Problem
Global sources are read-only everywhere outside the MCP read tools. Relaxing this to allow content writes (relations would stay forbidden) is a substantial change with open questions — write-addressing scheme, provenance marker, path hardening, atomic writes — and it touches several accepted rules/decisions.
Expected result
An RFC that resolves the open questions and includes a security review, ending in a recorded decision to either amend the read-only rule or reaffirm it.
Impact
Ensures a risky change to the globals trust model is made deliberately, with the path-traversal and provenance implications reviewed up front.
Scope
Files: a new RFC/decision doc under .archcore/
Acceptance: the design is settled and the read-only rule is either amended or reaffirmed.
Status: design/RFC + security review only.
Problem
Global sources are read-only everywhere outside the MCP read tools. Relaxing this to allow content writes (relations would stay forbidden) is a substantial change with open questions — write-addressing scheme, provenance marker, path hardening, atomic writes — and it touches several accepted rules/decisions.
Expected result
An RFC that resolves the open questions and includes a security review, ending in a recorded decision to either amend the read-only rule or reaffirm it.
Impact
Ensures a risky change to the globals trust model is made deliberately, with the path-traversal and provenance implications reviewed up front.
Scope
Files: a new RFC/decision doc under
.archcore/Acceptance: the design is settled and the read-only rule is either amended or reaffirmed.