Harbor-spec v1.0.2 reference implementation (Python-only)

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ailijian from gravatar.com ailijian

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Requires: Python >=3.9
  • Provides-Extra: dev
Report project as malware

Project description

⚓ Harbor

The Context Governance Engine for Vibe Coding

CI Status Python Version License Strictness

让 AI 像代码一样被管理,让上下文像 Git 一样可追溯。

[理念 (Philosophy)] • [架构 (Architecture)] • [快速开始 (Quick Start)] • [工作流 (Workflow)]

🌌 The Era of Vibe Coding

编程正在经历一场范式转移。我们正在从 "Writing Code"(逐行编写)转向 "Vibe Coding"(通过自然语言与 AI 协作生成)。

在这个新时代,代码生成的边际成本趋近于零,但上下文维护的成本却在指数级上升。

  • AI 改了代码,Docstring 还没改?👉 Context Drift (上下文漂移)
  • 测试用例还在测旧版本的逻辑?👉 Validation Gap (验证断层)
  • 为什么上周我们要把这个参数改成 Optional?👉 Memory Loss (决策遗忘)

Harbor 应运而生。它不是另一个 Copilot,它是 Copilot 的监管者。它是一套用于治理 AI 生成代码的 "良知" (Conscience)"记忆" (Memory) 系统。它是“程序员到上下文工程师”这一革命性转变的关键工具,它的目标是成为vibe coding时代的Git。

🛡️ Core Philosophy

Harbor 的核心设计理念基于 L3 Contract Theory

  1. Code is Volatile, Contract is Immutable: 实现代码可以由 AI 随意重写,但 L3 级 Docstring(契约)是锚点,必须由人类或高级审计确认。
  2. Noise is Signal: 未经索引的代码、未同步的文档、未绑定的测试,都是系统中的“噪音”。Harbor 不会静默处理,而是将其显性化。
  3. Trust, but Verify: 我们信任 AI 的编码能力,但必须通过 AST 静态分析和 LLM 语义审计来验证其产出。

🏗️ Architecture

Harbor 通过六大核心子系统构建了一个闭环的治理体系:

graph TD
    Source[Source Code] -->|AST Parse| Adapter(Adapter)
    Adapter -->|Contract Hash| Index(L3 Index / Memory)
    
    Index -->|Compare| Sync(Sync Engine)
    Source -->|Body Hash| Sync
    
    Sync -->|Drift Detected| Status[CLI Status]
    Sync -->|Diff Target| Audit(Semantic Guard)
    
    Env[.env / LLM] --> Audit
    Audit -->|Semantic Check| Report[Audit Report]
    
    Tests[Test Cases] -->|DDT Binding| Validator(DDT Validator)
    Index -->|Version Match| Validator
    
    Index -->|Aggregation| L2(L2 Generator)
    Validator -->|Status| L2
    
    User[Developer] -->|Log Decision| Diary(Diary / History)
  • 🧠 Index (Memory): 这里的 .harbor/cache 是大脑,记录了代码的每一次“快照”与指纹。
  • ⚖️ Sync (Conscience): 实时监测 "Implementation Drift"(代码变了,但契约没变)。
  • 🌉 DDT (Bridge): Decorator-driven Data Testing。将测试用例与 L3 版本强绑定,拒绝“假绿灯”。
  • 🤖 Audit (Guard): 集成 DeepSeek/OpenAI,对代码进行语义级审计,揪出逻辑与文档的违背之处。
  • 📊 L2 (Dashboard): 自动生成 Markdown 视图,诚实地展示模块的测试覆盖率与契约状态。
  • 📜 Diary (History): 结构化的决策日志,记录每一次变革背后的 "Why"。

⚡ Quick Start

1. Installation

Harbor 是一个纯 Python 工具,推荐在开发模式下安装:

git clone [https://github.com/your-org/harbor-spec.git](https://github.com/your-org/harbor-spec.git)
cd harbor-spec
pip install -e .

可选pypi安装:

pip install harbor-spec

2. Configuration

配置 LLM 以启用 AI 语义审计(支持 Ernie, DeepSeek, OpenAI 等兼容接口):

cp .env.example .env
# 编辑 .env 文件:
# HARBOR_LLM_PROVIDER=openai
# HARBOR_LLM_API_KEY=
# HARBOR_LLM_BASE_URL=https://api.openai.com/v1
# HARBOR_LANGUAGE=zh (可选,开启中文审计)

3. Initialize

使用智能初始化生成配置并避免 scanned=0

harbor init
# 若已存在配置需要覆盖:
# harbor init --force

初始化完成后,构建初始索引接管当前代码库:

harbor build-index

Tips: 避免 scanned=0

  • 先运行 harbor init 生成 .harbor/config.yaml,确保 code_roots 指向真实代码位置(如 src/** 或包目录)。
  • 使用 --force 重新初始化以覆盖不合适的旧配置。
  • 如为脚本型仓库(根目录只有若干 .py),harbor init 会生成 code_roots: ['*.py'];若没有 .py,会兜底为 ['**/*.py']

🎮 Workflow: A Day with Harbor

1. Check Status

开始工作前,看看代码库是否干净。

harbor status
# 输出: No changes detected. (Or list of drifts)

2. Vibe Coding

使用你喜欢的 AI 助手(Cursor, Windsurf, Copilot)修改代码。 假设你修改了 harbor/utils.py 的逻辑,但忘记更新 Docstring。

3. Detect Drift

Harbor 会发现你的代码实现了“偷跑”。

harbor status
# 输出: M harbor.utils.func (Body changed, Contract static)

4. AI Audit

让 Harbor 的 AI 审计员检查你的修改是否违背了契约。

harbor audit --semantic
# 输出: POSSIBLE_SEMANTIC_DRIFT ... [MISMATCH]: 代码抛出了 ValueError 但文档中未声明...

5. Lock & Record

修复问题后,更新索引并记录决策日志。

harbor build-index
harbor diary log --summary "Refactor utils validation logic" --type refactor --importance high

🧩 Commands Cheatsheet

Command Description
harbor init 智能探测项目结构并生成 .harbor/config.yaml(支持 --force 覆盖)
harbor status 检查代码与索引的差异(Drift检测)
harbor build-index 更新 L3 索引缓存 (类似 git commit)
harbor audit --semantic 调用 LLM 进行语义一致性检查
harbor ddt validate 验证测试用例与代码版本的绑定关系
harbor gen l2 自动生成模块级的 README 文档
harbor diary log 写入结构化的决策日志

🤝 Contribution

Harbor 遵循 Strict L3 开发规范。

  • 所有 Public API 必须包含完整的 Google-style Docstring。
  • 所有新增功能必须包含 DDT 测试绑定。
  • 提交前请运行 harbor audit --semantic 自测。

📄 License

MIT © 2025 Harbor-spec Authors.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ailijian from gravatar.com ailijian

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Requires: Python >=3.9
  • Provides-Extra: dev

Release history Release notifications | RSS feed

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2.2

1.4.2

1.4.1

1.4.0

1.3.2

1.3.1

1.3.0

1.3.0b6 pre-release

1.3.0b5 pre-release

1.3.0b3 pre-release

1.3.0b1 pre-release

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.0

1.0.3

1.0.2

1.0.2b2 pre-release

1.0.2b1 pre-release

1.0.1

1.0.1b3 pre-release

1.0.1b2 pre-release

1.0.1b1 pre-release

1.0.0

This version

1.0.0b1 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

harbor_spec-1.0.0b1.tar.gz (31.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

harbor_spec-1.0.0b1-py3-none-any.whl (32.1 kB view details)

Uploaded Python 3

File details

Details for the file harbor_spec-1.0.0b1.tar.gz.

File metadata

  • Download URL: harbor_spec-1.0.0b1.tar.gz
  • Upload date:
  • Size: 31.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for harbor_spec-1.0.0b1.tar.gz
Algorithm Hash digest
SHA256 c76c8b45d222291192f87b04f890f1995573f98bf3534a8d1df3ee60522b2cbd
MD5 3c212008e774e7a031c459790e37f7ea
BLAKE2b-256 889e1d7041078e662cdb5bbdcf2d453571ea8086f41cee6c410a9e1381d7dbc4

See more details on using hashes here.

Provenance

The following attestation bundles were made for harbor_spec-1.0.0b1.tar.gz:

Publisher: release.yml on ailijian/harbor-spec

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file harbor_spec-1.0.0b1-py3-none-any.whl.

File metadata

  • Download URL: harbor_spec-1.0.0b1-py3-none-any.whl
  • Upload date:
  • Size: 32.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for harbor_spec-1.0.0b1-py3-none-any.whl
Algorithm Hash digest
SHA256 a0daa823a135d832b827721421b54a50423d907a9ff478b0c97cf809a42192cc
MD5 1fefa483aa07910c144f653c9d371544
BLAKE2b-256 8ece5ffa8cff95679ef833df27760caadc525398d56eff96f13a11c4da899375

See more details on using hashes here.

Provenance

The following attestation bundles were made for harbor_spec-1.0.0b1-py3-none-any.whl:

Publisher: release.yml on ailijian/harbor-spec

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page