v0.1.0 #24
OpenComplaiCTO
announced in
Announcements
v0.1.0
#24
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Opencomplai Community Edition v0.1.0
Initial public release — deterministic, rule-based EU AI Act risk classification and compliance tooling, shipped as code rather than spreadsheets and “it depends.”
v0.1.0v0.1.0d2e783cThis tree is the first public drop of the Community Edition. There was no meaningful prior public history; the entire product surface lands in one commit. Packages are pre-release — install from source (PyPI publish for v0.1.0 was intended to follow once CI was stable on this tree).
Highlights
opencomplai checkwritescompliance-artifact.json(ScanStatusArtifact).opencomplai checker --local.~/.opencomplai/;--signonopencomplai check.scripts/verify-sbom.sh); AI-package CI gate.What's included
packages/core— classification engineDeterministic, rule-based risk classification. Input:
SystemManifest. Output:RiskResult(classification, applicable obligations, reasoning chain).Four checks against Act text:
UnacceptableRiskRuleAnnexIIIClassifierRuleProfilingDetectionRuleSubstantialModificationRuleAlso in core: compliance checker engine, dossier, eval engine (bias / leakage / safety evaluators), repo scanner / detectors, signing, state machine, verification, telemetry, purge.
packages/cli— developer workflowopencomplai initopencomplai checkcompliance-artifact.jsonopencomplai checker--local)opencomplai verify-outputopencomplai docs generateopencomplai sync metadataopencomplai risk classifyopencomplai validate-manifestopencomplai dashboardpackages/sdk-python— pip-installable surfaceExports:
ScanStatusArtifact,SystemManifest,RiskResult,AssessmentInput,ModelMetadata.services/— hosted multi-tenant pathpackages/coreLedgerEvents + content-addressed artifact store;/v1/evidence/verify-chainEGRESS_ALLOWED_DESTINATIONS); fail-closed by defaultgateway-api routes include:
/v1/sync/metadata/v1/docs/generate/v1/verify/claims/v1/evidence/events/v1/risk/classify/v1/manifests/validateInfra
infra/compose— Docker Compose: five services + PostgreSQL, Redis, Prometheus, Grafana. Copy.env.example→.env, add API key,docker compose up.infra/migrations— Alembic schema for the vault.infra/docker— Dockerfiles per service.Docs
Published via MkDocs at docs.opencomplai.com:
opencomplai checker --local.Samples & community
examples/sample-systemCONTRIBUTING.md,CLA.md,SECURITY.md,CODE_OF_CONDUCT.mdContractual guarantees
CLI exit codes (stable for CI)
0PASS1CONTROL_FAIL2VALIDATION_FAIL3POLICY_BLOCK4TRAP_DETECTED(unacceptable-risk prohibition)CI pipelines may branch on these exit codes without parsing JSON.
Canonical artifact
opencomplai checkwritescompliance-artifact.json(ScanStatusArtifact) as the canonical CI gate output.Security & design principles
docs/security/ai-inventory.md.egress-proxyallowlists outbound destinations (EGRESS_ALLOWED_DESTINATIONS); default deny (air-gap ready)./v1/evidence/verify-chain.~/.opencomplai/; optional--signonopencomplai check.scripts/verify-sbom.sh.ci-python.yml— ruff lint; tests for every Python package/service; live CLI self-test; DLP invariant verification;pip-audit; AI-package gate.docs-build.yml— MkDocs + checker widget.Getting started
Compose stack: copy
infra/compose/.env.example→.env, add an API key, thendocker compose up.Full documentation: docs.opencomplai.com
Known limitations / pre-release notes
Breaking changes / migration
N/A — initial release. No prior public version to migrate from. Consumers adopting v0.1.0 are establishing a first baseline.
Editions
License & contributing
CONTRIBUTING.mdandCLA.mdSECURITY.mdCODE_OF_CONDUCT.mdLinks
Commit title: Initial public release — Opencomplai v0.1.0
This discussion was created from the release v0.1.0.
Beta Was this translation helpful? Give feedback.
All reactions