Skip to content

feat: establish fail-closed milestone supervision authority#27

Open
imgbot[bot] wants to merge 1 commit into
mainfrom
imgbot
Open

feat: establish fail-closed milestone supervision authority#27
imgbot[bot] wants to merge 1 commit into
mainfrom
imgbot

Conversation

@imgbot

@imgbot imgbot Bot commented Jul 4, 2026

Copy link
Copy Markdown

Summary

Establishes Mergen as an independent milestone supervisor rather than an implementation process that can approve its own work.

The authority contract has three verdicts and two actions:

  • pass authorizes advance
  • fail authorizes block
  • unverifiable authorizes block

There is no permissive ambiguity path.

Architecture

  • Adds mergen supervise and the standalone mergen-supervise entry point.
  • Adds a standard-library-only authority process that does not edit implementation files, call a model, or use the network.
  • Requires the supervisor code to execute outside the target repository. A repository cannot use its own mutable checkout as the authority that approves that checkout.
  • Keeps the operator-supplied repository root outside untrusted evidence. Reports, task states, approval records, and review records cannot redirect the supervisor to another workspace.
  • Reruns Mergen's deterministic verifier against the live tree. A signed or hashed historical report is evidence, not authority by itself.
  • Recomputes the live Governor floor. A supplied report may raise risk, but it cannot lower the live floor or omit live floor triggers.
  • Removes Mergen authority secrets from verifier, linter, test, and Git subprocess environments.

Fail-closed evidence checks

Advancement requires every applicable check to pass:

  1. Evidence paths remain inside the trusted root.
  2. The report and task state are readable JSON objects.
  3. The report satisfies the existing verification-report integrity contract.
  4. The report bytes match the SHA-256 sidecar before and after supervision.
  5. The recorded source commit matches the current HEAD.
  6. The verifier recorded a clean tree, and no unexplained changes appeared after verification.
  7. Task-state bytes match report provenance and remain stable during supervision.
  8. Feature identity and the exact task set match.
  9. Every task is complete and has non-ambiguous concrete evidence.
  10. Summary counts agree with task-level evidence.
  11. Live verification agrees with the supplied report.
  12. Policy results contain no unresolved or failing non-floor policy.
  13. The supplied risk classification does not downgrade the live Governor floor.
  14. Required human approval is bound by HMAC to the exact report bytes.
  15. Optional external review claims are observed without treating a reviewer name or independent: true as proof of independence. Negative or unresolved review blocks.

Output safety

  • The decision output and its sidecar must remain inside the trusted root.
  • They cannot overwrite the verification report, report manifest, task state, review record, or approval token.
  • A repeated supervision run may replace its own prior decision artifacts without misclassifying them as unexplained repository drift.
  • The decision schema structurally enforces that only pass can produce advance.

Tests and verification performed locally

  • Full pytest suite
  • Coverage gate at the repository floor
  • Ruff over the full repository
  • mypy using the repository configuration
  • scripts/check_sync.py
  • scripts/check_no_reference_text.py
  • scripts/spec_verify.py --gate
  • scripts/validate_version.py
  • eval/benchmark.py --gate
  • Wheel build and wheel-content inspection
  • Clean virtual environment installation
  • Smoke checks for mergen, mergen supervise, and mergen-supervise
  • End-to-end external authority smoke test that generates a live report and advances only after the installed supervisor independently re-verifies it

Product identity

The repository keeps its existing mergen package name, version 2.0.0, and Apache-2.0 license. /mergen-agent remains the execution coordinator. It can produce work and evidence, but it cannot issue the final advancement decision.

Governor acknowledgement

Governor-Ack: high-trust

This change intentionally touches package metadata, policy and approval semantics, live verification, and final advancement authority. Those are high-trust concerns even though the runtime is offline, deterministic, and standard-library-only.

*Total -- 2,691.89kb -> 2,613.68kb (2.91%)

/assets/mergen-emblem.png -- 2,690.28kb -> 2,612.11kb (2.91%)
/assets/social-preview.svg -- 1.62kb -> 1.57kb (2.84%)

Signed-off-by: ImgBotApp <ImgBotHelp@gmail.com>
@imgbot
imgbot Bot requested a review from OnourImpram as a code owner July 4, 2026 22:49
@OnourImpram OnourImpram changed the title [ImgBot] Optimize images feat: establish fail-closed milestone supervision authority Jul 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant