feat: SOTA AI-native guardrails, Zensical docs, and Python 3.14 via uv#114
Merged
Conversation
* Migrate from Poetry to uv and hatchling - Completely removed Poetry from pyproject.toml, GitHub Actions workflows, Dockerfile, hooks, and documentation. - Replaced Poetry with Astral's uv across all files. - Configured hatchling as the build backend in pyproject.toml. - Updated project metadata to target Python 3.14. - Converted tool.poetry.group.dev.dependencies to dependency-groups. - Updated GitHub Actions to use astral-sh/setup-uv@v5 and test against Python 3.14 and 3.14t. - Added PYTHON_GIL=0 environment variable conditionally for 3.14t. - Updated Dockerfile to use python:3.14-slim and uv sync --frozen. - Added uv.lock to root .gitignore. - Preserved all Jinja2 templating syntax and formatting.
…eason-manifest (#72) (#73) - Implement AI Agent Boundaries (.clinerules, .cursorrules, .github/copilot-instructions.md, AGENTS.md) - Enforce Strict Linting & Typing in pyproject.toml - Harden Pre-Commit & CI/CD Pipelines (security.yml, ci-cd.yml, publish.yml) - Scaffold Architectural Validation Scripts (evaluate_architecture.py, semantic_diff.py, swarm_watchdog.py) - Populate Base Tests with pytest, hypothesis, and module naming convention check - Standardize IDE Configurations (.editorconfig, extensions.json, settings.json, CODEOWNERS) https://github.com/CoReason-AI/python_template/ec6fa37af9465c83456610c8c38b6f8f71e25a18
Added reproducible builds verification job and SBOM generation with Sigstore signing to the release job in ci-cd.yml to align with coreason-manifest supply chain security requirements. https://github.com/CoReason-AI/python_template/d5e6d812dadbccfc60c2923211b13e5e975510dd
* fix: replace monolithic ci-cd with modular github actions workflows
- Delete `ci-cd.yml`, `publish.yml`, and `docker.yml`.
- Add `ci.yml` for linting, diff-sast, and testing matrices.
- Add `release.yml` for PyPI publishing and Sigstore signing.
- Add `security.yml` for pip-audit dependency scanning via cron.
- Add auxiliary configurations: `renovate.json` and `codecov.yml` with strict thresholds.
- Wrap new workflows in Jinja `{% raw %}` syntax to allow successful cookiecutter generation.
https://github.com/CoReason-AI/python_template/682a3b8595ba492729157dc1325b86a41b647402
Removes `uv.lock` from the generated `.gitignore` template and reorders the post-generation hooks so that `uv sync` is executed before the initial `git commit`, guaranteeing that the lockfile is properly tracked by git. This fixes downstream Docker builds that depend on the lockfile. https://github.com/CoReason-AI/python_template/d98393a2b75a38f5f20de48af49ba09f9c82becc Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai>
* refactor: Structural Template Refactoring - Consolidated AI Rules from `.clinerules` and `.cursorrules` into `AGENTS.md`. - Replaced `.clinerules` and `.cursorrules` contents with a pointer to `AGENTS.md`. - Moved `AUDIT.md` and `CI_CD_STRATEGY.md` to `docs/` folder. - Added `.env.example`, `tests/__init__.py`, and `CHANGELOG.md` with standard Prosperity Public License 3.0 headers. - Verified `.dockerignore` has `!uv.lock` for proper docker builds. - Refactored `swarm_watchdog.py` to correctly check for contamination in the newly moved `AUDIT.md` and `CI_CD_STRATEGY.md` files. --------- https://github.com/CoReason-AI/python_template/4a34d88e638cdfea47f35ced6a00c729aaee090b
…88) During refactoring, these template-specific documentation files were incorrectly moved to the `{{cookiecutter.project_slug}}/docs/` directory meant for generated projects. This commit restores them to the root directory where they correctly document the template repository itself. Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai>
…89) (#90) * refactor: remove opinionated architecture checks - Deleted `scripts/evaluate_architecture.py` - Removed `security-sast` job from `.github/workflows/ci.yml` - Updated `test-ubuntu` and `test-extended` CI jobs to remove dependencies on `security-sast` - Verified `CODEOWNERS` does not contain references to the deleted script - Deleted `scripts/semantic_diff.py` and `scripts/swarm_watchdog.py` - Removed the `scripts/` directory entirely - Removed the `/scripts/` entry from `CODEOWNERS` - Cleaned up CI workflow by removing the `security-sast` job and updating test dependencies Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai>
* chore: finalize template polish and clean up AI instructions
- Cleaned up AI instructions in `{{cookiecutter.project_slug}}/.github/copilot-instructions.md` to point to `AGENTS.md`.
- Added standard `.env.example` boilerplate to support 12-factor architecture.
- Added standard `pytest.ini` boilerplate to support testing.
* refactor: dockerfile architecture for standard virtualenv
40a3a45
- Renamed `release.yml` to `publish.yml` to match the expected CI/CD pipeline structure. - Removed the `Programming Language :: Python :: 3.14` classifier from `pyproject.toml` to fix PyPI package deployment issues. - Added `[tool.hatch.version]` configuration with `source = "vcs"` to `pyproject.toml`. Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai>
Updated pyproject.toml to resolve the versioning conflict by adding `hatch-vcs` to `[build-system] requires` and enabling dynamic versioning for `[project] dynamic` instead of hardcoding `version = "0.1.0"`. Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai>
* docs(agents): integrate CoReason strict AI guardrail directives - Prepend legal and IP protection XML envelope - Add AST-Native Semantic Anchoring docstring protocols - Inject Anti-CRUD naming mandates - Enforce Data Determinism serialization requirements - Append Mandatory Pre-Flight Checklist for workflow validation * chore(cookiecutter): update copyright year to 2026 Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai> https://github.com/CoReason-AI/python_template/7a9003ba745d02e29b193929b9e09737e835c1c7
- Added `pages: write` permission to `publish.yml` - Added `upload-pages-artifact` step after the `Build Docs` step - Added `deploy-pages` job to handle deployment to github pages environment Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai> 60b5c58
Update AGENTS.md to enforce strict architectural constraints from the CoReason Shared Kernel protocol. - Replace the legal directive block with comprehensive anti-extraction rules and license compliance mandates. - Inject the "Strict Lexical Architecture (Naming Directives)" section before "Code Style & Quality", replacing the legacy Anti-CRUD bullet. - Append a mandatory "Property-Based Edge Cases" bullet point to enforce hypothesis testing under the "Testing Guidelines". Co-authored-by: Gowtham Rao MD PhD <gowtham.rao@coreason.ai>
* feat: enable parallel testing in template via pytest-xdist
Updates `pyproject.toml` in `{{cookiecutter.project_slug}}` to append `-n auto` to the pytest `addopts`. This utilizes the `pytest-xdist` plugin (already in dependencies) to execute tests concurrently across available cores. Verified by rendering the template locally and executing `pytest`.
* feat: add `llms.txt` for AI discoverability
Creates an `llms.txt` file in the generated `{{cookiecutter.project_slug}}` directory to serve as a root-level entry point for AI crawlers. This outlines system directives governing structural limits, licensing (PPL 3.0), core tooling (`uv`, `ruff`, `mypy`), and logging bounds (`loguru`). Tested via generating a local template instance.
0a55b68
Tempdevelop
Tempdevelop
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR modernizes the
python_templateto align perfectly with the 2026+ CoReason "Shared Kernel" ecosystem. It completes the migration to the Zensical documentation engine, establishes a cutting-edge execution environment, and injects strict, machine-readable architectural directives intoAGENTS.mdto ensure all downstream generated projects are secure, deterministic, and natively understood by swarm LLMs.Key Changes
3.14t) as the strict runtime baseline.uvas the exclusive, lightning-fast dependency and project manager.mkdocsand legacy plugins, fully replacing them withzensicalandmkdocstrings-python.mkdocs.ymlwith the new, Jinja-templatedzensical.tomlconfiguration.AGENTS.md):<legal_directive>(Rules 5 & 6) to actively prevent downstream AI agents from unauthorized extraction or laundering of CoReason IP....Intent,...Event) to maintain pristine vector space embeddings.hypothesislibrary for property-based edge-case testing on Pydantic schemas.Impact
Any new repository generated from this template will now be born as a 100% CoReason-compliant node, featuring state-of-the-art Python 3.14+ execution, ultra-fast
uvresolution, and ironclad prompt-level security against architectural drift.