coreason-publisher 0.4.0

agent from Development (mutable drafts) to Production (immutable artifacts)

coreason-publisher

The Regulatory Gatekeeper & Artifact Packager

coreason-publisher is the "Final Gatekeeper" of the CoReason platform. It orchestrates the transition of an agent from a mutable "Development Experiment" to an immutable "Clinical-Grade Product."

It solves the "Big AI" problem in GxP environments. Agents are not just code; they are a complex dependency of Logic (Prompts), Evidence (Test Results), and Binary Assets (Fine-Tuned Weights). This package bundles these diverse assets into a verifiable package, manages the Git LFS (Large File Storage) pointers for heavy models, and enforces a strict Two-Stage Governance Workflow (Submission $\to$ SRB Approval) before any code reaches production.

It can be run as a CLI tool for local development or as a Centralized Service (REST API) for platform integration.

Functional Philosophy

The agent must implement the Package-Propose-Approve-Merge Loop:

1. The "Thick" Artifact: A release is monolithic. It must contain the exact Prompts, Code, Test Data, and Model Weights used during validation. If one piece is missing, the release is void.
2. Governance as Code: The Scientific Review Board (SRB) approval is a digital state transition, not an email. coreason-publisher blocks the Git merge until a cryptographically signed approval from an authorized SRB member is registered.
3. Semantic Versioning (SemVer): The tool manages versioning (v1.0 $\to$ v1.1) automatically based on the nature of the change (Patch/Minor/Major), preventing human error.
4. Reproducibility: The "Council of Models" (the specific LLM versions used for testing) must be locked in the release manifest to ensure the test results are reproducible 5 years from now.

Key Features

• Governance Service (API): Exposes REST endpoints (/propose, /release) for Foundry/Assay integration.
• Artifact Bundling: Aggregates code, data, and models into a single deployment folder.
• Git LFS Management: Automatically handles large files and model weights.
• Governance as Code: Blocks merges until a cryptographically signed SRB approval is received.
• Automated Versioning: Manages SemVer based on change types (Patch/Minor/Major).
• Reproducibility: Locks the specific "Council of Models" used for validation.

Documentation

For detailed documentation, please refer to the docs/ directory or the deployed MkDocs site:

• Architecture
• Usage Guide
• Product Requirements

Quick Start

Prerequisites

• Python 3.12+
• Poetry
• Git LFS

Installation

git clone https://github.com/CoReason-AI/coreason_publisher.git
cd coreason_publisher
poetry install

Server Mode

Run the service via Docker:

docker run -p 8000:8000 \
  -e GITLAB_TOKEN="<token>" \
  coreason-publisher:latest

CLI Usage

To propose a new release locally:

poetry run python -m coreason_publisher.main propose \
    --project-id <PROJECT_ID> \
    --draft-id <DRAFT_ID> \
    --bump minor \
    --user-id <USER_ID> \
    --description "Release description"

For more details, see the Usage Guide.