npm - @cleocode/playbooks - Versions diffs - 2026.4.88 → 2026.4.91 - Mend

@cleocode/playbooks 2026.4.88 → 2026.4.91

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,207 @@
+# @cleocode/playbooks
+**Playbook DSL + runtime for CLEO — T889 Orchestration Coherence v3.**
+Playbooks are `.cantbook` YAML documents that describe a multi-step agent workflow as a DAG of nodes (agentic, deterministic, and approval gates) connected by typed edges. This package parses them, persists execution state to `tasks.db`, evaluates HITL auto-policies, and manages HMAC-signed approval tokens for human-in-the-loop gates.
+## Status
+| Wave | Concern | Status |
+|------|---------|--------|
+| W4-6 | Drizzle tables + types | shipped |
+| W4-7 | `.cantbook` YAML parser | shipped |
+| W4-8 | State layer CRUD | shipped |
+| W4-9 | HITL auto-policy evaluator | shipped |
+| W4-10 | State-machine runtime | pending |
+| W4-16 | Approval resume tokens (HMAC) | shipped |
+The runtime executor (`runtime.ts`) is the next ship — parser + state + policy + approval primitives are in place.
+## Install
+This is an internal monorepo package. Consumers use it via workspace dependency:
+```jsonc
+// package.json
+{
+  "dependencies": {
+    "@cleocode/playbooks": "workspace:*"
+  }
+}
+```
+## What a `.cantbook` looks like
+```yaml
+version: "1.0"
+name: release-cut
+description: Cut a CalVer release and publish to npm
+inputs:
+  - name: version
+    required: true
+    description: Target version (e.g. 2026.4.90)
+nodes:
+  - id: build
+    type: deterministic
+    command: pnpm
+    args: [run, build]
+  - id: test
+    type: deterministic
+    command: pnpm
+    args: [run, test]
+    depends: [build]
+  - id: review
+    type: approval
+    prompt: "Build + tests green. Publish {{ version }} to npm?"
+    depends: [test]
+  - id: publish
+    type: agentic
+    skill: release-publisher
+    depends: [review]
+edges:
+  - from: build
+    to: test
+    contract:
+      requires: [dist-exists]
+      ensures: [tests-passed]
+  - from: test
+    to: review
+  - from: review
+    to: publish
+error_handlers:
+  - on: test-failed
+    action: abort
+    message: "Tests failed — aborting release."
+```
+Validation rules enforced by the parser:
+- `version` MUST be `"1.0"`.
+- `name` MUST be non-empty.
+- Node `id`s MUST be unique.
+- Every `edges[].from` / `edges[].to` MUST reference a known node id.
+- Nodes + edges MUST form a DAG (no cycles).
+- `agentic` nodes MUST have `skill` OR `agent` (at least one).
+- `deterministic` nodes MUST have `command` + `args`.
+- `approval` nodes MUST have `prompt`.
+- `depends[]` entries MUST be valid node ids.
+- `iteration_cap` / `max_iterations` MUST be in `0..10` (hard limit).
+## Quick API
+```typescript
+import {
+  parsePlaybook,
+  createPlaybookRun,
+  updatePlaybookRun,
+  evaluatePolicy,
+  createApprovalGate,
+  approveGate,
+  rejectGate,
+  DEFAULT_POLICY_RULES,
+} from '@cleocode/playbooks';
+// 1. Parse a .cantbook file
+const { playbook, hash } = parsePlaybook(yamlSource);
+// 2. Create a persisted run
+const run = createPlaybookRun(tasksDb, {
+  runId: 'run_abc123',
+  playbookName: playbook.name,
+  playbookHash: hash,
+  bindings: { version: '2026.4.90' },
+  epicId: 'T889',
+  sessionId: 'ses_xyz',
+});
+// 3. Evaluate auto-policy at an approval node
+const { autoPassed, reason } = evaluatePolicy(node, DEFAULT_POLICY_RULES, context);
+// 4. Create an approval gate (pending) or auto-pass it
+const approval = createApprovalGate(tasksDb, {
+  runId: run.runId,
+  nodeId: 'review',
+  autoPassed,
+});
+// 5. Resolve the gate (human approves via the resume token)
+approveGate(tasksDb, approval.token, { approver: 'keaton', reason: 'LGTM' });
+```
+## Database tables
+Both tables live in `tasks.db`. Migration: `packages/core/migrations/drizzle-tasks/20260417220000_t889-playbook-tables/`.
+### `playbook_runs`
+| Column | Type | Notes |
+|--------|------|-------|
+| `run_id` | text PK | caller-supplied run id |
+| `playbook_name` | text | from parsed playbook |
+| `playbook_hash` | text | SHA-256 of source (parser computes) |
+| `current_node` | text | id of the active node, `null` when done |
+| `bindings` | json text | accumulated input + per-node output bindings |
+| `error_context` | json text | populated when `status = 'failed'` |
+| `status` | text | `running \| paused \| failed \| succeeded \| cancelled` |
+| `iteration_counts` | json text | `{ nodeId: count }` — enforced against `iteration_cap` |
+| `epic_id` | text | linked task epic (optional) |
+| `session_id` | text | linked CLEO session (optional) |
+| `started_at` | text | ISO-8601, defaults to `now()` |
+| `completed_at` | text | ISO-8601 when terminal |
+### `playbook_approvals`
+| Column | Type | Notes |
+|--------|------|-------|
+| `approval_id` | text PK | |
+| `run_id` | text | FK → `playbook_runs.run_id` |
+| `node_id` | text | approval node id in the playbook |
+| `token` | text UNIQUE | HMAC resume token |
+| `requested_at` | text | ISO-8601 |
+| `approved_at` | text | ISO-8601 on approve/reject |
+| `approver` | text | who acted |
+| `reason` | text | free-form rationale |
+| `status` | text | `pending \| approved \| rejected` |
+| `auto_passed` | int 0/1 | set by the policy evaluator |
+## Approval tokens (HMAC)
+Resume tokens are HMAC-SHA-256 signed with the secret resolved from `getPlaybookSecret(env)`:
+1. `CLEO_PLAYBOOK_SECRET` (preferred)
+2. `CLEO_SECRET` (fallback)
+3. Hard error if neither is set — approval nodes cannot be created without a secret.
+Tokens encode `{runId, nodeId, issuedAt}` and are verified before any `approveGate` / `rejectGate` call. Replay-resistant: an already-decided approval returns `E_APPROVAL_ALREADY_DECIDED`.
+## Error codes
+| Constant | Meaning |
+|----------|---------|
+| `E_APPROVAL_NOT_FOUND` | Token does not match any pending approval row |
+| `E_APPROVAL_ALREADY_DECIDED` | Approval is already `approved` or `rejected` |
+| `PlaybookParseError` | Thrown by `parsePlaybook` with a list of validation issues |
+## Policy evaluator
+`evaluatePolicy(node, rules, context)` matches an approval node against an ordered list of `PolicyRule`s. The first rule that matches decides: `autoPassed: true | false` plus a `reason`. Used to let low-risk approval gates auto-pass (e.g. "build dist unchanged from last green run") without bothering a human. `DEFAULT_POLICY_RULES` ships a safe conservative default set.
+## Related packages
+- **`@cleocode/contracts`** — `PlaybookDefinition`, `PlaybookRun`, `PlaybookApproval` type contracts consumed here.
+- **`@cleocode/core`** — owns `tasks.db` lifecycle. Playbook migrations are applied by core's drizzle runner.
+- **`@cleocode/cleo`** — CLI surface that will expose `cleo playbook run`, `cleo playbook approve <token>` once the runtime (W4-10) lands.
+## Testing
+```bash
+pnpm --filter @cleocode/playbooks test
+```
+Smoke, parser, schema, state, policy, and approval test suites cover the shipped surface.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cleocode/playbooks",
-  "version": "2026.4.88",
+  "version": "2026.4.91",
   "description": "Playbook DSL + runtime for CLEO — T889 Orchestration Coherence v3",
   "type": "module",
   "main": "./dist/index.js",
@@ -18,8 +18,8 @@
   "dependencies": {
     "drizzle-orm": "1.0.0-beta.19-d95b7a4",
     "js-yaml": "^4.1.0",
-    "@cleocode/contracts": "2026.4.88",
-    "@cleocode/core": "2026.4.88"
+    "@cleocode/contracts": "2026.4.91",
+    "@cleocode/core": "2026.4.91"
   },
   "devDependencies": {
     "@types/js-yaml": "^4.0.9",

package/dist/approval.d.ts DELETED Viewed

@@ -1,113 +0,0 @@
-/**
- * HMAC-SHA256 resume tokens for HITL approval gates.
- *
- * Tokens bind `{runId, nodeId, bindings}` so they cannot be forged or replayed
- * across different executions. The secret defaults to a well-known dev value —
- * production deployments MUST set the `CLEO_PLAYBOOK_SECRET` env var to a
- * high-entropy secret. If the secret rotates, existing tokens are invalidated
- * because the HMAC output changes.
- *
- * Binding canonicalization uses sorted-keys JSON so that `{a:1,b:2}` and
- * `{b:2,a:1}` produce the same token — semantically identical payloads
- * should always yield the same gate identity.
- *
- * @task T889 / T908 / W4-16
- */
-import type { DatabaseSync } from 'node:sqlite';
-import type { PlaybookApproval } from '@cleocode/contracts';
-/**
- * Error code: approval token not found in the DB.
- * Raised by {@link approveGate} / {@link rejectGate}.
- */
-export declare const E_APPROVAL_NOT_FOUND: "E_APPROVAL_NOT_FOUND";
-/**
- * Error code: approval has already transitioned out of `pending`.
- * Raised by {@link approveGate} / {@link rejectGate} to prevent re-decisions.
- */
-export declare const E_APPROVAL_ALREADY_DECIDED: "E_APPROVAL_ALREADY_DECIDED";
-/**
- * Resolve the HMAC secret for resume-token generation.
- *
- * @param env - Override env source (defaults to `process.env`). Used in tests.
- * @returns The configured secret, or a dev-only fallback if unset.
- */
-export declare function getPlaybookSecret(env?: NodeJS.ProcessEnv): string;
-/**
- * Generate a deterministic 32-char hex HMAC-SHA256 resume token.
- *
- * The token is derived from `HMAC(secret, "runId:nodeId:canonicalBindings")`
- * and truncated to 32 hex chars (128 bits). Determinism is an intentional
- * design choice: the same (runId, nodeId, bindings, secret) tuple always
- * produces the same token, preventing duplicate gates for the same step.
- *
- * @param runId - Playbook run identifier.
- * @param nodeId - Node identifier within the run graph.
- * @param bindings - Current runtime bindings (canonicalized via sorted-keys JSON).
- * @param secret - HMAC secret (defaults to {@link getPlaybookSecret}).
- * @returns A 32-char lowercase hex string.
- */
-export declare function generateResumeToken(runId: string, nodeId: string, bindings: Record<string, unknown>, secret?: string): string;
-/**
- * Input for {@link createApprovalGate}.
- */
-export interface CreateApprovalGateInput {
-    /** Run identifier (FK to `playbook_runs.run_id`). */
-    runId: string;
-    /** Node identifier within the run graph. */
-    nodeId: string;
-    /** Runtime bindings at gate creation time. */
-    bindings: Record<string, unknown>;
-    /** If true, gate is created pre-approved (policy auto-pass). Default false. */
-    autoPassed?: boolean;
-    /** Optional approver identity (required if `autoPassed=true` recorded by policy). */
-    approver?: string;
-    /** Optional human-readable reason (policy name, approval note, etc.). */
-    reason?: string;
-    /** Override secret for token generation. Defaults to env-resolved secret. */
-    secret?: string;
-}
-/**
- * Create an HITL approval gate row in `playbook_approvals`.
- *
- * If `autoPassed` is true, the gate is written with `status='approved'`
- * and `auto_passed=1` — used by the policy engine to short-circuit gates
- * that match auto-pass rules. Otherwise status is `'pending'` and the
- * runtime blocks until {@link approveGate} or {@link rejectGate} is called.
- *
- * @param db - Open `node:sqlite` handle with the T889 migration applied.
- * @param input - Gate parameters.
- * @returns The inserted {@link PlaybookApproval}, round-tripped from the DB.
- */
-export declare function createApprovalGate(db: DatabaseSync, input: CreateApprovalGateInput): PlaybookApproval;
-/**
- * Transition an approval gate to `approved` state.
- *
- * @param db - Open sqlite handle.
- * @param token - The resume token returned from {@link createApprovalGate}.
- * @param approver - Identity of the approver (agent id, user email, etc.).
- * @param reason - Optional justification note.
- * @returns The updated {@link PlaybookApproval} record.
- * @throws Error with `E_APPROVAL_NOT_FOUND` code if no gate matches the token.
- * @throws Error with `E_APPROVAL_ALREADY_DECIDED` code if the gate is not pending.
- */
-export declare function approveGate(db: DatabaseSync, token: string, approver: string, reason?: string): PlaybookApproval;
-/**
- * Transition an approval gate to `rejected` state. Same semantics as
- * {@link approveGate} but records a rejection — runtime will halt the run.
- *
- * @param db - Open sqlite handle.
- * @param token - The resume token.
- * @param approver - Identity of the rejector.
- * @param reason - Optional justification.
- * @returns The updated {@link PlaybookApproval} record.
- * @throws Error with `E_APPROVAL_NOT_FOUND` if the token is unknown.
- * @throws Error with `E_APPROVAL_ALREADY_DECIDED` if the gate is not pending.
- */
-export declare function rejectGate(db: DatabaseSync, token: string, approver: string, reason?: string): PlaybookApproval;
-/**
- * List all gates that are still awaiting a decision, oldest first.
- *
- * @param db - Open sqlite handle.
- * @returns Pending {@link PlaybookApproval} records ordered by `requested_at`.
- */
-export declare function getPendingApprovals(db: DatabaseSync): PlaybookApproval[];

package/dist/approval.js DELETED Viewed

@@ -1,244 +0,0 @@
-/**
- * HMAC-SHA256 resume tokens for HITL approval gates.
- *
- * Tokens bind `{runId, nodeId, bindings}` so they cannot be forged or replayed
- * across different executions. The secret defaults to a well-known dev value —
- * production deployments MUST set the `CLEO_PLAYBOOK_SECRET` env var to a
- * high-entropy secret. If the secret rotates, existing tokens are invalidated
- * because the HMAC output changes.
- *
- * Binding canonicalization uses sorted-keys JSON so that `{a:1,b:2}` and
- * `{b:2,a:1}` produce the same token — semantically identical payloads
- * should always yield the same gate identity.
- *
- * @task T889 / T908 / W4-16
- */
-import { createHmac, randomUUID } from 'node:crypto';
-/**
- * Dev-only fallback secret. Surfaced through {@link getPlaybookSecret} so
- * production code paths can override via `CLEO_PLAYBOOK_SECRET`.
- */
-const DEFAULT_SECRET = 'cleo-playbook-dev-secret-do-not-use-in-production';
-/**
- * Token length (hex chars). 32 hex chars = 128 bits of HMAC output — enough
- * for collision resistance while keeping tokens URL-safe and log-friendly.
- */
-const TOKEN_LENGTH = 32;
-/**
- * Error code: approval token not found in the DB.
- * Raised by {@link approveGate} / {@link rejectGate}.
- */
-export const E_APPROVAL_NOT_FOUND = 'E_APPROVAL_NOT_FOUND';
-/**
- * Error code: approval has already transitioned out of `pending`.
- * Raised by {@link approveGate} / {@link rejectGate} to prevent re-decisions.
- */
-export const E_APPROVAL_ALREADY_DECIDED = 'E_APPROVAL_ALREADY_DECIDED';
-/**
- * Resolve the HMAC secret for resume-token generation.
- *
- * @param env - Override env source (defaults to `process.env`). Used in tests.
- * @returns The configured secret, or a dev-only fallback if unset.
- */
-export function getPlaybookSecret(env = process.env) {
-    return env['CLEO_PLAYBOOK_SECRET'] ?? DEFAULT_SECRET;
-}
-/**
- * Generate a deterministic 32-char hex HMAC-SHA256 resume token.
- *
- * The token is derived from `HMAC(secret, "runId:nodeId:canonicalBindings")`
- * and truncated to 32 hex chars (128 bits). Determinism is an intentional
- * design choice: the same (runId, nodeId, bindings, secret) tuple always
- * produces the same token, preventing duplicate gates for the same step.
- *
- * @param runId - Playbook run identifier.
- * @param nodeId - Node identifier within the run graph.
- * @param bindings - Current runtime bindings (canonicalized via sorted-keys JSON).
- * @param secret - HMAC secret (defaults to {@link getPlaybookSecret}).
- * @returns A 32-char lowercase hex string.
- */
-export function generateResumeToken(runId, nodeId, bindings, secret = getPlaybookSecret()) {
-    // Canonicalize bindings via sorted-keys JSON for determinism.
-    const canonical = JSON.stringify(bindings, Object.keys(bindings).sort());
-    const payload = `${runId}:${nodeId}:${canonical}`;
-    return createHmac('sha256', secret).update(payload).digest('hex').slice(0, TOKEN_LENGTH);
-}
-/**
- * Narrow a raw status string to {@link PlaybookApprovalStatus}, guarding
- * against unexpected DB values that would otherwise poison downstream types.
- *
- * @internal
- */
-function narrowStatus(s) {
-    if (s === 'pending' || s === 'approved' || s === 'rejected')
-        return s;
-    throw new Error(`invariant: unknown playbook_approvals.status '${s}'`);
-}
-/**
- * Read a required string column from a raw sqlite row.
- *
- * @internal
- */
-function readString(row, key) {
-    const v = row[key];
-    if (typeof v !== 'string') {
-        throw new Error(`invariant: expected string for column ${key}, got ${typeof v}`);
-    }
-    return v;
-}
-/**
- * Read a required integer column from a raw sqlite row.
- *
- * @internal
- */
-function readInt(row, key) {
-    const v = row[key];
-    if (typeof v === 'number')
-        return v;
-    if (typeof v === 'bigint')
-        return Number(v);
-    throw new Error(`invariant: expected integer for column ${key}, got ${typeof v}`);
-}
-/**
- * Read an optional string column. Returns `undefined` for both `null`
- * (SQL NULL) and missing keys.
- *
- * @internal
- */
-function readOptionalString(row, key) {
-    const v = row[key];
-    if (v === null || v === undefined)
-        return undefined;
-    if (typeof v !== 'string') {
-        throw new Error(`invariant: expected string|null for column ${key}, got ${typeof v}`);
-    }
-    return v;
-}
-/**
- * Map a raw `playbook_approvals` row to the camelCase {@link PlaybookApproval}
- * contract shape. Validates types, converts the `auto_passed` 0/1 integer to
- * a boolean, and strips nullable fields rather than emitting `null`.
- *
- * @internal
- */
-function rowToApproval(row) {
-    const approval = {
-        approvalId: readString(row, 'approval_id'),
-        runId: readString(row, 'run_id'),
-        nodeId: readString(row, 'node_id'),
-        token: readString(row, 'token'),
-        requestedAt: readString(row, 'requested_at'),
-        status: narrowStatus(readString(row, 'status')),
-        autoPassed: readInt(row, 'auto_passed') === 1,
-    };
-    const approvedAt = readOptionalString(row, 'approved_at');
-    const approver = readOptionalString(row, 'approver');
-    const reason = readOptionalString(row, 'reason');
-    if (approvedAt !== undefined)
-        approval.approvedAt = approvedAt;
-    if (approver !== undefined)
-        approval.approver = approver;
-    if (reason !== undefined)
-        approval.reason = reason;
-    return approval;
-}
-/**
- * Create an HITL approval gate row in `playbook_approvals`.
- *
- * If `autoPassed` is true, the gate is written with `status='approved'`
- * and `auto_passed=1` — used by the policy engine to short-circuit gates
- * that match auto-pass rules. Otherwise status is `'pending'` and the
- * runtime blocks until {@link approveGate} or {@link rejectGate} is called.
- *
- * @param db - Open `node:sqlite` handle with the T889 migration applied.
- * @param input - Gate parameters.
- * @returns The inserted {@link PlaybookApproval}, round-tripped from the DB.
- */
-export function createApprovalGate(db, input) {
-    const token = generateResumeToken(input.runId, input.nodeId, input.bindings, input.secret);
-    const approvalId = randomUUID();
-    const autoPassed = input.autoPassed ?? false;
-    const status = autoPassed ? 'approved' : 'pending';
-    const stmt = db.prepare(`
-    INSERT INTO playbook_approvals
-      (approval_id, run_id, node_id, token, status, auto_passed, approver, reason)
-    VALUES (?, ?, ?, ?, ?, ?, ?, ?)
-  `);
-    stmt.run(approvalId, input.runId, input.nodeId, token, status, autoPassed ? 1 : 0, input.approver ?? null, input.reason ?? null);
-    const row = db
-        .prepare('SELECT * FROM playbook_approvals WHERE approval_id = ?')
-        .get(approvalId);
-    if (row === undefined) {
-        throw new Error(`${E_APPROVAL_NOT_FOUND}: insert did not round-trip (approval_id=${approvalId})`);
-    }
-    return rowToApproval(row);
-}
-/**
- * Transition an approval gate to `approved` state.
- *
- * @param db - Open sqlite handle.
- * @param token - The resume token returned from {@link createApprovalGate}.
- * @param approver - Identity of the approver (agent id, user email, etc.).
- * @param reason - Optional justification note.
- * @returns The updated {@link PlaybookApproval} record.
- * @throws Error with `E_APPROVAL_NOT_FOUND` code if no gate matches the token.
- * @throws Error with `E_APPROVAL_ALREADY_DECIDED` code if the gate is not pending.
- */
-export function approveGate(db, token, approver, reason) {
-    return transitionGate(db, token, 'approved', approver, reason);
-}
-/**
- * Transition an approval gate to `rejected` state. Same semantics as
- * {@link approveGate} but records a rejection — runtime will halt the run.
- *
- * @param db - Open sqlite handle.
- * @param token - The resume token.
- * @param approver - Identity of the rejector.
- * @param reason - Optional justification.
- * @returns The updated {@link PlaybookApproval} record.
- * @throws Error with `E_APPROVAL_NOT_FOUND` if the token is unknown.
- * @throws Error with `E_APPROVAL_ALREADY_DECIDED` if the gate is not pending.
- */
-export function rejectGate(db, token, approver, reason) {
-    return transitionGate(db, token, 'rejected', approver, reason);
-}
-/**
- * Internal shared transition logic for approve/reject. Performs row lookup,
- * state validation, update, and round-trip fetch in a single atomic flow.
- *
- * @internal
- */
-function transitionGate(db, token, next, approver, reason) {
-    const existing = db.prepare('SELECT * FROM playbook_approvals WHERE token = ?').get(token);
-    if (existing === undefined) {
-        throw new Error(`${E_APPROVAL_NOT_FOUND}: no approval gate for token`);
-    }
-    const existingStatus = narrowStatus(readString(existing, 'status'));
-    if (existingStatus !== 'pending') {
-        const approvalId = readString(existing, 'approval_id');
-        throw new Error(`${E_APPROVAL_ALREADY_DECIDED}: gate ${approvalId} is already ${existingStatus}`);
-    }
-    db.prepare(`UPDATE playbook_approvals
-       SET status = ?, approved_at = datetime('now'), approver = ?, reason = ?
-     WHERE token = ?`).run(next, approver, reason ?? null, token);
-    const row = db.prepare('SELECT * FROM playbook_approvals WHERE token = ?').get(token);
-    if (row === undefined) {
-        // Unreachable: UPDATE just succeeded on this token.
-        throw new Error(`${E_APPROVAL_NOT_FOUND}: row vanished after update (token=${token})`);
-    }
-    return rowToApproval(row);
-}
-/**
- * List all gates that are still awaiting a decision, oldest first.
- *
- * @param db - Open sqlite handle.
- * @returns Pending {@link PlaybookApproval} records ordered by `requested_at`.
- */
-export function getPendingApprovals(db) {
-    const rows = db
-        .prepare(`SELECT * FROM playbook_approvals
-        WHERE status = 'pending'
-        ORDER BY requested_at ASC, approval_id ASC`)
-        .all();
-    return rows.map(rowToApproval);
-}

package/dist/index.d.ts DELETED Viewed

@@ -1,29 +0,0 @@
-/**
- * @cleocode/playbooks — Playbook DSL + runtime for T889 Orchestration Coherence v3.
- *
- * This package is scaffolded in Wave 0. Subsequent waves will populate:
- * - `schema.ts`     (W4-6)  — types + Drizzle table defs
- * - `parser.ts`     (W4-7)  — .cantbook YAML parser
- * - `state.ts`      (W4-8)  — DB CRUD for playbook_runs + playbook_approvals
- * - `policy.ts`     (W4-9)  — HITL auto-policy rules
- * - `runtime.ts`    (W4-10) — state machine executor
- * - `approval.ts`   (W4-16) — resume token generation + approval ops
- * - `skill-composer.ts` (W4-2..5) — three-source skill bundle composer
- *
- * @remarks
- * Only the {@link PLAYBOOKS_PACKAGE_VERSION} constant is exported from the
- * Wave 0 scaffold. Each follow-up wave adds a named barrel export here.
- *
- * @task T889 Orchestration Coherence v3 — Wave 0 scaffold
- */
-/**
- * Package version string matching the monorepo's CalVer cadence.
- *
- * Consumers can use this to assert dependency alignment at runtime
- * (e.g. ensuring the `@cleocode/playbooks` runtime matches CLEO core).
- */
-export declare const PLAYBOOKS_PACKAGE_VERSION: string;
-export { approveGate, type CreateApprovalGateInput, createApprovalGate, E_APPROVAL_ALREADY_DECIDED, E_APPROVAL_NOT_FOUND, generateResumeToken, getPendingApprovals, getPlaybookSecret, rejectGate, } from './approval.js';
-export { type ParsePlaybookResult, PlaybookParseError, parsePlaybook, } from './parser.js';
-export { DEFAULT_POLICY_RULES, type EvaluatePolicyResult, evaluatePolicy, type PolicyRule, } from './policy.js';
-export { type CreatePlaybookApprovalInput, type CreatePlaybookRunInput, createPlaybookApproval, createPlaybookRun, deletePlaybookRun, getPlaybookApprovalByToken, getPlaybookRun, type ListPlaybookRunsOptions, listPlaybookApprovals, listPlaybookRuns, updatePlaybookApproval, updatePlaybookRun, } from './state.js';

package/dist/index.js DELETED Viewed

@@ -1,32 +0,0 @@
-/**
- * @cleocode/playbooks — Playbook DSL + runtime for T889 Orchestration Coherence v3.
- *
- * This package is scaffolded in Wave 0. Subsequent waves will populate:
- * - `schema.ts`     (W4-6)  — types + Drizzle table defs
- * - `parser.ts`     (W4-7)  — .cantbook YAML parser
- * - `state.ts`      (W4-8)  — DB CRUD for playbook_runs + playbook_approvals
- * - `policy.ts`     (W4-9)  — HITL auto-policy rules
- * - `runtime.ts`    (W4-10) — state machine executor
- * - `approval.ts`   (W4-16) — resume token generation + approval ops
- * - `skill-composer.ts` (W4-2..5) — three-source skill bundle composer
- *
- * @remarks
- * Only the {@link PLAYBOOKS_PACKAGE_VERSION} constant is exported from the
- * Wave 0 scaffold. Each follow-up wave adds a named barrel export here.
- *
- * @task T889 Orchestration Coherence v3 — Wave 0 scaffold
- */
-/**
- * Package version string matching the monorepo's CalVer cadence.
- *
- * Consumers can use this to assert dependency alignment at runtime
- * (e.g. ensuring the `@cleocode/playbooks` runtime matches CLEO core).
- */
-export const PLAYBOOKS_PACKAGE_VERSION = '2026.4.85';
-export { approveGate, createApprovalGate, E_APPROVAL_ALREADY_DECIDED, E_APPROVAL_NOT_FOUND, generateResumeToken, getPendingApprovals, getPlaybookSecret, rejectGate, } from './approval.js';
-// W4-7: .cantbook YAML parser → PlaybookDefinition
-export { PlaybookParseError, parsePlaybook, } from './parser.js';
-// W4-9: HITL auto-policy evaluator
-export { DEFAULT_POLICY_RULES, evaluatePolicy, } from './policy.js';
-// W4-8: state layer CRUD for playbook_runs + playbook_approvals
-export { createPlaybookApproval, createPlaybookRun, deletePlaybookRun, getPlaybookApprovalByToken, getPlaybookRun, listPlaybookApprovals, listPlaybookRuns, updatePlaybookApproval, updatePlaybookRun, } from './state.js';