feat(audit): pack-conformance auditor + SARIF 2.1.0 emitter

[Nelson Spence (Fieldnote-Echo)]

Summary

Ships the first cut of nboot audit — a fleet-level conformance auditor that reuses navi-bootstrap's render pipeline as a living specification for what a repo should look like, and reports drift as SARIF 2.1.0 for the GitHub Security tab.

This PR delivers Mode A (pack-conformance audit) of the original two-mode design. Mode B (invisible-prompt-injection scan) was deferred per a grumpy Codex review: navi_sanitize.clean() is string-in/string-out with no offsets or vector classification, so the promised line:col + kind reporting is impossible without an upstream API change. Filed as navi-sanitize#38.

What it does

$ nboot audit --spec nboot-spec.json --pack security-scanning --target ~/repo-to-check
Audit found 3 drift finding(s):

Missing files (2):
  - .github/workflows/codeql.yml
  - .github/workflows/scorecard.yml

Changed files (1):
  - .github/dependabot.yml

--format sarif produces a GitHub-compatible report that uploads cleanly via github/codeql-action/upload-sarif and lands in the Security tab alongside CodeQL / Semgrep alerts.

Why this matters

Backstage Scaffolder, Cookiecutter, and Yeoman are create-only. Copier can update but needs the target to have been Copier-generated originally, and its merge UX is the documented top failure mode in 2026 platform-engineering surveys.

nboot audit instead treats a pack as a living conformance spec: render it in memory, diff against any existing repo, report drift. No writes, no merges, no state. The same artifact generates new projects AND validates old ones — a materially different primitive.

What's in the PR

New modules

• src/navi_bootstrap/sarif.py — hand-rolled SARIF 2.1.0 emitter (no new runtime deps). Declares two rules with stable partialFingerprints for GitHub dedup.
• src/navi_bootstrap/audit.py — AuditFinding dataclass, run_audit(), findings_to_{sarif,text}().

CLI

• nboot audit --spec … --pack … --target … [--format text|sarif] [--output path] [--resolve] [--exit-zero]
• Offline by default (fleet audits shouldn't depend on GH API reachability).
• Exits 1 on drift so CI fails; --exit-zero for report-only surveys.

Single-sourced __version__

src/navi_bootstrap/__init__.py now reads via importlib.metadata.version("navi-bootstrap"). Removes the 0.1.1-vs-0.1.2 drift between __init__.py and pyproject.toml.

Companion commit (already on branch)

496a706 — navi-sanitize 0.1.0 → 0.2.1. Brings in 492-invisible-char coverage, C0/C1 control-char stripping, 66 homoglyph pairs, NFKC-bypass defense. Prepares for the deferred Mode B.

Test plan

• uv run pytest tests/ — 407 passed (26 new: 11 SARIF, 15 audit pipeline + CLI)
• uv run mypy src/navi_bootstrap/ — clean, 14 files, strict mode
• uv run ruff check + ruff format --check — clean
• End-to-end: render scaffold into tmp, mutate README, confirm audit reports the drift
• All 8 existing packs still validate against the manifest schema
• nboot audit --help displays all flags correctly
• CI to confirm tests, CodeQL, Semgrep, Scorecard, fuzz all green

Follow-up work

• navi-sanitize 0.3.x with scan() -> list[Finding] API (issue #38) unlocks Mode B
• nboot audit --scan-injections as a thin addition once scan() ships
• Fleet-walker wrapper (nboot audit --org <name>) that multi-repo-audits via gh repo list

Codex review status

Dispatched a grumpy review pre-build. It flagged two fatal gaps (sanitize API surface, SARIF schema complexity) and three HIGH warnings. The design was reshaped in response: Mode B cut, SARIF scope narrowed to missing/changed rules only (no hunk-region parsing), binary/j2 collision deferred to follow-up.

[qodo-code-review]

Review Summary by Qodo

Add pack-conformance auditor with SARIF 2.1.0 output

✨ Enhancement

Walkthroughs

Description

• Add nboot audit command for pack-conformance drift detection
  - Renders pack in-memory and diffs against existing project
  - Reports missing/changed files as findings
• Implement SARIF 2.1.0 emitter for GitHub Security tab integration
  - Hand-rolled with no new runtime dependencies
  - Declares two rules with stable fingerprints for deduplication
• Single-source __version__ via importlib.metadata
  - Eliminates drift between __init__.py and pyproject.toml
• Bump navi-sanitize 0.1.0 → 0.2.1 for enhanced sanitization

Diagram

flowchart LR
  A["Pack + Spec"] -->|render in-memory| B["Rendered Files"]
  C["Target Project"] -->|read from disk| D["Existing Files"]
  B -->|compute_diffs| E["DiffResults"]
  D -->|compute_diffs| E
  E -->|convert| F["AuditFindings"]
  F -->|format text| G["Human Report"]
  F -->|format sarif| H["GitHub Security Tab"]

Loading

File Changes

1. src/navi_bootstrap/__init__.py ✨ Enhancement +8/-2

Single-source version from package metadata

• Replace hardcoded __version__ = "0.1.1" with dynamic lookup via importlib.metadata.version()
• Add fallback to "0.0.0+unknown" for development installs without package metadata
• Export __version__ in __all__ for public API

src/navi_bootstrap/init.py

---

2. src/navi_bootstrap/audit.py ✨ Enhancement +192/-0

Pack-conformance audit pipeline and finding types

• New AuditFinding dataclass representing missing/changed files with rule mapping
• run_audit() function orchestrates resolve → plan → render → diff pipeline in-memory
• findings_to_sarif() and findings_to_text() converters for output formatting
• AuditError exception wraps all pipeline-stage failures

src/navi_bootstrap/audit.py

---

3. src/navi_bootstrap/sarif.py ✨ Enhancement +140/-0

SARIF 2.1.0 report generation for GitHub Security tab

• Hand-rolled SARIF 2.1.0 emitter with no new runtime dependencies
• SarifResult dataclass with stable SHA256 fingerprinting for GitHub deduplication
• SarifReport builder with pre-declared audit rules (pack-drift-missing, pack-drift-changed)
• JSON serialization with proper schema URI and tool metadata

src/navi_bootstrap/sarif.py

---

View more (5)

4. src/navi_bootstrap/cli.py ✨ Enhancement +86/-0

CLI command for pack-conformance auditing

• New audit command with flags: --spec, --pack, --target, --format, --output,
 --resolve, --exit-zero
• Offline-by-default mode (no GitHub API calls unless --resolve passed)
• Supports text and SARIF output formats with file writing capability
• Exits 1 on drift unless --exit-zero flag provided

src/navi_bootstrap/cli.py

---

5. tests/test_audit.py 🧪 Tests +326/-0

Comprehensive audit pipeline and CLI tests

• 15 new tests covering AuditFinding, run_audit(), and CLI integration
• End-to-end tests against real packs (scaffold) with conforming/drifted targets
• CLI tests for text/SARIF formats, exit codes, and file output
• Fixtures for spec generation and project setup

tests/test_audit.py

---

6. tests/test_sarif.py 🧪 Tests +95/-0

SARIF emitter unit and integration tests

• 11 new tests for SARIF result and report generation
• Fingerprint stability and uniqueness validation
• Rule validation and unknown-rule rejection
• JSON serialization and schema compliance

tests/test_sarif.py

---

7. docs/reference/audit.md 📝 Documentation +116/-0

Audit command reference documentation

• New reference documentation for nboot audit command
• Usage examples, flag reference, and SARIF upload workflow
• Comparison table with diff and apply verbs
• Exit code semantics and use-case guidance

docs/reference/audit.md

---

8. pyproject.toml Dependencies +1/-1

Update navi-sanitize to 0.2.1

• Bump navi-sanitize dependency from >=0.1.0 to >=0.2.1
• Brings invisible-char coverage, C0/C1 control-char stripping, expanded homoglyph map

pyproject.toml

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (1) 📎 Requirement gaps (0)

1. Unconfined diff file reads ☑ 🐞 Bug ⛨ Security

Description

Audit calls compute_diffs(), which reads target / rf.dest without path-confinement or
symlink-escape checks; a crafted pack/spec can cause reads outside the audited target directory.

Code

src/navi_bootstrap/audit.py[R139-142]

+    # Diff rendered-in-memory vs existing target filesystem.
+    diffs = compute_diffs(rendered, target, pack_name=pack)
+
+    return [_diff_result_to_finding(d, pack) for d in diffs]

Evidence

The engine’s write layer explicitly enforces that rendered destinations stay within the output
directory (including symlink checks), but the read/diff layer does not. Since audit renders
destinations and then reads from target / dest, an absolute dest or a .. traversal (including
one produced by Jinja-rendered dest paths) can escape the target and read arbitrary files accessible
to the process.

src/navi_bootstrap/audit.py[127-142]
src/navi_bootstrap/diff.py[72-99]
src/navi_bootstrap/engine.py[255-276]
src/navi_bootstrap/engine.py[88-150]
src/navi_bootstrap/packs.py[41-55]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`compute_diffs()` reads `target / rf.dest` with no confinement/symlink protections, unlike `write_rendered()` which explicitly prevents path escape. This can allow reading files outside the audit target when `rf.dest` is absolute or contains traversal (including traversal produced by rendering dest templates).

### Issue Context
Audit uses `compute_diffs()` as its filesystem read boundary. This boundary should be at least as strict as the write boundary.

### Fix Focus Areas
- src/navi_bootstrap/diff.py[59-122]
- src/navi_bootstrap/engine.py[255-276]
- src/navi_bootstrap/audit.py[127-142]

### Suggested fix
- In `compute_diffs()`, before any `exists()`/`read_text()`:
 - Resolve `file_path = (target / rf.dest)` and enforce `file_path.resolve().relative_to(target.resolve())`.
 - Add a symlink escape defense similar to `write_rendered()` (resolve comparison).
- If confinement fails, raise a clear exception (and have `run_audit()` convert it to `AuditError`).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Wrong pack marker name ☑ 🐞 Bug ≡ Correctness

Description

run_audit() passes the user-supplied pack argument as pack_name into compute_diffs(); when
--pack is a filesystem path (or otherwise differs from the manifest name), append-mode marker
matching breaks and conforming files can be falsely reported as changed.

Code

src/navi_bootstrap/audit.py[R139-142]

+    # Diff rendered-in-memory vs existing target filesystem.
+    diffs = compute_diffs(rendered, target, pack_name=pack)
+
+    return [_diff_result_to_finding(d, pack) for d in diffs]

Evidence

Audit uses pack_name=pack rather than the manifest-derived pack name, but diffing in append mode
relies on pack_name to find/replace marker blocks. Since packs can be passed as filesystem paths,
the string used for markers may include slashes and will never match markers written by the engine
(which uses the manifest’s pack_name).

src/navi_bootstrap/audit.py[139-142]
src/navi_bootstrap/diff.py[59-99]
src/navi_bootstrap/packs.py[41-60]
src/navi_bootstrap/cli.py[359-361]
src/navi_bootstrap/engine.py[299-306]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`run_audit()` passes the raw `pack` CLI argument into `compute_diffs(..., pack_name=...)`. For append-mode files, `compute_diffs()` uses `pack_name` to generate and detect marker blocks, so using a filesystem path (or any non-canonical pack identifier) causes false drift findings.

### Issue Context
The engine’s write path uses `render_plan.pack_name` (manifest-derived) for marker blocks; audit should do the same to stay consistent.

### Fix Focus Areas
- src/navi_bootstrap/audit.py[120-142]
- src/navi_bootstrap/cli.py[359-361]

### Suggested fix
- Change `compute_diffs(rendered, target, pack_name=pack)` to `compute_diffs(rendered, target, pack_name=render_plan.pack_name)`.
- Decide whether `AuditFinding.pack` should remain the user-supplied `pack` (helpful for remediation commands) or the canonical manifest name, but ensure marker logic uses the canonical name.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. pyproject.toml modified outside allowlist 📘 Rule violation § Compliance

Description

This PR changes pyproject.toml, which is outside the allowed top-level directories (src/,
tests/, packs/, docs/) and no explicit approval note is recorded in the PR description. This
violates the directory restriction policy and may require an explicit approval/exception before
merge.

Code

pyproject.toml[27]

+    "navi-sanitize>=0.2.1",

Evidence

The compliance rule restricts modifications to src/, tests/, packs/, or docs/ unless an
explicit approval/exception is recorded. The diff shows a change to the repo-root pyproject.toml
dependency list, which is outside the allow-list.

Rule 305373: Restrict file modifications to specific top-level directories
pyproject.toml[23-29]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
A repo-root file (`pyproject.toml`) was modified, which is outside the allowed directories per policy unless an explicit approval/exception is recorded.

## Issue Context
This PR updates a dependency constraint in `pyproject.toml`. To comply, either (a) obtain and document explicit approval for changing a non-allowlisted path, or (b) revert/split out the change if approval is not available.

## Fix Focus Areas
- pyproject.toml[23-29]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

4. Unhandled non-text file reads ☑ 🐞 Bug ☼ Reliability

Description

compute_diffs() unconditionally calls Path.read_text() on existing paths; if the target has a
directory at that path or non-UTF8/binary data, audit can crash instead of returning findings.

Code

src/navi_bootstrap/audit.py[R139-142]

+    # Diff rendered-in-memory vs existing target filesystem.
+    diffs = compute_diffs(rendered, target, pack_name=pack)
+
+    return [_diff_result_to_finding(d, pack) for d in diffs]

Evidence

compute_diffs() only checks exists() and then does read_text(), which can raise
IsADirectoryError or UnicodeDecodeError. audit_cmd only wraps AuditError, so these failures
bubble out as unhandled exceptions rather than a controlled audit failure.

src/navi_bootstrap/diff.py[72-102]
src/navi_bootstrap/cli.py[439-443]
src/navi_bootstrap/audit.py[96-142]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
Audit can crash when `compute_diffs()` hits a non-regular file (directory) or non-UTF8 content at a pack-expected path, because it uses `Path.read_text()` without guards and audit doesn’t convert these failures into `AuditError`.

### Issue Context
Fleet/CI auditing should fail deterministically with a clear error instead of a stack trace.

### Fix Focus Areas
- src/navi_bootstrap/diff.py[72-102]
- src/navi_bootstrap/audit.py[96-142]
- src/navi_bootstrap/cli.py[439-443]

### Suggested fix
- In `compute_diffs()`:
 - Check `file_path.is_file()` before reading; if it exists but isn’t a file, treat as drift with an explanatory diff_text or raise a typed exception.
 - Read with an explicit encoding and error handling (e.g., `encoding="utf-8", errors="replace"`) or switch to byte-based comparison when diff_text is not required.
- In `run_audit()`, catch these lower-level exceptions and re-raise as `AuditError` so CLI reports cleanly.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

5. External uv call in test ☑ 🐞 Bug ☼ Reliability

Description

test_conforming_target_has_no_findings() invokes subprocess.run(["uv", ...]) even though its
result is unused; this adds an unnecessary external dependency and can fail/flap in environments
without uv on PATH.

Code

tests/test_audit.py[R153-170]

+        subprocess.run(
+            [
+                "uv",
+                "run",
+                "nboot",
+                "apply",
+                "--spec",
+                str(spec),
+                "--pack",
+                "scaffold",
+                "--target",
+                str(target),
+                "--skip-resolve",
+            ],
+            check=False,
+            capture_output=True,
+            cwd=Path(__file__).resolve().parents[1],
+        )

Evidence

The test always executes the uv subprocess call before proceeding with the direct engine-based
rendering path; the subprocess output isn’t asserted, so the call only introduces extra runtime and
potential FileNotFoundError/environment coupling.

tests/test_audit.py[148-170]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
A test executes an external `uv run nboot apply ...` subprocess but does not use its output. This increases test runtime and couples the suite to an external binary.

### Issue Context
The test already performs the intended setup using direct engine calls immediately after the subprocess.

### Fix Focus Areas
- tests/test_audit.py[148-191]

### Suggested fix
- Delete the `subprocess.run([..."uv"...])` block entirely.
- If you want to keep a CLI-level test, use `CliRunner()` (already used elsewhere) or gate subprocess execution on `shutil.which("uv")` and skip when unavailable.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[github-actions]

🟡 MEDIUM: Non-robust dict key access for 'action_shas'

Confidence: 96%

The code uses manifest.get('action_shas', []) assuming the returned value will be a list, but downstream consumers (resolve_action_shas) may expect a specific type. If manifest ever changes structure or returns None, this may cause subtle TypeErrors.

Suggestion: Consider validating the type of 'action_shas_config' or providing a more robust default handling to avoid type issues.

— This works as long as manifests are well-formed. If not, enjoy the surprise TypeError later. 60

[github-actions]

🔵 LOW: Lack of Logging or Audit Trail for Findings Generation

Confidence: 88%

The audit pipeline generates findings but doesn't include any logging, making debugging or post-mortem difficult if drift detection or SARIF output fails unexpectedly.

Suggestion: Include minimal logging or debug hooks during findings generation, especially for pipeline-stage failure or major decision points.

— One log line could save someone a late-night debug session.

[github-actions]

🔵 LOW: Documentation omits SARIF rules extensibility caveat

Confidence: 90%

The documentation does not mention that only a fixed set of SARIF rules (missing/changed) is supported and that custom/errors for other drift types are not currently extensible. This could mislead consumers expecting more granular rule coverage.

Suggestion: Clarify in documentation that SARIF emission is intentionally limited to missing and changed files, and other kinds of drift will require schema extension.

— Not wrong, but future-you (or your users) might expect more than two SARIF rules.

[github-actions]

🔵 LOW: Governance: version exported in all and test coverage caveat

Confidence: 95%

Exporting version via all is sound, but the comment on the 'pragma: no cover' for the importlib.metadata fallback warrants a code comment indicating that this is intentional and not an accidental test skip.

Suggestion: Add a brief comment explaining that test coverage of the fallback is intentionally skipped because it only triggers in non-packaged dev environments.

— The pragma is fine, but a comment for future maintainers would prevent awkward codecov questions.

[github-actions]

Grippy approves — PASS (85/100)

[github-actions]

✅ Grippy Review — PASS

Score: 86/100 | Findings: 4

Delta: 2 new

---

_{Commit: 83d9376}

[Copilot]

Pull request overview

Introduces nboot audit, a pack-conformance auditor that renders a pack in-memory, diffs it against a target repo, and emits results as human-readable text or SARIF 2.1.0 for GitHub Security tab ingestion.

Changes:

• Add an audit pipeline (run_audit) with text + SARIF renderers and an AuditFinding model.
• Add a hand-rolled SARIF 2.1.0 emitter with stable partial fingerprints for deduplication.
• Add nboot audit CLI command and single-sourced __version__; bump navi-sanitize to >=0.2.1.

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
uv.lock	Locks dependency update to navi-sanitize 0.2.1.
pyproject.toml	Bumps runtime dependency constraint for navi-sanitize.
src/navi_bootstrap/init.py	Switches __version__ to read from package metadata.
src/navi_bootstrap/cli.py	Adds audit command, SARIF/text output selection, and output-file support.
src/navi_bootstrap/audit.py	Implements in-memory render + diff audit pipeline and finding formatters.
src/navi_bootstrap/sarif.py	Implements minimal SARIF 2.1.0 report/result types and rule registry.
tests/test_audit.py	Adds unit + integration coverage for audit pipeline and CLI behavior.
tests/test_sarif.py	Adds SARIF emitter shape/fingerprint/rule validation tests.
docs/reference/audit.md	Documents nboot audit, flags, SARIF upload example, and exit codes.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 829e153e68

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "Codex (@codex) review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".

[github-actions]

🔵 LOW: Potential incomplete cleanup when writing output file

Confidence: 85%

When writing to the specified output file in audit_cmd, if an exception occurs between writing and echoing the summary message, it may leave a partially written file without warning the user.

Suggestion: Use a try/except block or atomic write pattern when writing output files to prevent incomplete files in case of errors.

— Not fatal, but partial output files frustrate CI folks.

[github-actions]

Grippy approves — PASS (93/100)

[github-actions]

🟡 MEDIUM: CLI: Output File Write Does Not Handle Exceptions or Permission Errors

Confidence: 87%

When a user provides --output and the CLI tries to write the report, it uses output.write_text() without error handling. If the output location is unwritable, the command will crash ungracefully, potentially giving a confusing error and returning an incorrect exit code.

Suggestion: Wrap the write operation in a try/except block. On failure, output a clear error message to stderr and exit with a nonzero code distinct from diff exit codes. Consider using exit code 2 (pipeline error) for consistency.

— Log file writes fail sometimes. Add error handling unless you enjoy triaging bug reports from CI failures.

[github-actions]

🟡 MEDIUM: Network-Skipping Mode May Cause Audits to Miss SHA Drift

Confidence: 90%

The audit CLI skips SHA resolution by default for offline compliance. If a user expects to always detect action SHA drift, this may be misleading, as changes in remote actions will not be caught. The flag is documented, but risk of false negatives if a user expects up-to-date SHA checking by default.

Suggestion: Highlight this in documentation and ensure that in CI settings where drift matters, the --resolve flag is enforced. Consider a warning on stdout when running with skip_resolve.

— Offline by default is safe for reproducibility-but people will forget. Emit a warning in text output.

[github-actions]

🔵 LOW: SARIF Report Does Not Capture Extra Context or Build Metadata

Confidence: 90%

The SARIF emitter includes rule and result info but doesn't allow extra metadata (e.g., audit run time, host, triggered CLI flags). For large fleet runs, this makes trend analysis or debugging harder.

Suggestion: Add a metadata field (as allowed by SARIF spec) with CLI flags, host, audit time, or CI build link.

— SARIF supports rich metadata for a reason. Add a field for audit provenance when you can.

[github-actions]

🔵 LOW: SARIF Rule Level is Always 'Warning'

Confidence: 89%

Both SARIF rules 'pack-drift-missing' and 'pack-drift-changed' are set to 'warning' level and never surface as 'note' or 'error'. This limits triage in GitHub's Security tab, especially as some packs or policies may wish to escalate missing baseline files to error or demote non-critical drift to note.

Suggestion: Parameterize rule severity per-finding or provide a config for default rule level.

— Sarif levels are there for a reason. Expose as a future config knob.

[github-actions]

Grippy approves — PASS (73/100)

[Copilot]

Pull request overview

Copilot reviewed 9 out of 10 changed files in this pull request and generated 3 comments.

Comments suppressed due to low confidence (1)

src/navi_bootstrap/diff.py:96

• The post-existence “symlink defense” check is ineffective because file_path is already target / rf.dest, so file_path.resolve() and (target / rf.dest).resolve() are always identical. This makes the condition always false and leaves misleading dead code. Either remove this block (since the earlier resolve().relative_to(target_resolved) confinement check already rejects symlink escapes) or replace it with an explicit check that actually detects/handles symlinks as intended.

        if is_new:
            # New file: diff against empty
            # For append mode, wrap in marker blocks like the engine would
            if rf.mode == "append":
                marker_start = _MARKER_START.format(pack_name=pack_name)

[Copilot]

--output uses click.Path(path_type=Path) without restricting dir_okay/file_okay or validating writability, so passing a directory (or an unwritable path) will fail later with a less clear exception from Path.write_text(). Consider tightening the Click option to require a file path (dir_okay=False) and/or emitting a ClickException with a clearer message when the output path can’t be written.

Suggested change

	type=click.Path(path_type=Path),
	type=click.Path(path_type=Path, dir_okay=False, writable=True),

[Copilot]

The docs recommend wiring CI so “only exit 1 gates the merge”, but exit code 2 indicates the audit failed to run (bad spec/pack, confinement violation, render failure). Treating 2 as non-gating could allow merges when the audit is broken. Suggest rewording to say CI should fail on any non-zero exit, while using the 1 vs 2 distinction only for classifying drift vs pipeline failure in reporting/alerts.

Suggested change

	audit failed to run". Wire your pipeline so only exit 1 gates the merge.
	audit failed to run". In CI, fail the job on any non-zero exit code; use the
	1 vs 2 distinction only for reporting, alerting, or classifying drift versus
	pipeline failure.

[github-actions]

Grippy approves — PASS (78/100)

[Nelson Spence (Fieldnote-Echo)]

/review

[Nelson Spence (Fieldnote-Echo)]

Codex (@codex) review

[github-actions]

🔵 LOW: No audit log for SARIF/text output events

Confidence: 92%

The audit_cmd() function writes SARIF or text results to stdout or file, but does not emit a corresponding log entry. This could complicate postmortems or automated scripting, especially if CI misroutes output or discards it.

Suggestion: Emit a log or structured print when a report is written, especially in file-output mode. This ensures visibility in CI logs and tracking in fleet audits.

— A minor log here would save someone a headache in a messy CI setup. Up to you.

[github-actions]

🔵 LOW: Dependency pinning does not specify upper bounds

Confidence: 88%

All dependencies use only minimum bound (>=) with no upper limit. This can introduce forward compatibility breakage if a future dependency release introduces incompatible changes.

Suggestion: Consider adding upper version bounds to all runtime dependencies in pyproject.toml to prevent accidental breaking changes from newly released major versions.

— No upper bounds means trusting every dependency forever. Sometimes that's fine; sometimes that's a fire drill.

[github-actions]

Grippy approves — PASS (76/100)

[Copilot]

Pull request overview

Copilot reviewed 9 out of 10 changed files in this pull request and generated 1 comment.

[github-actions]

🔵 LOW: No explicit audit start log message in CLI

Confidence: 90%

The 'audit' CLI command runs with detailed exit codes and output, but does not print a 'beginning audit' or 'auditing target' message. This is minor but impacts visibility in verbose CI or multi-project batch runs, where correlation between command invocation and audit initiation/completion aids debugging.

Suggestion: Emit a clear CLI log message at the beginning of audit_cmd such as 'Auditing against pack using spec '.

— A log line here would save someone a bad day. Not blocking.

[github-actions]

🔵 LOW: No audit summary printed when output written to file

Confidence: 85%

When the audit report is written to file (with --output), the CLI prints only the count of findings and output path. For workflows leveraging this in CI, a succinct summary of audit findings (e.g., warnings, missing files, etc.) could improve operator visibility without having to parse output files.

Suggestion: Print a one-line summary of finding counts and types when writing to file (e.g., after 'Wrote X finding(s) to ...', echo a brief summary).

— Consider adding a metric for this operation. It's minor but helpful.

[github-actions]

Grippy approves — PASS (86/100)