probity 0.1.0__tar.gz

probity-0.1.0/.github/workflows/ci.yml

@@ -0,0 +1,30 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: pip
+      - name: Install
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev]"
+      - name: Lint
+        run: ruff check .
+      - name: Type check
+        run: mypy
+      - name: Test
+        run: pytest

probity-0.1.0/.gitignore

@@ -0,0 +1,25 @@
+# Python
+__pycache__/
+*.py[cod]
+*.egg-info/
+.eggs/
+build/
+dist/
+.venv/
+venv/
+
+# Tooling caches
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+.coverage
+coverage.xml
+htmlcov/
+
+# Local artifacts
+*.log
+.DS_Store
+reports/
+
+# Editor: Python Import Helper autocomplete cache (per-machine noise)
+.vscode/PythonImportHelper-v2-Completion.json

probity-0.1.0/CHANGELOG.md

@@ -0,0 +1,30 @@
+# Changelog
+
+All notable changes to Probity are documented here.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0] - 2026-06-04
+
+First feature-complete release.
+
+### Added
+- All 20 NIS2 controls (C01–C20), each a pure `FactSet -> Finding` function
+  with attached evidence.
+- Framework mapping layer projecting NIS2 findings onto DORA and the EU AI Act.
+- Live `GitHubConnector` feeding C13 (CI/CD security), with paginated REST
+  collection and a hard page cap to prevent runaway loops.
+- `ALL_CONTROLS` registry as the single source of truth for the active
+  catalogue, consumed by both the CLI and the scan runner.
+- JSONL history store, hand-built SVG trend charts, and PDF/JSON/HTML reports.
+- Local dashboard and scheduler service.
+
+### Security
+- Zero runtime dependencies (standard library only).
+- Fail-closed control evaluation; credentials read from the environment only.
+
+### Quality
+- 252 tests, 94% coverage; `ruff` and `mypy --strict` clean.
+
+[0.1.0]: https://github.com/janpenitent/probity/releases/tag/v0.1.0

probity-0.1.0/CONTRIBUTING.md

@@ -0,0 +1,25 @@
+# Contributing
+
+## Development
+
+```bash
+python -m venv .venv && source .venv/bin/activate
+pip install -e ".[dev]"
+```
+
+## Quality gates (must pass before merge)
+
+```bash
+ruff check .      # lint + import order
+mypy              # strict type checking
+pytest            # tests + coverage (target 80%+)
+```
+
+## Conventions
+
+- TDD: write the failing test first, then the implementation.
+- Conventional Commits: `feat:`, `fix:`, `test:`, `docs:`, `chore:`, `refactor:`.
+- One control per module under `src/probity/controls/`, one connector per
+  module under `src/probity/connectors/`. Keep files small and cohesive.
+- Connectors must never raise on an empty source; controls return a `Finding`,
+  never an exception (the engine converts unexpected errors into ERROR findings).