TaipanStack - Modular, secure, and scalable Python stack for robust development
Project description
๐ Taipan Stack
The Modern Python Foundation
Launch secure, high-performance Python applications in seconds.
Features โข Quick Start โข Architecture โข DevSecOps โข API โข Contributing
โจ Why Taipan Stack?
"Write less, build better."
Taipan Stack is a battle-tested foundation for production-grade Python projects that combines security, performance, and developer experience into a single, cohesive toolkit.
โจ What's New in v0.5.0
- Security Hardening: Hardened path traversal protection (PR #741) and JWT encoding/decoding logic (PR #775) against malformed inputs; fixed IndexError on project validator (PR #768).
- Resilience Enhancements: Frozen circuit breaker configuration to prevent runtime mutations under chaos (PR #778) and resolved double-wrapping of Result objects in ResilienceOrchestrator (PR #767).
- Clean Code & Type Guards: Enforced strict isinstance type checks to replace match/case result matching (PR #746, #763, #777) and optimized modules to reduce complexity (PR #770).
- QA Suite Optimization: Consolidated and refactored the entire test suite down to 1,225 passing tests while maintaining absolute 100% genuine code and branch coverage (PR #773, #781, #782).
๐ Quick Start
Prerequisites
- Python 3.11+ (supports 3.11, 3.12, 3.13, 3.14)
- Poetry (install guide)
Installation
From PyPI
pip install taipanstack
From Source
# Clone the repository
git clone https://github.com/gabrielima7/TaipanStack.git
cd TaipanStack
# Install dependencies
poetry install --with dev
# Run quality checks
make all
Verify Installation
# Run tests with 100% coverage (1,225 tests)
make test
# Check architecture contracts
make lint-imports
# Run security scans
make security
# Run property-based fuzzing
make property-test
๐ Architecture
Taipan Stack follows a clean, layered architecture with strict dependency rules enforced by Import Linter.
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Application โ
โ (src/app/main.py) โ
โโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโ
โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โผ โผ โผ
โโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโ
โ Security โ โ Config โ โ Utils โ
โ guards, saniti- โ โ models, โ โ logging, retry โ
โ zers, validatorsโ โ generators โ โ metrics, fs โ
โโโโโโโโโโฌโโโโโโโโโ โโโโโโโโโโฌโโโโโโโโโ โโโโโโโโโโฌโโโโโโโโโ
โ โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโ
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Core โ
โ Result types, base patterns โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Project Structure
TaipanStack/
โโโ src/
โ โโโ app/ # Application entry point
โ โโโ taipanstack/
โ โโโ core/ # ๐ฏ Result types, functional patterns
โ โโโ config/ # โ๏ธ Configuration models & generators
โ โโโ security/ # ๐ก๏ธ Guards, sanitizers, validators
โ โโโ utils/ # ๐ง Logging, metrics, retry, filesystem
โโโ tests/ # โ
1,225 tests, 100% coverage
โโโ .semgrep/ # ๐ Custom SAST rules
โโโ .github/ # ๐ CI/CD + SBOM/SLSA workflows
โโโ Dockerfile # ๐ณ Hardened multi-stage container
โโโ pyproject.toml # ๐ Modern dependency management
๐ DevSecOps
Taipan Stack integrates security and quality at every level:
| Category | Tools | Purpose |
|---|---|---|
| SAST | Bandit, Semgrep + custom rules | Static Application Security Testing |
| SCA | Safety, pip-audit | Dependency vulnerability scanning |
| SBOM | Syft (CycloneDX) | Software Bill of Materials |
| SLSA | Cosign (Sigstore) | Artifact signing & attestation |
| Types | Mypy (strict) | Compile-time type checking |
| Lint | Ruff | Lightning-fast linting & formatting |
| Arch | Import Linter | Dependency rule enforcement |
| Test | Pytest, Hypothesis, mutmut | Property-based & mutation testing |
| Containers | Docker (Alpine, rootless) | Hardened-by-default images |
CI Pipeline
# Runs on every push/PR
โ Test Matrix โ Python 3.11-3.14 ร (Ubuntu, macOS, Windows)
โ Linux Distros โ Ubuntu, Debian, Fedora, openSUSE, Arch, Alpine
โ Code Quality โ Ruff check & format
โ Type Check โ Mypy strict mode
โ Security โ Bandit + Semgrep (custom rules)
โ Architecture โ Import Linter contracts
โ Benchmarks โ Performance regression (>5% = fail)
โ SBOM + SLSA โ Supply-chain attestation on release
๐ API Highlights
Result Types (Rust-Style Error Handling)
from taipanstack.core.result import Result, Ok, Err, safe
@safe
def divide(a: int, b: int) -> float:
return a / b
# Explicit error handling with pattern matching
match divide(10, 0):
case Ok(value):
print(f"Result: {value}")
case Err(error):
print(f"Error: {error}")
Security Guards
from taipanstack.security.guards import guard_path_traversal, guard_command_injection
# Prevent path traversal attacks
safe_path = guard_path_traversal(user_input, base_dir="/app/data")
# Prevent command injection
safe_cmd = guard_command_injection(
["git", "clone", repo_url],
allowed_commands=["git"]
)
Retry with Exponential Backoff
from taipanstack.resilience.retry import retry
@retry(max_attempts=3, on=(ConnectionError, TimeoutError))
async def fetch_data(url: str) -> dict:
return await http_client.get(url)
Circuit Breaker
from taipanstack.resilience.circuit_breaker import circuit_breaker
@circuit_breaker(failure_threshold=5, timeout=30)
def call_external_service() -> Response:
return service.call()
๐ Combining Result + Circuit Breaker
from taipanstack.core.result import safe, Ok, Err
from taipanstack.resilience.circuit_breaker import CircuitBreaker
breaker = CircuitBreaker(failure_threshold=3, timeout=60, name="payments")
@breaker
@safe
def charge_customer(customer_id: str, amount: float) -> dict:
return payment_gateway.charge(customer_id, amount)
# Both circuit protection AND explicit error handling
result = charge_customer("cust_123", 49.99)
match result:
case Ok(receipt):
print(f"Payment successful: {receipt}")
case Err(error):
print(f"Payment failed safely: {error}")
๐ Combining Result + Retry with Monitoring
from taipanstack.core.result import safe, unwrap_or
from taipanstack.resilience.retry import retry
@retry(
max_attempts=3,
on=(ConnectionError, TimeoutError),
on_retry=lambda attempt, max_a, exc, delay: print(
f"โ ๏ธ Attempt {attempt}/{max_a} failed, retrying in {delay:.1f}s..."
),
)
@safe
def fetch_user_profile(user_id: str) -> dict:
return api_client.get(f"/users/{user_id}")
# Retry handles transient failures, Result handles business errors
profile = unwrap_or(fetch_user_profile("usr_456"), {"name": "Unknown"})
๐ Adaptive Resilience Pipeline
from taipanstack.core.result import Result, Ok, Err
from taipanstack.resilience.adaptive import ResilienceOrchestrator, AdaptiveCircuitBreaker
from taipanstack.resilience.retry import RetryConfig
# Compose an intelligent pipeline: Bulkhead -> Breaker -> Retry -> Timeout -> Fallback
orch = (
ResilienceOrchestrator("billing_api")
.with_bulkhead(max_concurrent=10, max_queue=50) # Prevent resource exhaustion
.with_circuit_breaker(AdaptiveCircuitBreaker("billing", target_error_rate=0.1)) # Auto-tunes thresholds
.with_retry(RetryConfig(max_attempts=3, initial_delay=0.1))
.with_fallback({"status": "unavailable"})
)
async def process_billing() -> Result[dict, Exception]:
# The orchestrator handles all concurrency, retry, circuit breaking, and fallbacks
return await orch.execute(stripe_gateway.charge)
Intelligent Caching
from taipanstack.utils.cache import cached
from taipanstack.core.result import Result
@cached(ttl=60)
async def get_user_data(user_id: int) -> Result[dict, Exception]:
return await db.fetch(user_id) # Only Ok() results are cached
Fallbacks & Timeouts
from taipanstack.resilience.resilience import fallback, timeout
from taipanstack.core.result import Result
@fallback({"status": "offline"}, exceptions=(TimeoutError,))
@timeout(seconds=5.0)
async def fetch_remote_status() -> Result[dict, Exception]:
return await api.get_status()
๐ณ Docker
# Build hardened image
docker build -t taipanstack:latest .
# Run (rootless, read-only)
docker run --rm --read-only taipanstack:latest
Security features: multi-stage build, Alpine base (<50MB), non-root appuser (UID 1000), healthcheck, no shell in runtime.
๐ ๏ธ Tech Stack
| Runtime | Quality | DevSecOps |
|---|---|---|
|
|
|
๐ค Contributing
Contributions are welcome! Please check our Contributing Guide for details on:
- ๐ Bug reports
- โจ Feature requests
- ๐ Documentation improvements
- ๐ง Pull requests
๐ License
This project is open-sourced under the MIT License.
Made with โค๏ธ for the Python community
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file taipanstack-0.5.0.tar.gz.
File metadata
- Download URL: taipanstack-0.5.0.tar.gz
- Upload date:
- Size: 87.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9aae842b50d46cc35de1b41158d2b44ba491252cb62adb5224b55e6e3dbee1f7
|
|
| MD5 |
d8897bba97cd4e8d4afa90b0505bf699
|
|
| BLAKE2b-256 |
31c2c532d4d092c76455367aa0d0b82f78db393908111cbaf08ca8990c291b6d
|
Provenance
The following attestation bundles were made for taipanstack-0.5.0.tar.gz:
Publisher:
ci-release-publish.yml on gabrielima7/TaipanStack
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
taipanstack-0.5.0.tar.gz -
Subject digest:
9aae842b50d46cc35de1b41158d2b44ba491252cb62adb5224b55e6e3dbee1f7 - Sigstore transparency entry: 1574385976
- Sigstore integration time:
-
Permalink:
gabrielima7/TaipanStack@3376d050596bbc203af7ed8eee6f11e35de0741e -
Branch / Tag:
refs/tags/v0.5.0 - Owner: https://github.com/gabrielima7
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
ci-release-publish.yml@3376d050596bbc203af7ed8eee6f11e35de0741e -
Trigger Event:
release
-
Statement type:
File details
Details for the file taipanstack-0.5.0-py3-none-any.whl.
File metadata
- Download URL: taipanstack-0.5.0-py3-none-any.whl
- Upload date:
- Size: 105.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3800a4c05429a15d49d74bdef0b3ec3701661cca2339eb6a5c0f3b23bec4fb84
|
|
| MD5 |
5fe364e23f78e41c45b6465ac5755a71
|
|
| BLAKE2b-256 |
0c1b075d79a07d0db237359318541e9707044f3b7615b3504633d2fc6a69f446
|
Provenance
The following attestation bundles were made for taipanstack-0.5.0-py3-none-any.whl:
Publisher:
ci-release-publish.yml on gabrielima7/TaipanStack
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
taipanstack-0.5.0-py3-none-any.whl -
Subject digest:
3800a4c05429a15d49d74bdef0b3ec3701661cca2339eb6a5c0f3b23bec4fb84 - Sigstore transparency entry: 1574386080
- Sigstore integration time:
-
Permalink:
gabrielima7/TaipanStack@3376d050596bbc203af7ed8eee6f11e35de0741e -
Branch / Tag:
refs/tags/v0.5.0 - Owner: https://github.com/gabrielima7
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
ci-release-publish.yml@3376d050596bbc203af7ed8eee6f11e35de0741e -
Trigger Event:
release
-
Statement type: