feat: schema, LSP fixes, EU AI Act, salsa default, STPA analysis#101
Merged
feat: schema, LSP fixes, EU AI Act, salsa default, STPA analysis#101
Conversation
Extends ArtifactTypeDef with two optional guidance fields: - common_mistakes: Vec<MistakeGuide> — problem/fix pairs for AI agents - example: Option<String> — YAML snippet shown in schema show output Both fields default to empty, so existing schemas parse unchanged. The rivet schema show command (text + JSON) surfaces these fields.
Adds guidance fields to requirement, design-decision, and feature types in the dev schema. Shown in 'rivet schema show' output and available to AI agents via JSON format.
First-ever LSP tests (25 tests): - lsp_word_at_position: word extraction, edge cases, special chars - lsp_find_artifact_line: exact ID matching, format variants - lsp_uri_to_path roundtrip - Diagnostic-to-LSP mapping: severity, file grouping, line numbers YAML edge case tests (16 tests): - serde_yaml 0.9 uses YAML 1.2: yes/no are strings, only true/false are booleans (no Norway problem) - Numeric coercion: bare 1.0 is float, quoted stays string - Duplicate keys: struct-level is error, map-level last wins - Error recovery: malformed YAML, missing fields, empty docs
Parse errors are now shown as LSP diagnostics instead of silently returning empty results. Extends Diagnostic with source_file, line, column fields. The LSP diagnostic publisher checks source_file first (parse errors), then falls back to artifact-based file lookup. Also adds collect_parse_errors() salsa tracked function that composes with structural and conditional-rule validation in validate_all().
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
Phase 1 of #99: schemas/eu-ai-act.yaml with 15 artifact types mapping to EU AI Act Annex IV (9 mandatory sections) and Articles 9-15. Artifact types: ai-system-description, design-specification, data-governance-record, third-party-component, monitoring-measure, performance-evaluation, risk-management-process, risk-assessment, risk-mitigation, misuse-risk, transparency-record, human-oversight-measure, standards-reference, conformity-declaration, post-market-plan. 14 link types + 12 traceability rules enforcing mandatory obligations. Registered as embedded schema (compiled into binary). EU AI Act high-risk provisions applicable from August 2, 2026.
avrabe
changed the title
Two new validation phases: - Phase 8: unknown-link-type — warns when an artifact uses a link type not defined in the schema - Phase 9: unknown-field — info when an artifact has fields not defined in its type's schema Both are non-breaking (warning/info severity) but catch common mistakes that previously went undetected.
Losses: undetected compliance violations, wasted time on false positives, AI agent infinite retry loops. Hazards: false negatives (H-LSP-001), false positives (H-LSP-002), wrong location (H-LSP-003), misleading fix suggestions (H-LSP-004). 7 system constraints: SC-LSP-001 through SC-LSP-007 covering parse error handling, validation completeness, schema change invalidation, YAML type coercion, actionable messages, cascade prevention, and incremental validation correctness. Status of constraints: - SC-LSP-001: SATISFIED (PR #101 — parse errors surfaced) - SC-LSP-004: SATISFIED (PR #101 — type-aware validation) - SC-LSP-002: PARTIALLY (document refs not in LSP yet) - SC-LSP-003: NOT SATISFIED (schema changes not re-loaded) - SC-LSP-005: PARTIALLY (some messages still vague) - SC-LSP-006: PARTIALLY (parse errors no longer cascade to empty, but broken-link cascade still possible) - SC-LSP-007: PENDING (#22 — salsa becoming default)
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark 'Rivet Criterion Benchmarks'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 1.20.
| Benchmark suite | Current: d41afd3 | Previous: 0661926 | Ratio |
|---|---|---|---|
validate/100 |
65554 ns/iter (± 322) |
44111 ns/iter (± 184) |
1.49 |
validate/1000 |
859948 ns/iter (± 3956) |
498872 ns/iter (± 4254) |
1.72 |
validate/10000 |
9675760 ns/iter (± 447341) |
5278435 ns/iter (± 108213) |
1.83 |
This comment was automatically generated by workflow using github-action-benchmark.
The salsa incremental validation pipeline (db.rs) is now the default path for 'rivet validate'. The old direct path is available via --direct flag for fallback or when --baseline scoping is used. Changes: - Removed --incremental and --verify-incremental flags - Added --direct flag (opt-in to old non-incremental path) - Default: salsa tracked functions (parse_artifacts, validate_all, evaluate_conditional_rules) with automatic cache invalidation - Baseline-scoped validation automatically uses direct path since salsa doesn't support scoped stores The salsa path produces identical diagnostics to the direct path, verified by the existing 22 salsa database tests and previous --verify-incremental infrastructure. Refs: #22
avrabe
changed the title
Completes EU AI Act Phase 1 + Phase 2:
- rivet init --preset eu-ai-act — starter artifacts covering
system description, design, risk management, monitoring, oversight
- eu-ai-act-stpa.bridge.yaml — maps STPA hazards → risk assessments,
system constraints → risk mitigations
- eu-ai-act-aspice.bridge.yaml — maps ASPICE verification evidence →
performance evaluations
- examples/eu-ai-act/ — full 17-artifact example project demonstrating
Annex IV compliance for a predictive maintenance AI system
- Validates clean (0 warnings)
- Document with {{stats}}, {{coverage}}, {{diagnostics}} embeds
- Realistic content: XGBoost+LSTM hybrid model, bias assessment,
drift detection, human oversight dashboard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Five workstreams in one PR:
1. Schema guidance (#93 Phase 1)
common-mistakes+examplefields onArtifactTypeDefrivet schema showsurfaces guidance in text + JSON2. EU AI Act compliance schema (#99 Phase 1)
schemas/eu-ai-act.yaml— 15 artifact types (Annex IV + Articles 9-15)rivet init --schema eu-ai-act3. LSP diagnostic fixes
4. Salsa incremental as default (#22)
rivet validatenow uses salsa by default--directflag5. STPA analysis of LSP accuracy
safety/stpa/lsp-diagnostics.yaml— losses, hazards, system constraintsTest coverage: 49 new tests
Refs #22, #93, #99.
Test plan
cargo test --workspace— all tests passcargo clippy+cargo fmt— clean🤖 Generated with Claude Code