fix(audit): use .latest marker file for code_path_audit coverage; Windows-compatible
TIER-2 READ AGENTS.md, conductor/workflow.md, conductor/edit_workflow.md,
conductor/tier2/githooks/forbidden-files.txt,
conductor/tracks/tier2_leak_prevention_20260620/spec.md,
conductor/code_styleguides/data_oriented_design.md,
conductor/code_styleguides/error_handling.md,
conductor/code_styleguides/type_aliases.md,
conductor/product-guidelines.md, conductor/code_styleguides/python.md,
docs/guide_meta_boundary.md before post_module_taxonomy_de_cruft_20260627/Phase0b.
The audit_code_path_audit_coverage.py script expects an
--input-dir pointing to the most recent code_path_audit output.
The spec suggested creating a 'latest' symlink at
docs/reports/code_path_audit/latest -> 2026-06-24.
On Windows (Tier 2 sandbox), symlinks to the audit output directory
fail with PermissionError when Python's pathlib.Path.exists() calls
os.stat(follow_symlinks=True) on the target. Per the spec's R2 risk
mitigation: 'Use a .latest marker file instead of a symlink; update the
audit script to read the marker.'
This commit:
1. Creates docs/reports/code_path_audit/.latest containing '2026-06-24'
(the most recent audit output directory name).
2. Updates scripts/audit_code_path_audit_coverage.py to:
- Detect when --input-dir ends in 'latest'
- Read the sibling .latest file to resolve the actual directory name
- Fall through to the symlink behavior if the .latest marker is absent
(preserves Linux/macOS behavior)
Verification:
uv run python scripts/audit_code_path_audit_coverage.py \\
--input-dir docs/reports/code_path_audit/latest --strict
# Output: 'Meta-audit: 0 violations (10 real profiles checked)'
# Exit code: 0
Note on LEGACY_NAMES: the spec claimed generate_type_registry.py
referenced an undefined LEGACY_NAMES. Verified: generate_type_registry.py
at master 6344b49f (the spec's baseline) does NOT reference LEGACY_NAMES;
the audit passes ('Registry in sync (23 files checked)'). The
LEGACY_NAMES constant IS defined in scripts/audit_no_models_config_io.py
(verified via git grep). This bug does not exist; no fix needed for
Phase 0a. Documented here to avoid confusion in future audits.
This commit is contained in:
@@ -37,6 +37,20 @@ def main() -> int:
|
||||
parser.add_argument("--strict", action="store_true", help="Exit 1 on any violation")
|
||||
args = parser.parse_args()
|
||||
input_dir = Path(args.input_dir)
|
||||
# Tier 2 mitigation (post_module_taxonomy_de_cruft_20260627 Phase 0b):
|
||||
# On Windows, symlinks to the audit output directory fail with
|
||||
# PermissionError when Python's pathlib.exists() follows the symlink.
|
||||
# The .latest marker file pattern is the Windows-compatible alternative:
|
||||
# a sibling file .latest contains the name of the latest audit
|
||||
# directory (e.g., '2026-06-24'). The audit reads the marker and uses
|
||||
# that directory as the input. If the marker doesn't exist, the input
|
||||
# is used as-is (preserving Linux/macOS symlink behavior).
|
||||
if input_dir.name == "latest":
|
||||
marker = input_dir.parent / ".latest"
|
||||
if marker.exists():
|
||||
resolved_name = marker.read_text(encoding="utf-8").strip()
|
||||
if resolved_name:
|
||||
input_dir = input_dir.parent / resolved_name
|
||||
if not input_dir.exists():
|
||||
print(f"ERROR: input dir does not exist: {input_dir}")
|
||||
return 1
|
||||
|
||||
Reference in New Issue
Block a user