0xray 2.1.1 → 2.1.2

package/.opencode/codex.codex

@@ -1,5 +1,5 @@
 {
-  "version": "2.0.1",
+  "version": "2.1.2",
   "terms": [
      1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68
   ],

package/AGENTS.md

@@ -86,7 +86,7 @@ xray enforces the Universal Development Codex (60 terms) via Dynamo governance.
 
 Pure v16 MCPs. Clean. Complete.
 
-## Session: v2.1.0 Release Polish
+## Session: v2.1.2 Release Polish
 
 - Package: `0xray` (npm), `github.com/0xRayAI/xray`. Version `2.0.0`.
 - Renamed `strray-ai` → `0xray` across 60+ source files, CLI help text, grok plugin, hermes-agent bridge (Python + JS), docusaurus config.

package/dist/AGENTS.md

@@ -86,7 +86,7 @@ xray enforces the Universal Development Codex (60 terms) via Dynamo governance.
 
 Pure v16 MCPs. Clean. Complete.
 
-## Session: v2.1.0 Release Polish
+## Session: v2.1.2 Release Polish
 
 - Package: `0xray` (npm), `github.com/0xRayAI/xray`. Version `2.0.0`.
 - Renamed `strray-ai` → `0xray` across 60+ source files, CLI help text, grok plugin, hermes-agent bridge (Python + JS), docusaurus config.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "0xray",
-  "version": "2.1.1",
+  "version": "2.1.2",
   "description": "Multi-agent orchestration and Codex governance for OpenCode, Hermes, Grok Build, and OpenClaw",
   "readme": "README.md",
   "license": "MIT",
@@ -52,7 +52,7 @@
     "postinstall": "node scripts/node/postinstall.cjs",
     "prepare": "npm run build",
     "prebuild": "rm -rf dist tsconfig.tsbuildinfo tsconfig.*.tsbuildinfo",
-    "build": "tsc && mkdir -p dist/public dist/scripts && cp -r public/* dist/public/ && cp scripts/hooks/pre-command dist/scripts/ && cp scripts/hooks/pre-command.mjs dist/scripts/ && cp README.md AGENTS.md CHANGELOG.md LICENSE dist/ && find src -name '*.mjs' ! -path '*/__tests__/*' | while read f; do tgt=\"dist/${f#src/}\"; mkdir -p \"$(dirname $tgt)\"; cp \"$f\" \"$tgt\"; done && for dir in skills integrations mcps; do find src/$dir -type f ! -name '*.ts' ! -path '*/.pytest_cache/*' | while read f; do tgt=\"dist/${f#src/}\"; mkdir -p \"$(dirname $tgt)\"; cp \"$f\" \"$tgt\"; done; done && mkdir -p dist/plugin && (find dist/plugin -name '*codex-injection*.js' -exec cp {} dist/plugin/xray-codex-injection.js \\; 2>/dev/null || true) && cp -r src/opencode/ .opencode/ && rm -rf .opencode/xray 2>/dev/null; mkdir -p .opencode/xray && cp xray/codex.json .opencode/xray/codex.json 2>/dev/null || true",
+    "build": "tsc && mkdir -p dist/public dist/scripts && cp -r public/* dist/public/ && cp scripts/hooks/pre-command dist/scripts/ && cp scripts/hooks/pre-command.mjs dist/scripts/ && cp README.md AGENTS.md CHANGELOG.md LICENSE dist/ && find src -name '*.mjs' ! -path '*/__tests__/*' | while read f; do tgt=\"dist/${f#src/}\"; mkdir -p \"$(dirname $tgt)\"; cp \"$f\" \"$tgt\"; done && for dir in skills integrations mcps; do find src/$dir -type f ! -name '*.ts' ! -path '*/.pytest_cache/*' | while read f; do tgt=\"dist/${f#src/}\"; mkdir -p \"$(dirname $tgt)\"; cp \"$f\" \"$tgt\"; done; done && mkdir -p dist/plugin && (find dist/plugin -name '*codex-injection*.js' -exec cp {} dist/plugin/xray-codex-injection.js \\; 2>/dev/null || true) && cp -r src/opencode/ .opencode/ && rm -rf .opencode/xray 2>/dev/null; mkdir -p .opencode/xray && cp xray/codex.json .opencode/xray/codex.json 2>/dev/null; cp xray/features.json .opencode/xray/features.json 2>/dev/null || true",
     "build:all": "npm run build",
     "ci-install": "npm ci",
     "clean": "rm -rf dist tsconfig.tsbuildinfo tsconfig.*.tsbuildinfo",
@@ -130,6 +130,7 @@
     "src/integrations/grok/plugin/0xray/",
     "src/skills/",
     "src/mcps/",
+    "xray/",
     ".opencode/agents/",
     ".opencode/commands/",
     ".opencode/hooks/",

package/scripts/node/setup.cjs

@@ -37,6 +37,38 @@ if (hasHermes) {
  * Extended header for next high-value package (code-review). src/skills/code-review/SKILL.md canonical SSOT; .opencode/skills/code-review/ built mirror of this sync logic. See paired guarded fw log "P3-SKILLS-FOLLOW-02-code-review-ssot-preferred" in status.ts getSkillsList (inserted after researcher block) + rich append docs/reflections/p3-skills-follow-02-code-review-2026-05-27.md (per AGENTS) + CGT/Governance-visible for YML @ harness-codex verification + 0 hot + 3-hot re-establish + all ties to spawn command + deep ref + pivot + Term 61 + 6/6+7/7 + YML + ps 0 + this P3-SKILLS-FOLLOW-02 full work (2-file surgical, harness post green tsc 0 new on touched, mapping append after latest, todo advance exactly 1, spawn replacement to maintain 3-hot, self-audit 100%) + verification + "the box contains its builders. The relay is hot.". 2 files max total for this follow-02. Highly modular (100% prior P3-SKILLS/YML/7th pattern reuse exactly inside existing sync logic). Fully reversible (targeted delete of notes restores exact prior). fw/echo discipline. AGENTS org (scripts/ for sh/cjs). Term 61 surgical forward motion held (no bloat, pure on actual dedup). "the box contains its builders". Green + ready. Subagent ID for resume.
  */
 
+ /* 0. Deploy xray/ config files (features.json, codex.json, etc.) to consumer .xray/ */
+const xrayConfigSource = path.join(packageRoot, "xray");
+const xrayConfigDest = path.join(targetDir, ".xray");
+if (fs.existsSync(xrayConfigSource)) {
+  try {
+    if (!fs.existsSync(xrayConfigDest)) fs.mkdirSync(xrayConfigDest, { recursive: true });
+    const entries = fs.readdirSync(xrayConfigSource);
+    let copied = 0;
+    for (const entry of entries) {
+      const srcPath = path.join(xrayConfigSource, entry);
+      const dstPath = path.join(xrayConfigDest, entry);
+      if (fs.statSync(srcPath).isFile()) {
+        if (!fs.existsSync(dstPath) || fs.statSync(srcPath).mtime > fs.statSync(dstPath).mtime) {
+          fs.copyFileSync(srcPath, dstPath);
+          copied++;
+        }
+      }
+    }
+    if (copied > 0) console.log(`✅ .xray/: ${copied} config files deployed`);
+    else console.log(`ℹ️  .xray/: up to date`);
+  } catch (e) { console.warn(`⚠️ .xray/ deploy: ${e.message}`); }
+}
+
+// 0b. Ensure logs/framework/ directory exists
+const logsDir = path.join(targetDir, "logs", "framework");
+try {
+  if (!fs.existsSync(logsDir)) {
+    fs.mkdirSync(logsDir, { recursive: true });
+    console.log("✅ logs/framework/: created");
+  }
+} catch (e) { console.warn(`⚠️ logs/framework/: ${e.message}`); }
+
  /* 1. Sync core skills from src/skills/ (dev) or dist/skills/ (consumer) → .opencode/skills/  [P3-SKILLS-DE-DUP-SCOPE-AND-EXEC-01: orchestrator package SSOT canonical src/skills/orchestrator/SKILL.md; mirror .opencode/skills/orchestrator/ is built output of this logic; see paired guarded fw in status.ts getSkillsList + mapping append + deep ref 2026-05-26 authority for one-package dedup under pivoted surgical plan] 
    [P3-SKILLS-DE-DUP-RESEARCHER-FOLLOW-01: researcher package SSOT canonical src/skills/researcher/SKILL.md (high-value per deep ref + YML precedent + playbook P3-SKILLS-FOLLOW-01); mirror .opencode/skills/researcher/ is built output of this logic; see paired guarded fw in status.ts + rich append + YML @ harness-codex verification (FORCE exercised P3-YML + codex-enforcement + 100/60/0 + 3 subagents tracked + 0 hot + 3-hot re-establish + all prior green) + deep ref 2026-05-26 + Phase 3 Pivot + Term 61 + user's "create a todo list. spawn subagents..." + 6/6+7/7 + YML. Governance-visible hook for skills SSOT at install layer. Silent, additive, reversible, no behavior change, fw/echo only.]
    [P3-SKILLS-FOLLOW-02: code-review package SSOT canonical src/skills/code-review/SKILL.md (next high-value per deep ref "parallel small batches" + @architect scoping rec 2 + YML @ "Ready for next" + this P3-SKILLS-FOLLOW-02 on user's spawn command); mirror .opencode/skills/code-review/ is built output of this logic; see paired guarded fw "P3-SKILLS-FOLLOW-02-code-review-ssot-preferred" in status.ts (after researcher) + rich append docs/reflections/p3-skills-follow-02-code-review-2026-05-27.md + YML @ harness-codex verification + 0 hot + 3-hot + all ties + ps 0 + this work (2-file surgical edit, harness post, mapping append after latest ~17099+, todo advance 1, spawn replacement, self-audit 100%, green + ready) + deep ref 2026-05-26 + Phase 3 Pivot + Term 61 + 6/6+7/7 + YML. Governance-visible hook for skills SSOT at install layer for code-review. Silent, additive, reversible, no behavior change, fw/echo only. "The box contains its builders. The relay is hot."] */

package/src/opencode/codex.codex

@@ -1,5 +1,5 @@
 {
-  "version": "2.0.1",
+  "version": "2.1.2",
   "terms": [
      1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68
   ],

package/xray/agents_template.md

@@ -0,0 +1,109 @@
+# StringRay AI v1.15.1 – Agent Context & Universal Development Codex
+
+**Framework Version**: 1.14.0  
+**Codex Version**: 1.7.5 (condensed)  
+**Last Updated**: 2026-03-23  
+**Purpose**: Systematic error prevention and production-ready AI-assisted development
+
+## 🎯 CRITICAL RULES – ZERO TOLERANCE (MANDATORY)
+
+1. **Full File Reading Before Edit**  
+   ALWAYS read the ENTIRE file using the `read` tool before ANY edit, refactor, or write.  
+   Understand complete structure, imports, dependencies, and context.  
+   Partial/contextual edits are strictly forbidden.
+
+2. **Verify Changes Actually Applied**  
+   After every edit/write: use `read` to confirm the exact changes are present.  
+   Check for regressions and unintended modifications.  
+   NEVER declare success without observable verification.
+
+3. **Command & Tool Output Review**  
+   Immediately review ALL command/tool outputs.  
+   Identify errors, warnings, or anomalies.  
+   Add TODO for course correction if issues found.  
+   Do not proceed until critical problems are resolved.
+
+4. **No False Success Claims**  
+   Only report "completed", "edited", or "fixed" after verification steps confirm success.  
+   Prohibited: assuming success, subjective "looks correct", skipping checks for "trivial" changes.
+
+5. **Surgical & Progressive Fixes**  
+   Fix root causes minimally – no patches, stubs, or over-engineering.  
+   All code must be production-ready from first commit.
+
+6. **Error & Loop Prevention**  
+   Resolve all errors before continuing (90%+ runtime prevention target).  
+   Every loop/async must have clear termination/timeout.
+
+7. **Type Safety & Immutability First**  
+   No `any`, `@ts-ignore`. Prefer immutable patterns and early returns/guards.
+
+8. **DRY, YAGNI, Separation of Concerns**  
+   No duplication. No unnecessary features. One responsibility per module/function.
+
+9. **Test & Performance Awareness**  
+   >85% behavioral coverage target. Respect bundle <2MB, FCP <2s budgets.
+
+10. **Security & Input Validation**  
+    Validate/sanitize all inputs. Security by design.
+
+## Core Codex Terms (Top 20 – Enforced)
+
+1. Progressive production-ready code  
+2. No patches/stubs/bridge code  
+3. Avoid over-engineering  
+4. Fit-for-purpose prod-level code  
+5. Surgical root-cause fixes  
+6. Batched introspection cycles  
+7. Resolve all errors (90% prevention)  
+8. Prevent infinite loops/timeouts  
+9. Shared global state / single source of truth  
+10. Type safety first (no `any`)  
+11. Early returns & guard clauses  
+12. Error boundaries & graceful degradation  
+13. Immutability preferred  
+14. Separation of concerns  
+15. DRY – eliminate duplication  
+16. YAGNI – no speculative features  
+17. Meaningful, self-documenting names  
+18. Small, focused functions (<30 lines ideal)  
+19. Consistent style (linter enforced)  
+20. Test coverage >85% (behavioral focus)
+
+## Agent Capabilities Matrix
+
+| Agent                     | Role                              | Complexity | Key Tools                              | Strategy          |
+|---------------------------|-----------------------------------|------------|----------------------------------------|-------------------|
+| enforcer                  | Codex & error prevention          | All        | read, grep, lsp_*, bash                | Block violations  |
+| orchestrator              | Workflow coordination             | Enterprise | read, grep, call_omo_agent, session_*  | Consensus         |
+| architect                 | Design & decisions                | High       | read, grep, lsp_*, background_task     | Expert priority   |
+| bug-triage-specialist     | Error investigation & fixes       | Debug      | read, grep, ast_grep_*                 | Majority vote     |
+| code-reviewer             | Quality & standards               | Changes    | read, grep, lsp_diagnostics            | Expert priority   |
+| security-auditor          | Vulnerabilities & compliance      | Security   | read, grep, grep_app_searchGitHub      | Block critical    |
+| refactorer                | Debt & consolidation              | Refactor   | read, grep, lsp_rename, ast_grep_*     | Majority vote     |
+| testing-lead              | Testing strategy & coverage       | Tests      | read, grep, lsp_*                      | Expert priority   |
+| storyteller               | Narrative deep reflections       | Narrative  | read, grep, write                      | Expert priority   |
+| researcher                | Codebase exploration              | Research   | read, grep, codesearch, websearch       | Expert priority   |
+
+## Complexity Routing Summary
+
+Score = (files×2 + change/10 + deps×3 + duration/10) × operation_weight × risk_mult  
+- Operation weights: debug 2.0, refactor 1.8, analyze 1.5, modify 1.2, others 1.0  
+- Risk multipliers: critical 1.6, high 1.3, medium 1.0, low 0.8  
+Thresholds:  
+- ≤15 → single agent  
+- 16–50 → multi-agent possible  
+- 51+ → orchestrator-led
+
+## Operational Guidelines
+
+- Evaluate complexity before execution  
+- Always verify: read full file → apply change → read again → confirm no regressions  
+- Use `call_omo_agent` or `task()` for delegation  
+- Log JobId for traceability  
+- Enforce codex compliance on every operation
+
+**Codex Enforcement**: All actions validated against these rules. Violations block progress until resolved.  
+**Target**: 99.6% systematic error prevention through verification-first behavior.
+
+(End of file - total 105 lines)