Release/v1.6.0 consolidation#49
Merged
antonygiomarxdev merged 22 commits intomainfrom May 1, 2026
Merged
Conversation
Add integration tests for tenant isolation and audit trail completeness: - concurrent_isolation.rs: concurrent push/pull cross-tenant isolation - audit_completeness.rs: boundary violation audit records - audit_trail_completeness.rs: persistent audit for all rejection paths - read_filter_enforcement.rs: fix assertion for checkpoint scope
Add integration tests for anomaly detection and containment: - anomaly_signals.rs: anomaly hooks, containment gate on pull/promote - sync/client.rs: add promote/promote_scoped methods for test coverage
Add structural tests for OTel observability wiring: - opentelemetry_contract.rs: metrics struct wiring, handler integration
…10, #12, #22) Core server changes across multiple features: - process_pull: return audit records for cross-tenant/node mismatch (#10) - process_push/process_promote: persist audit on all rejection paths (#12) - index_mutation/build_scoped_indexes: exclude __governance_audit from checkpoints (#12) - ServerState: add metrics slot with with_metrics() constructor (#22) - handle_push/pull/promote/retrieve: record OTel metrics (#22) - Add RangoMetrics with counters for push/pull/promote/retrieval/rejection (#22)
Add docs/operations/observability.md with metric catalog, span taxonomy, cardinality budget, and exporter configuration. chore(gitignore): ignore proptest-regressions artifacts
Add Criterion-based adversarial benchmarks with deterministic seeds: - poisoning_rejection_latency: measure write_path latency for low-trust - cross_tenant_leak_check: verify zero mutations leak across tenant boundaries - replay_determinism: snapshot + replay produces identical checkpoint - push_throughput, pull_latency, audit_persistence: hot-path benchmarks Infrastructure: - Convert workspace root to package+workspace for bench hosting - Add benches/fixtures/adversarial_seeds.json with committed seeds - Make ServerState methods pub for benchmark access
Add rango-python crate with PyO3 + maturin: - PyRangoClient: connect, insert_one, find_one, find_many, update_one, delete_one - Automatic storage/oplog creation (RedbStorage + FileOplog) - DX-friendly update wrapping (auto- for dicts without operators) - Flexible ID parsing (UUID, ObjectId, or string fallback) - Python sugar layer in rango/__init__.py with Mapping[str, object] types - .pyi stubs for IDE autocomplete - 11 integration tests covering CRUD + multi-collection isolation - maturin develop/build support
Add DegradingStorage wrapper that monitors disk space and degrades to read-only: - Rejects writes with clear error when available space < threshold (default 100MB) - Reads continue to work during degradation - Auto-recovers when space frees up - Configurable check interval to amortize fs2 calls - Custom space checker injection for deterministic testing - 4 unit tests: pass-through reads, reject writes, recover, delete blocked - Python binding now uses DegradingStorage by default
…dapters (#14) Expand adapter traits with health_check() and adapter_name(): - VectorRetrievalAdapter: query_vector + health_check + adapter_name - GraphRetrievalAdapter: query_graph + health_check + adapter_name - AdapterErrorKind: add NotConfigured variant - Document contract requirements (tenant isolation, parameterized queries, signals) Reference implementations: - QdrantAdapter with filter_scope helper and health check - Neo4jAdapter with parameterized_cypher() helper - AdapterCapabilities fallback with descriptive names Conformance tests (9 tests): - Tenant/namespace scoping - Parameterized Cypher validation (no string concat) - Ranking signals presence - Error kind correctness - Health check behavior - Adapter naming Docs: docs/design/adapter-contracts.md with full contract spec
Add rango-node crate with napi-rs: - RangoClient: connect, insertOne, findOne, findMany, updateOne, deleteOne - JSON string interface for document serialization (type-safe via TS wrapper) - DegradingStorage integration by default - Auto- wrapping for updates without operators - TypeScript wrapper in rango.ts with Collection class - Type definitions in index.d.ts - Jest tests covering CRUD operations
Add ango audit subcommand for governance trail reporting: - Reads __governance_audit entries from oplog - Filters by tenant_id, namespace - Supports text, json, and csv output formats - Shows seq, timestamp, collection, op, tenant, namespace, write_id Tests: - audit_command_shows_help - audit_on_empty_workspace_reports_no_entries
- Update CHANGELOG.md with v0.2.0 release notes - Bump workspace version from 0.1.0 to 0.2.0 - Bump Python binding version to 0.2.0 - Bump Node.js binding version to 0.2.0
- Add trigger for release/* branches - Add Python binding job (build + test on 3 OSes) - Add Node.js binding job (build on 3 OSes) - Add benchmark compile check job - Fix clippy to fail on warnings (-D warnings) - Fix checkout action version consistency (v5 everywhere)
- Fix formatting across workspace (cargo fmt --all) - Allow clippy::too_many_arguments on promote_scoped - Add connection_up/down methods to RangoMetrics to eliminate dead_code warning - Update CI: use pip3/python3, maturin build on all platforms, tests only on Ubuntu
- deny.toml: allow async-std transitive via opentelemetry_sdk; ignore RUSTSEC-2025-0052 - ci.yml: setup Python 3.12 in test matrix for PyO3 compatibility on macOS - ci.yml: use pip install wheel instead of maturin develop in python-binding job - ci.yml: add checks:write permission to security audit job
- deny.toml: remove async-std from deny list (transitive via opentelemetry_sdk) - ci.yml: use venv + maturin develop for python tests on ubuntu
There was a problem hiding this comment.
Pull request overview
This PR consolidates the v0.2.0 release work across the Rust workspace, introducing governance/audit trail persistence, observability (OTel metrics + health endpoints), new retrieval adapter contracts, graceful storage degradation, SDK bindings (Python/Node), and an adversarial benchmark suite.
Changes:
- Add server-side audit persistence + expanded integration tests/benchmarks for isolation/audit/anomaly scenarios.
- Introduce OpenTelemetry metrics wiring and
/health+/readyendpoints, plus adapter contract docs/tests. - Add Python (PyO3/maturin) and Node.js (napi-rs) bindings, and update CI/workspace packaging for release.
Reviewed changes
Copilot reviewed 45 out of 48 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
src/lib.rs |
Adds workspace-root crate docs for benchmarks/fixtures. |
docs/operations/observability.md |
Defines the OTel metric + span contract and cardinality budget. |
docs/design/adapter-contracts.md |
Documents adapter capability requirements and conformance expectations. |
deny.toml |
Adjusts cargo-deny bans/ignores for new transitive deps. |
crates/sync/src/client.rs |
Adds promote client calls (scoped + default-scoped). |
crates/storage/src/lib.rs |
Exposes new degrading storage wrapper module. |
crates/storage/src/degrading.rs |
Implements disk-space-based write degradation wrapper + unit tests. |
crates/storage/Cargo.toml |
Adds fs2 dependency for disk space checks. |
crates/server/tests/read_filter_enforcement.rs |
Updates checkpoint assertion semantics around audit entries. |
crates/server/tests/opentelemetry_contract.rs |
Adds structural wiring tests for metrics + handlers. |
crates/server/tests/health_endpoints.rs |
Adds tests for /health and /ready handlers. |
crates/server/tests/concurrent_isolation.rs |
Adds concurrent tenant/namespace isolation integration test. |
crates/server/tests/audit_trail_completeness.rs |
Verifies rejected operations persist durable audit records. |
crates/server/tests/audit_completeness.rs |
Ensures boundary violations produce audit evidence + counters. |
crates/server/tests/anomaly_signals.rs |
Adds tests for anomaly signal hooks + containment behavior. |
crates/server/tests/adapter_conformance_contract.rs |
Adds adapter contract conformance tests. |
crates/server/src/routes.rs |
Adds metrics wiring, health endpoints, and audit persistence on rejects; prevents audit entries from advancing checkpoints. |
crates/server/src/retrieval/adapters.rs |
Extends adapter traits (health check + names) + adds reference adapters. |
crates/server/src/observability.rs |
Introduces RangoMetrics and test meter provider helper. |
crates/server/src/main.rs |
Adds configurable tracing init (level + JSON formatting). |
crates/server/src/lib.rs |
Wires health/ready routes and exports observability module. |
crates/server/Cargo.toml |
Adds OTel deps + json tracing subscriber feature; adjusts dev-deps. |
crates/python/tests/test_crud.py |
Adds Python binding CRUD integration tests. |
crates/python/src/lib.rs |
Implements PyO3 binding layer for CRUD + ID parsing. |
crates/python/rango/__init__.pyi |
Adds Python typing stubs for the wrapper API. |
crates/python/rango/__init__.py |
Adds Pythonic wrapper around the Rust core module. |
crates/python/pyproject.toml |
Adds maturin-based Python packaging metadata. |
crates/python/README.md |
Documents Python binding usage and development workflow. |
crates/python/Cargo.toml |
Adds rango-python cdylib crate definition and deps. |
crates/python/.gitignore |
Adds Python-specific ignore patterns. |
crates/node/src/lib.rs |
Implements napi-rs binding layer for CRUD + ID parsing. |
crates/node/rango.ts |
Adds TS wrapper API over the native binding. |
crates/node/package.json |
Adds Node package metadata + build/test scripts. |
crates/node/index.d.ts |
Adds TypeScript type definitions for the binding and wrapper. |
crates/node/build.rs |
Adds napi build setup script. |
crates/node/__tests__/crud.test.js |
Adds Jest CRUD tests for the Node binding. |
crates/node/README.md |
Documents Node binding usage and development workflow. |
crates/node/Cargo.toml |
Adds rango-node cdylib crate definition and deps. |
crates/cli/tests/audit_command.rs |
Adds CLI tests for new audit subcommand. |
crates/cli/src/main.rs |
Adds rango audit report command (text/json/csv). |
benches/fixtures/adversarial_seeds.json |
Adds deterministic seeds for adversarial benchmarks. |
benches/adversarial.rs |
Adds Criterion adversarial benchmark suite. |
benches/README.md |
Documents benchmark suite purpose and usage. |
Cargo.toml |
Converts workspace root into a package for benches; bumps workspace version; adds bench target. |
Cargo.lock |
Updates lockfile for new crates/deps (OTel, bindings, etc.). |
CHANGELOG.md |
Adds v0.2.0 release notes and updated compare links. |
.gitignore |
Adds ignore rule for proptest regression artifacts. |
.github/workflows/ci.yml |
Expands CI triggers and adds Python/Node binding build jobs + bench compile check. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
ci: ignore RUSTSEC-2025-0052 (async-std unmaintained, transitive via opentelemetry_sdk)
- concurrent_isolation: use !is_empty() instead of len() >= 1 - opentelemetry_contract: remove assert!(true) and prefix unused var - health_endpoints: use BrokenOplog instead of BrokenOplog::default()
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Motivation
Changes
Testing
Checklist
cargo fmt --allpassescargo clippy --workspace --all-targets --all-features -- -D warningspassescargo test --workspacepassescargo deny checkpasses