Every claim on the dashboard is backed by a static JSON artifact. This page is the catalog. All endpoints are CORS-open static files served from GitHub Pages.
snapshot.json against snapshot.schema.json, then verify snapshot.sig with cosign verify-blob --bundle snapshot.sig snapshot.json against the workflow identity in snapshot.sig.meta.json. If either step fails, do not trust the rendered HTML — see EVIDENCE.md.
| Path | Media type | Description | curl |
|---|---|---|---|
api/v1/snapshot.json |
application/json |
Authoritative org-wide snapshot — every per-package signal the dashboard reads from. | curl -O https://273v.github.io/kaos-compliance/api/v1/snapshot.json |
api/v1/snapshot.schema.json |
application/schema+json |
JSON Schema (Draft 2020-12) that snapshot.json conforms to. Validate before trusting any field. | curl -O https://273v.github.io/kaos-compliance/api/v1/snapshot.schema.json |
api/v1/snapshot.sig |
application/vnd.dev.sigstore.bundle+json |
Sigstore-cosign-keyless DSSE bundle for snapshot.json. Verify with cosign verify-blob --bundle. | curl -O https://273v.github.io/kaos-compliance/api/v1/snapshot.sig |
api/v1/snapshot.sig.meta.json |
application/json |
Signature verification parameters (expected identity, issuer, workflow ref). Pinned to the bundle. | curl -O https://273v.github.io/kaos-compliance/api/v1/snapshot.sig.meta.json |
heartbeat.json |
application/json |
Heartbeat block — generated_at + last_*_sweep_at timestamps for watchdogs. | curl -O https://273v.github.io/kaos-compliance/heartbeat.json |
api/v1/history.json |
application/json |
Rolling 90-day per-package signal history. Source of every sparkline on the dashboard. | curl -O https://273v.github.io/kaos-compliance/api/v1/history.json |
api/v1/history/<YYYY-MM-DD>.json |
application/json |
Per-day snapshot summary written by each sweep. One file per UTC day. | curl -O https://273v.github.io/kaos-compliance/api/v1/history/2026-05-11.json |
Per-package signal diff between two sweeps, computed at render time from history.json. Compute additional pairs locally by downloading history.json and slicing the per-package arrays.
| Path | Description | curl |
|---|---|---|
api/v1/diff/2026-06-23/2026-06-24.json |
Per-package signal diff from 2026-06-23 to 2026-06-24. Computed at render time from history.json. | curl -O https://273v.github.io/kaos-compliance/api/v1/diff/2026-06-23/2026-06-24.json |
Each bundle contains the per-package slice of snapshot.json, the SBOM mirror + upstream Release URL, and the PEP 740 attestation pointer.
| Path | Description | curl |
|---|---|---|
api/v1/package/kaos-agents.json |
Self-contained evidence bundle for kaos-agents: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-agents.json |
api/v1/package/kaos-citations.json |
Self-contained evidence bundle for kaos-citations: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-citations.json |
api/v1/package/kaos-content.json |
Self-contained evidence bundle for kaos-content: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-content.json |
api/v1/package/kaos-core.json |
Self-contained evidence bundle for kaos-core: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-core.json |
api/v1/package/kaos-graph.json |
Self-contained evidence bundle for kaos-graph: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-graph.json |
api/v1/package/kaos-llm-client.json |
Self-contained evidence bundle for kaos-llm-client: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-llm-client.json |
api/v1/package/kaos-llm-core.json |
Self-contained evidence bundle for kaos-llm-core: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-llm-core.json |
api/v1/package/kaos-mcp.json |
Self-contained evidence bundle for kaos-mcp: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-mcp.json |
api/v1/package/kaos-ml-core.json |
Self-contained evidence bundle for kaos-ml-core: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-ml-core.json |
api/v1/package/kaos-names.json |
Self-contained evidence bundle for kaos-names: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-names.json |
api/v1/package/kaos-nlp-core.json |
Self-contained evidence bundle for kaos-nlp-core: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-nlp-core.json |
api/v1/package/kaos-nlp-transformers.json |
Self-contained evidence bundle for kaos-nlp-transformers: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-nlp-transformers.json |
api/v1/package/kaos-office.json |
Self-contained evidence bundle for kaos-office: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-office.json |
api/v1/package/kaos-pdf.json |
Self-contained evidence bundle for kaos-pdf: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-pdf.json |
api/v1/package/kaos-source.json |
Self-contained evidence bundle for kaos-source: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-source.json |
api/v1/package/kaos-tabular.json |
Self-contained evidence bundle for kaos-tabular: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-tabular.json |
api/v1/package/kaos-ui.json |
Self-contained evidence bundle for kaos-ui: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-ui.json |
api/v1/package/kaos-web.json |
Self-contained evidence bundle for kaos-web: the package's slice of snapshot.json + SBOM links + PEP 740 attestation pointer. | curl -O https://273v.github.io/kaos-compliance/api/v1/package/kaos-web.json |