pmquant 0.4.3__tar.gz → 0.4.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. pmquant-0.4.4/.githooks/pre-push +10 -0
  2. pmquant-0.4.4/.github/workflows/codeql.yml +21 -0
  3. pmquant-0.4.4/.github/workflows/mcp-publish.yml +35 -0
  4. {pmquant-0.4.3 → pmquant-0.4.4}/.github/workflows/publish.yml +3 -0
  5. pmquant-0.4.3/.hypothesis/constants/1720e64af9235558 → pmquant-0.4.4/.hypothesis/constants/3687cdf4cf8f7af3 +1 -1
  6. {pmquant-0.4.3 → pmquant-0.4.4}/.hypothesis/unicode_data/15.0.0/charmap.json.gz +0 -0
  7. pmquant-0.4.4/.hypothesis/unicode_data/15.0.0/codec-utf-8.json.gz +0 -0
  8. {pmquant-0.4.3 → pmquant-0.4.4}/CHANGELOG.md +17 -0
  9. {pmquant-0.4.3 → pmquant-0.4.4}/CLAUDE.md +30 -10
  10. pmquant-0.4.4/CONTRIBUTING.md +80 -0
  11. {pmquant-0.4.3 → pmquant-0.4.4}/PKG-INFO +8 -3
  12. {pmquant-0.4.3 → pmquant-0.4.4}/README.md +7 -2
  13. {pmquant-0.4.3 → pmquant-0.4.4}/SECURITY.md +3 -2
  14. {pmquant-0.4.3 → pmquant-0.4.4}/pyproject.toml +1 -1
  15. {pmquant-0.4.3 → pmquant-0.4.4}/server.json +3 -3
  16. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/__init__.py +1 -1
  17. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_canary_live.py +2 -1
  18. pmquant-0.4.3/.hypothesis/unicode_data/15.0.0/codec-utf-8.json.gz +0 -0
  19. pmquant-0.4.3/CONTRIBUTING.md +0 -52
  20. {pmquant-0.4.3 → pmquant-0.4.4}/.github/dependabot.yml +0 -0
  21. {pmquant-0.4.3 → pmquant-0.4.4}/.github/workflows/canary.yml +0 -0
  22. {pmquant-0.4.3 → pmquant-0.4.4}/.github/workflows/scorecard.yml +0 -0
  23. {pmquant-0.4.3 → pmquant-0.4.4}/.github/workflows/test.yml +0 -0
  24. {pmquant-0.4.3 → pmquant-0.4.4}/.gitignore +0 -0
  25. {pmquant-0.4.3 → pmquant-0.4.4}/.hypothesis/.gitignore +0 -0
  26. {pmquant-0.4.3 → pmquant-0.4.4}/.hypothesis/constants/07a2a0eac57d1dd0 +0 -0
  27. {pmquant-0.4.3 → pmquant-0.4.4}/.hypothesis/constants/6c9ffb0a1efc27b6 +0 -0
  28. {pmquant-0.4.3 → pmquant-0.4.4}/.hypothesis/constants/855d9c2e5b4693f1 +0 -0
  29. {pmquant-0.4.3 → pmquant-0.4.4}/.hypothesis/constants/ef909bf87e6ac33f +0 -0
  30. {pmquant-0.4.3 → pmquant-0.4.4}/AGENTS.md +0 -0
  31. {pmquant-0.4.3 → pmquant-0.4.4}/LICENSE +0 -0
  32. {pmquant-0.4.3 → pmquant-0.4.4}/bot-template/README.md +0 -0
  33. {pmquant-0.4.3 → pmquant-0.4.4}/bot-template/bot.py +0 -0
  34. {pmquant-0.4.3 → pmquant-0.4.4}/bot-template/dash/bot_dash.py +0 -0
  35. {pmquant-0.4.3 → pmquant-0.4.4}/bot-template/dash/dash.html +0 -0
  36. {pmquant-0.4.3 → pmquant-0.4.4}/bot-template/pmq-bot.service +0 -0
  37. {pmquant-0.4.3 → pmquant-0.4.4}/bot-template/strategy.py +0 -0
  38. {pmquant-0.4.3 → pmquant-0.4.4}/docs/assets/pmq-doctor.svg +0 -0
  39. {pmquant-0.4.3 → pmquant-0.4.4}/docs/recipes.md +0 -0
  40. {pmquant-0.4.3 → pmquant-0.4.4}/docs/rounding-study.md +0 -0
  41. {pmquant-0.4.3 → pmquant-0.4.4}/docs/war-story.md +0 -0
  42. {pmquant-0.4.3 → pmquant-0.4.4}/examples/fak_buy_guarded.py +0 -0
  43. {pmquant-0.4.3 → pmquant-0.4.4}/examples/read_market.py +0 -0
  44. {pmquant-0.4.3 → pmquant-0.4.4}/llms.txt +0 -0
  45. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/data.py +0 -0
  46. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/doctor.py +0 -0
  47. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/exceptions.py +0 -0
  48. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/executor.py +0 -0
  49. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/mcp.py +0 -0
  50. {pmquant-0.4.3 → pmquant-0.4.4}/src/pmq/py.typed +0 -0
  51. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_data.py +0 -0
  52. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_doctor.py +0 -0
  53. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_executor.py +0 -0
  54. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_fill_fuzz.py +0 -0
  55. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_mcp.py +0 -0
  56. {pmquant-0.4.3 → pmquant-0.4.4}/tests/test_template_engine.py +0 -0
@@ -0,0 +1,10 @@
1
+ #!/bin/sh
2
+ # pmq pre-push guard: refuse to push red. CI is the backstop; this catches
3
+ # it before the remote does. Bypass knowingly with --no-verify.
4
+ set -e
5
+ cd "$(git rev-parse --show-toplevel)"
6
+ PY=./.venv/bin/python
7
+ [ -x "$PY" ] || PY=python3
8
+ $PY -m ruff check . || { echo "pre-push: ruff rouge"; exit 1; }
9
+ $PY -m mypy || { echo "pre-push: mypy rouge"; exit 1; }
10
+ $PY -m pytest -q || { echo "pre-push: tests rouges"; exit 1; }
@@ -0,0 +1,21 @@
1
+ name: codeql
2
+ on:
3
+ push:
4
+ branches: [main]
5
+ pull_request:
6
+ schedule:
7
+ - cron: "41 7 * * 1"
8
+
9
+ permissions: read-all
10
+
11
+ jobs:
12
+ analyze:
13
+ runs-on: ubuntu-latest
14
+ permissions:
15
+ security-events: write
16
+ steps:
17
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
18
+ - uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4
19
+ with:
20
+ languages: python
21
+ - uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4
@@ -0,0 +1,35 @@
1
+ name: mcp-publish
2
+ on:
3
+ release:
4
+ types: [published]
5
+ workflow_dispatch:
6
+
7
+ permissions:
8
+ contents: read
9
+ id-token: write # OIDC login to the MCP registry
10
+
11
+ jobs:
12
+ publish:
13
+ runs-on: ubuntu-latest
14
+ steps:
15
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
16
+ - name: Fetch mcp-publisher
17
+ env:
18
+ GH_TOKEN: ${{ github.token }}
19
+ run: |
20
+ gh release download --repo modelcontextprotocol/registry \
21
+ --pattern "mcp-publisher_*linux_amd64.tar.gz" --output mp.tgz
22
+ tar -xzf mp.tgz
23
+ ./mcp-publisher --version
24
+ - name: Wait for the version to exist on PyPI
25
+ run: |
26
+ V=$(python3 -c "import json; print(json.load(open('server.json'))['version'])")
27
+ for i in $(seq 1 20); do
28
+ curl -s "https://pypi.org/pypi/pmquant/$V/json" | grep -q '"version"' && exit 0
29
+ echo "PyPI does not serve $V yet ($i/20)"; sleep 30
30
+ done
31
+ echo "giving up: registry would reject an unpublished version"; exit 1
32
+ - name: Publish server.json to the MCP registry
33
+ run: |
34
+ ./mcp-publisher login github-oidc
35
+ ./mcp-publisher publish
@@ -5,6 +5,9 @@ on:
5
5
  types: [published]
6
6
  workflow_dispatch:
7
7
 
8
+ permissions:
9
+ contents: read
10
+
8
11
  jobs:
9
12
  publish:
10
13
  runs-on: ubuntu-latest
@@ -1,4 +1,4 @@
1
1
  # file: /home/runner/work/pmq/pmq/src/pmq/__init__.py
2
2
  # hypothesis_version: 6.156.1
3
3
 
4
- ['0.4.3', 'DEFAULT_BUILDER_CODE', 'FEE_RATES', 'Fill', 'OrderUncertain', 'PmqError', 'PolymarketExecutor', '__version__', 'band_ask_depth_usd', 'best_bid_ask', 'book_inferred_winner', 'book_meta', 'event_markets', 'fee', 'get_book', 'get_market', 'get_tape', 'http_get_json', 'parse_market', 'positions', 'resolved_winner']
4
+ ['0.4.4', 'DEFAULT_BUILDER_CODE', 'FEE_RATES', 'Fill', 'OrderUncertain', 'PmqError', 'PolymarketExecutor', '__version__', 'band_ask_depth_usd', 'best_bid_ask', 'book_inferred_winner', 'book_meta', 'event_markets', 'fee', 'get_book', 'get_market', 'get_tape', 'http_get_json', 'parse_market', 'positions', 'resolved_winner']
@@ -1,5 +1,22 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.4.4 (2026-07-04)
4
+
5
+ * Harden: json.loads accepts NaN and Infinity, so a drifted or hostile
6
+ exchange response could book non-finite or negative matched amounts.
7
+ `_parse_fill` now zeroes anything non-finite or negative (fail closed),
8
+ and a hypothesis fuzz suite (four property groups, hundreds of generated
9
+ adversarial responses per run) pins the whole fill contract: market and
10
+ limit paths book only confirmed finite amounts, the 4xx/uncertain
11
+ exception partition is total, every transport exception surfaces as
12
+ OrderUncertain.
13
+ * Security surface: CodeQL workflow (its first scan caught and we fixed a
14
+ host-boundary bypass in the egress allowlist), Scorecard alert triage
15
+ with written dismissal reasons, top-level permissions on the publish
16
+ workflow, direct private-advisory link in SECURITY.md, Dependabot
17
+ vulnerability alerts enabled. Listed in the official MCP registry as
18
+ io.github.crp4222/pmq (publish rides releases via OIDC).
19
+
3
20
  ## 0.4.3 (2026-07-04)
4
21
 
5
22
  * Fix: py-clob-client-v2 1.0.2 reuses its limit-order rounding table for
@@ -9,16 +9,26 @@ agents EDITING it. Read both before changing code.)
9
9
  confirmed (`orderID` + `success is not False` + matched amounts); 4xx is a
10
10
  clean rejection; timeout/5xx raises `OrderUncertain`; unparseable = zero.
11
11
  Any change that books more optimistically is a regression by definition,
12
- whatever it fixes elsewhere. `reconcile()` must keep meaning cancel +
13
- `get_trades` truth.
12
+ whatever it fixes elsewhere. Matched amounts must be finite and
13
+ non-negative (json.loads accepts NaN/Infinity; hostile values book zero).
14
+ `reconcile()` must keep meaning cancel + `get_trades` truth. The
15
+ hypothesis fuzz suite (tests/test_fill_fuzz.py) pins all of this with
16
+ generated adversarial responses: extend it with every parser change,
17
+ never delete it.
14
18
  2. **Startup introspection** (`_EXPECTED_METHODS`/`_EXPECTED_MARKET_ARGS`):
15
19
  the executor REFUSES to run on a drifted py-clob-client-v2. When bumping
16
20
  the client dependency, re-verify signatures by introspection and update
17
21
  the tables in the same commit.
18
- 3. **Builder code policy**: default = maintainer's code, DISCLOSED in README
19
- and code comment, opt-out one line (`builder_code=None` / env). Never
20
- hide it, never remove the disclosure, never make opt-out harder. This is
21
- the trust model (JKorf pattern).
22
+ 3. **Builder code policy**: default = maintainer's code, defined in exactly
23
+ ONE place (`DEFAULT_BUILDER_CODE` in executor.py) and applied
24
+ automatically by every order path. DISCLOSED in README and code comment,
25
+ opt-out one line (`builder_code=None` / env). Never hide it, never remove
26
+ the disclosure, never make opt-out harder. AND the mirror rule: keep the
27
+ disclosure at the DOCUMENTATION level only; do not surface attribution in
28
+ runtime channels (server startup logs, MCP tools or instructions, order
29
+ responses). It is public on-chain in every signed order; in-band
30
+ reminders just prompt sessions to toggle a setting that costs users
31
+ nothing. This is the trust model (JKorf pattern).
22
32
  4. **No strategy content, ever**: the maintainer's private bot strategy
23
33
  (bands, timing, hours, families, sizing) must never appear in code, docs,
24
34
  tests, commits or issues. The bot-template ships deliberately naive
@@ -41,10 +51,20 @@ agents EDITING it. Read both before changing code.)
41
51
  * Exchange rules (min size, tick, fee rate) are READ from the venue
42
52
  (`book_meta`, `fee_rate`), not hardcoded. `FEE_RATES` is a documented
43
53
  snapshot of the official schedule used for estimates.
44
- * Releases: bump version in `pyproject.toml` AND `src/pmq/__init__.py`,
45
- update CHANGELOG.md, push, then `gh release create vX.Y.Z`: PyPI publish
46
- is automatic via trusted publishing (no tokens anywhere). PyPI name is
47
- `pmquant`, import name `pmq`: keep the README line explaining it.
54
+ * Releases: bump version in `pyproject.toml`, `src/pmq/__init__.py` AND
55
+ `server.json` (both version fields), update CHANGELOG.md, push, then
56
+ `gh release create vX.Y.Z`: PyPI publish (trusted publishing, signed
57
+ attestations) and the MCP registry republish (mcp-publish.yml,
58
+ github-oidc) both fire on the release event. Registry gotchas: the
59
+ server.json description caps at 100 characters, and the version must
60
+ exist on PyPI. PyPI name is `pmquant`, import name `pmq`: keep the
61
+ README line explaining it.
62
+ * CLAUDE.md and CONTRIBUTING.md are THE SAME FILE by contract: after
63
+ editing one, copy it over the other in the same commit (`cp CLAUDE.md
64
+ CONTRIBUTING.md`). Drift between them means an agent read stale rules.
65
+ * Local guard: `git config core.hooksPath .githooks` once per clone
66
+ enables the pre-push hook (ruff + mypy + pytest). CI is the backstop,
67
+ but the hook catches a broken push before it lands.
48
68
  * GitHub Actions stay pinned by commit SHA (dependabot bumps them); new
49
69
  workflows get an explicit least-privilege permissions block. The egress
50
70
  test and pip-audit ride the weekly canary: never move them to default CI
@@ -0,0 +1,80 @@
1
+ # pmq: engineering invariants for agents CONTRIBUTING to this repo
2
+
3
+ (AGENTS.md in this repo is for agents USING the library; this file is for
4
+ agents EDITING it. Read both before changing code.)
5
+
6
+ ## Never weaken (the product IS these properties)
7
+
8
+ 1. **The fail-closed fill contract**: a `Fill` books only what the exchange
9
+ confirmed (`orderID` + `success is not False` + matched amounts); 4xx is a
10
+ clean rejection; timeout/5xx raises `OrderUncertain`; unparseable = zero.
11
+ Any change that books more optimistically is a regression by definition,
12
+ whatever it fixes elsewhere. Matched amounts must be finite and
13
+ non-negative (json.loads accepts NaN/Infinity; hostile values book zero).
14
+ `reconcile()` must keep meaning cancel + `get_trades` truth. The
15
+ hypothesis fuzz suite (tests/test_fill_fuzz.py) pins all of this with
16
+ generated adversarial responses: extend it with every parser change,
17
+ never delete it.
18
+ 2. **Startup introspection** (`_EXPECTED_METHODS`/`_EXPECTED_MARKET_ARGS`):
19
+ the executor REFUSES to run on a drifted py-clob-client-v2. When bumping
20
+ the client dependency, re-verify signatures by introspection and update
21
+ the tables in the same commit.
22
+ 3. **Builder code policy**: default = maintainer's code, defined in exactly
23
+ ONE place (`DEFAULT_BUILDER_CODE` in executor.py) and applied
24
+ automatically by every order path. DISCLOSED in README and code comment,
25
+ opt-out one line (`builder_code=None` / env). Never hide it, never remove
26
+ the disclosure, never make opt-out harder. AND the mirror rule: keep the
27
+ disclosure at the DOCUMENTATION level only; do not surface attribution in
28
+ runtime channels (server startup logs, MCP tools or instructions, order
29
+ responses). It is public on-chain in every signed order; in-band
30
+ reminders just prompt sessions to toggle a setting that costs users
31
+ nothing. This is the trust model (JKorf pattern).
32
+ 4. **No strategy content, ever**: the maintainer's private bot strategy
33
+ (bands, timing, hours, families, sizing) must never appear in code, docs,
34
+ tests, commits or issues. The bot-template ships deliberately naive
35
+ demos only.
36
+ 5. **Claims must be falsifiable**: no superlatives in README/docs; dated
37
+ claims with evidence (comparison table, on-chain receipts, measured
38
+ studies). If you cannot prove it, do not write it.
39
+ 6. **MCP safety gates**: trading tools are REGISTERED only when the operator
40
+ sets `PMQ_MCP_LIVE=1`; per-order `PMQ_MCP_MAX_USD` cap enforced before
41
+ any client call. Read tools must keep working with zero credentials.
42
+
43
+ ## Working rules
44
+
45
+ * Tests green (`pytest -q`) and `ruff check .` clean before any push;
46
+ `pyscn check src/pmq bot-template` (complexity <= 10, no dead code)
47
+ must stay green too; clone warnings are informational (the template
48
+ dash deliberately duplicates helpers to stay stdlib-standalone). Add
49
+ tests with every behavior change. Network-touching tests go to
50
+ `tests/test_canary_live.py` behind `PMQ_CANARY=1`, never in default CI.
51
+ * Exchange rules (min size, tick, fee rate) are READ from the venue
52
+ (`book_meta`, `fee_rate`), not hardcoded. `FEE_RATES` is a documented
53
+ snapshot of the official schedule used for estimates.
54
+ * Releases: bump version in `pyproject.toml`, `src/pmq/__init__.py` AND
55
+ `server.json` (both version fields), update CHANGELOG.md, push, then
56
+ `gh release create vX.Y.Z`: PyPI publish (trusted publishing, signed
57
+ attestations) and the MCP registry republish (mcp-publish.yml,
58
+ github-oidc) both fire on the release event. Registry gotchas: the
59
+ server.json description caps at 100 characters, and the version must
60
+ exist on PyPI. PyPI name is `pmquant`, import name `pmq`: keep the
61
+ README line explaining it.
62
+ * CLAUDE.md and CONTRIBUTING.md are THE SAME FILE by contract: after
63
+ editing one, copy it over the other in the same commit (`cp CLAUDE.md
64
+ CONTRIBUTING.md`). Drift between them means an agent read stale rules.
65
+ * Local guard: `git config core.hooksPath .githooks` once per clone
66
+ enables the pre-push hook (ruff + mypy + pytest). CI is the backstop,
67
+ but the hook catches a broken push before it lands.
68
+ * GitHub Actions stay pinned by commit SHA (dependabot bumps them); new
69
+ workflows get an explicit least-privilege permissions block. The egress
70
+ test and pip-audit ride the weekly canary: never move them to default CI
71
+ (they need network) and never widen the egress allowlist beyond
72
+ polymarket.com without updating SECURITY.md and the README section.
73
+ * The weekly canary workflow is the drift alarm: if it opens an issue, the
74
+ fix starts by re-running the introspection against the new surface, not
75
+ by loosening the checks.
76
+ * Keep the library small and auditable (five modules): resist adding
77
+ dependencies; stdlib first. Anything bot-shaped belongs in bot-template/,
78
+ not in the package.
79
+ * Style: no em-dashes and no " - " connectors anywhere (strong user rule);
80
+ keep comments sparse and constraint-focused.
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: pmquant
3
- Version: 0.4.3
3
+ Version: 0.4.4
4
4
  Summary: Fail-closed execution and market-data layer for Polymarket CLOB V2: local signing, confirmed fills only, fee-correct math, working deposit-wallet (POLY_1271) support.
5
5
  Project-URL: Homepage, https://github.com/crp4222/pmq
6
6
  Project-URL: Issues, https://github.com/crp4222/pmq/issues
@@ -130,7 +130,10 @@ not your hopes.
130
130
 
131
131
  At startup pmq **introspects the installed py-clob-client-v2** against the API
132
132
  surface it was verified on, and refuses to trade on drift instead of sending
133
- orders through changed semantics.
133
+ orders through changed semantics. The whole table is pinned by an executable
134
+ test per row plus a hypothesis fuzz suite (hundreds of generated adversarial
135
+ responses per run, including NaN/Infinity and negative amounts, which book
136
+ zero).
134
137
 
135
138
  ## Quickstart
136
139
 
@@ -217,7 +220,9 @@ JKorf/Polymarket.Net; the official client defaults to zero attribution.)
217
220
 
218
221
  ## MCP server (agents)
219
222
 
220
- `pip install "pmquant[mcp]"` then run `pmq-mcp` (stdio). Read tools (market,
223
+ `pip install "pmquant[mcp]"` then run `pmq-mcp` (stdio). Listed in the
224
+ [official MCP registry](https://registry.modelcontextprotocol.io) as
225
+ `io.github.crp4222/pmq`. Read tools (market,
221
226
  book, taker_fee, account_collateral, account_trades) always exist. Trading
222
227
  tools (`fak_buy`, `fak_sell`, `cancel_and_reconcile`) are **only registered
223
228
  when the operator sets `PMQ_MCP_LIVE=1`** in the server environment: an
@@ -95,7 +95,10 @@ not your hopes.
95
95
 
96
96
  At startup pmq **introspects the installed py-clob-client-v2** against the API
97
97
  surface it was verified on, and refuses to trade on drift instead of sending
98
- orders through changed semantics.
98
+ orders through changed semantics. The whole table is pinned by an executable
99
+ test per row plus a hypothesis fuzz suite (hundreds of generated adversarial
100
+ responses per run, including NaN/Infinity and negative amounts, which book
101
+ zero).
99
102
 
100
103
  ## Quickstart
101
104
 
@@ -182,7 +185,9 @@ JKorf/Polymarket.Net; the official client defaults to zero attribution.)
182
185
 
183
186
  ## MCP server (agents)
184
187
 
185
- `pip install "pmquant[mcp]"` then run `pmq-mcp` (stdio). Read tools (market,
188
+ `pip install "pmquant[mcp]"` then run `pmq-mcp` (stdio). Listed in the
189
+ [official MCP registry](https://registry.modelcontextprotocol.io) as
190
+ `io.github.crp4222/pmq`. Read tools (market,
186
191
  book, taker_fee, account_collateral, account_trades) always exist. Trading
187
192
  tools (`fak_buy`, `fak_sell`, `cancel_and_reconcile`) are **only registered
188
193
  when the operator sets `PMQ_MCP_LIVE=1`** in the server environment: an
@@ -35,6 +35,7 @@ the important questions:
35
35
 
36
36
  ## Reporting a vulnerability
37
37
 
38
- Open a GitHub security advisory on this repository (Security tab, "Report a
39
- vulnerability") or an issue with the `security` label if it is not sensitive.
38
+ Open a [private security advisory](https://github.com/crp4222/pmq/security/advisories/new)
39
+ (Security tab, "Report a vulnerability") or, if it is not sensitive, an
40
+ [issue](https://github.com/crp4222/pmq/issues) with the `security` label.
40
41
  You will get an answer within a few days.
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
4
4
 
5
5
  [project]
6
6
  name = "pmquant"
7
- version = "0.4.3"
7
+ version = "0.4.4"
8
8
  description = "Fail-closed execution and market-data layer for Polymarket CLOB V2: local signing, confirmed fills only, fee-correct math, working deposit-wallet (POLY_1271) support."
9
9
  readme = "README.md"
10
10
  license = { text = "MIT" }
@@ -2,18 +2,18 @@
2
2
  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
3
3
  "name": "io.github.crp4222/pmq",
4
4
  "title": "pmq (Polymarket CLOB V2)",
5
- "description": "Fail-closed Polymarket CLOB V2 market data and execution, production-proven daily with the maintainer's own funds. Exchange-confirmed fills only; keys never leave the process (weekly public CI egress proof: only polymarket.com is ever contacted). Read tools need zero credentials; trading tools exist only when the operator sets PMQ_MCP_LIVE=1, capped per order by PMQ_MCP_MAX_USD.",
5
+ "description": "Production-proven Polymarket CLOB V2 trading and data. Fail-closed fills; keys stay local.",
6
6
  "repository": {
7
7
  "url": "https://github.com/crp4222/pmq",
8
8
  "source": "github"
9
9
  },
10
- "version": "0.4.2",
10
+ "version": "0.4.4",
11
11
  "packages": [
12
12
  {
13
13
  "registryType": "pypi",
14
14
  "registryBaseUrl": "https://pypi.org",
15
15
  "identifier": "pmquant",
16
- "version": "0.4.2",
16
+ "version": "0.4.4",
17
17
  "runtimeHint": "uvx",
18
18
  "transport": {
19
19
  "type": "stdio"
@@ -25,7 +25,7 @@ from .data import (
25
25
  )
26
26
  from .exceptions import IntrospectionMismatch, OrderUncertain, PmqError
27
27
 
28
- __version__ = "0.4.3"
28
+ __version__ = "0.4.4"
29
29
  __all__ = [
30
30
  "FEE_RATES", "band_ask_depth_usd", "best_bid_ask", "book_inferred_winner",
31
31
  "book_meta", "event_markets", "fee", "get_book", "get_market", "get_tape",
@@ -101,5 +101,6 @@ def test_egress_only_polymarket_hosts(monkeypatch):
101
101
  except pmq.OrderUncertain:
102
102
  pass # 5xx path; egress is the point
103
103
  print("hosts contacted:", sorted(hosts))
104
- foreign = {h for h in hosts if not h.endswith("polymarket.com")}
104
+ foreign = {h for h in hosts
105
+ if h != "polymarket.com" and not h.endswith(".polymarket.com")}
105
106
  assert not foreign, f"unexpected egress: {sorted(foreign)}"
@@ -1,52 +0,0 @@
1
- # pmq: engineering invariants for agents CONTRIBUTING to this repo
2
-
3
- (AGENTS.md in this repo is for agents USING the library; this file is for
4
- agents EDITING it. Read both before changing code.)
5
-
6
- ## Never weaken (the product IS these properties)
7
-
8
- 1. **The fail-closed fill contract**: a `Fill` books only what the exchange
9
- confirmed (`orderID` + `success is not False` + matched amounts); 4xx is a
10
- clean rejection; timeout/5xx raises `OrderUncertain`; unparseable = zero.
11
- Any change that books more optimistically is a regression by definition,
12
- whatever it fixes elsewhere. `reconcile()` must keep meaning cancel +
13
- `get_trades` truth.
14
- 2. **Startup introspection** (`_EXPECTED_METHODS`/`_EXPECTED_MARKET_ARGS`):
15
- the executor REFUSES to run on a drifted py-clob-client-v2. When bumping
16
- the client dependency, re-verify signatures by introspection and update
17
- the tables in the same commit.
18
- 3. **Builder code policy**: default = maintainer's code, DISCLOSED in README
19
- and code comment, opt-out one line (`builder_code=None` / env). Never
20
- hide it, never remove the disclosure, never make opt-out harder. This is
21
- the trust model (JKorf pattern).
22
- 4. **No strategy content, ever**: the maintainer's private bot strategy
23
- (bands, timing, hours, families, sizing) must never appear in code, docs,
24
- tests, commits or issues. The bot-template ships deliberately naive
25
- demos only.
26
- 5. **Claims must be falsifiable**: no superlatives in README/docs; dated
27
- claims with evidence (comparison table, on-chain receipts, measured
28
- studies). If you cannot prove it, do not write it.
29
- 6. **MCP safety gates**: trading tools are REGISTERED only when the operator
30
- sets `PMQ_MCP_LIVE=1`; per-order `PMQ_MCP_MAX_USD` cap enforced before
31
- any client call. Read tools must keep working with zero credentials.
32
-
33
- ## Working rules
34
-
35
- * Tests green (`pytest -q`) and `ruff check .` clean before any push; add
36
- tests with every behavior change. Network-touching tests go to
37
- `tests/test_canary_live.py` behind `PMQ_CANARY=1`, never in default CI.
38
- * Exchange rules (min size, tick, fee rate) are READ from the venue
39
- (`book_meta`, `fee_rate`), not hardcoded. `FEE_RATES` is a documented
40
- snapshot of the official schedule used for estimates.
41
- * Releases: bump version in `pyproject.toml` AND `src/pmq/__init__.py`,
42
- update CHANGELOG.md, push, then `gh release create vX.Y.Z`: PyPI publish
43
- is automatic via trusted publishing (no tokens anywhere). PyPI name is
44
- `pmquant`, import name `pmq`: keep the README line explaining it.
45
- * The weekly canary workflow is the drift alarm: if it opens an issue, the
46
- fix starts by re-running the introspection against the new surface, not
47
- by loosening the checks.
48
- * Keep the library small and auditable (five modules): resist adding
49
- dependencies; stdlib first. Anything bot-shaped belongs in bot-template/,
50
- not in the package.
51
- * Style: no em-dashes and no " - " connectors anywhere (strong user rule);
52
- keep comments sparse and constraint-focused.
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes