strathon 1.2.2__tar.gz → 1.2.3__tar.gz

{strathon-1.2.2/src/strathon.egg-info → strathon-1.2.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: strathon
-Version: 1.2.2
+Version: 1.2.3
 Summary: Open-source AI agent firewall. Blocks dangerous agent tool calls before they execute, with in-process CEL enforcement at the tool-call boundary.
 Author-email: Strathon <hello@getstrathon.com>
 License-Expression: Apache-2.0
@@ -39,7 +39,7 @@ Requires-Dist: openai-agents>=0.17.5; extra == "openai-agents"
 Provides-Extra: anthropic
 Requires-Dist: anthropic>=0.40.0; extra == "anthropic"
 Provides-Extra: claude-agent
-Requires-Dist: claude-agent-sdk>=0.1.0; extra == "claude-agent"
+Requires-Dist: claude-agent-sdk>=0.1.81; extra == "claude-agent"
 Requires-Dist: anthropic>=0.40.0; extra == "claude-agent"
 Provides-Extra: langchain
 Requires-Dist: langchain-core>=0.3.0; extra == "langchain"
@@ -59,7 +59,7 @@ Provides-Extra: all
 Requires-Dist: openai>=1.0.0; extra == "all"
 Requires-Dist: openai-agents>=0.17.5; extra == "all"
 Requires-Dist: anthropic>=0.40.0; extra == "all"
-Requires-Dist: claude-agent-sdk>=0.1.0; extra == "all"
+Requires-Dist: claude-agent-sdk>=0.1.81; extra == "all"
 Requires-Dist: langchain-core>=0.3.0; extra == "all"
 Requires-Dist: crewai>=1.14.7; extra == "all"
 Requires-Dist: autogen-agentchat>=0.7.0; extra == "all"

{strathon-1.2.2 → strathon-1.2.3}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "strathon"
-version = "1.2.2"
+version = "1.2.3"
 description = "Open-source AI agent firewall. Blocks dangerous agent tool calls before they execute, with in-process CEL enforcement at the tool-call boundary."
 readme = "README.md"
 license = "Apache-2.0"
@@ -40,7 +40,7 @@ dependencies = [
 openai = ["openai>=1.0.0"]
 openai-agents = ["openai-agents>=0.17.5"]
 anthropic = ["anthropic>=0.40.0"]
-claude-agent = ["claude-agent-sdk>=0.1.0", "anthropic>=0.40.0"]
+claude-agent = ["claude-agent-sdk>=0.1.81", "anthropic>=0.40.0"]
 langchain = ["langchain-core>=0.3.0"]
 langgraph = ["langchain-core>=0.3.0"]
 crewai = ["crewai>=1.14.7"]
@@ -52,7 +52,7 @@ all = [
     "openai>=1.0.0",
     "openai-agents>=0.17.5",
     "anthropic>=0.40.0",
-    "claude-agent-sdk>=0.1.0",
+    "claude-agent-sdk>=0.1.81",
     "langchain-core>=0.3.0",
     "crewai>=1.14.7",
     "autogen-agentchat>=0.7.0",

strathon-1.2.3/src/strathon/_version.py

@@ -0,0 +1 @@
+__version__ = "1.2.3"

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/client.py

@@ -138,7 +138,7 @@ class Client:
                 trace.set_tracer_provider(self._tracer_provider)
 
         # Named tracer for instrumentations and manual span emission
-        self._tracer = self._tracer_provider.get_tracer("strathon", "1.2.2")
+        self._tracer = self._tracer_provider.get_tracer("strathon", "1.2.3")
 
         # Runtime intervention: optional policy enforcer
         self._policy_enforcer = None

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/config.py

@@ -33,7 +33,7 @@ class Config:
     # HTTP request timeout to Strathon receiver
     http_timeout_seconds: float = 10.0
 
-    # Retry behaviour on export failure
+    # Retry behavior on export failure
     max_retries: int = 3
     retry_backoff_seconds: float = 1.0
 

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/heartbeat.py

@@ -28,7 +28,7 @@ if TYPE_CHECKING:
 
 logger = logging.getLogger("strathon.heartbeat")
 
-_VERSION = "1.2.2"
+_VERSION = "1.2.3"
 
 
 def compute_code_hash() -> str:

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/instrumentation/openai_agents.py

@@ -840,8 +840,7 @@ def _build_strathon_guardrail_function(client):
             # The guardrail is async, so we do REAL interactive approval:
             # wait for the operator off the event loop. Approved -> allow the
             # tool to run; denied/expired/timed out -> raise_exception so the
-            # tool body never runs. Previously require_approval fell through to
-            # allow() here (a silent-allow gap).
+            # tool body never runs.
             from strathon.policy import await_for_approval
             try:
                 await await_for_approval(

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/policy/approval.py

@@ -57,6 +57,7 @@ def request_approval(
         "tool_name": attrs.get("gen_ai.tool.name") or attrs.get("strathon.tool.name"),
         "tool_args": attrs.get("strathon.tool.args"),
         "timeout_seconds": decision.timeout_seconds or 300,
+        "approvers_required": decision.approvers_required or 1,
     }).encode("utf-8")
 
     api_key = getattr(client, "_api_key", None)

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/policy/enforcer.py

@@ -281,6 +281,20 @@ class PolicyEnforcer:
                     timeout = int(raw_timeout)
                     if timeout <= 0:
                         timeout = 300
+                # approvers_required (the N in N-of-M). Same fail-safe posture:
+                # an invalid value must never raise out of check_policy, so it
+                # falls back to 1 (single sign-off) rather than disabling the
+                # policy. The receiver enforces the threshold and dedupes
+                # distinct approvers.
+                raw_approvers = (policy.action_config or {}).get(
+                    "approvers_required", 1
+                )
+                if isinstance(raw_approvers, bool) or not isinstance(
+                    raw_approvers, int
+                ):
+                    approvers_required = 1
+                else:
+                    approvers_required = raw_approvers if raw_approvers >= 1 else 1
                 return PolicyDecision(
                     action="require_approval",
                     policy_id=policy.id,
@@ -290,6 +304,7 @@ class PolicyEnforcer:
                         or f"Tool call requires approval per policy '{policy.name}'"
                     ),
                     timeout_seconds=timeout,
+                    approvers_required=approvers_required,
                 )
             # steer
             replacement = (

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/policy/steer.py

@@ -709,8 +709,6 @@ def _install_class_patch(cls: Type[Any]) -> None:
             # Route through the async dispatcher so this surface enforces the
             # full action set — halt check, block, throttle, steer, AND real
             # interactive require_approval — identically to the sync path.
-            # Previously this hand-rolled only block/throttle/steer and ran the
-            # body for approval/halt (a silent-allow gap).
             return await dispatch_policy_decision_async(
                 client,
                 span_name=span_name,

{strathon-1.2.2 → strathon-1.2.3}/src/strathon/policy/types.py

@@ -27,9 +27,9 @@ class Policy:
     priority: int = 0
     description: Optional[str] = None
     # Shadow policies are evaluated and recorded server-side but must never
-    # enforce. The SDK previously dropped this field on parse, which made a
-    # shadow block policy block for real in-process — the inverse of the
-    # documented "test without enforcing" contract.
+    # enforce in-process. This field is carried through parse so a shadow
+    # block policy stays observe-only instead of blocking for real, honoring
+    # the "test without enforcing" contract.
     shadow: bool = False
 
     def to_dict(self) -> Dict[str, Any]:
@@ -92,6 +92,7 @@ class PolicyDecision:
     retry_after_seconds: Optional[float] = None
     approval_id: Optional[str] = None
     timeout_seconds: Optional[int] = None
+    approvers_required: Optional[int] = None
 
     @property
     def is_allow(self) -> bool:

{strathon-1.2.2 → strathon-1.2.3/src/strathon.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: strathon
-Version: 1.2.2
+Version: 1.2.3
 Summary: Open-source AI agent firewall. Blocks dangerous agent tool calls before they execute, with in-process CEL enforcement at the tool-call boundary.
 Author-email: Strathon <hello@getstrathon.com>
 License-Expression: Apache-2.0
@@ -39,7 +39,7 @@ Requires-Dist: openai-agents>=0.17.5; extra == "openai-agents"
 Provides-Extra: anthropic
 Requires-Dist: anthropic>=0.40.0; extra == "anthropic"
 Provides-Extra: claude-agent
-Requires-Dist: claude-agent-sdk>=0.1.0; extra == "claude-agent"
+Requires-Dist: claude-agent-sdk>=0.1.81; extra == "claude-agent"
 Requires-Dist: anthropic>=0.40.0; extra == "claude-agent"
 Provides-Extra: langchain
 Requires-Dist: langchain-core>=0.3.0; extra == "langchain"
@@ -59,7 +59,7 @@ Provides-Extra: all
 Requires-Dist: openai>=1.0.0; extra == "all"
 Requires-Dist: openai-agents>=0.17.5; extra == "all"
 Requires-Dist: anthropic>=0.40.0; extra == "all"
-Requires-Dist: claude-agent-sdk>=0.1.0; extra == "all"
+Requires-Dist: claude-agent-sdk>=0.1.81; extra == "all"
 Requires-Dist: langchain-core>=0.3.0; extra == "all"
 Requires-Dist: crewai>=1.14.7; extra == "all"
 Requires-Dist: autogen-agentchat>=0.7.0; extra == "all"

{strathon-1.2.2 → strathon-1.2.3}/src/strathon.egg-info/requires.txt

@@ -9,7 +9,7 @@ cel-python>=0.5.0
 openai>=1.0.0
 openai-agents>=0.17.5
 anthropic>=0.40.0
-claude-agent-sdk>=0.1.0
+claude-agent-sdk>=0.1.81
 langchain-core>=0.3.0
 crewai>=1.14.7
 autogen-agentchat>=0.7.0
@@ -23,7 +23,7 @@ anthropic>=0.40.0
 autogen-agentchat>=0.7.0
 
 [claude-agent]
-claude-agent-sdk>=0.1.0
+claude-agent-sdk>=0.1.81
 anthropic>=0.40.0
 
 [crewai]

{strathon-1.2.2 → strathon-1.2.3}/tests/test_smoke.py

@@ -24,7 +24,7 @@ def make_client(**kwargs):
 
 
 def test_version():
-    assert __version__ == "1.2.2"
+    assert __version__ == "1.2.3"
 
 
 def test_client_requires_api_key():

strathon-1.2.2/src/strathon/_version.py

@@ -1 +0,0 @@
-__version__ = "1.2.2"