tibet-forge 0.1.0__tar.gz

tibet_forge-0.1.0/.gitignore

@@ -0,0 +1,74 @@
+# Secrets & env
+.env
+*.env
+*.secret
+
+# Keys & certs
+*.key
+*.pem
+certs/
+secrets/
+
+# Databases & dumps
+*.db
+*.sqlite
+*.sql
+dump_*/
+
+# EXCEPT: Allow database schemas (needed for server rebuild)
+!database-schemas/*.sql
+
+# Logs & runtime data
+logs/
+*.log
+__pycache__/
+*.pyc
+venv/
+.venv/
+**/venv/
+**/.venv/
+
+# Configs met secrets (we gebruiken straks templates)
+config/
+brain_api/provisioning.local.json
+brain_api/provisioning.json
+
+# Landing pages (privé - niet open source)
+landing-pages/
+humotica.com/
+jtel.nl/
+
+# Social media posts (strategie - niet open source)
+SOCIAL-MEDIA-POSTS.md
+HN-POST-UNDER-4000.md
+STRATO-DEPLOY-HUMOTICA.md
+
+# Endorsement outreach (privaat contact)
+ARXIV-ENDORSEMENT-OUTREACH.md
+
+# Deployment secrets
+DEPLOYMENT-GUIDE.md
+
+# R Project files (Dirty Data Challenge)
+.Rproj.user
+.Rhistory
+.RData
+.Ruserdata
+*.zip
+.mural_tokens.json
+auth.json
+gen-lang-client*.json
+*.credentials.json
+
+# Rust build artifacts
+**/target/
+*.whl
+
+# Compiled binaries (build locally)
+jis-router/jis-router
+sentinel-rs/sentinel-rs
+
+# Build distribution
+sandbox/ai/codex/dist/
+sandbox_backup/
+did-jis-core

tibet_forge-0.1.0/PKG-INFO

@@ -0,0 +1,203 @@
+Metadata-Version: 2.4
+Name: tibet-forge
+Version: 0.1.0
+Summary: From vibe code to trusted tool. Automatic TIBET provenance, bloat detection, duplicate checking, and trust scoring.
+Project-URL: Homepage, https://humotica.com
+Project-URL: Repository, https://github.com/humotica/tibet-forge
+Author: Gemini IDD
+Author-email: "J. van de Meent" <jasper@humotica.com>, "R. AI" <info@humotica.com>
+License: MIT
+Keywords: ai-native,audit,badge,bloat,certification,ci-cd,code-quality,forge,provenance,security,tibet,trust,vibe-coding
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.10
+Requires-Dist: httpx>=0.24.0
+Requires-Dist: rich>=13.0.0
+Requires-Dist: tibet-core>=0.2.0
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0; extra == 'dev'
+Requires-Dist: ruff>=0.1.0; extra == 'dev'
+Provides-Extra: full
+Requires-Dist: semgrep>=1.0.0; extra == 'full'
+Requires-Dist: tree-sitter>=0.20.0; extra == 'full'
+Description-Content-Type: text/markdown
+
+# tibet-forge
+
+**From vibe code to trusted tool.**
+
+The Let's Encrypt of AI provenance. Automatic TIBET integration, bloat detection, duplicate checking, and trust scoring.
+
+## The Problem
+
+Vibe coding is loose:
+- No tests
+- No provenance
+- Duplicate of 50 other tools
+- Bloated dependencies
+- Trust = 0
+
+## The Solution
+
+```bash
+tibet-forge certify ./my-project
+```
+
+```
+╔════════════════════════════════════════════════════════╗
+║         Humotica Trust Score: 87/100 (B+)              ║
+║         ✓ CERTIFIED                                     ║
+╚════════════════════════════════════════════════════════╝
+
+Badge markdown:
+[![Humotica Trust Score](https://img.shields.io/badge/...)]
+```
+
+## Installation
+
+```bash
+pip install tibet-forge
+```
+
+## Quick Start
+
+```bash
+# Scan your project
+tibet-forge scan .
+
+# Full certification
+tibet-forge certify .
+
+# Just the score
+tibet-forge score .
+
+# See what would be wrapped
+tibet-forge wrap --dry-run .
+```
+
+## What It Does
+
+### 1. SCAN
+
+Analyzes your code:
+
+- **Bloat Check** - "You import `requests` but only do GET calls"
+- **Duplicate Detection** - "Your RAG parser exists as `rapid-rag`"
+- **Security Scan** - "Hardcoded API key detected"
+- **Quality Check** - README? Tests? Docstrings?
+
+### 2. WRAP
+
+Auto-injects TIBET provenance:
+
+```python
+# Before
+def login(user, password):
+    ...
+
+# After
+@tibet_audit(action="login", erachter="User authentication")
+def login(user, password):
+    ...
+```
+
+### 3. CONNECT
+
+Matches you with similar projects:
+
+```
+Similar Projects Found:
+  • rapid-rag (65% similar)
+    Consider using rapid-rag instead of building your own RAG
+    https://pypi.org/project/rapid-rag/
+```
+
+### 4. CERTIFY
+
+Generates trust score and badge:
+
+```
+Humotica Trust Score: 87/100 (B+)
+├── Code Quality: 85/100 (weight: 25%)
+├── Security: 95/100 (weight: 25%)
+├── Efficiency: 80/100 (weight: 20%)
+├── Uniqueness: 70/100 (weight: 15%)
+└── Provenance: 100/100 (weight: 15%)
+
+✓ CERTIFIED
+```
+
+## Trust Score Components
+
+| Component | Weight | What It Measures |
+|-----------|--------|------------------|
+| Code Quality | 25% | README, tests, docs, types |
+| Security | 25% | No vulns, no hardcoded secrets |
+| Efficiency | 20% | No bloat, no unused imports |
+| Uniqueness | 15% | Not reinventing the wheel |
+| Provenance | 15% | TIBET integration readiness |
+
+## Configuration
+
+Create `tibet-forge.json`:
+
+```json
+{
+  "name": "my-project",
+  "scan_bloat": true,
+  "scan_duplicates": true,
+  "scan_security": true,
+  "auto_wrap": true,
+  "min_score_for_badge": 70
+}
+```
+
+Or in `pyproject.toml`:
+
+```toml
+[tool.tibet-forge]
+scan_bloat = true
+min_score_for_badge = 70
+```
+
+## The Badge
+
+Projects scoring 70+ get the Humotica Trust badge:
+
+[![Humotica Trust Score](https://img.shields.io/badge/Humotica_Trust_Score-87%2F100-green)](https://humotica.com/trust)
+
+## Why "Forge"?
+
+Like a blacksmith's forge:
+- Takes raw ore (vibe code)
+- Heats it up (analysis)
+- Hammers it (wrapping)
+- Produces strong steel (trusted tool)
+
+## Enterprise Use
+
+"Internal AI scripts must pass tibet-forge with 90+ to reach production."
+
+The gamification works:
+- Developers hate security
+- Developers love high scores
+- → Voluntary code improvement
+
+## Links
+
+- [tibet-core](https://github.com/Humotica/tibet-core)
+- [rapid-rag](https://github.com/Humotica/rapid-rag)
+- [oomllama](https://github.com/Humotica/oomllama)
+- [Humotica](https://humotica.com)
+
+## License
+
+MIT - Humotica

tibet_forge-0.1.0/README.md

@@ -0,0 +1,171 @@
+# tibet-forge
+
+**From vibe code to trusted tool.**
+
+The Let's Encrypt of AI provenance. Automatic TIBET integration, bloat detection, duplicate checking, and trust scoring.
+
+## The Problem
+
+Vibe coding is loose:
+- No tests
+- No provenance
+- Duplicate of 50 other tools
+- Bloated dependencies
+- Trust = 0
+
+## The Solution
+
+```bash
+tibet-forge certify ./my-project
+```
+
+```
+╔════════════════════════════════════════════════════════╗
+║         Humotica Trust Score: 87/100 (B+)              ║
+║         ✓ CERTIFIED                                     ║
+╚════════════════════════════════════════════════════════╝
+
+Badge markdown:
+[![Humotica Trust Score](https://img.shields.io/badge/...)]
+```
+
+## Installation
+
+```bash
+pip install tibet-forge
+```
+
+## Quick Start
+
+```bash
+# Scan your project
+tibet-forge scan .
+
+# Full certification
+tibet-forge certify .
+
+# Just the score
+tibet-forge score .
+
+# See what would be wrapped
+tibet-forge wrap --dry-run .
+```
+
+## What It Does
+
+### 1. SCAN
+
+Analyzes your code:
+
+- **Bloat Check** - "You import `requests` but only do GET calls"
+- **Duplicate Detection** - "Your RAG parser exists as `rapid-rag`"
+- **Security Scan** - "Hardcoded API key detected"
+- **Quality Check** - README? Tests? Docstrings?
+
+### 2. WRAP
+
+Auto-injects TIBET provenance:
+
+```python
+# Before
+def login(user, password):
+    ...
+
+# After
+@tibet_audit(action="login", erachter="User authentication")
+def login(user, password):
+    ...
+```
+
+### 3. CONNECT
+
+Matches you with similar projects:
+
+```
+Similar Projects Found:
+  • rapid-rag (65% similar)
+    Consider using rapid-rag instead of building your own RAG
+    https://pypi.org/project/rapid-rag/
+```
+
+### 4. CERTIFY
+
+Generates trust score and badge:
+
+```
+Humotica Trust Score: 87/100 (B+)
+├── Code Quality: 85/100 (weight: 25%)
+├── Security: 95/100 (weight: 25%)
+├── Efficiency: 80/100 (weight: 20%)
+├── Uniqueness: 70/100 (weight: 15%)
+└── Provenance: 100/100 (weight: 15%)
+
+✓ CERTIFIED
+```
+
+## Trust Score Components
+
+| Component | Weight | What It Measures |
+|-----------|--------|------------------|
+| Code Quality | 25% | README, tests, docs, types |
+| Security | 25% | No vulns, no hardcoded secrets |
+| Efficiency | 20% | No bloat, no unused imports |
+| Uniqueness | 15% | Not reinventing the wheel |
+| Provenance | 15% | TIBET integration readiness |
+
+## Configuration
+
+Create `tibet-forge.json`:
+
+```json
+{
+  "name": "my-project",
+  "scan_bloat": true,
+  "scan_duplicates": true,
+  "scan_security": true,
+  "auto_wrap": true,
+  "min_score_for_badge": 70
+}
+```
+
+Or in `pyproject.toml`:
+
+```toml
+[tool.tibet-forge]
+scan_bloat = true
+min_score_for_badge = 70
+```
+
+## The Badge
+
+Projects scoring 70+ get the Humotica Trust badge:
+
+[![Humotica Trust Score](https://img.shields.io/badge/Humotica_Trust_Score-87%2F100-green)](https://humotica.com/trust)
+
+## Why "Forge"?
+
+Like a blacksmith's forge:
+- Takes raw ore (vibe code)
+- Heats it up (analysis)
+- Hammers it (wrapping)
+- Produces strong steel (trusted tool)
+
+## Enterprise Use
+
+"Internal AI scripts must pass tibet-forge with 90+ to reach production."
+
+The gamification works:
+- Developers hate security
+- Developers love high scores
+- → Voluntary code improvement
+
+## Links
+
+- [tibet-core](https://github.com/Humotica/tibet-core)
+- [rapid-rag](https://github.com/Humotica/rapid-rag)
+- [oomllama](https://github.com/Humotica/oomllama)
+- [Humotica](https://humotica.com)
+
+## License
+
+MIT - Humotica

tibet_forge-0.1.0/pyproject.toml

@@ -0,0 +1,56 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "tibet-forge"
+version = "0.1.0"
+description = "From vibe code to trusted tool. Automatic TIBET provenance, bloat detection, duplicate checking, and trust scoring."
+readme = "README.md"
+license = {text = "MIT"}
+requires-python = ">=3.10"
+authors = [
+    {name = "J. van de Meent", email = "jasper@humotica.com"},
+    {name = "R. AI", email = "info@humotica.com"},
+    {name = "Gemini IDD"},
+]
+keywords = [
+    "tibet", "forge", "trust", "provenance", "audit",
+    "vibe-coding", "code-quality", "security", "bloat",
+    "certification", "badge", "ci-cd", "ai-native"
+]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Software Development :: Quality Assurance",
+    "Topic :: Security",
+]
+dependencies = [
+    "tibet-core>=0.2.0",
+    "httpx>=0.24.0",
+    "rich>=13.0.0",
+]
+
+[project.optional-dependencies]
+full = ["tree-sitter>=0.20.0", "semgrep>=1.0.0"]
+dev = ["pytest>=7.0", "ruff>=0.1.0"]
+
+[project.urls]
+Homepage = "https://humotica.com"
+Repository = "https://github.com/humotica/tibet-forge"
+
+[project.scripts]
+tibet-forge = "tibet_forge.cli:main"
+forge = "tibet_forge.cli:main"
+
+[tool.hatch.build.targets.sdist]
+include = ["/src"]
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/tibet_forge"]

tibet_forge-0.1.0/src/tibet_forge/__init__.py

@@ -0,0 +1,31 @@
+"""
+tibet-forge: From vibe code to trusted tool.
+
+The Let's Encrypt of AI provenance.
+
+Usage:
+    # Scan your project
+    tibet-forge scan .
+
+    # Full pipeline: scan, wrap, certify
+    tibet-forge certify .
+
+    # Check trust score
+    tibet-forge score .
+
+What it does:
+    1. SCAN - AST analysis for bloat, duplicates, security
+    2. WRAP - Auto-inject TIBET provenance
+    3. CONNECT - Match with similar projects
+    4. CERTIFY - Generate trust score and badge
+
+The vibe coder doesn't need to understand TIBET.
+It just works. Like HTTPS.
+"""
+
+from .forge import Forge
+from .score import TrustScore
+from .config import ForgeConfig
+
+__version__ = "0.1.0"
+__all__ = ["Forge", "TrustScore", "ForgeConfig"]