docs: sync governance and validation with hardening pass
Update contributor, security, validation, and compute handoff documentation to reflect new runtime safeguards, CI gates, and expected regression checks. Made-with: Cursor
This commit is contained in:
@@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
**Owner:** Agent team
|
**Owner:** Agent team
|
||||||
**Status:** Active
|
**Status:** Active
|
||||||
**Last updated:** 2026-04-16
|
**Last updated:** 2026-04-16 (audit hardening pass)
|
||||||
|
|
||||||
**Canonical math:** [MATH_SPEC.md](MATH_SPEC.md)
|
**Canonical math:** [MATH_SPEC.md](MATH_SPEC.md)
|
||||||
**Agent rules:** [AGENTS.md](../AGENTS.md) at repo root
|
**Agent rules:** [AGENTS.md](../AGENTS.md) at repo root
|
||||||
@@ -161,6 +161,10 @@ This section is the execution plan for the next pass, optimized for "feature-ric
|
|||||||
### 8.1 Priority 1 — Correctness gates first
|
### 8.1 Priority 1 — Correctness gates first
|
||||||
|
|
||||||
- Build a field-sensitivity harness (per mapped input field, ±1% perturbation).
|
- Build a field-sensitivity harness (per mapped input field, ±1% perturbation).
|
||||||
|
- Implemented in this pass:
|
||||||
|
- safer stdin/file JSON ingestion guards in `solver-c/src/json_stdin.c`, `solver-c/src/main.c`, `solver-c/src/main_fea.c`,
|
||||||
|
- API 4xx envelope normalization with machine-readable `code`,
|
||||||
|
- GUI stale-run guard for async solve execution.
|
||||||
- Enforce invariants in solver outputs:
|
- Enforce invariants in solver outputs:
|
||||||
- finite values everywhere,
|
- finite values everywhere,
|
||||||
- gas fraction bounds,
|
- gas fraction bounds,
|
||||||
|
|||||||
@@ -10,3 +10,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||||||
### Added
|
### Added
|
||||||
|
|
||||||
- Initial public-ish repository layout: `solver-c`, `solver-api`, `gui-ts`, regression data, engineering docs, and agent handoff docs.
|
- Initial public-ish repository layout: `solver-c`, `solver-api`, `gui-ts`, regression data, engineering docs, and agent handoff docs.
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
- Hardened `solver-c` JSON/input boundaries and file-loading paths to prevent buffer/partial-read edge failures.
|
||||||
|
- Added API error envelope consistency (`schemaVersion` + `code`) for expected 4xx paths and diagnostic workflow validation.
|
||||||
|
- Added GUI run-token protection against stale async solve responses and explicit FDM/FEA card-length mismatch messaging.
|
||||||
|
- Switched Docker build dependency installs to `npm ci` for reproducibility and added CI dependency audit checks.
|
||||||
|
- Added full tracked-file audit ledger at `docs/engineering/full-repo-audit-ledger.md`.
|
||||||
|
|||||||
@@ -33,6 +33,8 @@ The API expects `solver-c/solver_main` and `solver-c/solver_fea_main` in the rep
|
|||||||
|
|
||||||
```bash
|
```bash
|
||||||
make test
|
make test
|
||||||
|
make test-solver-sanitize
|
||||||
|
cd gui-ts && npm run build
|
||||||
```
|
```
|
||||||
|
|
||||||
This runs `solver-api` Vitest, `gui-ts` Vitest, and `solver-c/test_solver`.
|
This runs `solver-api` Vitest, `gui-ts` Vitest, and `solver-c/test_solver`.
|
||||||
@@ -42,6 +44,7 @@ This runs `solver-api` Vitest, `gui-ts` Vitest, and `solver-c/test_solver`.
|
|||||||
- Keep changes focused; avoid drive-by refactors.
|
- Keep changes focused; avoid drive-by refactors.
|
||||||
- If you change solver equations or boundary conditions, update [Agents/MATH_SPEC.md](Agents/MATH_SPEC.md) and the gap table in [Agents/COMPUTE_PLAN.md](Agents/COMPUTE_PLAN.md).
|
- If you change solver equations or boundary conditions, update [Agents/MATH_SPEC.md](Agents/MATH_SPEC.md) and the gap table in [Agents/COMPUTE_PLAN.md](Agents/COMPUTE_PLAN.md).
|
||||||
- If you change the JSON contract or HTTP responses, bump `schemaVersion` only with an explicit migration plan (see [AGENTS.md](AGENTS.md)).
|
- If you change the JSON contract or HTTP responses, bump `schemaVersion` only with an explicit migration plan (see [AGENTS.md](AGENTS.md)).
|
||||||
|
- Keep golden response behavior deterministic; only update `data/golden/default.solve.sha256` when output changes are intentional and documented.
|
||||||
|
|
||||||
## Coding style
|
## Coding style
|
||||||
|
|
||||||
|
|||||||
@@ -93,6 +93,12 @@ cd solver-api && npm install && npm run dev
|
|||||||
cd gui-ts && npm install && npm run dev
|
cd gui-ts && npm install && npm run dev
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Optional API hardening for browser clients:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cd solver-api && CORS_ORIGINS="http://localhost:5173" npm run dev
|
||||||
|
```
|
||||||
|
|
||||||
- API: `http://localhost:4400/health`
|
- API: `http://localhost:4400/health`
|
||||||
- GUI: `http://localhost:5173`
|
- GUI: `http://localhost:5173`
|
||||||
|
|
||||||
|
|||||||
@@ -18,3 +18,5 @@ Do not open a public issue for undisclosed vulnerabilities.
|
|||||||
|
|
||||||
- The local API is intended for **trusted development networks**. Do not expose it to the public internet without hardening (TLS, auth, rate limits, reverse proxy).
|
- The local API is intended for **trusted development networks**. Do not expose it to the public internet without hardening (TLS, auth, rate limits, reverse proxy).
|
||||||
- Treat uploaded XML as untrusted input at API boundaries.
|
- Treat uploaded XML as untrusted input at API boundaries.
|
||||||
|
- `CORS_ORIGINS` can be set to a comma-separated allowlist for browser clients; default behavior is permissive for local development.
|
||||||
|
- For production-like deployments, disable runtime compiler dependencies and prebuild `solver-c/solver_main` and `solver-c/solver_fea_main`.
|
||||||
|
|||||||
@@ -25,6 +25,7 @@ Last Updated: 2026-04-16
|
|||||||
## Integration
|
## Integration
|
||||||
|
|
||||||
- `solver-api/tests/api.test.js` — solve routes, diagnostic path, golden hash, `validate-card`, `both` comparison keys.
|
- `solver-api/tests/api.test.js` — solve routes, diagnostic path, golden hash, `validate-card`, `both` comparison keys.
|
||||||
|
- API error contract checks: assert `schemaVersion` + machine-readable `code` on expected 4xx responses.
|
||||||
- `comparison` schema v2 includes:
|
- `comparison` schema v2 includes:
|
||||||
- `peakLoadDeltas` for Pmax/Pmin and Dmax/Dmin
|
- `peakLoadDeltas` for Pmax/Pmin and Dmax/Dmin
|
||||||
- `pointwiseResiduals.series[]` (position + polished/downhole residuals)
|
- `pointwiseResiduals.series[]` (position + polished/downhole residuals)
|
||||||
@@ -70,6 +71,7 @@ Last Updated: 2026-04-16
|
|||||||
### 5) CI checks
|
### 5) CI checks
|
||||||
|
|
||||||
- C sanitizers (ASan/UBSan) lane.
|
- C sanitizers (ASan/UBSan) lane.
|
||||||
|
- Dependency audit lane (`npm audit --omit=dev --audit-level=high`) for API and GUI packages.
|
||||||
- Performance budget lane (fixed representative cases).
|
- Performance budget lane (fixed representative cases).
|
||||||
- Artifact lane emits comparison/drift summaries.
|
- Artifact lane emits comparison/drift summaries.
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user