ImportSpy ensures structural integrity, runtime compliance, and security for external modules, preventing inconsistencies and enforcing controlled execution.
Project description
ImportSpy
Contract-based import validation for Python modules.
ImportSpy is a runtime enforcement engine that protects Python modules from being imported or executed in unauthorized, unverified, or structurally incompatible environments — using declarative import contracts defined in YAML.
🧠 ImportSpy ensures:
✅ Your code is only imported in verified contexts
✅ Module structure matches declared expectations
✅ Runtime conditions (OS, Python version, architecture) are enforced
✅ Environments behave predictably across CI, staging, and production
💡 Why ImportSpy?
Python’s flexibility is powerful — but risky.
Without guardrails, imports can break due to:
🚫 Missing or malformed classes/functions
🚫 Undeclared changes in shared dependencies
🚫 Execution in unsupported OS/Python environments
🚫 Unauthorized use of internal packages
ImportSpy gives you import boundaries and runtime control using YAML-defined contracts.
Two powerful usage modes:
🔒 Embedded Mode – Self-protective modules that validate their own importers.
🧪 External CLI Mode – Contract validation via importspy during builds or CI/CD pipelines.
Comparison Table
Aspect |
Without ImportSpy |
With ImportSpy |
|---|---|---|
Compatibility |
Modules can run in unsupported runtimes |
Imports blocked in mismatched OS/Python contexts |
Debugging |
Silent runtime errors and broken contracts |
Clear errors with structured validation output |
Security |
Unverified third-party modules can access internals |
Controlled import surface and enforced structure |
Reproducibility |
Behavior varies across environments |
Predictable imports under contract governance |
📜 What’s a Contract?
A contract is a YAML file that defines the expected structure and runtime constraints of your module.
Example:
filename: extension.py
variables:
engine: docker
classes:
- name: Extension
attributes:
- type: class
name: extension_name
value: extension_value
methods:
- name: add_extension
arguments:
- name: self
- name: msg
annotation: str
return_annotation: str
superclasses:
- PluginThis defines a structural + runtime boundary for where your module is allowed to run — and how.
⚙️ Embedded Mode
Validate importer modules from inside your code.
from importspy import Spy
import logging
importer = Spy().importspy(filepath="spymodel.yml", log_level=logging.DEBUG)
importer.Foo().run()🔧 CLI Mode (External)
Validate a module against its contract from CI, terminal, or script.
importspy -s spymodel.yml -l DEBUG path/to/module.py📦 Installation
pip install importspySupported Python: 3.10+
📚 Features at a Glance
✅ YAML-based declarative import contracts
✅ OS + interpreter + architecture validation
✅ Class/function/argument/attribute enforcement
✅ Embedded or CLI-driven validation modes
✅ Full error trace and CI/CD logging support
✅ SpyModel-powered introspection pipeline
📎 Ideal For:
🔐 Security-driven systems (banking, medical, gov)
🧩 Plugin frameworks (CMS, IoT, CLI extensions)
🔬 Large codebases needing structural validation
🧪 CI/CD workflows enforcing compatibility and compliance
📦 Maintainers distributing validated packages
🔍 How It Works
Your module defines a contract (YAML or Python).
ImportSpy is triggered at runtime or CLI.
The environment and structure of the importer are introspected.
Validation checks everything against the contract.
If the contract fails: import is blocked. If it passes: import proceeds safely.
🔧 Example CLI Usage
importspy -s spymodel.yml -l ERROR plugin.py🎯 Tech Stack
✅ Pydantic v2 → validation engine
✅ Typer → CLI interface
✅ ruamel.yaml → YAML parsing
✅ inspect + platform + sys → runtime reflection
✅ Poetry → package management
✅ Sphinx + ReadTheDocs → full docs coverage
📚 Docs
📘 Full Documentation → https://importspy.readthedocs.io/
🧱 Architecture Overview → https://importspy.readthedocs.io/en/latest/advanced/architecture_index.html
🧪 Examples & Use Cases → https://importspy.readthedocs.io/en/latest/overview/use_cases_index.html
📜 License
MIT © 2024 — Luca Atella
🔥 Take control of your imports. Validate with ImportSpy.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file importspy-0.3.1.tar.gz.
File metadata
- Download URL: importspy-0.3.1.tar.gz
- Upload date:
- Size: 31.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.4 CPython/3.12.9 Linux/6.13.9-100.fc40.x86_64
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c385e6630b271ca0d951348a816c1b04256a0ad6f574c7c792880589471e603f
|
|
| MD5 |
39701ac42a652836cf5b44bb38d6cf1a
|
|
| BLAKE2b-256 |
598c50b7507791cc6d039565a4cc260fd13039e3734823ed2d30b51eb63422b7
|
File details
Details for the file importspy-0.3.1-py3-none-any.whl.
File metadata
- Download URL: importspy-0.3.1-py3-none-any.whl
- Upload date:
- Size: 40.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.4 CPython/3.12.9 Linux/6.13.9-100.fc40.x86_64
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
326fe5beff9db1e2c8125b8ef65865849893819e1bb6c109472423fab40413df
|
|
| MD5 |
9891a465c344055864712adaad93b5bf
|
|
| BLAKE2b-256 |
c5761b0551b9bd82e72cba3da43d21075d5abf85242dbad094a45ab09f5fa13b
|
