feat(call): remote_safe field on HandlerRegistration (ADR-028)
Adds the v1 data shape for peer-scoped default-deny registry filtering, the one-way-door piece of the call-completion batch (ADR-028): - HandlerRegistration gains pub remote_safe: bool, defaulting false across all provenance (Local, Session, FromOpenAPI, FromMCP, FromCall, FromJsonSchema) per ADR-028 §4. HandlerRegistration::new() keeps its existing 6-arg signature (defaults remote_safe: false), so all current call sites compile unchanged. - Chainable HandlerRegistration::remote_safe(bool) setter + a OperationRegistryBuilder::remote_safe() helper that marks the most-recently-registered op (tracked via last_name, not HashMap iteration order which is unspecified). - Field is data-only here — the filtering behavior (dispatch path + services/list hide) is wired in call/client/call-client, not this task. services/list is unchanged. - Tests: default false, setter flips field, all six provenance variants default false, builder setter marks last op, existing call sites unchanged. 178 tests pass, clippy clean. Refs: tasks/call/registry/remote-safe-marking.md Refs: docs/architecture/decisions/028-callclient-peer-scoped-registry-filtering.md
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
---
|
||||
id: call/registry/remote-safe-marking
|
||||
name: Add remote_safe field to HandlerRegistration for CallClient peer-scoped filtering (ADR-028)
|
||||
status: pending
|
||||
status: completed
|
||||
depends_on: []
|
||||
scope: narrow
|
||||
risk: medium
|
||||
|
||||
Reference in New Issue
Block a user