feat(audit): rivet audit — AI-session/commit traceability gate (#127 P2)#297
Open
avrabe wants to merge 1 commit into
Open
feat(audit): rivet audit — AI-session/commit traceability gate (#127 P2)#297avrabe wants to merge 1 commit into
avrabe wants to merge 1 commit into
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Rivet Criterion Benchmarks'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.20.
| Benchmark suite | Current: 142172f | Previous: 2932166 | Ratio |
|---|---|---|---|
store_insert/10000 |
15941393 ns/iter (± 1509982) |
11958794 ns/iter (± 1062766) |
1.33 |
validate/10000 |
16813458 ns/iter (± 2566668) |
12511533 ns/iter (± 1331396) |
1.34 |
This comment was automatically generated by workflow using github-action-benchmark.
Closes the loop opened by v0.10.0's ai-session schema (#127 Phase 1). New top-level read-only subcommand `rivet audit` walks the current branch's git history and enforces two gates: **Gate 1 — AI-authored commit needs a session.** For every commit detected as AI-authored (`Co-Authored-By:` containing `noreply@anthropic.com`, OR `Generated-With:`/`Created-By:` trailer matching `^(ai|ai-assisted)`), require an `ai-session` artifact in the project with `fields.commit-sha` matching the commit SHA (prefix match either direction, ≥7 chars). **Gate 2 — session must point at a real reachable commit.** For every `ai-session` artifact with `commit-sha` set, verify the commit exists (`git cat-file -e`) AND is reachable from `--until` (`git merge-base --is-ancestor`). Catches drift after rebase / force- push as well as fabricated sessions pointing at vanished commits. CLI: `rivet audit [--since <ref>] [--until <ref>] [--format text|json] [--strict]` - `--since` defaults to `git merge-base origin/main HEAD`, falling back to `HEAD~50`. - `--strict` exits non-zero on violations (CI mode). - JSON envelope per spec: `command`, `passed`, `since`, `until`, `ai_commits_scanned`, `ai_sessions_in_project`, `violations.{ai_commits_without_session,sessions_with_missing_commit}`, `summary.total_violations`. Read-only. Shells out to `git` (no new deps). Composes with `rivet check ai-defects-open` (PR #295) — together they cover the two operational TD1 loops the dossier §3 layer 5 names. Tests (4 integration tests, all green): - audit_passes_when_ai_commits_have_matching_sessions - audit_fails_when_ai_commit_has_no_session - audit_fails_when_session_points_at_missing_commit - audit_json_envelope_shape_on_failure Docs: new `audit` topic in `rivet-cli/src/docs.rs` (~105 lines). OUT OF SCOPE (deferred): - Auto-stamping sessions from `~/.claude/projects/*.jsonl` (Phase 2.5). - session-hash verification (Phase 2.5). - pre-commit / commit-msg hook installation (Phase 3). - DPIA-link enforcement on `invoker`-bearing sessions. Implements: REQ-002, REQ-007 Refs: FEAT-001, #127 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
avrabe
force-pushed
the
feat/127-rivet-audit
branch
from
142172f to
df2f6fb
Compare
📐 Rivet artifact deltaNo artifact changes in this PR. Code-only changes (renderer, CLI wiring, tests) don't touch the artifact graph. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes the AI-provenance loop opened by v0.10.0 (#127 Phase 1 shipped the `ai-session` schema only; this PR ships the gate that enforces it).
What ships
New top-level read-only subcommand `rivet audit` with two gates:
Gate 1 — every AI-authored commit needs an `ai-session` artifact whose `commit-sha` matches. AI-authored is detected via `Co-Authored-By: ...noreply@anthropic.com` or `Generated-With:`/`Created-By:` trailer matching `^(ai|ai-assisted)`.
Gate 2 — every `ai-session.commit-sha` must point at a commit that exists AND is reachable from HEAD. Catches drift after rebase/force-push and fabricated sessions pointing at vanished commits.
```
rivet audit [--since ] [--until ] [--format text|json] [--strict]
```
Read-only, shells out to git (no new deps). Composes with `rivet check ai-defects-open` (PR #295) — together they cover the two operational TD1 loops the dossier §3 layer 5 names.
Out of scope (deferred)
Test plan
Composes with
This PR can rebase cleanly onto either or both once they merge.
🤖 Generated with Claude Code