CLI: gate
The gate command is the definitive SHIP/NO_SHIP decision for your pipeline. It verifies an implementation against an ISL specification, computes a trust score, and returns exit code 0 (SHIP) or 1 (NO_SHIP). Use it in CI to block unverified code from shipping.
Usage
shipgate gate <spec> -i <impl> [options]The spec is the path to an ISL file; the implementation is the file or directory containing code that implements the spec.
Options
| Flag | Description |
|---|---|
-i, --impl <file> | Required. Implementation file or directory to verify |
-t, --threshold <score> | Minimum trust score to SHIP (default: 95) |
-o, --output <dir> | Output directory for evidence bundle (default: current directory) |
--ci | CI mode: minimal output, exit code only |
--verbose | Verbose output |
--format <format> | Output format: pretty, json, quiet |
--skip-policy | Skip organization policy (.shipgate.policy.yml). |
--policy-file <path> | Explicit policy YAML path (overrides auto-detect). |
--policy-profile <profile> | strict, standard, or lenient. |
--policy-lenient | If policy enforcement throws (not validation violations), continue without failing. Default is fail-closed (NO_SHIP) so CI cannot silently skip policy. |
Examples
Basic gate
shipgate gate user-service.isl --impl ./src/user-service.tsCustom threshold
shipgate gate user-service.isl --impl ./src/user-service.ts --threshold 80CI usage
# Minimal output; rely on exit code (0 = SHIP, 1 = NO_SHIP)shipgate gate specs/auth.isl --impl src/ --ci
# With minimum scoreshipgate gate specs/auth.isl --impl src/ --ci --threshold 90JSON output
shipgate gate user-service.isl --impl ./src/user-service.ts --format jsonOutput
Pretty output (default)
┌─────────────────────────────┐│ Verdict: SHIP ││ Trust Score: 100/100 ││ Confidence: 95% ││ Duration: 1.2s │└─────────────────────────────┘Exit code 0 means SHIP; exit code 1 means NO_SHIP. Use this in your CI pipeline.
Exit codes
After a successful invocation, shipgate gate exits with result.exitCode from the gate engine — typically 0 (SHIP) or 1 (NO_SHIP).
The CLI may also exit with:
| Code | Meaning |
|---|---|
0 | SHIP — verification passed, score meets threshold |
1 | NO_SHIP — verification failed or score below threshold |
2 | Usage error (e.g. missing --impl, unknown option) — see global exit handling |
3 | Internal error (rare) |
For a Tier-1 summary across commands, see Exit codes (Tier-1).
See also
- Quick Start — uses
shipgate gatein step 6 - CLI: check — type-check specs before verification
- CLI: verify — full verification with options (SMT, PBT, temporal)
- CI/CD Integration — add the gate to GitHub Actions