Metadata-Version: 2.4
Name: cra-compliance-kit
Version: 1.0.0
Summary: CRA Compliance Kit for IoT Devices
Author-email: StarTeQ Ltd <sydney@starcaller.uk>
License-Expression: MIT
Project-URL: Homepage, https://starcaller.uk/cra-compliance
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security
Classifier: Programming Language :: Python :: 3
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Dynamic: license-file

# CRA Compliance Kit for IoT Devices

Meet EU Cyber Resilience Act requirements in one pip install.
**Vulnerability reporting deadline: September 11, 2026**

## Quickstart

pip install cra-compliance-kit

from cra_kit.identity import DeviceIdentityService
from cra_kit.firmware import FirmwareHealthService
python -m sbom.generator --output sbom.xml

## Open Modules (MIT)
- identity.py - 5-tier device trust with certificate auth
- firmware.py - CVE matching + version gating
- input_guard.py - Input classification + injection detection
- action_guard.py - Hard-blocked and confirm-required actions
- sbom/generator.py - CycloneDX 1.5 SBOM generation

## Commercial Modules (paid license)
- provenance.py - HMAC-SHA256 audit chain
- guardian.py - Security health scoring 0-100
- baselines.py - Anomaly detection
- signing.py - Inter-service request signing

## Pricing: Dev 500/yr | Pro 1,500/yr | Enterprise 7,500/yr
