Expand description
Governed-Excel workbook served-tool module (Phase 92).
Gated behind the opt-in workbook feature so the no-workbook toolkit
build never links the pmcp-workbook-runtime BundleSource/BundleLoader
surface. The workbook-embedded feature additionally enables the runtime’s
embedded (include_dir) EmbeddedSource for binary-baked bundles.
Governed-Excel workbook served-tool module (Phase 92,
bundlesource-served-tool-toolkit-module).
This is the toolkit-side home for the served calculate / explain /
get_manifest / diff_version / render_workbook tools that operate on a
verified pmcp_workbook_runtime::WorkbookBundle (loaded fail-closed via
the runtime’s BundleSource + BundleLoader).
§Domain failure vs infrastructure failure (Codex LOW)
The served tools draw a sharp line between two failure classes:
- A domain failure (invalid input, an out-of-range / non-finite output,
a strict-constant override) is NOT a protocol error. It returns
isError:trueINSIDEstructuredContentvia [error::to_iserror_result] so the MCP App widget can read a stable, machine-actionable repair code — never anErr(pmcp::Error). - An infrastructure failure (a poisoned/malformed in-memory bundle state,
a resource-handler internal fault, a genuine bug) MAY still surface as a
protocol
Err. The lift does NOT blanket-swallow infrastructure faults as domain errors.
§The served provenance stamp ([ProvStamp], Codex HIGH #3)
Every tool result (success AND error envelope) carries a [ProvStamp] of
{ bundle_id, version, combined_hash }. The combined_hash field carries
the BUNDLE.lock COMBINED hash-of-hashes
(pmcp_workbook_runtime::BundleLock::combined). It is named combined_hash
— NEVER workbook_hash — so it can never be confused with
pmcp_workbook_runtime::BundleLock::workbook_hash, which is the SOURCE
workbook content hash, a DIFFERENT value.
Modules§
- error
- The structured
isError:trueenvelope (WBSV-06) — machine-actionable repair payloads that ride instructuredContent, NEVER a JSON-RPC protocol error, and ALWAYS carry the provenance stamp (on the failure path too). - handler
- The curated workbook tool handlers (WBSV-01/02/03/04):
calculate,explain,get_manifest,diff_version. - input
- The strict
calculate/explaininput DTO + fail-closed tier enforcement (WBSV-06, WR-02/WR-05/V4). - render_
resource - The stateless regen-on-read
workbook://resource handler (WBSV-05, V3/V12). - render_
uri - The
workbook://render-pointer URI codec (WBSV-05, V12). - schema
- Tool schema builders (WBSV-07) — the mandatory non-empty
outputSchema+ the per-tool input schema, projected ENTIRELY from the embeddedManifest+CellMap.
Structs§
- CellMap
- Re-export of the verified runtime bundle the served tools operate on (loaded
fail-closed via
pmcp_workbook_runtime::load_bundle). The manifest-driven I/O cell map (Codex HIGH #5): the shared inputs pool + the per-TableTools the served binary fans out into one MCP tool each (WBV2-03 §4.1). - Decoded
Render - The decoded render payload: the canonical input DTO plus the provenance stamp
that was bound into the URI at
render_workbooktime. - Diff
Version Handler - The
diff_versionhandler (WBSV-04): serve the RECORDED prev→currentpmcp_workbook_runtime::VersionChangelogthe offline promote step folded into the bundle (hash-verified at boot — NOT a runtime computation), stamped. - Embedded
Source - The binary-baked
BundleSource(WBSV-09), re-exported only when the toolkit’sworkbook-embeddedfeature layers the runtime’sembedded(include_dir) support on top of the LocalDirSource-onlyworkbookbuild. - Explain
Handler - The
explainhandler (WBSV-02): a stateless re-run that renders the derivation trace as ordered business-language steps, plus a GENERIC manifest-declaredannotationsobject (S-2 — any domain-specific keystone is generalized into manifest-declared annotations; the engine reads onlymanifest.annotationsnames, nothing domain-specific). - GetManifest
Handler - The
get_manifesthandler (WBSV-03): a CURATED agent-facing projection — inputs (tier+default+unit), outputs (unit/meaning), governed-data summary, versions/hashes, changelog — NOT the raw internal manifest. - Local
DirSource - Re-export of the full boot surface (D-11) so Shape A/B consumers register a
served workbook WITHOUT ever naming
pmcp-workbook-runtime: theBundleSourcetrait + its on-disk impl, the fail-closed loader entry point, and both error types. TheEmbeddedSourceimpl is re-exported separately under theworkbook-embeddedfeature (it needs the runtime’sembeddedinclude_dir support). ABundleSourcethat reads a bundle from a directory tree on disk. - Manifest
- Re-export of the verified runtime bundle the served tools operate on (loaded
fail-closed via
pmcp_workbook_runtime::load_bundle). The logical manifest — the source of truth for cell roles + metadata that REPLACES colour as canonical (DIA-03). Synthesis builds a CANDIDATE (ratified = false); BA ratification (Plan 05) makes it conformant. - Prov
Stamp - The provenance stamp on EVERY served tool result (success AND error
envelope) — the
bundle_id@versionidentity plus thecombined_hashintegrity anchor (Codex HIGH #3). - Render
Workbook Handler - The
render_workbookhandler (WBSV-05): validate the inputs, then return a provenance-boundworkbook://URI POINTER — NOT the.xlsxbytes. The bytes are recomputed perresources/readbysuper::render_resourcefrom the decoded URI (stateless regen-on-read, Lambda-safe, V3). - Render
Workbook Resource - The stateless regen-on-read resource handler for
workbook://render pointers (WBSV-05). Holds the shared verified bundle; every read regenerates the.xlsxfrom the (untrusted) URI — provenance-verified, re-validated, re-run, rendered, base64-encoded. - Validated
Input - A validated, tier-checked input ready to seed the
pmcp_workbook_runtimeexecutor.seedsiscell_key -> value(the inputs mapped through the embeddedcell_map, plus any accepted variable-tier overrides). - Workbook
Bundle - Re-export of the verified runtime bundle the served tools operate on (loaded
fail-closed via
pmcp_workbook_runtime::load_bundle). The fully-parsed, integrity-verified bundle the served tools operate on. - Workbook
Tool Error - One structured tool-execution error (WBSV-06): a machine-actionable repair
payload. The agent reads
allowed/range/requiredto repair the call — “allowed-values live in the error”. - Workbook
Tool Handler - One served MCP tool per output Table (WBV2-04): validate → seed via cell_map → re-run the embedded IR → project ONLY this tool’s outputs (finite) → stamp.
Enums§
- Bundle
Load Error - Re-export of the full boot surface (D-11) so Shape A/B consumers register a
served workbook WITHOUT ever naming
pmcp-workbook-runtime: theBundleSourcetrait + its on-disk impl, the fail-closed loader entry point, and both error types. TheEmbeddedSourceimpl is re-exported separately under theworkbook-embeddedfeature (it needs the runtime’sembeddedinclude_dir support). Errorsloadsurfaces — every one is fail-closed (the bundle is rejected, the server never boots on a tampered/malformed bundle). - Bundle
Source Error - Re-export of the full boot surface (D-11) so Shape A/B consumers register a
served workbook WITHOUT ever naming
pmcp-workbook-runtime: theBundleSourcetrait + its on-disk impl, the fail-closed loader entry point, and both error types. TheEmbeddedSourceimpl is re-exported separately under theworkbook-embeddedfeature (it needs the runtime’sembeddedinclude_dir support). Errors aBundleSourcemay surface.
Constants§
- MAX_
ENCODED_ URI_ LEN - The hard upper bound on an encoded
workbook://URI length, in bytes. - WORKBOOK_
TOOL_ UI - The UI resource URI every workbook tool advertises (MCP Apps widget hook).
- WORKBOOK_
XLSX_ MIME - The MIME type of the rendered
.xlsxworkbook (the OOXML spreadsheet type). Advertised byrender_workbookand carried on theresources/readcontent so the client knows the base64 payload is a downloadable spreadsheet.
Traits§
- Bundle
Source - Re-export of the full boot surface (D-11) so Shape A/B consumers register a
served workbook WITHOUT ever naming
pmcp-workbook-runtime: theBundleSourcetrait + its on-disk impl, the fail-closed loader entry point, and both error types. TheEmbeddedSourceimpl is re-exported separately under theworkbook-embeddedfeature (it needs the runtime’sembeddedinclude_dir support). Raw-byte access to a single bundle’s members. - Workbook
Builder Ext - Composable builder extension wiring a verified workbook bundle into a
pmcp::ServerBuilderin ONE call.
Functions§
- decode
- Decode a
workbook://render pointer URI back into itsDecodedRenderpayload — TOTAL and panic-free over arbitrary/adversarial input. - encode
- Encode a validated input DTO + provenance stamp into a
workbook://render pointer URI. - load_
bundle - Re-export of the full boot surface (D-11) so Shape A/B consumers register a
served workbook WITHOUT ever naming
pmcp-workbook-runtime: theBundleSourcetrait + its on-disk impl, the fail-closed loader entry point, and both error types. TheEmbeddedSourceimpl is re-exported separately under theworkbook-embeddedfeature (it needs the runtime’sembeddedinclude_dir support). Load + fail-closed integrity-verify a bundle from anyBundleSource. - sanitize_
tool_ name - Sanitize a raw output-Table name into an MCP tool name matching
^[a-zA-Z0-9_-]{1,64}$(T-100-10), wrapping the SINGLE shared runtime sanitizer (pmcp_workbook_runtime::sanitize_tool_name) so the served registration and the offline compiler’s collision lint cannot drift on the locked five-rule semantics (lowercase, illegal-run → single_, trim edges, truncate 64, reject empty/all-illegal). A reject becomes the fail-closedinvalid_tool_namedomain error. - to_
iserror_ result - Render a
WorkbookToolErrorinto theisError:truepayload carrying the provenance stamp (on the failure path too). Returned as a bareValue— the widget-meta tool routes it intostructuredContentwhere theisError:truemarker + repair fields survive dispatch. - validate_
input - Validate + tier-check the raw tool args against the manifest + cell_map, fail-closed.