Documentation
¶
Index ¶
- Constants
- func DefaultEvidencePacketPath(statePath string) string
- func DefaultPath(statePath string) string
- func DefaultSessionPath(statePath string) string
- func IsUnrecognizedSessionArtifact(err error) bool
- func Save(path string, bundle Bundle) error
- func SaveEvidencePacketBundle(path string, bundle EvidencePacketBundle) error
- func SaveSessionBundle(path string, bundle SessionBundle) error
- func ValidateEvidencePacketJSON(payload []byte) error
- func ValidateExternalControlEvidenceJSON(payload []byte) error
- func ValidateSessionJSON(payload []byte) error
- type Bundle
- type Correlation
- type EvidencePacket
- type EvidencePacketBundle
- func LoadEvidencePacketBundle(path string) (EvidencePacketBundle, error)
- func LoadOptionalEvidencePacketBundle(statePath string) (EvidencePacketBundle, string, error)
- func MergeEvidencePacketBundles(bundles ...EvidencePacketBundle) EvidencePacketBundle
- func NormalizeEvidencePacketBundle(bundle EvidencePacketBundle) (EvidencePacketBundle, error)
- func ProjectSessionsToEvidencePacketBundle(bundle SessionBundle) EvidencePacketBundle
- type EvidencePacketCorrelation
- type EvidencePacketSummary
- type Record
- type SessionBundle
- type SessionCorrelation
- type SessionRecord
- type SessionSummary
- type Summary
Constants ¶
View Source
const ( RecordKindRuntime = "runtime" RecordKindExternalControl = "external_control" EvidenceClassPolicyDecision = "policy_decision" EvidenceClassApproval = "approval" EvidenceClassJITCredential = "jit_credential" // #nosec G101 -- Deterministic runtime evidence label, not credential material. EvidenceClassFreezeWindow = "freeze_window" EvidenceClassKillSwitch = "kill_switch" EvidenceClassActionOutcome = "action_outcome" EvidenceClassProofVerify = "proof_verification" EvidenceClassOwnerAssignment = "owner_assignment" EvidenceClassPolicyRecord = "policy_record" EvidenceClassBranchProtection = "branch_protection" EvidenceClassProtectedEnvironment = "protected_environment" EvidenceClassDeploymentApproval = "deployment_approval" EvidenceClassRequiredCheck = "required_check" EvidenceClassSecurityGate = "security_gate" EvidenceClassOther = "other" CorrelationStatusMatched = "matched" CorrelationStatusUnmatched = "unmatched" CorrelationStatusStale = "stale" CorrelationStatusConflict = "conflict" )
View Source
const ( SessionProviderCodex = "codex" SessionProviderClaudeCode = "claude_code" SessionProviderCursor = "cursor" SessionProviderCopilot = "copilot" SessionProviderGait = "gait" SessionProviderUnknown = "unknown" )
View Source
const EvidencePacketSchemaVersion = "v1"
View Source
const SchemaVersion = "v1"
View Source
const SessionSchemaVersion = "v1"
Variables ¶
This section is empty.
Functions ¶
func DefaultEvidencePacketPath ¶ added in v1.6.0
func DefaultPath ¶
func DefaultSessionPath ¶ added in v1.6.0
func IsUnrecognizedSessionArtifact ¶ added in v1.6.0
func SaveEvidencePacketBundle ¶ added in v1.6.0
func SaveEvidencePacketBundle(path string, bundle EvidencePacketBundle) error
func SaveSessionBundle ¶ added in v1.6.0
func SaveSessionBundle(path string, bundle SessionBundle) error
func ValidateEvidencePacketJSON ¶ added in v1.6.0
func ValidateExternalControlEvidenceJSON ¶ added in v1.6.0
func ValidateSessionJSON ¶ added in v1.6.0
Types ¶
type Bundle ¶
type Bundle struct {
SchemaVersion string `json:"schema_version"`
GeneratedAt string `json:"generated_at"`
Records []Record `json:"records"`
}
func MergeRuntimeBundles ¶ added in v1.6.0
func ProjectSessionsToRuntimeBundle ¶ added in v1.6.0
func ProjectSessionsToRuntimeBundle(bundle SessionBundle) Bundle
type Correlation ¶
type Correlation struct {
PathID string `json:"path_id"`
AgentID string `json:"agent_id,omitempty"`
RecordKinds []string `json:"record_kinds,omitempty"`
SourceTypes []string `json:"source_types,omitempty"`
Tool string `json:"tool,omitempty"`
Repo string `json:"repo,omitempty"`
Service string `json:"service,omitempty"`
Workflow string `json:"workflow,omitempty"`
Environment string `json:"environment,omitempty"`
Path string `json:"path,omitempty"`
Location string `json:"location,omitempty"`
Target string `json:"target,omitempty"`
Status string `json:"status"`
EvidenceClasses []string `json:"evidence_classes,omitempty"`
ActionClasses []string `json:"action_classes,omitempty"`
Sources []string `json:"sources,omitempty"`
PolicyRefs []string `json:"policy_refs,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
GraphNodeRefs []string `json:"graph_node_refs,omitempty"`
GraphEdgeRefs []string `json:"graph_edge_refs,omitempty"`
RecordIDs []string `json:"record_ids,omitempty"`
RequiredChecks []string `json:"required_checks,omitempty"`
Owners []string `json:"owners,omitempty"`
UnmatchedReasons []string `json:"unmatched_reasons,omitempty"`
LatestObservedAt string `json:"latest_observed_at,omitempty"`
FreshnessState string `json:"freshness_state,omitempty"`
FreshnessStates []string `json:"freshness_states,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
}
type EvidencePacket ¶ added in v1.6.0
type EvidencePacket struct {
PacketID string `json:"packet_id,omitempty"`
Source string `json:"source"`
SourceType string `json:"source_type,omitempty"`
Provider string `json:"provider,omitempty"`
ProviderURL string `json:"provider_url,omitempty"`
Repo string `json:"repo,omitempty"`
Workflow string `json:"workflow,omitempty"`
PathID string `json:"path_id,omitempty"`
AgentID string `json:"agent_id,omitempty"`
PullRequestRef string `json:"pull_request_ref,omitempty"`
Owner string `json:"owner,omitempty"`
Task string `json:"task,omitempty"`
Title string `json:"title,omitempty"`
FilesTouched []string `json:"files_touched,omitempty"`
DiffRefs []string `json:"diff_refs,omitempty"`
DiffDigests []string `json:"diff_digests,omitempty"`
AutonomyTier string `json:"autonomy_tier,omitempty"`
DelegationReadinessState string `json:"delegation_readiness_state,omitempty"`
Permissions []string `json:"permissions,omitempty"`
Credentials []string `json:"credentials,omitempty"`
Tests []string `json:"tests,omitempty"`
Reviewers []string `json:"reviewers,omitempty"`
Approvals []string `json:"approvals,omitempty"`
DeploymentEnvironments []string `json:"deployment_environments,omitempty"`
PolicyVerdict string `json:"policy_verdict,omitempty"`
ExceptionRefs []string `json:"exception_refs,omitempty"`
Result string `json:"result,omitempty"`
MissingEvidenceState string `json:"missing_evidence_state,omitempty"`
MissingEvidence []string `json:"missing_evidence,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
GraphNodeRefs []string `json:"graph_node_refs,omitempty"`
GraphEdgeRefs []string `json:"graph_edge_refs,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty"`
ObservedAt string `json:"observed_at"`
RedactionHints []string `json:"redaction_hints,omitempty"`
}
type EvidencePacketBundle ¶ added in v1.6.0
type EvidencePacketBundle struct {
SchemaVersion string `json:"schema_version"`
GeneratedAt string `json:"generated_at"`
Packets []EvidencePacket `json:"packets"`
}
func LoadEvidencePacketBundle ¶ added in v1.6.0
func LoadEvidencePacketBundle(path string) (EvidencePacketBundle, error)
func LoadOptionalEvidencePacketBundle ¶ added in v1.6.0
func LoadOptionalEvidencePacketBundle(statePath string) (EvidencePacketBundle, string, error)
func MergeEvidencePacketBundles ¶ added in v1.6.0
func MergeEvidencePacketBundles(bundles ...EvidencePacketBundle) EvidencePacketBundle
func NormalizeEvidencePacketBundle ¶ added in v1.6.0
func NormalizeEvidencePacketBundle(bundle EvidencePacketBundle) (EvidencePacketBundle, error)
func ProjectSessionsToEvidencePacketBundle ¶ added in v1.6.0
func ProjectSessionsToEvidencePacketBundle(bundle SessionBundle) EvidencePacketBundle
type EvidencePacketCorrelation ¶ added in v1.6.0
type EvidencePacketCorrelation struct {
PacketID string `json:"packet_id"`
PathID string `json:"path_id,omitempty"`
AgentID string `json:"agent_id,omitempty"`
Repo string `json:"repo,omitempty"`
Workflow string `json:"workflow,omitempty"`
PullRequestRef string `json:"pull_request_ref,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
Status string `json:"status"`
Result string `json:"result,omitempty"`
MissingEvidenceState string `json:"missing_evidence_state,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
GraphNodeRefs []string `json:"graph_node_refs,omitempty"`
GraphEdgeRefs []string `json:"graph_edge_refs,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty"`
MissingEvidence []string `json:"missing_evidence,omitempty"`
}
type EvidencePacketSummary ¶ added in v1.6.0
type EvidencePacketSummary struct {
ArtifactPath string `json:"artifact_path,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
TotalPackets int `json:"total_packets"`
MatchedPackets int `json:"matched_packets"`
UnmatchedPackets int `json:"unmatched_packets"`
Correlations []EvidencePacketCorrelation `json:"correlations,omitempty"`
}
func CorrelateEvidencePackets ¶ added in v1.6.0
func CorrelateEvidencePackets(snapshot state.Snapshot, artifactPath string, bundle EvidencePacketBundle) EvidencePacketSummary
type Record ¶
type Record struct {
RecordKind string `json:"record_kind,omitempty"`
SourceType string `json:"source_type,omitempty"`
SourcePrecedenceKey string `json:"source_precedence_key,omitempty"`
RecordID string `json:"record_id"`
PathID string `json:"path_id,omitempty"`
AgentID string `json:"agent_id,omitempty"`
Tool string `json:"tool,omitempty"`
Repo string `json:"repo,omitempty"`
Service string `json:"service,omitempty"`
Workflow string `json:"workflow,omitempty"`
Environment string `json:"environment,omitempty"`
Path string `json:"path,omitempty"`
Location string `json:"location,omitempty"`
Target string `json:"target,omitempty"`
ActionClasses []string `json:"action_classes,omitempty"`
PolicyRef string `json:"policy_ref,omitempty"`
ProofRef string `json:"proof_ref,omitempty"`
GraphNodeRefs []string `json:"graph_node_refs,omitempty"`
GraphEdgeRefs []string `json:"graph_edge_refs,omitempty"`
Source string `json:"source"`
Issuer string `json:"issuer,omitempty"`
ObservedAt string `json:"observed_at"`
ValidUntil string `json:"valid_until,omitempty"`
MaxAge string `json:"max_age,omitempty"`
Confidence string `json:"confidence,omitempty"`
FreshnessState string `json:"freshness_state,omitempty"`
RedactionHints []string `json:"redaction_hints,omitempty"`
EvidenceClass string `json:"evidence_class"`
Status string `json:"status,omitempty"`
EvidenceRefs []string `json:"evidence_refs,omitempty"`
Owner string `json:"owner,omitempty"`
RequiredChecks []string `json:"required_checks,omitempty"`
Branch string `json:"branch,omitempty"`
}
type SessionBundle ¶ added in v1.6.0
type SessionBundle struct {
SchemaVersion string `json:"schema_version"`
GeneratedAt string `json:"generated_at"`
Sessions []SessionRecord `json:"sessions"`
}
func LoadOptionalSessionBundle ¶ added in v1.6.0
func LoadOptionalSessionBundle(statePath string) (SessionBundle, string, error)
func LoadSessionBundle ¶ added in v1.6.0
func LoadSessionBundle(path string) (SessionBundle, error)
func NormalizeSessionBundle ¶ added in v1.6.0
func NormalizeSessionBundle(bundle SessionBundle) (SessionBundle, error)
func ParseSessionBundleJSON ¶ added in v1.6.0
func ParseSessionBundleJSON(payload []byte) (SessionBundle, error)
type SessionCorrelation ¶ added in v1.6.0
type SessionCorrelation struct {
SessionID string `json:"session_id"`
PathID string `json:"path_id,omitempty"`
AgentID string `json:"agent_id,omitempty"`
Provider string `json:"provider,omitempty"`
RunID string `json:"run_id,omitempty"`
Repo string `json:"repo,omitempty"`
Workflow string `json:"workflow,omitempty"`
PullRequestRef string `json:"pull_request_ref,omitempty"`
MergeRequestRef string `json:"merge_request_ref,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
Status string `json:"status"`
Outcome string `json:"outcome,omitempty"`
PromptRef string `json:"prompt_ref,omitempty"`
ResponseRef string `json:"response_ref,omitempty"`
ObservedActions []string `json:"observed_actions,omitempty"`
ChangedFiles []string `json:"changed_files,omitempty"`
FileWrites []string `json:"file_writes,omitempty"`
Approvals []string `json:"approvals,omitempty"`
PolicyDecisions []string `json:"policy_decisions,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
GraphNodeRefs []string `json:"graph_node_refs,omitempty"`
GraphEdgeRefs []string `json:"graph_edge_refs,omitempty"`
SourceArtifactRefs []string `json:"source_artifact_refs,omitempty"`
RedactionHints []string `json:"redaction_hints,omitempty"`
}
type SessionRecord ¶ added in v1.6.0
type SessionRecord struct {
SessionID string `json:"session_id,omitempty"`
Provider string `json:"provider"`
RunID string `json:"run_id,omitempty"`
Status string `json:"status,omitempty"`
PathID string `json:"path_id,omitempty"`
AgentID string `json:"agent_id,omitempty"`
Repo string `json:"repo,omitempty"`
Workflow string `json:"workflow,omitempty"`
PullRequestRef string `json:"pull_request_ref,omitempty"`
MergeRequestRef string `json:"merge_request_ref,omitempty"`
AuthorRefs []string `json:"author_refs,omitempty"`
ReviewerRefs []string `json:"reviewer_refs,omitempty"`
Tool string `json:"tool,omitempty"`
ProviderURL string `json:"provider_url,omitempty"`
PromptRef string `json:"prompt_ref,omitempty"`
ResponseRef string `json:"response_ref,omitempty"`
ChangedFiles []string `json:"changed_files,omitempty"`
Commands []string `json:"commands,omitempty"`
Actions []string `json:"actions,omitempty"`
FileWrites []string `json:"file_writes,omitempty"`
Approvals []string `json:"approvals,omitempty"`
PolicyDecisions []string `json:"policy_decisions,omitempty"`
CredentialSubjects []string `json:"credential_subjects,omitempty"`
Declarations []string `json:"declarations,omitempty"`
ProofRefs []string `json:"proof_refs,omitempty"`
GraphNodeRefs []string `json:"graph_node_refs,omitempty"`
GraphEdgeRefs []string `json:"graph_edge_refs,omitempty"`
Outcome string `json:"outcome,omitempty"`
StartedAt string `json:"started_at,omitempty"`
CompletedAt string `json:"completed_at,omitempty"`
SourceArtifactRefs []string `json:"source_artifact_refs,omitempty"`
RedactionHints []string `json:"redaction_hints,omitempty"`
}
type SessionSummary ¶ added in v1.6.0
type SessionSummary struct {
ArtifactPath string `json:"artifact_path,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
TotalSessions int `json:"total_sessions"`
MatchedSessions int `json:"matched_sessions"`
UnmatchedSessions int `json:"unmatched_sessions"`
StaleSessions int `json:"stale_sessions,omitempty"`
ConflictingSession int `json:"conflicting_sessions,omitempty"`
Correlations []SessionCorrelation `json:"correlations,omitempty"`
}
func CorrelateSessions ¶ added in v1.6.0
func CorrelateSessions(snapshot state.Snapshot, artifactPath string, bundle SessionBundle) SessionSummary
type Summary ¶
type Summary struct {
ArtifactPath string `json:"artifact_path,omitempty"`
BoundaryLabel string `json:"boundary_label,omitempty"`
TotalRecords int `json:"total_records"`
RuntimeRecords int `json:"runtime_records,omitempty"`
ExternalControlRecords int `json:"external_control_records,omitempty"`
MatchedRecords int `json:"matched_records"`
UnmatchedRecords int `json:"unmatched_records"`
Correlations []Correlation `json:"correlations,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.