Expand description
Convergent diff engine.
Compares two RoleGraph instances (current vs desired) and produces an
ordered list of Change operations needed to bring the database from
its current state to the desired state.
The model is convergent: anything present in the current state but absent from the desired state is revoked/dropped. This is the Terraform-style “manifest is the entire truth” approach.
Enums§
- Change
- A single change to be applied to the database.
Functions§
- apply_
role_ retirements - Augment a diff plan with explicit role-retirement actions.
- diff
- Compute the list of changes needed to bring
currenttodesired.