@jterrats/open-orchestra 0.5.5 → 1.0.1

package/dist/workflow-services.js

@@ -1,9 +1,10 @@
 import { randomUUID } from "node:crypto";
 import path from "node:path";
+import { uniqueStrings } from "./collection-utils.js";
 import { FILES } from "./constants.js";
 import { removeUndefined } from "./command-utils.js";
-import { ensureDir, readJson, resolveWorkflowPath, updateJsonFile, writeJson, } from "./fs-utils.js";
-import { assertProviderAllowed, assertVendorFallbackAllowed, createModelProvider, defaultApiKeyFileEnv, defaultBaseUrlEnv, FakeModelProvider, InMemoryModelProviderRegistry, providerEnvFromCredentialConfig, summarizeConfiguredProviders, } from "./model-providers.js";
+import { ensureDir, exists, readJson, resolveWorkflowPath, updateJsonFile, writeJson, } from "./fs-utils.js";
+import { assertProviderAllowed, assertVendorFallbackAllowed, createModelProvider, defaultApiKeyEnv, defaultApiKeyFileEnv, defaultBaseUrlEnv, FakeModelProvider, InMemoryModelProviderRegistry, providerEnvFromCredentialConfig, summarizeConfiguredProviders, } from "./model-providers.js";
 import { appendEvent, loadWorkspace, readEvents, writeArtifact, } from "./workspace.js";
 import { validateReadiness } from "./validation.js";
 import { getWorkflowGate } from "./workflow-gates.js";
@@ -13,143 +14,20 @@ import { getTelemetryConsent } from "./telemetry.js";
 import { latestDelegationDecision } from "./delegation-decision.js";
 import { listAutonomousRuns } from "./autonomous-workflow.js";
 import { readEstimate } from "./benchmark.js";
+import { qaPlanReadinessBlocker } from "./qa-readiness.js";
 import { handoffFlowRequirements, recommendCollaborationFlow, } from "./collaboration-flows.js";
 import { queryMemory, recordMemoryEvent } from "./memory.js";
 import { applyContextBudget, DEFAULT_CONTEXT_TOKEN_BUDGET, } from "./context-budget.js";
 import { selectWorkflowTemplates } from "./workflow-templates.js";
 import { findStoredApprovalForProposal } from "./workflow-approval-service.js";
+import { listWorkflowEventsByType } from "./workflow-event-query.js";
 import { aggregateUsage, aggregateUsageBy, budgetEstimateWarningsForBudgets, budgetViolations, emptyUsageBreakdown, projectUsageCost, } from "./workflow-budget-utils.js";
+import { listTasks as listWorkflowTasks, updateTask as updateWorkflowTask, } from "./workflow-task-service.js";
 import { SIZING_LABELS } from "./types.js";
+export { addTask, archiveTask, deleteTask, getWorkflowStatus, listTasks, updateTask, } from "./workflow-task-service.js";
 export { addEvidence, addPlaywrightEvidence, listEvidence, listReviews, recordReview, } from "./workflow-evidence-service.js";
 export { generatePlaywrightTestPlan, generatePullRequestSummary, getWorkflowSummary, } from "./workflow-summary-service.js";
-export { approveApproval, approveWorkflowGate, listApprovals, rejectApproval, showApproval, } from "./workflow-approval-service.js";
-export async function getWorkflowStatus(root = process.cwd()) {
-    const workspace = await loadWorkspace(root);
-    const config = await readJson(resolveWorkflowPath(root, FILES.config), {});
-    const counts = Object.create(null);
-    const blocked = [];
-    for (const task of workspace.tasks) {
-        counts[task.status] = (counts[task.status] ?? 0) + 1;
-        if (task.status === "blocked") {
-            blocked.push({
-                id: task.id,
-                title: task.title,
-                reason: task.blockedReason ?? "not specified",
-            });
-        }
-    }
-    return {
-        ...(config.mode ? { mode: config.mode } : {}),
-        tasks: {
-            total: workspace.tasks.length,
-            byStatus: counts,
-            blocked,
-        },
-        locks: {
-            total: workspace.locks.length,
-        },
-    };
-}
-export async function addTask(input, root = process.cwd()) {
-    const workspace = await loadWorkspace(root);
-    if (!workspace.roleIds.has(input.ownerRole)) {
-        throw new Error(`unknown owner role: ${input.ownerRole}`);
-    }
-    const now = new Date().toISOString();
-    const task = removeUndefined({
-        ...input,
-        status: "pending",
-        createdAt: now,
-        updatedAt: now,
-    });
-    await mutateTasks(workspace.base, (tasks) => {
-        if (tasks.some((candidate) => candidate.id === input.id)) {
-            throw new Error(`task already exists: ${input.id}`);
-        }
-        return [...tasks, task];
-    });
-    await appendEvent(root, {
-        type: "TASK_ASSIGNED",
-        taskId: input.id,
-        actor: "parent",
-        summary: `Task assigned to ${input.ownerRole}`,
-        metadata: { title: input.title, ownerRole: input.ownerRole },
-    });
-    return task;
-}
-export async function listTasks(root = process.cwd()) {
-    const workspace = await loadWorkspace(root);
-    return workspace.tasks;
-}
-export async function deleteTask(taskId, options = {}, root = process.cwd()) {
-    const workspace = await loadWorkspace(root);
-    let deleted;
-    await mutateTasks(workspace.base, (tasks) => {
-        const taskIndex = tasks.findIndex((task) => task.id === taskId);
-        if (taskIndex < 0) {
-            throw new Error(`unknown task: ${taskId}`);
-        }
-        const current = tasks[taskIndex];
-        if (!current) {
-            throw new Error(`unknown task: ${taskId}`);
-        }
-        assertTaskCanBeRemoved(current, tasks, options.force ?? false);
-        deleted = current;
-        return tasks.filter((task) => task.id !== taskId);
-    });
-    if (!deleted) {
-        throw new Error(`unknown task: ${taskId}`);
-    }
-    await appendEvent(root, {
-        type: "TASK_DELETED",
-        taskId,
-        actor: "parent",
-        summary: `Task deleted: ${taskId}`,
-        metadata: {
-            title: deleted.title,
-            status: deleted.status,
-            forced: Boolean(options.force),
-        },
-    });
-    return deleted;
-}
-export async function archiveTask(taskId, options = {}, root = process.cwd()) {
-    const workspace = await loadWorkspace(root);
-    let archived;
-    await mutateTasks(workspace.base, (tasks) => {
-        const taskIndex = tasks.findIndex((task) => task.id === taskId);
-        if (taskIndex < 0) {
-            throw new Error(`unknown task: ${taskId}`);
-        }
-        const current = tasks[taskIndex];
-        if (!current) {
-            throw new Error(`unknown task: ${taskId}`);
-        }
-        assertTaskCanBeRemoved(current, tasks, options.force ?? false);
-        archived = {
-            ...current,
-            status: "archived",
-            updatedAt: new Date().toISOString(),
-        };
-        const nextTasks = [...tasks];
-        nextTasks[taskIndex] = archived;
-        return nextTasks;
-    });
-    if (!archived) {
-        throw new Error(`unknown task: ${taskId}`);
-    }
-    await appendEvent(root, {
-        type: "TASK_ARCHIVED",
-        taskId,
-        actor: "parent",
-        summary: `Task archived: ${taskId}`,
-        metadata: {
-            title: archived.title,
-            forced: Boolean(options.force),
-        },
-    });
-    return archived;
-}
+export { approveApproval, approveWorkflowGate, listApprovals, recordWorkflowGateDecision, rejectApproval, showApproval, } from "./workflow-approval-service.js";
 export async function listRoles(root = process.cwd()) {
     const workspace = await loadWorkspace(root);
     return workspace.roles;
@@ -197,72 +75,6 @@ export async function validatePreRun(taskId, options = {}, root = process.cwd())
         bypassDecisionArtifact,
     });
 }
-export async function updateTask(input, root = process.cwd()) {
-    const workspace = await loadWorkspace(root);
-    if (input.ownerRole && !workspace.roleIds.has(input.ownerRole)) {
-        throw new Error(`unknown owner role: ${input.ownerRole}`);
-    }
-    let updated;
-    let changedFields = [];
-    await mutateTasks(workspace.base, (tasks) => {
-        const taskIndex = tasks.findIndex((task) => task.id === input.id);
-        if (taskIndex < 0) {
-            throw new Error(`unknown task: ${input.id}`);
-        }
-        const current = tasks[taskIndex];
-        if (!current) {
-            throw new Error(`unknown task: ${input.id}`);
-        }
-        const next = { ...current };
-        const changes = new Set();
-        applyTaskUpdate(next, current, input, changes);
-        changedFields = [...changes].sort();
-        updated = { ...next, updatedAt: new Date().toISOString() };
-        const nextTasks = [...tasks];
-        nextTasks[taskIndex] = updated;
-        return nextTasks;
-    });
-    if (!updated) {
-        throw new Error(`unknown task: ${input.id}`);
-    }
-    await appendEvent(root, {
-        type: "TASK_UPDATED",
-        taskId: input.id,
-        actor: "parent",
-        summary: `Task updated: ${input.id}`,
-        metadata: { status: updated.status, changedFields },
-    });
-    return updated;
-}
-function applyTaskUpdate(next, current, input, changedFields) {
-    setTaskField(next, current, "title", input.title, changedFields);
-    setTaskField(next, current, "ownerRole", input.ownerRole, changedFields);
-    setTaskField(next, current, "goal", input.goal, changedFields);
-    setTaskField(next, current, "scope", input.scope, changedFields);
-    setTaskField(next, current, "paths", input.paths, changedFields);
-    setTaskField(next, current, "testStrategy", input.testStrategy, changedFields);
-    setTaskField(next, current, "status", input.status, changedFields);
-    setTaskField(next, current, "blockedReason", input.blockedReason, changedFields);
-    appendTaskField(next, "acceptanceCriteria", input.acceptanceCriteria, changedFields);
-    appendTaskField(next, "assumptions", input.assumptions, changedFields);
-    appendTaskField(next, "risks", input.risks, changedFields);
-}
-function setTaskField(next, current, key, value, changedFields) {
-    if (value === undefined) {
-        return;
-    }
-    if (JSON.stringify(current[key]) !== JSON.stringify(value)) {
-        changedFields.add(String(key));
-    }
-    next[key] = value;
-}
-function appendTaskField(next, key, values, changedFields) {
-    if (!values || values.length === 0) {
-        return;
-    }
-    next[key] = [...(next[key] ?? []), ...values];
-    changedFields.add(key);
-}
 export async function checkTaskDependencies(taskId, root = process.cwd()) {
     const workspace = await loadWorkspace(root);
     const task = workspace.tasks.find((candidate) => candidate.id === taskId);
@@ -289,7 +101,7 @@ export async function checkTaskDependencies(taskId, root = process.cwd()) {
     };
 }
 export async function generateTaskGraphPlan(root = process.cwd()) {
-    const tasks = await listTasks(root);
+    const tasks = await listWorkflowTasks(root);
     const locks = await listLocks(root);
     const ready = [];
     const blocked = [];
@@ -311,6 +123,14 @@ export async function generateTaskGraphPlan(root = process.cwd()) {
         }
         const dependencies = await checkTaskDependencies(task.id, root);
         if (dependencies.isSatisfied) {
+            const qaBlocker = qaPlanReadinessBlocker(task);
+            if (qaBlocker) {
+                blocked.push({
+                    ...item,
+                    incomplete: [qaBlocker],
+                });
+                continue;
+            }
             const taskLocks = locksForTask(task, locks);
             if (taskLocks.length > 0) {
                 locked.push({
@@ -557,7 +377,7 @@ export async function createHandoff(input, root = process.cwd()) {
         metadata: { to: input.to, updateOwner: Boolean(input.updateOwner) },
     });
     if (input.updateOwner) {
-        await updateTask({ id: input.task, ownerRole: input.to }, root);
+        await updateWorkflowTask({ id: input.task, ownerRole: input.to }, root);
     }
     return { artifact, content };
 }
@@ -587,8 +407,9 @@ export async function recordDecision(input, root = process.cwd()) {
         "",
     ].join("\n");
     const artifact = await writeArtifact(root, "decisions", fileName, content);
-    // Extract sizing/points from decision text when owner is architect
-    // Expected format: "<sizing> [N points]" e.g. "m [5 points]" or just "m"
+    // Extract sizing/points from decision text for estimation decisions.
+    // Architect format: "<sizing> [N points]" e.g. "m [5 points]" or just "m".
+    // Developer format: "N points" for implementation effort.
     const sizingMetadata = {};
     if (input.owner === "architect") {
         const sizingMatch = /^\s*(xs|s|m|l|xl)\b/i.exec(input.decision);
@@ -603,6 +424,12 @@ export async function recordDecision(input, root = process.cwd()) {
             }
         }
     }
+    else if (input.owner === "developer") {
+        const pointsMatch = /\b(\d+)\s*points?\b/i.exec(input.decision);
+        if (pointsMatch) {
+            sizingMetadata.points = parseInt(pointsMatch[1], 10);
+        }
+    }
     await appendEvent(root, {
         type: "DECISION_RECORDED",
         taskId: input.task,
@@ -612,13 +439,15 @@ export async function recordDecision(input, root = process.cwd()) {
         metadata: {
             status: input.status,
             title: input.title,
+            decision: input.decision,
+            consequences: input.consequences,
             ...sizingMetadata,
         },
     });
     return { ...input, artifact };
 }
 export async function listDecisions(taskId, root = process.cwd()) {
-    return filterEvents("DECISION_RECORDED", taskId, root);
+    return listWorkflowEventsByType("DECISION_RECORDED", taskId, root);
 }
 export async function getTaskContext(taskId, root = process.cwd(), options = {}) {
     const workspace = await loadWorkspace(root);
@@ -1027,6 +856,146 @@ export async function getWorkflowConfig(root = process.cwd()) {
 export async function listConfiguredModelProviders(root = process.cwd()) {
     return summarizeConfiguredProviders(await getWorkflowConfig(root));
 }
+export async function listProviderRuntimeProfiles(root = process.cwd()) {
+    const config = await getWorkflowConfig(root);
+    const activeProfile = config.providers?.activeProfile;
+    return Object.entries(config.providers?.profiles ?? {})
+        .map(([name, profile]) => removeUndefined({
+        name,
+        active: name === activeProfile,
+        description: profile.description,
+        roles: Object.keys(profile.byRole ?? {}).sort(),
+        defaultProvider: profile.defaults?.provider,
+        defaultModel: profile.defaults?.model,
+        requiredEnv: profile.requiredEnv ?? [],
+    }))
+        .sort((a, b) => a.name.localeCompare(b.name));
+}
+export async function saveProviderRuntimeProfile(input, root = process.cwd()) {
+    const workspace = await loadWorkspace(root);
+    validateProfileName(input.name);
+    for (const role of input.roles) {
+        if (!workspace.roleIds.has(role)) {
+            throw new Error(`unknown role: ${role}`);
+        }
+    }
+    if (input.roles.length === 0) {
+        throw new Error("at least one role is required");
+    }
+    validateProfileRouting(input.routing);
+    const configPath = resolveWorkflowPath(root, FILES.config);
+    const config = await readJson(configPath, {});
+    const profile = removeUndefined({
+        description: input.description,
+        byRole: Object.fromEntries(input.roles.map((role) => [role, input.routing])),
+        requiredEnv: input.requiredEnv,
+    });
+    config.providers = {
+        defaults: config.providers?.defaults,
+        byRole: config.providers?.byRole ?? {},
+        profiles: {
+            ...(config.providers?.profiles ?? {}),
+            [input.name]: profile,
+        },
+        ...(input.activate ? { activeProfile: input.name } : {}),
+    };
+    await writeJson(configPath, config);
+    if (input.apply || input.activate) {
+        await applyProviderRuntimeProfile(input.name, root);
+    }
+    await appendEvent(root, {
+        type: "MODEL_PROFILE_SAVED",
+        actor: "parent",
+        summary: `Provider runtime profile saved: ${input.name}`,
+        metadata: {
+            profile: input.name,
+            roles: input.roles,
+            provider: input.routing.provider,
+            model: input.routing.model,
+        },
+    });
+    const summaries = await listProviderRuntimeProfiles(root);
+    return summaries.find((summary) => summary.name === input.name);
+}
+export async function applyProviderRuntimeProfile(name, root = process.cwd()) {
+    validateProfileName(name);
+    const workspace = await loadWorkspace(root);
+    const configPath = resolveWorkflowPath(root, FILES.config);
+    const config = await readJson(configPath, {});
+    const profile = config.providers?.profiles?.[name];
+    if (!profile) {
+        throw new Error(`unknown provider runtime profile: ${name}`);
+    }
+    for (const role of Object.keys(profile.byRole ?? {})) {
+        if (!workspace.roleIds.has(role)) {
+            throw new Error(`profile ${name} references unknown role: ${role}`);
+        }
+    }
+    for (const routing of Object.values(profile.byRole ?? {})) {
+        validateProfileRouting(routing);
+    }
+    if (profile.defaults) {
+        validateProfileRouting(profile.defaults);
+    }
+    config.providers = {
+        defaults: profile.defaults ?? config.providers.defaults,
+        byRole: {
+            ...(config.providers.byRole ?? {}),
+            ...(profile.byRole ?? {}),
+        },
+        profiles: config.providers.profiles ?? {},
+        activeProfile: name,
+    };
+    if (profile.budgets) {
+        config.budgets = profile.budgets;
+    }
+    if (profile.providerPolicy) {
+        config.providerPolicy = {
+            ...(config.providerPolicy ?? {}),
+            ...profile.providerPolicy,
+        };
+    }
+    await writeJson(configPath, config);
+    await appendEvent(root, {
+        type: "MODEL_PROFILE_APPLIED",
+        actor: "parent",
+        summary: `Provider runtime profile applied: ${name}`,
+        metadata: { profile: name, roles: Object.keys(profile.byRole ?? {}) },
+    });
+    const summaries = await listProviderRuntimeProfiles(root);
+    return summaries.find((summary) => summary.name === name);
+}
+export async function smokeProviderRuntimeProfile(name, root = process.cwd(), env = process.env) {
+    validateProfileName(name);
+    const config = await getWorkflowConfig(root);
+    const profile = config.providers?.profiles?.[name];
+    if (!profile) {
+        throw new Error(`unknown provider runtime profile: ${name}`);
+    }
+    const checks = [];
+    for (const envName of profile.requiredEnv ?? []) {
+        checks.push({
+            scope: `env:${envName}`,
+            provider: "environment",
+            model: "not-applicable",
+            status: env[envName]?.trim() ? "pass" : "fail",
+            detail: env[envName]?.trim()
+                ? "environment variable is configured"
+                : `missing required environment variable ${envName}`,
+        });
+    }
+    const routes = Object.entries(profile.byRole ?? {}).map(([role, routing]) => [`role:${role}`, routing]);
+    if (profile.defaults)
+        routes.unshift(["defaults", profile.defaults]);
+    for (const [scope, routing] of routes) {
+        checks.push(...(await smokeRouting(scope, routing, config, root, env)));
+    }
+    return {
+        profile: name,
+        passed: checks.every((check) => check.status === "pass"),
+        checks,
+    };
+}
 export async function completeWithProviderFallback(routing, prompt, { failingProviders = [], root = process.cwd(), taskId, role = "parent", jsonMode = false, providerMode = "fake", } = {}) {
     const registry = new InMemoryModelProviderRegistry();
     const config = await getWorkflowConfig(root);
@@ -1049,44 +1018,125 @@ export async function completeWithProviderFallback(routing, prompt, { failingPro
         if (providerMode === "real" && index > 0) {
             assertVendorFallbackAllowed(providerId, config.providerPolicy);
         }
-        try {
-            const provider = registry.get(providerId);
-            const response = await provider.complete({
-                model: routing.model,
-                jsonMode,
-                timeoutMs: routing.timeoutMs,
-                messages: [{ role: "user", content: prompt }],
-            });
-            if (index > 0) {
-                await appendEvent(root, removeUndefined({
-                    type: "MODEL_FALLBACK_USED",
-                    actor: role,
-                    taskId,
-                    summary: `Fallback provider used: ${providerId}`,
-                    metadata: { provider: providerId, failedProviders },
-                }));
+        let attempts = 0;
+        const maxAttempts = Math.max(1, 1 + routing.retries);
+        while (attempts < maxAttempts) {
+            attempts += 1;
+            try {
+                const provider = registry.get(providerId);
+                const response = await provider.complete({
+                    model: routing.model,
+                    jsonMode,
+                    timeoutMs: routing.timeoutMs,
+                    messages: [{ role: "user", content: prompt }],
+                });
+                if (index > 0) {
+                    await appendEvent(root, removeUndefined({
+                        type: "MODEL_FALLBACK_USED",
+                        actor: role,
+                        taskId,
+                        summary: `Fallback provider used: ${providerId}`,
+                        metadata: { provider: providerId, failedProviders },
+                    }));
+                }
+                return {
+                    provider: providerId,
+                    model: routing.model,
+                    response,
+                    fallbackUsed: index > 0,
+                    failedProviders,
+                };
+            }
+            catch (error) {
+                const failure = providerFailureFromError(providerId, error, attempts);
+                if (failure.code === "timeout") {
+                    throw error;
+                }
+                if (failure.retryable && attempts < maxAttempts) {
+                    continue;
+                }
+                failedProviders.push(failure);
+                break;
             }
-            return {
-                provider: providerId,
-                model: routing.model,
-                response,
-                fallbackUsed: index > 0,
-                failedProviders,
-            };
         }
-        catch (error) {
-            if (isProviderTimeoutError(error)) {
-                throw error;
+    }
+    throw new ProviderFallbackError(failedProviders);
+}
+export class ProviderFallbackError extends Error {
+    failures;
+    constructor(failures) {
+        super(providerFailureSummary(failures));
+        this.name = "ProviderFallbackError";
+        this.failures = failures;
+    }
+}
+export function providerFailuresFromError(error) {
+    return error instanceof ProviderFallbackError ? error.failures : [];
+}
+function providerFailureSummary(failures) {
+    const providers = failures.map((failure) => failure.provider).join(", ");
+    const details = failures
+        .map((failure) => `${failure.provider}: ${failure.reason} (${failure.code}, attempts=${failure.attempts})`)
+        .join("; ");
+    return `all providers failed: ${providers}${details ? ` (${details})` : ""}`;
+}
+function providerFailureFromError(providerId, error, attempts) {
+    const code = providerFailureCode(error);
+    return {
+        provider: providerId,
+        code,
+        reason: sanitizeProviderError(error),
+        retryable: code === "provider_error",
+        attempts,
+    };
+}
+function providerFailureCode(error) {
+    const message = errorMessage(error).toLowerCase();
+    if (isProviderTimeoutError(error))
+        return "timeout";
+    if (/permission|denied|forbidden|unauthorized/.test(message)) {
+        return "permission_denied";
+    }
+    if (/policy|not allowed|blocked/.test(message))
+        return "policy_blocked";
+    return "provider_error";
+}
+function sanitizeProviderError(error) {
+    const messages = [];
+    if (error instanceof Error) {
+        messages.push(error.message);
+        const cause = error.cause;
+        if (cause instanceof Error && cause.message !== error.message) {
+            messages.push(cause.message);
+        }
+        else if (isErrorCauseRecord(cause)) {
+            const code = typeof cause.code === "string" && cause.code.trim()
+                ? cause.code
+                : undefined;
+            const hostname = typeof cause.hostname === "string" && cause.hostname.trim()
+                ? cause.hostname
+                : undefined;
+            if (code || hostname) {
+                messages.push([code, hostname].filter(Boolean).join(" "));
             }
-            failedProviders.push({
-                provider: providerId,
-                reason: error instanceof Error ? error.message : String(error),
-            });
         }
     }
-    throw new Error(`all providers failed: ${failedProviders
-        .map((failure) => failure.provider)
-        .join(", ")}`);
+    else {
+        messages.push(String(error));
+    }
+    return redactProviderError(messages.filter(Boolean).join(": "));
+}
+function errorMessage(error) {
+    return error instanceof Error ? error.message : String(error);
+}
+function isErrorCauseRecord(value) {
+    return typeof value === "object" && value !== null;
+}
+function redactProviderError(message) {
+    return message
+        .replace(/(x-goog-api-key|api[_-]?key|authorization)\s*[:=]\s*\S+/gi, "$1=[REDACTED]")
+        .replace(/Bearer\s+[A-Za-z0-9._~+/=-]+/g, "Bearer [REDACTED]")
+        .replace(/AIza[0-9A-Za-z_-]{20,}/g, "[REDACTED_API_KEY]");
 }
 function isProviderTimeoutError(error) {
     if (!(error instanceof Error)) {
@@ -1109,6 +1159,10 @@ export async function setRoleModelProvider(role, routing, root = process.cwd())
             ...(config.providers.byRole ?? {}),
             [role]: routing,
         },
+        profiles: config.providers.profiles ?? {},
+        ...(config.providers.activeProfile
+            ? { activeProfile: config.providers.activeProfile }
+            : {}),
     };
     await writeJson(configPath, config);
     await appendEvent(root, {
@@ -1145,6 +1199,10 @@ export async function connectModelProvider(input, root = process.cwd()) {
     config.providers = {
         defaults: config.providers?.defaults ?? routing,
         byRole,
+        profiles: config.providers?.profiles ?? {},
+        ...(config.providers?.activeProfile
+            ? { activeProfile: config.providers.activeProfile }
+            : {}),
     };
     const credential = removeUndefined({
         apiKeyFile: input.apiKeyFile,
@@ -1165,7 +1223,7 @@ export async function connectModelProvider(input, root = process.cwd()) {
     if (input.allowDirectProviderApi) {
         config.providerPolicy = {
             ...(config.providerPolicy ?? {}),
-            allowedProviders: unique([
+            allowedProviders: uniqueStrings([
                 ...(config.providerPolicy?.allowedProviders ?? []),
                 input.provider,
             ]),
@@ -1177,6 +1235,9 @@ export async function connectModelProvider(input, root = process.cwd()) {
             delegation: {
                 mode: config.runtimePolicy?.delegation?.mode ?? "runtime-native",
                 allowDirectProviderApi: true,
+                ...(config.runtimePolicy?.delegation?.guardrails
+                    ? { guardrails: config.runtimePolicy.delegation.guardrails }
+                    : {}),
             },
         };
     }
@@ -1201,8 +1262,85 @@ export async function connectModelProvider(input, root = process.cwd()) {
         allowDirectProviderApi: input.allowDirectProviderApi,
     });
 }
-function unique(values) {
-    return [...new Set(values)];
+function validateProfileName(name) {
+    if (!/^[a-z0-9][a-z0-9._-]{1,62}$/i.test(name)) {
+        throw new Error("profile name must be 2-63 characters and contain only letters, numbers, dots, underscores, or dashes");
+    }
+}
+function validateProfileRouting(routing) {
+    if (!routing.provider?.trim()) {
+        throw new Error("profile routing requires provider");
+    }
+    if (!routing.model?.trim()) {
+        throw new Error("profile routing requires model");
+    }
+    if (new Set([routing.provider, ...(routing.fallbacks ?? [])]).size !==
+        [routing.provider, ...(routing.fallbacks ?? [])].length) {
+        throw new Error("profile routing fallback chain contains duplicates");
+    }
+}
+async function smokeRouting(scope, routing, config, root, env) {
+    const checks = [];
+    const providerIds = [routing.provider, ...(routing.fallbacks ?? [])];
+    for (const [index, providerId] of providerIds.entries()) {
+        const providerScope = index === 0 ? scope : `${scope}:fallback:${index}`;
+        const policyError = providerPolicySmokeError(providerId, config, index);
+        if (policyError) {
+            checks.push({
+                scope: providerScope,
+                provider: providerId,
+                model: routing.model,
+                status: "fail",
+                detail: policyError,
+            });
+            continue;
+        }
+        const credentialError = await providerCredentialSmokeError(providerId, config.providerCredentials?.byProvider?.[providerId], root, env);
+        checks.push({
+            scope: providerScope,
+            provider: providerId,
+            model: routing.model,
+            status: credentialError ? "fail" : "pass",
+            detail: credentialError ?? "provider configuration is present",
+        });
+    }
+    return checks;
+}
+function providerPolicySmokeError(providerId, config, fallbackIndex) {
+    try {
+        assertProviderAllowed(providerId, config.providerPolicy);
+        if (fallbackIndex > 0) {
+            assertVendorFallbackAllowed(providerId, config.providerPolicy);
+        }
+        return undefined;
+    }
+    catch (error) {
+        return error instanceof Error ? error.message : String(error);
+    }
+}
+async function providerCredentialSmokeError(providerId, credential, root, env) {
+    if (providerId === "none" ||
+        providerId === "fake" ||
+        providerId === "ollama") {
+        return undefined;
+    }
+    const apiKeyEnv = credential?.apiKeyEnv ?? defaultApiKeyEnv(providerId);
+    const apiKeyFileEnv = credential?.apiKeyFileEnv ?? defaultApiKeyFileEnv(providerId);
+    const effectiveEnv = providerEnvFromCredentialConfig(providerId, credential, env);
+    if (apiKeyEnv && effectiveEnv[apiKeyEnv]?.trim()) {
+        return undefined;
+    }
+    if (apiKeyFileEnv && effectiveEnv[apiKeyFileEnv]?.trim()) {
+        const keyFile = effectiveEnv[apiKeyFileEnv].trim();
+        if (!path.isAbsolute(keyFile)) {
+            return `${apiKeyFileEnv} must reference an absolute path`;
+        }
+        if (!(await exists(keyFile))) {
+            return `${apiKeyFileEnv} references an unreadable secret file`;
+        }
+        return undefined;
+    }
+    return `${apiKeyEnv ?? "provider API key"} or ${apiKeyFileEnv ?? "provider API key file"} is required`;
 }
 export async function recordModelProvenance(input, root = process.cwd()) {
     const workspace = await loadWorkspace(root);
@@ -1224,7 +1362,7 @@ export async function recordModelProvenance(input, root = process.cwd()) {
     return record;
 }
 export async function listModelProvenance(taskId, root = process.cwd()) {
-    const events = await filterEvents("MODEL_PROVENANCE_RECORDED", taskId, root);
+    const events = await listWorkflowEventsByType("MODEL_PROVENANCE_RECORDED", taskId, root);
     return events.map((event) => event.metadata);
 }
 export async function getUsageReport(taskId, root = process.cwd()) {
@@ -1378,31 +1516,9 @@ async function writeBudgetEscalationProposal(root, taskId, proposal) {
     ].join("\n");
     return writeArtifact(root, "approvals", `${taskId}-budget-fallback.md`, content);
 }
-async function filterEvents(type, taskId, root) {
-    const events = (await readEvents(root)).filter((event) => event.type === type);
-    return taskId ? events.filter((event) => event.taskId === taskId) : events;
-}
-async function mutateTasks(base, update) {
-    return updateJsonFile(path.join(base, FILES.tasks), [], update);
-}
 async function mutateLocks(base, update) {
     return updateJsonFile(path.join(base, FILES.locks), [], update);
 }
-function assertTaskCanBeRemoved(task, tasks, isForced) {
-    if (!isForced &&
-        (task.status === "in_progress" || task.status === "blocked")) {
-        throw new Error(`task ${task.id} is ${task.status}; use --force to remove it`);
-    }
-    const dependent = tasks.find((candidate) => candidate.id !== task.id &&
-        !isTerminalTaskStatus(candidate.status) &&
-        candidate.dependencies.includes(task.id));
-    if (dependent) {
-        throw new Error(`task ${task.id} is a dependency of active task ${dependent.id}`);
-    }
-}
-function isTerminalTaskStatus(status) {
-    return ["done", "canceled", "rejected", "archived"].includes(status);
-}
 function flowRequirementLines(requirements) {
     return requirements.length > 0
         ? requirements.map((requirement) => `- ${requirement}`)