Skip to content

validate: default-root discovery + lazy-init via quoin#5

Merged
kreneskyp merged 1 commit into
mainfrom
validate-lazy-init-module-bootstrap
Jun 19, 2026
Merged

validate: default-root discovery + lazy-init via quoin#5
kreneskyp merged 1 commit into
mainfrom
validate-lazy-init-module-bootstrap

Conversation

@kreneskyp

Copy link
Copy Markdown
Contributor

What

Makes scoped quire validate work out of the box on a clean machine.

  • Discovery (pure filesystem, no network): scoped mode now also searches the default install root ~/.ix/filament/modules and IX_FILAMENT_MODULES_PATH (preferred; IX_SCHEMA_PATH kept as the legacy alias) — the dirs where quoin installs the default module set and quire-rs reads by default.
  • Lazy-init: when scoped discovery finds zero modules, validate shells out once to quoin plugin ensure-defaults, reloads the registry, then validates. If quoin is absent it falls through to an actionable error.

Why this is acceptable under NFR-004 (no-network)

The network (git clone) happens entirely in the quoin child — quire links no network crate, so AUDIT-003/cargo deny and the static-binary posture are untouched. NFR-004 is amended via CR note to scope the guarantee to quire's own process, with the lazy-init as the single documented exception. Full rationale + alternatives in ADR-0001.

Spec backport

  • FR-004 — CR note + updated prose + new AC-13 (default-root/env discovery, network-free) and AC-14 (quoin-absent actionable error / lazy-install).
  • NFR-004 — CR note + scoped Statement/AC-2.
  • New spec/assets/adr/0001-validate-lazy-init-module-bootstrap.md (+ index).
  • tests.md matrix + log.md.

Tests

  • IT-081 — scoped discovery via IX_FILAMENT_MODULES_PATH validates and opens zero inet sockets under strace -fe network (proves the discovery path is network-free).
  • IT-082 — empty discovery with no quoin on PATH → exit 1 with quoin plugin ensure-defaults guidance.
  • unit test for the resolved search roots. Full suite green.

Note: Cargo.lock synced to the already-committed 0.7.3 version. Runtime-pairs with agent-ix/quoin# (no build-time dependency).

🤖 Generated with Claude Code

Scoped `quire validate` now also searches the default install root
~/.ix/filament/modules and IX_FILAMENT_MODULES_PATH (preferred over the
legacy IX_SCHEMA_PATH alias) — pure filesystem discovery, no network. When
that search finds zero modules it shells out once to
`quoin plugin ensure-defaults` to bootstrap the default set, then reloads,
so a fresh machine self-heals with no env var. Falls through to an
actionable error when quoin is absent.

Network is confined to the quoin child; quire links no network crate. NFR-004
is amended (CR note) to scope the no-network guarantee to quire's own
process, with the lazy-init as the single documented exception (ADR-0001).
FR-004 gains AC-13/AC-14; IT-081 (scoped discovery network-free) and IT-082
(quoin-absent actionable error) added and mapped in tests.md. Cargo.lock
synced to the committed 0.7.3 version.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@kreneskyp kreneskyp merged commit 705470b into main Jun 19, 2026
3 checks passed
@kreneskyp kreneskyp deleted the validate-lazy-init-module-bootstrap branch June 19, 2026 18:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant