generated from coulomb/repo-seed
112 lines
4.6 KiB
Markdown
112 lines
4.6 KiB
Markdown
# CMIS OpenCMIS TCK Evidence - Release Readiness - 2026-05-14T00:37:05Z
|
|
|
|
## Run Summary
|
|
|
|
- Run ID: `run-20260514T003705Z`
|
|
- Local date: 2026-05-14 Europe/Berlin
|
|
- Harness: `guide-board` with `open-cmis-tck` extension
|
|
- Assessment: `cmis-browser-baseline`
|
|
- Target: `kontextual-cmis-compat`
|
|
- Endpoint: `http://127.0.0.1:8010/cmis/compat-tck/browser`
|
|
- OpenCMIS TCK: CMIS 1.1.0, revision `1789681`
|
|
- Result: `completed`
|
|
- Policy: `0` unexpected findings, `0` applied waivers
|
|
- Run directory: `/tmp/kontextual-cmis-assessment-20260514T003648Z`
|
|
- Assessment package:
|
|
`/tmp/kontextual-cmis-assessment-20260514T003648Z/reports/assessment-package.json`
|
|
- Report:
|
|
`/tmp/kontextual-cmis-assessment-20260514T003648Z/reports/report.md`
|
|
|
|
This run was executed after `KONT-WP-0016` added bounded read-side query,
|
|
relationship, ACL, and capability-ordering contracts. A first assessment run
|
|
(`run-20260514T002933Z`) exposed an avoidable object/content warning because
|
|
folder children were not returned in deterministic `cmis:name` order after
|
|
advertising `capabilityOrderBy=common`. The engine now sorts CMIS child
|
|
projections by `cmis:name`; the final run below is the persisted release
|
|
evidence.
|
|
|
|
## Command
|
|
|
|
The sister `open-cmis-tck` target profile points at port `8000`, which is not
|
|
safe for this workstation because another local service is already bound there.
|
|
For this run, the target profile was copied to `/tmp` with only the endpoint
|
|
changed to port `8010`.
|
|
|
|
```sh
|
|
cd /home/worsch/guide-board
|
|
source /home/worsch/open-cmis-tck/.local/toolchains/env.sh
|
|
PYTHONPATH=src python3 -m guide_board \
|
|
--extension-dir ../open-cmis-tck \
|
|
run \
|
|
--target /tmp/kontextual-cmis-compat-8010-20260514T003648Z.json \
|
|
--assessment ../open-cmis-tck/profiles/assessments/cmis-browser-baseline.json \
|
|
--output-dir /tmp/kontextual-cmis-assessment-20260514T003648Z
|
|
|
|
cd /home/worsch/open-cmis-tck
|
|
PYTHONPATH=src python3 scripts/cmis_scorecard.py \
|
|
--run-dir /tmp/kontextual-cmis-assessment-20260514T003648Z
|
|
```
|
|
|
|
## Normalized Results
|
|
|
|
| Group | Result | Counts | Remaining non-green findings |
|
|
| --- | --- | --- | --- |
|
|
| `preflight` | `pass` | Endpoint reachable; parseable Browser Binding JSON; repository `compat-tck` selected. | None. |
|
|
| `repository-type` | `warning` | `38 pass`, `2 info`, `1 skipped`, `1 warning` | Local loopback endpoint uses HTTP rather than HTTPS. |
|
|
| `object-content` | `pass` | `10 info`, `5 skipped` | None. |
|
|
|
|
Guide Board summary:
|
|
|
|
- `pass`: 2
|
|
- `warning`: 1
|
|
- unexpected findings: 0
|
|
- applied expectations: 0
|
|
- applied waivers: 0
|
|
|
|
The only warning is the known local harness transport warning:
|
|
|
|
```text
|
|
Security Test (BROWSER): HTTPS is not used. Credentials might be transferred as plain text!
|
|
```
|
|
|
|
## Score
|
|
|
|
This is a compatibility-infrastructure score for the selected Browser Binding
|
|
baseline, not a CMIS certification score.
|
|
|
|
| Metric | Score | Basis |
|
|
| --- | ---: | --- |
|
|
| Selected baseline completion | 100.0% | Guide Board result `completed`; both selected TCK groups returned `0`. |
|
|
| Unexpected finding clearance | 100.0% | `0` unexpected findings, `0` fail, `0` infrastructure_error. |
|
|
| Warning-adjusted normalized case score | 99.1% | `(56 accepted + 0.5 * 1 warning) / 57 normalized cases`. |
|
|
| Strict no-warning normalized case score | 98.2% | `56 accepted / 57 normalized cases`. |
|
|
| Guide Board maturity score | 33.33 | Two of nine mapped capability groups assessed; object/content demonstrated, repository/type partial due local HTTP. |
|
|
| Guide Board coverage | 22.22% | Selected baseline covers `repository-type` and `object-content` only. |
|
|
|
|
Digest versus `run-20260514T002933Z`:
|
|
|
|
- `object-content` improved from warning to pass.
|
|
- The folder child-order warning is closed by deterministic `cmis:name`
|
|
ordering.
|
|
- The remaining warning is unchanged: local loopback HTTP rather than HTTPS.
|
|
|
|
Digest versus `run-20260513T223537Z`:
|
|
|
|
- Selected-baseline infrastructure score remains `99.1%`.
|
|
- `object-content` remains pass.
|
|
- The persisted baseline now reflects `capabilityOrderBy=common`.
|
|
|
|
## Interpretation
|
|
|
|
The selected OpenCMIS Browser Binding baseline remains release-ready for a
|
|
controlled `0.1.0` preview. The engine demonstrates stable repository/type and
|
|
object/content behavior through the external OpenCMIS harness.
|
|
|
|
The remaining warning is a deployment topology issue, not a CMIS adapter
|
|
behavior failure. Released access points must run behind HTTPS termination;
|
|
local loopback harness runs may accept the warning as an environment condition.
|
|
|
|
This evidence still does not claim full CMIS 1.1 certification. It does not
|
|
cover AtomPub, Web Services, PWC/checkin/checkout, full CMIS SQL, renditions,
|
|
retention/hold, policy mutation, or the non-selected OpenCMIS TCK groups.
|