feat: wire minimal governance contract path
This commit is contained in:
Eve
@@ -24,6 +24,7 @@ plugins/reporting-governance/
|
||||
index.mjs
|
||||
policy-evaluator.mjs
|
||||
decision-runner.mjs
|
||||
execute-governance-contract.mjs
|
||||
adapters/
|
||||
storage/
|
||||
reference/
|
||||
@@ -68,6 +69,42 @@ Reference runtime compositions and migration notes.
|
||||
|
||||
**The watchdog reference runtime composition belongs here**, as a reference implementation for OpenClaw rather than as package core logic.
|
||||
|
||||
## Public surface and compatibility
|
||||
|
||||
Current **public package surface** is intentionally narrow:
|
||||
|
||||
- root export: `@openclaw/plugin-reporting-governance`
|
||||
- adapter exports:
|
||||
- `@openclaw/plugin-reporting-governance/adapters`
|
||||
- `@openclaw/plugin-reporting-governance/adapters/watchdog`
|
||||
- `@openclaw/plugin-reporting-governance/adapters/dispatcher`
|
||||
- `@openclaw/plugin-reporting-governance/adapters/bridge-supervisor`
|
||||
- `@openclaw/plugin-reporting-governance/adapters/sender-binding`
|
||||
- `@openclaw/plugin-reporting-governance/adapters/orchestrator`
|
||||
|
||||
What is currently exposed from the root export:
|
||||
|
||||
- `evaluatePolicyPack(...)`
|
||||
- `evaluatePolicies(...)`
|
||||
- `planDecisionExecution(...)`
|
||||
- `executeGovernanceContract(...)`
|
||||
- package metadata helpers such as `packageName`
|
||||
- package-owned adapter entrypoints and `runWatchdogChain(...)`
|
||||
|
||||
Compatibility posture for this slice:
|
||||
|
||||
- `0.1.0-mainline` should be treated as **pre-1.0, surface-tightening phase**.
|
||||
- Deep imports into `src/` are **not supported API** even if files exist in-repo.
|
||||
- Tests now explicitly enforce that private paths like `src/adapters/runtime-binding.mjs` stay outside `exports`.
|
||||
- Adding a symbol to a file under `src/` does **not** mean it is public unless wired through package `exports`.
|
||||
- Future tightening of root/adapters exports may still be a breaking change until a stable `1.0` surface is declared.
|
||||
|
||||
Practical migration rule:
|
||||
|
||||
- depend on package root exports or declared adapter subpaths only
|
||||
- do not couple runtime integrations to repo-private file paths
|
||||
- treat capability descriptors and schemas as package artifacts, but not as guaranteed JS import entrypoints unless exported later
|
||||
|
||||
## Current reference composition
|
||||
|
||||
The current reference composition is the OpenClaw watchdog chain:
|
||||
@@ -93,6 +130,7 @@ The current package now includes a small but runnable `core/` implementation:
|
||||
|
||||
- `src/core/policy-evaluator.mjs`
|
||||
- `src/core/decision-runner.mjs`
|
||||
- `src/core/execute-governance-contract.mjs`
|
||||
- `src/core/index.mjs`
|
||||
|
||||
Current package-core responsibilities:
|
||||
@@ -103,6 +141,7 @@ Current package-core responsibilities:
|
||||
- choose the highest-precedence decision when multiple rules match
|
||||
- convert a canonical decision into an execution plan, enforcement intent, and receipt skeleton
|
||||
- truthfully degrade unsupported enforcement paths based on the capability descriptor
|
||||
- provide one minimal contract path from `capability descriptor -> policy decision -> execution planning`
|
||||
|
||||
Still **runtime-adapter responsibility** at this stage:
|
||||
|
||||
@@ -114,6 +153,22 @@ Still **runtime-adapter responsibility** at this stage:
|
||||
|
||||
This means `core/` now owns evaluation and planning semantics, while adapters still own actual enforcement side effects.
|
||||
|
||||
## Minimal end-to-end contract slice now included
|
||||
|
||||
This slice now has one small but testable contract path:
|
||||
|
||||
1. capability descriptor advertises real enforcement support
|
||||
2. policy evaluator emits a canonical decision from event/evidence/context
|
||||
3. decision runner converts that decision into execution planning
|
||||
4. the result declares:
|
||||
- adapter-dispatch actions required
|
||||
- package-core actions possible locally
|
||||
- blocked mandatory actions when capability support is missing
|
||||
- truthful delivery / receipt state
|
||||
|
||||
This is intentionally **planning-level end-to-end**, not full live inline interception.
|
||||
It proves contract alignment without pretending all runtime enforcement is already extracted.
|
||||
|
||||
## Not yet included
|
||||
|
||||
This package still does **not** claim full implementation of:
|
||||
@@ -124,4 +179,4 @@ This package still does **not** claim full implementation of:
|
||||
- complete rewrite / placeholder / review / status-downgrade adapter execution
|
||||
- non-watchdog full runtime governance interception
|
||||
|
||||
It now provides the first package-mainline evaluator / decision-runner core, but the remaining enforcement surface is still intentionally honest about adapter gaps.
|
||||
It now provides the first package-mainline evaluator / decision-runner core, plus a minimal end-to-end contract proof, but the remaining enforcement surface is still intentionally honest about adapter gaps.
|
||||
|
||||
Reference in New Issue
Block a user