Integrate MAS FEAT and HKMA Ethics compliance into 24h monitor

[OneFineStarstuff]

Enhanced the Omni-Sentinel 24h monitoring script to include regulatory compliance checks for MAS FEAT and HKMA Ethics. Integrated ZK-Fairness proofs and Contextual Attribution Envelopes (CAE) into the PQC-signed WORM audit trail. Refactored the core monitoring logic to enable automated testing and verified the implementation with a new test suite.

---

PR created automatically by Jules for task 14674532106573926159 started by @OneFineStarstuff

Summary by CodeRabbit

• New Features

  • Monitoring system now includes detailed regulatory compliance audit data in all logs
  • Enhanced verification combines multiple compliance signals with system attestation validation

• Tests

  • New test coverage validates monitoring iteration logic and compliance audit data generation

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[code-genius-code-coverage]

The files' contents are under analysis for test generation.

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
src/governance_engine/compliance_engine.py	100% smaller
src/infrastructure/tpm_attestor.py	100% smaller
tests/test_compliance.py	100% smaller
omni_sentinel_24h_monitor.py	42% smaller
.gitignore	Unsupported file format
__pycache__/omni_sentinel_24h_monitor.cpython-312.pyc	Unsupported file format
src/governance_engine/__pycache__/compliance_engine.cpython-312.pyc	Unsupported file format
src/governance_engine/__pycache__/gsri_scoring_engine.cpython-312.pyc	Unsupported file format
src/governance_engine/gsri_scoring_engine.py	0% smaller
src/infrastructure/__pycache__/pqc_worm_logger.cpython-312.pyc	Unsupported file format
src/infrastructure/__pycache__/tpm_attestor.cpython-312.pyc	Unsupported file format
src/infrastructure/pqc_worm_logger.py	0% smaller
tests/__pycache__/__init__.cpython-312.pyc	Unsupported file format
tests/__pycache__/test_compliance.cpython-312.pyc	Unsupported file format
tests/__pycache__/test_governance.cpython-312.pyc	Unsupported file format
tests/__pycache__/test_monitor.cpython-312.pyc	Unsupported file format
tests/test_governance.py	0% smaller
tests/test_monitor.py	0% smaller

[gitnotebooks]

Review these changes at https://app.gitnotebooks.com/OneFineStarstuff/TheOneEverAfter/pull/5

[linear-code]

AXI-8

[sourcery-ai]

Sorry @OneFineStarstuff, you have reached your weekly rate limit of 500000 diff characters.

Please try again later or upgrade to continue using Sourcery

[coderabbitai]

Walkthrough

Refactors omni_sentinel_24h_monitor.py by extracting a run_iteration() function that generates compliance-augmented telemetry, computes G-SRI, runs regulatory compliance checks, validates TPM attestation, and writes WORM batch logs with embedded regulatory audit fields. main() is updated to call run_iteration(). A new tests/test_monitor.py validates this flow; remaining files receive whitespace-only formatting fixes.

Changes

Monitor Refactor and Regulatory Audit Logging

Layer / File(s)	Summary
run_iteration() implementation and main() loop update omni_sentinel_24h_monitor.py	Introduces run_iteration() encapsulating expanded telemetry, G-SRI computation, ComplianceEngine verification, TPMAttestor validation, and WORM batch logging with mas_feat_proof and hkma_ethics_cae_seal audit fields. main() is updated to call run_iteration() and print a consolidated result line.
TestMonitorSystem unit test tests/test_monitor.py	New test creates an isolated WORM bucket, invokes run_iteration(1, ...), asserts result keys (iteration, G-SRI, status, PCR_MATCH, WORM_FILE), confirms the WORM file is written, and verifies regulatory_audit nested fields in the first log entry.
Whitespace and formatting cleanup .gitignore, src/governance_engine/compliance_engine.py, src/governance_engine/gsri_scoring_engine.py, src/infrastructure/pqc_worm_logger.py, src/infrastructure/tpm_attestor.py, tests/test_compliance.py, tests/test_governance.py	Blank lines and inline comment spacing normalized across supporting modules and test files; .gitignore adds __pycache__/, *.pyc, and .env entries. No logic changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• OneFineStarstuff/TheOneEverAfter#2: Introduced the original omni_sentinel_24h_monitor.py monitor loop with G-SRI computation, TPMAttestor.validate_attestation(), and PQCWormLogger batch commits — the same components now refactored into run_iteration() with enriched regulatory audit output in this PR.

Suggested labels

size/XL

Poem

🐇 Hop hop, the monitor grows,
run_iteration() now neatly flows,
MAS FEAT proof and HKMA seal,
WORM logs make compliance real,
Green or Red, the status is clear —
This bunny audits with no fear! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 38.89% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly describes the main feature addition: integrating MAS FEAT and HKMA Ethics compliance checks into the 24-hour monitoring system, which is the primary purpose of this PR.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/regulatory-compliance-integration-axi-8-14674532106573926159

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[difflens]

View changes in DiffLens

[deepsource-io]

DeepSource Code Review

We reviewed changes in 34e5d1c...9a7a939 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade

Security   Reliability   Complexity   Hygiene

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
Python		Jun 20, 2026 8:05a.m.	Review ↗

---

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

[codacy-production]

Not up to standards ⛔

🔴 Issues 10 high · 8 medium · 14 minor

Alerts:
⚠ 32 issues (≤ 0 issues of at least minor severity)

Results:
32 new issues

Category	Results
Compatibility	1 medium
BestPractice	2 medium 1 minor
Documentation	8 minor
Security	5 medium 10 high
CodeStyle	5 minor

View in Codacy

🟢 Metrics 5 complexity · 0 duplication

Metric	Results
Complexity	5
Duplication	0

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.}

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[difflens]

View changes in DiffLens

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/test_monitor.py`:
- Around line 39-40: The open() call when reading the JSON file at filepath does
not specify an encoding parameter, which defaults to the system locale and may
cause issues with special characters. Add the encoding parameter set to 'utf-8'
to the open() function call to ensure consistent UTF-8 encoding regardless of
the system locale.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: fe079a89-5a04-4b0c-a042-b2663f55bad1

📥 Commits

Reviewing files that changed from the base of the PR and between 34e5d1c and 9a7a939.

⛔ Files ignored due to path filters (9)

• __pycache__/omni_sentinel_24h_monitor.cpython-312.pyc is excluded by !**/*.pyc
• src/governance_engine/__pycache__/compliance_engine.cpython-312.pyc is excluded by !**/*.pyc
• src/governance_engine/__pycache__/gsri_scoring_engine.cpython-312.pyc is excluded by !**/*.pyc
• src/infrastructure/__pycache__/pqc_worm_logger.cpython-312.pyc is excluded by !**/*.pyc
• src/infrastructure/__pycache__/tpm_attestor.cpython-312.pyc is excluded by !**/*.pyc
• tests/__pycache__/__init__.cpython-312.pyc is excluded by !**/*.pyc
• tests/__pycache__/test_compliance.cpython-312.pyc is excluded by !**/*.pyc
• tests/__pycache__/test_governance.cpython-312.pyc is excluded by !**/*.pyc
• tests/__pycache__/test_monitor.cpython-312.pyc is excluded by !**/*.pyc

📒 Files selected for processing (9)

• .gitignore
• omni_sentinel_24h_monitor.py
• src/governance_engine/compliance_engine.py
• src/governance_engine/gsri_scoring_engine.py
• src/infrastructure/pqc_worm_logger.py
• src/infrastructure/tpm_attestor.py
• tests/test_compliance.py
• tests/test_governance.py
• tests/test_monitor.py