From 03e04d53334f9d041037397b788afcf6394883a7 Mon Sep 17 00:00:00 2001 From: Hare Date: Fri, 5 Jun 2026 14:12:06 +0900 Subject: [PATCH] ticket: close feature authority separation --- .../artifacts/.gitkeep | 0 .../artifacts/decision.md | 0 .../artifacts/delegation-intent.md | 0 .../hook-context-authority-handles.md | 0 .../artifacts/implementation-report.md | 0 .../artifacts/review.md | 0 .../item.md | 4 +- .../resolution.md | 40 ++++++++++++++++ .../thread.md | 48 +++++++++++++++++++ 9 files changed, 90 insertions(+), 2 deletions(-) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/artifacts/.gitkeep (100%) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/artifacts/decision.md (100%) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/artifacts/delegation-intent.md (100%) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/artifacts/hook-context-authority-handles.md (100%) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/artifacts/implementation-report.md (100%) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/artifacts/review.md (100%) rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/item.md (98%) create mode 100644 work-items/closed/20260604-234844-feature-api-authority-separation/resolution.md rename work-items/{open => closed}/20260604-234844-feature-api-authority-separation/thread.md (86%) diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/artifacts/.gitkeep b/work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/.gitkeep similarity index 100% rename from work-items/open/20260604-234844-feature-api-authority-separation/artifacts/.gitkeep rename to work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/.gitkeep diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/artifacts/decision.md b/work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/decision.md similarity index 100% rename from work-items/open/20260604-234844-feature-api-authority-separation/artifacts/decision.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/decision.md diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/artifacts/delegation-intent.md b/work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/delegation-intent.md similarity index 100% rename from work-items/open/20260604-234844-feature-api-authority-separation/artifacts/delegation-intent.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/delegation-intent.md diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/artifacts/hook-context-authority-handles.md b/work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/hook-context-authority-handles.md similarity index 100% rename from work-items/open/20260604-234844-feature-api-authority-separation/artifacts/hook-context-authority-handles.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/hook-context-authority-handles.md diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/artifacts/implementation-report.md b/work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/implementation-report.md similarity index 100% rename from work-items/open/20260604-234844-feature-api-authority-separation/artifacts/implementation-report.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/implementation-report.md diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/artifacts/review.md b/work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/review.md similarity index 100% rename from work-items/open/20260604-234844-feature-api-authority-separation/artifacts/review.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/artifacts/review.md diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/item.md b/work-items/closed/20260604-234844-feature-api-authority-separation/item.md similarity index 98% rename from work-items/open/20260604-234844-feature-api-authority-separation/item.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/item.md index 74dee034..9e787f91 100644 --- a/work-items/open/20260604-234844-feature-api-authority-separation/item.md +++ b/work-items/closed/20260604-234844-feature-api-authority-separation/item.md @@ -2,12 +2,12 @@ id: 20260604-234844-feature-api-authority-separation slug: feature-api-authority-separation title: Feature API: separate internal modules from external-plugin authority model -status: open +status: closed kind: task priority: P1 labels: [plugin, feature-registry, permissions, architecture] created_at: 2026-06-04T23:48:44Z -updated_at: 2026-06-05T05:09:37Z +updated_at: 2026-06-05T05:11:56Z assignee: null legacy_ticket: null --- diff --git a/work-items/closed/20260604-234844-feature-api-authority-separation/resolution.md b/work-items/closed/20260604-234844-feature-api-authority-separation/resolution.md new file mode 100644 index 00000000..c6213666 --- /dev/null +++ b/work-items/closed/20260604-234844-feature-api-authority-separation/resolution.md @@ -0,0 +1,40 @@ +Feature API authority separation is complete and merged. + +Implementation: + +- `4fc361f refactor: name feature host authorities explicitly` +- merge commit: `b46ea65 merge: clarify feature host authorities` + +Summary: + +- Renamed the generic feature authority API surface to explicit host-authority terminology: + - `AuthorityRequest` -> `HostAuthorityRequest` + - `AuthorityGrantSet` -> `HostAuthorityGrantSet` + - `AuthorityDenial` -> `HostAuthorityDenial` + - `requested_authorities` -> `requested_host_authorities` + - `required_authorities` -> `required_host_authorities` + - `granted_authorities` -> `host_authority_grants` + - `grants()` -> `host_authority_grants()` + - `FeatureInstallError::AuthorityDenied` -> `HostAuthorityDenied` +- Preserved descriptor-first validation, duplicate tool rejection, undeclared contribution rejection, missing host-authority install failure, and built-in Task feature behavior. +- Added/updated tests/comments to make contribution declarations separate from host authority grants. +- Did not implement Ticket tools, external plugin loading, approval/resume protocol, MCP, WASM/sandbox runtime, feature crate extraction, Hook behavior changes, or Task behavior changes. + +Review: + +- External sibling reviewer approved with no blockers and no required non-blockers. +- Residual note: `HostAuthorityGrantSet::grant_all(&descriptor.requested_host_authorities)` remains the existing builtin-only scaffold, not a real external-plugin approval resolver. This is unchanged and remains future work. + +Post-merge validation passed: + +- `cargo test -p pod feature --lib` +- `cargo test -p pod task --lib` +- `cargo test -p pod --lib` +- `cargo test -p llm-worker --lib` +- `cargo fmt --check` +- `git diff --check` +- `./tickets.sh doctor` +- `cargo check --workspace --all-targets` +- `nix build .#yoi --no-link` + +This clears the API naming prerequisite for `ticket-built-in-feature-tools`. diff --git a/work-items/open/20260604-234844-feature-api-authority-separation/thread.md b/work-items/closed/20260604-234844-feature-api-authority-separation/thread.md similarity index 86% rename from work-items/open/20260604-234844-feature-api-authority-separation/thread.md rename to work-items/closed/20260604-234844-feature-api-authority-separation/thread.md index d74038d3..cdfcdc40 100644 --- a/work-items/open/20260604-234844-feature-api-authority-separation/thread.md +++ b/work-items/closed/20260604-234844-feature-api-authority-separation/thread.md @@ -232,4 +232,52 @@ The existing `HostAuthorityGrantSet::grant_all(&descriptor.requested_host_author Yes. This clears the API naming prerequisite for `ticket-built-in-feature-tools`. +--- + + + +## Closed + +Feature API authority separation is complete and merged. + +Implementation: + +- `4fc361f refactor: name feature host authorities explicitly` +- merge commit: `b46ea65 merge: clarify feature host authorities` + +Summary: + +- Renamed the generic feature authority API surface to explicit host-authority terminology: + - `AuthorityRequest` -> `HostAuthorityRequest` + - `AuthorityGrantSet` -> `HostAuthorityGrantSet` + - `AuthorityDenial` -> `HostAuthorityDenial` + - `requested_authorities` -> `requested_host_authorities` + - `required_authorities` -> `required_host_authorities` + - `granted_authorities` -> `host_authority_grants` + - `grants()` -> `host_authority_grants()` + - `FeatureInstallError::AuthorityDenied` -> `HostAuthorityDenied` +- Preserved descriptor-first validation, duplicate tool rejection, undeclared contribution rejection, missing host-authority install failure, and built-in Task feature behavior. +- Added/updated tests/comments to make contribution declarations separate from host authority grants. +- Did not implement Ticket tools, external plugin loading, approval/resume protocol, MCP, WASM/sandbox runtime, feature crate extraction, Hook behavior changes, or Task behavior changes. + +Review: + +- External sibling reviewer approved with no blockers and no required non-blockers. +- Residual note: `HostAuthorityGrantSet::grant_all(&descriptor.requested_host_authorities)` remains the existing builtin-only scaffold, not a real external-plugin approval resolver. This is unchanged and remains future work. + +Post-merge validation passed: + +- `cargo test -p pod feature --lib` +- `cargo test -p pod task --lib` +- `cargo test -p pod --lib` +- `cargo test -p llm-worker --lib` +- `cargo fmt --check` +- `git diff --check` +- `./tickets.sh doctor` +- `cargo check --workspace --all-targets` +- `nix build .#yoi --no-link` + +This clears the API naming prerequisite for `ticket-built-in-feature-tools`. + + ---