PASS or BLOCK before any agent executes — four disk checks, one receipt.
Project description
sourcea-boot
One command. PASS or BLOCK before your agents run.
Run in 5 minutes
git clone https://github.com/kazemnezhadsina144-dot/sourcea-boot.git
cd sourcea-boot
pip install -e .
sourcea-boot --json
PyPI (Phase 0b — trusted publishing prepared, not live yet):
# pip install sourcea-boot # not on PyPI yet — clone + editable install above
sourcea-boot --json
When published, install will be pip install sourcea-boot via GitHub Actions trusted publishing (no long-lived PyPI token). See docs/PYPI_TRUSTED_PUBLISHING_SETUP.md in this repo after export.
Writes BOOT_REPORT.json in the current directory. Exit code 0 = PASS, 1 = BLOCK.
Expected output:
$ sourcea-boot --json
SOURCEA_BOOT PASS ok=true
[PASS] policy_version: ...
[PASS] provider: ...
[PASS] receipt_fresh: ...
[PASS] queue_truth: ...
REPORT=BOOT_REPORT.json
CI validation
Factory CI runs scripts/validate-sourcea-boot-v1.sh — four checks, PASS/BLOCK contract, BOOT_REPORT.json on disk.
What it checks
| Check | Meaning |
|---|---|
policy_version |
Project policy / SSOT file not stale vs last brief |
provider |
LLM embedding provider configured (no fake-green hash mode when keys exist) |
receipt_fresh |
Last boot/gate receipt fresh (<8h) and ok |
queue_truth |
Agent queue head matches inbox truth (when queue files present) |
SourceA factory mode
When run inside a SourceA monorepo (detects SOURCEA_UNIFIED_PORTFOLIO_COMMERCIAL_SSOT_LOCKED_v3.1.md), runs full factory spine checks against ~/.sina/.
Zero config
Works in any project. Optional config: .sourcea-boot.json in project root.
{
"policy_file": "POLICY.md",
"receipt_path": ".sourcea/boot-receipt.json",
"max_receipt_age_hours": 8
}
Repository
https://github.com/kazemnezhadsina144-dot/sourcea-boot
License
MIT · SourceA · hello@sourcea.app
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sourcea_boot-0.1.0.tar.gz.
File metadata
- Download URL: sourcea_boot-0.1.0.tar.gz
- Upload date:
- Size: 9.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0840cee3a6509ed75949828ecfa59d81f30cb371433135cdf573c166821b3768
|
|
| MD5 |
58e41c6fced8d61739f4a16df27cc2fd
|
|
| BLAKE2b-256 |
baf4f10a3d5a4d70786dbb249792a000d00ae5a4f72f4f067d754ad480f082cf
|
Provenance
The following attestation bundles were made for sourcea_boot-0.1.0.tar.gz:
Publisher:
publish-pypi-v1.yml on kazemnezhadsina144-dot/sourcea-boot
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sourcea_boot-0.1.0.tar.gz -
Subject digest:
0840cee3a6509ed75949828ecfa59d81f30cb371433135cdf573c166821b3768 - Sigstore transparency entry: 2043860634
- Sigstore integration time:
-
Permalink:
kazemnezhadsina144-dot/sourcea-boot@9619a3e80ce3846f86e81ce6de360d32f1439cd2 -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/kazemnezhadsina144-dot
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi-v1.yml@9619a3e80ce3846f86e81ce6de360d32f1439cd2 -
Trigger Event:
release
-
Statement type:
File details
Details for the file sourcea_boot-0.1.0-py3-none-any.whl.
File metadata
- Download URL: sourcea_boot-0.1.0-py3-none-any.whl
- Upload date:
- Size: 9.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f5a8b5a8419ca40ee0cea4013c46e532a3e757f0e94501e449dca03cc4259b5f
|
|
| MD5 |
a9836a163fc2bb9ef5881179970d462d
|
|
| BLAKE2b-256 |
db5ef6a117dff36d66508dbab90f91a67781ecd5967f94602890790ea37b2044
|
Provenance
The following attestation bundles were made for sourcea_boot-0.1.0-py3-none-any.whl:
Publisher:
publish-pypi-v1.yml on kazemnezhadsina144-dot/sourcea-boot
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sourcea_boot-0.1.0-py3-none-any.whl -
Subject digest:
f5a8b5a8419ca40ee0cea4013c46e532a3e757f0e94501e449dca03cc4259b5f - Sigstore transparency entry: 2043860656
- Sigstore integration time:
-
Permalink:
kazemnezhadsina144-dot/sourcea-boot@9619a3e80ce3846f86e81ce6de360d32f1439cd2 -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/kazemnezhadsina144-dot
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi-v1.yml@9619a3e80ce3846f86e81ce6de360d32f1439cd2 -
Trigger Event:
release
-
Statement type: