Hi, I've been thinking about the read-only aspect of the CNS, and whether it would be useful to relax this constraint. The primary driver (in the Sling world) is that while content packages and repoinit allow easy inspection of the payload so we can know ahead of time if anyone would write to a non-default mount ( e.g. /apps ) there are two wildcards:
- bundle activators and OSGi components - vault hooks We cannot be sure that none of them will write in the repository in a non-default mount, and for the sake of compatibility we could allow writing. There are two major constraints listed in the CNS documentation [1]: - atomic commits across node stores - oak subsystems that are not composite-aware I would propose that we 'solve' these problems in the following ways: 1. Allow commits only over individual node stores, never commits that span multiple stores 2. Validate that subsystems that are not composite-aware are not affected. For instance, that no observation listeners are bound to paths under non-default mounts. The details are rough and my memory of the implementation is not that good, but I would like to see what others think before committing to a POC. Thanks! Robert [1]: https://jackrabbit.apache.org/oak/docs/nodestore/compositens.html
