Skip to content

Commit e4e75b1

Browse files
Haofeiclaude
andcommitted
Update e2e demo with the new gating flow (review #1-#10)
run.sh + README now also demonstrate, on the same before/after package: - reir report-pr reconciliation under examples/rss-policy.toml with SARIF output (the PR's new network.client is missing from the deployment grants -> gate exit 1, SARIF error); - rss pkg review --markdown (PR-facing render); - rss native audit (adapter risk facts, transitive = not_audited); - rss pkg metadata fail-closed on a parse error (no REIR written); - rss check --explain RS0015 --json (machine-readable diagnostic for agents). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
1 parent 3872529 commit e4e75b1

2 files changed

Lines changed: 105 additions & 8 deletions

File tree

examples/capability-review-demo/README.md

Lines changed: 30 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -90,11 +90,38 @@ supply-chain provider swap can't slip through unnoticed.
9090
[high] databse.raed via Db.query -- capability binding uses unrecognized category `databse.raed`
9191
```
9292

93+
### Gate — reconcile required vs granted (policy + SARIF)
94+
95+
The deployment grants the package's powers *except* the new outbound network the
96+
PR introduced. `reir report-pr` reconciles them under a policy and fails closed:
97+
98+
```
99+
$ reir report-pr --policy examples/rss-policy.toml --target prod --sarif
100+
error missing_capability - Required capability not granted by target: NetworkClient / reqwest
101+
gate exit code: 1 (non-zero = blocked)
102+
```
103+
104+
The SARIF output uploads to GitHub code scanning for inline PR annotations.
105+
106+
### Render, audit, fail-closed, agent
107+
108+
```
109+
$ rss pkg review --markdown after # PR-facing review (capabilities table, native, diagnostics)
110+
$ rss native audit after # native adapter risk (Cargo.lock/build.rs/scan; transitive = not_audited)
111+
$ rss pkg metadata <broken package> # exit 1, no REIR written — evidence withheld for invalid source
112+
$ rss check --explain RS0015 --json # machine-readable diagnostic + repair guidance for agents
113+
```
114+
93115
## The pipeline
94116

95117
```
96118
declare capabilities (rsspkg.toml)
97-
-> rss pkg review risk-ranked powers
98-
-> rss pkg diff added / removed / escalated powers
99-
-> rss pkg lock capability-aware review_hash (provider pinned)
119+
-> rss pkg review [--markdown] risk-ranked powers (human / JSON / markdown)
120+
-> rss pkg diff added / removed / escalated powers
121+
-> rss pkg lock capability-aware review_hash (provider pinned)
122+
-> reir collect | report-pr reconcile required vs granted under rss-policy.toml
123+
--policy --target fail on missing / unknown / excess / unverified
124+
--sarif inline PR annotations via GitHub code scanning
125+
-> rss native audit native adapter risk facts (transitive = not_audited)
126+
fail closed: invalid source (rss pkg metadata / reir collect --strict) emits no evidence
100127
```

examples/capability-review-demo/run.sh

Lines changed: 75 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,17 @@
11
#!/usr/bin/env bash
22
# End-to-end demo of RSScript's capability-aware review pipeline.
33
#
4-
# Phase 1 rss pkg review — list a package's powers, ranked by risk
5-
# Phase 3 rss pkg diff — what powers did a change introduce?
6-
# Phase 2 rss pkg lock — a provider swap changes the review hash
7-
# Phase 0 rss check — effect-annotated closures parse; bad category flagged
4+
# rss pkg review — list a package's powers, ranked by risk
5+
# rss pkg diff — what powers did a change introduce?
6+
# rss pkg lock — a provider swap changes the review hash
7+
# rss check — effect-annotated closures parse; bad category flagged
8+
# reir report-pr — reconcile required vs granted with a policy, emit SARIF
9+
# rss pkg review --markdown — PR-facing review render
10+
# rss native audit — native adapter risk facts
11+
# rss pkg metadata — fail closed: invalid source yields no evidence
12+
# rss check --explain --json— machine-readable diagnostic for agents
813
#
9-
# Run from anywhere; it locates the repo root and builds `rss` if needed.
14+
# Run from anywhere; it locates the repo root and builds `rss`/`reir` if needed.
1015
set -euo pipefail
1116

1217
here="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -25,6 +30,16 @@ else
2530
RSS="$root/target/debug/rss"
2631
fi
2732

33+
if [[ -x "$root/target/debug/reir" ]]; then
34+
REIR="$root/target/debug/reir"
35+
elif [[ -x "$root/target/release/reir" ]]; then
36+
REIR="$root/target/release/reir"
37+
else
38+
echo "building reir ..." >&2
39+
(cd "$root" && cargo build --quiet --bin reir -p reir)
40+
REIR="$root/target/debug/reir"
41+
fi
42+
2843
rule() { printf '\n=== %s ===\n\n' "$1"; }
2944

3045
rule "PHASE 1 — capability-aware review (powers ranked by risk)"
@@ -73,4 +88,59 @@ sed -i.bak 's/category = "database.read"/category = "databse.raed"/' "$bogus/rss
7388
echo "\$ rss pkg review <package with a typo'd category 'databse.raed'>"
7489
"$RSS" pkg review "$bogus" | sed -n '/capabilities (by risk)/,/^exports:/p' | grep -v '^exports:' || true
7590

91+
rule "GATE — reconcile required vs granted (policy + SARIF)"
92+
work="$(mktemp -d)"
93+
"$RSS" pkg review --json "$after" > "$work/after-review.json" 2>/dev/null || true
94+
"$REIR" collect --producer rsscript --package-review "$work/after-review.json" \
95+
--out "$work/required.reir.json" >/dev/null
96+
# The deployment grants the package's powers EXCEPT the new outbound network the
97+
# PR introduced (infra wasn't updated) — derived from the real required facts.
98+
python3 - "$work/required.reir.json" "$work/granted.reir.json" <<'PY'
99+
import json, sys
100+
req = json.load(open(sys.argv[1]))
101+
facts = []
102+
for fact in req.get("facts", []):
103+
cap = fact.get("capability") or {}
104+
if cap.get("category") == "network.client":
105+
continue # infra did not grant the new power
106+
if fact.get("role") == "required":
107+
fact = dict(fact, role="granted")
108+
facts.append(fact)
109+
json.dump({**req, "facts": facts}, open(sys.argv[2], "w"))
110+
PY
111+
echo "\$ reir report-pr --policy examples/rss-policy.toml --target prod --sarif"
112+
set +e
113+
"$REIR" report-pr --required "$work/required.reir.json" --granted "$work/granted.reir.json" \
114+
--policy "$root/examples/rss-policy.toml" --target prod --sarif 2>/dev/null \
115+
| python3 -c "import sys,json; d=json.load(sys.stdin); [print(' ', r['level'], r['ruleId'], '-', r['message']['text']) for r in d['runs'][0]['results']]"
116+
"$REIR" report-pr --required "$work/required.reir.json" --granted "$work/granted.reir.json" \
117+
--policy "$root/examples/rss-policy.toml" --target prod >/dev/null 2>&1
118+
echo " gate exit code: $? (non-zero = blocked)"
119+
set -e
120+
121+
rule "RENDER — markdown review for a PR"
122+
echo "\$ rss pkg review --markdown after"
123+
"$RSS" pkg review --markdown "$after" | sed -n '1,14p'
124+
125+
rule "NATIVE AUDIT — adapter risk facts"
126+
echo "\$ rss native audit after"
127+
"$RSS" native audit "$after" 2>/dev/null || true
128+
129+
rule "FAIL CLOSED — invalid source yields no authoritative evidence"
130+
broken="$(mktemp -d)/broken"
131+
cp -r "$after" "$broken"
132+
printf '\nnative fn Broken.x(a: read String -> String\n' >> "$broken/interface/lib.rssi"
133+
echo "\$ rss pkg metadata <package with a parse error>"
134+
set +e
135+
"$RSS" pkg metadata "$broken" >/dev/null 2>&1
136+
echo " metadata exit code: $? (non-zero = refused)"
137+
set -e
138+
test -f "$broken/review/reir/rsscript.json" \
139+
&& echo " REIR written (unexpected)" \
140+
|| echo " REIR bundle NOT written — evidence withheld for invalid source"
141+
142+
rule "AGENT — machine-readable diagnostic explanation"
143+
echo "\$ rss check --explain RS0015 --json"
144+
"$RSS" check --explain RS0015 --json 2>/dev/null || true
145+
76146
printf '\nDone.\n'

0 commit comments

Comments
 (0)