release: v1.4.0 (Loop Guard + Governance Foundation)#28
Conversation
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…honest min-strength help, action pins - docs/BENCHMARK_CURRENT.md: stamp 1.4.0 with the standard continuity note (fixes the failing version-stamp test; suites still last executed at v1.2.0) - .gitignore: move the inline comment off the .dorian/local/ pattern so the runtime packet dir is actually ignored (gitignore has no inline comments); verified with git check-ignore - cli.py: goal add --min-strength help now says the value is recorded, not enforced (enforcement planned v1.5) - bump all live dorian/action pins v1.3.0 -> v1.4.0 (README, action/README, CLAUDE_CODE_DORIAN_WORKFLOW, SECURITY_AND_SAFE_RUNNERS); docs/releases history deliberately untouched - test_version_sync: new test pinning live action pins to the package version Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
📝 WalkthroughWalkthroughThis PR bumps the Dorian package version from 1.3.0 to 1.4.0, updating version strings in pyproject.toml and __init__.py, refreshing dorian/action pin references across README and docs files, adding v1.4.0 release notes, adjusting CLI help text, a gitignore comment, and a new version-drift test. ChangesVersion 1.4.0 release update
Estimated code review effort: 2 (Simple) | ~10 minutes Possibly related PRs
Suggested labels: documentation, release Suggested reviewers: ajaysurya1221 🥕 A version hops from three to four, 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/BENCHMARK_CURRENT.md`:
- Around line 13-15: The benchmark table row contains unescaped pipe characters
in the release-history text, which breaks the Markdown table structure. Update
the entry in BENCHMARK_CURRENT so the `dorian loop preflight|prompt|install`
fragment no longer uses raw table separators, or move the long narrative out of
the table entirely; use the existing benchmark/version row content as the anchor
when editing.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro Plus
Run ID: 006131b3-e44d-45a0-8fde-32b897a19e8b
⛔ Files ignored due to path filters (1)
uv.lockis excluded by!**/*.lock
📒 Files selected for processing (12)
.gitignoreCHANGELOG.mdREADME.mdaction/README.mddocs/BENCHMARK_CURRENT.mddocs/CLAUDE_CODE_DORIAN_WORKFLOW.mddocs/SECURITY_AND_SAFE_RUNNERS.mddocs/releases/v1.4.0.mdpyproject.tomlsrc/dorian/__init__.pysrc/dorian/cli.pytests/test_version_sync.py
| | dorian version | `1.4.0` | | ||
| | metric commit | `33e9eaf` (the benchmark figures were measured here, during the release audit) | | ||
| | release commit | `81cebbc` (1.0.1) → v1.0.2 announcement hotfix. The 1.0.1 changes (C4 leading-dash nodeid rejection, C5 reconcile per-query timeout, a byte-identical index-once `verify` refactor, the `suggest-claims` / `export --in-toto` commands) plus the v1.0.2 hotfix (export `.warrant` filename disambiguation, `suggest-claims` PEP 263 encoding read, a `symbol_index` non-git `GitError` guard, and CI/SCA/credential/doc hardening) touch no checker numeric behavior; both suites below were **re-run at 1.0.2 and reproduce the metric-commit figures exactly** — binding-lifecycle to the same content-derived `run_id` `168b50d9aa631d52` — so these changes do not move what the suites measure. v1.1.0 added the `dorian init` scaffolder, the PR-comment renderer enhancements (a status line, trust-change counts, sealed-at, and remediation), and build/VCS guards against editor/file-sync `… 2.py` duplicate files (untracked local artifacts — never tracked, never in a CI wheel or on PyPI); v1.1.1 makes the `dorian init` starter claim load-bearing (a scaffold default). All of this is a new command plus output formatting, scaffold defaults, and packaging hygiene only — touching no checker/binding/fold code — so the figures stand unchanged at 1.1.1 (the suites were last executed at 1.0.2, not re-run since). **v1.2.0** adds C4 import-aware binding (a trigger-axis watch widening that affects only C4 `pytest:` claims — not the C1/C3/C5 symbol/regex/string/path/data paths these suites exercise) and the opt-in, default-off `--strength-gate` (advisory; changes no checker verdict or binding). All three suites were **re-run at v1.2.0 and reproduce the metric-commit figures exactly** — binding-lifecycle again landing on the same content-derived `run_id 168b50d9aa631d52` — so 1.2.0 does not move what they measure. **v1.3.0** adds the Claude Code claim-warrants scaffolder (`dorian claude-code install-claim-warrants`: a new CLI subcommand, packaged skill/hook/settings templates, an opt-in reminder Stop hook, and docs) — a CLI/packaging/docs addition that touches **no checker, binding, or fold code**, so the figures stand unchanged at 1.3.0 (the suites were last executed at v1.2.0, not re-run since) | | ||
| | release commit | `81cebbc` (1.0.1) → v1.0.2 announcement hotfix. The 1.0.1 changes (C4 leading-dash nodeid rejection, C5 reconcile per-query timeout, a byte-identical index-once `verify` refactor, the `suggest-claims` / `export --in-toto` commands) plus the v1.0.2 hotfix (export `.warrant` filename disambiguation, `suggest-claims` PEP 263 encoding read, a `symbol_index` non-git `GitError` guard, and CI/SCA/credential/doc hardening) touch no checker numeric behavior; both suites below were **re-run at 1.0.2 and reproduce the metric-commit figures exactly** — binding-lifecycle to the same content-derived `run_id` `168b50d9aa631d52` — so these changes do not move what the suites measure. v1.1.0 added the `dorian init` scaffolder, the PR-comment renderer enhancements (a status line, trust-change counts, sealed-at, and remediation), and build/VCS guards against editor/file-sync `… 2.py` duplicate files (untracked local artifacts — never tracked, never in a CI wheel or on PyPI); v1.1.1 makes the `dorian init` starter claim load-bearing (a scaffold default). All of this is a new command plus output formatting, scaffold defaults, and packaging hygiene only — touching no checker/binding/fold code — so the figures stand unchanged at 1.1.1 (the suites were last executed at 1.0.2, not re-run since). **v1.2.0** adds C4 import-aware binding (a trigger-axis watch widening that affects only C4 `pytest:` claims — not the C1/C3/C5 symbol/regex/string/path/data paths these suites exercise) and the opt-in, default-off `--strength-gate` (advisory; changes no checker verdict or binding). All three suites were **re-run at v1.2.0 and reproduce the metric-commit figures exactly** — binding-lifecycle again landing on the same content-derived `run_id 168b50d9aa631d52` — so 1.2.0 does not move what they measure. **v1.3.0** adds the Claude Code claim-warrants scaffolder (`dorian claude-code install-claim-warrants`: a new CLI subcommand, packaged skill/hook/settings templates, an opt-in reminder Stop hook, and docs) — a CLI/packaging/docs addition that touches **no checker, binding, or fold code**, so the figures stand unchanged at 1.3.0 (the suites were last executed at v1.2.0, not re-run since). **v1.4.0** adds the Dorian Loop Guard (`dorian loop preflight|prompt|install`) and the governance foundation (`dorian goal`/`gate`/`governance install`, the atomic sidecar writer, the deterministic-core import-firewall test) — loop-steering/preflight commands, host-adapter templates, and docs that touch **no checker, binding, or fold code** — so the figures stand unchanged at 1.4.0 (the suites were last executed at v1.2.0, not re-run since) | |
There was a problem hiding this comment.
📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
Escape the raw pipes in the benchmark table.
The | separators in dorian loop preflight|prompt|install break this Markdown table and trigger the lint warning. Rewrite that fragment or move the release-history narrative out of the table.
Suggested fix
- ... `dorian loop preflight|prompt|install` ...
+ ... `dorian loop preflight / prompt / install` ...📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| | dorian version | `1.4.0` | | |
| | metric commit | `33e9eaf` (the benchmark figures were measured here, during the release audit) | | |
| | release commit | `81cebbc` (1.0.1) → v1.0.2 announcement hotfix. The 1.0.1 changes (C4 leading-dash nodeid rejection, C5 reconcile per-query timeout, a byte-identical index-once `verify` refactor, the `suggest-claims` / `export --in-toto` commands) plus the v1.0.2 hotfix (export `.warrant` filename disambiguation, `suggest-claims` PEP 263 encoding read, a `symbol_index` non-git `GitError` guard, and CI/SCA/credential/doc hardening) touch no checker numeric behavior; both suites below were **re-run at 1.0.2 and reproduce the metric-commit figures exactly** — binding-lifecycle to the same content-derived `run_id` `168b50d9aa631d52` — so these changes do not move what the suites measure. v1.1.0 added the `dorian init` scaffolder, the PR-comment renderer enhancements (a status line, trust-change counts, sealed-at, and remediation), and build/VCS guards against editor/file-sync `… 2.py` duplicate files (untracked local artifacts — never tracked, never in a CI wheel or on PyPI); v1.1.1 makes the `dorian init` starter claim load-bearing (a scaffold default). All of this is a new command plus output formatting, scaffold defaults, and packaging hygiene only — touching no checker/binding/fold code — so the figures stand unchanged at 1.1.1 (the suites were last executed at 1.0.2, not re-run since). **v1.2.0** adds C4 import-aware binding (a trigger-axis watch widening that affects only C4 `pytest:` claims — not the C1/C3/C5 symbol/regex/string/path/data paths these suites exercise) and the opt-in, default-off `--strength-gate` (advisory; changes no checker verdict or binding). All three suites were **re-run at v1.2.0 and reproduce the metric-commit figures exactly** — binding-lifecycle again landing on the same content-derived `run_id 168b50d9aa631d52` — so 1.2.0 does not move what they measure. **v1.3.0** adds the Claude Code claim-warrants scaffolder (`dorian claude-code install-claim-warrants`: a new CLI subcommand, packaged skill/hook/settings templates, an opt-in reminder Stop hook, and docs) — a CLI/packaging/docs addition that touches **no checker, binding, or fold code**, so the figures stand unchanged at 1.3.0 (the suites were last executed at v1.2.0, not re-run since) | | |
| | release commit | `81cebbc` (1.0.1) → v1.0.2 announcement hotfix. The 1.0.1 changes (C4 leading-dash nodeid rejection, C5 reconcile per-query timeout, a byte-identical index-once `verify` refactor, the `suggest-claims` / `export --in-toto` commands) plus the v1.0.2 hotfix (export `.warrant` filename disambiguation, `suggest-claims` PEP 263 encoding read, a `symbol_index` non-git `GitError` guard, and CI/SCA/credential/doc hardening) touch no checker numeric behavior; both suites below were **re-run at 1.0.2 and reproduce the metric-commit figures exactly** — binding-lifecycle to the same content-derived `run_id` `168b50d9aa631d52` — so these changes do not move what the suites measure. v1.1.0 added the `dorian init` scaffolder, the PR-comment renderer enhancements (a status line, trust-change counts, sealed-at, and remediation), and build/VCS guards against editor/file-sync `… 2.py` duplicate files (untracked local artifacts — never tracked, never in a CI wheel or on PyPI); v1.1.1 makes the `dorian init` starter claim load-bearing (a scaffold default). All of this is a new command plus output formatting, scaffold defaults, and packaging hygiene only — touching no checker/binding/fold code — so the figures stand unchanged at 1.1.1 (the suites were last executed at 1.0.2, not re-run since). **v1.2.0** adds C4 import-aware binding (a trigger-axis watch widening that affects only C4 `pytest:` claims — not the C1/C3/C5 symbol/regex/string/path/data paths these suites exercise) and the opt-in, default-off `--strength-gate` (advisory; changes no checker verdict or binding). All three suites were **re-run at v1.2.0 and reproduce the metric-commit figures exactly** — binding-lifecycle again landing on the same content-derived `run_id 168b50d9aa631d52` — so 1.2.0 does not move what they measure. **v1.3.0** adds the Claude Code claim-warrants scaffolder (`dorian claude-code install-claim-warrants`: a new CLI subcommand, packaged skill/hook/settings templates, an opt-in reminder Stop hook, and docs) — a CLI/packaging/docs addition that touches **no checker, binding, or fold code**, so the figures stand unchanged at 1.3.0 (the suites were last executed at v1.2.0, not re-run since). **v1.4.0** adds the Dorian Loop Guard (`dorian loop preflight|prompt|install`) and the governance foundation (`dorian goal`/`gate`/`governance install`, the atomic sidecar writer, the deterministic-core import-firewall test) — loop-steering/preflight commands, host-adapter templates, and docs that touch **no checker, binding, or fold code** — so the figures stand unchanged at 1.4.0 (the suites were last executed at v1.2.0, not re-run since) | | |
| | dorian version | `1.4.0` | | |
| | metric commit | `33e9eaf` (the benchmark figures were measured here, during the release audit) | | |
| | release commit | `81cebbc` (1.0.1) → v1.0.2 announcement hotfix. The 1.0.1 changes (C4 leading-dash nodeid rejection, C5 reconcile per-query timeout, a byte-identical index-once `verify` refactor, the `suggest-claims` / `export --in-toto` commands) plus the v1.0.2 hotfix (export `.warrant` filename disambiguation, `suggest-claims` PEP 263 encoding read, a `symbol_index` non-git `GitError` guard, and CI/SCA/credential/doc hardening) touch no checker numeric behavior; both suites below were **re-run at 1.0.2 and reproduce the metric-commit figures exactly** — binding-lifecycle to the same content-derived `run_id` `168b50d9aa631d52` — so these changes do not move what the suites measure. v1.1.0 added the `dorian init` scaffolder, the PR-comment renderer enhancements (a status line, trust-change counts, sealed-at, and remediation), and build/VCS guards against editor/file-sync `… 2.py` duplicate files (untracked local artifacts — never tracked, never in a CI wheel or on PyPI); v1.1.1 makes the `dorian init` starter claim load-bearing (a scaffold default). All of this is a new command plus output formatting, scaffold defaults, and packaging hygiene only — touching no checker/binding/fold code — so the figures stand unchanged at 1.1.1 (the suites were last executed at 1.0.2, not re-run since). **v1.2.0** adds C4 import-aware binding (a trigger-axis watch widening that affects only C4 `pytest:` claims — not the C1/C3/C5 symbol/regex/string/path/data paths these suites exercise) and the opt-in, default-off `--strength-gate` (advisory; changes no checker verdict or binding). All three suites were **re-run at v1.2.0 and reproduce the metric-commit figures exactly** — binding-lifecycle again landing on the same content-derived `run_id 168b50d9aa631d52` — so 1.2.0 does not move what they measure. **v1.3.0** adds the Claude Code claim-warrants scaffolder (`dorian claude-code install-claim-warrants`: a new CLI subcommand, packaged skill/hook/settings templates, an opt-in reminder Stop hook, and docs) — a CLI/packaging/docs addition that touches **no checker, binding, or fold code**, so the figures stand unchanged at 1.3.0 (the suites were last executed at v1.2.0, not re-run since). **v1.4.0** adds the Dorian Loop Guard (`dorian loop preflight / prompt / install`) and the governance foundation (`dorian goal`/`gate`/`governance install`, the atomic sidecar writer, the deterministic-core import-firewall test) — loop-steering/preflight commands, host-adapter templates, and docs that touch **no checker, binding, or fold code** — so the figures stand unchanged at 1.4.0 (the suites were last executed at v1.2.0, not re-run since) | |
🧰 Tools
🪛 LanguageTool
[grammar] ~15-~15: Ensure spelling is correct
Context: ...fix. The 1.0.1 changes (C4 leading-dash nodeid rejection, C5 reconcile per-query timeo...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
🪛 markdownlint-cli2 (0.22.1)
[warning] 15-15: Table column count
Expected: 2; Actual: 4; Too many cells, extra data will be missing
(MD056, table-column-count)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@docs/BENCHMARK_CURRENT.md` around lines 13 - 15, The benchmark table row
contains unescaped pipe characters in the release-history text, which breaks the
Markdown table structure. Update the entry in BENCHMARK_CURRENT so the `dorian
loop preflight|prompt|install` fragment no longer uses raw table separators, or
move the long narrative out of the table entirely; use the existing
benchmark/version row content as the anchor when editing.
Source: Linters/SAST tools
dorian v1.4.0 — Governance Foundation
A feature release: the deterministic spine of a governance layer for long-running AI coding loops —
a human-authored goal record, a path-derived coverage check, a host-mappable preflight gate, and
one concrete Claude Code governance adapter — plus the Dorian Loop Guard steering layer.
No breaking changes — purely additive. The warrant format, checker grammar, exit codes, fold
policy, and security posture are unchanged; the core stays zero-dependency; and no model is added to
the verification path (a build-time import firewall now proves it).
Summary
dorian is growing from "deterministically verify AI claims about code" into a deterministic
governance kernel for agentic engineering. The guiding thesis: dorian does not train agents to be
good — it makes bad actions non-continuable, non-mergeable, or human-reviewable. "Crime" means an
observable contract violation; "punishment" means a mechanical loss of affordance (a blocked tool
call, a forced repair, a failed gate, a revoked warrant, a human escalation). dorian is the court;
host adapters and CI/branch-protection are the enforcement.
What shipped
Dorian Loop Guard (
dorian loop)dorian loop preflight— re-checks the claim warrants a change touched and emits aCONTINUE / REPAIR / ESCALATE decision packet (
--format json|md|text|prompt). A pure functionof the
revalidateresult,--policy(cautious|assist|unattended), the repair-attempt cap, andthe
--scope/--deny-pathlane. Exits 0 by default;--fail-on repair|escalateopts into ahard exit-4 gate.
dorian loop promptrenders the packet as a next-iteration instruction.dorian loop installscaffolds the/dorian-loop-guardClaude Code skill (+ exampleLOOP.md/STATE.md,--with-action).Governance foundation
dorian goal add/show/check— a human-authored goal record (.dorian/goals/<id>.goal.json,schema_version: 1) plus a deterministic, path-derived coverage diff (goals.coverage_diff→{covered, uncovered}over git-changed, in-scope paths vs. warranted paths).goal check --fail-on-uncoveredexits 4. The goal'sstatementis human context only — never fed to amodel, never used to decide a verdict or "completion".
dorian gate— a host-mappable preflight body: reads a tool-call JSON on stdin, runs the samepure loop preflight, and prints the
continue/repair/escalatepacket. Emits only contract codes(
0/4, plus2for malformed stdin); never uses exit 2 as a veto, reads a clock, or reads anonce.
dorian governance install— one concrete adapter: aSubagentStophook that shellsdorian gateand writes an ephemeral.dorian/local/last-decision.json, and a fail-closedPreToolUseveto (the exit-2 tool-blocklives in the host hook; fails closed under
unattended/godmode, fails open when attended;FRESH_SECONDS = 900), plus a settings example and bundle docs.src/dorian/sidecars.py) — atomic (temp +os.replace), deterministic(sorted-key JSON), path-safe (
ensure_within).tests/test_firewall_import_closure.py) — an ASTimport-closure guard proving no model/network import sits on the verdict path (covers the new
sidecars,goals,governancemodules).freshness boundary, empty-path escalate, malformed-stdin open/closed) and an installed-wheel
dorian governance installscaffold test.GOVERNANCE_DATA_MODEL.md,DORIAN_PANE.md(pane vision — deferred),DORIAN_LOOP_GUARD.md,and gate/C4-flakiness notes in
SECURITY_BOUNDARY.md/VALIDATION_HONESTY.md.Deterministic boundary (unchanged invariants)
No model on the verdict path (firewall-enforced); the core stays zero-dependency; the exit-code
contract, warrant schema, checker grammar, and fold policy are all unchanged. Every governance
detector is a pure function of observable artifacts (git diffs, paths, scope/deny globs, warrants,
revalidate/fold results, coverage diff, decision packets).Adapter boundary
dorian gate/ core emit only0/4. The exit-2 tool-block veto lives only in the Claude CodePreToolUsehost hook; wall-clock and nonce are stamped only by theSubagentStophook into.dorian/local/last-decision.json. The adapter is one concrete Claude Code adapter — no genericprovider abstraction is introduced.
Validation
uv run pytest(incl. slow) green on CI across Python 3.11 / 3.12 / 3.13;ruff checkandruff format --checkclean.dorian gate(0/4, 2 only onmalformed), the firewall, and — as a real
pip installpath — a built wheel installed into a cleanvenv that scaffolds the governance adapter and carries the exit-2 fail-closed veto.
clean and CI-green before merge.
Deferred / cut (not in v1.4)
trust root).
Upgrade notes
Purely additive; no migration required. New subcommands are inert unless invoked; new sidecars are
written only by the new commands. Existing warrants,
verify/revalidate, and the claim-warrantsintegration are untouched. To adopt governance in a repo:
dorian governance install, then merge the.claude/settings.dorian-governance.example.jsonhooks into.claude/settings.json. Removing thefeature = delete
.claude/hooks/dorian_*.pyand the settings entries; the core is unaffected.Security & honesty notes
pytest:) / C5 (shell:) checkers execute code; governance is policy andsteering, not isolation.
PreToolUseveto is aClaude Code host hook — an agent that controls the repository can delete it, edit
.claude/settings.json, or rewrite its own goals/warrants. dorian's real strength is transparencyand auditability, not containment.
.dorian/and.claude/and require thedorian gatestatus check. (Branch protection is not ahard gate against administrators — human/admin bypass is a live surface to log.)
.dorian/local/is ephemeral and gitignored — a transient steering signal, never anauthoritative ledger, and never read back into a verdict.
model-evaluated. Weak binding or weak checker strength means low confidence, not a false claim.
Claude Design boundary
The pane / TUI / brand are deferred.
docs/DORIAN_PANE.mdis a future-facing vision and datacontract, not an implementation — no UI/TUI code ships in this release. Claude Design owns the
final TUI/pane/brand design (layout, typography, color, interaction, README polish, banner, logo);
dorian/Opus owns the deterministic data contracts and governance invariants.
Summary by CodeRabbit
New Features
Documentation
Tests