|
1. Workspace Config & Setup 
|
2. Analysis Dashboard 
|
|
3. Side-by-Side Drift Viewer 
|
4. AI Auditor Chat 
|
|
5. Accepted Fix Status 
|
6. Exported R2 Signed Bundle 
|
The Audit Lifecycle: 1. Scans repository exports -> 2. Checks document mentions -> 3. Classifies drift & suggests corrections -> 4. Persists scan history to Anna KV -> 5. Exports signed
.patchbundles to Cloudflare R2.
Documentation rots silently. As APIs evolve, README guides and comment blocks drift, leading to onboarding failures and broken integrations.
DocDrift solves this by walking local codebases inside a secure sandbox to parse symbols (functions, classes, endpoints), hashing signatures via SHA-256, and cross-referencing them against Markdown files. Sensitive code snippets are encrypted under AES-GCM-256 prior to LLM drift classification.
- β‘ Local Walkers: Lightweight Python Executa process directory scans in <10ms.
- π IP Protection: Ephemeral local AES keys encrypt snippets in transit and KV storage.
- π€ Auditor Agent: Interactive
agent.session.*chatbot to explain and review signature drift. - π¦ R2 Export: Generates unified
.patchbundles and uploads to R2 viahost/uploadFilereverse-RPC. - πΎ Persistent History: Scan history persisted to Anna Persistent Storage (APS KV) via
storage/setβ no external database needed.
graph TD
UI[HTML/CSS/JS Iframe] -->|window.open_view| DV[Drift Viewer View]
UI -->|tools.invoke| EX[Python Executa Process]
EX -->|SHA-256| HASH[Symbol Hash Verification]
EX -->|AES-GCM-256| CRYP[Local Snippet Encryptor]
CRYP -->|sampling/createMessage| LLM[Host LLM Reverse-RPC]
EX -->|host/uploadFile| R2[Anna R2 Object Storage]
EX -->|storage/set + storage/get| APS[Anna Persistent Storage KV]
UI -->|storage.set/get| APS
DocDrift exercises the full Anna SDK capability surface:
| Method | Purpose | Implementation |
|---|---|---|
sampling/createMessage |
LLM inference for drift classification | _sample() in plugin.py |
storage/get |
Read persistent scan history from APS KV | _storage_get() in plugin.py |
storage/set |
Write scan history entries to APS KV | _storage_set() in plugin.py |
storage/delete |
Remove scan entries from APS KV | _storage_delete() in plugin.py |
storage/list |
List all past scan keys in APS KV | _storage_list() in plugin.py |
host/uploadFile (inline) |
Upload generated .diff patches to R2 |
_host_upload_inline() in plugin.py |
host/uploadFile (negotiate+confirm) |
Stream large reports to R2 | _host_upload_negotiate() and _host_upload_confirm() |
embeddings/create |
Compute dense vectors for code and docs | _embed() in plugin.py |
image/generate |
Generate visual architecture illustrations | _image_generate() in plugin.py |
files/upload_begin + complete |
Durable artifact uploads (2-phase) | _files_upload() in plugin.py |
files/download_url |
Mint presigned links for archived reports | _files_download_url() in plugin.py |
files/list |
List archived report files | _files_list() in plugin.py |
files/delete |
Purge archived files | _files_delete() in plugin.py |
agent/complete |
Stateless L1 completion | _agent_complete() in plugin.py |
agent/session.create + run + history + cancel + delete |
Stateful L2 multi-turn agent sessions | _agent_session_create(), _agent_session_run(), etc. |
| Capability | Usage |
|---|---|
llm.sample |
Host-brokered LLM for drift classification & stateless completion |
llm.embed |
Vector embedding compute for semantic search |
llm.image |
DALL-E visual diagram generation |
llm.agent.auto |
Stateful multi-turn L2 agent sessions |
aps.kv |
Persistent scan history (last 50 scans) |
host.upload |
R2 artifact upload for generated patches |
| Feature | Status |
|---|---|
schema: 2 |
β |
host_capabilities |
β
llm.sample, llm.embed, llm.image, llm.agent.auto, host.upload |
user_message_prefix_template |
β |
system_prompt_addendum |
β |
optional_executas |
β |
csp_overrides |
β |
state_merge |
β |
dev.fixtures |
β |
dev.seed_storage |
β |
host_api.upload (negotiate + confirm) |
β |
host_api.chat (write_message + append_artifact) |
β |
host_api.storage (get/set/delete/list) |
β |
host_api.window (set_title/open_view/close) |
β |
host_api.llm (complete/embed) |
β |
host_api.image (generate) |
β |
host_api.agent (session) |
β |
Multiple views with min_size/max_size |
β 2 views |
| Developer Console | β Interactive SDK playground & live log console |
tags |
β |
| Layer | Algorithm |
|---|---|
| Snippet encryption | AES-GCM-256 (ephemeral session keys) |
| Symbol hashing | SHA-256 |
- Winner Takes All β $300: Deep, real Anna integration β host LLM
sampling/createMessage, APS KV storage (get/set/list/delete), durable APS Files, R2 uploads,embeddings/createsemantic search, andimage/generatediagrams β all driven through real Executa tools, a multi-view UI (main+drift_viewer), andchat.append_artifactcards, with local AES-GCM-256 cryptography. A sandboxed Developer Console lets you exercise the Host-API surface live (calls return labeled mock responses when run outside the Anna host).
dorahacks-anna-docdrift/
βββ app.json # App listing metadata
βββ manifest.json # Anna App manifest (schema: 2)
βββ LICENSE # MIT License
βββ DECISIONS.md # Architectural decisions log
βββ SPONSOR_DEFENSE.md # SDK integration citations
βββ package.json # Project script definitions
βββ bundle/
β βββ index.html # Frontend SPA structure
β βββ styles.css # Modern dark theme styles
β βββ tokens.css # Design tokens
β βββ app.js # State engine, SDK bridge & fallback mocks
β βββ anna-tool-ids.js # Auto-generated tool bindings
β βββ apple-touch-icon.png # Mobile browser bookmark icon
β βββ icon.svg # Embedded app icon
βββ executas/
β βββ docdrift/
β βββ pyproject.toml # Executa package configuration
β βββ executa.json # Executa config (host_capabilities, distribution)
β βββ plugin.py # Stdio JSON-RPC handler + APS KV + R2 upload
βββ fixtures/
β βββ drift_seed.jsonl # Dev fixture data for offline testing
βββ data/
β βββ fixtures/ # Additional seed data
βββ docs/
β βββ AUDIT_REPORT.md # Threat model and invariants
β βββ friction-log.md # Integration friction log
β βββ icon.svg # Document icon
β βββ readme-hero.svg # Tactical vector header SVG
β βββ assets/ # HTML templates and asset generators
β βββ screenshots/ # Step-by-step UX walkthrough screenshots
βββ public/
β βββ icon.svg # Standalone app icon SVG
β βββ og-image.png # Open Graph banner PNG
β βββ pitch.html # Standalone marketing pitch deck HTML
βββ scripts/
β βββ bench.py # Latency and recall benchmarks
β βββ verify_offline.py # Air-gapped container test
β βββ record-docdrift.mjs # Puppeteer demo recording
βββ tests/
βββ test_plugin.py # Complete unit tests (100% offline coverage)
- Python β₯ 3.10
- Node.js β₯ 20
uv(Python packaging tool)
- Clone the repository:
git clone https://github.com/edycutjong/docdrift.git
- Navigate to codebase:
cd docdrift - Install npm dependencies:
Installs the required
@anna-ai/clidevDependency locally:npm install
- Run the development harness:
npm run dev # or npx anna-app dev
DocDrift includes a full verification harness with unit tests, offline air-gap audits, and benchmarks:
# ββ Run Unit Tests (105+ assertions) ββββββββ
PYTHONPATH=. python3 tests/test_plugin.py
# ββ Run Air-Gapped Offline Verification ββββββ
PYTHONPATH=. python3 scripts/verify_offline.py
# ββ Run Performance Benchmarks ββββββββββββββ
PYTHONPATH=. python3 scripts/bench.py| Layer | Tool | Status |
|---|---|---|
| Code Quality | Pytest + Local Assertions | β |
| Unit Testing | 100+ parameterized assertions | β |
| Air-Gap Scan | Mock socket offline check | β |
| Latency Audit | bench.py latency analysis | β |
Licensed under MIT. Copyright Β© 2026 Edy Cu.