evidentia

Upgrade path is documented in CHANGELOG.md (https://github.com/allenfbyrd/evidentia/blob/main/CHANGELOG.md) with per-release "Changed", "Fixed", "Removed" sections following Keep a Changelog 1.1.0. SemVer adherence (pre-1.0: minor bumps for new feature surface, patches for fixes) means breaking changes carry an explicit Deprecation notice in the prior release. Supported-versions matrix documented in SECURITY.md. Older versions remain installable from PyPI for the duration of their security-supported window.

GitHub Issues is the project's issue tracker: https://github.com/allenfbyrd/evidentia/issues. Issue templates for bug reports and feature requests live at https://github.com/allenfbyrd/evidentia/tree/main/.github/ISSUE_TEMPLATE.

No external vulnerability reports have been received in the last 12 months. Upstream-CVE remediations (e.g., PR #8 addressing litellm + python-multipart) credited the upstream advisory IDs (GHSA-r75f-5x8p-qvmc + 3 others) in the commit + CHANGELOG entry. A "Security Acknowledgments" section will be added to SECURITY.md the first time an external reporter is involved.

Vulnerability response process is documented in https://github.com/allenfbyrd/evidentia/blob/main/SECURITY.md with: 3-business-day initial acknowledgement SLA, 10-business-day triage SLA, 90-day coordinated disclosure window (shortenable if upstream fixes exist, lengthenable by reporter agreement), in-scope and out-of-scope definitions, supported-versions matrix, and pointers to PEP 740 attestation + Sigstore/Rekor verification commands. Internal handling steps (triage → fix → CVE assignment → coordinated release → post-mortem) are documented in docs/release-checklist.md.

Coding standards are documented in CONTRIBUTING.md (https://github.com/allenfbyrd/evidentia/blob/main/CONTRIBUTING.md) and ruff config (https://github.com/allenfbyrd/evidentia/blob/main/pyproject.toml): Python 3.12+ following PEP 8 (enforced by ruff E/W rules), PEP 257 docstrings, isort import ordering (ruff I), pyflakes hygiene (F), pyupgrade modernization (UP), flake8-bugbear common-bug rules (B), flake8-simplify simplifications (SIM). Type annotations are required everywhere (mypy strict). Pydantic v2 models for all external inputs (extra="forbid"). TypeScript frontend uses ESLint + Prettier (config in packages/evidentia-ui/).

ruff (Python) + mypy strict (Python types) + ESLint (TypeScript) + Prettier (TypeScript formatting) all enforced as required CI status checks on every push and PR via https://github.com/allenfbyrd/evidentia/blob/main/.github/workflows/test.yml. Pre-commit hooks (https://github.com/allenfbyrd/evidentia/blob/main/.pre-commit-config.yaml) catch issues before commit-time.

Pure Python + TypeScript, no native binaries.

Pure Python; debug info is implicit via traceback.

uv workspace builds packages atomically; no recursive Make pattern.

Builds are deterministic given uv.lock pinning. uv.lock (https://github.com/allenfbyrd/evidentia/blob/main/uv.lock) pins every transitive dependency by hash. Wheel building via hatchling is deterministic given fixed inputs. CI rebuilds on each commit produce reproducible artifacts (verifiable by re-running release.yml against a tag — same wheel hashes emerge).

Standard Python install: pip install evidentia (or pip install "evidentia[gui]" for full extras). Uninstall: pip uninstall evidentia. Container alternative: docker pull ghcr.io/allenfbyrd/evidentia:latest. Documented in https://github.com/allenfbyrd/evidentia/blob/main/docs/quickstart.md.

Python pip install respects standard --user / --prefix / virtualenv conventions; no autotools-style DESTDIR pattern applies.

Dev bootstrap: git clone ..., then uv sync --all-packages installs all 6 packages + dev deps + tests in one command. Documented in CONTRIBUTING.md (https://github.com/allenfbyrd/evidentia/blob/main/CONTRIBUTING.md). devcontainer support also shipped (https://github.com/allenfbyrd/evidentia/blob/main/.devcontainer/) for one-click VS Code / GitHub Codespaces bring-up.

External dependencies are declared in 7 pyproject.toml files (workspace root + 6 packages) and resolved/locked in https://github.com/allenfbyrd/evidentia/blob/main/uv.lock. CycloneDX SBOM (spec 1.6) is emitted on every release and attached to the GitHub Release for full computer-processable SBOM consumption.

Dependabot scans weekly per https://github.com/allenfbyrd/evidentia/blob/main/.github/dependabot.yml (uv, npm, GitHub Actions, Docker — grouped + security-isolated). osv-scanner runs against the SBOM at every release per docs/release-checklist.md Step 5 (most recent: 0 CVEs at v0.7.8). GitHub Code Scanning + Secret Scanning + Dependency Graph all enabled at the repo level.

All reused dependencies come through standard package managers (PyPI for Python, npm for the frontend, GHCR for container images). Updates flow through Dependabot grouped PRs (config: https://github.com/allenfbyrd/evidentia/blob/main/.github/dependabot.yml). No vendored convenience copies of upstream code.

Codebase is on Python 3.12+ only (no legacy compat shims), Pydantic v2 (current major), latest LangChain/LiteLLM, FastAPI 0.110+, httpx (modern async-capable HTTP). ruff UP rule group continuously surfaces pyupgrade opportunities; backwards-compat hacks are rejected per project standard. Frontend is on Vite 8 + React 18 + TypeScript 5+ (current).

test.yml runs pytest + ruff + mypy + frontend tests on every push to main and every pull request, with success/failure status reported as a required check. Workflow: https://github.com/allenfbyrd/evidentia/blob/main/.github/workflows/test.yml. Run history: https://github.com/allenfbyrd/evidentia/actions.

Per docs/release-checklist.md Step 5 + the pre-release-review v4 process, every fix lands with a regression test. Recent examples: F-V08-DAST-1 / F-V08-DAST-3 (v0.7.8 schema-fidelity fixes) shipped with new pytest cases for the affected endpoints; F-007 (v0.7.7.1 Dockerfile pin) shipped with the docker-run smoke test elevation; F-V08-CR-MEDIUM Snowflake quoted-identifier (v0.7.9 carry-over) shipped with 4 new TestQuotedIdentifierEscape tests; F-V08-CR-MEDIUM Power BI 1MB guard (v0.7.9 carry-over) shipped with 4 new TestPushRowsByteCapBisection tests; v0.7.9 P0.4 Continuous-review HIGH findings (H-1/H-2/H-3/H-4/H-5 + F-V09-S1) shipped with stuck-cursor-guard tests + SIG BYO partial-match test + vendor_id=None ingest test. Test count growth across patch releases (965 → 977 → 1103 → 1259 → 1540) primarily reflects regression tests for fixed bugs + tests for new features.

Met. Statement coverage measured by Codecov (independent FLOSS test-coverage service): 81.87% at v0.7.10 ship, exceeding the 80% threshold. Coverage is published on every push to main via .github/workflows/test.yml (codecov-action@v6.0.0 SHA-pinned). The codecov.yml config locks the project gate at 80% with a 1% per-PR drop threshold so regressions fail CI. Live badge: https://codecov.io/gh/allenfbyrd/evidentia. Coverage scope + omit rationale documented in pyproject.toml [tool.coverage.run]. Tooling: pytest-cov (FLOSS, MIT-licensed) + Codecov upload. https://codecov.io/gh/allenfbyrd/evidentia

CONTRIBUTING.md PR checklist line: "New features include at least one test" — required, not optional. https://github.com/allenfbyrd/evidentia/blob/main/CONTRIBUTING.md. Reinforced by docs/release-checklist.md Step 5 which gates every tag on test additions for new feature surface (a tag cannot be cut if a release includes new public surface without paired tests).

The test-addition policy is documented in the CONTRIBUTING.md PR checklist: https://github.com/allenfbyrd/evidentia/blob/main/CONTRIBUTING.md.

mypy runs with strict = true (config in pyproject.toml) — implies disallow_untyped_defs, disallow_incomplete_defs, check_untyped_defs, disallow_untyped_decorators, no_implicit_optional, warn_redundant_casts, warn_unused_ignores, warn_return_any, no_implicit_reexport, and strict_equality. Pydantic v2 plugin is enabled for full schema validation in type-check. Ruff rule set is broad (8 rule groups). Type-checking covers all 138 source files at zero errors.

Secure-design principles applied throughout the codebase per docs/threat-model.md and docs/security-review-v0.7.9.md:

• Least privilege: GitHub Actions workflows default to read-only permissions with per-job elevation; collector API tokens are scoped to read-only (vendors:read for Vanta, vendor-inventory only for Drata, etc.).
• Fail-safe defaults: Pydantic extra="forbid", offline mode is default-on for the AI module unless explicitly opted in, security-headers default OFF on localhost binds + auto-ON for non-loopback (--security-headers flag).
• Complete mediation: every external input passes through validate_within() / Pydantic validation before reaching business logic; vendor inventory validates UUID-shape IDs at storage layer.
• Separation of privilege: cosign keyless OIDC + Trusted Publisher OIDC (no long-lived secrets to compromise); vendor-risk-collector tokens never flow through CLI args or REST request bodies (env-var only).
• Defense in depth: ruff + mypy + CodeQL + osv-scanner + Scorecard + manual /security-review per release. The v0.7.9 cycle ran THREE Continuous-variant pre-release-reviews mid-cycle (P0.1 close + P0.3+P0.2-first close + P0.4-quartet close) plus the final Pre-tag run at ship — surfacing 18 findings across the cycle (5 inline-fixed HIGH + 1 inline-fixed LOW security + 12 deferred MEDIUM/LOW).
• Input validation as allowlist: Pydantic schemas enumerate accepted shapes; everything else rejected. CSV-injection defenses (CWE-1236) via _csv_safe in TPRM concentration-report + DD-questionnaire CSV/XLSX render paths.
• Cross-host pagination guards: BitSight + Vanta + Drata pagination loops refuse to follow next URLs pointing off-host or to a TLS-downgraded HTTP scheme (CWE-319 defense, v0.7.9 P0.4 Continuous F-V09-S1).

No SHA-1 (for security purposes), no CBC mode in SSH context, no deprecated TLS versions (relies on Python stdlib + httpx defaults which negotiate TLS 1.2+ with AEAD ciphers).

Hash functions: hashlib supports the full SHA-2 (224/256/384/512) and SHA-3 family; Evidentia uses SHA-256 by default but the digest helper at packages/evidentia-core/src/evidentia_core/oscal/digest.py is parameterizable. Sigstore signing supports both ECDSA P-256 and RSA — the cosign CLI lets users pick. TLS cipher selection is delegated to httpx/urllib3 which negotiate from a wide modern AEAD ciphersuite list.

Where Evidentia handles outbound credentials (LLM provider API keys, collector credentials for Postgres/MySQL/Snowflake/Databricks/Tableau/Power BI/Okta/ServiceNow + the v0.7.9 vendor-risk APIs Vanta/Drata/BitSight/SecurityScorecard), they are read from environment variables or external config files (never embedded in code, never accepted via CLI args or REST request bodies). Operator updates the env file; no code recompilation required. Documented in docs/quickstart.md and per-collector docs (sql-collectors.md, cloud-dw-collectors.md, bi-integrations.md, tprm.md).

All outbound network communication is HTTPS / TLS 1.2+ via httpx (LLM provider calls, BI publish API calls) or HTTPS via the SDK clients (databricks-sdk, snowflake-connector-python, etc.). No legacy protocol support (FTP, telnet, plain HTTP for non-localhost) is implemented or exposed.

All TLS connections go through Python's ssl module via httpx/urllib3 which negotiate TLS 1.2 or 1.3 by default against modern endpoints. Older TLS versions are not enabled.

Default certificate verification is on for httpx (verify=True is the default), urllib3, and all collector SDKs (databricks-sdk, snowflake-connector-python, tableau-server-client, etc.). Certificate verification is never disabled in project code; only an operator-set env var would change this behavior.

Same code path as crypto_certificate_verification — httpx and underlying urllib3/ssl perform the TLS handshake (with cert verification) before any application-layer request is sent. Headers including credentials are only emitted after the validated TLS session is established. No project code bypasses this ordering.

Every PyPI release wheel + sdist is signed via Sigstore PEP 740 attestations (keyless OIDC, signed via the Sigstore public good instance and recorded in the Rekor transparency log). Container images are signed by cosign keyless OIDC against the image digest. SLSA L3 build provenance attestations are emitted for every release. Verification commands documented at https://github.com/allenfbyrd/evidentia/blob/main/docs/sigstore-quickstart.md. Private signing keys do not exist on the distribution side (keyless flow), satisfying the "private key not on distribution site" requirement by construction.

All external inputs are validated via Pydantic v2 with extra="forbid" (reject unknown fields). Specific patterns: validate_within() helper for path inputs (CWE-22 prevention); SQL collector queries are parameterized + LIMIT-bounded; Snowflake quoted-identifier escaping per Snowflake's documented double-up convention (v0.7.9 carry-over hardening); YAML loaded via yaml.safe_load (CWE-502 prevention); subprocess calls are shell=False (CWE-78 prevention); LLM provider calls validate the provider/model allowlist before dispatch. Catalog 22-character column-truncation, 17-endpoint schema-fidelity validation, offline-mode enforcement, BitSight/Vanta/Drata/SSC cross-host pagination guards (cross-host + TLS-scheme downgrade refusal per CWE-319), and CSV-injection defenses on TPRM concentration-report + DD-questionnaire user-content cells (CWE-1236 via _csv_safe OWASP single-quote prefix) all act as additional allowlist gates. The Power BI 1MB byte-cap guard (v0.7.9 carry-over) splits batches that exceed Power BI's documented 1MB request-body limit. Documented in docs/threat-model.md and docs/security-review-v0.7.9.md.

Hardening posture:

• Container: distroless-style image (Dockerfile pins python by SHA digest); HEALTHCHECK present; non-root user where applicable.
• HTTP API: FastAPI with Pydantic-validated request models; response headers include strict Content-Type; no stack-trace leakage in error responses (F-002, F-003 fixed in v0.7.7).
• CI: workflow permissions default read-only with per-job elevation; SHA-pinned actions throughout (Scorecard Pinned-Dependencies signal green); CodeQL custom QL pack to suppress validate_within false positives.
• Supply chain: PEP 740 + SLSA L3 + cosign signing closes the publish-side hardening loop.

Assurance case is composed across three documents:

1. Threat model: https://github.com/allenfbyrd/evidentia/blob/main/docs/threat-model.md — ~58 surfaces in 5 tiers (v0.7.9 ships TPRM module + 4 vendor-risk-collector additions to the surface inventory), explicit trust boundaries, in-scope/out-of-scope definitions.
2. Security review (most recent release): https://github.com/allenfbyrd/evidentia/blob/main/docs/security-review-v0.7.9.md — applies CVSS/CWE/EPSS classification to the active surface and demonstrates that secure-design principles have been applied (least privilege, fail-safe defaults, complete mediation, separation of privilege, defense in depth) and common implementation weaknesses have been countered (CWE-22, CWE-78, CWE-89, CWE-502, CWE-209, CWE-319 cross-host TLS-downgrade, CWE-1236 CSV injection, CWE-693 protection-mechanism failure, etc.). The /pre-release-review v4 skill's mandatory /security-review invocations at Steps 3, 4, 6.C produce the input the document synthesizes.
3. Accepted-findings registry: https://github.com/allenfbyrd/evidentia/blob/main/docs/enterprise-grade-accepted-findings.md — documents residual-risk acceptance with explicit rationale.

CodeQL ships with the default security-and-quality query packs which include rules for the OWASP Top 10 and CWE Top 25 (path traversal, SQL injection, XSS, command injection, deserialization vulns, hardcoded credentials, regex DoS, etc.). All these queries run on every push/PR.

Evidentia is implemented in pure Python (memory-safe) for the backend and TypeScript (memory-safe) for the evidentia-ui frontend. No memory-unsafe language is used in project source.