spanforge 1.0.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (536) hide show
  1. spanforge-1.0.0/.bandit +4 -0
  2. spanforge-1.0.0/.gitattributes +2 -0
  3. spanforge-1.0.0/.github/CODEOWNERS +29 -0
  4. spanforge-1.0.0/.github/ISSUE_TEMPLATE/bug_report.yml +62 -0
  5. spanforge-1.0.0/.github/ISSUE_TEMPLATE/config.yml +8 -0
  6. spanforge-1.0.0/.github/ISSUE_TEMPLATE/feature_request.yml +42 -0
  7. spanforge-1.0.0/.github/ISSUE_TEMPLATE/rfc.yml +56 -0
  8. spanforge-1.0.0/.github/pull_request_template.md +25 -0
  9. spanforge-1.0.0/.github/workflows/ci.yml +100 -0
  10. spanforge-1.0.0/.github/workflows/release.yml +135 -0
  11. spanforge-1.0.0/.gitignore +199 -0
  12. spanforge-1.0.0/.pre-commit-hooks.yaml +32 -0
  13. spanforge-1.0.0/.sf-gate/artifacts/gate6_trust_result.json +14 -0
  14. spanforge-1.0.0/.sf-gate/artifacts/test-gate_result.json +11 -0
  15. spanforge-1.0.0/CNAME +1 -0
  16. spanforge-1.0.0/CODE_OF_CONDUCT.md +58 -0
  17. spanforge-1.0.0/CONFORMANCE.md +119 -0
  18. spanforge-1.0.0/LICENSE +128 -0
  19. spanforge-1.0.0/MAINTAINERS.md +34 -0
  20. spanforge-1.0.0/PKG-INFO +1509 -0
  21. spanforge-1.0.0/PRICING.md +116 -0
  22. spanforge-1.0.0/README.md +1405 -0
  23. spanforge-1.0.0/RELEASE.md +118 -0
  24. spanforge-1.0.0/SECURITY.md +91 -0
  25. spanforge-1.0.0/docker-compose.selfhosted.yml +71 -0
  26. spanforge-1.0.0/docs/Makefile +16 -0
  27. spanforge-1.0.0/docs/_static/.gitkeep +2 -0
  28. spanforge-1.0.0/docs/adr/ADR-001-immutable-audit-trail.md +36 -0
  29. spanforge-1.0.0/docs/adr/ADR-002-singleton-service-clients.md +42 -0
  30. spanforge-1.0.0/docs/adr/ADR-003-schema-versioning-strategy.md +38 -0
  31. spanforge-1.0.0/docs/adr/ADR-004-local-first-architecture.md +45 -0
  32. spanforge-1.0.0/docs/adr/ADR-005-sandbox-mode.md +53 -0
  33. spanforge-1.0.0/docs/adr/ADR-006-rag-tracing.md +106 -0
  34. spanforge-1.0.0/docs/adr/ADR-007-user-feedback.md +127 -0
  35. spanforge-1.0.0/docs/adr/ADR-008-sso-scim-oidc.md +130 -0
  36. spanforge-1.0.0/docs/adr/README.md +29 -0
  37. spanforge-1.0.0/docs/api/alert.md +462 -0
  38. spanforge-1.0.0/docs/api/audit.md +507 -0
  39. spanforge-1.0.0/docs/api/auto.md +190 -0
  40. spanforge-1.0.0/docs/api/cache.md +269 -0
  41. spanforge-1.0.0/docs/api/cec.md +498 -0
  42. spanforge-1.0.0/docs/api/compliance.md +260 -0
  43. spanforge-1.0.0/docs/api/config.md +119 -0
  44. spanforge-1.0.0/docs/api/consumer.md +226 -0
  45. spanforge-1.0.0/docs/api/debug.md +102 -0
  46. spanforge-1.0.0/docs/api/deprecations.md +196 -0
  47. spanforge-1.0.0/docs/api/drift.md +186 -0
  48. spanforge-1.0.0/docs/api/enterprise.md +216 -0
  49. spanforge-1.0.0/docs/api/eval.md +211 -0
  50. spanforge-1.0.0/docs/api/event.md +261 -0
  51. spanforge-1.0.0/docs/api/exceptions.md +864 -0
  52. spanforge-1.0.0/docs/api/explain.md +59 -0
  53. spanforge-1.0.0/docs/api/export.md +995 -0
  54. spanforge-1.0.0/docs/api/feedback.md +270 -0
  55. spanforge-1.0.0/docs/api/gate.md +554 -0
  56. spanforge-1.0.0/docs/api/governance.md +159 -0
  57. spanforge-1.0.0/docs/api/hooks.md +125 -0
  58. spanforge-1.0.0/docs/api/http.md +198 -0
  59. spanforge-1.0.0/docs/api/identity.md +617 -0
  60. spanforge-1.0.0/docs/api/index.md +120 -0
  61. spanforge-1.0.0/docs/api/integrations.md +610 -0
  62. spanforge-1.0.0/docs/api/io.md +128 -0
  63. spanforge-1.0.0/docs/api/lineage.md +43 -0
  64. spanforge-1.0.0/docs/api/lint.md +317 -0
  65. spanforge-1.0.0/docs/api/metrics.md +121 -0
  66. spanforge-1.0.0/docs/api/migrate.md +299 -0
  67. spanforge-1.0.0/docs/api/models.md +137 -0
  68. spanforge-1.0.0/docs/api/normalizer.md +159 -0
  69. spanforge-1.0.0/docs/api/observe.md +381 -0
  70. spanforge-1.0.0/docs/api/operator.md +49 -0
  71. spanforge-1.0.0/docs/api/pii.md +711 -0
  72. spanforge-1.0.0/docs/api/pipelines.md +146 -0
  73. spanforge-1.0.0/docs/api/plugins.md +70 -0
  74. spanforge-1.0.0/docs/api/policy.md +82 -0
  75. spanforge-1.0.0/docs/api/rag.md +262 -0
  76. spanforge-1.0.0/docs/api/rbac.md +43 -0
  77. spanforge-1.0.0/docs/api/redact.md +313 -0
  78. spanforge-1.0.0/docs/api/regression.md +125 -0
  79. spanforge-1.0.0/docs/api/schema.md +110 -0
  80. spanforge-1.0.0/docs/api/scope.md +51 -0
  81. spanforge-1.0.0/docs/api/sdk-reference.md +191 -0
  82. spanforge-1.0.0/docs/api/secrets.md +253 -0
  83. spanforge-1.0.0/docs/api/signing.md +493 -0
  84. spanforge-1.0.0/docs/api/stats.md +77 -0
  85. spanforge-1.0.0/docs/api/store.md +98 -0
  86. spanforge-1.0.0/docs/api/stream.md +317 -0
  87. spanforge-1.0.0/docs/api/testing.md +286 -0
  88. spanforge-1.0.0/docs/api/testing_mocks.md +247 -0
  89. spanforge-1.0.0/docs/api/trace.md +137 -0
  90. spanforge-1.0.0/docs/api/trust.md +222 -0
  91. spanforge-1.0.0/docs/api/types.md +293 -0
  92. spanforge-1.0.0/docs/api/ulid.md +111 -0
  93. spanforge-1.0.0/docs/api/validate.md +109 -0
  94. spanforge-1.0.0/docs/changelog.md +2253 -0
  95. spanforge-1.0.0/docs/cli.md +1966 -0
  96. spanforge-1.0.0/docs/competitor-comparison.md +33 -0
  97. spanforge-1.0.0/docs/conf.py +128 -0
  98. spanforge-1.0.0/docs/configuration.md +951 -0
  99. spanforge-1.0.0/docs/contributing.md +205 -0
  100. spanforge-1.0.0/docs/demos/enterprise-evidence-demo.md +48 -0
  101. spanforge-1.0.0/docs/demos/runtime-governance-demo.md +53 -0
  102. spanforge-1.0.0/docs/deployment/air-gapped.md +152 -0
  103. spanforge-1.0.0/docs/deployment/kubernetes.md +304 -0
  104. spanforge-1.0.0/docs/enterprise-integrations.md +54 -0
  105. spanforge-1.0.0/docs/evidence-export.md +97 -0
  106. spanforge-1.0.0/docs/ga-release-notes.md +56 -0
  107. spanforge-1.0.0/docs/index.md +178 -0
  108. spanforge-1.0.0/docs/installation.md +83 -0
  109. spanforge-1.0.0/docs/integrations/crewai.md +151 -0
  110. spanforge-1.0.0/docs/integrations/halluccheck.md +192 -0
  111. spanforge-1.0.0/docs/make.bat +35 -0
  112. spanforge-1.0.0/docs/migrations/from-langfuse.md +145 -0
  113. spanforge-1.0.0/docs/migrations/from-langsmith.md +147 -0
  114. spanforge-1.0.0/docs/migrations/from-openllmetry.md +158 -0
  115. spanforge-1.0.0/docs/migrations/v5-to-v6.md +147 -0
  116. spanforge-1.0.0/docs/namespaces/audit.md +138 -0
  117. spanforge-1.0.0/docs/namespaces/cache.md +88 -0
  118. spanforge-1.0.0/docs/namespaces/consent.md +69 -0
  119. spanforge-1.0.0/docs/namespaces/cost.md +126 -0
  120. spanforge-1.0.0/docs/namespaces/diff.md +56 -0
  121. spanforge-1.0.0/docs/namespaces/eval.md +58 -0
  122. spanforge-1.0.0/docs/namespaces/explanation.md +79 -0
  123. spanforge-1.0.0/docs/namespaces/feedback.md +161 -0
  124. spanforge-1.0.0/docs/namespaces/fence.md +52 -0
  125. spanforge-1.0.0/docs/namespaces/guard.md +37 -0
  126. spanforge-1.0.0/docs/namespaces/hitl.md +77 -0
  127. spanforge-1.0.0/docs/namespaces/index.md +73 -0
  128. spanforge-1.0.0/docs/namespaces/model_registry.md +85 -0
  129. spanforge-1.0.0/docs/namespaces/prompt.md +60 -0
  130. spanforge-1.0.0/docs/namespaces/redact_ns.md +56 -0
  131. spanforge-1.0.0/docs/namespaces/retrieval.md +215 -0
  132. spanforge-1.0.0/docs/namespaces/template.md +63 -0
  133. spanforge-1.0.0/docs/namespaces/trace.md +107 -0
  134. spanforge-1.0.0/docs/quickstart.md +707 -0
  135. spanforge-1.0.0/docs/reference-architectures.md +56 -0
  136. spanforge-1.0.0/docs/replay-simulation.md +66 -0
  137. spanforge-1.0.0/docs/rfc/adr-index.md +234 -0
  138. spanforge-1.0.0/docs/rfc/rfc-0001.md +140 -0
  139. spanforge-1.0.0/docs/runbook.md +1043 -0
  140. spanforge-1.0.0/docs/runtime-governance-contracts.md +80 -0
  141. spanforge-1.0.0/docs/runtime-governance.md +168 -0
  142. spanforge-1.0.0/docs/schema/README.md +341 -0
  143. spanforge-1.0.0/docs/schema/envelope.schema.json +182 -0
  144. spanforge-1.0.0/docs/schema/payloads/agent-run.schema.json +145 -0
  145. spanforge-1.0.0/docs/schema/payloads/agent-step.schema.json +198 -0
  146. spanforge-1.0.0/docs/schema/payloads/audit.schema.json +171 -0
  147. spanforge-1.0.0/docs/schema/payloads/cache.schema.json +193 -0
  148. spanforge-1.0.0/docs/schema/payloads/consent.schema.json +70 -0
  149. spanforge-1.0.0/docs/schema/payloads/cost.schema.json +138 -0
  150. spanforge-1.0.0/docs/schema/payloads/diff.schema.json +150 -0
  151. spanforge-1.0.0/docs/schema/payloads/eval.schema.json +251 -0
  152. spanforge-1.0.0/docs/schema/payloads/explanation.schema.json +96 -0
  153. spanforge-1.0.0/docs/schema/payloads/fence.schema.json +181 -0
  154. spanforge-1.0.0/docs/schema/payloads/guard.schema.json +125 -0
  155. spanforge-1.0.0/docs/schema/payloads/hitl.schema.json +80 -0
  156. spanforge-1.0.0/docs/schema/payloads/model-registry.schema.json +74 -0
  157. spanforge-1.0.0/docs/schema/payloads/prompt.schema.json +181 -0
  158. spanforge-1.0.0/docs/schema/payloads/redact.schema.json +189 -0
  159. spanforge-1.0.0/docs/schema/payloads/span.schema.json +244 -0
  160. spanforge-1.0.0/docs/schema/payloads/template.schema.json +192 -0
  161. spanforge-1.0.0/docs/schema/types/common.schema.json +567 -0
  162. spanforge-1.0.0/docs/schema-versioning.md +98 -0
  163. spanforge-1.0.0/docs/user_guide/alert.md +272 -0
  164. spanforge-1.0.0/docs/user_guide/audit.md +324 -0
  165. spanforge-1.0.0/docs/user_guide/cache.md +233 -0
  166. spanforge-1.0.0/docs/user_guide/compliance.md +397 -0
  167. spanforge-1.0.0/docs/user_guide/custom_exporters.md +203 -0
  168. spanforge-1.0.0/docs/user_guide/debugging.md +160 -0
  169. spanforge-1.0.0/docs/user_guide/events.md +121 -0
  170. spanforge-1.0.0/docs/user_guide/export.md +465 -0
  171. spanforge-1.0.0/docs/user_guide/feedback.md +189 -0
  172. spanforge-1.0.0/docs/user_guide/gate.md +424 -0
  173. spanforge-1.0.0/docs/user_guide/governance.md +227 -0
  174. spanforge-1.0.0/docs/user_guide/in_memory_state.md +106 -0
  175. spanforge-1.0.0/docs/user_guide/index.md +30 -0
  176. spanforge-1.0.0/docs/user_guide/linting.md +244 -0
  177. spanforge-1.0.0/docs/user_guide/metrics.md +122 -0
  178. spanforge-1.0.0/docs/user_guide/migration.md +241 -0
  179. spanforge-1.0.0/docs/user_guide/rag.md +206 -0
  180. spanforge-1.0.0/docs/user_guide/redaction.md +317 -0
  181. spanforge-1.0.0/docs/user_guide/signing.md +285 -0
  182. spanforge-1.0.0/docs/user_guide/tracing.md +278 -0
  183. spanforge-1.0.0/examples/agent_workflow.py +55 -0
  184. spanforge-1.0.0/examples/budget_alert.py +114 -0
  185. spanforge-1.0.0/examples/docker/Dockerfile +51 -0
  186. spanforge-1.0.0/examples/docker/docker-compose.yml +59 -0
  187. spanforge-1.0.0/examples/docker/otel-config.yaml +31 -0
  188. spanforge-1.0.0/examples/enterprise_evidence_demo.py +79 -0
  189. spanforge-1.0.0/examples/gates/gate5_governance.yaml +30 -0
  190. spanforge-1.0.0/examples/gates/sf-gate.yaml +160 -0
  191. spanforge-1.0.0/examples/langchain_chain.py +46 -0
  192. spanforge-1.0.0/examples/multi_agent_rag.py +121 -0
  193. spanforge-1.0.0/examples/multi_tenant.py +138 -0
  194. spanforge-1.0.0/examples/openai_chat.py +47 -0
  195. spanforge-1.0.0/examples/otlp_grafana.py +85 -0
  196. spanforge-1.0.0/examples/production_multi_agent.py +180 -0
  197. spanforge-1.0.0/examples/runtime_governance_demo.py +241 -0
  198. spanforge-1.0.0/examples/secure_pipeline.py +54 -0
  199. spanforge-1.0.0/examples/streaming_response.py +106 -0
  200. spanforge-1.0.0/examples/testing_mocks_example.py +158 -0
  201. spanforge-1.0.0/helm/spanforge/Chart.yaml +18 -0
  202. spanforge-1.0.0/helm/spanforge/templates/_helpers.tpl +40 -0
  203. spanforge-1.0.0/helm/spanforge/templates/deployment.yaml +38 -0
  204. spanforge-1.0.0/helm/spanforge/templates/hpa.yaml +30 -0
  205. spanforge-1.0.0/helm/spanforge/templates/networkpolicy.yaml +39 -0
  206. spanforge-1.0.0/helm/spanforge/templates/pdb.yaml +19 -0
  207. spanforge-1.0.0/helm/spanforge/templates/secret.yaml +23 -0
  208. spanforge-1.0.0/helm/spanforge/templates/service.yaml +15 -0
  209. spanforge-1.0.0/helm/spanforge/values.yaml +83 -0
  210. spanforge-1.0.0/k6/README.md +16 -0
  211. spanforge-1.0.0/k6/pii_scan_50rps.js +76 -0
  212. spanforge-1.0.0/k6/score_100rps.js +71 -0
  213. spanforge-1.0.0/k6/secrets_scan_100rps.js +79 -0
  214. spanforge-1.0.0/pyproject.toml +446 -0
  215. spanforge-1.0.0/sonar-project.properties +17 -0
  216. spanforge-1.0.0/src/spanforge/__init__.py +815 -0
  217. spanforge-1.0.0/src/spanforge/_ansi.py +93 -0
  218. spanforge-1.0.0/src/spanforge/_batch_exporter.py +409 -0
  219. spanforge-1.0.0/src/spanforge/_cli.py +2094 -0
  220. spanforge-1.0.0/src/spanforge/_cli_audit.py +639 -0
  221. spanforge-1.0.0/src/spanforge/_cli_compliance.py +711 -0
  222. spanforge-1.0.0/src/spanforge/_cli_cost.py +243 -0
  223. spanforge-1.0.0/src/spanforge/_cli_ops.py +791 -0
  224. spanforge-1.0.0/src/spanforge/_cli_phase11.py +356 -0
  225. spanforge-1.0.0/src/spanforge/_hooks.py +337 -0
  226. spanforge-1.0.0/src/spanforge/_server.py +1708 -0
  227. spanforge-1.0.0/src/spanforge/_span.py +1036 -0
  228. spanforge-1.0.0/src/spanforge/_store.py +288 -0
  229. spanforge-1.0.0/src/spanforge/_stream.py +664 -0
  230. spanforge-1.0.0/src/spanforge/_trace.py +335 -0
  231. spanforge-1.0.0/src/spanforge/_tracer.py +254 -0
  232. spanforge-1.0.0/src/spanforge/actor.py +141 -0
  233. spanforge-1.0.0/src/spanforge/alerts.py +469 -0
  234. spanforge-1.0.0/src/spanforge/auto.py +464 -0
  235. spanforge-1.0.0/src/spanforge/baseline.py +335 -0
  236. spanforge-1.0.0/src/spanforge/cache.py +635 -0
  237. spanforge-1.0.0/src/spanforge/compliance.py +325 -0
  238. spanforge-1.0.0/src/spanforge/config.py +532 -0
  239. spanforge-1.0.0/src/spanforge/consent.py +228 -0
  240. spanforge-1.0.0/src/spanforge/consumer.py +377 -0
  241. spanforge-1.0.0/src/spanforge/core/__init__.py +5 -0
  242. spanforge-1.0.0/src/spanforge/core/compliance_mapping.py +1254 -0
  243. spanforge-1.0.0/src/spanforge/cost.py +600 -0
  244. spanforge-1.0.0/src/spanforge/debug.py +548 -0
  245. spanforge-1.0.0/src/spanforge/deprecations.py +205 -0
  246. spanforge-1.0.0/src/spanforge/drift.py +482 -0
  247. spanforge-1.0.0/src/spanforge/egress.py +58 -0
  248. spanforge-1.0.0/src/spanforge/eval.py +648 -0
  249. spanforge-1.0.0/src/spanforge/event.py +1064 -0
  250. spanforge-1.0.0/src/spanforge/exceptions.py +240 -0
  251. spanforge-1.0.0/src/spanforge/explain.py +178 -0
  252. spanforge-1.0.0/src/spanforge/export/__init__.py +69 -0
  253. spanforge-1.0.0/src/spanforge/export/append_only.py +337 -0
  254. spanforge-1.0.0/src/spanforge/export/cloud.py +357 -0
  255. spanforge-1.0.0/src/spanforge/export/datadog.py +497 -0
  256. spanforge-1.0.0/src/spanforge/export/grafana.py +320 -0
  257. spanforge-1.0.0/src/spanforge/export/jsonl.py +195 -0
  258. spanforge-1.0.0/src/spanforge/export/openinference.py +158 -0
  259. spanforge-1.0.0/src/spanforge/export/otel_bridge.py +294 -0
  260. spanforge-1.0.0/src/spanforge/export/otlp.py +811 -0
  261. spanforge-1.0.0/src/spanforge/export/otlp_bridge.py +233 -0
  262. spanforge-1.0.0/src/spanforge/export/redis_backend.py +282 -0
  263. spanforge-1.0.0/src/spanforge/export/siem_schema.py +98 -0
  264. spanforge-1.0.0/src/spanforge/export/siem_splunk.py +264 -0
  265. spanforge-1.0.0/src/spanforge/export/siem_syslog.py +212 -0
  266. spanforge-1.0.0/src/spanforge/export/webhook.py +299 -0
  267. spanforge-1.0.0/src/spanforge/exporters/__init__.py +30 -0
  268. spanforge-1.0.0/src/spanforge/exporters/console.py +271 -0
  269. spanforge-1.0.0/src/spanforge/exporters/jsonl.py +144 -0
  270. spanforge-1.0.0/src/spanforge/exporters/sqlite.py +142 -0
  271. spanforge-1.0.0/src/spanforge/gate.py +1150 -0
  272. spanforge-1.0.0/src/spanforge/governance.py +181 -0
  273. spanforge-1.0.0/src/spanforge/hitl.py +295 -0
  274. spanforge-1.0.0/src/spanforge/http.py +187 -0
  275. spanforge-1.0.0/src/spanforge/inspect.py +427 -0
  276. spanforge-1.0.0/src/spanforge/integrations/__init__.py +45 -0
  277. spanforge-1.0.0/src/spanforge/integrations/_pricing.py +280 -0
  278. spanforge-1.0.0/src/spanforge/integrations/anthropic.py +388 -0
  279. spanforge-1.0.0/src/spanforge/integrations/azure_openai.py +133 -0
  280. spanforge-1.0.0/src/spanforge/integrations/bedrock.py +292 -0
  281. spanforge-1.0.0/src/spanforge/integrations/crewai.py +251 -0
  282. spanforge-1.0.0/src/spanforge/integrations/gemini.py +351 -0
  283. spanforge-1.0.0/src/spanforge/integrations/groq.py +442 -0
  284. spanforge-1.0.0/src/spanforge/integrations/langchain.py +349 -0
  285. spanforge-1.0.0/src/spanforge/integrations/langgraph.py +306 -0
  286. spanforge-1.0.0/src/spanforge/integrations/llamaindex.py +373 -0
  287. spanforge-1.0.0/src/spanforge/integrations/ollama.py +287 -0
  288. spanforge-1.0.0/src/spanforge/integrations/openai.py +368 -0
  289. spanforge-1.0.0/src/spanforge/integrations/together.py +483 -0
  290. spanforge-1.0.0/src/spanforge/io.py +214 -0
  291. spanforge-1.0.0/src/spanforge/lint.py +322 -0
  292. spanforge-1.0.0/src/spanforge/metrics.py +417 -0
  293. spanforge-1.0.0/src/spanforge/metrics_export.py +343 -0
  294. spanforge-1.0.0/src/spanforge/migrate.py +402 -0
  295. spanforge-1.0.0/src/spanforge/model_registry.py +278 -0
  296. spanforge-1.0.0/src/spanforge/models.py +389 -0
  297. spanforge-1.0.0/src/spanforge/namespaces/__init__.py +254 -0
  298. spanforge-1.0.0/src/spanforge/namespaces/audit.py +256 -0
  299. spanforge-1.0.0/src/spanforge/namespaces/cache.py +237 -0
  300. spanforge-1.0.0/src/spanforge/namespaces/chain.py +77 -0
  301. spanforge-1.0.0/src/spanforge/namespaces/confidence.py +72 -0
  302. spanforge-1.0.0/src/spanforge/namespaces/consent.py +92 -0
  303. spanforge-1.0.0/src/spanforge/namespaces/cost.py +179 -0
  304. spanforge-1.0.0/src/spanforge/namespaces/decision.py +143 -0
  305. spanforge-1.0.0/src/spanforge/namespaces/diff.py +157 -0
  306. spanforge-1.0.0/src/spanforge/namespaces/drift.py +80 -0
  307. spanforge-1.0.0/src/spanforge/namespaces/eval_.py +251 -0
  308. spanforge-1.0.0/src/spanforge/namespaces/feedback.py +241 -0
  309. spanforge-1.0.0/src/spanforge/namespaces/fence.py +193 -0
  310. spanforge-1.0.0/src/spanforge/namespaces/guard.py +105 -0
  311. spanforge-1.0.0/src/spanforge/namespaces/hitl.py +91 -0
  312. spanforge-1.0.0/src/spanforge/namespaces/latency.py +72 -0
  313. spanforge-1.0.0/src/spanforge/namespaces/prompt.py +190 -0
  314. spanforge-1.0.0/src/spanforge/namespaces/redact.py +173 -0
  315. spanforge-1.0.0/src/spanforge/namespaces/retrieval.py +379 -0
  316. spanforge-1.0.0/src/spanforge/namespaces/runtime_governance.py +494 -0
  317. spanforge-1.0.0/src/spanforge/namespaces/template.py +208 -0
  318. spanforge-1.0.0/src/spanforge/namespaces/tool_call.py +77 -0
  319. spanforge-1.0.0/src/spanforge/namespaces/trace.py +1029 -0
  320. spanforge-1.0.0/src/spanforge/normalizer.py +171 -0
  321. spanforge-1.0.0/src/spanforge/plugins.py +82 -0
  322. spanforge-1.0.0/src/spanforge/presidio_backend.py +349 -0
  323. spanforge-1.0.0/src/spanforge/processor.py +258 -0
  324. spanforge-1.0.0/src/spanforge/prompt_registry.py +418 -0
  325. spanforge-1.0.0/src/spanforge/py.typed +0 -0
  326. spanforge-1.0.0/src/spanforge/redact.py +914 -0
  327. spanforge-1.0.0/src/spanforge/regression.py +192 -0
  328. spanforge-1.0.0/src/spanforge/runtime_policy.py +159 -0
  329. spanforge-1.0.0/src/spanforge/sampling.py +511 -0
  330. spanforge-1.0.0/src/spanforge/schema.py +183 -0
  331. spanforge-1.0.0/src/spanforge/schemas/v1.0/schema.json +170 -0
  332. spanforge-1.0.0/src/spanforge/schemas/v2.0/schema.json +536 -0
  333. spanforge-1.0.0/src/spanforge/sdk/__init__.py +625 -0
  334. spanforge-1.0.0/src/spanforge/sdk/_base.py +584 -0
  335. spanforge-1.0.0/src/spanforge/sdk/_base.pyi +71 -0
  336. spanforge-1.0.0/src/spanforge/sdk/_exceptions.py +1096 -0
  337. spanforge-1.0.0/src/spanforge/sdk/_types.py +2184 -0
  338. spanforge-1.0.0/src/spanforge/sdk/alert.py +1514 -0
  339. spanforge-1.0.0/src/spanforge/sdk/alert.pyi +56 -0
  340. spanforge-1.0.0/src/spanforge/sdk/audit.py +1196 -0
  341. spanforge-1.0.0/src/spanforge/sdk/audit.pyi +67 -0
  342. spanforge-1.0.0/src/spanforge/sdk/cec.py +1215 -0
  343. spanforge-1.0.0/src/spanforge/sdk/cec.pyi +37 -0
  344. spanforge-1.0.0/src/spanforge/sdk/config.py +641 -0
  345. spanforge-1.0.0/src/spanforge/sdk/config.pyi +55 -0
  346. spanforge-1.0.0/src/spanforge/sdk/enterprise.py +714 -0
  347. spanforge-1.0.0/src/spanforge/sdk/enterprise.pyi +79 -0
  348. spanforge-1.0.0/src/spanforge/sdk/explain.py +170 -0
  349. spanforge-1.0.0/src/spanforge/sdk/fallback.py +432 -0
  350. spanforge-1.0.0/src/spanforge/sdk/feedback.py +351 -0
  351. spanforge-1.0.0/src/spanforge/sdk/gate.py +874 -0
  352. spanforge-1.0.0/src/spanforge/sdk/gate.pyi +51 -0
  353. spanforge-1.0.0/src/spanforge/sdk/identity.py +2114 -0
  354. spanforge-1.0.0/src/spanforge/sdk/identity.pyi +47 -0
  355. spanforge-1.0.0/src/spanforge/sdk/lineage.py +175 -0
  356. spanforge-1.0.0/src/spanforge/sdk/observe.py +1065 -0
  357. spanforge-1.0.0/src/spanforge/sdk/observe.pyi +50 -0
  358. spanforge-1.0.0/src/spanforge/sdk/operator.py +338 -0
  359. spanforge-1.0.0/src/spanforge/sdk/pii.py +1473 -0
  360. spanforge-1.0.0/src/spanforge/sdk/pii.pyi +119 -0
  361. spanforge-1.0.0/src/spanforge/sdk/pipelines.py +458 -0
  362. spanforge-1.0.0/src/spanforge/sdk/pipelines.pyi +39 -0
  363. spanforge-1.0.0/src/spanforge/sdk/policy.py +930 -0
  364. spanforge-1.0.0/src/spanforge/sdk/rag.py +594 -0
  365. spanforge-1.0.0/src/spanforge/sdk/rbac.py +280 -0
  366. spanforge-1.0.0/src/spanforge/sdk/registry.py +430 -0
  367. spanforge-1.0.0/src/spanforge/sdk/registry.pyi +46 -0
  368. spanforge-1.0.0/src/spanforge/sdk/scope.py +279 -0
  369. spanforge-1.0.0/src/spanforge/sdk/secrets.py +293 -0
  370. spanforge-1.0.0/src/spanforge/sdk/secrets.pyi +25 -0
  371. spanforge-1.0.0/src/spanforge/sdk/security.py +560 -0
  372. spanforge-1.0.0/src/spanforge/sdk/security.pyi +57 -0
  373. spanforge-1.0.0/src/spanforge/sdk/trust.py +472 -0
  374. spanforge-1.0.0/src/spanforge/sdk/trust.pyi +41 -0
  375. spanforge-1.0.0/src/spanforge/secrets.py +799 -0
  376. spanforge-1.0.0/src/spanforge/signing.py +1179 -0
  377. spanforge-1.0.0/src/spanforge/stats.py +100 -0
  378. spanforge-1.0.0/src/spanforge/stream.py +560 -0
  379. spanforge-1.0.0/src/spanforge/testing.py +378 -0
  380. spanforge-1.0.0/src/spanforge/testing_mocks.py +1052 -0
  381. spanforge-1.0.0/src/spanforge/trace.py +199 -0
  382. spanforge-1.0.0/src/spanforge/types.py +696 -0
  383. spanforge-1.0.0/src/spanforge/ulid.py +300 -0
  384. spanforge-1.0.0/src/spanforge/validate.py +379 -0
  385. spanforge-1.0.0/test_agent.jsonl +2 -0
  386. spanforge-1.0.0/test_events.jsonl +1 -0
  387. spanforge-1.0.0/tests/__init__.py +0 -0
  388. spanforge-1.0.0/tests/chaos/README.md +55 -0
  389. spanforge-1.0.0/tests/chaos/test_service_unavailability.py +247 -0
  390. spanforge-1.0.0/tests/conformance/__init__.py +0 -0
  391. spanforge-1.0.0/tests/conformance/fixtures/chain.json +46 -0
  392. spanforge-1.0.0/tests/conformance/fixtures/compliance.json +29 -0
  393. spanforge-1.0.0/tests/conformance/fixtures/key_security.json +42 -0
  394. spanforge-1.0.0/tests/conformance/fixtures/migration.json +59 -0
  395. spanforge-1.0.0/tests/conformance/fixtures/pii.json +55 -0
  396. spanforge-1.0.0/tests/conformance/fixtures/signing.json +51 -0
  397. spanforge-1.0.0/tests/conformance/fixtures.json +155 -0
  398. spanforge-1.0.0/tests/conformance/run_conformance.py +367 -0
  399. spanforge-1.0.0/tests/conformance/test_conformance.py +421 -0
  400. spanforge-1.0.0/tests/conftest.py +166 -0
  401. spanforge-1.0.0/tests/integration/__init__.py +0 -0
  402. spanforge-1.0.0/tests/integration/test_dx_integration.py +205 -0
  403. spanforge-1.0.0/tests/load/README.md +49 -0
  404. spanforge-1.0.0/tests/test_actor.py +155 -0
  405. spanforge-1.0.0/tests/test_alerts.py +481 -0
  406. spanforge-1.0.0/tests/test_ansi.py +97 -0
  407. spanforge-1.0.0/tests/test_auto.py +341 -0
  408. spanforge-1.0.0/tests/test_baseline.py +537 -0
  409. spanforge-1.0.0/tests/test_batch_exporter.py +245 -0
  410. spanforge-1.0.0/tests/test_benchmarks.py +185 -0
  411. spanforge-1.0.0/tests/test_budget_alert.py +202 -0
  412. spanforge-1.0.0/tests/test_cache.py +467 -0
  413. spanforge-1.0.0/tests/test_cli.py +365 -0
  414. spanforge-1.0.0/tests/test_cli_audit_module.py +615 -0
  415. spanforge-1.0.0/tests/test_cli_compliance_module.py +644 -0
  416. spanforge-1.0.0/tests/test_cli_cost_module.py +138 -0
  417. spanforge-1.0.0/tests/test_cli_ops_module.py +524 -0
  418. spanforge-1.0.0/tests/test_cli_phase11_module.py +478 -0
  419. spanforge-1.0.0/tests/test_compliance.py +64 -0
  420. spanforge-1.0.0/tests/test_compliance_mapping.py +1050 -0
  421. spanforge-1.0.0/tests/test_config_interpolate.py +121 -0
  422. spanforge-1.0.0/tests/test_consent.py +178 -0
  423. spanforge-1.0.0/tests/test_consumer.py +242 -0
  424. spanforge-1.0.0/tests/test_cost_event_emission.py +380 -0
  425. spanforge-1.0.0/tests/test_cost_tracker.py +360 -0
  426. spanforge-1.0.0/tests/test_costguard_gaps.py +420 -0
  427. spanforge-1.0.0/tests/test_coverage_gaps.py +1538 -0
  428. spanforge-1.0.0/tests/test_deprecations.py +233 -0
  429. spanforge-1.0.0/tests/test_drift.py +653 -0
  430. spanforge-1.0.0/tests/test_egress_and_normalizer.py +112 -0
  431. spanforge-1.0.0/tests/test_eval_behaviour_scorer.py +111 -0
  432. spanforge-1.0.0/tests/test_event.py +896 -0
  433. spanforge-1.0.0/tests/test_exceptions.py +134 -0
  434. spanforge-1.0.0/tests/test_explain.py +219 -0
  435. spanforge-1.0.0/tests/test_export_cloud.py +412 -0
  436. spanforge-1.0.0/tests/test_export_datadog.py +393 -0
  437. spanforge-1.0.0/tests/test_export_grafana.py +288 -0
  438. spanforge-1.0.0/tests/test_export_jsonl.py +379 -0
  439. spanforge-1.0.0/tests/test_export_otel_bridge.py +399 -0
  440. spanforge-1.0.0/tests/test_export_otlp.py +1082 -0
  441. spanforge-1.0.0/tests/test_export_redis_backend.py +506 -0
  442. spanforge-1.0.0/tests/test_export_siem_splunk.py +361 -0
  443. spanforge-1.0.0/tests/test_export_siem_syslog.py +391 -0
  444. spanforge-1.0.0/tests/test_export_webhook.py +505 -0
  445. spanforge-1.0.0/tests/test_feedback.py +252 -0
  446. spanforge-1.0.0/tests/test_gate_deep.py +228 -0
  447. spanforge-1.0.0/tests/test_governance.py +323 -0
  448. spanforge-1.0.0/tests/test_hitl.py +254 -0
  449. spanforge-1.0.0/tests/test_http.py +290 -0
  450. spanforge-1.0.0/tests/test_inspect.py +952 -0
  451. spanforge-1.0.0/tests/test_integration.py +132 -0
  452. spanforge-1.0.0/tests/test_integrations.py +502 -0
  453. spanforge-1.0.0/tests/test_io.py +205 -0
  454. spanforge-1.0.0/tests/test_lint.py +418 -0
  455. spanforge-1.0.0/tests/test_migrate.py +352 -0
  456. spanforge-1.0.0/tests/test_model_registry.py +271 -0
  457. spanforge-1.0.0/tests/test_models.py +481 -0
  458. spanforge-1.0.0/tests/test_namespaces.py +951 -0
  459. spanforge-1.0.0/tests/test_otlp_bridge.py +298 -0
  460. spanforge-1.0.0/tests/test_phase0_scale.py +566 -0
  461. spanforge-1.0.0/tests/test_phase10_features.py +648 -0
  462. spanforge-1.0.0/tests/test_phase10_trust.py +426 -0
  463. spanforge-1.0.0/tests/test_phase11_enterprise.py +1190 -0
  464. spanforge-1.0.0/tests/test_phase11_security.py +263 -0
  465. spanforge-1.0.0/tests/test_phase12_dx.py +771 -0
  466. spanforge-1.0.0/tests/test_phase1_context_trace.py +1259 -0
  467. spanforge-1.0.0/tests/test_phase2_observability.py +882 -0
  468. spanforge-1.0.0/tests/test_phase3_debug_sampling.py +1066 -0
  469. spanforge-1.0.0/tests/test_phase4_agent_instrumentation.py +970 -0
  470. spanforge-1.0.0/tests/test_phase4_metrics_store.py +635 -0
  471. spanforge-1.0.0/tests/test_phase5_console_exporter.py +720 -0
  472. spanforge-1.0.0/tests/test_phase5_coverage.py +859 -0
  473. spanforge-1.0.0/tests/test_phase5_enterprise_integrations.py +287 -0
  474. spanforge-1.0.0/tests/test_phase5_hooks_crewai.py +514 -0
  475. spanforge-1.0.0/tests/test_phase6_enterprise_deployment_packaging.py +136 -0
  476. spanforge-1.0.0/tests/test_phase6_openai_integration.py +928 -0
  477. spanforge-1.0.0/tests/test_phase8_release_hardening.py +328 -0
  478. spanforge-1.0.0/tests/test_plugins.py +79 -0
  479. spanforge-1.0.0/tests/test_processor_coverage.py +238 -0
  480. spanforge-1.0.0/tests/test_prompt_registry.py +259 -0
  481. spanforge-1.0.0/tests/test_properties.py +176 -0
  482. spanforge-1.0.0/tests/test_public_root_lazy_imports.py +93 -0
  483. spanforge-1.0.0/tests/test_rag.py +388 -0
  484. spanforge-1.0.0/tests/test_redact.py +1098 -0
  485. spanforge-1.0.0/tests/test_regression.py +178 -0
  486. spanforge-1.0.0/tests/test_repo_guardrails.py +68 -0
  487. spanforge-1.0.0/tests/test_rfc_namespaces.py +461 -0
  488. spanforge-1.0.0/tests/test_runtime_governance_phase0.py +220 -0
  489. spanforge-1.0.0/tests/test_sampling_coverage.py +375 -0
  490. spanforge-1.0.0/tests/test_schema.py +217 -0
  491. spanforge-1.0.0/tests/test_sdk_config.py +372 -0
  492. spanforge-1.0.0/tests/test_sdk_coverage_boost.py +1032 -0
  493. spanforge-1.0.0/tests/test_sdk_exporters.py +465 -0
  494. spanforge-1.0.0/tests/test_sdk_final_coverage.py +847 -0
  495. spanforge-1.0.0/tests/test_sdk_gap_filler.py +367 -0
  496. spanforge-1.0.0/tests/test_sdk_openai_integration.py +753 -0
  497. spanforge-1.0.0/tests/test_sdk_phase7_integrations.py +1022 -0
  498. spanforge-1.0.0/tests/test_sdk_pipelines_deep.py +228 -0
  499. spanforge-1.0.0/tests/test_sdk_precision_coverage.py +182 -0
  500. spanforge-1.0.0/tests/test_sdk_span.py +473 -0
  501. spanforge-1.0.0/tests/test_sdk_stream.py +392 -0
  502. spanforge-1.0.0/tests/test_sdk_tracer.py +215 -0
  503. spanforge-1.0.0/tests/test_sdk_validation_coverage.py +930 -0
  504. spanforge-1.0.0/tests/test_server.py +270 -0
  505. spanforge-1.0.0/tests/test_sf11.py +134 -0
  506. spanforge-1.0.0/tests/test_sf12.py +96 -0
  507. spanforge-1.0.0/tests/test_sf13.py +264 -0
  508. spanforge-1.0.0/tests/test_sf14.py +98 -0
  509. spanforge-1.0.0/tests/test_sf15.py +138 -0
  510. spanforge-1.0.0/tests/test_sf16.py +129 -0
  511. spanforge-1.0.0/tests/test_sf9_config.py +1518 -0
  512. spanforge-1.0.0/tests/test_sf_alert.py +1269 -0
  513. spanforge-1.0.0/tests/test_sf_audit.py +1107 -0
  514. spanforge-1.0.0/tests/test_sf_cec.py +1192 -0
  515. spanforge-1.0.0/tests/test_sf_explain.py +124 -0
  516. spanforge-1.0.0/tests/test_sf_gate.py +1825 -0
  517. spanforge-1.0.0/tests/test_sf_identity.py +2424 -0
  518. spanforge-1.0.0/tests/test_sf_lineage.py +121 -0
  519. spanforge-1.0.0/tests/test_sf_observe.py +1229 -0
  520. spanforge-1.0.0/tests/test_sf_operator.py +216 -0
  521. spanforge-1.0.0/tests/test_sf_pii.py +2236 -0
  522. spanforge-1.0.0/tests/test_sf_policy.py +175 -0
  523. spanforge-1.0.0/tests/test_sf_policy_integration.py +189 -0
  524. spanforge-1.0.0/tests/test_sf_policy_phase3.py +227 -0
  525. spanforge-1.0.0/tests/test_sf_rag.py +139 -0
  526. spanforge-1.0.0/tests/test_sf_rbac.py +204 -0
  527. spanforge-1.0.0/tests/test_sf_scope.py +200 -0
  528. spanforge-1.0.0/tests/test_sf_secrets.py +1390 -0
  529. spanforge-1.0.0/tests/test_signing.py +1220 -0
  530. spanforge-1.0.0/tests/test_stats.py +125 -0
  531. spanforge-1.0.0/tests/test_stream.py +575 -0
  532. spanforge-1.0.0/tests/test_trace_decorator.py +446 -0
  533. spanforge-1.0.0/tests/test_trace_pytest_fixtures.py +176 -0
  534. spanforge-1.0.0/tests/test_types.py +341 -0
  535. spanforge-1.0.0/tests/test_ulid.py +370 -0
  536. spanforge-1.0.0/tests/test_validate.py +408 -0
spanforge-1.0.0/.bandit ADDED
@@ -0,0 +1,4 @@
1
+ [bandit]
2
+ # Skip test directory — pytest assert statements (B101) are expected,
3
+ # and status-string constants in tests are not real credentials (B105/B106).
4
+ exclude_dirs = tests,examples
spanforge-1.0.0/.gitattributes ADDED
@@ -0,0 +1,2 @@
1
+ # Auto detect text files and perform LF normalization
2
+ * text=auto
spanforge-1.0.0/.github/CODEOWNERS ADDED
@@ -0,0 +1,29 @@
1
+ # Owners for core SDK modules
2
+ src/spanforge/signing.py @veerarag1973
3
+ src/spanforge/redact.py @veerarag1973
4
+ src/spanforge/event.py @veerarag1973
5
+ src/spanforge/validate.py @veerarag1973
6
+
7
+ # Export backends
8
+ src/spanforge/export/ @veerarag1973
9
+
10
+ # Integrations
11
+ src/spanforge/integrations/ @veerarag1973
12
+
13
+ # Namespaces (schema changes need RFC review)
14
+ src/spanforge/namespaces/ @veerarag1973
15
+
16
+ # CLI
17
+ src/spanforge/_cli.py @veerarag1973
18
+
19
+ # CI/CD
20
+ .github/ @veerarag1973
21
+
22
+ # Docs
23
+ docs/ @veerarag1973
24
+ README.md @veerarag1973
25
+
26
+ # Security-sensitive: require explicit approval
27
+ SECURITY.md @veerarag1973
28
+ src/spanforge/signing.py @veerarag1973
29
+ src/spanforge/redact.py @veerarag1973
spanforge-1.0.0/.github/ISSUE_TEMPLATE/bug_report.yml ADDED
@@ -0,0 +1,62 @@
1
+ # Bug Report
2
+ name: Bug Report
3
+ description: Report a reproducible bug in spanforge
4
+ labels: ["bug", "needs-triage"]
5
+ body:
6
+ - type: markdown
7
+ attributes:
8
+ value: |
9
+ Thank you for reporting a bug! Please fill out the sections below so we can reproduce and fix it quickly.
10
+
11
+ - type: input
12
+ id: version
13
+ attributes:
14
+ label: spanforge version
15
+ placeholder: "e.g. 2.0.0"
16
+ validations:
17
+ required: true
18
+
19
+ - type: input
20
+ id: python
21
+ attributes:
22
+ label: Python version
23
+ placeholder: "e.g. 3.11.8"
24
+ validations:
25
+ required: true
26
+
27
+ - type: textarea
28
+ id: description
29
+ attributes:
30
+ label: Describe the bug
31
+ description: A clear and concise description of what the bug is.
32
+ validations:
33
+ required: true
34
+
35
+ - type: textarea
36
+ id: repro
37
+ attributes:
38
+ label: Steps to reproduce
39
+ description: Minimal code to reproduce the issue.
40
+ render: python
41
+ validations:
42
+ required: true
43
+
44
+ - type: textarea
45
+ id: expected
46
+ attributes:
47
+ label: Expected behavior
48
+ validations:
49
+ required: true
50
+
51
+ - type: textarea
52
+ id: actual
53
+ attributes:
54
+ label: Actual behavior (include full traceback)
55
+ validations:
56
+ required: true
57
+
58
+ - type: textarea
59
+ id: context
60
+ attributes:
61
+ label: Additional context
62
+ description: e.g. OS, exporter used, integrations installed
spanforge-1.0.0/.github/ISSUE_TEMPLATE/config.yml ADDED
@@ -0,0 +1,8 @@
1
+ blank_issues_enabled: false
2
+ contact_links:
3
+ - name: Ask a question
4
+ url: https://github.com/veerarag1973/spanforge/discussions
5
+ about: Use GitHub Discussions for questions and community support
6
+ - name: Security vulnerability
7
+ url: https://github.com/veerarag1973/spanforge/blob/main/SECURITY.md
8
+ about: Please read SECURITY.md before reporting security issues
spanforge-1.0.0/.github/ISSUE_TEMPLATE/feature_request.yml ADDED
@@ -0,0 +1,42 @@
1
+ name: Feature Request
2
+ description: Suggest a new feature or improvement
3
+ labels: ["enhancement", "needs-triage"]
4
+ body:
5
+ - type: markdown
6
+ attributes:
7
+ value: |
8
+ Thanks for taking the time to suggest an improvement. Search existing issues first to avoid duplicates.
9
+
10
+ - type: textarea
11
+ id: problem
12
+ attributes:
13
+ label: What problem are you trying to solve?
14
+ description: A clear description of the use case or pain point.
15
+ validations:
16
+ required: true
17
+
18
+ - type: textarea
19
+ id: solution
20
+ attributes:
21
+ label: Proposed solution
22
+ description: What would the API or behaviour look like?
23
+ validations:
24
+ required: true
25
+
26
+ - type: textarea
27
+ id: alternatives
28
+ attributes:
29
+ label: Alternatives considered
30
+ description: Any other approaches you have tried or considered.
31
+
32
+ - type: dropdown
33
+ id: segment
34
+ attributes:
35
+ label: Who does this help most?
36
+ options:
37
+ - Open-source / hobby projects
38
+ - Startups / SMBs
39
+ - Enterprise teams
40
+ - All users
41
+ validations:
42
+ required: true
spanforge-1.0.0/.github/ISSUE_TEMPLATE/rfc.yml ADDED
@@ -0,0 +1,56 @@
1
+ name: RFC Proposal
2
+ description: Propose a new event namespace, schema change, or architectural decision
3
+ labels: ["rfc", "needs-discussion"]
4
+ body:
5
+ - type: markdown
6
+ attributes:
7
+ value: |
8
+ Use this template for any change that affects the public schema, event namespaces, or SDK public API.
9
+ Small bug fixes and internal refactors do not need an RFC.
10
+
11
+ - type: input
12
+ id: title
13
+ attributes:
14
+ label: RFC title
15
+ placeholder: "RFC-NNNN: Add llm.memory.* namespace for agent working memory"
16
+ validations:
17
+ required: true
18
+
19
+ - type: textarea
20
+ id: motivation
21
+ attributes:
22
+ label: Motivation
23
+ description: Why is this change needed? What problem does it solve?
24
+ validations:
25
+ required: true
26
+
27
+ - type: textarea
28
+ id: design
29
+ attributes:
30
+ label: Detailed design
31
+ description: |
32
+ Describe the proposed change in detail. Include:
33
+ - New fields or event types
34
+ - Sample JSON payloads
35
+ - API changes (new functions, parameters, classes)
36
+ validations:
37
+ required: true
38
+
39
+ - type: textarea
40
+ id: compat
41
+ attributes:
42
+ label: Backwards compatibility
43
+ description: Does this break existing events or consumers? How will migration work?
44
+ validations:
45
+ required: true
46
+
47
+ - type: textarea
48
+ id: alternatives
49
+ attributes:
50
+ label: Alternatives considered
51
+
52
+ - type: textarea
53
+ id: unresolved
54
+ attributes:
55
+ label: Unresolved questions
56
+ description: What aspects of the design are still open?
spanforge-1.0.0/.github/pull_request_template.md ADDED
@@ -0,0 +1,25 @@
1
+ ## Summary
2
+
3
+ <!-- One sentence describing the change. -->
4
+
5
+ ## Type of change
6
+
7
+ - [ ] Bug fix (non-breaking)
8
+ - [ ] New feature (non-breaking)
9
+ - [ ] Breaking change (schema, public API, or CLI)
10
+ - [ ] Documentation only
11
+ - [ ] Refactor / internal improvement
12
+
13
+ ## Related issue
14
+
15
+ Closes #<!-- issue number -->
16
+
17
+ ## Checklist
18
+
19
+ - [ ] Tests added or updated and all pass (`pytest`)
20
+ - [ ] Coverage ≥ 90% (`pytest --cov-fail-under=90`)
21
+ - [ ] Lint passes (`ruff check . && ruff format --check .`)
22
+ - [ ] Type check passes (`mypy src/spanforge tests`)
23
+ - [ ] CHANGELOG.md updated
24
+ - [ ] Docs updated (if public API changed)
25
+ - [ ] No secrets or credentials in this diff
spanforge-1.0.0/.github/workflows/ci.yml ADDED
@@ -0,0 +1,100 @@
1
+ name: CI
2
+
3
+ on:
4
+ push:
5
+ branches: [main]
6
+ pull_request:
7
+ branches: [main]
8
+
9
+ permissions:
10
+ contents: read
11
+
12
+ jobs:
13
+ lint:
14
+ name: Lint & Type-check
15
+ runs-on: ubuntu-latest
16
+ steps:
17
+ - uses: actions/checkout@v4
18
+
19
+ - name: Set up Python
20
+ uses: actions/setup-python@v5
21
+ with:
22
+ python-version: "3.12"
23
+
24
+ - name: Install dependencies
25
+ run: pip install -e ".[dev]"
26
+
27
+ - name: Ruff lint
28
+ run: ruff check src/spanforge tests
29
+
30
+ - name: Ruff format check
31
+ run: ruff format --check src/spanforge tests
32
+
33
+ - name: Mypy
34
+ run: mypy --package spanforge
35
+
36
+ guardrails:
37
+ name: Drift Guardrails
38
+ runs-on: ubuntu-latest
39
+ steps:
40
+ - uses: actions/checkout@v4
41
+
42
+ - name: Set up Python
43
+ uses: actions/setup-python@v5
44
+ with:
45
+ python-version: "3.12"
46
+
47
+ - name: Install dependencies
48
+ run: pip install -e ".[dev]"
49
+
50
+ - name: Verify repo guardrails
51
+ run: pytest tests/test_repo_guardrails.py --no-cov
52
+
53
+ test:
54
+ name: Test (Python ${{ matrix.python-version }}, ${{ matrix.os }})
55
+ runs-on: ${{ matrix.os }}
56
+ strategy:
57
+ fail-fast: false
58
+ matrix:
59
+ os: [ubuntu-latest, windows-latest]
60
+ python-version: ["3.9", "3.10", "3.11", "3.12"]
61
+ steps:
62
+ - uses: actions/checkout@v4
63
+
64
+ - name: Set up Python ${{ matrix.python-version }}
65
+ uses: actions/setup-python@v5
66
+ with:
67
+ python-version: ${{ matrix.python-version }}
68
+
69
+ - name: Install dependencies
70
+ run: pip install -e ".[dev]"
71
+
72
+ - name: Run tests with coverage
73
+ run: pytest --cov=spanforge --cov-report=term-missing --cov-report=xml:coverage.xml
74
+
75
+ - name: Upload coverage artifact
76
+ if: matrix.python-version == '3.12' && matrix.os == 'ubuntu-latest'
77
+ uses: actions/upload-artifact@v4
78
+ with:
79
+ name: coverage-report
80
+ path: coverage.xml
81
+
82
+ security:
83
+ name: Security Scan
84
+ runs-on: ubuntu-latest
85
+ steps:
86
+ - uses: actions/checkout@v4
87
+
88
+ - name: Set up Python
89
+ uses: actions/setup-python@v5
90
+ with:
91
+ python-version: "3.12"
92
+
93
+ - name: Install dependencies
94
+ run: pip install -e ".[dev]" bandit pip-audit
95
+
96
+ - name: Bandit — static security analysis
97
+ run: bandit -r src/spanforge --ini .bandit -ll
98
+
99
+ - name: pip-audit — dependency vulnerability scan
100
+ run: pip-audit --strict
spanforge-1.0.0/.github/workflows/release.yml ADDED
@@ -0,0 +1,135 @@
1
+ name: Release
2
+
3
+ on:
4
+ push:
5
+ tags:
6
+ - "v*.*.*"
7
+
8
+ permissions:
9
+ contents: write # create GitHub Release
10
+ id-token: write # OIDC for trusted publishing + Sigstore keyless signing
11
+
12
+ jobs:
13
+ build:
14
+ name: Build distribution
15
+ runs-on: ubuntu-latest
16
+ steps:
17
+ - uses: actions/checkout@v4
18
+ with:
19
+ fetch-depth: 0
20
+
21
+ - name: Set up Python
22
+ uses: actions/setup-python@v5
23
+ with:
24
+ python-version: "3.12"
25
+
26
+ - name: Install build tools
27
+ run: pip install --upgrade build
28
+
29
+ - name: Build sdist and wheel
30
+ run: python -m build
31
+
32
+ - name: Verify wheel contents
33
+ run: |
34
+ pip install twine
35
+ twine check dist/*
36
+
37
+ - name: Upload build artifacts
38
+ uses: actions/upload-artifact@v4
39
+ with:
40
+ name: dist
41
+ path: dist/
42
+
43
+ publish-pypi:
44
+ name: Publish to PyPI
45
+ needs: build
46
+ runs-on: ubuntu-latest
47
+ environment:
48
+ name: pypi
49
+ url: https://pypi.org/project/spanforge/
50
+ steps:
51
+ - name: Download build artifacts
52
+ uses: actions/download-artifact@v4
53
+ with:
54
+ name: dist
55
+ path: dist/
56
+
57
+ - name: Publish to PyPI (trusted publishing)
58
+ uses: pypa/gh-action-pypi-publish@release/v1
59
+ # Uses OIDC trusted publishing — no API token secret needed.
60
+ # Configure the trusted publisher at:
61
+ # https://pypi.org/manage/project/spanforge/settings/publishing/
62
+
63
+ github-release:
64
+ name: Create GitHub Release
65
+ needs: publish-pypi
66
+ runs-on: ubuntu-latest
67
+ steps:
68
+ - uses: actions/checkout@v4
69
+ with:
70
+ fetch-depth: 0
71
+
72
+ - name: Download build artifacts
73
+ uses: actions/download-artifact@v4
74
+ with:
75
+ name: dist
76
+ path: dist/
77
+
78
+ - name: Generate changelog from tag message
79
+ id: changelog
80
+ run: |
81
+ # Extract annotated tag message as release notes
82
+ git tag -l --format='%(contents)' "${{ github.ref_name }}" > release_notes.txt
83
+ echo "notes_file=release_notes.txt" >> "$GITHUB_OUTPUT"
84
+
85
+ - name: Create GitHub Release
86
+ uses: softprops/action-gh-release@v2
87
+ with:
88
+ body_path: ${{ steps.changelog.outputs.notes_file }}
89
+ files: dist/*
90
+ draft: false
91
+ prerelease: ${{ contains(github.ref_name, 'rc') || contains(github.ref_name, 'alpha') || contains(github.ref_name, 'beta') }}
92
+
93
+ sbom-and-sign:
94
+ name: Generate SBOM and Sigstore signing
95
+ needs: github-release
96
+ runs-on: ubuntu-latest
97
+ steps:
98
+ - uses: actions/checkout@v4
99
+
100
+ - name: Download build artifacts
101
+ uses: actions/download-artifact@v4
102
+ with:
103
+ name: dist
104
+ path: dist/
105
+
106
+ # ── SBOM ────────────────────────────────────────────────────────────────
107
+ - name: Generate CycloneDX SBOM
108
+ uses: anchore/sbom-action@v0
109
+ with:
110
+ path: dist/
111
+ format: cyclonedx-json
112
+ output-file: sbom.cyclonedx.json
113
+ upload-artifact: false # we attach it manually to the release below
114
+
115
+ # ── Keyless signing with Sigstore / cosign ───────────────────────────────
116
+ - name: Install cosign
117
+ uses: sigstore/cosign-installer@v3
118
+
119
+ - name: Sign distribution files
120
+ # --yes suppresses the interactive prompt in CI
121
+ run: |
122
+ for f in dist/*.whl dist/*.tar.gz; do
123
+ cosign sign-blob --yes "$f" \
124
+ --output-signature "${f}.sig" \
125
+ --output-certificate "${f}.pem"
126
+ done
127
+
128
+ # ── Attach artefacts to the GitHub Release ───────────────────────────────
129
+ - name: Attach SBOM and signatures to Release
130
+ uses: softprops/action-gh-release@v2
131
+ with:
132
+ files: |
133
+ sbom.cyclonedx.json
134
+ dist/*.sig
135
+ dist/*.pem
spanforge-1.0.0/.gitignore ADDED
@@ -0,0 +1,199 @@
1
+ # Byte-compiled / optimized / DLL files
2
+ __pycache__/
3
+ *.py[cod]
4
+ *$py.class
5
+
6
+ # C extensions
7
+ *.so
8
+
9
+ # Distribution / packaging
10
+ .Python
11
+ build/
12
+ develop-eggs/
13
+ dist/
14
+ downloads/
15
+ eggs/
16
+ .eggs/
17
+ lib/
18
+ lib64/
19
+ parts/
20
+ sdist/
21
+ var/
22
+ wheels/
23
+ share/python-wheels/
24
+ *.egg-info/
25
+ .installed.cfg
26
+ *.egg
27
+ MANIFEST
28
+
29
+ # PyInstaller
30
+ # Usually these files are written by a python script from a template
31
+ # before PyInstaller builds the exe, so as to inject date/other infos into it.
32
+ *.manifest
33
+ *.spec
34
+
35
+ # Installer logs
36
+ pip-log.txt
37
+ pip-delete-this-directory.txt
38
+
39
+ # Internal founder docs — not for public repo
40
+ ROADMAP_CHECKLIST.md
41
+ FOUNDER_PREP_GUIDE.md
42
+ FOUNDER_PREP_GUIDE.pdf
43
+
44
+ # Unit test / coverage reports
45
+ htmlcov/
46
+ .tox/
47
+ .nox/
48
+ .coverage
49
+ .coverage.*
50
+ .cache
51
+ nosetests.xml
52
+ coverage.xml
53
+ *.cover
54
+ *.py,cover
55
+ .hypothesis/
56
+ .pytest_cache/
57
+ cover/
58
+
59
+ # Translations
60
+ *.mo
61
+ *.pot
62
+
63
+ # Django stuff:
64
+ *.log
65
+ local_settings.py
66
+ db.sqlite3
67
+ db.sqlite3-journal
68
+
69
+ # Flask stuff:
70
+ instance/
71
+ .webassets-cache
72
+
73
+ # Scrapy stuff:
74
+ .scrapy
75
+
76
+ # Sphinx documentation
77
+ docs/_build/
78
+
79
+ # PyBuilder
80
+ .pybuilder/
81
+ target/
82
+
83
+ # Jupyter Notebook
84
+ .ipynb_checkpoints
85
+
86
+ # IPython
87
+ profile_default/
88
+ ipython_config.py
89
+
90
+ # pyenv
91
+ # For a library or package, you might want to ignore these files since the code is
92
+ # intended to run in multiple environments; otherwise, check them in:
93
+ # .python-version
94
+
95
+ # pipenv
96
+ # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
97
+ # However, in case of collaboration, if having platform-specific dependencies or dependencies
98
+ # having no cross-platform support, pipenv may install dependencies that don't work, or not
99
+ # install all needed dependencies.
100
+ #Pipfile.lock
101
+
102
+ # UV
103
+ # Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
104
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
105
+ # commonly ignored for libraries.
106
+ #uv.lock
107
+
108
+ # poetry
109
+ # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
110
+ # This is especially recommended for binary packages to ensure reproducibility, and is more
111
+ # commonly ignored for libraries.
112
+ # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
113
+ #poetry.lock
114
+
115
+ # pdm
116
+ # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
117
+ #pdm.lock
118
+ # pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
119
+ # in version control.
120
+ # https://pdm.fming.dev/latest/usage/project/#working-with-version-control
121
+ .pdm.toml
122
+ .pdm-python
123
+ .pdm-build/
124
+
125
+ # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
126
+ __pypackages__/
127
+
128
+ # Celery stuff
129
+ celerybeat-schedule
130
+ celerybeat.pid
131
+
132
+ # SageMath parsed files
133
+ *.sage.py
134
+
135
+ # Environments
136
+ .env
137
+ .venv
138
+ env/
139
+ venv/
140
+ ENV/
141
+ env.bak/
142
+ venv.bak/
143
+
144
+ # Spyder project settings
145
+ .spyderproject
146
+ .spyproject
147
+
148
+ # Rope project settings
149
+ .ropeproject
150
+
151
+ # mkdocs documentation
152
+ /site
153
+
154
+ # mypy
155
+ .mypy_cache/
156
+ .dmypy.json
157
+ dmypy.json
158
+
159
+ # Pyre type checker
160
+ .pyre/
161
+
162
+ # pytype static type analyzer
163
+ .pytype/
164
+
165
+ # Cython debug symbols
166
+ cython_debug/
167
+
168
+ # PyCharm
169
+ # JetBrains specific template is maintained in a separate JetBrains.gitignore that can
170
+ # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
171
+ # and can be added to the global gitignore or merged into this file. For a more nuclear
172
+ # option (not recommended) you can uncomment the following to ignore the entire idea folder.
173
+ #.idea/
174
+
175
+ # Ruff stuff:
176
+ .ruff_cache/
177
+
178
+ # PyPI configuration file
179
+ .pypirc
180
+
181
+ # Cursor
182
+ # Cursor is an AI-powered code editor.`.cursorignore` specifies files/directories to
183
+ # exclude from AI features like autocomplete and code analysis. Recommended for sensitive data
184
+ # refer to https://docs.cursor.com/context/ignore-files
185
+ .cursorignore
186
+ .cursorindexingignore
187
+
188
+ # Backup files
189
+ *.bak
190
+
191
+ # Office documents
192
+ *.docx
193
+
194
+ # Local build planning notes
195
+ /implementationplan.md
196
+ /spanforge-ts-migration.md
197
+ /SpanForge_Build_Plan_v1.0.md
198
+ /HallucCheck_Product_Spec_v6.0.updated.md
199
+ PRICING.pdf
spanforge-1.0.0/.pre-commit-hooks.yaml ADDED
@@ -0,0 +1,32 @@
1
+ ---
2
+ # SpanForge pre-commit hooks
3
+ # Reference: https://docs.spanforge.dev/secrets/pre-commit
4
+ #
5
+ # Add to your .pre-commit-config.yaml:
6
+ #
7
+ # repos:
8
+ # - repo: https://github.com/spanforge/spanforge-core
9
+ # rev: v<version>
10
+ # hooks:
11
+ # - id: spanforge-secrets-scan
12
+
13
+ - id: spanforge-secrets-scan
14
+ name: SpanForge Secrets Scan
15
+ description: >
16
+ Scan staged files for hard-coded secrets (API keys, tokens, private keys,
17
+ database credentials, etc.) using the SpanForge sf-secrets engine.
18
+ Blocks the commit if any zero-tolerance or high-confidence secret is
19
+ detected. Use --confidence to adjust sensitivity.
20
+ language: python
21
+ entry: spanforge secrets scan
22
+ args: ["--format", "text"]
23
+ types_or: [python, javascript, typescript, yaml, json, text, toml, ini, env]
24
+ exclude: |
25
+ (?x)^(
26
+ .*\.lock$|
27
+ .*\.min\.js$|
28
+ htmlcov/.*|
29
+ \.git/.*
30
+ )$
31
+ pass_filenames: true
32
+ stages: [pre-commit, pre-push]