CORE-WP-0005-T04 prerequisites resolved: seed full Inter-Hub vocabulary; keep /hubs protected (ops-hub gate expects 401)

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
2026-07-03 01:39:45 +02:00
parent 0a23c9a9b4
commit a33191ab3a
2 changed files with 75 additions and 0 deletions

View File

@@ -82,6 +82,24 @@ With operator approval, switch production traffic such as `hub.coulomb.social` t
list must gain a token before cutover.
3. Operator approval + rollback plan (existing gate).
**Prerequisite resolutions 2026-07-03:**
1. **Catalog gap — resolved by seeding.** Core Hub's catalogs are static
in-code seeds (`seeds.py`), not DB registries, so extending the migration
bundle schema was the wrong shape. Seeded the complete Inter-Hub
vocabulary instead (23 widget types incl. all 7 orphaned `ops-*` types,
30 event types) as an explicit Inter-Hub-compatibility block; existing
Core Hub seeds retained. 22 tests pass. Migrated widgets are
referentially complete once the new image ships.
2. **Auth posture — resolved by keeping Core Hub protected.** Consumer
audit found only two `/api/v2/hubs` status consumers:
`ops-hub/interhub_gate_probe.py` **asserts 401** (it encodes the desired
hardened contract and currently fails against Inter-Hub production,
which serves 200), and `railiance-forge/tools/gitea-runner-status.sh`
is informational. No anonymous consumer depends on a 200. Core Hub's
protected listing is therefore an intentional hardening that satisfies
the ops-hub gate at cutover; no code change made.
## Progress 2026-07-02 — staging import completed