@sanity/ailf 0.1.15 → 0.1.16

package/dist/_vendor/ailf-core/ports/context.d.ts

@@ -99,6 +99,17 @@ export interface ResolvedConfig {
     reportStoreProjectId?: string;
     /** Report store dataset from .ailf/config.yaml reportStore block */
     reportStoreDataset?: string;
+    /**
+     * Git metadata from the *calling* repository (cross-repo evaluations).
+     * When set, this overrides the CI env var-based git detection in provenance,
+     * ensuring the report attributes to the caller — not the AILF core repo.
+     */
+    callerGit?: {
+        branch?: string;
+        prNumber?: number;
+        repo: string;
+        sha?: string;
+    };
     /** Callback URL configuration for API-triggered evaluations */
     callback?: {
         url: string;

package/dist/_vendor/ailf-core/schemas/pipeline-request.d.ts

@@ -20,6 +20,12 @@ export declare const PipelineRequestSchema: z.ZodObject<{
         "cloud-run": "cloud-run";
     }>>;
     areas: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    callerGit: z.ZodOptional<z.ZodObject<{
+        branch: z.ZodOptional<z.ZodString>;
+        prNumber: z.ZodOptional<z.ZodNumber>;
+        repo: z.ZodString;
+        sha: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
     callback: z.ZodOptional<z.ZodObject<{
         headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
         url: z.ZodString;

package/dist/_vendor/ailf-core/schemas/pipeline-request.js

@@ -30,12 +30,31 @@ const CallbackSchema = z.object({
     url: z.string().url(),
 });
 // ---------------------------------------------------------------------------
+// Caller Git context — for cross-repo evaluations
+// ---------------------------------------------------------------------------
+/**
+ * Git metadata from the *calling* repository.
+ *
+ * When a cross-repo evaluation is triggered (via repository_dispatch or
+ * the API), the GitHub Actions env vars (GITHUB_REPOSITORY, GITHUB_SHA,
+ * etc.) reflect the *AILF core repo* where the workflow executes — not
+ * the repo that requested the evaluation. This field carries the caller's
+ * actual git context so provenance correctly attributes the evaluation.
+ */
+const CallerGitSchema = z.object({
+    branch: z.string().optional(),
+    prNumber: z.number().int().positive().optional(),
+    repo: z.string(),
+    sha: z.string().optional(),
+});
+// ---------------------------------------------------------------------------
 // Pipeline Request — the universal invocation contract
 // ---------------------------------------------------------------------------
 export const PipelineRequestSchema = z.object({
     allowedOrigins: z.array(z.string()).optional(),
     backend: z.enum(["github-actions", "cloud-run"]).optional(),
     areas: z.array(z.string()).optional(),
+    callerGit: CallerGitSchema.optional(),
     callback: CallbackSchema.optional(),
     changedDocs: z.array(z.string()).optional(),
     compare: z.boolean().optional(),

package/dist/orchestration/steps/publish-report-step.js

@@ -146,6 +146,7 @@ function buildProvenanceInput(summary, ctx, options) {
         : undefined;
     return {
         areas,
+        callerGit: ctx.config.callerGit,
         evalFingerprint,
         mode,
         promptfooUrls: options.promptfooUrls,

package/dist/pipeline/map-request-to-config.js

@@ -56,6 +56,7 @@ export function mapRequestToConfig(request, rootDir) {
         sanityDocumentArgs: undefined,
         beforeOption: undefined,
         repoTasksPath: undefined,
+        callerGit: request.callerGit,
         callback: request.callback,
         jobId: request.jobId,
         remote: false,

package/dist/pipeline/provenance.d.ts

@@ -16,6 +16,17 @@ import type { EvalMode, PromptfooUrlEntry, ReportProvenance } from "./types.js";
 export interface ProvenanceInput {
     /** Feature areas that were evaluated */
     areas: string[];
+    /**
+     * Git metadata from the *calling* repository (cross-repo evaluations).
+     * When provided, overrides CI env var detection so provenance attributes
+     * to the caller — not the AILF core repo where the workflow executes.
+     */
+    callerGit?: {
+        branch?: string;
+        prNumber?: number;
+        repo: string;
+        sha?: string;
+    };
     /** SHA-256 hash of the doc context files (from cache system) */
     contextHash?: string;
     /** Evaluation fingerprint for cross-environment cache lookup */

package/dist/pipeline/provenance.js

@@ -25,11 +25,21 @@ import { load } from "js-yaml";
  */
 export function buildProvenance(input) {
     const models = loadModelsConfig(input.rootDir);
+    // Cross-repo evaluations: prefer explicit caller git metadata over
+    // CI env vars (which always reflect the AILF core repo).
+    const git = input.callerGit
+        ? {
+            branch: input.callerGit.branch ?? "unknown",
+            prNumber: input.callerGit.prNumber,
+            repo: input.callerGit.repo,
+            sha: input.callerGit.sha ?? "unknown",
+        }
+        : detectGitMetadata();
     return {
         areas: input.areas,
         contextHash: input.contextHash,
         evalFingerprint: input.evalFingerprint,
-        git: detectGitMetadata(),
+        git,
         graderModel: models.grader.id,
         mode: input.mode,
         models: models.models.map((m) => ({ id: m.id, label: m.label })),
@@ -110,6 +120,9 @@ function detectTrigger() {
     if (eventName === "repository_dispatch") {
         return {
             callerRef: process.env.GITHUB_REF,
+            // Note: callerRepo here is a fallback. The accurate caller repo
+            // comes from callerGit (injected into the PipelineRequest payload).
+            // GITHUB_REPOSITORY_OWNER_ID is just the org ID, not owner/repo.
             callerRepo: process.env.GITHUB_REPOSITORY_OWNER_ID ?? "unknown",
             type: "cross-repo",
         };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sanity/ailf",
-  "version": "0.1.15",
+  "version": "0.1.16",
   "private": false,
   "publishConfig": {
     "access": "restricted"