Vouch is a compiler for release contracts.
The release gate is the first runtime target, not the whole project.
human-owned intent YAML
-> typed AST
-> spec JSON
-> obligation IR
-> verification plan and runner artifacts
-> evidence and policy input
-> block | human_escalation | canary | auto_merge
Use Vouch when a risky AI-authored change needs more than "CI passed." A contract says what a repo area owns; the compiler gives those requirements stable obligation IDs; the gate checks whether evidence covers those IDs.
Preview a repo without writing files:
vouch try --repo /path/to/repoWrite the draft .vouch/ layout when the preview is useful:
vouch try --repo /path/to/repo --writeCompile contracts and run the current gate:
cd /path/to/repo
vouch compile
pytest --junitxml .vouch/artifacts/pytest.xml
vouch evidence import junit .vouch/artifacts/pytest.xml
vouch gateJUnit covers required-test obligations only. Behavior, security, runtime, and rollback obligations need their own evidence.
go install github.com/duriantaco/vouch/cmd/vouch@latestFrom this checkout:
go install ./cmd/vouchPublished docs:
https://duriantaco.github.io/vouch/
The site is deployed from .github/workflows/pages.yml after changes land on
main. The source lives in docs/site/ and is built with MkDocs.
Vouch is beta infrastructure. It is ready for shadow-mode pilots, not blind production enforcement.
The local VouchBench harness proves the current compiler/evidence/policy path is deterministic over fixture scenarios. It does not prove arbitrary code is correct or that real teams will adopt the workflow.
scripts/vouchbench.shGOCACHE=/private/tmp/vouch-gocache go test ./...Apache-2.0. See LICENSE.