Skip to content

feat(governance): agent governance protocol — gates, evidence, charter, SoD, JIT grants#1234

Open
ohdearquant wants to merge 1 commit into
mainfrom
feat/governance
Open

feat(governance): agent governance protocol — gates, evidence, charter, SoD, JIT grants#1234
ohdearquant wants to merge 1 commit into
mainfrom
feat/governance

Conversation

@ohdearquant
Copy link
Copy Markdown
Owner

@ohdearquant ohdearquant commented May 31, 2026

Summary

  • Adds lionagi/governance/ module (17 files): authorization gates (ALLOW/DENY/ADVISORY), append-only hash-chained evidence log, charter YAML DSL + compiler, OperationContext propagation, TaskCertificate, OTel-compatible tracing, break-glass protocol, JIT grants, separation of duties enforcement
  • Adds lionagi/session/governed_flow.py for governance-wrapped Session.flow()
  • 3-way merges governance hooks into pile.py (append_only), branch.py (evidence_chain, emit_evidence), session.py (charter-aware OperationContext)

Extracted from #1186 (stripped ADR docs, 3-way merged files that diverged on main).

Test plan

  • uv run pytest tests/governance/ — 496 tests pass
  • CI green on this branch

🤖 Generated with Claude Code

@ohdearquant @claude
feat(governance): extract governance module from PR #1186 into clean …
d71c5bd 
…branch

Introduces lionagi/governance/ — agent governance protocol with gates,
evidence chains, charter DSL, separation of duties, JIT grants, break-glass,
and tracing. Wires governance hooks into Branch.operate() and Session.flow()
via 3-way merge against main (post-capability-bus changes).

Key changes:
- New lionagi/governance/ module: 18 files (gates, evidence, charter, compiler,
  dsl, context, certificate, tracing, breakglass, jit_grant, sod, targets,
  resolution, governed_tool, flow_integration, session_integration shim)
- New lionagi/session/governed_flow.py: governed_flow() async function
- Pile: append_only mode + PileAppendOnlyError (guards mutations on evidence piles)
- Branch.operate(): ctx: OperationContext param + governance context wiring
- Session.flow(): charter-aware OperationContext injection
- 496 governance tests passing

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ohdearquant