Summary
I need a complete audit artifact for compliance reviews and incident response.
Use case
Auditors ask exactly what policy/version transformed which input, when, and with what run settings.
Expected behavior
Report should include immutable metadata needed for chain-of-custody and reproducibility.
Proposed change
Add fields to report:
- dumpling version
- run timestamp + run ID
- config source + config checksum
- input checksum and output checksum (or per-file checksums)
- strict mode/security profile flags
- summary of validation outcomes (coverage/scan status)
Acceptance criteria
- One JSON artifact can support audit review without manual reconstruction.
- Metadata is consistent across deterministic re-runs.
- Docs include “audit evidence” usage example
Summary
I need a complete audit artifact for compliance reviews and incident response.
Use case
Auditors ask exactly what policy/version transformed which input, when, and with what run settings.
Expected behavior
Report should include immutable metadata needed for chain-of-custody and reproducibility.
Proposed change
Add fields to report:
Acceptance criteria