Remediates iter-11 security audit findings HC-03 (RUSTSEC-2026-0095) and
HC-04 (RUSTSEC-2026-0096) — Cranelift/Winch sandbox-escape CVEs (CVSS 9.0).
Version specifier updated from "25" → "42"; lockfile already pinned at
42.0.2. Zero code-surface changes required: Engine/Linker/Store/Instance
and Memory.data/data_mut APIs are ABI-compatible across this range.
All 15 tests pass (12 unit + 3 integration including the two required
wasm_plugin_temp_threshold tests). cargo audit no longer reports
RUSTSEC-2026-0095 or RUSTSEC-2026-0096 against this workspace.
Co-Authored-By: claude-flow <ruv@ruv.net>
- Implements WasmtimeRuntime in v2/crates/homecore-plugins/src/wasmtime_runtime.rs
with a Wasmtime 25 Cranelift JIT engine. Registers 4 host imports via Linker:
hc_state_get, hc_state_set, hc_state_subscribe, hc_log. Each plugin gets an
isolated Store<PluginStoreData> holding a HomeCore handle + subscription list.
- Adds host_abi.rs documenting the JSON-over-linear-memory wire format (public
ABI spec for plugin authors). Max buffer 64 KiB. ConfigEntryJson and
StateChangedEventJson are the canonical wire types.
- Creates v2/crates/homecore-plugin-example/ (wasm32-unknown-unknown, excluded
from workspace per wifi-densepose-wasm-edge pattern). The plugin monitors
sensor.test_temp and sets binary_sensor.test_alert on/off at 25/20 thresholds.
- Adds tests/integration.rs with 3 tests: compiled .wasm end-to-end round-trip,
WAT-based fallback (always runs), and linker smoke test. All 15 tests pass
(12 unit + 3 integration) under --features wasmtime.
- ADR-128 Q2 resolved: Wasmtime is the chosen runtime for P2. WASM3 stays as
future fallback under --features wasm3 for constrained hardware (ADR-128 §8).
Co-Authored-By: claude-flow <ruv@ruv.net>
Adds `v2/crates/homecore-plugins` (0.1.0-alpha.0) — the P1 scaffold for
the HOMECORE-PLUGINS WASM integration system (ADR-128):
- `manifest.rs`: `PluginManifest` — superset of HA manifest.json; serde
round-trip + required-field validation (`domain`/`name`/`version`).
- `error.rs`: `PluginError` typed enum (InvalidManifest, AlreadyLoaded,
NotFound, RuntimeError, SetupFailed, UnloadFailed, Io).
- `plugin.rs`: `HomeCorePlugin` async trait + `PluginId` newtype.
- `runtime.rs`: `PluginRuntime` trait + `InProcessRuntime` (native Rust,
first-party plugins). `WasmtimeRuntime` stub gated on `--features wasmtime`
(default-off; 30 MB dep deferred to P2).
- `registry.rs`: `PluginRegistry<R>` — load/unload/list/contains via RwLock.
- 10 unit tests, 0 failed.
Wasmtime vs wasm3 runtime selection is still open (ADR-128 §8 Q2);
this scaffold makes the choice swappable via the `PluginRuntime` trait.
The `wasmtime` and `wasm3` features are default-off; P2 resolves the choice
and wires host ABI (`hc_state_get`/`hc_state_set`/etc.) to ADR-127.
Co-Authored-By: claude-flow <ruv@ruv.net>
ruv