode in SSH, no ECB mode for encryption. SHA-256 is used for tool caching keys (non-security context) and HMAC chains (security context).


    Ya kutosha kwa nishani!

    Mradi INAPASWA kusaidia algoriti nyingi za kriptologia, ili watumiaji waweze kubadilisha haraka ikiwa moja imevunjwa. Algoriti za kawaida za funguo za simetria ni pamoja na AES, Twofish, na Serpent. Mbadala wa algoriti za hash za kriptologia za kawaida ni pamoja na SHA-2 (ikiwa ni pamoja na SHA-224, SHA-256, SHA-384 NA SHA-512) na SHA-3. [crypto_algorithm_agility]

    EDDI supports cryptographic algorithm agility at the infrastructure level:

    1. Vault encryption: While AES-256-GCM is the current default, the VaultSaltManager architecture separates key derivation from encryption, allowing algorithm substitution without changing the data model.
    2. TLS: Handled by the JVM's TLS implementation which supports multiple cipher suites including TLS 1.3 suites (TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256) and TLS 1.2 suites. Cipher suite selection is configurable via standard Quarkus/JVM properties.
    3. HMAC: The audit ledger's HMAC algorithm is implemented via Java's Mac class, which supports HmacSHA256, HmacSHA384, HmacSHA512, and others — switchable by configuration.
    4. Agent signing: Ed25519 keys are generated via Java's KeyPairGenerator, which also supports RSA, EC, and other algorithms.

    Ya kutosha kwa nishani!

    Mradi LAZIMA usaidie kuhifadhi vitambulisho vya uthibitishaji (kama vile nywila na ishara za nguvu) na funguo za kibinafsi za kriptologia katika mafaili ambayo yametengwa na habari nyingine (kama vile mafaili ya usanidi, hifadhidata, na kumbukumbu), na kuruhusu watumiaji kusasisha na kubadilisha bila ukusanyaji upya wa msimbo. Ikiwa mradi haufanyi usindikaji wa vitambulisho vya uthibitishaji na funguo za kibinafsi za kriptologia, chagua "haihusiki" (N/A). [crypto_credential_agility]

    https://github.com/labsai/EDDI/blob/main/docs/secrets-vault.md

    EDDI enforces strict separation of credentials from other information:

    1. Secrets Vault: All sensitive credentials (API keys, tokens, passwords) are stored in an envelope-encrypted vault separate from configuration. Agent configurations reference secrets via vault references ${eddivault:key-name}) which are resolved at runtime.
    2. Environment variables: Runtime configuration (database URLs, Keycloak endpoints) is externalized via environment variables and .env files, not compiled into the application.
    3. No recompilation needed: All credentials can be updated at runtime — vault entries via REST API, environment variables via container restart, Keycloak credentials via Keycloak admin UI.
    4. Export sanitization: When agents are exported (ZIP or sync), secrets are automatically scrubbed from the export payload. The importing instance must re-provision secrets in its own vault.
    5. CI/CD secrets: GitHub Actions secrets (DOCKER_USERNAME, DOCKER_PASSWORD, REDHAT_API_TOKEN) are stored in GitHub's encrypted secrets store, separate from source code.

    Ya kutosha kwa nishani!

    Programu iliyozalishwa na mradi INAPASWA kusaidia itifaki salama kwa mawasiliano yake yote ya mtandao, kama vile SSHv2 au zaidi, TLS1.2 au zaidi (HTTPS), IPsec, SFTP, na SNMPv3. Itifaki zisizo salama kama vile FTP, HTTP, telnet, SSLv3 au mapema zaidi, na SSHv1 ZINAPASWA kuzimwa kwa chaguo-msingi, na kuzimwa tu ikiwa mtumiaji anaisanidi mahususi. Ikiwa programu iliyozalishwa na mradi haiesaidii mawasiliano ya mtandao, chagua "haihusiki" (N/A). [crypto_used_network]

    https://github.com/labsai/EDDI/blob/main/docs/security.md#tls-requirements

    EDDI supports and encourages secure protocols for all network communications:

    1. External API calls: All LLM provider integrations (OpenAI, Anthropic, Google, Azure, AWS, etc.) use HTTPS exclusively. UrlValidationUtils blocks non-HTTP/HTTPS schemes (file://, ftp://, gopher://, jar://).
    2. TLS termination: The docs/security.md TLS Requirements section documents both reverse-proxy TLS termination (recommended production pattern) and direct Quarkus TLS configuration via quarkus.http.ssl.* properties.
    3. Database connections: MongoDB and PostgreSQL connection strings support TLS natively. The compliance documentation (docs/hipaa-compliance.md) requires encrypted database connections for regulated deployments.
    4. No insecure protocols enabled by default: HTTP is the only unencrypted protocol available, intended for localhost development or behind a TLS-terminating reverse proxy. FTP, telnet, and other insecure protocols are not supported.

    Ya kutosha kwa nishani!

    Programu iliyozalishwa na mradi INAPASWA, ikiwa inasaidia au inatumia TLS, kusaidia angalau toleo la TLS 1.2. Kumbuka kuwa kilichotangulia TLS kiliitwa SSL. Ikiwa programu haitumii TLS, chagua "haihusiki" (N/A). [crypto_tls12]

    EDDI runs on Java 25, which defaults to TLS 1.3 and supports TLS 1.2 as a minimum. The Quarkus framework (3.34.3) uses the JVM's built-in TLS implementation via Vert.x/Netty, which enforces TLS 1.2+ by default. TLS 1.0 and TLS 1.1 are disabled in modern JVMs. No configuration in the project downgrades the minimum TLS version. For outbound connections to LLM providers, Java's HttpClient defaults to TLS 1.3 with TLS 1.2 fallback.


    Ya kutosha kwa nishani!

    Programu iliyozalishwa na mradi LAZIMA, ikiwa inasaidia TLS, ifanye uthibitishaji wa cheti cha TLS kwa chaguo-msingi inapotumia TLS, ikiwa ni pamoja na rasilimali ndogo. Ikiwa programu haitumii TLS, chagua "haihusiki" (N/A). [crypto_certificate_verification]
    Kumbuka kuwa uthibitishaji usio sahihi wa cheti cha TLS ni kosa la kawaida. Kwa maelezo zaidi, angalia "The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software" na Martin Georgiev et al. na "Do you trust this application?" na Michael Catanzaro.

    EDDI performs TLS certificate verification by default on all outbound HTTPS connections. Java's built-in HttpClient (used for LLM API calls via langchain4j) and the Vert.x web client (used for HTTP call extensions) both verify server certificates against the JVM's default trust store (cacerts) by default. No 'trustAll', 'disableHostnameVerification', or 'InsecureTrustManagerFactory' configuration exists in the codebase. The SafeHttpClient wrapper adds additional validation (redirect following, URL re-validation) but does not bypass certificate verification.


    Ya kutosha kwa nishani!

    Programu iliyozalishwa na mradi LAZIMA, ikiwa inasaidia TLS, ifanye uthibitishaji wa cheti kabla ya kutuma vichwa vya HTTP na habari ya kibinafsi (kama vile vidakuzi salama). Ikiwa programu haitumii TLS, chagua "haihusiki" (N/A). [crypto_verification_private]

    Java's HttpClient and Vert.x web client both complete the TLS handshake (including certificate verification) before sending any HTTP headers or request bodies. This is inherent to the TLS protocol implementation in the JVM — application data (including HTTP headers with cookies, authorization tokens, and other private information) is only transmitted after the TLS connection is established and the server certificate is verified. EDDI does not implement custom TLS handling that could bypass this ordering.


  • Kutolewa kwa usalama


    Ya kutosha kwa nishani!

    Mradi LAZIMA uweke saini kwa kriptologia matoleo ya matokeo ya mradi yanayokusudiwa kwa matumizi ya kila mahali, na LAZIMA kuwe na mchakato ulioandikwa unaoweleza watumiaji jinsi wanaweza kupata funguo za umma za saini na kuthibitisha saini. Funguo ya kibinafsi kwa saini hizi LAZIMA ISIWE kwenye tovuti zinazosambaza moja kwa moja programu kwa umma. Ikiwa matoleo hayakusudiwa kwa matumizi ya kila mahali, chagua "haihusiki" (N/A). [signed_releases]
    Matokeo ya mradi ni pamoja na msimbo wa chanzo na matokeo yoyote yaliyozalishwa pale inapohusika (k.m., mifumo inayotekelezeka, vifurushi, na vyombo). Matokeo yaliyozalishwa YANAWEZA kuwekwa saini tofauti na msimbo wa chanzo. Hizi ZINAWEZA kutekelezwa kama lebo za git zilizowekwa saini (kwa kutumia saini za kidijitali za kriptologia). Miradi YAWEZA kutoa matokeo yaliyozalishwa tofauti na zana kama vile git, lakini katika hali hizo, matokeo tofauti LAZIMA yawekwe saini tofauti.

    All Docker image releases from v6.0.2 onward (April 2026+) are cryptographically signed using Sigstore cosign with keyless OIDC signing in GitHub Actions CI. Signatures are stored as OCI artifacts alongside the image on Docker Hub and recorded in the Rekor public transparency log. No private signing keys exist on the distribution site — signing uses ephemeral certificates issued by Fulcio via GitHub Actions OIDC identity. Users verify with: cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp https://github.com/labsai/EDDI/.github/workflows/ci.yml labsai/eddi:<tag>. See: https://github.com/labsai/EDDI/blob/main/docs/release-signing.md


    Ya kutosha kwa nishani!

    INAPENDEKEZWA kuwa katika mfumo wa udhibiti wa toleo, kila lebo muhimu ya toleo (lebo ambayo ni sehemu ya toleo kuu, toleo dogo, au kurekebishwa udhaifu uliotangazwa hadharani) iwekwe saini kwa kriptologia na iweze kuthibitishwa kama ilivyoelezwa katika signed_releases. [version_tags_signed]

    Release process documents that important version tags should be created with git tag -s. From v6.0.2 onward, the primary release integrity guarantee is provided by Sigstore cosign keyless signing of Docker images in CI, which cryptographically binds every release to the specific GitHub Actions workflow that built it. See: https://github.com/labsai/EDDI/blob/main/docs/release-signing.md and https://github.com/labsai/EDDI/blob/main/docs/release-versioning.md#release-signing


  • Masuala mengine ya usalama


    Ya kutosha kwa nishani!

    Matokeo ya mradi LAZIMA yafanye ukaguzi wa pembejeo zote kutoka vyanzo visivyoaminika ili kuhakikisha ni halali (*orodha zinazokubalika*), na kukataa pembejeo zisizo halali, ikiwa kuna vizuizi vyovyote kwenye data kabisa. [input_validation]
    Kumbuka kuwa kulinganisha ingizo dhidi ya orodha ya "miundo mibaya" (aka *orodha za kukataza*) kwa kawaida haitoshi, kwa sababu washambuliaji mara nyingi wanaweza kuepuka orodha ya kukataza. Hasa, nambari zinabadilishwa kuwa miundo ya ndani na kisha kuangaliwa ikiwa ziko kati ya chini na juu zao (ikiwa ni pamoja), na vifungu vya maandishi vinaangaliwa ili kuhakikisha kuwa ni ruwaza halali za maandishi (k.m., UTF-8 halali, urefu, sintaksia, n.k.). Baadhi ya data inaweza kuhitaji kuwa "chochote kabisa" (k.m., kipakia faili), lakini hizi kwa kawaida zingekuwa nadra.

    https://github.com/labsai/EDDI/blob/main/docs/security.md

    EDDI validates inputs from untrusted sources using allowlist approaches:

    1. URL validation (UrlValidationUtils): All URLs from LLM tool arguments are validated against an allowlist of permitted schemes (http, https only), with blocklists for private IP ranges, cloud metadata endpoints, and internal hostnames. Validation occurs BEFORE any network request.
    2. Math expression evaluation (SafeMathParser): A recursive-descent parser that accepts only numeric literals, a fixed set of arithmetic operators, and an allowlisted set of math functions (sqrt, sin, cos, etc.). Anything not in the grammar is rejected with a parse error.
    3. JSON schema validation: Input configurations are validated against expected schemas.
    4. Path traversal prevention: PathNavigator (replacing OGNL) uses a safe property path traversal mechanism that prevents arbitrary object graph navigation.
    5. OGNL/ScriptEngine elimination: All dynamic expression evaluation engines have been removed from the codebase and replaced with safe alternatives.
    6. Content-Type strict matching: HttpCallExecutor uses strict equals() (not startsWith) for Content-Type checking to prevent type confusion attacks.

    Ya kutosha kwa nishani!

    Taratibu za kuimarisha ZINAPASWA kutumiwa katika programu iliyozalishwa na mradi ili kasoro za programu ziwe na uwezekano mdogo wa kusababisha udhaifu wa usalama. [hardening]
    Taratibu za kuimarisha zinaweza kujumuisha vichwa vya HTTP kama Sera ya Usalama wa Maudhui (CSP), bendera za mkusanyaji ili kupunguza mashambulizi (kama vile -fstack-protector), au bendera za mkusanyaji ili kuondoa tabia isiyofafanuliwa. Kwa madhumuni yetu upendeleo mdogo hauhesabiwi kuwa utaratibu wa kuimarisha (upendeleo mdogo ni muhimu, lakini tofauti).

    https://github.com/labsai/EDDI/blob/main/docs/security.md

    EDDI implements multiple hardening mechanisms:

    1. Security headers: X-Content-Type-Options (nosniff), X-Frame-Options (DENY), Content-Security-Policy configured out of the box via Quarkus HTTP filter.
    2. SSRF protection: SafeHttpClient wraps all outbound HTTP calls with URL re-validation after redirects, preventing SSRF via redirect chains.
    3. Rate limiting: Token-bucket rate limiter on all LLM tool calls prevents resource exhaustion.
    4. Cost tracking: Per-conversation and per-tenant budget caps prevent runaway LLM costs.
    5. Queue capacity management: ConversationCoordinator throws RejectedExecutionException (HTTP 429) when queue capacity is exhausted, preventing unbounded resource consumption.
    6. Log injection protection: All user-provided values in log statements are sanitized to prevent log forging.
    7. Dependency banning: Maven Enforcer Plugin blocklists known-vulnerable dependency groups.
    8. Startup guards: AuthStartupGuard fails startup if production runs without authentication. ComplianceStartupChecks warns about missing TLS and database encryption.
    9. No dynamic code execution: Architecturally eliminated — no eval(), no ScriptEngine, no reflection-based execution.
    10. Memory safety: Java provides automatic memory management (garbage collection) and bounds checking, eliminating buffer overflow and use-after-free vulnerabilities.

    Ya kutosha kwa nishani!

    Mradi LAZIMA utoe kesi ya uhakika inayosababisha kwa nini mahitaji yake ya usalama yanakidhi. Kesi ya uhakika LAZIMA ijumuishe: maelezo ya muundo wa tishio, utambulisho wazi wa mipaka ya kuaminiwa, hoja kwamba kanuni za muundo salama zimetumika, na hoja kwamba udhaifu wa kawaida wa utekelezaji wa usalama umekabiliana nao. (URL inahitajika) [assurance_case]
    Kesi ya uhakika ni "mwili wa ushahidi ulioandikwa unaotoa hoja inayoshawishi na halali kwamba seti maalum ya madai muhimu kuhusu mali za mfumo ziko na sababu za kutosha kwa programu maalum katika mazingira maalum" ("Uhakika wa Programu Kwa kutumia Miundo ya Kesi ya Uhakika Iliyopangwa", Thomas Rhodes et al, NIST Interagency Report 7608). Mipaka ya kuaminiwa ni mipaka ambapo data au utekelezaji hubadilisha kiwango chake cha kuaminiwa, k.m., mipaka ya seva katika programu ya kawaida ya wavuti. Ni ya kawaida kuorodhesha kanuni za muundo salama (kama vile Saltzer na Schroeer) na udhaifu wa kawaida wa utekelezaji wa usalama (kama vile OWASP top 10 au CWE/SANS top 25), na kuonyesha jinsi kila moja unavyokabiliana. Kesi ya uhakika ya BadgeApp inaweza kuwa mfano wenye manufaa. Hii inahusiana na documentation_security, documentation_architecture, na implement_secure_design.

    https://github.com/labsai/EDDI/blob/main/docs/security-assurance-case.md

    EDDI provides a comprehensive security assurance case in docs/security-assurance-case.md that addresses:

    1. Trust boundary architecture: 5 clearly defined boundaries with ASCII diagram — Authentication Boundary (Keycloak OIDC, AuthStartupGuard), Application Boundary (REST layer, input validation, rate limiting), Pipeline Sandbox Boundary (ILifecycleTask pipeline, SafeMathParser, PathNavigator, UrlValidationUtils), Persistence Boundary (MongoDB/PostgreSQL, Secrets Vault with envelope encryption, tamper-evident Audit Ledger), External Call Boundary (SafeHttpClient, SSRF guard, redirect re-validation).
    2. Threat model: 8 specific threats with mapped countermeasures — prompt injection → SSRF (UrlValidationUtils + SafeHttpClient), code injection (no eval/ScriptEngine, SafeMathParser), secret exfiltration (envelope encryption, export scrubbing), cross-tenant leakage (data-layer tenant isolation, memory visibility enforcement), log injection (sanitized output, CodeQL CWE-117), supply chain attacks (Dependabot + Trivy + Maven Enforcer + SHA-pinned Actions), authentication bypass (AuthStartupGuard startup check), resource exhaustion (rate limiting + cost tracking + queue capacity limits).
    3. Cryptographic design table: AES-256-GCM (vault), PBKDF2WithHmacSHA256 600K iterations (key derivation), HMAC-SHA256 (audit chain), Ed25519 (agent signing). No weak algorithms (no SHA-1, MD5, DES, RC4, ECB, CBC in security paths).
    4. CWE countermeasure matrix: 10 CWEs mapped to specific implementations (CWE-918, CWE-94, CWE-200, CWE-117, CWE-400, CWE-502, CWE-326, CWE-798, CWE-306, CWE-862).
    5. Compliance alignment: EU AI Act (audit ledger), GDPR (cascading erasure), CCPA (data subject requests), HIPAA (encryption at rest/transit).
    6. Secure development practices: Static analysis (CodeQL security-extended, Trivy, Checkstyle, Maven Enforcer, Dependency Review), testing (2,400+ unit tests, 250+ integration tests, security-specific test suites), CI/CD security (SHA-pinned Actions, Docker Hub org secrets, preflight certification).

 Uchanganuzi 2/2

  • Uchambuzi tuli wa msimbo


    Ya kutosha kwa nishani!

    Mradi LAZIMA utumie angalau zana moja ya uchanganuzi tuli yenye sheria au mbinu za kutafuta udhaifu wa kawaida katika lugha au mazingira yaliyochanganuliwa, ikiwa kuna angalau zana moja ya FLOSS inayoweza kutekeleza kigezo hiki katika lugha iliyochaguliwa. [static_analysis_common_vulnerabilities]
    Zana za uchambuzi tuli ambazo zimeundwa hasa kutafuta udhaifu wa kawaida zina uwezekano mkubwa wa kuzipata. Hata hivyo, kutumia zana zozote za tuli kwa kawaida itasaidia kupata baadhi ya matatizo, kwa hivyo tunashauri lakini hatunahitaji hii kwa kiwango cha nishani ya 'kupita'.

    https://github.com/labsai/EDDI/blob/main/.github/workflows/ci.yml

    EDDI uses multiple FLOSS static analysis tools that look for common vulnerabilities:

    1. CodeQL (GitHub's semantic code analysis engine, FLOSS): Runs on every push and pull request via .github/workflows/codeql.yml (also embedded in ci.yml as job 'codeql'). Configured with the 'security-extended' query suite — the most comprehensive security analysis pack available for Java. This detects: SQL injection, command injection, path traversal, XSS, hardcoded credentials, insecure cryptography, log injection (CWE-117), SSRF, deserialization vulnerabilities, and data flow analysis for taint tracking. Results are uploaded to GitHub Security tab.

    2. Trivy (Aqua Security, FLOSS): Runs as CI job 'trivy-scan' using aquasecurity/trivy-action. Performs filesystem scanning for known CVEs in dependencies, with CRITICAL and HIGH severity filter and exit-code 1 (build-breaking). Complementary to CodeQL — Trivy focuses on dependency CVEs while CodeQL focuses on source code patterns.

    3. Checkstyle (FLOSS): While primarily a style checker, several rules have security implications: EqualsHashCode prevents subtle equality bugs, StringLiteralEquality prevents == vs .equals() errors, FallThrough prevents accidental switch fallthrough.

    4. GitHub Dependency Review (.github/workflows/dependency-review.yml): Blocks pull requests that introduce dependencies with known vulnerabilities or incompatible licenses.

    Recent actions taken based on static analysis findings: CodeQL log-injection warnings in ConversationCoordinator classes were addressed by sanitizing all user-provided values in log statements. Trivy findings led to explicit CVE override pins in pom.xml (jinjava for CVE-2026-25526, reactor-netty-http for CVE-2025-22227).


  • Uchambuzi wa msimbo wa nguvu za ziada


    Ya kutosha kwa nishani!

    Ikiwa programu iliyozalishwa na mradi inajumuisha programu iliyoandikwa kwa kutumia lugha isiyosalama ya kumbukumbu (k.m., C au C++), basi angalau zana moja ya nguvu (k.m., fuzzer au kitafutaji cha programu ya wavuti) LAZIMA itumike kwa kawaida kwa pamoja na utaratibu wa kugundua matatizo ya usalama wa kumbukumbu kama vile uandikaji zaidi wa kipengele. Ikiwa mradi hauzalishi programu iliyoandikwa katika lugha isiyosalama ya kumbukumbu, chagua "haihusiki" (N/A). [dynamic_analysis_unsafe]
    Mifano ya taratibu za kugundua matatizo ya usalama wa kumbukumbu ni pamoja na Address Sanitizer (ASAN) (inapatikana katika GCC na LLVM), Memory Sanitizer, na valgrind. Zana nyingine zinazoweza kutumika ni pamoja na thread sanitizer na undefined behavior sanitizer. Madai ya kila mahali pia yaweza kufanya kazi.

    Not applicable. EDDI is written entirely in Java, which is a memory-safe language. Java provides automatic memory management through garbage collection, bounds checking on all array and buffer accesses, and type safety enforcement through the JVM. There is no C, C++, or other memory-unsafe language code in the project. The Java runtime prevents buffer overflows, use-after-free, double-free, and other memory safety vulnerabilities at the language level.



Data hii inapatikana chini ya Community Data License Agreement – Permissive, Version 2.0 (CDLA-Permissive-2.0). Hii inamaanisha kuwa Mpokeaji wa Data anaweza kushiriki Data, na au bila marekebisho, mradi Mpokeaji wa Data anapatanisha maandishi ya mkataba huu na Data iliyoshirikiwa. Tafadhali tambua Gregor Jarisch na wachangiaji wa nishani ya Mazoea Bora ya OpenSSF.

Ingizo la nishani ya mradi linamilikiwa na: Gregor Jarisch.
Ingizo liliundwa siku 2026-04-02 22:12:57 UTC, iliyosasishwa mara ya mwisho siku 2026-04-24 22:05:14 UTC. Ilipata mara ya mwisho nishani ya kupita siku 2026-04-10 23:35:34 UTC.