Description Hardening Sprint Complete
API Modularization (Part 2)
Split cases_api.py (1036 lines) into 7 focused route modules under src/goose/web/routes/:
cases.py — case CRUD (create, list, get, status update)evidence.py — evidence ingest and retrievalanalysis.py — analyze, findings, hypotheses, plugins, diagnostics, audittimeline.py — timeline constructioncharts.py — chart data retrievalexports.py — exports, bundles, replay verification, reportsruns.py — analysis run tracking
All existing routes preserved with identical URLs and response shapes
cases_api.py now serves as thin router aggregator + CaseService provider
Replay/Export Subsystem (Part 3)
Enhanced bundle format with bundle_id, case_metadata, replay_metadata, parse_diagnostics
Export history recorded in case.json via CaseExport model
ReplayVerificationReport model compares bundle versions against current enginePOST /exports/verify-replay — detects EXACT, VERSION_DRIFT, PARTIAL, INCOMPATIBLE statesMissionSummaryReport, AnomalyReport, CrashMishapReport models in src/goose/forensics/reports.pyReport generation routes: GET /exports/reports/mission-summary, /anomaly, /crash
Run-Centered Investigation (Part 4)
GET /runs — list analysis runs for a caseGET /runs/{run_id} — run detail with plugin statuses and hypotheses countGUI run selector in workspace header (dropdown with run metadata)
workspaceState.runId tracked and selectable
Plugin Trust Hardening (Part 5)
fingerprint_plugin() — SHA-256 of plugin source codeTrustPolicy — PERMISSIVE, WARNED, ALLOWLIST_ONLY modesFingerprints computed and trust evaluated at analysis time
Plugin diagnostics record trust verification state
GET /plugins now includes computed_fingerprint, trust_verified, policy_mode
GUI Improvements (Part 6)
Exports tab: Mission Summary, Anomaly Report, Crash/Mishap Report buttons with formatted results
Replay verification UI with bundle selector and match state badges (color-coded)
Run selector dropdown in workspace header
Plugin trust visibility: Verified/Unverified badge, fingerprint prefix, policy mode
Tests
512 tests passing (464 original + 48 new)
test_replay_export.py — bundle creation, export history, replay verificationtest_report_objects.py — all 4 report model round-tripstest_trust_policy.py — PERMISSIVE, ALLOWLIST_ONLY, BLOCKED, fingerprintingtest_api_modularization.py — full regression suite for all routes Reactions are currently unavailable
You can’t perform that action at this time.
Hardening Sprint Complete
API Modularization (Part 2)
cases_api.py(1036 lines) into 7 focused route modules undersrc/goose/web/routes/:cases.py— case CRUD (create, list, get, status update)evidence.py— evidence ingest and retrievalanalysis.py— analyze, findings, hypotheses, plugins, diagnostics, audittimeline.py— timeline constructioncharts.py— chart data retrievalexports.py— exports, bundles, replay verification, reportsruns.py— analysis run trackingcases_api.pynow serves as thin router aggregator + CaseService providerReplay/Export Subsystem (Part 3)
bundle_id,case_metadata,replay_metadata,parse_diagnosticscase.jsonviaCaseExportmodelReplayVerificationReportmodel compares bundle versions against current enginePOST /exports/verify-replay— detects EXACT, VERSION_DRIFT, PARTIAL, INCOMPATIBLE statesMissionSummaryReport,AnomalyReport,CrashMishapReportmodels insrc/goose/forensics/reports.pyGET /exports/reports/mission-summary,/anomaly,/crashRun-Centered Investigation (Part 4)
GET /runs— list analysis runs for a caseGET /runs/{run_id}— run detail with plugin statuses and hypotheses countworkspaceState.runIdtracked and selectablePlugin Trust Hardening (Part 5)
fingerprint_plugin()— SHA-256 of plugin source codeTrustPolicy— PERMISSIVE, WARNED, ALLOWLIST_ONLY modesGET /pluginsnow includescomputed_fingerprint,trust_verified,policy_modeGUI Improvements (Part 6)
Tests
test_replay_export.py— bundle creation, export history, replay verificationtest_report_objects.py— all 4 report model round-tripstest_trust_policy.py— PERMISSIVE, ALLOWLIST_ONLY, BLOCKED, fingerprintingtest_api_modularization.py— full regression suite for all routes