textus 0.20.2 → 0.26.0

data/lib/textus/manifest/entry/validators/format_matrix.rb

@@ -14,12 +14,13 @@ module Textus
               raise UsageError.new("entry '#{entry.key}': text format must not declare a schema")
             end
 
-            has_template = entry.respond_to?(:template) && !entry.template.nil?
-            is_external   = entry.derived? && entry.external?
-            return unless entry.in_generator_zone? && !has_template && !is_external &&
+            has_template = !entry.template.nil?
+            is_external  = entry.derived? && entry.external?
+            is_intake    = entry.intake?
+            return unless entry.in_generator_zone? && !has_template && !is_external && !is_intake &&
                           %w[markdown text].include?(entry.format) && !entry.nested?
 
-            raise UsageError.new("entry '#{entry.key}': derived #{entry.format} entries require a template")
+            raise UsageError.new("entry '#{entry.key}': #{entry.format} entries in a generator zone require a template")
           end
         end
       end

data/lib/textus/manifest/entry/validators/index_filename.rb

@@ -4,7 +4,8 @@ module Textus
       module Validators
         module IndexFilename
           def self.call(entry)
-            index_filename = entry.respond_to?(:index_filename) ? entry.index_filename : entry.raw["index_filename"]
+            # Use raw to detect misuse on non-nested entries (typed attr stubs nil on Base).
+            index_filename = entry.nested? ? entry.index_filename : entry.raw["index_filename"]
             return if index_filename.nil?
 
             check_shape!(entry, index_filename)

data/lib/textus/manifest/entry/validators/inject_boot.rb

@@ -0,0 +1,19 @@
+module Textus
+  class Manifest
+    class Entry
+      module Validators
+        module InjectBoot
+          def self.call(entry)
+            return unless entry.inject_boot
+
+            raise UsageError.new("entry '#{entry.key}': inject_boot: is only valid on derived entries") unless entry.in_generator_zone?
+
+            return unless entry.template.nil?
+
+            raise UsageError.new("entry '#{entry.key}': inject_boot: requires a template:")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/textus/manifest/entry/validators/publish_each.rb

@@ -7,13 +7,14 @@ module Textus
           VAR_RE = /\{([a-z]+)\}/
           REQUIRED_DISCRIMINATOR_VARS = %w[leaf basename key].freeze
 
-          def self.call(entry) # rubocop:disable Metrics/AbcSize
-            publish_each = entry.respond_to?(:publish_each) ? entry.publish_each : entry.raw["publish_each"]
+          def self.call(entry)
+            # Use raw to detect misuse on non-nested entries (typed attr stubs nil on Base).
+            publish_each = entry.nested? ? entry.publish_each : entry.raw["publish_each"]
             return if publish_each.nil?
 
             raise UsageError.new("entry '#{entry.key}': publish_each requires nested: true") unless entry.nested?
 
-            publish_to = entry.respond_to?(:publish_to) ? entry.publish_to : Array(entry.raw["publish_to"])
+            publish_to = entry.publish_to
             raise UsageError.new("entry '#{entry.key}': publish_to and publish_each are mutually exclusive") unless publish_to.empty?
             raise UsageError.new("entry '#{entry.key}': publish_each must be a string") unless publish_each.is_a?(String)
 

data/lib/textus/manifest/entry/validators.rb

@@ -5,7 +5,7 @@ module Textus
         REGISTERED = [
           Events,
           PublishEach,
-          InjectIntro,
+          InjectBoot,
           IndexFilename,
           FormatMatrix,
         ].freeze

data/lib/textus/manifest/entry.rb

@@ -5,6 +5,9 @@ module Textus
       # constants on Entry. Canonical source is the PublishEach validator.
       PUBLISH_EACH_VARS = Validators::PublishEach::KNOWN_VARS
       PUBLISH_EACH_VAR_RE = Validators::PublishEach::VAR_RE
+
+      # Populated by each Entry::* subclass at load time.
+      REGISTRY = {}
     end
   end
 end

data/lib/textus/manifest/policy.rb

@@ -0,0 +1,48 @@
+module Textus
+  class Manifest
+    # Authority over zones and roles derived from a Manifest::Data snapshot.
+    # Encapsulates the lookups previously living on Manifest itself
+    # (zone_writers, zone_kinds, permission_for, role_kind, roles_with_kind).
+    class Policy
+      def initialize(data)
+        @data = data
+        @zone_kinds_cache = {}
+      end
+
+      def zone_writers(zone_name)
+        @data.zones[zone_name] or raise UsageError.new("undeclared zone '#{zone_name}'")
+      end
+
+      def zone_readers
+        @data.zone_readers
+      end
+
+      def permission_for(zone_name)
+        Textus::Domain::Permission.new(
+          zone: zone_name,
+          write_policy: zone_writers(zone_name),
+          read_policy: @data.zone_readers[zone_name] || :all,
+        )
+      end
+
+      def zone_kinds(zone_name)
+        @zone_kinds_cache[zone_name] ||= zone_writers(zone_name).each_with_object(Set.new) do |w, acc|
+          k = role_kind(w)
+          acc << k if k
+        end.freeze
+      end
+
+      def role_mapping
+        @data.role_mapping
+      end
+
+      def role_kind(name)
+        @data.role_mapping[name]
+      end
+
+      def roles_with_kind(kind)
+        @data.role_mapping.each_with_object([]) { |(name, k), acc| acc << name if k == kind }
+      end
+    end
+  end
+end

data/lib/textus/manifest/resolver.rb

@@ -1,19 +1,19 @@
 module Textus
   class Manifest
     class Resolver
-      Resolution = Data.define(:entry, :path, :remaining)
+      Resolution = ::Data.define(:entry, :path, :remaining)
 
-      def initialize(manifest)
-        @manifest = manifest
+      def initialize(data)
+        @data = data
       end
 
       def resolve(key)
-        @manifest.validate_key!(key)
+        @data.validate_key!(key)
         segments = key.split(".")
-        candidates = @manifest.entries
-                              .map { |e| [e, e.key.split(".")] }
-                              .select { |(_, esegs)| esegs == segments[0, esegs.length] }
-                              .sort_by { |(_, esegs)| -esegs.length }
+        candidates = @data.entries
+                          .map { |e| [e, e.key.split(".")] }
+                          .select { |(_, esegs)| esegs == segments[0, esegs.length] }
+                          .sort_by { |(_, esegs)| -esegs.length }
         raise UnknownKey.new(key, suggestions: suggestions_for(key)) if candidates.empty?
 
         entry, esegs = candidates.first
@@ -23,7 +23,7 @@ module Textus
 
       def suggestions_for(key)
         candidates = enumerate.map { |r| r[:key] }
-        candidates.concat(@manifest.entries.reject { |e| nested_entry?(e) }.map(&:key))
+        candidates.concat(@data.entries.reject { |e| nested_entry?(e) }.map(&:key))
         candidates.uniq!
         Key::Distance.suggest(key, candidates, limit: 5)
       rescue StandardError
@@ -31,7 +31,7 @@ module Textus
       end
 
       def enumerate(prefix: nil)
-        out = @manifest.entries.flat_map { |entry| nested_entry?(entry) ? enumerate_nested(entry) : enumerate_leaf(entry) }
+        out = @data.entries.flat_map { |entry| nested_entry?(entry) ? enumerate_nested(entry) : enumerate_leaf(entry) }
         out.select! { |row| row[:key] == prefix || row[:key].start_with?("#{prefix}.") } if prefix
         out.sort_by { |row| row[:key] }
       end
@@ -42,7 +42,7 @@ module Textus
       # entry with nested: true in the raw YAML — e.g. Intake entries covering
       # a directory of leaf files).
       def nested_entry?(entry)
-        entry.is_a?(Textus::Manifest::Entry::Nested) || entry.raw["nested"] == true
+        entry.nested?
       end
 
       def build_resolution(entry, remaining, key)
@@ -51,12 +51,12 @@ module Textus
         else
           raise UnknownKey.new(key, suggestions: suggestions_for(key)) unless nested_entry?(entry)
 
-          index_fn = entry.respond_to?(:index_filename) ? entry.index_filename : nil
+          index_fn = entry.index_filename
           path = if index_fn
-                   File.join(@manifest.root, "zones", entry.path, *remaining, index_fn)
+                   File.join(@data.root, "zones", entry.path, *remaining, index_fn)
                  else
                    primary_ext = Textus::Entry.for_format(entry.format).extensions.first
-                   File.join(@manifest.root, "zones", entry.path, *remaining) + primary_ext
+                   File.join(@data.root, "zones", entry.path, *remaining) + primary_ext
                  end
           Resolution.new(entry: entry, path: path, remaining: remaining)
         end
@@ -68,17 +68,17 @@ module Textus
       end
 
       def enumerate_nested(entry)
-        base = File.join(@manifest.root, "zones", entry.path)
+        base = File.join(@data.root, "zones", entry.path)
         return [] unless File.directory?(base)
 
-        entry_index_filename = entry.respond_to?(:index_filename) ? entry.index_filename : nil
+        entry_index_filename = entry.index_filename
         glob_pattern = entry_index_filename ? "**/#{entry_index_filename}" : nested_glob(entry.format)
         Dir.glob(File.join(base, glob_pattern)).filter_map { |path| nested_row_for(entry, base, path) }
       end
 
       def nested_row_for(entry, base, path)
         rel = path.sub(%r{\A#{Regexp.escape(base)}/?}, "")
-        entry_if = entry.respond_to?(:index_filename) ? entry.index_filename : nil
+        entry_if = entry.index_filename
         stripped = entry_if ? File.dirname(rel) : rel.sub(/#{Regexp.escape(File.extname(rel))}\z/, "")
         segs = stripped.split("/").reject { |s| s.empty? || s == "." }
         return nil if segs.empty?
@@ -101,7 +101,7 @@ module Textus
       end
 
       def resolve_leaf_path(entry)
-        Textus::Key::Path.resolve(@manifest, entry)
+        Textus::Key::Path.resolve(@data, entry)
       end
 
       def nested_glob(format)

data/lib/textus/manifest/rules.rb

@@ -1,7 +1,7 @@
 module Textus
   class Manifest
     class Rules
-      RuleSet = Data.define(:refresh, :handler_allowlist, :promote, :retention)
+      RuleSet = ::Data.define(:refresh, :handler_allowlist, :promote, :retention)
       EMPTY_SET = RuleSet.new(refresh: nil, handler_allowlist: nil, promote: nil, retention: nil)
 
       def self.parse(raw)

data/lib/textus/manifest/schema.rb

@@ -1,14 +1,14 @@
 module Textus
   class Manifest
     module Schema
-      ROOT_KEYS    = %w[version roles zones entries rules].freeze
+      ROOT_KEYS    = %w[version roles zones entries rules audit].freeze
       ROLE_KEYS    = %w[name kind].freeze
       ROLE_KINDS   = %w[accept_authority generator proposer runner].freeze
       ZONE_KEYS    = %w[name write_policy read_policy].freeze
       ENTRY_KEYS   = %w[
         key path zone kind schema owner nested format
         compute template publish_to publish_each
-        intake events inject_intro index_filename
+        intake events inject_boot index_filename
       ].freeze
       COMPUTE_KEYS = %w[kind select pluck sort_by limit transform command sources].freeze
       INTAKE_KEYS  = %w[handler config].freeze
@@ -16,22 +16,37 @@ module Textus
       REFRESH_KEYS = %w[ttl on_stale sync_budget_ms fetch_timeout_seconds].freeze
       FETCH_TIMEOUT_SECONDS_CEILING = 3600
       PROMOTION_KEYS = %w[requires].freeze
+      AUDIT_KEYS     = %w[max_size keep].freeze
 
       def self.validate!(raw)
         raise BadManifest.new("manifest must be a hash") unless raw.is_a?(Hash)
 
         walk(raw, ROOT_KEYS, "$")
         validate_roles!(raw["roles"])
-        Array(raw["zones"]).each_with_index do |z, i|
+        validate_zones!(raw["zones"])
+        validate_entries!(raw["entries"])
+        validate_rules!(raw["rules"])
+        walk(raw["audit"], AUDIT_KEYS, "$.audit") if raw["audit"].is_a?(Hash)
+        validate_zone_writers_declared!(raw)
+      end
+
+      def self.validate_zones!(zones)
+        Array(zones).each_with_index do |z, i|
           walk(z, ZONE_KEYS, "$.zones[#{i}]")
         end
-        Array(raw["entries"]).each_with_index do |e, i|
+      end
+
+      def self.validate_entries!(entries)
+        Array(entries).each_with_index do |e, i|
           path = "$.entries[#{i}]"
           walk(e, ENTRY_KEYS, path)
           walk(e["compute"], COMPUTE_KEYS, "#{path}.compute") if e["compute"].is_a?(Hash)
           walk(e["intake"], INTAKE_KEYS, "#{path}.intake") if e["intake"].is_a?(Hash)
         end
-        Array(raw["rules"]).each_with_index do |r, i|
+      end
+
+      def self.validate_rules!(rules)
+        Array(rules).each_with_index do |r, i|
           path = "$.rules[#{i}]"
           walk(r, RULE_KEYS, path)
           if r["refresh"].is_a?(Hash)
@@ -40,7 +55,6 @@ module Textus
           end
           walk(r["promotion"], PROMOTION_KEYS, "#{path}.promotion") if r["promotion"].is_a?(Hash)
         end
-        validate_zone_writers_declared!(raw)
       end
 
       def self.validate_zone_writers_declared!(raw)

data/lib/textus/manifest.rb

@@ -1,117 +1,69 @@
 require "yaml"
+
+module Textus
+  # Manifest is the composition record for a parsed manifest. It bundles
+  # four collaborators:
+  #
+  #   * data     — frozen value: raw, root, zones, entries, audit_config, role_mapping
+  #   * resolver — resolves keys → entry + path
+  #   * policy   — zone/role authority (zone_writers, zone_kinds, permission_for, …)
+  #   * rules    — match-block rule engine (refresh, handler allowlist, promotion, …)
+  #
+  # Use `manifest.data.entries`, `manifest.policy.zone_kinds(z)`, etc.
+  Manifest = Data.define(:data, :resolver, :policy, :rules)
+end
+
 require_relative "manifest/schema"
+require_relative "manifest/data"
+require_relative "manifest/policy"
 require_relative "manifest/resolver"
 require_relative "manifest/role_kinds"
 
-module Textus
+# Reopen Textus::Manifest (defined above as a Data.define) to attach
+# class-level loaders and helpers.
+module Textus # rubocop:disable Style/OneClassPerFile
   class Manifest
-    attr_reader :root, :entries, :raw
-
-    def zones
-      @zones ||= Array(@raw["zones"]).to_h { |z| [z["name"], Array(z["write_policy"])] }
-    end
-
-    def zone_readers
-      @zone_readers ||= Array(@raw["zones"]).to_h do |z|
-        rp = z["read_policy"]
-        [z["name"], rp.nil? ? :all : Array(rp)]
+    class << self
+      def parse(yaml_text, root: ".")
+        raw = YAML.safe_load(yaml_text, aliases: false)
+        check_version!(raw, "<string>")
+        build(raw, root)
       end
-    end
 
-    def zone_writers(zone_name)
-      zones[zone_name] or raise UsageError.new("undeclared zone '#{zone_name}'")
-    end
+      def load(root)
+        manifest_path = File.join(root, "manifest.yaml")
+        raise IoError.new("manifest not found: #{manifest_path}") unless File.exist?(manifest_path)
 
-    def permission_for(zone_name)
-      Textus::Domain::Permission.new(
-        zone: zone_name,
-        write_policy: zone_writers(zone_name),
-        read_policy: zone_readers[zone_name] || :all,
-      )
-    end
-
-    def role_mapping
-      @role_mapping ||= RoleKinds.resolve(@raw["roles"])
-    end
-
-    def role_kind(name)
-      role_mapping[name]
-    end
-
-    def roles_with_kind(kind)
-      role_mapping.each_with_object([]) { |(name, k), acc| acc << name if k == kind }
-    end
-
-    def zone_kinds(zone_name)
-      @zone_kinds_cache ||= {}
-      @zone_kinds_cache[zone_name] ||= zone_writers(zone_name).each_with_object(Set.new) do |w, acc|
-        k = role_kind(w)
-        acc << k if k
-      end.freeze
-    end
-
-    def self.parse(yaml_text, root: ".")
-      raw = YAML.safe_load(yaml_text, aliases: false)
-      check_version!(raw, "<string>")
-      new(root, raw)
-    end
-
-    def self.load(root)
-      manifest_path = File.join(root, "manifest.yaml")
-      raise IoError.new("manifest not found: #{manifest_path}") unless File.exist?(manifest_path)
-
-      raw = YAML.safe_load_file(manifest_path, aliases: false)
-      check_version!(raw, manifest_path)
-      new(root, raw)
-    end
-
-    def self.check_version!(raw, source)
-      return if raw["version"] == PROTOCOL
-
-      raise BadFrontmatter.new(
-        source,
-        "unsupported manifest version #{raw["version"].inspect}; expected #{PROTOCOL.inspect}",
-      )
-    end
-    private_class_method :check_version!
-
-    def initialize(root, raw)
-      @root = root
-      @raw = raw
-      raise BadFrontmatter.new(File.join(root, "manifest.yaml"), "manifest must declare zones:") if Array(raw["zones"]).empty?
-
-      Schema.validate!(raw)
-
-      @entries = Array(raw["entries"]).map do |e|
-        entry = Manifest::Entry::Parser.call(self, e)
-        Manifest::Entry::Validators.run_all(entry)
-        entry
+        raw = YAML.safe_load_file(manifest_path, aliases: false)
+        check_version!(raw, manifest_path)
+        build(raw, root)
       end
-      validate_declared_keys!
-    end
 
-    def rules
-      @rules ||= Textus::Manifest::Rules.parse(@raw["rules"] || [])
-    end
-
-    def rules_for(key)
-      rules.for(key)
-    end
-
-    def resolver
-      @resolver ||= Resolver.new(self)
-    end
-
-    def validate_key!(key)
-      raise UsageError.new("empty key") if key.nil? || key.empty?
-
-      Key::Grammar.validate!(key)
-    end
+      private
+
+      def build(raw, root)
+        data = Manifest::Data.parse(raw, root: root)
+        composition = new(
+          data: data,
+          resolver: Manifest::Resolver.new(data),
+          policy: data.policy,
+          rules: Manifest::Rules.parse(raw["rules"] || []),
+        )
+        # Re-point entries' back-reference from Data to the composition
+        # record. Entries call `@manifest.policy.*` / `@manifest.resolver.*`
+        # at use time (see Entry::Base, Entry::Nested).
+        data.entries.each { |e| e.instance_variable_set(:@manifest, composition) }
+        composition
+      end
 
-    private
+      def check_version!(raw, source)
+        return if raw["version"] == PROTOCOL
 
-    def validate_declared_keys!
-      @entries.each { |e| validate_key!(e.key) }
+        raise BadFrontmatter.new(
+          source,
+          "unsupported manifest version #{raw["version"].inspect}; expected #{PROTOCOL.inspect}",
+        )
+      end
     end
   end
 end

data/lib/textus/mcp/errors.rb

@@ -0,0 +1,32 @@
+module Textus
+  module MCP
+    # Manifest fingerprint changed mid-session. Client should re-boot.
+    class ContractDrift < Textus::Error
+      JSONRPC_CODE = -32_001
+
+      def initialize(message, details: {})
+        super("contract_drift", message, details: details)
+      end
+    end
+
+    # Audit cursor fell off the keep window. Client should re-boot and
+    # resume from the new latest_seq.
+    class CursorExpired < Textus::Error
+      JSONRPC_CODE = -32_002
+
+      def initialize(message, details: {})
+        super("cursor_expired", message, details: details)
+      end
+    end
+
+    # Tool execution failed (validation, authorization, IO). Wraps an
+    # underlying Textus::Error or generic StandardError.
+    class ToolError < Textus::Error
+      JSONRPC_CODE = -32_000
+
+      def initialize(message, details: {})
+        super("tool_error", message, details: details)
+      end
+    end
+  end
+end

data/lib/textus/mcp/server.rb

@@ -0,0 +1,127 @@
+require "json"
+require "digest"
+
+module Textus
+  module MCP
+    # Stdio JSON-RPC 2.0 server speaking MCP draft 2024-11-05. One line per
+    # message (NDJSON). Holds a single Session for the lifetime of stdin.
+    class Server
+      PROTOCOL_VERSION = "2024-11-05"
+      SERVER_INFO = { "name" => "textus", "version" => Textus::VERSION }.freeze
+
+      def initialize(store:, stdin: $stdin, stdout: $stdout, role: Textus::Role::DEFAULT)
+        @store   = store
+        @stdin   = stdin
+        @stdout  = stdout
+        @role    = role
+        @session = nil
+      end
+
+      def run
+        @stdin.each_line do |line|
+          line = line.strip
+          next if line.empty?
+
+          handle_line(line)
+        end
+      end
+
+      private
+
+      def handle_line(line)
+        msg = JSON.parse(line)
+      rescue JSON::ParserError => e
+        emit_error(nil, -32_700, "parse error: #{e.message}")
+      else
+        dispatch(msg)
+      end
+
+      def dispatch(msg)
+        rid = msg["id"]
+        case msg["method"]
+        when "initialize"                then handle_initialize(rid, msg["params"] || {})
+        when "tools/list"                then handle_tools_list(rid)
+        when "tools/call"                then handle_tools_call(rid, msg["params"] || {})
+        when "ping"                      then emit_result(rid, {})
+        when "shutdown"                  then emit_result(rid, nil)
+        when "notifications/initialized" then nil
+        else emit_error(rid, -32_601, "method not found: #{msg["method"]}")
+        end
+      end
+
+      def handle_initialize(rid, _params)
+        proposer = @store.manifest.policy.roles_with_kind(:proposer).first
+        propose_zone = nil
+        if proposer
+          @store.manifest.data.zones.each do |zname, writers|
+            if writers.include?(proposer) && zname.include?("review")
+              propose_zone = zname
+              break
+            end
+          end
+        end
+
+        @session = Session.new(
+          role: @role,
+          cursor: @store.audit_log.latest_seq,
+          propose_zone: propose_zone,
+          manifest_etag: manifest_etag,
+        )
+
+        emit_result(rid, {
+                      "protocolVersion" => PROTOCOL_VERSION,
+                      "serverInfo" => SERVER_INFO,
+                      "capabilities" => { "tools" => {} },
+                    })
+      end
+
+      def handle_tools_list(rid)
+        emit_result(rid, { "tools" => ToolSchemas.all })
+      end
+
+      def handle_tools_call(rid, params)
+        unless @session
+          emit_error(rid, -32_002, "session not initialized; call 'initialize' first")
+          return
+        end
+
+        @session.check_etag!(manifest_etag)
+
+        name = params["name"]
+        args = params["arguments"] || {}
+        result = Tools.call(name, session: @session, store: @store, args: args)
+        @session = @session.advance_cursor(@store.audit_log.latest_seq) if name == "tick"
+
+        emit_result(rid, {
+                      "content" => [{ "type" => "text", "text" => JSON.dump(result) }],
+                      "isError" => false,
+                    })
+      rescue ContractDrift => e
+        emit_error(rid, ContractDrift::JSONRPC_CODE, e.message)
+      rescue CursorExpired => e
+        emit_error(rid, CursorExpired::JSONRPC_CODE, e.message)
+      rescue ToolError => e
+        emit_error(rid, ToolError::JSONRPC_CODE, e.message)
+      rescue StandardError => e
+        emit_error(rid, -32_603, "internal: #{e.class}: #{e.message}")
+      end
+
+      def manifest_etag
+        Digest::SHA256.hexdigest(File.read(File.join(@store.root, "manifest.yaml")))
+      end
+
+      def emit_result(rid, result)
+        write({ "jsonrpc" => "2.0", "id" => rid, "result" => result })
+      end
+
+      def emit_error(rid, code, message)
+        write({ "jsonrpc" => "2.0", "id" => rid, "error" => { "code" => code, "message" => message } })
+      end
+
+      def write(obj)
+        @stdout.puts(JSON.dump(obj))
+        @stdout.flush
+      end
+    end
+  end
+end

data/lib/textus/mcp/session.rb

@@ -0,0 +1,31 @@
+module Textus
+  module MCP
+    # Per-connection state held by the server. Immutable; advance_cursor
+    # returns a new instance.
+    class Session
+      attr_reader :role, :cursor, :propose_zone, :manifest_etag
+
+      def initialize(role:, cursor:, propose_zone:, manifest_etag:)
+        @role = role
+        @cursor = cursor
+        @propose_zone = propose_zone
+        @manifest_etag = manifest_etag
+      end
+
+      def advance_cursor(new_cursor)
+        self.class.new(
+          role: @role, cursor: new_cursor,
+          propose_zone: @propose_zone, manifest_etag: @manifest_etag
+        )
+      end
+
+      def check_etag!(observed_etag)
+        return if observed_etag == @manifest_etag
+
+        raise ContractDrift.new(
+          "manifest changed (was #{@manifest_etag[0, 8]}, now #{observed_etag[0, 8]}); re-run boot",
+        )
+      end
+    end
+  end
+end