refactor: rename src/guard/catalog.ts → guard-actions.ts

File + internal map (catalog → guardedActions). The concept stays "the
action catalog" in prose (the term the requirements/decisions docs and
the conformance banner use); exported symbols (registerGuardedAction,
GuardedActionSpec, …) unchanged.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Moshe Krupper
2026-07-08 21:10:24 +03:00
parent 69e3b57d9d
commit 35ca4e14d2
6 changed files with 17 additions and 11 deletions
+1 -1
View File
@@ -27,7 +27,7 @@ import { listCommands } from '../cli/registry.js';
import { commandGuardAction } from '../cli/guard.js';
import { listDeliveryActions, registerDeliveryAction } from '../delivery.js';
import { EXEMPT_DELIVERY_ACTIONS, guardConformanceViolations } from '../guard-conformance.js';
import { getGuardedAction } from './catalog.js';
import { getGuardedAction } from './guard-actions.js';
describe('guard conformance', () => {
it('the full walk (shared with the boot check) reports zero violations', () => {
@@ -35,19 +35,19 @@ export interface GuardedActionSpec {
grantMatches?: (grant: PendingApproval, input: GuardInput) => boolean;
}
const catalog = new Map<string, GuardedActionSpec>();
const guardedActions = new Map<string, GuardedActionSpec>();
export function registerGuardedAction(spec: GuardedActionSpec): void {
if (catalog.has(spec.action)) {
if (guardedActions.has(spec.action)) {
log.warn('Guarded action re-registered (overwriting)', { action: spec.action });
}
catalog.set(spec.action, spec);
guardedActions.set(spec.action, spec);
}
export function getGuardedAction(action: string): GuardedActionSpec | undefined {
return catalog.get(action);
return guardedActions.get(action);
}
export function listGuardedActions(): GuardedActionSpec[] {
return [...catalog.values()].sort((a, b) => a.action.localeCompare(b.action));
return [...guardedActions.values()].sort((a, b) => a.action.localeCompare(b.action));
}
+1 -1
View File
@@ -10,7 +10,7 @@
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
import { guard } from './guard.js';
import { registerGuardedAction } from './catalog.js';
import { registerGuardedAction } from './guard-actions.js';
import { ALLOW, DENY, HOLD, type GuardInput } from './types.js';
const mockGetPendingApproval = vi.fn();
+1 -1
View File
@@ -20,7 +20,7 @@
*/
import { getPendingApproval } from '../db/sessions.js';
import { log } from '../log.js';
import { getGuardedAction } from './catalog.js';
import { getGuardedAction } from './guard-actions.js';
import { ALLOW, DENY, type GuardDecision, type GuardInput } from './types.js';
export function guard(input: GuardInput): GuardDecision {
+8 -2
View File
@@ -2,9 +2,15 @@
* Guard — the privileged-action decision seam (guarded-actions phase 2).
*
* See the guarded-actions decisions doc on the team hub. One decision
* function (guard.ts) and a registration-derived action catalog (catalog.ts).
* function (guard.ts) and a registration-derived action catalog
* (guard-actions.ts).
* Domain-free leaf: domain baselines register from the domain modules' edges.
*/
export { guard } from './guard.js';
export { registerGuardedAction, getGuardedAction, listGuardedActions, type GuardedActionSpec } from './catalog.js';
export {
registerGuardedAction,
getGuardedAction,
listGuardedActions,
type GuardedActionSpec,
} from './guard-actions.js';
export { ALLOW, DENY, HOLD, type GuardActor, type GuardDecision, type GuardInput } from './types.js';
+1 -1
View File
@@ -4,7 +4,7 @@
* The guard is a domain-free leaf: this module may import the DB read layer,
* config, log, and shared types — never src/cli/* or src/modules/*. Domain
* knowledge (what an action's structural baseline checks) arrives via
* registration: catalog entries (catalog.ts) are registered by the domain
* registration: catalog entries (guard-actions.ts) are registered by the domain
* modules at their module edges.
*/
import type { PendingApproval } from '../types.js';