Skip to content

docs: Update Cody Guardrails documentation with known limitations #1181

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

docs: Update Cody Guardrails documentation with known limitations #1181

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2d2442d
docs: Update Cody Guardrails documentation with known limitations
aramaraju Jun 9, 2025
3978d7f
Update guardrails platform support details
aramaraju Jun 17, 2025
4f39818
Merge branch 'main' into guardrails-docs-update
aramaraju Jun 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion docs/cody/enterprise/features.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Site administrators can set the duration of access tokens for users connecting C

## Guardrails

<Callout type= "note">Guardrails for public code is currently in Beta and is supported with VS Code, JetBrains IDEs extensions and Sourcegraph Web app.</Callout>
<Callout type= "note">Guardrails for public code is only supported on VS Code, JetBrains IDEs extension, and Sourcegraph Web app for Cody Enterprise customers using [Cody Gateway](https://sourcegraph.com/docs/cody/core-concepts/cody-gateway#sourcegraph-cody-gateway). It is not supported for any BYOK (Bring Your Own Key) deployments. </Callout>

Open source attribution guardrails for public code, commonly called copyright guardrails, reduce the exposure to copyrighted code. This involves implementing a verification mechanism within Cody to ensure that any code generated by the platform does not replicate open source code.

Expand All @@ -22,6 +22,12 @@ Guardrails don't differentiate between license types. It matches any code snippe

You can `enforce` a Guardrails check to prevent any matching code from being shown to the user. To do so, site admins need to add `"attribution.mode": "enforced"` in the **Site configuration** setting. This will configure the settings for Cody IDE extensions VS Code (v1.82+) or JetBrains (v7.82+) accordingly and will enforce not to display code until attribution checks have finished.

### Known Limitations
1. Guardrails work through an exact string match across ten or more lines, which means extra comments or name changes may not trigger the check
2. The strings are compared against around **290,000** indexed open source repositories, consisting of all license types, including permissive and non-permissive licenses
3. Guardrails requires access to the Cody Gateway, which means it's not supported for any customers using BYOK (Bring Your Own Key)
4. Guardrails is only supported on the Sourcegraph Web app, and the IDE extensions in VS Code, JetBrains IDEs, for chat and autocomplete

## Admin controls

<Callout type="note">Admin controls are supported with VS Code and JetBrains IDE extension.</Callout>
Expand Down