Summary
Neotoma has no first-class writeback connector for mutating an external system-of-record. Existing "mirror writeback" writes disk Markdown to Neotoma /correct, and peer sync assumes another Neotoma peer. Writing back to a third-party system of record (e.g. via its REST API) needs an explicit ownership/conflict/audit model.
Scope
A gated external writeback + reconciliation layer:
- Typed mutation client for an external API, behind a feature flag (off by default)
- Per-field system-of-record declaration (external-owned vs Neotoma-derived); Neotoma never writes an external-owned field without an explicit rule
- Conflict detection: detect divergence between external state and Neotoma-derived state before writing
- Correction audit: every writeback is an auditable observation with provenance
- Immutable audit receipts per mutation (who/what/when/source→target)
- Reconciliation so the external system remains authoritative and writes are reversible
Acceptance criteria
- Writeback is off unless explicitly enabled per field
- A divergence between external and derived state is surfaced, not silently overwritten
- Every mutation produces a queryable, provenance-stamped receipt
- The external system remains system-of-record; writeback is advisory/derived and reversible
Note
This is deliberately gated — most integrations should start read-only. Ownership + audit model is required before any active writeback ships.
Summary
Neotoma has no first-class writeback connector for mutating an external system-of-record. Existing "mirror writeback" writes disk Markdown to Neotoma
/correct, and peer sync assumes another Neotoma peer. Writing back to a third-party system of record (e.g. via its REST API) needs an explicit ownership/conflict/audit model.Scope
A gated external writeback + reconciliation layer:
Acceptance criteria
Note
This is deliberately gated — most integrations should start read-only. Ownership + audit model is required before any active writeback ships.