ZDDC 4681f2c358 feat(zddc): operator .zddc.zip mountable at any cascade level (migration phase 5) ... EffectivePolicy now reads, at every directory in the walk, an optional <dir>/.zddc.zip policy bundle: its members are loaded into a PolicyTree, Assemble()d into a nested ZddcFile, and merged UNDER the dir's on-disk .zddc (most-specific human edit wins). Because Assemble produces an ordinary paths:-bearing ZddcFile, the existing walker threads the bundle's deeper members to descendants and honors inherit:false with zero new cascade logic — the bundle is just another per-level policy source. So a .zddc.zip dropped at ANY directory mounts a policy subtree there; combined with inherit:false + acl.inherit:false in its root member it's a self-contained island that ignores the site defaults (do-something-completely-different). Member paths use "*" wildcards, resolved by the same literal-first matching as paths:. A tool-HTML-only bundle (no .zddc members) contributes no policy. Test: a bundle at /Proj/special grants only *@vendor.com (rwcd at the mount, r at "*" descendants) and, fenced, blocks the embedded project_team grant that still applies outside the island. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>		2026-06-05 11:29:12 -05:00
..
defaults	feat(zddc): policy-tree resolver + per-depth default tree (migration phases 1-2)	2026-06-05 10:40:34 -05:00
acl.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
acl_test.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
admin.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
admin_test.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
cascade.go	feat(zddc): operator .zddc.zip mountable at any cascade level (migration phase 5)	2026-06-05 11:29:12 -05:00
cascade_test.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
cascade_zip_test.go	feat(zddc): operator .zddc.zip mountable at any cascade level (migration phase 5)	2026-06-05 11:29:12 -05:00
defaults.go	feat(zddc): embed default tree + assemble into cascade (migration phases 3-4)	2026-06-05 11:22:59 -05:00
defaults.zddc.yaml	fix(project-create): seed role membership only; grant team rwc on mdl/rsk	2026-06-05 09:29:34 -05:00
defaults_test.go	feat(zddc): Phase 1 — embedded defaults.zddc + inherit + show-defaults	2026-05-11 14:46:51 -05:00
ensure.go	feat(server): flat top-level party peers + pure-WORM archive (impl)	2026-06-03 11:40:09 -05:00
ensure_test.go	test(zddc): update internal/zddc suite for flat-peer layout	2026-06-03 11:47:04 -05:00
field_codes.go	fix(records): validate folder_fields at load time + cache field-code patterns	2026-05-21 15:28:35 -05:00
field_codes_test.go	fix(records): validate folder_fields at load time + cache field-code patterns	2026-05-21 15:28:35 -05:00
file.go	feat(server): add declarative views: cascade key + ViewAt resolver (schema)	2026-06-04 09:53:53 -05:00
file_test.go	feat(server): local-only tool-HTML override; remove apps URL/version fetching	2026-06-04 08:59:28 -05:00
folder.go	feat(zddc): MD→{docx,html,pdf} server-side conversion via stock pandoc + chromium containers	2026-05-13 10:33:56 -05:00
folder_test.go	feat(zddc): add ParseTransmittalFolder + IsTrnOrSubTracking helpers	2026-05-07 09:14:19 -05:00
history_policy_test.go	feat(server): edit-history versioning for working-folder markdown	2026-05-28 12:37:51 -05:00
inherit_test.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
lookups.go	feat(server): add declarative views: cascade key + ViewAt resolver (schema)	2026-06-04 09:53:53 -05:00
lookups_test.go	feat(server): route no-slash directory URLs through views.dir (cascade spine)	2026-06-04 10:01:31 -05:00
roles.go	feat: show effective permissions + roles per location in the browse hovercard	2026-06-01 11:12:39 -05:00
roles_test.go	feat: show effective permissions + roles per location in the browse hovercard	2026-06-01 11:12:39 -05:00
scan.go	feat: lockstep release infra + cascade/.archive fixes + profile perf + page redesign	2026-05-01 20:11:38 -05:00
scan_test.go	refactor(history): store under .zddc.d/history/; drop .history carve-out + dead .devshell	2026-06-02 13:48:41 -05:00
slots.go	feat(server): flat top-level party peers + pure-WORM archive (impl)	2026-06-03 11:40:09 -05:00
special.go	feat(roles): in-flight ratchet + auto_own_roles, drop DC subtree-admin	2026-05-21 10:51:07 -05:00
special_test.go	chore(zddc): migrate mkdir auto-own hook to the cascade, drop dead predicates	2026-05-12 10:42:49 -05:00
standardroles_test.go	test(zddc): update internal/zddc suite for flat-peer layout	2026-06-03 11:47:04 -05:00
validate.go	feat(server): add declarative views: cascade key + ViewAt resolver (schema)	2026-06-04 09:53:53 -05:00
validate_test.go	feat(server): local-only tool-HTML override; remove apps URL/version fetching	2026-06-04 08:59:28 -05:00
virtualreceived.go	refactor: nest lifecycle slots per-party + add virtual top-level aggregators	2026-05-21 07:57:45 -05:00
virtualviews.go	feat(browse,tables): flat-peer clients + dual-mode cross-party aggregate	2026-06-03 12:35:31 -05:00
virtualviews_test.go	feat(browse,tables): flat-peer clients + dual-mode cross-party aggregate	2026-06-03 12:35:31 -05:00
walker.go	feat(server): route no-slash directory URLs through views.dir (cascade spine)	2026-06-04 10:01:31 -05:00
walker_test.go	feat(zddc): Phase 2 — paths: walker, recursive cascade	2026-05-11 14:55:12 -05:00
worm.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
worm_test.go	test(zddc): update internal/zddc suite for flat-peer layout	2026-06-03 11:47:04 -05:00
writer.go	feat: form-data system v0 (sixth tool + zddc-server endpoints)	2026-05-02 20:12:16 -05:00
writer_test.go	refactor(audit): pre-release cleanup pass	2026-05-18 16:28:07 -05:00
zippolicy.go	feat(zddc): embed default tree + assemble into cascade (migration phases 3-4)	2026-06-05 11:22:59 -05:00
zippolicy_test.go	feat(zddc): embed default tree + assemble into cascade (migration phases 3-4)	2026-06-05 11:22:59 -05:00