feat(governance): falsifier-block for api-contract-openapi-coverage + INV-API-CONTRACT#556
Merged
neuron7xLab merged 2 commits intoneuron7xLab:mainfrom May 8, 2026
Conversation
add INV-API-CONTRACT + falsifier-block on api-contract-openapi-coverage Yesterday's PR neuron7xLab#551 promoted `api-contract-openapi-coverage` from EXTRAPOLATED to ANCHORED at Q4 Phase-3 EXIT. ADR 0021 mandates a v3 falsifier-block on every ANCHORED claim; I shipped without one. Today's audit named that omission: my own contribution sat on the warn-only list of 13 ANCHORED claims with named evidence but no declared address-of-refutation. This PR closes my loop. The list shrinks from 13 to 12. What ---- * .claude/physics/INVARIANTS.yaml — new `api_contract` block declaring INV-API-CONTRACT. Statement covers status-code, body-schema, Content-Type, header, and negative-data-rejection conformance for every (path, method) declared in the OpenAPI 3.1 spec produced by application.api.service.create_app(). Falsification criterion enumerates the six Schemathesis FailureGroup classes (UndefinedStatusCode, JsonSchemaError, MalformedMediaType, MissingHeaders, AcceptedNegativeData, ServerError). References cite OpenAPI 3.1.0 spec, Schemathesis docs, and IERD-PAI-FPS-UX-001 §5. * docs/CLAIMS.yaml — `api-contract-openapi-coverage` gains a falsifier block: test_id: tests/api/test_schemathesis_contract.py::test_api_operation_conforms_to_schema invariants_cited: [INV-API-CONTRACT] failure_signature: enumerates the six Schemathesis FailureGroup classes and notes the /graphql exclusion + Phase-3 EXIT fail-closed contract. * README.md, BASELINE.md, CLAUDE.md — invariant count bumped 90 → 91 on every load-bearing surface that the invariant-count-sync gate audits (badge, body, table, ASCII block, footer, header). * .claude/commit_acceptors/falsifier-api-contract-openapi-coverage.yaml — diff-bound acceptor with an inverse-probe falsifier: exits 0 (i.e. invariant broken) ONLY when check_claims.py re-emits `api-contract-openapi-coverage` on the missing-falsifier WARN list. What this does NOT do --------------------- * Does NOT modify scripts/ci/check_claims.py, tools/commit_acceptor/validate_commit_acceptor.py, or any application/src/* code. Acceptor `forbidden_paths` excludes them. * Does NOT add falsifiers for the other 12 ANCHORED claims still on the floating list. Each requires its own dedicated invariant + test_id + failure_signature triple. Tracked as governance debt for follow-up PRs. Local verification ------------------ python scripts/count_invariants.py: 91 python scripts/check_invariant_count_sync.py: OK 91 (all surfaces synced) python scripts/ci/check_claims.py: PASS schema v3 — falsifier coverage 9/21 ANCHORED (was 8/21) api-contract-openapi-coverage no longer on missing-falsifier list python scripts/export_governance_schemas.py --check: PASS pytest tests/governance/test_typed_models.py tests/scripts/test_export_governance_schemas.py: 19/19 pass commit_acceptor validator: exit 0 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Kernel self-check (.claude/physics/validate_tests.py check neuron7xLab#9) requires every ANCHORED + runtime_evaluable=yes invariant to declare an integration_test path that resolves on disk. The schemathesis test itself IS the integration check — same file as the unit test pointer, which matches the pattern used elsewhere when the test file does double-duty. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1bebfbf432
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - schemas/openapi/geosync-online-inference-v1.json | ||
| - application/api/errors.py | ||
| falsifier: | ||
| test_id: tests/api/test_schemathesis_contract.py::test_api_operation_conforms_to_schema |
There was a problem hiding this comment.
When schemas/openapi/geosync-online-inference-v1.json changes independently of the FastAPI app, this falsifier will not catch drift in the contract named here: test_api_operation_conforms_to_schema builds its schema from the live app via schemathesis.openapi.from_asgi("/openapi.json", app=_app) in tests/api/test_schemathesis_contract.py, and the workflow only runs that test file. As a result, the new ANCHORED claim can pass even if the persisted schema referenced in the claim diverges from runtime behavior; the falsifier should either load the persisted schema or also gate the snapshot comparison.
Useful? React with 👍 / 👎.
neuron7xLab
added a commit
that referenced
this pull request
May 8, 2026
… 94) (#558) Continues the floating-falsifier closure that PR #556 began. All five hpc-* ANCHORED claims in docs/CLAIMS.yaml now declare a v3 falsifier-block — a real pytest node id, a precise invariants_cited list, and a failure_signature that names the exact assertion shape. Falsifier coverage: 9/21 → 14/21 ANCHORED. Floating list: 12 → 7 (five hpc-* ids removed). What ---- * .claude/physics/INVARIANTS.yaml — three new invariants: - INV-HPC3 ledger_conservation cash + position·mark = invariant under fixed-point arithmetic (Knuth Vol 2 §4.2; Goldberg 1991; Demmel & Nguyen 2013). - INV-HPC4 state_envelope_integrity SHA-256-checksummed serialisation envelope; tampered payload, non-finite value, schema-version mismatch fail-closed at load (Merkle 1979; Lamport 1981; NIST FIPS 180-4). - INV-HPC5 session_fsm_totality explicit transition table, terminal absorption, pre-validated transitions before any side effect (Hopcroft-Ullman 1979; Pnueli 1977; Harel 1987). Each new INV ships with source, tests, integration_test path (geosync_hpc/* + tests/geosync_hpc/* — both resolve), runtime_evaluable=yes, and references that actually back the statement. * docs/CLAIMS.yaml — five falsifier-blocks added: hpc-runtime-state-seal-bit-identical → tests/geosync_hpc/test_backtest_runtime_reset.py ::test_backtester_run_is_bit_identical_across_repeated_calls → INV-HPC1 (existing) hpc-fixed-point-ledger-conservation → tests/geosync_hpc/test_ledger.py ::test_conservation_holds_under_random_fills → INV-HPC3 (new) hpc-indexed-rng-control-flow-free → tests/geosync_hpc/test_indexed_rng.py ::test_same_tuple_yields_same_value → INV-HPC1 (existing) hpc-runtime-state-envelope-integrity → tests/geosync_hpc/test_runtime_state.py ::test_load_detects_tampered_payload → INV-HPC4 (new) hpc-session-lifecycle-explicit-fsm → tests/geosync_hpc/test_session_fsm.py ::test_canonical_happy_path_reaches_completed → INV-HPC5 (new) * README.md, BASELINE.md, CLAUDE.md — invariant count synced 91 → 94 on every load-bearing surface that invariant-count-sync audits. * .claude/commit_acceptors/falsifier-hpc-cluster.yaml — diff-bound acceptor with inverse-probe falsifier: exits 0 (i.e. invariant broken) ONLY when check_claims.py re-emits any of the five hpc-* ids on the missing-falsifier WARN list. What this does NOT do --------------------- * Does NOT modify any code under geosync_hpc/ or tests/geosync_hpc/. Acceptor `forbidden_paths` excludes both directories. The tests cited as falsifiers ALREADY exist on main; this PR only adds governance metadata pointing at them. * Does NOT touch scripts/ci/check_claims.py, tools/commit_acceptor/validate_commit_acceptor.py, or any application/* code. * Does NOT close the remaining 7 floating ANCHORED claims. Each needs its own falsifier-block + (where applicable) new INV-*. Tracked for follow-up: robustness-hac-psr-newey-west ricci-microstructure-ten-axis-falsification serotonin-controller-bounded-veto kelly-sizing-cap-enforced oms-conservation-idempotency-monotone signalbus-deterministic-fanout ierd-phase0-yana-response Local verification ------------------ python scripts/count_invariants.py: 94 python scripts/check_invariant_count_sync.py: OK 94 python .claude/physics/validate_tests.py --self-check: PASSED python scripts/ci/check_claims.py: PASS, falsifier 14/21 ANCHORED python scripts/export_governance_schemas.py --check: PASS pytest tests/governance/ tests/scripts/test_export_governance_schemas.py: 80/80 commit_acceptor validator: exit 0 Co-authored-by: Yaroslav Vasylenko <neuron7x@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
neuron7xLab
added a commit
that referenced
this pull request
May 8, 2026
…19/19 (#559) Closes the governance-discipline arc that started with PR #556 (api-contract-openapi-coverage falsifier) and continued with PR #558 (hpc-* cluster). After this PR, the named-but-unfalsifiable set is EMPTY: falsifier coverage: 19/19 ANCHORED (was 14/21 before this PR; 9/21 before #558; 8/21 before #556) Five claims gain v3 falsifier-blocks pointing at real pytest nodes that already exist on main: robustness-hac-psr-newey-west → INV-PSR-HAC (NEW) test: tests/research/robustness/test_hac_psr.py ::test_auto_bandwidth_matches_newey_west_1994_rule serotonin-controller-bounded-veto → INV-5HT1/2/4/7 (existing) test: tests/unit/physics/test_T12_serotonin_stability.py ::test_serotonin_lyapunov_is_non_increasing_under_zero_stress kelly-sizing-cap-enforced → INV-KELLY1/2 (existing) test: tests/analytics/test_kelly_criterion.py ::test_single_asset_kelly_closed_form oms-conservation-idempotency-monotone → INV-OMS1/2/3 (existing) test: tests/unit/physics/test_T15_oms_idempotency_causality.py ::test_oms_submit_is_idempotent_under_duplicate_correlation_id signalbus-deterministic-fanout → INV-SB1/2 (existing) test: tests/unit/physics/test_T16_signalbus_dag.py ::test_signalbus_dag_fanout_fires_each_subscriber_exactly_once Two claims are HONESTLY DOWNGRADED ANCHORED → EXTRAPOLATED because their evidence is paper-tier or documentation-only — no pytest node currently re-runs the assertion under the ADR 0021 v3 falsifier shape: ricci-microstructure-ten-axis-falsification ierd-phase0-yana-response Each downgrade declares the missing-evidence path explicitly: "Re-classify ANCHORED on addition of tests/.../test_X.py with [N] parametrised assertions + a new INV-* registry entry." This is the inverse of marketing "everything's done" — it admits the residual gap as the right tier and points at the exact remediation path. ADR 0021 §1 loophole closed: every ANCHORED claim now has a declared address-of-refutation, no exceptions. What ---- * .claude/physics/INVARIANTS.yaml — INV-PSR-HAC added with Newey & West (1987, 1994) + Bailey & López de Prado (2014) references; resolving source/tests/integration_test under research/robustness/. Registry: 94 → 95. * docs/CLAIMS.yaml — five v3 falsifier-blocks added (each with test_id, invariants_cited, failure_signature); two tier downgrades with explicit re-promotion path declared. * README.md, BASELINE.md, CLAUDE.md — invariant count synced 94 → 95 across every load-bearing surface. * .claude/commit_acceptors/falsifier-final-cluster.yaml — diff-bound acceptor with inverse-probe falsifier: exits 0 (i.e. invariant broken) ONLY when check_claims.py re-emits the WARN(v3) line about missing falsifier-blocks. Catches any future regression that re-opens the floating set. What this does NOT do --------------------- * Does NOT modify any code under research/, core/neuro/, or any test file the falsifiers cite. Acceptor `forbidden_paths` excludes all of them. The tests already exist on main; this PR only adds governance metadata pointing at them. * Does NOT promise the codebase is "complete". The ANCHORED ladder discipline is closed; new ANCHORED claims will require new falsifier-blocks. The two EXTRAPOLATED downgrades carry explicit re-promotion paths. * Does NOT close Q5 / Q7 IERD frontend work, Phase-4 EXIT for Q6, or any subsystem deployment. Those are tracked as separate issues with their own acceptance criteria. Local verification ------------------ python scripts/count_invariants.py: 95 python scripts/check_invariant_count_sync.py: OK 95 python .claude/physics/validate_tests.py --self-check: PASSED python scripts/ci/check_claims.py: PASS schema v3 — 27 gated claims, 0 P2, all evidence present tier distribution: ANCHORED=19, EXTRAPOLATED=8, SPECULATIVE=0, UNKNOWN=0 falsifier coverage: 19/19 ANCHORED python scripts/export_governance_schemas.py --check: PASS pytest tests/governance/ tests/scripts/test_export_governance_schemas.py: 80/80 commit_acceptor validator: exit 0 Co-authored-by: Yaroslav Vasylenko <neuron7x@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes the named-but-unfalsifiable loop my own PR #551 opened. Adds INV-API-CONTRACT to the registry (90 → 91), syncs all 4 doc surfaces, writes the v3 falsifier-block on the claim citing the canonical pytest test_id.
Falsifier coverage: 8/21 → 9/21 ANCHORED.
Floating list: 13 → 12.
See commit message for details. All gates green locally.