@jaimevalasek/aioson 1.30.2 → 1.36.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +75 -0
- package/README.md +19 -6
- package/docs/en/1-understand/ecosystem-map.md +45 -29
- package/docs/en/1-understand/glossary.md +5 -5
- package/docs/en/1-understand/what-is-aioson.md +5 -5
- package/docs/en/2-start/existing-project.md +7 -7
- package/docs/en/2-start/first-project.md +32 -38
- package/docs/en/2-start/initial-decisions.md +18 -17
- package/docs/en/3-recipes/README.md +2 -2
- package/docs/en/3-recipes/continuity-between-sessions.md +2 -2
- package/docs/en/3-recipes/from-idea-to-prd-via-briefing.md +5 -2
- package/docs/en/3-recipes/full-feature-with-sheldon.md +327 -338
- package/docs/en/4-agents/README.md +28 -14
- package/docs/en/4-agents/discovery-design-doc.md +20 -8
- package/docs/en/4-agents/forge-run.md +3 -2
- package/docs/en/5-reference/cli-reference.md +51 -48
- package/docs/en/5-reference/executable-verification.md +10 -7
- package/docs/en/5-reference/parallel.md +2 -0
- package/docs/en/5-reference/qa-browser.md +2 -2
- package/docs/en/README.md +3 -3
- package/docs/pt/1-entender/glossario.md +4 -4
- package/docs/pt/1-entender/mapa-do-ecossistema.md +32 -21
- package/docs/pt/2-comecar/decisoes-iniciais.md +16 -16
- package/docs/pt/2-comecar/primeiro-projeto.md +1 -1
- package/docs/pt/3-receitas/README.md +1 -1
- package/docs/pt/3-receitas/app-saas-do-zero.md +35 -122
- package/docs/pt/3-receitas/feature-completa-com-sheldon.md +289 -338
- package/docs/pt/4-agentes/analyst.md +9 -5
- package/docs/pt/4-agentes/architect.md +9 -5
- package/docs/pt/4-agentes/dev.md +19 -7
- package/docs/pt/4-agentes/discovery-design-doc.md +25 -23
- package/docs/pt/4-agentes/orchestrator.md +164 -118
- package/docs/pt/4-agentes/pentester.md +5 -5
- package/docs/pt/4-agentes/pm.md +15 -7
- package/docs/pt/4-agentes/sheldon.md +166 -99
- package/docs/pt/4-agentes/ux-ui.md +7 -4
- package/docs/pt/5-referencia/agent-chain-continuity.md +14 -5
- package/docs/pt/5-referencia/comandos-cli.md +1 -1
- package/docs/pt/5-referencia/harness-retro.md +2 -1
- package/docs/pt/5-referencia/sdd-automation-scripts.md +6 -6
- package/docs/pt/5-referencia/sdd-framework.md +53 -16
- package/docs/pt/5-referencia/sdd-planos-e-estrutura.md +27 -15
- package/docs/pt/README.md +4 -4
- package/docs/pt/agentes.md +48 -50
- package/package.json +2 -2
- package/src/artifact-kinds.js +110 -0
- package/src/cli.js +82 -42
- package/src/commands/agent-epilogue.js +251 -186
- package/src/commands/agents.js +104 -48
- package/src/commands/audit-code.js +344 -0
- package/src/commands/classify.js +75 -13
- package/src/commands/feature-close.js +43 -18
- package/src/commands/harness-check.js +259 -175
- package/src/commands/harness-retro-promote.js +387 -0
- package/src/commands/live.js +24 -0
- package/src/commands/prototype-check.js +163 -0
- package/src/commands/review-feature.js +189 -0
- package/src/commands/runtime.js +81 -66
- package/src/commands/sync-agents-copy.js +115 -0
- package/src/commands/verification-plan.js +116 -0
- package/src/commands/verify-artifact.js +530 -0
- package/src/commands/verify-implementation.js +428 -0
- package/src/commands/workflow-execute.js +309 -309
- package/src/commands/workflow-next.js +361 -19
- package/src/commands/workflow-plan.js +5 -5
- package/src/constants.js +4 -0
- package/src/gateway-pointer-merge.js +7 -1
- package/src/handoff-contract.js +267 -172
- package/src/harness/contract-integrity-gate.js +172 -0
- package/src/harness/contract-integrity.js +111 -0
- package/src/harness/contract-schema.js +377 -332
- package/src/harness/detect-runtime-feature.js +90 -0
- package/src/harness/static-criteria.js +192 -0
- package/src/i18n/messages/en.js +8 -4
- package/src/i18n/messages/es.js +8 -4
- package/src/i18n/messages/fr.js +8 -4
- package/src/i18n/messages/pt-BR.js +8 -4
- package/src/install-wizard.js +8 -8
- package/src/installer.js +13 -6
- package/src/lib/retro/retro-render.js +10 -1
- package/src/lib/retro/retro-sources.js +45 -27
- package/src/lib/retro/verification-reports.js +230 -0
- package/src/parser.js +6 -0
- package/src/preflight-engine.js +12 -12
- package/src/runtime-store.js +13 -9
- package/src/verification/evidence-bundle.js +251 -0
- package/src/verification/ledger-store.js +221 -0
- package/src/verification/path-policy.js +74 -0
- package/src/verification/policy-engine.js +95 -0
- package/src/verification/prompt-package.js +314 -0
- package/src/verification/redaction.js +77 -0
- package/src/verification/report-parser.js +132 -0
- package/src/verification/report-store.js +97 -0
- package/src/verification/result.js +16 -0
- package/src/verification/runners/index.js +319 -0
- package/src/verification/runtime-telemetry.js +144 -0
- package/src/verification/schema.js +276 -0
- package/src/verification/source-discovery.js +153 -0
- package/src/verification-policy.js +398 -0
- package/src/version.js +52 -1
- package/template/.aioson/agents/analyst.md +9 -6
- package/template/.aioson/agents/architect.md +34 -5
- package/template/.aioson/agents/briefing-refiner.md +25 -0
- package/template/.aioson/agents/briefing.md +69 -12
- package/template/.aioson/agents/committer.md +2 -1
- package/template/.aioson/agents/copywriter.md +30 -21
- package/template/.aioson/agents/design-hybrid-forge.md +28 -15
- package/template/.aioson/agents/dev.md +28 -10
- package/template/.aioson/agents/deyvin.md +3 -2
- package/template/.aioson/agents/discover.md +12 -3
- package/template/.aioson/agents/discovery-design-doc.md +7 -2
- package/template/.aioson/agents/genome.md +19 -10
- package/template/.aioson/agents/neo.md +30 -30
- package/template/.aioson/agents/orache.md +20 -11
- package/template/.aioson/agents/orchestrator.md +84 -7
- package/template/.aioson/agents/pm.md +8 -8
- package/template/.aioson/agents/product.md +15 -11
- package/template/.aioson/agents/profiler-enricher.md +20 -11
- package/template/.aioson/agents/profiler-forge.md +20 -11
- package/template/.aioson/agents/profiler-researcher.md +20 -11
- package/template/.aioson/agents/qa.md +87 -17
- package/template/.aioson/agents/scope-check.md +19 -5
- package/template/.aioson/agents/setup.md +12 -1
- package/template/.aioson/agents/sheldon.md +92 -9
- package/template/.aioson/agents/site-forge.md +11 -2
- package/template/.aioson/agents/squad.md +20 -5
- package/template/.aioson/agents/ux-ui.md +4 -2
- package/template/.aioson/agents/validator.md +33 -1
- package/template/.aioson/config/verification.json +61 -0
- package/template/.aioson/config.md +13 -9
- package/template/.aioson/docs/LAYERS.md +2 -2
- package/template/.aioson/docs/autopilot-handoff.md +10 -10
- package/template/.aioson/docs/dev/execution-discipline.md +41 -0
- package/template/.aioson/docs/dev/phase-loop.md +47 -0
- package/template/.aioson/docs/feature-expansion-taxonomy.md +31 -3
- package/template/.aioson/docs/presets/workflow.config.full-merged.json +15 -0
- package/template/.aioson/docs/presets/workflow.config.lean.json +15 -0
- package/template/.aioson/docs/product/prd-contract.md +12 -12
- package/template/.aioson/docs/prototype-contract.md +98 -0
- package/template/.aioson/docs/reference-identity.md +94 -0
- package/template/.aioson/docs/sheldon/harness-contract.md +155 -28
- package/template/.aioson/docs/verification-config.md +82 -0
- package/template/.aioson/docs/verify-artifact-gates.md +91 -0
- package/template/.aioson/docs/workflow-lean-lane.md +129 -0
- package/template/.aioson/skills/design/interface-design/references/intent-and-domain.md +2 -0
- package/template/.aioson/skills/process/aioson-spec-driven/SKILL.md +16 -14
- package/template/.aioson/skills/process/aioson-spec-driven/references/approval-gates.md +2 -2
- package/template/.aioson/skills/process/aioson-spec-driven/references/classification-map.md +4 -4
- package/template/.aioson/skills/process/aioson-spec-driven/references/dev.md +15 -15
- package/template/.aioson/skills/process/briefing-expansion-scout/SKILL.md +25 -3
- package/template/.aioson/skills/process/design-hybrid-forge/SKILL.md +5 -3
- package/template/.aioson/skills/process/design-hybrid-forge/references/external-source-ingestion.md +89 -0
- package/template/.aioson/skills/process/product-scope-expansion/SKILL.md +29 -2
- package/template/.aioson/skills/process/prototype-forge/SKILL.md +98 -0
- package/template/.aioson/skills/process/reference-identity-extract/SKILL.md +164 -0
- package/template/.aioson/skills/process/sheldon-expansion-audit/SKILL.md +23 -2
- package/template/.aioson/skills/static/multi-agent-patterns.md +5 -5
- package/template/CLAUDE.md +15 -11
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: "Reference-image-driven visual identity — how user-provided reference images become a text identity.md the interface-design engine applies, instead of every project inheriting a fixed preset's look. Covers the schema, the two scopes, the extraction skill, the verify:artifact gate, and the cross-harness/no-vision fallback."
|
|
3
|
+
agents: [setup, briefing-refiner, ux-ui]
|
|
4
|
+
task_types: [design, configuration, verification]
|
|
5
|
+
triggers: [identity.md, reference image, visual identity, reference-identity-extract, kind=identity, brand reference, design_skill interface-design]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Reference-image-driven visual identity
|
|
9
|
+
|
|
10
|
+
A fixed design preset (`clean-saas-ui`, `aurora-command-ui`, …) hardcodes a palette and a typeface, so
|
|
11
|
+
every project that picks the same preset looks the same — the generic, "made-by-AI" look. The
|
|
12
|
+
`interface-design` skill is the opposite: a craft **engine** whose mandate is *"if another AI would
|
|
13
|
+
produce the same output, you failed."* This flow feeds that engine the user's **own references** so the
|
|
14
|
+
result is specific and premium.
|
|
15
|
+
|
|
16
|
+
The pipeline: **reference images → extracted once into `identity.md` (text) → the engine builds from the
|
|
17
|
+
text.** The build never reads the images. This is the same move AIOSON already makes when it extracts a
|
|
18
|
+
real website into a token spec — generalized so the **source** is images and the **lifetime** is
|
|
19
|
+
per-briefing (or per-project brand), not a frozen preset.
|
|
20
|
+
|
|
21
|
+
## Two image roles
|
|
22
|
+
|
|
23
|
+
- **Visual identity** — brand color, type, texture, the *feel*. Drives the token system.
|
|
24
|
+
- **Component / structure** — a board, a table, a screen the user wants. Drives **structure only**; its
|
|
25
|
+
own colors/fonts are ignored. Feeds `prototype-forge`'s surface map.
|
|
26
|
+
|
|
27
|
+
Synthesis = **apply the identity to the structure.** This is why you do not want "component skills": a
|
|
28
|
+
component skill smuggles in its own fixed identity and reintroduces the sameness. A component *image*
|
|
29
|
+
contributes layout, and the identity comes from the identity images.
|
|
30
|
+
|
|
31
|
+
## The `identity.md` record
|
|
32
|
+
|
|
33
|
+
One text file the build consumes. Frontmatter mirrors the proven extracted-token shape; sections map to
|
|
34
|
+
the `interface-design` token families plus its Phase-1 anti-sameness anchors. Authored by the
|
|
35
|
+
`reference-identity-extract` process skill (see its `SKILL.md` for the exact schema).
|
|
36
|
+
|
|
37
|
+
- **Frontmatter:** `kind`, `scope` (`briefing` | `brand`), `slug`, `source` (`references` | `intent`),
|
|
38
|
+
`generated_by`, `generated_at`, `confidence`, `theme`, `base_unit`.
|
|
39
|
+
- **Sections:** `## Design pillars`, `## Palette` (real hex), `## Typography`, `## Spacing & layout`,
|
|
40
|
+
`## Radius & depth` (exactly one depth strategy), `## Motion`, `## Signature moves`, `## Anti-goals`,
|
|
41
|
+
`## Component structure notes`, `## Provenance` (generic — never names an external source).
|
|
42
|
+
- `source: references` (filled from images) vs `intent` (image-less fallback via interface-design's own
|
|
43
|
+
Phase 0). **Same shape either way**, which is what makes it gateable and harness-portable.
|
|
44
|
+
|
|
45
|
+
## Two scopes
|
|
46
|
+
|
|
47
|
+
| scope | record | images |
|
|
48
|
+
|---|---|---|
|
|
49
|
+
| **Per-briefing** (default) | `.aioson/briefings/{slug}/identity.md` | `.aioson/briefings/{slug}/references/{identity,structure}/` |
|
|
50
|
+
| **Project brand** | `.aioson/context/identity.md` | `.aioson/context/brand-references/{identity,structure}/` |
|
|
51
|
+
|
|
52
|
+
**Resolution order** (identical for `@ux-ui` and `prototype-forge`): per-briefing → project brand →
|
|
53
|
+
none (then `interface-design` Phase 0 governs). The **text record is canonical and committed**; the
|
|
54
|
+
images are raw source and may be `.gitignore`d — extraction runs once, so the build never needs them
|
|
55
|
+
again.
|
|
56
|
+
|
|
57
|
+
## How it runs
|
|
58
|
+
|
|
59
|
+
- **`@briefing-refiner`** (prototype mode) — when a rich-surface product would benefit from a visual,
|
|
60
|
+
it offers reference-image intake: the user drops images into `references/{identity,structure}/`, the
|
|
61
|
+
agent loads `reference-identity-extract`, writes `identity.md`, and `prototype-forge` builds from it.
|
|
62
|
+
No images → it skips and `interface-design` runs intent-first. Always optional, never blocking.
|
|
63
|
+
- **`@setup`** — for `site`/`web_app`, the recommended visual route is *interface-design + reference
|
|
64
|
+
images* (sets `design_skill: interface-design`; the concrete look comes from `identity.md`). The
|
|
65
|
+
fixed presets remain an explicit alternative.
|
|
66
|
+
- **`@ux-ui`** — Step 0 loads `identity.md` as the **identity input** the single interface-design engine
|
|
67
|
+
applies. It is **not** a second design skill: exactly one design skill is loaded, and `identity.md`
|
|
68
|
+
parameterizes it. This does not weaken the ONE-SKILL-ONLY rule.
|
|
69
|
+
|
|
70
|
+
## The gate
|
|
71
|
+
|
|
72
|
+
`aioson verify:artifact . --kind=identity --file=<path>` proves the record is complete — the token
|
|
73
|
+
skeleton plus both anti-sameness anchors (`## Design pillars` + `## Signature moves`) plus the structure
|
|
74
|
+
section are present, and no placeholder or unfilled hex slipped through. Build-free, deterministic, the
|
|
75
|
+
periphery analog of the code pipeline's `SG-*` gates. The extraction skill runs it `--advisory` before
|
|
76
|
+
handing back. Path-resolved via `--file` because the record lives in either scope.
|
|
77
|
+
|
|
78
|
+
## Cross-harness & no-vision
|
|
79
|
+
|
|
80
|
+
The extraction pass is the **only** vision step. On a vision-less harness, either run extraction once on
|
|
81
|
+
a vision-capable harness, or hand-author `identity.md` from the schema — the gate then proves it is
|
|
82
|
+
complete. The build is identical in both cases because it reads only the text. This is the same reason
|
|
83
|
+
gates are engine-driven rather than hook-driven: the portable artifact crosses harnesses; the
|
|
84
|
+
host-specific capability does not.
|
|
85
|
+
|
|
86
|
+
## Notes
|
|
87
|
+
|
|
88
|
+
- **Vision is non-deterministic** — two extractions of one image can differ. That is exactly why the
|
|
89
|
+
text record exists: `identity.md` is the frozen, user-editable source of truth, and the build off it
|
|
90
|
+
is deterministic.
|
|
91
|
+
- **Image storage** — reference images are binary and can bloat git. The text record is canonical and
|
|
92
|
+
committed; images are optional and may be `.gitignore`d at the project level.
|
|
93
|
+
- **Provenance discipline** — `## Provenance` describes sources by type only. Never name an external
|
|
94
|
+
product, brand, site, or tool in any artifact.
|
|
@@ -15,10 +15,16 @@ Run **after** writing `sheldon-enrichment-{slug}.md`, gated by `project.context.
|
|
|
15
15
|
|
|
16
16
|
| Classification | Action |
|
|
17
17
|
|---|---|
|
|
18
|
-
| MICRO | Skip entirely
|
|
19
|
-
| SMALL | Produce `progress.json` only
|
|
18
|
+
| MICRO | Skip entirely — **unless it is a runtime feature** (`has_api`/DB/prototype): then produce a minimal `harness-contract.json` (just the §2c `RG-*` criteria) + `progress.json`. |
|
|
19
|
+
| SMALL | Produce `progress.json` only — **plus `harness-contract.json` with the §2c `RG-*` criteria when it is a runtime feature**, so `harness:check` can enforce the runtime gate. |
|
|
20
20
|
| MEDIUM | Produce both `harness-contract.json` and `progress.json`. |
|
|
21
21
|
|
|
22
|
+
A **runtime feature** (`has_api` / DB / migrations / `## Prototype reference`) therefore carries the `RG-*`
|
|
23
|
+
runtime gate at **every** classification. The CLI deterministically blocks the subset it can locate on disk
|
|
24
|
+
(prototype manifests and migration/Prisma paths from progress/git evidence) when the runtime contract is missing
|
|
25
|
+
or has no `RG-*`; the Play `has_api` case still requires the `@validator` Step 0 judgment because that flag lives
|
|
26
|
+
inside the target app. Non-runtime MICRO/SMALL keep the lightweight path (no contract).
|
|
27
|
+
|
|
22
28
|
## Steps
|
|
23
29
|
|
|
24
30
|
### 1. Initialize stub
|
|
@@ -57,31 +63,139 @@ Authoring rules for `verification`:
|
|
|
57
63
|
|
|
58
64
|
- **Prefer the project's own test runner** (`node --test tests/x.test.js`, `npm test -- --grep "..."`, `pytest tests/test_x.py`). A criterion backed by a real test is the gold standard.
|
|
59
65
|
- **One-liner assertions** when no test exists yet: `node -e "const m = require('./src/x'); process.exit(typeof m.parseX === 'function' ? 0 : 1)"`.
|
|
60
|
-
- **Deterministic only**: no network calls, no wall-clock dependence, no interactive prompts.
|
|
66
|
+
- **Deterministic only**: no network calls, no wall-clock dependence, no interactive prompts. *(Exception: the runtime-gate criteria in §2c — `build`/`migrate`/`boot`/`smoke` — MAY provision an ephemeral DB and boot the app. That setup is the point, not a violation.)*
|
|
61
67
|
- **Cross-platform**: single commands or npm scripts — avoid shell chaining (`&&`, `||`) and POSIX-only utilities (`grep`, `test -f`) on Windows-first projects; use `node -e` for file/shape assertions instead.
|
|
62
|
-
- **Self-contained**: the command must pass/fail on a clean checkout after install — no hidden setup steps.
|
|
68
|
+
- **Self-contained**: the command must pass/fail on a clean checkout after install — no hidden setup steps. *(Runtime-gate criteria may require `db:up`/`migrate reset` as their declared first step; declare it inside the `verification`, never as a hidden prerequisite.)*
|
|
63
69
|
- A `binary: true` criterion **without** `verification` remains valid (judged by `@validator`, as before), but the contract schema emits a coverage warning — treat each one as debt and justify it in the enrichment log.
|
|
64
70
|
|
|
71
|
+
### 2c. Runtime gate criteria — MANDATORY for runtime features
|
|
72
|
+
|
|
73
|
+
A contract whose criteria are all unit/component test commands (e.g. `pnpm test -- <file>`) proves the
|
|
74
|
+
**tests** pass, not that the **app** runs. Tests mock the database, the auth SDK and the network; a feature
|
|
75
|
+
can be 100% green on unit tests while its migrations never applied, its UI was never wired to the API, and
|
|
76
|
+
the process never booted. To close that gap, any feature that ships a runtime surface MUST carry criteria that
|
|
77
|
+
exercise the **real, running stack** — not only mocks.
|
|
78
|
+
|
|
79
|
+
A feature is a **runtime feature** when ANY of these holds:
|
|
80
|
+
|
|
81
|
+
- `manifest.json` has `has_api: true`, declares a server/process, or a Play runtime; or
|
|
82
|
+
- the feature creates or changes a database / Prisma schema / migrations; or
|
|
83
|
+
- the feature carries a `## Prototype reference` (a clickable prototype whose Core interactions must work).
|
|
84
|
+
|
|
85
|
+
For a runtime feature, add these criteria (use the project's OWN commands; drop a row only with a written
|
|
86
|
+
reason in the enrichment log):
|
|
87
|
+
|
|
88
|
+
| id | what it proves | example `verification` (adapt to the project) |
|
|
89
|
+
|----|----------------|-----------------------------------------------|
|
|
90
|
+
| `RG-build` | the app compiles for real, not a mocked subset | `pnpm build` · `npm run build` · `tsc -p .` |
|
|
91
|
+
| `RG-migrate` | migrations **apply** to a fresh DB — not just exist as files | `prisma migrate reset --force` (or `migrate deploy`) against an ephemeral/throwaway DB |
|
|
92
|
+
| `RG-boot` | server + client start without crashing | start the process and probe health, e.g. `node scripts/smoke-boot.mjs` hitting `/api/health` → 200 |
|
|
93
|
+
| `RG-smoke` | the prototype's Core happy-path works on the running stack | `aioson qa:run` / `aioson qa:scan`, or an e2e/integration run that drives the **real** endpoints/UI end-to-end |
|
|
94
|
+
|
|
95
|
+
**Hard rules:**
|
|
96
|
+
|
|
97
|
+
- A runtime-feature contract containing **zero** of {`RG-build`, `RG-migrate`, `RG-boot`, `RG-smoke`} is
|
|
98
|
+
**invalid** — treat it as a coverage *error*, not a warning, and do not declare the contract final.
|
|
99
|
+
`@validator` rejects such a contract at its Contract-integrity precheck.
|
|
100
|
+
- **No duplicate verification.** Two `binary: true` criteria must never carry the **same** `verification`
|
|
101
|
+
command. Each criterion maps to a distinct check. (Padding 11 criteria out of 6 commands is exactly how a
|
|
102
|
+
hollow contract scores "11/11".) `RG-migrate` and `RG-boot` are separate criteria with separate commands.
|
|
103
|
+
- `RG-smoke` must drive at least the prototype-manifest's **Core** interactions for the feature
|
|
104
|
+
(create / list / switch / edit / archive of the primary objects), end to end — never a mocked unit of one
|
|
105
|
+
of them, and never a static source-string assertion that an API call *appears* in the code.
|
|
106
|
+
- These criteria are first-class binary criteria: `aioson harness:check` runs them like any other, and their
|
|
107
|
+
exit code is the verdict. If the project lacks a smoke/boot harness, that harness is itself part of `@dev`'s
|
|
108
|
+
scope — do not downgrade `RG-smoke` to a unit test to make it "self-contained".
|
|
109
|
+
|
|
110
|
+
> **CLI backstop (deterministic).** `aioson harness:check . --slug={slug}` enforces the first two hard rules
|
|
111
|
+
> itself, not only through `@validator`, and `workflow:next --complete=dev|qa` / `feature:close --verdict=PASS`
|
|
112
|
+
> call the same integrity gate before advancing. When the CLI detects a runtime surface it can locate
|
|
113
|
+
> deterministically — a `.aioson/briefings/{slug}/prototype-manifest.md`, or a migration/Prisma path in
|
|
114
|
+
> `progress.completed_steps`, `progress.changed_files`, or the git changed-file set — a missing contract is
|
|
115
|
+
> blocked, a contract with **no** `RG-*` criterion fails with `missing_runtime_gate`, and two binary criteria
|
|
116
|
+
> sharing one `verification` command fail with `duplicate_verification`; both flip the check's `ok` to `false`.
|
|
117
|
+
> The Play `manifest.json` `has_api` trigger lives in the target app and is **not** locatable from the framework
|
|
118
|
+
> in all projects — for that case the `@validator` Step 0 precheck remains the enforcer, and `RG-smoke` actually
|
|
119
|
+
> exercising Core (vs. a unit test wearing the id) is always a `@validator` judgment. In an **untracked** session
|
|
120
|
+
> (plain slash activation, no `workflow:next`), `aioson agent:epilogue --agent=dev|qa` surfaces the same check as a
|
|
121
|
+
> non-blocking **advisory** `contract:integrity` step — a signal in the dashboard trail, not a gate; only the
|
|
122
|
+
> tracked `workflow:next` / `feature:close` paths block. Treat a green `harness:check` as necessary, not sufficient.
|
|
123
|
+
|
|
124
|
+
### 2d. Static gate criteria (SG-*) — build-independent proof
|
|
125
|
+
|
|
126
|
+
`RG-*` criteria run a command (a build, a migrated DB, a booted app). They are
|
|
127
|
+
the truth, but they are **expensive** — `aioson harness:check` runs them once, at
|
|
128
|
+
the last gate (`@qa`, else `@dev`). They also cannot run until the app builds.
|
|
129
|
+
|
|
130
|
+
An **SG-* (static gate)** criterion proves a claim by **reading the changed
|
|
131
|
+
files** instead of running them: a required pattern is present (the code was
|
|
132
|
+
actually written / wired) and a forbidden pattern is absent (no placeholder,
|
|
133
|
+
stub or anti-pattern snuck in). It is pure `fs + RegExp + parse` — no shell, no
|
|
134
|
+
build — so it costs milliseconds and the contract-integrity gate evaluates it at
|
|
135
|
+
**every** stage (`@dev`-done and `@qa`-done), even when the runtime checks are
|
|
136
|
+
deferred. That makes it the cheap layer that catches "claimed done but stubbed
|
|
137
|
+
it / left a placeholder / never wired `requireAuth`" the instant it happens,
|
|
138
|
+
on any model, cross-platform.
|
|
139
|
+
|
|
140
|
+
Add an SG-* criterion when an AC has a concrete, greppable signature — a symbol
|
|
141
|
+
that must be called, an export that must exist, an env var that must be read, an
|
|
142
|
+
anti-pattern that must not appear — that you want proven without booting the app:
|
|
143
|
+
|
|
144
|
+
```json
|
|
145
|
+
{
|
|
146
|
+
"id": "SG-auth-wired",
|
|
147
|
+
"description": "auth middleware is wired into the protected router",
|
|
148
|
+
"assertion": "requireAuth is applied in src/routes/private.ts",
|
|
149
|
+
"binary": true,
|
|
150
|
+
"files": ["src/routes/private.ts"],
|
|
151
|
+
"must_match": ["requireAuth\\(", "export const privateRouter"],
|
|
152
|
+
"must_not_match": ["TODO", "as any", "not implemented"]
|
|
153
|
+
}
|
|
154
|
+
```
|
|
155
|
+
|
|
156
|
+
Semantics:
|
|
157
|
+
|
|
158
|
+
- `must_match` — **OR across files**: each pattern must appear in **≥ 1** of `files[]`.
|
|
159
|
+
- `must_not_match` — **absent in all**: no pattern may appear in **any** of `files[]`.
|
|
160
|
+
- Each `files[]` entry is also **parse-checked** (`JSON.parse` for `.json`,
|
|
161
|
+
`node --check` for `.js/.mjs/.cjs`) to catch a truncated/corrupted write; a
|
|
162
|
+
declared file that does not exist fails the criterion.
|
|
163
|
+
- An invalid regex degrades to a literal-substring test — a typo never crashes the gate.
|
|
164
|
+
|
|
165
|
+
**Rules:**
|
|
166
|
+
|
|
167
|
+
- Use the `SG-` id prefix (mirrors `RG-` / `SEC-`).
|
|
168
|
+
- A criterion is **either** runtime (`verification` command) **or** static
|
|
169
|
+
(`must_match`/`must_not_match`), **never both** — split into two criteria.
|
|
170
|
+
- A static criterion **requires** a non-empty `files[]` to read.
|
|
171
|
+
- SG-* does **not** replace `RG-*`: a static `must_match` proving an API *call
|
|
172
|
+
appears in source* is not proof the endpoint *runs*. Keep the `RG-smoke`
|
|
173
|
+
runtime gate; SG-* is the cheap, early, build-independent complement.
|
|
174
|
+
|
|
175
|
+
For a **project-wide** sweep of the same anti-patterns (not tied to one AC), run
|
|
176
|
+
`aioson audit:code . --json` — the categorized static scan (`TODO` /
|
|
177
|
+
`ANTI_PATTERN` / `DEAD_CODE` / `DUPLICATION`) `@qa` consumes one category at a time.
|
|
178
|
+
|
|
65
179
|
### 3. Set `contract_mode`
|
|
66
180
|
|
|
67
|
-
By classification and risk surface, using the modes accepted by the harness schema:
|
|
68
|
-
|
|
69
|
-
- **SMALL** → `safe`
|
|
70
|
-
- **MEDIUM (default)** → `builder`
|
|
71
|
-
- **MEDIUM with sensitive surface** (auth, money, ownership, secrets, uploads, external URLs) → `safe`
|
|
72
|
-
- **Explicit user-approved long autonomous run** → `autopilot`
|
|
181
|
+
By classification and risk surface, using the modes accepted by the harness schema:
|
|
182
|
+
|
|
183
|
+
- **SMALL** → `safe`
|
|
184
|
+
- **MEDIUM (default)** → `builder`
|
|
185
|
+
- **MEDIUM with sensitive surface** (auth, money, ownership, secrets, uploads, external URLs) → `safe`
|
|
186
|
+
- **Explicit user-approved long autonomous run** → `autopilot`
|
|
73
187
|
|
|
74
188
|
### 4. Set `governor` block
|
|
75
189
|
|
|
76
|
-
Safe defaults for a normal MEDIUM `builder` contract:
|
|
77
|
-
|
|
78
|
-
```json
|
|
79
|
-
{ "max_steps": 30, "cost_ceiling_tokens": 1000000, "error_streak_limit": 5 }
|
|
80
|
-
```
|
|
81
|
-
|
|
82
|
-
- `safe` applies the tight preset for risky or bounded runs.
|
|
83
|
-
- `builder` applies the normal MEDIUM preset.
|
|
84
|
-
- `autopilot` applies the largest preset and requires explicit user approval.
|
|
190
|
+
Safe defaults for a normal MEDIUM `builder` contract:
|
|
191
|
+
|
|
192
|
+
```json
|
|
193
|
+
{ "max_steps": 30, "cost_ceiling_tokens": 1000000, "error_streak_limit": 5 }
|
|
194
|
+
```
|
|
195
|
+
|
|
196
|
+
- `safe` applies the tight preset for risky or bounded runs.
|
|
197
|
+
- `builder` applies the normal MEDIUM preset.
|
|
198
|
+
- `autopilot` applies the largest preset and requires explicit user approval.
|
|
85
199
|
|
|
86
200
|
## Authoring rules
|
|
87
201
|
|
|
@@ -96,14 +210,14 @@ Safe defaults for a normal MEDIUM `builder` contract:
|
|
|
96
210
|
### `harness-contract.json`
|
|
97
211
|
|
|
98
212
|
```json
|
|
99
|
-
{
|
|
100
|
-
"feature": "<slug>",
|
|
101
|
-
"contract_mode": "balanced | safe | builder | autopilot",
|
|
102
|
-
"governor": {
|
|
103
|
-
"max_steps": 50,
|
|
104
|
-
"cost_ceiling_tokens": 1000000,
|
|
105
|
-
"error_streak_limit": 5
|
|
106
|
-
},
|
|
213
|
+
{
|
|
214
|
+
"feature": "<slug>",
|
|
215
|
+
"contract_mode": "balanced | safe | builder | autopilot",
|
|
216
|
+
"governor": {
|
|
217
|
+
"max_steps": 50,
|
|
218
|
+
"cost_ceiling_tokens": 1000000,
|
|
219
|
+
"error_streak_limit": 5
|
|
220
|
+
},
|
|
107
221
|
"criteria": [
|
|
108
222
|
{
|
|
109
223
|
"id": "C1",
|
|
@@ -111,12 +225,24 @@ Safe defaults for a normal MEDIUM `builder` contract:
|
|
|
111
225
|
"assertion": "...",
|
|
112
226
|
"binary": true,
|
|
113
227
|
"verification": "node --test tests/foo.test.js"
|
|
228
|
+
},
|
|
229
|
+
{
|
|
230
|
+
"id": "SG-1",
|
|
231
|
+
"description": "...",
|
|
232
|
+
"assertion": "...",
|
|
233
|
+
"binary": true,
|
|
234
|
+
"files": ["src/x/y.ts"],
|
|
235
|
+
"must_match": ["export function parseX"],
|
|
236
|
+
"must_not_match": ["as any", "TODO"]
|
|
114
237
|
}
|
|
115
238
|
]
|
|
116
239
|
}
|
|
117
240
|
```
|
|
118
241
|
|
|
119
|
-
|
|
242
|
+
A criterion is **runtime** (carries `verification`, executed via `aioson
|
|
243
|
+
harness:check` with exit code 0 = pass) **or** **static** (carries `files[]` +
|
|
244
|
+
`must_match`/`must_not_match`, evaluated build-free — see §2d). Both are
|
|
245
|
+
optional per criterion; a criterion with neither stays an `@validator` judgment.
|
|
120
246
|
|
|
121
247
|
### `progress.json`
|
|
122
248
|
|
|
@@ -138,3 +264,4 @@ Safe defaults for a normal MEDIUM `builder` contract:
|
|
|
138
264
|
- **No verifiable ACs in PRD** — go back to enrichment with `@product` and add concrete assertions before generating a contract.
|
|
139
265
|
- **All ACs are advisory** — flag to user; the harness adds no value. Skip contract generation, document the decision in `sheldon-enrichment-{slug}.md`.
|
|
140
266
|
- **`harness:init` CLI missing** — write stubs manually, but record in handoff that CLI was unavailable so `@dev` can install it.
|
|
267
|
+
- **All criteria are unit tests on a runtime feature** — the contract proves the tests pass, not that the app runs. This is the failure that ships a green-but-broken build (migrations never applied, UI never wired, process never booted). Add the §2c runtime-gate criteria before declaring the contract final; a runtime-feature contract without them is invalid.
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: "Verification sub-agent config (verification.json) — which verifiers run, when, and on which host/model; native vs external dispatch."
|
|
3
|
+
agents: [dev, qa, validator]
|
|
4
|
+
task_types: [verification, configuration]
|
|
5
|
+
triggers: [verification config, verification.json, sub-agent verification, native vs external, cross-vendor auditor]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Verification sub-agent config — `.aioson/config/verification.json`
|
|
9
|
+
|
|
10
|
+
Controls **which** verification sub-agents run, **when**, and on **which model** — resolved per host harness. Consumed by the `@dev` phase-loop (per-phase checks) and the post-dev review cycle (end-of-feature gate). Auto-generated on `aioson init`/`update` and hand-editable: your values survive updates (additive merge), only `version` is framework-owned.
|
|
11
|
+
|
|
12
|
+
## The one rule that trips people up: `native` vs `external`
|
|
13
|
+
|
|
14
|
+
Dispatch is **keyed by the host harness** (`claude` / `codex` / `opencode`), and each host has two modes:
|
|
15
|
+
|
|
16
|
+
- **`native`** — an in-harness sub-agent. On **Claude Code** it runs a **Claude model tier** (e.g. `sonnet-4.6`, `opus-4.8`). On codex/opencode it runs that CLI's own configured model. You **cannot** run a codex/GPT model as a *native Claude Code sub-agent* — different vendor, different process.
|
|
17
|
+
- **`external`** — spawn a **different vendor CLI** as a read-only auditor (`aioson verify:implementation --tool=...`). This is the *only* way to bring a cross-vendor model in while hosted elsewhere. Heavier; reserve for a second opinion on sensitive surfaces — see `cross_check`.
|
|
18
|
+
|
|
19
|
+
So the config never asks "run codex inside claude". Each host row just names the right **native** model for whoever is hosting; `cross_check` is the explicit, opt-in cross-vendor escape hatch.
|
|
20
|
+
|
|
21
|
+
## Per-agent fields
|
|
22
|
+
|
|
23
|
+
```jsonc
|
|
24
|
+
"qa": {
|
|
25
|
+
"enabled": true, // true | false | "auto" (framework decides)
|
|
26
|
+
"triggers": ["per-phase", "end-of-feature"],
|
|
27
|
+
"dispatch": {
|
|
28
|
+
"claude": { "mode": "native", "model": "sonnet-4.6" },
|
|
29
|
+
"codex": { "mode": "native", "model": "configured-default" },
|
|
30
|
+
"opencode": { "mode": "native", "model": "configured-default" }
|
|
31
|
+
},
|
|
32
|
+
"report": "qa-report-{slug}.md" // {slug} is substituted at run time
|
|
33
|
+
}
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
- **`enabled`** — `true` / `false` / `"auto"`. `"auto"` resolves from context: `pentester` only on a sensitive surface, `tester` on anything above MICRO, others on.
|
|
37
|
+
- **`triggers`** — `per-phase` (light, cheap, runs between phases), `end-of-feature` (full gate), `sensitive-surface` (security pass). Per-phase is the cheap loop check; the full smoke runs once at `end-of-feature`.
|
|
38
|
+
- **`model: "configured-default"`** — delegate to the host CLI's own configured model (don't pin one).
|
|
39
|
+
- **`validator.cross_check`** — `{ "enabled": false, "mode": "external", "tool": "codex", "model": "..." }`. Flip `enabled: true` to add an independent cross-vendor verdict on the contract.
|
|
40
|
+
|
|
41
|
+
## Budget (token economy)
|
|
42
|
+
|
|
43
|
+
```jsonc
|
|
44
|
+
"budget": {
|
|
45
|
+
"max_subagents_per_phase": 1, // cap concurrent verifiers per phase
|
|
46
|
+
"skip_on_micro": true, // suppress per-phase checks on MICRO
|
|
47
|
+
"full_smoke": "end-of-feature-only" // never re-run the full runtime smoke per phase
|
|
48
|
+
}
|
|
49
|
+
```
|
|
50
|
+
|
|
51
|
+
The whole point is **leve por fase / completo no fim**: a per-phase check confirms the slice cheaply; the expensive build+migrate+boot+happy-path smoke runs once, at the end.
|
|
52
|
+
|
|
53
|
+
## Code-quality gate (`audit_code`)
|
|
54
|
+
|
|
55
|
+
Controls the deterministic, build-free `aioson audit:code` scan wired into the **tracked** `workflow:next` `@dev`/`@qa` done-gate (the non-security categories: anti-patterns / TODOs / dead code / duplication; security stays with `security:audit`).
|
|
56
|
+
|
|
57
|
+
```jsonc
|
|
58
|
+
"audit_code": {
|
|
59
|
+
"tracked_gate": "advisory", // "block" | "advisory" | "off"
|
|
60
|
+
"scope": "changed" // "changed" (git diff, fast) | "full" (whole tree)
|
|
61
|
+
}
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
- **`advisory`** (default) — the scan runs, persists `.aioson/context/audit-code.json`, emits a guard event on a HIGH finding, and rides a summary on the workflow result, but **never blocks** the stage. `audit:code` is a heuristic opinion, not the feature's declared contract, so it does not gate by default (and existing flows keep advancing).
|
|
65
|
+
- **`block`** — a HIGH finding in scope is a **hard gate**: `@dev`/`@qa` cannot complete until it is fixed (or the policy relaxed). Use this when you want the tracked workflow to enforce code health like a runtime gate.
|
|
66
|
+
- **`off`** — skip the step entirely.
|
|
67
|
+
|
|
68
|
+
This is deterministic (no LLM judgment) and runs at every tracked `@dev`/`@qa` completion. `@qa` separately treats a HIGH as a Gate-D blocker in its review, and the same scan auto-fires as an advisory in `aioson agent:epilogue` for untracked sessions.
|
|
69
|
+
|
|
70
|
+
> **Periphery analog:** for the **non-code** artifacts the specialized agents produce (project context, genomes, profiler reports, the discovery cache, hybrid skills, generated sites, copy, commit subjects), the same build-free philosophy is applied by `aioson verify:artifact` — see **`verify-artifact-gates.md`**.
|
|
71
|
+
|
|
72
|
+
## Examples
|
|
73
|
+
|
|
74
|
+
Pin qa to the cheapest Claude tier per phase:
|
|
75
|
+
```json
|
|
76
|
+
"qa": { "dispatch": { "claude": { "mode": "native", "model": "haiku-4.5" } } }
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
Add a cross-vendor second opinion on the contract for sensitive features:
|
|
80
|
+
```json
|
|
81
|
+
"validator": { "cross_check": { "enabled": true, "mode": "external", "tool": "codex", "model": "configured-default" } }
|
|
82
|
+
```
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: "Artifact done-gates (verify:artifact) — build-free, model-agnostic completeness/integrity checks for the non-code artifacts the specialized agents produce before they register done."
|
|
3
|
+
agents: [setup, genome, profiler-researcher, profiler-enricher, profiler-forge, discover, orache, design-hybrid-forge, site-forge, copywriter, committer, squad]
|
|
4
|
+
task_types: [verification, configuration]
|
|
5
|
+
triggers: [verify:artifact, artifact gate, done gate, artifact done-gate, placeholder gate, kind=]
|
|
6
|
+
---
|
|
7
|
+
|
|
8
|
+
# Artifact done-gates — `aioson verify:artifact`
|
|
9
|
+
|
|
10
|
+
The periphery analog of the code pipeline's `SG-*` / `RG-*` harness gates: a
|
|
11
|
+
build-free **"done = proven, not asserted"** check for the **non-code artifacts**
|
|
12
|
+
the specialized agents produce. Where `audit:code` scans code quality and the
|
|
13
|
+
harness contract gates a feature, `verify:artifact` proves a produced artifact is
|
|
14
|
+
complete and well-formed before the agent calls `agent:done`.
|
|
15
|
+
|
|
16
|
+
The failure mode it closes is the one the runtime smoke gate closed for code: an
|
|
17
|
+
agent self-declaring done with no proof — a `project.context.md` with an invalid
|
|
18
|
+
enum, a genome missing its manifest, a research report with an unfilled
|
|
19
|
+
`[Full Name]`, a generated site that never built.
|
|
20
|
+
|
|
21
|
+
```bash
|
|
22
|
+
aioson verify:artifact . --kind=<kind> [--slug=<slug>] [--file=<path>] [--advisory] [--strict]
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
A `kind` routes to either an **existing validator** or a declarative **SG-\***
|
|
26
|
+
**ruleset** over the shared static-criteria engine — pure `fs` + `RegExp` +
|
|
27
|
+
`JSON.parse` / `node --check` (no shell, no build, cross-platform by
|
|
28
|
+
construction). Adding a gate to a new agent is a registry entry plus one
|
|
29
|
+
done-gate line, not a bespoke implementation.
|
|
30
|
+
|
|
31
|
+
| kind | agent | backed by | default |
|
|
32
|
+
|---|---|---|---|
|
|
33
|
+
| `project-context` | `@setup` | `validateProjectContextFile` (required fields, enums, frontmatter parse) | blocking |
|
|
34
|
+
| `genome` | `@genome`, `@profiler-forge` | `genome:doctor` (manifest/references/anchor/Track-4.3 quality) | blocking |
|
|
35
|
+
| `research-report` | `@profiler-researcher` | ruleset (frontmatter + inventory/extracted/gaps sections, no template token) | blocking |
|
|
36
|
+
| `enriched-profile` | `@profiler-enricher` | ruleset (exec summary / psychometric / operational method / trait interactions) | blocking |
|
|
37
|
+
| `bootstrap` | `@discover` | ruleset (all 4 cold-start files exist with real frontmatter, no placeholder) | blocking |
|
|
38
|
+
| `orache-report` | `@orache` | ruleset, resolved via `--file` (7 dimensions + impact + source) | blocking |
|
|
39
|
+
| `hybrid-skill` | `@design-hybrid-forge` | ruleset (`.skill-meta.json` parses + sources, SKILL.md, both previews) | blocking |
|
|
40
|
+
| `site` | `@site-forge` | static floor + `npm run build` on the real stack | blocking |
|
|
41
|
+
| `copy` | `@copywriter` | ruleset (placeholder / Lorem / TODO / unfilled-token scan) | advisory |
|
|
42
|
+
| `commit-message` | `@committer` | subject heuristics (`--file` draft or HEAD commit) | advisory |
|
|
43
|
+
|
|
44
|
+
## Contract
|
|
45
|
+
|
|
46
|
+
- Every gate returns a uniform `{ ok, issues[], warnings[] }`, persists
|
|
47
|
+
`.aioson/context/verify-artifact-<kind>.json`, and sets **exit 1** on a hard
|
|
48
|
+
failure — **unless `--advisory`** (warn-only, always exit 0). `--strict`
|
|
49
|
+
promotes warnings to blocking issues.
|
|
50
|
+
- `--slug` resolves a slug-keyed artifact path; `--file` resolves a
|
|
51
|
+
caller-known / date-stamped path. A kind that needs one fails with a clean
|
|
52
|
+
usage error instead of probing a `null/` path.
|
|
53
|
+
- `--no-build` (kind=`site`) runs the static floor only — a fast mid-work
|
|
54
|
+
re-check that skips the `npm run build` runtime floor.
|
|
55
|
+
|
|
56
|
+
## Auto-fire at `agent:done`
|
|
57
|
+
|
|
58
|
+
These gates do not depend on each agent remembering to run its `## Done gate`
|
|
59
|
+
line. `aioson agent:done` resolves the calling agent to its artifact kind
|
|
60
|
+
(`src/artifact-kinds.js`) and runs the matching `verify:artifact --advisory`
|
|
61
|
+
itself — so the check fires at the one call every agent already makes at session
|
|
62
|
+
end (and rides on `agent:epilogue`, which wraps `agent:done`):
|
|
63
|
+
|
|
64
|
+
- **Self-resolving kinds** (`setup`→`project-context`, `discover`→`bootstrap`,
|
|
65
|
+
`committer`→`commit-message`) run with no extra input — fully deterministic,
|
|
66
|
+
no markdown dependency.
|
|
67
|
+
- **Locator-keyed kinds** run when the agent threads its locator into that same
|
|
68
|
+
call (`--slug` / `--file` / `--dir`, which the agent's Observability line now
|
|
69
|
+
carries); without it, `agent:done` surfaces a one-line hint naming the exact
|
|
70
|
+
command, so the gate is visible rather than silently skipped.
|
|
71
|
+
|
|
72
|
+
Always advisory at this layer: a failed or skipped check is surfaced but never
|
|
73
|
+
flips the session-end result. The explicit per-agent `## Done gate` stays as the
|
|
74
|
+
agent-facing "check and FIX" step; this is the deterministic engine net beneath
|
|
75
|
+
it — the periphery analog of how `audit:code` auto-fires in `agent:epilogue`.
|
|
76
|
+
|
|
77
|
+
## `@squad` is gated separately
|
|
78
|
+
|
|
79
|
+
A squad ships through its own `aioson squad:validate` (structural: manifest
|
|
80
|
+
schema, required files, every declared executor file exists, no duplicate slugs,
|
|
81
|
+
canonical paths) plus its source-grounded multi-model **eval-gate** — both
|
|
82
|
+
promoted from opt-in into the default `validate` step. See `@squad`'s Done gate.
|
|
83
|
+
|
|
84
|
+
## Why this shape
|
|
85
|
+
|
|
86
|
+
Same philosophy as the `audit_code` gate in `verification-config.md`: build-free,
|
|
87
|
+
model-agnostic, deterministic, and cheap enough to run at **every** agent's done
|
|
88
|
+
gate. It does not judge subjective quality (resonance, voice, persuasiveness) —
|
|
89
|
+
those stay with each agent's own checklist. It proves the artifact is *there*,
|
|
90
|
+
*structured*, and *not a placeholder*, which is exactly what self-asserted "done"
|
|
91
|
+
was silently skipping.
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: workflow-lean-lane
|
|
3
|
+
agents: [setup, product, sheldon, dev, qa, validator, neo, orchestrator]
|
|
4
|
+
modes: [planning]
|
|
5
|
+
task_types: [workflow, routing, configuration]
|
|
6
|
+
load_tier: trigger
|
|
7
|
+
triggers: [lean lane, workflow.config.json, fewer agents, menos é mais, lean pipeline]
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
# Workflow Lean Lane (SMALL default; opt-in for MEDIUM)
|
|
11
|
+
|
|
12
|
+
SMALL features now run the **lean chain by default**, and MEDIUM runs the **`@orchestrator` maestro lane**
|
|
13
|
+
(`@product → @orchestrator → @dev → @pentester → @qa`), where `@orchestrator` fans out to
|
|
14
|
+
`@analyst`/`@architect`/`@pm` (+ `@ux-ui` when UI-heavy) as sub-agents and consolidates one gated spec
|
|
15
|
+
package, with `@scope-check`, `@discovery-design-doc`, and `@ux-ui` available as opt-in detours. The older heavy chain (`product → analyst → scope-check → architect →
|
|
16
|
+
discovery-design-doc → pm → dev → qa`) is no longer a built-in default, but its spec hops can be opted
|
|
17
|
+
back in. The bottleneck was never "too few design documents", it was the absence of a gate that runs the
|
|
18
|
+
real app (now fixed: see `.aioson/docs/sheldon/harness-contract.md` §2c and `@qa`'s Runtime smoke gate).
|
|
19
|
+
|
|
20
|
+
The **lean lane** removes the intermediate hops and makes `@sheldon` the single spec authority:
|
|
21
|
+
|
|
22
|
+
```
|
|
23
|
+
product (PRD) → sheldon (enrich + ACs + design + plan + harness-contract) → dev → qa → (validator detour)
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
`@sheldon` runs in **Lean lane mode (RF-LEAN)** and produces, in one pass, what analyst/architect/
|
|
27
|
+
discovery-design-doc/pm would have produced (requirements + ACs, design-doc + readiness, implementation plan,
|
|
28
|
+
and the §2c runtime-gated harness contract). `@dev` implements from that plan using the project's design skill;
|
|
29
|
+
`@qa` runs the Runtime smoke gate; `@validator` runs as a detour when a harness contract exists.
|
|
30
|
+
|
|
31
|
+
## When to use which lane
|
|
32
|
+
|
|
33
|
+
| Use the **lean lane** when… | Opt into the **full chain** when… |
|
|
34
|
+
|---|---|
|
|
35
|
+
| Most features — bounded scope, a single product surface, a clear prototype | Genuinely large or multi-domain scope |
|
|
36
|
+
| You want velocity and one spec authority | Sensitive surface (money, multi-tenant ownership, regulated data) that wants independent architecture + scope-check + adversarial review as distinct gates |
|
|
37
|
+
| The team trusts `@sheldon` to own the bridge | You want the readiness/scope-check checkpoints to be separate agents |
|
|
38
|
+
|
|
39
|
+
The **runtime smoke gate is mandatory in both lanes** for every runtime surface the framework can prove from
|
|
40
|
+
local artifacts. The CLI blocks detectable runtime features (prototype manifest or migration/Prisma evidence)
|
|
41
|
+
without a valid `RG-*` contract; `@validator` still owns the target-app-only `has_api` judgment.
|
|
42
|
+
|
|
43
|
+
## How to opt in
|
|
44
|
+
|
|
45
|
+
SMALL already ships lean — no config needed. Use this preset to extend the lean shape to MEDIUM (or to pin it
|
|
46
|
+
explicitly). Drop this file at `.aioson/context/workflow.config.json` (the CLI's `readWorkflowConfig` merges it over the
|
|
47
|
+
built-in defaults — per-classification arrays replace the defaults). Then run `aioson workflow:next .` as usual.
|
|
48
|
+
|
|
49
|
+
A ready-to-copy preset lives at `.aioson/docs/presets/workflow.config.lean.json`:
|
|
50
|
+
|
|
51
|
+
```json
|
|
52
|
+
{
|
|
53
|
+
"version": 1,
|
|
54
|
+
"feature": {
|
|
55
|
+
"MICRO": ["product", "dev", "qa"],
|
|
56
|
+
"SMALL": ["product", "sheldon", "dev", "qa"],
|
|
57
|
+
"MEDIUM": ["product", "sheldon", "dev", "qa"]
|
|
58
|
+
},
|
|
59
|
+
"project": {
|
|
60
|
+
"MICRO": ["setup", "dev"],
|
|
61
|
+
"SMALL": ["setup", "product", "sheldon", "dev", "qa"],
|
|
62
|
+
"MEDIUM": ["setup", "product", "sheldon", "dev", "qa"]
|
|
63
|
+
},
|
|
64
|
+
"rules": { "required": ["dev"], "allowDetours": true }
|
|
65
|
+
}
|
|
66
|
+
```
|
|
67
|
+
|
|
68
|
+
`allowDetours: true` keeps `@validator` (harness contract present) and `@tester`/`@pentester` (fired by `@qa`'s
|
|
69
|
+
triggers) available as detours — they are not in the static sequence in either lane.
|
|
70
|
+
|
|
71
|
+
Autopilot (`auto_handoff: true`) drives only the **post-dev** cycle (`@dev → @qa → …`) in the lean lane:
|
|
72
|
+
`@product`/`@sheldon` always hand off manually (upstream-agent policy), so there is nothing to auto-chain before
|
|
73
|
+
`@dev`. This matches the MEDIUM maestro lane, whose `@product`/`@orchestrator` pre-dev handoffs are also manual —
|
|
74
|
+
so the lean lane loses no automation it was ever supposed to have.
|
|
75
|
+
|
|
76
|
+
Running the agents by hand (slash commands) is equivalent: activate `@product → @sheldon → @dev → @qa` and skip
|
|
77
|
+
analyst/architect/discovery-design-doc/pm. No config file is needed for the manual path.
|
|
78
|
+
|
|
79
|
+
## Full-merged chain (heavier, opt-in)
|
|
80
|
+
|
|
81
|
+
The lean/maestro defaults are enough for most work. When a project genuinely wants the heavier multi-agent
|
|
82
|
+
chain back — independent `@analyst`, `@architect`, and `@pm` as distinct gates — drop the **full-merged**
|
|
83
|
+
preset at `.aioson/context/workflow.config.json` (ready-to-copy at
|
|
84
|
+
`.aioson/docs/presets/workflow.config.full-merged.json`): it is that chain with `discovery-design-doc`
|
|
85
|
+
removed. On this full-merged detour, when the active sequence routes `@architect` → `@dev` while omitting
|
|
86
|
+
`@discovery-design-doc`, `@architect` runs in **merged mode** (see `agents/architect.md` → *Architect merged
|
|
87
|
+
mode*) and produces the design-doc + readiness + dev-state itself, then hands off to `@dev`. Merging `@architect` +
|
|
88
|
+
`@discovery-design-doc` keeps the readiness gate (the cheap, valuable part) while dropping the redundant
|
|
89
|
+
second file-level-plan hop; it is a velocity change, not a correctness one — the runtime gate is what
|
|
90
|
+
prevents the green-but-broken outcome.
|
|
91
|
+
|
|
92
|
+
```json
|
|
93
|
+
{
|
|
94
|
+
"version": 1,
|
|
95
|
+
"feature": {
|
|
96
|
+
"MICRO": ["product", "dev", "qa"],
|
|
97
|
+
"SMALL": ["product", "analyst", "scope-check", "architect", "dev", "qa"],
|
|
98
|
+
"MEDIUM": ["product", "analyst", "architect", "pm", "scope-check", "dev", "pentester", "qa"]
|
|
99
|
+
},
|
|
100
|
+
"project": {
|
|
101
|
+
"MICRO": ["setup", "dev"],
|
|
102
|
+
"SMALL": ["setup", "product", "analyst", "scope-check", "architect", "dev", "qa"],
|
|
103
|
+
"MEDIUM": ["setup", "product", "analyst", "architect", "ux-ui", "pm", "orchestrator", "scope-check", "dev", "qa"]
|
|
104
|
+
},
|
|
105
|
+
"rules": { "required": ["dev"], "allowDetours": true }
|
|
106
|
+
}
|
|
107
|
+
```
|
|
108
|
+
|
|
109
|
+
## What this does NOT change
|
|
110
|
+
|
|
111
|
+
- The override mechanism is unchanged — `readWorkflowConfig` still merges `workflow.config.json` over the
|
|
112
|
+
built-in defaults (per-classification arrays replace the defaults). Only the built-in default *shape* changed
|
|
113
|
+
(SMALL ships lean, MEDIUM ships the `@orchestrator` maestro lane); the lean lane stays a project-level config +
|
|
114
|
+
agent capability, not a different engine.
|
|
115
|
+
- The runtime safety gates are unchanged: `@qa`'s Runtime smoke gate, the §2c `RG-*` criteria, the CLI
|
|
116
|
+
contract-integrity backstop, and `@validator`'s target-app judgment apply identically in both lanes.
|
|
117
|
+
|
|
118
|
+
## What the lean lane DOES change about the gates
|
|
119
|
+
|
|
120
|
+
Removing `@analyst`/`@pm` removes the agents that produced `spec-{slug}.md` and approved the process gates
|
|
121
|
+
A (requirements), B (design) and C (plan). Those gates still fire under `aioson workflow:next` — `@dev`'s
|
|
122
|
+
completion checks **Gate C** against `spec-{slug}.md`, and `@qa`'s checks **Gate D** against the same file — so
|
|
123
|
+
the lean lane would dead-end at `@dev` if nothing produced them. In the lean lane **`@sheldon` owns that**: its
|
|
124
|
+
RF-LEAN pass writes `spec-{slug}.md` with `gate_requirements`/`gate_design`/`gate_plan: approved` and an
|
|
125
|
+
`implementation-plan-{slug}.md` with `status: approved` (the hops it collapsed, after the user confirms its
|
|
126
|
+
spec-authority output). Gate D / execution stays with `@qa`, which writes the `## QA sign-off` PASS into the same
|
|
127
|
+
file after the Runtime smoke gate. If you run the lane by hand (slash
|
|
128
|
+
commands, untracked), the gate frontmatter is informational — but writing it keeps the manual and tracked paths
|
|
129
|
+
identical.
|
|
@@ -19,6 +19,8 @@ If `.interface-design/system.md` exists, treat it as the visual source of truth:
|
|
|
19
19
|
- Respect it unless the user explicitly wants a redesign.
|
|
20
20
|
- Update it when you introduce a reusable pattern, token rule, or layout decision.
|
|
21
21
|
|
|
22
|
+
If an `identity.md` exists (`.aioson/briefings/{slug}/identity.md`, else `.aioson/context/identity.md`), treat it as the visual source of truth too — it is the **extracted-from-references** form of `system.md`, distilled once from the user's own reference images (see `.aioson/docs/reference-identity.md`). Load its token sections and `## Component structure notes` before choosing a direction, and **apply** them rather than re-deriving a generic one. It is an input you apply, not a separate design system.
|
|
23
|
+
|
|
22
24
|
If the file does not exist and the task covers more than one screen or component family, create it with:
|
|
23
25
|
- Product context and UI intent
|
|
24
26
|
- Chosen design direction and anti-goals
|