Edictum OSS Core Implementation
Read CLAUDE.md first. Understand the tier boundary before writing code.
Scope
Everything under src/edictum/ is OSS core (MIT). This includes:
- •Pipeline (
pipeline.py) — GovernancePipeline, PreDecision, PostDecision - •Envelope (
envelope.py) — ToolEnvelope, Principal, create_envelope() - •Contracts (
contracts.py) — @precondition, @postcondition, @session_contract, Verdict - •YAML engine (
yaml_engine/) — loader, evaluator, compiler, templates - •Adapters (
adapters/) — all 6 framework adapters - •Audit (
audit.py) — AuditEvent, StdoutAuditSink, FileAuditSink, RedactionPolicy - •Session (
session.py) — Session, MemoryBackend - •CLI (
cli/) — validate, check, diff, replay, test - •Telemetry (
telemetry.py) — OTel spans, GovernanceTelemetry - •Protocols (
pii.py) — PIIDetector protocol, PIIMatch dataclass (interface only)
The ONE RULE
Core code NEVER imports from ee/. If you need functionality from ee/, define a protocol/interface in core and let ee/ implement it.
Workflow
- •Read CLAUDE.md — understand boundaries and dropped features
- •Read the Linear ticket or user description
- •Read relevant source files before proposing changes
- •Scope with user — confirm approach before writing code
- •Implement — small, focused changes
- •Test —
pytest tests/ -vthenruff check src/ tests/ - •Commit — conventional commits, no Co-Authored-By
Conventions
- •Frozen dataclasses for immutable data
- •All pipeline/session/audit methods are async
- •
from __future__ import annotationsin every file - •Type hints everywhere
- •Test file per module:
tests/test_{module}.py
Do NOT
- •Import from
ee/— core is self-contained - •Implement Redis/DB StorageBackend — dropped feature
- •Implement PII detection backends in core — those go in ee/
- •Add Webhook/Splunk/Datadog sinks to core — those go in ee/