amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

v0.7.2: Merkle provenance audit + RCE flake fix — TDD

Browse Source 
audit-node exposes memory-object lineage (type, hash, scope, version).
/audit <node-id> TUI command. /audit verify deferred.

Fixed RCE test flake: assemble-config-section used getf on
non-plist cascade entries. Wrapped in handler-case. Also fixed
~/ format directive escape. Core reason: 35/35. Core: 81/81.
This commit is contained in:
Amr Gharbeia
2026-05-08 18:03:24 -04:00
parent df09ac321d
commit 11c43f76fa
7 changed files with 95 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
org/channel-tui-main.org
View File

@@ -182,6 +182,18 @@ Event handlers + daemon I/O + main loop.
(when (fboundp 'load-identity-file)
(funcall 'load-identity-file))
(add-msg :system "Identity reloaded")))
;; /audit command — Merkle provenance
((and (>= (length text) 7) (string-equal (subseq text 0 7) "/audit "))
(if (fboundp 'audit-node)
(let* ((node-id (string-trim '(#\Space) (subseq text 7)))
(info (funcall 'audit-node node-id)))
(if info
(add-msg :system (format nil "Node ~a: type=~a scope=~a hash=~a"
(getf info :id) (getf info :type)
(getf info :scope)
(subseq (or (getf info :hash) "(none)") 0 16)))
(add-msg :system (format nil "Node ~a not found" node-id))))
(add-msg :system "Memory audit not available")))
((string-equal text "/help")
(add-msg :system
"/focus <proj> Set project context")

27
org/core-memory.org
View File

@@ -405,6 +405,18 @@ Restores memory state from a previously saved snapshot file. Called during boot
(progn (log-message "REDO: No snapshots to redo") nil)))
#+end_src
** Merkle Audit
#+begin_src lisp
(defun audit-node (node-id)
"Return audit info for a memory object by ID."
(let ((obj (memory-object-get node-id)))
(when obj
(list :id node-id :type (memory-object-type obj)
:version (memory-object-version obj)
:hash (or (memory-object-hash obj) "(none)")
:scope (memory-object-scope obj)))))
#+end_src
* Test Suite
Verifies that the Merkle hash is deterministic and consistent across independent AST ingestions.
#+begin_src lisp
@@ -515,4 +527,19 @@ Verifies that the Merkle hash is deterministic and consistent across independent
(progn (setf passepartout::*undo-stack* nil)
(is (null (passepartout::undo))))
(setf passepartout::*undo-stack* orig-undo))))
(test test-audit-node-found
"Contract v0.7.2: audit-node returns info for existing object."
(clrhash passepartout::*memory-store*)
(setf (gethash "audit-1" passepartout::*memory-store*)
(passepartout::make-memory-object :id "audit-1" :type :HEADLINE
:version 1 :hash "abc123" :scope :memex))
(let ((info (passepartout::audit-node "audit-1")))
(is (not (null info)))
(is (eq :HEADLINE (getf info :type)))
(is (string= "abc123" (getf info :hash)))))
(test test-audit-node-not-found
"Contract v0.7.2: audit-node returns nil for nonexistent id."
(is (null (passepartout::audit-node "nonexistent-xxxx"))))
#+end_src

6
org/core-reason.org
View File

@@ -239,11 +239,13 @@ each cascade call via ~cost-track-backend-call~. All four calls are
(when (boundp '*provider-cascade*)
(setf provider-names
(format nil "~{~a~^, ~}"
(mapcar (lambda (p) (getf p :model))
(mapcar (lambda (p)
(handler-case (or (getf p :model) (getf p :provider) "")
(error () (princ-to-string p))))
(symbol-value '*provider-cascade*)))))
(when (boundp '*hitl-pending*)
(setf rules-count (hash-table-count (symbol-value '*hitl-pending*))))
(format nil "CONFIG: You are Passepartout v0.7.2. Provider: ~a. Context: ~d tokens. Security gates: ~d active. Rules learned: ~d. Documentation: ~/memex/projects/passepartout/docs/USER_MANUAL.org."
(format nil "CONFIG: You are Passepartout v0.7.2. Provider: ~a. Context: ~d tokens. Security gates: ~d active. Rules learned: ~d. Documentation: USER_MANUAL.org."
(if (string= provider-names "") "default" provider-names)
context-window gate-count rules-count)))