3tears-enforcement 0.14.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- 3tears_enforcement-0.14.0/.gitignore +216 -0
- 3tears_enforcement-0.14.0/LICENSE +21 -0
- 3tears_enforcement-0.14.0/PKG-INFO +99 -0
- 3tears_enforcement-0.14.0/README.md +78 -0
- 3tears_enforcement-0.14.0/pyproject.toml +39 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/__init__.py +5 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/cache/__init__.py +52 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/cache/config.py +138 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/cache/runner.py +251 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/cache/walkers.py +937 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/codebase_conventions/__init__.py +40 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/codebase_conventions/config.py +104 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/codebase_conventions/runner.py +217 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/codebase_conventions/walkers.py +469 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/coercion_coverage/__init__.py +32 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/coercion_coverage/config.py +56 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/coercion_coverage/runner.py +139 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/coercion_coverage/walkers.py +143 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/__init__.py +74 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/ast_helpers.py +249 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/exemptions.py +217 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/inheritance.py +169 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/modes.py +59 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/pyproject_discovery.py +422 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/repo_layout.py +80 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/reports.py +83 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/common/violations.py +50 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dependency_alignment/__init__.py +35 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dependency_alignment/config.py +35 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dependency_alignment/runner.py +81 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dependency_alignment/walkers.py +407 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dict_state_detection/__init__.py +38 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dict_state_detection/config.py +176 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dict_state_detection/runner.py +154 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/dict_state_detection/walkers.py +532 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/fake_parity/__init__.py +29 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/fake_parity/config.py +49 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/fake_parity/runner.py +115 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/fake_parity/walkers.py +484 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/logger_coverage/__init__.py +32 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/logger_coverage/config.py +92 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/logger_coverage/runner.py +149 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/logger_coverage/walkers.py +217 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/migration_yugabyte_safety/__init__.py +34 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/migration_yugabyte_safety/config.py +86 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/migration_yugabyte_safety/runner.py +176 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/migration_yugabyte_safety/walkers.py +114 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/nats_wrapper_usage/__init__.py +35 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/nats_wrapper_usage/config.py +82 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/nats_wrapper_usage/runner.py +375 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/nats_wrapper_usage/walkers.py +352 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_silent_swallow/__init__.py +41 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_silent_swallow/config.py +90 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_silent_swallow/runner.py +142 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_silent_swallow/walkers.py +501 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_stdlib_logging/__init__.py +31 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_stdlib_logging/config.py +70 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_stdlib_logging/runner.py +147 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/no_stdlib_logging/walkers.py +292 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/underscore_access/__init__.py +47 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/underscore_access/config.py +82 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/underscore_access/runner.py +237 -0
- 3tears_enforcement-0.14.0/src/threetears/enforcement/underscore_access/walkers.py +681 -0
- 3tears_enforcement-0.14.0/tests/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/cache/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/cache/test_config.py +136 -0
- 3tears_enforcement-0.14.0/tests/cache/test_root_split.py +167 -0
- 3tears_enforcement-0.14.0/tests/cache/test_runner.py +201 -0
- 3tears_enforcement-0.14.0/tests/cache/test_walkers.py +716 -0
- 3tears_enforcement-0.14.0/tests/codebase_conventions/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/codebase_conventions/test_config.py +132 -0
- 3tears_enforcement-0.14.0/tests/codebase_conventions/test_runner.py +456 -0
- 3tears_enforcement-0.14.0/tests/codebase_conventions/test_walkers.py +662 -0
- 3tears_enforcement-0.14.0/tests/coercion_coverage/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/coercion_coverage/test_config.py +61 -0
- 3tears_enforcement-0.14.0/tests/coercion_coverage/test_runner.py +258 -0
- 3tears_enforcement-0.14.0/tests/coercion_coverage/test_walkers.py +308 -0
- 3tears_enforcement-0.14.0/tests/common/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/common/test_ast_helpers.py +197 -0
- 3tears_enforcement-0.14.0/tests/common/test_exemptions.py +220 -0
- 3tears_enforcement-0.14.0/tests/common/test_inheritance.py +180 -0
- 3tears_enforcement-0.14.0/tests/common/test_modes.py +61 -0
- 3tears_enforcement-0.14.0/tests/common/test_pyproject_discovery.py +282 -0
- 3tears_enforcement-0.14.0/tests/common/test_repo_layout.py +82 -0
- 3tears_enforcement-0.14.0/tests/common/test_reports.py +135 -0
- 3tears_enforcement-0.14.0/tests/common/test_violations.py +60 -0
- 3tears_enforcement-0.14.0/tests/dependency_alignment/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/dependency_alignment/test_walkers.py +253 -0
- 3tears_enforcement-0.14.0/tests/dict_state_detection/__init__.py +1 -0
- 3tears_enforcement-0.14.0/tests/dict_state_detection/test_config.py +181 -0
- 3tears_enforcement-0.14.0/tests/dict_state_detection/test_runner.py +382 -0
- 3tears_enforcement-0.14.0/tests/dict_state_detection/test_walkers.py +607 -0
- 3tears_enforcement-0.14.0/tests/fake_parity/__init__.py +1 -0
- 3tears_enforcement-0.14.0/tests/fake_parity/test_walkers.py +296 -0
- 3tears_enforcement-0.14.0/tests/logger_coverage/__init__.py +1 -0
- 3tears_enforcement-0.14.0/tests/logger_coverage/test_config.py +92 -0
- 3tears_enforcement-0.14.0/tests/logger_coverage/test_runner.py +268 -0
- 3tears_enforcement-0.14.0/tests/logger_coverage/test_walkers.py +367 -0
- 3tears_enforcement-0.14.0/tests/migration_yugabyte_safety/__init__.py +3 -0
- 3tears_enforcement-0.14.0/tests/migration_yugabyte_safety/test_config.py +104 -0
- 3tears_enforcement-0.14.0/tests/migration_yugabyte_safety/test_runner.py +347 -0
- 3tears_enforcement-0.14.0/tests/migration_yugabyte_safety/test_walkers.py +303 -0
- 3tears_enforcement-0.14.0/tests/nats_wrapper_usage/__init__.py +3 -0
- 3tears_enforcement-0.14.0/tests/nats_wrapper_usage/test_config.py +80 -0
- 3tears_enforcement-0.14.0/tests/nats_wrapper_usage/test_runner.py +430 -0
- 3tears_enforcement-0.14.0/tests/nats_wrapper_usage/test_walkers.py +366 -0
- 3tears_enforcement-0.14.0/tests/no_silent_swallow/__init__.py +1 -0
- 3tears_enforcement-0.14.0/tests/no_silent_swallow/test_config.py +89 -0
- 3tears_enforcement-0.14.0/tests/no_silent_swallow/test_runner.py +279 -0
- 3tears_enforcement-0.14.0/tests/no_silent_swallow/test_walkers.py +569 -0
- 3tears_enforcement-0.14.0/tests/no_stdlib_logging/__init__.py +1 -0
- 3tears_enforcement-0.14.0/tests/no_stdlib_logging/test_config.py +75 -0
- 3tears_enforcement-0.14.0/tests/no_stdlib_logging/test_runner.py +264 -0
- 3tears_enforcement-0.14.0/tests/no_stdlib_logging/test_walkers.py +450 -0
- 3tears_enforcement-0.14.0/tests/underscore_access/__init__.py +0 -0
- 3tears_enforcement-0.14.0/tests/underscore_access/test_config.py +102 -0
- 3tears_enforcement-0.14.0/tests/underscore_access/test_root_split.py +188 -0
- 3tears_enforcement-0.14.0/tests/underscore_access/test_runner.py +302 -0
- 3tears_enforcement-0.14.0/tests/underscore_access/test_walkers.py +461 -0
|
@@ -0,0 +1,216 @@
|
|
|
1
|
+
# Byte-compiled / optimized / DLL files
|
|
2
|
+
__pycache__/
|
|
3
|
+
*.py[codz]
|
|
4
|
+
*$py.class
|
|
5
|
+
|
|
6
|
+
# C extensions
|
|
7
|
+
*.so
|
|
8
|
+
|
|
9
|
+
# Distribution / packaging
|
|
10
|
+
.Python
|
|
11
|
+
build/
|
|
12
|
+
develop-eggs/
|
|
13
|
+
dist/
|
|
14
|
+
downloads/
|
|
15
|
+
eggs/
|
|
16
|
+
.eggs/
|
|
17
|
+
lib/
|
|
18
|
+
lib64/
|
|
19
|
+
parts/
|
|
20
|
+
sdist/
|
|
21
|
+
var/
|
|
22
|
+
wheels/
|
|
23
|
+
share/python-wheels/
|
|
24
|
+
*.egg-info/
|
|
25
|
+
.installed.cfg
|
|
26
|
+
*.egg
|
|
27
|
+
MANIFEST
|
|
28
|
+
|
|
29
|
+
# PyInstaller
|
|
30
|
+
# Usually these files are written by a python script from a template
|
|
31
|
+
# before PyInstaller builds the exe, so as to inject date/other infos into it.
|
|
32
|
+
*.manifest
|
|
33
|
+
*.spec
|
|
34
|
+
|
|
35
|
+
# Installer logs
|
|
36
|
+
pip-log.txt
|
|
37
|
+
pip-delete-this-directory.txt
|
|
38
|
+
|
|
39
|
+
# Unit test / coverage reports
|
|
40
|
+
htmlcov/
|
|
41
|
+
.tox/
|
|
42
|
+
.nox/
|
|
43
|
+
.coverage
|
|
44
|
+
.coverage.*
|
|
45
|
+
.cache
|
|
46
|
+
nosetests.xml
|
|
47
|
+
coverage.xml
|
|
48
|
+
*.cover
|
|
49
|
+
*.py.cover
|
|
50
|
+
.hypothesis/
|
|
51
|
+
.pytest_cache/
|
|
52
|
+
cover/
|
|
53
|
+
|
|
54
|
+
# Translations
|
|
55
|
+
*.mo
|
|
56
|
+
*.pot
|
|
57
|
+
|
|
58
|
+
# Django stuff:
|
|
59
|
+
*.log
|
|
60
|
+
local_settings.py
|
|
61
|
+
db.sqlite3
|
|
62
|
+
db.sqlite3-journal
|
|
63
|
+
|
|
64
|
+
# Flask stuff:
|
|
65
|
+
instance/
|
|
66
|
+
.webassets-cache
|
|
67
|
+
|
|
68
|
+
# Scrapy stuff:
|
|
69
|
+
.scrapy
|
|
70
|
+
|
|
71
|
+
# Sphinx documentation
|
|
72
|
+
docs/_build/
|
|
73
|
+
|
|
74
|
+
# PyBuilder
|
|
75
|
+
.pybuilder/
|
|
76
|
+
target/
|
|
77
|
+
|
|
78
|
+
# Jupyter Notebook
|
|
79
|
+
.ipynb_checkpoints
|
|
80
|
+
|
|
81
|
+
# IPython
|
|
82
|
+
profile_default/
|
|
83
|
+
ipython_config.py
|
|
84
|
+
|
|
85
|
+
# pyenv
|
|
86
|
+
# For a library or package, you might want to ignore these files since the code is
|
|
87
|
+
# intended to run in multiple environments; otherwise, check them in:
|
|
88
|
+
# .python-version
|
|
89
|
+
|
|
90
|
+
# pipenv
|
|
91
|
+
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
|
|
92
|
+
# However, in case of collaboration, if having platform-specific dependencies or dependencies
|
|
93
|
+
# having no cross-platform support, pipenv may install dependencies that don't work, or not
|
|
94
|
+
# install all needed dependencies.
|
|
95
|
+
#Pipfile.lock
|
|
96
|
+
|
|
97
|
+
# UV
|
|
98
|
+
# Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
|
|
99
|
+
# This is especially recommended for binary packages to ensure reproducibility, and is more
|
|
100
|
+
# commonly ignored for libraries.
|
|
101
|
+
#uv.lock
|
|
102
|
+
|
|
103
|
+
# poetry
|
|
104
|
+
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
|
|
105
|
+
# This is especially recommended for binary packages to ensure reproducibility, and is more
|
|
106
|
+
# commonly ignored for libraries.
|
|
107
|
+
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
|
|
108
|
+
#poetry.lock
|
|
109
|
+
#poetry.toml
|
|
110
|
+
|
|
111
|
+
# pdm
|
|
112
|
+
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
|
|
113
|
+
# pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
|
|
114
|
+
# https://pdm-project.org/en/latest/usage/project/#working-with-version-control
|
|
115
|
+
#pdm.lock
|
|
116
|
+
#pdm.toml
|
|
117
|
+
.pdm-python
|
|
118
|
+
.pdm-build/
|
|
119
|
+
|
|
120
|
+
# pixi
|
|
121
|
+
# Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
|
|
122
|
+
#pixi.lock
|
|
123
|
+
# Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
|
|
124
|
+
# in the .venv directory. It is recommended not to include this directory in version control.
|
|
125
|
+
.pixi
|
|
126
|
+
|
|
127
|
+
# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
|
|
128
|
+
__pypackages__/
|
|
129
|
+
|
|
130
|
+
# Celery stuff
|
|
131
|
+
celerybeat-schedule
|
|
132
|
+
celerybeat.pid
|
|
133
|
+
|
|
134
|
+
# SageMath parsed files
|
|
135
|
+
*.sage.py
|
|
136
|
+
|
|
137
|
+
# Environments
|
|
138
|
+
.env
|
|
139
|
+
.envrc
|
|
140
|
+
.venv
|
|
141
|
+
env/
|
|
142
|
+
venv/
|
|
143
|
+
ENV/
|
|
144
|
+
env.bak/
|
|
145
|
+
venv.bak/
|
|
146
|
+
|
|
147
|
+
# Spyder project settings
|
|
148
|
+
.spyderproject
|
|
149
|
+
.spyproject
|
|
150
|
+
|
|
151
|
+
# Rope project settings
|
|
152
|
+
.ropeproject
|
|
153
|
+
|
|
154
|
+
# mkdocs documentation
|
|
155
|
+
/site
|
|
156
|
+
|
|
157
|
+
# mypy
|
|
158
|
+
.mypy_cache/
|
|
159
|
+
.dmypy.json
|
|
160
|
+
dmypy.json
|
|
161
|
+
|
|
162
|
+
# Pyre type checker
|
|
163
|
+
.pyre/
|
|
164
|
+
|
|
165
|
+
# pytype static type analyzer
|
|
166
|
+
.pytype/
|
|
167
|
+
|
|
168
|
+
# Cython debug symbols
|
|
169
|
+
cython_debug/
|
|
170
|
+
|
|
171
|
+
# PyCharm
|
|
172
|
+
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
|
|
173
|
+
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
|
|
174
|
+
# and can be added to the global gitignore or merged into this file. For a more nuclear
|
|
175
|
+
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
|
|
176
|
+
#.idea/
|
|
177
|
+
|
|
178
|
+
# Abstra
|
|
179
|
+
# Abstra is an AI-powered process automation framework.
|
|
180
|
+
# Ignore directories containing user credentials, local state, and settings.
|
|
181
|
+
# Learn more at https://abstra.io/docs
|
|
182
|
+
.abstra/
|
|
183
|
+
|
|
184
|
+
# Visual Studio Code
|
|
185
|
+
# Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
|
|
186
|
+
# that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
|
|
187
|
+
# and can be added to the global gitignore or merged into this file. However, if you prefer,
|
|
188
|
+
# you could uncomment the following to ignore the entire vscode folder
|
|
189
|
+
# .vscode/
|
|
190
|
+
|
|
191
|
+
# Ruff stuff:
|
|
192
|
+
.ruff_cache/
|
|
193
|
+
|
|
194
|
+
# PyPI configuration file
|
|
195
|
+
.pypirc
|
|
196
|
+
|
|
197
|
+
# Cursor
|
|
198
|
+
# Cursor is an AI-powered code editor. `.cursorignore` specifies files/directories to
|
|
199
|
+
# exclude from AI features like autocomplete and code analysis. Recommended for sensitive data
|
|
200
|
+
# refer to https://docs.cursor.com/context/ignore-files
|
|
201
|
+
.cursorignore
|
|
202
|
+
.cursorindexingignore
|
|
203
|
+
|
|
204
|
+
# Marimo
|
|
205
|
+
marimo/_static/
|
|
206
|
+
marimo/_lsp/
|
|
207
|
+
__marimo__/
|
|
208
|
+
|
|
209
|
+
# Claude Code local state
|
|
210
|
+
.claude/
|
|
211
|
+
|
|
212
|
+
# prawduct session evidence (local governance artifacts, never shipped)
|
|
213
|
+
.prawduct/
|
|
214
|
+
|
|
215
|
+
# macOS folder metadata
|
|
216
|
+
.DS_Store
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 Mark Pace
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: 3tears-enforcement
|
|
3
|
+
Version: 0.14.0
|
|
4
|
+
Summary: Static-analysis enforcement scanners for the 3tears ecosystem (cache primitive contract, underscore-access discipline, codebase conventions, etc.)
|
|
5
|
+
Project-URL: Repository, https://github.com/pacepace/3tears
|
|
6
|
+
Author: pace
|
|
7
|
+
License-Expression: MIT
|
|
8
|
+
License-File: LICENSE
|
|
9
|
+
Classifier: Development Status :: 3 - Alpha
|
|
10
|
+
Classifier: Intended Audience :: Developers
|
|
11
|
+
Classifier: Programming Language :: Python :: 3
|
|
12
|
+
Classifier: Programming Language :: Python :: 3.14
|
|
13
|
+
Classifier: Topic :: Software Development :: Quality Assurance
|
|
14
|
+
Classifier: Topic :: Software Development :: Testing
|
|
15
|
+
Classifier: Typing :: Typed
|
|
16
|
+
Requires-Python: >=3.14
|
|
17
|
+
Requires-Dist: 3tears>=0.5.0
|
|
18
|
+
Provides-Extra: test
|
|
19
|
+
Requires-Dist: pytest>=8.0; extra == 'test'
|
|
20
|
+
Description-Content-Type: text/markdown
|
|
21
|
+
|
|
22
|
+
# 3tears-enforcement
|
|
23
|
+
|
|
24
|
+
Shared static-analysis enforcement scanners for the 3tears ecosystem.
|
|
25
|
+
|
|
26
|
+
## What this package does
|
|
27
|
+
|
|
28
|
+
Each module under `threetears.enforcement.<domain>` ships an AST-based scanner that enforces a single architectural invariant across a Python source tree. Consumer repos import the scanner, inject their per-repo configuration (allowlists, exemption files, src roots), and run it from a thin pytest test class.
|
|
29
|
+
|
|
30
|
+
This replaces a previous pattern in which the same enforcement test files were vendored verbatim across multiple repos with manual sync requirements. The shared package eliminates duplication and drift while keeping per-repo configuration where it belongs.
|
|
31
|
+
|
|
32
|
+
## Domains
|
|
33
|
+
|
|
34
|
+
| Module | Invariant enforced |
|
|
35
|
+
|---|---|
|
|
36
|
+
| `cache` | Every stateful data surface routes through `BaseCollection`; no bespoke SQLiteBackend wrappers; no direct pool access to Collection-backed tables; every migration-defined table has a Collection class. |
|
|
37
|
+
| `underscore_access` | Underscore prefix is a stability contract: no cross-module private import, no cross-class protected access, modules with public names have `__all__`, no subclass shadowing of base private attributes, no `__all__` listing private names. |
|
|
38
|
+
| `codebase_conventions` | No bare `print()`, no stdlib `logging.getLogger` (use `threetears.observe`), `from __future__ import annotations` required, return type annotations required. |
|
|
39
|
+
| `coercion_coverage` | Tool subclasses override `execute`, never `run`, preserving the `normalize_kwargs → execute` input-coercion path. |
|
|
40
|
+
| `dict_state_detection` | No raw `dict`/`OrderedDict` persistent state in `__init__`; use `SQLiteBackend` (L1) or NATS KV for shared state. |
|
|
41
|
+
| `logger_coverage` | Every production module declares a module-level `log = get_logger(__name__)` unless explicitly exempt. |
|
|
42
|
+
| `migration_yugabyte_safety` | Migration shapes are yugabyte-safe per `threetears.core.data.migrations.enforcement`. |
|
|
43
|
+
| `nats_wrapper_usage` | All `nats-py` imports route through `threetears.nats.NatsClient`; no direct `import nats`. |
|
|
44
|
+
| `no_silent_swallow` | Exception handlers must log, re-raise, or carry `# NOSILENT: <reason>`. |
|
|
45
|
+
| `no_stdlib_logging` | No production module imports stdlib `logging` directly; use `threetears.observe`. |
|
|
46
|
+
|
|
47
|
+
## How to use it
|
|
48
|
+
|
|
49
|
+
Each domain exposes a configuration dataclass and a high-level runner:
|
|
50
|
+
|
|
51
|
+
```python
|
|
52
|
+
# tests/enforcement/test_cache_primitive_usage.py
|
|
53
|
+
from pathlib import Path
|
|
54
|
+
from threetears.enforcement.cache import CacheEnforcementConfig, run_cache_enforcement
|
|
55
|
+
|
|
56
|
+
_CONFIG = CacheEnforcementConfig(
|
|
57
|
+
repo_root=Path(__file__).parents[2],
|
|
58
|
+
allowed_sqlite_construction_sites=frozenset({
|
|
59
|
+
"packages/registry/src/threetears/registry/l1_cache.py",
|
|
60
|
+
}),
|
|
61
|
+
collection_table_allowlist={
|
|
62
|
+
"memories": "MemoriesCollection",
|
|
63
|
+
# ... per-repo
|
|
64
|
+
},
|
|
65
|
+
migration_table_allowlist=frozenset({"_schema_migrations"}),
|
|
66
|
+
exemptions_path=Path(__file__).parent / "_cache_exemptions.txt",
|
|
67
|
+
enforcement_mode_env_var="CACHE_ENFORCEMENT_MODE",
|
|
68
|
+
)
|
|
69
|
+
|
|
70
|
+
class TestCachePrimitiveUsage:
|
|
71
|
+
def test_no_bespoke_sqlite_backend_construction(self) -> None:
|
|
72
|
+
run_cache_enforcement(_CONFIG, walker="sqlite_construction")
|
|
73
|
+
|
|
74
|
+
def test_no_bespoke_cache_wrapper_classes(self) -> None:
|
|
75
|
+
run_cache_enforcement(_CONFIG, walker="wrapper_class")
|
|
76
|
+
|
|
77
|
+
def test_no_direct_pool_access_to_collection_tables(self) -> None:
|
|
78
|
+
run_cache_enforcement(_CONFIG, walker="pool_access")
|
|
79
|
+
|
|
80
|
+
def test_all_tables_have_collections(self) -> None:
|
|
81
|
+
run_cache_enforcement(_CONFIG, walker="missing_collection")
|
|
82
|
+
```
|
|
83
|
+
|
|
84
|
+
Per-repo exemption files (e.g., `_cache_exemptions.txt`) stay in the consumer repo's `tests/enforcement/` directory. The package's `parse_exemptions_with_rationale` reads them at test time.
|
|
85
|
+
|
|
86
|
+
## How to onboard a new repo
|
|
87
|
+
|
|
88
|
+
1. Add `3tears-enforcement` as a dev dependency.
|
|
89
|
+
2. For each domain you want to enforce: create a thin shell test file at `tests/enforcement/test_<domain>.py` following the pattern above. Inject your repo's allowlists/exemptions.
|
|
90
|
+
3. Create per-domain exemption files at `tests/enforcement/_<domain>_exemptions.txt` if needed. Every exemption requires a preceding `# rationale: <specific reason>` line.
|
|
91
|
+
4. Run `pytest tests/enforcement/` to verify the scanners work against your tree.
|
|
92
|
+
|
|
93
|
+
## How to add a new enforcement domain
|
|
94
|
+
|
|
95
|
+
1. Create `src/threetears/enforcement/<domain>/` with `walkers.py`, `config.py`, `runner.py`, and `__init__.py`.
|
|
96
|
+
2. Use `common/` helpers (`ast_helpers`, `repo_layout`, `pyproject_discovery`, `inheritance`, `exemptions`, `modes`, `violations`, `reports`). Do not duplicate scaffolding.
|
|
97
|
+
3. Walkers return `list[Violation]`. Configs are frozen dataclasses. Runners orchestrate walker → exemption-application → mode-resolution → report.
|
|
98
|
+
4. Write unit tests in `tests/<domain>/`.
|
|
99
|
+
5. Document the domain in this README.
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# 3tears-enforcement
|
|
2
|
+
|
|
3
|
+
Shared static-analysis enforcement scanners for the 3tears ecosystem.
|
|
4
|
+
|
|
5
|
+
## What this package does
|
|
6
|
+
|
|
7
|
+
Each module under `threetears.enforcement.<domain>` ships an AST-based scanner that enforces a single architectural invariant across a Python source tree. Consumer repos import the scanner, inject their per-repo configuration (allowlists, exemption files, src roots), and run it from a thin pytest test class.
|
|
8
|
+
|
|
9
|
+
This replaces a previous pattern in which the same enforcement test files were vendored verbatim across multiple repos with manual sync requirements. The shared package eliminates duplication and drift while keeping per-repo configuration where it belongs.
|
|
10
|
+
|
|
11
|
+
## Domains
|
|
12
|
+
|
|
13
|
+
| Module | Invariant enforced |
|
|
14
|
+
|---|---|
|
|
15
|
+
| `cache` | Every stateful data surface routes through `BaseCollection`; no bespoke SQLiteBackend wrappers; no direct pool access to Collection-backed tables; every migration-defined table has a Collection class. |
|
|
16
|
+
| `underscore_access` | Underscore prefix is a stability contract: no cross-module private import, no cross-class protected access, modules with public names have `__all__`, no subclass shadowing of base private attributes, no `__all__` listing private names. |
|
|
17
|
+
| `codebase_conventions` | No bare `print()`, no stdlib `logging.getLogger` (use `threetears.observe`), `from __future__ import annotations` required, return type annotations required. |
|
|
18
|
+
| `coercion_coverage` | Tool subclasses override `execute`, never `run`, preserving the `normalize_kwargs → execute` input-coercion path. |
|
|
19
|
+
| `dict_state_detection` | No raw `dict`/`OrderedDict` persistent state in `__init__`; use `SQLiteBackend` (L1) or NATS KV for shared state. |
|
|
20
|
+
| `logger_coverage` | Every production module declares a module-level `log = get_logger(__name__)` unless explicitly exempt. |
|
|
21
|
+
| `migration_yugabyte_safety` | Migration shapes are yugabyte-safe per `threetears.core.data.migrations.enforcement`. |
|
|
22
|
+
| `nats_wrapper_usage` | All `nats-py` imports route through `threetears.nats.NatsClient`; no direct `import nats`. |
|
|
23
|
+
| `no_silent_swallow` | Exception handlers must log, re-raise, or carry `# NOSILENT: <reason>`. |
|
|
24
|
+
| `no_stdlib_logging` | No production module imports stdlib `logging` directly; use `threetears.observe`. |
|
|
25
|
+
|
|
26
|
+
## How to use it
|
|
27
|
+
|
|
28
|
+
Each domain exposes a configuration dataclass and a high-level runner:
|
|
29
|
+
|
|
30
|
+
```python
|
|
31
|
+
# tests/enforcement/test_cache_primitive_usage.py
|
|
32
|
+
from pathlib import Path
|
|
33
|
+
from threetears.enforcement.cache import CacheEnforcementConfig, run_cache_enforcement
|
|
34
|
+
|
|
35
|
+
_CONFIG = CacheEnforcementConfig(
|
|
36
|
+
repo_root=Path(__file__).parents[2],
|
|
37
|
+
allowed_sqlite_construction_sites=frozenset({
|
|
38
|
+
"packages/registry/src/threetears/registry/l1_cache.py",
|
|
39
|
+
}),
|
|
40
|
+
collection_table_allowlist={
|
|
41
|
+
"memories": "MemoriesCollection",
|
|
42
|
+
# ... per-repo
|
|
43
|
+
},
|
|
44
|
+
migration_table_allowlist=frozenset({"_schema_migrations"}),
|
|
45
|
+
exemptions_path=Path(__file__).parent / "_cache_exemptions.txt",
|
|
46
|
+
enforcement_mode_env_var="CACHE_ENFORCEMENT_MODE",
|
|
47
|
+
)
|
|
48
|
+
|
|
49
|
+
class TestCachePrimitiveUsage:
|
|
50
|
+
def test_no_bespoke_sqlite_backend_construction(self) -> None:
|
|
51
|
+
run_cache_enforcement(_CONFIG, walker="sqlite_construction")
|
|
52
|
+
|
|
53
|
+
def test_no_bespoke_cache_wrapper_classes(self) -> None:
|
|
54
|
+
run_cache_enforcement(_CONFIG, walker="wrapper_class")
|
|
55
|
+
|
|
56
|
+
def test_no_direct_pool_access_to_collection_tables(self) -> None:
|
|
57
|
+
run_cache_enforcement(_CONFIG, walker="pool_access")
|
|
58
|
+
|
|
59
|
+
def test_all_tables_have_collections(self) -> None:
|
|
60
|
+
run_cache_enforcement(_CONFIG, walker="missing_collection")
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
Per-repo exemption files (e.g., `_cache_exemptions.txt`) stay in the consumer repo's `tests/enforcement/` directory. The package's `parse_exemptions_with_rationale` reads them at test time.
|
|
64
|
+
|
|
65
|
+
## How to onboard a new repo
|
|
66
|
+
|
|
67
|
+
1. Add `3tears-enforcement` as a dev dependency.
|
|
68
|
+
2. For each domain you want to enforce: create a thin shell test file at `tests/enforcement/test_<domain>.py` following the pattern above. Inject your repo's allowlists/exemptions.
|
|
69
|
+
3. Create per-domain exemption files at `tests/enforcement/_<domain>_exemptions.txt` if needed. Every exemption requires a preceding `# rationale: <specific reason>` line.
|
|
70
|
+
4. Run `pytest tests/enforcement/` to verify the scanners work against your tree.
|
|
71
|
+
|
|
72
|
+
## How to add a new enforcement domain
|
|
73
|
+
|
|
74
|
+
1. Create `src/threetears/enforcement/<domain>/` with `walkers.py`, `config.py`, `runner.py`, and `__init__.py`.
|
|
75
|
+
2. Use `common/` helpers (`ast_helpers`, `repo_layout`, `pyproject_discovery`, `inheritance`, `exemptions`, `modes`, `violations`, `reports`). Do not duplicate scaffolding.
|
|
76
|
+
3. Walkers return `list[Violation]`. Configs are frozen dataclasses. Runners orchestrate walker → exemption-application → mode-resolution → report.
|
|
77
|
+
4. Write unit tests in `tests/<domain>/`.
|
|
78
|
+
5. Document the domain in this README.
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
[build-system]
|
|
2
|
+
requires = ["hatchling"]
|
|
3
|
+
build-backend = "hatchling.build"
|
|
4
|
+
|
|
5
|
+
[project]
|
|
6
|
+
name = "3tears-enforcement"
|
|
7
|
+
version = "0.14.0"
|
|
8
|
+
description = "Static-analysis enforcement scanners for the 3tears ecosystem (cache primitive contract, underscore-access discipline, codebase conventions, etc.)"
|
|
9
|
+
readme = "README.md"
|
|
10
|
+
requires-python = ">=3.14"
|
|
11
|
+
authors = [{name = "pace"}]
|
|
12
|
+
license = "MIT"
|
|
13
|
+
license-files = ["LICENSE"]
|
|
14
|
+
classifiers = [
|
|
15
|
+
"Development Status :: 3 - Alpha",
|
|
16
|
+
"Intended Audience :: Developers",
|
|
17
|
+
"Programming Language :: Python :: 3",
|
|
18
|
+
"Programming Language :: Python :: 3.14",
|
|
19
|
+
"Topic :: Software Development :: Quality Assurance",
|
|
20
|
+
"Topic :: Software Development :: Testing",
|
|
21
|
+
"Typing :: Typed",
|
|
22
|
+
]
|
|
23
|
+
dependencies = [
|
|
24
|
+
"3tears>=0.5.0",
|
|
25
|
+
]
|
|
26
|
+
|
|
27
|
+
[project.optional-dependencies]
|
|
28
|
+
test = [
|
|
29
|
+
"pytest>=8.0",
|
|
30
|
+
]
|
|
31
|
+
|
|
32
|
+
[project.urls]
|
|
33
|
+
Repository = "https://github.com/pacepace/3tears"
|
|
34
|
+
|
|
35
|
+
[tool.hatch.build.targets.wheel]
|
|
36
|
+
packages = ["src/threetears"]
|
|
37
|
+
|
|
38
|
+
[tool.uv.sources]
|
|
39
|
+
3tears = { workspace = true }
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
"""cache enforcement domain — the 3tears Collection-as-the-primitive contract.
|
|
2
|
+
|
|
3
|
+
four walkers in this domain enforce that every stateful data surface
|
|
4
|
+
in a 3tears-consuming repo is a :class:`BaseCollection` (transitively)
|
|
5
|
+
rather than a bespoke wrapper around :class:`SQLiteBackend` or a raw
|
|
6
|
+
``pool.fetch`` call:
|
|
7
|
+
|
|
8
|
+
- :func:`find_sqlite_constructions` — flag every
|
|
9
|
+
``SQLiteBackend(...)`` call outside the sanctioned factories.
|
|
10
|
+
- :func:`find_wrapper_classes` — flag classes that hold a
|
|
11
|
+
``SQLiteBackend`` field AND expose cache api (``get`` / ``put`` /
|
|
12
|
+
``set`` / ``delete`` / ``upsert``) AND do NOT transitively subclass
|
|
13
|
+
any ``base_collection_names``.
|
|
14
|
+
- :func:`find_direct_pool_access` — flag ``pool.fetch`` /
|
|
15
|
+
``fetchrow`` / ``fetchval`` / ``execute`` calls whose SQL text
|
|
16
|
+
references a table mapped in ``collection_table_allowlist``.
|
|
17
|
+
- :func:`find_missing_collections` — flag migration-defined tables
|
|
18
|
+
whose mapped Collection class does not transitively subclass any
|
|
19
|
+
``base_collection_names``. **uses** :func:`transitively_subclasses_any
|
|
20
|
+
<threetears.enforcement.common.inheritance.transitively_subclasses_any>`
|
|
21
|
+
so chains like ``MemoriesCollection → SchemaBackedCollection →
|
|
22
|
+
BaseCollection`` resolve correctly across path-dep package
|
|
23
|
+
boundaries (this is the originally-failing bug fix the cache lift
|
|
24
|
+
was created for).
|
|
25
|
+
|
|
26
|
+
per-repo configuration goes through :class:`CacheEnforcementConfig`;
|
|
27
|
+
:func:`run_cache_enforcement` is the pytest-friendly entry point that
|
|
28
|
+
orchestrates the walkers, applies the rationale-required exemption
|
|
29
|
+
list, emits the report, and fails in strict mode.
|
|
30
|
+
"""
|
|
31
|
+
|
|
32
|
+
from threetears.enforcement.cache.config import (
|
|
33
|
+
CacheEnforcementConfig,
|
|
34
|
+
)
|
|
35
|
+
from threetears.enforcement.cache.runner import (
|
|
36
|
+
run_cache_enforcement,
|
|
37
|
+
)
|
|
38
|
+
from threetears.enforcement.cache.walkers import (
|
|
39
|
+
find_direct_pool_access,
|
|
40
|
+
find_missing_collections,
|
|
41
|
+
find_sqlite_constructions,
|
|
42
|
+
find_wrapper_classes,
|
|
43
|
+
)
|
|
44
|
+
|
|
45
|
+
__all__ = [
|
|
46
|
+
"CacheEnforcementConfig",
|
|
47
|
+
"find_direct_pool_access",
|
|
48
|
+
"find_missing_collections",
|
|
49
|
+
"find_sqlite_constructions",
|
|
50
|
+
"find_wrapper_classes",
|
|
51
|
+
"run_cache_enforcement",
|
|
52
|
+
]
|
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
"""configuration dataclass for cache-primitive-usage enforcement.
|
|
2
|
+
|
|
3
|
+
the cache domain enforces a single contract: every stateful data
|
|
4
|
+
surface in a consuming repo is a :class:`BaseCollection` (transitively)
|
|
5
|
+
rather than a bespoke wrapper around :class:`SQLiteBackend` or raw
|
|
6
|
+
``pool`` access. four walkers cover the four ways the contract can be
|
|
7
|
+
broken (bespoke construction, wrapper classes, direct pool access,
|
|
8
|
+
migration-defined tables that lack a Collection); one config dataclass
|
|
9
|
+
captures every per-repo knob.
|
|
10
|
+
|
|
11
|
+
the configurable knobs let consumers manage repo-specific allowlists
|
|
12
|
+
without forking the walkers:
|
|
13
|
+
|
|
14
|
+
- :attr:`allowed_sqlite_construction_sites` — relative-posix paths
|
|
15
|
+
where bare :class:`SQLiteBackend(...)` construction is sanctioned
|
|
16
|
+
(named factories like ``hub/common/l1_cache.py``). ``tests/`` trees
|
|
17
|
+
are always permitted regardless of this set; the canonical
|
|
18
|
+
hardcodes that.
|
|
19
|
+
- :attr:`collection_table_allowlist` — table-to-Collection-class
|
|
20
|
+
mapping. drives both the direct-pool-access walker (which knows
|
|
21
|
+
which tables have a Collection) and the missing-collection walker
|
|
22
|
+
(which verifies the named class actually exists and transitively
|
|
23
|
+
reaches a Collection base).
|
|
24
|
+
- :attr:`migration_table_allowlist` — bookkeeping tables defined in
|
|
25
|
+
migrations that legitimately lack Collections
|
|
26
|
+
(``_schema_migrations``, LangGraph ``checkpoints``).
|
|
27
|
+
- :attr:`base_collection_names` — terminal class names that satisfy
|
|
28
|
+
"this is a Collection". default is ``{"BaseCollection"}``;
|
|
29
|
+
intermediate bases (``SchemaBackedCollection``, etc.) are walked
|
|
30
|
+
transitively via the common inheritance graph and do NOT need to
|
|
31
|
+
be listed here.
|
|
32
|
+
- :attr:`scan_roots` / :attr:`inheritance_roots` — split src-root
|
|
33
|
+
responsibilities. ``scan_roots`` is *where to look for violations*
|
|
34
|
+
(defaults to :func:`find_local_src_roots
|
|
35
|
+
<threetears.enforcement.common.repo_layout.find_local_src_roots>`,
|
|
36
|
+
the consumer's own code only — never path-deps). ``inheritance_roots``
|
|
37
|
+
is *where to build the cross-package class-base graph* used by
|
|
38
|
+
:func:`find_wrapper_classes` and :func:`find_missing_collections`'s
|
|
39
|
+
transitive subclass walk (defaults to :func:`discover_src_roots
|
|
40
|
+
<threetears.enforcement.common.pyproject_discovery.discover_src_roots>`,
|
|
41
|
+
which is path-dep aware so chains like ``MemoriesCollection →
|
|
42
|
+
SchemaBackedCollection → BaseCollection`` resolve across package
|
|
43
|
+
boundaries). splitting them prevents Option B path-dep walking from
|
|
44
|
+
dragging upstream code into the violation scan.
|
|
45
|
+
"""
|
|
46
|
+
|
|
47
|
+
from __future__ import annotations
|
|
48
|
+
|
|
49
|
+
from dataclasses import dataclass, field
|
|
50
|
+
from pathlib import Path
|
|
51
|
+
|
|
52
|
+
__all__ = ["CacheEnforcementConfig"]
|
|
53
|
+
|
|
54
|
+
|
|
55
|
+
_DEFAULT_CACHE_METHOD_NAMES: frozenset[str] = frozenset(
|
|
56
|
+
{
|
|
57
|
+
"get",
|
|
58
|
+
"put",
|
|
59
|
+
"set",
|
|
60
|
+
"delete",
|
|
61
|
+
"upsert",
|
|
62
|
+
}
|
|
63
|
+
)
|
|
64
|
+
|
|
65
|
+
|
|
66
|
+
_DEFAULT_BASE_COLLECTION_NAMES: frozenset[str] = frozenset({"BaseCollection"})
|
|
67
|
+
|
|
68
|
+
|
|
69
|
+
@dataclass(frozen=True)
|
|
70
|
+
class CacheEnforcementConfig:
|
|
71
|
+
"""per-repo config for the cache-primitive-usage enforcement domain.
|
|
72
|
+
|
|
73
|
+
:ivar repo_root: absolute path to the consumer repo's root (the
|
|
74
|
+
directory containing its top-level ``pyproject.toml``).
|
|
75
|
+
:ivar scan_roots: where to LOOK for violations. when ``None``, the
|
|
76
|
+
runner uses :func:`find_local_src_roots
|
|
77
|
+
<threetears.enforcement.common.repo_layout.find_local_src_roots>`
|
|
78
|
+
— always scoped to the consumer's own code, never walks
|
|
79
|
+
path-deps. set explicitly only to override discovery in tests
|
|
80
|
+
or specialised harnesses.
|
|
81
|
+
:ivar inheritance_roots: where to BUILD the inheritance graph
|
|
82
|
+
(used by :func:`~threetears.enforcement.cache.walkers.find_wrapper_classes`
|
|
83
|
+
and :func:`~threetears.enforcement.cache.walkers.find_missing_collections`
|
|
84
|
+
for :func:`transitively_subclasses_any
|
|
85
|
+
<threetears.enforcement.common.inheritance.transitively_subclasses_any>`).
|
|
86
|
+
when ``None``, the runner uses :func:`discover_src_roots
|
|
87
|
+
<threetears.enforcement.common.pyproject_discovery.discover_src_roots>`
|
|
88
|
+
— path-dep aware so chains like ``MemoriesCollection →
|
|
89
|
+
SchemaBackedCollection → BaseCollection`` resolve correctly
|
|
90
|
+
across package boundaries.
|
|
91
|
+
:ivar exemptions_path: path to ``_cache_exemptions.txt``;
|
|
92
|
+
``None`` means "no exemptions file". the file uses the shared
|
|
93
|
+
rationale-required ``file:line:symbol`` format parsed by
|
|
94
|
+
:func:`~threetears.enforcement.common.exemptions.parse_exemptions_with_rationale`.
|
|
95
|
+
:ivar mode_env_var: environment variable controlling strict vs
|
|
96
|
+
report mode. defaults to ``CACHE_ENFORCEMENT_MODE``.
|
|
97
|
+
:ivar allowed_sqlite_construction_sites: forward-slash relative
|
|
98
|
+
paths (relative to ``repo_root``) where bare
|
|
99
|
+
:class:`SQLiteBackend(...)` construction is sanctioned. files
|
|
100
|
+
under any ``tests/`` directory are always permitted regardless
|
|
101
|
+
of this set; the canonical hardcodes that.
|
|
102
|
+
:ivar collection_table_allowlist: ``{table_name:
|
|
103
|
+
expected_collection_class_name}`` mapping. drives both
|
|
104
|
+
:func:`~threetears.enforcement.cache.walkers.find_direct_pool_access`
|
|
105
|
+
(which tables have a Collection) and
|
|
106
|
+
:func:`~threetears.enforcement.cache.walkers.find_missing_collections`
|
|
107
|
+
(which verifies the named class transitively reaches a
|
|
108
|
+
Collection base).
|
|
109
|
+
:ivar migration_table_allowlist: tables created in migrations that
|
|
110
|
+
legitimately lack Collections. bookkeeping tables (e.g.
|
|
111
|
+
``_schema_migrations``), LangGraph state (``checkpoints``,
|
|
112
|
+
``checkpoint_writes``), and tables owned by sibling repos.
|
|
113
|
+
:ivar cache_method_names: public method names that, combined with
|
|
114
|
+
a :class:`SQLiteBackend` field, indicate a wrapper class.
|
|
115
|
+
kept liberal so any new bespoke wrapper hits the walker;
|
|
116
|
+
defaults to ``{"get", "put", "set", "delete", "upsert"}``.
|
|
117
|
+
:ivar base_collection_names: terminal class names that satisfy
|
|
118
|
+
"this is a Collection." default is just ``{"BaseCollection"}``
|
|
119
|
+
— transitive walking through ``SchemaBackedCollection`` and
|
|
120
|
+
other intermediate bases is automatic via
|
|
121
|
+
:func:`~threetears.enforcement.common.inheritance.transitively_subclasses_any`.
|
|
122
|
+
consumers do NOT need to enumerate intermediate bases here.
|
|
123
|
+
"""
|
|
124
|
+
|
|
125
|
+
repo_root: Path
|
|
126
|
+
scan_roots: tuple[Path, ...] | None = None
|
|
127
|
+
inheritance_roots: tuple[Path, ...] | None = None
|
|
128
|
+
exemptions_path: Path | None = None
|
|
129
|
+
mode_env_var: str = "CACHE_ENFORCEMENT_MODE"
|
|
130
|
+
allowed_sqlite_construction_sites: frozenset[str] = frozenset()
|
|
131
|
+
collection_table_allowlist: dict[str, str] = field(default_factory=dict)
|
|
132
|
+
migration_table_allowlist: frozenset[str] = frozenset()
|
|
133
|
+
cache_method_names: frozenset[str] = field(
|
|
134
|
+
default_factory=lambda: _DEFAULT_CACHE_METHOD_NAMES,
|
|
135
|
+
)
|
|
136
|
+
base_collection_names: frozenset[str] = field(
|
|
137
|
+
default_factory=lambda: _DEFAULT_BASE_COLLECTION_NAMES,
|
|
138
|
+
)
|