NORTHSET

Proof-of-Pass Receipt

Receipt ID M-122

ISSUE / WORKNeed a better parser/compile error message for mis-placed bindings/assignments · PR #663

CONTRIBUTOR SELF-RUN — NOT MAINTAINER VERIFICATION

RUN

01 / TECHNICAL RESULT

Technical result

1/1

declared commands passed

Recorded on the named code in the named execution environment. The evidence annex carries the exact scope.

Upstream
OPENmutable external state
Attempts
4 totalcurrent M-122 · #4
Cost record
PARTIALunpriced

02 / RECORDED WORK SEQUENCE

Northset Proofline

Every task-bound attempt is shown in recorded order. Anatomy geometry follows each non-null elapsed duration’s share; labels retain exact recorded time.

  1. ATTEMPT 1M-108FAILED ORACLEverification
  2. ATTEMPT 2M-113FAILED INFRA TERMINALinfrastructure
  3. ATTEMPT 3M-117FAILED INFRA TERMINALinfrastructure
  4. ATTEMPT 4M-122READY

ATTEMPT 4 / EXECUTION ANATOMY

01Discoverynot captured
02Qualification3m27s44.6%
03Authoring3m41s47.6%
04Verification35.9s7.7%

03 / ECONOMIC NARRATIVE

Economic identity

Observed sponsorship, authorization, scope, transfer, and outcome. No estimates or inferred value.

  1. 01 / MANDATE

    Sponsored and authorized

    The recorded mandate names both its sponsor and initiative, with authorization tied to a named approver and approval time.

    SPONSORNorthset OSS Fund · OSS mission experimentation

    AUTHORIZEDinternal-user:aeziz ·

  2. 02 / WORK

    Demand became scoped work

    An external issue invitation became a stable task and a recorded code-and-test scope, without treating scope as a measure of value.

    TASKTASK-OSS-1D84161CAE1E9EBC · defect fix · attempt 4

    INVITATIONIssue #595 · label

    SCOPE4 files · 80 changed lines · 1 production files · 3 test files · 1 declared check

  3. 03 / EXTERNAL OUTCOME

    Transfer and upstream state

    The recorded maintainer transfer and its contingency are separate from upstream state, which remains a mutable external observation.

    MAINTAINER TRANSFERnone · not merge contingent

    UPSTREAMOPEN · mutable external observation

04 / COST COMPLETENESS

Known, unknown, and unpriced

Known: maintainer payment was none. A known zero external transfer is not a zero total cost.

Missing or unpriced components

  • model inference
  • actual host compute
  • human review
  • shared tooling
TOTAL COSTUNPRICED

No complete total is recorded; see the missing or unpriced component record above.

Evidence annexEconomic · technical · provenance · limitations
01

Economic evidence

Lineage, usage, caps, outcome, and cost provenance

Attempt lineage

  • M-108attempt 1 · FAILED ORACLE · verification
  • M-113attempt 2 · FAILED INFRA TERMINAL · infrastructure
  • M-117attempt 3 · FAILED INFRA TERMINAL · infrastructure
  • M-122attempt 4 · READY

Recorded usage

requested reviewer model
gpt-5.6-sol
actual reviewer model
not captured
requested author model
gpt-5.6-sol
actual author model
not captured
networked setup phase
19.8s
install-only duration
not captured
declared commands
10.1s
unclassified executor time
6s
CPU time
not captured
peak RSS
not captured

Configured resource envelope

CPU cap
2
memory cap
4096 MB
PID cap
512
command wall cap
1800s
output cap / stream
2000000 bytes

Configured limits are an envelope, not observed consumption.

Cost lines

  • maintainer paymentobserved quantity unpriced · 0 external transfer · amount unavailable

Cost status: partial. Values without source-backed quantities and rates remain null.

Outcome facts

technical checks passed
true
PR opened
true
CI
pending
merged
false
accepted as submitted
not established
external cycle time
not captured
released
not observed
deployed
not observed
business result
not observed
02

Technical evidence

Code, environment, exact commands, patch, and outputs

Project

picolab/pico-engine

Work

Need a better parser/compile error message for mis-placed bindings/assignments · PR #663

Verification execution

runtime: northset-oss executor v1
human operator: aeziz

Code

base
d135b1d7b153b9648708bec55c5a4df2f3379782
recorded patch commit
b81d5d7afc2d307ae42be3a78829ef33a37e4c82
declared metadata; not execution-bound
patch diff SHA-256
sha256:52ce76e720d47080055d72c2591a01e9316c431e010e35ac6238fcca58707119
bound to executed patch bytes

Environment

image reference
node@sha256:40ad9f3064e67d6860b4bc3fe1880b2953934fd6320ada990e45fe0efa6badd7
repository digest
node@sha256:40ad9f3064e67d6860b4bc3fe1880b2953934fd6320ada990e45fe0efa6badd7
immutable image ID
sha256:6ed6ff875e9714bb845b850b08f3ad231ccbb5848812647bcf11acdd4bd1d2f8
platform
linux/arm64
network
phaseA:bridge,phaseB:none

Declared checks

Execution summary
1/1 declared command returned exit 0 in the recorded environment

  1. npm --prefix packages/krl-parser test -- test/postlude-declaration-errors.ts test/postludeStatements.ts test/ruleset.ts

    exit 0 · 10.1s

run wall (derived from recorded timestamps) 35.9s

PASS — 1/1 declared command

Every command listed returned exit 0 in the declared environment. Only the listed commands are in scope. Unlisted test, lint, typecheck, build, coverage, compiler, full-suite, and CI gates are not implied or recorded.

Public scope interpretation

The receipt proves the declared automated checks only; maintainer review and merge remain independent human decisions. Two existing parser tests are intentionally updated because they assert the behavior the maintainer declared illegal; this is recorded as an elevated test-change risk.

Committed patch.diff
diff --git a/packages/krl-parser/src/krl.ts b/packages/krl-parser/src/krl.ts
index 163e379d4664d63145ffaf4839e7a26fe5645b05..ba499d28735b43f3f04133066c3990df825d4a59 100644
--- a/packages/krl-parser/src/krl.ts
+++ b/packages/krl-parser/src/krl.ts
@@ -1511,6 +1511,13 @@ function postludeStatementCore(state: State): ast.PostludeStatement {
     };
   }
 
+  if (easyLookahead(state, 2) === "SYMBOL=") {
+    throw new ParseError(
+      "Declarations are not allowed in rule postludes",
+      state.curr.token
+    );
+  }
+
   return declaration(state);
 }
 
diff --git a/packages/krl-parser/test/postlude-declaration-errors.ts b/packages/krl-parser/test/postlude-declaration-errors.ts
new file mode 100644
index 0000000000000000000000000000000000000000..c37ff45151ecf6881c62a5f12b83f4a4504117cf
--- /dev/null
+++ b/packages/krl-parser/test/postlude-declaration-errors.ts
@@ -0,0 +1,16 @@
+import test from "ava";
+import { ParseError } from "../src/ParseError";
+import { parseRuleset } from "../src/krl";
+import tokenizer from "../src/tokenizer";
+
+test("rejects declarations in rule postludes", t => {
+  const error = t.throws(
+    () =>
+      parseRuleset(
+        tokenizer("ruleset a { rule b { always { x = 3 } } }")
+      ),
+    { instanceOf: ParseError }
+  ) as ParseError;
+
+  t.is(error.message, "Declarations are not allowed in rule postludes");
+});
diff --git a/packages/krl-parser/test/postludeStatements.ts b/packages/krl-parser/test/postludeStatements.ts
index 96c49824709b11119d6f8784538bc0a05ba56ea8..8553ec62c83d44599b11f7a2447c40b2c3763b30 100644
--- a/packages/krl-parser/test/postludeStatements.ts
+++ b/packages/krl-parser/test/postludeStatements.ts
@@ -398,22 +398,6 @@ test("GuardCondition", t => {
     }
   ]);
 
-  testPost("foo = bar on final", [
-    {
-      type: "GuardCondition",
-      condition: "on final",
-      statement: mk.declare("=", mk.id("foo"), mk.id("bar"))
-    }
-  ]);
-
-  testPost("foo = bar if baz > 0", [
-    {
-      type: "GuardCondition",
-      condition: mk.op(">", mk.id("baz"), mk(0)),
-      statement: mk.declare("=", mk.id("foo"), mk.id("bar"))
-    }
-  ]);
-
   testPost("ent:foo := bar if baz > 0", [
     {
       type: "GuardCondition",
diff --git a/packages/krl-parser/test/ruleset.ts b/packages/krl-parser/test/ruleset.ts
index d10873256d62ca9de55eeaab2218017d5d067da8..157bd9dc1177a9a667fef92acc2ba8d518ea56a3 100644
--- a/packages/krl-parser/test/ruleset.ts
+++ b/packages/krl-parser/test/ruleset.ts
@@ -843,56 +843,61 @@ test("RulePostlude", t => {
   };
 
   // test location
-  var src = "ruleset rs{rule r1{always{aaa=one();bbb=two()}}}";
+  var src =
+    "ruleset rs{rule r1{always{ent:aaa:=one();app:bbb:=two()}}}";
   t.deepEqual(parseRuleset(tokenizer(src)).rules[0].postlude, {
-    loc: { start: 19, end: 46 },
+    loc: { start: 19, end: 56 },
     type: "RulePostlude",
     fired: null,
     notfired: null,
     always: [
       {
-        loc: { start: 26, end: 35 },
-        type: "Declaration",
-        op: "=",
+        loc: { start: 33, end: 35 },
+        type: "PersistentVariableAssignment",
+        op: ":=",
         left: {
-          loc: { start: 26, end: 29 },
-          type: "Identifier",
+          loc: { start: 26, end: 33 },
+          type: "DomainIdentifier",
+          domain: "ent",
           value: "aaa"
         },
+        path_expression: null,
         right: {
-          loc: { start: 30, end: 35 },
+          loc: { start: 35, end: 40 },
           type: "Application",
           callee: {
-            loc: { start: 30, end: 33 },
+            loc: { start: 35, end: 38 },
             type: "Identifier",
             value: "one"
           },
           args: {
-            loc: { start: 33, end: 35 },
+            loc: { start: 38, end: 40 },
             type: "Arguments",
             args: []
           }
         }
       },
       {
-        loc: { start: 36, end: 45 },
-        type: "Declaration",
-        op: "=",
+        loc: { start: 48, end: 50 },
+        type: "PersistentVariableAssignment",
+        op: ":=",
         left: {
-          loc: { start: 36, end: 39 },
-          type: "Identifier",
+          loc: { start: 41, end: 48 },
+          type: "DomainIdentifier",
+          domain: "app",
           value: "bbb"
         },
+        path_expression: null,
         right: {
-          loc: { start: 40, end: 45 },
+          loc: { start: 50, end: 55 },
           type: "Application",
           callee: {
-            loc: { start: 40, end: 43 },
+            loc: { start: 50, end: 53 },
             type: "Identifier",
             value: "two"
           },
           args: {
-            loc: { start: 43, end: 45 },
+            loc: { start: 53, end: 55 },
             type: "Arguments",
             args: []
           }
Redacted stdout
=== cmd 1: npm --prefix packages/krl-parser test -- test/postlude-declaration-errors.ts test/postludeStatements.ts test/ruleset.ts ===

> krl-parser@1.5.0 test
> ava reset-cache && ava test/postlude-declaration-errors.ts test/postludeStatements.ts test/ruleset.ts


✔ No cache files to remove

  ✔ postlude-declaration-errors › rejects declarations in rule postludes
  ✔ postludeStatements › ClearPersistentVariable
  ✔ postludeStatements › LastStatement
  ✔ postludeStatements › LogStatement
  ✔ postludeStatements › ErrorStatement
  ✔ postludeStatements › raise event
  ✔ postludeStatements › schedule event
  ✔ postludeStatements › GuardCondition
  ✔ postludeStatements › PersistentVariableAssignment
  ✔ ruleset › ruleset
  ✔ ruleset › rulesetID
  ✔ ruleset › Ruleset meta
  ✔ ruleset › with
  ✔ ruleset › Rule
  ✔ ruleset › select when
  ✔ ruleset › select where ...
  ✔ ruleset › select when ... within
  ✔ ruleset › select when ... foreach ...
  ✔ ruleset › ActionBlock
  ✔ ruleset › Action setting
  ✔ ruleset › RulePostlude
  ─

  21 tests passed
Redacted stderr
=== cmd 1: npm --prefix packages/krl-parser test -- test/postlude-declaration-errors.ts test/postludeStatements.ts test/ruleset.ts ===
03

Provenance & limitations

Bundle identity, attestation, verification, and claims boundary

Record details

payment
none · not merge-contingent
redactions
none recorded
Bundle contents digest
sha256:276e60f2c7a19bbbe5eb9daf2bb6f4eb707a866a4ea7a67692836333e29ed122
Signed asset SHA-256
sha256:2957f2ec31791a5f2210d267a4078ddada30af181021f7586c205d4aa0a546f1
Signed provenance recorded
verified 2026-07-16T19:32:25.564Z

NOT INCLUDED

  • Does not prove code quality
  • Does not prove security
  • Contributor self-run record of Northset's own contribution; not the maintainer's verification.
  • The receipt proves the declared automated checks only; maintainer review and merge remain independent human decisions.
  • Two existing parser tests are intentionally updated because they assert the behavior the maintainer declared illegal; this is recorded as an elevated test-change risk.

Signed bundle

Download signed bundle

Verify this receipt

gh attestation verify run-record-M-122-276e60f2c7a1.tar.gz --repo northset-oss/verification-pilot --signer-workflow northset-oss/verification-pilot/.github/workflows/attest-bundle.yml

Attestation confirms that Northset's signing workflow produced this exact bundle. The signer does not witness the recorded run, and verification does not turn it into maintainer verification.

QR → receipt page
Northset contributed this fix and ran its declared checks. Contributor self-run. Not maintainer verification.

Evidence of what ran — not a verdict that the code is good.

SELF-FUNDED FIELD-TESTING.

FOR MAINTAINERS

Request a private run

Maintain an open-source project? Send Northset a PR already in your queue. We run its repository-declared checks in an isolated container and return the run record privately. We do not modify the PR. Nothing is published without your approval. Free during the pilot.

The issue form is public. Do not include secrets or private repository details there; use email instead.

Already onboarded? Add northset-verify to a PR to request a run on that PR.

Claims boundary

This page reports scoped proof-of-pass receipt evidence. It does not prove code quality, security, full CI coverage, production readiness, or maintainer approval. An attestation confirms bundle provenance; it does not broaden the receipt's claim.

Read the full Claims Boundary policy.