Metadata-Version: 2.4
Name: open-refinery
Version: 0.1.0
Summary: A factory for producing artifacts under governance — provenance, ownership, authorization, and an append-only audit trail on every output.
Project-URL: Homepage, https://github.com/tacoda/open-refinery
Project-URL: Repository, https://github.com/tacoda/open-refinery
Author-email: Ian Johnson <ian@tacoda.dev>
License: MIT
License-File: LICENSE
Keywords: audit,factory,governance,observability,provenance
Classifier: Development Status :: 3 - Alpha
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Topic :: Software Development :: Libraries
Requires-Python: >=3.11
Provides-Extra: dev
Requires-Dist: pytest>=8.0; extra == 'dev'
Description-Content-Type: text/markdown

# open-refinery

A factory for producing artifacts under governance. Every output carries its
**provenance**, an **owner**, and an **audit trail**; every production is
**authorized** before it runs and **logged** as it happens.

> Status: **0.1.0 — proof of concept.** The core loop (authorize → produce →
> record → audit) is real and tested. Policy-based governance, richer
> observability, and pluggable sinks are on the roadmap.

## Install

```bash
uv add open-refinery       # or: pip install open-refinery
```

## Use

```python
from open_refinery import Factory

factory = Factory()

@factory.recipe("upper")
def upper(text: str) -> str:
    return text.upper()

artifact, record = factory.produce("upper", actor="ian", text="hello")
# artifact -> "HELLO"
# record   -> Record(recipe="upper", actor="ian", owner="ian",
#                    artifact_id=..., input_digest=..., output_digest=..., created_at=...)
```

Try the demo CLI:

```bash
uv run open-refinery --actor ian --text hello
```

## Pillars

| Pillar          | Where it lives                                              |
|-----------------|-------------------------------------------------------------|
| Authorization   | `Authorizer` (`AllowAll`, `AllowList`) — checked before produce |
| Provenance      | `Record` — recipe, actor, timestamp, input/output digests   |
| Ownership       | `owner` on every record (defaults to the actor)             |
| Auditability    | `AuditSink` (`MemorySink`, `JsonlSink`) — append-only trail  |
| Logging         | stdlib `logging`, logger name `open_refinery`               |
| Observability   | *(roadmap)* read-model / metrics over the audit trail       |
| Governance      | *(roadmap)* policy layer that constrains what may be produced |

## Durable audit trail

```python
from open_refinery import Factory, JsonlSink

factory = Factory(audit=JsonlSink("audit.jsonl"))
```

Each production appends one JSON line — a replayable record of who produced
what, from which inputs, and when.

## Development

```bash
uv sync --extra dev
uv run pytest
```

See [CONTRIBUTING.md](CONTRIBUTING.md) and [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md).

## License

[MIT](LICENSE) © Ian Johnson
