coreason-manifest 0.10.0__tar.gz → 0.12.0__tar.gz

{coreason_manifest-0.10.0 → coreason_manifest-0.12.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: coreason_manifest
-Version: 0.10.0
+Version: 0.12.0
 Summary: This package is the definitive source of truth. If it isn't in the manifest, it doesn't exist. If it violates the manifest, it doesn't run.
 License: # The Prosperity Public License 3.0.0
          
@@ -68,6 +68,7 @@ Classifier: License :: Other/Proprietary License
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Operating System :: OS Independent
 Requires-Dist: coreason-identity (>=0.4.1,<0.5.0)
+Requires-Dist: jsonschema (>=4.19.0,<5.0.0)
 Requires-Dist: loguru (>=0.7.2,<0.8.0)
 Requires-Dist: pydantic (>=2.12.5,<3.0.0)
 Requires-Dist: pyyaml (>=6.0.3,<7.0.0)
@@ -87,31 +88,25 @@ The definitive source of truth for CoReason-AI Asset definitions. "The Blueprint
 
 ## Overview
 
-`coreason-manifest` serves as the **Shared Kernel** for the Coreason ecosystem. It contains the canonical Pydantic definitions, schemas, and data structures for Agents, Workflows (Recipes), and Auditing.
+`coreason-manifest` serves as the **Shared Kernel** for the Coreason ecosystem. It contains the canonical Pydantic definitions, schemas, and data structures for Agents and Workflows (Recipes).
 
 It provides the **"Blueprint"** that all other services (Builder, Engine, Simulator) rely on. It focuses on strict typing, schema validation, and serialization, ensuring that if it isn't in the manifest, it doesn't exist.
 
+### Standards Clarification
+*Note: The "Coreason Agent Manifest" (CAM) is a proprietary, strict governance schema designed for the CoReason Platform. It is distinct from the Oracle/Linux Foundation "Open Agent Specification," though we aim for future interoperability via adapters.*
+
 ## Features
 
-*   **Open Agent Specification (OAS):** Strict Pydantic models for Agent definitions (`AgentDefinition`).
-*   **Strict Typing:** Enforces type safety and immutable structures for critical interfaces.
-*   **Enhanced Serialization:** Includes `CoReasonBaseModel` to ensure consistent JSON serialization of complex types like `UUID` and `datetime`.
-*   **Event Protocol:** Defines the `GraphEvent` and `CloudEvent` structures for real-time communication.
-*   **Simulation Schemas:** Provides standard models for `SimulationScenario`, `AdversaryProfile`, and `SimulationTrace`.
-*   **Audit & Compliance:** Defines the `AuditLog` structure for tamper-evident record keeping.
-*   **Ergonomic Factory Methods:** Simplified construction of `ChatMessage` and `GenAIOperation`.
-*   **Token Arithmetic:** Support for `+` and `+=` operators on `GenAITokenUsage`.
-*   **Flexible Tooling:** `ToolCallRequestPart` accepts JSON strings with automatic parsing.
-*   **Enhanced Tracing:** `ReasoningTrace` includes flexible metadata for execution state.
+*   **Coreason Agent Manifest (CAM):** Strict Pydantic models for Agent definitions (`AgentDefinition`) and Recipes (`Recipe`).
+*   **Strict Typing:** Enforces type safety for critical interfaces.
+*   **Governance & Policy:** Enforce organizational rules (domains, risk levels) on agents via `GovernanceConfig`.
+*   **Ergonomic Factory Methods:** Simplified construction of manifests.
+*   **Flexible Tooling:** Support for external tool definitions (`ToolDefinition`) and risk levels (`ToolRiskLevel`).
+*   **Topology Visualization:** Workflows are defined as graph topologies (`Workflow`).
 
 ## Serialization & Base Model
 
-All core definitions (`AgentDefinition`, `RecipeManifest`, `GraphTopology`, `AuditLog`) inherit from `CoReasonBaseModel`. This provides a consistent interface for serialization, solving common Pydantic v2 issues with `UUID` and `datetime`.
-
-*   Use `.dump()` to get a JSON-compatible dictionary (where UUIDs/datetimes are strings).
-*   Use `.to_json()` to get a JSON string.
-
-For a detailed rationale, see [docs/coreason_base_model_rationale.md](docs/coreason_base_model_rationale.md).
+Core definitions (e.g., `Manifest`, `Workflow`, `AgentDefinition`) inherit from Pydantic's `BaseModel`. Shared configuration models like `GovernanceConfig` inherit from `CoReasonBaseModel` for enhanced serialization capabilities.
 
 ## Installation
 
@@ -124,75 +119,57 @@ pip install coreason-manifest
 This library is used to define and validate Agent configurations programmatically.
 
 ```python
-import uuid
-from datetime import datetime, timezone
-from coreason_manifest.definitions.agent import (
-    AgentDefinition,
-    AgentMetadata,
-    AgentInterface,
-    AgentRuntimeConfig,
-    ModelConfig,
-    AgentDependencies,
-    ToolRequirement,
-    ToolRiskLevel,
-    PolicyConfig,
-    ObservabilityConfig,
-    TraceLevel
+from coreason_manifest import (
+    Recipe,
+    ManifestMetadata,
+    AgentStep,
+    Workflow,
+    InterfaceDefinition,
+    StateDefinition,
+    PolicyDefinition
 )
 
 # 1. Define Metadata
-metadata = AgentMetadata(
-    id=uuid.uuid4(),
-    version="1.0.0",  # Strict SemVer
+metadata = ManifestMetadata(
     name="Research Agent",
-    author="Coreason AI",
-    created_at=datetime.now(timezone.utc)
+    version="1.0.0"
+)
+
+# 2. Define Workflow
+workflow = Workflow(
+    start="step1",
+    steps={
+        "step1": AgentStep(
+            id="step1",
+            agent="gpt-4-researcher",
+            next="step2"
+        ),
+        # ... define other steps
+    }
 )
 
-# 2. Instantiate Agent
-agent = AgentDefinition(
+# 3. Instantiate Manifest
+manifest = Recipe(
+    apiVersion="coreason.ai/v2",
+    kind="Recipe",
     metadata=metadata,
-    interface=AgentInterface(
+    interface=InterfaceDefinition(
         inputs={"topic": {"type": "string"}},
         outputs={"summary": {"type": "string"}}
     ),
-    config=AgentRuntimeConfig(
-        model_config=ModelConfig(
-            model="gpt-4",
-            temperature=0.0,
-            system_prompt="You are a helpful assistant."
-        )
-    ),
-    dependencies=AgentDependencies(
-        tools=[
-            ToolRequirement(
-                uri="mcp://search-service/google",
-                hash="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",  # Valid SHA256
-                scopes=["search:read"],
-                risk_level=ToolRiskLevel.STANDARD
-            )
-        ],
-        libraries=("pandas==2.0.0",)
-    ),
-    policy=PolicyConfig(
-        budget_caps={"total_cost": 5.0}
-    ),
-    observability=ObservabilityConfig(
-        trace_level=TraceLevel.FULL,
-        retention_policy="90_days"
-    ),
-    # Mandatory Integrity Hash
-    integrity_hash="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+    state=StateDefinition(),
+    policy=PolicyDefinition(max_retries=3),
+    workflow=workflow
 )
 
-print(f"Agent '{agent.metadata.name}' definition created and validated.")
+print(f"Manifest '{manifest.metadata.name}' created successfully.")
 ```
 
 For full details, see the [Usage Documentation](docs/usage.md).
 
 ## Documentation
 
-*   [Frontend Integration](docs/frontend_integration.md): Communicating with the Coreason Engine.
-*   [Simulation Architecture](docs/simulation_architecture.md): Details on ATIF compatibility and GAIA scenarios.
-*   [Audit & Compliance](docs/audit_compliance.md): Details on EU AI Act compliance, Chain of Custody, and Integrity Hashing.
+*   [Usage Guide](docs/usage.md): How to load and create manifests.
+*   [Governance & Policy Enforcement](docs/governance_policy_enforcement.md): Validating agents against organizational rules.
+*   [Coreason Agent Manifest (CAM)](docs/cap/specification.md): The Canonical YAML Authoring Format.
 

coreason_manifest-0.12.0/README.md

@@ -0,0 +1,95 @@
+# Coreason Manifest
+
+The definitive source of truth for CoReason-AI Asset definitions. "The Blueprint."
+
+[![License: Prosperity 3.0](https://img.shields.io/badge/license-Prosperity%203.0-blue)](https://github.com/CoReason-AI/coreason-manifest)
+[![Build Status](https://github.com/CoReason-AI/coreason-manifest/actions/workflows/ci.yml/badge.svg)](https://github.com/CoReason-AI/coreason-manifest/actions)
+[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+[![Documentation](https://img.shields.io/badge/docs-product_requirements-informational)](docs/product_requirements.md)
+
+## Overview
+
+`coreason-manifest` serves as the **Shared Kernel** for the Coreason ecosystem. It contains the canonical Pydantic definitions, schemas, and data structures for Agents and Workflows (Recipes).
+
+It provides the **"Blueprint"** that all other services (Builder, Engine, Simulator) rely on. It focuses on strict typing, schema validation, and serialization, ensuring that if it isn't in the manifest, it doesn't exist.
+
+### Standards Clarification
+*Note: The "Coreason Agent Manifest" (CAM) is a proprietary, strict governance schema designed for the CoReason Platform. It is distinct from the Oracle/Linux Foundation "Open Agent Specification," though we aim for future interoperability via adapters.*
+
+## Features
+
+*   **Coreason Agent Manifest (CAM):** Strict Pydantic models for Agent definitions (`AgentDefinition`) and Recipes (`Recipe`).
+*   **Strict Typing:** Enforces type safety for critical interfaces.
+*   **Governance & Policy:** Enforce organizational rules (domains, risk levels) on agents via `GovernanceConfig`.
+*   **Ergonomic Factory Methods:** Simplified construction of manifests.
+*   **Flexible Tooling:** Support for external tool definitions (`ToolDefinition`) and risk levels (`ToolRiskLevel`).
+*   **Topology Visualization:** Workflows are defined as graph topologies (`Workflow`).
+
+## Serialization & Base Model
+
+Core definitions (e.g., `Manifest`, `Workflow`, `AgentDefinition`) inherit from Pydantic's `BaseModel`. Shared configuration models like `GovernanceConfig` inherit from `CoReasonBaseModel` for enhanced serialization capabilities.
+
+## Installation
+
+```bash
+pip install coreason-manifest
+```
+
+## Usage
+
+This library is used to define and validate Agent configurations programmatically.
+
+```python
+from coreason_manifest import (
+    Recipe,
+    ManifestMetadata,
+    AgentStep,
+    Workflow,
+    InterfaceDefinition,
+    StateDefinition,
+    PolicyDefinition
+)
+
+# 1. Define Metadata
+metadata = ManifestMetadata(
+    name="Research Agent",
+    version="1.0.0"
+)
+
+# 2. Define Workflow
+workflow = Workflow(
+    start="step1",
+    steps={
+        "step1": AgentStep(
+            id="step1",
+            agent="gpt-4-researcher",
+            next="step2"
+        ),
+        # ... define other steps
+    }
+)
+
+# 3. Instantiate Manifest
+manifest = Recipe(
+    apiVersion="coreason.ai/v2",
+    kind="Recipe",
+    metadata=metadata,
+    interface=InterfaceDefinition(
+        inputs={"topic": {"type": "string"}},
+        outputs={"summary": {"type": "string"}}
+    ),
+    state=StateDefinition(),
+    policy=PolicyDefinition(max_retries=3),
+    workflow=workflow
+)
+
+print(f"Manifest '{manifest.metadata.name}' created successfully.")
+```
+
+For full details, see the [Usage Documentation](docs/usage.md).
+
+## Documentation
+
+*   [Usage Guide](docs/usage.md): How to load and create manifests.
+*   [Governance & Policy Enforcement](docs/governance_policy_enforcement.md): Validating agents against organizational rules.
+*   [Coreason Agent Manifest (CAM)](docs/cap/specification.md): The Canonical YAML Authoring Format.

{coreason_manifest-0.10.0 → coreason_manifest-0.12.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "coreason_manifest"
-version = "0.10.0"
+version = "0.12.0"
 description = "This package is the definitive source of truth. If it isn't in the manifest, it doesn't exist. If it violates the manifest, it doesn't run."
 authors = ["Gowtham A Rao <gowtham.rao@coreason.ai>"]
 license = "Prosperity-3.0"
@@ -13,6 +13,7 @@ loguru = "^0.7.2"
 pydantic = "^2.12.5"
 pyyaml = "^6.0.3"
 coreason-identity = "^0.4.1"
+jsonschema = "^4.19.0"
 
 [tool.poetry.group.dev.dependencies]
 pytest = "^9.0.2"
@@ -32,7 +33,7 @@ build-backend = "poetry.core.masonry.api"
 
 [project]
 name = "coreason_manifest"
-version = "0.10.0"
+version = "0.12.0"
 description = "This package is the definitive source of truth. If it isn't in the manifest, it doesn't exist. If it violates the manifest, it doesn't run."
 readme = "README.md"
 requires-python = ">=3.12"
@@ -59,6 +60,9 @@ target-version = "py312"
 select = ["E", "F", "B", "I"]
 ignore = []
 
+[tool.ruff.lint.isort]
+known-first-party = ["coreason_manifest"]
+
 [tool.mypy]
 python_version = "3.12"
 strict = true

coreason_manifest-0.12.0/src/coreason_manifest/__init__.py

@@ -0,0 +1,51 @@
+# Copyright (c) 2025 CoReason, Inc.
+#
+# This software is proprietary and dual-licensed.
+# Licensed under the Prosperity Public License 3.0 (the "License").
+# A copy of the license is available at https://prosperitylicense.com/versions/3.0.0
+# For details, see the LICENSE file.
+# Commercial use beyond a 30-day trial requires a separate license.
+#
+# Source Code: https://github.com/CoReason-AI/coreason-manifest
+
+from .v2.io import dump_to_yaml, load_from_yaml
+from .v2.spec.contracts import InterfaceDefinition, PolicyDefinition, StateDefinition
+from .v2.spec.definitions import (
+    AgentDefinition,
+    AgentStep,
+    CouncilStep,
+    LogicStep,
+    ManifestMetadata,
+    ManifestV2,
+    Step,
+    SwitchStep,
+    ToolDefinition,
+    Workflow,
+)
+
+__version__ = "0.12.0"
+
+Manifest = ManifestV2
+Recipe = ManifestV2
+load = load_from_yaml
+dump = dump_to_yaml
+
+__all__ = [
+    "Manifest",
+    "Recipe",
+    "load",
+    "dump",
+    "__version__",
+    "ManifestMetadata",
+    "AgentStep",
+    "Workflow",
+    "AgentDefinition",
+    "ToolDefinition",
+    "Step",
+    "LogicStep",
+    "SwitchStep",
+    "CouncilStep",
+    "InterfaceDefinition",
+    "StateDefinition",
+    "PolicyDefinition",
+]

coreason_manifest-0.10.0/src/coreason_manifest/definitions/base.py → coreason_manifest-0.12.0/src/coreason_manifest/common.py

@@ -8,9 +8,11 @@
 #
 # Source Code: https://github.com/CoReason-AI/coreason-manifest
 
+from enum import Enum
 from typing import Any, Dict
 
-from pydantic import BaseModel, ConfigDict
+from pydantic import AnyUrl, BaseModel, ConfigDict, PlainSerializer
+from typing_extensions import Annotated
 
 
 class CoReasonBaseModel(BaseModel):
@@ -45,3 +47,18 @@ class CoReasonBaseModel(BaseModel):
         kwargs.setdefault("by_alias", True)
         kwargs.setdefault("exclude_none", True)
         return self.model_dump_json(**kwargs)
+
+
+# Strict URI type that serializes to string
+StrictUri = Annotated[
+    AnyUrl,
+    PlainSerializer(lambda x: str(x), return_type=str),
+]
+
+
+class ToolRiskLevel(str, Enum):
+    """Risk level for the tool."""
+
+    SAFE = "safe"
+    STANDARD = "standard"
+    CRITICAL = "critical"

coreason_manifest-0.12.0/src/coreason_manifest/governance.py

@@ -0,0 +1,83 @@
+# Copyright (c) 2025 CoReason, Inc.
+#
+# This software is proprietary and dual-licensed.
+# Licensed under the Prosperity Public License 3.0 (the "License").
+# A copy of the license is available at https://prosperitylicense.com/versions/3.0.0
+# For details, see the LICENSE file.
+# Commercial use beyond a 30-day trial requires a separate license.
+#
+# Source Code: https://github.com/CoReason-AI/coreason-manifest
+
+"""Governance and Policy Enforcement module for Coreason Agents.
+
+This module provides tools to validate an AgentDefinition against a set of organizational rules.
+"""
+
+from typing import List, Optional
+
+from pydantic import ConfigDict, Field
+
+from coreason_manifest.common import CoReasonBaseModel, ToolRiskLevel
+
+
+class GovernanceConfig(CoReasonBaseModel):
+    """Configuration for governance rules.
+
+    Attributes:
+        allowed_domains: List of allowed domains for tool URIs.
+        max_risk_level: Maximum allowed risk level for tools.
+        require_auth_for_critical_tools: Whether authentication is required for agents using CRITICAL tools.
+        allow_inline_tools: Whether to allow inline tool definitions (which lack risk scoring).
+        allow_custom_logic: Whether to allow LogicNodes and conditional Edges with custom code.
+        strict_url_validation: Enforce strict, normalized URL validation.
+    """
+
+    model_config = ConfigDict(extra="forbid", frozen=True)
+
+    allowed_domains: Optional[List[str]] = Field(
+        None, description="If provided, all Tool URIs must match one of these domains."
+    )
+    max_risk_level: Optional[ToolRiskLevel] = Field(
+        None, description="If provided, no tool can exceed this risk level."
+    )
+    require_auth_for_critical_tools: bool = Field(
+        True,
+        description="If an agent uses a CRITICAL tool, agent.metadata.requires_auth must be True.",
+    )
+    allow_inline_tools: bool = Field(
+        True, description="Whether to allow inline tool definitions (which lack risk scoring)."
+    )
+    allow_custom_logic: bool = Field(
+        False, description="Whether to allow LogicNodes and conditional Edges with custom code."
+    )
+    strict_url_validation: bool = Field(True, description="Enforce strict, normalized URL validation.")
+
+
+class ComplianceViolation(CoReasonBaseModel):
+    """Details of a compliance violation.
+
+    Attributes:
+        rule: Name of the rule broken.
+        message: Human readable details.
+        component_id: Name of the tool or component causing the issue.
+    """
+
+    model_config = ConfigDict(extra="forbid", frozen=True)
+
+    rule: str = Field(..., description="Name of the rule broken, e.g., 'domain_restriction'.")
+    message: str = Field(..., description="Human readable details.")
+    component_id: Optional[str] = Field(None, description="Name of the tool or component causing the issue.")
+
+
+class ComplianceReport(CoReasonBaseModel):
+    """Report of compliance checks.
+
+    Attributes:
+        passed: Whether the agent passed all checks.
+        violations: List of violations found.
+    """
+
+    model_config = ConfigDict(extra="forbid", frozen=True)
+
+    passed: bool = Field(..., description="Whether the agent passed all checks.")
+    violations: List[ComplianceViolation] = Field(default_factory=list, description="List of violations found.")