invar-tools 1.0.0__tar.gz

invar_tools-1.0.0/.aider.conf.yml

@@ -0,0 +1,29 @@
+# Invar Project Configuration for Aider
+# This is the Invar project itself
+
+# Auto-read protocol files at session start
+read:
+  - INVAR.md
+  - CLAUDE.md
+  - .invar/context.md
+
+# System prompt addition
+system-prompt: |
+  This is the Invar project itself. Follow INVAR.md and CLAUDE.md.
+
+  Before writing code, execute:
+  1. invar guard --changed
+  2. invar map --top 10
+
+  Workflow (ICIDIV):
+  - Intent: What? Core or Shell?
+  - Contract: @pre/@post + doctests BEFORE code
+  - Inspect: invar sig <file>
+  - Design: Decompose first
+  - Implement: Pass your doctests
+  - Verify: invar guard
+
+  Project-specific:
+  - INVAR.md here is the SOURCE, templates are in src/invar/templates/
+  - Do NOT run invar update on this project
+  - Task complete only when final invar guard passes.

invar_tools-1.0.0/.claude/commands/attack.md

@@ -0,0 +1,76 @@
+# Adversarial Testing (Adversary Role)
+
+You are now acting as the **Adversary** - a hostile tester trying to break the code.
+
+## Your Mindset
+
+- **Destructive:** Focus on "how to make it crash"
+- **Malicious:** Assume users will intentionally cause harm
+- **Paranoid:** Assume the worst case scenario
+
+**Your success = Breaking the code** (or proving it unbreakable).
+
+## Attack Vectors
+
+### 1. Boundary Attacks
+- Empty: `[]`, `""`, `0`, `None`
+- Extreme: `MAX_INT`, `-MAX_INT`, `float('inf')`, `float('nan')`
+- Off-by-one: `list[len(list)]`, negative indices
+
+### 2. Type Attacks
+- Wrong type: string where int expected
+- None where object expected
+- Unicode edge cases: emoji, RTL, zero-width characters
+- Very long strings (1MB+)
+
+### 3. State Attacks
+- Call function twice in a row
+- Call in unexpected order
+- Partially initialized objects
+
+### 4. Resource Attacks
+- Huge inputs (memory exhaustion)
+- Deep nesting (stack overflow)
+- Inputs that cause O(n²) or worse
+
+### 5. Injection Attacks (for Shell code)
+- Path traversal: `../../../etc/passwd`
+- Special characters in filenames
+- Null bytes in strings
+
+## Attack Procedure
+
+For each public function:
+
+1. **Identify inputs** - What parameters does it take?
+2. **Design attacks** - At least 3 malicious inputs per function
+3. **Predict behavior** - Should it reject? Return error? Crash?
+4. **Check contracts** - Do @pre/@post catch the attack?
+5. **Report results**
+
+## Report Format
+
+```
+## Attack Results: function_name()
+
+| Attack | Input | Expected | Actual | Result |
+|--------|-------|----------|--------|--------|
+| Empty list | `[]` | Reject (pre) | Reject | ✅ Contract effective |
+| NaN input | `float('nan')` | Reject | Passed through | ❌ VULNERABILITY |
+
+### Vulnerabilities Found
+1. NaN not caught by contract - add `not math.isnan(x)` to @pre
+```
+
+## Instructions
+
+1. Identify target functions
+2. Design attacks for each
+3. Run tests or reason about behavior
+4. Report vulnerabilities and effective defenses
+
+**Remember:** Think like an attacker, not a developer. The contracts are your enemy - try to bypass them.
+
+---
+
+Now attack the recent changes or the files specified by the user.

invar_tools-1.0.0/.claude/commands/review.md

@@ -0,0 +1,67 @@
+# Code Review (Reviewer Role)
+
+You are now acting as the **Reviewer** - a critical code reviewer.
+
+## Your Mindset
+
+- **Critical:** Assume the code has bugs. Your job is to find them.
+- **Skeptical:** Question every design decision.
+- **Uncompromising:** Finding problems is success, not offense.
+
+**Your success = Finding problems.** If you find nothing, you probably missed something.
+
+## Review Checklist
+
+### Architecture
+- [ ] Core/Shell separation correct?
+- [ ] Core imports no I/O modules (os, sys, socket, etc.)?
+- [ ] Shell functions return Result[T, E]?
+- [ ] Dependencies flow inward only (Shell → Core)?
+
+### Contracts
+- [ ] All public Core functions have @pre or @post?
+- [ ] Preconditions catch invalid inputs?
+- [ ] Postconditions guarantee valid outputs?
+
+### Edge Cases
+- [ ] Empty collections handled?
+- [ ] Zero values handled?
+- [ ] Negative values handled?
+- [ ] None/null handled?
+- [ ] Very large inputs considered?
+
+### Documentation
+- [ ] Doctest examples present?
+- [ ] Examples cover: normal, zero, boundary cases?
+- [ ] Design decisions explained in comments or docs?
+
+### Code Quality
+- [ ] File < 300 lines?
+- [ ] Function < 50 lines?
+- [ ] No **kwargs or dynamic magic?
+- [ ] Full type annotations?
+
+## Report Format
+
+For each issue found:
+
+```
+### [CRITICAL/WARNING] Issue Title
+
+**Location:** file.py:line_number
+**Problem:** What's wrong
+**Suggestion:** How to fix
+```
+
+## Instructions
+
+1. Read the code carefully
+2. Check against the checklist above
+3. Report all issues found
+4. Be specific with locations and suggestions
+
+**Remember:** You are READ-ONLY. Report issues, don't fix them directly.
+
+---
+
+Now review the recent changes or the files specified by the user.

invar_tools-1.0.0/.cursorrules

@@ -0,0 +1,26 @@
+# Invar Project Development
+
+This is the Invar project itself. Follow INVAR.md (the source, not a copy) and CLAUDE.md.
+
+## Entry Verification
+
+Before writing any code, execute:
+
+```
+invar_guard (changed=true)   # or: invar guard --changed
+invar_map (top=10)           # or: invar map --top 10
+```
+
+Use MCP tools if available, otherwise use CLI commands.
+
+## Quick Reference
+
+- Core (`src/invar/core/`): @pre/@post contracts, doctests, pure (no I/O)
+- Shell (`src/invar/shell/`): Result[T, E] return type
+- Workflow: Intent -> Contract -> Inspect -> Design -> Implement -> Verify
+- Task complete only when final invar_guard passes.
+
+## Project-Specific
+
+- INVAR.md here is the **source**, templates are in `src/invar/templates/`
+- Do NOT run `invar update` on this project

invar_tools-1.0.0/.github/workflows/ci.yml

@@ -0,0 +1,103 @@
+name: CI
+
+on:
+  push:
+    branches: [Main, main]
+  pull_request:
+    branches: [Main, main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12"]
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          # Install runtime first (local development)
+          pip install -e runtime/
+          # Install tools with dev dependencies
+          pip install -e ".[dev]"
+          pip install crosshair-tool  # Required for full verification
+
+      - name: Run runtime tests
+        run: |
+          pytest --doctest-modules runtime/src/invar_runtime/ -v
+
+      - name: Run tools tests
+        run: |
+          pytest --doctest-modules src/invar/ -v
+
+      # DX-19: Default runs full verification (static + doctests + CrossHair + Hypothesis)
+      # continue-on-error because CrossHair finds different edge cases
+      # across Python versions. Failures are informational.
+      - name: Run Invar Guard
+        run: |
+          invar guard
+        continue-on-error: true
+
+      - name: Check types with mypy
+        run: |
+          mypy src/invar/ --ignore-missing-imports
+          mypy runtime/src/invar_runtime/ --ignore-missing-imports
+        continue-on-error: true
+
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install ruff
+        run: pip install ruff
+
+      - name: Run ruff on tools
+        run: ruff check src/invar/
+
+      - name: Run ruff on runtime
+        run: ruff check runtime/src/invar_runtime/
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install build tools
+        run: pip install build
+
+      - name: Build invar-runtime package
+        run: python -m build runtime/
+
+      - name: Build invar-tools package
+        run: python -m build
+
+      - name: Upload runtime artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist-runtime
+          path: runtime/dist/
+
+      - name: Upload tools artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist-tools
+          path: dist/

invar_tools-1.0.0/.github/workflows/publish.yml

@@ -0,0 +1,57 @@
+name: Publish to PyPI
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish-runtime:
+    name: Publish invar-runtime
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write  # Required for trusted publishing
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install build tools
+        run: pip install build
+
+      - name: Build invar-runtime package
+        run: python -m build runtime/
+
+      - name: Publish invar-runtime to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: runtime/dist/
+        # Uses trusted publishing - configure at pypi.org/manage/project/invar-runtime/settings/publishing/
+
+  publish-tools:
+    name: Publish invar-tools
+    runs-on: ubuntu-latest
+    needs: publish-runtime  # Tools depend on runtime
+    permissions:
+      id-token: write  # Required for trusted publishing
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install build tools
+        run: pip install build
+
+      - name: Build invar-tools package
+        run: python -m build
+
+      - name: Publish invar-tools to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        # Uses trusted publishing - configure at pypi.org/manage/project/invar-tools/settings/publishing/

invar_tools-1.0.0/.gitignore

@@ -0,0 +1,57 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# Virtual environments
+.venv/
+venv/
+ENV/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# Testing
+.pytest_cache/
+.coverage
+htmlcov/
+.tox/
+.nox/
+
+# mypy
+.mypy_cache/
+
+# ruff
+.ruff_cache/
+
+# Invar cache (DX-13)
+.invar/cache/
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Claude Code local settings (not committed)
+.claude/settings.local.json
+.hypothesis/
+src/invar/core/.invar/