jordan/stemedb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
cce54358d2
stemedb/.aphoria/claims.toml
jml 6430ff0fd6 fix(aphoria): move claims.toml to project root and fix verify integration 
## Root Cause
Claims file was in applications/aphoria/.aphoria/ but all commands looked
for .aphoria/claims.toml relative to project root. Additionally, .aphoria/
was fully gitignored, preventing version control of claims.

## Changes

### Path Fixes
- Move claims.toml from applications/aphoria/.aphoria/ to .aphoria/ at project root
- Update .gitignore: .aphoria/ → .aphoria/* with !.aphoria/claims.toml exception
- Now claims can be version controlled while keys remain secret

### Verify Integration (Scanner)
- scanner.rs: Load claims from ClaimsFile and call verify_claims()
- ScanResult: Add verify field with VerifyReport
- Report formatters: Add claim verification sections showing PASS/CONFLICT/MISSING

### Clippy Fix
- report/json.rs: Replace filter().map().expect() with filter_map()

## Verification
- aphoria scan . → Shows claim verification with verdicts
- aphoria verify run → Per-claim verification results
- aphoria verify map → Extractor coverage mapping (7/10 claims = 70%)
- aphoria claims list → Reads from project root
- aphoria claims create → Writes to project root
- All tests pass (1120+ aphoria tests)
- clippy --workspace passes

## Impact
Both primary use cases now work:
1. Day-to-day (commit-time): Skills can read/create claims via CLI
2. Audit (scan-time): Scanner verifies code against authored claims

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-08 11:09:57 +00:00

169 lines
5.8 KiB
TOML
Raw Blame History

# Aphoria Claims - version controlled
#
# Human-authored claims with provenance, invariants, and consequences.
# Each claim represents a deliberate architectural decision or safety invariant.
#
# Manage with: aphoria claims create|list|explain|update|supersede|deprecate
[[claim]]
id = "aphoria-no-unwrap-001"
concept_path = "aphoria/production/error_handling"
predicate = "unwrap_count"
value = 0
comparison = "equals"
provenance = "CI clippy::unwrap_used lint at deny level"
invariant = "Production code MUST NOT use unwrap() or expect()"
consequence = "Runtime panics in production"
authority_tier = "expert"
evidence = ["CLAUDE.md critical rules", "Cargo.toml clippy config"]
category = "safety"
status = "active"
created_by = "jml"
created_at = "2026-02-08T12:00:00Z"
[[claim]]
id = "aphoria-bridge-tier-001"
concept_path = "aphoria/bridge/tier_assignment"
predicate = "default_tier"
value = "SourceClass::Community"
comparison = "present"
provenance = "Bridge module design: observations default to Community tier"
invariant = "Observation-to-assertion bridge MUST assign Community tier by default"
consequence = "Incorrect authority ranking in conflict detection"
authority_tier = "expert"
evidence = ["bridge.rs observation_to_assertion function"]
category = "architecture"
status = "active"
created_by = "jml"
created_at = "2026-02-08T12:00:00Z"
[[claim]]
id = "aphoria-lifecycle-skip-001"
concept_path = "aphoria/bridge/lifecycle"
predicate = "skips_pending"
value = true
comparison = "present"
provenance = "Bridge design: observations skip Pending and go directly to Approved"
invariant = "Observations bypass Pending lifecycle stage"
consequence = "Observations would be invisible to queries if stuck in Pending"
authority_tier = "expert"
evidence = ["bridge.rs observation_to_assertion"]
category = "architecture"
status = "active"
created_by = "jml"
created_at = "2026-02-08T12:00:00Z"
# --- Dogfood claims for flywheel testing ---
[[claim]]
id = "aphoria-tls-verify-001"
concept_path = "aphoria/tls/cert_verification"
predicate = "enabled"
value = false
comparison = "absent"
provenance = "RFC 5246 Section 7.4.2 - TLS certificate verification is mandatory"
invariant = "TLS certificate verification MUST NOT be disabled in production code"
consequence = "MITM attacks become trivial; all encrypted traffic can be intercepted"
authority_tier = "regulatory"
evidence = ["RFC 5246", "OWASP TLS Cheat Sheet"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
[[claim]]
id = "aphoria-no-tokio-core-001"
concept_path = "stemedb_core/imports/tokio"
predicate = "imported"
value = true
comparison = "absent"
provenance = "Architecture decision: stemedb-core must remain runtime-agnostic"
invariant = "stemedb-core MUST NOT import tokio to prevent runtime coupling"
consequence = "Core becomes tied to a specific async runtime, preventing embedding in non-tokio contexts"
authority_tier = "expert"
evidence = ["CLAUDE.md architecture overview", "stemedb-core Cargo.toml"]
category = "architecture"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
[[claim]]
id = "aphoria-no-md5-001"
concept_path = "aphoria/crypto/hashing/algorithm"
predicate = "algorithm"
value = "md5"
comparison = "not_equals"
provenance = "NIST SP 800-131A Rev 2 - MD5 is not approved for any cryptographic use"
invariant = "MD5 MUST NOT be used for hashing in any security context"
consequence = "Collision attacks are practical; signatures and integrity checks become meaningless"
authority_tier = "regulatory"
evidence = ["NIST SP 800-131A", "RFC 6151"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
[[claim]]
id = "aphoria-no-wildcard-cors-001"
concept_path = "aphoria/cors/allow_origin"
predicate = "config_value"
value = "*"
comparison = "absent"
provenance = "OWASP CORS Misconfiguration - Wildcard origin with credentials is a vulnerability"
invariant = "CORS MUST NOT use wildcard (*) origin in production services"
consequence = "Any origin can make credentialed cross-origin requests, bypassing same-origin policy"
authority_tier = "expert"
evidence = ["OWASP Testing Guide v4 - CORS", "CWE-942"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
[[claim]]
id = "aphoria-jwt-audience-001"
concept_path = "aphoria/jwt/audience_validation"
predicate = "enabled"
value = false
comparison = "absent"
provenance = "RFC 7519 Section 4.1.3 - The aud claim MUST be validated"
invariant = "JWT audience validation MUST NOT be disabled"
consequence = "Tokens issued for one service can be replayed against another"
authority_tier = "regulatory"
evidence = ["RFC 7519 Section 4.1.3"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
[[claim]]
id = "aphoria-hsts-enabled-001"
concept_path = "aphoria/security_headers/hsts"
predicate = "header_status"
value = "disabled"
comparison = "absent"
provenance = "RFC 6797 - HTTP Strict Transport Security must be enabled for HTTPS services"
invariant = "HSTS header MUST NOT be disabled on HTTPS-serving endpoints"
consequence = "Users can be downgraded to HTTP via SSL stripping attacks"
authority_tier = "regulatory"
evidence = ["RFC 6797", "OWASP Secure Headers Project"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
[[claim]]
id = "aphoria-no-hardcoded-secrets-001"
concept_path = "aphoria/secrets/api_key"
predicate = "storage_method"
value = "hardcoded"
comparison = "absent"
provenance = "OWASP Top 10 2021 - A07 Identification and Authentication Failures"
invariant = "API keys MUST NOT be hardcoded in source files"
consequence = "Secrets leak through version control; credential rotation requires code changes"
authority_tier = "expert"
evidence = ["OWASP Top 10 A07:2021", "CWE-798"]
category = "security"
status = "active"
created_by = "jml"
created_at = "2026-02-08T14:00:00Z"
Reference in New Issue View Git Blame Copy Permalink