coreason-manifest 0.4.0__tar.gz → 0.5.0__tar.gz

{coreason_manifest-0.4.0 → coreason_manifest-0.5.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: coreason_manifest
-Version: 0.4.0
+Version: 0.5.0
 Summary: This package is the definitive source of truth. If it isn't in the manifest, it doesn't exist. If it violates the manifest, it doesn't run.
 License: # The Prosperity Public License 3.0.0
          
@@ -68,9 +68,10 @@ Classifier: License :: Other/Proprietary License
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Operating System :: OS Independent
 Requires-Dist: aiofiles (>=23.2.1,<24.0.0)
-Requires-Dist: anyio (>=4.3.0,<5.0.0)
+Requires-Dist: anyio (>=4.12.1,<5.0.0)
+Requires-Dist: coreason-identity (>=0.1.0,<0.2.0)
 Requires-Dist: fastapi (>=0.111.0,<0.112.0)
-Requires-Dist: httpx (>=0.27.0,<0.28.0)
+Requires-Dist: httpx (>=0.28.1,<0.29.0)
 Requires-Dist: jsonschema (>=4.25.1,<5.0.0)
 Requires-Dist: loguru (>=0.7.2,<0.8.0)
 Requires-Dist: pydantic (>=2.12.5,<3.0.0)
@@ -99,6 +100,7 @@ The definitive source of truth for CoReason-AI Asset definitions. "The Blueprint
 *   **Open Agent Specification (OAS) Validation:** Parses and validates agent definitions against a strict schema.
 *   **Compliance Enforcement:** Uses Open Policy Agent (OPA) / Rego to enforce complex business rules and allowlists.
 *   **Integrity Verification:** Calculates and verifies SHA256 hashes of the agent's source code to prevent tampering.
+*   **Automatic Schema Generation:** Inspects Python functions to generate Agent Interfaces, automatically handling `UserContext` injection.
 *   **Dependency Pinning:** Enforces strict version pinning for all library dependencies.
 *   **Trusted Bill of Materials (TBOM):** Validates libraries against an approved list.
 *   **Compliance Microservice:** Can be run as a standalone API server (Service C) for centralized validation.

{coreason_manifest-0.4.0 → coreason_manifest-0.5.0}/README.md

@@ -16,6 +16,7 @@ The definitive source of truth for CoReason-AI Asset definitions. "The Blueprint
 *   **Open Agent Specification (OAS) Validation:** Parses and validates agent definitions against a strict schema.
 *   **Compliance Enforcement:** Uses Open Policy Agent (OPA) / Rego to enforce complex business rules and allowlists.
 *   **Integrity Verification:** Calculates and verifies SHA256 hashes of the agent's source code to prevent tampering.
+*   **Automatic Schema Generation:** Inspects Python functions to generate Agent Interfaces, automatically handling `UserContext` injection.
 *   **Dependency Pinning:** Enforces strict version pinning for all library dependencies.
 *   **Trusted Bill of Materials (TBOM):** Validates libraries against an approved list.
 *   **Compliance Microservice:** Can be run as a standalone API server (Service C) for centralized validation.

{coreason_manifest-0.4.0 → coreason_manifest-0.5.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "coreason_manifest"
-version = "0.4.0"
+version = "0.5.0"
 description = "This package is the definitive source of truth. If it isn't in the manifest, it doesn't exist. If it violates the manifest, it doesn't run."
 authors = ["Gowtham A Rao <gowtham.rao@coreason.ai>"]
 license = "Prosperity-3.0"
@@ -13,15 +13,16 @@ loguru = "^0.7.2"
 pydantic = "^2.12.5"
 jsonschema = "^4.25.1"
 pyyaml = "^6.0.3"
-anyio = "^4.3.0"
-httpx = "^0.27.0"
+anyio = "^4.12.1"
+coreason-identity = "^0.1.0"
+httpx = "^0.28.1"
 aiofiles = "^23.2.1"
 fastapi = "^0.111.0"
 uvicorn = "^0.30.1"
 
 [tool.poetry.group.dev.dependencies]
 pytest = "^8.2.2"
-ruff = "^0.4.8"
+ruff = "^0.5.0"
 pre-commit = "^3.7.1"
 pytest-cov = "^5.0.0"
 mkdocs = "^1.6.0"
@@ -29,7 +30,7 @@ mkdocs-material = "^9.5.26"
 pydantic = "^2.12.5"
 mypy = "^1.19.1"
 types-aiofiles = "^23.2.0"
-pytest-asyncio = "^0.23.0"
+pytest-asyncio = "^0.23.7"
 
 [build-system]
 requires = ["poetry-core"]
@@ -37,7 +38,7 @@ build-backend = "poetry.core.masonry.api"
 
 [project]
 name = "coreason_manifest"
-version = "0.4.0"
+version = "0.5.0"
 description = "This package is the definitive source of truth. If it isn't in the manifest, it doesn't exist. If it violates the manifest, it doesn't run."
 readme = "README.md"
 requires-python = ">=3.11"

{coreason_manifest-0.4.0 → coreason_manifest-0.5.0}/src/coreason_manifest/loader.py

@@ -7,15 +7,23 @@ dictionaries, normalizing the data, and converting it into Pydantic models.
 
 from __future__ import annotations
 
+import inspect
 from pathlib import Path
-from typing import Any, Union
+from typing import Any, Callable, Dict, List, Union, get_type_hints
+
+try:
+    from typing import get_args, get_origin
+except ImportError:  # pragma: no cover
+    # For Python < 3.8, though project requires 3.12+
+    from typing_extensions import get_args, get_origin  # type: ignore
 
 import aiofiles
 import yaml
-from pydantic import ValidationError
+from coreason_identity import UserContext
+from pydantic import ValidationError, create_model
 
 from coreason_manifest.errors import ManifestSyntaxError
-from coreason_manifest.models import AgentDefinition
+from coreason_manifest.models import AgentDefinition, AgentInterface
 
 
 class ManifestLoader:
@@ -156,3 +164,108 @@ class ManifestLoader:
                 while version and version[0] in ("v", "V"):
                     version = version[1:]
                 data["metadata"]["version"] = version
+
+    @staticmethod
+    def inspect_function(func: Callable[..., Any]) -> AgentInterface:
+        """Generates an AgentInterface from a Python function.
+
+        Scans the function signature. If `user_context` (by name) or UserContext (by type)
+        is found, it is marked as injected and excluded from the public schema.
+
+        Args:
+            func: The function to inspect.
+
+        Returns:
+            AgentInterface: The generated interface definition.
+
+        Raises:
+            ManifestSyntaxError: If forbidden arguments are found.
+        """
+        sig = inspect.signature(func)
+        try:
+            type_hints = get_type_hints(func)
+        except Exception:
+            # Fallback if get_type_hints fails (e.g. forward refs issues)
+            type_hints = {}
+
+        field_definitions: Dict[str, Any] = {}
+        injected: List[str] = []
+
+        for param_name, param in sig.parameters.items():
+            if param_name in ("self", "cls"):
+                continue
+
+            # Determine type annotation
+            annotation = type_hints.get(param_name, param.annotation)
+            if annotation is inspect.Parameter.empty:
+                annotation = Any
+
+            # Check for forbidden arguments
+            if param_name in ("api_key", "token"):
+                raise ManifestSyntaxError(f"Function argument '{param_name}' is forbidden. Use UserContext for auth.")
+
+            # Check for injection
+            is_injected = False
+            if param_name == "user_context":
+                is_injected = True
+            else:
+                # Check direct type
+                if annotation is UserContext:
+                    is_injected = True
+                else:
+                    # Check for Optional[UserContext], Annotated[UserContext, ...], Union[UserContext, ...]
+                    origin = get_origin(annotation)
+                    args = get_args(annotation)
+                    if origin is not None:
+                        # Recursively check if UserContext is in args (handles Optional/Union)
+                        # or if this is Annotated (UserContext might be the first arg)
+                        # We do a shallow check on args.
+                        for arg in args:
+                            if arg is UserContext:
+                                is_injected = True
+                                break
+
+            if is_injected:
+                if "user_context" not in injected:
+                    injected.append("user_context")
+                continue
+
+            # Prepare for Pydantic model creation
+            default = param.default
+            if default is inspect.Parameter.empty:
+                default = ...
+
+            field_definitions[param_name] = (annotation, default)
+
+        # Create dynamic model to generate JSON Schema for inputs
+        # We assume strict mode or similar is handled by the consumer, here we just describe it.
+        try:
+            InputsModel = create_model("Inputs", **field_definitions)
+            inputs_schema = InputsModel.model_json_schema()
+        except Exception as e:
+            raise ManifestSyntaxError(f"Failed to generate schema from function signature: {e}") from e
+
+        # Handle return type for outputs
+        return_annotation = type_hints.get("return", sig.return_annotation)
+        outputs_schema = {}
+        if (
+            return_annotation is not inspect.Parameter.empty
+            and return_annotation is not None
+            and return_annotation is not type(None)
+        ):
+            try:
+                # If return annotation is a Pydantic model, use its schema
+                if hasattr(return_annotation, "model_json_schema"):
+                    outputs_schema = return_annotation.model_json_schema()
+                else:
+                    # Wrap in a model
+                    OutputsModel = create_model("Outputs", result=(return_annotation, ...))
+                    outputs_schema = OutputsModel.model_json_schema()
+            except Exception:
+                pass
+
+        return AgentInterface(
+            inputs=inputs_schema,
+            outputs=outputs_schema,
+            injected_params=injected,
+        )

{coreason_manifest-0.4.0 → coreason_manifest-0.5.0}/src/coreason_manifest/models.py

@@ -20,6 +20,7 @@ from pydantic import (
     Field,
     PlainSerializer,
     field_validator,
+    model_validator,
 )
 from typing_extensions import Annotated
 
@@ -86,6 +87,7 @@ class AgentMetadata(BaseModel):
     name: str = Field(..., min_length=1, description="Name of the Agent.")
     author: str = Field(..., min_length=1, description="Author of the Agent.")
     created_at: datetime = Field(..., description="Creation timestamp (ISO 8601).")
+    requires_auth: bool = Field(default=False, description="Whether the agent requires user authentication.")
 
 
 class AgentInterface(BaseModel):
@@ -100,6 +102,7 @@ class AgentInterface(BaseModel):
 
     inputs: ImmutableDict = Field(..., description="Typed arguments the agent accepts (JSON Schema).")
     outputs: ImmutableDict = Field(..., description="Typed structure of the result.")
+    injected_params: List[str] = Field(default_factory=list, description="List of parameters injected by the system.")
 
 
 class Step(BaseModel):
@@ -218,3 +221,11 @@ class AgentDefinition(BaseModel):
         pattern=r"^[a-fA-F0-9]{64}$",
         description="SHA256 hash of the source code.",
     )
+
+    @model_validator(mode="after")
+    def validate_auth_requirements(self) -> AgentDefinition:
+        """Validate that agents requiring auth have user_context injected."""
+        if self.metadata.requires_auth:
+            if "user_context" not in self.interface.injected_params:
+                raise ValueError("Agent requires authentication but 'user_context' is not an injected parameter.")
+        return self

{coreason_manifest-0.4.0 → coreason_manifest-0.5.0}/src/coreason_manifest/schemas/agent.schema.json

@@ -41,6 +41,14 @@
           "description": "Typed structure of the result.",
           "title": "Outputs",
           "type": "object"
+        },
+        "injected_params": {
+          "description": "List of parameters injected by the system.",
+          "items": {
+            "type": "string"
+          },
+          "title": "Injected Params",
+          "type": "array"
         }
       },
       "required": [
@@ -83,6 +91,12 @@
           "format": "date-time",
           "title": "Created At",
           "type": "string"
+        },
+        "requires_auth": {
+          "default": false,
+          "description": "Whether the agent requires user authentication.",
+          "title": "Requires Auth",
+          "type": "boolean"
         }
       },
       "required": [