docs(status): Dev-D keyfile core/cli/wasm merged (588495f); keyfile-minors follow-up tracked
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_013Hc6Rvdz3DxLucqNtPE2iP
This commit is contained in:
@@ -14,6 +14,8 @@ Two-track multi-agent lift (5 streams, relay-coordinated; PM + Dev-A..E):
|
|||||||
- **Org track (merge order A→B→C):** Dev-A org SW+WASM foundation, Dev-B org read UI, Dev-C org write.
|
- **Org track (merge order A→B→C):** Dev-A org SW+WASM foundation, Dev-B org read UI, Dev-C org write.
|
||||||
- **Keyfile track (merge order D→E):** Dev-D keyfile core/cli/wasm, Dev-E keyfile extension + positioning pivot. Independent of the org track.
|
- **Keyfile track (merge order D→E):** Dev-D keyfile core/cli/wasm, Dev-E keyfile extension + positioning pivot. Independent of the org track.
|
||||||
|
|
||||||
|
**Merged to main so far:** Dev-D keyfile core/cli/wasm — `588495f` (2026-06-26). Two-review-clean (PM diff read + independent security subagent; PASS, no Critical/Important); merged tree green (workspace `cargo test` incl. the non-tautological equivalence test, `clippy -D warnings`). 3 minor follow-ups tracked for a `fix/v0.9.0-keyfile-minors` branch before the tag: (1) `keyfile_encode` → `Zeroizing<Vec<u8>>`; (2) test the `backup --include-image` clean-error on keyfile vaults; (3) integration test for malformed-keyfile vs wrong-secret at unlock. Plus the deferred `backup --include-keyfile` sibling. Dev-E green-lit (next in keyfile track).
|
||||||
|
|
||||||
**Org-write transport decision (2026-06-25) — recorded per the org-GUI spec's spike gate:**
|
**Org-write transport decision (2026-06-25) — recorded per the org-GUI spec's spike gate:**
|
||||||
- Spike (Dev-C, `426b82a`; doc `docs/superpowers/spikes/2026-06-20-org-signed-commit-spike.md`): **signature mechanism is GO** — a SW-built SSHSIG commit (raw `sign_for_git` + manual SSHSIG framing, no new WASM export) passes both `git verify-commit` and `relicario-server verify-org-commit`, incl. item+manifest dual-write + grant/slug authz. Hook matches the **signing-key fingerprint** → `members[].ed25519_pubkey` (committer text free-form, not checked).
|
- Spike (Dev-C, `426b82a`; doc `docs/superpowers/spikes/2026-06-20-org-signed-commit-spike.md`): **signature mechanism is GO** — a SW-built SSHSIG commit (raw `sign_for_git` + manual SSHSIG framing, no new WASM export) passes both `git verify-commit` and `relicario-server verify-org-commit`, incl. item+manifest dual-write + grant/slug authz. Hook matches the **signing-key fingerprint** → `members[].ed25519_pubkey` (committer text free-form, not checked).
|
||||||
- **Transport:** Gitea has **no write Git Data API at any version** (research vs 1.26.4 latest / roadmap / `repo_file.go`; Contents API can't carry a caller signature). The route is **native `git-receive-pack` packfile push via isomorphic-git** in the SW — host-agnostic, works at any Gitea version, preserves the SSHSIG byte-for-byte; extension `host_permissions` avoids the CORS proxy. ~68KB gzip dep.
|
- **Transport:** Gitea has **no write Git Data API at any version** (research vs 1.26.4 latest / roadmap / `repo_file.go`; Contents API can't carry a caller signature). The route is **native `git-receive-pack` packfile push via isomorphic-git** in the SW — host-agnostic, works at any Gitea version, preserves the SSHSIG byte-for-byte; extension `host_permissions` avoids the CORS proxy. ~68KB gzip dep.
|
||||||
|
|||||||
Reference in New Issue
Block a user