Skip to content

Release-readiness evidence handoff

Use this page when evidence from PR Quality, Runtime Proof, ProtectedVerifier, or the evidence graph needs to be summarized for release-readiness review.

The handoff is reporting-only. It packages evidence for humans; it does not authorize release, merge, patch application, security dismissal, or semantic-equivalence claims.

Handoff inputs

A complete release-readiness handoff may reference:

  • PR Quality Review Dashboard status;
  • PR Quality Artifact Center inventory;
  • Runtime Proof summary artifacts;
  • ProtectedVerifier decision output;
  • evidence graph summary;
  • artifact source map;
  • operator evidence review guide.

Handoff template

Use this structure in release notes or command-center comments:

### Evidence reviewed
- PR Quality dashboard:
- PR Quality artifact center:
- Runtime Proof summary:
- ProtectedVerifier decision:
- Evidence graph/source map:

### Authority boundary
- Patch application allowed: false
- Security dismissal allowed: false
- Merge authorization: false
- Semantic-equivalence claim: false
- Semantic-equivalence proof: false

### Human decision required
- Reviewer:
- Required proof:
- Remaining blocker:

Review rules

Release-readiness language must stay factual:

  • say evidence is present, absent, or not collected;
  • say a blocker is reviewable or needs investigation;
  • cite artifact names or docs;
  • avoid saying evidence approves a merge;
  • avoid saying replay proves semantic equivalence;
  • avoid implying stale alerts can be dismissed automatically.

Blocked handoff

A release-readiness handoff is blocked when:

  • any artifact grants merge authorization;
  • any report says patch application is automatic;
  • any report says security dismissal is automatic;
  • any replay evidence claims semantic equivalence;
  • missing evidence is hidden;
  • the human reviewer cannot identify the source artifact.

Release-readiness evidence package

Use the local package when release evidence needs one reviewer-facing bundle:

python -m sdetkit.release_readiness_evidence_package \
  --root . \
  --out-json build/sdetkit/release-readiness-evidence/package.json \
  --out-md build/sdetkit/release-readiness-evidence/package.md \
  --format text

The package summarizes package build, twine metadata check, wheel contents check, smoke install, release preflight, provenance attestation, diagnostics upload, and post-publish or rollback verification evidence. It is reporting-only and does not authorize release, publish, merge, patch automation, security dismissal, or semantic-equivalence claims.

Trusted PR Quality decision pair

The release package may ingest the contributor-facing PR decision only when it is paired with the trusted publisher handoff manifest:

python -m sdetkit release-readiness-evidence-package   --root .   --pr-quality-summary /path/to/pr-review-summary.md   --pr-quality-handoff-manifest /path/to/manifest.json   --out-json build/sdetkit/release-readiness-evidence/package.json   --out-md build/sdetkit/release-readiness-evidence/package.md   --format json

The two arguments are optional, but they must be supplied together. The package validates:

  • sdetkit.pr_quality_publisher_handoff.v1;
  • the exact PR head SHA against the release package head;
  • the strict reporting-only authority boundary;
  • the three-file publisher payload inventory;
  • the recorded size and SHA-256 of payload/pr-review-summary.md;
  • exactly six contributor decision rows.

Collection states are not_requested, collected, missing, malformed, stale, and digest_mismatch. Any requested evidence that is missing, malformed, stale, or mismatched keeps the package in review_required.

A collected ready decision with no blocker and clear required-check and security posture is non-blocking evidence only. It does not set safe_to_publish, release_authorized, publish_authorized, or merge_authorized.

Provenance and freshness contract

The release-readiness evidence package is bound to the current Git HEAD and the exact bytes of the inputs that determine its conclusions:

  • Makefile;
  • .github/workflows/release.yml;
  • docs/release-readiness-evidence-handoff.md;
  • docs/artifact-reference.md.

Generate the package through the root command:

python -m sdetkit release-readiness-evidence-package   --root .   --out-json build/sdetkit/release-readiness-evidence/package.json   --out-md build/sdetkit/release-readiness-evidence/package.md   --format json

Verify freshness without regenerating or mutating release state:

python -m sdetkit release-readiness-evidence-package   --root .   --out-json build/sdetkit/release-readiness-evidence/package.json   --check-freshness   --format text

A stale result means the recorded input digest, generator bytes, schema, or Git HEAD no longer matches the current repository. Freshness is reporting-only; it does not authorize release, publishing, merging, patch application, security dismissal, workflow reruns, or semantic-equivalence claims.

Post-merge verification product surface

After merge, collect GitHub evidence into a deterministic directory:

pr.json
main-status.json
review-threads.json
security-check.json

Generate the reporting-only verification artifact:

python -m sdetkit post-merge-verification   --root .   --evidence-dir <evidence-dir>   --previous-main-sha <sha>   --out-json build/sdetkit/post-merge-verification/report.json   --out-md build/sdetkit/post-merge-verification/report.md   --format text

The command performs local Git reads only. It never calls GitHub, modifies the repository, reruns workflows, resolves review threads, dismisses security alerts, publishes, releases, or merges.

Curated recipes and sanitized samples

For copy-ready generation, trusted-handoff, post-merge, freshness, state interpretation, and troubleshooting guidance, use Release evidence recipes and sanitized proof samples.

That page is the operator recipe. This handoff page remains the policy and review-boundary reference.