add State<T> + nested #[secret] design spec#305
Closed
aram356 wants to merge 36 commits into
Closed
Conversation
…nfig/app-demo test coverage, workspace commands
…dy-mode rename, Internal->500, scaffold CI checks
… roadmap update, macro crate test
Match the edgezero-cli precedent and the workspace-dependency convention. Adds quote to [workspace.dependencies].
…veat - emit `include_bytes!` const in app! output so edits to edgezero.toml trigger a Cargo rebuild without requiring a .rs change - strengthen middleware_sees_introspection_data to assert manifest_json presence and non-empty route list, mirroring dispatch test - add content-type assertion to routes_lists_registered_routes - add security caveat to routing.md Introspection Routes section noting endpoints are unauthenticated and environment.variables values are emitted
… no edgezero.toml change)
… atomic #[action(manifest|routes)] TDD tasks
…lity inject); fix plan single-filter cmd + probe response
…ne; cargo test in Task 10a
…rrying handler struct
Design spec for two upstream edgezero-core/edgezero-macros primitives: - State<T> extractor + RouterBuilder::with_state for app-owned shared state - nested/array #[secret] support via path-qualified SecretField metadata Filed under docs/superpowers/specs/. Includes a maintainer-review appendix (§8) verifying every current-mechanics claim against origin/main @ 42843b1 and folding in the corrections found: http-facade use in the router plumbing, the inaccurate lib.rs re-export step, the omitted validate_excluding_secrets consumer (needs nested-ValidationErrors navigation, not a rename), the per-struct guard-enforcement rewording, and B-3 being forced to the secret_fields() fn lowering.
Adds the blockers a follow-up review found (verified against origin/main @ 42843b1) and a Go/No-Go split: - nested-AppConfig CI guard (check_no_nested_app_config.rs) must be inverted - optional-secret metadata (optional: bool) is missing from SecretField - path model must commit to owned segments (Vec/Cow), not &'static - register the app_config helper attribute in the derive - TypedSecretEntry.field_name must be owned for dotted/array paths - enforce container rename_all on nested-only parents - settle array scope before implementing Workstream A is plan-ready now; B waits on the above.
5 tasks
6 tasks
Contributor
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
State<T>extractor + nested/array#[secret]support) underdocs/superpowers/specs/.origin/main@42843b1and folds in the corrections found.Changes
docs/superpowers/specs/2026-07-02-edgezero-state-and-nested-secrets-design.mdReview findings folded into §8
Both workstreams reviewed against the real code and found implementable, no blockers. Corrections captured in the appendix:
crate::httpfacade (not barehttp::Extensions) in the router plumbing; the "re-exportStateinlib.rs" step is unnecessary (edgezero_core::extractor::Stateis reachable oncepub);#[action]needs zero change since it already emits<Ty as FromRequest>::from_request(..).validate_excluding_secretswas missing from the consumer list and needs nested-ValidationErrorsnavigation for nested secrets (not a.name→.pathrename); §4.3 "guards along the path" reworded to per-struct self-enforcement via the#[app_config(nested)]opt-in +AppConfigRootbound; B-3 const→fn secret_fields()is effectively forced (cross-crate const concat of prefixed&'staticslices is not expressible); §4.5 pointed at the real reflection helpers (run_adapter_typed_checks/typed_secret_checks).Baseline note
Local
main(b298bc1) is a broken divergent tip (deletesconfig.rswhile leavingmod config;, doesn't compile, not an ancestor oforigin/main). This PR is branched fromorigin/main(42843b1), against which all spec claims were verified.Closes
Part of #304 (spec only; implementation PRs will close it).
Test plan
cd docs && npm run lint && npm run format && npm run buildChecklist