# Who changed this record, when, and who approved it?
SELECT committer, date, message
FROM dolt_log
WHERE table_name = 'training_data'
ORDER BY date DESC LIMIT 1;

a3f9c2d  |  2026-03-18 14:22:01  |  sarah@company.com
"Reviewed and approved agent batch write" ✓

# Prove training data state at model release
SELECT COUNT(*) FROM training_data
AS OF 'model-v2.4-release'
WHERE has_bias_flag = 1;

-- Result: 0 ✓  Audit-ready. Forever.

August 2026

EU AI ACT Enforcement Date

Full enforcement begins August 2026.

High-risk AI teams have months, not years.

August 2026

EU AI ACT Enforcement Date

Full enforcement begins August 2026.

High-risk AI teams have months, not years.

The EU AI Act begins full enforcement in August 2026 — and possibly sooner. High-risk AI systems in biometrics, critical infrastructure, employment, law enforcement, and healthcare must comply. Penalties are severe.

What EU Non-Compliance Actually Costs

Recall

Market Withdrawal

Regulators can pull your product from 450M consumers with no fine ceiling and no guaranteed timeline for reinstatement.

The outcome that ends quarters.

€35M

Maximum Fine

The ceiling for prohibited AI practices, or 7% of annual global turnover, whichever is higher. For a $1B company, that's $70M, For a $10B company, that's $700M.

€15M

High-Risk Violations

For data governance failures on high-risk AI systems. If your AI touches healthcare, employment, law enforcement, or infrastructure, this tier applies to you.

€7.5M

Documentation Failures

Triggered by missing audit logs, incomplete technical documentation, or inability to prove what data trained your model. €7.5M for paperwork you could have automated.

US Regulatory Landscape

US Domestic Compliance Pressure

Can you answer what your agent did?

NIST AI RMF

De Facto Enterprise Standard

Requires documented governance, traceability, and human oversight of AI outputs. Already required by most Fortune 500 procurement teams and all federal contractors. Not law yet — but failing it costs you the deal.

Colorado AI Act · In Effect 2026

Algorithmic Accountability

Requires developers and deployers of high-risk AI to disclose algorithmic decision-making to consumers, conduct annual impact assessments, and maintain documentation of model inputs and outputs. Enforced by the Colorado AG.

California SB 53 · Passed

AI Safety & Transparency

Requires covered AI developers to establish and publish safety and security protocols, maintain incident reporting procedures, and document the measures taken to prevent critical harms. Effective January 2026.

US Regulatory Landscape

US Domestic Compliance Pressure

Can you answer what your agent did?

Compliance isn't a promise.
It's a commit hash.

Compliance isn't a promise.

It's a commit hash.

Industry Leaders Agree

The Need for Database
Version Control Is Inevitable

Andrej Karpathy

If an agent has a diff where it made some change, we suddenly have all this code already that shows all the differences to a code base using a diff. It's almost like we've pre-built a lot of the infrastructure for code.

Dwarkesh Podcast (Oct 2025)

Steve Yegge

Tim Sehn and his team built exactly the thing we needed before we knew we needed it. Dolt is a SQL database with Git semantics. Fork it, branch it, merge it, send pull requests — on structured data.

Creator of Beads & Gastown

11 min read

Sualeh Asif

I feel like everything needs branching... So maybe the AI agents will use branching, they'll test against some branch, and it's sort of going to be a requirement for the database to support branching.

Cursor Co-founder, on Lex Fridman

UC Berkely CS Department

We need new concurrency mechanisms that exploit similarity across branches... This is analogous to MVCC on steroids: forking possibly thousands of near-identical snapshots.

"Supporting Our AI Overlords" paper, 2025

The Blog

Agentic AI Needs Version Control

Read the thinking behind the infrastructure.

AI and Data

Why AI Needs Version Control

Code is stored in files, but data lives in databases. Bridging the gap for the next generation of AI agents.

11 min read

AI and Data

Agentic Memory

Agentic memory is here, and it's powered by Dolt.

11 min read

AI, Data, and Multi-Agent.

Multi-Agent Database

Multi-agent systems need SQL query power and Git-style versioning. Most tools give you one. Dolt gives you both.

7 min read

Compliance

Solving EU AI ACT compliance

Dolt enables you to comply with the data governance and human oversight requirements of the EU AI Act

9 min read

Explore the blog

The Law

Two Articles. Your Immediate Compliance Gap.

The EU AI Act's data requirements center on two articles that most teams can't satisfy with traditional databases.

Article 10, DATA GOVERNANCE

Prove Your Training Data is Clean

You must demonstrate the exact data used to train each model, prove it was free from bias, document its origin, and provide an audit log of every transformation applied.

Identify the exact dataset for every deployed model

Query historical data at any point in time

Audit every row-level change with author + timestamp

Document labeling and cleaning operations

Prove absence of protected-class bias via SQL queries

Article 14, HUMAN OVERSIGHT

Build a Human Override Into Your AI

High-risk AI systems must be designed so humans can review, override, and roll back AI outputs. You cannot satisfy this with application-level logic alone — it must be at the data layer.

Present AI changes for human review before accepting

Allow rejection of any AI output without data loss

Rollback any AI-generated change at any granularity

Maintain audit trail of human approval decisions

Support "not to use" decision at any moment

Production is always protected

Cell-level diffs. Cell-level merges.

The Solution

How Dolt Closes the Gap

Compliance isn't bolted on. It's how Dolt works.

Compliance isn't bolted on. It's how Dolt works.

1

Tag Your Training Data at Model Time

Every model training run records a Dolt tag — a named, immutable snapshot of the exact data used. You can query this snapshot forever, just like current data. Article 10 compliance is automatic.

2

Detect and Audit Every Data Change

When a biased or erroneous record enters your training set, Dolt's diff tables tell you exactly who added it, when, and in which commit. Investigations that once took weeks take minutes.

3

Human Review via Pull Request Workflow

AI systems write changes to a branch. A human reviews the diff and either merges or rejects it. Nothing reaches production without explicit approval. Article 14, satisfied by design.

4

Rollback Any AI Change Instantly

If an AI-generated change causes harm, you can revert it surgically with a single SQL call — no full backup restore, no data loss, no downtime. This is the "override and reverse" requirement in Article 14.

-- Tag data when you train a model 
CALL DOLT_TAG('model-2026-01-28', 'HEAD', '-m', 'Production model v2.4'); 

-- Query that exact data anytime, forever 
SELECT COUNT(*) FROM training_data AS OF 'model-2026-01-28' 
WHERE has_bias_flag = 1; -- Result: 0 ✓
-- Find exactly when a bad record entered 
SELECT dl.committer, dl.date, dl.message, dd.diff_type, dd.to_has_bias_flag 
FROM dolt_diff_training_data dd 
JOIN dolt_log dl ON dd.to_commit = dl.commit_hash 
WHERE dd.to_image_id = 'img_51247' AND dd.to_has_bias_flag = 1; 

-- Returns: who, when, what commit
-- AI agent writes to a branch 
CALL DOLT_CHECKOUT('-b', 'ai-proposal-2026-01-28'); 

-- AI inserts/updates rows here 

-- Human reviews the diff 
SELECT * FROM dolt_diff_network_config WHERE to_commit = 'STAGED'; 

-- Human approves -> merge 
CALL DOLT_MERGE('ai-proposal-2026-01-28'); 

-- Or reject -> drop branch. Nothing changes.
-- Revert a specific AI commit 
CALL DOLT_REVERT('a3f9c2d'); 

-- Or reset the whole database to before 
CALL DOLT_RESET('--hard', 'model-2026-01-28'); 

-- Or branch to an old state for testing 
CALL DOLT_CHECKOUT('-b', 'safe-state', 'model-2026-01-28')

The blog

Agentic AI Needs Version Control

Read the thinking behind the infrastructure.

AI and Data

Why AI Needs Version Control

Code is stored in files, but data lives in databases. Bridging the gap for the next generation of AI agents.

11 min read

AI and Data

Agentic Memory

Agentic memory is here, and it's powered by Dolt.

11 min read

AI, Data, and Multi-Agent.

Multi-Agent Database

Multi-agent systems need SQL query power and Git-style versioning. Most tools give you one. Dolt gives you both.

7 min read

Product Building

Building AI Apps?

Your Database Should Version Like Code

A look at the new tooling for creating Dolt-native applications.

15 min read

Compliance

Solving EU AI ACT compliance

Dolt enables you to comply with the data governance and human oversight requirements of the EU AI Act

9 min read

Explore the blog

Cell-level diffs. Cell-level merges.

Production is always protected

Production is always protected

main branch

main branch

Every Agent Write
Logged
Diffed
Auditable
Forever

Real-World Application

Flock Safety: Law Enforcement AI, Made Compliant

Flock Safety builds license plate recognition AI for law enforcement.

Here's how Dolt answers their hardest compliance questions.

REQUIREMENT

Article 10 Audit

Compliance Question

"What training data was used for this model, and can you prove no images of humans were included?"

Dolt Answer

Query the tagged snapshot: SELECT COUNT(*) FROM training_images AS OF 'model-2026-01-28' WHERE has_person=1 → returns 0. Done.

INCIDENT

Biased Data Found

Problem

A QC test detects an image with has_person=1 entered the training set after model training. Who added it?

Dolt Resolution

Query dolt_diff and dolt_log in seconds: "Added by labeler-user@123.com on 2026-02-03 in commit 'Batch import Slovenia data' — after model training." Commit reverted. Labeler contacted. Model confirmed clean.

OVERSIGHT

Article 14 Human Review

Requirement

Law enforcement users must be able to override or reject AI-generated suspect identifications before they're used in investigations.

Dolt Solution

AI writes identifications to a branch. Human investigators review the diff — seeing exactly what the AI is proposing. Merge to accept, delete to reject. No AI output reaches the system without human sign-off.

Every agent write needs
an audit trail.

Start building yours today. MySQL-compatible, and production-ready.

Free and Open Source

View Documentation