Fix #24 and #25

[lucifer1004]

Summary by CodeRabbit

• New Features

  • Added work-item verification fields (required guards, waivers) with CLI examples; new warning W0112 for known artifact IDs used outside inline [[...]] syntax

• Bug Fixes

  • Fix: scanning/check now use project root when run from subdirectories; suppresses prior W0111 in that scenario

• Documentation

  • RFC-0000 → v1.3.3: clarified inline [[...]] reference expectations; reviewer guidance updated to use diagnostics

• Tests

  • Added tests covering scanning, warnings (W0112), init/gitignore behavior, and work verification edit/get flows

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 72861212-e55b-4a15-9343-498c9a62f4af

📥 Commits

Reviewing files that changed from the base of the PR and between e617fdf and 973a7de.

📒 Files selected for processing (14)

• CHANGELOG.md
• gov/work/2026-06-12-fix-subdirectory-check-path-handling.toml
• gov/work/2026-06-12-raise-patch-coverage-for-pr-26.toml
• src/cmd/check.rs
• src/cmd/migrate/mod.rs
• src/cmd/new/mod.rs
• src/cmd/project_support.rs
• src/config/runtime.rs
• src/scan.rs
• tests/error_tests/rfc_clause_cases/check.rs
• tests/error_tests/schema.rs
• tests/error_tests/work.rs
• tests/test_init.rs
• tests/test_scan.rs

✅ Files skipped from review due to trivial changes (2)

• CHANGELOG.md
• gov/work/2026-06-12-fix-subdirectory-check-path-handling.toml

🚧 Files skipped from review as they are similar to previous changes (7)

• src/cmd/migrate/mod.rs
• tests/test_scan.rs
• src/cmd/new/mod.rs
• src/cmd/check.rs
• src/scan.rs
• src/config/runtime.rs
• src/cmd/project_support.rs

---

📝 Walkthrough

Walkthrough

RFC-0000 is bumped to v1.3.3 to require inline [[artifact-id]] usage for known artifact IDs in reviewable governed prose. A new W0112 warning flags bare known IDs; validation and agents now rely on govctl check diagnostics. Scanning and .gitignore handling use project-root paths. Work-item verification fields, CLI help, schema, and tests are added.

Changes

RFC-0000 Policy and Reference Validation

Layer / File(s)	Summary
RFC-0000 policy clarification and agent guidance docs/rfc/RFC-0000.md, gov/rfc/RFC-0000/clauses/C-REFERENCE-HIERARCHY.toml, gov/rfc/RFC-0000/rfc.toml, .claude/agents/adr-reviewer.md, .claude/agents/rfc-reviewer.md, .claude/agents/wi-reviewer.md	RFC-0000 bumped to v1.3.3 specifying inline [[artifact-id]] syntax for known artifact-ID mentions in reviewable governed prose. Agent reviewer guidance updated to base reference syntax evaluation on govctl check diagnostics (including W0112 handling) and to mark references as “not assessed” when diagnostics are unavailable.
W0112 diagnostic code definition and metadata src/diagnostic/code/mod.rs, src/diagnostic/code/metadata.rs	Added DiagnosticCode::W0112BareArtifactReference with metadata mapping and tests asserting code "W0112" and warning severity.
Bracket reference validation with W0112 warning emission src/validate/bracket_refs.rs, src/validate/mod.rs	Validation now computes per-owner warn_on_bare_text flags and, when enabled, emits W0112 for bare known artifact IDs in RFC/ADR/Work Item prose; includes work-item prose scanning and associated tests.
Project-root path resolution infrastructure src/config/runtime.rs, src/cmd/project_support.rs, src/cmd/check.rs, src/cmd/migrate/mod.rs, src/cmd/new/mod.rs, src/scan.rs	Added Config::project_root(); gitignore helpers and diagnostics become config-aware; scan_source_refs and related flows walk from project_root() and strip that prefix for include/exclude matching.
Work-item verification schema and CLI help gov/schema/edit-ops.json, src/cli/resources/work.rs	Edit-ops schema adds nested verification rules exposing verification.required_guards and verification.waivers; CLI work get and work edit help/examples updated to show these fields.
Work-item verification definition and acceptance criteria gov/work/2026-06-11-expose-work-item-verification-guard-edit-paths.toml, gov/work/2026-06-11-validate-raw-artifact-reference-syntax-for-reviewer-evidence.toml, gov/work/2026-06-12-fix-subdirectory-check-path-handling.toml, gov/work/2026-06-12-raise-patch-coverage-for-pr-26.toml	New work items document acceptance criteria for verification-field edits, reviewer evidence validation, and subdirectory path-handling fixes.
Work-item verification field edit tests tests/edit_tests/work_tests/mod.rs, tests/edit_tests/work_tests/verification.rs	New test helpers and integration tests cover adding/removing verification.required_guards and editing verification.waivers[{index}] guard and reason fields.
Integration tests for W0112 warnings and subdirectory scanning tests/error_tests/rfc_clause_cases/check.rs, tests/error_tests/work.rs, tests/error_tests/schema.rs, tests/test_scan.rs, tests/test_errors.rs, CHANGELOG.md	Tests assert that plain-text known artifact references emit W0112 (and that --deny-warnings can fail the run), bracketed references do not warn, check run from subdirectories uses root .gitignore and project-root-relative scanning, and CHANGELOG updated with these items.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• govctl-org/govctl#19: Related work on reference-hierarchy validation and diagnostics for bare governed artifact-id mentions.
• govctl-org/govctl#21: Related changes touching diagnostics/collect_diagnostics and check flow.

Poem

🐰 I nibble through RFCs and hop the dev trail,
Spotting bare IDs that need a bracketed veil.
W0112 whispers softly in the code-glade light,
Roots steer the scanner home at night,
Guards stand watch and tests make all things right.

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 73.58% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title references specific issues (#24 and #25) but provides minimal context about what the actual changes accomplish.	Consider using a more descriptive title that explains the primary change (e.g., 'Fix subdirectory check path handling and bare artifact reference validation') rather than relying solely on issue numbers.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bugfix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

🧹 Nitpick comments (4)

gov/rfc/RFC-0000/rfc.toml (1)

53-57: 💤 Low value

Consider clarifying the conditional nature of the warning in the changelog.

The changelog entry states that validation "should warn" on bare artifact IDs, but the implementation only emits W0112 for artifacts in reviewable states (Draft RFCs, Proposed ADRs, not-Done Work Items). While this may be acceptable for a high-level changelog entry, consider whether explicitly noting the conditional behavior would help users understand when these warnings appear.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@gov/rfc/RFC-0000/rfc.toml` around lines 53 - 57, Update the changelog entry
for version "1.3.3" to explicitly note that the warning about bare artifact IDs
is conditional — it only emits W0112 for artifacts in reviewable states (Draft
RFCs, Proposed ADRs, non-Done Work Items); modify the "notes" or the specific
entry in "changed" that currently reads "Project validation should warn on known
artifact IDs in governed prose that are not written with inline reference
syntax" to clearly state this scope/condition so users know when the warning
will appear.

src/cli/resources/work.rs (1)

29-40: 💤 Low value

Consider adding a waiver editing example.

The help text mentions both verification.required_guards and verification.waivers at line 33, but only provides an example for required_guards (line 39). Since waivers are edited by index rather than added (per the schema), consider adding an example to clarify the indexed editing pattern:

govctl work get WI-2026-04-06-001 verification.waivers[0].reason

This would help users understand how to access and edit existing waiver fields.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/cli/resources/work.rs` around lines 29 - 40, The after_help string for
the work command currently lists verification.waivers but lacks a usage example;
update the after_help content (the string literal in the #[command(after_help =
"...")] attribute) to include an indexed waiver example such as "govctl work get
WI-2026-04-06-001 verification.waivers[0].reason" so users see the correct
indexed editing pattern for waivers alongside the existing
verification.required_guards example.

tests/edit_tests/work_tests/verification.rs (1)

64-107: 💤 Low value

Consider testing waiver guard change with a different value.

At line 80, the test sets waiver.guard to "GUARD-WAIVED", which is the same value it already has (line 71). While the test verifies that the set operation executes successfully, changing it to a different guard ID would more thoroughly validate that the field update actually persists a new value rather than just executing without error.

Example improvement:

common::write_guard(temp_dir.path(), "GUARD-WAIVED-ALT", "true")?;
// ... later ...
work_edit_set_waiver_guard("WI-2026-01-01-001", 0, "GUARD-WAIVED-ALT"),

Then verify the output contains "GUARD-WAIVED-ALT" in the final get command.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/edit_tests/work_tests/verification.rs` around lines 64 - 107, In
test_work_edit_existing_waiver_guard_and_reason update the guard-change
assertion to actually change the guard value: add a different guard ID via
common::write_guard (e.g., "GUARD-WAIVED-ALT"), call
work_edit_set_waiver_guard("WI-2026-01-01-001", 0, "GUARD-WAIVED-ALT") instead
of re-setting to "GUARD-WAIVED", and update the final work_get_field/assertions
(and the "Set ..." expectation) to check for "GUARD-WAIVED-ALT" so the test
verifies the new value persisted; keep other checks for the reason unchanged.

gov/schema/edit-ops.json (1)

782-835: Clarify SSOT verb support for verification.required_guards vs verification.waivers

• In gov/schema/edit-ops.json (work.verification, lines ~782-835), verification.required_guards allows verbs: ["get","set","add","remove"]; confirm that permitting set on indexed required_guards[i] is intentional (it’s unlike other list roots like notes that only expose add/remove).
• verification.waivers allows verbs: ["get","remove"] (no add), and the only covered edit behavior is setting existing verification.waivers[i].guard / verification.waivers[i].reason—waivers are initially created by pre-populating [[verification.waivers]] in TOML fixtures. If CLI should also support adding new waivers, the SSOT needs an add verb for the waivers list and tests/docs should be updated; otherwise, align CLI/help/ADR wording to explicitly state “waivers are TOML-first; work edit only edits/removes existing waivers.”

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@gov/schema/edit-ops.json` around lines 782 - 835, The review points out
inconsistent SSOT verb support: make an explicit decision and update the schema
and docs accordingly — either (A) allow CLI additions by adding "add" to the
verbs for verification.waivers (and adjust tests/docs/ADR to cover creation of
new waivers via work.edit and ensure waivers' text_key/item handling supports
add), or (B) restrict verification.required_guards to not expose indexed "set"
(remove "set" from its verbs) and update CLI/help/ADR/test wording to state
waivers are TOML-first and work edit only supports get/remove and editing
existing verification.waivers[i].guard/reason; change the verbs on
verification.required_guards and verification.waivers in
gov/schema/edit-ops.json to match the chosen behavior and update any related
tests/docs referenced in the review.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@gov/rfc/RFC-0000/rfc.toml`:
- Around line 53-57: Update the changelog entry for version "1.3.3" to
explicitly note that the warning about bare artifact IDs is conditional — it
only emits W0112 for artifacts in reviewable states (Draft RFCs, Proposed ADRs,
non-Done Work Items); modify the "notes" or the specific entry in "changed" that
currently reads "Project validation should warn on known artifact IDs in
governed prose that are not written with inline reference syntax" to clearly
state this scope/condition so users know when the warning will appear.

In `@gov/schema/edit-ops.json`:
- Around line 782-835: The review points out inconsistent SSOT verb support:
make an explicit decision and update the schema and docs accordingly — either
(A) allow CLI additions by adding "add" to the verbs for verification.waivers
(and adjust tests/docs/ADR to cover creation of new waivers via work.edit and
ensure waivers' text_key/item handling supports add), or (B) restrict
verification.required_guards to not expose indexed "set" (remove "set" from its
verbs) and update CLI/help/ADR/test wording to state waivers are TOML-first and
work edit only supports get/remove and editing existing
verification.waivers[i].guard/reason; change the verbs on
verification.required_guards and verification.waivers in
gov/schema/edit-ops.json to match the chosen behavior and update any related
tests/docs referenced in the review.

In `@src/cli/resources/work.rs`:
- Around line 29-40: The after_help string for the work command currently lists
verification.waivers but lacks a usage example; update the after_help content
(the string literal in the #[command(after_help = "...")] attribute) to include
an indexed waiver example such as "govctl work get WI-2026-04-06-001
verification.waivers[0].reason" so users see the correct indexed editing pattern
for waivers alongside the existing verification.required_guards example.

In `@tests/edit_tests/work_tests/verification.rs`:
- Around line 64-107: In test_work_edit_existing_waiver_guard_and_reason update
the guard-change assertion to actually change the guard value: add a different
guard ID via common::write_guard (e.g., "GUARD-WAIVED-ALT"), call
work_edit_set_waiver_guard("WI-2026-01-01-001", 0, "GUARD-WAIVED-ALT") instead
of re-setting to "GUARD-WAIVED", and update the final work_get_field/assertions
(and the "Set ..." expectation) to check for "GUARD-WAIVED-ALT" so the test
verifies the new value persisted; keep other checks for the reason unchanged.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 3276a6e0-27c1-45ac-b557-a159ae5cc446

📥 Commits

Reviewing files that changed from the base of the PR and between 81014ae and 7808331.

⛔ Files ignored due to path filters (1)

• tests/snapshots/test_help__work_get_help.snap is excluded by !**/*.snap

📒 Files selected for processing (28)

• .claude/agents/adr-reviewer.md
• .claude/agents/rfc-reviewer.md
• .claude/agents/wi-reviewer.md
• docs/rfc/RFC-0000.md
• gov/rfc/RFC-0000/clauses/C-REFERENCE-HIERARCHY.toml
• gov/rfc/RFC-0000/rfc.toml
• gov/schema/edit-ops.json
• gov/work/2026-06-11-expose-work-item-verification-guard-edit-paths.toml
• gov/work/2026-06-11-validate-raw-artifact-reference-syntax-for-reviewer-evidence.toml
• gov/work/2026-06-12-fix-subdirectory-check-path-handling.toml
• src/cli/resources/work.rs
• src/cmd/check.rs
• src/cmd/migrate/mod.rs
• src/cmd/new/mod.rs
• src/cmd/project_support.rs
• src/config/runtime.rs
• src/diagnostic/code/metadata.rs
• src/diagnostic/code/mod.rs
• src/scan.rs
• src/validate/bracket_refs.rs
• src/validate/mod.rs
• tests/edit_tests/work_tests/mod.rs
• tests/edit_tests/work_tests/verification.rs
• tests/error_tests/rfc_clause_cases/check.rs
• tests/error_tests/schema.rs
• tests/error_tests/work.rs
• tests/test_errors.rs
• tests/test_scan.rs