VSCode Extension v0.2.0

This release introduces the highly anticipated Go to Definition feature, bringing intelligent navigation capabilities to ROS template development. Jump directly to parameter, resource, and local definitions with a single click.

✨ New Features

Go to Definition

Navigate through your ROS templates with ease:

• Ref navigation — Jump from Ref intrinsic functions to their corresponding parameter, resource, or local definitions
• Fn::GetAtt navigation — Navigate from Fn::GetAtt to the referenced resource definition
• AssociationPropertyMetadata navigation — Jump from association property metadata to parameter definitions

Simply hold Ctrl (or Cmd on macOS) and click on any reference to jump to its definition.

🔧 Enhancements

Auto-Completion Improvements

• Enhanced auto-completion for nested resource properties
• Improved allowed values suggestions with better context awareness
• More accurate completion items based on resource type schema

Validation Enhancements

• Added validation for Ref targets — warns when referencing non-existent parameters or resources
• Added validation for Fn::GetAtt attributes — validates attribute names against resource type schema
• Better error messages with actionable suggestions

LSP Server Improvements

• Updated ROS schema to the latest version with expanded resource type coverage
• Fixed YAML colon key parsing issues in complex template structures
• Improved ConstraintDescription handling with multilingual map support

CLI v0.8.0

What's Changed

✨ New Features

Go to Definition Support for ROS Templates

InfraGuard's LSP server now supports Go to Definition, allowing you to jump directly to symbol definitions within ROS templates in any LSP-compatible editor.

Key Highlights:

• Ref → Definition — Jump from a Ref value to the referenced Parameter, Locals, or Resource definition.
• Fn::GetAtt → Definition — Jump from Fn::GetAtt to the target Resource definition.
• AssociationPropertyMetadata → Definition — Jump from AssociationPropertyMetadata entries to their corresponding Parameter definitions.
• Enhanced Auto-Completion — Improved completions for nested properties and allowed values.
• Validation for Ref/GetAtt — Added validation for Ref/GetAtt targets and attributes to catch errors earlier.
• Updated ROS Schema — ROS resource schema updated to the latest version.

Usage:

# Start LSP server (communicates via stdio)
infraguard lsp

# Start with explicit stdio flag
infraguard lsp --stdio

---

🛠 Improvements

LSP: ConstraintDescription Multilingual Map Support

The LSP server now correctly handles ConstraintDescription as a multilingual map (e.g., en, zh-cn keys), in addition to plain strings. This fixes hover documentation display for parameters using localized constraint descriptions.

LSP: Fix YAML Colon Key Parsing

Fixed a parsing issue where YAML keys containing colons (:) were not correctly recognized, which could cause incorrect diagnostics or missing completions.

VSCode Extension v0.1.0

🎉 InfraGuard VSCode Extension v0.1.0 - Initial Release

The first release of the InfraGuard VS Code Extension — providing intelligent editing support for Alibaba Cloud ROS (Resource Orchestration Service) templates directly in VS Code.

✨ Features

Auto-Completion

Context-aware completions across the entire template structure:

• Resource types — All ALIYUN::* resource type identifiers
• Properties — Resource properties with type information, required properties prioritized
• Intrinsic functions — Fn::Join, Fn::Sub, Fn::Select, and more
• Ref/GetAtt targets — References to parameters, resources, and their attributes
• Parameter definitions — Type, Default, AllowedValues, and other parameter properties
• Top-level sections — ROSTemplateFormatVersion, Parameters, Resources, Outputs, etc.

When you type a resource type, a Properties block with all required keys is auto-inserted.

Real-Time Diagnostics

Validates your template as you type:

• Missing or invalid ROSTemplateFormatVersion
• Unknown resource types
• Missing required properties
• Type mismatches for property values
• Invalid parameter definitions
• Duplicate YAML keys
• Unknown keys with "Did you mean?" suggestions

Hover Documentation

Hover over elements to see contextual documentation:

• Resource types — Description and link to official docs
• Properties — Type, constraints, whether required or optional, update behavior
• Intrinsic functions — Syntax and usage examples

Syntax Highlighting

Enhanced syntax highlighting for ROS-specific elements:

• !Ref, Fn::Join, and other intrinsic functions
• ALIYUN::*::* resource type identifiers

📦 Supported File Types

Pattern	Detection
*.ros.yaml / *.ros.yml	Automatically recognized as ROS templates
*.ros.json	Automatically recognized as ROS templates
*.yaml / *.json	Detected via ROSTemplateFormatVersion in content

🔧 Commands

Command	Description
InfraGuard: Update ROS Schema	Fetch the latest resource type schema from ROS API

🌐 Internationalization

The extension supports English and Chinese (Simplified) localization.

🚀 Installation

Install from the VS Code Marketplace, or search for "InfraGuard" in the VS Code Extensions panel.

📦 Platform Support

Pre-built VSIX packages are available for:

• Linux x64
• macOS x64 / ARM64 (Apple Silicon)
• Windows x64

Each VSIX includes a bundled infraguard LSP server binary for the target platform.

CLI v0.7.0

What's Changed

✨ New Features

LSP Server for ROS Template Editing

InfraGuard now includes a built-in Language Server Protocol (LSP) server, providing intelligent editing support for ROS templates in any LSP-compatible editor.

Key Highlights

• Auto-Completion — Context-aware completions for resource types, properties, intrinsic functions, Ref/GetAtt targets, parameter definitions, and top-level sections. Required properties are prioritized, and a Properties block with required keys is auto-inserted when you type a resource type.
• Real-Time Diagnostics — Validates templates as you type, checking format version, resource types, required properties, type mismatches, parameter definitions, duplicate YAML keys, and unknown keys with "Did you mean?" suggestions.
• Hover Documentation — Hover over elements to see descriptions, type info, constraints, and whether a property is required or updatable.
• YAML & JSON Support — Full support for both YAML and JSON template formats.

Usage

# Start LSP server (communicates via stdio)
infraguard lsp

# Start with explicit stdio flag
infraguard lsp --stdio

CLI v0.6.0

What's Changed

✨ New Features

Multi-Language Support

InfraGuard now supports 7 languages with comprehensive internationalization (i18n) using the BCP 47 standard. This enables users worldwide to use InfraGuard in their native language.

Key Highlights

• 5 New Languages: Added support for Spanish (es), French (fr), German (de), Japanese (ja), and Portuguese (pt)
• BCP 47 Standard: Full compliance with BCP 47 language tag standard for proper locale handling
• Complete Translation Coverage: All CLI commands, error messages, and documentation are translated
• Automatic Language Detection: Detects system locale and uses appropriate language automatically
• Language Consistency Validation: Built-in validation ensures translation completeness and consistency

Supported Languages

• English (en) - Default
• 中文 (zh) - Chinese
• Español (es) - Spanish
• Français (fr) - French
• Deutsch (de) - German
• 日本語 (ja) - Japanese
• Português (pt) - Portuguese

Usage

# Use default language (auto-detected from system)
infraguard scan template.yaml

# Explicitly specify language
infraguard scan template.yaml --lang es
infraguard scan template.yaml --lang fr
infraguard scan template.yaml --lang de
infraguard scan template.yaml --lang ja
infraguard scan template.yaml --lang pt

Policy Formatting with Sorting and Colored Diff

Enhanced policy formatting capabilities with intelligent sorting and git-style colored diff visualization.

Key Highlights

• Automatic Language Sorting: Sorts i18n language keys in standard order (en, zh, ja, de, es, fr, pt)
• Git-Style Colored Diff: Visual diff output similar to git diff for easy change review
• Inline Dictionary Formatting: Converts inline i18n dictionaries to multi-line format for better readability
• Comment Preservation: Preserves comments above language entries during sorting

Usage

# Format with colored diff output
infraguard policy format --diff

🏗️ Architecture Changes

Enhanced CI/CD Pipeline

Improved continuous integration workflow with better validation and organization.

Changes

• Unified Check Job: Merged lint checks into the main check job for better workflow organization
• Translation Validation: Added automated translation validation to ensure i18n consistency
• Documentation Translation Validation: Integrated translation checks into doc-build process
• Security Improvements: Fixed code scanning alerts by adding proper workflow permissions

🐛 Bug Fixes

• Integer Overflow Prevention: Fixed potential integer overflow in path capacity calculation by capping violationPath length
• Dependency Security: Upgraded lodash package to fix Dependabot security alert
• Language Configuration: Fixed incomplete language list in config and added consistency validation
• Workflow Permissions: Fixed multiple code scanning alerts related to missing workflow permissions

📚 Documentation

New Documentation

• Multi-Language Support Guide: Comprehensive documentation for using InfraGuard in different languages

Updated Documentation

• Main README with multi-language support information
• CLI reference with --lang parameter documentation
• User guide with language selection examples
• All documentation translated to 5 new languages (es, fr, de, ja, pt)

---

Full Changelog: v0.5.0...v0.6.0

CLI v0.5.0

What's Changed

✨ New Features

Preview Mode for Scan Command

InfraGuard now supports Preview Mode - a new scan mode that validates ROS templates using Alibaba Cloud ROS PreviewStack API, providing more accurate compliance checks based on real-time cloud resources and configurations.

Key Highlights

• Dual Scan Modes: Choose between static (fast local analysis) and preview (cloud-based validation)
• Multiple Authentication Methods: Support for AccessKey, STS Token, and RAM Role
• Flexible Credential Loading: Load credentials from environment variables or Aliyun CLI configuration
• Comprehensive Error Handling: User-friendly error messages with detailed troubleshooting guidance

Usage

# Static mode (default) - fast local analysis
infraguard scan template.yaml -p pack:aliyun:quick-start-compliance-pack

# Preview mode - cloud-based validation
infraguard scan template.yaml -p pack:aliyun:quick-start-compliance-pack --mode preview

Configuration

Method 1: Environment Variables

export ALIBABA_CLOUD_ACCESS_KEY_ID="your-access-key-id"
export ALIBABA_CLOUD_ACCESS_KEY_SECRET="your-access-key-secret"
export ALIBABA_CLOUD_REGION_ID="cn-hangzhou"  # optional

Method 2: Aliyun CLI Configuration

aliyun configure

🏗️ Architecture Changes

Provider Architecture

Introduced a new provider-based architecture to support multiple IaC formats:

pkg/providers/
└── ros/           # ROS provider implementation
    ├── credentials.go
    ├── client.go
    ├── preview.go
    └── loader.go

This modular design makes it easy to extend InfraGuard to support other IaC formats like Terraform in the future.

📚 Documentation

New Documentation

• Preview Mode Guide: Comprehensive guide for using preview mode

Updated Documentation

• Main README with preview mode examples
• CLI reference with --mode parameter
• User guide with scan mode comparison

---

Full Changelog: v0.4.0...v0.5.0

CLI v0.4.0

What's Changed

✨ New Features

• ROS Function Support: Added comprehensive support for ROS (Resource Orchestration Service) intrinsic functions, enabling static analysis of complex ROS templates. Supported functions include:
  • String Functions: Fn::Join, Fn::Sub, Fn::Split, Fn::Replace, Fn::Str, Fn::Indent
  • Encoding Functions: Fn::Base64Encode, Fn::Base64Decode
  • List Functions: Fn::Select, Fn::Index, Fn::Length, Fn::ListMerge
  • Map Functions: Fn::FindInMap, Fn::SelectMapList, Fn::MergeMapToList
  • Mathematical Functions: Fn::Add, Fn::Avg, Fn::Max, Fn::Min, Fn::Calculate
  • Conditional Functions: Fn::If, Fn::Equals, Fn::And, Fn::Or, Fn::Not, Fn::Contains, Fn::Any, Fn::EachMemberIn, Fn::MatchPattern
  • Utility Functions: Fn::GetJsonValue, Ref
    See ROS Features Documentation for complete details.
• ROS Conditions Support: Implemented full support for ROS Conditions feature, including condition definition, condition functions (Fn::Equals, Fn::And, Fn::Or, Fn::Not, Fn::If), condition references in resources and outputs, and automatic dependency resolution.
• ROS YAML Short Syntax Support: Added support for YAML tag notation (short syntax) for ROS functions, including !Ref, !GetAtt, and all other Fn::* functions written as !FunctionName. The YAML parser automatically converts these short forms to their standard map representation during template loading.

📚 Documentation

• Added comprehensive ROS Features Support documentation page covering all supported ROS functions, conditions, YAML short syntax, and unsupported features
• Added Policy as Code section to introduction documentation

Full Changelog: v0.3.0...v0.4.0

CLI v0.3.0

What's Changed

✨ New Features

• Added update command for InfraGuard CLI, enabling users to update to the latest version or a specific version. The command supports checking for updates, forcing updates, and platform-specific installations. See Update Command Documentation for complete guide.
• Added policy clean command to clean user policy directory (~/.infraguard/policies/), allowing users to remove downloaded policies while preserving embedded and workspace policies. See Policy Clean Documentation for usage details.

🔧 Improvements

• Enhanced CI workflow to support multiple operating systems, improving cross-platform compatibility and testing coverage.
• Fixed issues with some rules not working correctly.
• Fixed Windows-specific issues to improve platform compatibility.

📚 Documentation

• Added comprehensive documentation for the update command, including usage examples and flag descriptions.
• Added documentation for the policy clean command in the CLI reference.

Full Changelog: v0.2.0...v0.3.0

CLI v0.2.0

What's Changed

✨ New Features

• Added support for print() function in Rego files for debugging, enabling developers to debug policies more effectively during development. See Debugging Policies for complete guide.

🔧 Improvements

• Added local search support to documentation site, improving documentation browsing experience
• Enhanced documentation with new debugging policies guide, policy directory structure documentation, and FAQ section, updated writing packs and writing rules documentation for better clarity

Full Changelog: v0.1.2...v0.2.0

CLI v0.1.2

What's Changed

🐛 Bug Fixes

• Fixed pack not found issue, improved policy pack lookup logic and index generation mechanism

🔧 Improvements

• Enhanced policy loading documentation and structure, updated policy loading priority to support workspace-local policies, allowing for project-specific configurations, and improved documentation for loading policies from different directory structures
• Updated Aliyun provider description for improved clarity

Full Changelog: v0.1.1...v0.1.2