Expand description
vanta-lock — the vanta.lock model, canonical serialization, and the
manifest↔lock reconcile.
The lock pins exact versions and per-platform artifact hashes for every
target so a single committed file reproduces on any OS. See
docs/11-reproducibility.md and docs/31-lockfile-and-manifest-reference.md.
Serialization is canonical (sorted tools, sorted platform keys) so the file
diffs cleanly in VCS.
Structs§
- Lock
- A
vanta.lockfile. - Locked
Tool - A locked tool: the resolution plus a per-platform artifact pin.
- Platform
Pin - The per-platform artifact pin recorded in the lock.
- Reconcile
- The difference between what a manifest declares and what the lock pins.
Constants§
- LOCK_
VERSION - The current lock format version.
Functions§
- reconcile
- Compare the manifest’s declared tool names against the lock. Tool-name level
only; deeper drift (a changed constraint a pin no longer satisfies) is checked
during resolution (
docs/06-resolution.md).