Python source-mode loader for MDA v1.0 configuration artifacts

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for larryhope from gravatar.com larryhope

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: SnoAI
  • Tags configuration , frontmatter , integrity , mda
  • Requires: Python >=3.11
Classifiers
Report project as malware

Project description

snoai-mda-config

Python source-mode loader for MDA v1.0 configuration artifacts.

This package mirrors the TypeScript @snoai/mda-config and Rust snoai-mda-config loader contract. The v1.0 surface covers frontmatter extraction, MDA source-schema validation, integrity verification, requires.network enforcement, RC2 trusted-runtime verifier hooks, and consumer pydantic validation.

Python does not perform real Rekor transport or Sigstore cryptography by itself. When verify_signatures=True, callers must provide a trust policy, Rekor client, and Sigstore verifier hook. Missing verifier pieces fail closed.

from pathlib import Path
from pydantic import BaseModel
from snoai_mda_config import load_mda_source


class Preset(BaseModel, extra="forbid"):
    name: str
    description: str
    metadata: dict | None = None
    integrity: dict | None = None
    signatures: list[dict] | None = None


config = load_mda_source(
    Path("preset.mda"),
    schema=Preset,
    verify_integrity=True,
)

For signed presets, also pass verify_signatures=True, trust_policy=..., rekor_client=..., and verifier hooks. For production trusted-runtime loading, prefer trusted_runtime=True with a strict RC2 policy:

config = load_mda_source(
    Path("preset.mda"),
    schema=Preset,
    trusted_runtime=True,
    trust_policy={
        "version": 1,
        "trustedSigners": [
            {
                "type": "sigstore-oidc",
                "issuer": "https://token.actions.githubusercontent.com",
                "subject": "repo:OWNER/REPO:ref:refs/heads/main",
            }
        ],
        "rekor": {"url": "https://rekor.sigstore.dev"},
    },
    rekor_client=rekor_client,
    sigstore_verifier=sigstore_verifier,
)

did:web is supported through a did_web_verifier hook. If a policy trusts did:web and that hook is absent, loading fails closed with trust-policy-violation. For capability enforcement, pass enforce_requires=True with allowed_networks=[...].

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for larryhope from gravatar.com larryhope

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: SnoAI
  • Tags configuration , frontmatter , integrity , mda
  • Requires: Python >=3.11
Classifiers

Release history Release notifications | RSS feed

This version

1.1.1

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

snoai_mda_config-1.1.1.tar.gz (17.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

snoai_mda_config-1.1.1-py3-none-any.whl (21.6 kB view details)

Uploaded Python 3

File details

Details for the file snoai_mda_config-1.1.1.tar.gz.

File metadata

  • Download URL: snoai_mda_config-1.1.1.tar.gz
  • Upload date:
  • Size: 17.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for snoai_mda_config-1.1.1.tar.gz
Algorithm Hash digest
SHA256 5ab203bbabdd19ad73a3407eb44d260bfc728be57376c9d55b297df955129c6b
MD5 d926a80307c5e2aae0cba6f54c14c20c
BLAKE2b-256 e503f8ca1d62263a73689c8a350b336d4b723cde78e96cb4da3d1fde710589f6

See more details on using hashes here.

Provenance

The following attestation bundles were made for snoai_mda_config-1.1.1.tar.gz:

Publisher: publish-pypi.yml on sno-ai/mda-config

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file snoai_mda_config-1.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for snoai_mda_config-1.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 4de640841cabc9eeb84ffdf7b2315e44fae6a579994042316d408d2d3ad3caab
MD5 12f0654e93ab8f8ac2cea43a1dce958d
BLAKE2b-256 2e6dababfc4da7f0a70cee597c4bfc72c3c27e37013dc4baadede8f8922a13e1

See more details on using hashes here.

Provenance

The following attestation bundles were made for snoai_mda_config-1.1.1-py3-none-any.whl:

Publisher: publish-pypi.yml on sno-ai/mda-config

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page