@synapsor/runner 0.1.0-alpha.1 → 0.1.0-alpha.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +426 -19
- package/TRADEMARKS.md +23 -0
- package/dist/cli.d.ts +4 -0
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +20 -8723
- package/dist/runner.mjs +12958 -0
- package/docs/README.md +53 -0
- package/docs/app-owned-executors.md +21 -0
- package/docs/cloud-mode.md +24 -0
- package/docs/current-scope.md +24 -0
- package/docs/dependency-license-inventory.md +35 -0
- package/docs/getting-started-own-database.md +460 -0
- package/docs/http-mcp.md +276 -0
- package/docs/licensing.md +36 -0
- package/docs/limitations.md +95 -0
- package/docs/local-mode.md +351 -0
- package/docs/mcp-audit.md +152 -0
- package/docs/mcp-client-setup.md +270 -0
- package/docs/openai-agents-sdk.md +57 -0
- package/docs/recipes.md +61 -0
- package/docs/release-notes.md +158 -0
- package/docs/security-boundary.md +94 -0
- package/docs/troubleshooting-first-run.md +248 -0
- package/docs/use-your-own-database.md +18 -0
- package/docs/writeback-executors.md +220 -0
- package/examples/app-owned-writeback/README.md +120 -0
- package/examples/app-owned-writeback/business-actions.md +221 -0
- package/examples/app-owned-writeback/command-handler.mjs +46 -0
- package/examples/app-owned-writeback/node-fastify-handler.mjs +55 -0
- package/examples/app-owned-writeback/python-fastapi-handler.py +57 -0
- package/examples/dangerous-mcp-tools.json +88 -0
- package/examples/mcp-postgres-billing-app-handler/README.md +82 -0
- package/examples/mcp-postgres-billing-app-handler/app-handler.mjs +197 -0
- package/examples/mcp-postgres-billing-app-handler/docker-compose.yml +13 -0
- package/examples/mcp-postgres-billing-app-handler/schema.sql +59 -0
- package/examples/mcp-postgres-billing-app-handler/scripts/run-demo.sh +99 -0
- package/examples/mcp-postgres-billing-app-handler/seed.sql +39 -0
- package/examples/mcp-postgres-billing-app-handler/synapsor.runner.json +157 -0
- package/examples/openai-agents-http/README.md +64 -0
- package/examples/openai-agents-http/agent.py +54 -0
- package/examples/openai-agents-http/requirements.txt +1 -0
- package/examples/openai-agents-stdio/README.md +66 -0
- package/examples/openai-agents-stdio/agent.py +72 -0
- package/examples/openai-agents-stdio/requirements.txt +1 -0
- package/examples/reference-support-billing-app/README.md +137 -0
- package/examples/reference-support-billing-app/docker-compose.yml +13 -0
- package/examples/reference-support-billing-app/mcp-client.generic.json +11 -0
- package/examples/reference-support-billing-app/schema.sql +68 -0
- package/examples/reference-support-billing-app/scripts/run-demo.sh +7 -0
- package/examples/reference-support-billing-app/seed.sql +33 -0
- package/examples/reference-support-billing-app/synapsor.runner.json +241 -0
- package/fixtures/benchmark/mcp-efficiency.json +53 -0
- package/fixtures/benchmark/mcp-efficiency.txt +25 -0
- package/fixtures/protocol/MANIFEST.json +54 -0
- package/fixtures/protocol/change-set.late-fee-waiver.v1.json +72 -0
- package/fixtures/protocol/execution-receipt.applied.v1.json +14 -0
- package/fixtures/protocol/execution-receipt.conflict.v1.json +15 -0
- package/fixtures/protocol/runner-registration.v1.json +22 -0
- package/fixtures/protocol/writeback-job.late-fee-waiver.v1.json +44 -0
- package/package.json +14 -4
- package/recipes/accounts.trial_extension.json +42 -0
- package/recipes/billing.late_fee_waiver.json +46 -0
- package/recipes/credits.account_credit.json +45 -0
- package/recipes/orders.refund_review.json +57 -0
- package/recipes/support.ticket_resolution.json +51 -0
- package/dist/bin.cjs +0 -13
package/docs/http-mcp.md
ADDED
|
@@ -0,0 +1,276 @@
|
|
|
1
|
+
# HTTP MCP
|
|
2
|
+
|
|
3
|
+
Use HTTP MCP when an app, server-side agent, container, or Python/Node process
|
|
4
|
+
needs to connect to a long-running Synapsor Runner service.
|
|
5
|
+
|
|
6
|
+
Use stdio MCP when a local MCP client such as Claude Desktop, Cursor, or a
|
|
7
|
+
local agent tool can launch Synapsor Runner directly.
|
|
8
|
+
|
|
9
|
+
Synapsor Runner has two HTTP modes:
|
|
10
|
+
|
|
11
|
+
- `mcp serve-streamable-http`: spec-compatible MCP Streamable HTTP. Use this
|
|
12
|
+
when an MCP SDK/client expects `initialize`, session IDs, POST/GET/DELETE, and
|
|
13
|
+
standard HTTP MCP behavior.
|
|
14
|
+
- `mcp serve-http`: a lightweight authenticated JSON-RPC bridge for
|
|
15
|
+
`tools/list`, `tools/call`, and `resources/read`. Use this when your app wants
|
|
16
|
+
simple POST calls or an explicit wrapper around Runner tools.
|
|
17
|
+
|
|
18
|
+
## Start Standard Streamable HTTP MCP
|
|
19
|
+
|
|
20
|
+
```bash
|
|
21
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
|
|
22
|
+
|
|
23
|
+
synapsor-runner mcp serve-streamable-http \
|
|
24
|
+
--host 127.0.0.1 \
|
|
25
|
+
--port 8766 \
|
|
26
|
+
--config ./synapsor.runner.json \
|
|
27
|
+
--store ./.synapsor/local.db \
|
|
28
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
For OpenAI Agents SDK, expose OpenAI-safe aliases because OpenAI function names
|
|
32
|
+
cannot contain dots:
|
|
33
|
+
|
|
34
|
+
```bash
|
|
35
|
+
synapsor-runner mcp serve-streamable-http \
|
|
36
|
+
--host 127.0.0.1 \
|
|
37
|
+
--port 8766 \
|
|
38
|
+
--config ./synapsor.runner.json \
|
|
39
|
+
--store ./.synapsor/local.db \
|
|
40
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
|
|
41
|
+
--alias-mode openai
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
Equivalent unified command:
|
|
45
|
+
|
|
46
|
+
```bash
|
|
47
|
+
synapsor-runner mcp serve \
|
|
48
|
+
--transport streamable-http \
|
|
49
|
+
--host 127.0.0.1 \
|
|
50
|
+
--port 8766 \
|
|
51
|
+
--config ./synapsor.runner.json \
|
|
52
|
+
--store ./.synapsor/local.db \
|
|
53
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
|
|
54
|
+
--alias-mode openai
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
The model sees aliases such as `billing__inspect_invoice`. MCP tool metadata
|
|
58
|
+
still includes `synapsor.canonical_tool_name`, and Runner maps calls back to
|
|
59
|
+
the canonical Synapsor capability such as `billing.inspect_invoice`. Use
|
|
60
|
+
`--alias-mode both` only during migrations where some clients still need
|
|
61
|
+
canonical dotted names.
|
|
62
|
+
|
|
63
|
+
Defaults:
|
|
64
|
+
|
|
65
|
+
```text
|
|
66
|
+
host: 127.0.0.1
|
|
67
|
+
port: 8766
|
|
68
|
+
auth: bearer token required
|
|
69
|
+
cors: disabled
|
|
70
|
+
sessions: in-memory
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
Use `/mcp` as the MCP endpoint. Health is available at `/healthz`.
|
|
74
|
+
|
|
75
|
+
## Start The JSON-RPC Bridge
|
|
76
|
+
|
|
77
|
+
```bash
|
|
78
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
|
|
79
|
+
|
|
80
|
+
synapsor-runner mcp serve-http \
|
|
81
|
+
--host 127.0.0.1 \
|
|
82
|
+
--port 8765 \
|
|
83
|
+
--config ./synapsor.runner.json \
|
|
84
|
+
--store ./.synapsor/local.db \
|
|
85
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
Defaults:
|
|
89
|
+
|
|
90
|
+
```text
|
|
91
|
+
host: 127.0.0.1
|
|
92
|
+
port: 8765
|
|
93
|
+
auth: bearer token required
|
|
94
|
+
cors: disabled
|
|
95
|
+
```
|
|
96
|
+
|
|
97
|
+
Bridge scope: `serve-http` does not implement MCP Streamable HTTP
|
|
98
|
+
`initialize`/session behavior. Standard SDK HTTP MCP clients should use
|
|
99
|
+
`serve-streamable-http` instead.
|
|
100
|
+
|
|
101
|
+
Startup output prints the URL, config path, store path, and token environment
|
|
102
|
+
variable name. It does not print token values or database URLs.
|
|
103
|
+
|
|
104
|
+
## Health Check
|
|
105
|
+
|
|
106
|
+
```bash
|
|
107
|
+
curl -i http://127.0.0.1:8766/healthz
|
|
108
|
+
curl -i http://127.0.0.1:8765/healthz
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
The health endpoint is secret-free:
|
|
112
|
+
|
|
113
|
+
```json
|
|
114
|
+
{
|
|
115
|
+
"ok": true,
|
|
116
|
+
"transport": "streamable-http",
|
|
117
|
+
"tools": 1,
|
|
118
|
+
"mode": "read_only"
|
|
119
|
+
}
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
## List Tools Through The JSON-RPC Bridge
|
|
123
|
+
|
|
124
|
+
Unauthorized requests fail:
|
|
125
|
+
|
|
126
|
+
```bash
|
|
127
|
+
curl -i \
|
|
128
|
+
-H "Content-Type: application/json" \
|
|
129
|
+
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' \
|
|
130
|
+
http://127.0.0.1:8765/mcp
|
|
131
|
+
```
|
|
132
|
+
|
|
133
|
+
Authorized requests include the bearer token:
|
|
134
|
+
|
|
135
|
+
```bash
|
|
136
|
+
curl -i \
|
|
137
|
+
-H "Authorization: Bearer dev-local-token" \
|
|
138
|
+
-H "Content-Type: application/json" \
|
|
139
|
+
-d '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' \
|
|
140
|
+
http://127.0.0.1:8765/mcp
|
|
141
|
+
```
|
|
142
|
+
|
|
143
|
+
The tool catalog should contain semantic tools such as:
|
|
144
|
+
|
|
145
|
+
```text
|
|
146
|
+
billing.inspect_invoice
|
|
147
|
+
billing.propose_late_fee_waiver
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
It should not contain:
|
|
151
|
+
|
|
152
|
+
```text
|
|
153
|
+
execute_sql
|
|
154
|
+
raw_sql
|
|
155
|
+
approval tools
|
|
156
|
+
commit/apply tools
|
|
157
|
+
database URLs
|
|
158
|
+
write credentials
|
|
159
|
+
model-controlled tenant authority
|
|
160
|
+
arbitrary table or column names
|
|
161
|
+
```
|
|
162
|
+
|
|
163
|
+
## Call A Tool Through The JSON-RPC Bridge
|
|
164
|
+
|
|
165
|
+
```bash
|
|
166
|
+
curl -i \
|
|
167
|
+
-H "Authorization: Bearer dev-local-token" \
|
|
168
|
+
-H "Content-Type: application/json" \
|
|
169
|
+
-d '{
|
|
170
|
+
"jsonrpc": "2.0",
|
|
171
|
+
"id": 2,
|
|
172
|
+
"method": "tools/call",
|
|
173
|
+
"params": {
|
|
174
|
+
"name": "billing.inspect_invoice",
|
|
175
|
+
"arguments": { "invoice_id": "INV-3001" }
|
|
176
|
+
}
|
|
177
|
+
}' \
|
|
178
|
+
http://127.0.0.1:8765/mcp
|
|
179
|
+
```
|
|
180
|
+
|
|
181
|
+
The response includes scoped data, trusted context, evidence handles, and
|
|
182
|
+
`source_database_mutated: false`. The agent still does not receive SQL,
|
|
183
|
+
database credentials, or approval/commit authority.
|
|
184
|
+
|
|
185
|
+
## Read Evidence Or Replay Resources Through The JSON-RPC Bridge
|
|
186
|
+
|
|
187
|
+
Use `resources/read` with a `synapsor://...` handle returned by a tool call:
|
|
188
|
+
|
|
189
|
+
```bash
|
|
190
|
+
curl -i \
|
|
191
|
+
-H "Authorization: Bearer dev-local-token" \
|
|
192
|
+
-H "Content-Type: application/json" \
|
|
193
|
+
-d '{
|
|
194
|
+
"jsonrpc": "2.0",
|
|
195
|
+
"id": 3,
|
|
196
|
+
"method": "resources/read",
|
|
197
|
+
"params": { "uri": "synapsor://evidence/ev_..." }
|
|
198
|
+
}' \
|
|
199
|
+
http://127.0.0.1:8765/mcp
|
|
200
|
+
```
|
|
201
|
+
|
|
202
|
+
## CORS
|
|
203
|
+
|
|
204
|
+
CORS is disabled by default. If a local browser app needs access during
|
|
205
|
+
development, allow one explicit origin:
|
|
206
|
+
|
|
207
|
+
```bash
|
|
208
|
+
synapsor-runner mcp serve-http \
|
|
209
|
+
--config ./synapsor.runner.json \
|
|
210
|
+
--store ./.synapsor/local.db \
|
|
211
|
+
--cors-origin http://localhost:3000
|
|
212
|
+
```
|
|
213
|
+
|
|
214
|
+
Do not use wildcard CORS for a model-facing database tool service.
|
|
215
|
+
|
|
216
|
+
## Network Exposure
|
|
217
|
+
|
|
218
|
+
Synapsor Runner binds to `127.0.0.1` by default.
|
|
219
|
+
|
|
220
|
+
If you explicitly bind to all interfaces:
|
|
221
|
+
|
|
222
|
+
```bash
|
|
223
|
+
synapsor-runner mcp serve-http --host 0.0.0.0
|
|
224
|
+
```
|
|
225
|
+
|
|
226
|
+
the CLI prints a warning. Treat this as a production-like service:
|
|
227
|
+
|
|
228
|
+
- keep bearer auth enabled;
|
|
229
|
+
- use TLS or a trusted reverse proxy;
|
|
230
|
+
- prefer private networking;
|
|
231
|
+
- add rate limits and request-size limits at the edge;
|
|
232
|
+
- do not log request bodies by default;
|
|
233
|
+
- rotate the bearer token if it is exposed.
|
|
234
|
+
|
|
235
|
+
`--dev-no-auth` is accepted only on `localhost` or `127.0.0.1`. It fails closed
|
|
236
|
+
with `--host 0.0.0.0`.
|
|
237
|
+
|
|
238
|
+
## Trusted Context
|
|
239
|
+
|
|
240
|
+
Tenant and principal values must come from trusted configuration such as
|
|
241
|
+
environment variables or a server-side session. HTTP request arguments cannot
|
|
242
|
+
override trusted fields such as:
|
|
243
|
+
|
|
244
|
+
```text
|
|
245
|
+
tenant_id
|
|
246
|
+
principal
|
|
247
|
+
principal_id
|
|
248
|
+
project_id
|
|
249
|
+
source_id
|
|
250
|
+
allowed_columns
|
|
251
|
+
approval_identity
|
|
252
|
+
```
|
|
253
|
+
|
|
254
|
+
Use `read_only` mode first. Proposal/review mode should use a separate trusted
|
|
255
|
+
write path and a separate write credential. The model-facing HTTP MCP endpoint
|
|
256
|
+
must not receive write credentials.
|
|
257
|
+
|
|
258
|
+
## OpenAI Agents SDK
|
|
259
|
+
|
|
260
|
+
See:
|
|
261
|
+
|
|
262
|
+
```text
|
|
263
|
+
examples/openai-agents-http/
|
|
264
|
+
examples/openai-agents-stdio/
|
|
265
|
+
```
|
|
266
|
+
|
|
267
|
+
Both examples use the MCP client integration from the OpenAI Agents SDK when it
|
|
268
|
+
is available. The stdio example launches Runner as a child process. The HTTP
|
|
269
|
+
example connects to `synapsor-runner mcp serve-streamable-http` through
|
|
270
|
+
`MCPServerStreamableHttp`. Use the JSON-RPC bridge only when you intentionally
|
|
271
|
+
want a small app-owned wrapper instead of standard HTTP MCP.
|
|
272
|
+
|
|
273
|
+
The boundary is the same in both modes: the agent calls a semantic Synapsor
|
|
274
|
+
tool, not raw SQL. OpenAI-facing examples use `--alias-mode openai` so
|
|
275
|
+
the model sees OpenAI-valid aliases while Runner preserves canonical Synapsor
|
|
276
|
+
tool names in metadata.
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# Licensing
|
|
2
|
+
|
|
3
|
+
Synapsor Runner is open source under the Apache License 2.0 (`Apache-2.0`).
|
|
4
|
+
|
|
5
|
+
This page is a plain-English summary, not legal advice. If this summary
|
|
6
|
+
conflicts with `../LICENSE`, the `LICENSE` file controls.
|
|
7
|
+
|
|
8
|
+
Apache-2.0 applies to the code in this runner repository. It grants copyright
|
|
9
|
+
and patent rights under the license terms.
|
|
10
|
+
|
|
11
|
+
Apache-2.0 does not grant trademark rights. The Synapsor name, Synapsor Runner
|
|
12
|
+
name, logos, hosted Cloud service, and proprietary Synapsor platform features
|
|
13
|
+
remain separate. See `../TRADEMARKS.md`.
|
|
14
|
+
|
|
15
|
+
This license applies only to `synapsor-runner`. It does not open source:
|
|
16
|
+
|
|
17
|
+
- Synapsor Cloud;
|
|
18
|
+
- the hosted control plane;
|
|
19
|
+
- hosted capability registry;
|
|
20
|
+
- advanced policy/capability compiler;
|
|
21
|
+
- team approvals, RBAC, or SSO;
|
|
22
|
+
- hosted audit/evidence ledger;
|
|
23
|
+
- managed runners;
|
|
24
|
+
- production writeback orchestration;
|
|
25
|
+
- workflow builder;
|
|
26
|
+
- native Synapsor engine;
|
|
27
|
+
- C++/DBMS internals;
|
|
28
|
+
- branching, time travel, or settlement;
|
|
29
|
+
- compliance exports or production support/SLA.
|
|
30
|
+
|
|
31
|
+
Synapsor Cloud is a separate hosted commercial service. Use Cloud when your team
|
|
32
|
+
needs shared approvals, RBAC, hosted evidence/replay search, runner fleet
|
|
33
|
+
status, leases, retention, audit visibility, enterprise controls, and support.
|
|
34
|
+
|
|
35
|
+
Before public release, license and trademark text should be reviewed by the
|
|
36
|
+
release owner or qualified counsel.
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
# Limitations
|
|
2
|
+
|
|
3
|
+
Synapsor Runner is intentionally narrow in the current alpha.
|
|
4
|
+
|
|
5
|
+
## Supported
|
|
6
|
+
|
|
7
|
+
- Stdio MCP server for semantic database capabilities.
|
|
8
|
+
- Local read and proposal tools.
|
|
9
|
+
- Local SQLite evidence/proposal/query-audit/replay store.
|
|
10
|
+
- Human approval through CLI commands.
|
|
11
|
+
- Public protocol objects:
|
|
12
|
+
- `synapsor.change-set.v1`
|
|
13
|
+
- `synapsor.writeback-job.v1`
|
|
14
|
+
- `synapsor.execution-receipt.v1`
|
|
15
|
+
- `synapsor.runner-registration.v1`
|
|
16
|
+
- Guarded single-row `UPDATE` for Postgres and MySQL.
|
|
17
|
+
- App/API handler writeback through approved `http_handler` executors.
|
|
18
|
+
- Local script writeback through approved `command_handler` executors.
|
|
19
|
+
- Primary-key guard.
|
|
20
|
+
- Tenant guard.
|
|
21
|
+
- Allowed-column validation.
|
|
22
|
+
- Version-column or explicit weak row-hash conflict guard.
|
|
23
|
+
- Idempotency receipts.
|
|
24
|
+
- Named local trusted contexts for capability configs.
|
|
25
|
+
- Capability recipes that generate reviewed starter configs.
|
|
26
|
+
- Shadow-mode proposal-vs-human-action comparison.
|
|
27
|
+
- Static MCP database risk review.
|
|
28
|
+
- Local indexed search for proposals, evidence bundles, query audit, writeback
|
|
29
|
+
receipts, and proposal replay.
|
|
30
|
+
|
|
31
|
+
## Runtime Contract
|
|
32
|
+
|
|
33
|
+
Local capabilities are config-defined, not built into the server. The runtime
|
|
34
|
+
does not special-case billing, support, orders, refunds, invoices, or tickets.
|
|
35
|
+
Those domains appear only in demos, smoke tests, and optional recipe JSON files.
|
|
36
|
+
When you connect your own database, `synapsor.runner.json` is the source of
|
|
37
|
+
truth for the model-facing tools.
|
|
38
|
+
|
|
39
|
+
## Not Supported
|
|
40
|
+
|
|
41
|
+
- Arbitrary SQL.
|
|
42
|
+
- Model-generated SQL.
|
|
43
|
+
- DDL.
|
|
44
|
+
- INSERT.
|
|
45
|
+
- DELETE.
|
|
46
|
+
- UPSERT.
|
|
47
|
+
- Multi-row UPDATE.
|
|
48
|
+
- Stored procedures.
|
|
49
|
+
- Cross-database transactions.
|
|
50
|
+
- Physical branching of Postgres/MySQL.
|
|
51
|
+
- Full Synapsor workflow/DAG execution.
|
|
52
|
+
- `CREATE AGENT WORKFLOW` or hosted Synapsor SQL generation.
|
|
53
|
+
- Auto-merge or settlement policy semantics.
|
|
54
|
+
- Automatic rollback of external database writes.
|
|
55
|
+
- Model-callable approval or commit tools.
|
|
56
|
+
- Generic MCP firewall behavior.
|
|
57
|
+
- Prompt-injection prevention.
|
|
58
|
+
- High availability, SLA, compliance certification, or production support guarantee.
|
|
59
|
+
|
|
60
|
+
## Important External Database Semantics
|
|
61
|
+
|
|
62
|
+
External Postgres/MySQL databases are not branched or merged by Synapsor Runner.
|
|
63
|
+
|
|
64
|
+
The proposal, evidence, replay, and approval state live in Synapsor Runner locally or in Synapsor Cloud. The external source database changes only when a trusted runner applies an approved writeback job.
|
|
65
|
+
|
|
66
|
+
Local replay means replay of records captured by the runner:
|
|
67
|
+
|
|
68
|
+
- trusted context values used by the capability;
|
|
69
|
+
- captured/projected source-row excerpts;
|
|
70
|
+
- query audit fingerprints and redacted parameter metadata;
|
|
71
|
+
- proposal before/proposed diffs;
|
|
72
|
+
- approval/rejection events;
|
|
73
|
+
- guarded writeback jobs;
|
|
74
|
+
- applied/conflict/failed receipts.
|
|
75
|
+
|
|
76
|
+
It does not mean external Postgres/MySQL time travel. Runner cannot reconstruct
|
|
77
|
+
arbitrary historical rows that were never captured as evidence, and it does not
|
|
78
|
+
provide `AS OF` queries over an external source.
|
|
79
|
+
|
|
80
|
+
Local search is single-node SQLite search over the local runner store. It is
|
|
81
|
+
useful for local/dev/staging usage. It is not a hosted central evidence ledger,
|
|
82
|
+
not cross-runner aggregation, not RBAC/SSO, and not compliance retention.
|
|
83
|
+
|
|
84
|
+
Use this wording:
|
|
85
|
+
|
|
86
|
+
```text
|
|
87
|
+
External DB = Synapsor review state + trusted writeback
|
|
88
|
+
Synapsor-native = real branch + merge
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
Do not describe external approval as merge.
|
|
92
|
+
|
|
93
|
+
## Weak Conflict Guards
|
|
94
|
+
|
|
95
|
+
A version/timestamp column is the preferred conflict guard. A weak row-hash guard can be acknowledged for local/dev use, but it should not be presented as equivalent to a durable version column.
|