Skip to content

The Janitor

Janitor Terminal Demo

The Janitor

v7.9.4 — Rust-Native. Zero-Copy. Pro-Entropic Resilience at the Gate.

Sonar finds style violations. The Janitor enforces structural integrity.

82% of open Godot Engine pull requests contain no issue link. 20% introduce language antipatterns. Zero comment scanners caught it. The Janitor did — across 50 live PRs, in under 90 seconds.

THE ENFORCEMENT LAYER

The Janitor is not a linter. It is not a SAST scanner. It is a structural enforcement layer that runs on your hardware, in your pipeline, on every pull request — before the merge button is available.

Why Not CodeQL, Snyk, or SonarQube?

CodeQL is a graph-query engine optimised for known CVE patterns. It does not detect AI-generated structural anomalies, Swarm clone behaviour, or zombie dependency hallucinations — patterns that have no prior CVE record. It also adds 10–45 minutes to CI runtime on large repositories.

Snyk excels at known vulnerability databases. It generates false positives at scale on AI-assisted code because it is trained on pre-AI codebases. Teams that have deployed Copilot broadly report Snyk alert fatigue as the primary reason policies get disabled.

SonarQube flags style and complexity. It has no structural clone detection, no actuarial ledger, and no mechanism to distinguish an AI-generated PR from a human one. It does not know what an Agentic Swarm is.

The Janitor detects what the others cannot: structural patterns that have no CVE record, coordinated multi-author clone injection, and the entropy signatures of AI-generated boilerplate — deterministically, on your hardware, in under 33 seconds.

Three capabilities your current toolchain cannot replicate:

Zero-Copy Execution

  • Zero retention: source code is analysed in-memory and never persisted. No upload required when using the CLI or GitHub Action.

Every analysis — reference graph construction, dead symbol detection, structural clone hashing — executes via memory-mapped file access. No network call is made at any point in the dead-symbol pipeline. The analysis surface is your local machine. There is no exfiltration vector to audit.

Zero-Upload Guarantee — both deployment models:

Model Where analysis runs Source code leaves your environment?
CLI + GitHub Action (action.yml) Your GitHub Actions runner Never
Janitor Sentinel (GitHub App) Your GitHub Actions runner Never — Governor receives only the score

The Janitor engine runs entirely inside your own runner in both modes. The Governor (Sentinel's backend) receives a signed analysis result — not your source code. There is no server-side clone, no cloud SAST upload, no exfiltration vector.

Benchmark: Scanned the Godot Engine — 3.5 million lines of polyglot C++, C#, Java, Objective-C++, and Python — in 33 seconds, consuming 58 MB of peak RAM. On a standard CI runner. With zero OOM events and zero panics.

Sonar's cloud pipeline cannot run in your air-gap. The Janitor runs everywhere.

Zombie Dependency Detection

AI code generators hallucinate package imports. A Copilot-generated function adds import requests at the module level and uses it exactly once — inside a conditional branch that never executes in production. Standard linters do not detect this. Import graphs do not resolve it. Dependency reviewers do not see it.

The Janitor scans package.json, Cargo.toml, requirements.txt, spin.toml (Fermyon WASM), and wrangler.toml (Cloudflare Workers) against the live symbol reference graph. A package that appears in your manifest but never appears in a reachable import path is a zombie dependency — declared, installed, and billing you in attack surface.

Every PR that introduces a zombie dependency is flagged before merge.

Cryptographic Integrity Bonds

When a pull request clears the slop gate, Janitor Sentinel — our GitHub App — automatically issues a CycloneDX v1.5 CBOM (Cryptography Bill of Materials) for the merge event. The CBOM records every cryptographic operation performed during the scan: the ML-DSA-65 (NIST FIPS 204) attestation signature, the BLAKE3 structural hashes, and the per-symbol audit entries covering {timestamp}{file_path}{sha256_pre_cleanup}.

No token flag. No manual step. The proof is issued by the SaaS on a clean merge — a chain of custody presentable to a SOC 2 auditor, a regulator, or an incident response team. Not a log. A bond.

Zero-Friction GitHub Integration

Janitor Sentinel Demo

Janitor Sentinel automatically downgrades vetoes when it detects safe patterns (e.g., Dependabot).

THE COMPETITIVE MOAT

On-Device vs. Cloud Fabric

The market is filling with "AI Security Fabrics" — cloud-hosted LLM pipelines that ingest your source code, run probabilistic analysis, and return a verdict four minutes later. They are slow. They exfiltrate your code to a third-party inference cluster. And their probabilistic outputs produce alert fatigue at scale.

The Janitor is the opposite architecture. It is an on-device structural firewall — a Rust binary that memory-maps your diffs, applies deterministic analysis, and exits. No network call during the analysis path. No cloud ingestion. No LLM. Proven at 3.5 million lines in 33 seconds on an 8 GB laptop. Your code never leaves your runner — in either the CLI or the GitHub App deployment model.

Cloud fabrics are an exfiltration vector wearing a security badge. The Janitor eliminates the attack surface instead of adding to it.

Deterministic vs. Heuristic

LLM-based code review tools cannot prove anything. They pattern-match against training distributions and emit confidence scores. A sufficiently novel adversarial input — a well-structured but semantically dangerous diff — is invisible to a heuristic system trained on pre-AI codebases.

The Janitor does not guess. It uses tree-sitter ASTs to prove structural identity, BLAKE3 hashing to prove clone equivalence, MinHash Jaccard to prove Swarm coordination, and ML-DSA-65 (NIST FIPS 204) to prove chain of custody. The gate either passes or it does not. The math either confirms structural identity or it does not. There is no confidence interval. There is no false-positive budget. There is a proof — or the PR is blocked.

When a PR clears the gate, Janitor Sentinel issues a CycloneDX v1.5 CBOM: a cryptographically signed bill of materials covering every hash, every symbol, every decision point in the analysis. That is not a report. That is a bond you can present to a SOC 2 auditor.

Agentic-Ready

The threat model is already changing. AI coding assistants are becoming autonomous agents — systems that open PRs without human authorship, coordinate across accounts, and submit structurally identical changes at a rate no human review queue can absorb. Copilot is the training run. The Swarm is the production workload.

Current toolchains were designed for human developers submitting a few PRs per day. They have no concept of a non-human contributor operating at machine velocity, no mechanism to detect coordinated structural injection across hundreds of PRs, and no policy layer that can distinguish a legitimate bot from a compromised Agentic pipeline.

The Janitor was built for this environment. It is the deterministic enforcement gate that applies your architectural rules to non-human developers — the same rules, at the same threshold, regardless of whether the author is a human engineer, a Copilot agent, or an autonomous Swarm. The janitor.toml governance manifest is version-controlled policy-as-code: your rules, enforced at the diff level, before the merge button is available.

When your team deploys AI engineers, the gate does not move.

ENTERPRISE INTEGRATIONS

Every bounce event that trips the threat threshold fires an outbound webhook — signed with HMAC-SHA256 and delivered with two headers your SIEM can verify without a shared secret rotation:

X-Janitor-Signature-256: sha256=<hex>
X-Janitor-Event: critical_threat | necrotic_flag

The payload is a full BounceLogEntry in JSON — PR number, author, score, antipattern IDs, collided PR numbers, commit SHA, and policy hash. Wire it to any receiver in under five minutes:

Platform How
Slack Incoming Webhooks app → paste URL into janitor.toml [webhook] block
Microsoft Teams Workflows connector → POST to Teams channel webhook URL
Datadog Datadog HTTP Logs API endpoint (https://http-intake.logs.datadoghq.com/api/v2/logs)
Splunk Splunk HTTP Event Collector (https://<host>:8088/services/collector/event)
Any SIEM Any HTTPS endpoint that accepts a POST with a JSON body 
# janitor.toml
[webhook]
url    = "https://hooks.slack.com/services/T.../B.../..."
secret = "env:JANITOR_WEBHOOK_SECRET"
events = ["critical_threat", "necrotic_flag"]

Test your integration without waiting for a real PR:

janitor webhook-test --repo .
# info: webhook-test — HTTP 200 ✓ delivery confirmed

See the governance documentation for the full [webhook] field reference.

ECONOMICS

The enforcement is free. The attestation is the product.

Tier Cost What You Get
Free $0 Unlimited scan, clean, dedup, bounce, dashboard, report. No signed logs.
Team $499/yr All free features + ML-DSA-65 Integrity Bonds + CycloneDX v1.5 CBOMs + CI/CD Compliance Attestation + Janitor Sentinel GitHub App. Up to 25 seats.
Industrial Custom On-Premises Token Server + Keypair Rotation Protocol + SOC 2 Audit Support + Enterprise SLA. Unlimited seats.

The cleanup is identical at every tier. What you are paying for is a cryptographically verifiable chain of custody that satisfies a regulator, an auditor, or an incident response team.

### [→ Get Janitor Sentinel — $499/yr](https://thejanitor.lemonsqueezy.com/checkout/buy/cf4f5dbd-1354-4e97-8b55-0d4375ec9be7?enabled=1361348) *API token delivered by email within seconds of payment. No per-seat limits.*

See The Manifesto for the full crisis framing, actuarial ledger, and technical stack. See Architecture for the engine specification. See Security Posture for the Shadow Tree isolation, atomic rollback protocol, and hermetic build details. See Pricing & Licensing for BUSL-1.1 terms and commercial tier details. See Terms of Service · Privacy Policy for legal and data handling.