feat: initial commit - axe cli with axe-dig code intelligence engine

Author: knowrohit

.digignore

@@ -0,0 +1,84 @@
+# DIG ignore patterns (gitignore syntax)
+# Auto-generated - review and customize for your project
+# Docs: https://git-scm.com/docs/gitignore
+
+# ===================
+# Dependencies
+# ===================
+node_modules/
+.venv/
+venv/
+env/
+__pycache__/
+.tox/
+.nox/
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+vendor/
+Pods/
+
+# ===================
+# Build outputs
+# ===================
+dist/
+build/
+out/
+target/
+*.egg-info/
+*.whl
+*.pyc
+*.pyo
+
+# ===================
+# Binary/large files
+# ===================
+*.so
+*.dylib
+*.dll
+*.exe
+*.bin
+*.o
+*.a
+*.lib
+
+# ===================
+# IDE/editors
+# ===================
+.idea/
+.vscode/
+*.swp
+*.swo
+*~
+
+# ===================
+# Security (always exclude)
+# ===================
+.env
+.env.*
+*.pem
+*.key
+*.p12
+*.pfx
+credentials.*
+secrets.*
+
+# ===================
+# Version control
+# ===================
+.git/
+.hg/
+.svn/
+
+# ===================
+# OS files
+# ===================
+.DS_Store
+Thumbs.db
+
+# ===================
+# Project-specific
+# Add your custom patterns below
+# ===================
+# large_test_fixtures/
+# data/

.gitattributes

@@ -0,0 +1,3 @@
+assets/axe_gif_axe_axe_ending.gif filter=lfs diff=lfs merge=lfs -text
+*.gif filter=lfs diff=lfs merge=lfs -text
+assets/*.gif filter=lfs diff=lfs merge=lfs -text

.github/ISSUE_TEMPLATE/1-bug-report.yml

@@ -0,0 +1,67 @@
+name: Bug Report
+description: Report an issue that should be fixed
+labels:
+  - bug
+  - needs triage
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thank you for submitting a bug report! It helps make axe Code CLI better for everyone.
+
+        If you need help or support using axe Code CLI, and are not reporting a bug, please post on [axe-cli/discussions](https://github.com/SRSWTI/axe/discussions), where you can ask questions or engage with others on ideas for how to improve axe Code CLI.
+
+        Make sure you are running the latest version of axe Code CLI (`uv tool upgrade axe-cli` to upgrade). The bug you are experiencing may already have been fixed.
+
+        Please try to include as much information as possible.
+
+  - type: input
+    id: version
+    attributes:
+      label: What version of Axe Code CLI is running?
+      description: Copy the output of `axe --version` or `/version`
+    validations:
+      required: true
+  - type: input
+    id: plan
+    attributes:
+      label: Which open platform/subscription were you using?
+      description: which open platform/subscription were you using?
+    validations:
+      required: true
+  - type: input
+    id: model
+    attributes:
+      label: Which model were you using?
+      description: which porvider were you using and whihc model and what was the config toml set up
+  - type: input
+    id: platform
+    attributes:
+      label: What platform is your computer?
+      description: |
+        For MacOS and Linux: copy the output of `uname -mprs`
+        For Windows: copy the output of `"$([Environment]::OSVersion | ForEach-Object VersionString) $(if ([Environment]::Is64BitOperatingSystem) { "x64" } else { "x86" })"` in the PowerShell console
+  - type: textarea
+    id: actual
+    attributes:
+      label: What issue are you seeing?
+      description: Please include the full error messages and prompts with any private information redacted. If possible, please provide text instead of a screenshot.
+    validations:
+      required: true
+  - type: textarea
+    id: steps
+    attributes:
+      label: What steps can reproduce the bug?
+      description: Explain the bug and provide a code snippet that can reproduce it. Please include session id and context usage if applicable.
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: What is the expected behavior?
+      description: If possible, please provide text instead of a screenshot.
+  - type: textarea
+    id: notes
+    attributes:
+      label: Additional information
+      description: Is there anything else you think we should know?

.github/ISSUE_TEMPLATE/2-feature-request.yml

@@ -0,0 +1,25 @@
+name: Feature Request
+description: Propose a new feature for Axe Code CLI
+labels:
+  - enhancement
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Is Axe Code CLI missing a feature that you'd like to see? Feel free to propose it here.
+
+        Before you submit a feature:
+        1. Search existing issues for similar features. If you find one, 👍 it rather than opening a new one.
+        2. The Axe Code CLI team will try to balance the varying needs of the community when prioritizing or rejecting new features. Please understand that not all features will be accepted.
+
+  - type: textarea
+    id: feature
+    attributes:
+      label: What feature would you like to see?
+    validations:
+      required: true
+  - type: textarea
+    id: notes
+    attributes:
+      label: Additional information
+      description: Is there anything else you think we should know?

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Questions and General Discussion
+    url: https://github.com/SRSWTI/axe/discussions
+    about: Have questions? Welcome to open a discussion!

.github/actions/macos-code-sign/action.yml

@@ -0,0 +1,163 @@
+name: macos-code-sign
+description: Sign and notarize macOS PyInstaller binaries
+
+inputs:
+  binary-path:
+    description: Path to the binary to sign
+    required: true
+  apple-certificate-p12:
+    description: Base64-encoded Apple signing certificate (P12)
+    required: true
+  apple-certificate-password:
+    description: Password for the signing certificate
+    required: true
+  apple-notarization-key-p8:
+    description: Base64-encoded Apple notarization key (P8)
+    required: true
+  apple-notarization-key-id:
+    description: Apple notarization key ID
+    required: true
+  apple-notarization-issuer-id:
+    description: Apple notarization issuer ID
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Import signing certificate
+      shell: bash
+      env:
+        APPLE_CERTIFICATE_P12: ${{ inputs.apple-certificate-p12 }}
+        APPLE_CERTIFICATE_PASSWORD: ${{ inputs.apple-certificate-password }}
+        KEYCHAIN_PASSWORD: actions
+      run: |
+        set -euo pipefail
+
+        # Decode certificate
+        cert_path="${RUNNER_TEMP}/certificate.p12"
+        echo "$APPLE_CERTIFICATE_P12" | base64 -d > "$cert_path"
+
+        # Create temporary keychain
+        keychain_path="${RUNNER_TEMP}/signing.keychain-db"
+        security create-keychain -p "$KEYCHAIN_PASSWORD" "$keychain_path"
+        security set-keychain-settings -lut 21600 "$keychain_path"
+        security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$keychain_path"
+
+        # Add to keychain search list
+        security list-keychains -d user -s "$keychain_path" $(security list-keychains -d user | tr -d '"')
+        security default-keychain -s "$keychain_path"
+
+        # Import certificate
+        security import "$cert_path" -k "$keychain_path" -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign -T /usr/bin/security
+        security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PASSWORD" "$keychain_path" > /dev/null
+
+        # Find signing identity
+        IDENTITY=$(security find-identity -v -p codesigning "$keychain_path" | grep "Developer ID Application" | head -1 | sed -n 's/.*"\(Developer ID Application[^"]*\)".*/\1/p')
+        
+        if [[ -z "$IDENTITY" ]]; then
+          echo "❌ No Developer ID Application identity found"
+          security find-identity -v -p codesigning "$keychain_path"
+          exit 1
+        fi
+
+        echo "✅ Found signing identity: $IDENTITY"
+        echo "APPLE_SIGNING_IDENTITY=$IDENTITY" >> "$GITHUB_ENV"
+        echo "APPLE_KEYCHAIN_PATH=$keychain_path" >> "$GITHUB_ENV"
+
+        rm -f "$cert_path"
+
+    - name: Sign PyInstaller binary and embedded libraries
+      shell: bash
+      env:
+        BINARY_PATH: ${{ inputs.binary-path }}
+      run: |
+        set -euo pipefail
+
+        echo "Signing PyInstaller binary: $BINARY_PATH"
+
+        # PyInstaller onefile binaries embed libraries that get extracted at runtime.
+        # We need to unpack, sign everything, and repack.
+        
+        # First, try signing the binary directly with --deep
+        # For single-file PyInstaller executables, this should work
+        codesign --deep --force --options runtime --timestamp \
+          --sign "$APPLE_SIGNING_IDENTITY" \
+          --keychain "$APPLE_KEYCHAIN_PATH" \
+          "$BINARY_PATH"
+
+        echo "✅ Binary signed"
+        codesign -dv --verbose=2 "$BINARY_PATH"
+
+    - name: Notarize binary
+      shell: bash
+      env:
+        BINARY_PATH: ${{ inputs.binary-path }}
+        APPLE_NOTARIZATION_KEY_P8: ${{ inputs.apple-notarization-key-p8 }}
+        APPLE_NOTARIZATION_KEY_ID: ${{ inputs.apple-notarization-key-id }}
+        APPLE_NOTARIZATION_ISSUER_ID: ${{ inputs.apple-notarization-issuer-id }}
+      run: |
+        set -euo pipefail
+
+        # Save API key
+        key_path="${RUNNER_TEMP}/AuthKey.p8"
+        echo "$APPLE_NOTARIZATION_KEY_P8" | base64 -d > "$key_path"
+
+        # Create zip for notarization
+        binary_name=$(basename "$BINARY_PATH")
+        zip_path="${RUNNER_TEMP}/${binary_name}.zip"
+        ditto -c -k --keepParent "$BINARY_PATH" "$zip_path"
+
+        echo "Submitting for notarization..."
+        
+        # Submit and wait
+        result=$(xcrun notarytool submit "$zip_path" \
+          --key "$key_path" \
+          --key-id "$APPLE_NOTARIZATION_KEY_ID" \
+          --issuer "$APPLE_NOTARIZATION_ISSUER_ID" \
+          --wait \
+          --timeout 10m \
+          --output-format json 2>&1) || true
+
+        echo "$result"
+        
+        status=$(echo "$result" | grep -o '"status":"[^"]*"' | cut -d'"' -f4 || echo "unknown")
+        
+        if [[ "$status" == "Accepted" ]]; then
+          echo "✅ Notarization successful"
+        else
+          echo "⚠️ Notarization status: $status"
+          # Get detailed log
+          submission_id=$(echo "$result" | grep -o '"id":"[^"]*"' | cut -d'"' -f4 || echo "")
+          if [[ -n "$submission_id" ]]; then
+            echo "Fetching notarization log..."
+            xcrun notarytool log "$submission_id" \
+              --key "$key_path" \
+              --key-id "$APPLE_NOTARIZATION_KEY_ID" \
+              --issuer "$APPLE_NOTARIZATION_ISSUER_ID" || true
+          fi
+          exit 1
+        fi
+
+        # Cleanup
+        rm -f "$key_path" "$zip_path"
+
+    - name: Verify signature
+      shell: bash
+      env:
+        BINARY_PATH: ${{ inputs.binary-path }}
+      run: |
+        set -euo pipefail
+        
+        echo "Verifying signature and notarization..."
+        codesign -dv --verbose=2 "$BINARY_PATH"
+        echo ""
+        echo "Gatekeeper check:"
+        spctl -a -vv "$BINARY_PATH" 2>&1 || true
+
+    - name: Cleanup keychain
+      if: always()
+      shell: bash
+      run: |
+        if [[ -n "${APPLE_KEYCHAIN_PATH:-}" && -f "${APPLE_KEYCHAIN_PATH}" ]]; then
+          security delete-keychain "$APPLE_KEYCHAIN_PATH" || true
+        fi

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "uv"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/pr-title-checker-config.json

@@ -0,0 +1,12 @@
+{
+    "LABEL": {
+        "name": "Invalid PR Title",
+        "color": "B60205"
+    },
+    "CHECKS": {
+        "regexp": "^(feat|fix|test|refactor|chore|style|docs|perf|build|ci|revert)(\\(.*\\))?:.*"
+    },
+    "MESSAGES": {
+        "failure": "The PR title is invalid. Please refer to https://www.conventionalcommits.org/en/v1.0.0/ for the convention."
+    }
+}