@albsugy/aos 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md ADDED
@@ -0,0 +1,80 @@
1
+ # Changelog
2
+
3
+ ## 0.5.0 — 2026-07-04
4
+
5
+ Public distribution via npm; source stays private.
6
+
7
+ - **The npm registry is now the public channel.** The package ships only the compiled
8
+ bundle (`dist/aos.mjs`), the skills/templates (`assets/`), and metadata — no source.
9
+ `bin` points at the bundle; `yaml` moved to devDependencies (it's inlined).
10
+ - **Two install methods, one artifact:** `npm i -g @albsugy/aos`, or
11
+ `curl -fsSL https://cdn.jsdelivr.net/npm/@albsugy/aos/install.sh | bash` — the
12
+ installer ships inside the package and is served by the jsDelivr CDN.
13
+ - **The curl installer resolves versions from the npm registry** and verifies the
14
+ registry's sha-512 integrity hash before unpacking. `AOS_VERSION` pins an npm
15
+ version; `AOS_NPM_REGISTRY` supports mirrors; direct-URL and from-source modes remain.
16
+ - **`aos update`** on release installs checks the npm registry (was GitHub Releases).
17
+ - **Release workflow** publishes to npm on `v*` tags when the `NPM_TOKEN` secret is set
18
+ (skips with a notice otherwise) and attaches the npm-pack tarball to the GitHub release.
19
+
20
+ ## 0.4.0 — 2026-07-04
21
+
22
+ Standard package distribution: release artifacts instead of source clones.
23
+
24
+ - **Installs no longer clone the repo.** The installer downloads `aos.tar.gz` from
25
+ GitHub Releases (runtime only: `dist/` + `assets/` + metadata, ~150 KB), verifies
26
+ its **SHA-256 checksum**, unpacks, and links. git is no longer required to install.
27
+ - **Release workflow** builds and attaches `aos.tar.gz` + `aos.tar.gz.sha256` to every
28
+ `v*` release after re-running both smoke suites.
29
+ - **`aos update`** on release installs checks the latest GitHub release and only
30
+ downloads when newer; dev checkouts keep the `git pull` path.
31
+ - **`AOS_VERSION=vX.Y.Z`** pins installs to a release; `AOS_TARBALL_URL` supports
32
+ mirrors/testing; `AOS_FROM_SOURCE=1` clones and builds for contributors.
33
+ - Installer refuses to overwrite a dev checkout at the install path, and `aos doctor`
34
+ now reports the install mode (release artifact vs dev checkout) and verifies layout.
35
+
36
+ ## 0.3.1 — 2026-07-04
37
+
38
+ CI reliability + release infrastructure.
39
+
40
+ - **Fixed flaky console-UI smoke check** — `curl | grep -q` under `pipefail` races
41
+ (grep exits on first match → curl gets EPIPE → pipeline fails despite a match);
42
+ surfaced on ubuntu CI. Console checks now capture responses and match without pipes.
43
+ - **Dist-freshness gate hardened:** also fails on *untracked* files in `dist/`,
44
+ which `git diff` alone cannot see.
45
+ - **Release workflow:** pushing a `v*` tag re-verifies both suites and creates a
46
+ GitHub Release with generated notes.
47
+ - **npm publish readiness:** `files` allowlist, `publishConfig.access=public`,
48
+ `prepublishOnly` build.
49
+
50
+ ## 0.3.0 — 2026-07-04
51
+
52
+ Compiled installs.
53
+
54
+ - **Installs ship a compiled bundle, not source:** `dist/aos.mjs` — single file, all
55
+ dependencies inlined, minified, built by esbuild (`npm run build`) and committed;
56
+ the installer links it directly. No npm download at install time.
57
+ - **Node ≥ 22 required** (was 18) — installer, `engines`, `aos doctor`, docs, and CI updated.
58
+ - **CI:** smoke suite runs against both source and the compiled bundle on node 22/24;
59
+ a dist-freshness job fails if `dist/` wasn't rebuilt with source changes.
60
+ - **`aos update`** in compiled installs no longer touches npm at all — the pull delivers the new bundle.
61
+ - Source entry restructured: CLI moved to `src/cli.js`; `bin/aos.js` is a thin shim for dev/npm use.
62
+
63
+ ## 0.2.0 — 2026-07-04
64
+
65
+ Production hardening.
66
+
67
+ - **Reproducible installs:** committed `package-lock.json`; installer and `aos update` use `npm ci` when the lockfile is present.
68
+ - **Pinned installs:** `AOS_REF=<tag|branch>` selects what the installer checks out (default `main`).
69
+ - **Console security:** project/run ids validated against path traversal; requests with a non-localhost `Host` header are refused (DNS-rebinding protection); friendly error when the port is taken.
70
+ - **Corruption resilience:** a corrupt `registry.yaml` degrades reads with a warning and blocks writes instead of clobbering; JSON state files are written atomically.
71
+ - **`aos doctor`:** diagnoses node version, app install, dependencies, `AOS_HOME`, registry integrity, dangling repo paths, and the current repo's hook wiring (including old-format detection).
72
+ - **Stable hook launcher** (from 0.1.x fixes): hooks call `$HOME/.local/bin/aos` with a PATH fallback instead of a pinned install path; `aos init` migrates old entries.
73
+ - **`aos update`** skips reinstalling dependencies when already up to date.
74
+ - **CI:** smoke suite (26 checks) on ubuntu/macos × node 18/20/22, plus shellcheck on the installer.
75
+
76
+ ## 0.1.0 — 2026-07-04
77
+
78
+ Initial release: file spec (`~/.aos`), policy gates, run lifecycle, audit, Claude Code
79
+ skills (`/aos-ticket`, `/aos-verify`, `/aos-learn`, `/aos-ask`) and hooks, verification
80
+ contracts, local console, curl installer, landing page and manual.
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 Medhat Albsugy
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md ADDED
@@ -0,0 +1,114 @@
1
+ # AOS — Agent Operations Stack
2
+
3
+ Operate AI coding agents like a professional: **portable memory, enforced guardrails,
4
+ automatic audit, real verification, and a local console** — all stored as plain files you own.
5
+
6
+ AOS is not an orchestration framework and not a platform. It's three thin parts:
7
+
8
+ 1. **The Spec** — a file convention under `~/.aos/` (context packs, policies, playbooks,
9
+ run records, audit logs). Readable by any agent from any provider, forever.
10
+ 2. **The Skills + Hooks** — Claude Code integration: a ticket pipeline that runs work
11
+ through intake → plan → implement → verify → package → learn, with hooks that enforce
12
+ policy and write audit *automatically*.
13
+ 3. **The Console** — a local, read-only dashboard: decision queue, run states,
14
+ verification verdicts, token economics, leverage ratio.
15
+
16
+ The design bet: frontier labs keep making agent *execution* better and cheaper; AOS owns
17
+ what they never will — **your** context, **your** policies, **your** audit trail, portable
18
+ across runtimes.
19
+
20
+ **Site:** [albsugy.github.io/aos](https://albsugy.github.io/aos/) · **Manual:** [docs.html](https://albsugy.github.io/aos/docs.html)
21
+
22
+ ## Install
23
+
24
+ ```bash
25
+ curl -fsSL https://cdn.jsdelivr.net/npm/@albsugy/aos/install.sh | bash
26
+ ```
27
+
28
+ Or with npm directly:
29
+
30
+ ```bash
31
+ npm i -g @albsugy/aos
32
+ ```
33
+
34
+ Requires Node ≥ 22 (curl path also needs curl + tar). Both channels deliver the same
35
+ artifact: the **compiled package published on the npm registry** — the single-file
36
+ bundle (`dist/aos.mjs`, dependencies inlined) plus the skills/templates. The curl
37
+ installer resolves the version from the registry, **verifies the registry's sha-512
38
+ integrity hash**, unpacks to `~/.local/share/aos`, and links `~/.local/bin/aos`.
39
+ No source code and no git history land on your machine (the source repository is
40
+ private; the published package is the compiled bundle). Pin with `AOS_VERSION=0.5.0`;
41
+ update later with `aos update`.
42
+
43
+ ## Quickstart
44
+
45
+ ```bash
46
+ cd your-repo
47
+ aos init # registers the project, scaffolds ~/.aos/projects/<id>/,
48
+ # installs skills into .claude/skills/ and hooks into .claude/settings.json
49
+
50
+ # fill in the two files that matter:
51
+ # ~/.aos/projects/<id>/context/pack.md — what every agent must know
52
+ # ~/.aos/projects/<id>/policy.yaml — gates + verification contracts
53
+
54
+ # then, inside a Claude Code session in that repo:
55
+ /aos-ticket LIN-482 # runs the full pipeline; ends awaiting your review
56
+
57
+ aos status # all projects: runs, states, leverage ratio, tokens
58
+ aos console # http://127.0.0.1:4560
59
+ ```
60
+
61
+ ## What the hooks do (no skill invocation needed)
62
+
63
+ | Hook | Effect |
64
+ |---|---|
65
+ | `SessionStart` | Injects the project's context pack, recent decisions, learnings, and open runs into every new session |
66
+ | `PreToolUse` | Gates Bash commands against `policy.yaml`: forbidden → blocked, gated → requires your approval |
67
+ | `PostToolUse` | Appends every action to the run's `audit.jsonl` |
68
+ | `SessionEnd` | Records token usage per session and per run |
69
+
70
+ ## The Spec
71
+
72
+ ```
73
+ ~/.aos/
74
+ ├── registry.yaml # project id → repo paths
75
+ └── projects/<id>/
76
+ ├── context/pack.md # the brief every agent loads
77
+ ├── context/decisions.md # append-only decision log
78
+ ├── policy.yaml # tiers (forbidden/gated), plan_gate, verification contracts
79
+ ├── learnings.md # compounding gotchas & fixes
80
+ ├── playbooks/ # extracted repeatable procedures
81
+ └── runs/<date>-<ticket>/
82
+ ├── ticket.md plan.md verification.md outcome.md
83
+ ├── audit.jsonl # every action, gate decision, verdict
84
+ └── meta.json # state, verification, attempts, tokens
85
+ ```
86
+
87
+ ## Skills
88
+
89
+ - `/aos-ticket <ticket>` — full pipeline, ends `awaiting-review` with a PR draft in `outcome.md`
90
+ - `/aos-verify` — contracts + adversarial skeptic subagent, anytime
91
+ - `/aos-learn` — distill the session into project memory
92
+ - `/aos-ask <question>` — answer from run history with file:line citations
93
+
94
+ ## CLI
95
+
96
+ `aos init | status | context | run start/finish/state/list | verify | find | console | projects | doctor | version | update`
97
+
98
+ ## Principles
99
+
100
+ - **Files over platforms** — everything is markdown/YAML/JSONL in your home dir. `git init ~/.aos` if you want history.
101
+ - **Enforced beats remembered** — guardrails and audit live in hooks, not in prompts.
102
+ - **Don't self-certify** — verification = deterministic contracts + an adversarial reviewer.
103
+ - **Every layer works standalone** — hooks alone are worth installing; the pipeline is optional.
104
+ - **Local-only** — the console binds 127.0.0.1; nothing leaves your machine.
105
+
106
+ ## Status & roadmap
107
+
108
+ v0.5 — npm-registry distribution (compiled bundle only, private source), Node ≥ 22,
109
+ production-hardened (26 smoke tests run against both source and bundle in CI, plus
110
+ dist-freshness gate and shellcheck). Next, in pain-order:
111
+ mobile approvals (Telegram) · MCP adapter for non-Claude runtimes · playbook extraction
112
+ polish · multi-operator sync · client-facing trust console.
113
+
114
+ MIT © Medhat Albsugy
@@ -0,0 +1,16 @@
1
+ ---
2
+ name: aos-ask
3
+ description: Answer questions from AOS project history — past runs, decisions, learnings, audit. Use for "why did we...", "when did we...", "what happened with..." questions.
4
+ argument-hint: <question about past work>
5
+ ---
6
+
7
+ # AOS ask
8
+
9
+ Answer from project memory, citing files: $ARGUMENTS
10
+
11
+ 1. Run `aos find "<key terms>"` (try 2-3 different terms) to locate relevant entries across
12
+ runs, decisions, learnings, and audit logs.
13
+ 2. Read the matching files under `~/.aos/projects/<id>/` — especially `runs/*/outcome.md`
14
+ (decisions + rationale per run) and `context/decisions.md`.
15
+ 3. Answer concisely and cite sources as `<file>:<line>` so the user can verify. If history
16
+ doesn't contain the answer, say so plainly — do not reconstruct from guesswork.
@@ -0,0 +1,21 @@
1
+ ---
2
+ name: aos-learn
3
+ description: Extract learnings, decisions, and playbook candidates from the current session into AOS project memory. Use at the end of significant work, or when the user says "remember this".
4
+ argument-hint: [optional focus, e.g. "the deploy fix"]
5
+ ---
6
+
7
+ # AOS learn
8
+
9
+ Distill this session into durable project memory. Focus: $ARGUMENTS (default: whole session).
10
+
11
+ 1. Find the project home: `aos context` prints the project; files live under
12
+ `~/.aos/projects/<project-id>/`.
13
+ 2. Append to `learnings.md`: bullets only for things that would change how the next agent
14
+ works — gotchas hit, commands that worked, constraints discovered. No narration.
15
+ 3. For significant choices made this session, append to `context/decisions.md`:
16
+ `## YYYY-MM-DD — title` / **Decision:** / **Why:** / **Run:** (if applicable).
17
+ 4. If `context/pack.md` is now wrong or missing something important (new convention, new
18
+ boundary), update it in place.
19
+ 5. If a procedure occurred that has now happened 2+ times across runs (check recent
20
+ `runs/*/outcome.md`), write it as a playbook in `playbooks/<slug>.md`: trigger,
21
+ steps, verification. Tell the user what you extracted.
@@ -0,0 +1,61 @@
1
+ ---
2
+ name: aos-ticket
3
+ description: Run a ticket end-to-end through the AOS pipeline — intake, plan, implement, verify, package, learn. Use when starting work on a ticket, issue, or task in an AOS-enabled repo.
4
+ argument-hint: <ticket id, URL, or pasted ticket content>
5
+ ---
6
+
7
+ # AOS ticket pipeline
8
+
9
+ Work the ticket in `$ARGUMENTS` through all six AOS stages. Do not skip stages. All run
10
+ files live in the run folder printed by `aos run start`.
11
+
12
+ ## 1. Intake
13
+
14
+ 1. Run: `aos run start --ticket "<short id>" --title "<short title>"`. Note the run folder
15
+ and `plan_gate` value it prints.
16
+ 2. Fill `ticket.md` in the run folder: the original ticket content (fetch it if `$ARGUMENTS`
17
+ is an id/URL), then an explicit **Acceptance criteria** checklist. If the criteria are
18
+ ambiguous, ask the user before writing code.
19
+
20
+ ## 2. Plan
21
+
22
+ 3. Write `plan.md`: approach, files you expect to touch, risks, test strategy. Keep it short.
23
+ 4. If `plan_gate` is `ask`: present the plan to the user and wait for approval before proceeding.
24
+
25
+ ## 3. Implement
26
+
27
+ 5. Create a branch named after the ticket. Implement per the plan. The AOS hooks audit your
28
+ actions and gate risky commands automatically — if a gate asks for approval, that is
29
+ expected behavior, not an error.
30
+
31
+ ## 4. Verify — do not self-certify
32
+
33
+ 6. Run `aos verify`. Fix failures and re-run until required contracts pass.
34
+ 7. Adversarial review (required unless policy sets `adversarial_review: false`): spawn a
35
+ subagent (Task tool) with this framing: "You are a skeptical reviewer. Try to REFUTE this
36
+ work against the acceptance criteria in <run>/ticket.md. Hunt for: criteria not actually
37
+ met, edge cases, silent failures, tests that don't test the change. Report findings with
38
+ file:line. Finding nothing is an acceptable answer only after a genuine hunt."
39
+ Append its findings and your dispositions to `verification.md`.
40
+ 8. Fix anything confirmed. Re-verify. Loop until clean or genuinely blocked
41
+ (if blocked: `aos run state blocked`, tell the user why, and stop).
42
+
43
+ ## 5. Package
44
+
45
+ 9. Write `outcome.md` in the run folder:
46
+ - **Summary** — what changed and why, 3 sentences max
47
+ - **Changes** — files touched, grouped by purpose
48
+ - **Decisions** — anything a reviewer would ask "why?" about
49
+ - **Risks & follow-ups**
50
+ - **How to test** — exact commands/steps
51
+ - **PR draft** — title + body ready to paste
52
+ 10. Run: `aos run finish` (state becomes `awaiting-review`). Tell the user the run is ready
53
+ for their review, with the run folder path and the PR draft.
54
+
55
+ ## 6. Learn
56
+
57
+ 11. Append to the project's `learnings.md` (path: `aos context` shows the project; files live
58
+ under `~/.aos/projects/<id>/`): 1-3 bullets of anything that would help the next agent.
59
+ Append significant choices to `context/decisions.md` in the decision format.
60
+ 12. If this run repeated a pattern you've seen in previous runs (check `playbooks/` and
61
+ recent runs), propose a playbook file in `playbooks/` and mention it to the user.
@@ -0,0 +1,20 @@
1
+ ---
2
+ name: aos-verify
3
+ description: Verify the current work against AOS policy contracts plus an adversarial review. Use standalone anytime, or as stage 4 of /aos-ticket.
4
+ argument-hint: [what to verify — defaults to current uncommitted/branch work]
5
+ ---
6
+
7
+ # AOS verification
8
+
9
+ Verify $ARGUMENTS (default: the current branch's work) without self-certifying.
10
+
11
+ 1. Run `aos verify` — this executes the deterministic contracts from `policy.yaml` and
12
+ records results (into the active run's `verification.md` when a run is active).
13
+ 2. Fix any required-contract failures and re-run until they pass.
14
+ 3. Unless policy sets `adversarial_review: false`, spawn a skeptic subagent (Task tool):
15
+ "Try to REFUTE this work. Assume it is subtly wrong. Check: does it actually do what was
16
+ asked, edge cases, error paths, tests that assert nothing, unintended side effects in
17
+ touched files. Report file:line findings."
18
+ 4. Triage its findings honestly — fix confirmed issues, note rejected ones with reasons.
19
+ If a run is active, append findings + dispositions to its `verification.md`.
20
+ 5. Report to the user: contract verdict, adversarial findings summary, and your confidence.
@@ -0,0 +1,10 @@
1
+ # Decisions
2
+
3
+ <!-- Append-only. One entry per decision. The last ~40 lines load into every session. -->
4
+
5
+ <!-- Format:
6
+ ## YYYY-MM-DD — short title
7
+ **Decision:** what was chosen
8
+ **Why:** the reason that will matter in six months
9
+ **Run:** run id (if applicable)
10
+ -->
@@ -0,0 +1,4 @@
1
+ # Learnings
2
+
3
+ <!-- Append-only. Short bullets an agent can act on. The last ~30 lines load into every session. -->
4
+ <!-- Example: - The auth tests fail if run in parallel; use `npm test -- --runInBand`. -->
@@ -0,0 +1,25 @@
1
+ # Context pack
2
+
3
+ <!-- Everything an agent must know before touching this project.
4
+ Loaded automatically at every session start. Keep it dense and current. -->
5
+
6
+ ## What this project is
7
+
8
+ (one paragraph: purpose, stage, who uses it)
9
+
10
+ ## Architecture & stack
11
+
12
+ - (runtime, framework, database, deploy target)
13
+
14
+ ## Conventions
15
+
16
+ - (naming, structure, commit style — only what differs from defaults)
17
+
18
+ ## Boundaries — never do
19
+
20
+ - (e.g. never touch the billing module without a feature flag)
21
+ - (e.g. never run migrations outside CI)
22
+
23
+ ## Gotchas
24
+
25
+ - (the things that bite: flaky tests, env quirks, slow builds)
@@ -0,0 +1,35 @@
1
+ # AOS project policy — gates, tiers, and verification contracts.
2
+ # Patterns are JavaScript regexes matched (case-insensitive) against Bash commands.
3
+ version: 1
4
+
5
+ # auto: agent proceeds after writing plan.md | ask: agent must get human approval of the plan
6
+ plan_gate: auto
7
+
8
+ tiers:
9
+ forbidden:
10
+ - pattern: 'push\s+[^|;&]*(--force|-f)\b'
11
+ reason: Force-push is forbidden by policy
12
+ - pattern: 'rm\s+-rf\s+(/|~)(\s|$)'
13
+ reason: Recursive delete of root/home is forbidden by policy
14
+ gated:
15
+ - pattern: '\bgit\s+push\b'
16
+ action: git-push
17
+ - pattern: '\bgh\s+pr\s+merge\b'
18
+ action: merge
19
+ - pattern: '\bdeploy\b'
20
+ action: deploy
21
+ # Everything not matched above is auto-approved (normal Claude Code permissions still apply).
22
+
23
+ verification:
24
+ # When true, /aos-verify and /aos-ticket must spawn a skeptic subagent to refute the work.
25
+ adversarial_review: true
26
+ contracts:
27
+ # Deterministic checks that must pass before a run can reach awaiting-review.
28
+ # Examples:
29
+ # - name: tests
30
+ # command: npm test
31
+ # required: true
32
+ # - name: lint
33
+ # command: npm run lint
34
+ # required: false
35
+ []