Molecule: Phase 3 by s373r · Pull Request #1642 · kamu-data/kamu-cli

s373r · 2026-05-19T18:49:11Z

Related to: https://github.com/kamu-data/planning-internal/issues/133

s373r

Added comments for readers

* Molecule API: v2 -> v3 + remove v2 postfix * molecule/project: update schema * molecule/project: ipnft_uid -> ocl_id migration * molecule/project: ipnft_uid -> ocl_id migration: tests * flow-system: commit cached sqlx queries for sqlite * GQL: add/update Molecule scalars * OclId: String -> own type * Symbol: String -> own type * update-non-aws.sh: remove outdated * Update: tests * Final touches * Revert "flow-system: commit cached sqlx queries for sqlite" This reverts commit d266825. * ES: increment versions of modified schemas * MOLECULE_PROJECT_MESSAGE_OUTBOX_VERSION: increment # Conflicts: # resources/molecule/molecule-announcements.yaml # resources/molecule/molecule-data-room-activity.yaml # resources/molecule/molecule-projects.yaml # src/adapter/graphql/src/scalars/mod.rs # src/sku/molecule/domain/src/snapshots/molecule_dataset_snapshots.rs

* Use Molecule's synthetic data * Use ? in the test * cargo: add "clippy-target-dir" alias * POST /sign/eip712?key={did}&includeNodeProof=true: scaffolding * crypto-eip712-utils: crate * crypto-eip712-utils: use alloy@1.7.3 * kamu: add a workaround for datafusion-ethers * kamu-adapter-http: remove ed25519-dalek dep * sign_eip712_handler: 1st signature layer * crypto-eip712-utils: signing_hash_without_eip191_prefix() * crypto-eip712-utils: sign(): lightweight exportable * crypto-eip712-utils: sign_prefixed() & verification_key_prefixed() * clippy

* crypto-eip712-utils: try remove extra deps * crypto-eip712-utils: use umbrella alloy crate * sign_eip712_handler: correct secp256k1 signature generation * multiformats: "ed25519-dalek" add the zeroize feature # Conflicts: # src/infra/core/Cargo.toml

* crypto-eip712-utils: try remove extra deps * crypto-eip712-utils: use umbrella alloy crate * sign_eip712_handler: correct secp256k1 signature generation * multiformats: "ed25519-dalek" add the zeroize feature

* test_molecule_provided_test_data(): add signature generation / address recovery test * crypto-eip712-utils: Secp256k1Signer / Secp256k1VerifyingKey * Secp256k1Signer: zeroize * Secp256k1Signer::from_bytes(): zeroize * Secp256k1Signer: debug impl * crypto-eip712-utils: serde under feature gate * Secp256k1Signature * Secp256k1Signature: Serialize * crypto-eip712-utils: more tests * crypto-eip712-utils: add "schemars" feature * Secp256k1Signer: Serialize * crypto-eip712-utils: utoipa feature * kamu-adapter-http: SignEip712Proof: return structs not String * kamu-adapter-http: SignEip712Response: add "verification_method" field * sign_eip712_handler(): declarative response * DidSecretEncryptionConfig: ZeroizeOnDrop * IdentityConfig: use Secp256k1Signer * sign_eip712_handler(): remove a TODO re zeroize (already did) * sign_eip712_handler(): update imports * kamu-adapter-http: use SignEip712UseCase * kamu-signing: introduce * Eip712TypedData: Deserialize * MoleculeProject: remove todo * kamu-signing-services: initial * kamu-signing-services: SignEip712UseCaseImpl * DidOdf: serde * SignEip712UseCaseImpl: polish * SignEip712UseCaseImpl: access checks * clippy: fixes * CreateAccountUseCaseImpl::execute(): store private key * test_sign_eip712_use_case_impl * Changes after test runs * test_verify(): update identity config * clippy fixes

* test_has_access_by_name_matrix(): add new test case * SignEip712UseCaseImpl: use AccountAuthorizationHelper * DatasetActionUnauthorizedError: extend w/ NotFound(_) * OsoDatasetAuthorizer: return DatasetActionUnauthorizedError::NotFound * Test fixes * RebacDatasetRegistryFacadeImpl::classify_dataset_refs_by_access(): parallel execution * ClassifyDatasetRefsByAccessResponse::try_get_error_message(): cover not_found * SignEip712UseCaseImpl::get_secret_key(): parallel execution * ClassifyDatasetRefsByAccessResponse::try_get_error_message(): cover w/ tests

* Support sort ordering for flow listings (#1605) * Dependency fix * Implemented flexible flow listing ordering at service level + 2 high-level ordering modes in GQL API * First attempt to create AGENTS.md for Codex CLI * ReBAC property and relation updates now suppress redundant outbox messages when model remains unchanged. (#1606) * ReBAC relation updates now suppress redundant outbox messages when permissions remain unchanged. * Similar coverage added for properties change messags. * Corrected issue about wrong outbox message in ReBAC relation unset flow. * Extended test coverage for ReBac use cases and services * Dependency updates * Latest Rust toolchain, cargo fmt, and cargo clippy * v0.261.0 * Minor deps * Temporarily alowing RUSTSEC-2026-0049 due to AWS pin * Upgrade to datafusion 53 * ODF: better feature slicing * Migrate from minio to RustFS and change credentials passing * Upgrade aws-sdk-s3 * Update images and scripts to RustFS * Warnings eliminated * SmartTP tests refactor for RustFS: achieved stability * Cleanups * S3-related fixture cleanups * Udeps fixed * Improve odf feature slicing * Build fix + changelog * Got rid of non-working AWS IAM token provider for the database * sha2 0.10 => 0.11 * More major dependencies updated * Elasticsearch: got rid of Rust client in favor of direct REST API calls * v0.261.1 * Upgrade RW engine, automate example tests * v0.262.0 * CI tweaks * CI tweaks * Exception for lru@0.12.5 * RW fallout * Minor updates + alloy pin * nanoid 0.4=>0.5 * hickory_resolver 0.25=>0.26 * jsonschema 0.45 => 0.46 * Killed weird tokio pin * deny.toml corrected * Corrected flakky transaction leakeage Co-authored-by: Copilot <copilot@github.com> * Update deps * Update canonical_json dependency * CI improvements * Surface and document engine test exclusion * Security update: hickory_resolver * GQL collection::entries support maxDepth * ODF schema in sources: codegen * ODF schema in sources: update logic * Improved ODF codegen defaults * Improved how source schema is exposed in GQL * Support ODF schema in collection/files extra columns * Schema union short form * GQL ReadStep::schema will auto-convert from DDL * v0.263.0 * Patching of config-reference.md with new version during release * Fix linter * Fix up changelog * datafusion-ethers: use "eip712" feature * ElasticsearchClient::find_document_by_id(): correct url encoding for id * Linting --------- Co-authored-by: Sergei Zaychenko <szaychenko@kamu.dev> Co-authored-by: Sergei Zaychenko <zaychenko.sergei@gmail.com> Co-authored-by: Sergii Mikhtoniuk <mikhtoniuk@gmail.com> Co-authored-by: Copilot <copilot@github.com>

(cherry picked from commit 913d59e)

…t accounts

…t accounts [2]

sergiimk · 2026-05-25T17:03:27Z


-type CreateProjectErrorConflict implements CreateProjectResult {
-	project: MoleculeProjectV2!
+type CreateProjectAccountConflictError implements CreateProjectResult {


As I mentioned in Slack - I'd prefer to avoid having this late API-breaking change and instead reused the existing conflict error with a different message.

We discussed it in Slack and agreed that we need a new error (CreateProjectAccountConflictError), but we shouldn't change the name of the old one (CreateProjectErrorConflict)

Done

…t accounts [3]

(cherry picked from commit 30cd9ff)

s373r self-assigned this May 19, 2026

s373r mentioned this pull request May 19, 2026

Molecule: Phase 3 -- backup #1618

Closed

s373r commented May 19, 2026

View reviewed changes

Comment thread src/domain/accounts/services/src/use_cases/create_account_use_case_impl.rs Outdated

Comment thread Cargo.lock Outdated

Comment thread Cargo.lock Outdated

s373r marked this pull request as ready for review May 19, 2026 19:12

s373r requested review from sergiimk and zaychenko-sergei May 19, 2026 19:12