Drafts the cloud deployment design as three earned stages — managed
single-region, elastic data plane with an off-path worker tier, then
BYOC/VPC/air-gapped — each winning one irreducible property. Sets
foundational principles (object-storage-only commit, a soft-state
control plane off the request path, one config-driven binary) drawn
from turbopuffer, Neon, and WarpStream, threads the RFC 0001 auth
design through every stage, and records the open decisions and
invariant analysis.
https://claude.ai/code/session_01N22WDYC6vv2njR5Xu96QaC
Drafts a design for OIDC-based federated authentication that lets a
managed cloud offering issue identity tokens while keeping VPC and
air-gapped on-prem deployments free of any request-time dependency on
the cloud. Introduces a server-only TokenVerifier seam with static and
OIDC implementations, validates the design against the OSS/Cloud
invariants, and records the open decisions needed before acceptance.
https://claude.ai/code/session_01N22WDYC6vv2njR5Xu96QaC
The previous "fetch the full page" recommendation in AGENTS.md and
docs/dev/lance.md pointed at an unknown-author npm CLI that, on consent,
wrote agent-targeted content into AGENTS.md and modified .gitignore /
tsconfig.json. Source audit was clean of malicious code but the
self-perpetuating prompt-injection pattern combined with a single
maintainer and ~21 downloads/day made it not worth the risk. Switched
to the curl + pandoc command already documented as the no-tool option.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
