PyPI - kovrin - Versions diffs - 2.0.0a1__tar.gz - Mend

kovrin 2.0.0a1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (191) hide show

kovrin-2.0.0a1/.env.example +9 -0
kovrin-2.0.0a1/.github/workflows/ci.yml +99 -0
kovrin-2.0.0a1/.github/workflows/publish.yml +50 -0
kovrin-2.0.0a1/.gitignore +71 -0
kovrin-2.0.0a1/.python-version +1 -0
kovrin-2.0.0a1/CHANGELOG.md +41 -0
kovrin-2.0.0a1/CLAUDE.md +770 -0
kovrin-2.0.0a1/CLAUDE_CODE_PROMPT.md +139 -0
kovrin-2.0.0a1/CONTRIBUTING.md +114 -0
kovrin-2.0.0a1/Dockerfile +19 -0
kovrin-2.0.0a1/LICENSE +21 -0
kovrin-2.0.0a1/PKG-INFO +333 -0
kovrin-2.0.0a1/Procfile +1 -0
kovrin-2.0.0a1/README.md +272 -0
kovrin-2.0.0a1/SECURITY.md +51 -0
kovrin-2.0.0a1/dashboard/.gitignore +24 -0
kovrin-2.0.0a1/dashboard/README.md +73 -0
kovrin-2.0.0a1/dashboard/eslint.config.js +23 -0
kovrin-2.0.0a1/dashboard/index.html +16 -0
kovrin-2.0.0a1/dashboard/package-lock.json +3880 -0
kovrin-2.0.0a1/dashboard/package.json +32 -0
kovrin-2.0.0a1/dashboard/src/App.css +1 -0
kovrin-2.0.0a1/dashboard/src/App.tsx +281 -0
kovrin-2.0.0a1/dashboard/src/api/client.ts +243 -0
kovrin-2.0.0a1/dashboard/src/components/ApprovalQueue.tsx +119 -0
kovrin-2.0.0a1/dashboard/src/components/AutonomyControls.tsx +169 -0
kovrin-2.0.0a1/dashboard/src/components/GraphView.tsx +110 -0
kovrin-2.0.0a1/dashboard/src/components/IntentPanel.tsx +98 -0
kovrin-2.0.0a1/dashboard/src/components/PrmScoreView.tsx +98 -0
kovrin-2.0.0a1/dashboard/src/components/ReplayViewer.tsx +217 -0
kovrin-2.0.0a1/dashboard/src/components/ResultPanel.tsx +26 -0
kovrin-2.0.0a1/dashboard/src/components/TokensView.tsx +105 -0
kovrin-2.0.0a1/dashboard/src/components/TopologyView.tsx +91 -0
kovrin-2.0.0a1/dashboard/src/components/TraceViewer.tsx +281 -0
kovrin-2.0.0a1/dashboard/src/components/ViewModeSelector.tsx +33 -0
kovrin-2.0.0a1/dashboard/src/components/WatchdogStatus.tsx +95 -0
kovrin-2.0.0a1/dashboard/src/components/superwork/LiveFeed.tsx +155 -0
kovrin-2.0.0a1/dashboard/src/components/superwork/MetricsPanel.tsx +152 -0
kovrin-2.0.0a1/dashboard/src/components/superwork/ProposalQueue.tsx +175 -0
kovrin-2.0.0a1/dashboard/src/components/superwork/SessionControl.tsx +117 -0
kovrin-2.0.0a1/dashboard/src/components/superwork/SuperWorkDashboard.tsx +150 -0
kovrin-2.0.0a1/dashboard/src/index.css +74 -0
kovrin-2.0.0a1/dashboard/src/main.tsx +10 -0
kovrin-2.0.0a1/dashboard/src/types/generated.ts +287 -0
kovrin-2.0.0a1/dashboard/src/types/kovrin.ts +385 -0
kovrin-2.0.0a1/dashboard/src/types/kovrin.ts.bak +156 -0
kovrin-2.0.0a1/dashboard/tsconfig.app.json +28 -0
kovrin-2.0.0a1/dashboard/tsconfig.json +7 -0
kovrin-2.0.0a1/dashboard/tsconfig.node.json +26 -0
kovrin-2.0.0a1/dashboard/vite.config.ts +16 -0
kovrin-2.0.0a1/docs/ARCHITECTURE.md +514 -0
kovrin-2.0.0a1/docs/KOVRIN_Phase1_Plan.docx +0 -0
kovrin-2.0.0a1/docs/Kovrin_Whitepaper_v2.docx +0 -0
kovrin-2.0.0a1/docs/README_OPENSOURCE.md +258 -0
kovrin-2.0.0a1/docs/SUPERWORK.md +434 -0
kovrin-2.0.0a1/docs/kovrin-design-spec.jsx +778 -0
kovrin-2.0.0a1/docs/prototypes/graph_engine.py +317 -0
kovrin-2.0.0a1/docs/prototypes/intent_v2.py +224 -0
kovrin-2.0.0a1/docs/prototypes/trace_logger.py +200 -0
kovrin-2.0.0a1/examples/quickstart.py +13 -0
kovrin-2.0.0a1/nixpacks.toml +11 -0
kovrin-2.0.0a1/pyproject.toml +119 -0
kovrin-2.0.0a1/railway.toml +8 -0
kovrin-2.0.0a1/specs/AxiomValidation.tla +96 -0
kovrin-2.0.0a1/specs/GraphExecution.tla +152 -0
kovrin-2.0.0a1/specs/HashChain.tla +103 -0
kovrin-2.0.0a1/specs/KovrinSafety.tla +267 -0
kovrin-2.0.0a1/specs/README.md +175 -0
kovrin-2.0.0a1/specs/RoutingMatrix.tla +115 -0
kovrin-2.0.0a1/specs/SpeculationModel.tla +129 -0
kovrin-2.0.0a1/specs/TaskStateMachine.tla +128 -0
kovrin-2.0.0a1/specs/WatchdogMonitor.tla +127 -0
kovrin-2.0.0a1/src/kovrin/__init__.py +545 -0
kovrin-2.0.0a1/src/kovrin/agents/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/agents/base.py +300 -0
kovrin-2.0.0a1/src/kovrin/agents/coordinator.py +207 -0
kovrin-2.0.0a1/src/kovrin/agents/registry.py +78 -0
kovrin-2.0.0a1/src/kovrin/agents/tools.py +180 -0
kovrin-2.0.0a1/src/kovrin/api/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/api/server.py +747 -0
kovrin-2.0.0a1/src/kovrin/api/superwork_router.py +254 -0
kovrin-2.0.0a1/src/kovrin/audit/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/audit/trace_logger.py +250 -0
kovrin-2.0.0a1/src/kovrin/cli.py +388 -0
kovrin-2.0.0a1/src/kovrin/core/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/core/constitutional.py +242 -0
kovrin-2.0.0a1/src/kovrin/core/models.py +468 -0
kovrin-2.0.0a1/src/kovrin/engine/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/engine/beam_search.py +203 -0
kovrin-2.0.0a1/src/kovrin/engine/confidence.py +109 -0
kovrin-2.0.0a1/src/kovrin/engine/executor.py +301 -0
kovrin-2.0.0a1/src/kovrin/engine/graph.py +315 -0
kovrin-2.0.0a1/src/kovrin/engine/mcts.py +295 -0
kovrin-2.0.0a1/src/kovrin/engine/prm.py +173 -0
kovrin-2.0.0a1/src/kovrin/engine/risk_router.py +198 -0
kovrin-2.0.0a1/src/kovrin/engine/speculation.py +163 -0
kovrin-2.0.0a1/src/kovrin/engine/tokens.py +219 -0
kovrin-2.0.0a1/src/kovrin/engine/topology.py +160 -0
kovrin-2.0.0a1/src/kovrin/examples/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/examples/company_ops.py +73 -0
kovrin-2.0.0a1/src/kovrin/exceptions.py +129 -0
kovrin-2.0.0a1/src/kovrin/intent/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/intent/parser.py +150 -0
kovrin-2.0.0a1/src/kovrin/intent/schema.py +214 -0
kovrin-2.0.0a1/src/kovrin/logging.py +119 -0
kovrin-2.0.0a1/src/kovrin/providers/__init__.py +67 -0
kovrin-2.0.0a1/src/kovrin/providers/base.py +181 -0
kovrin-2.0.0a1/src/kovrin/providers/circuit_breaker.py +132 -0
kovrin-2.0.0a1/src/kovrin/providers/claude.py +122 -0
kovrin-2.0.0a1/src/kovrin/providers/ollama.py +80 -0
kovrin-2.0.0a1/src/kovrin/providers/openai.py +214 -0
kovrin-2.0.0a1/src/kovrin/providers/router.py +96 -0
kovrin-2.0.0a1/src/kovrin/py.typed +0 -0
kovrin-2.0.0a1/src/kovrin/safety/__init__.py +0 -0
kovrin-2.0.0a1/src/kovrin/safety/critics.py +267 -0
kovrin-2.0.0a1/src/kovrin/safety/watchdog.py +685 -0
kovrin-2.0.0a1/src/kovrin/schema/__init__.py +5 -0
kovrin-2.0.0a1/src/kovrin/schema/__main__.py +10 -0
kovrin-2.0.0a1/src/kovrin/schema/exporter.py +357 -0
kovrin-2.0.0a1/src/kovrin/storage/__init__.py +3 -0
kovrin-2.0.0a1/src/kovrin/storage/db.py +174 -0
kovrin-2.0.0a1/src/kovrin/storage/repository.py +330 -0
kovrin-2.0.0a1/src/kovrin/superwork/__init__.py +40 -0
kovrin-2.0.0a1/src/kovrin/superwork/cli.py +168 -0
kovrin-2.0.0a1/src/kovrin/superwork/context_injector.py +257 -0
kovrin-2.0.0a1/src/kovrin/superwork/metrics.py +162 -0
kovrin-2.0.0a1/src/kovrin/superwork/models.py +142 -0
kovrin-2.0.0a1/src/kovrin/superwork/orchestrator.py +242 -0
kovrin-2.0.0a1/src/kovrin/superwork/repository.py +378 -0
kovrin-2.0.0a1/src/kovrin/superwork/session_watcher.py +256 -0
kovrin-2.0.0a1/src/kovrin/tools/__init__.py +39 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/__init__.py +32 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/calculator.py +62 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/code_exec.py +58 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/datetime_tool.py +33 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/file_ops.py +132 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/http_client.py +107 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/json_tool.py +43 -0
kovrin-2.0.0a1/src/kovrin/tools/builtin/web_search.py +177 -0
kovrin-2.0.0a1/src/kovrin/tools/models.py +99 -0
kovrin-2.0.0a1/src/kovrin/tools/registry.py +143 -0
kovrin-2.0.0a1/src/kovrin/tools/router.py +341 -0
kovrin-2.0.0a1/src/kovrin/tools/sandbox.py +178 -0
kovrin-2.0.0a1/tests/__init__.py +0 -0
kovrin-2.0.0a1/tests/conftest.py +80 -0
kovrin-2.0.0a1/tests/test_adversarial.py +744 -0
kovrin-2.0.0a1/tests/test_adversarial_tokens.py +219 -0
kovrin-2.0.0a1/tests/test_adversarial_tools.py +430 -0
kovrin-2.0.0a1/tests/test_agent_drift.py +269 -0
kovrin-2.0.0a1/tests/test_agents.py +365 -0
kovrin-2.0.0a1/tests/test_api.py +184 -0
kovrin-2.0.0a1/tests/test_approval.py +342 -0
kovrin-2.0.0a1/tests/test_autonomy.py +159 -0
kovrin-2.0.0a1/tests/test_beam_search.py +241 -0
kovrin-2.0.0a1/tests/test_cli.py +83 -0
kovrin-2.0.0a1/tests/test_confidence.py +120 -0
kovrin-2.0.0a1/tests/test_constitutional.py +150 -0
kovrin-2.0.0a1/tests/test_context_injector.py +108 -0
kovrin-2.0.0a1/tests/test_drift.py +349 -0
kovrin-2.0.0a1/tests/test_exceptions.py +151 -0
kovrin-2.0.0a1/tests/test_exploration_integration.py +162 -0
kovrin-2.0.0a1/tests/test_graph_engine.py +207 -0
kovrin-2.0.0a1/tests/test_hash_persistence.py +154 -0
kovrin-2.0.0a1/tests/test_intent_parser.py +101 -0
kovrin-2.0.0a1/tests/test_logging.py +94 -0
kovrin-2.0.0a1/tests/test_mcts.py +243 -0
kovrin-2.0.0a1/tests/test_models.py +131 -0
kovrin-2.0.0a1/tests/test_orchestrator.py +55 -0
kovrin-2.0.0a1/tests/test_orchestrator_agent.py +270 -0
kovrin-2.0.0a1/tests/test_persistence.py +221 -0
kovrin-2.0.0a1/tests/test_prm.py +218 -0
kovrin-2.0.0a1/tests/test_providers.py +382 -0
kovrin-2.0.0a1/tests/test_replay.py +170 -0
kovrin-2.0.0a1/tests/test_risk_router.py +92 -0
kovrin-2.0.0a1/tests/test_safe_tool_router.py +405 -0
kovrin-2.0.0a1/tests/test_schema_exporter.py +282 -0
kovrin-2.0.0a1/tests/test_session_watcher.py +212 -0
kovrin-2.0.0a1/tests/test_speculation.py +168 -0
kovrin-2.0.0a1/tests/test_streaming.py +231 -0
kovrin-2.0.0a1/tests/test_superwork_api.py +134 -0
kovrin-2.0.0a1/tests/test_superwork_cli.py +26 -0
kovrin-2.0.0a1/tests/test_superwork_metrics.py +138 -0
kovrin-2.0.0a1/tests/test_superwork_models.py +210 -0
kovrin-2.0.0a1/tests/test_superwork_repository.py +173 -0
kovrin-2.0.0a1/tests/test_tokens.py +280 -0
kovrin-2.0.0a1/tests/test_tool_registry.py +209 -0
kovrin-2.0.0a1/tests/test_tools.py +280 -0
kovrin-2.0.0a1/tests/test_topology.py +130 -0
kovrin-2.0.0a1/tests/test_trace_logger.py +129 -0
kovrin-2.0.0a1/tests/test_watchdog.py +474 -0
kovrin-2.0.0a1/tests/test_web_search.py +178 -0

kovrin-2.0.0a1/.env.example ADDED Viewed

@@ -0,0 +1,9 @@
+ANTHROPIC_API_KEY=your_key_here
+# Brave Search API key for web search tool
+# Free tier: 2,000 queries/month, no credit card required
+# Get your key at: https://api.search.brave.com/
+BRAVE_SEARCH_API_KEY=your_brave_key_here
+# Database URL — PostgreSQL for production, SQLite path for local dev
+# DATABASE_URL=postgresql://user:password@localhost:5432/kovrin

kovrin-2.0.0a1/.github/workflows/ci.yml ADDED Viewed

@@ -0,0 +1,99 @@
+name: CI
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev,api]"
+      - name: Lint with ruff
+        run: |
+          ruff check src/ tests/
+      - name: Format check with ruff
+        run: |
+          ruff format --check src/ tests/
+      - name: Run tests with coverage
+        run: |
+          pytest tests/ -m "not integration" -v --tb=short \
+            --ignore=tests/test_api.py \
+            --ignore=tests/test_superwork_api.py \
+            --cov=src/kovrin --cov-report=xml --cov-report=term-missing \
+            --cov-fail-under=70
+      - name: Upload coverage to Codecov
+        if: matrix.python-version == '3.12'
+        uses: codecov/codecov-action@v4
+        with:
+          file: coverage.xml
+          fail_ci_if_error: false
+  typecheck:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev,api]"
+      - name: Type check with mypy
+        run: |
+          mypy src/kovrin/ --ignore-missing-imports \
+            --no-strict \
+            --warn-return-any \
+            --warn-unused-configs \
+            --disallow-untyped-defs \
+            --exclude 'superwork|examples' \
+            || echo "::warning::mypy found type errors (non-blocking)"
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev,api]"
+          pip install pip-audit
+      - name: Dependency audit
+        run: |
+          pip-audit --desc --ignore-vuln PYSEC-0 \
+            --skip-editable \
+            || echo "::warning::pip-audit found issues (non-blocking)"

kovrin-2.0.0a1/.github/workflows/publish.yml ADDED Viewed

@@ -0,0 +1,50 @@
+name: Publish to PyPI
+on:
+  release:
+    types: [published]
+permissions:
+  contents: read
+  id-token: write  # Required for trusted publishing
+jobs:
+  build:
+    name: Build distribution
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - name: Install build tools
+        run: pip install build
+      - name: Build package
+        run: python -m build
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+  publish-pypi:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+    environment: pypi
+    permissions:
+      id-token: write
+    steps:
+      - name: Download artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

kovrin-2.0.0a1/.gitignore ADDED Viewed

@@ -0,0 +1,71 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+*.egg-info/
+*.egg
+dist/
+build/
+sdist/
+wheels/
+*.whl
+# Virtual environments
+.venv/
+venv/
+ENV/
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.DS_Store
+# Environment & secrets
+.env
+.env.local
+.env.production
+!.env.example
+# Database
+*.db
+*.sqlite3
+# Testing & coverage
+.pytest_cache/
+htmlcov/
+.coverage
+.coverage.*
+coverage.xml
+*.cover
+# mypy / ruff
+.mypy_cache/
+.ruff_cache/
+# Logs
+logs/
+*.log
+# Node (dashboard)
+node_modules/
+dashboard/node_modules/
+dashboard/dist/
+dashboard/.vite/
+# Claude Code session data
+.claude/
+# OS files
+Thumbs.db
+ehthumbs.db
+# Jupyter
+.ipynb_checkpoints/
+# Distribution / packaging
+*.tar.gz
+*.zip

kovrin-2.0.0a1/.python-version ADDED Viewed

	@@ -0,0 +1 @@
1	+ 3.12.12

kovrin-2.0.0a1/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,41 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [2.0.0a1] - 2026-02-24
+### Added
+- **Constitutional Core (Layer 0)** — 5 immutable axioms with SHA-256 integrity verification. All-or-nothing: one axiom fails = entire task rejected.
+- **Risk-Based Routing Matrix** — Deterministic `(RiskLevel x SpeculationTier) -> RoutingAction` table with 4 autonomy profiles (DEFAULT, CAUTIOUS, AGGRESSIVE, LOCKED). CRITICAL risk always routes to HUMAN_APPROVAL — hardcoded, non-overridable.
+- **Merkle Audit Trail** — SHA-256 hash chain, append-only, tamper-evident. `ImmutableTraceLog` with `verify_integrity()`.
+- **Critic Pipeline** — SafetyCritic (L0 compliance), FeasibilityCritic (capability matching), PolicyCritic (organizational constraints). All must PASS for task execution.
+- **IntentV2 Schema** — AMR-inspired graph with speech act performatives, semantic frames, and HTN decomposition via Claude API.
+- **ExecutionGraph** — DAG-based execution with topological sort, wave-based parallel execution, and dependency resolution.
+- **Watchdog Agent** — Independent safety monitor with temporal rules (NoExecutionAfterRejection, ExcessiveFailureRate, UnexpectedEventSequence). Graduated containment: WARN -> PAUSE -> KILL (irreversible).
+- **Delegation Capability Tokens (DCT)** — HMAC-SHA256 signed tokens with scope narrowing, cascading revocation via TokenAuthority.
+- **MCTS Explorer** — Monte Carlo Tree Search with UCB1 for decomposition exploration.
+- **Beam Search Executor** — Parallel beam execution with pruning.
+- **Process Reward Model (PRM)** — Step-level scoring for agent drift detection.
+- **Speculative Execution** — Three tiers: FREE (read-only), GUARDED (checkpoint/rollback), NONE (human approval).
+- **Safety-Gated Tools** — 8 built-in tools (web_search, calculator, datetime, json_transform, code_analysis, http_request, file_read, file_write) with per-tool risk profiles, sandboxed execution, and Merkle-audited calls.
+- **Multi-Model Providers** — ClaudeProvider, OpenAIProvider, OllamaProvider with ModelRouter and CircuitBreakerProvider for fault tolerance.
+- **Multi-Agent Coordination** — AgentCoordinator with AgentRegistry and DCT-scoped delegation.
+- **CLI** — `kovrin run`, `kovrin verify`, `kovrin audit`, `kovrin serve`, `kovrin status`.
+- **FastAPI Server** — REST + WebSocket + SSE endpoints for pipeline execution, audit, and real-time events.
+- **Schema Exporter** — JSON Schema + TypeScript type generation from Pydantic models (42 models, 17 enums).
+- **TLA+ Formal Verification** — 8 specification modules with 10 machine-checked safety invariants.
+- **741 tests** — Including 42 adversarial attack tests targeting safety bypasses.
+- **CI/CD** — GitHub Actions (pytest, mypy, pip-audit) + Railway auto-deploy.
+- **Brave Search Integration** — Real web search via Brave Search API (free tier).
+- **Custom Exceptions** — KovrinError hierarchy with 10 specific exception types.
+- **Structured Logging** — JSON + human-readable output via `kovrin.logging`.
+### Fixed
+- FeasibilityCritic false rejections — improved prompt with detailed tool capabilities and explicit evaluation rules. Verified: 4/4 tasks PASS in production.
+[2.0.0a1]: https://github.com/nkovalcin/kovrin/releases/tag/v2.0.0a1