fix: resolve review #004 findings W1-W4 + close review gate
W1 (call/protocol/abort-cascade-wiring): wire AbortCascade into CallAdapter handle_stream for EVENT_ABORTED. Cascades with AbortPolicy::AbortDependents, aborts root, no descendant frames on wire (ADR-016 Decision 2). Two integration tests added. W2 (core/endpoint-client-fingerprint): extract TLS client cert fingerprint in dispatch_quinn (SHA256:<hex> of leaf cert DER via peer_identity) and dispatch_iroh (ed25519:<hex> of peer NodeId). Fingerprint format documented in auth.md. Server config change (with_no_client_auth → request-but-don't-require) deferred to new follow-up task core/endpoint-request-client-cert. W3 (vault/mnemonic-debug-redaction): replace Mnemonic derive(Debug) with manual redacting impl (phrase: "[REDACTED]"). Seed confirmed no Debug impl. Redaction test added. W4 (core/auth-apikey-resources): Option B — drop entry.resources from spec. External identities (token/fingerprint) grant scopes only; resource-scoped ACLs are composition-internal (ADR-015/022). auth.md corrected + limitation documented. Two tests confirm empty resources. review-post-impl-fixes: all 4 verified, workspace green (326 tests, 0 failures, 0 clippy warnings). Review #004 status → resolved. Graph: 34 tasks, 12 gens.
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
---
|
||||
id: review-post-impl-fixes
|
||||
name: Review the four post-implementation sanity-check #004 fixes for spec conformance
|
||||
status: pending
|
||||
status: completed
|
||||
depends_on: [call/protocol/abort-cascade-wiring, core/endpoint-client-fingerprint, vault/mnemonic-debug-redaction, core/auth-apikey-resources]
|
||||
scope: moderate
|
||||
risk: low
|
||||
@@ -93,4 +93,23 @@ check.md`, does not introduce new spec drift, and is adequately tested.
|
||||
> at the end of a fix batch, with `scope: moderate`, `risk: low`,
|
||||
> `impact: phase`. It does not need to re-derive the findings — review
|
||||
> #004 already did that work. It only needs to confirm the fixes land
|
||||
> correctly and the workspace stays green.
|
||||
> correctly and the workspace stays green.
|
||||
|
||||
## Summary
|
||||
|
||||
All four fixes verified against acceptance criteria:
|
||||
- W1: `handle_stream` handles `EVENT_ABORTED`, cascades with
|
||||
`AbortDependents`, no descendant frames on wire, root removed, two
|
||||
integration tests pass.
|
||||
- W2: both dispatch paths extract fingerprints, format documented in
|
||||
`auth.md`, no-cert case returns `None` (no regression), server-config
|
||||
change deferred to `core/endpoint-request-client-cert`.
|
||||
- W3: `Mnemonic` has manual redacting `Debug`, `Seed` has no `Debug`,
|
||||
redaction test passes.
|
||||
- W4: Option B — spec corrected, limitation documented, both resolvers
|
||||
return empty resources, tests pass.
|
||||
|
||||
Workspace green: `cargo build --workspace --all-features` ✓, `cargo test
|
||||
--workspace --all-features` (326 tests, 0 failures) ✓, `cargo clippy
|
||||
--workspace --all-features --all-targets` (0 warnings) ✓. Review #004
|
||||
status updated to `resolved`.
|
||||
Reference in New Issue
Block a user