Metadata-Version: 2.4
Name: verity-audit
Version: 1.4.1
Summary: Verity - AI Governance Through Enforcement (API + CLI + live audit SDK)
Author-email: Verity <verityappassist@gmail.com>
Project-URL: Homepage, https://verity.ai
Project-URL: Documentation, https://verity.ai/docs
Project-URL: Repository, https://github.com/verity/verity-audit
Project-URL: Issues, https://github.com/verity/verity-audit/issues
Keywords: ai,governance,fairness,audit,compliance,ml,machine-learning
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Science/Research
Classifier: Topic :: Scientific/Engineering :: Artificial Intelligence
Classifier: Topic :: Software Development :: Quality Assurance
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Requires-Python: <3.14,>=3.11
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: fastapi>=0.104.0
Requires-Dist: uvicorn[standard]>=0.24.0
Requires-Dist: mangum>=0.17.0
Requires-Dist: bcrypt>=4.0.0
Requires-Dist: python-jose[cryptography]>=3.3.0
Requires-Dist: passlib[bcrypt]>=1.7.4
Requires-Dist: email-validator>=2.0.0
Requires-Dist: firebase-admin>=6.0.0
Requires-Dist: stripe>=7.0.0
Requires-Dist: requests>=2.31.0
Requires-Dist: aiohttp>=3.9.0
Requires-Dist: python-multipart>=0.0.6
Requires-Dist: python-dotenv>=1.0.0
Requires-Dist: pyyaml
Requires-Dist: rich>=13.0.0
Requires-Dist: reportlab>=4.0.0
Requires-Dist: pandas>=2.0.0
Requires-Dist: numpy>=1.24.0
Requires-Dist: scikit-learn>=1.3.0
Requires-Dist: shap>=0.50.0
Requires-Dist: joblib>=1.3.0
Requires-Dist: xgboost>=2.0.0
Requires-Dist: lightgbm>=4.0.0
Requires-Dist: catboost>=1.2.0
Provides-Extra: live
Requires-Dist: openai>=1.30.0; extra == "live"
Requires-Dist: anthropic>=0.25.0; extra == "live"
Requires-Dist: google-genai>=1.0.0; extra == "live"
Dynamic: license-file

# Verity - AI Governance Through Enforcement

Complete AI model audit system with CI/CD integration, evidence storage, and regulator-ready exports.

## Quick Start

### Install Dependencies

```bash
# Install root dependencies (concurrently)
npm install

# Install website and dashboard dependencies
npm run install:all
```

### Run Everything

```bash
# Run website, dashboard, and API together
npm run dev:all
```

This will start:

- **Website**: http://localhost:3000
- **Dashboard**: http://localhost:3001
- **API**: http://localhost:8000

### Run Individual Services

```bash
# Just the website
npm run dev:website

# Just the dashboard
npm run dev:dashboard

# Just the API
npm run dev:api
```

## Project Structure

```
ai-audit-ci/
├── audit/              # CLI audit tool
│   ├── cli.py         # Main CLI interface
│   ├── metrics.py      # Fairness metrics
│   ├── evidence.py    # Report generation
│   └── export.py      # PDF/JSON exports
├── api/                # FastAPI backend
│   ├── main.py        # API server
│   ├── database.py    # Database models
│   ├── routes/        # API routes
│   └── manage.py      # Management CLI
├── website/            # Marketing website (React)
│   └── src/
│       ├── pages/     # Website pages
│       └── components/
└── dashboard/          # Dashboard app (React)
    └── src/
        ├── pages/     # Dashboard pages
        └── components/
```

## Features

### Core Audit Tool

- ✅ Fairness metrics (demographic parity, equal opportunity, disparate impact)
- ✅ SHA-256 hashing for all artifacts
- ✅ Immutable audit reports
- ✅ GitHub Actions integration
- ✅ Regulator-ready PDF/JSON exports

### API & Evidence Store

- ✅ User authentication
- ✅ Organization & project management
- ✅ API key management
- ✅ Append-only audit storage
- ✅ Commit context tracking
- ✅ Policy versioning

### Dashboard

- ✅ Project overview with statistics
- ✅ Audit timeline visualization
- ✅ Trend charts
- ✅ Policy management
- ✅ Regulator portal (Enterprise)

### Website

- ✅ Dark, professional design
- ✅ Responsive layout
- ✅ Animated interactions
- ✅ Enterprise messaging

## Development

### Prerequisites

- Python 3.11+
- Node.js 18+
- npm or yarn

### Setup

1. **Install Python dependencies:**

```bash
cd ai-audit-ci
pip install -r requirements.txt
```

2. **Install Node dependencies:**

```bash
npm run install:all
```

3. **Initialize database:**

```bash
cd api
python -m api.main
```

4. **Run all services:**

```bash
npm run dev:all
```

## Usage

### Run an Audit

```bash
cd ai-audit-ci
python -m audit.cli run --config examples/tabular/config.yml
```

### Upload Audit Evidence

Set environment variables:

```bash
export VERITY_UPLOAD_TOKEN=your_project_upload_token
export VERITY_API_URL=https://verityai-production.up.railway.app
```

Then run with upload:

```bash
python -m audit.cli run --config config.yml --upload
```

### GitHub Actions

Add to `.github/workflows/audit.yml`:

```yaml
name: AI Governance Audit (Verity)
on: [pull_request]
jobs:
  audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.11"
      - run: |
          pip install verity-audit
          verity run --config config.yml --upload
        env:
          VERITY_UPLOAD_TOKEN: ${{ secrets.VERITY_UPLOAD_TOKEN }}
          DATASET_URL: ${{ secrets.DATASET_URL }} # For datasets not in repo
          GITHUB_SHA: ${{ github.sha }}
          GITHUB_REF_NAME: ${{ github.ref_name }}
          GITHUB_REPOSITORY: ${{ github.repository }}
```

**Note:** For datasets stored outside the repository (S3, GCS, etc.), see [CI/CD Dataset Patterns](docs/CI_DATASET_PATTERNS.md) for configuration options.

### Live audit SDK (production LLM calls)

Live audits are **automatic** via swap-in clients only: install the package, set env vars, replace the vendor client with a Verity wrapper.
There is no separate “send audit” call — prompts and completions are captured on a **non-blocking** side channel to `POST /v1/live-audits`.

```bash
pip install "verity-audit[live]"
```

Use your project upload token (same as CLI uploads). You can set either name:

```bash
export VERITY_API_KEY=your_project_upload_token
# or: export VERITY_UPLOAD_TOKEN=...
export VERITY_API_URL=https://verityai-production.up.railway.app
```

**Public facade (`verity` package)**

```python
from verity import VerityOpenAI

client = VerityOpenAI(
    openai_api_key="...",
    verity_api_key="...",  # or rely on VERITY_API_KEY / VERITY_UPLOAD_TOKEN in the environment
)
resp = client.chat.completions.create(
    model="gpt-4o-mini",
    messages=[{"role": "user", "content": "Hello"}],
)
```

Async: `from verity import VerityAsyncOpenAI`. Anthropic: `VerityAnthropic` / `VerityAsyncAnthropic`. Gemini (`google.genai`): `VerityGemini`.

**Lower-level module** (`verity_live`) — same behavior with `api_key` + optional `verity_upload_token` / `verity_api_url` (or env vars above).

## API Endpoints

- `POST /v1/audits` - Upload audit evidence
- `GET /v1/audits/{audit_id}` - Retrieve audit
- `POST /auth/signup` - Create account
- `POST /auth/login` - Sign in
- `GET /dashboard/orgs/{org_id}/projects` - List projects
- `GET /dashboard/projects/{project_id}/audits` - Get audit history
- `GET /dashboard/projects/{project_id}/trends` - Get trend data

See `api/README.md` for full API documentation.

## License

Proprietary - All rights reserved
