nat-engine 1__tar.gz

nat_engine-1/.dockerignore

@@ -0,0 +1,44 @@
+# .dockerignore — exclude files not needed in the Docker build context
+
+# Python cache and build artefacts
+__pycache__/
+*.py[cod]
+*.pyo
+*.pyd
+.Python
+*.egg-info/
+dist/
+build/
+*.egg
+
+# Development / test files
+.pytest_cache/
+.ruff_cache/
+.mypy_cache/
+htmlcov/
+.coverage
+*.log
+
+# Version control
+.git/
+.gitignore
+
+# Editor/IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+.DS_Store
+
+# Documentation and non-essential assets
+1999_Doctoral_Thesis_Brad_Guider_DRAFT.docx
+InitialResearch.md
+
+# Docker files (avoid recursive context)
+Dockerfile
+docker-compose.yml
+.dockerignore
+
+# Test files (not needed at runtime)
+tests/
+examples/

nat_engine-1/.env.example

@@ -0,0 +1,258 @@
+# NAT (Neural Agent Testing Framework) — Environment Variables Reference
+#
+# Copy this file to .env and fill in the values for your environment:
+#
+#   cp .env.example .env
+#   # Edit .env with your settings
+#
+# Variables marked (required) must be set for the relevant feature to work.
+# Variables with a default value can be omitted to accept the default.
+
+# ---------------------------------------------------------------------------
+# Server / Core
+# ---------------------------------------------------------------------------
+
+# Bind address for the NAT HTTP server (default: 0.0.0.0)
+NAT_HOST=0.0.0.0
+
+# Port for the NAT HTTP server (default: 8080)
+NAT_PORT=8080
+
+# Log level: debug, info, warning, error (default: info)
+NAT_LOG_LEVEL=info
+
+# Number of Uvicorn worker processes (default: 1)
+NAT_WORKERS=1
+
+# Comma-separated list of allowed CORS origins (e.g. https://app.example.com)
+NAT_CORS_ORIGINS=
+
+# ---------------------------------------------------------------------------
+# Database
+# ---------------------------------------------------------------------------
+
+# PostgreSQL async connection string (required for persistent storage).
+# WITHOUT this, NAT runs in-memory and all scan data is lost on restart.
+# Example: postgresql://user:password@localhost:5432/nat
+DATABASE_URL=
+
+# ---------------------------------------------------------------------------
+# Authentication / API Keys
+# ---------------------------------------------------------------------------
+
+# API key for authenticating scan requests (X-API-Key header). (required)
+NAT_API_KEY=
+
+# Admin API key for tenant management endpoints (X-Admin-Key header). (required)
+NAT_ADMIN_KEY=
+
+# Internal app-sync key used for service-to-service calls.
+NAT_APP_SYNC_KEY=
+
+# ---------------------------------------------------------------------------
+# Scan Queue / Rate Limiting
+# ---------------------------------------------------------------------------
+
+# Maximum number of scans that can run in parallel (default: 4)
+NAT_MAX_CONCURRENT_SCANS=4
+
+# Maximum number of scans allowed in the waiting queue (default: 20)
+NAT_MAX_QUEUE_DEPTH=20
+
+# Per-scan timeout in seconds before the scan is aborted (default: 300)
+NAT_SCAN_TIMEOUT=300
+
+# Global rate-limit for the scan API (e.g. 100/minute). Leave empty to disable.
+NAT_RATE_LIMIT=100/minute
+
+# ---------------------------------------------------------------------------
+# Webhooks / Notifications
+# ---------------------------------------------------------------------------
+
+# Default webhook URL for delivering scan results.
+NAT_WEBHOOK_URL=
+
+# HMAC-SHA256 signing secret for outbound scan-result webhook payloads.
+NAT_WEBHOOK_SECRET=
+
+# Webhook URL for billing lifecycle events (subscription created, etc.).
+NAT_BILLING_WEBHOOK_URL=
+
+# HMAC signing secret for billing webhook payloads.
+NAT_BILLING_WEBHOOK_SECRET=
+
+# Signing secret for notification webhook payloads (Slack / Teams).
+NAT_NOTIFICATION_WEBHOOK_SECRET=
+
+# Slack incoming-webhook URL for scan notifications.
+NAT_SLACK_WEBHOOK_URL=
+
+# Microsoft Teams incoming-webhook URL for scan notifications.
+NAT_TEAMS_WEBHOOK_URL=
+
+# ---------------------------------------------------------------------------
+# Billing (Stripe)
+# ---------------------------------------------------------------------------
+
+# Stripe secret API key (sk_live_… or sk_test_…). (required for billing)
+STRIPE_SECRET_KEY=
+
+# Stripe webhook endpoint signing secret (whsec_…). (required for billing)
+STRIPE_WEBHOOK_SECRET=
+
+# Stripe product IDs for each plan tier.
+STRIPE_PRODUCT_ID_FREE=
+STRIPE_PRODUCT_ID_PRO=
+STRIPE_PRODUCT_ID_TEAM=
+STRIPE_PRODUCT_ID_ENTERPRISE=
+STRIPE_PRODUCT_ID_FUNCTIONAL=
+STRIPE_PRODUCT_ID_PERFORMANCE=
+STRIPE_PRODUCT_ID_VISUAL=
+STRIPE_PRODUCT_ID_ACCESSIBILITY=
+
+# Stripe price IDs for each plan tier.
+STRIPE_PRICE_ID_FREE=
+STRIPE_PRICE_ID_PRO=
+STRIPE_PRICE_ID_TEAM=
+STRIPE_PRICE_ID_ENTERPRISE=
+STRIPE_PRICE_ID_FUNCTIONAL=
+STRIPE_PRICE_ID_PERFORMANCE=
+STRIPE_PRICE_ID_VISUAL=
+STRIPE_PRICE_ID_ACCESSIBILITY=
+
+# ---------------------------------------------------------------------------
+# Telemetry / Monitoring
+# ---------------------------------------------------------------------------
+
+# Azure Application Insights connection string for telemetry.
+APPLICATIONINSIGHTS_CONNECTION_STRING=
+
+# Azure Blob Storage connection string for storing scan artefacts.
+AZURE_STORAGE_CONNECTION_STRING=
+
+# Azure Blob Storage account name (alternative to AZURE_STORAGE_CONNECTION_STRING).
+AZURE_STORAGE_ACCOUNT_NAME=
+
+# Azure Blob Storage account key (used together with AZURE_STORAGE_ACCOUNT_NAME).
+AZURE_STORAGE_ACCOUNT_KEY=
+
+# ---------------------------------------------------------------------------
+# LLM Integration
+# ---------------------------------------------------------------------------
+
+# OpenAI API key — required when using --use-llm --llm-provider openai
+OPENAI_API_KEY=
+
+# Anthropic API key — required when using --use-llm --llm-provider anthropic
+ANTHROPIC_API_KEY=
+
+# ---------------------------------------------------------------------------
+# Setup Wizard / CLI (non-interactive / CI mode)
+# ---------------------------------------------------------------------------
+
+# Deployment mode: saas, self-hosted, or cli (default: cli)
+NAT_MODE=cli
+
+# Path to the OpenAPI / Postman spec file to scan.
+NAT_SPEC_PATH=
+
+# Base URL of the API under test.
+NAT_BASE_URL=
+
+# Bearer token for authenticating requests to the API under test.
+NAT_AUTH_TOKEN=
+
+# Exporter to configure in non-interactive mode (e.g. jira, github-issues, gitlab).
+NAT_EXPORT=
+
+# ---------------------------------------------------------------------------
+# Exporter: Jira
+# ---------------------------------------------------------------------------
+
+# Jira Cloud base URL (e.g. https://yourorg.atlassian.net).
+NAT_JIRA_BASE_URL=
+
+# Jira project key (e.g. NAT).
+NAT_JIRA_PROJECT_KEY=
+
+# Atlassian account email address.
+NAT_JIRA_EMAIL=
+
+# Atlassian API token (generate at id.atlassian.com/manage-profile/security/api-tokens).
+NAT_JIRA_API_TOKEN=
+
+# ---------------------------------------------------------------------------
+# Exporter: GitHub Issues
+# ---------------------------------------------------------------------------
+
+# GitHub Personal Access Token with repo scope.
+NAT_GITHUB_TOKEN=
+
+# Target GitHub repository in owner/repo format (e.g. acme/api-service).
+NAT_GITHUB_REPO=
+
+# ---------------------------------------------------------------------------
+# Exporter: GitLab Issues
+# ---------------------------------------------------------------------------
+
+# GitLab instance URL (e.g. https://gitlab.com).
+NAT_GITLAB_URL=https://gitlab.com
+
+# GitLab project ID (numeric).
+NAT_GITLAB_PROJECT_ID=
+
+# GitLab private token with api scope.
+NAT_GITLAB_TOKEN=
+
+# ---------------------------------------------------------------------------
+# Exporter: Linear
+# ---------------------------------------------------------------------------
+
+# Linear API key.
+NAT_LINEAR_API_KEY=
+
+# Linear team ID to create issues in.
+NAT_LINEAR_TEAM_ID=
+
+# ---------------------------------------------------------------------------
+# Exporter: Azure DevOps
+# ---------------------------------------------------------------------------
+
+# Azure DevOps organization name.
+NAT_ADO_ORG=
+
+# Azure DevOps project name.
+NAT_ADO_PROJECT=
+
+# Azure DevOps Personal Access Token.
+NAT_ADO_PAT=
+
+# ---------------------------------------------------------------------------
+# Exporter: Shortcut (formerly Clubhouse)
+# ---------------------------------------------------------------------------
+
+# Shortcut API token.
+NAT_SHORTCUT_TOKEN=
+
+# Shortcut project ID to create stories in.
+NAT_SHORTCUT_PROJECT_ID=
+
+# ---------------------------------------------------------------------------
+# Exporter: PagerDuty
+# ---------------------------------------------------------------------------
+
+# PagerDuty Events API v2 routing/integration key.
+NAT_PAGERDUTY_ROUTING_KEY=
+
+# ---------------------------------------------------------------------------
+# Exporter: ServiceNow
+# ---------------------------------------------------------------------------
+
+# ServiceNow instance URL (e.g. https://yourinstance.service-now.com).
+NAT_SERVICENOW_URL=
+
+# ServiceNow username.
+NAT_SERVICENOW_USER=
+
+# ServiceNow password.
+NAT_SERVICENOW_PASSWORD=

nat_engine-1/.github/CLA.md

@@ -0,0 +1,114 @@
+# Contributor License Agreement (CLA)
+
+**NeuroAgentTest (NAT) — Multi-Agent Neural Network Framework**
+
+Thank you for your interest in contributing to NeuroAgentTest (NAT). This
+Contributor License Agreement ("Agreement") clarifies the intellectual
+property rights granted with contributions to this project.
+
+By submitting a contribution (a pull request, patch, or any other material)
+to this repository, you agree to the following terms:
+
+---
+
+## 1. Definitions
+
+- **"You"** means the individual or legal entity submitting a contribution.
+- **"Contribution"** means any original work of authorship, including any
+  modifications or additions to existing work, submitted to this project.
+- **"Project"** means the NeuroAgentTest (NAT) software and associated
+  documentation hosted at
+  [https://github.com/bg-playground/MultiAgent-Neural-Network-Framework](https://github.com/bg-playground/MultiAgent-Neural-Network-Framework).
+- **"Maintainers"** means the current maintainers and copyright holders of
+  the Project.
+
+---
+
+## 2. Grant of Copyright License
+
+You hereby grant to the Maintainers and to all recipients of software
+distributed by the Project a **perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable** copyright license to reproduce,
+prepare derivative works of, publicly display, publicly perform,
+sublicense, and distribute your Contributions and such derivative works.
+
+---
+
+## 3. Grant of Patent License
+
+You hereby grant to the Maintainers and to all recipients of software
+distributed by the Project a **perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable** (except as stated in this section)
+patent license to make, have made, use, offer to sell, sell, import, and
+otherwise transfer the Project, where such license applies only to those
+patent claims licensable by you that are necessarily infringed by your
+Contribution(s) alone or by combination of your Contribution(s) with the
+Project.
+
+---
+
+## 4. Right to Re-License
+
+You grant the Maintainers the right to re-license your Contributions,
+including under a proprietary or commercial license, as part of the
+Project's dual-licensing model (AGPL-3.0 and Commercial License). This
+allows the Maintainers to offer commercial licenses to third parties
+without violating your rights or the open-source license.
+
+---
+
+## 5. Copyright Assignment
+
+To the extent permitted by applicable law and as necessary to support the
+dual-licensing model, you assign to the Maintainers all right, title, and
+interest in your Contributions, including all copyright and related rights.
+Where assignment is not permitted by law, you grant the broadest possible
+license as described in Sections 2 and 3.
+
+---
+
+## 6. Representations
+
+You represent that:
+
+1. **Original work**: Each Contribution is your original creation, or you
+   have sufficient rights to submit it under this Agreement.
+2. **No third-party restrictions**: Your Contribution does not include any
+   material that is subject to third-party intellectual property rights
+   (patents, copyrights, trade secrets) that would restrict the Maintainers'
+   ability to use, distribute, or re-license the Contribution.
+3. **Employment**: If your employer has rights to intellectual property you
+   create, you have received permission to make the Contribution on behalf
+   of your employer, or your employer has waived such rights.
+4. **Accuracy**: You agree to notify the Maintainers if any of these
+   representations become inaccurate.
+
+---
+
+## 7. No Obligation
+
+Nothing in this Agreement obligates the Maintainers to accept, include, or
+use your Contribution. Acceptance of this Agreement does not guarantee that
+your Contribution will be merged.
+
+---
+
+## 8. How to Indicate Acceptance
+
+By opening a pull request or submitting a patch to this repository, you
+indicate that you have read, understood, and agree to the terms of this
+Contributor License Agreement.
+
+If you are contributing on behalf of an organization, the individual
+submitting the contribution represents that they have authority to bind
+the organization to this Agreement.
+
+---
+
+## Contact
+
+For questions about this CLA, contact [licensing@nat-testing.io](mailto:licensing@nat-testing.io).
+
+---
+
+See also: [README.md — License](README.md#license) · [CONTRIBUTING.md — License and CLA](docs/contributing.md#license-and-cla)

nat_engine-1/.github/workflows/action-release.yml

@@ -0,0 +1,175 @@
+# NeuroAgentTest (NAT) — Multi-Agent Neural Network Framework
+# Copyright (C) 2026 NAT Contributors
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+#
+# For commercial licensing, contact: licensing@nat-testing.io
+---
+# .github/workflows/action-release.yml
+# Publishes a new GitHub Marketplace release for the NAT GitHub Action when
+# a version tag (v*, e.g. v1.2.3) is pushed.
+#
+# Release process:
+#   git tag v1.2.3 && git push origin v1.2.3
+#
+# The workflow will:
+#   1. Run the action test suite
+#   2. Validate the action.yml schema
+#   3. Create a GitHub Release with auto-generated changelog
+#   4. Force-update the major version tag (v1 → latest v1.x.x)
+
+name: Action Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Version tag to release (e.g. v1.2.3)'
+        required: true
+
+jobs:
+  # ── 1. Run tests ──────────────────────────────────────────────────────────
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        run: pip install --quiet -e ".[dev]"
+
+      - name: Run action tests
+        run: python -m pytest tests/test_action/ -v --tb=short
+
+  # ── 2. Validate action.yml ────────────────────────────────────────────────
+  validate:
+    name: Validate action.yml
+    runs-on: ubuntu-latest
+    needs: test
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Validate action.yml exists and has required fields
+        run: |
+          python - <<'EOF'
+          import sys
+          try:
+              import yaml
+          except ImportError:
+              import subprocess
+              subprocess.check_call([sys.executable, "-m", "pip", "install", "pyyaml", "-q"])
+              import yaml
+
+          with open("action.yml") as f:
+              action = yaml.safe_load(f)
+
+          required = ["name", "description", "branding", "inputs", "outputs", "runs"]
+          for field in required:
+              if field not in action:
+                  print(f"ERROR: action.yml missing required field: {field}")
+                  sys.exit(1)
+
+          branding = action.get("branding", {})
+          if "icon" not in branding or "color" not in branding:
+              print("ERROR: action.yml branding must have 'icon' and 'color'")
+              sys.exit(1)
+
+          print("action.yml validation passed")
+          print(f"  Name: {action['name']}")
+          print(f"  Description: {action['description'][:80]}...")
+          print(f"  Branding: icon={branding['icon']}, color={branding['color']}")
+          print(f"  Inputs: {len(action['inputs'])}")
+          print(f"  Outputs: {len(action['outputs'])}")
+          EOF
+
+  # ── 3. Create GitHub Release and update major version tag ────────────────
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    needs: [test, validate]
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Determine version
+        id: version
+        run: |
+          TAG="${GITHUB_REF_NAME:-${{ github.event.inputs.tag }}}"
+          echo "tag=${TAG}" >> "${GITHUB_OUTPUT}"
+          # Extract major version (v1.2.3 → v1)
+          MAJOR=$(echo "${TAG}" | sed 's/\([^.]*\)\..*/\1/')
+          echo "major=${MAJOR}" >> "${GITHUB_OUTPUT}"
+          echo "Tag: ${TAG}, Major: ${MAJOR}"
+
+      - name: Generate changelog
+        id: changelog
+        run: |
+          TAG="${{ steps.version.outputs.tag }}"
+          PREV_TAG=$(git tag --sort=-version:refname | grep '^v' | sed -n '2p' || echo "")
+
+          if [[ -n "${PREV_TAG}" ]]; then
+            RANGE="${PREV_TAG}..${TAG}"
+          else
+            RANGE="${TAG}"
+          fi
+
+          echo "## What's Changed" > /tmp/changelog.md
+          echo "" >> /tmp/changelog.md
+          git log ${RANGE} --pretty=format:"- %s (%h)" --no-merges >> /tmp/changelog.md || true
+          echo "" >> /tmp/changelog.md
+          echo "" >> /tmp/changelog.md
+          echo "**Full Changelog**: https://github.com/${{ github.repository }}/compare/${PREV_TAG}...${TAG}" >> /tmp/changelog.md
+          cat /tmp/changelog.md
+
+      - name: Create GitHub Release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          TAG="${{ steps.version.outputs.tag }}"
+          gh release create "${TAG}" \
+            --title "NAT Action ${TAG}" \
+            --notes-file /tmp/changelog.md \
+            --verify-tag
+
+      - name: Update major version tag
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          TAG="${{ steps.version.outputs.tag }}"
+          MAJOR="${{ steps.version.outputs.major }}"
+
+          # Force-update the major version tag to point to this commit.
+          # This lets consumers use `nat-testing/nat-action@v1` and get the
+          # latest v1.x.x automatically.
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git tag -fa "${MAJOR}" -m "Update ${MAJOR} to ${TAG}"
+          git push origin "${MAJOR}" --force
+
+          echo "✅ Updated ${MAJOR} → ${TAG}"