CleanLibrary Python SDK — mirrors cleanlib-client (Rust SDK) HTTP surface + cycle-5 cosign verdict-attestation
Project description
cleanlib-sdk-py
CleanLibrary Python SDK — asyncio + httpx; mirrors the Rust cleanlib-client HTTP surface.
Status: v0.1.0-substrate (cycle-4 §D.1). Substrate-only — fetch_verdict ships; remaining verbs (scan / audit_recent / policy_preview / fetch_bytes) iterate cycle-5+.
Install (cycle-5+; not yet on PyPI)
pip install cleanlib-sdk
For cycle-4 substrate, install from this repo:
pip install git+https://bitbucket.org/triamsec/cleanlib-sdk-py.git
Usage
import asyncio
from cleanlib_sdk import Client, PolicyDenyError, RiskAcceptanceRequiredError
async def main() -> None:
async with Client(
endpoint="https://cleanapp.clnstrt.dev",
api_key="clk_std_...", # opaque CleanLibrary access key
) as c:
try:
v = await c.fetch_verdict("npm", "lodash", "4.17.21")
print(f"{v.decision} composite_score={v.composite_score}")
print(f"reasoning: {v.reasoning}")
except PolicyDenyError as e:
print(f"DENIED [{e.reason_code}]: {e.message}")
except RiskAcceptanceRequiredError as e:
print(f"RISK ACCEPT REQUIRED: {e.message}")
if e.docs_url:
print(f"see: {e.docs_url}")
asyncio.run(main())
Error hierarchy
All errors descend from CleanLibraryError. Subclasses:
| Exception | HTTP | Triggered by |
|---|---|---|
PolicyDenyError |
403 / 451 | POLICY_DENY_VERDICT / POLICY_DENY_RULE_EXPLICIT |
IntegrityFailureError |
403 | INTEGRITY_FAILURE |
RateLimitExceededError |
429 | tier-throttled; carries retry_after_seconds |
RiskAcceptanceRequiredError |
403 | RISK_ACCEPTANCE_REQUIRED |
AuthenticationError |
401 / 403 | KEY_INVALID / KEY_EXPIRED / KEY_SCOPE_INSUFFICIENT |
InsufficientDataError |
403 | INSUFFICIENT_DATA_FAIL_CLOSED |
PackageNotFoundError |
404 | not in catalog + ingest declined |
ServerError |
5xx | retryable on 502/503/504 |
TransportError |
— | network / TLS / timeout / DNS |
ParseError |
— | response body shape mismatch |
Development
pip install -e ".[dev]"
pytest
ruff check .
Cross-references
- App workstream substrate spec — canonical surface design
- Rust cleanlib-client — reference implementation
- App customer endpoint contract §9 — HTTP surface contract
License
Proprietary — CleanStart.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cleanlib_sdk-0.4.1.tar.gz.
File metadata
- Download URL: cleanlib_sdk-0.4.1.tar.gz
- Upload date:
- Size: 27.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: Hatch/1.16.5 cpython/3.11.7 HTTPX/0.27.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e1bc2e1aa6f70283f35e1d5162e1b8b3b6482a0978cc93afc134598595b1ccc8
|
|
| MD5 |
1a3be0663eb0218003e94dd12a62836e
|
|
| BLAKE2b-256 |
4abcba6c27ac138079c7c7f6b8f75d22477918dca63470d54e956603c86d60c1
|
File details
Details for the file cleanlib_sdk-0.4.1-py3-none-any.whl.
File metadata
- Download URL: cleanlib_sdk-0.4.1-py3-none-any.whl
- Upload date:
- Size: 22.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: Hatch/1.16.5 cpython/3.11.7 HTTPX/0.27.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e0a199f18bd7b5e885e1a8e09bf2608cb46fdd4f1ed0d0737c943d7526393ee3
|
|
| MD5 |
b52155e57cfc23138adb08a27f9ebd68
|
|
| BLAKE2b-256 |
cac827994b3ccd98cf3969eb338653b8e03878faa76441380262225885b0916e
|
