secureapp-python-agent 26.5.0__tar.gz

secureapp_python_agent-26.5.0/.editorconfig

@@ -0,0 +1,10 @@
+# EditorConfig helps maintain consistent coding styles
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 4
+trim_trailing_whitespace = true

secureapp_python_agent-26.5.0/.gitignore

@@ -0,0 +1,151 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Virtual environments
+venv/
+env/
+ENV/
+.venv/
+.env/
+
+# PyInstaller
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+pytest-results.xml
+.hypothesis/
+.pytest_cache/
+.testmondata
+
+# Setuptools-scm auto-generated version file
+src/splunk_secureapp_opentelemetry_extension/_version.py
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# celery beat schedule file
+celerybeat-schedule
+
+# SageMath parsed files
+*.sage.py
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# macOS
+.DS_Store
+
+# Windows
+Thumbs.db
+ehthumbs.db
+Desktop.ini
+
+# Security reports
+bandit-report.json
+safety-report.json
+
+# Temporary files
+*.tmp
+*.temp
+.temp/
+
+# Local configuration and logs
+logs/
+.env.local
+.env.*.local
+
+# Backup files
+*.bak
+*.backup
+
+# Logs directory for logging
+logs/*

secureapp_python_agent-26.5.0/.gitlab-ci.yml

@@ -0,0 +1,253 @@
+include:
+    - project: observability/shared/gitlab-jobs
+      ref: 3.1.15
+      file:
+          - oss-scan-template.yml
+          - sast-scan-template.yml
+    - template: "Workflows/MergeRequest-Pipelines.gitlab-ci.yml"
+    - project: ci-cd/templates
+      file: /cicd/sonarqube-3.0.1.yml
+
+variables:
+  # Using Python 3.13 with trixie (Debian 13) base
+  PY3_IMAGE: docker.repo.splunkdev.net/ci-cd/ci-container/python-3.13-trixie:5.3.0
+  # Ensure full git history for setuptools-scm versioning
+  GIT_DEPTH: 0
+  # Set cache configuration
+  CACHE_KEY: ${CI_COMMIT_REF_SLUG}
+  CACHE_PATHS: ".pip-cache/"
+  ENABLE_SONARQUBE:
+    value: "true"
+    options:
+      - "true"
+      - "false"
+    description: >-
+      Enable SonarQube code quality scanning. Set to 'false' to disable.
+
+image: ${PY3_IMAGE}
+
+stages:
+    - code_analysis
+    - test
+    - build
+    - publish
+
+# Enable caching to speed up dependency installation
+cache:
+  key: ${CACHE_KEY}
+  paths:
+    - ${CACHE_PATHS}
+  when: always
+
+# Global before_script for dependency installation optimization
+.base_setup: &base_setup
+  before_script:
+    - mkdir -p .pip-cache
+    - pip config set global.cache-dir .pip-cache
+    - make venv-install
+
+# Core unit tests with coverage validation
+test:unit:
+    stage: test
+    <<: *base_setup
+    script:
+        - make all  # Runs format, lint, typecheck, test with 85% coverage
+    coverage: '/TOTAL.*\s+(\d+%)$/'
+    artifacts:
+        reports:
+            junit: pytest-results.xml  # Added for better GitLab test integration
+            coverage_report:
+                coverage_format: cobertura
+                path: coverage.xml
+        paths:
+            - htmlcov/
+            - coverage.xml
+    rules:
+        - if: $CI_PIPELINE_SOURCE == "schedule"
+          when: never
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+        - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+        - if: $CI_COMMIT_TAG
+
+# Build stage with proper dependencies
+build:wheel:
+    stage: build
+    needs:
+        - semgrep
+        - test:unit    # Ensures tests pass with 85% coverage
+    <<: *base_setup
+    script:
+        - make build
+    artifacts:
+        paths:
+            - dist/
+    rules:
+        - if: $CI_PIPELINE_SOURCE == "schedule"
+          when: never
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+        - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+        - if: $CI_COMMIT_TAG
+
+# Shared publish template to reduce duplication
+.publish_template: &publish_template
+    stage: publish
+    <<: *base_setup
+    script:
+        - venv/bin/python -m twine check dist/*
+        - venv/bin/python -m twine upload --verbose --non-interactive ${TWINE_REPOSITORY_URL:+--skip-existing} dist/*
+# testPypi - using variable set TEST_TWINE_PASSWORD to API TOKEN - Tag PyPITest
+publish:test:
+    <<: *publish_template
+    needs:
+        - job: build:wheel
+          artifacts: true
+    variables:
+        TWINE_USERNAME: __token__
+        TWINE_PASSWORD: $TEST_TWINE_PASSWORD
+        TWINE_REPOSITORY_URL: https://test.pypi.org/legacy/
+    rules:
+        - if: '$CI_COMMIT_TAG == "PyPITest"'
+# pypi - using o11y-gdi set API TOKEN
+publish:production:
+    <<: *publish_template
+    needs:
+        - job: build:wheel
+          artifacts: true
+    variables:
+        TWINE_USERNAME: __token__
+        TWINE_PASSWORD: $TWINE_PASSWORD
+    rules:
+        - if: $CI_PIPELINE_SOURCE == "schedule"
+          when: never
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+
+# Python version compatibility matrix testing
+test:python-matrix:
+    stage: test
+    image: docker.repo.splunkdev.net/ci-cd/ci-container/python-${PYTHON_VERSION}-trixie:5.3.0
+    needs:
+        - test:unit  # Explicit dependency for better pipeline visualization
+    <<: *base_setup
+    script:
+        - make test  # Run tests for the specific Python version in this container
+    artifacts:
+        reports:
+            junit: pytest-results.xml
+        paths:
+            - htmlcov/
+            - coverage.xml
+    parallel:
+        matrix:
+            - PYTHON_VERSION: ["3.10", "3.11", "3.12", "3.13", "3.14"]
+    rules:
+        # Run on main branch for comprehensive validation
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+        # Run on git tags to ensure release compatibility
+        - if: $CI_COMMIT_TAG
+        # Manual trigger for merge requests (allow_failure for optional testing)
+        - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+
+# Add OpenTelemetry version compatibility testing
+test:otel-versions:
+    stage: test
+    image: ${PY3_IMAGE}
+    needs:
+        - test:unit
+    <<: *base_setup
+    script:
+        - pip uninstall -y opentelemetry-api opentelemetry-sdk opentelemetry-exporter-otlp
+        - pip install opentelemetry-api==${OTEL_VERSION} opentelemetry-sdk==${OTEL_VERSION} opentelemetry-exporter-otlp==${OTEL_VERSION}
+        - echo "Installed OpenTelemetry packages:"
+        - pip show opentelemetry-api | grep "Version"
+        - pip show opentelemetry-sdk | grep "Version"
+        - pip show opentelemetry-exporter-otlp | grep "Version"
+        - make test
+    parallel:
+        matrix:
+            - OTEL_VERSION: ["1.27.0", "1.30.0", "1.35.0", "1.38.0", "1.39.0", "1.39.1"]
+    rules:
+        # Run on main branch for comprehensive validation
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+        # Run on git tags to ensure release compatibility
+        - if: $CI_COMMIT_TAG
+        # Manual trigger for merge requests
+        - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+          when: manual
+          allow_failure: true
+
+# Performance benchmarks and validation
+test:benchmarks:
+    stage: test
+    needs:
+        - test:unit  # Ensure core tests pass before performance testing
+    <<: *base_setup
+    script:
+        - make benchmark  # Runs performance benchmarks with mocking
+    artifacts:
+        reports:
+            junit: dev/benchmarks/results/benchmark-results.xml
+        paths:
+            - dev/benchmarks/results/
+    variables:
+        # Performance testing configuration
+        SPLUNK_SECUREAPP_DEPENDENCY_INITIAL_DELAY: "1"
+        SPLUNK_SECUREAPP_DEPENDENCY_SCAN_INTERVAL: "30"
+    rules:
+        # Run performance tests on main branch
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+          when: manual
+          allow_failure: true
+        # Run on git tags to validate release performance
+        - if: $CI_COMMIT_TAG
+          when: manual
+          allow_failure: true
+        # Optional for merge requests
+        - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+          when: manual
+          allow_failure: true
+
+sonarqube:
+    stage: test
+    interruptible: true
+    allow_failure: true
+    needs:
+        - job: test:unit
+          optional: true
+          artifacts: true
+    rules:
+        - if: $ENABLE_SONARQUBE != "true"
+          when: never
+        - if: $CI_COMMIT_TAG
+        - if: $CI_MERGE_REQUEST_IID
+        - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+    script:
+        - |
+            SONAR_ARGS="-Dsonar.qualitygate.wait=true"
+            if [ -n "$CI_COMMIT_TAG" ]; then
+              SONAR_ARGS="${SONAR_ARGS} -Dsonar.branch.name=${CI_DEFAULT_BRANCH}"
+              echo "Tag detected: reporting analysis to branch ${CI_DEFAULT_BRANCH}"
+            elif [ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ]; then
+              SONAR_ARGS="${SONAR_ARGS} -Dsonar.branch.name=${CI_DEFAULT_BRANCH}"
+              echo "Default branch: reporting analysis to branch ${CI_DEFAULT_BRANCH}"
+            fi
+            SONAR_AUTH_TOKEN="${SONAR_TOKEN:-$SONAR_LOGIN_TOKEN}"
+            if [ -z "$SONAR_AUTH_TOKEN" ]; then
+              if [ "$CI_PIPELINE_SOURCE" = "merge_request_event" ] && [ "$CI_COMMIT_REF_PROTECTED" != "true" ]; then
+                echo "Skipping SonarQube analysis: SONAR_TOKEN or SONAR_LOGIN_TOKEN is unavailable for this unprotected merge request ref."
+                exit 0
+              fi
+              echo "SONAR_TOKEN or SONAR_LOGIN_TOKEN must be configured for SonarQube analysis."
+              exit 1
+            fi
+            sonar-scanner -Dsonar.token="$SONAR_AUTH_TOKEN" ${SONAR_ARGS}
+    after_script:
+        - |
+            if [ "$CI_JOB_STATUS" = "failed" ]; then
+              mkdir -p .scannerwork
+              touch .scannerwork/.keep
+            fi
+    artifacts:
+        paths:
+            - .scannerwork/
+        when: on_failure
+        expire_in: 7 days

secureapp_python_agent-26.5.0/.o11y-doctor.yaml

@@ -0,0 +1,20 @@
+# The Doctor (http://go/the-doctor) configuration for this repository
+
+assignMergeRequestReviewersFromGroups:
+  groups:
+    - sg-cloud-o11y-secureapp-dev
+  ignoreLabels:
+    - dependency-update
+  except:
+   - bot_polyjuice
+
+closeStaleMergeRequests:
+  staleAfterDays: 28
+  closeAfterStaleDays: 7
+
+unassignReviewersFromDrafts: {}
+
+assignUnassignedMergeRequests: {}
+
+approveRenovateUpdates:
+  requireLabel: auto-merge-enabled

secureapp_python_agent-26.5.0/.service-manifests/python-agent-component.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+    name: secure-app-python
+    title: secure-app-python
+    functionalDomain:
+        - o11y
+    description: This is secureapp backend
+    annotations:
+        backstage.io/source-location: url:https://cd.splunkdev.com/o11y-gdi/secure-app-python
+        splunk.com/issue-tracker-url: https://splunk.atlassian.net/jira/software/c/projects
+        splunk.com/slack-url: http://go/slack/o11y-app-platform
+        backstage.io/view-url: https://cd.splunkdev.com/o11y-gdi/secure-app-python/.service-manifests/python-agent-component.yaml
+        backstage.io/edit-url: https://cd.splunkdev.com/o11y-gdi/secure-app-python/.service-manifests/python-agent-component.yaml
+    links: []
+spec:
+    lifecycle: experimental
+    type: service
+    owner: group:sg-cloud-o11y-secureapp-dev

secureapp_python_agent-26.5.0/CODEOWNERS

@@ -0,0 +1 @@
+* @okta-groups/sg-cloud-o11y-secureapp-dev @okta-groups/sg-cloud-o11y-gdi-eng

secureapp_python_agent-26.5.0/LICENSE

@@ -0,0 +1,2 @@
+
+The terms governing use of the code is at this site: https://www.splunk.com/en_us/legal/splunk-general-terms.html

secureapp_python_agent-26.5.0/Makefile

@@ -0,0 +1,226 @@
+# Makefile for Splunk SecureApp Python Agent Development
+
+VENV_NAME ?= venv
+VENV_DIR := $(VENV_NAME)
+PYTHON := $(VENV_DIR)/bin/python
+PIP := $(VENV_DIR)/bin/pip
+
+# OpenTelemetry packages for version testing
+OTEL_PACKAGES := opentelemetry-api opentelemetry-sdk opentelemetry-exporter-otlp
+
+# Reusable functions
+define install_otel_version
+	$(PYTHON) -m pip uninstall -y $(OTEL_PACKAGES)
+	$(PYTHON) -m pip install $(foreach pkg,$(OTEL_PACKAGES),$(pkg)==$(1))
+endef
+
+define restore_deps
+	@echo "🔄 Restoring original dependencies..."
+	$(PYTHON) -m pip uninstall -y $(OTEL_PACKAGES)
+	$(PYTHON) -m pip install -e .
+endef
+
+.PHONY: help venv-install test test-matrix tox lint format typecheck \
+        check-license build clean all benchmark debug debug-packages debug-performance \
+        publish validate-env show-version test-otel-versions quick-test venv-update \
+        test-otel-version test-local-otel-matrix
+
+help:
+	@echo "SecureApp Python Agent - Development Commands"
+	@echo ""
+	@echo "🚀 Quick Start:"
+	@echo "  make venv-install  # One-time setup: creates venv + installs all dependencies"
+	@echo "  make all           # Complete validation pipeline (matches GitLab CI exactly)"
+	@echo ""
+	@echo "📋 Setup & Environment:"
+	@echo "  venv-install       - Setup development environment with all dependencies"
+	@echo "  venv-update        - Update existing venv with new dependencies (faster than reinstall)"
+	@echo "  validate-env       - Validate Python version and tool availability"
+	@echo ""
+	@echo "🧪 Testing Commands:"
+	@echo "  all               - Complete validation: format → lint → typecheck → test (85% coverage)"
+	@echo "  test              - Run tests with 85% coverage requirement"
+	@echo "  quick-test        - Run only tests affected by recent changes (fastest for development)"
+	@echo ""
+	@echo "🔬 Compatibility Testing:"
+	@echo "  test-matrix       - Run tests across all Python versions (PARALLEL: faster, uses tox -p auto)"
+	@echo "  tox               - Run tests across all Python versions (SEQUENTIAL: slower, clearer output)"
+	@echo "  test-otel-versions - Test with different OpenTelemetry versions"
+	@echo "  test-otel-version  - Test with a specific OpenTelemetry version (OTEL_VERSION=X.Y.Z)"
+	@echo "  test-local-otel-matrix - Run full OTel version matrix tests locally"
+	@echo ""
+	@echo "🔧 Code Quality:"
+	@echo "  format            - Format code with ruff (auto-fixes style issues)"
+	@echo "  lint              - Run linting with auto-fix (catches bugs + style violations)"
+	@echo "  typecheck         - Run type checking with mypy (ensures type safety)"
+	@echo "  check-license     - Verify and add license headers to Python files"
+	@echo ""
+	@echo "🚀 Performance & Analysis:"
+	@echo "  benchmark          - Run complete benchmark suite (startup, memory, CPU impact)"
+	@echo "  debug             - Interactive debug analyzer (explore runtime state)"
+	@echo ""
+	@echo "🔍 Debug & Troubleshooting:"
+	@echo "  debug-packages    - Show current runtime package analysis"
+	@echo "  debug-performance - Run performance analysis"
+	@echo ""
+	@echo "📦 Build & Release:"
+	@echo "  build             - Build distribution packages (wheel + sdist)"
+	@echo "  publish           - Publish package to Artifactory (requires credentials)"
+	@echo "  clean             - Clean all build artifacts and caches (preserves venv)"
+	@echo "  show-version      - Show current version from setuptools-scm"
+	@echo ""
+	@echo "💡 Common Workflows:"
+	@echo "  • Daily Development: make quick-test → make all"
+	@echo "  • Before Committing: make all"
+	@echo "  • OpenTelemetry Changes: make test-otel-versions"
+	@echo "  • Python Version Testing: make tox (tests Python 3.10-3.14)"
+	@echo "  • Performance Validation: make benchmark or tox -e benchmark"
+	@echo "  • Environment Update: make venv-update → make validate-env"
+	@echo ""
+	@echo "📊 Requirements:"
+	@echo "  • Performance: <100ms startup, <10MB memory, 85%+ coverage"
+	@echo "  • Compatibility: Python 3.10-3.14, OpenTelemetry 1.27.0-1.39.x (tested up to 1.39.1)"
+
+# Setup development environment (one command for new developers)
+$(PYTHON):
+	@echo "🔍 Creating virtual environment..."
+	python3 -m venv $(VENV_DIR)
+	$(PIP) install --upgrade pip
+
+venv-install: $(PYTHON)
+	$(PIP) install -e .[dev]
+	@echo "✅ Development environment ready!"
+	@echo "Run 'make all' to validate your setup."
+
+# Update existing venv with new dependencies (faster than reinstall)
+venv-update: $(PYTHON)
+	@echo "🔄 Updating virtual environment dependencies..."
+	$(PIP) install --upgrade pip
+	$(PIP) install -e .[dev] --upgrade
+	@echo "✅ Dependencies updated!"
+
+# Core development workflow
+test:
+	$(PYTHON) -m pytest tests --junit-xml=pytest-results.xml
+
+# Run only tests affected by recent changes (fastest for development)
+quick-test:
+	@echo "🚀 Running only tests affected by recent changes..."
+	$(PYTHON) -m pytest tests -xvs --testmon --no-cov
+
+tox:
+	tox
+
+lint:
+	$(PYTHON) -m ruff check src tests dev --fix
+
+format:
+	$(PYTHON) -m ruff format src tests dev
+
+typecheck:
+	$(PYTHON) -m mypy src tests
+
+check-license:
+	@echo "🔍 Checking license headers..."
+	@echo "Files being checked: src/ tests/ dev/ examples/"
+	find src tests dev examples -name "*.py" -type f -exec $(PYTHON) dev/scripts/check_license.py {} +
+	@echo "✅ License check complete"
+
+# Build distribution packages
+build:
+	$(PYTHON) -m build
+
+clean:
+	@echo "🧹 Cleaning build artifacts and caches..."
+	rm -rf build/ dist/ *.egg-info/ src/*.egg-info/ venv/ logs/
+	rm -rf .coverage* .testmondata pytest-results.xml htmlcov/ coverage.xml .pytest_cache/ .mypy_cache/ .ruff_cache/ .tox/
+	rm -rf tests/htmlcov/ tests/coverage.xml tests/.coverage
+	rm -rf dev/benchmarks/results/ dev/benchmarks/.pytest_cache/
+	rm -f src/splunk_secureapp_opentelemetry_extension/_version.py
+	rm -f o11y_test_application/otel-collector/otelcol_darwin_amd64
+	rm -f o11y_test_application/otel-collector/out.txt
+	find . -type d -name __pycache__ -exec rm -rf {} + 2>/dev/null || true
+	find . -type f -name "*.pyc" -delete 2>/dev/null || true
+	find . -type f -name "*.pyo" -delete 2>/dev/null || true
+	find . -type f -name "*.orig" -delete 2>/dev/null || true
+	find . -type f -name "*.rej" -delete 2>/dev/null || true
+	find . -type f -name ".DS_Store" -delete 2>/dev/null || true
+	@echo "✅ Clean complete"
+
+# Complete validation pipeline - enforces 85% coverage
+all: format lint typecheck test
+	@echo "✅ All checks passed! (format → lint → typecheck → test with 85% coverage)"
+
+# Performance benchmarks
+benchmark:
+	@echo "🚀 Running benchmark suite..."
+	$(PYTHON) dev/benchmarks/benchmark_suite.py
+
+# Debug and analysis tools
+debug:
+	@echo "🔍 Starting debug analyzer..."
+	$(PYTHON) dev/debug/debug_analyzer.py --analyze
+
+debug-packages:
+	@echo "📦 Analyzing runtime packages..."
+	$(PYTHON) dev/debug/debug_analyzer.py
+
+debug-performance:
+	@echo "⚡ Running performance analysis..."
+	$(PYTHON) dev/debug/debug_analyzer.py --performance
+
+# CI/CD Publishing target - added to go to real test pypi - config set in .pypirc - called by buildPublish.sh testpypi
+publish_testpypi:
+	@echo "📦 Publishing package to repository: testpypi..."
+	$(PYTHON) -m twine upload dist/* --repository testpypi
+
+# Matrix testing across Python versions (for advanced CI)
+test-matrix:
+	@echo "🔬 Running matrix tests..."
+	tox -p auto
+
+# Test with different OpenTelemetry versions
+test-otel-versions:
+	@echo "🔬 Testing across OpenTelemetry versions (1.27.0 to 1.35.0)..."
+	$(call install_otel_version,1.27.0)
+	@echo "✅ Testing with OpenTelemetry 1.27.0..."
+	$(PYTHON) -m pytest tests --no-cov
+	$(call install_otel_version,1.35.0)
+	@echo "✅ Testing with OpenTelemetry 1.35.0..."
+	$(PYTHON) -m pytest tests --no-cov
+	$(call restore_deps)
+	@echo "✅ OpenTelemetry compatibility testing completed successfully!"
+
+# Test with a specific OpenTelemetry version
+test-otel-version:
+	@test -n "$(OTEL_VERSION)" || (echo "❌ Error: OTEL_VERSION not specified" && echo "Usage: make test-otel-version OTEL_VERSION=X.Y.Z" && exit 1)
+	@echo "🔬 Testing with OpenTelemetry $(OTEL_VERSION)..."
+	$(call install_otel_version,$(OTEL_VERSION))
+	@$(PYTHON) -c "from importlib.metadata import distributions; pkgs=sorted('{}=={}'.format(name, d.version) for d in distributions() for name in [d.metadata.get('Name') or ''] if 'opentelemetry' in name.lower()); print('✅ Installed:', ', '.join(pkgs))"
+	$(PYTHON) -m pytest tests
+	$(call restore_deps)
+	@echo "✅ OpenTelemetry compatibility testing completed successfully!"
+
+# Run local OpenTelemetry matrix testing
+test-local-otel-matrix:
+	@echo "🔬 Running full OpenTelemetry version matrix tests locally..."
+	@for version in 1.27.0 1.30.0 1.35.0 1.38.0 1.39.0 1.39.1; do \
+		echo "🔬 Testing with OpenTelemetry $$version..."; \
+		$(PYTHON) -m pip uninstall -y $(OTEL_PACKAGES); \
+		$(PYTHON) -m pip install $(foreach pkg,$(OTEL_PACKAGES),$(pkg)==$$version); \
+		$(PYTHON) -m pytest tests --no-cov || exit 1; \
+	done
+	$(call restore_deps)
+	@echo "✅ OpenTelemetry matrix testing completed successfully!"
+
+# Validate environment and dependencies
+validate-env:
+	@echo "✅ Validating environment..."
+	@$(PYTHON) --version
+	@$(PYTHON) -c "import sys; print(f'Python: {sys.version}')"
+	@$(PYTHON) -c "import pytest, ruff, mypy; print('✅ All dev tools available')"
+
+# Release Management Commands (Git Tag-Based Versioning)
+show-version:
+	@echo "📅 Current version from setuptools-scm:"
+	@$(PYTHON) -m setuptools_scm || echo "Unable to determine version (no git tags yet)"