Skip to main content

Native Rust primitives for the Tank SDK — integrity verification, tarball extraction, version resolution, permission checks

Project description

tank-core

Native Rust primitives for the Tank Python SDK. Provides SHA-512 integrity verification, tarball extraction with path traversal protection, semver resolution, and permission checks — built in Rust, exposed via pyo3.

Most users do not install this directly. Install the high-level SDK instead:

pip install "tank-sdk[native]"

That pulls tank-core as a dependency and the SDK loads it transparently. Installing tank-core alone is supported but exposes a low-level API that the SDK abstracts.

Install

pip install tank-core

Pre-built wheels ship for:

  • Linux x86_64 and aarch64 (manylinux_2_28)
  • macOS x86_64 (10.12+) and arm64 (11+)
  • Windows x86_64

Built against Python's stable ABI (abi3), compatible with Python 3.11+. Unsupported platforms (e.g. musllinux, FreeBSD) fall back to an sdist build that requires a Rust toolchain.

Low-level API

import tankpkg_core

tankpkg_core.verify_integrity(data, "sha512-...")
tankpkg_core.extract_tarball(data, "/tmp/dest")
tankpkg_core.resolve_version(["1.0.0", "1.1.0", "2.0.0"], "^1.0.0")
tankpkg_core.is_path_allowed("/src/foo.ts", ["/src/**"])
tankpkg_core.is_domain_allowed("api.anthropic.com", ["*.anthropic.com"])

budget = tankpkg_core.Permissions(
    network_outbound=["*.anthropic.com"],
    fs_read=["/src/**"],
    fs_write=["/output/**"],
    subprocess=False,
)
skill_perms = tankpkg_core.Permissions(fs_read=["/src/**"])
tankpkg_core.check_permission_budget(budget, skill_perms, "@example/skill")

Errors use standard Python exceptions: ValueError for integrity failures, IOError for extraction failures, PermissionError for budget violations.

Building from source

Requires Rust and maturin:

cd packages/sdk-core/crates/python
maturin develop

Links

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tank_core-0.16.2.tar.gz (13.2 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

tank_core-0.16.2-cp39-abi3-win_amd64.whl (314.6 kB view details)

Uploaded CPython 3.9+Windows x86-64

tank_core-0.16.2-cp39-abi3-manylinux_2_28_x86_64.whl (398.3 kB view details)

Uploaded CPython 3.9+manylinux: glibc 2.28+ x86-64

tank_core-0.16.2-cp39-abi3-manylinux_2_28_aarch64.whl (381.9 kB view details)

Uploaded CPython 3.9+manylinux: glibc 2.28+ ARM64

tank_core-0.16.2-cp39-abi3-macosx_11_0_arm64.whl (365.4 kB view details)

Uploaded CPython 3.9+macOS 11.0+ ARM64

tank_core-0.16.2-cp39-abi3-macosx_10_12_x86_64.whl (386.6 kB view details)

Uploaded CPython 3.9+macOS 10.12+ x86-64

File details

Details for the file tank_core-0.16.2.tar.gz.

File metadata

  • Download URL: tank_core-0.16.2.tar.gz
  • Upload date:
  • Size: 13.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for tank_core-0.16.2.tar.gz
Algorithm Hash digest
SHA256 1f607f6d8dfd089309767bbae85dcf89eb08d5a06c96c8eed53193aeaff65c37
MD5 b95f481084ec99b6d119cb973a952e0d
BLAKE2b-256 b1fa8ae14e00d5e877b59d1b1b3712f8e830dd976024d4d8bea08fd7bd75e050

See more details on using hashes here.

Provenance

The following attestation bundles were made for tank_core-0.16.2.tar.gz:

Publisher: release.yml on tankpkg/tank

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file tank_core-0.16.2-cp39-abi3-win_amd64.whl.

File metadata

  • Download URL: tank_core-0.16.2-cp39-abi3-win_amd64.whl
  • Upload date:
  • Size: 314.6 kB
  • Tags: CPython 3.9+, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for tank_core-0.16.2-cp39-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 fa74891c40d90d16ee03e06c429efc21486005b9d8df6e99c787ee4908262860
MD5 afd5201c844e7146bf8a5fa284ba0e8b
BLAKE2b-256 40da7fa9314409f84fb76261fc03fb38cad2ac1b2bbcf3da29233bb37e7b2fd3

See more details on using hashes here.

Provenance

The following attestation bundles were made for tank_core-0.16.2-cp39-abi3-win_amd64.whl:

Publisher: release.yml on tankpkg/tank

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file tank_core-0.16.2-cp39-abi3-manylinux_2_28_x86_64.whl.

File metadata

File hashes

Hashes for tank_core-0.16.2-cp39-abi3-manylinux_2_28_x86_64.whl
Algorithm Hash digest
SHA256 71808fd52b0fdaa818669123104df34a394620210722f08e36073f82b3d33110
MD5 1b23c44c398c7d15563049accce4de67
BLAKE2b-256 f293baffc0c7da4f946c45ab29360e8bfc45d0f099dd06aba56510f48f0eeed9

See more details on using hashes here.

Provenance

The following attestation bundles were made for tank_core-0.16.2-cp39-abi3-manylinux_2_28_x86_64.whl:

Publisher: release.yml on tankpkg/tank

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file tank_core-0.16.2-cp39-abi3-manylinux_2_28_aarch64.whl.

File metadata

File hashes

Hashes for tank_core-0.16.2-cp39-abi3-manylinux_2_28_aarch64.whl
Algorithm Hash digest
SHA256 b1f06edd6a7ab8549bdec92cf762161c836f053a439771c5cf5d6ef501568b5b
MD5 48c3810f36cd948ba16da29f5940bbfd
BLAKE2b-256 141806434cbf87b033eb86ec56563e5b61d54ee30379134b9d54e615d8ec7891

See more details on using hashes here.

Provenance

The following attestation bundles were made for tank_core-0.16.2-cp39-abi3-manylinux_2_28_aarch64.whl:

Publisher: release.yml on tankpkg/tank

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file tank_core-0.16.2-cp39-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for tank_core-0.16.2-cp39-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 a2bddfa2a728af6985ccdc37c3a988c5b31b40c445509dcc1d31de69ecc26776
MD5 748d50da8c6e28d5e70953a2d521b51b
BLAKE2b-256 3ab45e565d52bd343ee22ba571f4f7262de19de9c3d3193f42f2fca86097a673

See more details on using hashes here.

Provenance

The following attestation bundles were made for tank_core-0.16.2-cp39-abi3-macosx_11_0_arm64.whl:

Publisher: release.yml on tankpkg/tank

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file tank_core-0.16.2-cp39-abi3-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for tank_core-0.16.2-cp39-abi3-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 3611ccb8fd2127923db9a218f0264c230e8132e2fe596be5392050a52f633cfd
MD5 6500bac76f786d7a91a819b003b077c8
BLAKE2b-256 87fc7d059ce2f9a1a591b9faabde2d129dad6ed553dabd68cf8b9fb925c9008f

See more details on using hashes here.

Provenance

The following attestation bundles were made for tank_core-0.16.2-cp39-abi3-macosx_10_12_x86_64.whl:

Publisher: release.yml on tankpkg/tank

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page