verification-ecology-kit 1.0.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- verification_ecology_kit-1.0.0/.gitignore +33 -0
- verification_ecology_kit-1.0.0/CHANGELOG.md +17 -0
- verification_ecology_kit-1.0.0/CODE_OF_CONDUCT.md +5 -0
- verification_ecology_kit-1.0.0/CONTRIBUTING.md +19 -0
- verification_ecology_kit-1.0.0/LICENSE +16 -0
- verification_ecology_kit-1.0.0/PKG-INFO +459 -0
- verification_ecology_kit-1.0.0/README.md +419 -0
- verification_ecology_kit-1.0.0/SECURITY.md +38 -0
- verification_ecology_kit-1.0.0/docs/api.md +22 -0
- verification_ecology_kit-1.0.0/docs/audits.md +13 -0
- verification_ecology_kit-1.0.0/docs/cli.md +42 -0
- verification_ecology_kit-1.0.0/docs/concepts.md +13 -0
- verification_ecology_kit-1.0.0/docs/conformance.md +32 -0
- verification_ecology_kit-1.0.0/docs/data_model.md +5 -0
- verification_ecology_kit-1.0.0/docs/examples.md +24 -0
- verification_ecology_kit-1.0.0/docs/glossary.md +15 -0
- verification_ecology_kit-1.0.0/docs/index.md +9 -0
- verification_ecology_kit-1.0.0/docs/pre_publication_audit.md +50 -0
- verification_ecology_kit-1.0.0/docs/pyproject-publishing.md +20 -0
- verification_ecology_kit-1.0.0/docs/quickstart.md +22 -0
- verification_ecology_kit-1.0.0/docs/release_gates.md +64 -0
- verification_ecology_kit-1.0.0/docs/release_readiness.md +73 -0
- verification_ecology_kit-1.0.0/docs/schemas.md +186 -0
- verification_ecology_kit-1.0.0/docs/security.md +13 -0
- verification_ecology_kit-1.0.0/docs/theory_mapping.md +67 -0
- verification_ecology_kit-1.0.0/docs/v1_audit.md +80 -0
- verification_ecology_kit-1.0.0/docs/v1_readiness.md +74 -0
- verification_ecology_kit-1.0.0/examples/authority_gate.py +27 -0
- verification_ecology_kit-1.0.0/examples/basic_packet.py +9 -0
- verification_ecology_kit-1.0.0/examples/external_packet_quarantine.py +6 -0
- verification_ecology_kit-1.0.0/examples/federated_bundle.py +32 -0
- verification_ecology_kit-1.0.0/examples/operational_bundle.py +16 -0
- verification_ecology_kit-1.0.0/examples/overclosure_audit.py +7 -0
- verification_ecology_kit-1.0.0/examples/reachability_certificate.py +36 -0
- verification_ecology_kit-1.0.0/examples/residual_ledger.py +18 -0
- verification_ecology_kit-1.0.0/examples/runtime_loop.py +22 -0
- verification_ecology_kit-1.0.0/examples/schema_migration.py +22 -0
- verification_ecology_kit-1.0.0/pyproject.toml +164 -0
- verification_ecology_kit-1.0.0/scripts/check_v1_readiness.py +454 -0
- verification_ecology_kit-1.0.0/scripts/generate_schema_docs.py +23 -0
- verification_ecology_kit-1.0.0/scripts/generate_theory_mapping.py +76 -0
- verification_ecology_kit-1.0.0/scripts/scan_local_info.py +17 -0
- verification_ecology_kit-1.0.0/scripts/smoke_install_wheel.py +46 -0
- verification_ecology_kit-1.0.0/scripts/verify_no_secrets.py +17 -0
- verification_ecology_kit-1.0.0/scripts/verify_package_contents.py +20 -0
- verification_ecology_kit-1.0.0/security/allowlist.example.toml +4 -0
- verification_ecology_kit-1.0.0/security/allowlist.toml +5 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/__init__.py +58 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/__init__.py +1 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/adversarial_ingress.py +31 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/aperture_regression.py +45 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/local_info.py +82 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/monoculture.py +34 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/packet_ecology.py +39 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/reports.py +97 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/residual_metabolism.py +39 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/schema_overclosure.py +33 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/audit/security.py +150 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/canonicalization.py +140 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/cli.py +886 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/digest.py +93 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/errors.py +37 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ids.py +17 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/__init__.py +1 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/aperture.py +76 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/authority.py +147 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/boundaries.py +45 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/certification.py +101 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/circulation.py +57 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/conformance.py +289 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/contracts.py +59 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/ecology_state.py +38 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/frontier.py +27 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/history.py +53 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/judgments.py +77 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/ledger.py +239 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/lifecycle.py +101 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/maturity.py +28 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/overclosure.py +97 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/packets.py +298 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/reachability.py +118 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/records.py +145 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/registries.py +93 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/model/residuals.py +98 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/__init__.py +1 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/base.py +308 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/compose.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/contrast.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/fork.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/generalize.py +21 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/internalize.py +23 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/quarantine.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/redact.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/repair.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/retire.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/operations/specialize.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/__init__.py +1 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/checker.py +11 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/clock.py +10 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/generator.py +12 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/policy.py +11 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/reporter.py +9 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/ports/storage.py +13 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/py.typed +1 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/references.py +233 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/result.py +238 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/runtime/__init__.py +1 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/runtime/engine.py +73 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/runtime/in_memory.py +18 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/runtime/json_store.py +83 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/runtime/loop.py +72 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/runtime/policies.py +37 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/aperture.schema.json +36 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/audit-report.schema.json +42 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/auth-inputs.schema.json +46 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/authority-decision.schema.json +74 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/boundary-record.schema.json +32 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/carrier-registry.schema.json +44 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/certification-profile.schema.json +30 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/certification-record.schema.json +44 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/check-result.schema.json +27 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/checker-registry.schema.json +44 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/conformance-report.schema.json +38 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/continuation-specification.schema.json +30 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/contract-registry.schema.json +12 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/counterexample-channel.schema.json +34 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/digest-record.schema.json +34 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/frontier-profile.schema.json +30 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/judgment-record.schema.json +52 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/ledger-event.schema.json +36 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/lifecycle-status-event.schema.json +34 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/maturity-profile.schema.json +38 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/overclosure-witness.schema.json +30 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/reachability-certificate.schema.json +40 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/reference-edge.schema.json +26 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/residual-ledger.schema.json +12 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/residual-record.schema.json +35 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/runtime-report.schema.json +20 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/schema-catalogue.schema.json +26 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/schema-migration-witness.schema.json +30 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/schema_catalogue.json +36 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/sound-gap-residual.schema.json +15 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/status-event.schema.json +34 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/status-view.schema.json +13 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/use-context.schema.json +46 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/verifier-packet.schema.json +59 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/vet-bundle.schema.json +30 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/vet-object-envelope.schema.json +45 -0
- verification_ecology_kit-1.0.0/src/verification_ecology_kit/schemas/vet-object-ref.schema.json +35 -0
- verification_ecology_kit-1.0.0/tests/fixtures/minimal_bundle.json +6 -0
- verification_ecology_kit-1.0.0/tests/golden/authority_denial_due_to_stale_support.json +7 -0
- verification_ecology_kit-1.0.0/tests/golden/counter_packet_boundary_gap.json +6 -0
- verification_ecology_kit-1.0.0/tests/golden/external_packet_quarantine.json +6 -0
- verification_ecology_kit-1.0.0/tests/golden/invalid_digest.json +24 -0
- verification_ecology_kit-1.0.0/tests/golden/minimal_core_bundle.json +11 -0
- verification_ecology_kit-1.0.0/tests/golden/missing_counter_packet_residual.json +7 -0
- verification_ecology_kit-1.0.0/tests/golden/overclosure_witness.json +9 -0
- verification_ecology_kit-1.0.0/tests/golden/runtime_history_residual.json +6 -0
- verification_ecology_kit-1.0.0/tests/golden/schema_overclosure_residual.json +9 -0
- verification_ecology_kit-1.0.0/tests/golden/stale_checker.json +7 -0
- verification_ecology_kit-1.0.0/tests/golden/theory_coverage.expected.json +537 -0
- verification_ecology_kit-1.0.0/tests/golden/unresolved_reference.json +9 -0
- verification_ecology_kit-1.0.0/tests/integration/test_cli.py +40 -0
- verification_ecology_kit-1.0.0/tests/integration/test_cli_extended.py +140 -0
- verification_ecology_kit-1.0.0/tests/property/test_properties.py +63 -0
- verification_ecology_kit-1.0.0/tests/security/test_scanners.py +80 -0
- verification_ecology_kit-1.0.0/tests/unit/test_audits_runtime.py +66 -0
- verification_ecology_kit-1.0.0/tests/unit/test_branch_coverage.py +255 -0
- verification_ecology_kit-1.0.0/tests/unit/test_canonical_digest_refs.py +63 -0
- verification_ecology_kit-1.0.0/tests/unit/test_cli_json_loaders.py +213 -0
- verification_ecology_kit-1.0.0/tests/unit/test_conformance_authority.py +178 -0
- verification_ecology_kit-1.0.0/tests/unit/test_extended_models.py +358 -0
- verification_ecology_kit-1.0.0/tests/unit/test_golden_fixtures.py +239 -0
- verification_ecology_kit-1.0.0/tests/unit/test_history_ledger.py +68 -0
- verification_ecology_kit-1.0.0/tests/unit/test_packets_operations.py +58 -0
- verification_ecology_kit-1.0.0/tests/unit/test_records_lifecycle.py +97 -0
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
.venv/
|
|
2
|
+
.pytest_cache/
|
|
3
|
+
.ruff_cache/
|
|
4
|
+
.mypy_cache/
|
|
5
|
+
.hypothesis/
|
|
6
|
+
dist/
|
|
7
|
+
build/
|
|
8
|
+
*.egg-info/
|
|
9
|
+
__pycache__/
|
|
10
|
+
**/__pycache__/
|
|
11
|
+
*.py[cod]
|
|
12
|
+
**/*.py[cod]
|
|
13
|
+
.coverage
|
|
14
|
+
coverage.xml
|
|
15
|
+
htmlcov/
|
|
16
|
+
site/
|
|
17
|
+
.env
|
|
18
|
+
.env.*
|
|
19
|
+
!.env.example
|
|
20
|
+
*.aux
|
|
21
|
+
*.bbl
|
|
22
|
+
*.bcf
|
|
23
|
+
*.blg
|
|
24
|
+
*.fdb_latexmk
|
|
25
|
+
*.fls
|
|
26
|
+
*.log
|
|
27
|
+
*.out
|
|
28
|
+
*.run.xml
|
|
29
|
+
*.synctex.gz
|
|
30
|
+
*.toc
|
|
31
|
+
*.pdf
|
|
32
|
+
*.ipynb
|
|
33
|
+
**/.ipynb_checkpoints/
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
## 1.0.0
|
|
4
|
+
|
|
5
|
+
- Stabilized the package metadata and public version for the first stable OSS release.
|
|
6
|
+
- Made `vek packet operate` consume real packet JSON inputs and write output packets to `--out`.
|
|
7
|
+
- Made audit commands consume explicit input files instead of internal sample packets.
|
|
8
|
+
- Added JSON loaders for packets, residual ledgers, bundles, references, and runtime state.
|
|
9
|
+
- Deepened operational conformance checks for lifecycle status, judgment validity, residual liveness, and deny-by-default authority decisions.
|
|
10
|
+
- Improved JSON runtime persistence so saved ecology state loads back into packet population, history, residual ledger, archive, and reusable capital.
|
|
11
|
+
- Raised the test coverage gate to 92% and added focused tests for CLI JSON boundaries.
|
|
12
|
+
- Added v1 readiness and release-gate documentation plus `scripts/check_v1_readiness.py`.
|
|
13
|
+
- Expanded README navigation and first-time-user explanations.
|
|
14
|
+
|
|
15
|
+
## 0.1.0
|
|
16
|
+
|
|
17
|
+
- Initial implementation of packet models, residual ledgers, canonicalization, digests, references, conformance reports, audits, runtime loop, CLI, schemas, tests, and PyPI publishing preparation.
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
# Code of Conduct
|
|
2
|
+
|
|
3
|
+
This project uses a minimal contributor covenant: keep discussion technical, specific, and respectful. Harassment, threats, or disclosure of private information are not acceptable.
|
|
4
|
+
|
|
5
|
+
Reports can be made through the repository security contact process described in `SECURITY.md`.
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# Contributing
|
|
2
|
+
|
|
3
|
+
Use `uv sync --all-extras --dev` before development. Run the full local checks before submitting changes:
|
|
4
|
+
|
|
5
|
+
```bash
|
|
6
|
+
uv run ruff format --check .
|
|
7
|
+
uv run ruff check .
|
|
8
|
+
uv run mypy src
|
|
9
|
+
uv run pytest
|
|
10
|
+
uv run python scripts/verify_no_secrets.py .
|
|
11
|
+
uv run python scripts/scan_local_info.py .
|
|
12
|
+
```
|
|
13
|
+
|
|
14
|
+
Design rules:
|
|
15
|
+
|
|
16
|
+
- Preserve packet core fields, residuals, boundaries, lineage, and status information.
|
|
17
|
+
- Do not replace evidence records with dashboard labels.
|
|
18
|
+
- Add schemas for normative records before relying on new JSON fields.
|
|
19
|
+
- Keep runtime network access behind explicit adapters.
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
Apache License
|
|
2
|
+
Version 2.0, January 2004
|
|
3
|
+
|
|
4
|
+
Copyright 2026 K. Takahashi
|
|
5
|
+
|
|
6
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
|
7
|
+
you may not use this file except in compliance with the License.
|
|
8
|
+
You may obtain a copy of the License at
|
|
9
|
+
|
|
10
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
|
11
|
+
|
|
12
|
+
Unless required by applicable law or agreed to in writing, software
|
|
13
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
|
14
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
15
|
+
See the License for the specific language governing permissions and
|
|
16
|
+
limitations under the License.
|
|
@@ -0,0 +1,459 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: verification-ecology-kit
|
|
3
|
+
Version: 1.0.0
|
|
4
|
+
Summary: Python toolkit for verification auditing, residual ledgers, conformance checks, and verifier packet workflows.
|
|
5
|
+
Project-URL: Homepage, https://doi.org/10.5281/zenodo.21147093
|
|
6
|
+
Project-URL: Repository, https://github.com/kadubon/verification-ecology-kit
|
|
7
|
+
Project-URL: Issues, https://github.com/kadubon/verification-ecology-kit/issues
|
|
8
|
+
Project-URL: Documentation, https://github.com/kadubon/verification-ecology-kit#readme
|
|
9
|
+
Project-URL: Changelog, https://github.com/kadubon/verification-ecology-kit/blob/main/CHANGELOG.md
|
|
10
|
+
Project-URL: Security, https://github.com/kadubon/verification-ecology-kit/blob/main/SECURITY.md
|
|
11
|
+
Author: K. Takahashi
|
|
12
|
+
License-Expression: Apache-2.0
|
|
13
|
+
License-File: LICENSE
|
|
14
|
+
Keywords: audit,conformance,json-schema,residual-accountability,self-verification,software-quality,testing,verification
|
|
15
|
+
Classifier: Development Status :: 5 - Production/Stable
|
|
16
|
+
Classifier: Intended Audience :: Developers
|
|
17
|
+
Classifier: Intended Audience :: Science/Research
|
|
18
|
+
Classifier: License :: OSI Approved :: Apache Software License
|
|
19
|
+
Classifier: Programming Language :: Python :: 3
|
|
20
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
21
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
22
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
23
|
+
Classifier: Topic :: Security
|
|
24
|
+
Classifier: Topic :: Software Development :: Quality Assurance
|
|
25
|
+
Requires-Python: >=3.11
|
|
26
|
+
Requires-Dist: jsonschema>=4.22
|
|
27
|
+
Provides-Extra: dev
|
|
28
|
+
Requires-Dist: bandit>=1.7.9; extra == 'dev'
|
|
29
|
+
Requires-Dist: build>=1.2.1; extra == 'dev'
|
|
30
|
+
Requires-Dist: check-jsonschema>=0.29.0; extra == 'dev'
|
|
31
|
+
Requires-Dist: detect-secrets>=1.5.0; extra == 'dev'
|
|
32
|
+
Requires-Dist: hypothesis>=6.100; extra == 'dev'
|
|
33
|
+
Requires-Dist: mkdocs>=1.6.0; extra == 'dev'
|
|
34
|
+
Requires-Dist: mypy>=1.10; extra == 'dev'
|
|
35
|
+
Requires-Dist: pip-audit>=2.7.3; extra == 'dev'
|
|
36
|
+
Requires-Dist: pytest-cov>=5.0; extra == 'dev'
|
|
37
|
+
Requires-Dist: pytest>=8.2; extra == 'dev'
|
|
38
|
+
Requires-Dist: ruff>=0.5.0; extra == 'dev'
|
|
39
|
+
Description-Content-Type: text/markdown
|
|
40
|
+
|
|
41
|
+
# verification-ecology-kit
|
|
42
|
+
|
|
43
|
+
`verification-ecology-kit` is a Python toolkit for making verification work
|
|
44
|
+
clear, traceable, and reviewable.
|
|
45
|
+
|
|
46
|
+
It helps you answer practical questions such as:
|
|
47
|
+
|
|
48
|
+
- What exactly was checked?
|
|
49
|
+
- What evidence was used?
|
|
50
|
+
- What is still unresolved?
|
|
51
|
+
- Which result is allowed to be reused, shared, or deployed?
|
|
52
|
+
- Did a file, JSON object, reference, or digest change after it was checked?
|
|
53
|
+
- Are failures being recorded, or are they being hidden behind a single
|
|
54
|
+
"passed" label?
|
|
55
|
+
|
|
56
|
+
The project is based on **Verifier Ecology Theory** by K. Takahashi:
|
|
57
|
+
https://doi.org/10.5281/zenodo.21147093
|
|
58
|
+
|
|
59
|
+
The theory uses precise terms. This package turns many of those terms into
|
|
60
|
+
ordinary software objects: JSON records, Python classes, command line checks,
|
|
61
|
+
schemas, audit reports, and release gates.
|
|
62
|
+
|
|
63
|
+
## What This Package Does
|
|
64
|
+
|
|
65
|
+
Use this package when you need to record verification work in a form that other
|
|
66
|
+
people and other tools can inspect.
|
|
67
|
+
|
|
68
|
+
It can:
|
|
69
|
+
|
|
70
|
+
- describe a verifier, check, review step, or evidence source as a structured
|
|
71
|
+
record
|
|
72
|
+
- record open issues instead of dropping them after a partial pass
|
|
73
|
+
- validate JSON objects against bundled schemas
|
|
74
|
+
- compute stable SHA-256 digests for JSON files
|
|
75
|
+
- check whether references and digests still match
|
|
76
|
+
- run conformance checks over a bundle of related objects
|
|
77
|
+
- keep an append-only ledger of unresolved work
|
|
78
|
+
- make authority decisions explicit, such as "usable as evidence" versus
|
|
79
|
+
"allowed for deployment"
|
|
80
|
+
- run local audits for stale evidence, hidden failures, missing counter-checks,
|
|
81
|
+
schema overclosure, monoculture risk, and local information leakage
|
|
82
|
+
- build and smoke-test the Python package before release
|
|
83
|
+
|
|
84
|
+
It is useful for research tooling, safety review, software quality assurance,
|
|
85
|
+
schema-based workflows, release checks, and projects where verification claims
|
|
86
|
+
need a visible paper trail.
|
|
87
|
+
|
|
88
|
+
## What This Package Does Not Do
|
|
89
|
+
|
|
90
|
+
This is not a theorem prover and does not claim to prove every property in the
|
|
91
|
+
paper.
|
|
92
|
+
|
|
93
|
+
It does not replace human review, domain expertise, model checking, formal
|
|
94
|
+
proof, fuzzing, or security testing. It gives those activities a shared record
|
|
95
|
+
format and a set of checks so that results, limits, and remaining work are not
|
|
96
|
+
lost.
|
|
97
|
+
|
|
98
|
+
In short:
|
|
99
|
+
|
|
100
|
+
- it records and checks verification evidence
|
|
101
|
+
- it keeps unfinished work visible
|
|
102
|
+
- it helps decide whether evidence can be reused
|
|
103
|
+
- it does not magically prove that a system is correct
|
|
104
|
+
|
|
105
|
+
## Start Here
|
|
106
|
+
|
|
107
|
+
Choose the path that matches what you want to do.
|
|
108
|
+
|
|
109
|
+
| If you want to... | Start with |
|
|
110
|
+
| --- | --- |
|
|
111
|
+
| Try the tool quickly | [Try It In 5 Minutes](#try-it-in-5-minutes) |
|
|
112
|
+
| Learn the main ideas without theory jargon | [Core Ideas In Plain Words](#core-ideas-in-plain-words) |
|
|
113
|
+
| Use the command line | [Command Line Overview](#command-line-overview) and [docs/cli.md](docs/cli.md) |
|
|
114
|
+
| Use the Python API | [Python Example](#python-example) and [docs/api.md](docs/api.md) |
|
|
115
|
+
| Validate JSON records | [docs/schemas.md](docs/schemas.md) |
|
|
116
|
+
| Check a bundle of related records | [docs/conformance.md](docs/conformance.md) |
|
|
117
|
+
| Track unresolved work | [Track Open Work](#3-track-open-work) |
|
|
118
|
+
| Run audits | [docs/audits.md](docs/audits.md) |
|
|
119
|
+
| Understand the theory mapping | [docs/theory_mapping.md](docs/theory_mapping.md) and [docs/v1_audit.md](docs/v1_audit.md) |
|
|
120
|
+
| Review release readiness | [docs/v1_readiness.md](docs/v1_readiness.md), [docs/release_readiness.md](docs/release_readiness.md), and [docs/release_gates.md](docs/release_gates.md) |
|
|
121
|
+
| Check security posture | [SECURITY.md](SECURITY.md) and [docs/security.md](docs/security.md) |
|
|
122
|
+
|
|
123
|
+
## Core Ideas In Plain Words
|
|
124
|
+
|
|
125
|
+
The package uses a few terms from the paper. They are easier to understand if
|
|
126
|
+
you map them to everyday review work.
|
|
127
|
+
|
|
128
|
+
| Term | Plain meaning |
|
|
129
|
+
| --- | --- |
|
|
130
|
+
| Verifier | Something that checks a claim, file, object, result, or process |
|
|
131
|
+
| Verifier packet | A structured record that says what a verifier is, where it came from, what it checks, and what limits it has |
|
|
132
|
+
| Residual | Work that is not finished yet, such as a missing check, unknown boundary, exception, warning, or unresolved question |
|
|
133
|
+
| Residual ledger | A history of residuals, including when they were added, changed, retired, quarantined, or redacted |
|
|
134
|
+
| Conformance report | A step-by-step report saying whether a group of records follows the selected rules |
|
|
135
|
+
| Authority gate | A deny-by-default decision layer that says whether evidence may be reused, shared, deployed, or used for repair |
|
|
136
|
+
| Bundle | A JSON object that groups packets, ledgers, decisions, references, and related evidence |
|
|
137
|
+
| Audit | A focused check for a known failure pattern, such as stale evidence or missing counter-checks |
|
|
138
|
+
|
|
139
|
+
These words matter because a simple `pass` or `fail` result is often too small
|
|
140
|
+
for real review work. A check can pass while still depending on assumptions. A
|
|
141
|
+
tool can be useful but too stale for deployment. A record can be valid JSON but
|
|
142
|
+
still unsafe to circulate. This package keeps those differences visible.
|
|
143
|
+
|
|
144
|
+
## How The Pieces Fit Together
|
|
145
|
+
|
|
146
|
+
A common workflow looks like this:
|
|
147
|
+
|
|
148
|
+
1. Create or receive a verifier packet.
|
|
149
|
+
2. Validate the packet against a JSON schema.
|
|
150
|
+
3. Compute digests for important JSON objects.
|
|
151
|
+
4. Put related objects into a bundle.
|
|
152
|
+
5. Run a conformance check on the bundle.
|
|
153
|
+
6. Record unresolved work in the residual ledger.
|
|
154
|
+
7. Run audits for common failure patterns.
|
|
155
|
+
8. Use an authority gate to decide what the evidence is allowed to do.
|
|
156
|
+
|
|
157
|
+
You can use only one part of the package, such as schema validation or digest
|
|
158
|
+
checking, but the full workflow is designed to keep evidence, gaps, and
|
|
159
|
+
decisions connected.
|
|
160
|
+
|
|
161
|
+
## Installation
|
|
162
|
+
|
|
163
|
+
Install from GitHub:
|
|
164
|
+
|
|
165
|
+
```bash
|
|
166
|
+
pip install git+https://github.com/kadubon/verification-ecology-kit.git
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
When the PyPI package is published, installation is:
|
|
170
|
+
|
|
171
|
+
```bash
|
|
172
|
+
pip install verification-ecology-kit
|
|
173
|
+
```
|
|
174
|
+
|
|
175
|
+
Requirements:
|
|
176
|
+
|
|
177
|
+
- Python 3.11 or newer
|
|
178
|
+
- No network access is required at runtime by default
|
|
179
|
+
|
|
180
|
+
Check that the command line tool is available:
|
|
181
|
+
|
|
182
|
+
```bash
|
|
183
|
+
vek doctor
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
## Try It In 5 Minutes
|
|
187
|
+
|
|
188
|
+
Create a basic verifier packet:
|
|
189
|
+
|
|
190
|
+
```bash
|
|
191
|
+
vek packet create --template operational
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
Create a JSON file and compute its digest:
|
|
195
|
+
|
|
196
|
+
```bash
|
|
197
|
+
python -c "from pathlib import Path; Path('object.json').write_text('{\"value\":\"demo\"}\\n', encoding='utf-8')"
|
|
198
|
+
vek digest object.json
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
Create a minimal bundle and run a conformance check:
|
|
202
|
+
|
|
203
|
+
```bash
|
|
204
|
+
python -c "from pathlib import Path; Path('bundle.json').write_text('{\"bundle_id\":\"demo\",\"schema_version\":\"1\",\"conformance_profile\":\"core\",\"objects\":[]}\\n', encoding='utf-8')"
|
|
205
|
+
vek conformance bundle.json --profile core --format markdown
|
|
206
|
+
```
|
|
207
|
+
|
|
208
|
+
Scan the current repository for obvious secret-like values and local paths:
|
|
209
|
+
|
|
210
|
+
```bash
|
|
211
|
+
vek scan leaks .
|
|
212
|
+
vek scan local-info .
|
|
213
|
+
```
|
|
214
|
+
|
|
215
|
+
Next steps:
|
|
216
|
+
|
|
217
|
+
- read [docs/quickstart.md](docs/quickstart.md) for a short walkthrough
|
|
218
|
+
- read [docs/concepts.md](docs/concepts.md) for the main ideas
|
|
219
|
+
- run the examples in [examples/](examples/)
|
|
220
|
+
|
|
221
|
+
## Python Example
|
|
222
|
+
|
|
223
|
+
```python
|
|
224
|
+
from verification_ecology_kit import ResidualLedger, VerifierPacket
|
|
225
|
+
|
|
226
|
+
packet = VerifierPacket.minimal()
|
|
227
|
+
results = packet.validate()
|
|
228
|
+
|
|
229
|
+
ledger = ResidualLedger()
|
|
230
|
+
for residual in packet.residual_obligations:
|
|
231
|
+
ledger.add(residual, justification="packet validation")
|
|
232
|
+
|
|
233
|
+
print([result.to_dict() for result in results])
|
|
234
|
+
print(ledger.trace_ok().to_dict())
|
|
235
|
+
```
|
|
236
|
+
|
|
237
|
+
This creates a minimal verifier packet, validates its accountability fields,
|
|
238
|
+
records any open residual work, and checks that the ledger trace is internally
|
|
239
|
+
consistent.
|
|
240
|
+
|
|
241
|
+
For more complete examples, see:
|
|
242
|
+
|
|
243
|
+
- [examples/basic_packet.py](examples/basic_packet.py)
|
|
244
|
+
- [examples/residual_ledger.py](examples/residual_ledger.py)
|
|
245
|
+
- [examples/operational_bundle.py](examples/operational_bundle.py)
|
|
246
|
+
- [examples/authority_gate.py](examples/authority_gate.py)
|
|
247
|
+
- [examples/federated_bundle.py](examples/federated_bundle.py)
|
|
248
|
+
- [examples/runtime_loop.py](examples/runtime_loop.py)
|
|
249
|
+
|
|
250
|
+
## Common Workflows
|
|
251
|
+
|
|
252
|
+
### 1. Check A JSON Object
|
|
253
|
+
|
|
254
|
+
```bash
|
|
255
|
+
vek validate object.json --schema verifier-packet.schema.json --profile core
|
|
256
|
+
```
|
|
257
|
+
|
|
258
|
+
Use this when you want to confirm that a JSON object matches one of the bundled
|
|
259
|
+
schemas.
|
|
260
|
+
|
|
261
|
+
### 2. Check A Bundle
|
|
262
|
+
|
|
263
|
+
```bash
|
|
264
|
+
vek conformance bundle.json --profile core --format json
|
|
265
|
+
```
|
|
266
|
+
|
|
267
|
+
Use this when you want an ordered report for schema checks, digest checks,
|
|
268
|
+
reference checks, residual checks, judgment checks, and authority checks.
|
|
269
|
+
|
|
270
|
+
### 3. Track Open Work
|
|
271
|
+
|
|
272
|
+
```python
|
|
273
|
+
from verification_ecology_kit import ResidualLedger, ResidualRecord
|
|
274
|
+
from verification_ecology_kit.model.records import ResidualKind
|
|
275
|
+
|
|
276
|
+
ledger = ResidualLedger()
|
|
277
|
+
residual = ResidualRecord(
|
|
278
|
+
kind=ResidualKind.UNRESOLVED,
|
|
279
|
+
origin="manual-review",
|
|
280
|
+
scope=("boundary",),
|
|
281
|
+
obligation="Review the destructive boundary before reuse.",
|
|
282
|
+
)
|
|
283
|
+
ledger.add(residual, justification="manual audit")
|
|
284
|
+
```
|
|
285
|
+
|
|
286
|
+
Use this when a check cannot honestly be treated as fully closed.
|
|
287
|
+
|
|
288
|
+
### 4. Run Local Audits
|
|
289
|
+
|
|
290
|
+
```bash
|
|
291
|
+
vek audit packet-ecology packet.json
|
|
292
|
+
vek audit residual-metabolism ledger.json
|
|
293
|
+
vek audit schema-overclosure schema-audit.json
|
|
294
|
+
vek audit monoculture packet.json
|
|
295
|
+
```
|
|
296
|
+
|
|
297
|
+
Use these when reviewing whether verifier packets have counter-checks, whether
|
|
298
|
+
residuals remain live, whether a schema is hiding unknown information, or
|
|
299
|
+
whether the verification process is becoming too uniform.
|
|
300
|
+
|
|
301
|
+
### 5. Operate On Packets
|
|
302
|
+
|
|
303
|
+
```bash
|
|
304
|
+
vek packet operate fork packet.json --reason new-scope --out forked.json
|
|
305
|
+
vek packet operate specialize packet.json --scope payment-flow --out scoped.json
|
|
306
|
+
vek packet operate repair packet.json --repair-note "added stale-evidence check" --out repaired.json
|
|
307
|
+
vek packet operate quarantine packet.json --reason digest-mismatch --out quarantined.json
|
|
308
|
+
```
|
|
309
|
+
|
|
310
|
+
Use these commands when a verifier packet changes state and you need the change
|
|
311
|
+
to be visible.
|
|
312
|
+
|
|
313
|
+
## Command Line Overview
|
|
314
|
+
|
|
315
|
+
Main commands:
|
|
316
|
+
|
|
317
|
+
```bash
|
|
318
|
+
vek init
|
|
319
|
+
vek doctor
|
|
320
|
+
vek version
|
|
321
|
+
vek schema list
|
|
322
|
+
vek schema export --out schema-out
|
|
323
|
+
vek validate OBJECT.json --schema SCHEMA
|
|
324
|
+
vek digest OBJECT.json
|
|
325
|
+
vek conformance BUNDLE.json --profile core --format markdown
|
|
326
|
+
vek refs check BUNDLE.json
|
|
327
|
+
vek ledger replay LEDGER.json
|
|
328
|
+
vek packet create --template minimal
|
|
329
|
+
vek packet operate fork PACKET.json --out forked-packet.json
|
|
330
|
+
vek packet operate compose LEFT.json RIGHT.json --out composed-packet.json
|
|
331
|
+
vek audit packet-ecology PACKET.json
|
|
332
|
+
vek audit residual-metabolism LEDGER.json
|
|
333
|
+
vek runtime run CONFIG.json
|
|
334
|
+
vek scan leaks PATH
|
|
335
|
+
vek scan local-info PATH
|
|
336
|
+
```
|
|
337
|
+
|
|
338
|
+
See [docs/cli.md](docs/cli.md) for the full command list.
|
|
339
|
+
|
|
340
|
+
## Documentation Map
|
|
341
|
+
|
|
342
|
+
Use this map when you need more detail than the README.
|
|
343
|
+
|
|
344
|
+
| Topic | Document |
|
|
345
|
+
| --- | --- |
|
|
346
|
+
| First steps | [docs/quickstart.md](docs/quickstart.md) |
|
|
347
|
+
| Main ideas | [docs/concepts.md](docs/concepts.md) |
|
|
348
|
+
| Short definitions | [docs/glossary.md](docs/glossary.md) |
|
|
349
|
+
| Command line usage | [docs/cli.md](docs/cli.md) |
|
|
350
|
+
| Python API | [docs/api.md](docs/api.md) |
|
|
351
|
+
| Data model | [docs/data_model.md](docs/data_model.md) |
|
|
352
|
+
| JSON schemas | [docs/schemas.md](docs/schemas.md) |
|
|
353
|
+
| Conformance checks | [docs/conformance.md](docs/conformance.md) |
|
|
354
|
+
| Audit checks | [docs/audits.md](docs/audits.md) |
|
|
355
|
+
| Runnable examples | [docs/examples.md](docs/examples.md) and [examples/](examples/) |
|
|
356
|
+
| Security model | [docs/security.md](docs/security.md) |
|
|
357
|
+
| Theory mapping | [docs/theory_mapping.md](docs/theory_mapping.md) |
|
|
358
|
+
| v1 implementation audit | [docs/v1_audit.md](docs/v1_audit.md) |
|
|
359
|
+
| v1 readiness | [docs/v1_readiness.md](docs/v1_readiness.md) |
|
|
360
|
+
| Release readiness | [docs/release_readiness.md](docs/release_readiness.md) |
|
|
361
|
+
| Release gates | [docs/release_gates.md](docs/release_gates.md) |
|
|
362
|
+
| Pre-publication audit | [docs/pre_publication_audit.md](docs/pre_publication_audit.md) |
|
|
363
|
+
|
|
364
|
+
## Repository Map
|
|
365
|
+
|
|
366
|
+
- [src/verification_ecology_kit/](src/verification_ecology_kit/): package source
|
|
367
|
+
- [src/verification_ecology_kit/schemas/](src/verification_ecology_kit/schemas/):
|
|
368
|
+
bundled JSON schemas
|
|
369
|
+
- [examples/](examples/): small runnable examples
|
|
370
|
+
- [tests/](tests/): unit, property, security, CLI, and golden tests
|
|
371
|
+
- [tests/golden/](tests/golden/): expected behavior cases
|
|
372
|
+
- [docs/](docs/): user and release documentation
|
|
373
|
+
- [scripts/](scripts/): local verification and release-support scripts
|
|
374
|
+
- [security/](security/): scanner allowlist examples
|
|
375
|
+
|
|
376
|
+
## Development
|
|
377
|
+
|
|
378
|
+
Install development dependencies:
|
|
379
|
+
|
|
380
|
+
```bash
|
|
381
|
+
uv sync --all-extras --dev
|
|
382
|
+
```
|
|
383
|
+
|
|
384
|
+
Run the main local checks:
|
|
385
|
+
|
|
386
|
+
```bash
|
|
387
|
+
uv run ruff format --check .
|
|
388
|
+
uv run ruff check .
|
|
389
|
+
uv run mypy src
|
|
390
|
+
uv run pytest --cov=verification_ecology_kit --cov-report=term-missing
|
|
391
|
+
```
|
|
392
|
+
|
|
393
|
+
Run security, schema, docs, and package checks:
|
|
394
|
+
|
|
395
|
+
```bash
|
|
396
|
+
uv run python scripts/verify_no_secrets.py .
|
|
397
|
+
uv run python scripts/scan_local_info.py .
|
|
398
|
+
uv run check-jsonschema --check-metaschema src/verification_ecology_kit/schemas/*.schema.json
|
|
399
|
+
uv run bandit -c pyproject.toml -r src scripts
|
|
400
|
+
uv run pip-audit
|
|
401
|
+
uvx zizmor .
|
|
402
|
+
uv run mkdocs build --strict
|
|
403
|
+
uv build --no-sources
|
|
404
|
+
uv run python scripts/verify_package_contents.py
|
|
405
|
+
uv run python scripts/smoke_install_wheel.py
|
|
406
|
+
uv run python scripts/check_v1_readiness.py --strict
|
|
407
|
+
```
|
|
408
|
+
|
|
409
|
+
For release-specific evidence, read
|
|
410
|
+
[docs/release_readiness.md](docs/release_readiness.md) and
|
|
411
|
+
[docs/release_gates.md](docs/release_gates.md).
|
|
412
|
+
|
|
413
|
+
## Security And Privacy
|
|
414
|
+
|
|
415
|
+
- No telemetry is built in.
|
|
416
|
+
- Runtime network access is not required by default.
|
|
417
|
+
- JSON is used for input data; pickle is not used for untrusted data.
|
|
418
|
+
- CI runs secret scanning, local information scanning, Bandit, pip-audit, and
|
|
419
|
+
GitHub Actions workflow scanning.
|
|
420
|
+
- GitHub Actions are pinned to commit hashes and checkout credentials are not
|
|
421
|
+
persisted in workflow jobs.
|
|
422
|
+
|
|
423
|
+
If you find a security issue, see [SECURITY.md](SECURITY.md).
|
|
424
|
+
|
|
425
|
+
## Project Status
|
|
426
|
+
|
|
427
|
+
Current version: `1.0.0`
|
|
428
|
+
|
|
429
|
+
Status:
|
|
430
|
+
|
|
431
|
+
- first stable OSS implementation
|
|
432
|
+
- typed Python package
|
|
433
|
+
- command line interface included
|
|
434
|
+
- JSON schemas included
|
|
435
|
+
- runnable examples included
|
|
436
|
+
- golden tests included
|
|
437
|
+
- GitHub repository published
|
|
438
|
+
- local package build and wheel smoke install pass
|
|
439
|
+
- PyPI and GitHub release publication are performed after tagging
|
|
440
|
+
|
|
441
|
+
Before treating the package as v1.0.0-ready, check:
|
|
442
|
+
|
|
443
|
+
- [docs/v1_audit.md](docs/v1_audit.md)
|
|
444
|
+
- [docs/v1_readiness.md](docs/v1_readiness.md)
|
|
445
|
+
- [docs/release_readiness.md](docs/release_readiness.md)
|
|
446
|
+
- [docs/release_gates.md](docs/release_gates.md)
|
|
447
|
+
|
|
448
|
+
The public API is intended to stabilize around the classes exported from
|
|
449
|
+
`verification_ecology_kit`.
|
|
450
|
+
|
|
451
|
+
## Citation
|
|
452
|
+
|
|
453
|
+
Takahashi, K. (2026). *Verifier Ecology Theory: Packetized
|
|
454
|
+
Self-Verification Under Residual Accountability*. Zenodo.
|
|
455
|
+
https://doi.org/10.5281/zenodo.21147093
|
|
456
|
+
|
|
457
|
+
## License
|
|
458
|
+
|
|
459
|
+
Apache-2.0.
|