Skip to content

ci: add bundle vector drift gate #265

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jithinraj merged 1 commit into from
Jan 12, 2026
Merged

ci: add bundle vector drift gate #265

jithinraj merged 1 commit into from
Jan 12, 2026

Conversation

@jithinraj
Copy link
Member

@jithinraj jithinraj commented Jan 12, 2026

Summary

Add scripts/verify-bundle-drift.mjs - a robust drift detector for bundle conformance vectors.

Features

  • Baseline/delta approach: snapshots working tree before regen, evaluates only regen-introduced changes
  • Catches both tracked diffs AND untracked new files
  • Windows compatible (pnpm.cmd, git.exe)
  • Blocks --allow-dirty in CI (prevents false confidence)
  • Validates regen only touches bundle directory (catches generator bugs)
  • Uses git porcelain format for safe parsing

Exit codes

Code Meaning
0 No drift (vectors deterministic)
1 Drift detected (vectors need commit)
2 Script error (regen failed, touched wrong files, dirty repo)

Usage

```bash

CI (clean tree required)

pnpm verify:bundle-drift

Local development (allows unrelated dirty files)

pnpm verify:bundle-drift --allow-dirty
```

Test plan

  • CI passes
  • Script exits 0 on clean tree
  • Script exits 1 if vectors modified
  • Script exits 2 if regen touches non-bundle files

Stacked PRs

  1. PR1 -> main: kernel codegen + bundle error codes
  2. PR2 -> PR1: audit dispute bundle verifier
  3. PR3 -> PR2: crypto testkit subpath export
  4. PR4 (this) -> PR3: CI drift gate

Merge in order: PR1 -> PR2 -> PR3 -> PR4

@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch 2 times, most recently from 29c1779 to cd17642 Compare January 12, 2026 09:45
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from 2381ef6 to e5a35b9 Compare January 12, 2026 09:49
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from cd17642 to abb2a7b Compare January 12, 2026 09:50
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from e5a35b9 to 15ddee8 Compare January 12, 2026 09:52
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from abb2a7b to a4c65da Compare January 12, 2026 09:52
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from 15ddee8 to 64ee71f Compare January 12, 2026 09:55
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from a4c65da to 5e772c2 Compare January 12, 2026 09:55
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from 64ee71f to 323e842 Compare January 12, 2026 10:13
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from 5e772c2 to 2b05091 Compare January 12, 2026 10:13
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from 323e842 to a6396d5 Compare January 12, 2026 10:16
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from 2b05091 to eb3a03c Compare January 12, 2026 10:16
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from a6396d5 to 16b2c2a Compare January 12, 2026 10:18
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch 2 times, most recently from f04c569 to e66e633 Compare January 12, 2026 10:19
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from 16b2c2a to 0ed4332 Compare January 12, 2026 10:47
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from e66e633 to 78df4a6 Compare January 12, 2026 10:48
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr3-crypto-testkit branch from 169cab1 to 83daf61 Compare January 12, 2026 10:54
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch 2 times, most recently from b8346fe to 8da92c9 Compare January 12, 2026 11:18
@jithinraj jithinraj changed the base branch from feat/v0.9.30-pr3-crypto-testkit to main January 12, 2026 11:18
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch 3 times, most recently from fc54ada to ae71598 Compare January 12, 2026 11:39
@jithinraj jithinraj force-pushed the feat/v0.9.30-pr4-ci-drift-gate branch from ae71598 to 0028c22 Compare January 12, 2026 11:44
@jithinraj jithinraj merged commit e7ce5fb into main Jan 12, 2026
3 checks passed
jithinraj added a commit that referenced this pull request Jan 12, 2026
@jithinraj
chore(release): v0.9.30 Dispute Bundle + Deterministic Verification
d825e11 
Version bump 0.9.29 -> 0.9.30 for all 45 packages.

v0.9.30 Theme: Dispute Bundle + Deterministic Verification

Shipped:
- Dispute Bundle ZIP format (peac.dispute-bundle/0.1)
- CLI: peac bundle create|verify|info
- Deterministic verification reports with JCS canonicalization
- Kernel error codegen from specs/kernel/errors.json
- E_BUNDLE_* error codes (9 codes)
- Crypto testkit subpath export
- 8 conformance vectors with expected report hashes
- CI drift gates for codegen and bundle vectors

PRs: #260, #261, #262, #263, #264, #265
@jithinraj jithinraj mentioned this pull request Jan 12, 2026
Merged
3 tasks
jithinraj added a commit that referenced this pull request Jan 12, 2026
@jithinraj
chore(release): Dispute Bundle + Deterministic Verification (#266)
199658e 
Version bump 0.9.29 -> 0.9.30 for all 45 packages.

v0.9.30 Theme: Dispute Bundle + Deterministic Verification

Shipped:
- Dispute Bundle ZIP format (peac.dispute-bundle/0.1)
- CLI: peac bundle create|verify|info
- Deterministic verification reports with JCS canonicalization
- Kernel error codegen from specs/kernel/errors.json
- E_BUNDLE_* error codes (9 codes)
- Crypto testkit subpath export
- 8 conformance vectors with expected report hashes
- CI drift gates for codegen and bundle vectors

PRs: #260, #261, #262, #263, #264, #265
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jithinraj