feat: adds proof ingestion workflow

[semmet95]

Summary by CodeRabbit

• Chores
  • Added automated weekly workflow for ingesting new proofs with automatic pull request creation
  • Added automation to post newly added proofs on merge to main branch
  • Updated documentation posting automation to exclude proofs directory and process sources before claims
  • Removed proof records for BBC FIFA-Italy-Iran and NYT Pentagon-Google articles

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[coderabbitai]

Warning

Rate limit exceeded

@semmet95 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 55 minutes and 11 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 40a42b3c-da2d-40fc-8d99-5c68e7435b30

📥 Commits

Reviewing files that changed from the base of the PR and between 926c455 and c83f3ea.

📒 Files selected for processing (2)

• proofs/fifa-italy-iran/theweek.yaml
• proofs/pentagon-google-ai/war-gov.yaml

📝 Walkthrough

Walkthrough

This PR separates proof handling from the existing document-posting pipeline by introducing two new workflows: fetch_ingest_proofs.yml automates weekly proof ingestion with retry logic and PR creation, while post_proofs_on_merge.yml posts newly added proofs on merge. The existing post_on_merge.yml is refactored to handle only sources/ and claims/, and refresh_scores.yml is updated to coordinate with the new proof-posting workflow. One stale proof data file entry is removed.

Changes

Proof Pipeline Separation

Layer / File(s)	Summary
Proof fetch and ingest workflow .github/workflows/fetch_ingest_proofs.yml	New workflow runs on schedule and manual dispatch; checks out main, installs Python 3.12 and dependencies, creates a branch with the run ID, executes ingest_proofs.py with retry logic (up to 3 attempts, 60-second backoff), stages and commits changes if present, and conditionally opens a pull request with a fixed title describing the scheduled proof addition.
Proof posting on merge workflow .github/workflows/post_proofs_on_merge.yml	New workflow detects newly added files under proofs/ on push to main, stores the file list in ADDED_FILES environment variable, and conditionally runs post_requests.py with API credentials when changes exist; otherwise logs that there are no new documents to post.
Document type separation and coordination .github/workflows/post_on_merge.yml, .github/workflows/refresh_scores.yml	post_on_merge.yml no longer detects or posts proofs/ entries; now handles only sources/ and claims/ with reordered logic. refresh_scores.yml updates the watched upstream workflow name from POST New Documents on Merge to POST New Proof Documents on Merge to trigger score refreshes from the new proof-specific pipeline.
Proof data cleanup proofs/bbc/fifa-italy-iran/supports/theweek.yaml	Removes the claimUriDigest, supportsClaim, reviewedBy, and uri fields from the support entry.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• SatyaLens/sources#41: The new fetch_ingest_proofs.yml workflow directly executes the proof ingestion script introduced in this PR.
• SatyaLens/sources#24: Both PRs refactor the post_on_merge.yml workflow to reorder and separate document type detection (sources before claims before proofs).
• SatyaLens/sources#40: This PR's separation of proof posting from sources/claims posting affects how newly added claims would be detected and posted on merge.

Poem

🐰 A proof pipeline blooms, split clean and fair,
Weekly ingests hop through the autumn air,
Sources and claims stay nestled in place,
While proofs race ahead at their own brisk pace!
🥕✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main focus of the PR, which is the addition of a proof ingestion workflow with related supporting changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/proof-ingestion-workflow

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/fetch_ingest_proofs.yml:
- Around line 24-31: The workflow uses floating action tags
(actions/checkout@v4, actions/setup-python@v6) and leaves checkout credentials
persisted; update the checkout and setup-python steps to pin to specific commit
SHAs instead of version tags and add persist-credentials: false to the
actions/checkout step to avoid exposing tokens. Locate the Checkout step (uses:
actions/checkout) and replace the tag with the canonical commit SHA for the
desired release, add the persist-credentials: false key under its with block,
and likewise replace actions/setup-python@v6 with its exact commit SHA to ensure
immutability.

In @.github/workflows/post_proofs_on_merge.yml:
- Around line 9-12: The job "post" currently relies on default workflow
permissions; add explicit least-privilege permissions for this job by setting
permissions.contents: read (since it only needs repo checkout/read access) under
the "post" job definition so the workflow doesn't inherit broader-than-needed
rights.
- Around line 13-19: The workflow uses mutable tags for actions and omits
disabling persisted credentials: replace the loose versions actions/checkout@v4
and actions/setup-python@v6 with their corresponding full commit SHAs and add
persist-credentials: false to the actions/checkout step; update the checkout
step (actions/checkout) to include the persist-credentials: false key and pin
both actions (actions/checkout and actions/setup-python) to exact commit SHAs to
ensure immutability.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: bbc8e6da-ad30-4423-b6a9-62c3b6d7c43f

📥 Commits

Reviewing files that changed from the base of the PR and between b5bdc6d and 926c455.

📒 Files selected for processing (13)

• .github/workflows/fetch_ingest_proofs.yml
• .github/workflows/post_on_merge.yml
• .github/workflows/post_proofs_on_merge.yml
• .github/workflows/refresh_scores.yml
• proofs/ai-backlash/idahonews.yaml
• proofs/bbc/fifa-italy-iran/supports/theweek.yaml
• proofs/china-zero-tarrif/gov-cn.yaml
• proofs/eu-sa-trade-deal/policy-trade-europa.yaml
• proofs/fifa-wc-caution/amnestyusa.yaml
• proofs/india-gdp/gov-in.yaml
• proofs/moore-threads-share/investing.yaml
• proofs/nyt/pentagon-google-ai/supports/war-gov.yaml
• proofs/us-tarrifs/economic-times.yaml

💤 Files with no reviewable changes (2)

• proofs/nyt/pentagon-google-ai/supports/war-gov.yaml
• proofs/bbc/fifa-italy-iran/supports/theweek.yaml

[cubic-dev-ai]

3 issues found across 13 files

<sub>Reply with feedback, questions, or to request a fix.

Re-trigger cubic</sub>