fix(review): harden #211 decision lock and CLI gate per review blockers
- Bind review decision state to in-process session (pid + profile lock); drop /tmp file path. - Fail closed on review_pr.py CLI; route live reviews through gated MCP tools only. - Require operator_authorized on review correction; allow re-mark after correction. - Validate remote/org/repo on mark and submit; wire review mutation proof into build_final_report. - Add security regression tests for spoofed locks, correction flow, and CLI bypass. Refs #211
This commit is contained in:
+7
-1
@@ -634,7 +634,8 @@ def build_final_report(checkout_proof, inventory, validation, contamination,
|
||||
identity_eligible, merge_performed,
|
||||
issue_status_verified,
|
||||
capability_evidence=None, sweep=None, live_state=None,
|
||||
role_boundary=None, review_mutation=None):
|
||||
role_boundary=None, review_mutation=None,
|
||||
report_text=None, review_decision_lock=None):
|
||||
"""Required behavior 6 + acceptance criteria: one report, distinct proofs.
|
||||
|
||||
Combines the individual proof verdicts into the final-report fields the
|
||||
@@ -655,6 +656,11 @@ def build_final_report(checkout_proof, inventory, validation, contamination,
|
||||
|
||||
#211: the report must also carry the review mutation proof (``assess_review_mutation_final_report``).
|
||||
"""
|
||||
if review_mutation is None and report_text is not None:
|
||||
review_mutation = assess_review_mutation_final_report(
|
||||
report_text, review_decision_lock
|
||||
)
|
||||
|
||||
contamination_status = contamination.get("status", "unknown")
|
||||
checkout_proven = bool(checkout_proof.get("proven"))
|
||||
validation_claimable = bool(validation.get("claimable"))
|
||||
|
||||
Reference in New Issue
Block a user