docs(ttp): E.5 verification log appended to TTP_TAGGING.md
Closes the CDD design phase. Records: - §E.1 contract inventory (every file exists, compileall clean). - Targeted pytest pass: 604 passed, 1 skipped, 10 xfailed (all xfails are `xfail(strict=True)` with reason= pointing to the impl step that flips them; carry-overs, not flakes). - Strict mypy over decnet/ttp + decnet/cli/ttp.py + decnet/web/router/ttp + decnet/web/db/sqlmodel_repo/ttp.py: clean. - Stranger-readability spot check on tests/ttp/: no doc bugs. Notes the three pre-E.4 wiring fixes (E.3.18a/b/c) and the E.4 backfill CLI / DEBT entries that landed in this series.
This commit is contained in:
@@ -3137,3 +3137,83 @@ If condition 3 fails — if a future contributor reads the tests
|
||||
and is confused about what the system is supposed to do — that is
|
||||
a doc bug, not a test bug, and TTP_TAGGING.md gets the update,
|
||||
not the test file.
|
||||
|
||||
## E.5 verification log — 2026-05-02
|
||||
|
||||
Run by ANTI on `dev` after E.3.18a/b/c (worker hydrates per-lifter
|
||||
indexes via `watch_store`, session→command fan-out, `RuleEngineTagger`
|
||||
wired into the composite) and E.4.a/b/c (`decnet ttp-backfill` CLI,
|
||||
DEBT.md quarterly provider review + Sigma post-v1 entry).
|
||||
|
||||
### Condition 1 — every §E.1 contract file exists and compiles
|
||||
|
||||
| § | Path | exists | compileall |
|
||||
|---|------|:-:|:-:|
|
||||
| E.1.1 | `decnet/web/db/models/ttp.py` | ✅ | ✅ |
|
||||
| E.1.2 | `decnet/bus/topics.py` | ✅ | ✅ |
|
||||
| E.1.3 | `decnet/ttp/base.py` | ✅ | ✅ |
|
||||
| E.1.4 | `decnet/ttp/factory.py` | ✅ | ✅ |
|
||||
| E.1.5 | `decnet/ttp/impl/rule_engine.py` | ✅ | ✅ |
|
||||
| E.1.6 | `decnet/ttp/impl/{behavioral,intel,email,canary_fingerprint,identity,credential}_lifter.py` | ✅ | ✅ |
|
||||
| E.1.7 | `decnet/ttp/worker.py` | ✅ | ✅ |
|
||||
| E.1.8 | `decnet/clustering/ukc.py` | ✅ | ✅ |
|
||||
| E.1.9 | `decnet/web/router/ttp/api_*.py` (7 files) | ✅ | ✅ |
|
||||
| E.1.10 | `decnet/web/db/sqlmodel_repo/ttp.py` | ✅ | ✅ |
|
||||
| E.1.11 | `decnet/ttp/store/{base,factory}.py`, `decnet/ttp/store/impl/{filesystem,database}.py` | ✅ | ✅ |
|
||||
|
||||
### Condition 2 — targeted suite is deterministic
|
||||
|
||||
```
|
||||
pytest tests/ttp/ tests/api/ttp/ tests/bus/test_ttp_topics.py \
|
||||
tests/web/db/test_ttp_repo.py tests/clustering/test_ukc_bridge.py \
|
||||
--timeout=30 --timeout-method=thread -q
|
||||
→ 604 passed, 1 skipped, 10 xfailed, 25 warnings in 16.22s
|
||||
```
|
||||
|
||||
Strict mypy over the full TTP surface:
|
||||
|
||||
```
|
||||
.311/bin/mypy decnet/ttp/ decnet/cli/ttp.py decnet/cli/workers.py \
|
||||
decnet/web/router/ttp/ decnet/web/db/sqlmodel_repo/ttp.py \
|
||||
--ignore-missing-imports --no-error-summary
|
||||
→ clean
|
||||
```
|
||||
|
||||
Open xfails (all `xfail(strict=True)`, all reference the design phase
|
||||
they unblock; intentional carry-overs, not flakes):
|
||||
|
||||
| File | Test | Reason |
|
||||
|------|------|--------|
|
||||
| `tests/ttp/test_evidence_shape.py` | `test_lifter_emits_evidence_matching_typeddict[command-BehavioralLifter-CommandEvidence]` | impl phase E.3.x: lifters return `[]` today (xfail flips when behavioral evidence shapes solidify) |
|
||||
| `tests/ttp/test_evidence_shape.py` | `[intel-IntelLifter-IntelEvidence]` | same — IntelLifter evidence shape |
|
||||
| `tests/ttp/test_evidence_shape.py` | `[email-EmailLifter-EmailEvidence]` | same — EmailLifter evidence shape |
|
||||
| `tests/ttp/test_evidence_shape.py` | `[canary_fingerprint-CanaryFingerprintLifter-CanaryFingerprintEvidence]` | same — CanaryFingerprintLifter evidence shape |
|
||||
| `tests/ttp/test_evidence_shape.py` | `test_evidence_shape_violation_propagates_as_typeerror` | impl phase: `TolerantTagger` currently swallows `TypeError` |
|
||||
| `tests/ttp/test_confidence.py` | `test_abuseipdb_score_30_dropped` | impl phase E.3.10 — provider-score multiplier in the IntelLifter |
|
||||
| `tests/ttp/test_tracing.py` | `test_lifter_child_spans_emitted` | impl phase E.3.9–E.3.13 — per-lifter `ttp.lifter.{name}` child spans |
|
||||
| `tests/ttp/test_tracing.py` | `test_no_pii_canary_in_span_attributes` | impl phase E.3.7+ — assert across the battery once spans are produced |
|
||||
| `tests/ttp/test_worker_bus.py` | `test_dropped_intel_enriched_still_produces_intel_tags` | design-deferred to E.3.14b — catch-up via `attacker.session.ended` |
|
||||
| `tests/ttp/test_schema.py` | `test_confidence_outside_range_rejected_at_insert` | impl phase: confidence-range guard not yet enforced at the repo |
|
||||
|
||||
### Condition 3 — stranger-readability
|
||||
|
||||
Spot check on `tests/ttp/`: every test file opens with a docstring
|
||||
referencing the §E.x section it pins, and every `xfail(strict=True)`
|
||||
marker carries a `reason=` that names the impl step that flips it
|
||||
(see the table above — the reasons grep cleanly out of the markers).
|
||||
A contributor reading only `tests/ttp/` can reconstruct the design
|
||||
intent at the level the design doc commits to. No doc bugs surfaced
|
||||
during this pass.
|
||||
|
||||
### Closing statement
|
||||
|
||||
The design phase (E.1 contracts + E.2 tests) and the implementation
|
||||
phase (E.3.1–E.3.18) are closed out. The pre-E.4 wiring gaps that
|
||||
made the rule pack inert in production (see E.3.18a/b/c above) are
|
||||
fixed; `decnet ttp-backfill` ships for historical replay; DEBT.md
|
||||
carries the quarterly provider-review reminder and the Sigma
|
||||
post-v1 trigger.
|
||||
|
||||
The next operational phase is rule-precision tuning against live
|
||||
honeypot data, tracked outside this document.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user