Skip to content

feat(procore): write metadata-only audit records#29

Merged
mcxl merged 1 commit into
mainfrom
codex/procore-audit-wiring
Jun 17, 2026
Merged

feat(procore): write metadata-only audit records#29
mcxl merged 1 commit into
mainfrom
codex/procore-audit-wiring

Conversation

@mcxl

@mcxl mcxl commented Jun 17, 2026

Copy link
Copy Markdown
Owner
  • Confirmation-independent T8 audit slice: app-side metadata-only audit builder and graceful Supabase RPC writer.
  • Adds core/procore/audit.py to build rows matching migration 008 without raw SWMS text, review prose, amendment reasons, comment bodies, or attachment content.
  • Wires /v1/procore/webhook background processing to attempt record_procore_audit after review/comment metadata is known.
  • Passes the durable delivery key into the background task so audit rows can match idempotency reservations.
  • Degrades to no-op when Supabase is unconfigured or migration 008/RPC is absent; webhook processing continues.
  • Does not change the Procore write-back endpoint/resource and does not apply migrations.

Tests:

  • python -m pytest tests/test_procore_audit.py tests/test_procore_webhook.py -> 79 passed
  • flake8 api/main.py core/procore/audit.py tests/test_procore_audit.py -> clean
  • pre-push full suite -> passed

Remaining Procore-gated work: T7 OAuth/DMSA and final T8 write-back resource confirmation.

@mcxl mcxl merged commit 0d6160f into main Jun 17, 2026
1 check passed
@mcxl mcxl deleted the codex/procore-audit-wiring branch June 17, 2026 22:46

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9eb7f6c13a

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread core/procore/audit.py
Comment on lines +50 to +55
hard_severities = {"hard_fail", "mandatory", "critical"}
return sum(
1
for item in amendments
if isinstance(item, dict)
and str(item.get("severity", "")).strip().lower() in hard_severities

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Include high-severity amendments in hard-fail audits

When the prescreen emits a high-severity amendment, such as the HRCW declaration path that sets severity: "high" and forces escalation, this allow-list records hard_fail_count as 0 because it only counts hard_fail, mandatory, and critical. That under-reports the immutable audit record for the highest-severity reviews even though lower-severity mandatory amendments are counted.

Useful? React with 👍 / 👎.

Comment thread core/procore/audit.py
Comment on lines +60 to +62
amendments = review_artifact.get("required_amendments", [])
if isinstance(amendments, list):
return len(amendments)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Count the full issue inventory in audit records

For reviews with more than five amendments, run_prescreen_review stores only the top visible items in required_amendments and keeps the rest in _all_amendments/suppressed_issue_count; using len(required_amendments) caps the persisted finding_count at the display limit, so complex submissions get an immutable Supabase audit row that understates the actual findings that drove the recommendation.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant