Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@contractkit/plugin-python

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@contractkit/plugin-python

ContractKit built-in plugin: Python SDK client generation (Pydantic v2 + httpx)

latest
Source
npmnpm
Version
0.11.4
Version published
Weekly downloads
61
110.34%
Maintainers
1
Weekly downloads
 
Created
Source

@contractkit/contractkit-plugin-python-sdk

ContractKit plugin that generates a Python SDK from .ck contract and operation files. Produces Pydantic v2 models and httpx-based client classes.

Installation

pnpm add @contractkit/contractkit-plugin-python-sdk

Configuration

{
  "plugins": {
    "@contractkit/contractkit-plugin-python-sdk": {
      "baseDir": "python-sdk",
      "packageName": "acme"
    }
  }
}

Options

OptionTypeDefaultDescription
baseDirstring"python-sdk"Output directory relative to rootDir
packageNamestring"Sdk"Name used for the aggregator SDK class

Output structure

python-sdk/
├── __init__.py          # SDK aggregator class + __all__ exports
├── _base_client.py      # Shared BaseClient and SdkError classes
├── _models_<name>.py    # Pydantic v2 models (one file per .ck contract file)
├── _client_<name>.py    # httpx client class (one file per .ck operation file)
└── requirements.txt     # Runtime dependencies (httpx, pydantic>=2.0)

Models (_models_*.py)

Each contract declaration becomes a Pydantic v2 BaseModel. Contracts that have readonly or writeonly fields produce separate Input variants following the same rules as the TypeScript plugin:

  • Model — read model (no writeonly fields)
  • ModelInput — input model (no readonly fields)

Clients (_client_*.py)

Each operation file with at least one public operation generates a client class. Methods correspond to HTTP verbs and are named from the sdk: field in the .ck source. Request and response bodies are typed with the generated Pydantic models.

Aggregator (__init__.py)

The aggregator class (named from packageName) instantiates all client classes and exposes them as attributes. Pass the base URL and optional headers at construction time:

from python_sdk import AcmeSdk

sdk = AcmeSdk(base_url="https://api.acme.com", headers={"Authorization": "Bearer ..."})
payment = sdk.payments.get_payment(id="pay_123")

Base client (_base_client.py)

Provides BaseClient (wraps httpx.Client) and SdkError (raised on non-2xx responses). All generated client classes inherit from BaseClient.

Runtime dependencies

The generated SDK requires:

pydantic>=2.0
httpx

Programmatic use

import { createPythonSdkPlugin } from '@contractkit/contractkit-plugin-python-sdk';

const plugin = createPythonSdkPlugin({
  baseDir: 'sdks/python',
  packageName: 'acme',
});

Keywords

contractkit
python

FAQs

Package last updated on 15 May 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Federal Audit Finds NIST Wasted Funds With No Plan to Clear NVD Backlog

Security News

Federal Audit Finds NIST Wasted Funds With No Plan to Clear NVD Backlog

Federal audit finds NIST lacked a plan to clear the NVD backlog, wasted funds on duplicate work, and delayed use of CISA data.

By Sarah Gooding  -  Jun 03, 2026
Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages

Research

/

Security News

Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages

A mini Shai-Hulud campaign compromised Red Hat Cloud Services npm packages to steal developer and CI/CD secrets during installation.

By Socket Research Team  -  Jun 01, 2026