fprcal 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. fprcal-0.1.0/.github/workflows/ci.yml +85 -0
  2. fprcal-0.1.0/.github/workflows/codeql.yml +51 -0
  3. fprcal-0.1.0/.github/workflows/publish.yml +78 -0
  4. fprcal-0.1.0/.gitignore +74 -0
  5. fprcal-0.1.0/CHANGELOG.md +15 -0
  6. fprcal-0.1.0/CODE_OF_CONDUCT.md +132 -0
  7. fprcal-0.1.0/CONTRIBUTING.md +53 -0
  8. fprcal-0.1.0/LICENSE +201 -0
  9. fprcal-0.1.0/MAINTAINERS.md +2 -0
  10. fprcal-0.1.0/PKG-INFO +298 -0
  11. fprcal-0.1.0/README.md +57 -0
  12. fprcal-0.1.0/RELEASING.md +51 -0
  13. fprcal-0.1.0/SECURITY.md +57 -0
  14. fprcal-0.1.0/docs/paper/.gitignore +11 -0
  15. fprcal-0.1.0/docs/paper/Makefile +25 -0
  16. fprcal-0.1.0/docs/paper/README.md +27 -0
  17. fprcal-0.1.0/docs/paper/arxiv.sty +262 -0
  18. fprcal-0.1.0/docs/paper/figures/credit_card_eval_table.tex +18 -0
  19. fprcal-0.1.0/docs/paper/figures/credit_card_validation.png +0 -0
  20. fprcal-0.1.0/docs/paper/figures/method_overview.pdf +0 -0
  21. fprcal-0.1.0/docs/paper/figures/method_overview.png +0 -0
  22. fprcal-0.1.0/docs/paper/figures/plotting_position_absolute_error_simulation.png +0 -0
  23. fprcal-0.1.0/docs/paper/figures/plotting_position_error_simulation.png +0 -0
  24. fprcal-0.1.0/docs/paper/main.pdf +0 -0
  25. fprcal-0.1.0/docs/paper/main.tex +535 -0
  26. fprcal-0.1.0/docs/paper/references.bib +244 -0
  27. fprcal-0.1.0/docs/paper/scripts/eval_table.py +74 -0
  28. fprcal-0.1.0/docs/paper/scripts/method_overview_figure.py +307 -0
  29. fprcal-0.1.0/docs/paper/scripts/model_comparison.py +158 -0
  30. fprcal-0.1.0/docs/paper/scripts/plotting_position_error_simulation.py +174 -0
  31. fprcal-0.1.0/docs/paper/scripts/plotting_position_experiment.py +172 -0
  32. fprcal-0.1.0/docs/paper/scripts/sample_size_table.py +64 -0
  33. fprcal-0.1.0/examples/calibration_demo.py +413 -0
  34. fprcal-0.1.0/examples/credit_card_eval_table.tex +18 -0
  35. fprcal-0.1.0/examples/credit_card_readme.md +50 -0
  36. fprcal-0.1.0/examples/credit_card_validation.png +0 -0
  37. fprcal-0.1.0/examples/generate_credit_card_roc.py +128 -0
  38. fprcal-0.1.0/pyproject.toml +91 -0
  39. fprcal-0.1.0/src/fprcal/__init__.py +28 -0
  40. fprcal-0.1.0/src/fprcal/calibration.py +269 -0
  41. fprcal-0.1.0/tests/__init__.py +16 -0
  42. fprcal-0.1.0/tests/conftest.py +30 -0
  43. fprcal-0.1.0/tests/test_artifact_size.py +63 -0
  44. fprcal-0.1.0/tests/test_calibration.py +379 -0
  45. fprcal-0.1.0/tests/test_package_metadata.py +32 -0
  46. fprcal-0.1.0/uv.lock +1296 -0
@@ -0,0 +1,85 @@
1
+ # Copyright 2026 Cisco Systems, Inc. and its affiliates
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+ # SPDX-License-Identifier: Apache-2.0
16
+
17
+ name: CI
18
+
19
+ on:
20
+ push:
21
+ branches: [main]
22
+ pull_request:
23
+ branches: [main]
24
+
25
+ jobs:
26
+ test:
27
+ runs-on: ubuntu-latest
28
+ strategy:
29
+ fail-fast: false
30
+ matrix:
31
+ python-version: ["3.12", "3.13"]
32
+ steps:
33
+ - uses: actions/checkout@v4
34
+
35
+ - uses: actions/setup-python@v5
36
+ with:
37
+ python-version: ${{ matrix.python-version }}
38
+
39
+ - name: Install package with dev extras
40
+ run: |
41
+ python -m pip install --upgrade pip
42
+ python -m pip install -e ".[dev]"
43
+
44
+ - name: Lint (ruff check)
45
+ run: ruff check .
46
+
47
+ - name: Format check (ruff format --check)
48
+ run: ruff format --check .
49
+
50
+ - name: Type check (ty)
51
+ run: ty check src tests
52
+
53
+ - name: Unit tests (pytest with coverage)
54
+ run: pytest --cov=fprcal --cov-report=term-missing
55
+
56
+ - name: Security audit (pip-audit)
57
+ # --strict would fail on the self editable install; --skip-editable suppresses it.
58
+ run: pip-audit --skip-editable
59
+
60
+ package:
61
+ name: Build and inspect distributions
62
+ runs-on: ubuntu-latest
63
+ steps:
64
+ - uses: actions/checkout@v4
65
+
66
+ - uses: actions/setup-python@v5
67
+ with:
68
+ python-version: "3.12"
69
+
70
+ - name: Install packaging tools
71
+ run: python -m pip install --upgrade build twine
72
+
73
+ - name: Build wheel and source distribution
74
+ run: python -m build
75
+
76
+ - name: Validate distribution metadata
77
+ run: python -m twine check --strict dist/*
78
+
79
+ - name: Install the wheel in an isolated environment
80
+ run: |
81
+ python -m venv build/package-test
82
+ build/package-test/bin/python -m pip install --upgrade pip
83
+ build/package-test/bin/python -m pip install dist/*.whl
84
+ build/package-test/bin/python -c \
85
+ "import importlib.metadata as m; import fprcal as p; assert p.__version__ == m.version('fprcal')"
@@ -0,0 +1,51 @@
1
+ # Copyright 2026 Cisco Systems, Inc. and its affiliates
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+ # SPDX-License-Identifier: Apache-2.0
16
+
17
+ name: CodeQL
18
+
19
+ on:
20
+ push:
21
+ branches: [main]
22
+ pull_request:
23
+ branches: [main]
24
+ schedule:
25
+ # Weekly Monday 02:30 UTC: catch newly published query rules.
26
+ - cron: "30 2 * * 1"
27
+
28
+ permissions:
29
+ actions: read
30
+ contents: read
31
+ security-events: write
32
+
33
+ jobs:
34
+ analyze:
35
+ name: Analyze (python)
36
+ runs-on: ubuntu-latest
37
+ timeout-minutes: 30
38
+
39
+ steps:
40
+ - uses: actions/checkout@v4
41
+
42
+ - name: Initialize CodeQL
43
+ uses: github/codeql-action/init@v3
44
+ with:
45
+ languages: python
46
+ queries: security-and-quality
47
+
48
+ - name: Perform CodeQL analysis
49
+ uses: github/codeql-action/analyze@v3
50
+ with:
51
+ category: "/language:python"
@@ -0,0 +1,78 @@
1
+ # Copyright 2026 Cisco Systems, Inc. and its affiliates
2
+ #
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
6
+ #
7
+ # http://www.apache.org/licenses/LICENSE-2.0
8
+ #
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+ #
15
+ # SPDX-License-Identifier: Apache-2.0
16
+
17
+ name: Publish to PyPI
18
+
19
+ on:
20
+ release:
21
+ types: [published]
22
+
23
+ permissions:
24
+ contents: read
25
+
26
+ jobs:
27
+ build:
28
+ name: Build distributions
29
+ runs-on: ubuntu-latest
30
+ steps:
31
+ - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
32
+
33
+ - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
34
+ with:
35
+ python-version: "3.12"
36
+
37
+ - name: Verify release tag
38
+ env:
39
+ RELEASE_TAG: ${{ github.event.release.tag_name }}
40
+ run: |
41
+ PACKAGE_VERSION="$(python -c 'import tomllib; print(tomllib.load(open("pyproject.toml", "rb"))["project"]["version"])')"
42
+ if [[ "$RELEASE_TAG" != "v${PACKAGE_VERSION}" ]]; then
43
+ echo "Release tag $RELEASE_TAG does not match package version v${PACKAGE_VERSION}."
44
+ exit 1
45
+ fi
46
+
47
+ - name: Install packaging tools
48
+ run: python -m pip install --upgrade build twine
49
+
50
+ - name: Build wheel and source distribution
51
+ run: python -m build
52
+
53
+ - name: Validate distribution metadata
54
+ run: python -m twine check --strict dist/*
55
+
56
+ - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
57
+ with:
58
+ name: python-distributions
59
+ path: dist/
60
+ if-no-files-found: error
61
+
62
+ publish:
63
+ name: Publish distributions
64
+ needs: build
65
+ runs-on: ubuntu-latest
66
+ environment:
67
+ name: pypi
68
+ url: https://pypi.org/p/fprcal
69
+ permissions:
70
+ id-token: write
71
+ steps:
72
+ - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
73
+ with:
74
+ name: python-distributions
75
+ path: dist/
76
+
77
+ - name: Publish distributions to PyPI
78
+ uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # release/v1
@@ -0,0 +1,74 @@
1
+ __pycache__/
2
+ *.py[cod]
3
+ *$py.class
4
+ *.so
5
+
6
+ # Distribution / packaging
7
+ .Python
8
+ build/
9
+ develop-eggs/
10
+ dist/
11
+ downloads/
12
+ eggs/
13
+ .eggs/
14
+ lib/
15
+ lib64/
16
+ parts/
17
+ sdist/
18
+ var/
19
+ wheels/
20
+ *.egg-info/
21
+ .installed.cfg
22
+ *.egg
23
+
24
+ # Virtual environments
25
+ .venv/
26
+ .uv-cache/
27
+ venv/
28
+ env/
29
+ ENV/
30
+
31
+ # Testing
32
+ .tox/
33
+ .nox/
34
+ .coverage
35
+ .coverage.*
36
+ .cache
37
+ nosetests.xml
38
+ coverage.xml
39
+ *.cover
40
+ .hypothesis/
41
+ .pytest_cache/
42
+ htmlcov/
43
+
44
+ # IDE
45
+ .vscode/
46
+ .idea/
47
+ *.swp
48
+ *.swo
49
+ .cursor/
50
+ .claude/
51
+
52
+ # OS
53
+ .DS_Store
54
+ Thumbs.db
55
+
56
+ # Secrets and local credentials
57
+ .env
58
+ *.pem
59
+ *.key
60
+
61
+ # Project artifacts
62
+ *.pkl
63
+ *.joblib
64
+
65
+ # Keep example outputs (small PNGs) but exclude anything large
66
+ *.parquet
67
+ *.csv
68
+ *.npy
69
+ *.npz
70
+
71
+ # Local docs (internal notes) kept alongside the repo but not tracked.
72
+ # Paper sources under docs/paper/ are tracked; the inner .gitignore hides LaTeX build artifacts.
73
+ docs/*
74
+ !docs/paper/
@@ -0,0 +1,15 @@
1
+ # Changelog
2
+
3
+ All notable changes to this project are documented in this file. The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
4
+
5
+ ## [0.1.0] — Initial release
6
+
7
+ ### Added
8
+
9
+ - `fit_calibration_pipeline(benign_scores, n_knots=10000)` fits a whole-curve FPR calibrator on benign scores and returns an sklearn `Pipeline` of `MinMaxScaler` and `IsotonicRegression`.
10
+ - `fpr_to_calibrated(fpr)` applies the fixed log-scale FPR→[0,1] map used by the calibrator (`0.5 = 0.1% FPR`, `0.7 = 0.01%`, `0.85 = 0.001%`).
11
+ - Two-step knot-subsampling procedure bounds artifact size at about 10K knots (~80 KB) regardless of training-set size.
12
+ - Unit tests covering FPR-sample generation, calibration fitting, round-trip calibration, and edge cases (all-equal scores, single-score input, out-of-range values).
13
+ - Validation example that fits the pipeline on a held-out benign sample and reports calibration error vs target FPR across log-spaced buckets.
14
+ - Build validation and tokenless PyPI publishing through GitHub trusted publishing.
15
+ - Distribution and import package named FPRCal (`fprcal`).
@@ -0,0 +1,132 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ We as members, contributors, and leaders pledge to make participation in our
6
+ community a harassment-free experience for everyone, regardless of age, body
7
+ size, visible or invisible disability, ethnicity, sex characteristics, gender
8
+ identity and expression, level of experience, education, socio-economic status,
9
+ nationality, personal appearance, race, caste, color, religion, or sexual
10
+ identity and orientation.
11
+
12
+ We pledge to act and interact in ways that contribute to an open, welcoming,
13
+ diverse, inclusive, and healthy community.
14
+
15
+ ## Our Standards
16
+
17
+ Examples of behavior that contributes to a positive environment for our
18
+ community include:
19
+
20
+ * Demonstrating empathy and kindness toward other people
21
+ * Being respectful of differing opinions, viewpoints, and experiences
22
+ * Giving and gracefully accepting constructive feedback
23
+ * Accepting responsibility and apologizing to those affected by our mistakes,
24
+ and learning from the experience
25
+ * Focusing on what is best not just for us as individuals, but for the overall
26
+ community
27
+
28
+ Examples of unacceptable behavior include:
29
+
30
+ * The use of sexualized language or imagery, and sexual attention or advances of
31
+ any kind
32
+ * Trolling, insulting or derogatory comments, and personal or political attacks
33
+ * Public or private harassment
34
+ * Publishing others' private information, such as a physical or email address,
35
+ without their explicit permission
36
+ * Other conduct which could reasonably be considered inappropriate in a
37
+ professional setting
38
+
39
+ ## Enforcement Responsibilities
40
+
41
+ Community leaders are responsible for clarifying and enforcing our standards of
42
+ acceptable behavior and will take appropriate and fair corrective action in
43
+ response to any behavior that they deem inappropriate, threatening, offensive,
44
+ or harmful.
45
+
46
+ Community leaders have the right and responsibility to remove, edit, or reject
47
+ comments, commits, code, wiki edits, issues, and other contributions that are
48
+ not aligned to this Code of Conduct, and will communicate reasons for moderation
49
+ decisions when appropriate.
50
+
51
+ ## Scope
52
+
53
+ This Code of Conduct applies within all community spaces, and also applies when
54
+ an individual is officially representing the community in public spaces.
55
+ Examples of representing our community include using an official email address,
56
+ posting via an official social media account, or acting as an appointed
57
+ representative at an online or offline event.
58
+
59
+ ## Enforcement
60
+
61
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
62
+ reported to the community leaders responsible for enforcement at
63
+ [oss-conduct@cisco.com](mailto:oss-conduct@cisco.com). All complaints will be reviewed and investigated
64
+ promptly and fairly.
65
+
66
+ All community leaders are obligated to respect the privacy and security of the
67
+ reporter of any incident.
68
+
69
+ ## Enforcement Guidelines
70
+
71
+ Community leaders will follow these Community Impact Guidelines in determining
72
+ the consequences for any action they deem in violation of this Code of Conduct:
73
+
74
+ ### 1. Correction
75
+
76
+ **Community Impact**: Use of inappropriate language or other behavior deemed
77
+ unprofessional or unwelcome in the community.
78
+
79
+ **Consequence**: A private, written warning from community leaders, providing
80
+ clarity around the nature of the violation and an explanation of why the
81
+ behavior was inappropriate. A public apology may be requested.
82
+
83
+ ### 2. Warning
84
+
85
+ **Community Impact**: A violation through a single incident or series of
86
+ actions.
87
+
88
+ **Consequence**: A warning with consequences for continued behavior. No
89
+ interaction with the people involved, including unsolicited interaction with
90
+ those enforcing the Code of Conduct, for a specified period of time. This
91
+ includes avoiding interactions in community spaces as well as external channels
92
+ like social media. Violating these terms may lead to a temporary or permanent
93
+ ban.
94
+
95
+ ### 3. Temporary Ban
96
+
97
+ **Community Impact**: A serious violation of community standards, including
98
+ sustained inappropriate behavior.
99
+
100
+ **Consequence**: A temporary ban from any sort of interaction or public
101
+ communication with the community for a specified period of time. No public or
102
+ private interaction with the people involved, including unsolicited interaction
103
+ with those enforcing the Code of Conduct, is allowed during this period.
104
+ Violating these terms may lead to a permanent ban.
105
+
106
+ ### 4. Permanent Ban
107
+
108
+ **Community Impact**: Demonstrating a pattern of violation of community
109
+ standards, including sustained inappropriate behavior, harassment of an
110
+ individual, or aggression toward or disparagement of classes of individuals.
111
+
112
+ **Consequence**: A permanent ban from any sort of public interaction within the
113
+ community.
114
+
115
+ ## Attribution
116
+
117
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage],
118
+ version 2.1, available at
119
+ [https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
120
+
121
+ Community Impact Guidelines were inspired by [Mozilla's code of conduct
122
+ enforcement ladder][Mozilla CoC].
123
+
124
+ For answers to common questions about this code of conduct, see the FAQ at
125
+ [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
126
+ [https://www.contributor-covenant.org/translations][translations].
127
+
128
+ [homepage]: https://www.contributor-covenant.org
129
+ [v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
130
+ [Mozilla CoC]: https://github.com/mozilla/diversity
131
+ [FAQ]: https://www.contributor-covenant.org/faq
132
+ [translations]: https://www.contributor-covenant.org/translations
@@ -0,0 +1,53 @@
1
+ # How to Contribute
2
+
3
+ Thanks for your interest in contributing to `fprcal`! Here are a few
4
+ general guidelines on contributing and reporting bugs that we ask you to review.
5
+ Following these guidelines helps to communicate that you respect the time of the
6
+ contributors managing and developing this open source project. In return, they
7
+ should reciprocate that respect in addressing your issue, assessing changes, and
8
+ helping you finalize your pull requests. In that spirit of mutual respect, we
9
+ endeavor to review incoming issues and pull requests within 10 days, and will
10
+ close any lingering issues or pull requests after 60 days of inactivity.
11
+
12
+ Please note that all of your interactions in the project are subject to our
13
+ [Code of Conduct](/CODE_OF_CONDUCT.md). This includes creation of issues or pull
14
+ requests, commenting on issues or pull requests, and extends to all interactions
15
+ in any real-time space e.g., Slack, Discord, etc.
16
+
17
+ ## Reporting Issues
18
+
19
+ Before reporting a new issue, please ensure that the issue was not already
20
+ reported or fixed by searching through our [issues
21
+ list](https://github.com/cisco-ai-defense/fpr-model-calibration/issues).
22
+
23
+ When creating a new issue, please be sure to include a **title and clear
24
+ description**, as much relevant information as possible, and, if possible, a
25
+ test case.
26
+
27
+ **If you discover a security bug, please do not report it through GitHub.
28
+ Instead, please see security procedures in [SECURITY.md](/SECURITY.md).**
29
+
30
+ ## Sending Pull Requests
31
+
32
+ Before sending a new pull request, take a look at existing pull requests and
33
+ issues to see if the proposed change or fix has been discussed in the past, or
34
+ if the change was already implemented but not yet released.
35
+
36
+ We expect new pull requests to include tests for any affected behavior, and, as
37
+ we follow semantic versioning, we may reserve breaking changes until the next
38
+ major version release.
39
+
40
+ ## Other Ways to Contribute
41
+
42
+ We welcome anyone that wants to contribute to `fprcal` to triage and
43
+ reply to open issues to help troubleshoot and fix existing bugs. Here is what
44
+ you can do:
45
+
46
+ - Help ensure that existing issues follows the recommendations from the
47
+ _[Reporting Issues](#reporting-issues)_ section, providing feedback to the
48
+ issue's author on what might be missing.
49
+ - Review existing pull requests, and testing patches against real existing
50
+ applications that use `fprcal`.
51
+ - Write a test, or add a missing test case to an existing test.
52
+
53
+ Thanks again for your interest on contributing to `fprcal`!