feat: clas 10/10 audit — proof field alignment, validator rename, CI, schema mirror, stub cleanup#25
Merged
Merged
Conversation
…s and examples BREAKING CHANGE: proof object field names updated to match runtime-core types: signature_alg -> alg key_id -> kid signer -> signer_id Also: alg is now enum ["ed25519"] not just minLength:1, enforcing algorithm validation at the schema level rather than trusting the field. Updated files: - schemas/trust-verification/_shared/proof.schema.json (field rename + alg enum) - All 10 verb valid.receipt.json examples - All 10 verb tampered.receipt.json examples
…ts fetch path
runtime-core/schema-client.ts fetches schemas at:
/schemas/${lineVersion}/${contract}/${verb}/${version}/request.schema.json
The clas canonical layout (schemas/trust-verification/verify/) serves tooling
and local validation. This v1.0.0 mirror serves the URL structure that
runtime-core and commandlayer-org expect over HTTP.
Added:
schemas/v1.0.0/trust-verification/verify/v1/request.schema.json
schemas/v1.0.0/trust-verification/verify/v1/receipt.schema.json
Both use absolute $ref URIs so the mirror is self-contained without
requiring relative path traversal.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
signature_alg→alg,key_id→kid,signer→signer_idinschemas/trust-verification/_shared/proof.schema.jsonand all 10 verb example receipt files (valid.receipt.json,tampered.receipt.json). Matches runtime-core's canonical proof types.@clas/clas-validator→@commandlayer/clas-validatorat v1.0.0; addedbin.clas-validateCLI entrypoint (packages/clas-validator/bin/validate.js) with auto-detection of verb/kind; addedpublishConfig: {access: "public"}..github/workflows/ci.ymlwith two jobs —validate-schemas(runsnpm test/validate-trust-verification-examples.mjs) andbuild-validator(builds the validator package).schemas/v1.0.0/trust-verification/verify/v1/request.schema.jsonandreceipt.schema.jsonmatching the URL path that runtime-core's schema-client and commandlayer-org expect to fetch over HTTP.commerce-payments,communication-outreach,content-creation,data-analytics,identity-compliance,lifecycle-management,logistics-fulfillment,training-optimization,workflow-approval). Plans moved todocs/ROADMAP.md. Rootmanifest.jsonupdated to list onlytrust-verification.name,version, andtest/validatescripts..gitignore,CHANGELOG.md,SECURITY.md,RELEASING.md.Test plan
validate-schemasjob passes — all 10 verbvalid.receipt.jsonfiles validate against updated proof schema;invalid.receipt.jsonfiles correctly failbuild-validatorjob passes —packages/clas-validatorbuilds without errorsschemas/v1.0.0/trust-verification/verify/v1/request.schema.jsonis reachable at the URL runtime-core expectsclas-validateCLI entrypoint auto-detects verb and kind from JSON inputschemas/(onlytrust-verificationandv1.0.0)manifest.jsonat root lists onlytrust-verificationGenerated by Claude Code