feat(nucleus): ADR-010 §2 layer 5 — module config binding & validation#84
Merged
Merged
Conversation
Bind each mounted module's modules.<name>.* config subtree into its typed Module[C].Config, apply default: struct tags, and enforce validate: tags at boot — on both the FromConfigFile builder path and the direct-struct Run path. A misconfigured module fails fast with the new ErrInvalidModuleConfig sentinel; config for an unmounted module is a non-fatal WARN. The modules.* namespace is now accepted by FromConfigFile (exempt from the layer-2 unknown-key guard) and excluded from the /_/config effective snapshot (module fields have no redaction contract); the retained raw subtree is released after binding. Closes the five-layer FromConfigFile validator (layer 4 shipped 2026-05-26). Additive: +1 exported sentinel ErrInvalidModuleConfig (freeze rebaselined +1); no removed or renamed stable symbol. Full iteration loop green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 task
jcsvwinston
added a commit
that referenced
this pull request
May 29, 2026
ADR-010 §2 layer 5 (module config binding/validation) merged to main as 765e486 (PR #84), completing the five-layer FromConfigFile validator. Archive the iteration to docs/iterations/2026-05-29-adr010-layer5.md, reset CURRENT_ITERATION.md to an awaiting-owner-direction stub (backlog carried forward, incl. the new modules.* env-layer deferred item), and refresh HANDOFF.md. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements ADR-010 §2 layer 5 — module-specific configuration binding & validation, the fifth and final layer of the fluent
FromConfigFilevalidator.modules.<name>.*config subtree (YAML/TOML/JSON) is bound into its typedModule[C].Config.default:struct tags fill unset fields (in-package reflection helper — no new dependency);validate:tags are enforced at boot viapkg/validate.nucleus.ErrInvalidModuleConfigsentinel. Config for an unmounted module is a non-fatal WARN.Run(App{})applies defaults + validation only.modules.*namespace is now accepted byFromConfigFile(previously rejected as an unknown key) — exempted from the layer-2 guard in the nucleus loader, deliberately not added toapp.ContractConfigKeyPatterns()(open-ended, module-owned schema).Security
/_/configeffective-config snapshot (arbitrary module fields have no redaction contract).Contract
Additive: +1 exported sentinel
ErrInvalidModuleConfig(freeze baseline rebaselined via the sanctioned mechanism). No removed or renamed stable symbol. Semver: minor.Iteration loop
architect-reviewer PASS · code-reviewer NITS (addressed) · security-auditor WARN (both SHOULDs fixed) · contract-guardian PASS ·
go test ./...+-racegreen · doc-updater + website-curator UPDATED (build + drift guard clean) · changelog-writer Added entry.Test plan
🤖 Generated with Claude Code