@open-agent-toolkit/cli 0.1.48 → 0.1.50
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/assets/docs/cli-utilities/configuration.md +41 -0
- package/assets/docs/cli-utilities/workflow-gates.md +17 -0
- package/assets/docs/provider-sync/providers.md +5 -1
- package/assets/docs/workflows/projects/dispatch-ceiling.md +59 -7
- package/assets/docs/workflows/projects/implementation-execution.md +34 -0
- package/assets/public-package-versions.json +4 -4
- package/assets/skills/oat-project-implement/SKILL.md +49 -22
- package/assets/skills/oat-project-review-provide/SKILL.md +18 -2
- package/assets/skills/oat-project-review-provide-remote/SKILL.md +28 -1
- package/dist/commands/config/index.d.ts +3 -0
- package/dist/commands/config/index.d.ts.map +1 -1
- package/dist/commands/config/index.js +70 -128
- package/dist/commands/doctor/index.d.ts +3 -0
- package/dist/commands/doctor/index.d.ts.map +1 -1
- package/dist/commands/doctor/index.js +57 -110
- package/dist/commands/gate/index.d.ts.map +1 -1
- package/dist/commands/gate/index.js +71 -0
- package/dist/commands/project/dispatch-ceiling/index.d.ts.map +1 -1
- package/dist/commands/project/dispatch-ceiling/index.js +144 -112
- package/dist/config/dispatch-matrix.d.ts +59 -0
- package/dist/config/dispatch-matrix.d.ts.map +1 -0
- package/dist/config/dispatch-matrix.js +264 -0
- package/dist/config/oat-config.d.ts +2 -28
- package/dist/config/oat-config.d.ts.map +1 -1
- package/dist/config/oat-config.js +8 -144
- package/dist/config/resolve.d.ts.map +1 -1
- package/dist/config/resolve.js +2 -1
- package/dist/providers/identity/availability.d.ts +12 -0
- package/dist/providers/identity/availability.d.ts.map +1 -1
- package/dist/providers/identity/availability.js +72 -29
- package/dist/providers/identity/dispatch-report.d.ts +124 -0
- package/dist/providers/identity/dispatch-report.d.ts.map +1 -0
- package/dist/providers/identity/dispatch-report.js +285 -0
- package/dist/providers/identity/dispatch-validation.d.ts +28 -0
- package/dist/providers/identity/dispatch-validation.d.ts.map +1 -0
- package/dist/providers/identity/dispatch-validation.js +149 -0
- package/dist/providers/identity/stamp.d.ts +2 -0
- package/dist/providers/identity/stamp.d.ts.map +1 -1
- package/dist/providers/identity/stamp.js +3 -1
- package/package.json +2 -2
|
@@ -381,6 +381,47 @@ has verified equivalent current-host controls for explicit inherit,
|
|
|
381
381
|
managed-uncapped, or base-role behavior. Capped managed reviews still require
|
|
382
382
|
the exact registered role, pinned child, or resolver-returned model argument.
|
|
383
383
|
|
|
384
|
+
### Cursor validation pass and live evidence
|
|
385
|
+
|
|
386
|
+
Config adoption and doctor validate Cursor candidates with one command-scoped
|
|
387
|
+
pass context. Duplicate references to the same byte-for-byte candidate share
|
|
388
|
+
one Task/subagent probe. If a decisive probe is unavailable, the pass resolves
|
|
389
|
+
the broad catalog once, with at most one `--list-models` fallback. The cache
|
|
390
|
+
ends with that adopt or doctor command; it is not process-global and has no
|
|
391
|
+
TTL.
|
|
392
|
+
|
|
393
|
+
A correlated Task start/completion pair that preserves the exact model argument
|
|
394
|
+
and returns the sentinel establishes that the argument is eligible for that
|
|
395
|
+
account and client. A structured rejection or exact allow-list exclusion can
|
|
396
|
+
establish `unknown-value`. Neither result identifies the backend runtime model:
|
|
397
|
+
`runtimeIdentity` remains `not-reported` unless trusted Cursor telemetry or
|
|
398
|
+
Cursor support confirms it. Parent prose and broad catalog presence are
|
|
399
|
+
diagnostic-only, so OAT preserves `unvalidated` when launcher evidence is
|
|
400
|
+
absent instead of inferring capability from candidate spelling.
|
|
401
|
+
|
|
402
|
+
The [dated GPT-5.6 Cursor verification evidence](https://github.com/voxmedia/open-agent-toolkit/blob/main/.oat/repo/reference/project-summaries/20260711-cursor-gpt-5-6-subagent-verification.md)
|
|
403
|
+
preserves the original text-mode pass and a versioned stream-JSON second pass.
|
|
404
|
+
The second pass ran a dynamic positive control and deliberate invalid control
|
|
405
|
+
before candidates. Both parent runs completed without a Task event, making the
|
|
406
|
+
controls inconclusive; the stop rule therefore executed zero of the 13
|
|
407
|
+
recommended candidates and did not execute exploratory
|
|
408
|
+
`gpt-5.6-sol-high-fast`. The recommendation remains unchanged and candidate
|
|
409
|
+
eligibility remains unresolved.
|
|
410
|
+
|
|
411
|
+
The tracked artifact's structured second-pass block contains only allowlisted
|
|
412
|
+
event structure, derived outcomes, sanitized auth-presence context, and
|
|
413
|
+
non-reversible identifier hashes. Exact request/session/tool-call IDs and
|
|
414
|
+
credential-redacted unprojected streams from that pass stay under gitignored
|
|
415
|
+
`.oat/projects/local/` storage for possible Cursor support diagnosis.
|
|
416
|
+
|
|
417
|
+
The same public artifact intentionally retains the sanitized historical v1
|
|
418
|
+
text-mode record for provenance. That older section includes command arguments
|
|
419
|
+
and prompts, stdout and stderr, exit and duration data, and capture-environment
|
|
420
|
+
details such as user-specific binary paths; it is not limited to the structured
|
|
421
|
+
second-pass allowlist. Re-run after a Cursor client rollout exposes Task in
|
|
422
|
+
headless mode or Cursor support confirms the private requests; review the open
|
|
423
|
+
verification item by 2026-08-08.
|
|
424
|
+
|
|
384
425
|
### Legacy compatibility
|
|
385
426
|
|
|
386
427
|
The command and docs path retain `dispatch-ceiling` for compatibility. Legacy
|
|
@@ -94,6 +94,23 @@ model that ran, and the reviewer must not replace them with self-identification.
|
|
|
94
94
|
The CLI compares the copied values with its gate-owned record before it applies
|
|
95
95
|
the severity threshold.
|
|
96
96
|
|
|
97
|
+
### Gate dispatch report semantics
|
|
98
|
+
|
|
99
|
+
When gate dispatch is represented in a `DispatchReportV1`, consumers require
|
|
100
|
+
`schemaVersion: 1` and keep three facts independent:
|
|
101
|
+
|
|
102
|
+
- `gateInvocation` is the immutable configured run ID, target, runtime, model,
|
|
103
|
+
reasoning effort, and source.
|
|
104
|
+
- `runtimeIdentity` is observed or otherwise supported producer identity; it is
|
|
105
|
+
`not-reported` when no runtime evidence exists.
|
|
106
|
+
- gate `diversity` describes producer/reviewer routing and achieved separation;
|
|
107
|
+
it does not overwrite either configured invocation or runtime identity.
|
|
108
|
+
|
|
109
|
+
Configured target values, requested controls, producer stamps, and reviewer
|
|
110
|
+
self-report are not interchangeable. The human report is rendered from the
|
|
111
|
+
versioned object, and any parseable `Dispatch:` compatibility line is derived
|
|
112
|
+
from that same report rather than rebuilt from target IDs or model names.
|
|
113
|
+
|
|
97
114
|
### Review project resolution and corroboration
|
|
98
115
|
|
|
99
116
|
`--project <path-or-name>` is a declaration. OAT normalizes the declared path
|
|
@@ -21,7 +21,11 @@ description: 'Provider-specific path mappings for Claude, Cursor, Copilot, Gemin
|
|
|
21
21
|
- Subagent invocation in Cursor is prompt-driven (`/name` or natural mention), not `subagent_type`
|
|
22
22
|
- OAT-controlled Cursor dispatch uses the generic `.cursor/agents/<name>.md` file plus the exact `providers.cursor.dispatchArgs.model` value selected from the candidate ladder. OAT passes it byte-for-byte as the actual Task-level `model`; a `model` frontmatter value is only a default/fallback mechanism.
|
|
23
23
|
- Cursor model strings are opaque. OAT does not infer family, effort, cost, or capability from their spelling; the configured candidate position owns the named tier meaning.
|
|
24
|
-
- Cursor model validation checks whether the selected model is eligible for subagent Task dispatch
|
|
24
|
+
- Cursor model validation checks whether the selected model is eligible for subagent Task dispatch. Each adopt/doctor command probes each distinct exact candidate once and shares one lazy broad-catalog lookup across that pass; the cache ends with the command.
|
|
25
|
+
- A correlated accepted Task carrying the exact model argument plus the child sentinel proves argument eligibility for that account/client. It does not prove backend runtime identity; that remains `not-reported` without trusted Cursor telemetry or support confirmation. Structured rejection can establish `unknown-value`, while parent prose and broad `cursor-agent models` catalog presence remain diagnostic-only.
|
|
26
|
+
- The [dated GPT-5.6 verification artifact](https://github.com/voxmedia/open-agent-toolkit/blob/main/.oat/repo/reference/project-summaries/20260711-cursor-gpt-5-6-subagent-verification.md) preserves the original probe and a stream-JSON control pass. The controls observed no Task events, so the stop rule ran zero recommendation or exploratory candidates and retained the recommendation unchanged.
|
|
27
|
+
- The artifact's structured second-pass block contains only allowlisted event fields, derived outcomes, sanitized auth presence, and identifier hashes. Exact request/session/tool-call IDs and credential-redacted unprojected streams from that pass remain in gitignored local project storage for support escalation.
|
|
28
|
+
- The same public artifact retains the sanitized historical v1 text-mode record for provenance. That older section includes command arguments and prompts, stdout and stderr, exit and duration data, and capture-environment details such as user-specific binary paths; it is not limited to the structured second-pass allowlist.
|
|
25
29
|
- Rule files render as `.cursor/rules/*.mdc`
|
|
26
30
|
|
|
27
31
|
=== "Copilot"
|
|
@@ -263,6 +263,33 @@ Reviewers use the final candidate at the configured review ceiling. Managed
|
|
|
263
263
|
reviewer behavior. A timeout retry preserves the same exact role or complete
|
|
264
264
|
Claude/Cursor model payload.
|
|
265
265
|
|
|
266
|
+
### Cursor evidence authority
|
|
267
|
+
|
|
268
|
+
Cursor resolution and runtime evidence answer different questions. Resolution
|
|
269
|
+
proves which opaque candidate OAT requested. A stream-JSON Task start and
|
|
270
|
+
correlated completion prove launcher behavior only when the model argument is
|
|
271
|
+
preserved byte-for-byte. An accepted Task plus the child sentinel establishes
|
|
272
|
+
argument eligibility for that account and client; a structured rejection can
|
|
273
|
+
establish `unknown-value`. Runtime producer identity remains `not-reported`
|
|
274
|
+
unless trusted Cursor telemetry or Cursor support independently confirms it.
|
|
275
|
+
|
|
276
|
+
The [2026-07-11 GPT-5.6 evidence record](https://github.com/voxmedia/open-agent-toolkit/blob/main/.oat/repo/reference/project-summaries/20260711-cursor-gpt-5-6-subagent-verification.md)
|
|
277
|
+
ran positive and negative controls before candidate probes. Neither control
|
|
278
|
+
emitted a Task event, so the harness stopped without probing the 13 recommended
|
|
279
|
+
arguments or exploratory `gpt-5.6-sol-high-fast`. This is a harness/account
|
|
280
|
+
boundary, not model rejection, and it supports no recommendation change.
|
|
281
|
+
|
|
282
|
+
The tracked artifact's structured second-pass block exposes only an allowlisted
|
|
283
|
+
event projection and non-reversible identifier hashes. Exact
|
|
284
|
+
request/session/tool-call IDs and credential-redacted unprojected streams from
|
|
285
|
+
that pass stay in gitignored local project storage for support diagnosis.
|
|
286
|
+
|
|
287
|
+
The same public artifact intentionally preserves the sanitized historical v1
|
|
288
|
+
text-mode record for provenance. That older section includes command arguments
|
|
289
|
+
and prompts, stdout and stderr, exit and duration data, and capture-environment
|
|
290
|
+
details such as user-specific binary paths; it is not limited to the structured
|
|
291
|
+
second-pass projection.
|
|
292
|
+
|
|
266
293
|
## Coordinator and Worker Layers
|
|
267
294
|
|
|
268
295
|
`oat-phase-implementer` has two explicit modes:
|
|
@@ -279,19 +306,44 @@ Workers run serially in the same worktree. Parallelism remains limited to
|
|
|
279
306
|
plan-declared phase worktrees. See
|
|
280
307
|
[Implementation Execution](implementation-execution.md) for the full loop.
|
|
281
308
|
|
|
282
|
-
## Producer Provenance
|
|
309
|
+
## Dispatch Report V1 and Producer Provenance
|
|
310
|
+
|
|
311
|
+
Resolver calls that pass `--report-scope` and `--report-action` include a
|
|
312
|
+
`dispatchReport` object in JSON output. Consumers must require
|
|
313
|
+
`dispatchReport.schemaVersion: 1` before dispatch. The report keeps four
|
|
314
|
+
different decisions separate:
|
|
315
|
+
|
|
316
|
+
| Report area | What it means |
|
|
317
|
+
| ------------------------------------------------------------------- | -------------------------------------------------------------------- |
|
|
318
|
+
| `policy` | The resolved managed/inherit policy, its status, name, and source |
|
|
319
|
+
| `selection.ceilingTier` / `selection.ceilingTarget` | The maximum allowed tier and its boundary target |
|
|
320
|
+
| `selection.requestedCandidate` / `candidateTier` / `candidateIndex` | The exact candidate requested for this bounded task and its position |
|
|
321
|
+
| `selection.exactSelectedTarget` / `route.target` | The compiled provider target and actual invocation route |
|
|
322
|
+
|
|
323
|
+
A named policy or ceiling is never a substitute for the requested candidate or
|
|
324
|
+
exact selected target. `requestedControls` records what OAT put into the host
|
|
325
|
+
payload. `configuredDefaults` records fallback configuration and is explicitly
|
|
326
|
+
not a runtime observation.
|
|
327
|
+
|
|
328
|
+
`gateInvocation` is an immutable copy of configured gate controls.
|
|
329
|
+
`runtimeIdentity` is separate and stays `not-reported` until independently
|
|
330
|
+
observed or otherwise supported runtime evidence exists. Requested controls,
|
|
331
|
+
configured defaults, role-name parsing, and reviewer self-identification do not
|
|
332
|
+
become observed runtime identity.
|
|
283
333
|
|
|
284
|
-
|
|
334
|
+
Human output comes from `formatDispatchReport(dispatchReport)`. Dispatch notes
|
|
335
|
+
also retain a parseable compatibility stamp for later review gates:
|
|
285
336
|
|
|
286
337
|
```text
|
|
287
338
|
Dispatch: scope=p06-t03 action=implementation role=implementer producer=gpt-5.6-sol provenance=declared model_axis=selected:gpt-5.6-sol effort_axis=selected:high dispatch_policy=high dispatch_ceiling=high target=oat-phase-implementer-gpt-5-6-sol-high
|
|
288
339
|
```
|
|
289
340
|
|
|
290
|
-
|
|
291
|
-
`
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
341
|
+
The stamp must be derived through `toDispatchStampRecord(dispatchReport)` and
|
|
342
|
+
`formatDispatchStamp`; callers must not reconstruct it from policy labels, role
|
|
343
|
+
names, candidate strings, or target names. `producer` is the runtime model slug
|
|
344
|
+
when OAT can establish it; otherwise it is `unknown`. `provenance` is
|
|
345
|
+
`declared`, `observed`, `inferred`, or `unknown`. Selected model and effort axes
|
|
346
|
+
can remain exact even when runtime producer identity is not reported.
|
|
295
347
|
|
|
296
348
|
## Legacy Compatibility
|
|
297
349
|
|
|
@@ -88,6 +88,18 @@ import performs the same readiness setup:
|
|
|
88
88
|
|
|
89
89
|
See [Dispatch Policy](dispatch-ceiling.md) for ladder shapes and ownership.
|
|
90
90
|
|
|
91
|
+
### Validating plan metadata
|
|
92
|
+
|
|
93
|
+
Before building the phase schedule, implementation validates plan parallelism:
|
|
94
|
+
|
|
95
|
+
```bash
|
|
96
|
+
oat project validate-plan --project-path .oat/projects/shared/example
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
The command rejects malformed groups, unknown phase IDs, duplicate membership,
|
|
100
|
+
and singleton groups. Invalid metadata blocks execution rather than silently
|
|
101
|
+
falling back to a different schedule.
|
|
102
|
+
|
|
91
103
|
Before phase work, implementation runs provider preflight:
|
|
92
104
|
|
|
93
105
|
```bash
|
|
@@ -204,6 +216,28 @@ If exact controls cannot be applied, fail closed. A transient retry reuses the
|
|
|
204
216
|
same complete provider payload. Substantive escalation re-resolves another
|
|
205
217
|
configured candidate within the same named maximum and bounded retry budget.
|
|
206
218
|
|
|
219
|
+
## Dispatch Reports During Execution
|
|
220
|
+
|
|
221
|
+
Every implementation, fix, and review resolver call supplies explicit report
|
|
222
|
+
context:
|
|
223
|
+
|
|
224
|
+
```text
|
|
225
|
+
--report-scope <phase-or-task> --report-action <implementation|fix|review>
|
|
226
|
+
```
|
|
227
|
+
|
|
228
|
+
The completed JSON must contain `dispatchReport.schemaVersion: 1` before the
|
|
229
|
+
provider invocation begins. The coordinator reads the requested candidate,
|
|
230
|
+
candidate tier, ceiling, exact selected target, requested controls, configured
|
|
231
|
+
defaults, and runtime identity from that report as distinct fields. It does not
|
|
232
|
+
infer any of them from a materialized role name or opaque Cursor string.
|
|
233
|
+
|
|
234
|
+
The human dispatch block is rendered from the report. The formal `Dispatch:`
|
|
235
|
+
line is a compatibility view derived from the same report through the dispatch
|
|
236
|
+
stamp adapter. It is not a second schema and must not be assembled by hand.
|
|
237
|
+
Configured defaults and configured gate invocation remain distinct from runtime
|
|
238
|
+
identity; when runtime identity is not observed, the report says so without
|
|
239
|
+
weakening exact requested model or effort controls.
|
|
240
|
+
|
|
207
241
|
## Task Scope and Commit Verification
|
|
208
242
|
|
|
209
243
|
Each worker receives only one task:
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: oat-project-implement
|
|
3
|
-
version: 2.0.
|
|
3
|
+
version: 2.0.34
|
|
4
4
|
description: Use when plan.md is ready for execution. Dispatches phase coordinators that select one exact target-pinned worker per task; supports bounded fix loops and plan-declared worktree-isolated parallel phases.
|
|
5
5
|
oat_gateable: true
|
|
6
6
|
argument-hint: '[--retry-limit <N>] [--dry-run]'
|
|
@@ -193,13 +193,13 @@ Use the CLI resolver as the source of truth. The command name remains
|
|
|
193
193
|
policy:
|
|
194
194
|
|
|
195
195
|
```bash
|
|
196
|
-
oat project dispatch-ceiling resolve --provider <active-provider> --preflight --json
|
|
196
|
+
oat project dispatch-ceiling resolve --provider <active-provider> --preflight --report-scope implementation-preflight --report-action implementation --json
|
|
197
197
|
```
|
|
198
198
|
|
|
199
199
|
If `oat` is not in PATH, use:
|
|
200
200
|
|
|
201
201
|
```bash
|
|
202
|
-
pnpm run cli -- project dispatch-ceiling resolve --provider <active-provider> --preflight --json
|
|
202
|
+
pnpm run cli -- project dispatch-ceiling resolve --provider <active-provider> --preflight --report-scope implementation-preflight --report-action implementation --json
|
|
203
203
|
```
|
|
204
204
|
|
|
205
205
|
Resolution order:
|
|
@@ -345,7 +345,7 @@ exists, rerun the resolver with non-interactive behavior and stop before work
|
|
|
345
345
|
starts if it blocks:
|
|
346
346
|
|
|
347
347
|
```bash
|
|
348
|
-
oat project dispatch-ceiling resolve --provider <active-provider> --preflight --non-interactive
|
|
348
|
+
oat project dispatch-ceiling resolve --provider <active-provider> --preflight --non-interactive --report-scope implementation-preflight --report-action implementation
|
|
349
349
|
```
|
|
350
350
|
|
|
351
351
|
```text
|
|
@@ -390,6 +390,32 @@ an ordered matrix route:
|
|
|
390
390
|
entry before retrying, up to the last available route entry and within
|
|
391
391
|
`oat_orchestration_retry_limit`.
|
|
392
392
|
|
|
393
|
+
#### Dispatch Report V1 contract
|
|
394
|
+
|
|
395
|
+
Every implementation, fix, and review resolver invocation MUST pass explicit
|
|
396
|
+
report context:
|
|
397
|
+
|
|
398
|
+
- implementation: `--report-scope <phase-or-task> --report-action implementation`
|
|
399
|
+
- fix: `--report-scope <phase-or-task> --report-action fix`
|
|
400
|
+
- review: `--report-scope <phase-or-review-scope> --report-action review`
|
|
401
|
+
|
|
402
|
+
Require `dispatchReport.schemaVersion: 1` in the completed resolver JSON before
|
|
403
|
+
dispatch. Consume the report as the human/audit source: render the versioned
|
|
404
|
+
block with `formatDispatchReport(dispatchReport)` semantics, and derive the
|
|
405
|
+
formal compatibility line only through
|
|
406
|
+
`formatDispatchStamp(dispatchReport)` / `toDispatchStampRecord(dispatchReport)`.
|
|
407
|
+
Never hand-assemble a second `Dispatch:` schema from policy labels, role names,
|
|
408
|
+
candidate strings, or target names.
|
|
409
|
+
|
|
410
|
+
The exact provider invocation remains authoritative in
|
|
411
|
+
`providers.<provider>.dispatchArgs` and `providers.<provider>.selection.target`;
|
|
412
|
+
the report does not replace or weaken target-pinned dispatch. Add independently
|
|
413
|
+
observed runtime identity to `dispatchReport.runtimeIdentity` only when such an
|
|
414
|
+
observation exists. Requested/configured controls are not runtime observation.
|
|
415
|
+
For gate-originated review, keep `dispatchReport.gateInvocation`, existing
|
|
416
|
+
work-producer `diversity`, and reviewer `runtimeIdentity` as three distinct
|
|
417
|
+
facts; producer stamps or self-report never overwrite configured invocation.
|
|
418
|
+
|
|
393
419
|
Axis states:
|
|
394
420
|
|
|
395
421
|
- `selected:<value>` - host exposes the axis and the orchestrator chose a value.
|
|
@@ -422,8 +448,8 @@ fallback.
|
|
|
422
448
|
3. For capped managed implementer/fix work, selected effort is `min(preferred, resolved_cap)`.
|
|
423
449
|
4. For managed `Uncapped` implementer/fix work, selected effort is the preferred effort with no cap.
|
|
424
450
|
5. For inherit/default mode, the resolver returns no selected dispatch args. Use the base/unpinned Codex role, log `Selected effort: provider-default`, display provider default effort when known, and do not describe this as managed uncapped behavior.
|
|
425
|
-
6. For managed capped task-worker/fix dispatch, choose an exact configured candidate
|
|
426
|
-
7. For review dispatch: call `oat project dispatch-ceiling resolve --provider codex --role reviewer`; read `providers.codex.dispatchArgs.variant` and `providers.codex.selection.target`.
|
|
451
|
+
6. For managed capped task-worker/fix dispatch, choose an exact configured candidate. For implementation, call `oat project dispatch-ceiling resolve --provider codex --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <model> --candidate-effort <effort> --escalation-level <route-level> --report-scope <task-id> --report-action implementation --json`. For a bounded fix, use `oat project dispatch-ceiling resolve --provider codex --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <model> --candidate-effort <effort> --escalation-level <route-level> --report-scope <task-id> --report-action fix --json`. Read `providers.codex.dispatchArgs.variant` and `providers.codex.selection.target`; never reuse the coordinator role or a cap-only variant. `--preferred` remains compatibility behavior outside the exact task-worker path.
|
|
452
|
+
7. For review dispatch: call `oat project dispatch-ceiling resolve --provider codex --role reviewer --report-scope <phase-or-review-scope> --report-action review --json`; read `providers.codex.dispatchArgs.variant` and `providers.codex.selection.target`.
|
|
427
453
|
- Capped managed policy: reviewer targets the configured cap for deterministic quality gate behavior.
|
|
428
454
|
- Managed `Uncapped`: no reviewer target exists; use base/unpinned reviewer fallback and log `selectionMode=no-review-target`, `selectedValue=null`, and `effort_axis=provider-default`.
|
|
429
455
|
- Inherit/default: no reviewer target exists; use base/unpinned reviewer fallback and log `selectionMode=inherit-default`, `selectedValue=null`, and `effort_axis=provider-default`.
|
|
@@ -440,7 +466,7 @@ Claude rules:
|
|
|
440
466
|
- Review dispatch:
|
|
441
467
|
- Capped managed policy: target the configured policy cap directly.
|
|
442
468
|
- Managed `Uncapped` or inherit/default: no reviewer target exists; omit `model` and log inherited/default model behavior.
|
|
443
|
-
- For managed capped task-worker/fix dispatch, call `oat project dispatch-ceiling resolve --provider claude --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <model> --orchestrator-tier <current-orchestrator-tier> --escalation-level <route-level> --json
|
|
469
|
+
- For managed capped task-worker/fix dispatch, call `oat project dispatch-ceiling resolve --provider claude --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <model> --orchestrator-tier <current-orchestrator-tier> --escalation-level <route-level> --report-scope <task-id> --report-action implementation --json` for implementation. For a bounded fix, call `oat project dispatch-ceiling resolve --provider claude --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <model> --orchestrator-tier <current-orchestrator-tier> --escalation-level <route-level> --report-scope <task-id> --report-action fix --json`. For review dispatch, call the resolver with `--role reviewer --report-scope <phase-or-review-scope> --report-action review --json` and no candidate flags. Read `providers.claude.dispatchArgs.model` and pass it exactly on the actual Task invocation.
|
|
444
470
|
- Pass `model: "<value>"` when `model_axis=selected:<value>` on the Task tool call.
|
|
445
471
|
- Keep `effort_axis=not-applicable`; Claude Code has no separate per-dispatch effort axis.
|
|
446
472
|
|
|
@@ -448,9 +474,10 @@ Cursor rules:
|
|
|
448
474
|
|
|
449
475
|
- Treat every configured Cursor candidate string as opaque. Do not normalize it
|
|
450
476
|
or infer capability from its spelling.
|
|
451
|
-
- For managed capped task-worker/fix dispatch, call
|
|
452
|
-
|
|
453
|
-
|
|
477
|
+
- For managed capped task-worker/fix dispatch, call
|
|
478
|
+
`oat project dispatch-ceiling resolve --provider cursor --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <opaque-model> --report-scope <task-id> --report-action implementation --json`
|
|
479
|
+
for implementation. For a bounded fix, call
|
|
480
|
+
`oat project dispatch-ceiling resolve --provider cursor --role implementer --ceiling-tier <project-or-phase-tier> --candidate-model <opaque-model> --report-scope <task-id> --report-action fix --json`.
|
|
454
481
|
- Require `providers.cursor.dispatchArgs.model` and pass that exact byte-for-byte
|
|
455
482
|
string as the actual Cursor invocation model. If the host cannot apply it,
|
|
456
483
|
fail closed.
|
|
@@ -460,19 +487,17 @@ Payload-first invariant:
|
|
|
460
487
|
- Build the actual host dispatch argument map before logging.
|
|
461
488
|
- Do not emit `selected:<value>` unless the host invocation contains the corresponding role/model selection.
|
|
462
489
|
- Derive `Dispatch target` and `Effort axis` / `Model axis` from the payload.
|
|
463
|
-
- After the payload is built, append
|
|
464
|
-
|
|
465
|
-
|
|
490
|
+
- After the payload is built, append the compatibility stamp returned from
|
|
491
|
+
`formatDispatchStamp(dispatchReport)` to Dispatch Notes for every
|
|
492
|
+
implementation, fix, and review dispatch. The derived line retains the p01
|
|
493
|
+
grammar exactly:
|
|
466
494
|
`Dispatch: scope=<phase-or-task> action=<implementation|fix|review> role=<implementer|fix|reviewer> producer=<slug|unknown> provenance=<declared|observed|inferred|unknown> model_axis=<axis> effort_axis=<axis> dispatch_policy=<policy|unknown> dispatch_ceiling=<value|none> target=<target|unknown>`.
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
model
|
|
471
|
-
|
|
472
|
-
|
|
473
|
-
identity is available. Base/unpinned or deferred cross-harness paths are also
|
|
474
|
-
`producer=unknown provenance=unknown` unless an observed/inferred identity is
|
|
475
|
-
available. Do not write prose-only or legacy comma-separated stamp forms.
|
|
495
|
+
Populate the report from the completed resolver and actual host arguments.
|
|
496
|
+
Only independently observed or otherwise supported runtime evidence may
|
|
497
|
+
populate runtime producer identity. Codex materialized model+effort variants
|
|
498
|
+
retain selected model/effort controls while keeping runtime identity
|
|
499
|
+
not-reported unless evidence exists. Do not write prose-only, hand-built, or
|
|
500
|
+
legacy comma-separated stamp forms.
|
|
476
501
|
|
|
477
502
|
Human-facing dispatch display rules:
|
|
478
503
|
|
|
@@ -1067,6 +1092,8 @@ For each task in dependency order, the coordinator must:
|
|
|
1067
1092
|
--role implementer \
|
|
1068
1093
|
--ceiling-tier <project-or-phase-named-tier> \
|
|
1069
1094
|
--candidate-model <exact-model> \
|
|
1095
|
+
--report-scope <task-id> \
|
|
1096
|
+
--report-action implementation \
|
|
1070
1097
|
--project-path "$PROJECT_PATH" \
|
|
1071
1098
|
--json
|
|
1072
1099
|
```
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: oat-project-review-provide
|
|
3
|
-
version: 1.3.
|
|
3
|
+
version: 1.3.13
|
|
4
4
|
description: Use when the user explicitly asks to review an OAT project — e.g. "review project", "review the project", "run project review", or confirms a previously offered review. Do NOT auto-invoke on completed work alone. Resolves a project review scope and offers before running.
|
|
5
5
|
disable-model-invocation: false
|
|
6
6
|
user-invocable: true
|
|
@@ -523,9 +523,25 @@ Before capability-tier selection, resolve the same reviewer contract used by
|
|
|
523
523
|
plan artifact review and implementation phase/final review:
|
|
524
524
|
|
|
525
525
|
```bash
|
|
526
|
-
oat project dispatch-ceiling resolve --provider "$ACTIVE_PROVIDER" --role reviewer --preflight --json
|
|
526
|
+
oat project dispatch-ceiling resolve --provider "$ACTIVE_PROVIDER" --role reviewer --preflight --report-scope "$SCOPE_TOKEN" --report-action review --json
|
|
527
527
|
```
|
|
528
528
|
|
|
529
|
+
Require `dispatchReport.schemaVersion: 1`. Render/consume the resolver's
|
|
530
|
+
versioned report using `formatDispatchReport(dispatchReport)` semantics, and
|
|
531
|
+
derive the formal compatibility line only with
|
|
532
|
+
`formatDispatchStamp(dispatchReport)` / `toDispatchStampRecord(dispatchReport)`.
|
|
533
|
+
Include that derived line in the review dispatch audit metadata; do not
|
|
534
|
+
hand-assemble `Dispatch:` fields from a role name or model string.
|
|
535
|
+
|
|
536
|
+
The exact managed provider target still comes from
|
|
537
|
+
`providers.<provider>.dispatchArgs` plus
|
|
538
|
+
`providers.<provider>.selection.target`, and the actual reviewer invocation
|
|
539
|
+
must retain it byte-for-byte. The report is an audit/rendering surface, not a
|
|
540
|
+
selection fallback. Configured invocation (including gate-owned immutable
|
|
541
|
+
metadata), work-producer diversity, and independently observed reviewer runtime identity are distinct. Do not promote producer stamps, configured defaults, or
|
|
542
|
+
reviewer self-report into `dispatchReport.runtimeIdentity`; leave it
|
|
543
|
+
`not-reported` unless an independent observation exists.
|
|
544
|
+
|
|
529
545
|
The reviewer resolver selects the final candidate of the configured review
|
|
530
546
|
ceiling. Do not supply ephemeral implementer candidate requests for artifact,
|
|
531
547
|
phase, project, or final review. A lower candidate is allowed only when a
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: oat-project-review-provide-remote
|
|
3
|
-
version: 1.0.
|
|
3
|
+
version: 1.0.3
|
|
4
4
|
description: Use when reviewing a GitHub PR opened on another machine for an active OAT project and posting findings back as a single PR review. Resolves the project from the PR diff, reads project artifacts for mode-aware review, and posts via gh api.
|
|
5
5
|
disable-model-invocation: true
|
|
6
6
|
user-invocable: true
|
|
@@ -211,6 +211,33 @@ Guard outcomes:
|
|
|
211
211
|
|
|
212
212
|
Mode-aware review against the project artifacts + the `oat-reviewer` checklist + severity model. Scope to the narrowing range when one was chosen; otherwise the full PR diff. Assign finding IDs per severity bucket (`C1`, `I1`, `M1`, `m1`), stable within the dispatch.
|
|
213
213
|
|
|
214
|
+
**Step 5.0: Resolve and report the exact reviewer target.** Before capability
|
|
215
|
+
probing, run:
|
|
216
|
+
|
|
217
|
+
```bash
|
|
218
|
+
oat project dispatch-ceiling resolve --provider "$ACTIVE_PROVIDER" --role reviewer --preflight --project-path "$PROJECT_PATH" --report-scope "$SCOPE_TOKEN" --report-action review --json
|
|
219
|
+
```
|
|
220
|
+
|
|
221
|
+
Require `dispatchReport.schemaVersion: 1`. Render/consume its versioned human
|
|
222
|
+
block with `formatDispatchReport(dispatchReport)` semantics and derive the
|
|
223
|
+
formal audit `Dispatch:` line only through
|
|
224
|
+
`formatDispatchStamp(dispatchReport)` / `toDispatchStampRecord(dispatchReport)`.
|
|
225
|
+
Never hand-build a parallel stamp schema.
|
|
226
|
+
|
|
227
|
+
Retain the exact managed provider payload from
|
|
228
|
+
`providers.<provider>.dispatchArgs` and
|
|
229
|
+
`providers.<provider>.selection.target` in the actual Tier 1/2/3 invocation;
|
|
230
|
+
the report does not authorize substitution or lowering. Configured gate
|
|
231
|
+
invocation, work-producer diversity, and independently observed reviewer
|
|
232
|
+
`dispatchReport.runtimeIdentity` remain separate. Do not treat PR markers, implementation
|
|
233
|
+
producer stamps, configured defaults, or reviewer self-report as runtime
|
|
234
|
+
confirmation. Leave report runtime identity not-reported unless independently
|
|
235
|
+
observed.
|
|
236
|
+
|
|
237
|
+
This resolver command is independent of lifecycle gates. Reusable `oat gate
|
|
238
|
+
review` commands must remain provider-neutral and must not contain or add a
|
|
239
|
+
provider/model `--target` argument.
|
|
240
|
+
|
|
214
241
|
**Step 5a: Probe subagent availability** (mirrors `oat-project-review-provide` Step 6a):
|
|
215
242
|
|
|
216
243
|
```
|
|
@@ -3,6 +3,7 @@ import { type PromptContext } from '../shared/shared.prompts.js';
|
|
|
3
3
|
import { type OatConfig, type OatLocalConfig, type UserConfig } from '../../config/oat-config.js';
|
|
4
4
|
import { type ResolvedConfig } from '../../config/resolve.js';
|
|
5
5
|
import { type MatrixCellAvailabilityResponse, type ValidateMatrixCellOptions } from '../../providers/identity/availability.js';
|
|
6
|
+
import { createDispatchValidationPassContext, validateDispatchMatrixRefs } from '../../providers/identity/dispatch-validation.js';
|
|
6
7
|
import { Command } from 'commander';
|
|
7
8
|
interface ConfigCommandDependencies {
|
|
8
9
|
buildCommandContext: (options: Parameters<typeof buildCommandContext>[0]) => CommandContext;
|
|
@@ -19,6 +20,8 @@ interface ConfigCommandDependencies {
|
|
|
19
20
|
readFile: (path: string) => Promise<string>;
|
|
20
21
|
confirmAction: (message: string, ctx: PromptContext) => Promise<boolean>;
|
|
21
22
|
validateMatrixCell: (provider: string, value: string, options: ValidateMatrixCellOptions) => Promise<MatrixCellAvailabilityResponse>;
|
|
23
|
+
createDispatchValidationPassContext: typeof createDispatchValidationPassContext;
|
|
24
|
+
validateDispatchMatrixRefs: typeof validateDispatchMatrixRefs;
|
|
22
25
|
processEnv: NodeJS.ProcessEnv;
|
|
23
26
|
}
|
|
24
27
|
export declare function createConfigCommand(overrides?: Partial<ConfigCommandDependencies>): Command;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/commands/config/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,mBAAmB,EAAE,KAAK,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEhF,OAAO,EAEL,KAAK,aAAa,EACnB,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/commands/config/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,mBAAmB,EAAE,KAAK,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEhF,OAAO,EAEL,KAAK,aAAa,EACnB,MAAM,iCAAiC,CAAC;AAezC,OAAO,EAGL,KAAK,SAAS,EACd,KAAK,cAAc,EAGnB,KAAK,UAAU,EAahB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAEL,KAAK,cAAc,EAEpB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAGL,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC/B,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EACL,mCAAmC,EACnC,0BAA0B,EAC3B,MAAM,yCAAyC,CAAC;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAkFpC,UAAU,yBAAyB;IACjC,mBAAmB,EAAE,CACnB,OAAO,EAAE,UAAU,CAAC,OAAO,mBAAmB,CAAC,CAAC,CAAC,CAAC,KAC/C,cAAc,CAAC;IACpB,kBAAkB,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrD,aAAa,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,SAAS,CAAC,CAAC;IACxD,cAAc,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACvE,kBAAkB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;IAClE,mBAAmB,EAAE,CACnB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,cAAc,KACnB,OAAO,CAAC,IAAI,CAAC,CAAC;IACnB,cAAc,EAAE,CAAC,aAAa,EAAE,MAAM,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/D,eAAe,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9E,mBAAmB,EAAE,CACnB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,MAAM,CAAC,UAAU,KACnB,OAAO,CAAC,MAAM,CAAC,CAAC;IACrB,sBAAsB,EAAE,CACtB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EACrB,GAAG,EAAE,MAAM,CAAC,UAAU,KACnB,OAAO,CAAC,cAAc,CAAC,CAAC;IAC7B,iBAAiB,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACzC,QAAQ,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5C,aAAa,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,aAAa,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IACzE,kBAAkB,EAAE,CAClB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,yBAAyB,KAC/B,OAAO,CAAC,8BAA8B,CAAC,CAAC;IAC7C,mCAAmC,EAAE,OAAO,mCAAmC,CAAC;IAChF,0BAA0B,EAAE,OAAO,0BAA0B,CAAC;IAC9D,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC;CAC/B;AAo0DD,wBAAgB,mBAAmB,CACjC,SAAS,GAAE,OAAO,CAAC,yBAAyB,CAAM,GACjD,OAAO,CAsKT"}
|