dorian 1.0.0rc1

dorian 1.0.0rc1 — V1 release candidate

Prerelease. A release candidate, not final 1.0.0. dorian is a local-first,
deterministic, token-free verifier of the claims a change makes about its sources.

This RC lands the V1 strengthening program (research-report driven), independently
audited before tagging. All additions are additive and backward-compatible; default
behavior is unchanged unless you opt in.

Highlights

• Python structural checkers — py-signature: and py-const: (C3 subgrammars, AST-based)
  close the symbol: existence ceiling and the string:/regex: comment-survival false-pass
  for Python signatures and constants. py-const: compares value and type (30 != 30.0,
  1 != True).
• Semantic-context search — code: runs a regex over comment/docstring-stripped Python.
• Checker-strength / claim-risk diagnostics — dorian bindings (human + JSON) classifies
  each checker's truth strength and flags kind-vs-strength adequacy mismatches; advisory only.
• Multi-index binding — config keys in tracked .toml/.json widen re-check triggers
  (TOML/JSON only; YAML excluded to keep zero runtime deps), with provenance and ambiguity skip.
• Trusted-base checker-source mode — revalidate --checker-source base / Action
  checker_trust: base: runs only base-approved checker specs for public/fork PRs.
• dorian bench warrant-quality — offline per-claim mutation scoring (trigger vs verdict).

Security

• checker_trust: base is a checker-source trust root, not a sandbox: a base-approved
  pytest: checker can still execute PR-head code — for untrusted forks pair it with
  deny_exec: true (or external isolation). --deny-exec/--deny-shell are fail-closed, not
  sandboxes. No pull_request_target; no secrets required or exposed.
• The trusted-base exploit matrix (tests/test_trusted_base.py, 10 cases) proves PR-added /
  PR-modified executable checkers never execute (sentinel-verified) and a missing/tampered base
  sidecar fails closed (ERRORED, never BROKEN, never green).

Benchmark scope

Synthetic-suite reproducibility, not broad real-world validation. Numbers
(docs/BENCHMARK_CURRENT.md, measured at commit 33e9eaf): large-mutation 240 pairs P=R=0.93
(11.6× / 10.4× false-positive reduction vs file watchers); binding-lifecycle 808 pairs,
selection recall 0.54 → 1.00, alarm precision/recall 1.00, 0 errored; realworld 5 cases
(2 solved / 1 partial / 2 not_solved). Binding improves selection; it does not prove
semantic behavior (the gutted-body ceiling is shown, not solved). Historical v0.7.0 / 0.9.0
docs are preserved and labeled historical.

Remaining non-goals (post-V1, why this is an RC not final 1.0.0)

Real-repo public micro-benchmark (protocol-only); declarative/route/SQL binding indices;
YAML config binding; audit-event/state single-transaction atomicity; --extract stays
draft/experimental. See docs/V1_SCOPE.md.

Verification (release commit 24ae7c8)

• uv run pytest → 735 passed (incl. slow: wheel build, real pytest subprocess, regex timeout)
• uv run ruff check / ruff format --check → clean
• uv build + clean-venv install → dorian 1.0.0rc1
• benchmarks re-run identical; trusted-base exploit matrix passes
• independently re-audited (6 read-only auditor lenses): 2 release-blocking doc-drift issues
  and several should-fixes found and repaired before tagging.

Invariants preserved: ERROR is never BROKEN; checkers are read-only (except C4/C5-shell);
binding selects re-check candidates only; zero runtime dependencies.