# CMIS OpenCMIS TCK Evidence - WP-0014 - 2026-05-13T21:02:55Z ## Run Summary - Run ID: `run-20260513T210255Z` - Harness: `guide-board` with `open-cmis-tck` extension - Assessment: `cmis-browser-baseline` - Target: `kontextual-cmis-compat` - Endpoint: `http://127.0.0.1:8010/cmis/compat-tck/browser` - OpenCMIS TCK: CMIS 1.1.0, revision `1789681` - Result: `completed` - Policy: `0` unexpected findings, `0` applied waivers - Internal verification: `.venv/bin/python -m pytest -q` -> `165 passed`, `14 skipped` The previous unpersisted `/tmp` assessment output was not available anymore, so this run is the persisted evidence baseline for the remaining WP-0014 CMIS object/content maturity blockers. ## Normalized Results | Group | Result | Counts | Remaining non-green findings | | --- | --- | --- | --- | | `repository-type` | `warning` | `38 pass`, `2 info`, `1 skipped`, `1 warning` | Local test endpoint uses HTTP rather than HTTPS. | | `object-content` | `warning` | `10 info`, `5 skipped`, `1 warning` | `appendContentStream()` is not supported. | Guide Board summary: - `pass`: 1 - `warning`: 2 ## OpenCMIS Infrastructure Score This is a compatibility-infrastructure score for the selected Browser Binding baseline, not a CMIS certification score and not the broader product-depth score from `docs/cmis-1-1-capability-scorecard.md`. Formula: - Accepted case = `pass`, `info`, or declared `skipped`. - Warning case = half credit. - Hard blocker = `fail`, `infrastructure_error`, or unexpected finding. Scores: | Metric | Score | Basis | | --- | ---: | --- | | Selected baseline completion | 100.0% | Guide Board result `completed`; both selected groups returned `0`. | | Unexpected finding clearance | 100.0% | `0` unexpected findings, `0` fail, `0` infrastructure_error. | | Warning-adjusted normalized case score | 98.3% | `(56 accepted + 0.5 * 2 warnings) / 58 normalized cases`. | | Strict no-warning normalized case score | 96.6% | `56 accepted / 58 normalized cases`. | Digest versus the previous WP-0014 object/content frontier (`run-20260508T164334Z`): - Overall OpenCMIS status improved from `infrastructure_error` to `completed`. - Object/content hard blockers improved from `3 fail` and `3 infrastructure_error` to `0 fail` and `0 infrastructure_error`. - Object/content warnings improved from `3 warning` to `1 warning`. - The old remaining blockers were closed: CMIS exception mapping, `bulkUpdateProperties`, `deleteContentStream`, change-token conflict handling, copy/create-from-source, and offset-zero range classification. ## Blocker Resolution Resolved in this pass: - CMIS-specific exception mapping now returns Browser Binding exception names such as `invalidArgument`, `constraint`, `updateConflict`, `notSupported`, `objectNotFound`, and `permissionDenied` instead of leaking generic `422` diagnostics into CMIS clients. - `bulkUpdateProperties` is implemented for the `compat-tck` Browser Binding profile by applying the existing CMIS `updateProperties` path to each requested object with per-object change-token handling. - `deleteContentStream` now records a content-change version, tombstones the content projection, clears content-stream properties, and returns CMIS `constraint` for subsequent stream reads so OpenCMIS resolves the stream to `null` rather than treating the document as deleted. - Change-token conflicts are enforced for CMIS property and content mutations. - `createDocumentFromSource`/copy is implemented by creating a governed asset copy that reuses representation blob references instead of duplicating bytes. - Offset-zero content range requests are classified as full-stream responses unless a non-zero offset or explicit length is requested. ## Remaining Scope Remaining warning-only items: - `appendContentStream()` is unsupported by design for now. The engine supports whole-stream replacement through deduplicated content services; append would need a deliberate blob-composition design before being advertised. - HTTPS is not used in the local harness endpoint. This is deployment/test topology, not a CMIS adapter behavior gap. Skipped OpenCMIS object/content cases are aligned with declared capability boundaries: - Relationship, policy, and item creation are not advertised as creatable. - Folder-name change-token subcases are skipped by the TCK. ## Interpretation The selected Browser Binding baseline is now stable enough to be considered a completed compatibility-preparation baseline for repository/type and object/content services. This is not full CMIS 1.1 certification and does not cover AtomPub, Web Services, versioning/PWC, full query, renditions, retention, or policy mutation depth.