npm - @delegance/claude-autopilot - Versions diffs - 7.2.0 → 7.3.0 - Mend

@delegance/claude-autopilot 7.2.0 → 7.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,92 @@
 - v5.6 Phase 7 (docs reconciliation) — pending.
+## 7.3.0 (2026-05-10)
+**v7.3.0 — library export surface for v8 daemon.** Minor bump
+(new public API surface). The v8 daemon spec needs to call into
+the autopilot pipeline without spawning the CLI as a subprocess
+— subprocess boundaries lose error context, double up dependency
+resolution, and make sandbox enforcement harder. This PR exposes
+a curated set of `run*` functions as a stable library API.
+**New exports** at `@delegance/claude-autopilot`:
+* Pipeline read-only / discovery: `runScan`, `runScaffold`,
+  `runValidate`, `runFix`, `runCosts`, `runReport`, `runDoctor`,
+  `runSetup`.
+* Pipeline side-effecting: `runDeploy`, `runDeployStatus`,
+  `runDeployRollback` (daemon callers must wrap in policy gates
+  per v8 spec C3).
+* Helpers: `detectProject`.
+* Types: `DetectionResult`, `ScaffoldOptions`, `ScaffoldResult`,
+  `SetupOptions`, `ProfileName`.
+**Stability contract** documented in `docs/library-api.md`. Anything
+in that doc is SemVer-stable; deep imports
+(`@delegance/claude-autopilot/dist/...`) are unsupported.
+**`package.json` `exports` map** gains a `default` entry pointing
+at `./dist/src/index.js` so consumers can
+`import { runScaffold } from '@delegance/claude-autopilot'`
+instead of deep-importing.
+**Deliberate non-exports** (still callable via deep imports, no
+guarantee): JSON-envelope wrappers, internal `_*` helpers, the
+`runs` engine-introspection group (separate v8 prerequisite).
+4 new tests verify (a) all declared exports resolve at runtime,
+(b) `detectProject` returns the documented shape on the autopilot
+repo itself, (c) `package.json` `exports` map shape is locked.
+1559 → 1563 CLI tests; tsc clean; build clean.
+Version 7.2.1 → 7.3.0 (minor bump for new library surface).
+## 7.2.1 (2026-05-10)
+**v7.2.1 — v8 spec codex pass-2 amendment.** Docs-only PR. Folds
+the codex pass on the merged v8 spec (PR #152) into a new
+"Codex pass 2 amendment" section. 3 CRITICAL + 6 WARNING + 1 NOTE
+all surfaced real productization gaps; all locked into the spec
+rather than left as open questions.
+**Key trust-model decisions now locked in the spec** (were
+open-questions before):
+* **C1 — Policy pinning.** `.autopilot/policy.yaml` loaded only from
+  default branch at run-start SHA; frozen for the run; daemon's own
+  PRs cannot mutate active permissions. `.autopilot/**`,
+  `.github/workflows/**`, lockfiles in default `protected_paths`.
+* **C2 — Auth scope.** Default to fine-grained PAT (issues +
+  PRs + branch-prefixed contents-write only); `gh` CLI labeled
+  "unsafe/dev mode"; hosted uses per-org GitHub App.
+* **C3 — Sandboxed phase execution.** Per-phase Docker/Podman
+  container locally; per-run isolated worker hosted; credential
+  mounts blocked; egress allowlist (GitHub + Anthropic + OpenAI +
+  package registries).
+* **W3 — Auto-merge.** Requires distinct `automerge.*` policy
+  block with `required_checks`, `require_codeowner_approval`,
+  `max_risk_level`, `allowed_paths`, `rollback_plan_required`.
+* **W4 — Phase-level idempotency.** Operation IDs + side-effect
+  markers; restart reconciles GitHub state before resuming.
+* **N1 — OS keychain** for local secrets (macOS Keychain / Linux
+  Secret Service / Windows Credential Manager via `keytar`);
+  fallback to `~/.claude-autopilot/keys.json` 0600 with warning.
+**Updated stabilization criteria** add:
+* Sandbox-escape attempt suite (planted-payload tests verify
+  malicious `npm test` cannot read `~/.ssh/`, `~/.aws/`, host
+  `gh` token).
+* Phase-level idempotency suite (kill daemon mid-phase × 100;
+  restart produces zero duplicate side-effects).
+3 smaller open questions remain for v8.0-beta lock (container
+runtime fallback, hosted worker latency, sandbox network
+allowlist customization).
+No code change; bumping to 7.2.1 to keep CHANGELOG/version in
+lockstep with master HEAD.
 ## 7.2.0 (2026-05-10)
 **v7.2.0 — `claude-autopilot scaffold --from-spec <path>`.** Closes

package/dist/src/index.d.ts CHANGED Viewed

@@ -1,4 +1,17 @@
 export type { Finding, Severity, FindingSource } from './core/findings/types.js';
 export type { RunResult, RunInput, PhaseResult } from './core/pipeline/run.js';
 export type { GuardrailConfig, AdapterRef, AdapterReference } from './core/config/types.js';
+export { runScan } from './cli/scan.js';
+export { runScaffold } from './cli/scaffold.js';
+export { runValidate } from './cli/validate.js';
+export { runFix } from './cli/fix.js';
+export { runCosts } from './cli/costs.js';
+export { runReport } from './cli/report.js';
+export { runDoctor } from './cli/preflight.js';
+export { runSetup } from './cli/setup.js';
+export { runDeploy, runDeployStatus, runDeployRollback } from './cli/deploy.js';
+export { detectProject } from './cli/detector.js';
+export type { DetectionResult } from './cli/detector.js';
+export type { ScaffoldOptions, ScaffoldResult } from './cli/scaffold.js';
+export type { SetupOptions, ProfileName } from './cli/setup.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.js CHANGED Viewed

@@ -1,2 +1,34 @@
-export {};
+// v7.3.0 — Curated library API for in-process consumers (notably the v8
+// daemon, which imports these instead of spawning the CLI subprocess).
+//
+// ## Stability contract
+//
+// Anything re-exported below is part of the supported library API. Changes
+// to function signatures here are SemVer-major. Internal refactors that
+// don't change the exported shape are SemVer-minor or patch.
+//
+// Functions deliberately NOT re-exported (still callable via direct
+// `@delegance/claude-autopilot/cli/*` imports if you really need them, but
+// no compatibility guarantee):
+//   - JSON-envelope wrappers (`runUnderJsonMode`, `runAutopilotWithJsonEnvelope`)
+//     — those are CLI-shape helpers, not library shape.
+//   - Internal `_*` helpers and test seams.
+//   - The `runs` / `runs-watch` group — engine introspection is a separate
+//     v8 prerequisite (`@delegance/claude-autopilot/run-state` will export
+//     it once it's stable).
+//
+// See docs/library-api.md for the full surface + usage examples.
+// Pipeline verbs (read-only / discovery).
+export { runScan } from './cli/scan.js';
+export { runScaffold } from './cli/scaffold.js';
+export { runValidate } from './cli/validate.js';
+export { runFix } from './cli/fix.js';
+export { runCosts } from './cli/costs.js';
+export { runReport } from './cli/report.js';
+export { runDoctor } from './cli/preflight.js';
+export { runSetup } from './cli/setup.js';
+// Pipeline verbs (side-effecting — daemon must wrap these in policy gates).
+export { runDeploy, runDeployStatus, runDeployRollback } from './cli/deploy.js';
+// Helpers.
+export { detectProject } from './cli/detector.js';
 //# sourceMappingURL=index.js.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@delegance/claude-autopilot",
-  "version": "7.2.0",
+  "version": "7.3.0",
   "type": "module",
   "publishConfig": {
     "tag": "next"
@@ -36,7 +36,8 @@
   "types": "./dist/src/index.d.ts",
   "exports": {
     ".": {
-      "types": "./dist/src/index.d.ts"
+      "types": "./dist/src/index.d.ts",
+      "default": "./dist/src/index.js"
     },
     "./bin/claude-autopilot.js": "./bin/claude-autopilot.js",
     "./bin/guardrail.js": "./bin/guardrail.js",