Skip to content

safety: migrate sphinx-needs to rivet for SDLC traceability#151

Merged
avrabe merged 2 commits intomainfrom
safety/stpa-initial
Mar 14, 2026
Merged

safety: migrate sphinx-needs to rivet for SDLC traceability#151
avrabe merged 2 commits intomainfrom
safety/stpa-initial

Conversation

@avrabe
Copy link
Collaborator

@avrabe avrabe commented Mar 10, 2026
edited
Loading

Summary

  • Complete STPA safety analysis: losses, hazards, control structure, UCAs, loss scenarios, controller constraints (166 STPA artifacts)
  • Migrate all sphinx-needs content to rivet: 62 requirements, 18 design decisions, 16 features across safety-requirements, functional-requirements, safety-mechanisms, architecture-decisions, and architecture-components YAML files
  • Remove sphinx-needs dependency: cleaned conf.py, requirements.txt; deleted 13 RST tracking files
  • Set up rivet commit-msg hook: validates artifact trailers (Trace/Implements/Fixes/Verifies) on commits touching traced paths; respects exempt commit types (chore/style/ci/docs/build)

Validation

  • rivet validate: PASS — 262 artifacts, 93.0% overall coverage, 0 errors, 16 warnings (expected: draft STPA requirements not yet satisfied)
  • Commit-msg hook tested: accepts valid trailers, rejects missing trailers, respects exempt types

Known Tech Debt

  • ~25 architecture RST files still contain embedded sphinx-needs directives (spec::, impl::, etc.) — causes Sphinx warnings, not errors
  • 16 uncovered requirements: 14 are draft STPA-derived (future work), 2 are genuine gaps (REQ_TEMPORAL_003, REQ_HELPER_ABI_001)

Test plan

  • rivet validate passes with 0 errors
  • Commit-msg hook accepts Trace: SR-7, Implements: AC-RUNTIME, SR-1
  • Commit-msg hook rejects commits missing trailers on traced paths
  • Exempt commit types (chore, docs, etc.) bypass hook
  • No Rust code changes — pre-existing compilation issues unaffected

🤖 Generated with Claude Code

@avrabe @claude
safety: initial STPA analysis (losses, hazards, control structure, UCAs)
5038077 
Adds system-theoretic process analysis for Kiln as a WebAssembly runtime
for safety-critical systems. Covers 8 losses, 10 hazards (with 4 sub-hazards),
10 controllers, 12 controlled processes, and 28 unsafe control actions.

Key areas: execution correctness, memory isolation, component model fidelity,
CFI, WASI capability enforcement, safety-level allocation, and cross-toolchain
canonical ABI consistency with Meld and Synth.

Follows the same STPA schema as Meld (pulseengine/meld/safety/schema/stpa.schema.json).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@avrabe avrabe mentioned this pull request Mar 10, 2026
Merged
@github-actions
Copy link

github-actions bot commented Mar 10, 2026
edited
Loading

🔍 Build Diagnostics Report

Summary

Metric Base Branch This PR Change
Errors 0 0 0
Warnings 2 2 0

🎯 Impact Analysis

Issues in Files You Modified

  • 0 new errors introduced by your changes
  • 0 new warnings introduced by your changes
  • 0 total errors in modified files
  • 0 total warnings in modified files
  • 0 files you modified

Cascading Issues (Your Changes Breaking Other Files)

  • 0 new errors in unchanged files
  • 0 new warnings in unchanged files
  • 0 unchanged files now affected

Note: "Cascading issues" are errors in files you didn't modify, caused by your changes (e.g., breaking API changes, dependency issues).

✅ No Issues Detected

Perfect! Your changes don't introduce any new errors or warnings, and don't break any existing code.

📊 Full diagnostic data available in workflow artifacts

🔧 To reproduce locally:

# Install cargo-kiln
cargo install --path cargo-kiln

# Analyze your changes
cargo-kiln build --output json --filter-severity error
cargo-kiln check --output json --filter-severity warning

@avrabe @claude
safety: migrate sphinx-needs to rivet and remove sphinx-needs dependency
26ae7cc 
Migrate all safety engineering artifacts from sphinx-needs (RST-based)
to rivet (YAML-based SDLC traceability). This completes the full
traceability chain from STPA hazard analysis through requirements,
design decisions, and architectural components.

New rivet artifacts (262 total, 93% coverage):
- safety-requirements.yaml: 38 requirements (24 STPA-derived + 14 migrated)
- functional-requirements.yaml: 23 functional requirements
- safety-mechanisms.yaml: 11 design decisions (memory, CFI, resource, etc.)
- architecture-decisions.yaml: 7 design decisions (build, verification, etc.)
- architecture-components.yaml: 16 features (runtime, decoder, tooling, etc.)
- STPA extensions: controller-constraints, loss-scenarios, system-constraints

Sphinx-needs removal:
- Remove sphinx_needs from docs/source/conf.py extensions and all needs_* config
- Remove sphinx-needs from docs/requirements.txt
- Delete migrated tracking files (requirements, safety_manual, qualification)
- Architecture docs with embedded directives remain for now (tech debt)

Rivet commit hooks:
- Install commit-msg hook calling rivet commit-msg-check
- Configure trailers: Trace, Implements, Fixes, Verifies
- Exempt types: chore, style, ci, docs, build
- Traced paths: all core crates + safety/

Trace: skip

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@avrabe avrabe changed the title safety: initial STPA analysis safety: migrate sphinx-needs to rivet for SDLC traceability Mar 14, 2026
@avrabe avrabe merged commit 49f5ab5 into main Mar 14, 2026
14 checks passed
@avrabe avrabe deleted the safety/stpa-initial branch March 14, 2026 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avrabe