fraqtal/agentic-dev
Template
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
6b57d76dc22d75186ceff5dd7fa9ed32a1abc221
agentic-dev/docs/work/conformance-system-v1/02-boot-assertions/_story.md

2.9 KiB
Raw Blame History

id, epic, title, type, status, feature, depends-on, blocks
id epic title type status feature depends-on blocks
02-boot-assertions conformance-system-v1 assertFeatureConformance + boot wiring technical-story done core-shared
01-define-feature-helper
03-eslint-rules

Goal

Runtime boot-time verification that every manifest-declared use case is bound through the brand-attaching wrappers. Each feature's bindProductionX(ctx) self-asserts at the tail; pnpm dev refuses to boot on drift.

Why

Type casts can mask unwrapped factories; manifest edits can drift from binders without TypeScript noticing. Boot assertions catch what the type system can't see — at zero cost during the inner agent feedback loop, and synchronously at startup so failures fire loudly.

Done when

  • withSpan, withCapture, withAudit attach non-enumerable runtime markers matching the type-level brand names
  • assertFeatureConformance(container, manifest, symbols, ctx) resolves each manifest use case and throws ConformanceError on a missing brand
  • auth.bindProductionAuth(ctx) self-asserts at the tail
  • pnpm dev boots cleanly for the existing auth wiring; rebinding signIn with an unwrapped factory causes pnpm dev to throw at startup

In scope

  • Runtime marker attachment via Object.defineProperty(fn, "__brand", { … }) (non-enumerable, non-writable, non-configurable)
  • isInstrumented / isCaptured / isAudited predicates
  • ConformanceError class (extends Error)
  • assertFeatureConformance(container, manifest, symbols, ctx) helper
  • Wiring into packages/auth/src/di/bind-production.ts (tail-of-binder self-assertion)
  • withAudit upgraded from passthrough to a thin wrapper that attaches its runtime brand without changing observable behaviour

Out of scope

  • assertConformance over a multi-feature container collection at the app's bindAll() (current per-feature self-assertion is sufficient and forward-compatible)
  • Wiring boot assertions into cms and web-tanstack — neither has a bind-production.ts yet; they'll inherit the check whenever they grow one
  • Manifests for blog, media, navigation, marketing-pages (their bindProductionX stays unchanged in this story)
  • Automated audit recording driven by manifest audits[] declarations (deferred to a later story)

Tasks

  • Re-export authManifest from auth root barrel
  • TODO breadcrumb in withAudit pointing at future automation
  • Runtime marker helpers (attachBrand, isInstrumented, isCaptured, isAudited)
  • withSpan attaches runtime __instrumented marker
  • withCapture attaches runtime __captured marker
  • withAudit wraps + attaches runtime __audited marker
  • ConformanceError class
  • assertFeatureConformance helper + tests
  • Conformance barrel + subpath exports updated
  • bindProductionAuth self-asserts at the tail
  • Final verification + story closeout