Metadata-Version: 2.4
Name: consiliency-canon-core
Version: 0.1.0
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Rust
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security :: Cryptography
Summary: Canon v2 canonicalization engine — the shared byte/digest truth for Consiliency certificates
Keywords: canonicalization,consiliency,canon,digest
Author: Consiliency
License-Expression: MIT
Requires-Python: >=3.10
Description-Content-Type: text/markdown; charset=UTF-8; variant=GFM
Project-URL: Homepage, https://github.com/Consiliency/spec
Project-URL: Repository, https://github.com/Consiliency/spec

# canon-core packaging (PKG)

Dual-published canonicalization engine — the shared byte/digest truth every Consiliency
certificate hashes. Same Rust engine (`src/lib.rs`), two distributions:

| Distribution | Tool | Name | Consumer | Entry points |
|---|---|---|---|---|
| PyPI | maturin (`pyproject.toml`) | `consiliency-canon-core` (imports as `canon_core`) | Python | `canonical_bytes_from_json(tagged_json)`, `digest_from_json(tagged_json, profile)` |
| npm | wasm-pack (`Makefile.packaging`) | `@consiliency/canon-core` (Node target) | governed-pipeline (JS) | `canonicalBytesFromJson(taggedJson)`, `digestFromJson(taggedJson, profile)` |

**Surface is tagged-JSON *text*, not a raw value** — this is load-bearing for byte-identity:
a lone surrogate serializes to the ASCII escape `\ud800`, survives UTF-8 marshalling, and
`serde_json` rejects it at parse (SPEC §5.0). Consumers MUST feed tagged-JSON text produced
by a validating encoder, never a raw host string (see the GP-canon design doc). Both packages
ship the shared `canon-vectors.json` corpus so consumers can self-verify parity.

## Local build
    make -f Makefile.packaging all      # needs: maturin, wasm-pack, wasm32 target

## Publish
Push a `canon-core-v<version>` tag → `.github/workflows/publish-canon-core.yml` builds +
publishes both via OIDC. One-time registry setup (see the workflow header) is a USER action:
claim the PyPI project + the npm `@consiliency` scope and register the trusted publishers.

