Skip to main content

Specification-Driven Development Extended - LLM-agnostic spec-first governance framework with role enforcement, telemetry, and GitHub integration

Project description

SDD+ - Specification-Driven Development Extended

Python 3.13+ MIT License Tests Coverage Code Quality

LLM-agnostic spec-first governance framework for AI-assisted development, with independent audit gates, role-based file enforcement, telemetry, and a web dashboard.

Core principle: Specifications are binding. Code follows spec, not vice versa. Audit is independent and impartial.

LLM-agnostic: SDD+ doesn't care what AI (or human) executes each role. Use Claude, GPT-4, Gemini, Llama, Ollama, or manual review. Bring your own executor.


Install

pip install sdd-plus

Requires Python 3.13+.

Quick Start

# Initialize a new SDD+ project
sdd init

# Check current phase and state
sdd status

# Transition state (as auditor or implementer, with any executor)
sdd transition REFINED --role auditor --executor claude
sdd transition IMPLEMENTING --role implementer --executor gpt-4

# Run the 4-step audit loop (executor is whoever runs the audit)
sdd audit --role auditor --executor claude --auto-approve

# Advance to next phase (auditor only, after COMPLETED)
sdd new-phase --role auditor

# Install the pre-commit enforcement hook
sdd install-hooks --role implementer

# Check file patterns against role rules (dry-run)
sdd check-patterns --role implementer --files src/foo.py

# View telemetry
sdd metrics show --phase 4

# Launch the web dashboard
sdd dashboard --port 8888

What It Does

SDD+ enforces a spec-first workflow with pluggable executors:

  1. State Machine - 6-state lifecycle: DRAFT -> REFINED -> LOCKED -> IMPLEMENTING -> AUDITING -> COMPLETED
  2. Role Enforcement - AGENTS.yaml declares which files each role (implementer/auditor) may touch. A git pre-commit hook enforces it.
  3. Audit Loop - 4-step automated audit: pytest, coverage >= 85%, spec conformance, contract conformance.
  4. Telemetry - Every transition and audit is logged to .sdd-metrics/ as JSONL.
  5. Dashboard - sdd dashboard serves a read-only web UI showing project state, audit history, and metrics.

Architecture

project/
  AGENTS.yaml                  # Authority matrix (role -> file patterns)
  sdd/
    artifacts/                 # Specs, contracts, audits, state snapshot
      STATE_SNAPSHOT.yaml
      PHASE_N_SPEC.yaml
      PHASE_N_CONTRACT.yaml
      PHASE_N_AUDIT.yaml
    handoffs/                  # Phase transition summaries
    state_machine/             # 6-state machine + transitions
    schemas/                   # Pydantic v2 models
    validators/                # Contract + state validators
    enforcement.py             # File-pattern enforcement modes
    git_integration.py         # Git helpers (branch, commit, clean check)
    telemetry.py               # JSONL event emitter + query
    web/                       # FastAPI + Jinja2 dashboard
    cli/                       # Typer CLI commands
  tests/                       # 300+ tests, >= 85% coverage
  .sdd-metrics/                # Telemetry JSONL (gitignored)

CLI Commands

Command Description
sdd init Initialize SDD+ in a directory
sdd status Show current phase and state
sdd validate Validate contract and state artifacts
sdd transition STATE --role ROLE [--executor E] Advance the state machine
sdd new-phase --role auditor Start next phase after COMPLETED
sdd audit --role auditor [--executor E] Run 4-step audit loop
sdd install-hooks --role ROLE Install git pre-commit hook
sdd check-patterns --role ROLE Dry-run file enforcement check
sdd metrics show Display telemetry records
sdd dashboard Launch web dashboard
sdd projects list/add/remove Manage workspace projects

sdd doctor

Checks project readiness and reports each check as PASS, WARN, or FAIL. Exits 1 when required readiness checks fail.


Enforcement Modes

AGENTS.yaml can choose how role file patterns are enforced:

  • denylist: MVP/default mode. Blocks files matching forbidden_file_patterns only. Neutral files remain allowed.
  • strict_allowlist: Production mode. Allows only files matching the active role's allowed_file_patterns, while still blocking forbidden_file_patterns.

If enforcement.mode is missing, SDD+ uses denylist for backward compatibility.

version: 1
enforcement:
  mode: strict_allowlist
roles:
  implementer:
    description: Writes implementation and tests
    allowed_file_patterns:
      - "src/**/*"
      - "tests/**/*"
      - "README.md"
    forbidden_file_patterns:
      - "sdd/artifacts/*SPEC*.yaml"
      - "sdd/artifacts/*AUDIT*.yaml"

Phases Completed

Phase Title Tests Coverage
0-2 Schemas + State Machine + CLI 300+ tests 85%+
3 Agent Harness (AGENTS.yaml, audit loop) 300+ tests 92%
4 Harness Closure (enforcement + git hooks) 300+ tests 92.1%
5 Telemetry & Metrics 300+ tests 91.7%
6 Web Dashboard 300+ tests 91.6%
7 PyPI Packaging 300+ tests 91%+

Development

# Clone and install in dev mode
git clone https://github.com/oskcorps-sys/sdd-plus.git
cd sdd-plus
pip install -e ".[dev]"

# Run tests
pytest

# Run with coverage
pytest --cov=sdd --cov-report=html

License

MIT - see LICENSE.


Built by Oscar Franco (ReguSense). LLM-agnostic by design.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sdd_plus-0.4.0.tar.gz (136.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

sdd_plus-0.4.0-py3-none-any.whl (117.6 kB view details)

Uploaded Python 3

File details

Details for the file sdd_plus-0.4.0.tar.gz.

File metadata

  • Download URL: sdd_plus-0.4.0.tar.gz
  • Upload date:
  • Size: 136.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for sdd_plus-0.4.0.tar.gz
Algorithm Hash digest
SHA256 b6db1a464384a19e525c4cb7e1e012c2957d709e7a1303ae9c5e4279ba764b71
MD5 0202269dd5516f23e10c6c691586a620
BLAKE2b-256 190a198064b532fadc1366b38082cf0e43e8cd6d75e3f6c90e8174ac7e0d6f45

See more details on using hashes here.

Provenance

The following attestation bundles were made for sdd_plus-0.4.0.tar.gz:

Publisher: publish.yml on oskcorps-sys/sdd-plus

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file sdd_plus-0.4.0-py3-none-any.whl.

File metadata

  • Download URL: sdd_plus-0.4.0-py3-none-any.whl
  • Upload date:
  • Size: 117.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for sdd_plus-0.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 518b2a23d0521fc15447f7f3d461eca15e13e0a4f0cd1474c29abef30b764b4b
MD5 05e48299a3941297890caf6373964838
BLAKE2b-256 0a6915255a1191e0f122dea9f390f7e0be0c666ac6009ff56b7eb00ef01cc6a9

See more details on using hashes here.

Provenance

The following attestation bundles were made for sdd_plus-0.4.0-py3-none-any.whl:

Publisher: publish.yml on oskcorps-sys/sdd-plus

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page