Metadata-Version: 2.4
Name: compliance-checkkit
Version: 0.1.0
Summary: A small Python toolkit for defining and evaluating compliance checklists.
Project-URL: Homepage, https://github.com/your-username/compliance-checkkit
Project-URL: Repository, https://github.com/your-username/compliance-checkkit
Project-URL: Issues, https://github.com/your-username/compliance-checkkit/issues
Author: Bharath Janumpally
License-Expression: MIT
License-File: LICENSE
Keywords: audit,checklist,compliance,controls,security
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Python: >=3.9
Requires-Dist: pyyaml>=6.0.1
Provides-Extra: dev
Requires-Dist: build>=1.2; extra == 'dev'
Requires-Dist: pytest>=8.0; extra == 'dev'
Requires-Dist: ruff>=0.6; extra == 'dev'
Requires-Dist: twine>=5.0; extra == 'dev'
Description-Content-Type: text/markdown

# compliance-checkkit

`compliance-checkkit` is a small Python library and CLI for defining compliance
controls, attaching evidence, and producing simple pass/fail reports.

It is designed for early audit automation, internal readiness checks, and CI
gatekeeping where a lightweight checklist is enough.

## Install

```bash
pip install compliance-checkkit
```

For local development:

```bash
python -m pip install -e ".[dev]"
```

## Quick Start

Create a checklist:

```yaml
id: soc2-lite
name: SOC 2 Readiness
controls:
  - id: access-review
    title: Quarterly access reviews are completed
    required: true
    checks:
      - evidence_key: access_review_completed
        equals: true
  - id: incident-plan
    title: Incident response plan exists
    required: true
    checks:
      - evidence_key: incident_response_plan_url
        present: true
```

Create evidence:

```json
{
  "access_review_completed": true,
  "incident_response_plan_url": "https://example.com/plan"
}
```

Run the CLI:

```bash
compliance-checkkit evaluate checklist.yml evidence.json
```

Use the library:

```python
from compliance_checkkit import evaluate_files

report = evaluate_files("checklist.yml", "evidence.json")
print(report.summary.status)
```

## Checklist Format

Each control contains one or more checks. A control passes only when all of its
checks pass.

Supported check fields:

- `evidence_key`: key to read from the evidence file
- `present: true`: value must be present and non-empty
- `equals`: value must equal the expected value
- `contains`: value must contain the expected item or substring
- `one_of`: value must be one of the listed values

## Publish

Update the package metadata in `pyproject.toml`, especially the GitHub URLs, then:

```bash
python -m pip install -e ".[dev]"
python -m pytest
python -m build
python -m twine upload dist/*
```

For a safer first release, publish to TestPyPI:

```bash
python -m twine upload --repository testpypi dist/*
```

## License

MIT
