Add CLAUDE.md for ast-jetbrains-plugin (AST-146801)

[cx-atish-jadhav]

Description

Added standardized CLAUDE.md file for the ast-jetbrains-plugin repository as part of the Claude MD standardization initiative.

CLAUDE.md is a context file that provides Claude AI with instant knowledge
about the project, enabling faster and more accurate assistance for all
team members. It covers:

• Project overview and split plugin architecture (Checkmarx AST + DevAssist)
• Module dependency graph (common-lib → devassist-lib → plugin modules)
• Repository structure and key packages
• Technology stack (Java 11, Gradle 8.x, IntelliJ Platform 2022.2.1)
• Build commands, development setup, and test execution
• Coding standards and project rules
• CI/CD workflows and release process
• Telemetry events and values
• Debugging steps
• Security and access details

References

• Epic: AST-146801
• Ticket: AST-146801

Testing

• No code changes — documentation only (CLAUDE.md file addition)
• No unit/integration tests required
• Verified that the CLAUDE.md content accurately reflects the current project structure, build system, and workflows by cross-referencing with gradle.properties, settings.gradle, build.gradle, plugin.xml files, and CI/CD workflow files

Checklist

• I have added documentation for new/changed functionality in this PR (if applicable).
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used

[github-actions]

Checkmarx One – Scan Summary & Details – 330e5242-ebb6-4047-a5be-0b7623887418

Great job! No new security vulnerabilities introduced in this pull request

[cx-anand-nandeshwar]

The file is already a good context document and covers most important areas but its need some improvements few missing explicit sections.

• Add a Performance Considerations Section
  The plugin does background scanning, UI updates, CLI wrapper calls, and real-time inspections. A dedicated performance section would be useful. e.g. Avoid blocking the IntelliJ EDT. Long-running operations,
• Add a Dedicated API / Endpoints / Interfaces Section
  The current file says that the plugin uses ast-cli-java-wrapper and does not make direct REST calls. That is good, but the section should explicitly describe the boundary/interface. e.g. All platform communication is routed through ast-cli-java-wrapper
• Logging
• Add “Do Not” Rules Specific to AI / Assistant Usage e.g., Do not bypass ast-cli-java-wrapper, Do not change plugin IDs etc

[stepsecurity-app]

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-atish-jadhav) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

[stepsecurity-app]

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-atish-jadhav) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

[stepsecurity-app]

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-atish-jadhav) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

[stepsecurity-app]

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-atish-jadhav) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

[stepsecurity-app]

Security Policy Alert: Secret Policy Violation

This workflow run has been blocked by StepSecurity's secrets policy because it accesses secrets and the workflow file differs from the default branch.

To approve this workflow, please add the workflows-approved label to this PR.

Note: The label must be added by someone other than the PR author (cx-atish-jadhav) or automation bots to ensure proper security review.

After the label is added, you can re-run the blocked workflow to proceed.

This workflow will be automatically approved once merged into the default branch.

For more information, see StepSecurity's Secret Exfiltration Policy documentation.

[stepsecurity-app]

Security Policy Alert: Runner Label Policy Violation

This workflow run has been blocked by StepSecurity's runner label policy because it uses runner labels that are not allowed by your organization's policy.

Disallowed Runner Labels:

• ubuntu-latest

To fix this issue, please modify the runs-on field in your workflow to use only allowed runner labels. Contact your organization administrator if you need further assistance.

For more information, see StepSecurity's Runner Label Policy documentation.

[stepsecurity-app]

Security Policy Alert: Runner Label Policy Violation

This workflow run has been blocked by StepSecurity's runner label policy because it uses runner labels that are not allowed by your organization's policy.

Disallowed Runner Labels:

• ubuntu-latest

To fix this issue, please modify the runs-on field in your workflow to use only allowed runner labels. Contact your organization administrator if you need further assistance.

For more information, see StepSecurity's Runner Label Policy documentation.

[stepsecurity-app]

Security Policy Alert: Runner Label Policy Violation

This workflow run has been blocked by StepSecurity's runner label policy because it uses runner labels that are not allowed by your organization's policy.

Disallowed Runner Labels:

• ubuntu-latest

To fix this issue, please modify the runs-on field in your workflow to use only allowed runner labels. Contact your organization administrator if you need further assistance.

For more information, see StepSecurity's Runner Label Policy documentation.

[stepsecurity-app]

Security Policy Alert: Runner Label Policy Violation

This workflow run has been blocked by StepSecurity's runner label policy because it uses runner labels that are not allowed by your organization's policy.

Disallowed Runner Labels:

• ubuntu-latest

To fix this issue, please modify the runs-on field in your workflow to use only allowed runner labels. Contact your organization administrator if you need further assistance.

For more information, see StepSecurity's Runner Label Policy documentation.