Create sitecustomize.py
Browse files- sitecustomize.py +114 -0
sitecustomize.py
ADDED
|
@@ -0,0 +1,114 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# sitecustomize.py
|
| 2 |
+
"""
|
| 3 |
+
Auto-loaded by Python at interpreter startup.
|
| 4 |
+
We use it to inject the Sovereign Authority Layer WITHOUT touching app.py/core/ultra.
|
| 5 |
+
"""
|
| 6 |
+
|
| 7 |
+
import os
|
| 8 |
+
import json
|
| 9 |
+
import time
|
| 10 |
+
|
| 11 |
+
def _safe_print(msg: str) -> None:
|
| 12 |
+
try:
|
| 13 |
+
print(msg)
|
| 14 |
+
except Exception:
|
| 15 |
+
pass
|
| 16 |
+
|
| 17 |
+
|
| 18 |
+
def _patch_run_pilot():
|
| 19 |
+
"""
|
| 20 |
+
Monkey-patch pilot_suite.run_pilot so every run is post-processed by:
|
| 21 |
+
- SovereignAuthorityLayer (7 mandatory capabilities)
|
| 22 |
+
- Policy manifest snapshot (sealed)
|
| 23 |
+
- Build fingerprint / SBOM-lite (startup)
|
| 24 |
+
- Evidence package export (zip/folder)
|
| 25 |
+
"""
|
| 26 |
+
try:
|
| 27 |
+
import pilot_suite # the module app.py imports from
|
| 28 |
+
except Exception as e:
|
| 29 |
+
_safe_print(f"[SovereignPatch] pilot_suite import failed: {e}")
|
| 30 |
+
return
|
| 31 |
+
|
| 32 |
+
if not hasattr(pilot_suite, "run_pilot"):
|
| 33 |
+
_safe_print("[SovereignPatch] pilot_suite.run_pilot not found. No patch applied.")
|
| 34 |
+
return
|
| 35 |
+
|
| 36 |
+
original_run_pilot = pilot_suite.run_pilot
|
| 37 |
+
|
| 38 |
+
# Avoid double-patching
|
| 39 |
+
if getattr(original_run_pilot, "_sovereign_patched", False):
|
| 40 |
+
_safe_print("[SovereignPatch] run_pilot already patched.")
|
| 41 |
+
return
|
| 42 |
+
|
| 43 |
+
try:
|
| 44 |
+
from sovereign_authority_layer import SovereignAuthorityLayer
|
| 45 |
+
from sovereign_evidence_packager import (
|
| 46 |
+
ensure_build_fingerprint,
|
| 47 |
+
write_policy_manifest,
|
| 48 |
+
export_evidence_package,
|
| 49 |
+
)
|
| 50 |
+
except Exception as e:
|
| 51 |
+
_safe_print(f"[SovereignPatch] import layer/packager failed: {e}")
|
| 52 |
+
return
|
| 53 |
+
|
| 54 |
+
# Generate build fingerprint once at startup (capability #9)
|
| 55 |
+
try:
|
| 56 |
+
ensure_build_fingerprint()
|
| 57 |
+
except Exception as e:
|
| 58 |
+
_safe_print(f"[SovereignPatch] ensure_build_fingerprint failed: {e}")
|
| 59 |
+
|
| 60 |
+
layer = SovereignAuthorityLayer()
|
| 61 |
+
|
| 62 |
+
def patched_run_pilot(*args, **kwargs):
|
| 63 |
+
started = time.time()
|
| 64 |
+
result = original_run_pilot(*args, **kwargs)
|
| 65 |
+
|
| 66 |
+
# Defensive: ensure dict-like result
|
| 67 |
+
if result is None:
|
| 68 |
+
result = {}
|
| 69 |
+
if not isinstance(result, dict):
|
| 70 |
+
# keep original but wrap into dict
|
| 71 |
+
result = {"raw_result": str(result)}
|
| 72 |
+
|
| 73 |
+
# Apply 7 mandatory authority capabilities (capabilities #1-#7)
|
| 74 |
+
try:
|
| 75 |
+
result = layer.apply(result)
|
| 76 |
+
except Exception as e:
|
| 77 |
+
_safe_print(f"[SovereignPatch] authority layer apply failed: {e}")
|
| 78 |
+
|
| 79 |
+
# Policy manifest snapshot (capability #8)
|
| 80 |
+
policy_manifest_path = None
|
| 81 |
+
try:
|
| 82 |
+
policy_manifest_path = write_policy_manifest(result)
|
| 83 |
+
except Exception as e:
|
| 84 |
+
_safe_print(f"[SovereignPatch] write_policy_manifest failed: {e}")
|
| 85 |
+
|
| 86 |
+
# Evidence package export (capability #10)
|
| 87 |
+
try:
|
| 88 |
+
export_evidence_package(result, policy_manifest_path=policy_manifest_path)
|
| 89 |
+
except Exception as e:
|
| 90 |
+
_safe_print(f"[SovereignPatch] export_evidence_package failed: {e}")
|
| 91 |
+
|
| 92 |
+
# Optional: add runtime marker
|
| 93 |
+
try:
|
| 94 |
+
result.setdefault("sovereign_patch", {})
|
| 95 |
+
result["sovereign_patch"].update({
|
| 96 |
+
"authority_layer": "enabled",
|
| 97 |
+
"policy_manifest": bool(policy_manifest_path),
|
| 98 |
+
"evidence_package": True,
|
| 99 |
+
"patch_latency_ms": int((time.time() - started) * 1000),
|
| 100 |
+
})
|
| 101 |
+
except Exception:
|
| 102 |
+
pass
|
| 103 |
+
|
| 104 |
+
return result
|
| 105 |
+
|
| 106 |
+
patched_run_pilot._sovereign_patched = True # type: ignore[attr-defined]
|
| 107 |
+
pilot_suite.run_pilot = patched_run_pilot
|
| 108 |
+
_safe_print("[SovereignPatch] ✅ run_pilot patched (Zero-touch Authority Layer enabled).")
|
| 109 |
+
|
| 110 |
+
|
| 111 |
+
# Apply patch on interpreter startup
|
| 112 |
+
_patch_run_pilot()
|
| 113 |
+
|
| 114 |
+
|