Skip to content

chore(stpa): migrate 501 shorthand link fields to canonical blocks — rivet validate PASS#140

Merged
avrabe merged 1 commit intomainfrom
chore/stpa-canonical-links
Apr 22, 2026
Merged

chore(stpa): migrate 501 shorthand link fields to canonical blocks — rivet validate PASS#140
avrabe merged 1 commit intomainfrom
chore/stpa-canonical-links

Conversation

@avrabe
Copy link
Copy Markdown
Contributor

@avrabe avrabe commented Apr 22, 2026

Summary

rivet validate on main: FAIL (625 errors, 174 warnings, 0 broken cross-refs).
This PR: PASS (91 warnings) — all 625 cardinality ERRORs resolved.

Root cause

Rivet's schema declares link-fields for STPA types (e.g. uca.controller → issued-by, uca.hazards → leads-to-hazard). Authors used the shorthand form at the top level of each artifact:

- id: UCA-1
  type: uca
  controller: CTRL-PARSER
  hazards: [H-5]

Rivet's stpa-yaml source format does not expand shorthand into the links: graph, so every artifact's link-counter reported "requires N targets, found 0" despite the cross-refs resolving fine (hence the 0 broken cross-refs paradox).

Upstream fix tracked at pulseengine/rivet#154.

What this PR does

  • Adds a canonical links: block to 501 artifacts across 4 of 8 STPA YAML files, derived from their existing shorthand fields.
  • Preserves the shorthand fields (authors keep writing them; stpa-yaml keeps accepting them).
  • Fixes 6 type: safety-requirement artifacts in rendering-analysis.yaml to type: requirement — that type isn't declared in any loaded schema.

Insertions per file:

File Links added
safety/stpa/analysis.yaml 185
safety/stpa/solver-analysis.yaml 201
safety/stpa/security.yaml 106
safety/stpa/rendering-analysis.yaml 9
(requirements, architecture, validation, solver-requirements: unchanged) 0

Migration driver

scripts/stpa_migrate_links.py — text-based line transformer. Preserves all comments and formatting; only inserts new lines after each type: line.

Mapping table hardcoded from AS-5506D §4-§11 + rivet's stpa schema:

hazard.losses              → leads-to-loss
sub-hazard.parent          → refines
system-constraint.hazards  → prevents
uca.controller             → issued-by
uca.hazards                → leads-to-hazard
controller-constraint.controller → constrains-controller
controller-constraint.ucas → inverts-uca
controller-constraint.hazards → prevents
loss-scenario.uca / .ucas  → caused-by-uca
loss-scenario.hazards      → leads-to-hazard
control-action.source      → issued-by
control-action.target      → acts-on

Test plan

  • rivet validate goes FAIL → PASS.
  • Zero broken cross-refs before and after (invariant preserved).
  • Diff verified — no deletions, pure additive insertions (except the 6 safety-requirement → requirement type corrections).
  • Re-running the script on already-migrated files is idempotent (detects existing links: blocks and skips).

Not in this PR

  • The 91 remaining warnings are traceability coverage gaps (e.g. "UCA should be addressed by at least one controller constraint"). Coverage gaps — real, but separate work.
  • The 976 INFO-level schema-drift messages (fields like method, traces-to, mitigates not declared in schema) are unaffected by this migration. Fix requires either upstream rivet schema updates or further artifact rewriting — tracked at rivet#154.

🤖 Generated with Claude Code

@avrabe @claude
chore(stpa): migrate shorthand fields to canonical links: blocks
c1dcc8c 
Rivet's schema declares link-fields for STPA types (e.g. `uca.controller
→ issued-by`, `uca.hazards → leads-to-hazard`), but authors used the
shorthand form (`controller: CTRL-X` at top level). Rivet's stpa-yaml
source format does not expand the shorthand into the `links:` graph,
so every artifact reported as "requires 1 target, found 0" despite
0 broken cross-refs.

This PR inserts a canonical `links:` block after each artifact's
`type:` line, derived from the shorthand fields. Shorthand is
preserved (authors keep writing it; stpa-yaml keeps accepting it) —
the migration only ADDS explicit entries for rivet's link-counter.

Also fixes 6 artifacts in rendering-analysis.yaml that used `type:
safety-requirement` — a type not declared in any loaded schema — by
changing them to `type: requirement` (the closest declared type; the
artifacts are requirements derived from STPA hazard analysis).

Migration driver: scripts/stpa_migrate_links.py (text-based line
transformer, preserves all comments and formatting).

Before: `rivet validate` → FAIL (625 errors, 174 warnings, 0 broken cross-refs)
After:  `rivet validate` → PASS (91 warnings)

Upstream: pulseengine/rivet#154 tracks the stpa-yaml parser side.
Once rivet expands shorthand natively, this migration becomes
redundant but not harmful (the explicit entries are still correct).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 22, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@avrabe avrabe merged commit a197bef into main Apr 22, 2026
11 checks passed
@avrabe avrabe deleted the chore/stpa-canonical-links branch April 22, 2026 20:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@avrabe