Two fixes observed in test sweep on b25e368:
1. The "Phase 45 shipped" quoted test example in a commit message
body was triggering STRONG_PATTERNS despite being inside quotes —
produced a block finding that flipped 1/0/1 across 3 back-to-back
audits. Same bug class as auditor/checks/static.ts (fixed earlier):
rubric files quote pattern examples, parser can't distinguish.
Fix: firstUnquotedMatch() wraps firstMatch(); uses isInsideQuotedString()
to check whether the regex's match position falls inside double /
single / backtick quotes on the line. Mirrors static.ts exactly.
2. A regex misfire: `(?:PR|commit|prior|...)` in history/proof
patterns was matching "verified ... in production" because `PR`
(2 chars) matched the first 2 chars of "production" before the
`\s*#?\w*` tail absorbed the rest. Tightened to require a digit
after PR (`PR\s*#?\d+`) and commit to require a hex hash.
Verified: 3 back-to-back audit_one runs before this fix showed the
Phase 45 block flipping 1/0/1; after these fixes, unit tests confirm
quoted examples skip correctly AND real claims ("Phase 45 shipped",
"verified end-to-end against production", "Verified end-to-end on
PR #8") still classify correctly.
lakehouse/auditor 1 blocking issue: cloud: claim not backed — "now classify as empirical; fresh claims like "Phase 45 shipped" stay"
PR #9's 4 block findings were all from commit message references to
prior work ("on PR #8", "the proven X", "flipping across N runs").
The cloud reviewer correctly said "the current diff does not prove
that", but the claim was never about the current diff — the proof
lives in the referenced prior PR or test run.
Extended EMPIRICAL_PATTERNS to cover two shared classes:
1. Runtime metrics (existing) — "58 cloud calls", "306s elapsed"
2. History/proof refs (new) — "verified on PR #8", "was flipping
across 9 runs", "the proven escalation ladder", "previously
observed in PR #6", "tested against commit abc1234"
Both skip diff-verification for the same reason: the proof is outside
the diff. Folded into the existing bucket rather than adding a new
strength tier — the skip discipline is identical so there's no value
in splitting them.
Unit-tested on PR #9's actual failing lines: all 5 historical claims
now classify as empirical; fresh claims like "Phase 45 shipped" stay
strong; pure implementation descriptions ("implements deterministic
classification") still don't match (expected — they're not
claims, they're restatements).
lakehouse/auditor 1 blocking issue: cloud: claim not backed — "the proven escalation ladder with learning context, collects"
Observed on PR #8 audit (de11ac4): 7 warn findings, all from the
cloud inference check. Investigation showed two distinct bug classes
that weren't "ship bad code", they were "auditor misreads the diff":
1. Cloud flagged "X not defined in this diff / missing implementation"
for symbols like `tailJsonl` and `stubFinding` that ARE defined —
just not in the added lines of this diff. Fix: extract candidate
symbols from the cloud's gap summary, grep the repo for their
definitions (function/const/let/def/class/struct/enum/trait/fn).
If every named symbol resolves, drop the finding; if some do,
demote to info with the resolution in evidence.
2. Cloud flagged runtime metrics like "58 cloud calls, 306s
end-to-end" as unbacked claims. These are empirical outputs
from running the test, not things a static diff can prove.
Fix: claim_parser now has an `empirical` strength class
matching iteration counts, cloud-call counts, duration metrics,
attempt counts, tier-count phrases. Inference drops empirical
claims from its cloud prompt (verifiable[] subset only) and
claim-index mapping uses verifiable[] so cloud responses still
line up.
Added `claims_empirical` to audit metrics so the verdict is
introspectable: how many claims WERE runtime-only vs how many
are diff-verifiable?
Verified: unit tests confirm empirical classification on 5
sample commit messages; symbol resolver found both false-positive
symbols (tailJsonl + stubFinding) and correctly skipped a known-
fake symbol.
auditor/claim_parser.ts — reads PR body + commit messages, extracts
ship-claims. Regex-based, intentionally not LLM-driven: the parser's
job is to surface claim substrates, not to judge them (that's the
inference check's job, runs later with cloud model).
Three strength tiers:
- strong — "verified end-to-end", "live-proven", "production-ready",
"phase N shipped", "proven"
- moderate — "shipped", "landed", "green", "passing", "works",
"complete", "done"
- weak — "should work", "expected to", "probably"
Live-proven against PR #1 (this PR): 4 claims extracted from
1 commit (2 strong, 2 moderate). "live-proven" correctly tagged as
strong (it IS a stronger claim than "shipped").
Next: static diff check consumes these claims + the PR diff to find
placeholder patterns — empty fns, TODO, unwired fields, etc.
