Release schema develop to main#51
Open
nimrodbusany wants to merge 39 commits into
Open
Conversation
The second assertion in test_no_optigen_references was guarded by `or "traigent" in content.lower()`, which is satisfied by every schema file (they all reference traigent) and therefore made the lowercase optigen check unable to fail. Remove the dead clause so the test actually verifies what it claims. Originally fixed by Elad on the (now-retiring) `dev` branch in commit 1aa5e0d; ported forward as a direct edit because the cherry-pick conflicted with parallel rename history. Co-Authored-By: Elad <[email protected]> Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
All four findings were pre-existing on develop, surfaced by the safe-push gate while shipping the branding-test fix in this branch. Addressed surgically (no blanket reformat) to keep the diff reviewable: - F401: drop unused `from pathlib import Path` - I001: alphabetize the two `traigent_schema` imports - UP015 (×2): drop redundant `'r'` mode argument in `open()` calls (json integrity test and branding test) Deliberately NOT included: a `ruff format` reformat pass. It would produce ~525 lines of mostly line-ending and dict-trailing-comma churn that's pre-existing on develop and unrelated to this branch. That cleanup belongs in its own dedicated PR if the team wants it. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
fix: tighten optigen branding test + clean up ruff lint debt in test_schemas.py
Two related changes that have to land together:
1. `.vscode/settings.json` — Peacock-style workbench color customizations
(dark-red `#b12c0054` tint on activity/status/title bars) so this repo's
VS Code window is visually distinct from the other Traigent repos when
several are open at once.
2. `.gitignore` — switch the `.vscode/` rule to `.vscode/*` plus
`!.vscode/settings.json`. The directory-form pattern silently disables
negation rules, so the existing `.vscode/` line had to change before
the shared `settings.json` could be tracked at all. Everything else
under `.vscode/` (personal `launch.json`, `tasks.json`, debug configs,
etc.) stays ignored.
Approved with the team beforehand. Anyone who prefers no colors can opt
out locally without touching the repo:
git update-index --skip-worktree .vscode/settings.json
Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
Indents the eight color keys one level deeper under `workbench.colorCustomizations` (standard JSON / VS Code default style) and adds a trailing newline. No color values changed. This also reduces future churn risk: VS Code's format-on-save uses this exact indentation, so subsequent edits via the IDE won't dirty the file. Addresses Greptile P2 finding on PR #15. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
chore: add Peacock workspace title-bar colors
Revert "chore: add Peacock workspace title-bar colors" (#15)
…chema [codex] Add experiment list stats schema contract
Codifies the normative behavioral contract for multi-objective normalization across the Traigent ecosystem. The new multi_objective_semantics_schema.json under optimization/ pins: - zero_span_fallback = 0.5 (neutral midpoint when all trials tie on an objective; no information to differentiate, so every trial contributes equally to the weighted sum) - zero_span_epsilon = 1e-9 (single normative tolerance — exact value, not "<= this") - weight_normalization = "sum_to_one" (relative weights are rescaled before aggregation; raw weights still flow on the wire) - dominance_guard.max_normalized_weight = 0.99 with validation_scope = ["sdk"] — design-time validation enforced only by SDKs at ObjectiveSchema construction. Backend live-validation and FE rendering are out of scope; documented explicitly so consumers do not assume universal enforcement. These are NOT wire-format fields: implementations hard-code the constants. The doc exists so behavior is discoverable and testable across Python SDK, traigent-js, TraigentBackend (recompute path), and TraigentFrontend, which currently disagree on zero-span fallback (0.5 vs 1.0) and weight rescaling. Schema bump 0.9.0 -> 0.9.1 on objective_definition_schema.json adds a pointer to the new doc; no field changes. Package bump 4.0.0 -> 4.1.0 (additive, non-breaking). Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
Codifies the normative behavioral contract for multi-objective normalization across the Traigent ecosystem. The new multi_objective_semantics_schema.json under optimization/ pins: - zero_span_fallback = 0.5 (neutral midpoint when all trials tie on an objective; no information to differentiate, so every trial contributes equally to the weighted sum) - zero_span_epsilon = 1e-9 (single normative tolerance — exact value, not "<= this") - weight_normalization = "sum_to_one" (relative weights are rescaled before aggregation; raw weights still flow on the wire) - dominance_guard.max_normalized_weight = 0.99 with validation_scope = ["sdk"] — design-time validation enforced only by SDKs at ObjectiveSchema construction. Backend live-validation and FE rendering are out of scope; documented explicitly so consumers do not assume universal enforcement. These are NOT wire-format fields: implementations hard-code the constants. The doc exists so behavior is discoverable and testable across Python SDK, traigent-js, TraigentBackend (recompute path), and TraigentFrontend, which currently disagree on zero-span fallback (0.5 vs 1.0) and weight rescaling. Schema bump 0.9.0 -> 0.9.1 on objective_definition_schema.json adds a pointer to the new doc; no field changes. Package bump 4.0.0 -> 4.1.0 (additive, non-breaking). Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
Resolves CHANGELOG.md and version.py conflicts; combines both 4.1.0 entries (multi-objective meta-contract + parity manifest + planner draft) into one consolidated 4.1.0 changelog. Adds the experiment_schema.json 1.1.0 list-stats entry per greptile review. Fixes \$id consistency in multi_objective_semantics_schema.json to match the canonical https://schemas.traigent.ai/... pattern used by all other schemas (was https://traigent.ai/schemas/...). Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
Greptile P1 review: ORMs typically serialize a missing relationship as
null rather than omitting the key. Without the explicit null branch,
{"experiment_run": null, ...} fails schema validation. Wrapping the
ExperimentListRunSummary $ref in a oneOf with {"type":"null"} closes
the gap.
Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
Greenfield config for TraigentSchema. Mirrors the pattern applied to the other 4 repos: monthly cadence, 1 PR per ecosystem, single catch-all group for version-updates, security-updates kept distinct. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
Add first SonarCloud configuration for TraigentSchema: - sonar-project.properties: sources=traigent_schema, tests=tests. Python version matrix (3.9-3.12) matches the existing CI matrix in ci.yml. Coverage path is coverage.xml (produced by the existing pytest --cov step). parity/ is excluded — it is a cross-SDK manifest, not source. - .github/workflows/sonarcloud.yml: triggers on push to main/develop, on PRs (any base), and on workflow_dispatch. Runs pytest with coverage before invoking SonarSource/sonarqube-scan-action@v6 (SHA-pinned). Note: requires SONAR_TOKEN repository secret. Mint at https://sonarcloud.io/account/security/ if missing. Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
* fix: harden schema lookup and endpoint validation * ci: avoid duplicate SonarCloud automatic analysis * ci: archive duplicate SonarCloud workflow * ci: keep Sonar config local while automatic analysis is enabled
…load contract drift) (#36) * feat(agents): add `source` provenance field to agent_schema The Traigent SDK's SyncManager.convert_session_to_traigent_format (Traigent/traigent/cloud/sync_manager.py:194) builds an agent_data dict with `"source": "local_import"` and POSTs it to the backend. The DTO has `additionalProperties: false` and didn't declare `source`, so the validation spine's `payload_shape_assertion` detector flagged it as `payload_unknown_field` (high-severity contract drift). The field is real and meaningful — it tags the agent's origin for observability/audit. Add it to the DTO with an enum of known producers: - `local_import` — set by the SDK's SyncManager from a local optimization session (current usage) - `ui` / `api` / `sdk` / `import` — analogous tags for other producers After this lands + the spine catalog re-runs: payload_unknown_field findings: 1 → 0 Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]> * docs(agent_schema): clarify which `source` enum values are stamped today Codex review flagged that the original description suggested all five enum values were active producers; only `local_import` is stamped today. Updated the description to: - Name the only current producer (SDK SyncManager → `local_import`) - Document the other four values as reserved naming for future producers (UI, API, SDK direct, BE AgentImportService) - Note that BE persistence (AgentDAL.create_agent, Agent.to_dict) is a separate follow-up — schema acceptance does not yet imply BE storage of the field --------- Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
Closes Traigent/traigent-validation-spine#11. PR validation-spine #4 + #8 added 8 OpenAPI declaration files under `ops/_validation/catalog/openapi/` covering 47 Flask routes that were previously `registered_without_contract` in TraigentBackend. Codex review of #4 explicitly tagged this as a "short-lived shim" — the proper home is TraigentSchema alongside the existing per-namespace schemas (`agents/`, `analytics/`, `datasets/`, etc.). This PR creates 5 new namespace directories and moves the 8 files in: audit/ audit_endpoints.json (10 paths) auth/ auth_endpoints.json (11 paths) billing/ paddle_endpoints.json (4 paths) spend_controls_endpoints.json (4 paths) subscription_lifecycle_endpoints.json (5 paths) wallet_endpoints.json (4 paths) mfa/ mfa_endpoints.json (8 paths) security/ security_endpoints.json (1 path) All 47 paths preserved verbatim. The `billing_*` files are renamed to drop the redundant prefix now that they live under `billing/`. All 8 files validate as OpenAPI 3.0.0 and `pytest tests/` passes (262/262). Follow-up validation-spine PR will update `catalog/public_surface.yaml` to reference these schema paths instead of the now-orphan shim files; once merged, the shim files are deleted from the spine.
* ci: add validation-spine PR workflow Runs the validation spine's security_ledger detector against this repo on each PR. Advisory mode (continue-on-error: true) for the initial calibration window. The spine is cloned from Traigent/traigent-validation-spine at the chore/l6-and-batch1-fixes WIP branch — repin to a tagged release once the spine's WIP merges to develop. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]> * ci: harden validation spine workflow --------- Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-python](https://github.com/actions/setup-python), [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) Updates `pypa/gh-action-pypi-publish` from 1.12.4 to 1.14.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](pypa/gh-action-pypi-publish@76f52bc...cef2210) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the version-updates group with 8 updates: | Package | From | To | | --- | --- | --- | | [pytest-cov](https://github.com/pytest-dev/pytest-cov) | `7.0.0` | `7.1.0` | | [ruff](https://github.com/astral-sh/ruff) | `0.14.9` | `0.15.13` | | [mypy](https://github.com/python/mypy) | `1.19.0` | `1.19.1` | | [attrs](https://github.com/python-attrs/attrs) | `25.4.0` | `26.1.0` | | [librt](https://github.com/mypyc/librt) | `0.7.3` | `0.11.0` | | [packaging](https://github.com/pypa/packaging) | `25.0` | `26.2` | | [pathspec](https://github.com/cpburnz/python-pathspec) | `0.12.1` | `1.1.1` | | [pygments](https://github.com/pygments/pygments) | `2.19.2` | `2.20.0` | Updates `pytest-cov` from 7.0.0 to 7.1.0 - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v7.0.0...v7.1.0) Updates `ruff` from 0.14.9 to 0.15.13 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.14.9...0.15.13) Updates `mypy` from 1.19.0 to 1.19.1 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v1.19.0...v1.19.1) Updates `attrs` from 25.4.0 to 26.1.0 - [Release notes](https://github.com/python-attrs/attrs/releases) - [Changelog](https://github.com/python-attrs/attrs/blob/main/CHANGELOG.md) - [Commits](python-attrs/attrs@25.4.0...26.1.0) Updates `librt` from 0.7.3 to 0.11.0 - [Commits](mypyc/librt@v0.7.3...v0.11.0) Updates `packaging` from 25.0 to 26.2 - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@25.0...26.2) Updates `pathspec` from 0.12.1 to 1.1.1 - [Release notes](https://github.com/cpburnz/python-pathspec/releases) - [Changelog](https://github.com/cpburnz/python-pathspec/blob/master/CHANGES.rst) - [Commits](cpburnz/python-pathspec@v0.12.1...v1.1.1) Updates `pygments` from 2.19.2 to 2.20.0 - [Release notes](https://github.com/pygments/pygments/releases) - [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES) - [Commits](pygments/pygments@2.19.2...2.20.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-version: 7.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: ruff dependency-version: 0.15.13 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: mypy dependency-version: 1.19.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: version-updates - dependency-name: attrs dependency-version: 26.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: version-updates - dependency-name: librt dependency-version: 0.11.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: packaging dependency-version: '26.2' dependency-type: direct:development update-type: version-update:semver-major dependency-group: version-updates - dependency-name: pathspec dependency-version: 1.1.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: version-updates - dependency-name: pygments dependency-version: 2.20.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: version-updates ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat(audit): pin security incidents response schema * style: format audit security incidents schema * fix: tighten audit incident timestamps
#47) Adds a tenant-scoped lookup/search endpoint the FE project-membership picker compiles against, so it can validate users inline before POST /projects/{id}/memberships instead of leaking raw 404s. The endpoint lives in the planned_projects contract because the backend route does not exist yet; the canonical mep_endpoints surface is left untouched per the no-fake-implemented-endpoints rule. Pinned via schemas: - project_member_candidate_schema: minimal tenant-admin-safe user summary (user_id, tenant_id, email, display_name, status, is_existing_member, existing_role). additionalProperties=false prevents PII drift. - project_member_candidate_list_response_schema: paginated wrapper, items capped at 50 to match the per_page server-side cap. - project_member_lookup_error_schema: error envelope with the inline codes the FE switches on (PROJECT_CONTEXT_REQUIRED, PROJECT_NOT_FOUND, PROJECT_ACCESS_DENIED, INSUFFICIENT_PERMISSIONS, INVALID_LOOKUP_QUERY, USER_NOT_FOUND). Envelope rejects user_id / email / q echo so denied/not-found responses cannot enumerate users across tenants. Tests pin file presence, schema loading, valid + empty + oversize payloads, error codes, no-echo guarantee, planned-contract wiring, query bounds (per_page <=50, q minLength=2, email format), and the canonical-backend-contract exclusion. Co-authored-by: Claude Opus 4.7 <[email protected]>
* feat(billing): add quota and wallet error contracts * chore: rerun schema analysis
# Conflicts: # .github/workflows/validation-spine-pr.yml # CHANGELOG.md # tests/test_utils.py # traigent_schema/schemas/audit/audit_endpoints.json # traigent_schema/schemas/billing/wallet_endpoints.json # traigent_schema/schemas/mep_endpoints.json # traigent_schema/utils.py # traigent_schema/version.py
…ntract Define opaque billing checkout contract
…t-contracts-develop feat(audit): pin health and retention policies schemas
…kflow-metadata-version Fix workflow metadata schema version label
fix(billing): wrap wallet top-up packs response
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Local checks