You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
contract+rbac+ogar: mint-forward compat reader — the P0 sweep missed rbac.rs
Follow-up on the CanonHigh flip: three sites derived classid halves outside
the one flippable composition and surfaced only when the flip landed —
- contract rbac.rs ClassGrant::permits used 'class as u16' (the codex-P2
collapse pattern). Now routes classid_canon_compat.
- lance-graph-rbac AuthProvider::classid() hand-widened u32::from(concept).
Now routes contract render_classid(0x0000, concept) -> 0x0B01_0000-form.
- lance-graph-ogar AUTH_*_CID / test ENCOUNTER literals in the pre-flip
0x0000_DDCC form. Now const-composed via contract render_classid.
New: ogar_codebook::classid_canon_compat — the mint-forward CANON reader
for surfaces serving BOTH stored forms (RBAC grants, un-re-baked corpora):
active canon when plausible (>= 0x0100 && != 0x1000), legacy-order
fallback otherwise; the canon slot exactly 0x1000 (domain-0x10 root) stays
reserved-unusable until marker retirement (P4). RBAC authorizes pre-flip
persisted rows without re-bake; both-forms grant test added.
Board: EPIPHANIES E-CLASSID-COMPAT-READER (same commit).
Gates: contract 774 (guid-v3-tail), rbac 30, ogar 81; clippy; fmt.
Co-Authored-By: Claude <noreply@anthropic.com>
0 commit comments