68 lines
4.7 KiB
Text
68 lines
4.7 KiB
Text
let d = import "../defaults.ncl" in
|
|
|
|
# Verifier for the customization seam (core.ncl::customization-seam practice).
|
|
# This mode IS the transition condition of the consumer-neutrality FSM dimension
|
|
# (state.ncl): one-site-baked → neutral-framework requires these checks to pass.
|
|
# Each check is a deterministic grep oracle that exits 0 and prints PASS/FAIL, so
|
|
# the DAG runs to the report step regardless of individual verdicts.
|
|
#
|
|
# What it guards: brand, the site's own public origin, and site identity must NOT
|
|
# be hardcoded in the shared Rust that the htmx-ssr binary actually compiles and
|
|
# serves — crates/server/src + crates/pages_htmx/src. Those belong to the
|
|
# runtime/config layers per the seam; a hit is the one-site-pole collapse the
|
|
# framework-vs-one-site tension forbids.
|
|
#
|
|
# SCOPE — active surface only. crates/pages (Leptos hydration pages) is an
|
|
# `optional` dep NOT pulled by the htmx-ssr feature (server Cargo.toml:
|
|
# htmx-ssr = ["ssr","auth","email"], no dep:website-pages), so it is absent from
|
|
# this binary; its external project-showcase links (vapora.dev, rustelo.dev, …)
|
|
# are outbound CONTENT, not the site's own baked origin — checking them would
|
|
# report false positives. If a route ever opts into leptos-hydration, widen the
|
|
# scope to crates/pages/src and treat self-origin self-links (not outbound links)
|
|
# as the violation.
|
|
|
|
d.make_mode String {
|
|
id = "validate-seam",
|
|
trigger = "Validate the customization seam: brand, public origin and site identity must live in the runtime/config layers, never hardcoded in shared Rust (crates/). Transition condition for the consumer-neutrality FSM dimension.",
|
|
|
|
preconditions = [
|
|
"rg (ripgrep) available on PATH",
|
|
"code/crates/server/src and code/crates/pages_htmx/src exist (the active htmx-ssr surface)",
|
|
],
|
|
|
|
steps = [
|
|
{
|
|
id = "check-no-brand-hex",
|
|
action = "No canonical brand hex (#E8A838 amber, #C0CCD8 silver, #0F1319 dark, #C88A20, #F0C265) may appear in the active shared Rust. Brand colour belongs in CSS (consumer styles + assets.ncl), never compiled in. Any FAIL line is a seam violation.",
|
|
cmd = "m=$(rg -n -i '#(e8a838|c0ccd8|0f1319|c88a20|f0c265)' code/crates/server/src code/crates/pages_htmx/src 2>/dev/null); if [ -n \"$m\" ]; then echo 'FAIL brand-hex in shared code:'; echo \"$m\"; else echo 'PASS no brand hex in shared code'; fi",
|
|
actor = 'Both,
|
|
on_error = { strategy = 'Continue },
|
|
},
|
|
{
|
|
id = "check-no-hardcoded-origin",
|
|
action = "No hardcoded public origin (a real site host such as ontoref.dev) may be baked as the site's own origin in the active shared Rust. The public origin comes from the SITE_BASE_URL env at runtime (seo::site_base_url) and self-links are relative. A localhost dev fallback is allowed; a baked production host is a violation. Scoped to server/src + pages_htmx/src so outbound content links in the optional Leptos pages are not false-flagged.",
|
|
cmd = "m=$(rg -n 'https?://[a-z0-9.-]+\\.(dev|com|pro|org)' code/crates/server/src code/crates/pages_htmx/src -g '*.rs' 2>/dev/null | rg -v '//!|///' | rg -vi 'example\\.|w3\\.org|schema\\.org|localhost|nickel-lang|github\\.com|yourusername'); if [ -n \"$m\" ]; then echo 'FAIL hardcoded production origin in shared code:'; echo \"$m\"; else echo 'PASS no hardcoded production origin in shared code'; fi",
|
|
actor = 'Both,
|
|
depends_on = [{ step = "check-no-brand-hex" }],
|
|
on_error = { strategy = 'Continue },
|
|
},
|
|
{
|
|
id = "check-no-site-identity",
|
|
action = "No consumer-specific identity literal (logo filename, owner/site name like jesusperez or jpl-website) may appear in the active shared Rust. Identity comes from site/config (logo, site.name) — build-baked config, not compiled code.",
|
|
cmd = "m=$(rg -n -i 'jesusperez|jpl-website' code/crates/server/src code/crates/pages_htmx/src -g '*.rs' 2>/dev/null | rg -v '//!|///'); if [ -n \"$m\" ]; then echo 'FAIL site identity literal in shared code:'; echo \"$m\"; else echo 'PASS no site identity literal in shared code'; fi",
|
|
actor = 'Both,
|
|
depends_on = [{ step = "check-no-brand-hex" }],
|
|
on_error = { strategy = 'Continue },
|
|
},
|
|
{
|
|
id = "report",
|
|
action = "Aggregate the three checks. ALL PASS ⇒ the seam is respected and the consumer-neutrality transition is unblocked on this axis. ANY FAIL ⇒ a customization has leaked into shared Rust; report each offending file:line and the layer it belongs in (brand→CSS, origin→env, identity→site/config) so it can be moved before the binary can claim neutrality.",
|
|
actor = 'Both,
|
|
depends_on = [
|
|
{ step = "check-no-hardcoded-origin" },
|
|
{ step = "check-no-site-identity" },
|
|
],
|
|
on_error = { strategy = 'Stop },
|
|
},
|
|
],
|
|
}
|