[rosary-1b914d] feat(schema-bridge): lift from cloister (Apache-2.0)#21
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
This PR lifts the schema-bridge Rust crate into packages/schema-bridge/ and wires up repo-level Taskfile targets to build a Cap’n Proto compiler plugin that emits Zod + TypeScript types from .capnp schemas, with a fail-fast “unmapped construct” policy.
Changes:
- Added
packages/schema-bridge/Rust crate (parser IR + Zod emitter + capnp plugin binary) and integration tests. - Added Taskfile tasks to build the plugin and attempt Zod regeneration / drift checking.
- Added crate documentation and licensing/provenance notices for the lift + relicense.
Reviewed changes
Copilot reviewed 14 out of 15 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| Taskfile.yml | Adds schema-bridge:build, gen:zod, and gen:zod:check-drift tasks for building and running the plugin. |
| packages/schema-bridge/src/inputs/capnp.rs | Implements Capnp CodeGeneratorRequest → IR lowering with fail-fast unmapped construct handling. |
| packages/schema-bridge/src/outputs/zod.rs | Implements IR → Zod/TS emission (including unions/lists/enums) with .strict() objects. |
| packages/schema-bridge/src/main.rs | Capnp plugin entrypoint (stdin request → emit file to output dir). |
| packages/schema-bridge/src/{lib.rs,error.rs,ir/mod.rs,inputs/mod.rs,outputs/mod.rs} | Defines public API, IR types, and error model. |
| packages/schema-bridge/tests/integration.rs | Hermetic integration tests building requests via capnp builders (goldens + fail-fast guards + ignored stubs). |
| packages/schema-bridge/README.md | Documents purpose, invariants, mapped/unmapped constructs, and usage. |
| packages/schema-bridge/{Cargo.toml,Cargo.lock,.gitignore,NOTICE} | Crate packaging, lockfile, ignore rules, and provenance/licensing notice. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
jamestexas
added a commit
that referenced
this pull request
May 18, 2026
- Taskfile schema-bridge:build now uses --locked - gen:zod:check-drift gives a clearer error when baseline missing - atomic-move comment in gen:zod now honestly describes mv semantics - emitted zod.rs regen hint + README references switch to gen:zod / gen/ts paths - README Layout updated to packages/schema-bridge/ (was tools/...) - README "Follow-on" license claim corrected to Apache-2.0 (matches Cargo.toml + NOTICE) - Cargo.toml: drop unused indoc dev-dep All from Copilot review on PR #21. No falsification regression — code under src/ unchanged; only Taskfile, emit template, README, and dev-deps touched.
jamestexas
added a commit
that referenced
this pull request
May 18, 2026
…y::collapsible_match)
The outer 'contains("..")' check was strictly redundant — the inner
's == ".."' check (the only one that returned) implies it. Collapse
the pair into a match guard. No behavior change; UDS paths containing
'..' as a substring (e.g. 'foo..bar.sock') are still permitted, only
exact '..' components reject.
CI for the whole repo couldn't pass while this lint was hot under
-D warnings. Unblocks PRs #20/#21/#22 once #23 merges and they rebase.
jamestexas
added a commit
that referenced
this pull request
May 18, 2026
* chore(deps): comprehensive workspace dep update sweep Workspace-wide dependency update sweep across root + action + worker. Clears all 6 pnpm audit advisories (was 2 high / 4 moderate). | Workspace | Package | From | To | |-----------|----------------------------------|--------------|--------------| | root | @vitest/coverage-v8 | ^4.1.2 | ^4.1.6 | | root | tsx | ^4.21.0 | ^4.22.2 | | root | zod | ^4.3.6 | ^4.4.3 | | root | pnpm.overrides undici | — | <6.24.0 → ^6.24.0 | | root | pnpm.overrides ws | — | <8.20.1 → ^8.20.1 | | action | @types/node | ^25.5.0 | ^25.9.0 | | action | esbuild | ^0.25.0 | ^0.25.12 | | action | typescript | ^5.8.0 | ^5.9.3 | | worker | @cloudflare/workers-types | ^4.20260329.1| ^4.20260518.1| | worker | @cloudflare/vitest-pool-workers | ^0.13.5 | 0.13.5 (PIN) | | worker | @playwright/test | ^1.59.1 | ^1.60.0 | | worker | @types/node | ^25.6.0 | ^25.9.0 | | worker | prettier | ^3.8.1 | ^3.8.3 | | worker | vitest | ^4.1.2 | ^4.1.6 | | worker | wrangler | ^4.78.0 | ^4.92.0 | | worker | zod | ^3.25.0 | ^4.4.3 | | worker | oslo | ^1.2.1 | REMOVED | Notable: - wrangler 4.78 → 4.92: aligns with notme.bot PR #2 baseline; Node 22 runtime - zod 3 → 4 in worker: only one file (gha-oidc.ts) uses zod; uses safeParse + .error.message which are stable across v3/v4. Aligns with root manifest (was already ^4.3.6 there). - oslo removed: deprecated meta-package; zero imports in src/. Worker already uses the successor @oslojs/crypto + @oslojs/encoding directly. - @cloudflare/vitest-pool-workers pinned to exact 0.13.5 (no caret): per rosary-8ae6ab, 0.13.5 has the CF API 10375 issue; we don't yet know if 0.14+ fixes it. Pin makes the constraint explicit. - pnpm.overrides force undici≥6.24.0 and ws≥8.20.1: clears all 5 undici advisories (transitive via @actions/http-client v2) and the ws advisory (transitive via miniflare). Avoids taking the @actions/* major bumps (4.0 is ESM-only — separate refactor). Deferred (need code change or evidence — separate beads): - @actions/core 1 → 3 / @actions/http-client 2 → 4: ESM-only migration; action is currently bundled via esbuild but the ESM-only constraint is a real refactor. Advisories handled via pnpm.overrides instead. - @peculiar/x509 1 → 2: security-sensitive cert API surface; cert-authority.ts + signing-authority.ts need careful review of v2's extension/generator API. - typescript 5 → 6 (action): major TS bump warrants its own pass across the workspace, not bundled in deps sweep. - esbuild 0.25 → 0.28 (action): 0.x bumps frequently change defaults; aligned worker is already at 0.28 — leaving action at 0.25 line for now to avoid bundling-flag drift. Test status: - worker: 425 passed | 6 todo (28 files) — matches baseline - task worker:check: typecheck + tests both green - task schema:check: green - action: pnpm build green, dist/index.js rebuilt and node --check clean - pnpm audit: 0 advisories (was 2 high / 4 moderate) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> * ci: trigger run after Actions re-enabled * fix(proxy): collapse redundant nested if in UDS path validator (clippy::collapsible_match) The outer 'contains("..")' check was strictly redundant — the inner 's == ".."' check (the only one that returned) implies it. Collapse the pair into a match guard. No behavior change; UDS paths containing '..' as a substring (e.g. 'foo..bar.sock') are still permitted, only exact '..' components reject. CI for the whole repo couldn't pass while this lint was hot under -D warnings. Unblocks PRs #20/#21/#22 once #23 merges and they rebase. --------- Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
The capnp→TS+zod codegen tool moves to notme where the schemas it consumes live. Re-licensed Apache-2.0 by sole author (no third-party contributions in cloister). NOTICE documents the lift. Wires into Taskfile.yml: `task gen:zod` regenerates committed TS zod files; `task gen:zod:check-drift` fails CI if they drift. Falsification: every lifted .rs file's content (license-line-stripped SHA-256) matches cloister's baseline byte-for-byte. Known follow-on (rosary-8d2c78): schema-bridge currently rejects the `$Go.package`/`$Go.import` annotation declarations imported via `/go.capnp`, so `task gen:zod` against notme/schema/identity.capnp errors with a clear `unmapped annotation` diagnostic. The lift itself is sound; the wiring works structurally; the annotation policy is a separate design call (see bead). Cloister-side deprecation of tools/schema-bridge/ is a separate bead. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- Taskfile schema-bridge:build now uses --locked - gen:zod:check-drift gives a clearer error when baseline missing - atomic-move comment in gen:zod now honestly describes mv semantics - emitted zod.rs regen hint + README references switch to gen:zod / gen/ts paths - README Layout updated to packages/schema-bridge/ (was tools/...) - README "Follow-on" license claim corrected to Apache-2.0 (matches Cargo.toml + NOTICE) - Cargo.toml: drop unused indoc dev-dep All from Copilot review on PR #21. No falsification regression — code under src/ unchanged; only Taskfile, emit template, README, and dev-deps touched.
jamestexas
force-pushed
the
feat/lift-schema-bridge
branch
from
d60e638 to
0900c45
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Lifts
cloister/tools/schema-bridge/intonotme/packages/schema-bridge/. capnp → zod TypeScript codegen now lives next to thenotme/schema/*.capnpit consumes.git log)..rsfile: SPDX, copyright, one-line provenance pointing atpackages/schema-bridge/NOTICE.task gen:zod(regenerate) andtask gen:zod:check-drift(CI gate) intoTaskfile.yml. Build target:task schema-bridge:build.pnpm-workspace.yaml— schema-bridge is a Rust crate. Discoverable via the Taskfile entries.Cross-links:
rosary-1b914d(this lift)rosary-185bcarosary-8d2c78— schema-bridge needs to tolerate/go.capnp's annotation declarations sotask gen:zodactually emits foridentity.capnp(it currently fails fast with a clearunmapped annotationdiagnostic — by design until that bead lands).Falsification
Every lifted
.rsfile's content, with the injected SPDX/Copyright/Origin lines stripped, hashes byte-for-byte to the cloister baseline:(Full hashes in commit message / falsification script run.)
Tests match cloister baseline: 13 passed, 3 ignored, 0 failed.
Test plan
cargo buildfrompackages/schema-bridge/succeedscargo testpasses (13/13 active, 3 known-ignored — identical to cloister).rsfiletask schema-bridge:buildsucceeds at repo roottask gen:zodruns (fails onidentity.capnpwith a clear diagnostic about the/go.capnpannotation declarations — documented inline; tracked asrosary-8d2c78)tools/schema-bridge/— separate bead, not in scope here🤖 Generated with Claude Code