d54c44f04a
- New cyclone.db_crypto module: * is_sqlcipher_available() — capability check * is_encryption_enabled() — Keychain key + sqlcipher3 present * get_db_key() — reads 'cyclone.db.key' from Keychain * make_sqlcipher_connect_creator(url, key) — SQLAlchemy creator - db._make_engine() now switches to SQLCipher when key is present - pyproject.toml: optional 'sqlcipher' extra (sqlcipher3>=0.6,<1) - Fallback: without Keychain key, DB stays plain SQLite (no surprise behavior for operators who haven't set up encryption yet) - Verified: encrypted file is unreadable as plain SQLite, wrong key raises on first query, migrations + ORM work transparently - HIPAA §164.312(a)(2)(iv) compliance note in docs Tests: 705 -> 717 (12 new for SQLCipher). All 717 backend tests pass.
44 lines
995 B
TOML
44 lines
995 B
TOML
[build-system]
|
|
requires = ["setuptools>=68", "wheel"]
|
|
build-backend = "setuptools.build_meta"
|
|
|
|
[project]
|
|
name = "cyclone"
|
|
version = "0.1.0"
|
|
description = "Cyclone EDI suite — X12 837P/835 parser"
|
|
requires-python = ">=3.11"
|
|
dependencies = [
|
|
"pydantic>=2.6,<3",
|
|
"click>=8.1,<9",
|
|
"fastapi>=0.110,<1",
|
|
"uvicorn[standard]>=0.27,<1",
|
|
"python-multipart>=0.0.9,<1",
|
|
"sqlalchemy>=2.0,<3",
|
|
"pyyaml>=6.0,<7",
|
|
"keyring>=25.0,<26",
|
|
]
|
|
|
|
[project.optional-dependencies]
|
|
dev = [
|
|
"pytest>=8.0",
|
|
"pytest-cov>=4.1",
|
|
"pytest-asyncio>=0.23,<1",
|
|
"httpx>=0.27,<1",
|
|
]
|
|
sqlcipher = [
|
|
# SP12: encryption at rest. Optional — without it the DB is plain SQLite.
|
|
# Install via: pip install -e .[sqlcipher] (after brew install sqlcipher).
|
|
"sqlcipher3>=0.6,<1",
|
|
]
|
|
|
|
[project.scripts]
|
|
cyclone = "cyclone.cli:main"
|
|
|
|
[tool.setuptools.packages.find]
|
|
where = ["src"]
|
|
|
|
[tool.pytest.ini_options]
|
|
testpaths = ["tests"]
|
|
addopts = "-ra --strict-markers"
|
|
asyncio_mode = "auto"
|