Conversation
# This is the 1st commit message: docs(rfd): Add RFDs 074–080 and clarify draft superseding in RFD 001 Add seven new RFDs covering the next wave of design work: - **RFD 074** (Discussion): Eager loading with command-declared data requirements. Replaces lazy `OnceLock` loading with a two-phase startup pipeline where commands declare `filter_needs` and `target_needs` upfront, enabling infallible data access at runtime. - **RFD 075** (Discussion): Tool sandbox and access policy. OS-level sandboxing for subprocess tools via `sandbox-exec` on macOS, Landlock on Linux, and restricted tokens/job objects on Windows. Extends RFD 076's `AccessPolicy` with `CommandRule` for spawn restrictions. - **RFD 076** (Accepted): Tool access grants. Typed `access` field on tool config declaring filesystem, network, and environment-variable grants. Tools self-enforce via `ctx.check_*()` helpers; OS-level enforcement is RFD 075's responsibility. - **RFD 077** (Discussion): Plugin configuration and trust policy. Introduces a `[plugins]` section in `AppConfig` with per-plugin install policy, execution policy, checksum pinning, and opaque options. Replaces standalone approval files. - **RFD 078** (Accepted): Tool config mutation. Adds `access.config` as a fourth resource type in RFD 076's access model. Tools declare config read/write grants, return `outcome.config` / `outcome.unset`, and rejected deltas trigger re-invocation with `context.delta_rejection`. Approved deltas accumulate in a per-cycle commit buffer and are emitted as a single `ConfigDelta` at cycle end. - **RFD 080** (Discussion): Editor as a config source. Moves editor invocation from `Query::run` into the startup pipeline so the editor's TOML preamble is resolved as a proper config layer before `Ctx` is constructed, eliminating the phantom-delta bug and making editor-provided values visible to the current turn. Also updates RFD 001 to clarify that drafts cannot be superseded — a draft replaced before promotion is deleted, not superseded. Supersedes relationships only apply from the Accepted state onward. Signed-off-by: Jean Mertz <git@jeanmertz.com> # The commit message #2 will be skipped: # fixup! docs(rfd): Add RFDs 074–080 and clarify draft superseding in RFD 001 # # Signed-off-by: Jean Mertz <git@jeanmertz.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add seven new RFDs covering the next wave of design work:
RFD 074 (Discussion): Eager loading with command-declared data requirements. Replaces lazy
OnceLockloading with a two-phase startup pipeline where commands declarefilter_needsandtarget_needsupfront, enabling infallible data access at runtime.RFD 075 (Discussion): Tool sandbox and access policy. OS-level sandboxing for subprocess tools via
sandbox-execon macOS, Landlock on Linux, and restricted tokens/job objects on Windows. Extends RFD 076'sAccessPolicywithCommandRulefor spawn restrictions.RFD 076 (Accepted): Tool access grants. Typed
accessfield on tool config declaring filesystem, network, and environment-variable grants. Tools self-enforce viactx.check_*()helpers; OS-level enforcement is RFD 075's responsibility.RFD 077 (Discussion): Plugin configuration and trust policy. Introduces a
[plugins]section inAppConfigwith per-plugin install policy, execution policy, checksum pinning, and opaque options. Replaces standalone approval files.RFD 078 (Accepted): Tool config mutation. Adds
access.configas a fourth resource type in RFD 076's access model. Tools declare config read/write grants, returnoutcome.config/outcome.unset, and rejected deltas trigger re-invocation withcontext.delta_rejection. Approved deltas accumulate in a per-cycle commit buffer and are emitted as a singleConfigDeltaat cycle end.RFD 080 (Discussion): Editor as a config source. Moves editor invocation from
Query::runinto the startup pipeline so the editor's TOML preamble is resolved as a proper config layer beforeCtxis constructed, eliminating the phantom-delta bug and making editor-provided values visible to the current turn.Also updates RFD 001 to clarify that drafts cannot be superseded — a draft replaced before promotion is deleted, not superseded. Supersedes relationships only apply from the Accepted state onward.