Skip to content

v0.2.1 — the credibility release: every claim checkable, every gap registered

Choose a tag to compare

@haeliotang haeliotang released this 10 Jul 08:01
e50226a

The external-credibility sprint, per three rounds of adversarial review (AI-assisted self-audit). v0.2.0 shipped the engineering; v0.2.1 makes it checkable.

Every claim now maps to its proof

docs/evidence-matrix.md — 20 load-bearing README claims, each mapped to a command, one of 8 CI jobs, a file/artifact, or an explicit not-shipped with a tracking issue. Six gaps were registered rather than hidden; four are now closed (see below), two remain as explicit design boundaries (TRACE_VERSION migration → #12, illustrative k8s → #10).

credential_packet_v1 — the verdict demo is now outsider-reproducible

Attached to v0.2.0 as a release asset (28K):
credential_packet_v1.tar.gz · sha256 af6e4142299b58cbfbeb67b3b357a6e438c272f7e074ee17b9c8e012a4dd01f1

Self-contained: 7 recorded official-eval reports + MANIFEST.json + provenance.json + VERIFY.md. Verified end-to-end from the Release: download → sha256 → reproduce the verdict table with stock python3 (no deps) → 7/7 SHA chain closed. The clinic's intervention verdicts are no longer claims about private files.

Consumable review debt (#11) — the load-bearing wall

Attestations now bind to the specific needs_review decisions they clear (clears_decisions); debt items carry a consumable open/cleared status derived by joining decisions × attestations — the recorded run stays immutable, clearing is a new fact. A reject clears nothing (the seat stays visibly empty); run-level endorsements clear nothing; consumption counts once. Outstanding debt is measurable: sum(aro_review_debt_total) − sum(aro_review_debt_cleared_total), per-run at GET /api/runs/{id}/review-debt?status=open, with a dashboard panel + clear-items form. SLO #6 now measures actual consumption, not a count comparison.

The compose stack is CI-verified (#9)

The compose-e2e job brings up the full stack (api, worker, Postgres, Prometheus, Grafana), runs a queued policy-violation run through the Postgres queue, and asserts health, verdict=blocked with 2 denials, /metrics, and Prometheus scraping both targets — on every push.

Security posture stated, fixtures labeled

SECURITY.md: demo-grade defaults, not internet-facing, tamper-evident-not-proof, private reporting. The exfiltration example's .env fixture now carries a FAKE header. Wiki disabled.

Also in this release

  • SLOs incl. two governance SLOs (docs/slo.md) and a nine-class error taxonomy (docs/error-taxonomy.md)
  • Issue hygiene: #1#6 closed with landing commits; real next increments opened (#8 Tempo/alerts, #10 GHCR, #12 OTel GenAI semconv, #15 deterministic goldens)

Full test surface: 8 CI jobs (clinic 441 tests, lint, unit, integration, postgres service-container, golden-replay, web-build, compose-e2e), all green on main.