Map your codebase
to the stack

Cartographer scans existing codebases, discovers structure, drafts artifacts for Constrain/Pact/Ledger/Arbiter/Baton/Sentinel, and checks compliance. It never makes changes.

$ pip install cartographer
mode 01

Discovery

Scans source code across 6 languages using AST-based analysis. Detects ORM models, API routes, PACT keys, backend connection hints, and sensitive fields. Produces draft artifacts for every tool in the stack.

mode 02

Compatibility Check

Evaluates existing projects against stack requirements with 34 checks across 5 tools. Produces scored reports with ordered recommendations. Works in CI without running services.

Read-only invariant — Cartographer never writes to backends, never registers artifacts without explicit human approval, never modifies existing stack artifacts.
Discovery capabilities

Source scanning

AST-based analysis for Python. Regex-based detection for TypeScript, JavaScript, Ruby, Go, and Java.

Python TypeScript JavaScript Ruby Go Java

ORM detection

Extracts model definitions, field types, and relationships from 14 ORM frameworks.

SQLAlchemy Django Prisma TypeORM Sequelize Mongoose Drizzle ActiveRecord GORM JPA

Route detection

Finds API endpoints and extracts paths, methods, and handler names from 8 frameworks.

Flask FastAPI Express Rails Spring Gin net/http

PACT keys

Detects existing instrumentation markers matching the PACT key format. Maps keys to source locations for Sentinel manifest generation.

Sensitive fields

Pattern-based detection of PII, financial, auth, and compliance fields. Classification hints at LOW confidence — always requires human confirmation.

Backend hints

Detects environment variables suggesting database, cache, and queue connections. Produces connection hints for Ledger without exposing credentials.

Tool Checks Validates
Pact 11 Contracts have data_access/authority, source has PACT keys and handlers
Baton 7 Schema version, nodes have data_access/authority, OpenAPI specs configured
Ledger 8 Fields classified, no annotation conflicts, GDPR erasure methods present
Arbiter 2 Access graph and trust ledger present and readable
Sentinel 6 Manifest entries have paths, source PACT keys match manifest
Example compatibility report
CARTOGRAPHER COMPATIBILITY REPORT generated: 2026-03-15T14:32:00Z PACT COMPATIBILITY contracts/auth_module.yaml PASS data_access present, authority present contracts/user_service.yaml WARN data_access.rationale is vague contracts/payment.yaml FAIL missing authority field src/auth_module.py FAIL no PACT key found in any method src/user_service.py WARN event_handler present but log_handler missing src/payment.py FAIL no event_handler, no log_handler LEDGER COMPATIBILITY users_db / users PASS all fields have classification users_db / sessions WARN 3 fields missing classification event_bus / user.events FAIL no schema registered for this topic BATON COMPATIBILITY baton.yaml schema version FAIL version 1.0, requires 2.0 node: user_service WARN data_access not declared node: auth_service PASS node: payment_service FAIL no openapi_spec configured OVERALL SCORE: 61% compliant (18/29 checks passing) FAIL: 6 WARN: 5 PASS: 18 RECOMMENDED NEXT STEPS (in order): 1. Update baton.yaml to schema version 2.0 (run: baton migrate-config) 2. Add PACT keys to: src/auth_module.py, src/payment.py 3. Add event_handler and log_handler to payment.py 4. Register missing Ledger schema for kafka topic: user.events
Incremental adoption workflow
01
Discover what exists in your codebase
cartographer discover --no-live
02
Check current compliance against the stack
cartographer check
03
Review generated drafts before registration
cartographer drafts list
04
Adopt high-confidence artifacts into the stack
cartographer adopt --confidence high
05
Check again — score should improve
cartographer check
The stack
Constrain
Constraint discovery
Pact
Contract-first dev
Ledger
Schema registry
Arbiter
Trust management
Baton
Circuit orchestration
Sentinel
Production attribution
Cartographer
Adoption & compatibility