Skip to content

Track runtime enforcement: Verified Source Check #33

Description

@mdheller

Goal

Track runtime enforcement of source verification for ArtifactSourceLock.

Layer 1 schema ensures structure and frozen metadata. Layer 2 must ensure that the locked source is retrievable and correct.

Acceptance Criteria

  • Any attempt to use an unverified source triggers runtime failure.
  • Any inconsistency between declared source hash and actual content triggers runtime failure.
  • CI fixture placeholder demonstrates the intended runtime failure if violated.

This issue provides a placeholder to reference in PR #27 for Layer 2 enforcement (#M).

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions