Skip to content

trust: reject non-json payload hashes#254

Open
aayushprsingh wants to merge 1 commit into
qbtrix:mainfrom
aayushprsingh:trust/strict-payload-hash
Open

trust: reject non-json payload hashes#254
aayushprsingh wants to merge 1 commit into
qbtrix:mainfrom
aayushprsingh:trust/strict-payload-hash

Conversation

@aayushprsingh

Copy link
Copy Markdown

Summary

  • make compute_payload_hash reject non-dict payloads and direct Pydantic models with clear errors
  • stop canonical JSON hashing from silently stringifying non-JSON-native values
  • add trust-chain hashing regression tests for list payloads, direct BaseModel payloads, datetime values, and Path values

Fixes #200
Fixes #205

Test plan

  • uv run ruff check src/soul_protocol/spec/trust.py tests/test_trust_chain/test_trust_entry.py
  • $env:PYTHONPATH='src'; uv run pytest tests/test_trust_chain/test_trust_entry.py tests/test_trust_chain/test_chain_manager.py tests/test_trust_chain/test_trust_chain.py

Signed-off-by: Aayush Pratap Singh <as456pratapayush@gmail.com>
Copilot AI review requested due to automatic review settings May 23, 2026 22:59

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@github-actions

github-actions Bot commented Jun 7, 2026

Copy link
Copy Markdown

This PR has been automatically marked as stale because it has not had activity in the last 14 days. It will be closed in 7 days if no further activity occurs. If you're still working on this, please push an update or leave a comment.

@github-actions github-actions Bot added the stale label Jun 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

trust: tighten compute_payload_hash typing + reject Pydantic models trust: harden _canonical_json against non-JSON-native types

2 participants