docs(platforms): schema-driven platform facts knowledge base with CI conformance#1295
Conversation
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
…/platforms/wecom.md
…/platforms/discord.md
…/platforms/_template.md
…/platforms/telegram.md
…/platforms/googlechat.md
…/platforms/feishu.md
…/platforms/slack.md
…/platforms/line.md
…/platforms/teams.md
…/platforms/README.md
This comment has been minimized.
This comment has been minimized.
40eefa3 to
cff9057
Compare
Build strictly from the committed Cargo.lock and fail if it is stale, rather than silently regenerating it. Partial fix for openabdev#1338 (--locked); Rust cache, checkout@v6, and concurrency group tracked there separately.
|
Note LGTM ✅ — Well-structured, schema-driven platform knowledge base with solid CI enforcement. What This PR DoesReviewers and new maintainers repeatedly re-derive the same platform facts (reply token TTL, message limits, threading model) from scattered code and PRs. This PR bootstraps How It WorksThree-schema structure per platform:
A standalone Rust crate ( Findings
Finding Details🟢 F1: Strong anti-drift designThe combination of 🟢 F2: Clean architecture separationTOML captures "what the platform can do + what OpenAB implements" (CI-checkable); Markdown captures "how to deploy" (human-readable). No duplication, clear boundaries. 🟢 F3: Template-as-documentationThe conformance test 🟢 F4: Honest scope managementThe PR explicitly calls out known limitations (#1337: trigger-path gap, #1338: CI hardening, #1339: ownership model, #1340: code-ref bypass routes) as follow-up issues rather than silently shipping them. This makes the review scope clear. 🟢 F5: Reproducible CIUsing 🟢 F6: Deep platform researchEach platform file shows genuine investigation — e.g., Feishu's 20-edit cap with errcode mapping, LINE's reply-token TTL nuances, Teams' JWT endorsement validation, WeCom's PKCS7 block_size=32 divergence. These facts previously lived only in code comments or PR discussions. Baseline Check
What's Good (🟢)
5️⃣ Three Reasons We Might Not Need This PR
All three concerns are acknowledged in the PR's follow-up issues or mitigated by the schema design. The net value (single source of truth for 8 platforms, CI-enforced freshness, day-1 onboarding) clearly outweighs the maintenance cost. |
The platform-facts KB (#1295) landed on main after this branch was cut and records 'Slack does NOT use the shared gate' — which this PR makes stale. Update the trust_gate feature entry (partial → implemented, mirroring discord.toml's phrasing) and the Native-trust-divergence quirk. Conformance suite passes against this branch's code refs.
* feat(trust): Phase 1 (slack) — L3 identity via shared gate Wire Slack into the PlatformTrustConfigs registry and call the shared ingress trust gate from the Slack message path, mirroring the Discord wiring from #1270. Slack was the only configured platform absent from the registry — the gate would have fallen back to the deny-all default had it ever run for slack events. - main.rs: insert "slack" TrustConfig — L2 open (Slack's own channel allowlist stays authoritative in the adapter), L3 mirrors the resolved [slack].allow_all_users/allowed_users, so the gate agrees with Slack's existing user check (behavior-preserving). - slack.rs: thread Arc<AdapterRouter> through run_slack_adapter into handle_message; evaluate gate_incoming after the existing user check (redundant-but-matching, non-regressive). Bots bypass L3 — same rationale as Discord (#1270 review F1): bot admission is allow_bot_messages + trusted_bot_ids, and L3 is human-identity only. - is_dm passed truthfully via Slack conversation-ID prefix (D… = DM), cf. #1270 review F2; decision is identical either way today since the entry is L2-open with allow_dm=true. - tests: pin the L3 bot-bypass and the DM prefix classification. Refs #1361 (first task), umbrella #1356, ADR #1291. * refactor(trust): consolidate l3_gate_applies into trust.rs Self-review finding: the Slack wiring copy-pasted l3_gate_applies from discord.rs (identical 3-line fn + doc). Move the single definition next to Decision in trust.rs and import it from both gate call sites. Each adapter keeps its own pinning test against the shared fn. * docs(platforms): slack.toml reflects Phase 1 shared-gate wiring The platform-facts KB (#1295) landed on main after this branch was cut and records 'Slack does NOT use the shared gate' — which this PR makes stale. Update the trust_gate feature entry (partial → implemented, mirroring discord.toml's phrasing) and the Native-trust-divergence quirk. Conformance suite passes against this branch's code refs. --------- Co-authored-by: chaodu-agent <chaodu-agent@users.noreply.github.com>
Problem
Summary
Bootstraps
docs/platforms/— a machine-readable platform facts schema for all 8 messaging platforms, with typed Rust conformance tests in CI.What this adds
docs/platforms/schema/*.tomldocs/platforms/README.mddocs/platforms/_template.tomlcrates/platform-schema/.github/workflows/platform-schema-conformance.ymlCONTRIBUTING.mdArchitecture
docs/<platform>.md= operator setup guides (human-readable, unchanged)#symbolexistenceThree schemas per platform
[capability.*]— 18 fixed fields per platform, sourced from official docs[[openab_features]]— closed 17-feature set with status + code-ref source[[quirks]]— freeform dated findings logFollow-up issues
--lockedmissing), no cache (30-60s wasted), checkout@v4 inconsistent, no concurrency groupcheck_code_refhas bypass routes: empty#symbolalways passes,../paths escape repoContext