Skip to content

chore: dogfood tracking — artifacts, STPA, STPA-Sec for v0.3.1 work#110

Merged
avrabe merged 2 commits intomainfrom
feat/dogfood-tracking
Apr 2, 2026
Merged

chore: dogfood tracking — artifacts, STPA, STPA-Sec for v0.3.1 work#110
avrabe merged 2 commits intomainfrom
feat/dogfood-tracking

Conversation

@avrabe
Copy link
Copy Markdown
Contributor

@avrabe avrabe commented Apr 2, 2026

Summary

Rivet eating its own dog food: all v0.3.1 work is now tracked as rivet artifacts with STPA safety analysis.

Artifacts (25 new)

  • 19 features (FEAT-074 to FEAT-092): embed system, snapshots, delta, MCP, convergence tracking, rivet get, LSP fixes, EU AI Act, GSN, STPA-for-AI, schema guidance
  • 6 design decisions (DD-042 to DD-047): closure-based embeds, snapshot auto-detection, raw JSON-RPC for MCP, failure fingerprinting, diagnostic location fields, bridge schema design

STPA analysis (v0.3.1 implementation)

  • 4 losses, 6 hazards, 6 system constraints
  • Covers: snapshot integrity, delta baseline selection, MCP state freshness, embed data currency, bridge conflicts, hash collisions

STPA-Sec analysis (v0.3.1 security surface)

  • 3 losses, 4 hazards, 5 security constraints
  • Covers: snapshot tampering, MCP access control, embed injection, deserialization safety

Updated

  • AGENTS.md regenerated (518 artifacts, 19 types)

Test plan

  • cargo run -- validate — new artifacts clean (0 new errors)
  • cargo run -- stats — 518 total artifacts

🤖 Generated with Claude Code

avrabe added 2 commits April 1, 2026 22:13
@avrabe
chore: track v0.3.1 features and design decisions as rivet artifacts
38fb6c1 
19 new features (FEAT-074 to FEAT-092) and 6 design decisions
(DD-042 to DD-047) covering all work shipped on 2026-04-01:
embed system, snapshots, delta rendering, MCP server, convergence
tracking, rivet get, LSP fixes, EU AI Act, GSN safety cases,
STPA-for-AI, schema guidance, and STPA self-analysis.

Regenerated AGENTS.md (518 artifacts, 19 types).
@avrabe
safety: STPA + STPA-Sec analysis of v0.3.1 implementation
835b253 
STPA analysis (safety/stpa/v031-implementation.yaml):
- 4 losses: stale export, wrong MCP data, bad traceability, wrong escalation
- 6 hazards: corrupt snapshot, wrong baseline, stale MCP, stale embeds,
  bridge conflicts, hash collisions
- 6 system constraints: SC-IMPL-001 to SC-IMPL-006

STPA-Sec analysis (safety/stpa-sec/v031-security.yaml):
- 3 losses: artifact tampering, info disclosure, code injection
- 4 hazards: no snapshot integrity, no MCP auth, untrusted embed input,
  unbounded deserialization
- 5 security constraints: SSC-IMPL-001 to SSC-IMPL-005
@avrabe avrabe merged commit c113cd0 into main Apr 2, 2026
12 of 13 checks passed
@avrabe avrabe deleted the feat/dogfood-tracking branch April 2, 2026 02:15
@codecov
Copy link
Copy Markdown

codecov bot commented Apr 2, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avrabe