feat(sdk): mark HostErrorKind + LogLevel #[non_exhaustive] (COW-1029)#35
Open
brunota20 wants to merge 1 commit into
Open
feat(sdk): mark HostErrorKind + LogLevel #[non_exhaustive] (COW-1029)#35brunota20 wants to merge 1 commit into
brunota20 wants to merge 1 commit into
Conversation
Applies forward-compatibility hardening to the two SDK enums that mirror the WIT type system. Both `HostErrorKind` (7 variants) and `LogLevel` (5 variants) now carry `#[non_exhaustive]`. The WIT contract drives the variant set: once a new variant is added in WIT (e.g. a future `WasmTrap` HostErrorKind, or a `Critical` LogLevel), the SDK side mirrors it without breaking downstream `match` sites. `RetryAction` (3 variants) and `PollOutcome` (5 variants) stay exhaustive - they're domain-locked to the cowprotocol `OrderPostErrorKind::is_retriable()` contract and the `IConditionalOrder` Solidity interface respectively. The `#[non_exhaustive]` issue body (COW-1029 / BLEU-853) explicitly exempts them. ## Match-site updates The 4 modules that ported to the M3 Host trait pattern (price-alert, stop-loss, twap-monitor, ethflow-watcher) match on SDK `HostErrorKind` and `LogLevel` in their `sdk_err_into_wit` and `convert_level` adapters. Each gains a wildcard arm: _ => HostErrorKind::Internal // safest catch-all _ => logging::Level::Info // most neutral default balance-tracker is unaffected (it predates the host-trait refactor and matches against wit-bindgen types directly, not SDK types). The balance-tracker port is tracked as the COW-1063 QA matrix optional follow-up. ## Considered alternatives Issue body originally proposed "open as tracking ticket; trigger when WIT adds the 8th HostErrorKind". Rejected for M4: production hardening means stable API contracts BEFORE shipping. Applying non_exhaustive proactively trades 10 wildcard arms (5 modules x 2 match blocks, minus 1 module that doesn't have the adapter) for forward-compat stability. ## Doc + ADR updates - `crates/shepherd-sdk/src/host.rs`: rustdoc on each enum cites the COW-1029 decision + wildcard-arm guidance for module adapters. - `docs/adr/0009-host-trait-surface.md`: Consequences section updated. The "ADR-0009 follow-up COW-1029" stub is replaced with the applied state. ## Validation - `cargo test --workspace` -> 151 host tests + 6 doctests passing (no change in count). - `cargo clippy --all-targets --workspace -- -D warnings` clean. - `cargo fmt --all --check` clean. - 5 wasm modules build under `wasm32-wasip2 --release`. - 0 em-dashes in changed files. Linear: COW-1029. First M4 issue landed.
6 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Applies forward-compatibility hardening to the two SDK enums that mirror the WIT type system. Both `HostErrorKind` (7 variants) and `LogLevel` (5 variants) now carry `#[non_exhaustive]`. Once WIT adds a new variant (e.g. a future `WasmTrap` / `Critical`), the SDK side mirrors it without breaking downstream `match` sites.
First M4 production-hardening issue landed.
Why
The COW-1029 issue body originally proposed waiting until WIT actually grew before applying `#[non_exhaustive]`. Re-scoped for M4 production hardening: stable API contracts before mainnet matter more than the 10 wildcard arms the change costs.
Changes
balance-tracker is unaffected (still on the M2-era direct-wit-bindgen pattern; not refactored to Host trait). Tracked as the optional follow-up from the COW-1063 QA matrix.
Out of scope
Breaking changes
For downstream module authors: `match` on SDK `HostErrorKind` or `LogLevel` now requires a wildcard arm. The 4 production modules updated here are the only known consumers; outside that we're pre-publish so the impact window is zero.
Testing
AI assistance disclosure
AI Assistance: this change + description was produced by a Claude Code agent (Claude Opus 4.7 1M context). A human (Bruno) reviewed and is accountable for the result.
Linear: COW-1029. First M4 issue landed; stacks on #34 (supervisor alive fix).