tigrcorn-certification 0.3.16.dev5__tar.gz → 0.3.16.dev12__tar.gz

{tigrcorn_certification-0.3.16.dev5 → tigrcorn_certification-0.3.16.dev12}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: tigrcorn-certification
-Version: 0.3.16.dev5
+Version: 0.3.16.dev12
 Summary: Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence.
 Author-email: Jacob Stewart <jacob@swarmauri.com>
 License: Apache License
@@ -175,18 +175,21 @@ Classifier: License :: OSI Approved :: Apache Software License
 Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
 Classifier: Topic :: Internet :: WWW/HTTP
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Classifier: Topic :: System :: Networking
 Classifier: Typing :: Typed
-Requires-Python: >=3.11
+Requires-Python: <3.15,>=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: tigrcorn-compat==0.3.16.dev5
-Requires-Dist: tigrcorn-runtime==0.3.16.dev5
+Requires-Dist: tigrcorn-compat==0.3.16.dev12
+Requires-Dist: tigrcorn-runtime==0.3.16.dev12
+Requires-Dist: tomli>=2.0.0; python_version < "3.11"
 Requires-Dist: cryptography>=46.0.0
 Requires-Dist: aioquic>=1.3.0
 Requires-Dist: h2>=4.1.0
@@ -196,47 +199,101 @@ Dynamic: license-file
 
 <div align="center">
 <h1>tigrcorn-certification</h1>
+<img
+  src="https://raw.githubusercontent.com/Tigrbl/tigrcorn/master/assets/tigrcorn_logo.png"
+  alt="Tigrcorn tiger-unicorn logo"
+  width="140"
+/>
 
 <p><strong>Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence.</strong></p>
 
 <a href="https://pypi.org/project/tigrcorn-certification/"><img alt="PyPI version for tigrcorn-certification" src="https://img.shields.io/pypi/v/tigrcorn-certification?label=PyPI"></a>
 <a href="https://pypi.org/project/tigrcorn-certification/"><img alt="tigrcorn-certification package on PyPI" src="https://img.shields.io/badge/package-PyPI-blue"></a>
+<a href="https://pepy.tech/project/tigrcorn-certification"><img alt="Downloads for tigrcorn-certification" src="https://static.pepy.tech/badge/tigrcorn-certification"></a>
+<a href="https://github.com/tigrbl/tigrcorn/blob/master/pkgs/tigrcorn-certification/README.md"><img alt="Hits for tigrcorn-certification README" src="https://hits.sh/github.com/tigrbl/tigrcorn/blob/master/pkgs/tigrcorn-certification/README.md.svg?label=hits"></a>
 <a href="LICENSE"><img alt="Apache 2.0 license" src="https://img.shields.io/badge/license-Apache%202.0-525252"></a>
-<a href="pyproject.toml"><img alt="Python 3.11 supported" src="https://img.shields.io/badge/python-3.11-3776ab"></a>
-<a href="pyproject.toml"><img alt="Python 3.12 supported" src="https://img.shields.io/badge/python-3.12-3776ab"></a>
-<a href="pyproject.toml"><img alt="Python 3.13 supported" src="https://img.shields.io/badge/python-3.13-3776ab"></a>
-<a href="src/tigrcorn_certification/py.typed"><img alt="typed package" src="https://img.shields.io/badge/typed-py.typed-2f7ed8"></a>
+<a href="pyproject.toml"><img alt="Python 3.10 | 3.11 | 3.12 | 3.13 | 3.14 supported" src="https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12%20%7C%203.13%20%7C%203.14-3776ab"></a>
 <a href="https://pypi.org/project/tigrcorn-certification/"><img alt="certification role package" src="https://img.shields.io/badge/role-certification-0a7f5a"></a>
 </div>
 
+<p align="center"><a href="https://github.com/Tigrbl/tigrcorn/blob/master/.ssot/registry.json"><img alt="SSOT governed" src="https://img.shields.io/badge/SSOT-governed-2f6f4e.svg"></a> <a href="https://discord.gg/jzvrbEtTtt"><img alt="Discord" src="https://img.shields.io/badge/Discord-Join%20chat-5865F2?logo=discord&amp;logoColor=white"></a></p>
+
 ## Install
 
-~~~bash
+```bash
+uv add tigrcorn-certification
+```
+
+```bash
 pip install tigrcorn-certification
-~~~
+```
 
 Use the aggregate [tigrcorn](https://pypi.org/project/tigrcorn/) distribution when you want the full ASGI3 Python web server stack. Install <code>tigrcorn-certification</code> directly when you want only this package boundary and its declared dependencies.
 
 ## What It Owns
 
-<code>tigrcorn-certification</code> owns release gates, certification environment, external peer matrices, strict promotion checks, and conformance evidence. Its import package is <code>tigrcorn_certification</code>, and its declared package dependencies are: tigrcorn-compat, tigrcorn-runtime.
+<code>tigrcorn-certification</code> owns release gates, certification environment, external peer matrices, and strict promotion checks. Its import package is <code>tigrcorn_certification</code>, and its declared package dependencies are: tigrcorn-compat, tigrcorn-runtime, cryptography, aioquic, h2, websockets, wsproto.
+
+This package page is written for developers searching for Tigrcorn ASGI3 server components, Python web server packages, HTTP/3 and QUIC support, WebSocket and WebTransport-adjacent surfaces, and Apache 2.0 licensed infrastructure.
+
+## Why Use This?
+
+Use <code>tigrcorn-certification</code> when you want the certification layer as a direct install target instead of the full server bundle. It lets application, operator, or certification workflows depend on this boundary explicitly while keeping the broader Tigrcorn runtime assembled from smaller repo-owned package surfaces.
+
+## FAQ
+
+### What does this package export?
+
+The package exports through the <code>tigrcorn_certification</code> namespace and keeps the root <code>tigrcorn</code> package as the compatibility umbrella.
+
+### Which boundary does this package own?
+
+It is the package boundary for release gates, certification environment, external peer matrices, and strict promotion checks in the Tigrcorn package graph.
 
-This package page is written for developers searching for Tigrcorn ASGI3 server components, Python web server packages, HTTP/3 and QUIC support, WebSocket and WebTransport runtime surfaces, typed package boundaries, and Apache 2.0 licensed infrastructure.
+### What certification surfaces live here?
+
+Release-gate evaluation, strict promotion checks, explicit-surface validation, certification environment helpers, and external peer evidence rails are all concentrated here.
+
+## Features
+
+- Owns release gates, certification environment, external peer matrices, and strict promotion checks inside the Tigrcorn split-package architecture.
+- Publishes the <code>tigrcorn_certification</code> import surface for named public helpers and entrypoints.
+- Declared runtime dependencies: tigrcorn-compat, tigrcorn-runtime, cryptography, aioquic, h2, websockets, wsproto.
+- Optional dependency surface: aioquic, h2, websockets, wsproto, cryptography.
+- Supports Python 3.10, 3.11, 3.12, 3.13, and 3.14.
 
 ## Use It When
 
-Use <code>tigrcorn-certification</code> when you need governed release readiness, certification checks, external peer evidence, or strict promotion gates for Tigrcorn. It is part of Tigrcorn's split-package architecture, so it can be installed independently while remaining linked to the rest of the Tigrcorn package family on PyPI.
+Use <code>tigrcorn-certification</code> when you need certification-level behavior without pulling the entire server stack into the import surface. It is part of Tigrcorn's split-package architecture, so it can be installed independently while remaining linked to the rest of the Tigrcorn package family on PyPI.
 
 ## Import Surface
 
-~~~python
-import tigrcorn_certification
+```python
+from tigrcorn_certification import evaluate_release_gates
 
-print(tigrcorn_certification.__name__)
-~~~
+print(evaluate_release_gates.__name__)
+```
+
+Namespace discovery starts with `import tigrcorn_certification`.
 
 The package exposes its supported public surface through the <code>tigrcorn_certification</code> namespace. The root [tigrcorn](https://pypi.org/project/tigrcorn/) package keeps compatibility shims for users who install the full server distribution.
 
+## Related Packages
+
+- [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/)
+- [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/)
+- [tigrcorn](https://pypi.org/project/tigrcorn/)
+
 ## Package Graph
 
-[tigrcorn](https://pypi.org/project/tigrcorn/) | [tigrcorn-core](https://pypi.org/project/tigrcorn-core/) | [tigrcorn-config](https://pypi.org/project/tigrcorn-config/) | [tigrcorn-asgi](https://pypi.org/project/tigrcorn-asgi/) | [tigrcorn-contract](https://pypi.org/project/tigrcorn-contract/) | [tigrcorn-transports](https://pypi.org/project/tigrcorn-transports/) | [tigrcorn-protocols](https://pypi.org/project/tigrcorn-protocols/) | [tigrcorn-http](https://pypi.org/project/tigrcorn-http/) | [tigrcorn-security](https://pypi.org/project/tigrcorn-security/) | [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/) | [tigrcorn-static](https://pypi.org/project/tigrcorn-static/) | [tigrcorn-observability](https://pypi.org/project/tigrcorn-observability/) | [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/) | [tigrcorn-certification](https://pypi.org/project/tigrcorn-certification/)
+[tigrcorn-core](https://pypi.org/project/tigrcorn-core/) | [tigrcorn-config](https://pypi.org/project/tigrcorn-config/) | [tigrcorn-http](https://pypi.org/project/tigrcorn-http/) | [tigrcorn-asgi](https://pypi.org/project/tigrcorn-asgi/) | [tigrcorn-contract](https://pypi.org/project/tigrcorn-contract/) | [tigrcorn-transports](https://pypi.org/project/tigrcorn-transports/) | [tigrcorn-security](https://pypi.org/project/tigrcorn-security/) | [tigrcorn-protocols](https://pypi.org/project/tigrcorn-protocols/) | [tigrcorn-static](https://pypi.org/project/tigrcorn-static/) | [tigrcorn-observability](https://pypi.org/project/tigrcorn-observability/) | [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/) | [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/) | [tigrcorn-certification](https://pypi.org/project/tigrcorn-certification/)
+
+## Best Practices
+
+- Use this package when you need release-gate or promotion-target decisions rooted in repo evidence.
+- Keep certification explicit-surface and peer-matrix checks aligned with SSOT and release artifacts.
+- Pull certification-only dependencies in environments that actually execute the strict release rails.
+
+## License
+
+Apache-2.0

tigrcorn_certification-0.3.16.dev12/README.md

@@ -0,0 +1,100 @@
+<div align="center">
+<h1>tigrcorn-certification</h1>
+<img
+  src="https://raw.githubusercontent.com/Tigrbl/tigrcorn/master/assets/tigrcorn_logo.png"
+  alt="Tigrcorn tiger-unicorn logo"
+  width="140"
+/>
+
+<p><strong>Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence.</strong></p>
+
+<a href="https://pypi.org/project/tigrcorn-certification/"><img alt="PyPI version for tigrcorn-certification" src="https://img.shields.io/pypi/v/tigrcorn-certification?label=PyPI"></a>
+<a href="https://pypi.org/project/tigrcorn-certification/"><img alt="tigrcorn-certification package on PyPI" src="https://img.shields.io/badge/package-PyPI-blue"></a>
+<a href="https://pepy.tech/project/tigrcorn-certification"><img alt="Downloads for tigrcorn-certification" src="https://static.pepy.tech/badge/tigrcorn-certification"></a>
+<a href="https://github.com/tigrbl/tigrcorn/blob/master/pkgs/tigrcorn-certification/README.md"><img alt="Hits for tigrcorn-certification README" src="https://hits.sh/github.com/tigrbl/tigrcorn/blob/master/pkgs/tigrcorn-certification/README.md.svg?label=hits"></a>
+<a href="LICENSE"><img alt="Apache 2.0 license" src="https://img.shields.io/badge/license-Apache%202.0-525252"></a>
+<a href="pyproject.toml"><img alt="Python 3.10 | 3.11 | 3.12 | 3.13 | 3.14 supported" src="https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12%20%7C%203.13%20%7C%203.14-3776ab"></a>
+<a href="https://pypi.org/project/tigrcorn-certification/"><img alt="certification role package" src="https://img.shields.io/badge/role-certification-0a7f5a"></a>
+</div>
+
+<p align="center"><a href="https://github.com/Tigrbl/tigrcorn/blob/master/.ssot/registry.json"><img alt="SSOT governed" src="https://img.shields.io/badge/SSOT-governed-2f6f4e.svg"></a> <a href="https://discord.gg/jzvrbEtTtt"><img alt="Discord" src="https://img.shields.io/badge/Discord-Join%20chat-5865F2?logo=discord&amp;logoColor=white"></a></p>
+
+## Install
+
+```bash
+uv add tigrcorn-certification
+```
+
+```bash
+pip install tigrcorn-certification
+```
+
+Use the aggregate [tigrcorn](https://pypi.org/project/tigrcorn/) distribution when you want the full ASGI3 Python web server stack. Install <code>tigrcorn-certification</code> directly when you want only this package boundary and its declared dependencies.
+
+## What It Owns
+
+<code>tigrcorn-certification</code> owns release gates, certification environment, external peer matrices, and strict promotion checks. Its import package is <code>tigrcorn_certification</code>, and its declared package dependencies are: tigrcorn-compat, tigrcorn-runtime, cryptography, aioquic, h2, websockets, wsproto.
+
+This package page is written for developers searching for Tigrcorn ASGI3 server components, Python web server packages, HTTP/3 and QUIC support, WebSocket and WebTransport-adjacent surfaces, and Apache 2.0 licensed infrastructure.
+
+## Why Use This?
+
+Use <code>tigrcorn-certification</code> when you want the certification layer as a direct install target instead of the full server bundle. It lets application, operator, or certification workflows depend on this boundary explicitly while keeping the broader Tigrcorn runtime assembled from smaller repo-owned package surfaces.
+
+## FAQ
+
+### What does this package export?
+
+The package exports through the <code>tigrcorn_certification</code> namespace and keeps the root <code>tigrcorn</code> package as the compatibility umbrella.
+
+### Which boundary does this package own?
+
+It is the package boundary for release gates, certification environment, external peer matrices, and strict promotion checks in the Tigrcorn package graph.
+
+### What certification surfaces live here?
+
+Release-gate evaluation, strict promotion checks, explicit-surface validation, certification environment helpers, and external peer evidence rails are all concentrated here.
+
+## Features
+
+- Owns release gates, certification environment, external peer matrices, and strict promotion checks inside the Tigrcorn split-package architecture.
+- Publishes the <code>tigrcorn_certification</code> import surface for named public helpers and entrypoints.
+- Declared runtime dependencies: tigrcorn-compat, tigrcorn-runtime, cryptography, aioquic, h2, websockets, wsproto.
+- Optional dependency surface: aioquic, h2, websockets, wsproto, cryptography.
+- Supports Python 3.10, 3.11, 3.12, 3.13, and 3.14.
+
+## Use It When
+
+Use <code>tigrcorn-certification</code> when you need certification-level behavior without pulling the entire server stack into the import surface. It is part of Tigrcorn's split-package architecture, so it can be installed independently while remaining linked to the rest of the Tigrcorn package family on PyPI.
+
+## Import Surface
+
+```python
+from tigrcorn_certification import evaluate_release_gates
+
+print(evaluate_release_gates.__name__)
+```
+
+Namespace discovery starts with `import tigrcorn_certification`.
+
+The package exposes its supported public surface through the <code>tigrcorn_certification</code> namespace. The root [tigrcorn](https://pypi.org/project/tigrcorn/) package keeps compatibility shims for users who install the full server distribution.
+
+## Related Packages
+
+- [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/)
+- [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/)
+- [tigrcorn](https://pypi.org/project/tigrcorn/)
+
+## Package Graph
+
+[tigrcorn-core](https://pypi.org/project/tigrcorn-core/) | [tigrcorn-config](https://pypi.org/project/tigrcorn-config/) | [tigrcorn-http](https://pypi.org/project/tigrcorn-http/) | [tigrcorn-asgi](https://pypi.org/project/tigrcorn-asgi/) | [tigrcorn-contract](https://pypi.org/project/tigrcorn-contract/) | [tigrcorn-transports](https://pypi.org/project/tigrcorn-transports/) | [tigrcorn-security](https://pypi.org/project/tigrcorn-security/) | [tigrcorn-protocols](https://pypi.org/project/tigrcorn-protocols/) | [tigrcorn-static](https://pypi.org/project/tigrcorn-static/) | [tigrcorn-observability](https://pypi.org/project/tigrcorn-observability/) | [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/) | [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/) | [tigrcorn-certification](https://pypi.org/project/tigrcorn-certification/)
+
+## Best Practices
+
+- Use this package when you need release-gate or promotion-target decisions rooted in repo evidence.
+- Keep certification explicit-surface and peer-matrix checks aligned with SSOT and release artifacts.
+- Pull certification-only dependencies in environments that actually execute the strict release rails.
+
+## License
+
+Apache-2.0

{tigrcorn_certification-0.3.16.dev5 → tigrcorn_certification-0.3.16.dev12}/pyproject.toml

@@ -4,10 +4,10 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "tigrcorn-certification"
-version = "0.3.16.dev5"
+version = "0.3.16.dev12"
 description = "Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence."
 readme = "README.md"
-requires-python = ">=3.11"
+requires-python = ">=3.10,<3.15"
 license = {file = "LICENSE"}
 authors = [{name = "Jacob Stewart", email = "jacob@swarmauri.com"}]
 keywords = ["tigrcorn", "certification", "conformance", "interop", "release-gates", "http3", "quic", "evidence"]
@@ -19,17 +19,20 @@ classifiers = [
   "Operating System :: OS Independent",
   "Programming Language :: Python :: 3",
   "Programming Language :: Python :: 3 :: Only",
+  "Programming Language :: Python :: 3.10",
   "Programming Language :: Python :: 3.11",
   "Programming Language :: Python :: 3.12",
   "Programming Language :: Python :: 3.13",
+  "Programming Language :: Python :: 3.14",
   "Topic :: Internet :: WWW/HTTP",
   "Topic :: Software Development :: Libraries :: Python Modules",
   "Topic :: System :: Networking",
   "Typing :: Typed",
 ]
 dependencies = [
-  "tigrcorn-compat==0.3.16.dev5",
-  "tigrcorn-runtime==0.3.16.dev5",
+  "tigrcorn-compat==0.3.16.dev12",
+  "tigrcorn-runtime==0.3.16.dev12",
+  "tomli>=2.0.0; python_version < '3.11'",
   "cryptography>=46.0.0",
   "aioquic>=1.3.0",
   "h2>=4.1.0",

{tigrcorn_certification-0.3.16.dev5 → tigrcorn_certification-0.3.16.dev12}/src/tigrcorn_certification/certification_env.py

@@ -7,11 +7,15 @@ import os
 import platform
 import subprocess
 import sys
-import tomllib
 from datetime import datetime, timezone
 from pathlib import Path
 from typing import Any, Iterable, Mapping, Sequence
 
+try:
+    import tomllib
+except ModuleNotFoundError:  # pragma: no cover - Python 3.10 fallback
+    import tomli as tomllib
+
 SUPPORTED_PYTHON_VERSIONS: tuple[str, ...] = ('3.11', '3.12')
 REQUIRED_IMPORTS: tuple[str, ...] = ('aioquic', 'h2', 'websockets', 'wsproto')
 REQUIRED_EXTRAS: tuple[str, ...] = ('certification', 'dev')

{tigrcorn_certification-0.3.16.dev5 → tigrcorn_certification-0.3.16.dev12}/src/tigrcorn_certification/release_gates.py

@@ -15,8 +15,6 @@ DEFAULT_STRICT_TARGET_BOUNDARY_PATH = Path('docs/review/conformance/certificatio
 DEFAULT_PROMOTION_TARGET_PATH = Path('docs/review/conformance/promotion_gate.target.json')
 DEFAULT_TLS_WRAPPER_PATH = Path('src/tigrcorn/security/tls.py')
 DEFAULT_CLAIMS_REGISTRY_PATH = Path('docs/review/conformance/claims_registry.json')
-DEFAULT_RISK_REGISTER_PATH = Path('docs/conformance/risk/RISK_REGISTER.json')
-DEFAULT_RISK_TRACEABILITY_PATH = Path('docs/conformance/risk/RISK_TRACEABILITY.json')
 DEFAULT_LEGACY_UNITTEST_INVENTORY_PATH = Path('LEGACY_UNITTEST_INVENTORY.json')
 DEFAULT_SSOT_REGISTRY_PATH = Path('.ssot/registry.json')
 VALID_EVIDENCE_TIERS = ('local_conformance', 'same_stack_replay', 'independent_certification')
@@ -1170,12 +1168,10 @@ def _evaluate_governance_graph(*, source_root: Path, checked_files: list[str]) -
     failures: list[str] = []
     ssot_registry_path = source_root / DEFAULT_SSOT_REGISTRY_PATH
     claims_path = source_root / DEFAULT_CLAIMS_REGISTRY_PATH
-    risk_register_path = source_root / DEFAULT_RISK_REGISTER_PATH
-    risk_traceability_path = source_root / DEFAULT_RISK_TRACEABILITY_PATH
     legacy_inventory_path = source_root / DEFAULT_LEGACY_UNITTEST_INVENTORY_PATH
-    checked_files.extend(str(path) for path in (ssot_registry_path, claims_path, risk_register_path, risk_traceability_path, legacy_inventory_path))
+    checked_files.extend(str(path) for path in (ssot_registry_path, claims_path, legacy_inventory_path))
 
-    for path in (ssot_registry_path, claims_path, risk_register_path, risk_traceability_path, legacy_inventory_path):
+    for path in (ssot_registry_path, claims_path, legacy_inventory_path):
         if not path.exists():
             failures.append(f'missing governance graph input: {path}')
     if failures:
@@ -1210,47 +1206,50 @@ def _evaluate_governance_graph(*, source_root: Path, checked_files: list[str]) -
 
     claims_payload = _load_json_payload(claims_path)
     claim_ids = {str(row.get('id', '')) for row in claims_payload.get('current_and_candidate_claims', []) if isinstance(row, Mapping)}
-
-    register_payload = _load_json_payload(risk_register_path)
-    traceability_payload = _load_json_payload(risk_traceability_path)
+    ssot_claim_ids = {str(row.get('id', '')) for row in ssot_payload.get('claims', []) if isinstance(row, Mapping)}
     inventory_payload = _load_json_payload(legacy_inventory_path)
 
-    register_rows = register_payload.get('register', [])
-    traceability_rows = traceability_payload.get('risks', [])
-    if not isinstance(register_rows, list) or not isinstance(traceability_rows, list):
-        failures.append('risk register or risk traceability payload is malformed')
+    risk_rows = ssot_payload.get('risks', [])
+    if not isinstance(risk_rows, list):
+        failures.append('ssot registry risk payload is malformed')
         return failures
 
-    register_ids = {str(row.get('risk_id', '')) for row in register_rows if isinstance(row, Mapping)}
-    traceability_ids = {str(row.get('risk_id', '')) for row in traceability_rows if isinstance(row, Mapping)}
-    if register_ids != traceability_ids:
-        failures.append('risk register and risk traceability files disagree on declared risk ids')
-
     open_blocking_statuses = {'open', 'active', 'unmitigated', 'planned'}
-    for row in register_rows:
+    for row in risk_rows:
         if not isinstance(row, Mapping):
             continue
-        if bool(row.get('release_gate_blocking', False)) and str(row.get('status', '')).strip().lower() in open_blocking_statuses:
-            failures.append(f'blocking risk {row.get("risk_id")} remains open with status={row.get("status")!r}')
-
-    for row in traceability_rows:
-        if not isinstance(row, Mapping):
+        risk_id = str(row.get('source_risk_id', row.get('id', '')))
+        if bool(row.get('release_blocking', False)) and str(row.get('status', '')).strip().lower() in open_blocking_statuses:
+            failures.append(f'blocking risk {risk_id} remains open with status={row.get("status")!r}')
+        for claim_ref in row.get('claim_ids', []):
+            claim_ref = str(claim_ref)
+            if claim_ref not in ssot_claim_ids:
+                failures.append(f'ssot risk row {risk_id} references unknown normalized claim {claim_ref!r}')
+        traceability = row.get('traceability_refs', {})
+        if not isinstance(traceability, Mapping):
+            failures.append(f'ssot risk row {risk_id} has malformed traceability_refs')
             continue
-        risk_id = str(row.get('risk_id', ''))
-        for claim_ref in row.get('claim_refs', []):
+        for claim_ref in traceability.get('claim_refs', []):
             if str(claim_ref) not in claim_ids:
-                failures.append(f'risk traceability row {risk_id} references unknown claim {claim_ref!r}')
-        for test_ref in row.get('test_refs', []):
+                failures.append(f'ssot risk row {risk_id} references unknown claim {claim_ref!r}')
+        for test_ref in traceability.get('test_refs', []):
             test_path = source_root / Path(str(test_ref).split('::', 1)[0])
             if not test_path.exists():
-                failures.append(f'risk traceability row {risk_id} references missing test {test_ref!r}')
-        for evidence_ref in row.get('evidence_refs', []):
+                failures.append(f'ssot risk row {risk_id} references missing test {test_ref!r}')
+        for evidence_ref in traceability.get('evidence_refs', []):
             evidence_path = source_root / Path(str(evidence_ref))
             if not evidence_path.exists():
-                failures.append(f'risk traceability row {risk_id} references missing evidence {evidence_ref!r}')
-
-    for group_name in ('interop_retention_bundles', 'performance_retention_bundles'):
-        for row in traceability_payload.get(group_name, []):
+                failures.append(f'ssot risk row {risk_id} references missing evidence {evidence_ref!r}')
+
+    for group_name, path in (
+        ('interop_retention_bundles', source_root / 'docs/conformance/interop_retention.json'),
+        ('performance_retention_bundles', source_root / 'docs/conformance/perf_retention.json'),
+    ):
+        retention_rows = _load_json_payload(path)
+        if not isinstance(retention_rows, list):
+            failures.append(f'{group_name} payload is malformed')
+            continue
+        for row in retention_rows:
             if not isinstance(row, Mapping):
                 failures.append(f'{group_name} contains a malformed row')
                 continue
@@ -1336,8 +1335,6 @@ __all__ = [
     'DEFAULT_SAME_STACK_MATRIX_PATH',
     'DEFAULT_STRICT_TARGET_BOUNDARY_PATH',
     'DEFAULT_PROMOTION_TARGET_PATH',
-    'DEFAULT_RISK_REGISTER_PATH',
-    'DEFAULT_RISK_TRACEABILITY_PATH',
     'DEFAULT_SSOT_REGISTRY_PATH',
     'PromotionSectionReport',
     'PromotionTargetError',

{tigrcorn_certification-0.3.16.dev5 → tigrcorn_certification-0.3.16.dev12}/src/tigrcorn_certification.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: tigrcorn-certification
-Version: 0.3.16.dev5
+Version: 0.3.16.dev12
 Summary: Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence.
 Author-email: Jacob Stewart <jacob@swarmauri.com>
 License: Apache License
@@ -175,18 +175,21 @@ Classifier: License :: OSI Approved :: Apache Software License
 Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
 Classifier: Topic :: Internet :: WWW/HTTP
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Classifier: Topic :: System :: Networking
 Classifier: Typing :: Typed
-Requires-Python: >=3.11
+Requires-Python: <3.15,>=3.10
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: tigrcorn-compat==0.3.16.dev5
-Requires-Dist: tigrcorn-runtime==0.3.16.dev5
+Requires-Dist: tigrcorn-compat==0.3.16.dev12
+Requires-Dist: tigrcorn-runtime==0.3.16.dev12
+Requires-Dist: tomli>=2.0.0; python_version < "3.11"
 Requires-Dist: cryptography>=46.0.0
 Requires-Dist: aioquic>=1.3.0
 Requires-Dist: h2>=4.1.0
@@ -196,47 +199,101 @@ Dynamic: license-file
 
 <div align="center">
 <h1>tigrcorn-certification</h1>
+<img
+  src="https://raw.githubusercontent.com/Tigrbl/tigrcorn/master/assets/tigrcorn_logo.png"
+  alt="Tigrcorn tiger-unicorn logo"
+  width="140"
+/>
 
 <p><strong>Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence.</strong></p>
 
 <a href="https://pypi.org/project/tigrcorn-certification/"><img alt="PyPI version for tigrcorn-certification" src="https://img.shields.io/pypi/v/tigrcorn-certification?label=PyPI"></a>
 <a href="https://pypi.org/project/tigrcorn-certification/"><img alt="tigrcorn-certification package on PyPI" src="https://img.shields.io/badge/package-PyPI-blue"></a>
+<a href="https://pepy.tech/project/tigrcorn-certification"><img alt="Downloads for tigrcorn-certification" src="https://static.pepy.tech/badge/tigrcorn-certification"></a>
+<a href="https://github.com/tigrbl/tigrcorn/blob/master/pkgs/tigrcorn-certification/README.md"><img alt="Hits for tigrcorn-certification README" src="https://hits.sh/github.com/tigrbl/tigrcorn/blob/master/pkgs/tigrcorn-certification/README.md.svg?label=hits"></a>
 <a href="LICENSE"><img alt="Apache 2.0 license" src="https://img.shields.io/badge/license-Apache%202.0-525252"></a>
-<a href="pyproject.toml"><img alt="Python 3.11 supported" src="https://img.shields.io/badge/python-3.11-3776ab"></a>
-<a href="pyproject.toml"><img alt="Python 3.12 supported" src="https://img.shields.io/badge/python-3.12-3776ab"></a>
-<a href="pyproject.toml"><img alt="Python 3.13 supported" src="https://img.shields.io/badge/python-3.13-3776ab"></a>
-<a href="src/tigrcorn_certification/py.typed"><img alt="typed package" src="https://img.shields.io/badge/typed-py.typed-2f7ed8"></a>
+<a href="pyproject.toml"><img alt="Python 3.10 | 3.11 | 3.12 | 3.13 | 3.14 supported" src="https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12%20%7C%203.13%20%7C%203.14-3776ab"></a>
 <a href="https://pypi.org/project/tigrcorn-certification/"><img alt="certification role package" src="https://img.shields.io/badge/role-certification-0a7f5a"></a>
 </div>
 
+<p align="center"><a href="https://github.com/Tigrbl/tigrcorn/blob/master/.ssot/registry.json"><img alt="SSOT governed" src="https://img.shields.io/badge/SSOT-governed-2f6f4e.svg"></a> <a href="https://discord.gg/jzvrbEtTtt"><img alt="Discord" src="https://img.shields.io/badge/Discord-Join%20chat-5865F2?logo=discord&amp;logoColor=white"></a></p>
+
 ## Install
 
-~~~bash
+```bash
+uv add tigrcorn-certification
+```
+
+```bash
 pip install tigrcorn-certification
-~~~
+```
 
 Use the aggregate [tigrcorn](https://pypi.org/project/tigrcorn/) distribution when you want the full ASGI3 Python web server stack. Install <code>tigrcorn-certification</code> directly when you want only this package boundary and its declared dependencies.
 
 ## What It Owns
 
-<code>tigrcorn-certification</code> owns release gates, certification environment, external peer matrices, strict promotion checks, and conformance evidence. Its import package is <code>tigrcorn_certification</code>, and its declared package dependencies are: tigrcorn-compat, tigrcorn-runtime.
+<code>tigrcorn-certification</code> owns release gates, certification environment, external peer matrices, and strict promotion checks. Its import package is <code>tigrcorn_certification</code>, and its declared package dependencies are: tigrcorn-compat, tigrcorn-runtime, cryptography, aioquic, h2, websockets, wsproto.
+
+This package page is written for developers searching for Tigrcorn ASGI3 server components, Python web server packages, HTTP/3 and QUIC support, WebSocket and WebTransport-adjacent surfaces, and Apache 2.0 licensed infrastructure.
+
+## Why Use This?
+
+Use <code>tigrcorn-certification</code> when you want the certification layer as a direct install target instead of the full server bundle. It lets application, operator, or certification workflows depend on this boundary explicitly while keeping the broader Tigrcorn runtime assembled from smaller repo-owned package surfaces.
+
+## FAQ
+
+### What does this package export?
+
+The package exports through the <code>tigrcorn_certification</code> namespace and keeps the root <code>tigrcorn</code> package as the compatibility umbrella.
+
+### Which boundary does this package own?
+
+It is the package boundary for release gates, certification environment, external peer matrices, and strict promotion checks in the Tigrcorn package graph.
 
-This package page is written for developers searching for Tigrcorn ASGI3 server components, Python web server packages, HTTP/3 and QUIC support, WebSocket and WebTransport runtime surfaces, typed package boundaries, and Apache 2.0 licensed infrastructure.
+### What certification surfaces live here?
+
+Release-gate evaluation, strict promotion checks, explicit-surface validation, certification environment helpers, and external peer evidence rails are all concentrated here.
+
+## Features
+
+- Owns release gates, certification environment, external peer matrices, and strict promotion checks inside the Tigrcorn split-package architecture.
+- Publishes the <code>tigrcorn_certification</code> import surface for named public helpers and entrypoints.
+- Declared runtime dependencies: tigrcorn-compat, tigrcorn-runtime, cryptography, aioquic, h2, websockets, wsproto.
+- Optional dependency surface: aioquic, h2, websockets, wsproto, cryptography.
+- Supports Python 3.10, 3.11, 3.12, 3.13, and 3.14.
 
 ## Use It When
 
-Use <code>tigrcorn-certification</code> when you need governed release readiness, certification checks, external peer evidence, or strict promotion gates for Tigrcorn. It is part of Tigrcorn's split-package architecture, so it can be installed independently while remaining linked to the rest of the Tigrcorn package family on PyPI.
+Use <code>tigrcorn-certification</code> when you need certification-level behavior without pulling the entire server stack into the import surface. It is part of Tigrcorn's split-package architecture, so it can be installed independently while remaining linked to the rest of the Tigrcorn package family on PyPI.
 
 ## Import Surface
 
-~~~python
-import tigrcorn_certification
+```python
+from tigrcorn_certification import evaluate_release_gates
 
-print(tigrcorn_certification.__name__)
-~~~
+print(evaluate_release_gates.__name__)
+```
+
+Namespace discovery starts with `import tigrcorn_certification`.
 
 The package exposes its supported public surface through the <code>tigrcorn_certification</code> namespace. The root [tigrcorn](https://pypi.org/project/tigrcorn/) package keeps compatibility shims for users who install the full server distribution.
 
+## Related Packages
+
+- [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/)
+- [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/)
+- [tigrcorn](https://pypi.org/project/tigrcorn/)
+
 ## Package Graph
 
-[tigrcorn](https://pypi.org/project/tigrcorn/) | [tigrcorn-core](https://pypi.org/project/tigrcorn-core/) | [tigrcorn-config](https://pypi.org/project/tigrcorn-config/) | [tigrcorn-asgi](https://pypi.org/project/tigrcorn-asgi/) | [tigrcorn-contract](https://pypi.org/project/tigrcorn-contract/) | [tigrcorn-transports](https://pypi.org/project/tigrcorn-transports/) | [tigrcorn-protocols](https://pypi.org/project/tigrcorn-protocols/) | [tigrcorn-http](https://pypi.org/project/tigrcorn-http/) | [tigrcorn-security](https://pypi.org/project/tigrcorn-security/) | [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/) | [tigrcorn-static](https://pypi.org/project/tigrcorn-static/) | [tigrcorn-observability](https://pypi.org/project/tigrcorn-observability/) | [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/) | [tigrcorn-certification](https://pypi.org/project/tigrcorn-certification/)
+[tigrcorn-core](https://pypi.org/project/tigrcorn-core/) | [tigrcorn-config](https://pypi.org/project/tigrcorn-config/) | [tigrcorn-http](https://pypi.org/project/tigrcorn-http/) | [tigrcorn-asgi](https://pypi.org/project/tigrcorn-asgi/) | [tigrcorn-contract](https://pypi.org/project/tigrcorn-contract/) | [tigrcorn-transports](https://pypi.org/project/tigrcorn-transports/) | [tigrcorn-security](https://pypi.org/project/tigrcorn-security/) | [tigrcorn-protocols](https://pypi.org/project/tigrcorn-protocols/) | [tigrcorn-static](https://pypi.org/project/tigrcorn-static/) | [tigrcorn-observability](https://pypi.org/project/tigrcorn-observability/) | [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/) | [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/) | [tigrcorn-certification](https://pypi.org/project/tigrcorn-certification/)
+
+## Best Practices
+
+- Use this package when you need release-gate or promotion-target decisions rooted in repo evidence.
+- Keep certification explicit-surface and peer-matrix checks aligned with SSOT and release artifacts.
+- Pull certification-only dependencies in environments that actually execute the strict release rails.
+
+## License
+
+Apache-2.0

tigrcorn_certification-0.3.16.dev12/src/tigrcorn_certification.egg-info/requires.txt

@@ -0,0 +1,10 @@
+tigrcorn-compat==0.3.16.dev12
+tigrcorn-runtime==0.3.16.dev12
+cryptography>=46.0.0
+aioquic>=1.3.0
+h2>=4.1.0
+websockets>=12.0
+wsproto>=1.3.0
+
+[:python_version < "3.11"]
+tomli>=2.0.0

tigrcorn_certification-0.3.16.dev5/README.md

@@ -1,46 +0,0 @@
-<div align="center">
-<h1>tigrcorn-certification</h1>
-
-<p><strong>Certification and release-gate tooling for Tigrcorn HTTP/3, QUIC, WebSocket, WebTransport, and ASGI conformance evidence.</strong></p>
-
-<a href="https://pypi.org/project/tigrcorn-certification/"><img alt="PyPI version for tigrcorn-certification" src="https://img.shields.io/pypi/v/tigrcorn-certification?label=PyPI"></a>
-<a href="https://pypi.org/project/tigrcorn-certification/"><img alt="tigrcorn-certification package on PyPI" src="https://img.shields.io/badge/package-PyPI-blue"></a>
-<a href="LICENSE"><img alt="Apache 2.0 license" src="https://img.shields.io/badge/license-Apache%202.0-525252"></a>
-<a href="pyproject.toml"><img alt="Python 3.11 supported" src="https://img.shields.io/badge/python-3.11-3776ab"></a>
-<a href="pyproject.toml"><img alt="Python 3.12 supported" src="https://img.shields.io/badge/python-3.12-3776ab"></a>
-<a href="pyproject.toml"><img alt="Python 3.13 supported" src="https://img.shields.io/badge/python-3.13-3776ab"></a>
-<a href="src/tigrcorn_certification/py.typed"><img alt="typed package" src="https://img.shields.io/badge/typed-py.typed-2f7ed8"></a>
-<a href="https://pypi.org/project/tigrcorn-certification/"><img alt="certification role package" src="https://img.shields.io/badge/role-certification-0a7f5a"></a>
-</div>
-
-## Install
-
-~~~bash
-pip install tigrcorn-certification
-~~~
-
-Use the aggregate [tigrcorn](https://pypi.org/project/tigrcorn/) distribution when you want the full ASGI3 Python web server stack. Install <code>tigrcorn-certification</code> directly when you want only this package boundary and its declared dependencies.
-
-## What It Owns
-
-<code>tigrcorn-certification</code> owns release gates, certification environment, external peer matrices, strict promotion checks, and conformance evidence. Its import package is <code>tigrcorn_certification</code>, and its declared package dependencies are: tigrcorn-compat, tigrcorn-runtime.
-
-This package page is written for developers searching for Tigrcorn ASGI3 server components, Python web server packages, HTTP/3 and QUIC support, WebSocket and WebTransport runtime surfaces, typed package boundaries, and Apache 2.0 licensed infrastructure.
-
-## Use It When
-
-Use <code>tigrcorn-certification</code> when you need governed release readiness, certification checks, external peer evidence, or strict promotion gates for Tigrcorn. It is part of Tigrcorn's split-package architecture, so it can be installed independently while remaining linked to the rest of the Tigrcorn package family on PyPI.
-
-## Import Surface
-
-~~~python
-import tigrcorn_certification
-
-print(tigrcorn_certification.__name__)
-~~~
-
-The package exposes its supported public surface through the <code>tigrcorn_certification</code> namespace. The root [tigrcorn](https://pypi.org/project/tigrcorn/) package keeps compatibility shims for users who install the full server distribution.
-
-## Package Graph
-
-[tigrcorn](https://pypi.org/project/tigrcorn/) | [tigrcorn-core](https://pypi.org/project/tigrcorn-core/) | [tigrcorn-config](https://pypi.org/project/tigrcorn-config/) | [tigrcorn-asgi](https://pypi.org/project/tigrcorn-asgi/) | [tigrcorn-contract](https://pypi.org/project/tigrcorn-contract/) | [tigrcorn-transports](https://pypi.org/project/tigrcorn-transports/) | [tigrcorn-protocols](https://pypi.org/project/tigrcorn-protocols/) | [tigrcorn-http](https://pypi.org/project/tigrcorn-http/) | [tigrcorn-security](https://pypi.org/project/tigrcorn-security/) | [tigrcorn-runtime](https://pypi.org/project/tigrcorn-runtime/) | [tigrcorn-static](https://pypi.org/project/tigrcorn-static/) | [tigrcorn-observability](https://pypi.org/project/tigrcorn-observability/) | [tigrcorn-compat](https://pypi.org/project/tigrcorn-compat/) | [tigrcorn-certification](https://pypi.org/project/tigrcorn-certification/)

tigrcorn_certification-0.3.16.dev5/src/tigrcorn_certification.egg-info/requires.txt

@@ -1,7 +0,0 @@
-tigrcorn-compat==0.3.16.dev5
-tigrcorn-runtime==0.3.16.dev5
-cryptography>=46.0.0
-aioquic>=1.3.0
-h2>=4.1.0
-websockets>=12.0
-wsproto>=1.3.0