Skip to content

feat(tools/asf-svn): ASF SVN-based tool adapter (svn.apache.org + dist.apache.org), full capability surface like tools/github (#608)#620

Merged
potiuk merged 5 commits into
apache:mainfrom
HarshMehta112:feat/tools/asf-svn
Jul 1, 2026
Merged

feat(tools/asf-svn): ASF SVN-based tool adapter (svn.apache.org + dist.apache.org), full capability surface like tools/github (#608)#620
potiuk merged 5 commits into
apache:mainfrom
HarshMehta112:feat/tools/asf-svn

Conversation

@HarshMehta112

Copy link
Copy Markdown
Contributor

Summary

  • Adds tools/asf-svn/ — a complete ASF SVN tool adapter, the SVN counterpart to tools/github/: source control (VCS binding), svn CLI operations + credentials pre-flight, dist.apache.org release
    distribution, ASF committer/PMC authorization, and optional svnpubsub site publishing.
  • Why: dist.apache.org is SVN for every ASF project regardless of where code lives, so even a GitHub-hosted ASF project needs this to steward its release flow; a GitHub-only tool surface is
    structurally blind to ASF release infrastructure.
  • Packages the generic SVN binding (feat(tools/subversion): Apache Subversion (SVN) support — ASF svn.apache.org / dist.apache.org #602) plus the ASF-specific surface into a first-class named tool an adopter can mix per capability (e.g. GitHub issues + asf-svn source control + asf-svn release
    distribution).

Type of change

  • Skill change (.claude/skills/<name>/) — eval fixtures updated below
  • Tool / bridge contract (tools/<system>/*.md)
  • Python package (tools/*/ with pyproject.toml)
  • Groovy reference impl
  • Cross-cutting (RFC, AGENTS.md, sandbox, privacy-LLM)
  • Documentation (docs/, README.md, CONTRIBUTING.md)
  • Project template (projects/_template/)
  • CI / dev loop (prek, workflows, validators)
  • Other:

Test plan

  • skill-and-tool-validator run against the working tree — 0 violations on tools/asf-svn/ files; capability-sync, tool-README (capability + prerequisites), link, and TOC-anchor checks all green.
  • All ../ and same-dir markdown links verified to resolve to existing targets.
  • doctoc TOC anchors hand-verified against doctoc's GitHub-slugger output already present in the repo (e.g. distapacheorg, -- for em-dash, projects-v2 for parens) — the hook is a no-op on these
    files.
  • Every svn / svnmucc recipe checked for flag/subcommand validity.
  • apache-projects MCP tool names (get_committee / get_group_members / get_person / search_people) verified against tools/apache-projects/tool.md — no invented identifiers.
  • prek run --all-filesnot run in authoring env (no uv/node available); doc-only change, no Python/Groovy touched. Please run in CI.
  • N/A — no Python package, Groovy bridge, or skill behaviour changed (doc-only adapter; no eval fixtures apply).

RFC-AI-0004 compliance

  • skill-and-tool-validator run against the working tree — 0 violations on tools/asf-svn/ files; capability-sync, tool-README (capability + prerequisites), link, and TOC-anchor checks all green.
  • All ../ and same-dir markdown links verified to resolve to existing targets.
  • doctoc TOC anchors hand-verified against doctoc's GitHub-slugger output already present in the repo (e.g. distapacheorg, -- for em-dash, projects-v2 for parens) — the hook is a no-op on these
    files.
  • Every svn / svnmucc recipe checked for flag/subcommand validity.
  • apache-projects MCP tool names (get_committee / get_group_members / get_person / search_people) verified against tools/apache-projects/tool.md — no invented identifiers.
  • prek run --all-filesnot run in authoring env (no uv/node available); doc-only change, no Python/Groovy touched. Please run in CI.
  • N/A — no Python package, Groovy bridge, or skill behaviour changed (doc-only adapter; no eval fixtures apply).

RFC-AI-0004 compliance

  • HITL — every write path (svn commit, dist stage/promote/prune, site publish) is gated on explicit user confirmation in the calling skill; stated in each file's write-path confirmation rule.
  • Sandbox — no new unrestricted host access; network reach (svn.apache.org, dist.apache.org) declared in README.md Prerequisites.
  • Vendor neutrality — placeholders (<project>, <asf-id>, <project-config>, <upstream>) used throughout; ASF specifics live in the adapter, not in any skill.
  • Conversational + correctable — adapter is doc-only; skills that consume it retain their existing agentic-override paths.
  • Write-access discipline — no autonomous outbound messages; all commits/promotions are drafted command sets executed only on confirmation.
  • Privacy LLM — N/A; the adapter reads only public ASF roster/infra data (every apache-projects MCP value is already public).

Linked issues

Closes #608. Refs #602 (generic SVN VCS binding this builds on), #526 (ASF infra bootstrap context).

Notes for reviewers (optional)

… and release distribution

Signed-off-by: Harsh Mehta <harshmehta010102@gmail.com>
@justinmclean

Copy link
Copy Markdown
Member

The CI is failing as fenced code blocks should have a language specified - it should be easy to fix.

@justinmclean

justinmclean commented Jun 29, 2026

Copy link
Copy Markdown
Member

Using the Magpie review skill:

Security model — major

tools/asf-svn/operations.md (Authentication) documents passing the ASF account password as a command-line argument:
svn info https://svn.apache.org/repos/asf//trunk
--username --password --no-auth-cache

The doc itself states this is "the committer's ASF account password (managed at id.apache.org), not a separate token." Passing it on argv exposes it in ps/process listings, shell history, and command logs on the same shared/ephemeral machine the --no-auth-cache note is trying to protect. Recommend omitting --password (let svn prompt) or feeding it via stdin.

API / code correctness — major

The Step 0 auth "write check" uses read-only svn info, which does not verify write access. operations.md labels svn info … | grep "^URL:" a "(write check)" and the broader text says it must "verify that svn has a usable credential with write access." Because svn.apache.org/repos/asf and dist.apache.org/repos/dist are world-readable, svn info exits 0 for a non-committer, so the "hard stop" passes and the failure only surfaces at the real svn commit (E170001). Same false-positive in authorization.md ("confirm dist write access") and release-distribution.md (dist pre-flight).

Code quality — minor

release-distribution.md "Promote a release": prose says "using a server-side SVN copy" and the code comment says "Server-side copy from dev to release," but the command is svn move. Command is correct for ASF promotion; the "copy" wording is misleading (a reader may expect the RC to remain under dev/).

Conventions — minor

tools/asf-svn/README.md omits the Organization: ASF line that tools/AGENTS.md ("Every tool is a directory with a README", point 3) requires for org-bound tools. asf-svn is unambiguously ASF-bound; sibling ASF tools apache-projects and ponymail both carry it. Not CI-enforced when absent, so it won't fail the validator.
No license-header finding: all six new files carry the Apache SPDX header, and .md files are exempt anyway, so this is clean.

HarshMehta112 and others added 2 commits June 29, 2026 16:41
…nd operations

Signed-off-by: Harsh Mehta <harshmehta010102@gmail.com>
Resolve docs/labels-and-capabilities.md conflict: adopt the new
contract:/substrate: tool-capability taxonomy from apache#641/apache#645 and relabel
the tools/asf-svn row to contract:source-control. Update tools/asf-svn
README to the new taxonomy and add the Organization: ASF declaration.
@potiuk

potiuk commented Jul 1, 2026

Copy link
Copy Markdown
Member

Hey @HarshMehta112 -> are you going to address the few small issues pointed by @justinmclean -> rebase + fixing it and I will be happy to merge :)

@HarshMehta112

Copy link
Copy Markdown
Contributor Author

Hey @HarshMehta112 -> are you going to address the few small issues pointed by @justinmclean -> rebase + fixing it and I will be happy to merge :)

Hi @potiuk
I’ve addressed the issues pointed out by @justinmclean and pushed the updates to the PR. Could you please re-verify the changes when you get a chance? Let me know if anything else needs to be modified.

@potiuk potiuk left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thorough adapter — the capability split (source-control / dist / authorization / publishing separable per project) reads well, and the write-path confirmation rules are consistent across the files. Three things worth fixing before merge, plus one advisory.

1. tools/asf-svn/source-control.md:64svn mergeinfo arguments are reversed.
The row gives svn mergeinfo --show-revs eligible <branch-url> <trunk-url> with the note "Finds revisions on trunk not yet merged to the branch." eligible SOURCE TARGET lists revisions in SOURCE not yet in TARGET, so as written (SOURCE=branch, TARGET=trunk) it returns revisions on the branch not merged to trunk — the opposite of the note. For the stated goal it should be:

svn mergeinfo --show-revs eligible <trunk-url> <branch-url>

2. tools/asf-svn/publishing.md:77-78 — "Publish a site update" won't propagate deletions.
The comment says "Stage any new or removed files," but svn add --force site-wc/ only schedules additions. For a regenerated site, pages removed during regeneration stay versioned and get re-committed, so stale pages remain live after the commit (and svnpubsub mirrors within seconds). The recipe needs a step that also schedules missing paths for deletion — e.g. svn status | awk '/^!/{print $2}' | xargs -r svn rm before the commit — to match the "removed files" claim.

3. tools/asf-svn/operations.md:90-91 — garbled sentence in the auth guidance.

…argv is visible in ps, shell history, and process logs on the same shared/ephemeral machine --no-auth-cache is meant to protect.

Two clauses look merged; as written it doesn't parse and the point of why the password must not be passed on argv is lost. Worth a clean rewrite since it's security guidance.

Advisory: the validator's adapter-authoring [config-keys] SOFT check flags that tools/asf-svn/README.md has no ## Configuration section or project-config reference. tool.md shows the tools_enabled: block, but adding a short config pointer to the README would clear the advisory and make the adapter self-contained.

The dist write-path recipes (stage / svn move promotion / prune / KEYS sync), the two-check auth pre-flight, and the pmc-<project> roster naming all check out.

…e publishing

Signed-off-by: Harsh Mehta <harshmehta010102@gmail.com>
@HarshMehta112 HarshMehta112 requested a review from potiuk July 1, 2026 13:11

@potiuk potiuk left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @HarshMehta112 — all three points from the earlier review are addressed cleanly:

  • svn mergeinfo argument order corrected, with a clear eligible SOURCE TARGET note;
  • the site-publish recipe now schedules deletions (svn status … | svn rm) so regenerated sites don't leave stale pages live;
  • the auth-guidance sentence reads correctly now.

Nice touch adding the ## Configuration section too — it clears the validator's config-keys advisory. Validator's green and CI is clean. Approving. 🚀

@potiuk potiuk merged commit 648daab into apache:main Jul 1, 2026
30 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

feat(tools/asf-svn): ASF SVN-based tool adapter (svn.apache.org + dist.apache.org), full capability surface like tools/github

4 participants