v0.6.1 "Obsidian Glass" Stable

The Safe Harbor
for Markdown Documentation.

High-performance, engine-agnostic, and security-hardened static analysis.

Get started View on GitHub

The Obsidian Engineering Ledger

Three invariants enforced on every commit. No exceptions. No shortcuts.

These are not aspirations — they are gates. Every release of Zenzic ships only when all three pass.

Zero Assumptions at System Boundaries

Every public entry point validates its inputs at the boundary. Internal hot paths carry no defensive checks — the shape is guaranteed by the type system, enforced by mypy --strict on every merge.

pyproject.toml · type enforcement

[tool.mypy]
strict            = true
warn_return_any   = true
warn_unreachable  = true

# Every public function has a typed signature.
# Every Any must be justified in a comment.

Subprocess-Free Analysis

Production-grade tools do not shell out during analysis. No subprocess.run(), no os.system() inside per-item loops. Zenzic validates your documentation stack without executing it.

pillar-2 · subprocess boundary

# ✓ ALLOWED — single setup phase
class ZenzicEngine:
    def __init__(self, config: Config):
        self._vsm = build_vsm(config)   # I/O once

# ✗ BLOCKED — subprocess inside analysis loop
for page in corpus:
    subprocess.run([...])  # ← architectural defect

Deterministic Dependency Graph

Every dependency is pinned in a lockfile, audited by Dependabot, and scanned for SPDX licence compatibility. No transitive surprises at release time. uv lock and reuse lint run on every commit.

reuse · SPDX compliance

# runs on every commit via pre-commit
nox -s reuse

✓ SPDX headers present   │ all source files
✓ Apache-2.0 declared    │ LICENSES/
✓ Third-party notices    │ NOTICE
# No dependency ships
# without a licence audit.

Reporter & Shield

Sentinel in Action

Every finding is pinned to file, line, and source. Structured output for human eyes and machine parsing alike.

Gutter reporter

Each error shows the exact offending source line with gutter context. No scrolling through logs to find what broke.

docs/guide.md

✘[FILE_NOT_FOUND]'intro.md' not reachable from nav

15│ before continuing.

16➡ See the getting started page for details.

17│ Then configure your environment.

Zenzic Shield

Scans every line - including fenced <code>bash</code> and <code>yaml</code> blocks - for leaked credentials. Exit code <code>2</code> is reserved exclusively for security events.

SECURITY BREACH DETECTED

✘Finding:GitHub token detected

✘Location:docs/tutorial.md:42

✘Credential:ghp_************3456

Action:Rotate this credential immediately and purge it from the repository history.

Severity summary

Every run ends with a compact summary. You know immediately whether the check failed hard or only emitted warnings.

✘ 2 errors⚠ 1 warning• 1 file with findings

FAILED: One or more checks failed.

Health Metrics

Quality Score

Track a deterministic score in CI to block regressions. A holistic, elegant view of your documentation health.

Metrics

Overall Health

+2%

CI Command

zenzic score --save

Internal Links Health

Anchor stability

100

External references

Orphan Detection

Unused Assets

Nav Isolation

100

Get Started

From zero to documentation integrity in one command.

No configuration required. No account needed. Works on any Markdown project.

zenzic · quickstart

✓zenzic 0.6.1 · python 3.12 · ready

# explore the interactive lab (9 acts, zero setup)

$uvx zenzic lab

# audit your documentation right now

$uvx zenzic check all .

Star on GitHub Read the full docs →

The Safe Harborfor Markdown Documentation.