Spaces:
Runtime error
Runtime error
| """Graph-native reward grounding checks.""" | |
| from __future__ import annotations | |
| from open_range.protocols import CheckResult, ContainerSet, SnapshotSpec | |
| from open_range.validator.graphs import compile_snapshot_graphs | |
| from open_range.validator.path_solvability import build_host_adjacency, has_host_path | |
| class GraphRewardGroundingCheck: | |
| """Verify rewards are grounded by graph facts before live checks run.""" | |
| async def check(self, snapshot: SnapshotSpec, containers: ContainerSet) -> CheckResult: | |
| compiled = compile_snapshot_graphs(snapshot) | |
| issues: list[str] = [] | |
| if not snapshot.flags: | |
| return CheckResult( | |
| name="graph_reward_grounding", | |
| passed=False, | |
| error="snapshot has no flags to ground", | |
| ) | |
| adjacency = build_host_adjacency(snapshot, compiled) | |
| vuln_hosts = {v.host for v in snapshot.truth_graph.vulns if v.host} | |
| for flag in snapshot.flags: | |
| if flag.host not in compiled.hosts: | |
| issues.append(f"flag '{flag.id}' references unknown host '{flag.host}'") | |
| continue | |
| if flag.host in vuln_hosts: | |
| continue | |
| if vuln_hosts and not any( | |
| has_host_path(source, flag.host, adjacency) for source in vuln_hosts | |
| ): | |
| issues.append( | |
| f"flag '{flag.id}' on '{flag.host}' is not reachable from any vuln host" | |
| ) | |
| passed = len(issues) == 0 | |
| return CheckResult( | |
| name="graph_reward_grounding", | |
| passed=passed, | |
| details={"issues": issues}, | |
| error="" if passed else "; ".join(issues), | |
| ) | |