vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-05-03 05:50:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
Pulse/docs/REPO_BOUNDARY.md
rcourtman 778a2577b6 feat: Pulse v6 release
2026-03-18 16:06:30 +00:00

3.9 KiB
Raw Blame History

Repo Boundary (Pulse v6)

This document defines where code should live as Pulse v6 is finalized.

Ownership map

  1. pulse (public): community/core product runtime and OSS-safe docs.
  2. pulse-enterprise (private): paid in-app implementations (enterprise modules behind interfaces).
  3. pulse-pro (private): backend/business infrastructure (license-server, relay-server, billing/support ops).

Critical migration constraint

pulse-enterprise cannot import pulse/internal/... packages because of Go internal package visibility rules.

To move paid in-app logic out of this public repo, shared contracts must be exposed through pkg/... interfaces first, then implemented privately.

Current promoted contract surface:

  • pkg/licensing (feature/tier constants, entitlement state enums, upgrade URL resolver, upgrade reason matrix, feature-gate interfaces, shared request/response types)
  • pkg/licensing evaluator + entitlement source contracts (for capability/limit checks outside internal/...)
  • pkg/licensing core license model types (Claims, License, LicenseState, LicenseStatus) for cross-repo contract stability
  • pkg/extensions endpoint binding/runtime contracts for private enterprise handler ownership (RBACAdminEndpoints/RBACAdminRuntime, AuditAdminEndpoints/AuditAdminRuntime, SSOAdminEndpoints/SSOAdminRuntime including provider-test + metadata-preview DTO/runtime callbacks, SSO config snapshot/public URL callbacks, SSO mutation callbacks, and SSO CRUD runtime dispatch hooks, ReportingAdminEndpoints/ReportingAdminRuntime including engine/org/error + filename callbacks and DTO-based state/backup runtime callbacks for private enrichment ownership)

Current boundary audit

Run:

./scripts/audit-private-boundary.sh

Enforce full boundary (non-zero exit on production paid-domain private implementation leakage):

./scripts/audit-private-boundary.sh --enforce

Enforce API import boundary only (non-zero exit if any non-test internal/api/*.go imports internal/license/*):

./scripts/audit-private-boundary.sh --enforce-api-imports

Enforce API root import boundary (non-zero exit if any non-test internal/api/*.go imports internal/license):

./scripts/audit-private-boundary.sh --enforce-api-root-imports

Enforce non-API runtime import boundary (non-zero exit if non-test runtime files import internal/license):

./scripts/audit-private-boundary.sh --enforce-nonapi-imports

Enforce API pkg/licensing bridge boundary (non-zero exit if non-test internal/api/*.go imports pkg/licensing outside internal/api/licensing_bridge.go):

./scripts/audit-private-boundary.sh --enforce-api-pkg-licensing-imports

Enforce paid-surface allowlist integrity (non-zero exit if allowlist references missing files):

./scripts/audit-private-boundary.sh --enforce-paid-surface-allowlist

The script reports paid-domain files in two categories:

  • private implementation leakage (must be zero to pass --enforce)
  • allowlisted paid-surface adapters (tracked in scripts/repo-boundary-paid-surface.allowlist)

Broad paid-domain discovery currently covers:

  • internal/license/...
  • paid-focused handlers in internal/api/... (license, entitlement, billing, stripe, hosted, rbac, audit, reporting, sso, conversion)

This is expected until extraction phases complete.

Current milestone:

  • Non-test internal/api/*.go imports of internal/license/*: 0
  • API root imports of internal/license: 0
  • Non-API runtime imports of internal/license: 0
  • Production paid-domain private implementation leakage: 0

Safety requirements during extraction

  1. Keep API contracts stable for current v5/v6 users.
  2. Do not break license.pulserelay.pro behavior.
  3. Keep JWT claim schema compatibility (lid, email, tier, iat, exp when applicable).
  4. Move code in phases with tests green at every step.