Skip to content

chore(hub): migrate samod to quarto-dev/samod@access-policy (automerge 0.10)#355

Merged
cscheid merged 4 commits into
mainfrom
feature/bd-qp353u2b-migrate-samod-access-policy
Jul 2, 2026
Merged

chore(hub): migrate samod to quarto-dev/samod@access-policy (automerge 0.10)#355
cscheid merged 4 commits into
mainfrom
feature/bd-qp353u2b-migrate-samod-access-policy

Conversation

@shikokuchuo

@shikokuchuo shikokuchuo commented Jul 1, 2026

Copy link
Copy Markdown
Member
  • Migrates the vendored samod fork from quarto-dev/samod@q2 (samod 0.9 / automerge 0.8) to quarto-dev/samod@access-policy (samod 0.12.1 / automerge 0.10) in quarto-hub and quarto-preview.
  • Ports AuditAccessPolicy to the new synchronous AccessPolicy trait (is_allowed).
  • Dedups the audit log: samod 0.12 consults the policy on every inbound sync message (samod 0.9 memoized it per (peer, doc) connection), so a document open logged "Document accessed" 2–3 times. Restored once-per-(peer, doc) semantics with a dedup set in AuditAccessPolicy, pruned per-peer on disconnect (forget_peer).
  • No automerge 0.8→0.10 source breaks surfaced; JS↔Rust wire + on-disk formats verified compatible.

Tracked as braid bd-qp353u2b.

…ge 0.10)

Switch the vendored samod fork from quarto-dev@q2 (samod 0.9.0 / automerge
0.8.0) to shikokuchuo@access-policy (samod 0.12.1 / automerge 0.10.0) in
quarto-hub and quarto-preview. AccessPolicy is now synchronous (should_allow →
is_allowed, borrowed args, bool return); AuditAccessPolicy ported mechanically
and its "Document accessed" audit log now has a tracing-capture regression test.
No automerge 0.8→0.10 source breaks surfaced; single unified automerge 0.10 in
the lockfile. bd-qp353u2b.
samod 0.12 consults the access policy on every inbound sync message, so
a document open logged 'Document accessed' 2-3 times. Restore once-per-
(peer, doc) semantics via a dedup set in AuditAccessPolicy, pruned per
peer on disconnect (forget_peer).
@posit-snyk-bot

posit-snyk-bot commented Jul 2, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Same branch, identical commit c5a06c39; canonical long-term home moved
from the shikokuchuo fork to quarto-dev.
@shikokuchuo shikokuchuo changed the title chore(hub): migrate samod to shikokuchuo/samod@access-policy (automerge 0.10) chore(hub): migrate samod to quarto-dev/samod@access-policy (automerge 0.10) Jul 2, 2026
@shikokuchuo shikokuchuo marked this pull request as ready for review July 2, 2026 12:28
@cscheid cscheid merged commit 681e9a9 into main Jul 2, 2026
8 checks passed
@cscheid cscheid deleted the feature/bd-qp353u2b-migrate-samod-access-policy branch July 2, 2026 13:03
@cscheid

cscheid commented Jul 2, 2026

Copy link
Copy Markdown
Member

Thanks!

gordonwoodhull added a commit that referenced this pull request Jul 8, 2026
The smoke-all suite ran serially (workers: 1) on the theory that the
75s-timeout flakiness came from the WASM render pipeline stalling under
CPU contention on a '2-core' runner. That diagnosis was wrong on both
counts: the public-repo ubuntu-latest runner has 4 vCPUs, and the real
cause was server-side sync contention — fixed by the samod-0.12 hub
upgrade (PR #355) on 2026-07-03.

Since #355 the nightly has been clean at workers: 1 for several
consecutive nights. Dispatch stress runs on this branch then confirmed
78/78 with zero flaky at both 3 and 4 workers (~3.4m, vs the serial
~4.8m), proving the fix holds under concurrent load:

  - run 28840734138 — 4 workers, nproc=4, 78 passed, 0 flaky (3.4m)
  - run 28871855320 — 3 workers, nproc=4, 78 passed, 0 flaky (3.4m)

Restore parallelism at 3 (reserves one core for the co-resident hub +
vite-preview + node). SMOKE_ALL_WORKERS + the smoke-all-workers dispatch
input remain as a knob to re-stress at 4 if flakiness ever returns.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants