Codex/blazegraph safe rdf literals

[lupuszr]

Summary

Fixes Blazegraph ingestion/sync failures caused by oversized RDF literals, specifically large schema.org/text values that exceed Java/Blazegraph modified UTF-8 limits.

Changes:

• Adds shared RDF literal size validation using Java modified UTF-8 byte counting.
• Rewrites oversized schema.org/text literals into ordered chunk resources below a conservative 60,000-byte ceiling.
• Adds hash, byte-size, chunk-count, and source-predicate metadata for rewritten text bodies.
• Rejects oversized non-text RDF literals before publishing with RDF_LITERAL_TOO_LARGE.
• Wires validation/chunking into producer paths: direct publish, shared memory writes, conditional writes, assertion writes, and agent publish attestation generation.
• Keeps Blazegraph adapter-side oversized-literal rejection as defense in depth.
• Maps producer literal-size failures to HTTP 400 in daemon routes.

Testing

• pnpm --filter @origintrail-official/dkg-core exec vitest run test/rdf-literal-limits.test.ts
• pnpm --filter @origintrail-official/dkg-storage exec vitest run test/blazegraph.unit.test.ts
• pnpm --filter @origintrail-official/dkg-publisher exec vitest run --config vitest.unit.config.ts test/dkg-publisher-compat.test.ts
• git diff --check

Live Blazegraph integration was attempted, but this local environment has no BLAZEGRAPH_TEST_URL and Docker daemon access was unavailable.

[otReviewAgent]

Operational Notice: Review Agent could not complete this review.

Business logic reviewer failed: retry_exhausted

[otReviewAgent]

🔴 Bug: This derives the replacement resource from quad.subject even when the source subject is a blank node. For an oversized schema:text on _:b0, bodySubject becomes _:b0/.well-known/...; callers such as assertionWrite persist the normalized quads without skolemizing, and the storage serializers treat that string as a blank node label, producing invalid N-Quads and rejecting a write that previously worked on non-Blazegraph backends. Skolemize before rewriting, or generate a valid blank node/IRI for blank-node subjects before emitting the chunk quads.

[otReviewAgent]

🟡 Issue: String(err ?? ...) turns any non-Error object that matches isRdfLiteralSizeError into an unhelpful "[object Object]" response. Since the predicate explicitly accepts shaped objects by name or code, this helper should also read a string message field before falling back, so daemon responses stay actionable for cross-package/plain-object errors.

[otReviewAgent]

🟡 Issue: The added test only exercises DKGPublisher.publish(), but this new normalization also changes the SWM share() write path and recurs in conditional/append paths. Add a regression test that calls share() or conditionalShare() with an oversized schema:text literal and asserts the stored quads are chunked; otherwise this path could regress to sending the original >65KB literal while tests stay green.

[otReviewAgent]

🟡 Issue: This normalization feeds _buildPrecomputedAttestationForSelection, but the added coverage does not exercise an agent/on-chain publish where the precomputed attestation is built from oversized public or private quads. Add a regression test through the agent selection/precomputed-attestation path so a raw-vs-normalized seal mismatch is caught.

[otReviewAgent]

🟡 Issue: The daemon now maps RdfLiteralSizeError to a public 400 response, but there is no route-level test that makes the underlying publish/share call throw this error and asserts the HTTP status/body. Please add coverage for this route and the shared-memory handlers that recur below, so a regression to the generic 500 path or missing RDF_LITERAL_TOO_LARGE code is caught.

[otReviewAgent]

🔵 Nit: normalizeLargeRdfLiteralsForBlazegraph is imported from @origintrail-official/dkg-core in its own statement immediately after an existing import from the same package. Consolidating it into the existing import matches the local pattern and avoids needless import drift as more core symbols are added.