lakehouse

profit/lakehouse

Fork 0

Commit Graph

Author	SHA1	Message	Date
root	d77622fc6b	distillation: fix 7 grounding bugs found by Kimi audit Kimi For Coding (api.kimi.com, kimi-for-coding) ran a forensic audit on distillation v1.0.0 with full file content. 7/7 flags verified real on grep. Substrate now matches what v1.0.0 claimed: deterministic, no schema bypasses, Rust tests compile. Fixes: - mode.rs:1035,1042 matrix_corpus Some/None -> vec![..]/vec![]; cargo check --tests now compiles (was silently broken; only bun tests were running) - scorer.ts:30 SCORER_VERSION env override removed - identical input now produces identical version stamp, not env-dependent drift - transforms.ts:181 auto_apply wall-clock fallback (new Date()) -> deterministic recorded_at fallback - replay.ts:378 recorded_run_id Date.now() -> sha256(recorded_at); replay rows now reproducible given recorded_at - receipts.ts:454,495 input_hash_match hardcoded true was misleading telemetry; bumped DRIFT_REPORT_SCHEMA_VERSION 1->2, field is now boolean\|null with honest null when not computed at this layer - score_runs.ts:89-100,159 dedup keyed only on sig_hash made scorer-version bumps invisible. Composite sig_hash:scorer_version forces re-scoring - export_sft.ts:126 (ev as any).contractor bypass emitted "<contractor>" placeholder for every contract_analyses SFT row. Added typed EvidenceRecord.metadata bucket; transforms.ts populates metadata.contractor; exporter reads typed value Verification (all green): cargo check -p gateway --tests compiles bun test tests/distillation/ 145 pass / 0 fail bun acceptance 22/22 invariants bun audit-full 16/16 required checks Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-27 05:34:31 -05:00
root	68b6697bcb	distillation: Phase 4 — dataset export layer Some checks failed lakehouse/auditor 1 blocking issue: todo!() macro call in tests/real-world/scrum_master_pipeline.ts Build the contamination firewall: RAG, SFT, and Preference exporters that turn scored evidence into clean training datasets without leaking rejected, unvalidated, hallucinated, or provenance-free records. Files (8 new + 4 schema updates): scripts/distillation/quarantine.ts shared QuarantineWriter, 11-reason taxonomy scripts/distillation/export_rag.ts RAG exporter (--include-review opt-in) scripts/distillation/export_sft.ts SFT exporter (--include-partial opt-in, SFT_NEVER constant) scripts/distillation/export_preference.ts preference exporter, same task_id pairing scripts/distillation/distill.ts CLI dispatcher (build-evidence/score/export-) tests/distillation/exports.test.ts 15 contamination-firewall tests reports/distillation/phase4-export-report.md acceptance report Schema field-name alignment with now.md: rag_sample.ts +source_category, exported_at→created_at sft_sample.ts +id, exported_at→created_at, partially_accepted at schema (CLI gates) preference_sample.ts +id, source_run_ids→chosen_run_id+rejected_run_id, +created_at Test metrics: 117 distillation tests pass · 0 fail · 315 expects · 327ms Real-data export run (1052 scored input rows): RAG: 446 exported (351 acc + 95 partial), 606 quarantined SFT: 351 exported (all 'accepted'), 701 quarantined Preference: 83 pairs exported, 16 quarantined CONTAMINATION FIREWALL — verified held on real data: - SFT output: 351/351 quality_score='accepted' (ZERO leaked) - RAG output: 351 acc + 95 partial (ZERO rejected leaked) - Preference: 0 self-pairs (chosen_run_id != rejected_run_id) - 536 rejected+needs_human_review records caught at unsafe_sft_category gate, exact match to scored-runs forbidden-category total Defense in depth (the firewall is two layers, not one): 1. Schema layer (Phase 1): SftSample.quality_score enum forbids rejected/needs_human at write time 2. Exporter layer: SFT_NEVER constant in export_sft.ts checks category before synthesis. Even if synthesis produced a row with quality_score=rejected, validateSftSample would reject it. Quarantine reasons (11): missing_provenance, missing_source_run_id, empty_content, schema_violation, unsafe_sft_category, unsafe_rag_category, invalid_preference_pairing, hallucinated_file_path, duplicate_id, self_pairing, category_disallowed. Bug surfaced + fixed during testing: module-level evidenceCache shared state across test runs (tests wipe TMP, cache holds stale empty Map). Moved cache to per-call scope. Same pattern bit Phase 2 materializer would have hit if its tests had multiple runs sharing state — preventive fix. Pairing logic v1: same task_id with category gap. accepted×rejected preferred, accepted×partially_accepted as fallback. MAX_PAIRS_PER_TASK=5 cap prevents one hot task from dominating. Future: cross-source pairing (scrum_reviews chosen vs observer_reviews rejected on same file) to grow dataset beyond 83. CLI: ./scripts/distill.ts {build-evidence\|score\|export-rag\|export-sft\|export-preference\|export-all\|health} Flags: --dry-run, --include-partial (SFT only), --include-review (RAG only) Carry-overs to Phase 5 (Receipts Harness): - Each exporter currently writes results but no per-stage receipt.json. Phase 5 wraps build_evidence_index + score_runs + export_ in a withReceipt() helper that captures git_sha + sha256 of inputs/outputs + record_counts + validation_pass. - reports/distillation/latest.md aggregating most-recent run of each stage. Carry-overs to Phase 3 v2: - mode_experiments scoring (168 needs_human_review): derive markers from validation_results.grounded_fraction - extraction-class JOIN: distilled_*/audit_facts/observer_escalations → JOIN to verdict-bearing parent by task_id Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-26 22:57:40 -05:00

Author

SHA1

Message

Date

root

d77622fc6b

distillation: fix 7 grounding bugs found by Kimi audit

Kimi For Coding (api.kimi.com, kimi-for-coding) ran a forensic audit on
distillation v1.0.0 with full file content. 7/7 flags verified real on
grep. Substrate now matches what v1.0.0 claimed: deterministic, no
schema bypasses, Rust tests compile.

Fixes:
- mode.rs:1035,1042  matrix_corpus Some/None -> vec![..]/vec![]; cargo
                     check --tests now compiles (was silently broken;
                     only bun tests were running)
- scorer.ts:30       SCORER_VERSION env override removed - identical
                     input now produces identical version stamp, not
                     env-dependent drift
- transforms.ts:181  auto_apply wall-clock fallback (new Date()) ->
                     deterministic recorded_at fallback
- replay.ts:378      recorded_run_id Date.now() -> sha256(recorded_at);
                     replay rows now reproducible given recorded_at
- receipts.ts:454,495  input_hash_match hardcoded true was misleading
                       telemetry; bumped DRIFT_REPORT_SCHEMA_VERSION 1->2,
                       field is now boolean|null with honest null when
                       not computed at this layer
- score_runs.ts:89-100,159  dedup keyed only on sig_hash made
                            scorer-version bumps invisible. Composite
                            sig_hash:scorer_version forces re-scoring
- export_sft.ts:126  (ev as any).contractor bypass emitted "<contractor>"
                     placeholder for every contract_analyses SFT row.
                     Added typed EvidenceRecord.metadata bucket;
                     transforms.ts populates metadata.contractor;
                     exporter reads typed value

Verification (all green):
  cargo check -p gateway --tests   compiles
  bun test tests/distillation/     145 pass / 0 fail
  bun acceptance                   22/22 invariants
  bun audit-full                   16/16 required checks

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-27 05:34:31 -05:00

root

68b6697bcb

distillation: Phase 4 — dataset export layer

lakehouse/auditor 1 blocking issue: todo!() macro call in tests/real-world/scrum_master_pipeline.ts

Build the contamination firewall: RAG, SFT, and Preference exporters
that turn scored evidence into clean training datasets without
leaking rejected, unvalidated, hallucinated, or provenance-free
records.

Files (8 new + 4 schema updates):
  scripts/distillation/quarantine.ts      shared QuarantineWriter, 11-reason taxonomy
  scripts/distillation/export_rag.ts      RAG exporter (--include-review opt-in)
  scripts/distillation/export_sft.ts      SFT exporter (--include-partial opt-in, SFT_NEVER constant)
  scripts/distillation/export_preference.ts preference exporter, same task_id pairing
  scripts/distillation/distill.ts         CLI dispatcher (build-evidence/score/export-*)
  tests/distillation/exports.test.ts      15 contamination-firewall tests
  reports/distillation/phase4-export-report.md  acceptance report

Schema field-name alignment with now.md:
  rag_sample.ts        +source_category, exported_at→created_at
  sft_sample.ts        +id, exported_at→created_at, partially_accepted at schema (CLI gates)
  preference_sample.ts +id, source_run_ids→chosen_run_id+rejected_run_id, +created_at

Test metrics: 117 distillation tests pass · 0 fail · 315 expects · 327ms

Real-data export run (1052 scored input rows):
  RAG:        446 exported (351 acc + 95 partial), 606 quarantined
  SFT:        351 exported (all 'accepted'),       701 quarantined
  Preference:  83 pairs exported,                   16 quarantined

CONTAMINATION FIREWALL — verified held on real data:
  - SFT output: 351/351 quality_score='accepted' (ZERO leaked)
  - RAG output: 351 acc + 95 partial (ZERO rejected leaked)
  - Preference: 0 self-pairs (chosen_run_id != rejected_run_id)
  - 536 rejected+needs_human_review records caught at unsafe_sft_category
    gate, exact match to scored-runs forbidden-category total

Defense in depth (the firewall is two layers, not one):
  1. Schema layer (Phase 1): SftSample.quality_score enum forbids
     rejected/needs_human at write time
  2. Exporter layer: SFT_NEVER constant in export_sft.ts checks
     category before synthesis. Even if synthesis produced a row
     with quality_score=rejected, validateSftSample would reject it.

Quarantine reasons (11): missing_provenance, missing_source_run_id,
empty_content, schema_violation, unsafe_sft_category,
unsafe_rag_category, invalid_preference_pairing,
hallucinated_file_path, duplicate_id, self_pairing,
category_disallowed.

Bug surfaced + fixed during testing: module-level evidenceCache
shared state across test runs (tests wipe TMP, cache holds stale
empty Map). Moved cache to per-call scope. Same pattern bit Phase 2
materializer would have hit if its tests had multiple runs sharing
state — preventive fix.

Pairing logic v1: same task_id with category gap. accepted×rejected
preferred, accepted×partially_accepted as fallback. MAX_PAIRS_PER_TASK=5
cap prevents one hot task from dominating. Future: cross-source
pairing (scrum_reviews chosen vs observer_reviews rejected on same
file) to grow dataset beyond 83.

CLI: ./scripts/distill.ts {build-evidence|score|export-rag|export-sft|export-preference|export-all|health}
Flags: --dry-run, --include-partial (SFT only), --include-review (RAG only)

Carry-overs to Phase 5 (Receipts Harness):
- Each exporter currently writes results but no per-stage receipt.json.
  Phase 5 wraps build_evidence_index + score_runs + export_* in a
  withReceipt() helper that captures git_sha + sha256 of inputs/outputs
  + record_counts + validation_pass.
- reports/distillation/latest.md aggregating most-recent run of each stage.

Carry-overs to Phase 3 v2:
- mode_experiments scoring (168 needs_human_review): derive markers from
  validation_results.grounded_fraction
- extraction-class JOIN: distilled_*/audit_facts/observer_escalations
  → JOIN to verdict-bearing parent by task_id

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-26 22:57:40 -05:00

2 Commits