Core Flow
1. Detect
Registered language plugins detect projects and manifests.
2. Discover
Tree-sitter-backed plugins produce verification targets with symbols, paths, line ranges, signatures, and risk.
3. Plan
The planner builds a bounded verification strategy for changed targets or explicit CLI targets.
4. Generate
Plugins generate reviewable artifacts: tests, fuzz harnesses, symbol graphs, mutation manifests, replay cases, and feedback.
5. Execute
Language tests, fuzzing, mutation checks, replay, and coverage run under budgets.
6. Report
The core writes reports, confidence scores, finding IDs, SARIF, JUnit, Markdown, and AI repair prompts.
Plugin Contract
capabilities() -> Vec<PluginCapability>
detect_project(root) -> ProjectInfo
discover_targets(root) -> Vec<VerificationTarget>
generate_tests(target, plan) -> Vec<GeneratedArtifact>
run_tests(root, artifacts, plan) -> TestRunResult
collect_coverage(root) -> Option<CoverageReport>
promote_regression(root, report, finding, index) -> Vec<GeneratedArtifact>Tree-Sitter Use
Rust
Discovers public free functions and methods, symbol owners, line ranges, signatures, call hints, and AST spans for mutation probes.
Go
Discovers exported functions and methods, receivers, fuzz targets, package graphs, and AST mutation surfaces for comparisons, nil/error, literals, loops, goroutines, locks, and returns.
Python
Discovers production functions and methods, class owners, line ranges, signatures, pytest/unittest paths, coverage.py summaries, mutation checks, and primitive replay.
Artifacts And Reports
.veritas/report.json.veritas/cache/*_targets.json.veritas/assertions/*.json.veritas/corpus/*.json.veritas/mutations/*_campaign.json.veritas/evolution/*_suite.json
- Markdown reports for humans and agents.
- SARIF 2.1.0 for code scanning.
- JUnit XML for CI test report surfaces.
- Confidence score and badges.
- Repair prompts and review packets.
- Quality baselines and trend deltas.