fix(ontology): move :AnnexIII_Condition_1a and :AnnexIII_Condition_5b to governance extension#69
Merged
Conversation
… to governance extension
Deduplicates universal regulatory content out of two per-fixture instance
files into ARCO_governance_extension.ttl. Closes regulatory_alignment FAIL
and traceability FAIL on the Adversarial Decoy and Blanknode Ghost fixtures
by making the regulatory condition declarations visible to every fixture
that imports the governance extension.
Why
Both audit queries (check_regulatory_alignment.sparql, check_assessment_
traceability.sparql) require the condition to be typed :RegulatoryContent
in the merged graph. The conditions were declared only in
ARCO_instances_sentinel.ttl (1(a)) and ARCO_instances_creditscoring.ttl
(5(b)). Fixtures that don't import either file (Decoy, Ghost) referenced
the conditions via iao:0000136 but the type assertion wasn't present, so
both audit queries returned FAIL for fixture-distribution reasons, not
fixture-semantics reasons.
What changes
- ARCO_governance_extension.ttl: new section "3a) REGULATORY CONTENT" adds
:AnnexIII_List, :AnnexIII_Condition_1a, :AnnexIII_Condition_5b with the
same triples previously in the two instance files. Triples preserved
verbatim (rdfs:label, rdfs:comment, cco:prescribes, iao:0000136 targets).
- ARCO_instances_sentinel.ttl: removes 10 lines (the declaration block);
section header replaced with a brief migration comment. The three
references via iao:0000136 :AnnexIII_Condition_1a are preserved.
- ARCO_instances_creditscoring.ttl: removes 13 lines (the declaration
block + the self-containedness comment); section header replaced with
a brief migration comment. The three references via iao:0000136
:AnnexIII_Condition_5b are preserved.
Tests (all 7 fixtures, pre vs post pipeline diff)
- Sentinel, CreditScorer, VerificationKiosk: identical except entailed-
triples count (+34 to +89 from the additional universal regulatory
content now visible to every fixture).
- DecoySystem_001: regulatory_alignment FAIL -> PASS; traceability
FAIL -> PASS (closes the documented goal).
- GhostSystem_001: regulatory_alignment FAIL -> PASS; traceability
FAIL -> PASS; all_checks_passed false -> true.
- FlagTest_BiometricSystem_WithDerogationClaim and
FlagTest_CreditSystem_WithFraudProcess: no audit-row flip. Their
:AssessmentDocumentation instances do not link to any regulatory
condition via iao:0000136 in the source TTL, so the audit query's
AssessmentDoc -> condition path is empty independent of where the
condition is declared. The plan predicted these fixtures would flip;
the actual cause is a separate fixture-authoring gap in
ARCO_instances_flag_tests.ttl lines 90-92, 155-157. Closing that
is a separate fixture edit outside this PR's scope.
- Regression: test_gate_removal.py PASS; test_scenarios.py PASS (all
7 scenarios); test_kiosk_html_no_false_concretization.py PASS;
test_output_provenance.py 1 failure (unchanged baseline).
- HermiT vs OWL-RL cross-check: agree on every (fixture, system,
query) tuple in the certificate-grade set.
- SHACL conforms PASS on every fixture (unchanged).
- No classification flip on any fixture; no SHACL change; no other
audit-row change.
Downstream consumer audit
Grep across 03_TECHNICAL_CORE/, docs/, mcp/, .github/ for every reader
of :AnnexIII_Condition_1a / _5b / _List / :RegulatoryContent. All
reference sites either load ARCO_governance_extension.ttl (via every
pipeline / test / cross-check loader) or are documentation mentions of
the IRI itself. No consumer depends on the conditions being declared
in a specific instance file.
Deferred
- :AnnexIII_Condition_1a_Exclusion in ARCO_instances_verification.ttl
is a different class (verification-kiosk exclusion documentation per
Recital 22 / Art 3(41)). Whether to also generalize the exclusion
pattern is a separate future decision.
- FlagTest fixtures' AssessmentDocs do not link to any regulatory
condition; closing their regulatory_alignment FAIL is a separate
fixture-authoring change.
Revert
git revert HEAD
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
…ry-content migration
Three stale-doc fixes tied to the 2026-05-14 governance-extension move:
- ARCO_instances_flag_tests.ttl header: replaces the pre-migration text
("classification PASS but audit FAIL ... minimal instances for flag testing
only, without full regulatory content linkage") with the actual post-migration
state. Classification and exception flag remain the test target; traceability
and regulatory_alignment still FAIL but for a different reason now (local
:AssessmentDocumentation -> :AnnexIII_Condition_* iao:0000136 link absent
from this fixture, not fixture-distribution).
- LIMITATIONS.md sec 9: file reference for the
:AnnexIII_Condition_1a cco:prescribes :RemoteBiometricIdentificationProcess
class-as-individual triple updated from ARCO_instances_sentinel.ttl to
ARCO_governance_extension.ttl per the migration. Adds the 5(b) companion
triple. Also notes that gate-removal coverage is now symmetric and adversarial-
mechanism tests exist (next commit).
- README.md "Gate independence is empirically verified" sentence: drops the
"(Symmetric coverage for 5(b) is queued.)" parenthetical; corresponding row in
the active-changes table moves from "Active work" to "Landed 2026-05-14".
No pipeline behavior change.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ism assertions Two coverage gaps closed against README claims: - test_gate_removal.py: parameterized over both modeled Annex III categories. CATEGORY_1A (Sentinel) preserves the original 7 tests (5 gate removals + 2 content mutations) verbatim by triple; CATEGORY_5B (CreditScorer) adds the symmetric 7 against AnnexIII5bApplicableSystem. README "Gate independence is empirically verified" previously disclosed the 5(b) gap as queued; closes that. - test_adversarial_mechanism.py (new): asserts that DecoySystem_001's Gate 1 entailment routes through owl:equivalentClass propagation (the disposition is typed only as :WeirdScanner pre-reasoning; :BiometricIdentificationCapability is absent from the asserted triples and entailed post-reasoning), and that GhostSystem_001's disposition is a blank node (no named individual) that still satisfies owl:someValuesFrom. test_scenarios.py asserts the entailment fires; this test asserts HOW. - .github/workflows/arco-smoke-test.yml and arco-demo.yml: both workflows run the new test alongside the existing three regression tests. Pipeline behavior unchanged. test_output_provenance.py failure count unchanged at 1 (baseline). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
This was referenced May 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Deduplicates universal regulatory content out of two per-fixture instance files into
ARCO_governance_extension.ttl. Closesregulatory_alignment FAILandtraceability FAILonDecoySystem_001andGhostSystem_001by making the regulatory condition declarations visible to every fixture that imports the governance extension. Extended scope (2026-05-14) refreshes stale doc/header references and adds two coverage gaps the README previously disclosed.Both audit queries (
check_regulatory_alignment.sparql,check_assessment_traceability.sparql) require the condition to be typed:RegulatoryContentin the merged graph. The conditions were previously declared only insideARCO_instances_sentinel.ttl(1(a)) andARCO_instances_creditscoring.ttl(5(b)). Fixtures that don't import either instance file referenced the conditions viaiao:0000136but the type assertion wasn't present, so both audit queries returned FAIL for fixture-distribution reasons, not fixture-semantics reasons.What changes
Three commits.
Commit 1: ontology migration (390e115)
03_TECHNICAL_CORE/ontology/ARCO_governance_extension.ttl: new section "3a) REGULATORY CONTENT" adds:AnnexIII_List,:AnnexIII_Condition_1a,:AnnexIII_Condition_5bwith the same triples previously in the two instance files. Triples preserved verbatim.03_TECHNICAL_CORE/ontology/ARCO_instances_sentinel.ttl: removes 10 lines (declaration block); section header replaced with a brief migration comment. References preserved.03_TECHNICAL_CORE/ontology/ARCO_instances_creditscoring.ttl: removes 13 lines (declaration block + self-containedness comment); section header replaced with a brief migration comment. References preserved.Commit 2: stale-doc refresh (cffcf2e)
ARCO_instances_flag_tests.ttlheader: replaces pre-migration text ("audit FAIL... minimal instances for flag testing... without full regulatory content linkage") with the actual post-migration state. Names the remaining cause oftraceability FAILandregulatory_alignment FAIL(local:AssessmentDocumentation -> :AnnexIII_Condition_*iao:0000136link absent from this fixture, not fixture-distribution).LIMITATIONS.mdsec 9: file reference for the class-as-individualcco:prescribestriple updated fromARCO_instances_sentinel.ttltoARCO_governance_extension.ttl. Adds the 5(b) companion triple. Notes the new 5(b) gate-removal coverage and adversarial-mechanism tests.README.md: "Gate independence is empirically verified" sentence drops the "(Symmetric coverage for 5(b) is queued.)" parenthetical; corresponding row in the active-changes table moves from "Active work" to "Landed 2026-05-14".Commit 3: coverage additions (d74e76a)
test_gate_removal.py: parameterized over both modeled Annex III categories. Original 7 Sentinel tests (5 removals + 2 mutations) preserved by triple; 7 symmetric CreditScorer tests added againstAnnexIII5bApplicableSystem. Closes the previously disclosed 5(b) gap.test_adversarial_mechanism.py(new): asserts thatDecoySystem_001Gate 1 routes viaowl:equivalentClasspropagation (:WeirdScannertyped pre-reasoning,:BiometricIdentificationCapabilityabsent from asserted triples and entailed post-reasoning) and thatGhostSystem_001disposition is a blank node still satisfyingowl:someValuesFrom.test_scenarios.pyasserts the entailment fires; this test asserts HOW..github/workflows/arco-smoke-test.ymlandarco-demo.yml: both workflows run the new test alongside the existing three regression tests.Tests
Per-fixture diff table (pre vs post commit 1, all 7 fixtures, 5 output channels):
entailed_triples_added20160 -> 20194 onlyentailed_triples_added20103 -> 20137 onlyentailed_triples_added20025 -> 20114 onlytraceabilityFAIL->PASS;regulatory_alignmentFAIL->PASS; triples +89traceabilityFAIL->PASS;regulatory_alignmentFAIL->PASS;all_checks_passedfalse->true; triples +89entailed_triples_added+89 onlyentailed_triples_added+89 onlyRegression suite (all PASS post commit 3):
test_gate_removal.py(now covers both 1(a) and 5(b))test_scenarios.py(7 scenarios, including FlagTest expected_flags)test_kiosk_html_no_false_concretization.pytest_adversarial_mechanism.py(new — 2 mechanism assertions for Decoy and Ghost)test_output_provenance.py1 failure (unchanged baseline)hermit_cross_check.py: HermiT and OWL-RL agree on every (fixture, system, query) in the certificate-grade setCoverage audit summary (added 2026-05-14):
hermit_cross_check.pytest_gate_removal.pyCATEGORY_1Atest_gate_removal.pyCATEGORY_5Btest_scenarios.pytest_scenarios.pyowl:equivalentClasstest_adversarial_mechanism.pytest_adversarial_mechanism.pytest_scenarios.pyexpected_flagstest_kiosk_html_no_false_concretization.pytest_output_provenance.pyDownstream consumer audit (grep across
03_TECHNICAL_CORE/,docs/,mcp/,.github/): all reference sites either loadARCO_governance_extension.ttl(via every pipeline / test / cross-check loader confirmed atrun_pipeline.py:1902,test_scenarios.py:153,hermit_cross_check.py:83,test_gate_removal.py:204) or are documentation mentions of the IRI itself. No consumer depends on the conditions being declared in a specific instance file.Deviation from plan
The migration plan predicted four fixtures would flip
regulatory_alignmentFAIL->PASS: Decoy, Ghost,FlagTest_BiometricSystem_WithDerogationClaim,FlagTest_CreditSystem_WithFraudProcess. Actual outcome: only Decoy and Ghost flip. The two FlagTest fixtures do not flip because their:AssessmentDocumentationinstances (ARCO_instances_flag_tests.ttl:90-92, 155-157) do not contain anyiao:0000136 :AnnexIII_Condition_*triple; the audit query's?doc iao:0000136 ?conditionpath is empty independent of where the condition is declared. This is a separate fixture-authoring gap, not introduced by this PR. The FlagTest fixture header (commit 2) now documents this state explicitly.Deferred
:AnnexIII_Condition_1a_ExclusioninARCO_instances_verification.ttl:25-29is a different class (verification-kiosk exclusion documentation per Recital 22 / Art 3(41)). Whether to also generalize the exclusion pattern is a separate future decision.:AssessmentDocumentationinstances do not link to any regulatory condition; closing theirregulatory_alignment FAILis a separate fixture-authoring change.Revert
git revert <commit-hash>cleanly undoes each commit in isolation. Commits 2 and 3 are documentation and test-only and have no production-behavior impact. Reverting commit 1 sends the audit query back to FAIL on Decoy and Ghost (pre-existing state on main) with no other downstream consumer impact because the merged ontology is structurally identical.