Python source-mode loader for MDA v1.0 configuration artifacts

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for larryhope from gravatar.com larryhope

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: SnoAI
  • Tags configuration , frontmatter , integrity , mda
  • Requires: Python >=3.11
Classifiers
Report project as malware

Project description

snoai-mda-config

Python source-mode loader for MDA v1.0 configuration artifacts.

This package mirrors the TypeScript @snoai/mda-config and Rust snoai-mda-config loader contract. The v1.0 surface covers frontmatter extraction, MDA source-schema validation, integrity verification, requires.network enforcement, trusted-runtime verifier hooks, and consumer pydantic validation.

Python does not perform real Rekor transport or Sigstore cryptography by itself. When verify_signatures=True, callers must provide a trust policy, Rekor client, and Sigstore verifier hook. Missing verifier pieces fail closed.

from pathlib import Path
from pydantic import BaseModel
from snoai_mda_config import load_mda_source


class Preset(BaseModel, extra="forbid"):
    name: str
    description: str
    metadata: dict | None = None
    integrity: dict | None = None
    signatures: list[dict] | None = None


config = load_mda_source(
    Path("preset.mda"),
    schema=Preset,
    verify_integrity=True,
)

For signed presets, also pass verify_signatures=True, trust_policy=..., rekor_client=..., and verifier hooks. For production trusted-runtime loading, prefer trusted_runtime=True with a strict policy:

config = load_mda_source(
    Path("preset.mda"),
    schema=Preset,
    trusted_runtime=True,
    trust_policy={
        "version": 1,
        "trustedSigners": [
            {
                "type": "sigstore-oidc",
                "issuer": "https://token.actions.githubusercontent.com",
                "subject": "repo:OWNER/REPO:ref:refs/heads/main",
            }
        ],
        "rekor": {"url": "https://rekor.sigstore.dev"},
    },
    rekor_client=rekor_client,
    sigstore_verifier=sigstore_verifier,
)

did:web is supported through a did_web_verifier hook. If a policy trusts did:web and that hook is absent, loading fails closed with trust-policy-violation. For capability enforcement, pass enforce_requires=True with allowed_networks=[...].

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for larryhope from gravatar.com larryhope

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: Apache-2.0
    SPDX License Expression
  • Author: SnoAI
  • Tags configuration , frontmatter , integrity , mda
  • Requires: Python >=3.11
Classifiers

Release history Release notifications | RSS feed

This version

1.1.2

1.1.1

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

snoai_mda_config-1.1.2.tar.gz (18.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

snoai_mda_config-1.1.2-py3-none-any.whl (23.0 kB view details)

Uploaded Python 3

File details

Details for the file snoai_mda_config-1.1.2.tar.gz.

File metadata

  • Download URL: snoai_mda_config-1.1.2.tar.gz
  • Upload date:
  • Size: 18.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for snoai_mda_config-1.1.2.tar.gz
Algorithm Hash digest
SHA256 9e9126a23ea3e568fadc1fd8a9e96d1b06e469fe8628b70c282995117b0c4f24
MD5 55f58ba8b63872488b5f04ab29956b27
BLAKE2b-256 ee0fcd643f22414b2c20b5a2388181cfb4c27a7d2840d6272d5efb039cd6fb7b

See more details on using hashes here.

Provenance

The following attestation bundles were made for snoai_mda_config-1.1.2.tar.gz:

Publisher: release-mda-config.yml on sno-ai/llmix

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file snoai_mda_config-1.1.2-py3-none-any.whl.

File metadata

File hashes

Hashes for snoai_mda_config-1.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 b81d79c497a7b1e047ab65ba4ca60f130d725830f4d40ef30d66bd0aa572e1f5
MD5 f1f5589861b012232b633a5f11b7f8af
BLAKE2b-256 0b86c3f62dbdec301cad93eb38a24e5cb133cbb86619241afa37d930b066a01e

See more details on using hashes here.

Provenance

The following attestation bundles were made for snoai_mda_config-1.1.2-py3-none-any.whl:

Publisher: release-mda-config.yml on sno-ai/llmix

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page