Add publication-ready documentation and reproducible experiment package.
Rewrite the README with secure setup instructions, add dedicated setup/security docs, and include the standalone local-volatility instability experiment materials for reproducible analysis. Made-with: Cursor
This commit is contained in:
David Doebel
27
docs/SECURITY.md
Normal file
27
docs/SECURITY.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# Security Checklist
|
||||
|
||||
## Secrets handling
|
||||
|
||||
- Never commit `.env` or any file containing credentials.
|
||||
- Use `.env.example` for non-sensitive defaults only.
|
||||
- Set DB credentials through environment variables.
|
||||
- Rotate credentials if they have ever appeared in git history.
|
||||
|
||||
## Database hardening
|
||||
|
||||
- Use a dedicated runtime user with least required privileges.
|
||||
- Keep administrative users separate from ingestion users.
|
||||
- Restrict DB network access to trusted hosts/VPC/private network.
|
||||
- Enable SSL/TLS for non-local database connections.
|
||||
|
||||
## Publication readiness
|
||||
|
||||
Before making the repository public:
|
||||
|
||||
1. Confirm `git status` has no secret files staged.
|
||||
2. Search for potential secret patterns:
|
||||
- passwords
|
||||
- API keys
|
||||
- tokens
|
||||
3. Verify `.gitignore` includes local secret files (`.env*`).
|
||||
4. Regenerate credentials used during development.
|
||||
60
docs/SETUP.md
Normal file
60
docs/SETUP.md
Normal file
@@ -0,0 +1,60 @@
|
||||
# Setup Guide
|
||||
|
||||
This guide describes a clean local setup for development and reproducible runs.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Python 3.10+
|
||||
- CMake 3.16+
|
||||
- A C++20 compiler
|
||||
- PostgreSQL 14+ (or Docker)
|
||||
- On macOS, Homebrew packages for C++ DB support:
|
||||
- `libpq`
|
||||
- `libpqxx`
|
||||
- `eigen`
|
||||
- `pybind11`
|
||||
|
||||
## Python dependencies
|
||||
|
||||
```bash
|
||||
python3 -m venv .venv
|
||||
source .venv/bin/activate
|
||||
pip install --upgrade pip
|
||||
pip install -e .
|
||||
pip install pandas yfinance sqlalchemy psycopg2-binary matplotlib scipy
|
||||
```
|
||||
|
||||
## Environment configuration
|
||||
|
||||
```bash
|
||||
cp .env.example .env
|
||||
```
|
||||
|
||||
Edit `.env` and set:
|
||||
|
||||
- `DB_HOST`, `DB_PORT`, `DB_NAME`, `DB_USER`, `DB_PASSWORD`
|
||||
- `PIPELINE_SYMBOLS`
|
||||
- admin credentials used only by setup script (`POSTGRES_ADMIN_*`)
|
||||
|
||||
## Database bootstrap
|
||||
|
||||
```bash
|
||||
source .env
|
||||
python scripts/setup_postgres.py
|
||||
```
|
||||
|
||||
The script is idempotent and safe to rerun.
|
||||
|
||||
## Build and test C++
|
||||
|
||||
```bash
|
||||
cmake -S . -B build
|
||||
cmake --build build -j
|
||||
ctest --test-dir build --output-on-failure
|
||||
```
|
||||
|
||||
## Generate Doxygen docs
|
||||
|
||||
```bash
|
||||
cmake --build build --target docs
|
||||
```
|
||||
Reference in New Issue
Block a user