Category Definition

What is Semantic Debt?

"Semantic Debt" (n.): The invisible divergence between what software was designed to do and what it actually does—accumulated through code changes, config drift, and AI-generated logic.

Unlike technical debt, semantic debt is invisible until audit, outage, or lawsuit. Traditional testing can't catch it because tests validate behavior, not intent.

Technical Debt

Code that works but is hard to maintain. Visible in code reviews. Measurable by complexity metrics.

Semantic Debt

Code that works but violates original intent. Invisible to tests. Only detectable by constraint verification.

Security Debt

Known vulnerabilities. Detectable by scanners. Often has a CVE number.

First formalized by Cyrille Eloundou, 2024. Under academic review (IEEE ICSE 2026).

10-Second Overview

How It Works

DECLARE

Intent

Write PackSpec: constraints, lineage, ownership. Define what your system should mean.

VERIFY

Check

APX Engine harvests reality from code/config and verifies against PackSpec constraints.

PROVE

Evidence

Get cryptographic receipts (PASS) or actionable counterexamples (BLOCK/WARN) with full provenance.

No opinions. No heuristics. Deterministic verification.

Transformation

Before APX vs. With APX

See how teams transform compliance, governance, and risk management when semantic debt becomes measurable.

Metric	Before APX	With APX
Compliance review cycle	2-4 weeks	Minutes
Audit prep hours/year	200+ hours	Receipt retrieval
AI-generated code risk	Unknown / unquantified	Measured, bounded
Cross-system integration failures	Found in production	Caught pre-deployment
Governance enforcement	Quarterly, manual	Continuous, automated
Intent-reality alignment	Assumed / hoped for	Cryptographically proven

Projected ROI: 10x in year one from reduced debugging and prevented incidents.

Based on enterprise deployments with 50+ microservices and 200+ engineers. Your results may vary.

Built For

Value By Role

Different stakeholders see different value. APX delivers concrete outcomes for every role.

CISO / Compliance

Their Pain: "Audits take months"

Continuous compliance, not point-in-time. Audit evidence generated automatically.

Every APX receipt is an audit artifact. SOC2, ISO27001, GDPR—compliance state is always current. No scrambling before audits.

VP Engineering

Their Pain: "Governance slows us down"

Governance that accelerates—auto-fix before block. Developer velocity preserved.

APX enforcement happens in CI, not after deploy. Violations surface as counterexamples with fix guidance. No surprise rollbacks.

Platform Lead

Their Pain: "Cross-system mismatches break prod"

Semantic verification across Vault, Kafka, K8s, APIs. Catch drift before deploy.

APX verifies that Service A's config contract matches Service B's expectation. Schema mismatches, version skew, precision drift—all caught pre-deploy.

AI/ML Teams

Their Pain: "LLM code is risky"

Verify AI-generated code matches original intent. Receipts for every vibe-coded feature.

Run apx check on LLM-generated code. If it passes PackSpec constraints, it ships. If not, you get a counterexample showing exactly what drifted.

Core Deliverables

What You Get: Receipts & Counterexamples

APX doesn't just say "pass" or "fail"—it produces audit-ready cryptographic receipts for alignment and detailed counterexamples for violations. Every check is traceable, timestamped, and verifiable.

PASS

Cryptographic Receipt

When your system aligns with PackSpec, APX emits a signed receipt proving compliance at a specific commit.

{
  "pack": "api-contract-integrity",
  "repo": "payments-platform",
  "commit": "a9f3c2d",
  "timestamp": "2025-03-15T14:47:00Z",
  "result": "PASS",
  "constraints_verified": 12,
  "signature": "apx.sig.v1:0x9e4a..."
}

This is a receipt.

Auditors don't review it. They verify it.

Use cases: SOC2 audits, deployment gates, compliance reporting, change management records

BLOCK

Actionable Counterexample

When a constraint is violated, APX provides evidence, implication, and provenance—not just an error message.

{
  "constraint": "precision_parity",
  "violated_by": "payments-service",
  "evidence": {
    "declared": "Decimal(18,2)",
    "actual": "float64"
  },
  "implication": "Silent rounding in
  money calculations",
  "provenance": {
    "pack": "financial-primitives",
    "file": "schema/payment.sql:12",
    "lineage": "GDPR > SOX"
  }
}

Use cases: PR reviews, incident postmortems, architectural reviews, refactoring guidance

WARN

Controlled Technical Debt

APX also emits WARN status for acceptable deviations—like legacy code pending migration. These are tracked as semantic debt with aging, ownership, and mitigation plans.

Example: "payments-service uses deprecated auth pattern (acceptable until Q2 2025 migration)"

Receipts Flow Into Your Workflow

CI/CD

GitHub Actions, GitLab CI, Jenkins—APX checks PRs and blocks merges on BLOCK status.

Studio Lite

Browse receipts, inspect counterexamples, visualize constraint graphs, and track debt over time.

CLI & Local Dev

Run apx check before commit. Get instant feedback on semantic violations.

Try APX Now

Experience APX instantly with these interactive tools. No installation required.

APX Studio Lite (Alpha)

Full interactive environment to explore semantic governance. Visualize pack tuples, analyze constraints, track semantic debt, and see the Seven Laws in action.

Launch Studio

Cost Calculator

Calculate semantic debt costs. Get shareable reports.

Calculate

Pack Library

Curated starter packs for common stacks—expandable via your own PackSpec.

Browse

GitHub Badge

Display semantic health score on your README. Updates automatically on every commit. Drives organic discovery.

Get Your Badge

Start Today

How to Get APX

Start free with GitHub Action scanning, move to Studio Lite for visual workflows, scale to Enterprise for full governance.

FREE

APX Scanner

Detect semantic debt in any repo. No installation. 5-minute setup via GitHub Action.

✓Basic semantic debt detection
✓PASS/WARN/BLOCK status on PRs
✓JSON receipt output
✓Public repos unlimited

Install GitHub Action

CURRENT

ALPHA

APX Studio Lite

Visual constraint builder. Define PackSpec, verify systems, inspect receipts. Early access.

✓Everything in Free, plus:
✓Visual PackSpec editor
✓Constraint graph visualization
✓Semantic debt tracking dashboard
✓Counterexample browser

Launch Studio Lite

COMING Q2 2026

APX Platform

Full governance suite with SSO, audit exports, team controls, and enterprise SLA.

→Everything in Alpha, plus:
→SSO / SAML integration
→Automated audit exports (SOC2, ISO)
→Team role-based access control
→Multi-tenant governance

All tiers include access to Pack Library, Documentation, and Community Support

First-Class Outcomes

Stop Silent Integration Drift. Measure Debt Objectively.

Modern microservices fail silently when contracts drift across team boundaries. APX makes integration drift visible and semantic debt measurable—before production.

CRITICAL

Stops Silent Integration Drift

✓OpenAPI/gRPC contracts: Verify endpoint existence, parameter types, response schemas
✓Schema evolution: Detect breaking changes in database migrations, message queues, event streams
✓Precision invariants: Catch float64-to-Decimal mismatches that cause financial errors
✓Version alignment: Ensure API versions, SDK versions, and protocol versions match across services

MEASURABLE

Measures Debt Objectively

●Debt ratio: % of system diverging from documented intent
●Velocity: Rate of debt accumulation per sprint/week
●Age tracking: How long each violation has existed
●Backlog size: Total WARN violations awaiting mitigation

Unlike subjective "code smells," APX provides objective metrics you can track in dashboards and reports.

PREVENTION

Prevents Production Surprises

→Pre-deploy verification: Check cross-system invariants before release
→Feature flag safety: Ensure flags preserve system semantics when toggled
→Multi-service testing: Verify that Service A → Service B → Service C maintains semantic contracts
→Config drift detection: Catch when environment configs diverge from declared constraints

Real-World Impact: Microservices at Scale

At a 50-service architecture with 200 engineers, silent integration drift causes ~3-5 production incidents per quarter. Each incident costs 8-12 eng-hours in triage, rollback, and postmortem.

APX catches these violations in CI—before merge, before deploy, before customer impact. Teams report 40-60% reduction in integration-related incidents within first 90 days.

The Seven Laws of Semantic Governance

APX enforces seven fundamental laws that govern software semantics—ensuring meaning is preserved across code, configuration, and systems.

Law #1: Semantic Debt Visibility

All semantic debt must be visible and measurable. Track the gap between intended and actual system meaning across every layer.

Law #2: Constraint Enforcement

PackSpec constraints are verified before changes reach production. CVS ensures structural and semantic invariants hold.

Law #3: Replay & Forensic Evidence

Every change is recorded with complete context. Semantic violations can be replayed and analyzed post-incident.

Law #4: Evolution & Optimization

Systems adapt under environmental pressure. ARE enables controlled evolution while maintaining semantic integrity.

Law #5: Lineage & AMC

Track causal relationships through Applied Material Context. Every decision carries forward its full lineage.

Law #6: Compliance Proofs

Generate cryptographic proofs of semantic compliance. Auditable evidence for regulatory and operational requirements.

Law #7: Safety & Typed Relaxation

Controlled relaxation of constraints when necessary. Every exception is typed, tracked, and bounded in scope.

Why Seven Laws? These laws provide the foundation for deterministic semantic verification. Together, they prevent the failure patterns seen in Knight Capital, Equifax, and Facebook outages—where meaning drifted silently until catastrophic failure.

Explore the foundations →

The Case for Semantic Governance

Incidents like Knight Capital, Equifax, and British Airways highlight failures of semantic governance—misaligned meaning between code, configuration, and architecture.

APX introduces a mathematical structure for governing these semantics. Below we illustrate how APX's model would apply to such failures.

Financial Services • August 1, 2012

Knight Capital: $440M in 45 Minutes

Manual deployment to 8 servers left 1 server outdated. Repurposed flag activated dormant "Power Peg" algorithm from 2005. System bought high, sold low across 154 stocks—creating a $7B unintended position.

Timeline: 9:30 AM market open → 10:15 AM $440M loss → Company sold within months

Root Cause: Semantic debt + flag repurposing + tribal knowledge loss + deployment inconsistency

APX Prevention: Feature Packs track deprecation explicitly. CVS blocks flag repurposing without removing old code. Deployment lineage catches server drift.

Impact

$440M loss + 75% stock drop

Detection Time

45 minutes (too late)

$440M + bankruptcy

Read full analysis →

Data Breach • 2017

Equifax

Apache Struts vulnerability disclosed March 7. Patch available same day. Equifax patched July 30 (144 days later). Attackers had 4+ months of access to 147.9 million records.

Root Cause: Velocity mismatch—manual patching vs. threats

APX Prevention: Environmental pressure triggers evolution. 336x faster response.

$1.4B settlement + remediation

Infrastructure • 2021

Facebook Outage

BGP maintenance command triggered bug in audit tool. All Facebook network routes deleted from internet. Physical access required but network-authenticated badge readers didn't work. Recovery procedures out of date.

Root Cause: Audit tool bug + runbook obsolescence

APX Prevention: CVS verifies constraints, blocks destructive operations.

~$100M + $40B market cap drop

Aviation • 2017

British Airways

Power failure at data center. Recovery took 3 days because disaster recovery procedures were from 2014, infrastructure had completely changed, and original team had left after 2016 outsourcing.

Root Cause: Runbook obsolescence + tribal knowledge loss

APX Prevention: ARE maintains executable recovery Packs, automatically updated.

$120M + CEO resignation

Cloud Infrastructure • 2023

Kubernetes ConfigMap Drift

ConfigMap updated in staging to fix authentication timeout. Change manually applied to prod with wrong namespace selector. All microservices pointed to non-existent auth service. Cascading failures across 47 services. Issue undetected until customer complaints flooded in.

Timeline: 6:12 PM manual apply → 6:15 PM first service failures → 8:47 PM full restoration after rollback

Root Cause: Configuration drift between environments + manual ops + no constraint validation

APX Prevention: Feature Packs encode environment constraints. CVS blocks deployments with invalid selectors. Constraint verification catches namespace mismatches at apply-time, not runtime.

Impact

2.5 hour outage + customer trust

Services Affected

47 microservices (cascading)

Modern cloud infrastructure failure pattern

Total Cost: $2.76 Billion+

APX's mathematical governance model addresses the fundamental pattern underlying these failures: meaning misalignment across system boundaries

Implementation Status

APX v0.x is implemented with core components entering active testing

✓ Shipped & Available

✓GitHub Action v0.x — CI/CD semantic debt detection (Free, public repos)
✓Studio Lite Alpha — Interactive Pack viewer & constraint explorer (Free, always)
✓Harvester v0.x — Extract semantic structure from codebases
✓PSL Engine — Pack Specification Language processor
✓Mathematical Model — Core 9-tuple representation encoded

⧗ In Active Development

⧗VS Code Extension v0.x — Inline semantic debt warnings, Pack navigation (MVP)
⧗Visual Studio 2022 Plugin — C#/.NET Pack integration (MVP)
⧗JetBrains Plugin — IntelliJ/Rider semantic governance (MVP)
⧗Eclipse Plugin — Java/Enterprise Pack support (MVP)
⧗APX Studio (Full) — Pack editor, multi-repo governance, attestation signing
⧗Evolution Engine — Note: Governed adaptation remains research-phase, not production-ready

Testing Timeline

Q1-Q2 2025: Early access program with design partners to validate constraint engine, semantic debt detection, and Studio Lite workflow across diverse codebases and team sizes.

The Problem

AI can write code 10x faster than humans can verify it. Semantic debt that used to accumulate over years now accumulates over months.

Semantic Debt

The invisible gap between what your code does and what your team thinks it does. Unlike technical debt, semantic debt is invisible until it causes a production incident.

•Feature flags outlive features and get repurposed
•Dead code isn't dead—it's dormant and can reactivate
•Tribal knowledge leaves with employees
•Configuration varies across environments

Learn more about semantic debt →

Supported Stacks & Signals

Languages & Frameworks

• JavaScript/TypeScript (Node, React, Vue)
• Python (Django, Flask, FastAPI)
• Go, Rust, Java, C#/.NET
• Ruby (Rails), PHP

Infrastructure as Code

• Kubernetes manifests & Helm charts
• Terraform, CloudFormation
• Docker Compose, Nomad
• Ansible playbooks

Policy & Compliance

• OPA (Open Policy Agent) rules
• Security policies & RBAC configs
• API contracts (OpenAPI, gRPC)
• Database schemas & migrations

Semantic Signals

• Feature flags & config drift
• Deprecated code still referenced
• Constraint violations (type, range, enum)
• Lineage breaks & orphaned dependencies

Unverifiable Logic

Traditional tools check syntax, not semantics. Your CI/CD pipeline can't detect the gap between what code does and what your architecture requires it to do.

•Tests verify code matches test expectations, not business rules
•Code review catches changes in the diff, not existing problems
•Static analysis finds bugs, not architectural violations
•Documentation drifts from reality

Velocity Mismatch

AI generates code 10x faster than humans can verify it. The gap between change velocity and verification velocity is exponentially growing.

Equifax Breach (2017)

144 days to patch

CVE-2023-38408

2 hours to exploit

Manual patching can't keep pace with automated threats. Security vulnerabilities are disclosed in hours. Manual verification takes weeks.

The Solution

APX is a governance-grade compliance engine with deterministic PASS/WARN/BLOCK decisions, audit-ready receipts, and honest failure when constraints are unsatisfiable.

APX makes software evolution deterministic through Feature Packs with embedded constraints and continuous semantic verification.

Feature Packs

Self-contained units of functionality with business logic, constraints, tests, and lineage tracked together. Every change is semantically tagged and verifiable.

pack PaymentFlow v2.3.1 {
  constraint: amount > 0
  constraint: currency in [USD, EUR]
  constraint: status in [pending, completed, failed]
  lineage: replaces PaymentFlow v2.3.0
  deprecated: power_peg_mode
}

•Business logic and constraints bundled together
•Complete version history with semantic lineage
•Explicit deprecation tracking prevents Knight Capital scenarios

Constraint Verification System (CVS)

Formal rules encoded and checked automatically. Business invariants verified at compile time. Impossible states become unrepresentable.

Payment amount constraint✓ Verified

Currency whitelist✓ Verified

Deprecated features⚠ 1 violation

Every commit is checked against your defined constraints. Violations block deployment, not production.

Autonomous Model Composer (AMC)

Environmental pressures trigger evolution. Threats, performance degradation, and regulatory changes drive automatic adaptation within verified constraints.

•Security patches applied automatically within safety bounds
•Performance optimizations validated against constraints
•Compliance updates with audit trails

Trait Extraction Quality

Semantic analysis accuracy depends on robust trait harvesting across languages and infrastructure-as-code. APX currently supports:

Supported Stacks

• JavaScript/TypeScript (Node.js, React, Vue)
• Python (Django, Flask, FastAPI)
• Terraform & CloudFormation
• Docker & Kubernetes manifests

Quality Assurance

• Staleness detection for config drift
• Confidence grading per trait
• Runtime vs. static analysis reconciliation
• Drift alerts for infrastructure changes

Additional language support and improved harvesting algorithms are in active development.

APX Annotations (Explainability in Code)

Lightweight markers that make governance visible in your IDE and PRs

What It Is

Lightweight markers in code and configuration (apx:pack(...), apx:constraint(...), apx:trait(...)) that bind artifacts to PackSpec constraints and provenance.

Makes governance visible in IDE and PRs; reviewers see what policy applies and why; enables line-level receipts.

How It Works

Harvester/Evaluator emits check.core.json; IDE plugins overlay diagnostics and can apply annotations automatically. PackSpec stays authoritative; conflicting annotations are flagged, not applied.

Outputs include inline hints, hover cards, and receipts pointing to exact lines.

Examples

Code Annotations

// apx:pack("payments-api")// apx:constraint("strict-k8s.pdb")// apx:trait("replicas", value=3)

YAML Annotations

# apx:constraint("pci.encryption")tls: enabled: true

Try It

IDE plugins (VS Code / VS 2022 / JetBrains / Eclipse) can load check.core.json and run "Apply annotations" on a file.

View IDE installation options →

Trait Evolution (Search to Reduce Semantic Debt)

Constraint-aware search that suggests best-known-good configurations under your policies

What It Is

Constraint-aware search engine (GA/heuristics) that explores configuration traits (replicas, timeouts, HPA/PDB settings) to minimize semantic debt while respecting hard policies. Moves from "detect" to "suggest best-known-good" while respecting hard/soft constraints; highlights infra blockers and frozen traits.

How It Works

Evolves candidates, scores against PackSpec constraints, detects infra/external blockers, stops on plateau; won't mutate frozen traits. Outputs best_config plus evolution metadata in receipts and core JSON.

CLI Example

apx evolve-pack --fitness-mode constraints --constraint-spec examples/constraints/healthcare_sample.yaml --pack examples/packs/service.yaml --plateau-patience 5

Suggested Configuration

replicas: 3

pdb.minAvailable: 1

hpa.min: 3

hpa.max: 10

timeout: 250ms

Evolution Metadata

generations_run: 12

plateau_detected: true

blocked_by_infra: false

blockers: []

What You Get

✓Best-fit configurations that respect all PackSpec constraints
✓Identification of infrastructure blockers preventing optimal configs
✓Frozen trait detection for safety-critical settings
✓Full audit trail of evolution process in receipts

Try It

Use the GitHub Action or CLI to run trait evolution on your packs and review suggested improvements with full constraint validation.

View Action/CLI installation →Read full documentation →

The APX Mathematical Model

APX represents software meaning as a formally defined mathematical structure

Honest Failure

If a constraint is infrastructure-bound or unsatisfiable (like DEA-1311.170 style regulations), APX blocks, explains why, and stops searching—no silent passes. You'll know immediately if governance cannot be verified.

The Pack Tuple

Every Feature Pack in APX is represented as a 9-tuple that captures all aspects of its semantic meaning:

P = (τ, T, Φ, M, A, H, L, S, Δ)

Type

Classification of the Pack (feature, service, infrastructure, etc.)

Traits

Semantic properties describing what the Pack means and does

Constraints

Formal rules defining allowed values and valid operations

Metadata

Ownership, versioning, documentation, and auxiliary information

Artifacts

Code, configuration files, schemas, and other concrete implementations

Hooks

Lifecycle events, validation triggers, and integration points

Lineage

Evolution history, dependencies, and governance rules for changes

State

Lifecycle status (active, deprecated, experimental, retired)

Semantic Debt Vector

Quantifiable measure of misalignment between intended and actual meaning across all dimensions

Why This Matters

This mathematical representation makes software meaning explicit, verifiable, and composable. Every aspect of a Pack's semantics is formally defined, enabling automated verification, governed evolution, and deterministic composition.

See It In Action

Studio Lite visualizes this tuple structure interactively, showing how each component relates to your actual codebase.

Try Studio Lite →

What You Get: Outputs & Decisions

APX produces actionable results for every commit, PR, and deployment:

PASS

All constraints verified. No semantic debt detected. Safe to merge.

WARN

Non-blocking issues found. Review recommended but merge allowed.

BLOCK

Critical constraint violation. Merge prevented until resolved.

Example Console Output:

✓ Pack: PaymentFlow v2.3.1 — health: 94% — 3 constraints verified
⚠ Pack: AuthService v1.2.0 — health: 78% — deprecated function still referenced
✗ Pack: ConfigMap v0.8.1 — BLOCK — namespace selector mismatch (prod != staging)

Health Score JSON: Quantified semantic debt across all Packs (0-100%)

Receipt JSON: Cryptographic proof of verification with timestamp & signature

Core JSON: Complete Pack tuple export for external tooling integration

Cryptographic Receipts

Tamper-proof, time-stamped audit trails for every compliance check

Verifiable Compliance Proof

Every APX check generates a cryptographically signed, time-stamped receipt that serves as machine-readable proof of compliance. No more spreadsheet archaeology during audits—receipts are queryable, verifiable, and immutable.

// Query: "Prove compliance at 2:47 PM on March 15, 2024"
{"timestamp": "2024-03-15T14:47:23Z","signature": "sha256:a3f9c8b2e...","verdict": "PASS","constraints_verified": 47,"policy": "hipaa-basic","commit": "7f9a2c1"}

•Time-stamped: Precise moment of verification
•Signable: Cryptographic proof of authenticity
•Queryable: Audit trail accessible via API or CLI
•Immutable: Cannot be retroactively modified

Audit-Ready Evidence

When auditors ask "How do you know this system was compliant on date X?", point them directly at the receipt. Machine-readable, cryptographically verified, and backed by the APX mathematical model.

apx receipt --query "2024-03-15T14:47:23Z" --export pdf

Research Foundation

APX is grounded in formal research on software evolution and semantic governance

Research Paper

Submitted to IEEE Software & ICSE 2026

APX's verification approach is under peer review by leading software engineering researchers and practitioners.

Under Review

Formal Methods

Case Study Analysis

Learning from Major Incidents

Analyzed $2.76B+ in documented losses from Knight Capital, Equifax, Facebook, and British Airways to identify common semantic governance failures.

These retrospective analyses informed APX's constraint model and governance mechanisms.

Current Phase

Active Testing & Validation

APX v0.x is implemented and entering empirical validation. Early engineering partners are testing the constraint engine, semantic debt detection, and Studio Lite across diverse codebases to measure real-world impact on merge reliability, onboarding speed, and governance safety.

Large-scale validation results will be published as they become available through Q1-Q2 2025.

Get Started

Start detecting semantic debt in your codebase today

First 5 Minutes

# Install CLI globallynpm i -g @apx/cli

# Initialize in your projectapx init

# Run semantic analysisapx check --json

Expected Output: You should see PASS/WARN/BLOCK verdicts with explanations:

✓ 12 constraints PASS
⚠ 2 constraints WARN (non-blocking)
✗ 0 constraints BLOCK

Next: Open check.health.json in Studio Lite to visualize Pack structure and constraint violations. Then add the GitHub Action to gate your CI.

1. Install the GitHub Action

Add APX to your CI/CD pipeline in minutes

uses: apx/semantic-drift@v1

2. Define Your Constraints

Encode business rules as verifiable constraints, or use built-in policies (HIPAA, PCI, SOX)

3. Let APX Verify

Continuous semantic verification on every commit

View on GitHub Read Full Documentation

Quick Path: Start Here

1GitHub Action→2CLI→3Studio Lite

Action: Gate PRs/CI with apx check (health/receipt/core JSON)

CLI: Run locally before push, same outputs

Studio Lite: Open the JSON outputs to visualize constraints/violations

See all installation options →

Components

Install APX wherever you work—CI/CD, terminal, IDE, or browser

GitHub Action (APX Check)

Core

PR/CI governance (PASS/WARN/BLOCK), emits health/receipt/core JSON

uses: apx-labs/apx-action@v0

Use it for: Gate merges; PR comment shows top violations

APX CLI

Core

Local checks, same JSON outputs as CI

npm i -g @apx/clipip install apx-harvest

Use it for: apx check --json --policy strict-k8s before pushing

Studio Lite (Alpha)

Core

Offline viewer for PackSpec, health, receipt, core JSON

Open Studio Lite; drop in check.core.json / check.health.json

Use it for: Visualize constraints/violations; share snapshots

Launch Studio Lite →

VS Code Extension

IDE

Inline diagnostics, hovers, apply annotations, open health/receipt/core

Install: VSIX from Studio Lite Install tab (Marketplace when available)

Use it for: Fix-in-editor with APX hints

Visual Studio 2022

IDE

Error List diagnostics from core JSON; open health/receipt; apply annotations

Install: VSIX from Studio Lite Install tab; double-click to install

Use it for: Windows/.NET workflows

JetBrains IDEs

IDE

IntelliJ/IDEA/Rider/GoLand/PyCharm: Load core JSON, show APX markers/hints

Install: ZIP from Studio Lite Install tab → Settings > Plugins > Install from Disk

Use it for: JetBrains-first teams needing APX signals

Eclipse / STS

IDE

Load core JSON, show APX markers

Install: Update-site ZIP from Studio Lite Install tab → Install New Software (from archive)

Use it for: Java/Spring teams on Eclipse/STS

New Relic Telemetry

Optional

Emit APX health/receipt as NR custom events/metrics

Install: Use Node/Python snippets from the Studio Lite card; wire to NR One

Use it for: Centralized observability of APX health across services

Installation Tips

•Start with the GitHub Action to get CI/CD coverage immediately
•Install the CLI for local validation before pushing
•Use Studio Lite to visualize and understand constraint violations
•Add IDE extensions for inline feedback during development

Built-in Constraint Library

Don't start from scratch. APX includes maintained, versioned constraint policies for common compliance frameworks:

HIPAA

Healthcare data protection

PCI DSS

Payment card security

SOX

Financial reporting controls

Import these policies with a single command or use them as templates. Authoring APIs exist for custom constraints, but they're optional—most teams start with the built-in library.

apx check --policy hipaa-basic

Free vs Paid

Core semantic debt detection is free forever. Advanced governance features require a paid plan.

Free

Forever. No credit card required.

✓GitHub Action (public repos)
✓Studio Lite — Pack viewer & constraint explorer
✓Semantic debt detection & health scoring
✓PASS/WARN decisions (non-blocking)
✓JSON exports (health, core Pack data)
✓Community support via GitHub Discussions

Get Started Free

Early Access

Paid

Custom

Contact for pricing. Available Q2 2025.

Everything in Free, plus:

✓BLOCK decisions — Prevent merges that violate constraints
✓Cryptographic attestations & receipts (signed proofs)
✓Regulatory policy packs (SOC2, HIPAA, PCI-DSS)
✓APX Studio (full) — Pack editor, multi-repo governance
✓IDE plugins (VS Code, JetBrains, Visual Studio)
✓Private repos + self-hosted runners
✓Priority support + 30-min onboarding session

Join Early Access

Note: Studio Lite and the GitHub Action remain free forever, even after paid features launch. Paid tier adds blocking enforcement, attestations, and enterprise governance tools.

Join the Early Access Program

Help shape the future of semantic governance by testing APX with your team

Primary Focus: Regulated Software Teams

APX is purpose-built for teams in healthcare, finance, and regulated industries who need verifiable, blocking governance. If you're shipping software under HIPAA, PCI DSS, SOX, or similar frameworks, APX provides the deterministic compliance verification your auditors demand.

What You Get

✓Access to APX Studio Lite Alpha
✓Semantic Debt GitHub Action with priority support
✓Direct integration guidance and testing support
✓Influence over PSL spec and APX roadmap
✓Early access to production features
✓Opportunity to co-publish case studies

Ideal Participants

Engineering Teams

Teams dealing with technical debt, complex migrations, or rapid AI-assisted development

Platform Engineers

Organizations managing multi-repo architectures, microservices, or compliance requirements

Research Partners

Academic institutions interested in software engineering, formal methods, or governance research

Apply for Early Access

We're inviting a limited number of teams to join the APX Early Access Program. Applications are reviewed on a rolling basis. Early access unlocks:

What Paid Early Access Unlocks

•Blocking enforcement: BLOCK decisions prevent merges that violate constraints
•Attestations: Cryptographic receipts proving verification happened (auditable, tamper-proof)
•Regulatory policy packs: Pre-built constraint sets for SOC2, HIPAA, PCI-DSS compliance
•30-min onboarding: Live walkthrough with APX team to configure your first Packs

Apply via Email

Applications are reviewed within 48 hours. Include: team size, tech stack, main challenges, and what you hope to learn from APX. You'll receive a calendar link for your 30-min onboarding session once approved.

Research

APX is built on peer-reviewed research submitted to IEEE Software and ICSE 2026

Research Paper • Under Review

APX: A Mathematical Framework for Autonomous, Governed Software Adaptation

Abstract

Modern software systems face a fundamental challenge: AI can generate code 10x faster than humans can verify it, causing semantic debt—the divergence between documented and actual system behavior—to accumulate at unprecedented rates. Existing tools detect syntactic issues but miss semantic misalignment, leading to catastrophic failures like Knight Capital's $440M loss.

We present APX, a system that makes software evolution deterministic through three core mechanisms: (1) Feature Packs that bundle business logic with verifiable constraints and lineage tracking, (2) a Constraint Verification System (CVS) that enforces semantic invariants at compile time, and (3) a Semantic Evolution Engine that enables governed adaptation in response to environmental pressures. APX is currently implemented and entering empirical validation to measure impact on merge reliability, onboarding efficiency, and governance safety while addressing classes of failures that have caused $2.76B+ in documented losses.

Conference

IEEE Software & ICSE 2026

Software Engineering Track

Authors

Cyrille Eloundou

Read Full Paper Training Documentation

Documentation

Training & Implementation Guide

Complete documentation covering APX concepts, implementation patterns, and best practices. Includes practical examples for defining Feature Packs, encoding constraints, and integrating with existing systems.

Core Concepts

• Feature Pack Architecture
• Semantic Boundaries
• Constraint Definition Language
• Lineage Tracking

Implementation

• GitHub Action Setup
• CI/CD Integration
• Constraint Examples
• Migration Strategies

View Full Documentation →

Seven Laws of Semantic Governance

Meaning Must Be Visible — All semantic changes are explicitly documented
Constraints Define Truth — Business rules are encoded as verifiable constraints
Lineage Creates Accountability — Every artifact traces back to its origin
Evolution Must Preserve Meaning — Changes maintain semantic coherence
Fitness Is Contextual — Changes are evaluated against their environment
Meaning Must Be Replayable — Any semantic state can be reconstructed
Safety Comes From Mathematics — Critical semantics have formal verification

About the Author

Cyrille Eloundou

Founder of APX and DODO LLC, researcher focused on making software evolution deterministic and verifiable. Former systems engineer who spent years debugging production incidents caused by semantic debt.

The APX framework emerged from investigating major software failures and recognizing that traditional tools focus on syntax while missing the semantic layer where real problems occur.

Get in Touch

Questions about APX? Want to discuss implementation or research collaboration?

Email

cyrillesaxo@gmail.com

GitHub

APX Semantic Drift Action

Research Inquiries

For academic collaboration, peer review feedback, or research partnerships, please reach out via email with "Research" in the subject line.

What We Offer

APX Studio Lite Alpha

Free interactive viewer showing Feature Pack architecture and constraint verification. Always free.

Free GitHub Action

Start detecting semantic debt in your codebase today. Free and open source.

APX Studio (Coming Soon)

Full-featured Pack editor and IDE with advanced governance capabilities. Paid product in development.

Enterprise Solutions

Custom implementations for large-scale deployments. Contact us for details.

Response time: Typically within 48 hours

Trust & Security

APX is designed with security and privacy as core principles

Offline by Default

APX runs entirely in your CI/CD pipeline. No code leaves your infrastructure. Studio Lite processes Packs locally in your browser—nothing sent to external servers.

No Secrets Collected

APX analyzes semantic structure, not runtime values. We never collect API keys, credentials, PII, or sensitive data. Only Pack metadata (types, constraints, lineage) is processed.

Optional Signing & Attestation

Paid tier includes cryptographic attestations—tamper-proof receipts that verification occurred. Uses standard Ed25519 signing. Fully auditable for compliance teams.

Self-Hosted Options

For enterprises requiring on-premise deployment, APX supports self-hosted GitHub Actions runners and air-gapped environments. Contact us for deployment guidance.

Credibility

Born in Production. Validated by Academia.

APX emerged from 17+ years of enterprise architecture at scale and is now under formal academic review.

ENTERPRISE PROVEN

Born in Production

APX's foundations were forged during 17+ years building and maintaining enterprise systems at scale—including HashiCorp Vault deployments at Bank of America and complex microservice architectures across financial services.

→Vault secret management at banking scale (production)
→Multi-region microservices (50+ services, 200+ engineers)
→Config drift incidents, tribal knowledge loss, flag repurposing disasters

APX is not a whiteboard theory. It's a response to real production pain.

UNDER ACADEMIC REVIEW

Academic Rigor

The mathematical foundations of APX are under formal peer review for presentation at IEEE ICSE 2026, the premier conference for software engineering research.

→Formal 9-tuple representation of semantic governance
→Constraint Verification System (CVS) proofs
→Applied Material Context (AMC) lineage tracking

IEEE ICSE 2026 submission: "Semantic Governance: A Mathematical Framework for Intent-Preserving Software Evolution"

17+

Years in Production

$2.76B+

Incidents Analyzed

9-Tuple

Mathematical Model

Enterprise battle-tested. Academically rigorous. Production-ready.