test: gatekeeper + readonly-filter + config, interfaces need-review (v0.9.0)
Fin Phase 1. 22 tests verts : barrière readonly-filter (fail-safe), ReadOnlyGuard, paliers de risque + sursis, invariant anti-escalade, config fail-closed + masquage secrets. Interfaces du cycle need-review posées pour la Phase 2 (Asset, canExecute) sans câblage runtime. Split tsconfig typecheck/build. Palier de risque : reversible. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Kantin-Petit
@@ -6,6 +6,18 @@ incompatibles. Chaque ligne renvoie à un commit dédié (un artefact = un commi
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
## [0.9.0] — 2026-06-23 — fin Phase 1 (cerveau lecture seule)
|
||||
### Added
|
||||
- `src/gatekeeper/assets.ts` : interfaces du cycle "need review" posées pour la
|
||||
Phase 2 (table Asset, sursis 7 j réversible / blocage immédiat privilégié,
|
||||
`assertNoEscalation` anti-escalade, `canExecute`). Non câblé au runtime P1.
|
||||
- Tests Vitest (22) : `readonly-filter` (fail-safe + tiers), `gatekeeper`
|
||||
(Guard read-only, sursis par palier, invariant anti-escalade, canExecute),
|
||||
`config` (fail-closed, verrou lecture seule, masquage des secrets).
|
||||
### Changed
|
||||
- Split TS config : `tsconfig.json` (typecheck+tests, noEmit) /
|
||||
`tsconfig.build.json` (emit `dist/`, rootDir `src`).
|
||||
|
||||
## [0.8.0] — 2026-06-23
|
||||
### Added
|
||||
- `src/surfaces/telegram.ts` : surface Telegram long-polling (zéro port publié),
|
||||
|
||||
Reference in New Issue
Block a user