Skip to content

fix(cli): standardize policy eval output to match attestation violation format#2973

Merged
migmartri merged 1 commit into
chainloop-dev:mainfrom
migmartri:fix/standardize-eval-violation-format
Mar 31, 2026
Merged

fix(cli): standardize policy eval output to match attestation violation format#2973
migmartri merged 1 commit into
chainloop-dev:mainfrom
migmartri:fix/standardize-eval-violation-format

Conversation

@migmartri

Copy link
Copy Markdown
Member

Summary

  • Unified the policy develop eval command output to use the same violation structure as attestation storage
  • Replaced separate violations (string array) and structured_violations (object array) fields with a single violations array of full PolicyEvaluation_Violation objects (subject, message, and optional finding)
  • All violations are now uniformly serialized via protojson regardless of whether they have structured findings

Breaking change

The violations field in the eval JSON output changes from []string to []object. Each object contains subject, message, and optionally a typed finding (e.g. vulnerability, sast, license_violation). The structured_violations field is removed.

@migmartri migmartri requested review from Piskoo, javirln, jiparis and matiasinsaurralde and removed request for Piskoo March 31, 2026 12:06

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@migmartri migmartri force-pushed the fix/standardize-eval-violation-format branch from 958140f to f4ef70f Compare March 31, 2026 12:15
…on format

Replace dual violations/structured_violations fields in EvalResult with
a single violations array of protojson-marshaled PolicyEvaluation_Violation
objects, matching the format stored in attestations. Subject field is
excluded since it's redundant in the eval context (always the policy name).

Signed-off-by: Miguel Martinez <migmartri@gmail.com>
Signed-off-by: Miguel Martinez Trivino <miguel@chainloop.dev>
@migmartri migmartri force-pushed the fix/standardize-eval-violation-format branch from f4ef70f to 90eaace Compare March 31, 2026 12:17
@migmartri migmartri merged commit 2a1a764 into chainloop-dev:main Mar 31, 2026
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants