profit/lakehouse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
lakehouse/auditor/types.ts
root 8d02c7f441 auditor: integrate Kimi second-pass review (off by default, LH_AUDITOR_KIMI=1) 
Adds kimi_architect as a fifth check kind in the auditor. Runs
sequentially after static/dynamic/inference/kb_query, consumes their
findings as context, and asks Kimi For Coding "what did everyone
miss?" — targeting load-bearing issues that deepseek N=3 voting can't
see (compile errors, false telemetry, schema bypasses, determinism
leaks). 7/7 grounded on the distillation v1.0.0 audit experiment
2026-04-27.

Off by default. Enable on the lakehouse-auditor service:
  systemctl edit lakehouse-auditor.service
  Environment=LH_AUDITOR_KIMI=1

Tunable env (all optional):
  LH_AUDITOR_KIMI_MODEL       default kimi-for-coding
  LH_AUDITOR_KIMI_MAX_TOKENS  default 12000
  LH_GATEWAY_URL              default http://localhost:3100

Guardrails:
- Failure-isolated. Any Kimi error / 429 / TOS revocation returns a
  single info-level skip-finding so the existing pipeline never blocks
  on a Kimi outage.
- Cost-bounded. Cached verdicts at data/_auditor/kimi_verdicts/<pr>-
  <sha>.json with 24h TTL — re-audits within the window return cached
  findings instead of re-calling upstream. New commits produce new
  SHAs so caching is per-head, not per-day.
- 6min upstream timeout (vs 2min for openrouter inference) — Kimi is
  a reasoning model and the audit prompt is large.
- Grounding verification baked in. Every finding's cited file:line is
  greppped against the actual file before the verdict is persisted.
  Per-finding evidence carries [grounding: verified at FILE:LINE] or
  [grounding: line N > EOF] / [grounding: file not found]. Confab-
  ulation rate goes into data/_kb/kimi_audits.jsonl as grounding_rate
  for "is this still valuable" tracking.

Persisted artifacts:
  data/_auditor/kimi_verdicts/<pr>-<sha>.json   full verdict + raw
                                                Kimi response + grounding
  data/_kb/kimi_audits.jsonl                    one row per call:
                                                latency, tokens, findings,
                                                grounding rate

Verdict-rendering: kimi_architect now appears in the per-check
sections of the human-readable comment posted to PRs (auditor/audit.ts
checkOrder), after kb_query.

Verification:
  bun build auditor/checks/kimi_architect.ts   compiles
  bun build auditor/audit.ts                   compiles
  parser sanity (3-finding fixture)            3/3 lifted correctly

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 05:39:51 -05:00

73 lines
2.8 KiB
TypeScript
Raw Permalink Blame History

// Shared types for the claim-auditor. Every field exists for a reason;
// if something can't be verified from a check, it goes into `evidence`
// so the verdict is inspectable, not a black box.
export type CheckKind = "static" | "dynamic" | "inference" | "kb_query" | "kimi_architect";
export type Severity = "info" | "warn" | "block";
export interface Claim {
// Verbatim phrase that raised the claim — e.g. "Phase 38 shipped",
// "verified end-to-end", "works after restart". Used as the "what
// does the author assert" input to downstream checks.
text: string;
// Where it came from. `commit_sha` is the short hash; `location`
// is a file:line for in-diff claims, or "pr_body" / "commit_message".
commit_sha: string;
location: string;
// Heuristic rating of how strong the claim is. "green+tested"
// is strong; "should work" is weak. Drives sensitivity — stronger
// claims get harder-blocked on weak evidence.
//
// "empirical" is a separate class: runtime measurements like
// "N cloud calls" / "306s end-to-end" / "accepted on attempt N".
// These cannot be verified from a static diff — only from the test
// output that produced them. Inference skips diff-verification for
// empirical claims; they become info-level context unless a future
// runtime_evidence check contradicts them.
strength: "weak" | "moderate" | "strong" | "empirical";
}
export interface Finding {
check: CheckKind;
severity: Severity;
claim_text?: string;
// Free-form short description: "field added but never read", "no
// test covers this code path", "cloud model says placeholder".
summary: string;
// Concrete evidence: file paths, line numbers, log excerpts, test
// output, cloud-model verdict. No handwaving.
evidence: string[];
}
export interface Verdict {
pr_number: number;
head_sha: string;
audited_at: string;
overall: "approve" | "request_changes" | "block";
findings: Finding[];
// Real numbers that downstream policy can gate on. e.g. if the
// hybrid test produced latency numbers or token counts, they
// surface here so /auditor/history is queryable.
metrics: Record<string, number>;
// Short one-line justification for the `overall` verdict. What
// gets posted as the commit-status description in Gitea (max 140
// chars) must fit here.
one_liner: string;
}
export interface PrSnapshot {
number: number;
head_sha: string;
base_sha: string;
title: string;
body: string;
state: "open" | "closed" | "merged";
author: string;
// Array of commit messages in the PR (not diffs — those are
// fetched on-demand per-check).
commits: Array<{ sha: string; message: string; author: string }>;
// File paths touched by the PR, with lines-added / lines-removed.
files: Array<{ path: string; additions: number; deletions: number }>;
}
Reference in New Issue View Git Blame Copy Permalink