PyPI - sondera-harness - Versions diffs - 0.7.0__tar.gz → 0.7.1__tar.gz - Mend

sondera-harness 0.7.0tar.gz → 0.7.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sondera-harness
-Version: 0.7.0
+Version: 0.7.1
 Summary: Sondera Harness SDK for Python - Agent governance and policy enforcement
 Author-email: Sondera AI <sdk@sondera.ai>
 License-Expression: MIT
@@ -27,7 +27,6 @@ Requires-Dist: cedar-python>=0.1.1
 Requires-Dist: click>=8.0.0
 Requires-Dist: click-default-group>=1.2.4
 Requires-Dist: grpcio>=1.76.0
-Requires-Dist: grpcio-tools>=1.76.0
 Requires-Dist: httpx>=0.27.0
 Requires-Dist: pydantic>=2.12.0
 Requires-Dist: pydantic-settings>=2.12.0

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "sondera-harness"
-version = "0.7.0"
+version = "0.7.1"
 description = "Sondera Harness SDK for Python - Agent governance and policy enforcement"
 readme = "README.md"
 requires-python = ">=3.12,<3.15"
@@ -30,7 +30,6 @@ dependencies = [
     "click>=8.0.0",
     "click-default-group>=1.2.4",
     "grpcio>=1.76.0",
-    "grpcio-tools>=1.76.0",
     "httpx>=0.27.0",
     "pydantic>=2.12.0",
     "pydantic-settings>=2.12.0",
@@ -71,6 +70,7 @@ dev = [
     "textual-dev>=1.8.0",
     "ruff>=0.8.0",
     "pyright",
+    "grpcio-tools>=1.76.0",
 ]
 examples = [
     "sondera-examples-adk",

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/__init__.py RENAMED Viewed

@@ -68,8 +68,8 @@ from sondera.types import (
     Content,
     Decision,
     Parameter,
-    PolicyAnnotation,
     PolicyEngineMode,
+    PolicyMetadata,
     PromptContent,
     Role,
     SourceCode,
@@ -112,7 +112,7 @@ __all__ = [
     "AdjudicatedStep",
     "AdjudicatedTrajectory",
     "AdjudicationRecord",
-    "PolicyAnnotation",
+    "PolicyMetadata",
     "Decision",
     # Exceptions
     "SonderaError",

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/harness/cedar/harness.py RENAMED Viewed

@@ -15,6 +15,7 @@ from cedar import (
     EntityUid,
     PolicySet,
     Request,
+    Response,
     Schema,
 )
 from sondera.harness.abc import Harness as AbstractHarness
@@ -23,7 +24,7 @@ from sondera.types import (
     Agent,
     Content,
     Decision,
-    PolicyAnnotation,
+    PolicyMetadata,
     PromptContent,
     Role,
     Stage,
@@ -95,7 +96,6 @@ class CedarPolicyHarness(AbstractHarness):
         if policy_set is None:
             raise ValueError("policy_set is required")
-        self._cedar_schema = schema
         # Exclude None values when serializing to JSON for Cedar compatibility
         self._schema = Schema.from_json(schema.model_dump_json(exclude_none=True))
@@ -105,10 +105,18 @@ class CedarPolicyHarness(AbstractHarness):
         else:
             self._policy_set = policy_set
+        seen_ids: set[str] = set()
         for policy in self._policy_set.policies():
             annotations = policy.annotations()
+            if "id" not in annotations:
+                raise ValueError(
+                    f"Policy '{policy.id()}' is missing required @id annotation."
+                )
+            policy_id = annotations["id"]
+            if policy_id in seen_ids:
+                self._logger.warning(f"Duplicate policy @id: '{policy_id}'")
+            seen_ids.add(policy_id)
             if "escalate" in annotations and str(policy.effect()) != "Forbid":
-                policy_id = annotations.get("id", policy.id())
                 raise ValueError(
                     f"Policy '{policy_id}' has @escalate but is not a forbid policy. "
                     "@escalate is only valid on forbid policies."
@@ -270,50 +278,65 @@ class CedarPolicyHarness(AbstractHarness):
                     decision=Decision.ALLOW,
                     reason="Non-tool content allowed by default",
                 )
-        assert request is not None, "Unexpected none request"
         response = self._authorizer.is_authorized(request, self._policy_set)
-        if str(response.decision) == "Allow":
-            return Adjudication(
-                decision=Decision.ALLOW,
-                reason=f"Allowed by policies: {response.reason}",
-            )
+        return self._convert_cedar_response_to_adjudication(response)
-        annotations: list[PolicyAnnotation] = []
-        hard_deny_ids = []
+    def _convert_cedar_response_to_adjudication(
+        self, response: Response
+    ) -> Adjudication:
+        escalate_policies = []
+        non_escalate_policies = []
         for internal_id in response.reason:
             policy = self._policy_set.policy(internal_id)
             if policy is None:
                 raise RuntimeError(f"Policy '{internal_id}' not found in policy set")
-            policy_annotations = policy.annotations()
-            if "escalate" not in policy_annotations:
-                hard_deny_ids.append(internal_id)
+            cedar_policy_annotations = policy.annotations()
+            non_default_annotations = {
+                k: v
+                for k, v in cedar_policy_annotations.items()
+                if k not in ("id", "reason", "escalate")
+            }
+            is_escalate = "escalate" in cedar_policy_annotations
+            policy_metadata = PolicyMetadata(
+                id=cedar_policy_annotations["id"],
+                description=cedar_policy_annotations.get("reason", ""),
+                escalate=is_escalate,
+                escalate_arg=cedar_policy_annotations.get("escalate", ""),
+                custom=non_default_annotations,
+            )
+            if is_escalate:
+                escalate_policies.append(policy_metadata)
             else:
-                custom = {
-                    k: v
-                    for k, v in policy_annotations.items()
-                    if k not in ("id", "reason", "escalate")
-                }
-                annotations.append(
-                    PolicyAnnotation(
-                        id=policy_annotations.get("id", internal_id),
-                        description=policy_annotations.get("reason", ""),
-                        escalate=True,
-                        escalate_arg=policy_annotations["escalate"],
-                        custom=custom,
-                    )
-                )
+                non_escalate_policies.append(policy_metadata)
-        if not hard_deny_ids and annotations:
+        if str(response.decision) == "Allow":
+            # The @escalate annotation is only valid for `forbid` Cedar policies, so we can
+            # just return the non-escalate policies here:
             return Adjudication(
-                decision=Decision.ESCALATE,
-                reason=f"Escalated by policies: {response.reason}",
-                annotations=annotations,
+                decision=Decision.ALLOW,
+                reason="Allowed by all policies",
+                policies=non_escalate_policies,
             )
-        else:
+        # At this point we know the Cedar decision was DENY, so we just need to figure out if the
+        # final decision should be a hard DENY or else ESCALATE.
+        if non_escalate_policies:
             return Adjudication(
                 decision=Decision.DENY,
-                reason=f"Denied by policies: {hard_deny_ids}",
+                reason="Denied by policies",
+                policies=non_escalate_policies,
             )
+        if escalate_policies:
+            return Adjudication(
+                decision=Decision.ESCALATE,
+                reason="Escalated by policies",
+                policies=escalate_policies,
+            )
+        # Default deny because no policies matched (neither permit nor forbid/escalate)
+        return Adjudication(
+            decision=Decision.DENY,
+            reason="No matching permit policy",
+            policies=[],
+        )
     def _message_request(
         self,

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/harness/sondera/_grpc.py RENAMED Viewed

@@ -16,8 +16,8 @@ from sondera.types import (
     Decision,
     GuardrailContext,
     Parameter,
-    PolicyAnnotation,
     PolicyEngineMode,
+    PolicyMetadata,
     PromptContent,
     Role,
     SourceCode,
@@ -127,9 +127,9 @@ def _convert_pb_adjudication_to_sdk(
         primitives_pb2.DECISION_ESCALATE: Decision.ESCALATE,
     }
-    # Convert annotations
-    annotations = [
-        PolicyAnnotation(
+    # Convert annotations to PolicyMetadata
+    policies = [
+        PolicyMetadata(
             id=ann.id if ann.HasField("id") else "",
             description=ann.description if ann.HasField("description") else "",
             custom=dict(ann.custom),
@@ -140,8 +140,7 @@ def _convert_pb_adjudication_to_sdk(
     return Adjudication(
         decision=decision_map[adjudication.decision],
         reason=adjudication.reason,
-        policy_ids=list(adjudication.policy_ids),
-        annotations=annotations,
+        policies=policies,
     )

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/harness/sondera/harness.py RENAMED Viewed

@@ -562,30 +562,6 @@ class SonderaRemoteHarness(AbstractHarness):
             )
             raise
-    async def _list_trajectory_steps(
-        self, trajectory_id: str
-    ) -> list[primitives_pb2.AdjudicatedStep]:
-        """List trajectory steps internally."""
-        request = harness_pb2.GetTrajectoryRequest(
-            trajectory_id=trajectory_id,
-        )
-        await self._ensure_connected()
-        assert self._stub is not None, "Client not connected"
-        # Inject organization_id and auth metadata
-        metadata = self._get_metadata()
-        try:
-            response = await self._stub.GetTrajectory(request, metadata=metadata)
-            return list(response.steps)
-        except grpc.aio.AioRpcError as e:
-            if e.code() == grpc.StatusCode.NOT_FOUND:
-                return []
-            logging.error(
-                f"Failed to list trajectory steps for {trajectory_id}: {e.code()} - {e.details()}"
-            )
-            raise
     async def _list_agents(
         self,
         provider_id: str | None = None,

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/tui/widgets/violation_panel.py RENAMED Viewed

@@ -53,20 +53,22 @@ class ViolationPanel(Widget):
         with Container(classes="reason-container"):
             yield Markdown(record.adjudication.reason, classes="reason-text")
-        # Annotations section
-        annotations = record.adjudication.annotations
-        if annotations:
-            yield Static("[bold]Policy Annotations[/bold]", classes="section-header")
+        # Policies section
+        policies = record.adjudication.policies
+        if policies:
+            yield Static("[bold]Policies[/bold]", classes="section-header")
             with VerticalScroll(classes="annotations-container"):
-                for ann in annotations:
+                for policy in policies:
                     with Container(classes="annotation-card"):
-                        yield Static(f"[bold]{ann.id}[/bold]", classes="annotation-id")
-                        if ann.description:
+                        yield Static(
+                            f"[bold]{policy.id}[/bold]", classes="annotation-id"
+                        )
+                        if policy.description:
                             yield Static(
-                                ann.description, classes="annotation-description"
+                                policy.description, classes="annotation-description"
                             )
-                        if ann.custom:
+                        if policy.custom:
                             with Grid(classes="annotation-custom-grid"):
-                                for key, value in ann.custom.items():
+                                for key, value in policy.custom.items():
                                     yield Static(f"{key}:", classes="label")
                                     yield Static(value, classes="value")

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/tui/widgets/violations_list.py RENAMED Viewed

@@ -44,15 +44,13 @@ class ViolationsList(Widget):
             reason = record.adjudication.reason
             reason_display = reason[:40] + "..." if len(reason) > 43 else reason
-            # Format annotations as comma-separated policy IDs
-            annotations = record.adjudication.annotations
-            if annotations:
-                ann_ids = [ann.id for ann in annotations]
-                annotations_display = ", ".join(ann_ids)
-                if len(annotations_display) > 30:
-                    annotations_display = annotations_display[:27] + "..."
+            # Format policies as comma-separated policy IDs
+            if record.adjudication.policies:
+                policies_display = ", ".join(p.id for p in record.adjudication.policies)
+                if len(policies_display) > 30:
+                    policies_display = policies_display[:27] + "..."
             else:
-                annotations_display = "-"
+                policies_display = "-"
             table.add_row(
                 decision_display,
@@ -66,7 +64,7 @@ class ViolationsList(Widget):
                 if len(record.step_id) > 11
                 else record.step_id,
                 reason_display,
-                annotations_display,
+                policies_display,
             )
     def get_selected_adjudication(self) -> AdjudicationRecord | None:

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera/types.py RENAMED Viewed

@@ -231,19 +231,19 @@ class GuardrailContext(Model):
     """Map of check name to check result."""
-class PolicyAnnotation(Model):
-    """Annotation from a policy evaluation."""
+class PolicyMetadata(Model):
+    """Metadata about a policy that contributed to an adjudication decision."""
     id: str
-    """Unique identifier of the policy that produced this annotation."""
+    """Unique identifier of the policy."""
     description: str
-    """Human-readable description of why this annotation was added."""
+    """Human-readable description from the policy's @reason annotation."""
     escalate: bool = False
     """Whether this policy requires escalation to a human or other oracle to decide the final verdict."""
     escalate_arg: str = ""
     """The argument passed to @escalate, if any."""
     custom: dict[str, str] = Field(default_factory=dict)
-    """Custom key-value metadata from the policy."""
+    """Custom key-value metadata from the policy's annotations."""
 class Adjudication(Model):
@@ -253,10 +253,9 @@ class Adjudication(Model):
     """Whether the input is allowed."""
     reason: str
     """Reason for the adjudication decision."""
-    policy_ids: list[str] = Field(default_factory=list)
-    """IDs of policies that contributed to this decision."""
-    annotations: list[PolicyAnnotation] = Field(default_factory=list)
-    """Annotations from policy evaluations."""
+    policies: list[PolicyMetadata] = Field(default_factory=list)
+    """Policies that determined this decision. Each entry contains the policy's
+    id, description (from @reason annotation), escalation info, and custom metadata."""
 class AdjudicatedStep(Model):

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera_harness.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sondera-harness
-Version: 0.7.0
+Version: 0.7.1
 Summary: Sondera Harness SDK for Python - Agent governance and policy enforcement
 Author-email: Sondera AI <sdk@sondera.ai>
 License-Expression: MIT
@@ -27,7 +27,6 @@ Requires-Dist: cedar-python>=0.1.1
 Requires-Dist: click>=8.0.0
 Requires-Dist: click-default-group>=1.2.4
 Requires-Dist: grpcio>=1.76.0
-Requires-Dist: grpcio-tools>=1.76.0
 Requires-Dist: httpx>=0.27.0
 Requires-Dist: pydantic>=2.12.0
 Requires-Dist: pydantic-settings>=2.12.0

{sondera_harness-0.7.0 → sondera_harness-0.7.1}/src/sondera_harness.egg-info/requires.txt RENAMED Viewed

@@ -2,7 +2,6 @@ cedar-python>=0.1.1
 click>=8.0.0
 click-default-group>=1.2.4
 grpcio>=1.76.0
-grpcio-tools>=1.76.0
 httpx>=0.27.0
 pydantic>=2.12.0
 pydantic-settings>=2.12.0