OpenBox base SDK - governance contracts, strict gate, identity/signing, evaluate client, context runtime, OTel span wire serialization, and generic instrumentation shared by every OpenBox framework SDK
Project description
openbox-sdk-python
OpenBox base SDK (import openbox_core) — the standalone core every OpenBox
framework SDK builds on. It owns:
- Contracts — event and result dataclasses (
EventEnvelope,EvaluationResult,ApprovalResult,Verdict). - Always-strict governance gate — malformed event/runtime contracts raise
ContractErrorbefore send; there are no configurable gate modes. - Identity & signing — AIP DID validation + Ed25519 request signing, byte-compatible with the Temporal SDK signing contract.
- Evaluate client — sync + async calls to OpenBox Core
(
/api/v1/governance/evaluate,/approval,/auth/validate). - Context & runtime —
ActivityContext,ContextStore, trace correlation,FrameworkAdapterprotocol,OpenBoxRuntime. - OTel span wire serialization — OTel spans are the internal source of
truth, projected to the current Core
SpanDatawire shape before send. - Generic instrumentation — HTTP/DB/file/function wrappers with a started/completed hook runtime enforcing preflight before real operations.
- Conformance kit — reusable fixtures framework SDKs run to prove parity.
Framework SDKs (Temporal, LangGraph, LangChain, DeepAgent, CrewAI) are thin
adapters: they bind framework lifecycle into ActivityContext, emit lifecycle
events, and translate EvaluationResult into native behavior.
Framework SDK integration
New framework SDK developers and agents should start with the OpenBox Python Framework SDK Integration guide. It describes how to build a framework SDK on top of this base package without reimplementing config, signing, governance gates, hook wire payloads, or conformance fixtures.
Install
uv sync # core
uv sync --extra http # + HTTP instrumentation targets
uv sync --extra db # + DB instrumentation targets
Import safety
openbox_core.__init__ and all openbox_core.contracts.* modules import
without pulling in httpx, cryptography, requests, or OTel
instrumentation — safe for constrained framework paths such as the Temporal
workflow sandbox. tests/test_import_safety.py enforces this in CI.
Development
uv sync --all-extras
uv run pytest
uv run ruff check .
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file openbox_sdk_python-1.0.1.tar.gz.
File metadata
- Download URL: openbox_sdk_python-1.0.1.tar.gz
- Upload date:
- Size: 173.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1efe7975f9cde7ec31dbab2eea5e329acf685c378cffe93157118a885f39460d
|
|
| MD5 |
1d8a9335f7bd67dc42ed87d38c82b1c9
|
|
| BLAKE2b-256 |
6114630c83f0aed9a60584273a36536693739ea1336aa543f5090e8b540d14c9
|
Provenance
The following attestation bundles were made for openbox_sdk_python-1.0.1.tar.gz:
Publisher:
publish.yml on OpenBox-AI/openbox-sdk-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
openbox_sdk_python-1.0.1.tar.gz -
Subject digest:
1efe7975f9cde7ec31dbab2eea5e329acf685c378cffe93157118a885f39460d - Sigstore transparency entry: 2087946147
- Sigstore integration time:
-
Permalink:
OpenBox-AI/openbox-sdk-python@e5691a00104b7f2b39bd183d92eab601e81325ed -
Branch / Tag:
refs/tags/v1.0.1 - Owner: https://github.com/OpenBox-AI
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@e5691a00104b7f2b39bd183d92eab601e81325ed -
Trigger Event:
release
-
Statement type:
File details
Details for the file openbox_sdk_python-1.0.1-py3-none-any.whl.
File metadata
- Download URL: openbox_sdk_python-1.0.1-py3-none-any.whl
- Upload date:
- Size: 87.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0e202aed93be2b1e4e76ce5ce2c628ce5bc64eae59c6297547be5b634bca01f9
|
|
| MD5 |
aaf3072d8e6b450e7e07cec05af486fc
|
|
| BLAKE2b-256 |
26539d169fd9e74f5f107982fd97a9dd38a43b68e9f4a29128883f79eab96a2d
|
Provenance
The following attestation bundles were made for openbox_sdk_python-1.0.1-py3-none-any.whl:
Publisher:
publish.yml on OpenBox-AI/openbox-sdk-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
openbox_sdk_python-1.0.1-py3-none-any.whl -
Subject digest:
0e202aed93be2b1e4e76ce5ce2c628ce5bc64eae59c6297547be5b634bca01f9 - Sigstore transparency entry: 2087946298
- Sigstore integration time:
-
Permalink:
OpenBox-AI/openbox-sdk-python@e5691a00104b7f2b39bd183d92eab601e81325ed -
Branch / Tag:
refs/tags/v1.0.1 - Owner: https://github.com/OpenBox-AI
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@e5691a00104b7f2b39bd183d92eab601e81325ed -
Trigger Event:
release
-
Statement type: