feat(python-sdk): samvad 0.1.0 — Python port of the SAMVAD protocol SDK#2
Merged
feat(python-sdk): samvad 0.1.0 — Python port of the SAMVAD protocol SDK#2
Conversation
…ext aliases, default by_alias
…ewline, param order, safe verify
Adds spec/test-vectors/ with a generator (generate.mts) that calls the actual TS SDK signRequest, and vectors.json with 3 signed cases covering ASCII, UTF-8, and nested JSON bodies. The Python SDK will verify these in Task 6 to prove wire compatibility.
…k store auto-sweep
…r sanitization - Add NonceStore.check() (non-mutating) and commit() methods; check_and_add() now delegates to both - Update verify_middleware pipeline: call check at step 1, commit after signature passes (step 3.5) so failed rate-limit/sig checks don't burn the nonce slot - Add test_bad_signature_rejected: known peer signed with wrong key must return AUTH_FAILED - Move import datetime to module-level (fix 3) - Sanitize SCHEMA_INVALID envelope error — no longer leaks Pydantic field details (fix 4) - Fix malformed timestamp error code: REPLAY_DETECTED → SCHEMA_INVALID (fix 5)
Expands __init__.py to re-export all public symbols (Agent, AgentClient, SamvadError, ErrorCode, create_verify_middleware, VerifyResult, and all types). Adds test_integration.py with three ASGI round-trip tests covering the happy path, replay rejection, and unknown-peer rejection.
Add PyPI badge, Python SDK section to repo layout, Python dev commands. Update sdk-python/README.md with full quickstart and AgentClient example.
…Limiter/TaskStore InMemoryNonceStore.check() now atomically reserves the nonce slot under asyncio.Lock, eliminating the TOCTOU race between check() and commit(). Added rollback() so rate-limited requests release the reservation (allowing client retry with the same nonce). RateLimiter and TaskStore guard all mutating methods with threading.Lock for safety under threading and future refactors. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…e compat, isawaitable - verify_middleware: add Step 3.7 delegation token verification (checks issuer is known peer, sub matches sender, skill is in scope); replace hasattr(__await__) with inspect.isawaitable - server: add Content-Digest guard to agent_stream endpoint (matching agent_message/agent_task); expand health to return protocolVersion/agentVersion/uptime; rewrite intro as text/markdown matching TypeScript SDK - tests: add test_valid_delegation_token_passes, test_forged_delegation_token_rejected, test_delegation_scope_mismatch_rejected; update test_intro_200 for text/markdown response Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…er AssertionError, dynamic vector parametrize
…odes, §7 pipeline order, §L2-L5 security
…odes, §7 pipeline order, §L2-L5 security
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
packages/sdk-python/— a complete Python port of@samvad-protocol/sdk0.5.0, published assamvadon PyPIexamples/basic-agent-py/(Starlette, no FastAPI) and CI matrix for Python 3.10/3.11/3.12What's in this PR
New package:
packages/sdk-python/(samvadon PyPI)Mirrors the TypeScript SDK module-for-module:
errors.pySamvadError+ErrorCodeenumtypes.pykeys.pysigning.pynonce_store.pyrate_limiter.pyskill_registry.pyinjection_scanner.pydelegation.pycard.pytask_store.pystream.pyverify_middleware.pyserver.pyagent.pyAgentbuilderagent_client.pyAgentClientwithcall/task/streamverify_middleware.pycreate_verify_middlewarefor framework-agnostic useSecurity pipeline
Same ordering as the TypeScript SDK — cheap rejections first, expensive last:
check()(non-mutating — prevents nonce burn before auth)commit()(only after sig passes)Cross-SDK wire compatibility
spec/test-vectors/vectors.jsoncontains 3 cases signed by the TypeScript SDK.tests/test_cross_sdk_vectors.pyverifies them with the Python implementation. All pass.New files
packages/sdk-python/— full SDKspec/test-vectors/vectors.json— cross-SDK signing vectorsexamples/basic-agent-py/— minimal echo agent.github/workflows/ci.yml— Python 3.10/3.11/3.12 matrix jobTest plan
cd packages/sdk-python && pip install -e ".[dev]" && pytest -v→ 147 tests passruff check src tests→ cleanpytest tests/test_cross_sdk_vectors.py -vpytest tests/test_integration.py -v(happy path, replay rejection, unknown peer)python -m build && twine check dist/*🤖 Generated with Claude Code