PyPI - techrevati-runtime - Versions diffs - 0.2.0__tar.gz → 0.4.0__tar.gz - Mend

techrevati-runtime 0.2.0tar.gz → 0.4.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (312) hide show

{techrevati_runtime-0.2.0 → techrevati_runtime-0.4.0}/.github/ISSUE_TEMPLATE/bug.md RENAMED Viewed

@@ -19,7 +19,7 @@ labels: bug
 ```
 **Environment**
-- techrevati-runtime version: `pip show techrevati-runtime | grep -i version`
+- Package version: `pip show techrevati-runtime | grep -i version`
 - Python: `python --version`
 - OS: <e.g. Linux 6.x / macOS 14 / Windows 11>

{techrevati_runtime-0.2.0 → techrevati_runtime-0.4.0}/.github/ISSUE_TEMPLATE/feature.md RENAMED Viewed

@@ -19,7 +19,6 @@ labels: enhancement
 **Alternatives considered**
 <!-- What would you do today as a workaround? Why doesn't it scale? -->
-**Industry priors**
-<!-- Has another agent SDK (OpenAI Agents SDK, LangGraph, etc.)
-     shipped something similar? Link it. We prefer landing
-     primitives that match industry conventions. -->
+**Prior art**
+<!-- Has another runtime shipped something similar? Link it if useful.
+     Prefer primitives that match established conventions. -->

techrevati_runtime-0.4.0/.github/codeql/codeql-config.yml ADDED Viewed

@@ -0,0 +1,33 @@
+name: "techrevati-runtime CodeQL config"
+# The `security-and-quality` suite (see codeql.yml) keeps full security
+# coverage, but its maintainability/reliability queries produce only
+# false positives on this codebase's idiomatic Python — and overlap with
+# ruff (E,W,F,I,B,C4,UP,N) + mypy --strict, which already run in CI.
+#
+# Tests are not shipped and are not part of the runtime attack surface,
+# and the quality queries flag intentional negative-path test idioms
+# (e.g. `with pytest.raises(ValueError): SomeError(bad_input)` trips
+# py/unused-exception-object because the constructor raises during
+# validation, so the object is intentionally never used). Skip the test
+# tree wholesale.
+paths-ignore:
+  - tests
+# In src/, three quality queries fire on correct, idiomatic code:
+#   - py/call/wrong-arguments: a `Callable` dataclass field defaulting to a
+#     module-level function (memory.py: TokenBudgetCompaction.estimator) is
+#     mis-modelled as a bound method, so the analyser thinks `self.estimator`
+#     takes zero args. mypy --strict already verifies real call arity.
+#   - py/implicit-string-concatenation-in-list: intentional line-wrapped long
+#     string literals inside a list (compliance/kit.py, transparency.py).
+#   - py/ineffectual-statement: `...` bodies in Protocol stubs and module
+#     docstrings.
+# Drop just these three; everything else in the suite stays active.
+query-filters:
+  - exclude:
+      id: py/call/wrong-arguments
+  - exclude:
+      id: py/implicit-string-concatenation-in-list
+  - exclude:
+      id: py/ineffectual-statement

techrevati_runtime-0.4.0/.github/workflows/ci.yml ADDED Viewed

@@ -0,0 +1,280 @@
+name: CI
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+permissions:
+  contents: read
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  test:
+    name: Test on Python ${{ matrix.python-version }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ['3.11', '3.12', '3.13']
+    steps:
+      # actions/checkout v4
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+        with:
+          persist-credentials: false
+      - name: Set up Python ${{ matrix.python-version }}
+        # actions/setup-python v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: pip
+          cache-dependency-path: pyproject.toml
+      - name: Install package + dev dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev]"
+          python scripts/install_toolchain.py audit
+      - name: Public branding guard
+        run: python scripts/check_public_branding.py
+      - name: Repository hygiene guard
+        run: python scripts/check_repo_hygiene.py
+      - name: Source hygiene guard
+        run: python scripts/check_source_hygiene.py
+      - name: Security pattern guard
+        run: python scripts/check_security_patterns.py
+      - name: Secret leak guard
+        run: python scripts/check_secret_leaks.py
+      - name: Security review guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_security_review.py
+      - name: Package policy guard
+        run: python scripts/check_package_policy.py
+      - name: Public API guard
+        run: python scripts/check_public_api.py
+      - name: Documented public API guard
+        run: python scripts/check_docs_public_api.py
+      - name: Pre-commit config guard
+        run: python scripts/check_precommit_config.py
+      - name: CI guardrail guard
+        run: python scripts/check_ci_guardrails.py
+      - name: Guard calibration guard
+        run: python scripts/check_guard_calibration.py
+      - name: Dependency vulnerability guard
+        run: python scripts/check_dependency_vulnerabilities.py
+      - name: Final diff review guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_final_diff_review.py
+      - name: RC review handoff guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_rc_review_handoff.py
+      - name: Staging manifest guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_staging_manifest.py
+      - name: Workflow action pinning guard
+        run: python scripts/check_workflow_pinning.py
+      - name: Workflow hardening guard
+        run: python scripts/check_workflow_hardening.py
+      - name: Release workflow guard
+        run: python scripts/check_release_workflow.py
+      - name: Release evidence guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_release_evidence.py
+      - name: RC readiness guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_rc_readiness.py
+      - name: Stable promotion guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_stable_promotion.py
+      - name: Docs publication guard
+        run: python scripts/check_docs_publication.py
+      - name: Rollback execution guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_rollback_execution.py
+      - name: Operations runbook guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_operations_runbook.py
+      - name: Pilot dry-run guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_pilot_dry_run.py
+      - name: Pilot evidence guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_pilot_evidence.py
+      - name: Pilot execution guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_pilot_execution.py
+      - name: Private RC publication guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_private_rc_publication.py
+      - name: Maintenance automation guard
+        run: python scripts/check_maintenance.py
+      - name: Python support guard
+        run: python scripts/check_python_support.py
+      - name: Remote CI validation guard
+        if: ${{ startsWith(github.head_ref, 'production-rc-') || startsWith(github.ref_name, 'production-rc-') }}
+        run: python scripts/check_remote_ci_validation.py
+      - name: Toolchain pin guard
+        run: python scripts/check_toolchain_pins.py
+      - name: Version consistency guard
+        run: python scripts/check_version_consistency.py
+      - name: Changelog version guard
+        run: python scripts/check_changelog.py
+      - name: Lint with ruff
+        run: ruff check src/ tests/ scripts/
+      - name: Format check with ruff
+        run: ruff format --check src/ tests/ scripts/
+      - name: Type check with mypy
+        run: mypy src/ --strict
+      - name: Run tests
+        run: pytest tests/ -v --cov=src/techrevati --cov-report=term-missing
+      - name: Per-module coverage floor (>= 88%)
+        run: python scripts/check_module_coverage.py --threshold 88
+  build:
+    name: Build on Python ${{ matrix.python-version }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    needs: test
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ['3.11', '3.12', '3.13']
+    steps:
+      # actions/checkout v4
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+        with:
+          persist-credentials: false
+      - name: Set up Python ${{ matrix.python-version }}
+        # actions/setup-python v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install build tools
+        run: |
+          python -m pip install --upgrade pip
+          python scripts/install_toolchain.py build
+      - name: Build distribution
+        run: python -m build
+      - name: Check distribution artifacts
+        run: python scripts/check_distribution.py dist
+      - name: Check package metadata rendering
+        run: python -m twine check dist/*.whl dist/*.tar.gz
+      - name: Check wheel
+        run: |
+          pip install --no-index --no-deps --find-links dist techrevati-runtime
+          python -c "
+          import importlib.metadata
+          from techrevati import runtime
+          assert runtime.__version__ == importlib.metadata.version('techrevati-runtime')
+          print(f'techrevati-runtime {runtime.__version__}')
+          "
+  zero-deps-smoke:
+    name: Zero-deps smoke on Python ${{ matrix.python-version }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    needs: build
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ['3.11', '3.12', '3.13']
+    steps:
+      # actions/checkout v4
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+        with:
+          persist-credentials: false
+      - name: Set up Python ${{ matrix.python-version }}
+        # actions/setup-python v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Build distribution
+        run: |
+          python -m pip install --upgrade pip
+          python scripts/install_toolchain.py build
+          python -m build
+          python scripts/check_distribution.py dist
+          python -m twine check dist/*.whl dist/*.tar.gz
+      - name: Install in an empty venv (no [dev], no [otel])
+        # Spin a fresh venv to verify the zero-runtime-dependency
+        # promise: the wheel must import with only stdlib + the wheel
+        # itself, no optional extras pulled in.
+        run: |
+          python -m venv smoke-venv
+          smoke-venv/bin/python -m pip install --no-index --no-deps --find-links dist techrevati-runtime
+          smoke-venv/bin/python -c "
+          import techrevati.runtime as r
+          import importlib.metadata
+          assert r.__version__, '__version__ missing'
+          assert r.__version__ == importlib.metadata.version('techrevati-runtime')
+          # Touch the public exports to make sure every module imports
+          # without optional deps installed.
+          from techrevati.runtime import (
+              AgentSession, OrchestrationSession, AsyncOrchestrationSession,
+              CircuitBreaker, AsyncCircuitBreaker,
+              TokenBucket, AsyncTokenBucket, RateLimiter,
+              StaticProviderRouter, RoundRobinProviderRouter,
+              InMemorySaver, SqliteSaver,
+              SqliteEventSink, SqliteUsageSink,
+              UsageLimits, ManualClock, SystemClock,
+          )
+          print(f'zero-deps smoke OK on techrevati-runtime {r.__version__}')
+          "

techrevati_runtime-0.4.0/.github/workflows/codeql.yml ADDED Viewed

@@ -0,0 +1,56 @@
+name: Static Analysis
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    # Weekly scan on Mondays — catches dependency-driven advisories
+    # that land after a PR has already been merged.
+    - cron: '0 6 * * 1'
+permissions:
+  actions: read
+  contents: read
+  security-events: write
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  analyze:
+    name: Analyze ${{ matrix.language }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [python]
+    steps:
+      # actions/checkout v4
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+        with:
+          persist-credentials: false
+      - name: Initialize analysis
+        # github/codeql-action v3
+        uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-and-quality
+          # paths-ignore (tests) lives in the config file; the quality suite
+          # false-positives on intentional negative-path test idioms.
+          config-file: ./.github/codeql/codeql-config.yml
+      - name: Autobuild
+        # github/codeql-action v3
+        uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e
+      - name: Perform analysis
+        # github/codeql-action v3
+        uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e
+        with:
+          category: "/language:${{ matrix.language }}"

techrevati_runtime-0.4.0/.github/workflows/docs.yml ADDED Viewed

@@ -0,0 +1,85 @@
+name: Docs
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+permissions:
+  contents: read
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  docs:
+    name: Build docs
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      # actions/checkout v4
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+        with:
+          persist-credentials: false
+      - name: Set up Python
+        # actions/setup-python v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
+        with:
+          python-version: '3.11'
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python scripts/install_toolchain.py docs
+      - name: Build documentation
+        # --strict turns broken refs and unresolved nav entries into
+        # hard failures so a doc regression cannot silently degrade
+        # the published site.
+        run: mkdocs build --strict
+      - name: Published HTML branding guard
+        run: python scripts/check_public_branding.py site
+  deploy:
+    name: Deploy docs
+    if: github.event_name == 'push'
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    needs: docs
+    permissions:
+      contents: write
+    steps:
+      # actions/checkout v4
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10
+        with:
+          persist-credentials: false
+      - name: Set up Python
+        # actions/setup-python v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
+        with:
+          python-version: '3.11'
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python scripts/install_toolchain.py docs
+      - name: Build documentation
+        run: mkdocs build --strict
+      - name: Published HTML branding guard
+        run: python scripts/check_public_branding.py site
+      - name: Deploy documentation
+        # peaceiris/actions-gh-pages v3
+        uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./site

techrevati-runtime 0.2.0__tar.gz → 0.4.0__tar.gz

techrevati-runtime 0.2.0tar.gz → 0.4.0tar.gz