@ludecker/aaac 1.1.0 → 1.1.2

package/templates/cursor/aaac/graph.project.yaml

@@ -1,127 +1,7 @@
-resolvers:
-  update-module-by-slug:
-    map:
-      cms: cms-update
-      ui: ui-update
-      database: database-update
-      aaac: aaac-update
-  update-component-by-scope:
-    map:
-      cms: cms-design-update
-      ui: ui-design-update
-  create-feature-by-slug:
-    map:
-      cms: cms-create-feature
-      aaac: aaac-create-feature
-  fix-bug-by-slug:
-    map:
-      cms: cms-fix-bug
-      ui: ui-fix-bug
-      database: database-fix-bug
-      aaac: aaac-fix-bug
-    default: verb-fix
-    default_object: feature
-  fix-domain-by-slug:
-    map:
-      cms: cms-fix-bug
-      ui: ui-fix-bug
-      database: database-fix-bug
-      aaac: aaac-fix-bug
-    default: verb-fix
-    default_object: module
-  fix-component-by-scope:
-    map:
-      cms: cms-fix-bug
-      ui: ui-fix-bug
-    default: verb-fix
-    default_object: component
-  fix-data-by-slug:
-    map:
-      database: database-fix-bug
-    default: database-fix-bug
-    default_object: schema
-  fix-integration-by-slug:
-    map:
-      cms: cms-fix-bug
-      ui: ui-fix-bug
-      database: database-fix-bug
-      aaac: aaac-fix-bug
-    default: verb-fix
-    default_object: integration
-  test-module-by-slug:
-    map:
-      cms: cms-test-module
-      ui: ui-test-module
-      database: database-test-module
-      aaac: aaac-test-module
+# Generic AAAC project overlay — verb orchestrators + exception commands only.
+# Add domain resolvers, orchestrators, and project skills in your repo after init.
 
 orchestrators:
-  cms-update:
-    domain: cms
-    path: domains/cms/update/orchestrator
-    inventory: domains/cms/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    phases: [load_inventory, discover, investigate_lite, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  ui-update:
-    domain: ui
-    path: domains/ui/update/orchestrator
-    inventory: domains/ui/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    phases: [load_inventory, discover, investigate_lite, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  database-update:
-    domain: database
-    path: domains/database/update/orchestrator
-    inventory: domains/database/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    phases: [load_inventory, discover, investigate_lite, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  cms-design-update:
-    domain: cms
-    path: domains/cms/update/orchestrator
-    inventory: domains/cms/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    design_mode: true
-
-  ui-design-update:
-    domain: ui
-    path: domains/ui/update/orchestrator
-    inventory: domains/ui/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    design_mode: true
-
-  cms-create-feature:
-    domain: cms
-    path: domains/cms/update/orchestrator
-    inventory: domains/cms/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting, module-authoring]
-    create_mode: true
-
-  cms-fix-bug:
-    domain: cms
-    path: domains/cms/update/orchestrator
-    inventory: domains/cms/update/inventory
-    requires: [discovery, investigation, root-cause, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    fix_mode: true
-    phases: [load_inventory, discover, investigate_swarm, root_cause, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  ui-fix-bug:
-    domain: ui
-    path: domains/ui/update/orchestrator
-    inventory: domains/ui/update/inventory
-    requires: [discovery, investigation, root-cause, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    fix_mode: true
-    phases: [load_inventory, discover, investigate_swarm, root_cause, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  database-fix-bug:
-    domain: database
-    path: domains/database/update/orchestrator
-    inventory: domains/database/update/inventory
-    requires: [discovery, investigation, root-cause, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting]
-    fix_mode: true
-    phases: [load_inventory, discover, investigate_swarm, root_cause, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
   update-doc:
     path: skills/shared/documentation/orchestrator
     requires: [discovery, documentation, reporting]
@@ -130,7 +10,7 @@ orchestrators:
   review-incident:
     path: skills/shared/investigation/orchestrator
     requires: [discovery, investigation, reporting]
-    optional: [execution, ludecker-infrastructure]
+    optional: [execution]
 
   review-module:
     path: skills/shared/architecture/orchestrator
@@ -146,73 +26,9 @@ orchestrators:
     path: skills/shared/testing/orchestrator
     requires: [discovery, testing, verification, reporting]
 
-  cms-test-module:
-    domain: cms
-    path: domains/cms/update/orchestrator
-    inventory: domains/cms/update/inventory
-    requires: [testing, verification, reporting]
-    test_only: true
-
-  ui-test-module:
-    domain: ui
-    path: domains/ui/update/orchestrator
-    inventory: domains/ui/update/inventory
-    requires: [testing, verification, reporting]
-    test_only: true
-
-  database-test-module:
-    domain: database
-    path: domains/database/update/orchestrator
-    inventory: domains/database/update/inventory
-    requires: [testing, verification, reporting]
-    test_only: true
-
-  aaac-update:
-    domain: aaac
-    path: domains/aaac/update/orchestrator
-    inventory: domains/aaac/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting, integration]
-    phases: [load_inventory, discover, investigate_lite, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  aaac-create-feature:
-    domain: aaac
-    path: domains/aaac/update/orchestrator
-    inventory: domains/aaac/update/inventory
-    requires: [discovery, investigation-lite, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting, module-authoring, integration]
-    create_mode: true
-
-  aaac-fix-bug:
-    domain: aaac
-    path: domains/aaac/update/orchestrator
-    inventory: domains/aaac/update/inventory
-    requires: [discovery, investigation, root-cause, planning, validation, impact-analysis, dependency-graph, fitness-functions, rollback, execution, testing, verification, reporting, integration]
-    fix_mode: true
-    phases: [load_inventory, discover, investigate_swarm, root_cause, plan, validate, impact_analysis, dependency_graph, fitness_functions, rollback, execute, verify, sync_inventory, report]
-
-  aaac-test-module:
-    domain: aaac
-    path: domains/aaac/update/orchestrator
-    inventory: domains/aaac/update/inventory
-    requires: [testing, verification, reporting, integration]
-    test_only: true
-
-  aaac-publish:
-    domain: aaac
-    path: domains/aaac/update/orchestrator
-    inventory: domains/aaac/update/inventory
-    requires: [testing, verification, execution, reporting, integration]
-    publish_mode: true
-
-  write-article:
-    domain: content
-    path: domains/content/write/orchestrator
-    requires: [run, reporting]
-    workflow: write-article
-    phases: [parse, research_swarm, write, review, persist, report]
-
   release-app:
     path: skills/shared/platform-release/orchestrator
-    requires: [testing, verification, execution, reporting, ludecker-infrastructure]
+    requires: [testing, verification, execution, reporting]
 
   verb-create:
     path: skills/shared/verbs/create/orchestrator
@@ -322,18 +138,6 @@ skills:
     path: skills/shared/platform-release
   governance/implementation:
     path: skills/shared/governance/implementation
-  ludecker-design-system:
-    path: skills/ludecker/design-system
-  ludecker-database-schema:
-    path: skills/ludecker/database-schema
-  ludecker-api-first:
-    path: skills/ludecker/api-first
-  ludecker-security:
-    path: skills/ludecker/security
-  ludecker-user-experience:
-    path: skills/ludecker/user-experience
-  ludecker-infrastructure:
-    path: skills/ludecker/infrastructure
 
 agents:
   discovery-inventory:
@@ -382,10 +186,6 @@ agents:
     path: agents/release-git.md
     wave: 1
     blocking: true
-  release-render:
-    path: agents/release-render.md
-    wave: 2
-    requires: [release-git]
 
 policies:
   - policies/master-rules.md

package/templates/cursor/aaac/layers.md

@@ -36,6 +36,8 @@ Execution Layer
 ├─ Verb orchestrators          .cursor/skills/shared/verbs/*/orchestrator/
 ├─ Shared pipeline skills      .cursor/skills/shared/
 ├─ Capability registry         .cursor/aaac/capabilities/registry.json
+├─ Capability promotion rules  .cursor/aaac/capabilities/promotion-rules.json
+├─ Capability stats (derived)  .cursor/aaac/state/capability-stats.json
 ├─ Agent specs                 .cursor/agents/
 
 Knowledge Layer
@@ -87,6 +89,7 @@ Policies → Ontology → Graph → Create Run
 → Lifecycle (work) + Gates (composed into Run.pending)
 → Orchestrator → Capabilities resolved (recorded on Run)
 → Execute phases → Update Run → Report
+→ Run completes → capability-evidence.mjs → update capability-stats.json + evaluate promotion
 ```
 
 ## Deprecated

package/templates/cursor/aaac/observability/telemetry.yaml

@@ -21,6 +21,9 @@ log_on:
   - human_approval_required
   - human_approval_received
   - capability_resolved
+  - evidence_aggregated
+  - capability_promoted
+  - evidence_aggregation_failed
   - skill_loaded
   - doc_loaded
   - agent_spawned

package/templates/cursor/aaac/ontology.md

@@ -3,8 +3,7 @@
 SSOT: [ontology.json](ontology.json). Regenerate graph and commands:
 
 ```bash
-node .cursor/aaac/generate-graph.mjs
-node .cursor/aaac/generate-commands.mjs
+npx @ludecker/aaac@latest generate
 ```
 
 ## Hierarchy (how developers already think)
@@ -22,18 +21,10 @@ Four layers in the graph:
 | **product** | feature, workflow, integration | `/create-feature`, `/check-workflow` |
 | **system** | app, domain, architecture | `/release-app`, `/update-domain`, `/review-architecture` |
 
-## Verbs (unchanged)
+## Verbs
 
 create · update · fix · review · check · test · release · remove
 
-## Ludecker domains
-
-| Slug | Bounded context |
-|------|-----------------|
-| `cms` | `apps/website` — public site + CMS admin |
-| `ui` | `packages/ui` — design system |
-| `database` | `supabase/migrations` — schema, RLS, type mirrors |
-
 ## Granular aliases
 
 Finer nouns (api, endpoint, hook, spec, skill, graph, …) map to a canonical command — see `command_aliases` in [ontology.json](ontology.json). Examples:
@@ -43,48 +34,42 @@ Finer nouns (api, endpoint, hook, spec, skill, graph, …) map to a canonical co
 | `/update-api` | `update-integration` |
 | `/fix-hook` | `fix-function` |
 | `/update-doc` | `update-architecture` |
-| `/update-design` | `update-component` (cms/ui resolver) |
 | `/check-inventory` | `check-module` |
 | `/create-skill` | `create-module` |
-| `/ship-ludecker` | `release-app` |
 
 ## Exceptions
 
 | Command | Note |
 |---------|------|
-| `fix-bug` | Defect repair; domain resolver (`cms`, `ui`, `database`); unknown slug → `verb-fix` |
+| `fix-bug` | Defect repair; routes to `verb-fix` + object `feature` by default |
+| `fix-module` | Same fix swarm; routes to `verb-fix` + object `module` by default |
 | `review-incident` | Production/deploy incident (`swarm-check` alias) |
 | `test-function` | Journey verification (dedicated orchestrator) |
-| `release-app` | Full platform ship (`ship-ludecker` alias) |
-| `write-article` | Content research swarm → CMS persist |
+| `release-app` | Platform release swarm |
+
+Add domain resolvers in `graph.project.yaml` to route `/update-module <slug>` to domain orchestrators.
 
 ## Invalid `release-*`
 
-Use `release-app`, `release-feature`, or `release-integration` — not `release-function`, `release-module`, `release-schema`, etc. (see `invalid_pairs` in graph).
+Use `release-app`, `release-feature`, or `release-integration` — not `release-function`, `release-module`, etc. (see `invalid_pairs` in graph).
 
 ## Verb lifecycle and gates
 
-**Work:** [lifecycle/lifecycle.json](lifecycle/lifecycle.json) → graph `verb_work_phases`  
-**Gates:** [governance/gates.json](governance/gates.json) → graph `governance_gate_stacks`  
-**Runtime (composed):** graph `verb_runtime` on Run at dispatch  
-**Run:** [run/schema.json](run/schema.json) — primary execution object  
-
-Phase → skill: [lifecycle/phases.json](lifecycle/phases.json)
+**Work:** [lifecycle/lifecycle.json](lifecycle/lifecycle.json)  
+**Gates:** [governance/gates.json](governance/gates.json)  
+**Run:** [run/schema.json](run/schema.json)
 
 ## Object capabilities
 
-Ontology declares `object_capabilities` per object. Graph resolves to provider skills via [capabilities/registry.json](capabilities/registry.json). Generated `object_skills` in graph.yaml is derived — do not edit by hand.
+Ontology declares `object_capabilities` per object. Graph resolves providers via [capabilities/registry.json](capabilities/registry.json). Generic install uses shared skills; replace with project skills in your overlay.
 
-Example: `component` → `[component-model, layer-boundaries, ui-design]` → `[component, architecture, ludecker-design-system]`
+Example: `component` → `[component-model, layer-boundaries, ui-design]` → `[component, architecture, component]`
 
 ## Domain argument
 
-- **Required:** `update-module`, `update-domain`, …
-- **Optional:** `*-function`, `review-incident`, `write-article`
+- **Recommended:** `update-module`, `fix-module`, … once you add domains
+- **Optional:** `*-function`, `review-incident`
 
-## Manual commands (not in graph)
+## Manual commands
 
-| Command | Purpose |
-|---------|---------|
-| `/launch-ludecker` | Local dev: kill stale processes, clean `.next`, start `pnpm dev` |
-| `/kill-ludecker` | Kill local dev port listeners |
+Add filenames to [project.config.json](project.config.json) `manual_commands` — not generated from ontology.

package/templates/cursor/aaac/project.config.json

@@ -1,3 +1,6 @@
 {
-  "manual_commands": []
+  "manual_commands": [],
+  "verify": {
+    "enabled": false
+  }
 }

package/templates/cursor/aaac/run/schema.json

@@ -10,7 +10,7 @@
     "domain": "string | null",
     "intent": "string",
     "orchestrator": "string",
-    "status": "pending | running | blocked | completed | failed",
+    "status": "pending | running | blocked | completed | failed | cancelled",
     "phase": "string | null",
     "phase_kind": "work | gate | null",
     "awaiting_approval": false,
@@ -22,6 +22,10 @@
     "checkpoints": [],
     "log": [],
     "capabilities_resolved": {},
+    "capability_runtime": {},
+    "capability_runtime_approved": false,
+    "capability_evidence_processed": false,
+    "capability_evidence_outcomes": [],
     "confidence": {
       "architecture": null,
       "requirements": null,

package/templates/cursor/aaac/scripts/run-engine/advance-phase.mjs

@@ -5,6 +5,8 @@
  */
 import fs from "fs";
 import path from "path";
+import { spawnSync } from "child_process";
+import { fileURLToPath } from "url";
 import {
   loadRegistry,
   loadEnforcement,
@@ -18,6 +20,14 @@ import {
   saveActiveRun,
 } from "./lib.mjs";
 import { recordLog } from "./log.mjs";
+import {
+  processRunEvidence,
+  evaluateCapabilityRuntimePolicy,
+  resolveCapabilitiesWithRuntime,
+  loadObjectMaturity,
+} from "./capability-evidence.mjs";
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
 const runId = process.argv[2];
 const completedPhase = process.argv[3];
@@ -67,6 +77,46 @@ if (minAgents && launches < minAgents && !force) {
   process.exit(2);
 }
 
+const verifyVerbs = enforcement.verify_verbs ?? ["create", "update", "fix"];
+if (
+  completedPhase === "verify" &&
+  verifyVerbs.includes(manifest.verb) &&
+  !force
+) {
+  const verifyScript = path.join(__dirname, "verify-website-build.mjs");
+  const verifyRun = spawnSync("node", [verifyScript, "--run-id", runId], {
+    encoding: "utf8",
+  });
+  if (verifyRun.status !== 0) {
+    const detail =
+      verifyRun.stderr?.trim() ||
+      verifyRun.stdout?.trim() ||
+      "verify-website-build failed";
+    recordLog(manifest, {
+      event: "gate_fail",
+      phase: completedPhase,
+      phase_kind: manifest.phase_kind,
+      detail: `website verify failed: ${detail.slice(0, 500)}`,
+      level: "warn",
+    });
+    manifest.updated_at = isoNow();
+    writeJson(manifestPath, manifest);
+    console.error(
+      "App verify failed (see project.config.json verify). Fix errors, then re-run:\n" +
+        `  node .cursor/aaac/scripts/run-engine/verify-website-build.mjs --run-id ${runId}\n` +
+        detail,
+    );
+    process.exit(2);
+  }
+  recordLog(manifest, {
+    event: "verify_website_pass",
+    phase: completedPhase,
+    phase_kind: manifest.phase_kind,
+    detail: "app verify gate",
+    level: "info",
+  });
+}
+
 const requiredArtifacts = enforcement.phase_artifacts?.[completedPhase] ?? [];
 for (const rel of requiredArtifacts) {
   const artifactPath = path.join(runDir(runId), rel);
@@ -119,7 +169,68 @@ recordLog(manifest, {
   level: "info",
 });
 
-const nextPhase = manifest.pending.shift() ?? null;
+let nextPhase = manifest.pending.shift() ?? null;
+
+if (nextPhase === "execute" && !force) {
+  const resolved =
+    manifest.capabilities_resolved &&
+    Object.keys(manifest.capabilities_resolved).length > 0
+      ? manifest.capabilities_resolved
+      : resolveCapabilitiesWithRuntime(manifest.object, manifest.verb);
+  const policy = evaluateCapabilityRuntimePolicy(resolved, {
+    object_maturity: loadObjectMaturity(manifest.object),
+  });
+  manifest.capability_runtime = policy;
+
+  const needsBlock =
+    policy.action === "block" ||
+    (policy.action === "require_approval" && !manifest.capability_runtime_approved);
+
+  if (needsBlock) {
+    manifest.pending.unshift(nextPhase);
+    nextPhase = null;
+    manifest.status = "blocked";
+    manifest.awaiting_approval = policy.action === "require_approval";
+    manifest.blocked_reason = policy.reasons.join("; ") || "capability runtime policy";
+    recordLog(manifest, {
+      event: "gate_fail",
+      phase: completedPhase,
+      phase_kind: manifest.phase_kind,
+      detail: `capability runtime ${policy.action}: ${manifest.blocked_reason}`,
+      level: "warn",
+    });
+    manifest.updated_at = isoNow();
+    writeJson(manifestPath, manifest);
+    saveActiveRun(manifest.conversation_id ?? null, {
+      run_id: runId,
+      conversation_id: manifest.conversation_id ?? null,
+      command: manifest.command,
+      phase: manifest.phase,
+      status: manifest.status,
+      task_launches_this_phase: 0,
+      edit_allowed: false,
+      started_at: manifest.created_at,
+    });
+    console.error(
+      `Capability runtime ${policy.action}: ${manifest.blocked_reason}. ` +
+        (policy.action === "require_approval"
+          ? "User must approve in chat; set capability_runtime_approved on Run and retry."
+          : "Cannot proceed to execute."),
+    );
+    process.exit(2);
+  }
+
+  if (policy.action === "warn") {
+    recordLog(manifest, {
+      event: "capability_runtime_warn",
+      phase: completedPhase,
+      phase_kind: manifest.phase_kind,
+      detail: policy.reasons.join("; "),
+      level: "warn",
+    });
+  }
+}
+
 if (!nextPhase) {
   manifest.status = "completed";
   manifest.phase = "report";
@@ -131,6 +242,46 @@ if (!nextPhase) {
     detail: "all phases completed",
     level: "info",
   });
+
+  try {
+    const evidenceResult = processRunEvidence(runId, { manifest, skipManifestWrite: true });
+    if (evidenceResult.ok && !evidenceResult.skipped) {
+      manifest.capability_evidence_processed = true;
+      manifest.capability_evidence_outcomes = evidenceResult.outcomes;
+      if (
+        !manifest.capabilities_resolved ||
+        !Object.keys(manifest.capabilities_resolved).length
+      ) {
+        manifest.capabilities_resolved = evidenceResult.resolved;
+      }
+      recordLog(manifest, {
+        event: "evidence_aggregated",
+        phase: "report",
+        phase_kind: "work",
+        detail: `capabilities=${(evidenceResult.capabilities ?? []).join(",")}`,
+        level: "info",
+      });
+      for (const outcome of evidenceResult.outcomes ?? []) {
+        if (outcome.previous_state !== outcome.new_state) {
+          recordLog(manifest, {
+            event: "capability_promoted",
+            phase: "report",
+            phase_kind: "work",
+            detail: `${outcome.capability_id}:${outcome.previous_state}→${outcome.new_state}`,
+            level: "info",
+          });
+        }
+      }
+    }
+  } catch (err) {
+    recordLog(manifest, {
+      event: "evidence_aggregation_failed",
+      phase: "report",
+      phase_kind: "work",
+      detail: String(err.message ?? err).slice(0, 300),
+      level: "warn",
+    });
+  }
 } else {
   manifest.phase = nextPhase;
   manifest.phase_kind = phaseKind(nextPhase, registry);