The verification act at release

Has the workspace cleared its own standard?

A release is not a single service decision. It is a workspace decision: the aggregate evidence state of every service inside the release boundary, evaluated against the organization's standard, bound to a single policy version, and recorded as one signed bundle.

What enters

At release time, GoSentrix aggregates:

Per-service merge readiness decisions, with their evidence trails
License and supply-chain release eligibility — evaluated as a parallel decision axis, not collapsed into vulnerability authority
Threat model state for each service inside the release boundary
Workspace-scope policy: the rules that govern whether this aggregate evidence is enough for this release
Prior override authorizations, if any, with their approval chains

How GoSentrix verifies

Step 1

Aggregate.

Per-service evidence and per-service decisions are collected into a workspace-scope view. The workspace decision is not the worst per-service verdict; it is its own decision, with its own evidence trail.

Step 2

Evaluate license axis separately.

License and supply-chain release eligibility runs as a parallel decision axis with its own gate and policy version. License findings are not vulnerabilities; they are a different kind of authority question.

Step 3

Apply the workspace policy.

Cassini evaluates aggregate evidence against the workspace policy version active at release time. The policy version is bound; it will not change underneath this decision later.

Step 4

Govern overrides.

If a release requires override authorization, the request flows through a typed approval chain: business-critical → VP, risk acceptance → CISO, trust-boundary violation → CISO break-glass. AI agents cannot grant overrides. The chain is recorded.

Step 5

Decide and bundle.

The decision is HARD_BLOCK, BLOCK, WARN, or PASS. The workspace decision and all per-service evidence references are written into one canonical signed bundle.

What is produced

Artifact

What it carries

Workspace decision

One of HARD_BLOCK / BLOCK / WARN / PASS at the workspace scope

Workspace signed bundle

Collective evidence references across all services; content-addressed bundle ID (design target — see boundary section)

License release-gate record

Deterministic exit-code-bound decision (READY / BLOCK / CAUTION / ERROR), with its own policy version

Pipeline BOM

Replay-grade manifest of which BOMs ran, against what artifact hashes, under what policy, with what decision

Override authorization chain

Typed approval record, if applicable

Which claims this proof supports

GoSentrix verifies release decisions at workspace scope.

Release decisions are bound to the active policy version.

Override chains are recorded as evidence.

What this does not do

Release verification does not set the organization's risk appetite. It does not produce a single risk score. It does not enforce on severity or AI confidence alone. It does not retroactively change past release decisions when policy is later updated — and it does not invalidate past releases that were cleared under an earlier policy.

Pipeline BOM v1 is GoSentrix-native; CycloneDX export is on the roadmap. End-to-end signing across every decision surface is in rollout, not uniformly shipped.

See a Verification Decision Read the Doctrine