refactor: rename demo-one → enforcement-demo#16
Merged
Conversation
- Rename directory demo-one/ to enforcement-demo/ - Update all internal references (logger names, docstrings, banners) - Update Makefile targets, README.md, run_video.py, scripts/setup.sh - No functional changes
There was a problem hiding this comment.
Pull request overview
Renames the former demo-one/ demo to enforcement-demo/ to better reflect its purpose, and updates repo entrypoints/docs to reference the new name.
Changes:
- Renamed demo directory references across setup tooling (
scripts/setup.sh,Makefile,run_video.py) and documentation (README.md). - Updated internal demo labeling (logger names, banners, headings) to use “enforcement-demo”.
- Modified the enforcement demo MCP server entrypoint to run stdio in an async path and added presenter pauses in the demo runner.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/setup.sh | Updates the per-demo .env scaffolding loop and help text to use enforcement-demo. |
| run_video.py | Renames the demo key/command from demo-one to enforcement-demo. |
| README.md | Reorganizes and updates demo listings and instructions for enforcement-demo. |
| Makefile | Renames targets/phony entries from demo-one/video-one to enforcement-demo/video-enforcement. |
| enforcement-demo/setup.sh | Updates setup banner text for the renamed demo. |
| enforcement-demo/server/main.py | Renames docstring/logger and changes the server stdio startup implementation. |
| enforcement-demo/run_demo.py | Renames banners and adds interactive pauses between scenarios. |
| enforcement-demo/requirements.txt | Updates header comment to match the renamed demo. |
| enforcement-demo/README.md | Updates title to match the renamed demo. |
| enforcement-demo/agents/untrusted_agent.py | Updates docstring/logger name to match the renamed demo. |
| enforcement-demo/agents/trusted_agent.py | Updates docstring/logger name to match the renamed demo. |
| enforcement-demo/.env.example | Updates header comment to match the renamed demo. |
Comments suppressed due to low confidence (6)
enforcement-demo/server/main.py:113
- This entrypoint now relies on private/unstable capiscio-mcp internals (
_capiscio_meta_ctx) and an internal attribute (server._server.run_stdio_async()). This is likely to break on capiscio-mcp upgrades and is inconsistent with the other demos that use the publicserver.run(transport="stdio")API; please switch to a public/ documented async run API (or add one upstream) rather than importing/using underscore-prefixed symbols.
enforcement-demo/server/main.py:106 - The PR description says there are no functional changes, but this file changes the server startup/runtime behavior (new async entrypoint, different stdio run path, explicit telemetry flush). Please either adjust the PR description or add a brief rationale here explaining the behavioral change and why the previous
asyncio.run(build_server()); server.run(...)approach was incorrect.
enforcement-demo/run_demo.py:11 - This docstring says the demo runs four scenarios, but the script actually runs five (including badge revocation). Please update the scenario count and list so the top-level description matches the behavior and the README’s “5 scenarios” wording.
enforcement-demo/run_demo.py:6 - The docstring below still references an
@guarddecorator for enforcement, but the server code in this repo enforces trust levels via@server.tool(min_trust_level=...). Please update the wording so readers aren’t directed to a decorator that isn’t used/visible in the demo implementation.
enforcement-demo/run_demo.py:96 pause()makes the demo block on stdin unconditionally; this will hangrun_video.py/ Makefilevideo-*runs and will also raiseEOFErrorin non-interactive environments. Please make pauses optional (e.g., flag/env var), and/or auto-disable them whensys.stdinisn’t a TTY (and handleEOFErrorgracefully).
enforcement-demo/setup.sh:27- These banner lines overflow the box width defined by the surrounding border, so the output won’t render as a clean aligned frame in terminals. Please adjust the spacing/text length so each line fits within the
╔══…══╗/╚══…══╝width.
- Rewrite enforcement-demo/README.md: quick start first, expected output, troubleshooting table, all 5 scenarios documented - Root README: single copy-paste setup block, numbered prerequisites, de-emphasize demo-two, link to full docs instead of duplicating - .env.example: default SERVER_ID to 'auto' for zero-friction setup
- Add --auto / --no-pause flag to skip interactive pauses - Replace prose summary with visual results table (pass/fail per scenario) - Suppress gRPC C-core noise (GRPC_VERBOSITY=NONE) - Reorder setup.sh: scaffold .env before venv/deps (credentials first) - Add binary download context (what it is, why ~15 MB) - Document --auto flag in README with expected summary output
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 13 out of 13 changed files in this pull request and generated 6 comments.
Comments suppressed due to low confidence (5)
enforcement-demo/run_demo.py:29
argparseis imported but not used, and flags are parsed viasys.argvstring checks. Either remove the unused import or switch to argparse for--auto/--no-pauseparsing to keep the CLI implementation consistent.
enforcement-demo/run_demo.py:17- The module docstring says enforcement is done by an
@guarddecorator, but the server actually uses@server.tool(min_trust_level=...). Update the docstring to match the real API to avoid misleading readers.
enforcement-demo/run_demo.py:314 - The presenter-facing output claims enforcement is via an
@guarddecorator, but the server code uses@server.tool(min_trust_level=...). Consider changing this message so the demo narration matches the actual code/API.
enforcement-demo/server/main.py:113 - This relies on private/internal APIs (
capiscio_mcp.integrations.mcp._capiscio_meta_ctxandserver._server.run_stdio_async()), which is brittle and may break on dependency updates. Prefer a public async run API (or wrap this in a small compatibility helper with a fallback to the supportedserver.run(transport="stdio")).
enforcement-demo/server/main.py:105 - The PR description states there are "No functional changes", but this introduces a new async entrypoint, manual meta-context injection, and telemetry flushing behavior for the server runtime. Either update the PR description to reflect the runtime behavior change or revert to the prior execution model.
- Remove CAPISCIO_REGISTRY_ENDPOINT (orphaned — no demo code reads it) - Remove CAPISCIO_TRUSTED/UNTRUSTED_AGENT_NAME (auto-generated, clutters example) - Comment out CAPISCIO_SERVER_URL (has sensible default, rarely overridden) - Clarify CAPISCIO_SERVER_ID: document 'auto' behavior, mark as optional - Only one required env var: CAPISCIO_API_KEY - Update README env table with Required/Default columns - Simplify setup.sh credential messaging
The Go binary (capiscio-core) reads CAPISCIO_REGISTRY_ENDPOINT to build the JWKS URL for badge signature verification. Without it, BadgeVerifier is nil and all badge checks return ErrBadgeInvalid — breaking scenarios 1 and 2 (trusted agent with valid badge → should ALLOW, would DENY). CAPISCIO_SERVER_URL (Python SDK) and CAPISCIO_REGISTRY_ENDPOINT (Go binary) look like duplicates but serve different components. Both must point to the same registry. Added inline comments explaining this. TODO: capiscio-mcp-python should auto-forward SERVER_URL → REGISTRY_ENDPOINT before spawning the binary, eliminating the duplication.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 14 out of 14 changed files in this pull request and generated 6 comments.
Comments suppressed due to low confidence (3)
enforcement-demo/server/main.py:113
- This startup path relies on private/internal APIs (
_capiscio_meta_ctx,server._server.run_stdio_async()) that aren’t part of the publicCapiscioMCPServercontract and may not exist across the supportedcapiscio-mcp[mcp]>=2.4.0range. Prefer a public async run entrypoint (or keepserver.run(transport="stdio")) or bump/pin the minimumcapiscio-mcpversion and document the requirement.
enforcement-demo/run_demo.py:29 argparseis imported but never used, which will failmake lint(ruff F401). Either remove the import or actually parse--auto/--no-pausevia argparse and setAUTO_MODEfrom the parsed args.
enforcement-demo/run_demo.py:23- The PR description says “No functional changes”, but this PR introduces new user-facing behavior (e.g.,
--auto/--no-pausemode and scenario pausing/summary output). Either update the PR description to reflect these functional changes, or remove the new behavior from this rename-only PR.
Consistent naming with enforcement-demo and mcp-demo. Updated all internal references (docstrings, loggers, banners, comments).
- Server subprocess: logging level INFO → WARNING (eliminates all the capiscio_mcp, mcp.server, policy-demo.server INFO lines) - Add gRPC noise suppression to both run_demo.py and server/main.py - Add show_policy_yaml() — renders the active policy YAML inline with box-drawing characters so you can read/copy it from the terminal - Shown before each phase's scenarios run
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 22 out of 26 changed files in this pull request and generated 11 comments.
Comments suppressed due to low confidence (6)
enforcement-demo/run_demo.py:36
argparseis imported but never used. With the repo's ruff configuration (selecting F* rules), this will fail lint due to an unused import; either remove the import or wire up a real argparse-based CLI for--auto/--no-pause.
enforcement-demo/run_demo.py:18- The module docstring says enforcement is via an
@guarddecorator, but the server code uses@server.tool(min_trust_level=...)instead. Update the wording so the demo explanation matches the actual mechanism being exercised.
enforcement-demo/server/main.py:115 - This server runner now depends on private/internal APIs (
capiscio_mcp.integrations.mcp._capiscio_meta_ctxandserver._server.run_stdio_async()). This is brittle across capiscio-mcp versions; prefer a public async run entrypoint (if available) or keep usingserver.run(transport="stdio")and address the supervisor-lifetime issue within supported APIs.
policy-demo/server/main.py:5 - The Policy Demo docstring still says it's the same server as
demo-one, which no longer exists after the rename toenforcement-demo. Update the reference so the docs match the current directory/name.
policy-demo/server/main.py:15 - This docstring claims policy enforcement is performed by an
@guarddecorator, but the server actually uses@server.tool(min_trust_level=...)for trust gating. Update the explanation to match the real API so the demo doesn't teach an outdated concept.
policy-demo/agents/untrusted_agent.py:7 - The docstring references trust level being set by
@guard, but this demo’s server implementation uses@server.tool(min_trust_level=...). Consider rephrasing to the public API used in this repo to avoid implying a decorator that callers won't find.
Each phase now flows: header → expected table → ACTION REQUIRED with the YAML to copy/paste → pause → run scenarios. Phase 1 (baseline) now also pauses so the user can set the initial policy first.
Each phase now ends with a clear verdict comparing actual vs expected outcomes. Mismatches show which scenario failed and what was expected.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 22 out of 26 changed files in this pull request and generated 13 comments.
Comments suppressed due to low confidence (6)
enforcement-demo/run_demo.py:35
- Unused import:
argparseis imported but never used, and the Makefile’s lint step selectsF(pyflakes), so this will fail CI/linting. Remove the import or switch AUTO_MODE parsing to argparse.
enforcement-demo/run_demo.py:26 - The run_demo docstring says enforcement happens via an
@guarddecorator and listsCAPISCIO_SERVER_IDas a prerequisite, but the server uses@server.tool(min_trust_level=...)and the demo’s.env.exampledefaultsCAPISCIO_SERVER_ID=auto. Update the wording so the docs match how the demo actually works.
enforcement-demo/server/main.py:113 - This server runner relies on private/underscored APIs (
capiscio_mcp.integrations.mcp._capiscio_meta_ctxandserver._server.run_stdio_async()). That’s brittle and may break on dependency upgrades; prefer a public async run API (or add a small wrapper in capiscio_mcp that this demo can call).
policy-demo/server/main.py:5 - Docstring still says this is the “same MCP server as demo-one”, but the repo renamed that demo to
enforcement-demo. Update the reference so the docs point to the correct demo name/directory.
policy-demo/server/main.py:15 - This docstring describes enforcement via an
@guarddecorator, but the server implementation uses@server.tool(min_trust_level=...). Update the wording to match the actual mechanism used by CapiscioMCPServer.
enforcement-demo/server/main.py:121 - PR description says “No functional changes”, but this code changes runtime behavior by switching from
server.run(transport="stdio")to calling private async stdio run + injecting meta context + flushing telemetry on shutdown. Either update the PR description to reflect the behavioral change, or keep the original publicserver.run(...)path if functional parity is required.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 32 out of 52 changed files in this pull request and generated 4 comments.
Comments suppressed due to low confidence (8)
multi-agent-demo/setup.sh:27
- The
--helptext still claims local repos are at../capiscio-sdk-pythonetc, but the script actually checks../../.... Update the help output to match the real expected layout so developers don’t follow incorrect instructions.
multi-agent-demo/setup.sh:100 - In
--localmode the dependency install ispip install -r requirements.txt 2>/dev/null || true, which can hide real install failures and leave agents with missing deps while the script reports success. Avoid swallowing pip errors; instead exclude/constraint CapiscIO packages explicitly and fail loudly if the remaining deps can’t be installed.
enforcement-demo/server/main.py:117 - This relies on private APIs (
capiscio_mcp.integrations.mcp._capiscio_meta_ctxandserver._server.run_stdio_async()). Private members can change without notice and may break the demo when upgradingcapiscio-mcp. Prefer a public async run/serve API if available, or wrap this behind a compatibility helper with a fallback toserver.run(transport='stdio').
policy-demo/server/main.py:146 - Same concern here: importing
_capiscio_meta_ctxand callingserver._server.run_stdio_async()depends on private internals. Please switch to a public API (or isolate this behind a small compatibility layer) to reduce breakage risk on SDK upgrades.
enforcement-demo/run_demo.py:206 isErrorfromclient.call_tool()indicates a tool execution error, but it’s not necessarily an authorization/trust denial. Treating allisErrorresults asDENYcan misreport real failures (e.g., tool exceptions) as enforcement. Consider returningERRORwhenisErroris true unless the error text matches known guard-deny markers.
policy-demo/run_demo.py:112pause()is defined but never used (the script callsinput(...)directly in multiple places). Remove the dead function or use it consistently so the pause behavior is centralized in one place.
.github/copilot-instructions.md:126- The instructions still say
cd agents/langchain-agent ...but agents now live undermulti-agent-demo/agents/.... Update this command so contributors don’t end up in a non-existent path.
python run_demo.py --agent langchain
# Start single agent server
cd agents/langchain-agent && source .venv/bin/activate && python main.py --serve
Makefile:71
- The PR description claims "No functional changes", but this PR introduces new runtime behavior (e.g., new
policy-demobatching logic and newmulti-agent-demo/sharedevent emitter package) and removes tooling likerun_video.py/video make targets. Please update the PR description to reflect the actual scope so reviewers can assess risk accurately.
dev: dev-check ## Install ALL demos using local repos (pre-release testing)
@echo ""
@echo "═══════════════════════════════════════════════════════════"
@echo " Installing from LOCAL repos (dev mode)"
@echo "═══════════════════════════════════════════════════════════"
@echo ""
# Shared event emitter
$(PYTHON) -m pip install -e multi-agent-demo/shared/ -q
# Local CapiscIO packages (overrides any PyPI versions)
$(PYTHON) -m pip install -r $(LOCAL_DEPS)
# Per-demo dependencies (non-capiscio deps like dotenv, httpx)
$(PYTHON) -m pip install python-dotenv httpx uvicorn fastapi -q
# Enforcement Demo
cd enforcement-demo && $(PYTHON) -m pip install -r requirements.txt --no-deps -q 2>/dev/null || true
# Agent frameworks
$(PYTHON) -m pip install langchain langchain-openai langchain-community langgraph -q
$(PYTHON) -m pip install "crewai>=1.12.0,<2.0.0" "crewai-tools>=1.12.0,<2.0.0" -q
@echo ""
- enforcement-demo: Updated agents to use CapiscIO.connect() with keys_dir (PoP-default). Simplified run_demo.py scenarios. Updated server/main.py to use current MCP patterns. - policy-demo: Same SDK updates + updated policy YAML to match current policy engine format. - Removed stale mcp-demo/ (replaced by policy-demo MCP integration). - Updated CI, Makefile, README for new demo structure.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 56 out of 68 changed files in this pull request and generated 10 comments.
Comments suppressed due to low confidence (4)
policy-demo/.env.example:21
policy-demo/scripts/setup_policies.pyrequiresCAPISCIO_ADMIN_JWT, but the.env.exampleno longer includes it. Add a placeholder + warning comment (similar to what was removed) so users can run policy setup successfully.
multi-agent-demo/agents/langgraph-agent/main.py:475- Badge verification relies on
agent._guard(a private attribute). This is brittle across SDK versions; prefer a public verification API (or middleware/guard instance exposed by the SDK) instead of reaching into underscored internals.
.github/copilot-instructions.md:126 - This command still references the old agent path (
cd agents/langchain-agent), but agents now live undermulti-agent-demo/agents/.... Update the path so the instructions are runnable.
# Run demo
python run_demo.py --agent langchain
# Start single agent server
cd agents/langchain-agent && source .venv/bin/activate && python main.py --serve
Makefile:97
make installprints PyPI versions viapip show langchain-capiscio, but the install recipe never installslangchain-capiscio(andmulti-agent-demo/agents/langchain-agent/requirements.txtalso doesn’t list it). This will likely makemake installfail (grep gets no input) and also leaves the LangChain demo running without the CapiscIO guard/callback integration in release mode.
@echo "✅ Release mode active. PyPI versions:"
@$(PYTHON) -m pip show capiscio-sdk 2>/dev/null | grep -E "^(Name|Version)"
@$(PYTHON) -m pip show capiscio-mcp 2>/dev/null | grep -E "^(Name|Version)"
@$(PYTHON) -m pip show langchain-capiscio 2>/dev/null | grep -E "^(Name|Version)"
…ix key mismatch - Pin capiscio-sdk and capiscio-mcp to >=2.7.1 (did:web fix) - Add policy-demo install to Makefile install target - Fix enforcement-demo Makefile runner (remove broken source cmd) - Add policy-demo Makefile runner target - Add --verbose flag to both demos - Remove scenario 5 (fake revocation) from enforcement-demo - Fix key mismatch between enforcement and policy demos - Suppress PoP fallback warnings in demos - Fix stale badge bug in policy-demo (fresh get_badge per scenario)
- Replace time.sleep(1) with await asyncio.sleep(1) in async context - Remove scenario 5 (badge revocation) references from all READMEs - Add policy-demo to Makefile .PHONY targets - Update scenario counts from 5 to 4 in docs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Renames
demo-one→enforcement-demoanddemo-two→policy-demo, restructures the repo for clarity, and addresses multiple issues:Changes
demo-one/→enforcement-demo/,demo-two/→policy-demo/mcp-demo/(consolidated into enforcement-demo),run_video.py(replaced by--autoflag), scenario 5 (fake revocation — not realistic without server-side propagation delay)--verboseflag for badge inspection,--autoflag for non-interactive runstime.sleep()→asyncio.sleep()in async context, stale badge reuse, key mismatch in scenario 2capiscio-sdk>=2.7.1andcapiscio-mcp[mcp]>=2.7.1install,enforcement-demo,policy-demotargets, fix venv activation