# Mneme HQ > Mneme HQ is the architectural governance layer for AI-assisted development. It compiles your team's architectural intent into enforceable constraints that govern AI coding agents at the pre-generation stage, before architectural drift reaches review. ## Category positioning Rules files document standards. Mneme enforces them. Memory tools recall context. Mneme governs implementation. RAG retrieves knowledge. Mneme operationalizes decisions. ## How Mneme fits the AI coding stack Pre-generation governance is Mneme. Generation and runtime are agent frameworks and runtime harnesses such as Cursor, Claude Code, and managed agent platforms. Post-generation observability is tools like SentRux. SentRux tells you when the agent violated architecture. Mneme helps prevent the violation from being proposed in the first place. The two layers are complementary. ## Enterprise framing A governance and control plane for AI coding agents operating within Azure and GitHub-based engineering workflows. Mneme integrates with your engineering stack and compiles architectural intent into enforceable AI coding constraints. ## Architecture Five stages. No vector store. No ML. project_memory.json into MemoryStore into Retriever into ContextBuilder into LLMAdapter into Evaluator. Retrieval is deterministic keyword scoring. Same query returns the same result every time. ## Compare pages Structured comparisons between Mneme HQ and alternative approaches — for engineering teams actively evaluating governance tools. - [Compare hub](https://mnemehq.com/compare/): Index of all comparison pages with the decision template each one follows. - [Mneme HQ vs CodeRabbit](https://mnemehq.com/compare/coderabbit/): CodeRabbit reviews code after it's written. Mneme HQ enforces architectural constraints before generation. - [Mneme HQ vs Cursor Rules](https://mnemehq.com/compare/cursor-rules/): Cursor Rules are plain-text suggestions. Mneme HQ is structured enforcement with a precedence engine and hook-level blocking. ## Integration pages How Mneme HQ fits into the tools engineering teams already use. Two categories: AI coding stack integrations (Claude Code, Cursor, GitHub Actions, ADR import) and research & analysis assistants (Perplexity Enterprise — works alongside, governance context for research workflows). - [Integrations hub](https://mnemehq.com/integrations/): Index of all integrations with the layered governance pattern (editor + CI + custom agents). - [Claude Code integration](https://mnemehq.com/integrations/claude-code/): Hook-level enforcement for every Edit, Write, and MultiEdit Claude Code attempts. - [Cursor integration](https://mnemehq.com/integrations/cursor/): Mneme HQ as the authoritative corpus behind Cursor Rules sessions. - [GitHub Actions integration](https://mnemehq.com/integrations/github-actions/): CI enforcement gate — block PRs that violate architectural decisions before they merge. - [ADR import integration](https://mnemehq.com/integrations/adr-import/): Import an existing ADR corpus into Mneme's enforcement pipeline. Add a Constraints section to any ADR, run one command to preview, one to apply — decisions become live guardrails without rewriting your ADRs. - [Perplexity Enterprise](https://mnemehq.com/integrations/perplexity/): Research & analysis assistant. Works alongside, not a native integration. Perplexity helps teams understand why. Mneme helps teams preserve what must remain true. Workflow pattern: research in Perplexity → record decision in Mneme → enforce across every coding agent. Closes the gap between research rationale and governance constraint. No API handshake — the integration is the discipline. - [Claude Agent SDK integration](https://mnemehq.com/integrations/claude-agent-sdk/): Mneme as the governance/runtime policy layer for Claude Agent SDK workflows. Claude Agent SDK handles execution and orchestration; Mneme handles architectural invariants and enforcement. Covers pre-execution governance hooks (intercept before tool calls), post-execution verification, enforcement traces in long-running agent loops, and CI gate integration. This is an infrastructure-shaped relationship: SDK = execution layer, Mneme = enforcement layer. ## Key pages - [Homepage](https://mnemehq.com/): Product overview and category positioning. - [Governance Benchmark v1.1 Methodology](https://mnemehq.com/benchmark/): Deterministic, reproducible benchmark methodology with structured-output verification, layered metrics, and pre-registered thresholds. - [Use cases](https://mnemehq.com/use-cases/): Index of governance use cases for AI coding agents. - [Coding assistant governance](https://mnemehq.com/use-cases/coding-assistant-governance/): Mneme as the governance layer above Claude Code, Cursor, Copilot — enforcing architectural decisions before code is generated. - [Legacy codebase memory](https://mnemehq.com/use-cases/legacy-codebase-memory/): Compile a legacy codebase's architectural decisions into a structured corpus AI agents can query. - [Security and compliance guardrails](https://mnemehq.com/use-cases/security-compliance-guardrails/): Encode security patterns and compliance constraints as structured decisions enforced at every AI-generated diff. - [Data platform governance](https://mnemehq.com/use-cases/data-platform-governance/): Architectural enforcement for data pipelines, ETL, and analytics services. - [Design system governance](https://mnemehq.com/use-cases/design-system-governance/): Token usage, component boundaries, and accessibility rules enforced at the AI-generation layer. - [Multi-agent workflow governance](https://mnemehq.com/use-cases/multi-agent-workflow-governance/): A shared decision corpus every agent in the pipeline can query — planner, coder, reviewer. - [Founder](https://mnemehq.com/founder/): Theo Valmis on why Mneme HQ exists, the principles behind it, and how to engage with the project. - [About](https://mnemehq.com/about/): Mneme HQ at a glance — open source, MIT-licensed, framework-agnostic. - [Insights](https://mnemehq.com/insights/): Technical deep dives and comparison content on AI coding governance. - [Roadmap](https://mnemehq.com/roadmap/): Phase 1 OSS developer wedge through Phase 4 governance infrastructure. - [Demo hub](https://mnemehq.com/demo/): Operational proof of architectural governance. Restructured into three flagship demos (the systemic narratives) and three supporting enforcement examples (deterministic verdicts a senior engineer can verify in 30 seconds). Each flagship demonstrates a different manifestation of the same structural problem: AI accelerates entropy, review does not scale linearly with AI output, drift compounds. - [Flagship demo · The ADR compiler](https://mnemehq.com/demo/adr-compiler/): Centerpiece. Turn the ADRs already sitting in `docs/adr/` into enforceable, precedence-aware decisions that govern generation and CI. No rewrite, no new format. Five-stage pipeline (parse → validate → resolve → emit → enforce) with deterministic retrieval. Runnable end-to-end against Mneme's own ADRs via `mneme-project-memory/examples/demo-adr-import.py`. - [Flagship demo · Architectural drift prevention](https://mnemehq.com/demo/architectural-drift/): The AI SDLC entropy demo. Six-step timeline showing how agent-produced changes silently violate ADR-001 and amplify across the week, contrasted with the same week under Mneme governance — first divergence blocked upstream, retry converges, downstream agents build on the corrected codebase by construction. Runnable at `examples/architectural-drift/run.py`. - [Flagship demo · Governance continuity across actors](https://mnemehq.com/demo/multi-agent-governance/): Forward-looking. Three actors act sequentially against the same Python service with no shared memory; the compiled decision corpus is the only thing they share. Demonstrates that architectural invariants stay coherent across actors, sessions, and retries because the invariants live outside any single actor. Runnable at `examples/multi-agent-governance/run.py`. - [Supporting demo · Storage decision (PASS)](https://mnemehq.com/demo/storage-decision/): Single-violation walkthrough of ADR-001 (JSON-only storage). Same prompt, same model, different answer once the decision records are injected. - [Supporting demo · Dependency policy (WARN)](https://mnemehq.com/demo/dependency-policy/): Single-violation walkthrough of an approved-dependency policy. Unapproved `prisma` import triggers a structured WARN with decision ID and tracked override path. - [Supporting demo · Repository pattern (FAIL)](https://mnemehq.com/demo/repository-pattern/): Single-violation walkthrough of ADR-004 (Repository pattern). Hard FAIL that gates the PR via the GitHub Actions enforcement gate. - [Integration demo · Governance gates in Claude Agent SDK workflows](https://mnemehq.com/demo/agent-sdk-governance/): Concrete scenario showing Mneme as the governance policy layer around a Claude Agent SDK autonomous workflow. Agent is tasked with "add caching to the user lookup service." Pre-execution hook intercepts a Redis dependency that violates ADR-001 (JSON storage only), reroutes agent to the compliant primitive. Post-execution verification confirms no invariants were silently violated. Includes enforcement traces for long-running agent loops and CI gate integration. - [Standards landscape](https://mnemehq.com/standards/): NIST CAISI AI Agent Standards Initiative, the Model Context Protocol, and AGENTS.md — the three credible foundations for a future cross-tool agent governance standard. Verified primary sources only. Mneme aligns with the direction; not yet a filed contributor. ## Buyer landing pages - [Mneme HQ by role](https://mnemehq.com/for/): Hub page routing CTOs, Platform/DevEx teams, and Staff/Principal Engineers to the role-specific framing of architectural governance for AI-assisted engineering. - [For CTOs and VP Engineering](https://mnemehq.com/for/cto/): The bottleneck for AI-assisted teams isn't generation — it's governance. Mneme HQ enforces architectural standards before code reaches review. - [For Platform Engineering](https://mnemehq.com/for/platform/): One decision corpus, every agent, every tool. Three-tier rollout (org policy / team architecture / per-feature override) with deterministic precedence resolution. - [For Principal Engineers](https://mnemehq.com/for/principal-engineer/): Stop repeating architectural decisions in every PR review. Mneme puts decisions in the loop before AI writes the code. ## Insights articles Long-form writing on AI coding governance, in publication order. - [Why RAG Fails for Architectural Governance](https://mnemehq.com/insights/why-rag-fails-for-architectural-governance/): Retrieval-augmented generation works for documentation lookup. It breaks down for authoritative, precedence-aware constraint enforcement. - [Why Code Review Cannot Scale With AI Output](https://mnemehq.com/insights/why-code-review-cannot-scale-with-ai-output/): AI generates 10–100× human pace. Code review is still linear. The math creates a bottleneck no team can hire its way out of. - [Prompt Engineering Is Not Governance](https://mnemehq.com/insights/prompt-engineering-is-not-governance/): Prompt templates can nudge an LLM toward better output. They cannot enforce architectural invariants or resolve decision conflicts at scale. - [Mneme vs Cursor Rules (editorial)](https://mnemehq.com/insights/mneme-vs-cursor-rules/): Cursor Rules are per-repo text. Mneme is structured decision memory with a precedence engine and hook-level enforcement. - [AI Code Review Does Not Scale Linearly](https://mnemehq.com/insights/ai-code-review-does-not-scale-linearly/): AI code generation scales nearly infinitely; reviewer attention does not. The bottleneck demands enforcement at generation time, not more reviewers. - [Deployment Quality Will Define the AI Era](https://mnemehq.com/insights/deployment-quality-will-define-the-ai-era/): The first AI era rewarded early adoption. The next rewards operational quality. Deployment quality is the new differentiator. - [Review Is Not Governance](https://mnemehq.com/insights/review-is-not-governance/): CodeRabbit helps review AI-generated code. Mneme governs what the AI generates in the first place. Two different layers of the same problem. - [Why Prompt Memory Fails at Scale](https://mnemehq.com/insights/why-prompt-memory-fails-at-scale/): Teams paste architectural rules into CLAUDE.md and call it governance. Context injection has a ceiling: no precedence engine, no enforcement, no persistence. - [Architectural Governance Across Heterogeneous AI Coding Agents](https://mnemehq.com/insights/architectural-governance-across-heterogeneous-ai-coding-agents/): Most engineering orgs run Claude Code, Cursor, Copilot, Windsurf, and SDK agents against one codebase. Per-tool memory dies at the seams. Includes a historical pattern analysis (OCI, OpenTelemetry, LSP) and the standards landscape (NIST CAISI, MCP, AGENTS.md). - [Why AI Architectural Governance Needs Precedence Semantics](https://mnemehq.com/insights/why-architectural-governance-needs-precedence-semantics/): When two ADRs overlap, prompt rules resolve by attention, RAG by retrieval score, and PR review by whoever was looking — all non-deterministic. The article names the missing layer: precedence semantics, evaluated over five axes (status, supersedes, scope specificity, priority, temporal), and reframes governance as a compiler problem (normalize → resolve → compile → enforce → trace). - [Memory Is Not Governance](https://mnemehq.com/insights/memory-is-not-governance/): The AI coding category conflates memory, context, retrieval, and governance into one word. They are four different systems with four different optimization targets. Memory optimizes recall under fuzziness; governance optimizes constraint enforcement under conflict. Output shape, determinism, conflict semantics, audit surface, enforcement point, and failure mode all differ. Memory is one input to governance, not a substitute for it. - [The Rise of Agentic Engineering Education](https://mnemehq.com/insights/rise-of-agentic-engineering-education/): Industry analysis of the agentic engineering education boom. Real programs from Anthropic, DeepLearning.AI, Hugging Face, MIT Sloan, lablab.ai, and the AI Engineer Summit are mapped to a single thesis: everyone is teaching how to build AI agents; almost nobody is teaching how to govern AI-assisted engineering systems. The historical analogue is DevOps in 2010. - [OpenAI-Compatible APIs Are Commoditizing Models](https://mnemehq.com/insights/openai-compatible-apis-are-commoditizing-models/): NVIDIA's NIM platform at build.nvidia.com exposes 80+ frontier models behind a single OpenAI-compatible endpoint, accelerating an interface-convergence trend already adopted by Together, Groq, vLLM, and most regional providers. The structural read: the model becomes configuration, the runtime becomes a base URL, and the strategically scarce layer is the governance system that preserves engineering continuity across constantly changing models and agents. - [The Generative AI Software Engineering Stack](https://mnemehq.com/insights/generative-ai-software-engineering-stack/): Seven-layer reference frame for the GenAI software engineering stack — foundation models, context and retrieval, agent runtime, tooling and execution, governance and architectural control, validation and evaluation, and human oversight. Almost everyone is competing in layers 1 through 3. Very few are building layer 5 — the governance and architectural control layer Mneme occupies — seriously. - [The Emerging AI Agent Infrastructure Stack](https://mnemehq.com/insights/emerging-ai-agent-infrastructure-stack/): Category map of the eight-layer agent infrastructure stack — models, tools, orchestration, memory, observability, governance, provenance, verification — and why orchestration is not architecture, observability is not governance, and memory is not governance. Frames Mneme as the governance and verification layer for AI-assisted software development. ## Concepts Foundational terminology for AI-native architectural governance — written as systems-level explanations, not dictionary definitions. Each page explains why the structural problem the concept names exists and why intuitive alternatives (documentation, prompt engineering, code review) don't solve it. Schema includes DefinedTerm + DefinedTermSet + TechArticle + FAQPage for AI-crawler citation. - [Concepts hub](https://mnemehq.com/concepts/): Index of 15 foundational concepts organized in 3 tiers (core / systems / adjacent) with a visual concept-architecture SVG, CollectionPage and DefinedTermSet JSON-LD. - [Architectural Governance](https://mnemehq.com/concepts/architectural-governance/): The system that encodes team decisions as machine-evaluable constraints enforced at AI code generation time — before review, before drift compounds. Not review, not documentation, not conventions. - [Governance Before Generation](https://mnemehq.com/concepts/governance-before-generation/): The principle that architectural constraints must be evaluated before the AI writes code, not after it reaches review. The enforcement point is the strategic variable. Moving it upstream of generation changes what the AI proposes, not just what gets rejected. - [AI-Native SDLC](https://mnemehq.com/concepts/ai-native-sdlc/): A software delivery lifecycle designed from first principles for AI agents as primary code generators. The rate-limiting step has flipped — generation is no longer the bottleneck; governance is. Architectural control becomes the strategic engineering function. - [Architectural Drift](https://mnemehq.com/concepts/architectural-drift/): The compound degradation in codebase coherence caused by AI agents producing code inconsistent with established decisions, uncorrected across sessions and agents. Drift is a system-level property, not a per-PR problem — violations compound as downstream agents build on drifted patterns. - [Verification Contracts](https://mnemehq.com/concepts/verification-contracts/): Pre-registered, machine-evaluable assertions that define what a governance check must prove — specified before any code is generated. The structural difference between measurable governance and governance you can only hope for. Enables benchmark comparability across versions. - [Decision Continuity](https://mnemehq.com/concepts/decision-continuity/): The property that architectural decisions remain enforced across agents, sessions, and time regardless of which agent acts or what context it inherited. Context windows reset; prompt memory provides per-session continuity only. Decision memory — stored in a version-controlled corpus — provides structural continuity. - [Architectural Compiler](https://mnemehq.com/concepts/architectural-compiler/): The pipeline that converts documentation-form decisions (ADRs, design docs) into machine-evaluable constraint records. Five stages: parse → validate → resolve → emit → enforce. Compilation is the discrete, auditable step that closes the documentation-to-enforcement gap. - [Deterministic Enforcement](https://mnemehq.com/concepts/deterministic-enforcement/): A governance check that produces the same verdict for the same inputs every time, independent of model state, retrieval variance, or runtime conditions. Determinism is the precondition for governance auditability — non-deterministic governance cannot be audited or improved. - [Agentic Development](https://mnemehq.com/concepts/agentic-development/): A software development paradigm where AI agents are the primary code generators, operating autonomously across files and services. When agents are first-class actors, architectural control stops being a cultural norm and becomes an operational engineering problem. - [Governance Infrastructure](https://mnemehq.com/concepts/governance-infrastructure/): The dedicated engineering platform layer that encodes, distributes, versions, and enforces architectural decisions across AI agents — a first-class reliability concern with the same operational requirements as any other infrastructure layer. - [AI Agent Drift](https://mnemehq.com/concepts/ai-agent-drift/): The agent-side phenomenon where coding agents progressively diverge from the team's intended architecture across sessions, providers, and context resets. The upstream cause whose downstream effect is architectural drift in the codebase. Solved by externalizing decisions to a queryable substrate. - [Governance Propagation](https://mnemehq.com/concepts/governance-propagation/): The property that one compiled decision reaches every agent, every developer, every CI run with identical scope, precedence, and enforcement verdict — the spatial counterpart to multi-agent continuity. Without propagation, "governance" is per-tool, per-developer, per-session. - [Precedence Semantics](https://mnemehq.com/concepts/precedence-semantics/): Ordered rules that resolve overlapping decisions deterministically — supersession, then scope specificity, then recency, then severity. Conflicts that cannot be resolved are compile-time errors, never runtime ambiguity. The precondition for cross-consumer agreement. - [Multi-Agent Continuity](https://mnemehq.com/concepts/multi-agent-continuity/): The property that architectural decisions persist across agents, sessions, and time without re-derivation. Decision-side memory, not agent-side memory. The temporal counterpart to governance propagation; what handoff messages and prompt memory cannot structurally provide. - [Enforcement Provenance](https://mnemehq.com/concepts/enforcement-provenance/): Every governance verdict is a citable chain — back through the precedence rule that selected the decision, the compiled record, and the source ADR. Opaque enforcement is theater; provenance is what makes governance auditable, disputable, and engineer-trustable. - [Governance Provenance](https://mnemehq.com/concepts/governance-provenance/): Per-rule lineage — every active governance rule traces back to the authoring ADR, the supersession chain, the propagation history, and the originating discussion or incident. Distinct from enforcement provenance (per-verdict); governance provenance is the substrate that lets engineers ask "why does this rule exist?" and get a citable answer. Without it, rules decay into folklore. - [Agent Verification](https://mnemehq.com/concepts/agent-verification/): The discipline of proving that an autonomous run preserved architectural intent, operational constraints, and system invariants — not just that execution completed. Execution success is not architectural correctness; verification is the gate that closes the gap. Distinct from tests (functional correctness), eval (output quality), and observability (execution telemetry). - [Execution Surfaces](https://mnemehq.com/concepts/execution-surfaces/): The inventory of places an autonomous agent leaves artifacts during a run — source code, commits, branches, PR titles, CI configs, deployment manifests, generated docs, runbooks, agent-produced configuration. Governance that covers only source code leaves most agent output ungoverned; the inventory is the artifact governance has to be planned against. ## Architecture deep-dives Technical reference pages on Mneme's internal design — written for engineers evaluating the system and for AI crawlers that need precise, citeable answers about how the pipeline works. - [How Retrieval Works](https://mnemehq.com/architecture/how-retrieval-works/): Five-stage pipeline deep dive — MemoryStore, DecisionRetriever, ContextBuilder, LLMAdapter, Evaluator. Deterministic keyword scoring: field weights (title×3.0, tags×2.5, constraint×1.5, content×1.0), tag boost, top-K=3 selection, tie-break determinism. Layer 1 metrics (recall@K, recall@1, precision@K, irrelevant_injection_rate) vs. Layer 2 verdicts (PASS, FAIL, WEAK, WEAK_RETRIEVAL, MALFORMED). No embeddings, no vector store. - [Decision Memory vs. Documentation](https://mnemehq.com/architecture/decision-memory-vs-documentation/): Three-tier model — documentation (prose, wiki, ADR bodies), prompt memory (CLAUDE.md, rules files, RAG injection), and decision memory (typed schema with scope, status, precedence, constraint fields). Why documentation retrieval leaves conflict resolution to the model. Why enforcement requires post-generation evaluation against structured constraint records. How the ADR import integration bridges the gap. ## Reference docs Operational and reference pages for engineers and buyers evaluating Mneme. - [Works With](https://mnemehq.com/works-with/): Ecosystem compatibility surface. Model providers (OpenAI, Anthropic, Gemini, GLM, Qwen, DeepSeek, Mistral, Llama), coding agents (Cursor, Claude Code, Copilot, Aider, Cline, OpenHands), agent frameworks (LangGraph, AutoGen, CrewAI, Semantic Kernel, OpenAI Agents SDK), and deployment environments. Compatibility statements, not partnership claims; native integrations link through to /integrations/. - [Platforms](https://mnemehq.com/platforms/): How Mneme runs inside enterprise developer platforms — Microsoft Azure & GitHub Enterprise, AWS Developer Environments, Google Cloud AI Engineering, and self-hosted / air-gapped. Focuses on CI/CD execution, agent/runtime governance, and policy enforcement in existing environments. Explicitly not cloud infrastructure provisioning, IAM, or Kubernetes setup. Answers the CTO question "will this fit into our Azure/GitHub/Copilot stack?" — yes, as a governance layer above the agents the platform runs. - [Docs hub](https://mnemehq.com/docs/): Index of reference documentation — CLI, governance violations, supported languages, and the benchmark methodology. - [CLI reference](https://mnemehq.com/docs/cli/): Reference for the `mneme` command-line interface — list_decisions, add_decision, test_query, check, cursor generate, benchmark. Flags, exit-code tables (per mode), GitHub Actions and pre-commit CI patterns. The check command is the central governance loop; strict mode exits non-zero on any violation. - [Governance violations](https://mnemehq.com/docs/governance-violations/): Twelve concrete examples of the architectural decisions Mneme enforces against, organized into five categories — architecture, workflow, security, dependency, and platform governance. Each example shows the rule, the AI's offending output, and the structured flags Mneme emits. Frames the category as decision injection, not lint scanning. - [Supported languages (canonical docs)](https://mnemehq.com/docs/supported-languages/): Full coverage matrix. Python is Tier 1 production-grade with native CLI, benchmarks, hooks, and dogfooding. TypeScript and JavaScript are Tier 1 operationally supported (repo + dependency + workflow rules, no AST yet). Go, Java, C#, and Rust are Tier 2 — repo-level governance through architectural and dependency rules without ecosystem-specific policy packs. Includes the strategic positioning: repo-first, not parser-first. ## Language governance pages Marketing/SEO pages framed as "architectural governance for AI-assisted X development" — not "Mneme supports X." Selectively built for the languages with strongest AI coding adoption and the easiest architectural drift demos, now extended to framework ecosystems (FastAPI, Spring Boot) and infrastructure as code (Terraform). - [Supported languages hub](https://mnemehq.com/supported-languages/): Cross-language hub. Tier 1 cards link through to dedicated language pages; Tier 2 (Go, Java, C#, Rust) link to the canonical docs matrix. Strategic positioning: cross-language governance before deep language specialization. - [Python governance](https://mnemehq.com/supported-languages/python-governance/): Tier 1 production-grade. Six worked Python examples — forbidden ORM introduction, business logic in FastAPI routes, raw SQL concatenation, Celery re-introduction after Pub/Sub supersession, mock-auth blocks, missing OpenTelemetry middleware. Native CLI, Claude Code hooks, Cursor rules export, GitHub Actions CI gating. - [TypeScript governance](https://mnemehq.com/supported-languages/typescript-governance/): Tier 1 operationally supported. Five worked TS examples — Redux in a Zustand-standardized app, server-only imports in client components, direct fetch outside the data layer, cross-package imports in monorepos, GPL dependency added to package.json. Type system stays under tsc; Mneme governs choices tsc cannot enforce. - [JavaScript governance](https://mnemehq.com/supported-languages/javascript-governance/): Tier 1 operationally supported. Four worked JS examples — CommonJS regression after ESM migration, business logic in Express handlers, raw SQL string concatenation, cron jobs bypassing approved scheduler. Same model as TypeScript without type-system assumptions. - [FastAPI governance](https://mnemehq.com/supported-languages/fastapi-governance/): Framework ecosystem page (Python). Repo-native rules, no bespoke FastAPI parser. Five worked examples — business logic in route handlers, database access inside routers, ad hoc construction over dependency injection, missing auth dependency on a protected router, inconsistent response serialization. Keeps router/service/repository/schema boundaries and thin handlers. - [Spring Boot governance](https://mnemehq.com/supported-languages/spring-boot-governance/): Enterprise JVM framework page. Repo-native rules, no bespoke Spring parser. Five worked examples — controller calling a repository directly, unapproved starter added to the build, actuator over-exposure, Spring Security weakened, transaction boundary moved into the controller. Preserves layered boundaries, approved starters, transaction ownership, and security/actuator policy. - [Terraform governance](https://mnemehq.com/supported-languages/terraform-governance/): Infrastructure-as-code page (not a language or framework). Repo-native rules over .tf diffs, no HCL parser. Six worked examples — direct resource over approved module, public network exposure, unpinned provider/unapproved region, missing tags/naming, encryption disabled, state backend and locking weakened. Extends governance from application code into infrastructure and operational configuration. ## Source and benchmarks - [GitHub repository](https://github.com/TheoV823/mneme) - [Benchmark scenarios](https://github.com/TheoV823/mneme/tree/main/examples/benchmarks) ## Reported benchmark Governance Benchmark v1.1 methodology is published. The benchmark is deterministic and reproducible, measuring violation prevention rate, false positive rate, retrieval recall and precision, and the gap between end-to-end and oracle enforcement, across 36 scenarios in six categories including controls and ambiguous cases. Full results publish after scenario suite validation. Methodology and harness are public.