deconvolute 0.1.0a1__tar.gz

deconvolute-0.1.0a1/.env.example

@@ -0,0 +1,7 @@
+# Environment Variables for Deconvolute
+
+# Optional: Path to custom model directory
+DECONVOLUTE_MODEL_DIR=./models
+
+# Optional: Log level
+LOG_LEVEL=INFO

deconvolute-0.1.0a1/.github/workflows/ci.yml

@@ -0,0 +1,85 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint:
+    name: Lint & Format (Ruff)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Install Python 3.11
+        run: uv python install 3.11
+
+      - name: Install Lint Deps
+        run: uv sync --only-group dev
+
+      - name: Check Format
+        run: uv run ruff format --check .
+
+      - name: Lint
+        run: uv run ruff check .
+
+  check:
+    name: Types & Tests
+    needs: lint
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v6
+      - uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install All Deps
+        run: uv sync --all-extras
+
+      - name: Type Check (Mypy)
+        run: uv run mypy .
+
+      - name: Run Tests
+        run: uv run pytest
+  
+  tests:
+    name: Tests (Pytest)
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v2
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: uv sync --all-extras
+
+      - name: Run Tests
+        run: uv run pytest --cov=deconvolute --cov-report=xml
+
+      # Optional: Upload coverage to Codecov (free for public repos)
+      # - name: Upload coverage
+      #   uses: codecov/codecov-action@v3

deconvolute-0.1.0a1/.github/workflows/release.yml

@@ -0,0 +1,101 @@
+name: Release to PyPI
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Version to release (e.g. 0.1.0)'
+        required: true
+        type: string
+
+permissions:
+  contents: write  # Needed to push the tag back to the repo
+  id-token: write  # Needed for trusted publishing
+
+jobs:
+  validate-and-release:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'  # Only runs on main branch
+    environment:
+      name: pypi
+      url: https://pypi.org/p/deconvolute
+    
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          fetch-depth: 0  # Fetch all history to see previous tags
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+
+      - name: Validate Version Input
+        run: |
+          NEW_VERSION="${{ inputs.version }}"
+          
+          # Get the latest tag (e.g. v0.0.9), default to v0.0.0 if none
+          LAST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.0.0")
+          LAST_VER=${LAST_TAG#v} # Remove 'v' prefix
+
+          echo "Previous Version: $LAST_VER"
+          echo "Target Version:   $NEW_VERSION"
+
+          # Simple Python script to compare versions
+          python3 -c "
+          from packaging.version import parse
+          import sys
+          
+          old = parse('$LAST_VER')
+          new = parse('$NEW_VERSION')
+          
+          if new <= old:
+              print(f'ERROR: New version {new} must be greater than {old}')
+              sys.exit(1)
+          "
+
+      - name: Verify __init__.py matches
+        run: |
+          # Extract version from file
+          FILE_VERSION=$(grep '__version__' src/deconvolute/__init__.py | cut -d'"' -f2)
+          if [ "$FILE_VERSION" != "${{ inputs.version }}" ]; then
+            echo "ERROR: src/deconvolute/__init__.py says $FILE_VERSION but you requested ${{ inputs.version }}"
+            exit 1
+          fi
+
+      - name: Verify CHANGELOG.md updated
+        run: |
+          # 1. Check if file exists
+          if [ ! -f CHANGELOG.md ]; then
+            echo "ERROR: CHANGELOG.md file not found in the root directory."
+            exit 1
+          fi
+
+          # 2. Check if the version string is present in the file
+          if ! grep -Fq "${{ inputs.version }}" CHANGELOG.md; then
+            echo "ERROR: CHANGELOG.md does not contain version ${{ inputs.version }}."
+            echo "Please run locally: uv run git-cliff --tag ${{ inputs.version }} --output CHANGELOG.md"
+            echo "Then commit and push the changes."
+            exit 1
+          fi
+          echo "SUCCESS: Found version ${{ inputs.version }} in CHANGELOG.md"
+
+      - name: Run Tests & Linters
+        run: |
+          uv sync --all-extras --dev
+          uv run ruff check .
+          uv run mypy .
+          uv run pytest
+
+      - name: Build Package
+        run: uv build
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          verbose: true
+
+      - name: Create and Push Tag
+        run: |
+          git config user.name "GitHub Actions"
+          git config user.email "actions@github.com"
+          git tag -a "v${{ inputs.version }}" -m "Release v${{ inputs.version }}"
+          git push origin "v${{ inputs.version }}"

deconvolute-0.1.0a1/.gitignore

@@ -0,0 +1,38 @@
+# --- Python ---
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Tools
+.mypy_cache
+.ruff_cache
+
+# Distribution / Builds
+build/
+dist/
+*.egg-info/
+.eggs/
+*.egg
+
+# --- Virtual Environments ---
+# uv creates .venv by default
+.venv/
+venv/
+env/
+ENV/
+
+# --- macOS ---
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# --- IDEs / Editors ---
+.idea/
+.vscode/
+*.swp
+
+# --- Testing / Coverage ---
+.coverage
+coverage.xml
+htmlcov/
+.pytest_cache/

deconvolute-0.1.0a1/.python-version

@@ -0,0 +1 @@
+3.11

deconvolute-0.1.0a1/BENCHMARKS.md

@@ -0,0 +1,18 @@
+# Performance Benchmarks and Efficacy Validation
+
+## Purpose
+The efficacy of RAG security controls is non-deterministic and highly dependent on the underlying Large Language Model (LLM) used in the pipeline. While the Deconvolute SDK ensures the *mechanism* of defense (e.g. proper token injection, correct XML encapsulation), the *robustness* of these defenses against adversarial attacks varies by model.
+
+This document serves as the central registry for empirical validation results. 
+
+TODO
+
+## Methodology
+Validation is conducted using an adversarial red-teaming framework. 
+
+TODO
+
+## Current Status
+TODO
+
+*Note: Absence of a benchmark for a specific model does not imply incompatibility, but rather a lack of empirical security guarantees.*

deconvolute-0.1.0a1/CHANGELOG.md

@@ -0,0 +1,9 @@
+## [0.1.0a1] - 2026-01-05
+
+### 🚀 Features
+
+- Add canary token feature
+
+### ⚙️ Miscellaneous Tasks
+
+- Finalize release workflow

deconvolute-0.1.0a1/CONTRIBUTING.md

@@ -0,0 +1,117 @@
+# Contributing
+
+Thank you for your interest in making RAG pipelines safer!
+
+## 1. Development Setup
+
+We use [uv](https://github.com/astral-sh/uv) for dependency management. It is extremely fast and manages Python versions automatically.
+
+### Prerequisites
+* Install `uv`:
+    ```bash
+    # On macOS/Linux
+    curl -LsSf https://astral.sh/uv/install.sh | sh
+
+    # On Windows
+    powershell -c "irm https://astral.sh/uv/install.ps1 | iex"
+    ```
+
+### Installation
+1.  Clone the repository:
+    ```bash
+    git clone https://github.com/daved01/deconvolute.git
+    cd deconvolute
+    ```
+
+2.  Create the environment and install all dependencies (including dev tools, ML, and YARA):
+    ```bash
+    uv sync --all-extras
+    ```
+
+3.  Activate the environment:
+    ```bash
+    # macOS/Linux
+    source .venv/bin/activate
+
+    # Windows
+    .venv\Scripts\activate
+    ```
+
+4.  Verify installation:
+    ```bash
+    # Should run without errors
+    pytest --version
+    python -c "import deconvolute; print(deconvolute.__version__)"
+    ```
+
+## 2. Development
+TODO
+
+### Running Tests & Linting
+We enforce high code quality using **Ruff** (linting/formatting) and **Mypy** (static typing). 
+
+These checks run in CI, so please run them locally before pushing. You can run tools directly via `uv run` (no activation needed) or inside the activated shell.
+
+
+#### 1. Run the Linters (Ruff)
+Ruff checks for bugs, security issues, and formatting violations.
+
+```bash
+# Check for errors (Read-only)
+uv run ruff check .
+
+# Auto-fix simple errors and format code
+uv run ruff check --fix .
+uv run ruff format .
+```
+
+#### 2. Run Type Checking (Mypy)
+
+Mypy ensures you aren't passing the wrong types to functions.
+
+```bash
+uv run mypy .
+```
+
+#### 3. Run Tests (Pytest)
+
+```bash
+# Run all tests
+uv run pytest
+
+# Run tests with coverage report
+uv run pytest --cov=deconvolute
+```
+
+### Commit Messages
+We follow Conventional Commits. This allows us to generate changelogs automatically.
+
+- `feat`: add new YARA scanner (Adds functionality)
+- `fix`: handle empty PDF inputs (Fixes a bug)
+- `docs`: update README quickstart (Documentation only)
+- `chore`: update dependencies (Maintenance)
+- `test`: add regression vectors (Tests only)
+
+
+### Release Process (Maintainers Only)
+
+1.  **Generate Changelog:**
+    Run the following command locally to generate the changelog for the new version (e.g. `0.1.0`):
+
+    ```bash
+    uv run git-cliff --tag 0.1.0 --output CHANGELOG.md
+    ```
+2.  **Bump Version:** Update `__version__` string in `src/deconvolute/__init__.py`.
+3.  **Commit & Push:**
+    Commit the `CHANGELOG.md` and `__init__.py` files, then push to `main`.
+    ```bash
+    git commit -am "chore(release): prepare v0.1.0"
+    git push origin main
+    ```
+4.  **Trigger Release:**
+    * Go to the **Actions** tab on GitHub.
+    * Select **Release to TestPyPI** (or **Release to PyPI** once configured).
+    * Click **Run workflow** and enter the version number (e.g. `0.1.0`).
+
+## 3. TODO: More coming soon
+

deconvolute-0.1.0a1/DESIGN.md

@@ -0,0 +1,48 @@
+# Design Document
+This document lists the important components and explains the why behind design decisions to make the design trade-offds transparent.
+
+## Architecture
+
+Deconvolute follows a layered defense strategy:
+
+1.  **Scanning**: Detects potential threats using multiple engines (Regex, YARA, ML).
+2.  **Sanitization**: Neutralizes detected threats and normalizes output.
+3.  **Canary**: Verifies integrity and detects jailbreaks using canary tokens.
+
+## Modules
+
+-   **Core**: Interfaces and data types.
+-   **Scanners**: Detection logic.
+-   **Sanitizers**: Cleaning and structure enforcement.
+-   **Canary**: Verification tools.
+
+### Canary Module Design Principles
+
+#### Token format
+- Uses 16 hexadecimal characters to balance security and model reliability.
+- Large enough to prevent guessing, short enough for smaller models to reproduce.
+- Restricted hex alphabet ensures stable tokenization across models.
+- Avoids special characters that commonly trigger hallucinations.
+
+#### Static prefix
+- Uses the prefix dcv- as a namespace anchor.
+- Prevents false positives from valid hex strings like color codes or hashes.
+- Forces attackers to explicitly target the token during jailbreak attempts.
+- Targeted attacks reliably trigger detection when the token is filtered.
+
+#### Integrity model
+- Uses Active Integrity Checks instead of passive leakage detection.
+- Designed to detect context overwrites in RAG systems.
+- Mandatory token inclusion verifies that the System Prompt retains control over retrieved context.
+- Token with enclosing characters is added at the end of the system prompt to utilize the recency bias (Liu et al. 2023) and to avoid that it gets ignored as a comment (Gakh and Bahsi, 2024)
+
+
+#### Detection output
+- Returns a structured DetectionResult Pydantic object instead of a boolean.
+- Ensures consistent metadata and timestamps for all security events.
+
+
+# References
+Liu, Nelson F, Kevin Lin, John Hewitt, et al. Lost in the Middle: How Language Models Use Long Contexts. 2024. https://aclanthology.org/2024.tacl-1.9/.
+
+Gakh, Valerii, and Hayretdin Bahsi. “Enhancing Security in LLM Applications: A Performance Evaluation of Early Detection Systems.” arXiv:2506.19109. Preprint, arXiv, June 23, 2025. https://doi.org/10.48550/arXiv.2506.19109.

deconvolute-0.1.0a1/LICENSE

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [2026] [David Kirchhoff]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.