lab/distribution
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
055c8ced15700aa649d6a25d60fe85235fa8644c
distribution/.agents/runs/2026-06-02-orchestration-planning/discussion-round-2-snarky.md

3.2 KiB
Raw Blame History

Discussion Round 2 - Snarky

Final Decisions

  1. sx-blocked is a hard governance state.

    If an M1 slice hits an sx compiler/runtime/FFI bug, that slice stops. File or link the sx issue, record it in the distribution run, mark sx-blocked, and do not invent local workarounds unless Snarky explicitly approves a narrow boundary change.

  2. Error model is pinned to landed sx, not imagined sx.

    No !T folklore, no planned syntax, no aspirational std signatures. Before std work starts, pin the exact sx commit and include tiny real examples of current error handling.

  3. M1 APK inspection is deliberately tiny.

    M1 only proves ZIP container access and confirms AndroidManifest.xml exists with basic entry metadata. No AXML decoder, no package/version parsing, no signature validation.

  4. Enterprise, MDM, and proxy readiness must be separate.

    Enterprise install, MDM install, and artifact-only IPA access are distinct product states. distd behind a reverse proxy may validate configured HTTPS reachability, but it must not claim to terminate or own TLS.

  5. Public visibility has iOS carve-outs.

    Public app visibility does not mean public IPA download. iOS artifact-only IPAs require authenticated access, scoped token access, or signed install link access.

  6. M1 is DB-free.

    M1 uses file-backed or JSON-backed state only. SQLite is M2.

Accepted Opus Refinements

  • M1 JSON output should become the shape later reused by HTTP and remote CI.
  • rejected is terminal.
  • M1 release path may be draft -> published with validation=not_run.
  • Signed install links are HMAC over artifact/link identity plus expiry, with a server secret.
  • Download authorization must be a table, not prose soup.
  • FFI is acceptable when named, Linux-first, thin, and replaceable.

Rejected Or Deferred Items

  • pub, alias imports, and namespace re-export are deferred from the product critical path.
  • Pure-sx crypto/archive/SQLite is deferred.
  • HTTP, SQLite, admin UI, Docker/NAS deployment, full APK validation, and IPA validation are not M1.
  • Any layout redesign before product coverage is pinned is rejected.

Plan Patch Backlog

  1. Add sx-blocked state and cross-repo handoff rules.
  2. Patch Subplan 01 to remove dangling PLAN.md references and pin landed error handling.
  3. Rewrite M1 as the DB-free walking skeleton.
  4. Patch domain model: release states, validation outcome, channel promotion history.
  5. Patch CI manifest schema, example, idempotency key, rerun behavior.
  6. Patch access policy with roles, visibility, token scopes, signed links, and download table.
  7. Patch validation policy with required, warning, informational, not_supported.
  8. Split Enterprise, MDM, proxy HTTPS readiness, and iOS artifact-only behavior.

Implementation Still Blocked Until

  • Distribution repo has a clean git baseline.
  • Plan patches above are applied.
  • Active run has brief.md, state.json, and agents.json.
  • Current sx commit and error model are pinned.
  • Opus produces a proposal for the exact slice.
  • Snarky accepts product coverage.
  • Allowed write paths and branch are explicit and clean.
Reference in New Issue View Git Blame Copy Permalink