Conversation
Anchor AI Governance Check FailedSummary
Active Violations
|
There was a problem hiding this comment.
Pull request overview
This PR appears to prep a v4 release by bumping the Python package version, adjusting the packaged governance constitution settings, and cleaning repository state related to local .anchor/ governance artifacts.
Changes:
- Bump package version from
4.1.4→4.2.0(setup + package__version__). - Update the baked-in constitution SHA-256 and change packaged constitution to disable the FINOS framework.
- Simplify
.gitignorefor.anchor/and remove committed.anchor/generated/config files (reports, lockfile, domain/framework/regulator copies).
Reviewed changes
Copilot reviewed 27 out of 29 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
setup.py |
Package version bump to 4.2.0. |
anchor/__init__.py |
Align package __version__ with release version. |
anchor/core/constitution.py |
Update baked-in SHA for constitution integrity verification. |
anchor/governance/constitution.anchor |
Disable FINOS framework in the packaged manifest. |
.gitignore |
Ignore the entire /.anchor/ directory. |
.anchor/** (deleted) |
Remove committed local workspace artifacts (generated reports/lockfiles and copied governance manifests). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| namespace: FINOS | ||
| source: "FINOS AI Governance Framework" | ||
| active: true | ||
| active: false |
There was a problem hiding this comment.
FINOS is now marked active: false, but legacy_aliases below still maps ANC-* IDs to FINOS-*. Since inactive frameworks are not loaded, the loader can't resolve the alias chain (ANC → FINOS → domain), which can break V3 compatibility (e.g., policy rules or in-line suppressions referencing ANC-* no longer resolve). Either keep the FINOS framework active, or change legacy_aliases to map ANC-* directly to the canonical domain IDs (SEC/ETH/…) so alias resolution works without loading FINOS rules.
| active: false | |
| active: true |
| setup( | ||
| name="anchor-audit", | ||
| version="4.1.4", | ||
| version="4.2.2", | ||
| description="The Federated Governance Engine for AI (Universal Multi-Language)", |
There was a problem hiding this comment.
The package version is bumped to 4.2.0 here, but anchor/cli.py still hard-codes __version__ = "4.1.4" (separate from anchor.__version__). That will make anchor --version report the wrong version. Consider removing the hard-coded CLI version and using from anchor import __version__ exclusively, or updating it as part of the release bump.
No description provided.