[pitboss] phase 01: M1 — Spec extraction + --verify plumbing (no sandbox)

2026-06-12 19:55:14 +02:00 · 2026-05-11 21:19:03 -04:00 · 2026-05-11 21:19:03 -04:00 · a10aba5d1f
commit a10aba5d1f
parent cb8688219a
25 changed files with 808 additions and 66 deletions
--- a/frontend/src/api/mutations/scans.ts
+++ b/frontend/src/api/mutations/scans.ts
@ -9,6 +9,12 @@ export interface StartScanBody {
  scan_root?: string;
  mode?: ScanMode;
  engine_profile?: EngineProfile;
+  /**
+   * Run dynamic verification on findings after the static pass. Default false.
+   * Backend currently accepts the field as a no-op; verification engine lands
+   * in milestone M1 (see .pitboss/dynamic/context.md).
+   */
+  verify?: boolean;
 }

 export function useStartScan() {
--- a/frontend/src/modals/NewScanModal.tsx
+++ b/frontend/src/modals/NewScanModal.tsx
@ -38,6 +38,7 @@ export function NewScanModal({ open, onClose }: NewScanModalProps) {
  const [scanRoot, setScanRoot] = useState('');
  const [mode, setMode] = useState<ScanMode>('full');
  const [engineProfile, setEngineProfile] = useState<EngineProfile>('balanced');
+  const [verify, setVerify] = useState(false);

  const handleStart = async () => {
    const root = scanRoot.trim();
@ -45,6 +46,7 @@ export function NewScanModal({ open, onClose }: NewScanModalProps) {
    if (root && root !== defaultRoot) body.scan_root = root;
    if (mode !== 'full') body.mode = mode;
    body.engine_profile = engineProfile;
+    if (verify) body.verify = true;
    const payload = Object.keys(body).length ? body : undefined;
    try {
      await startScan.mutateAsync(payload);
@ -105,6 +107,25 @@ export function NewScanModal({ open, onClose }: NewScanModalProps) {
            </select>
            <span className="form-hint">{PROFILE_HINTS[engineProfile]}</span>
          </div>
+          <div className="form-group">
+            <label>Dynamic Verification</label>
+            <div className="toggle-inline">
+              <input
+                type="checkbox"
+                id="new-scan-verify"
+                checked={verify}
+                onChange={(e) => setVerify(e.target.checked)}
+              />
+              <label htmlFor="new-scan-verify">
+                Build a harness and try to fire each finding's payload in a
+                sandbox.
+              </label>
+            </div>
+            <span className="form-hint">
+              Opt-in for now; will become the default once calibrated. Adds
+              wall-clock time per finding.
+            </span>
+          </div>
          <div className="scan-modal-actions">
            <button className="btn btn-sm" onClick={onClose}>
              Cancel