@lannguyensi/harness 0.14.0 → 0.15.0

package/CHANGELOG.md

@@ -7,6 +7,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/).
 
 ## [Unreleased]
 
+## [0.15.0] - 2026-05-16
+
+**Headline: interactive wizard major upgrade.** `harness init --interactive` gains a runtime multiselect for the wire-now step (Claude Code + Codex, with `opencode` parked until its adapter lands) and a real Custom-profile composer at full reference-policy parity (1 pack, 4 MCPs, 6 reference policies, ticked à la carte). The old Custom branch, an advertised menu item that printed "use --template full and hand-edit" and aborted, is gone. Adjacent: every policy's deny envelope now carries a one-line producer hint so a blocked operator sees not just the missing tag but the satisfying contract; runtime tilde expansion on MCP env values at spawn time closes the "literal `~/foo` creates rogue cwd files" footgun for every wired server, not just `grounding-mcp`.
+
+Operator note: no required action. Custom is still opt-in from the wizard, and the new producer hints are additive.
+
+### Added
+
+- **Interactive wizard: runtime multiselect** (#147, agent-tasks/696f7560). The wire-now step is now an `@inquirer/prompts` `checkbox` over `claude-code` and `codex`; whichever runtimes `detect()` found configured are pre-checked so the historical single-runtime flow stays one Enter press. Selecting Codex runs `harness apply --runtime codex` and prints the manual-merge instruction for `~/.codex/config.toml`; selecting both warns the operator that `harness.lock` reflects the last-applied runtime. `opencode` listed disabled until task `f34eb233` lands the runtime adapter.
+- **Interactive wizard: Custom-profile composer** (#148 + #149, agent-tasks/31d2fbb5 + 5dd3d8a6). Custom is a real à-la-carte builder: three checkbox prompts (packs / MCPs / policies) feed `composeCustom(selection)` which emits YAML the rest of the wizard's tail (validate → wire-now) consumes unchanged. v0.15.0 ships parity with `--template full`: 1 pack (`understanding-before-execution`), 4 MCPs (`agent-tasks`, `grounding-mcp`, `memory-router` routed under `memory.router`, `codebase-oracle` with an env-var advisory), 6 reference policies (review-before-merge, preflight-before-investigation, review-subagent-before-pr-create, preflight-before-push, dogfood-before-release, two-reviewers-required). Producer-coupling advisories print to stderr when a selected policy has no producer for its ledger tag.
+- **Policy deny envelope: producer hints** (#141 + #142 + #143). Every reference policy in `FULL_TEMPLATE` now has a populated `producers:` field rendered into the deny envelope + `harness explain` output. The understanding-gate deny envelope picks up the same treatment so a blocked agent sees the `harness approve understanding` golden path rendered verbatim. The producer choice (`harness session-start preflight` vs `mcp__agent-grounding__ledger_add`) is recorded next to the tag the operator must produce.
+- **Wizard dep table: min_version floor** (#144). The "Profile X depends on these binaries" table now shows `pkg@x.y.z+` next to packages whose `min_version` is declared, so operators see the floor a feature needs even without running `harness doctor`.
+
+### Changed
+
+- **`dependenciesForCustom` resolves codebase-oracle + agent-preflight** (#149 dependency layer). Custom selections that tick `codebase-oracle` or any `preflight-*` policy now get the matching binaries added to the wizard's `npm i -g` list, mirroring `PROFILE_DEPENDENCIES.full`.
+- **Internal: shared `expandHome` helper** (#146). Three duplicate implementations consolidated into `src/runtime/expand-home.ts`. No behaviour change; refactor lands in the same release as #145 so the fix and the consolidation can be reasoned about together.
+- **`codebase-oracle` stays out of the FULL default** (#138 + #139 + #140 net). The thrash trio settles on "not in default, opt-in via Custom composer or hand-edit"; the FULL template now carries an explicit comment explaining the omission plus the manual wiring recipe with required env vars (`ORACLE_SCAN_ROOT`, `OPENAI_API_KEY`).
+
+### Fixed
+
+- **MCP env values: leading `~/` expands at spawn time** (#145). Previously a literal `~/foo` in an `env:` block was passed verbatim, and the receiving MCP server (process started by the runtime, not a login shell) saw no tilde expansion, creating rogue cwd-relative files. Now every value beginning with `~/` is rewritten to `$HOME/...` at the runtime spawn boundary. Closes the same class of incident grounding-mcp hit in v0.14.0.
+
 ## [0.14.0] - 2026-05-15
 
 **Headline: understanding-gate self-approval backdoor closed.** Through v0.13.0 the gate read a `understanding-approved:<sessionId>` row from the evidence ledger as approval. The agent has direct MCP access to that ledger via `grounding-mcp`'s `ledger_add`, so any agent could write the row for its own session and self-approve, collapsing the human-in-the-loop control to advisory. v0.14.0 moves the canonical signal to a filesystem marker at `harness.generated/.approvals/<sessionId>` written by `harness approve understanding` from the operator's shell. Edit / Write / Bash are all gated by the same PreToolUse hook and no configured MCP exposes filesystem writes, so the marker is reachable only from operator-launched processes. Headline regression test (`tests/cli/pack-hook-pre-tool-use.test.ts`): an injected ledger row with `source: "mcp"` (exact shape `ledger_add` produces) MUST still block. Pinned for Claude and Codex blockers alike.

package/README.md

@@ -305,7 +305,9 @@ conversation is the origin of this repo.
   local preflight validator; the canonical implementation of
   preflight-hook content harness wires.
 - [`codebase-oracle`](https://github.com/LanNguyenSi/codebase-oracle):
-  one of the MCP surfaces being registered.
+  an opt-in MCP surface for multi-repo RAG search. Not in the Full
+  default; operators wire it via `harness add mcp codebase-oracle
+  --command codebase-oracle,mcp`.
 - [`agent-dx`](https://github.com/LanNguyenSi/agent-dx): ships
   `git-batch-cli`, a day-to-day tool whose inventory appears in
   `harness describe`.

package/dist/cli/init/composer.d.ts

@@ -0,0 +1,29 @@
+export type CustomPackKey = "understanding-before-execution";
+export type CustomMcpKey = "agent-tasks" | "grounding-mcp" | "memory-router" | "codebase-oracle";
+export type CustomPolicyKey = "review-before-merge" | "preflight-before-investigation" | "review-subagent-before-pr-create" | "preflight-before-push" | "dogfood-before-release" | "two-reviewers-required";
+export interface ComposableOption<K extends string> {
+    key: K;
+    label: string;
+    description: string;
+}
+export declare const COMPOSABLE_PACKS: ReadonlyArray<ComposableOption<CustomPackKey>>;
+export declare const COMPOSABLE_MCPS: ReadonlyArray<ComposableOption<CustomMcpKey>>;
+export declare const COMPOSABLE_POLICIES: ReadonlyArray<ComposableOption<CustomPolicyKey>>;
+export interface CustomSelection {
+    packs: CustomPackKey[];
+    mcps: CustomMcpKey[];
+    policies: CustomPolicyKey[];
+    /** Optional override for memory.directories[0].path; defaults to the wizard's standard. */
+    memoryDir?: string;
+}
+export interface ComposeResult {
+    yaml: string;
+    /**
+     * Non-fatal advisories: policy selected without its producing MCP,
+     * pack selected without its baseline tools, etc. These are surfaced
+     * to stderr by the wizard so the operator can adjust without the
+     * manifest itself being rejected (`harness validate` stays clean).
+     */
+    warnings: string[];
+}
+export declare function composeCustom(sel: CustomSelection): ComposeResult;

package/dist/cli/init/composer.js

@@ -0,0 +1,377 @@
+// À la carte manifest composer for `harness init --interactive` Custom
+// profile (tasks 31d2fbb5 + 5dd3d8a6). The composer turns a discrete
+// checkbox selection into a YAML manifest that `harness validate`
+// accepts.
+//
+// Current surface (parity with FULL_TEMPLATE): one policy pack
+// (understanding-before-execution), four MCPs (agent-tasks,
+// grounding-mcp, memory-router — wired under memory.router, NOT
+// tools.mcp[] — and codebase-oracle), and six reference policies
+// (review-before-merge, preflight-before-investigation,
+// review-subagent-before-pr-create, preflight-before-push,
+// dogfood-before-release, two-reviewers-required). The opencode pack
+// stays disabled in the wire-now multiselect until its runtime adapter
+// (agent-tasks/f34eb233) lands.
+//
+// Design: build a plain object matching the Manifest schema, then
+// serialise via the `yaml` library. The shared `init()` path
+// (validateBeforeWrite, file lock, overwrite guard) handles persistence
+// so Custom rejoins the same write/validate semantics as
+// solo/team/full.
+import { stringify } from "yaml";
+export const COMPOSABLE_PACKS = [
+    {
+        key: "understanding-before-execution",
+        label: "understanding-before-execution",
+        description: "Force agents to expose their interpretation and wait for approval before any write-capable tool fires.",
+    },
+];
+export const COMPOSABLE_MCPS = [
+    {
+        key: "agent-tasks",
+        label: "agent-tasks",
+        description: "Backlog + PR workflow MCP bridge (agent-tasks-mcp-bridge).",
+    },
+    {
+        key: "grounding-mcp",
+        label: "grounding-mcp",
+        description: "Evidence ledger + understanding-gate approval surface.",
+    },
+    {
+        key: "memory-router",
+        label: "memory-router  (wired under memory.router, not tools.mcp[])",
+        description: "Cross-conversation memory routing via UserPromptSubmit.",
+    },
+    {
+        key: "codebase-oracle",
+        label: "codebase-oracle  (needs ORACLE_SCAN_ROOT + OPENAI_API_KEY env vars)",
+        description: "Multi-repo semantic search MCP server. Set ORACLE_SCAN_ROOT to an absolute path (tilde is NOT expanded) and an embedding-provider key before the first call.",
+    },
+];
+export const COMPOSABLE_POLICIES = [
+    {
+        key: "review-before-merge",
+        label: "review-before-merge",
+        description: "Block mcp__agent-tasks__pull_requests_merge unless a review:<pr-number> ledger entry exists.",
+    },
+    {
+        key: "preflight-before-investigation",
+        label: "preflight-before-investigation",
+        description: "Block git status/log/diff/branch unless preflight:<repo> ledger entry exists for this repo (within 1h).",
+    },
+    {
+        key: "review-subagent-before-pr-create",
+        label: "review-subagent-before-pr-create",
+        description: "Block mcp__agent-tasks__pull_requests_create unless a review-subagent:<task-id> ledger entry exists.",
+    },
+    {
+        key: "preflight-before-push",
+        label: "preflight-before-push",
+        description: "Block git push unless preflight:<branch> ledger entry exists for the current branch (within 10m).",
+    },
+    {
+        key: "dogfood-before-release",
+        label: "dogfood-before-release",
+        description: "Block npm publish / git tag v* unless a dogfood:<session-id> ledger entry exists in this session (within 24h).",
+    },
+    {
+        key: "two-reviewers-required",
+        label: "two-reviewers-required  (warn-level companion to review-before-merge)",
+        description: "Warn when PR-merge runs without TWO distinct review:<pr-number> ledger entries. Enforcement: warn.",
+    },
+];
+const HOOK_FOR_POLICY = {
+    "review-before-merge": {
+        name: "require-review-evidence",
+        event: "PreToolUse",
+        match: "mcp__agent-tasks__pull_requests_merge",
+        command: "harness policy intercept",
+        blocking: "hard",
+        budget_ms: 2000,
+    },
+    "preflight-before-investigation": {
+        name: "require-preflight-evidence",
+        event: "PreToolUse",
+        match: "Bash",
+        bash_match: "(^|\\n|;|\\||&&|\\()\\s*(\\w+=\\S+\\s+)*git( -C \\S+)* (status|log|diff|branch)\\b",
+        command: "harness policy intercept",
+        blocking: "hard",
+        budget_ms: 1000,
+    },
+    "review-subagent-before-pr-create": {
+        name: "require-review-subagent-evidence",
+        event: "PreToolUse",
+        match: "mcp__agent-tasks__pull_requests_create",
+        command: "harness policy intercept",
+        blocking: "hard",
+        budget_ms: 2000,
+    },
+    "preflight-before-push": {
+        name: "require-preflight-push-evidence",
+        event: "PreToolUse",
+        match: "Bash",
+        bash_match: "(^|\\n|;|\\||&&|\\()\\s*(\\w+=\\S+\\s+)*git( -C \\S+)* push\\b",
+        command: "harness policy intercept",
+        blocking: "hard",
+        budget_ms: 1000,
+    },
+    "dogfood-before-release": {
+        name: "require-dogfood-evidence",
+        event: "PreToolUse",
+        match: "Bash",
+        bash_match: "(^|\\n|;|\\||&&|\\()\\s*(\\w+=\\S+\\s+)*(npm publish\\b|git( -C \\S+)* tag v)",
+        command: "harness policy intercept",
+        blocking: "hard",
+        budget_ms: 2000,
+    },
+    // two-reviewers-required shares review-before-merge's hook; the policy
+    // intercept engine evaluates both policies under the same trigger and
+    // each enforces independently (block vs warn). We still need a hook
+    // entry so the policy's `hook:` field round-trips through validate,
+    // but it's the same row as require-review-evidence.
+    "two-reviewers-required": {
+        name: "require-review-evidence",
+        event: "PreToolUse",
+        match: "mcp__agent-tasks__pull_requests_merge",
+        command: "harness policy intercept",
+        blocking: "hard",
+        budget_ms: 2000,
+    },
+};
+const POLICY = {
+    "review-before-merge": {
+        name: "review-before-merge",
+        description: "Block PR merges unless a ledger entry tagged review:<pr-number> exists for this session.",
+        trigger: {
+            event: "PreToolUse",
+            match: "mcp__agent-tasks__pull_requests_merge",
+            extract: { PR_NUMBER: "toolArgs.prNumber" },
+        },
+        requires: { ledger_tag: "review:${PR_NUMBER}" },
+        hook: "require-review-evidence",
+        enforcement: "block",
+    },
+    "preflight-before-investigation": {
+        name: "preflight-before-investigation",
+        description: "Block investigative git reads (status/log/diff/branch) when agent-preflight has not run recently with ready:true for the current repo.",
+        trigger: {
+            event: "PreToolUse",
+            match: "Bash",
+            bash_match: "(^|\\n|;|\\||&&|\\()\\s*(\\w+=\\S+\\s+)*git( -C \\S+)* (status|log|diff|branch)\\b",
+        },
+        requires: { ledger_tag: "preflight:${REPO}", within: "1h" },
+        hook: "require-preflight-evidence",
+        enforcement: "block",
+    },
+    "review-subagent-before-pr-create": {
+        name: "review-subagent-before-pr-create",
+        description: "Block agent-tasks PR creation unless a review-subagent ledger entry tagged for this task already exists. Forces the rigorous review BEFORE the PR opens, not after.",
+        trigger: {
+            event: "PreToolUse",
+            match: "mcp__agent-tasks__pull_requests_create",
+            extract: { TASK_ID: "toolArgs.taskId" },
+        },
+        requires: { ledger_tag: "review-subagent:${TASK_ID}" },
+        hook: "require-review-subagent-evidence",
+        enforcement: "block",
+    },
+    "preflight-before-push": {
+        name: "preflight-before-push",
+        description: "Block git push unless a fresh preflight ledger entry exists for the current branch. Catches the stale-checkout class of incident at the last reversible step.",
+        trigger: {
+            event: "PreToolUse",
+            match: "Bash",
+            bash_match: "(^|\\n|;|\\||&&|\\()\\s*(\\w+=\\S+\\s+)*git( -C \\S+)* push\\b",
+        },
+        requires: { ledger_tag: "preflight:${BRANCH}", within: "10m" },
+        hook: "require-preflight-push-evidence",
+        enforcement: "block",
+    },
+    "dogfood-before-release": {
+        name: "dogfood-before-release",
+        description: "Block npm publish / git tag v* without a recent dogfood ledger entry.",
+        trigger: {
+            event: "PreToolUse",
+            match: "Bash",
+            bash_match: "(^|\\n|;|\\||&&|\\()\\s*(\\w+=\\S+\\s+)*(npm publish\\b|git( -C \\S+)* tag v)",
+        },
+        requires: { ledger_tag: "dogfood:${SESSION_ID}", within: "24h" },
+        hook: "require-dogfood-evidence",
+        enforcement: "block",
+    },
+    "two-reviewers-required": {
+        name: "two-reviewers-required",
+        description: "At least two distinct reviewer ledger entries must exist for the PR.",
+        trigger: {
+            event: "PreToolUse",
+            match: "mcp__agent-tasks__pull_requests_merge",
+            extract: { PR_NUMBER: "toolArgs.prNumber" },
+        },
+        requires: { ledger_tag: "review:${PR_NUMBER}", count: { min: 2 } },
+        hook: "require-review-evidence",
+        enforcement: "warn",
+    },
+};
+const MCP_ENTRY = {
+    "agent-tasks": {
+        name: "agent-tasks",
+        command: ["agent-tasks-mcp-bridge"],
+        min_version: "0.6.0",
+        health: { verb: "projects_list", timeout_ms: 5000 },
+        enabled: true,
+    },
+    "grounding-mcp": {
+        name: "grounding-mcp",
+        command: ["grounding-mcp"],
+        min_version: "0.2.0",
+        health: { verb: "ledger_status", timeout_ms: 5000 },
+        enabled: true,
+    },
+    // codebase-oracle: harness wires the MCP entry but cannot prompt for
+    // the absolute ORACLE_SCAN_ROOT path or the OPENAI_API_KEY (or any
+    // other embedding-provider key). The wizard emits a composer.warning
+    // when this is picked so the operator knows the env vars still need
+    // to be set in their shell or settings.json before the first call.
+    // Note: passing a literal tilde in env values bypasses shell expansion
+    // (see grounding-mcp incident in FULL_TEMPLATE comments), so the
+    // wizard does NOT auto-default ORACLE_SCAN_ROOT to ~/code — the
+    // operator must supply an absolute path themselves.
+    "codebase-oracle": {
+        name: "codebase-oracle",
+        command: ["codebase-oracle", "mcp"],
+        enabled: true,
+    },
+};
+const HEADER = [
+    "# ~/.claude/harness.yaml",
+    "#",
+    "# Bootstrapped by `harness init --interactive` (Custom profile).",
+    "#",
+    "# Composed à la carte from your checkbox picks. Re-run the wizard",
+    "# or edit by hand to add / remove components.",
+    "",
+].join("\n");
+export function composeCustom(sel) {
+    const warnings = [];
+    const mcpSet = new Set(sel.mcps);
+    // Producer-consistency advisories: each policy's `requires.ledger_tag`
+    // implies some producer must populate that tag. agent-tasks-coupled
+    // policies need the agent-tasks MCP wired; preflight-coupled policies
+    // need either grounding-mcp (so ledger_add reaches the gate) or a
+    // SessionStart preflight hook. The Custom v1 surface does not expose
+    // the SessionStart hook yet, so only check the MCP coupling.
+    if (sel.policies.includes("review-before-merge") && !mcpSet.has("agent-tasks")) {
+        warnings.push("policy review-before-merge fires on agent-tasks MCP verbs; selecting it without the agent-tasks MCP is allowed but the gate has no event to evaluate.");
+    }
+    if (sel.policies.includes("review-subagent-before-pr-create") &&
+        !mcpSet.has("agent-tasks")) {
+        warnings.push("policy review-subagent-before-pr-create fires on agent-tasks MCP verbs; selecting it without the agent-tasks MCP is allowed but the gate has no event to evaluate.");
+    }
+    if (sel.policies.includes("two-reviewers-required") && !mcpSet.has("agent-tasks")) {
+        warnings.push("policy two-reviewers-required fires on agent-tasks MCP verbs; selecting it without the agent-tasks MCP is allowed but the gate has no event to evaluate.");
+    }
+    // Note: understanding-before-execution does NOT produce preflight tags
+    // (it produces the operator-approve marker, a different gate signal).
+    // The pack is therefore NOT a substitute for grounding-mcp here; the
+    // only Custom-surface producer the wizard can wire is grounding-mcp's
+    // ledger_add.
+    if (sel.policies.includes("preflight-before-investigation") &&
+        !mcpSet.has("grounding-mcp")) {
+        warnings.push("policy preflight-before-investigation requires a producer that writes preflight:<repo> tags to the evidence ledger. Without grounding-mcp (ledger_add) or a separate SessionStart preflight hook (not in the Custom surface), the gate stays closed forever.");
+    }
+    if (sel.policies.includes("preflight-before-push") && !mcpSet.has("grounding-mcp")) {
+        warnings.push("policy preflight-before-push requires a producer that writes preflight:<branch> tags to the evidence ledger. Without grounding-mcp (ledger_add) or a separate SessionStart preflight hook (not in the Custom surface), the gate stays closed forever.");
+    }
+    if (sel.policies.includes("dogfood-before-release") && !mcpSet.has("grounding-mcp")) {
+        warnings.push("policy dogfood-before-release requires a producer that writes dogfood:<session-id> tags to the evidence ledger. Without grounding-mcp (ledger_add) the gate stays closed forever — every npm publish / git tag v* will be blocked.");
+    }
+    if (mcpSet.has("codebase-oracle")) {
+        warnings.push("MCP codebase-oracle requires ORACLE_SCAN_ROOT (absolute path; tilde is NOT expanded) and OPENAI_API_KEY (or ORACLE_LLM_PROVIDER + the matching provider key) set in your shell or in Claude's settings.json env block before the first call. The wizard does NOT prompt for these.");
+    }
+    const manifest = {
+        version: 1,
+        grounding: {
+            session: { auto_start: true, id_format: "gs-{repo}-{rand:8}" },
+            evidence_ledger: { path: "~/.evidence-ledger/ledger.db", retention_days: 90 },
+        },
+        tools: {
+            builtin: {
+                known: ["Read", "Edit", "Write", "Bash", "Agent", "Skill", "TaskCreate", "Glob", "Grep"],
+            },
+        },
+        memory: {
+            directories: [
+                { path: sel.memoryDir ?? "~/.claude/projects/{project}/memory", scope: "project" },
+            ],
+            retention: { staleness_days: 180, broken_refs: "warn" },
+            scopes: { default: "project", allowed: ["project", "user"] },
+        },
+    };
+    // tools.mcp[] only for non-memory-router MCP picks (memory-router
+    // routes user-prompts and is structurally a different slot under
+    // memory.router; treating it as a tools.mcp[] entry would fail
+    // validation).
+    const mcpEntries = sel.mcps
+        .filter((m) => m !== "memory-router")
+        .map((k) => MCP_ENTRY[k]);
+    if (mcpEntries.length > 0) {
+        manifest.tools.mcp = mcpEntries;
+    }
+    if (mcpSet.has("memory-router")) {
+        manifest.memory.router = {
+            command: ["memory-router-user-prompt-submit"],
+            min_version: "0.3.0",
+            enabled: true,
+        };
+    }
+    if (sel.policies.length > 0) {
+        // Dedup hooks by name: two-reviewers-required + review-before-merge
+        // both reference `require-review-evidence`, but the schema's
+        // superRefine rejects duplicate hook names (each hook entry must be
+        // unique). Emit each hook at most once; the same row services every
+        // referencing policy.
+        const seenHookName = new Set();
+        const hooks = [];
+        for (const p of sel.policies) {
+            const h = HOOK_FOR_POLICY[p];
+            if (seenHookName.has(h.name))
+                continue;
+            seenHookName.add(h.name);
+            hooks.push(h);
+        }
+        manifest.hooks = hooks;
+        manifest.policies = sel.policies.map((p) => POLICY[p]);
+    }
+    if (sel.packs.length > 0) {
+        manifest.policy_packs = sel.packs.map((k) => {
+            // Single-pack switch today; expand when the pack surface grows.
+            if (k === "understanding-before-execution") {
+                return {
+                    name: "understanding-before-execution",
+                    source: "builtin",
+                    enabled: true,
+                    description: "Force agents to expose their task interpretation and wait for explicit human approval before any write-capable tool fires.",
+                    config: {
+                        mode: "grill_me",
+                        producers: [
+                            {
+                                kind: "ask",
+                                command: "harness approve understanding",
+                                description: "Bare command, no pipes or chaining. The hook recognises it via isEscapeCommand and emits permissionDecision:ask; the operator's go on that prompt IS the gate approval. Golden path.",
+                            },
+                            {
+                                kind: "bash",
+                                command: "harness approve understanding",
+                                description: "Same command from any un-hooked terminal (operator only, not reachable from inside the gated session). Writes the canonical marker at harness.generated/.approvals/${SESSION_ID}.",
+                            },
+                        ],
+                    },
+                };
+            }
+            throw new Error(`composer: unknown pack ${String(k)}`);
+        });
+    }
+    const yaml = `${HEADER}\n${stringify(manifest, { lineWidth: 100 })}`;
+    return { yaml, warnings };
+}
+//# sourceMappingURL=composer.js.map

package/dist/cli/init/composer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"composer.js","sourceRoot":"","sources":["../../../src/cli/init/composer.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,qEAAqE;AACrE,kEAAkE;AAClE,WAAW;AACX,EAAE;AACF,+DAA+D;AAC/D,4DAA4D;AAC5D,gEAAgE;AAChE,iEAAiE;AACjE,wDAAwD;AACxD,2DAA2D;AAC3D,qEAAqE;AACrE,uEAAuE;AACvE,gCAAgC;AAChC,EAAE;AACF,kEAAkE;AAClE,6DAA6D;AAC7D,wEAAwE;AACxE,yDAAyD;AACzD,kBAAkB;AAElB,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAsBjC,MAAM,CAAC,MAAM,gBAAgB,GAAmD;IAC9E;QACE,GAAG,EAAE,gCAAgC;QACrC,KAAK,EAAE,gCAAgC;QACvC,WAAW,EACT,wGAAwG;KAC3G;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAkD;IAC5E;QACE,GAAG,EAAE,aAAa;QAClB,KAAK,EAAE,aAAa;QACpB,WAAW,EAAE,4DAA4D;KAC1E;IACD;QACE,GAAG,EAAE,eAAe;QACpB,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,wDAAwD;KACtE;IACD;QACE,GAAG,EAAE,eAAe;QACpB,KAAK,EAAE,6DAA6D;QACpE,WAAW,EAAE,yDAAyD;KACvE;IACD;QACE,GAAG,EAAE,iBAAiB;QACtB,KAAK,EAAE,qEAAqE;QAC5E,WAAW,EACT,8JAA8J;KACjK;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,mBAAmB,GAAqD;IACnF;QACE,GAAG,EAAE,qBAAqB;QAC1B,KAAK,EAAE,qBAAqB;QAC5B,WAAW,EACT,8FAA8F;KACjG;IACD;QACE,GAAG,EAAE,gCAAgC;QACrC,KAAK,EAAE,gCAAgC;QACvC,WAAW,EACT,yGAAyG;KAC5G;IACD;QACE,GAAG,EAAE,kCAAkC;QACvC,KAAK,EAAE,kCAAkC;QACzC,WAAW,EACT,sGAAsG;KACzG;IACD;QACE,GAAG,EAAE,uBAAuB;QAC5B,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EACT,mGAAmG;KACtG;IACD;QACE,GAAG,EAAE,wBAAwB;QAC7B,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,gHAAgH;KACnH;IACD;QACE,GAAG,EAAE,wBAAwB;QAC7B,KAAK,EAAE,uEAAuE;QAC9E,WAAW,EACT,oGAAoG;KACvG;CACF,CAAC;AAiDF,MAAM,eAAe,GAAsC;IACzD,qBAAqB,EAAE;QACrB,IAAI,EAAE,yBAAyB;QAC/B,KAAK,EAAE,YAAY;QACnB,KAAK,EAAE,uCAAuC;QAC9C,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,IAAI;KAChB;IACD,gCAAgC,EAAE;QAChC,IAAI,EAAE,4BAA4B;QAClC,KAAK,EAAE,YAAY;QACnB,KAAK,EAAE,MAAM;QACb,UAAU,EACR,oFAAoF;QACtF,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,IAAI;KAChB;IACD,kCAAkC,EAAE;QAClC,IAAI,EAAE,kCAAkC;QACxC,KAAK,EAAE,YAAY;QACnB,KAAK,EAAE,wCAAwC;QAC/C,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,IAAI;KAChB;IACD,uBAAuB,EAAE;QACvB,IAAI,EAAE,iCAAiC;QACvC,KAAK,EAAE,YAAY;QACnB,KAAK,EAAE,MAAM;QACb,UAAU,EAAE,gEAAgE;QAC5E,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,IAAI;KAChB;IACD,wBAAwB,EAAE;QACxB,IAAI,EAAE,0BAA0B;QAChC,KAAK,EAAE,YAAY;QACnB,KAAK,EAAE,MAAM;QACb,UAAU,EACR,+EAA+E;QACjF,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,IAAI;KAChB;IACD,uEAAuE;IACvE,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,oDAAoD;IACpD,wBAAwB,EAAE;QACxB,IAAI,EAAE,yBAAyB;QAC/B,KAAK,EAAE,YAAY;QACnB,KAAK,EAAE,uCAAuC;QAC9C,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,IAAI;KAChB;CACF,CAAC;AAEF,MAAM,MAAM,GAAwC;IAClD,qBAAqB,EAAE;QACrB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EACT,0FAA0F;QAC5F,OAAO,EAAE;YACP,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,uCAAuC;YAC9C,OAAO,EAAE,EAAE,SAAS,EAAE,mBAAmB,EAAE;SAC5C;QACD,QAAQ,EAAE,EAAE,UAAU,EAAE,qBAAqB,EAAE;QAC/C,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,OAAO;KACrB;IACD,gCAAgC,EAAE;QAChC,IAAI,EAAE,gCAAgC;QACtC,WAAW,EACT,wIAAwI;QAC1I,OAAO,EAAE;YACP,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,MAAM;YACb,UAAU,EACR,oFAAoF;SACvF;QACD,QAAQ,EAAE,EAAE,UAAU,EAAE,mBAAmB,EAAE,MAAM,EAAE,IAAI,EAAE;QAC3D,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,OAAO;KACrB;IACD,kCAAkC,EAAE;QAClC,IAAI,EAAE,kCAAkC;QACxC,WAAW,EACT,qKAAqK;QACvK,OAAO,EAAE;YACP,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,wCAAwC;YAC/C,OAAO,EAAE,EAAE,OAAO,EAAE,iBAAiB,EAAE;SACxC;QACD,QAAQ,EAAE,EAAE,UAAU,EAAE,4BAA4B,EAAE;QACtD,IAAI,EAAE,kCAAkC;QACxC,WAAW,EAAE,OAAO;KACrB;IACD,uBAAuB,EAAE;QACvB,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EACT,+JAA+J;QACjK,OAAO,EAAE;YACP,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,MAAM;YACb,UAAU,EAAE,gEAAgE;SAC7E;QACD,QAAQ,EAAE,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,EAAE,KAAK,EAAE;QAC9D,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,OAAO;KACrB;IACD,wBAAwB,EAAE;QACxB,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,uEAAuE;QACpF,OAAO,EAAE;YACP,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,MAAM;YACb,UAAU,EACR,+EAA+E;SAClF;QACD,QAAQ,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE,MAAM,EAAE,KAAK,EAAE;QAChE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,OAAO;KACrB;IACD,wBAAwB,EAAE;QACxB,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,sEAAsE;QACnF,OAAO,EAAE;YACP,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,uCAAuC;YAC9C,OAAO,EAAE,EAAE,SAAS,EAAE,mBAAmB,EAAE;SAC5C;QACD,QAAQ,EAAE,EAAE,UAAU,EAAE,qBAAqB,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;QAClE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,MAAM;KACpB;CACF,CAAC;AAWF,MAAM,SAAS,GAA6D;IAC1E,aAAa,EAAE;QACb,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,CAAC,wBAAwB,CAAC;QACnC,WAAW,EAAE,OAAO;QACpB,MAAM,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,UAAU,EAAE,IAAI,EAAE;QACnD,OAAO,EAAE,IAAI;KACd;IACD,eAAe,EAAE;QACf,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,CAAC,eAAe,CAAC;QAC1B,WAAW,EAAE,OAAO;QACpB,MAAM,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,UAAU,EAAE,IAAI,EAAE;QACnD,OAAO,EAAE,IAAI;KACd;IACD,qEAAqE;IACrE,mEAAmE;IACnE,qEAAqE;IACrE,oEAAoE;IACpE,mEAAmE;IACnE,uEAAuE;IACvE,iEAAiE;IACjE,gEAAgE;IAChE,oDAAoD;IACpD,iBAAiB,EAAE;QACjB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,CAAC,iBAAiB,EAAE,KAAK,CAAC;QACnC,OAAO,EAAE,IAAI;KACd;CACF,CAAC;AAEF,MAAM,MAAM,GAAG;IACb,0BAA0B;IAC1B,GAAG;IACH,kEAAkE;IAClE,GAAG;IACH,mEAAmE;IACnE,+CAA+C;IAC/C,EAAE;CACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAEb,MAAM,UAAU,aAAa,CAAC,GAAoB;IAChD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAEjC,uEAAuE;IACvE,oEAAoE;IACpE,sEAAsE;IACtE,kEAAkE;IAClE,qEAAqE;IACrE,6DAA6D;IAC7D,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;QAC/E,QAAQ,CAAC,IAAI,CACX,uJAAuJ,CACxJ,CAAC;IACJ,CAAC;IACD,IACE,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,kCAAkC,CAAC;QACzD,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,EAC1B,CAAC;QACD,QAAQ,CAAC,IAAI,CACX,oKAAoK,CACrK,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;QAClF,QAAQ,CAAC,IAAI,CACX,0JAA0J,CAC3J,CAAC;IACJ,CAAC;IACD,uEAAuE;IACvE,sEAAsE;IACtE,qEAAqE;IACrE,sEAAsE;IACtE,cAAc;IACd,IACE,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,gCAAgC,CAAC;QACvD,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,EAC5B,CAAC;QACD,QAAQ,CAAC,IAAI,CACX,8PAA8P,CAC/P,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;QACnF,QAAQ,CAAC,IAAI,CACX,uPAAuP,CACxP,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;QACpF,QAAQ,CAAC,IAAI,CACX,oOAAoO,CACrO,CAAC;IACJ,CAAC;IACD,IAAI,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CACX,oRAAoR,CACrR,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAA4B;QACxC,OAAO,EAAE,CAAC;QACV,SAAS,EAAE;YACT,OAAO,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,oBAAoB,EAAE;YAC9D,eAAe,EAAE,EAAE,IAAI,EAAE,8BAA8B,EAAE,cAAc,EAAE,EAAE,EAAE;SAC9E;QACD,KAAK,EAAE;YACL,OAAO,EAAE;gBACP,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,CAAC;aACzF;SACF;QACD,MAAM,EAAE;YACN,WAAW,EAAE;gBACX,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,IAAI,qCAAqC,EAAE,KAAK,EAAE,SAAS,EAAE;aACnF;YACD,SAAS,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,EAAE;YACvD,MAAM,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE;SAC7D;KACF,CAAC;IAEF,kEAAkE;IAClE,iEAAiE;IACjE,+DAA+D;IAC/D,eAAe;IACf,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI;SACxB,MAAM,CAAC,CAAC,CAAC,EAA+C,EAAE,CAAC,CAAC,KAAK,eAAe,CAAC;SACjF,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5B,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,KAAiC,CAAC,GAAG,GAAG,UAAU,CAAC;IAC/D,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,MAAkC,CAAC,MAAM,GAAG;YACpD,OAAO,EAAE,CAAC,kCAAkC,CAAC;YAC7C,WAAW,EAAE,OAAO;YACpB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,oEAAoE;QACpE,6DAA6D;QAC7D,oEAAoE;QACpE,oEAAoE;QACpE,sBAAsB;QACtB,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;QACvC,MAAM,KAAK,GAAe,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;YAC7B,MAAM,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;YAC7B,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;gBAAE,SAAS;YACvC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;QACD,QAAQ,CAAC,KAAK,GAAG,KAAK,CAAC;QACvB,QAAQ,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,YAAY,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAC1C,gEAAgE;YAChE,IAAI,CAAC,KAAK,gCAAgC,EAAE,CAAC;gBAC3C,OAAO;oBACL,IAAI,EAAE,gCAAgC;oBACtC,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE,IAAI;oBACb,WAAW,EACT,4HAA4H;oBAC9H,MAAM,EAAE;wBACN,IAAI,EAAE,UAAU;wBAChB,SAAS,EAAE;4BACT;gCACE,IAAI,EAAE,KAAK;gCACX,OAAO,EAAE,+BAA+B;gCACxC,WAAW,EACT,sLAAsL;6BACzL;4BACD;gCACE,IAAI,EAAE,MAAM;gCACZ,OAAO,EAAE,+BAA+B;gCACxC,WAAW,EACT,mLAAmL;6BACtL;yBACF;qBACF;iBACF,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0BAA0B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,GAAG,MAAM,KAAK,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IACrE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AAC5B,CAAC"}

package/dist/cli/init/dependencies.d.ts

@@ -1,4 +1,5 @@
 import type { ProfileChoice } from "./interactive.js";
+import type { CustomSelection } from "./composer.js";
 /**
  * One required binary that must end up on PATH for a given profile's
  * manifest to pass `harness doctor`. `binary` is the executable name we
@@ -7,12 +8,22 @@ import type { ProfileChoice } from "./interactive.js";
  * we list them all so that a partial install still reads as "complete"
  * for whichever binaries we depend on (e.g. understanding-gate ships
  * three hook adapters; the manifest only wires two of them).
+ *
+ * `minVersion` is informational only today (rendered in the wizard's
+ * dependency table next to the package name) so operators see the
+ * floor a feature depends on. The wizard does NOT yet probe the
+ * installed bin's version, so a stale install proceeds silently;
+ * upgrade hint is on the operator. Adding actual enforcement is a
+ * separate task (mirrors the MCP `min_version` doctor probe pattern
+ * already wired in FULL_TEMPLATE for MCP entries).
  */
 export interface ProfileDependency {
     binary: string;
     npmPackage: string;
     /** Short label rendered in the wizard's dependency table. */
     description: string;
+    /** Optional floor, displayed as `pkg@x.y.z+`. Informational only. */
+    minVersion?: string;
 }
 export declare const PROFILE_DEPENDENCIES: Record<Exclude<ProfileChoice, "custom">, ProfileDependency[]>;
 /**
@@ -42,6 +53,20 @@ export interface CheckOptions {
  * `npm i -g <pkg1> <pkg2>` call.
  */
 export declare function checkDependencies(profile: Exclude<ProfileChoice, "custom">, opts?: CheckOptions): DependencyCheckResult;
+/**
+ * List-based variant of `checkDependencies` for callers that compute a
+ * bespoke dep set (e.g. the Custom-profile composer in task 31d2fbb5).
+ * Same semantics: resolve each binary on PATH, return statuses +
+ * de-duped missing packages.
+ */
+export declare function checkDependencyList(deps: ProfileDependency[], opts?: CheckOptions): DependencyCheckResult;
+/**
+ * Resolve the dependency list for a Custom-profile selection. Maps each
+ * checkbox key to its underlying binary requirement. Used by the
+ * interactive wizard's Custom branch so the dependency-check + install
+ * UX is identical to the named profiles.
+ */
+export declare function dependenciesForCustom(sel: CustomSelection): ProfileDependency[];
 /**
  * Render the dependency table the wizard shows to the operator. Pure
  * function so tests can lock the surface text without spawning a