| Safe Haskell | None |
|---|---|
| Language | GHC2021 |
Ecluse.Core.Osv.Schema
Description
The compiled advisory artifact's schema contract.
Écluse Pilot compiles OSV advisory data into a read-only SQLite artifact
(osv.db) and publishes it to object storage; the proxy downloads it and
queries it locally on the request path. This module is the one place the
writer and the reader agree on what that artifact looks like: the table-schema
epoch that names and stamps it, and the keys of its meta table.
The artifact is immutable and rebuilt from scratch on every compilation, so there are no migrations, only a read-compatibility contract between whoever wrote a file and whoever reads it. The epoch expresses exactly that contract: it moves only when the shape of the data breaks, so the key stays findable and the stamp stays checkable across releases of either side.
Synopsis
- osvSchemaEpoch :: Int
- osvDbFileName :: Text -> FilePath
- data MetaKey
- renderMetaKey :: MetaKey -> Text
The table-schema epoch
osvSchemaEpoch :: Int Source #
The table-schema epoch: the version of the artifact's shape, shared by the Pilot writer and the proxy reader.
Bump it only for a breaking change to the existing shape (a column rename, a semantic change, a key change). Additive changes (a new column, a new table) must not bump it: readers select explicit columns, so additions are invisible to them. A column exists exactly when the build populates it, so a reader learns what data an artifact offers from the schema itself.
The epoch names the published artifact (osvDbFileName) and is stamped into
it as SQLite's user_version; a reader must reject an artifact whose stamp
does not match its own compiled-in epoch and keep its last known-good
database.
osvDbFileName :: Text -> FilePath Source #
The artifact's file name, and object-storage key, for an ecosystem.
The key is stable per ecosystem, so a reader can poll one known key by ETag, and embeds only the epoch, so the key changes exactly when a reader could no longer use the file.
>>>osvDbFileName "npm""npm-osv-schema1.db"
The meta table
A key of the artifact's meta table (one TEXT key/value row per key).
The table carries the artifact's provenance: which build produced it, from what source, and when.
Constructors
| MetaPilotVersion | The Pilot application version that produced the artifact. |
| MetaEcosystem | The ecosystem the artifact was compiled for (e.g. |
| MetaBuiltAt | When the compilation finished, as an ISO-8601 UTC timestamp. |
| MetaSourceUrl | The advisory-dump URL the artifact was compiled from. |
| MetaRowCount | The number of advisory ranges the artifact holds. |
Instances
| Bounded MetaKey Source # | |
| Enum MetaKey Source # | |
| Show MetaKey Source # | |
| Eq MetaKey Source # | |
renderMetaKey :: MetaKey -> Text Source #
The key's stored form in the meta table.