ci: lock EventEnvelope byte contract

2025-12-18 00:16:50 +00:00
parent 1830e0f673
commit 94715c21f6
2 changed files with 20 additions and 0 deletions
--- a/.github/workflows/freeze-envelope.yml
+++ b/.github/workflows/freeze-envelope.yml
@@ -0,0 +1,15 @@
+name: Freeze Envelope Byte Contract
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  freeze-envelope:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@stable
+      - name: Assert EventEnvelope byte contract
+        run: cargo test -p vaultmesh-command-center test_event_envelope_canonicalization_bytes
+
--- a/COOLING_CHECKLIST.md
+++ b/COOLING_CHECKLIST.md
@@ -2,3 +2,8 @@

 For the next 30 days, treat these as frozen invariants: do not change `EventEnvelope` `format`/`schema` semantics, do not reorder top-level envelope fields, do not change timestamp precision (UTC `Z`, seconds-only), do not change payload key-sorting rules (objects sorted recursively; arrays preserve order), do not change the JSONL newline byte contract (one LF per line), and do not silently change hash algorithms when/if leaf hashing is introduced—only evolve via an explicit schema/version bump.

+No envelope changes without: a payload schema bump, a full replay audit rerun, and a new freeze tag.
+
+Freeze tag: `v0.8-freeze-envelope-v0` currently exists locally; when ready to publish, push it (and the commit) with:
+- `git push origin 1830e0f:main`
+- `git push origin v0.8-freeze-envelope-v0`