From 933b80d7a61479cfcf643a0cb81112fe41294396 Mon Sep 17 00:00:00 2001 From: "glm-5.1" Date: Mon, 11 May 2026 03:34:31 +0000 Subject: [PATCH] docs: remove ADR-006 drift tables, finalize all doc statuses to stable --- docs/architecture/README.md | 2 +- docs/architecture/adapters.md | 2 +- docs/architecture/api-surface.md | 21 +------------------ docs/architecture/call-protocol.md | 21 +------------------ .../decisions/006-unified-invocation-path.md | 2 +- 5 files changed, 5 insertions(+), 43 deletions(-) diff --git a/docs/architecture/README.md b/docs/architecture/README.md index 4b759fb..bc9a307 100644 --- a/docs/architecture/README.md +++ b/docs/architecture/README.md @@ -1,5 +1,5 @@ --- -status: draft +status: stable last_updated: 2026-05-11 --- diff --git a/docs/architecture/adapters.md b/docs/architecture/adapters.md index 1e54da7..0ec95fe 100644 --- a/docs/architecture/adapters.md +++ b/docs/architecture/adapters.md @@ -1,5 +1,5 @@ --- -status: draft +status: stable last_updated: 2026-05-11 --- diff --git a/docs/architecture/api-surface.md b/docs/architecture/api-surface.md index 1715742..62b29c8 100644 --- a/docs/architecture/api-surface.md +++ b/docs/architecture/api-surface.md @@ -1,5 +1,5 @@ --- -status: draft +status: stable last_updated: 2026-05-11 --- @@ -367,22 +367,3 @@ See [adapters.md](adapters.md) for detailed adapter documentation. | `MCPClientLoader` | `from-mcp` sub-path | Manage multiple MCP servers | | `scanOperations` | Main barrel | Filesystem auto-discovery of operation specs | -## Source vs. Spec Drift - -This section documents differences between the architecture spec (this document) and the current source code. - -### ADR-005 (Response Envelopes) — ✅ Implemented - -All ADR-005 changes have been implemented in source. No remaining drift. - -### ADR-006 (Unified Invocation Path) — ✅ Implemented in source - -| What | Spec says | Source now does | -|------|----------|----------------| -| `execute()` access control | Checks `accessControl` when `identity` present; `ACCESS_DENIED` when `requiredScopes` non-empty and no `identity` | ✅ Implemented — checks access control unless `context.trusted` | -| `execute()` error type | Throws `CallError` | ✅ `CallError(OPERATION_NOT_FOUND)`, `CallError(ACCESS_DENIED)`, `CallError(VALIDATION_ERROR)` | -| `buildEnv()` | Always uses `execute()`, no `callMap` option | ✅ `callMap` removed, always calls `registry.execute()` with `trusted: true` | -| `CallHandler` | Thin adapter calling `registry.execute()` | ✅ Delegates to `registry.execute()`, publishes events | -| `OperationContext.trusted` | New field for nested call auth bypass | ✅ Added to `OperationContextSchema` and type | -| `subscribe()` access control | Checks access control when `identity` present | ✅ Implemented — same logic as `execute()` | -| `checkAccess()` export | Available for external use | ✅ Exported from `call.ts` and `index.ts` | \ No newline at end of file diff --git a/docs/architecture/call-protocol.md b/docs/architecture/call-protocol.md index 2115929..205e82f 100644 --- a/docs/architecture/call-protocol.md +++ b/docs/architecture/call-protocol.md @@ -1,5 +1,5 @@ --- -status: draft +status: stable last_updated: 2026-05-11 --- @@ -302,25 +302,6 @@ The `subscribe()` function looks up both spec and handler separately from the re This allows spec-only registration for scenarios where handlers are provided separately (e.g., ujsx host interpretation, dynamic handler injection). -## Source vs. Spec Drift - -This section documents differences between the architecture spec (this document) and the current source code. - -### ADR-005 (Response Envelopes) — ✅ Implemented - -All ADR-005 changes have been implemented in source. No remaining drift. - -### ADR-006 (Unified Invocation Path) — ✅ Implemented in source - -| What | Spec says | Source now does | -|------|----------|----------------| -| `execute()` access control | Checks `accessControl` when `identity` present; `ACCESS_DENIED` when `requiredScopes` non-empty and no `identity` | ✅ Implemented — checks access control unless `context.trusted` | -| `CallHandler` calls `execute()` | Thin adapter that calls `registry.execute()` internally | ✅ Delegates to `registry.execute()`, publishes events | -| `buildEnv()` | Always uses `execute()`, no `callMap` option | ✅ `callMap` removed, always calls `registry.execute()` with `trusted: true` | -| `OperationContext.trusted` | New field for nested call bypass | ✅ Added to `OperationContextSchema` and type | -| `execute()` error type | Throws `CallError` | ✅ `CallError(OPERATION_NOT_FOUND)`, `CallError(ACCESS_DENIED)`, `CallError(VALIDATION_ERROR)` | -| `subscribe()` access control | Checks access control when `identity` present; `ACCESS_DENIED` when `requiredScopes` non-empty and no `identity` | ✅ Implemented — same logic as `execute()` | - ## References - [response-envelopes.md](response-envelopes.md) — `ResponseEnvelope` types, factory functions, detection, and integration points diff --git a/docs/architecture/decisions/006-unified-invocation-path.md b/docs/architecture/decisions/006-unified-invocation-path.md index 33c233e..22e00fb 100644 --- a/docs/architecture/decisions/006-unified-invocation-path.md +++ b/docs/architecture/decisions/006-unified-invocation-path.md @@ -1,5 +1,5 @@ --- -status: implemented +status: accepted last_updated: 2026-05-11 ---