Readme revamp

README.md

@@ -5,152 +5,219 @@
 
 ---
 
-[![CI](https://github.com/stacklok/codegate/actions/workflows/run-on-push.yml/badge.svg)](https://github.com/stacklok/codegate/actions/workflows/run-on-push.yml)
+[![Release](https://img.shields.io/github/v/release/stacklok/codegate?style=flat&label=Latest%20version)](https://github.com/stacklok/codegate/releases)
 |
-[![License: Apache 2.0](https://img.shields.io/badge/License-Apache2.0-brightgreen.svg)](https://opensource.org/licenses/Apache-2.0)
+[![CI](https://github.com/stacklok/codegate/actions/workflows/run-on-push.yml/badge.svg?event=push)](https://github.com/stacklok/codegate/actions/workflows/run-on-push.yml)
 |
-[![Discord](https://dcbadge.vercel.app/api/server/RkzVuTp3WK?logo=discord&label=Discord&color=5865&style=flat)](https://discord.gg/RkzVuTp3WK)
-
----
-
-## Introduction
+[![License: Apache 2.0](https://img.shields.io/badge/License-Apache2.0-brightgreen.svg?style=flat)](https://opensource.org/licenses/Apache-2.0)
+|
+[![Star on GitHub](https://img.shields.io/github/stars/stacklok/codegate.svg?style=flat&logo=github&label=Stars)](https://github.com/stacklok/codegate)
+|
+[![Discord](https://img.shields.io/discord/1184987096302239844?style=flat&logo=discord&label=Discord)](https://discord.gg/stacklok)
 
-<img src="./assets/codegate.gif" style="width: 70%; height: 70%;" alt="Animated gif of CodeGate detecting a malicious package in a Continue AI chat" />
+[Website](https://codegate.ai) | [Documentation](https://docs.codegate.ai) |
+[YouTube](https://www.youtube.com/playlist?list=PLYBL38zBWVIhrDgKwAMjAwOYZeP-ZH64n)
+| [Discord](https://discord.gg/stacklok)
 
-CodeGate is a local gateway that makes AI coding assistants safer. CodeGate
-ensures AI-generated recommendations adhere to best practices, while
-safeguarding your code's integrity, and protecting your individual privacy. With
-CodeGate, you can confidently leverage AI in your development workflow without
-compromising security or productivity. CodeGate is designed to work seamlessly
-with coding assistants, allowing you to safely enjoy all the benefits of AI code
-generation.
+---
 
-CodeGate is developed by [Stacklok](https://stacklok.com), a group of security
-experts with many years of experience building developer friendly open source
-security software tools and platforms.
+# CodeGate: making AI coding assistance secure
 
-Check out the CodeGate **[website](https://codegate.ai)** and
-**[documentation](https://docs.codegate.ai)** to learn more.
+**By [Stacklok](https://stacklok.com)**
 
-## Experimental 🚧
+CodeGate is a **local gateway** that makes AI agents and coding assistants safer. It
+ensures AI-generated recommendations adhere to best practices while safeguarding
+your code's integrity and protecting your privacy. With CodeGate, you can
+confidently leverage AI in your development workflow without sacrificing
+security or productivity.
 
-CodeGate is in active development and subject to **rapid change**.
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./static/diagram-dark.png">
+  <img alt="CodeGate dashboard" src="./static/diagram-light.png" width="1100px" style="max-width: 100%;">
+</picture>
 
-- Features may change frequently
-- Expect possible bugs and breaking changes
-- Contributions, feedback, and testing are highly encouraged and welcomed!
+---
 
-## ✨ Why CodeGate?
+## ✨ Why choose CodeGate?
 
-In today's world where AI coding assistants are becoming ubiquitous, security
-can't be an afterthought. CodeGate sits between you and AI, actively protecting
-your development process by:
+AI coding assistants are powerful, but they can inadvertently introduce risks.
+CodeGate protects your development process by:
 
 - 🔒 Preventing accidental exposure of secrets and sensitive data
 - 🛡️ Ensuring AI suggestions follow secure coding practices
 - ⚠️ Blocking recommendations of known malicious or deprecated libraries
 - 🔍 Providing real-time security analysis of AI suggestions
 
-## 🌟 Features
+---
+
+## 🚀 Quickstart
 
-### Supported AI coding assistants and providers
+### Prerequisites
 
-CodeGate works with multiple development environments and AI providers.
+CodeGate is distributed as a Docker container. You need a container runtime like
+Docker Desktop or Docker Engine. Podman and Podman Desktop are also supported.
+CodeGate works on Windows, macOS, and Linux operating systems with x86_64 and
+arm64 (ARM and Apple Silicon) CPU architectures.
 
-- **[GitHub Copilot](https://github.com/features/copilot)** with Visual Studio
-  Code and JetBrains IDEs
+These instructions assume the `docker` CLI is available. If you use Podman,
+replace `docker` with `podman` in all commands.
 
-- **[Continue](https://www.continue.dev/)** with Visual Studio Code and
-  JetBrains IDEs
+### Installation
 
-With Continue, you can choose from several leading AI model providers:
+To start CodeGate, run this simple command:
 
-- 💻 Local LLMs with [Ollama](https://ollama.com/) and
-  [llama.cpp](https://github.com/ggerganov/llama.cpp) (run AI completely
-  offline!)
-- ⚡ [vLLM](https://docs.vllm.ai/en/latest/) (OpenAI-compatible mode, including
-  OpenRouter)
-- 🤖 [Anthropic API](https://www.anthropic.com/api)
-- 🧠 [OpenAI API](https://openai.com/api/)
+```bash
+docker run --name codegate -d -p 8989:8989 -p 9090:9090 -p 8990:8990 \
+  --mount type=volume,src=codegate_volume,dst=/app/codegate_volume \
+  --restart unless-stopped ghcr.io/stacklok/codegate:latest
+```
 
-🔮 Many more on the way!
+That’s it! CodeGate is now running locally. 
 
-- **[Aider](https://aider.chat)**
+### Get into action
+Now it's time to configure your preferred AI coding assistant to use CodeGate
+[See supported AI Coding Assistants and providers](#-supported-ai-coding-assistants-and-providers)
 
-With Aider, you can choose from two leading AI model providers:
+⚙️ For advanced configurations and parameter references, check out the
+[CodeGate Install and Upgrade](https://docs.codegate.ai/how-to/install)
+documentation.
 
-- 💻 Local LLMs with [Ollama](https://ollama.com/)
-- 🧠 [OpenAI API](https://openai.com/api/)
+---
 
-- **[Cline](https://github.com/cline/cline)**
+## 🖥️ Dashboard
 
-With Cline, you can choose between differnet leading AI model providers:
+CodeGate includes a web dashboard that provides:
 
-- 🤖 [Anthropic API](https://www.anthropic.com/api)
-- 🧠 [OpenAI API](https://openai.com/api/)
-- 💻 [LM Studio](https://lmstudio.ai/)
-- 💻 Local LLMs with [Ollama](https://ollama.com/)
+- A view of **security risks** detected by CodeGate
+- A **history of interactions** between your AI coding assistant and your LLM
 
-- **[Kodu](https://kodu.ai)**
+<picture>
+  <source media="(prefers-color-scheme: dark)" srcset="./static/dashboard-dark.webp">
+  <img alt="CodeGate dashboard" src="./static/dashboard-light.webp" width="1200px" style="max-width: 100%;">
+</picture>
 
-You can use Kodu with OpenAI compatible APIs:
+### Accessing the dashboard
 
-- 🧠 [OpenAI API](https://openai.com/api/)
+Open [http://localhost:9090](http://localhost:9090) in your web browser to
+access the dashboard.
 
+To learn more, visit the
+[CodeGate Dashboard documentation](https://docs.codegate.ai/how-to/dashboard).
 
-### Privacy first
+---
 
-Unlike E.T., your code never phones home! 🛸 CodeGate is designed with privacy
-at its core:
+## 🔐 Features
 
-- 🏠 Everything stays on your machine
-- 🚫 No external data collection
-- 🔐 No calling home or telemetry
-- 💪 Complete control over your data
+### Secrets encryption
 
-## 🚀 Quickstart
+CodeGate helps you protect sensitive information from being accidentally exposed
+to AI models and third-party AI provider systems by redacting detected secrets
+from your prompts using encryption.
+[Learn more](https://docs.codegate.ai/features/secrets-encryption)
 
-Check out the quickstart guides to get up and running quickly!
+### Dependency risk awareness
 
-- [Quickstart guide for GitHub Copilot with VS Code](https://docs.codegate.ai/quickstart)
-- [Quickstart guide for Continue with VS Code and Ollama](https://docs.codegate.ai/quickstart-continue)
+LLMs’ knowledge cutoff date is often months or even years in the past. They
+might suggest outdated, vulnerable, or non-existent packages (hallucinations),
+exposing you and your users to security risks.
 
-## 🎯 Usage
+CodeGate scans direct, transitive, and development dependencies in your package
+definition files, installation scripts, and source code imports that you supply
+as context to an LLM.
+[Learn more](https://docs.codegate.ai/features/dependency-risk)
 
-### IDE integration
+### Security reviews
 
-Simply open the Continue or Copilot chat in your IDE to start interacting with
-your AI assistant - now protected by CodeGate!
+CodeGate performs security-centric code reviews, identifying insecure patterns
+or potential vulnerabilities to help you adopt more secure coding practices.
+[Learn more](https://docs.codegate.ai/features/security-reviews)
 
-<picture>
-  <source media="(prefers-color-scheme: dark)" srcset="./static/continue-extension-dark.webp">
-  <img alt="Continue chat in VS Code" src="./static/continue-extension-light.webp" width="720px" style="max-width: 100%;">
-</picture>
+---
+
+## 🤖 Supported AI coding assistants and providers
+
+### [Aider](https://docs.codegate.ai/how-to/use-with-aider)
 
-Refer to the CodeGate docs for more information:
+- **Local / self-managed:**
+  - Ollama
+- **Hosted:**
+  - OpenAI and compatible APIs
 
-- [Using CodeGate](https://docs.codegate.ai/how-to)
-- [CodeGate features](https://docs.codegate.ai/features)
+🔥 Getting started with CodeGate and aider -
+[watch on YouTube](https://www.youtube.com/watch?v=VxvEXiwEGnA)
+
+### [Cline](https://docs.codegate.ai/how-to/use-with-cline)
+
+- **Local / self-managed:**
+  - Ollama
+  - LM Studio
+- **Hosted:**
+  - Anthropic
+  - OpenAI and compatible APIs
+
+### [Continue](https://docs.codegate.ai/how-to/use-with-continue)
+
+- **Local / self-managed:**
+  - Ollama
+  - llama.cpp
+  - vLLM
+- **Hosted:**
+  - Anthropic
+  - OpenAI and compatible APIs
+
+### [GitHub Copilot](https://docs.codegate.ai/how-to/use-with-copilot)
+
+- The Copilot plugin works with **Visual Studio Code (VS Code)** (JetBrains is
+  coming soon!)
+
+---
+
+## 🛡️ Privacy first
+
+Unlike other tools, with CodeGate **your code never leaves your machine**.
+CodeGate is built with privacy at its core:
+
+- 🏠 **Everything stays local**
+- 🚫 **No external data collection**
+- 🔐 **No calling home or telemetry**
+- 💪 **Complete control over your data**
+
+---
 
 ## 🛠️ Development
 
-Check out the developer reference guides:
+Are you a developer looking to contribute? Dive into our technical resources:
+
+- [Development guide](https://github.com/stacklok/codegate/blob/main/docs/development.md)
+- [CLI commands and flags](https://github.com/stacklok/codegate/blob/main/docs/cli.md)
+- [Configuration system](https://github.com/stacklok/codegate/blob/main/docs/configuration.md)
+- [Logging system](https://github.com/stacklok/codegate/blob/main/docs/logging.md)
 
-- [Development guide](./docs/development.md)
-- [CLI commands and flags](./docs/cli.md)
-- [Configuration system](./docs/configuration.md)
-- [Logging system](./docs/logging.md)
+---
 
 ## 🤝 Contributing
 
-We welcome contributions! Whether you'd like to submit bug reports, feature requests, or code
-contributions, please feel free to contribute to making CodeGate better. We thank you!
+We welcome contributions! Whether you're submitting bug reports, feature
+requests, or code contributions, your input makes CodeGate better for everyone.
+We thank you ❤️!
+
+Start by reading our
+[Contributor guidelines](https://github.com/stacklok/codegate/blob/main/CONTRIBUTING.md).
 
-Start by reading the [Contributor Guidelines](./CONTRIBUTING.md).
+---
+
+## 🌟 Support us
+
+Love CodeGate? Starring this repository and sharing it with others helps
+CodeGate grow 🌱
+
+[![Star on GitHub](https://img.shields.io/github/stars/stacklok/codegate.svg?style=social)](https://github.com/stacklok/codegate)
 
 ## 📜 License
 
-This project is licensed under the terms specified in the [LICENSE](LICENSE)
-file.
+CodeGate is licensed under the terms specified in the
+[LICENSE file](https://github.com/stacklok/codegate/blob/main/LICENSE).
+
+---
 
 <!-- markdownlint-disable-file first-line-heading no-inline-html -->