Skip to content
Cinatra Docs

Objects Surface Unification (v6.2)

Milestone v6.2 brings the legacy entity surface in line with the canonical packages/objects/ substrate. Phase 452 (foundation) locks the vocabulary, the contract, and the drift gate. Later phases do the cutovers (453 accounts, 454 contacts, 455 campaigns/dynamic types, 456 asset flip, 457 teardown, 458 verification + the full doc rewrite, 459 auto-mapping).

This page is the Phase-452 pointer; Phase 458 (OSU-VERIFY-04) rewrites the full docs/ai/objects.md + glossary sourced from the taxonomy module.

What Phase 452 shipped

Section titled “What Phase 452 shipped”

  • Code-owned taxonomypackages/objects/src/taxonomy.ts is the single source of truth for the allowed taxa: ObjectCategory, UiFamily, ArtifactStatus, WrapperPrimitive, RbacResourceType (a type-only alias of the authz ResourceType), plus OBJECT_TYPE_FAMILY (the locked typeId→family map) and the domain-namespaced type-id scheme @cinatra-ai/<domain>:<type> (OSU-TYPE-01). ENTITY_TYPE_IDS/ASSET_TYPE_IDS are derived from it in src/lib/register-all-object-types.ts (lockstep — they cannot drift). Lists + agent templates are no longer “entities” (they carry UiFamily list/agent).

  • Canonical objects_* contract locked (OSU-API-01) — legacy aliases removed outright (no compat wrapper, owner PoC mandate): payload (use rawData/data), top-level type on save (use typeHint), and the composite { type, id } / bare { id } identity (use objects_get({ objectId })). The save/get/update/ delete/classify schemas are .strict(); negative tests assert the aliases fail.

  • Session-aware RSC client carries the full actor context (OSU-CLIENT-01) — createSessionObjectsClient(actor: ActorContext) (no orgId-only overload). The translation lives in packages/objects/src/objects-actor-envelope.ts; RSC pages pass await requireActorContext(), system paths build a role-less org-scoped System actor. This lets the objects handlers apply real role/grant authz on reads (role hints flow into enforceResourceAccess; projectGrants into the sealed-room filter).

  • Machine-readable surface inventorysrc/lib/objects/surface-inventory.ts enumerates legacy primitives → canonical replacement (OSU-API-02), raw cinatra.objects access (substrate vs. inventoried bypass), dynamic-type dispositions, the artifact + list consumer surfaces, and the delegated-chat allowlist. It is the MANDATORY source of truth for the drift gate.

  • CI drift gate + tool-count (OSU-DRIFT-01/02) — src/lib/objects/__tests__/objects-surface-drift.test.ts (static source-scan, inventory-backed) fails CI on: taxonomy/lockstep drift, a re-introduced alias or missing .strict(), a NEW raw cinatra.objects bypass outside the allow-list, delegated-chat allowlist drift, or legacy-primitive registration drift. It complements the v6.1 RBAC drift stack (src/lib/authz/__tests__/drift-gate.test.ts), it does not replace it.

  • Carve-out: fail-closed (OSU-CARVE-01) — v6.1’s typed CarveOut registry does not exist in code, so v6.2 commits fail-closed: the drift gate has no carve-out escape hatch; any uninventoried object-surface bypass fails CI.