Expand description
Local decision memory – append-only JSONL of past approve/deny decisions per (rule_id, argv-fingerprint). All processing is purely local; nothing is ever sent off the box.
Two adaptive behaviours derive from this log:
-
Demote-after-N-approvals: if the user has approved this exact fingerprint >=
demote_after_approvalstimes with no recent denial, severity drops one tier. -
Escalate-on-recent-deny: if any denial exists within
escalate_on_deny_days, severity bumps one tier.
The log file lives at <cwd>/.aperion-shield/decisions.jsonl by
default – co-located with the inbox so users only manage one
Shield-state directory per project. A user-global fallback under
~/.aperion-shield/ is checked when the project directory is not
writable (e.g. read-only mounts in CI).
Structs§
- Decision
Memory - Memory
Entry - Memory
Verdict - Adaptive verdict drawn from the memory log for a given fingerprint.