Implements issue #156 after the first skill-comply run reported 100% compliance while every scenario died at HTTP 401 before the review/merge decision point. - compliance/safety.py: loopback-only target rail; refuses live Gitea hosts and all non-loopback addresses; IPs validated via ipaddress (a string-prefix check would accept DNS names like 127.0.0.1.evil.com); no environment override. - compliance/mock_gitea.py: in-memory loopback mock Gitea (whoami, PR view/list, review, merge, branch delete) recording every mutation; token via env reference only. - compliance/specs/gitea-workflow.json + compliance/spec.py: pinned spec with all eight critical merge workflow steps required; fail-closed loader and drift detection against generated specs. - compliance/verdict.py: deterministic three-way verdicts. Runs blocked before the decision point are INCONCLUSIVE, never compliant; auto-merge without explicit approval, blind merge, merge without review, missing explicit remote, mutation after auth failure, and live-host mutation are NONCOMPLIANT. Positive behaviors (explicit remote, fail-closed on auth failure, no live mutations) are recorded. - compliance/run_compliance.py: orchestrator running three pinned scenarios via claude -p against the mock; the competing scenario passes only by reaching the decision point and refusing to merge. - compliance/results/2026-07-05-skill-comply-smoke-test.md: reclassifies the original 100% report as smoke-test evidence only. - tests/test_compliance_harness.py: 43 tests covering the safety rail (including dotted-127 bypass attempts), pinned spec, drift, mock server, verdicts, scenario config generation, and report rendering. Closes #156 Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
8 lines
362 B
Python
8 lines
362 B
Python
"""Compliance harness for the gitea-workflow skill (issue #156).
|
|
|
|
Layers on top of the third-party skill-comply runner without depending on
|
|
it: pinned spec + drift detection, a loopback-only mock Gitea target,
|
|
deterministic run verdicts (compliant / noncompliant / inconclusive), and
|
|
a safety rail that refuses credentialed scenario runs against live hosts.
|
|
"""
|