@letterblack/lbe-core 1.3.5 → 1.3.7

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## 1.3.7 — 2026-06-24
+
+### Fixed
+- Fixed internal linting errors preventing clean CI execution.
+- Restored and aligned the GitHub Actions release workflow.
+
 ## 1.3.3 — 2026-06-23
 
 ### Fixed

package/README.md

@@ -1,167 +1,182 @@
-# @letterblack/lbe-core
-
-LBE Core is **local execution control for AI agents**.
-
-It evaluates file and shell actions routed through its execution boundary, records local evidence, and returns an allow/deny/proof outcome before agent work is treated as complete.
-
-LBE is not an AI model, IDE, full OS sandbox, cloud monitor, or hosted control plane. It only controls actions that are routed through LBE.
-
-```text
-Agent wants to act
-        ↓
-LBE validates workspace, policy, target, and evidence
-        ↓
-allow / deny / weak proof / error
-        ↓
-Host executes only if LBE approved
-        ↓
-Audit and proof records are written locally
-```
-
----
-
-## Install and start
-
-```bash
-npm install @letterblack/lbe-core
-npx lbe init
-npx lbe status
-npx lbe logs
-npx lbe proof --public
-npx lbe open-state
-```
-
-Requires Node.js `>= 20.9.0`.
-
-Command summary:
-
-| Command | Purpose |
-|---|---|
-| `npx lbe init` | Initialize LBE state for the current workspace |
-| `npx lbe status` | Show workspace policy, state, and proof status |
-| `npx lbe logs` | Show recent local LBE audit events |
-| `npx lbe open-state` | Open the central local state folder for this workspace |
-| `npx lbe proof` | Show the latest private proof result |
-| `npx lbe proof --json` | Print the latest proof as JSON |
-| `npx lbe proof --public` | Print a redacted proof safe for public sharing |
-| `npx lbe status --all` | List known local workspaces from the workspace registry |
-
----
-
-## What LBE does
-
-LBE gives agent builders a local execution boundary:
-
-- validates requested file and shell actions before execution
-- keeps governed actions inside the intended workspace
-- records local audit evidence
-- tracks intent, target, file-index snapshots, and proof results
-- supports private proof and public/redacted proof output
-- preserves legacy `.lbe/events.jsonl` logs while using central local state
-
-Most systems ask only:
-
-```text
-Did the user approve this?
-```
-
-LBE asks a stricter question:
-
-```text
-Is this exact action allowed to reach the filesystem or terminal, and can we prove what happened?
-```
-
----
-
-## Local state and proof
-
-LBE keeps state locally in a central per-user state folder. Each workspace has a stable workspace ID and its own event log.
-
-In v1.3, an existing `.lbe/events.jsonl` remains local fallback truth and is imported into central state once. The source file is preserved.
-
-Proof combines:
-
-```text
-intent
-  ↓
-target
-  ↓
-file-index before action
-  ↓
-LBE audit event
-  ↓
-file-index after action
-  ↓
-proof/latest.json
-```
-
-Proof results:
-
-| Result | Meaning |
-|---|---|
-| `PASS` | Evidence is complete and actual changes match declared intent |
-| `FAIL` | Evidence violates intent, policy, or expected file changes |
-| `WEAK_PROOF` | Target evidence was uncertain or required user confirmation |
-
-Use:
-
-```bash
-npx lbe proof --public
-```
-
-for a redacted proof summary. Public proof redacts private paths, raw internal IDs, full diffs, hashes, and sensitive failure details.
-
----
-
-## What ships
-
-The npm package ships the packaged runtime boundary, not the private source tree.
-
-```text
-bin/lbe.js                    CLI shim
-dist/cli/lbe.js               Bundled CLI runtime
-dist/hooks/register.cjs       Hook preload runtime
-dist/state/index.cjs          Packaged CJS state resolver
-dist/state/appendCentral.cjs  Packaged central JSONL append helper
-README.md
-Release-README.md
-CHANGELOG.md
-LICENSE
-package.json
-```
-
-The npm package must not include private implementation folders such as `src/core/**`, tests, local `.lbe/**` state, AppData state, diagnostic helpers, private keys, or workspace-local proof artifacts.
-
----
-
-## Limits
-
-LBE controls only actions routed through its execution boundary.
-
-It does not provide:
-
-- kernel-level process isolation
-- network-egress control
-- multi-tenant separation
-- hosted monitoring
+# @letterblack/lbe-core
+
+LBE Core is **local execution control for AI agents**.
+
+It evaluates file and shell actions routed through its execution boundary, records local evidence, and returns an allow/deny/proof outcome before agent work is treated as complete.
+
+LBE is not an AI model, IDE, full OS sandbox, cloud monitor, or hosted control plane. It only controls actions that are routed through LBE.
+
+```text
+Agent wants to act
+        ↓
+LBE validates workspace, policy, target, and evidence
+        ↓
+allow / deny / weak proof / error
+        ↓
+Host executes only if LBE approved
+        ↓
+Audit and proof records are written locally
+```
+
+---
+
+## Recommended install
+
+Use the current clean release:
+
+```bash
+npm install @letterblack/lbe-core@1.3.5
+npx lbe init
+npx lbe assert-consumer
+npx lbe proof --public
+```
+
+`assert-consumer` confirms this project is using LBE as an installed package dependency.
+
+It does not certify LBE release safety.
+
+## Install and start
+
+```bash
+npm install @letterblack/lbe-core@1.3.5
+npx lbe init
+npx lbe status
+npx lbe logs
+npx lbe proof --public
+npx lbe open-state
+```
+
+Requires Node.js `>= 20.9.0`.
+
+Command summary:
+
+| Command | Purpose |
+|---|---|
+| `npx lbe init` | Initialize LBE state for the current workspace |
+| `npx lbe status` | Show workspace policy, state, and proof status |
+| `npx lbe logs` | Show recent local LBE audit events |
+| `npx lbe open-state` | Open the central local state folder for this workspace |
+| `npx lbe proof` | Show the latest private proof result |
+| `npx lbe proof --json` | Print the latest proof as JSON |
+| `npx lbe proof --public` | Print a redacted proof safe for public sharing |
+| `npx lbe status --all` | List known local workspaces from the workspace registry |
+
+---
+
+## What LBE does
+
+LBE gives agent builders a local execution boundary:
+
+- validates requested file and shell actions before execution
+- keeps governed actions inside the intended workspace
+- records local audit evidence
+- tracks intent, target, file-index snapshots, and proof results
+- supports private proof and public/redacted proof output
+- preserves legacy `.lbe/events.jsonl` logs while using central local state
+
+Most systems ask only:
+
+```text
+Did the user approve this?
+```
+
+LBE asks a stricter question:
+
+```text
+Is this exact action allowed to reach the filesystem or terminal, and can we prove what happened?
+```
+
+---
+
+## Local state and proof
+
+LBE keeps state locally in a central per-user state folder. Each workspace has a stable workspace ID and its own event log.
+
+In v1.3, an existing `.lbe/events.jsonl` remains local fallback truth and is imported into central state once. The source file is preserved.
+
+Proof combines:
+
+```text
+intent
+  ↓
+target
+  ↓
+file-index before action
+  ↓
+LBE audit event
+  ↓
+file-index after action
+  ↓
+proof/latest.json
+```
+
+Proof results:
+
+| Result | Meaning |
+|---|---|
+| `PASS` | Evidence is complete and actual changes match declared intent |
+| `FAIL` | Evidence violates intent, policy, or expected file changes |
+| `WEAK_PROOF` | Target evidence was uncertain or required user confirmation |
+
+Use:
+
+```bash
+npx lbe proof --public
+```
+
+for a redacted proof summary. Public proof redacts private paths, raw internal IDs, full diffs, hashes, and sensitive failure details.
+
+---
+
+## What ships
+
+The npm package ships the packaged runtime boundary, not the private source tree.
+
+```text
+bin/lbe.js                    CLI shim
+dist/cli/lbe.js               Bundled CLI runtime
+dist/hooks/register.cjs       Hook preload runtime
+dist/state/index.cjs          Packaged CJS state resolver
+dist/state/appendCentral.cjs  Packaged central JSONL append helper
+README.md
+Release-README.md
+CHANGELOG.md
+LICENSE
+package.json
+```
+
+The npm package must not include private implementation folders such as `src/core/**`, tests, local `.lbe/**` state, AppData state, diagnostic helpers, private keys, or workspace-local proof artifacts.
+
+---
+
+## Limits
+
+LBE controls only actions routed through its execution boundary.
+
+It does not provide:
+
+- kernel-level process isolation
+- network-egress control
+- multi-tenant separation
+- hosted monitoring
 - universal control over tools outside LBE's execution boundary
-
-Central writes are best-effort. Local logs remain local.
-
----
-
-## Release status
-
-Current aligned release:
-
-```text
-@letterblack/lbe-core@1.3.3
-```
-
-Earlier `1.3.0`, `1.3.1`, and `1.3.2` builds are superseded by `1.3.3`.
-
----
-
-## One-sentence summary
-
-LBE Core does not make the agent smarter. It makes the agent's execution path controlled, evidence-backed, and locally auditable.
+
+Central writes are best-effort. Local logs remain local.
+
+---
+
+## Release status
+
+Current aligned release:
+
+```text
+@letterblack/lbe-core@1.3.5
+```
+
+Earlier `1.3.0`, `1.3.1`, `1.3.2`, and `1.3.3` builds are superseded by `1.3.5`.
+
+---
+
+## One-sentence summary
+
+LBE Core does not make the agent smarter. It makes the agent's execution path controlled, evidence-backed, and locally auditable.

package/RELEASE_WORKSPACE_RULES.md

@@ -1,110 +1,179 @@
-# LBE Release Workspace Rules
-
-This file defines what can and cannot be used as LBE release proof.
-
-## Release authority boundary
-
-Only the designated LBE release workspace may certify LBE release safety.
-
-A downstream project, integration lab, copied repository, downloaded folder, worktree, or consumer app is not release authority for LBE.
-
-Consumer projects may prove only their own integration behavior with the installed LBE package.
-
-They must not claim:
-
-- LBE release-ready
-- LBE published
-- full LBE proof passed
-- npm/GitHub release alignment
-- package release correctness
-
-## Consumer dependency rule
-
-Other projects must consume LBE as an installed package dependency from the public registry.
-
-Allowed consumer model:
-
-```bash
-npm install @letterblack/lbe-core
-npx lbe init
-npx lbe status
-npx lbe proof --public
-```
-
-Do not use a copied LBE source tree as the authority for consumer projects.
-
-Do not point consumer projects at LBE through:
-
-- `file:`
-- `link:`
-- `workspace:`
-- `git+`
-- `github:`
-- local relative paths
-- local absolute paths
-- symlinked `node_modules` packages
-
-## assert-consumer rule
-
-`npx lbe assert-consumer` is a downstream consumer-safety guard.
-
-It answers:
-
-- Is this project using `@letterblack/lbe-core` as an installed dependency?
-- Is this project accidentally pointing at a copied source tree, workspace link, git dependency, local path, or symlink?
-
-It must always report consumer status only.
-
-It is not release proof.
-
-It is not package provenance proof.
-
-It is not a substitute for:
-
-- full test suite
-- `npm run proof`
-- package runtime verification
-- packed tarball inspection
-- npm `gitHead` check
-- GitHub tag alignment
-- GitHub Release verification
-- fresh install smoke from the registry
-
-Expected classification for a valid consumer project:
-
-```txt
-consumer-project-using-installed-registry-dependency
-releaseClaimsAllowed: false
-```
-
-If a project passes `assert-consumer`, the only valid conclusion is:
-
-```txt
-This project consumes LBE from an installed package dependency.
-This does not certify LBE release safety.
-```
-
-## Hard stop conditions
-
-Stop and report if:
-
-- a consumer project is used to certify an LBE release
-- focused integration tests are used as release proof
-- a copied/lab workspace is treated as package authority
-- local path, git, workspace, or symlink dependencies are used for LBE in a consumer project
-- release claims are made without npm/GitHub/package provenance checks
-
-## Agent report format
-
-Before making any LBE-related release claim, report:
-
-```txt
-Workspace classification:
-- Path:
-- Type: LBE release workspace / consumer project / local lab / copied workspace / unknown
-- npm run proof available: yes/no
-- full suite exit code:
-- release claims allowed: yes/no
-```
-
-If the workspace is a consumer project, local lab, copied workspace, or unknown, release claims are not allowed.
+# LBE Release Workspace Rules
+
+This file defines what can and cannot be used as LBE release proof.
+
+## Release authority boundary
+
+Only the designated LBE release workspace may certify LBE release safety.
+
+A downstream project, integration lab, copied repository, downloaded folder, worktree, or consumer app is not release authority for LBE.
+
+Consumer projects may prove only their own integration behavior with the installed LBE package.
+
+They must not claim:
+
+- LBE release-ready
+- LBE published
+- full LBE proof passed
+- npm/GitHub release alignment
+- package release correctness
+
+## Consumer dependency rule
+
+Other projects must consume LBE as an installed package dependency from the public registry.
+
+Allowed consumer model:
+
+```bash
+npm install @letterblack/lbe-core
+npx lbe init
+npx lbe status
+npx lbe proof --public
+```
+
+Do not use a copied LBE source tree as the authority for consumer projects.
+
+Do not point consumer projects at LBE through:
+
+- `file:`
+- `link:`
+- `workspace:`
+- `git+`
+- `github:`
+- local relative paths
+- local absolute paths
+- symlinked `node_modules` packages
+
+## assert-consumer rule
+
+`npx lbe assert-consumer` is a downstream consumer-safety guard.
+
+It answers:
+
+- Is this project using `@letterblack/lbe-core` as an installed dependency?
+- Is this project accidentally pointing at a copied source tree, workspace link, git dependency, local path, or symlink?
+
+It must always report consumer status only.
+
+It is not release proof.
+
+It is not package provenance proof.
+
+It is not a substitute for:
+
+- full test suite
+- `npm run proof`
+- package runtime verification
+- packed tarball inspection
+- npm `gitHead` check
+- GitHub tag alignment
+- GitHub Release verification
+- fresh install smoke from the registry
+
+Expected classification for a valid consumer project:
+
+```txt
+consumer-project-using-installed-registry-dependency
+releaseClaimsAllowed: false
+```
+
+If a project passes `assert-consumer`, the only valid conclusion is:
+
+```txt
+This project consumes LBE from an installed package dependency.
+This does not certify LBE release safety.
+```
+
+## Release workflow stale-guard
+
+The release workflow is the authority for public repo sync and release automation.
+
+Agents must not manually patch the public `Letterblack-Sentinel` repo to make it look released.
+
+If the public repo is stale, the correct fix is:
+
+1. inspect the release workflow
+2. verify it targets the current package: `@letterblack/lbe-core`
+3. repair stale workflow steps
+4. run the workflow or its explicit `sync-public-only` mode
+5. verify public repo, tag, GitHub Release, npm `gitHead`, and fresh install smoke
+
+## Blocked stale workflow patterns
+
+Stop immediately if the workflow still treats these as the current release packages:
+
+```txt
+@letterblack/lbe-sdk
+@letterblack/lbe-exec
+```
+
+These may appear only as legacy/deprecated notes, not active publish/sync/release jobs.
+
+## Required workflow gates
+
+The workflow must include:
+
+```txt
+node --test
+npm run proof
+npm run audit:public-docs
+npm run verify:package-runtime
+npm pack --dry-run
+npm gitHead verification
+GitHub tag target verification
+fresh npm install smoke
+public repo sync
+sync-public-only mode for already-published versions
+```
+
+## Hard stop message
+
+If the workflow is stale, report exactly:
+
+```txt
+RELEASE WORKFLOW STALE — BLOCKED
+Do not publish manually.
+Do not sync the public repo manually.
+Fix workflow first.
+```
+
+## Agent report format
+
+Before touching release automation, report:
+
+```txt
+Release workflow classification:
+- Workflow path:
+- Active package target:
+- Old package targets present: yes/no
+- sync-public-only mode present: yes/no
+- npm gitHead verification present: yes/no
+- fresh install smoke present: yes/no
+- public repo sync present: yes/no
+- release workflow allowed: yes/no
+```
+
+## Hard stop conditions
+
+Stop and report if:
+
+- a consumer project is used to certify an LBE release
+- focused integration tests are used as release proof
+- a copied/lab workspace is treated as package authority
+- local path, git, workspace, or symlink dependencies are used for LBE in a consumer project
+- release claims are made without npm/GitHub/package provenance checks
+
+## Agent report format
+
+Before making any LBE-related release claim, report:
+
+```txt
+Workspace classification:
+- Path:
+- Type: LBE release workspace / consumer project / local lab / copied workspace / unknown
+- npm run proof available: yes/no
+- full suite exit code:
+- release claims allowed: yes/no
+```
+
+If the workspace is a consumer project, local lab, copied workspace, or unknown, release claims are not allowed.

package/Release-README.md

@@ -1,5 +1,7 @@
 # @letterblack/lbe-core
 
+**Release 1.3.7**
+
 LBE is local execution control for AI agents. It evaluates file and shell
 actions routed through its execution boundary, records local evidence, and
 returns an allow/deny outcome before the governed action runs.