Skip to content

[MEDIUM] Expand run report into compliance-ready audit artifact #13

Description

@ababic

Summary

I need a complete audit artifact for compliance reviews and incident response.

Use case

Auditors ask exactly what policy/version transformed which input, when, and with what run settings.

Expected behavior

Report should include immutable metadata needed for chain-of-custody and reproducibility.

Proposed change

Add fields to report:

  • dumpling version
  • run timestamp + run ID
  • config source + config checksum
  • input checksum and output checksum (or per-file checksums)
  • strict mode/security profile flags
  • summary of validation outcomes (coverage/scan status)

Acceptance criteria

  • One JSON artifact can support audit review without manual reconstruction.
  • Metadata is consistent across deterministic re-runs.
  • Docs include “audit evidence” usage example

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions