Metadata-Version: 2.4
Name: monora
Version: 1.4.0
Summary: Lightweight governance and trace SDK for AI systems
Home-page: https://github.com/monora/monora
Author: Monora Team
Author-email: Monora Team <info@monora.ai>
License: MIT
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Python: >=3.9
Description-Content-Type: text/markdown
Requires-Dist: click>=8.0.0
Provides-Extra: dev
Requires-Dist: pytest>=7.0.0; extra == "dev"
Requires-Dist: pytest-mock>=3.10.0; extra == "dev"
Requires-Dist: black>=23.0.0; extra == "dev"
Requires-Dist: ruff>=0.1.0; extra == "dev"
Provides-Extra: yaml
Requires-Dist: pyyaml>=6.0; extra == "yaml"
Provides-Extra: https
Requires-Dist: requests>=2.28.0; extra == "https"
Dynamic: author
Dynamic: home-page
Dynamic: requires-python

# Monora v1 SDK

**Lightweight governance and trace SDK for AI systems**

Monora provides minimal viable trust through immutable event logs, policy enforcement, and comprehensive auditability for LLM applications.

## Features

- **🔒 Immutable Event Logs**: Cryptographic hash chains for tamper detection
- **📋 Policy Enforcement**: Model allowlists/denylists with data classification controls
- **🧭 Provider Registry**: Explicit model-to-provider mapping with unknown-model alerts
- **🧾 Versioned Registry**: Registry versioning, history, and provider deprecation metadata
- **🔍 Full Auditability**: JSON-lines event logs with CLI reporting tools
- **📎 Auto Reports**: Compliance artifacts generated at trace completion with trust summaries
- **📦 Trust Packages**: One-shot vendor export with compliance, config snapshot, and hash-chain proof
- **⚡ Non-blocking**: Background worker with bounded queue for zero user-code latency
- **🎯 Simple API**: Decorator-based interface with sensible defaults
- **🧩 Auto-Instrumentation**: Optional OpenAI/Anthropic patching for drop-in logging
- **✅ Completeness Checks**: Event sequencing and security review reports
- **🔌 Pluggable Sinks**: Stdout, file, and HTTPS endpoints
- **🚨 Violation Alerts**: Callback or webhook notifications for policy violations
- **🧹 Data Handling**: Regex redaction rules tied to data classifications
- **🛡️ Signed Attestations**: Optional GPG-signed security review bundles

## Installation

```bash
pip install -e .

# With YAML config support
pip install -e ".[yaml]"

# With HTTPS sink support
pip install -e ".[https]"

# Development dependencies
pip install -e ".[dev]"
```

## Quick Start

### Minimal Example (Dev Mode)

```python
import monora

# Initialize with defaults (stdout logging, no policies)
monora.init()

@monora.llm_call(purpose="customer_support")
def ask_gpt(prompt: str, model: str = "gpt-4o-mini"):
    # Your LLM call here
    return {"response": "Hello!"}

# Use trace context for grouping events
with monora.trace("ticket_123"):
    response = ask_gpt("How do I reset my password?")
```

### Guided Setup (Wizard)

```bash
monora init
```

This generates a `monora.yml` you can edit and pass to `monora.init(config_path="monora.yml")`.

### Validate & Diagnose

```bash
monora validate --config monora.yml
monora doctor --config monora.yml
```

### Export Vendor Trust Package

```python
trust_package = monora.export_trust_package(
    trace_id="trace-123",
    input_path="events.jsonl",
    config_path="monora.yml",
)
```

See README.md for full documentation and examples.

## Testing

```bash
pytest
```

## License

MIT
