aignostics-foundry-core 0.0.0__tar.gz

aignostics_foundry_core-0.0.0/.gitignore

@@ -0,0 +1,90 @@
+# .gitignore of project Foundry Python Core
+
+# Environment
+.env
+.env.*
+!.env.example
+.envrc
+ENV/
+env/
+
+## secrets
+.secret
+.secrets
+.secrets.toml
+.secrets.yaml
+.secrets.yml
+.secrets.json
+.act-env-secret
+
+# More secrets
+.ssh
+.aws
+
+# Python virtual environment
+venv/
+.venv/
+
+# Python temps
+*.py[cdo]
+__pycache__/
+*.so
+*.egg
+*.egg-info/
+*.log
+dist/
+build/
+eggs/
+parts/
+sdist/
+develop-eggs/
+.installed.cfg
+.Python
+.pytest_cache/
+.ruff_cache/
+.nox
+.coverage
+.coverage.*
+
+
+# Build Report
+reports/*
+!reports/.keep
+!reports/README.md
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# macOS
+.DS_Store
+
+# Other OS
+lib/
+lib64/
+
+# Data
+var/
+tmp/
+
+# Node temps
+node_modules/
+
+
+# AI workflow
+.fixme
+
+# Copier
+*.rej
+
+# Scalene
+profile.json
+profile.html
+
+
+
+
+
+# Application specific

aignostics_foundry_core-0.0.0/LICENSE

@@ -0,0 +1,8 @@
+Aignostics Commercial License
+
+Copyright (c) 2025 Aignostics GmbH
+
+All rights reserved.
+
+No part of this software may be used, copied, modified, or distributed
+without prior written permission from Aignostics GmbH.

aignostics_foundry_core-0.0.0/PKG-INFO

@@ -0,0 +1,88 @@
+Metadata-Version: 2.4
+Name: aignostics-foundry-core
+Version: 0.0.0
+Summary: 🏭 Foundational infrastructure for Foundry components.
+Project-URL: Homepage, https://github.com/aignostics/foundry-python-core
+Project-URL: Documentation, https://github.com/aignostics/foundry-python-core#readme
+Project-URL: Source, https://github.com/aignostics/foundry-python-core
+Project-URL: Changelog, https://github.com/aignostics/foundry-python-core/releases
+Project-URL: Issues, https://github.com/aignostics/foundry-python-core/issues
+Author-email: Oliver Meyer <oliver.meyer@aignostics.com>
+License: Aignostics Commercial License
+        
+        Copyright (c) 2025 Aignostics GmbH
+        
+        All rights reserved.
+        
+        No part of this software may be used, copied, modified, or distributed
+        without prior written permission from Aignostics GmbH.
+License-File: LICENSE
+Keywords: act,aignostics-foundry-core,codecov,copier,cyclonedx,detect-secrets,foundry,foundry-python,jupyter,nox,pip-audit,pip-licenses,pre-commit,pypi,pytest,python,ruff,sonarcloud,sonarqube,uv
+Classifier: Development Status :: 2 - Pre-Alpha
+Classifier: Framework :: Pytest
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Natural Language :: English
+Classifier: Operating System :: MacOS :: MacOS X
+Classifier: Operating System :: POSIX :: Linux
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Typing :: Typed
+Requires-Python: <3.15,>=3.11
+Requires-Dist: pydantic-settings<3,>=2
+Requires-Dist: pydantic<3,>=2
+Requires-Dist: rich<15,>=14
+Description-Content-Type: text/markdown
+
+# 🏭 Foundry Python Core
+
+[![License](https://img.shields.io/badge/license-Proprietary-A41831?labelColor=414042)](https://github.com/aignostics/foundry-python-core/blob/main/LICENSE)
+[![CI](https://github.com/aignostics/foundry-python-core/actions/workflows/ci-cd.yml/badge.svg)](https://github.com/aignostics/foundry-python-core/actions/workflows/ci-cd.yml)
+[![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=alert_status&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Security](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=security_rating&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Maintainability](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=sqale_rating&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=sqale_index&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=code_smells&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Dependabot](https://img.shields.io/badge/dependabot-active-brightgreen?style=flat-square&logo=dependabot)](https://github.com/aignostics/foundry-python-core/security/dependabot)
+[![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://github.com/aignostics/foundry-python-core/issues?q=is%3Aissue%20state%3Aopen%20Dependency%20Dashboard)
+[![Coverage](https://codecov.io/gh/aignostics/foundry-python-core/graph/badge.svg?token=MXmzYbXguM)](https://codecov.io/gh/aignostics/foundry-python-core)
+[![Ruff](https://img.shields.io/badge/style-Ruff-blue?color=D6FF65)](https://github.com/aignostics/foundry-python-core/blob/main/noxfile.py)
+[![Pyright](https://microsoft.github.io/pyright/img/pyright_badge.svg)](https://microsoft.github.io/pyright/)
+[![Copier](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/copier-org/copier/master/img/badge/badge-grayscale-inverted-border-orange.json)](https://github.com/aignostics/foundry-python)
+
+> [!NOTE]
+> This is your project README - please feel free to update as you see fit.
+> For first steps after scaffolding, check out [FOUNDRY_README.md](FOUNDRY_README.md).
+
+---
+
+Foundational infrastructure for Foundry components.
+
+## Prerequisites
+
+Install [mise](https://mise.jdx.dev/) (task runner and dev tool manager):
+
+```shell
+brew install mise
+```
+
+Or follow the [installation guide](https://mise.jdx.dev/getting-started.html) for other methods. Then [activate mise](https://mise.jdx.dev/getting-started.html#activate-mise) in your shell profile.
+
+## Usage
+
+```python
+from aignostics_foundry_core.health import Health, HealthStatus
+
+health = Health(status=HealthStatus.UP)
+```
+
+## Further Reading
+
+- [Foundry Project Guide](FOUNDRY_README.md) - Complete toolchain, testing, CI/CD, and project setup guide
+- [Security policy](SECURITY.md) - Documentation of security checks, tools, and principles
+- [Release notes](https://github.com/aignostics/foundry-python-core/releases) - Complete log of improvements and changes
+- [Attributions](ATTRIBUTIONS.md) - Open source projects this project builds upon

aignostics_foundry_core-0.0.0/README.md

@@ -0,0 +1,48 @@
+# 🏭 Foundry Python Core
+
+[![License](https://img.shields.io/badge/license-Proprietary-A41831?labelColor=414042)](https://github.com/aignostics/foundry-python-core/blob/main/LICENSE)
+[![CI](https://github.com/aignostics/foundry-python-core/actions/workflows/ci-cd.yml/badge.svg)](https://github.com/aignostics/foundry-python-core/actions/workflows/ci-cd.yml)
+[![Quality Gate](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=alert_status&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Security](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=security_rating&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Maintainability](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=sqale_rating&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=sqale_index&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=aignostics_foundry-python-core&metric=code_smells&token=a2fcb508f6d22af0c9d0a38728a7f5ee22d5b2ab)](https://sonarcloud.io/summary/new_code?id=aignostics_foundry-python-core)
+[![Dependabot](https://img.shields.io/badge/dependabot-active-brightgreen?style=flat-square&logo=dependabot)](https://github.com/aignostics/foundry-python-core/security/dependabot)
+[![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://github.com/aignostics/foundry-python-core/issues?q=is%3Aissue%20state%3Aopen%20Dependency%20Dashboard)
+[![Coverage](https://codecov.io/gh/aignostics/foundry-python-core/graph/badge.svg?token=MXmzYbXguM)](https://codecov.io/gh/aignostics/foundry-python-core)
+[![Ruff](https://img.shields.io/badge/style-Ruff-blue?color=D6FF65)](https://github.com/aignostics/foundry-python-core/blob/main/noxfile.py)
+[![Pyright](https://microsoft.github.io/pyright/img/pyright_badge.svg)](https://microsoft.github.io/pyright/)
+[![Copier](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/copier-org/copier/master/img/badge/badge-grayscale-inverted-border-orange.json)](https://github.com/aignostics/foundry-python)
+
+> [!NOTE]
+> This is your project README - please feel free to update as you see fit.
+> For first steps after scaffolding, check out [FOUNDRY_README.md](FOUNDRY_README.md).
+
+---
+
+Foundational infrastructure for Foundry components.
+
+## Prerequisites
+
+Install [mise](https://mise.jdx.dev/) (task runner and dev tool manager):
+
+```shell
+brew install mise
+```
+
+Or follow the [installation guide](https://mise.jdx.dev/getting-started.html) for other methods. Then [activate mise](https://mise.jdx.dev/getting-started.html#activate-mise) in your shell profile.
+
+## Usage
+
+```python
+from aignostics_foundry_core.health import Health, HealthStatus
+
+health = Health(status=HealthStatus.UP)
+```
+
+## Further Reading
+
+- [Foundry Project Guide](FOUNDRY_README.md) - Complete toolchain, testing, CI/CD, and project setup guide
+- [Security policy](SECURITY.md) - Documentation of security checks, tools, and principles
+- [Release notes](https://github.com/aignostics/foundry-python-core/releases) - Complete log of improvements and changes
+- [Attributions](ATTRIBUTIONS.md) - Open source projects this project builds upon

aignostics_foundry_core-0.0.0/pyproject.toml

@@ -0,0 +1,282 @@
+[project]
+name = "aignostics-foundry-core"
+version = "0.0.0"
+description = "🏭 Foundational infrastructure for Foundry components."
+readme = "README.md"
+authors = [{ name = "Oliver Meyer", email = "oliver.meyer@aignostics.com" }]
+license = { file = "LICENSE" }
+
+keywords = [
+    "aignostics-foundry-core",
+    "act",
+    "codecov",
+    "copier",
+    "cyclonedx",
+    "detect-secrets",
+    "jupyter",
+    "nox",
+    "foundry",
+    "foundry-python",
+    "pip-audit",
+    "pip-licenses",
+    "pre-commit",
+    "pytest",
+    "python",
+    "pypi",
+    "ruff",
+    "sonarqube",
+    "sonarcloud",
+    "uv",
+]
+
+classifiers = [
+    "Development Status :: 2 - Pre-Alpha",
+    "Intended Audience :: Developers",
+    "Programming Language :: Python",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Programming Language :: Python :: 3.14",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: MacOS :: MacOS X",
+    "Operating System :: POSIX :: Linux",
+    "Framework :: Pytest",
+    "Typing :: Typed",
+    "Natural Language :: English"
+]
+
+requires-python = ">=3.11, <3.15"
+
+dependencies = [
+    "pydantic>=2,<3",
+    "pydantic-settings>=2,<3",
+    "rich>=14,<15",
+]
+
+[dependency-groups]
+dev = [
+    "commitizen>=4.1.0,<5",
+    "cyclonedx-py>=1.0.1",
+    "detect-secrets>=1.5.0",
+    "enum-tools>=0.13.0",
+    "nox>=2025.11.12",
+    "pip-audit>=2.10.0,<3",
+    "pip-licenses @ git+https://github.com/neXenio/pip-licenses.git@master", # https://github.com/raimon49/pip-licenses/pull/224
+    "pre-commit>=4.5.0,<5",
+    "pyright>=1.1.408,<2",  # Regression in 1.1.407, see https://github.com/microsoft/pyright/issues/11060
+    "pytest>=9.0.2,<10",
+    "pytest-asyncio>=1.3.0,<2",
+    "pytest-cov>=7.0.0,<8",
+    "pytest-env>=1.1.5,<2",
+    "pytest-md-report>=0.7.0,<1",
+    "pytest-regressions>=2.7.0,<3",
+    "pytest-retry>=1.7.0,<2",
+    "pytest-subprocess>=1.5.3,<2",
+    "pytest-timeout>=2.3.1,<3",
+    "pytest-watcher>=0.4.3,<1",
+    "pytest-xdist[psutil]>=3.6.1,<4",
+    "ruff>=0.14.8,<1",
+    "tomli>=2.1.0",
+    "types-pyyaml>=6.0.12.20250402",
+    "types-requests>=2.32.0.20250328",
+    "watchdog>=6.0.0",
+]
+
+[tool.uv]
+required-version = ">=0.9.7" # CVE-2025-54368, GHSA-w476-p2h3-79g9, GHSA-pqhf-p39g-3x64
+override-dependencies = [ # https://github.com/astral-sh/uv/issues/4422
+    "pytest>=9.0.2",                    # pytest-md-report depends on pytest<9 unnecessarily
+]
+
+
+[project.urls]
+Homepage = "https://github.com/aignostics/foundry-python-core"
+Documentation = "https://github.com/aignostics/foundry-python-core#readme"
+Source = "https://github.com/aignostics/foundry-python-core"
+Changelog = "https://github.com/aignostics/foundry-python-core/releases"
+Issues = "https://github.com/aignostics/foundry-python-core/issues"
+
+
+[build-system]
+requires = ["hatchling==1.29.0"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build]
+include = ["src/*"]
+
+[tool.hatch.build.targets.wheel]
+
+packages = ["src/aignostics_foundry_core"]
+
+
+
+[tool.ruff]
+target-version = "py311"
+preview = true
+fix = true
+line-length = 120
+
+[tool.ruff.lint]
+select = ["ALL"]
+
+ignore = [
+    "ANN002",   # missing type annotation for `*args` -> provides no value
+    "ANN003",   # missing type annotation for `**kwargs`` -> provides no value
+    "ASYNC109", # async function definition with a `timeout` parameter  -> as mentioned by ruff, "This rule is highly opinionated and may not be suitable for all use cases."
+    "CPY001",   # missing copyright notice -> not for OSS
+    "DOC502",   # docstrings with exceptions not raised in the code of the function -> not always necessary
+    "D203",     # incomptatible with D211 -> prefer D211
+    "D212",     # incompatible with D213 -> prefer D213
+    "FBT001",   # boolean positional arguments -> disagree
+    "FBT002",   # boolean defautl value positionl arguments -> disagree
+    "FBT003",   # boolean positional value in function call -> disagree
+    "PGH003",   # use specific rule codes when ignoring type issues -> quite a hassle, no value
+    "TRY300",   # else instead of return before except. -> strongly disagree, hinders readabilty.
+    "COM812",   # conflicts with ruff formatter -> not feasible nor recommended
+    "ISC001",   # conflicts with ruff formatter -> not feasible nor recommended
+    "S404",     # subprocess` module is possibly insecure -> as mentioned by ruff, unstable and preview
+    "FIX002",   # line contains todo -> yes, that's what todo's are for?!
+    "TD003",    # missing issue link for todo -> not in OSS
+    "PTH123",   # use of open to be replaced with Path.open
+    "T201",     # Remove `print`
+    "INP001",   # Checks for packages that are missing an __init__.py file.
+    "RUF067",   # __init__ module contains conditional imports -> needed for optional dependencies (preview rule)
+]
+
+[tool.ruff.lint.per-file-ignores]
+"**/tests/**/*.py" = [
+    # we are more relaxed in tests, while sill applying hundreds of rules
+    "S101",     # asserts allowed in tests...
+    "ARG",      # unused function args -> fixtures nevertheless are functionally relevant...
+    "FBT",      # don't care about booleans as positional arguments in tests, e.g. via @pytest.mark.parametrize()
+    "PLR2004",  # magic value used in comparison, ...
+    "PLR6301",  # method could be a function, class method, or static method -> test organization pattern
+    "PT011",    # exception to broad
+    "PLC2701",  # private import, but required for unit testing
+    "PLC0415",  # local import
+    "PT012",    # exception to broad
+    "S311",     # standard pseudo-random generators are not suitable for cryptographic purposes
+    "SLF001",   # private member access required for unit testing
+    "S603",     # check for execution of untrusted input
+    "ANN001",   # missing type annotation for function argument
+    "ANN002",   # missing type annotation
+    "ANN003",   # missing type annotation
+    "ANN202",   # missing return type annotation
+    "DOC201",   # `return` is not documented in docstring
+    "ASYNC230", # async functions should not open files with blocking methods like `open`
+    "S104",     # bind to all ports
+    "S607",     # subprocess with partial path
+]
+
+[tool.ruff.format]
+docstring-code-format = true
+
+[tool.ruff.lint.pydocstyle]
+convention = "google"
+
+
+[tool.pytest.ini_options]
+addopts = "-v --strict-markers --cov=aignostics_foundry_core --cov-report=term-missing --cov-report=xml:reports/coverage.xml --cov-report=html:reports/coverage_html"
+testpaths = ["tests"]
+python_files = ["*_test.py", "test_*.py"]
+asyncio_mode = "auto"
+asyncio_default_fixture_loop_scope = "function"
+timeout = 10 # We use a rather short default timeout. Override with @pytest.mark.timeout(timeout=N)
+env = ["COVERAGE_FILE=.coverage", "COVERAGE_PROCESS_START=pyproject.toml"]
+markers = [
+    # Test Categories (following Martin Fowler's Solitary vs Sociable unit test distinction)
+    "scheduled: Tests to run on a schedule. They will still be part on non-scheduled test executions.",
+    "sequential: Exclude from parallel test execution.",
+    "unit: Solitary unit tests - test a layer of a module in isolation with all dependencies mocked. Unit tests must be able to pass offline, i.e. not calls to external services. The timeout should not be bigger than the default 10s, and must be <5 min.",
+    "integration: Sociable integration tests - test interactions across architectural layers, using real file I/O and real subprocesses. Integration test must be able to pass offline, i.e. mock external services. The timeout should not be bigger than the default 10s, and must be <5 min.",
+    "e2e: End-to-end tests - test complete workflows with real external network services.",
+]
+md_report = true
+md_report_output = "reports/pytest.md"
+md_report_verbose = 1
+md_report_flavor = "github"
+md_report_color = "never"
+md_report_exclude_outcomes = ["passed", "skipped"]
+
+[tool.coverage.run]
+sigterm = true
+relative_files = true
+source = ["src"]
+omit = []
+branch = true
+parallel = true
+concurrency = ["thread", "multiprocessing"]
+
+[tool.coverage.paths]
+source = ["src/"]
+
+
+[tool.commitizen]
+name = "cz_conventional_commits"
+use_shortcuts = true
+version_provider = "scm"
+change_type_map = { "feat" = "Feat", "fix" = "Fix", "refactor" = "Refactor", "perf" = "Perf", "chore" = "Chores", "docs" = "Documentation" }
+version_files = [
+    "pyproject.toml:version",
+    "VERSION",
+    "sonar-project.properties:sonar.projectVersion",
+]
+update_changelog_on_bump = true
+major_version_zero = true # Allows breaking changes in 0.x.x versions; remove this line using a breaking-change commit to bump to 1.0.0
+version_scheme = "semver2"
+tag_format = "v$version"
+tag = true
+bump_message = "bump: version $current_version → $new_version [skip-ci]"
+breaking_change_exclamation_in_title = true
+
+# Pre-release configuration
+prerelease = "alpha"  # Default prerelease type
+prerelease_offset = 0
+
+changelog_merge_prerelease = true
+style = [
+    [
+        "qmark",
+        "fg:#ff9d00 bold",
+    ],
+    [
+        "question",
+        "bold",
+    ],
+    [
+        "answer",
+        "fg:#ff9d00 bold",
+    ],
+    [
+        "pointer",
+        "fg:#ff9d00 bold",
+    ],
+    [
+        "highlighted",
+        "fg:#ff9d00 bold",
+    ],
+    [
+        "selected",
+        "fg:#cc5454",
+    ],
+    [
+        "separator",
+        "fg:#cc5454",
+    ],
+    [
+        "instruction",
+        "",
+    ],
+    [
+        "text",
+        "",
+    ],
+    [
+        "disabled",
+        "fg:#858585 italic",
+    ],
+]
+
+# Changelog template configuration
+template = ".cz-templates/CHANGELOG.md.j2"

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/AGENTS.md

@@ -0,0 +1,146 @@
+# CLAUDE.md - Foundry Python Core Package Overview
+
+This file provides an overview of all modules in `aignostics_foundry_core`, their features, and interactions.
+
+## Module Index
+
+<!-- Document your modules in a table format. Customize columns based on your architecture. -->
+
+| Module | Purpose | Description |
+|--------|---------|-------------|
+| **console** | Themed terminal output | Module-level `console` object (Rich `Console`) with colour theme and `_get_console()` factory |
+| **di** | Dependency injection | `locate_subclasses`, `locate_implementations`, `load_modules`, `discover_plugin_packages`, `clear_caches`, `PLUGIN_ENTRY_POINT_GROUP` for plugin and subclass discovery |
+| **health** | Service health checks | `Health` model and `HealthStatus` enum for tree-structured health status |
+| **settings** | Pydantic settings loading | `OpaqueSettings`, `load_settings`, `strip_to_none_before_validator`, `UNHIDE_SENSITIVE_INFO` for env-based settings with secret masking and user-friendly validation errors |
+
+## Module Descriptions
+
+<!-- For each module, document its purpose, features, dependencies, and usage. -->
+
+### console
+
+**Themed Rich console for structured terminal output**
+
+- **Purpose**: Provides a module-level `console` object pre-configured with a colour theme for consistent, styled terminal output across all Foundry components
+- **Key Features**:
+  - `console` — module-level `Console` singleton, ready to use
+  - Colour theme: `success` (green), `info` / `logging.level.info` (purple4), `warning` (yellow1), `error` (red1), `debug` (light_cyan3)
+  - `AIGNOSTICS_CONSOLE_WIDTH` env var — overrides console width (defaults to Rich's auto-detect, 80 in non-TTY environments)
+  - `legacy_windows=False` — modern Windows terminal support
+- **Location**: `aignostics_foundry_core/console.py`
+- **Dependencies**: `rich>=13`
+
+### settings
+
+**Pydantic settings loading with secret masking and user-friendly validation errors**
+
+- **Purpose**: Provides reusable infrastructure for loading `pydantic-settings` classes from the environment, with secret masking and Rich-formatted validation error output
+- **Key Features**:
+  - `UNHIDE_SENSITIVE_INFO: str` — context key constant to reveal secrets in `model_dump()`
+  - `strip_to_none_before_validator(v)` — before-validator that strips whitespace and converts empty strings to `None`
+  - `OpaqueSettings(BaseSettings)` — base class with `serialize_sensitive_info` (masks `SecretStr` fields) and `serialize_path_resolve` (resolves `Path` fields to absolute strings)
+  - `load_settings(settings_class)` — instantiates settings; on `ValidationError` prints a Rich `Panel` listing each invalid field and calls `sys.exit(78)`
+- **Location**: `aignostics_foundry_core/settings.py`
+- **Dependencies**: `pydantic>=2`, `pydantic-settings>=2`, `rich>=14`
+
+### di
+
+**Plugin and subclass discovery for dependency injection**
+
+- **Purpose**: Provides reusable infrastructure for dynamically discovering plugin packages, class implementations, and subclasses across a project and its registered plugins
+- **Key Features**:
+  - `PLUGIN_ENTRY_POINT_GROUP: str` — `"aignostics.plugins"` entry-point group constant
+  - `discover_plugin_packages()` — discovers plugin packages registered via `[project.entry-points."aignostics.plugins"]`; LRU-cached
+  - `load_modules(project_name)` — imports all top-level submodules of the given package
+  - `locate_implementations(_class, project_name)` — finds all instances of `_class` via shallow plugin scan + deep project scan; cached per `(_class, project_name)` to prevent cross-project pollution
+  - `locate_subclasses(_class, project_name)` — finds all subclasses of `_class` via shallow plugin scan + deep project scan; cached per `(_class, project_name)`
+  - `clear_caches()` — resets all module-level caches (`_implementation_cache`, `_subclass_cache`, `discover_plugin_packages` LRU cache)
+  - Two internal scan helpers: `_scan_packages_shallow` (plugin top-level exports only) and `_scan_packages_deep` (full submodule walk for the main project)
+- **Location**: `aignostics_foundry_core/di.py`
+- **Dependencies**: Python stdlib only (`importlib`, `pkgutil`, `importlib.metadata`)
+
+### health
+
+**Tree-structured health status for service health checks**
+
+- **Purpose**: Provides `Health` and `HealthStatus` for modelling UP / DEGRADED / DOWN status across a tree of service components
+- **Key Features**:
+  - `HealthStatus(StrEnum)` — `UP`, `DEGRADED`, `DOWN` values
+  - `Health(BaseModel)` — pydantic model with `status`, `reason`, `components`, `uptime_statistics`
+  - `compute_health_from_components()` — recursively propagates DOWN/DEGRADED from children to parent (DOWN trumps DEGRADED)
+  - `validate_health_state()` — model validator: DOWN/DEGRADED require a reason; UP must not have one
+  - `__str__` — returns `"UP"`, `"DEGRADED: <reason>"`, or `"DOWN: <reason>"`
+  - `__bool__` — `True` iff status is `UP`
+  - `Health.Code` — `ClassVar` alias for `HealthStatus` (convenience)
+- **Location**: `aignostics_foundry_core/health.py`
+- **Dependencies**: `pydantic>=2`
+
+## Architecture
+
+<!-- Document your package's architecture here. Consider including:
+- Module dependency diagrams
+- Data flow patterns
+- Key abstractions and interfaces
+- Integration points
+-->
+
+```text
+┌─────────────────────────────┐
+│     Your Application        │
+└──────────────┬──────────────┘
+               │
+┌──────────────┴──────────────┐
+│    aignostics_foundry_core  │
+├─────────────────────────────┤
+│           console           │
+│           health            │
+└─────────────────────────────┘
+```
+
+## Usage Examples
+
+```python
+from aignostics_foundry_core import console
+
+# Print with theme styles
+console.print("[success]Done![/success]")
+console.print("[warning]Caution: retrying...[/warning]")
+console.print("[error]Failed to connect.[/error]")
+```
+
+```python
+from aignostics_foundry_core.health import Health, HealthStatus
+
+# Simple UP status
+health = Health(status=HealthStatus.UP)
+assert bool(health)  # True
+assert str(health) == "UP"
+
+# Composite health — DOWN propagates from components automatically
+system = Health(
+    status=HealthStatus.UP,
+    components={
+        "db": Health(status=HealthStatus.UP),
+        "cache": Health(status=HealthStatus.DOWN, reason="Connection refused"),
+    },
+)
+assert system.status == HealthStatus.DOWN
+assert "cache" in system.reason
+```
+
+## Development Guidelines
+
+### Adding New Modules
+
+1. Create module in `src/aignostics_foundry_core/`
+2. Export public API in `__init__.py`
+3. Add tests in `tests/aignostics_foundry_core/`
+4. Document in this file (add to Module Index and Module Descriptions)
+
+### Module Documentation
+
+Consider creating `CLAUDE.md` files in module subdirectories for detailed documentation of complex modules.
+
+---
+
+*Keep this documentation updated as the package evolves.*

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/CLAUDE.md

@@ -0,0 +1 @@
+@AGENTS.md

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/__init__.py

@@ -0,0 +1,4 @@
+"""Foundational infrastructure for Foundry components.
+
+We do NOT export any of the public APIs of the Foundry components here; see docs/decisions/0002-module-structure.md.
+"""

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/console.py

@@ -0,0 +1,31 @@
+"""Themed rich console."""
+
+import os
+
+from rich.console import Console
+from rich.theme import Theme
+
+
+def _get_console() -> Console:
+    """Get a themed rich console.
+
+    The console width can be set via the AIGNOSTICS_CONSOLE_WIDTH environment variable.
+
+    Returns:
+        Console: The themed rich console.
+    """
+    return Console(
+        theme=Theme({
+            "logging.level.info": "purple4",
+            "debug": "light_cyan3",
+            "success": "green",
+            "info": "purple4",
+            "warning": "yellow1",
+            "error": "red1",
+        }),
+        width=int(os.environ.get("AIGNOSTICS_CONSOLE_WIDTH", "0")) or None,
+        legacy_windows=False,  # Modern Windows (10+) doesn't need width adjustment
+    )
+
+
+console = _get_console()

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/di.py

@@ -0,0 +1,200 @@
+"""Dependency injection using dynamic import and discovery of implementations and subclasses."""
+
+import importlib
+import pkgutil
+from collections.abc import Callable
+from functools import lru_cache
+from importlib.metadata import entry_points
+from inspect import isclass
+from typing import Any
+
+_implementation_cache: dict[tuple[Any, str], list[Any]] = {}
+_subclass_cache: dict[tuple[Any, str], list[Any]] = {}
+
+PLUGIN_ENTRY_POINT_GROUP = "aignostics.plugins"
+
+
+@lru_cache(maxsize=1)
+def discover_plugin_packages() -> tuple[str, ...]:
+    """Discover plugin packages using entry points.
+
+    Plugins register themselves in their pyproject.toml:
+
+        [project.entry-points."aignostics.plugins"]
+        my_plugin = "my_plugin"
+
+    Results are cached after the first call.
+
+    Returns:
+        Tuple of discovered plugin package names.
+    """
+    eps = entry_points(group=PLUGIN_ENTRY_POINT_GROUP)
+    return tuple(ep.value for ep in eps)
+
+
+def load_modules(project_name: str) -> None:
+    """Import all top-level submodules of the given project package.
+
+    Args:
+        project_name: The importable package name to scan (e.g. ``"bridge"``).
+    """
+    package = importlib.import_module(project_name)
+    for _, name, _ in pkgutil.iter_modules(package.__path__):
+        importlib.import_module(f"{project_name}.{name}")
+
+
+def _scan_packages_deep(
+    package_name: str,
+    predicate: Callable[[Any], bool],
+) -> list[Any]:
+    """Deep-scan a single package by walking all submodules via pkgutil.iter_modules.
+
+    Used for the main project package. Imports each submodule discovered via
+    ``pkgutil.iter_modules`` and examines every name in ``dir(module)`` against
+    *predicate*. Silently skips submodules that raise ``ImportError``.
+
+    Args:
+        package_name: The package to scan (e.g. ``"bridge"``).
+        predicate: Called with each member; members where this returns ``True``
+            are included in the result.
+
+    Returns:
+        All members from submodules of *package_name* that satisfy *predicate*.
+    """
+    results: list[Any] = []
+    try:
+        package = importlib.import_module(package_name)
+    except ImportError:
+        return results
+    for _, name, _ in pkgutil.iter_modules(package.__path__):
+        try:
+            module = importlib.import_module(f"{package_name}.{name}")
+            for member_name in dir(module):
+                member = getattr(module, member_name)
+                if predicate(member):
+                    results.append(member)
+        except ImportError:
+            continue
+    return results
+
+
+def _scan_packages_shallow(
+    package_names: tuple[str, ...],
+    predicate: Callable[[Any], bool],
+) -> list[Any]:
+    """Shallow-scan the top-level exports of each plugin package.
+
+    For each plugin package, imports only the top-level package and examines
+    ``dir(package)`` for matches. Does **not** walk submodules via
+    ``pkgutil.iter_modules``.
+
+    This prevents nested objects from plugin submodules (e.g.
+    ``stargate.demeter.cli``) from being discovered alongside the intended
+    top-level export (``stargate.cli``). Only what the plugin's ``__init__.py``
+    explicitly exports is considered.
+
+    Silently skips packages that raise ``ImportError``.
+
+    Args:
+        package_names: Plugin package names to scan.
+        predicate: Called with each member; members where this returns ``True``
+            are included in the result.
+
+    Returns:
+        All members from the top-level namespace of each plugin that satisfy
+        *predicate*.
+    """
+    results: list[Any] = []
+    for package_name in package_names:
+        try:
+            package = importlib.import_module(package_name)
+        except ImportError:
+            continue
+        for member_name in dir(package):
+            member = getattr(package, member_name)
+            if predicate(member):
+                results.append(member)
+    return results
+
+
+def locate_implementations(_class: type[Any], project_name: str) -> list[Any]:
+    """Dynamically discover all instances of some class.
+
+    Searches plugin top-level exports first (shallow scan), then deep-scans all
+    submodules of the main project package. Plugins are registered via entry
+    points; only their top-level ``__init__.py`` exports are examined (submodules
+    are not walked). The main package retains full deep-scan behaviour.
+
+    Cache keys include *project_name* to avoid cross-project cache pollution when
+    multiple projects share this library.
+
+    Args:
+        _class: Class to search for.
+        project_name: Importable package name of the calling project
+            (e.g. ``"bridge"``). Used as the deep-scan root and as part of the
+            cache key.
+
+    Returns:
+        List of discovered instances of the given class.
+    """
+    cache_key = (_class, project_name)
+    if cache_key in _implementation_cache:
+        return _implementation_cache[cache_key]
+
+    def predicate(member: object) -> bool:
+        return isinstance(member, _class)
+
+    results = [
+        *_scan_packages_shallow(discover_plugin_packages(), predicate),
+        *_scan_packages_deep(project_name, predicate),
+    ]
+    _implementation_cache[cache_key] = results
+    return results
+
+
+def locate_subclasses(_class: type[Any], project_name: str) -> list[Any]:
+    """Dynamically discover all classes that are subclasses of some type.
+
+    Searches plugin top-level exports first (shallow scan), then deep-scans all
+    submodules of the main project package. Plugins are registered via entry
+    points; only their top-level ``__init__.py`` exports are examined (submodules
+    are not walked). The main package retains full deep-scan behaviour.
+
+    Cache keys include *project_name* to avoid cross-project cache pollution when
+    multiple projects share this library.
+
+    Args:
+        _class: Parent class of subclasses to search for.
+        project_name: Importable package name of the calling project
+            (e.g. ``"bridge"``). Used as the deep-scan root and as part of the
+            cache key.
+
+    Returns:
+        List of discovered subclasses of the given class.
+    """
+    cache_key = (_class, project_name)
+    if cache_key in _subclass_cache:
+        return _subclass_cache[cache_key]
+
+    def predicate(member: object) -> bool:
+        return isclass(member) and issubclass(member, _class) and member != _class
+
+    results = [
+        *_scan_packages_shallow(discover_plugin_packages(), predicate),
+        *_scan_packages_deep(project_name, predicate),
+    ]
+    _subclass_cache[cache_key] = results
+    return results
+
+
+def clear_caches() -> None:
+    """Reset all module-level discovery caches.
+
+    Clears ``_implementation_cache``, ``_subclass_cache``, and the
+    ``discover_plugin_packages`` LRU cache so that subsequent calls to
+    ``locate_implementations``, ``locate_subclasses``, and
+    ``discover_plugin_packages`` perform fresh discovery.
+    """
+    _implementation_cache.clear()
+    _subclass_cache.clear()
+    discover_plugin_packages.cache_clear()

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/health.py

@@ -0,0 +1,137 @@
+"""Health models and status definitions for service health checks."""
+
+from enum import StrEnum
+from typing import Any, ClassVar, Self
+
+from pydantic import BaseModel, Field, model_validator
+
+
+class HealthStatus(StrEnum):
+    """Health status enumeration for service health checks.
+
+    Values:
+        UP: Service is operating normally
+        DEGRADED: Service is operational but with reduced functionality
+        DOWN: Service is not operational
+    """
+
+    UP = "UP"
+    DEGRADED = "DEGRADED"
+    DOWN = "DOWN"
+
+
+class Health(BaseModel):
+    """Represents the health status of a service with optional components and failure reasons.
+
+    - A health object can have child components, i.e. health forms a tree.
+        - Any node in the tree can set itself to DOWN or DEGRADED. If DOWN, the node is required
+            to set the reason attribute. If reason is not set when DOWN, automatic model validation fails.
+        - DOWN trumps DEGRADED, DEGRADED trumps UP. If any child is DOWN, parent is DOWN.
+            If none are DOWN but any are DEGRADED, parent is DEGRADED.
+        - The root of the health tree is computed in the system module.
+            The health of other modules is automatically picked up by the system module.
+    """
+
+    Code: ClassVar[type[HealthStatus]] = HealthStatus
+    status: HealthStatus
+    reason: str | None = None
+    components: dict[str, "Health"] = Field(default_factory=dict)
+    uptime_statistics: dict[str, dict[str, Any]] | None = None  # Optional uptime stats
+
+    def compute_health_from_components(self) -> Self:
+        """Recursively compute health status from components.
+
+        - If health is already DOWN, it remains DOWN with its original reason.
+        - If health is UP but any component is DOWN, health becomes DOWN with
+            a reason listing all failed components.
+        - If no components are DOWN but any are DEGRADED, health becomes DEGRADED with a reason.
+
+        Returns:
+            Self: The updated health instance with computed status.
+        """
+        # Skip recomputation if already known to be DOWN
+        if self.status == HealthStatus.DOWN:
+            return self
+
+        # No components means we keep the existing status
+        if not self.components:
+            return self
+
+        # Find all DOWN and DEGRADED components
+        down_components: list[tuple[str, str | None]] = []
+        degraded_components: list[tuple[str, str | None]] = []
+        for component_name, component in self.components.items():
+            # Recursively compute health for each component
+            component.compute_health_from_components()
+            if component.status == HealthStatus.DOWN:
+                down_components.append((component_name, component.reason))
+            elif component.status == HealthStatus.DEGRADED:
+                degraded_components.append((component_name, component.reason))
+
+        # If any components are DOWN, mark the parent as DOWN
+        if down_components:
+            self.status = HealthStatus.DOWN
+            if len(down_components) == 1:
+                component_name, component_reason = down_components[0]
+                self.reason = f"Component '{component_name}' is DOWN ({component_reason})"
+            else:
+                component_list = ", ".join(f"'{name}' ({reason})" for name, reason in down_components)
+                self.reason = f"Components {component_list} are DOWN"
+        # If no components are DOWN but any are DEGRADED, mark parent as DEGRADED
+        elif degraded_components:
+            self.status = HealthStatus.DEGRADED
+            if len(degraded_components) == 1:
+                component_name, component_reason = degraded_components[0]
+                self.reason = f"Component '{component_name}' is DEGRADED ({component_reason})"
+            else:
+                component_list = ", ".join(f"'{name}' ({reason})" for name, reason in degraded_components)
+                self.reason = f"Components {component_list} are DEGRADED"
+
+        return self
+
+    @model_validator(mode="after")
+    def validate_health_state(self) -> Self:
+        """Validate the health state and ensure consistency.
+
+        - Compute overall health based on component health
+        - Ensure UP status has no associated reason
+        - Ensure DOWN and DEGRADED status always have a reason
+
+        Returns:
+            Self: The validated model instance with correct health status.
+
+        Raises:
+            ValueError: If validation fails due to inconsistency.
+        """
+        # First compute health from components
+        self.compute_health_from_components()
+
+        # Validate that UP status has no reason
+        if (self.status == HealthStatus.UP) and self.reason:
+            msg = f"Health {self.status} must not have reason"
+            raise ValueError(msg)
+
+        # Validate that DOWN and DEGRADED status always have a reason
+        if (self.status in {HealthStatus.DOWN, HealthStatus.DEGRADED}) and not self.reason:
+            msg = f"Health {self.status} must have a reason"
+            raise ValueError(msg)
+
+        return self
+
+    def __str__(self) -> str:
+        """Return string representation of health status with optional reason for DOWN/DEGRADED state.
+
+        Returns:
+            str: The health status value, with reason appended if status is DOWN or DEGRADED.
+        """
+        if self.status in {HealthStatus.DOWN, HealthStatus.DEGRADED} and self.reason:
+            return f"{self.status.value}: {self.reason}"
+        return self.status.value
+
+    def __bool__(self) -> bool:
+        """Convert health status to a boolean value.
+
+        Returns:
+            bool: True if the status is UP, False otherwise.
+        """
+        return self.status == HealthStatus.UP

aignostics_foundry_core-0.0.0/src/aignostics_foundry_core/settings.py

@@ -0,0 +1,122 @@
+"""Utilities around Pydantic settings."""
+
+import sys
+from pathlib import Path
+from typing import TypeVar
+
+from pydantic import FieldSerializationInfo, SecretStr, ValidationError
+from pydantic_settings import BaseSettings
+from rich.panel import Panel
+from rich.text import Text
+
+from aignostics_foundry_core.console import console
+
+_T = TypeVar("_T", bound=BaseSettings)
+
+UNHIDE_SENSITIVE_INFO = "unhide_sensitive_info"
+
+
+def strip_to_none_before_validator(v: str | None) -> str | None:
+    """Strip whitespace and return None for empty strings.
+
+    Args:
+        v: The string to process, or None.
+
+    Returns:
+        None if the input is None or whitespace-only, otherwise the stripped string.
+    """
+    if v is None:
+        return None
+    v = v.strip()
+    if not v:
+        return None
+    return v
+
+
+class OpaqueSettings(BaseSettings):
+    """Base settings class with secret masking and path resolution serializers."""
+
+    @staticmethod
+    def serialize_sensitive_info(input_value: SecretStr | None, info: FieldSerializationInfo) -> str | None:
+        """Serialize a SecretStr, masking it unless context requests unhiding.
+
+        Args:
+            input_value: The secret value to serialize.
+            info: Pydantic serialization info, may carry context.
+
+        Returns:
+            None for empty secrets, the secret value if unhide is requested,
+            otherwise the masked representation.
+        """
+        if not input_value:
+            return None
+        if info.context and info.context.get(UNHIDE_SENSITIVE_INFO, False):
+            return input_value.get_secret_value()
+        return str(input_value)
+
+    @staticmethod
+    def serialize_path_resolve(input_value: Path | None, _info: FieldSerializationInfo) -> str | None:
+        """Serialize a Path by resolving it to an absolute string.
+
+        Args:
+            input_value: The path to resolve.
+            _info: Pydantic serialization info (unused).
+
+        Returns:
+            None if input is `None` or has no path components (e.g. empty string),
+            otherwise the resolved absolute path string.
+        """
+        if input_value is None or not input_value.parts:
+            return None
+        return str(input_value.resolve())
+
+
+def load_settings(settings_class: type[_T]) -> _T:
+    """Load settings with error handling and nice formatting.
+
+    Args:
+        settings_class: The Pydantic settings class to instantiate.
+
+    Returns:
+        Instance of the settings class.
+
+    Raises:
+        SystemExit: If settings validation fails (exit code 78).
+    """
+    try:
+        return settings_class()
+    except ValidationError as e:
+        errors = e.errors()
+        text = Text()
+        text.append(
+            "Validation error(s): \n\n",
+            style="debug",
+        )
+
+        prefix = settings_class.model_config.get("env_prefix", "")
+        for error in errors:
+            if error["loc"] and isinstance(error["loc"][0], str):
+                env_var = f"{prefix}{error['loc'][0]}".upper()
+            else:
+                env_var = prefix.rstrip("_").upper()
+            text.append(f"• {env_var}", style="yellow bold")
+            text.append(f": {error['msg']}\n")
+
+        text.append(
+            "\nCheck settings defined in the process environment and in file ",
+            style="info",
+        )
+        env_file = str(settings_class.model_config.get("env_file", ".env") or ".env")
+        text.append(
+            str(Path.cwd() / env_file),
+            style="bold blue underline",
+        )
+
+        console.print(
+            Panel(
+                text,
+                title="Configuration invalid!",
+                border_style="error",
+            ),
+        )
+        sys.exit(78)