Summary
By-reference source storage is host-local and not portable, which limits enterprise auditability. Critical source artifacts referenced by path depend on the file staying in place on a specific host; they don't travel with the graph.
Motivation
Enterprise audit needs source evidence to be portable and durable — a provenance trail that survives host moves, backups/restores, and cross-instance sync. Reference storage is fine for large local files the operator controls, but critical artifacts should be inline or object-stored.
Scope
- Inline / object-storage backing for critical source artifacts (not just by-reference path rows)
- A policy/knob to mark a source as "must be portable" → stored inline or in object storage
- Ensure portable sources survive backup/restore and cross-instance sync
Acceptance criteria
- A source can be marked portable and is then retrievable independent of the original host path
- Portable sources survive a backup/restore cycle
- Existing by-reference behavior remains available for large operator-controlled local files
Context
Current source_storage: reference mode stores only a path + metadata row (host-local). This adds a durable/portable tier for audit-critical artifacts.
Summary
By-reference source storage is host-local and not portable, which limits enterprise auditability. Critical source artifacts referenced by path depend on the file staying in place on a specific host; they don't travel with the graph.
Motivation
Enterprise audit needs source evidence to be portable and durable — a provenance trail that survives host moves, backups/restores, and cross-instance sync. Reference storage is fine for large local files the operator controls, but critical artifacts should be inline or object-stored.
Scope
Acceptance criteria
Context
Current
source_storage: referencemode stores only a path + metadata row (host-local). This adds a durable/portable tier for audit-critical artifacts.