@open-agent-toolkit/cli 0.1.50 → 0.1.52
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/assets/agents/oat-phase-implementer.md +16 -5
- package/assets/docs/cli-utilities/configuration.md +1 -1
- package/assets/docs/cli-utilities/workflow-gates.md +1 -1
- package/assets/docs/provider-sync/commands.md +29 -1
- package/assets/docs/provider-sync/providers.md +13 -4
- package/assets/docs/provider-sync/scope-and-surface.md +13 -0
- package/assets/docs/reference/cli-reference.md +2 -2
- package/assets/docs/workflows/projects/hill-checkpoints.md +1 -1
- package/assets/docs/workflows/projects/implementation-execution.md +34 -3
- package/assets/docs/workflows/projects/lifecycle.md +9 -0
- package/assets/docs/workflows/projects/reviews.md +18 -1
- package/assets/public-package-versions.json +4 -4
- package/assets/skills/oat-agent-instructions-analyze/references/docs/provider-reference.md +8 -2
- package/assets/skills/oat-agent-instructions-apply/references/docs/provider-reference.md +8 -2
- package/assets/skills/oat-project-implement/SKILL.md +196 -67
- package/assets/skills/oat-project-import-plan/SKILL.md +6 -6
- package/assets/skills/oat-project-next/SKILL.md +8 -1
- package/assets/skills/oat-project-plan/SKILL.md +6 -6
- package/assets/skills/oat-project-plan-writing/SKILL.md +13 -10
- package/assets/skills/oat-project-pr-final/SKILL.md +8 -1
- package/assets/skills/oat-project-quick-start/SKILL.md +5 -5
- package/assets/skills/oat-project-review-provide/SKILL.md +27 -9
- package/dist/commands/config/index.d.ts.map +1 -1
- package/dist/commands/config/index.js +34 -9
- package/dist/commands/doctor/index.d.ts.map +1 -1
- package/dist/commands/doctor/index.js +148 -85
- package/dist/commands/gate/index.js +1 -1
- package/dist/commands/project/dispatch-ceiling/index.d.ts.map +1 -1
- package/dist/commands/project/dispatch-ceiling/index.js +80 -0
- package/dist/commands/providers/codex/materialize.d.ts.map +1 -1
- package/dist/commands/providers/codex/materialize.js +31 -15
- package/dist/config/oat-config.d.ts +9 -1
- package/dist/config/oat-config.d.ts.map +1 -1
- package/dist/config/oat-config.js +55 -4
- package/dist/config/resolve.d.ts.map +1 -1
- package/dist/config/resolve.js +7 -3
- package/dist/providers/codex/codec/config-merge.d.ts +8 -2
- package/dist/providers/codex/codec/config-merge.d.ts.map +1 -1
- package/dist/providers/codex/codec/config-merge.js +17 -2
- package/dist/providers/codex/codec/sync-extension.d.ts.map +1 -1
- package/dist/providers/codex/codec/sync-extension.js +14 -4
- package/package.json +2 -2
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: oat-phase-implementer
|
|
3
|
-
version: 1.0.
|
|
3
|
+
version: 1.0.5
|
|
4
4
|
description: Acts as a phase coordinator that dispatches one exact target-pinned task worker at a time, or executes exactly one bounded Task Scope when dispatched as a worker. Used by oat-project-implement.
|
|
5
5
|
tools: Read, Write, Edit, Bash, Grep, Glob, Task
|
|
6
6
|
color: cyan
|
|
@@ -148,10 +148,12 @@ downgrade for a managed task.
|
|
|
148
148
|
|
|
149
149
|
#### 4. Build the Exact Invocation Before Logging
|
|
150
150
|
|
|
151
|
-
- Codex: use `providers.codex.dispatchArgs.variant` as the actual `agent_type
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
151
|
+
- Codex: use `providers.codex.dispatchArgs.variant` as the actual `agent_type`
|
|
152
|
+
and attempt the exact materialized `agent_type` first. Only explicit
|
|
153
|
+
pre-start native role-selection rejection of that exact `agent_type`, before
|
|
154
|
+
any child starts, permits a fresh pinned fallback: launch a fresh Codex child
|
|
155
|
+
pinned to `selection.target.model` and `selection.target.effort` with these
|
|
156
|
+
canonical instructions and the Task Scope. If neither exact route is
|
|
155
157
|
available, block.
|
|
156
158
|
- Claude: pass `providers.claude.dispatchArgs.model` as the actual Task `model`.
|
|
157
159
|
- Cursor: pass `providers.cursor.dispatchArgs.model` byte-for-byte as the actual
|
|
@@ -163,6 +165,15 @@ transient retry must reuse the same exact role/model/effort payload. A
|
|
|
163
165
|
substantive escalation must re-resolve another configured candidate without
|
|
164
166
|
exceeding the same named maximum.
|
|
165
167
|
|
|
168
|
+
The launcher-owned `target`, `model_axis`, and `effort_axis` come only from the
|
|
169
|
+
resolver output and constructed invocation payload. They are immutable and
|
|
170
|
+
must not be populated, replaced, or contradicted by worker self-report. Spawn
|
|
171
|
+
acceptance confirms that configured invocation; worker output is only task
|
|
172
|
+
outcome data. Missing telemetry, missing self-report, and accepted terminal
|
|
173
|
+
results including `BLOCKED` never trigger fallback. Once a child starts, every
|
|
174
|
+
terminal result is authoritative for that attempt and is not native
|
|
175
|
+
role-selection rejection.
|
|
176
|
+
|
|
166
177
|
#### 5. Dispatch and Verify Serially
|
|
167
178
|
|
|
168
179
|
Run one exact task worker at a time, serially in the same worktree:
|
|
@@ -453,7 +453,7 @@ Workflow preference keys live under the `workflow.*` namespace:
|
|
|
453
453
|
- `workflow.hillCheckpointDefault` — `every` or `final`. Default HiLL checkpoint behavior in `oat-project-implement`: pause after every phase or only after the last phase. When unset, the skill prompts.
|
|
454
454
|
- `workflow.archiveOnComplete` — boolean. Skip the "Archive after completion?" prompt in `oat-project-complete`. When unset, the skill prompts.
|
|
455
455
|
- `workflow.createPrOnComplete` — boolean. Skip the "Open a PR?" prompt in `oat-project-complete`; when true, completion auto-triggers PR creation. When unset, the skill prompts.
|
|
456
|
-
- `workflow.postImplementSequence` — `wait`, `summary`, `pr`, or `docs-pr
|
|
456
|
+
- `workflow.postImplementSequence` — legacy `wait`, `summary`, `pr`, or `docs-pr`, or `{ "preApproval": [...], "postApproval": [...] }`. Legacy values remain strings; structured arrays contain ordered, globally unique `summary`, `document`, and `pr` steps. Pre-approval steps run after final review and before final HiLL approval; post-approval steps run only after that approval. Plain retrieval keeps legacy strings and prints structured values as compact JSON; `--json` returns the raw value.
|
|
457
457
|
- `workflow.reviewExecutionModel` — `subagent`, `inline`, or `fresh-session`. Default final-review execution model in `oat-project-implement`. `subagent` and `inline` run automatically. `fresh-session` is a soft preference: the skill prints guidance to run the review in another session but still offers escape hatches to `subagent` or `inline` if you change your mind. When unset, the skill prompts.
|
|
458
458
|
- `workflow.autoReviewAtHillCheckpoints` — boolean. Automatically run the extra lifecycle review when a HiLL checkpoint is reached. This does not control Tier 1 per-phase `oat-reviewer` gates, which run after each phase in Tier 1 regardless of this setting. When unset, the skill prompts.
|
|
459
459
|
- `workflow.autoNarrowReReviewScope` — boolean. Auto-narrow re-review scope to fix-task commits only in `oat-project-review-provide`. When unset, the skill prompts.
|
|
@@ -518,7 +518,7 @@ Gate failure behavior is owned by the gate-aware skill:
|
|
|
518
518
|
available target. Once a target actually runs, its exit code is the gate result;
|
|
519
519
|
OAT does not try another target after a failed review.
|
|
520
520
|
|
|
521
|
-
Gate target execution has a child-process timeout (default
|
|
521
|
+
Gate target execution has a child-process timeout (default 15 minutes, override
|
|
522
522
|
with `OAT_GATE_EXEC_TIMEOUT_MS`). When a review target times out, JSON output
|
|
523
523
|
reports `status: review_failed`, `outcome: review_did_not_complete`,
|
|
524
524
|
`timedOut: true`, and the timeout value so automation can distinguish a hung
|
|
@@ -21,7 +21,7 @@ These command definitions inherit the cross-cutting CLI conventions in:
|
|
|
21
21
|
|
|
22
22
|
- What it does: defines the day-to-day provider-sync command surface for inspecting state, reconciling provider views, and changing provider enablement.
|
|
23
23
|
- When to use it: after you have canonical assets in place and need to check sync state, write provider views, or change provider config.
|
|
24
|
-
- Primary commands: `oat status`, `oat sync`, `oat providers list`, `oat providers inspect`, `oat providers set`
|
|
24
|
+
- Primary commands: `oat status`, `oat sync`, `oat providers list`, `oat providers inspect`, `oat providers set`, `oat providers codex materialize`
|
|
25
25
|
|
|
26
26
|
## `oat status`
|
|
27
27
|
|
|
@@ -71,6 +71,34 @@ Key behavior:
|
|
|
71
71
|
- Options: `--enabled <providers>`, `--disabled <providers>` (comma-separated)
|
|
72
72
|
- Changes take effect on next `oat sync`
|
|
73
73
|
|
|
74
|
+
## `oat providers codex materialize`
|
|
75
|
+
|
|
76
|
+
Purpose:
|
|
77
|
+
|
|
78
|
+
- Materialize one canonical Markdown agent as a Codex TOML role and register it
|
|
79
|
+
in Codex configuration
|
|
80
|
+
|
|
81
|
+
Required operands:
|
|
82
|
+
|
|
83
|
+
```bash
|
|
84
|
+
oat providers codex materialize <agent-name> \
|
|
85
|
+
--model <model-id> \
|
|
86
|
+
--effort <reasoning-effort>
|
|
87
|
+
```
|
|
88
|
+
|
|
89
|
+
Key behavior:
|
|
90
|
+
|
|
91
|
+
- Project scope is the default and writes only `.codex/config.toml` plus the
|
|
92
|
+
project role file; `--scope user` writes only under `~/.codex`
|
|
93
|
+
- `--agent-path` selects a specific canonical agent and `--role-name` overrides
|
|
94
|
+
the generated role name
|
|
95
|
+
- Managed role registration enables multi-agent support and merges an
|
|
96
|
+
`agents.max_depth` floor of `2`
|
|
97
|
+
- Project writes preserve a higher existing project depth or inherited user
|
|
98
|
+
depth without mutating user configuration; user writes do not inspect or
|
|
99
|
+
mutate project configuration
|
|
100
|
+
- Existing unrelated Codex configuration and custom roles are preserved
|
|
101
|
+
|
|
74
102
|
## Notes
|
|
75
103
|
|
|
76
104
|
- `oat init --scope project` is commonly used before provider-interop commands because it initializes `.oat/sync/config.json`.
|
|
@@ -61,6 +61,9 @@ description: 'Provider-specific path mappings for Claude, Cursor, Copilot, Gemin
|
|
|
61
61
|
- Codex `max` is a first-class dispatch effort. It is present only for the Sol family in the committed supported catalogue, for both implementer and reviewer roles.
|
|
62
62
|
- Codex multi-agent dispatch uses config-defined roles (`[agents.<name>]`) and `agent_type`
|
|
63
63
|
- Codex subagent workflows require `[features] multi_agent = true` in active Codex config layers
|
|
64
|
+
- Managed Codex roles require `agents.max_depth >= 2` for the native topology: root (depth 0) → phase coordinator (depth 1) → task worker (depth 2). Sync and direct materialization merge that floor without lowering a higher target value; project writes also preserve a higher inherited user value.
|
|
65
|
+
- Project sync or materialization writes only the project's `.codex/config.toml`; explicit user-scope materialization writes only `~/.codex/config.toml`. Project scope may read the lower-precedence user depth, but never mutates user configuration.
|
|
66
|
+
- When managed roles exist and effective depth is missing, invalid, or below `2`, `oat doctor` and managed implementation preflight explain the topology and recommend `oat sync --scope project` or `oat sync --scope user` for the affected scope. Direct materialization with the same scope is the single-role repair path.
|
|
64
67
|
- `oat-phase-implementer` is dual-mode: Phase Scope makes it a phase coordinator, while Task Scope makes the exact materialized variant a one-task worker. The coordinator does not implement ordinary tasks itself.
|
|
65
68
|
|
|
66
69
|
## Managed dispatch views
|
|
@@ -84,10 +87,16 @@ that repository change.
|
|
|
84
87
|
|
|
85
88
|
At implementation time, the phase coordinator passes the recorded named
|
|
86
89
|
maximum through invocation-only `--ceiling-tier`, resolves one exact candidate
|
|
87
|
-
per bounded task, and dispatches one task worker at a time. Codex
|
|
88
|
-
resolver-returned materialized role
|
|
89
|
-
|
|
90
|
-
|
|
90
|
+
per bounded task, and dispatches one task worker at a time. Codex first
|
|
91
|
+
attempts the resolver-returned materialized role as the native `agent_type`.
|
|
92
|
+
The launcher records the target, model axis, and effort axis from that resolved
|
|
93
|
+
payload; worker self-report is not provenance and cannot replace those values.
|
|
94
|
+
Only an explicit pre-start native role-selection rejection permits a fresh
|
|
95
|
+
pinned-child fallback. An accepted child, including one that later returns
|
|
96
|
+
`BLOCKED` or lacks telemetry, is a task outcome rather than a fallback signal.
|
|
97
|
+
Claude and Cursor bind the exact model arguments described above. A missing or
|
|
98
|
+
unselectable managed target blocks rather than falling back to the coordinator
|
|
99
|
+
or a base role.
|
|
91
100
|
|
|
92
101
|
## Scope rules
|
|
93
102
|
|
|
@@ -48,9 +48,22 @@ Rules are currently project-scoped canonical content. Unlike skills and agents,
|
|
|
48
48
|
- `oat init --scope project` (interactive) prompts for supported providers and persists explicit true/false values.
|
|
49
49
|
- `oat sync --scope project` uses config-aware provider activation and can prompt to remediate detected mismatches.
|
|
50
50
|
- Codex project-scope subagent sync writes `.codex/config.toml` and `.codex/agents/*.toml` at command layer after path-mapping sync. Every generated project Codex variant and registration is repository-owned, version-controlled provider output. OAT provides no automatic ignore mechanism for this project output; collaborators review and commit it like other project configuration.
|
|
51
|
+
- Managed Codex roles require an effective `agents.max_depth` of at least `2` for `root (0) → phase coordinator (1) → task worker (2)`. Sync and direct materialization apply that floor without lowering a higher target value. A project write may read a higher lower-precedence user value and preserves it in the project configuration; it writes only project `.codex/config.toml`. User scope writes only `~/.codex/config.toml` and does not read or change project configuration.
|
|
52
|
+
- If a managed role has missing, invalid, or insufficient effective depth, `oat doctor` and managed implementation preflight report the topology and give a scope-specific repair: `oat sync --scope project` for project scope or `oat sync --scope user` for user scope. For a single role, use `oat providers codex materialize` with the same explicit scope.
|
|
51
53
|
- Codex aggregate config drift is reported via sync/status extension metadata (`aggregateConfigHash`); it is not persisted as a separate manifest schema entry.
|
|
52
54
|
- Codex user-config materialization writes user-owned implementer and reviewer roles under the user provider directory, `~/.codex`; it does not write those roles into the repository.
|
|
53
55
|
|
|
56
|
+
## Codex managed dispatch
|
|
57
|
+
|
|
58
|
+
For managed Codex work, the resolver-returned materialized role is attempted as
|
|
59
|
+
the native `agent_type` first. The launcher owns the resulting target, model,
|
|
60
|
+
and reasoning-effort provenance, derived from the resolved candidate and
|
|
61
|
+
compiled invocation payload; worker output cannot populate or overwrite it.
|
|
62
|
+
A fresh pinned child is allowed only after explicit pre-start native
|
|
63
|
+
role-selection rejection. Missing runtime telemetry, missing self-report, or a
|
|
64
|
+
child accepted by the native route that later returns `BLOCKED` are not
|
|
65
|
+
role-selection rejection and do not permit fallback.
|
|
66
|
+
|
|
54
67
|
## Non-interop namespaces in the same CLI
|
|
55
68
|
|
|
56
69
|
- `oat project new <name>` (workflow/project scaffolding)
|
|
@@ -66,7 +66,7 @@ Notable commands introduced in the current CLI surface:
|
|
|
66
66
|
- `oat project complete-state <project-path>` - apply the canonical completed-state mutation to a project's `state.md`; used by `oat-project-complete` during lifecycle closeout
|
|
67
67
|
- `oat project archive [project-path]` - archive a tracked project through the same local move, summary export, and optional S3 upload path used by completion. When omitted, the project path falls back to the active project.
|
|
68
68
|
- `oat repo archive sync [project-name]` - hydrate archived project snapshots from the configured repo-scoped S3 archive into `.oat/projects/archived/`. The old `oat project archive sync` path remains as a deprecated shim.
|
|
69
|
-
- `oat project validate-plan --project-path <path>` - validates `oat_plan_parallel_groups` metadata in `plan.md`; exits non-zero on invalid. See [Implementation Execution](../workflows/projects/implementation-execution.md#
|
|
69
|
+
- `oat project validate-plan --project-path <path>` - validates `oat_plan_parallel_groups` metadata in `plan.md`; exits non-zero on invalid. See [Implementation Execution](../workflows/projects/implementation-execution.md#plan-declared-parallelism).
|
|
70
70
|
- `oat project set-mode` — deprecated no-op. Execution mode is no longer user-selectable; emits a deprecation warning and preserves the `--json` contract.
|
|
71
71
|
- `oat gate review <prompt...>` - run a stateful OAT review through the target registry, parse the produced review artifact, and exit nonzero for configured blocking findings. With `--json`, the result envelope on exit is the canonical completion signal: `status` is `ok` | `blocked` | `review_failed` | `artifact_validation_failed` | `targeting_correlation_failed`, alongside `runId`, `generatedAt`, and `artifactPath` when available. Invoke `oat-project-review-receive` only when all three conditions hold: `status` is `ok` or `blocked`, `receiveEligible` is `true`, and `handoff` is non-null. For `artifact_validation_failed`, correct the artifact and rerun the gate for successful revalidation before receive. `targeting_correlation_failed` sets `receiveEligible: false`; do not run review-receive even if it reports an artifact path. Orchestrators should read the structured result rather than poll the filesystem. The command runs standalone (for example, `--review-scope final`), not only inside `oat-project-implement`. See [Workflow Gates → Gate completion signal](../cli-utilities/workflow-gates.md#gate-completion-signal).
|
|
72
72
|
- `oat gate target set <id> --invocation-model <model|provider-default> --invocation-reasoning-effort <effort|provider-default>` - persist optional configured invocation metadata alongside an exec target without inferring it from the target command.
|
|
@@ -92,7 +92,7 @@ The `workflow.*` namespace holds user-facing workflow preferences that let you a
|
|
|
92
92
|
- `workflow.hillCheckpointDefault` (`every` | `final`) — default HiLL checkpoint behavior in `oat-project-implement`
|
|
93
93
|
- `workflow.archiveOnComplete` (`boolean`) — skip the archive prompt in `oat-project-complete`
|
|
94
94
|
- `workflow.createPrOnComplete` (`boolean`) — skip the "Open a PR?" prompt in `oat-project-complete`
|
|
95
|
-
- `workflow.postImplementSequence` (`wait` | `summary` | `pr` | `docs-pr`) — post-implementation chaining
|
|
95
|
+
- `workflow.postImplementSequence` (legacy `wait` | `summary` | `pr` | `docs-pr`, or structured `{preApproval, postApproval}` arrays) — approval-aware post-implementation chaining
|
|
96
96
|
- `workflow.reviewExecutionModel` (`subagent` | `inline` | `fresh-session`) — default final-review execution model
|
|
97
97
|
- `workflow.autoReviewAtHillCheckpoints` (`boolean`) — auto-run the extra lifecycle review at HiLL checkpoints
|
|
98
98
|
- `workflow.autoNarrowReReviewScope` (`boolean`) — auto-narrow re-review scope to fix-task commits
|
|
@@ -10,7 +10,7 @@ OAT supports two checkpoint classes:
|
|
|
10
10
|
- Workflow phase checkpoints
|
|
11
11
|
- Plan phase checkpoints
|
|
12
12
|
|
|
13
|
-
The [
|
|
13
|
+
The [Phase gate review](reviews.md#phase-review-gate) (`oat_phase_review_gate`) is a separate, non-pausing mechanism — it does not pause on a passing gate and never modifies the HiLL keys below (`oat_hill_completed`, `oat_plan_hill_phases`).
|
|
14
14
|
|
|
15
15
|
## Workflow checkpoints (`state.md`)
|
|
16
16
|
|
|
@@ -113,6 +113,19 @@ An unresolved non-interactive preflight blocks. Managed `Uncapped` and
|
|
|
113
113
|
`Inherit Host Defaults` are explicit modes; omitted policy state is not an
|
|
114
114
|
implicit fallback.
|
|
115
115
|
|
|
116
|
+
For a managed Codex implementer, preflight also resolves the effective
|
|
117
|
+
`agents.max_depth`. Native `root (0) → phase coordinator (1) → task worker (2)`
|
|
118
|
+
execution requires a depth of at least `2`. Missing, invalid, or lower values
|
|
119
|
+
block before dispatch and identify the owning scope:
|
|
120
|
+
|
|
121
|
+
- Project scope: run `oat sync --scope project`
|
|
122
|
+
- User scope: run `oat sync --scope user`
|
|
123
|
+
- Single-role repair: rerun `oat providers codex materialize` with the required
|
|
124
|
+
agent name, model, effort, and matching scope
|
|
125
|
+
|
|
126
|
+
Project preflight may inherit a valid higher user depth, but remediation never
|
|
127
|
+
writes across the project/user boundary.
|
|
128
|
+
|
|
116
129
|
## Resolve the Effective Named Maximum
|
|
117
130
|
|
|
118
131
|
For each phase, the orchestrator determines the task maximum:
|
|
@@ -202,9 +215,14 @@ candidate above the maximum or absent from the configured ladder blocks.
|
|
|
202
215
|
Build the complete host payload before writing dispatch logs:
|
|
203
216
|
|
|
204
217
|
- **Codex:** use `providers.codex.dispatchArgs.variant` as the actual
|
|
205
|
-
`agent_type`.
|
|
206
|
-
|
|
207
|
-
|
|
218
|
+
`agent_type`. An accepted launch with that exact materialized role is
|
|
219
|
+
authoritative evidence of the configured invocation for coordinators and
|
|
220
|
+
task workers. A fresh Codex child pinned to `selection.target.model` and
|
|
221
|
+
`selection.target.effort` is permitted only after an actual native
|
|
222
|
+
role-selection rejection; missing self-reporting or model/effort telemetry
|
|
223
|
+
does not justify the fallback. An accepted child, including one that later
|
|
224
|
+
returns `BLOCKED`, is a task outcome and never triggers another pinned-child
|
|
225
|
+
fallback.
|
|
208
226
|
- **Claude:** pass `providers.claude.dispatchArgs.model` as the actual Task
|
|
209
227
|
`model`. Its separate effort axis is `not-applicable`.
|
|
210
228
|
- **Cursor:** pass `providers.cursor.dispatchArgs.model` byte-for-byte as the
|
|
@@ -238,6 +256,14 @@ Configured defaults and configured gate invocation remain distinct from runtime
|
|
|
238
256
|
identity; when runtime identity is not observed, the report says so without
|
|
239
257
|
weakening exact requested model or effort controls.
|
|
240
258
|
|
|
259
|
+
After constructing the complete payload, the launcher records the selected
|
|
260
|
+
target and requested model/effort controls in the report. Those configured
|
|
261
|
+
invocation fields are launcher-owned and derive from resolver output plus the
|
|
262
|
+
actual payload; worker output cannot populate or overwrite them. Optional
|
|
263
|
+
coordinator or worker self-report remains non-authoritative runtime evidence.
|
|
264
|
+
Runtime attestation, when available, is separate host-generated metadata rather
|
|
265
|
+
than an agent claim.
|
|
266
|
+
|
|
241
267
|
## Task Scope and Commit Verification
|
|
242
268
|
|
|
243
269
|
Each worker receives only one task:
|
|
@@ -348,6 +374,11 @@ context. An unresolved or verification-failing conflict stops fan-in.
|
|
|
348
374
|
|
|
349
375
|
## Phase Review Gate and HiLL
|
|
350
376
|
|
|
377
|
+
Phase gate review is independent from HiLL: a configured passing gate continues
|
|
378
|
+
automatically, while a HiLL checkpoint pauses for human approval. For the final
|
|
379
|
+
phase, approval-aware post-implementation sequences run pre-approval work only
|
|
380
|
+
after final review and post-approval work only after the recorded approval.
|
|
381
|
+
|
|
351
382
|
After standard review passes and bookkeeping is committed, an enabled
|
|
352
383
|
`oat_phase_review_gate` may run a target-neutral external review for the phase.
|
|
353
384
|
Passing artifacts are still received for durable disposition; blocking
|
|
@@ -84,6 +84,15 @@ This distinction matters during completion: `oat-project-complete` can skip the
|
|
|
84
84
|
|
|
85
85
|
### Auto-review at HiLL checkpoints
|
|
86
86
|
|
|
87
|
+
### Approval-aware post-implementation sequencing
|
|
88
|
+
|
|
89
|
+
`workflow.postImplementSequence` can use the legacy string values or a structured
|
|
90
|
+
`{ preApproval, postApproval }` value. After the final review passes, OAT
|
|
91
|
+
snapshots the effective sequence, runs ordered pre-approval steps, records final
|
|
92
|
+
HiLL approval, and only then runs post-approval steps. The snapshot is
|
|
93
|
+
restart-safe: an incomplete sequence routes back to implementation and resumes
|
|
94
|
+
from its first incomplete step.
|
|
95
|
+
|
|
87
96
|
When `workflow.autoReviewAtHillCheckpoints` is enabled or `plan.md` frontmatter sets `oat_auto_review_at_hill_checkpoints`, completing a HiLL checkpoint automatically runs the extra lifecycle review scoped to every implementation phase not already covered by a passed whole-phase code review, through the just-completed checkpoint. Mid-implementation multi-phase reviews use inclusive phase-range scopes such as `p02-p03`; the final implementation checkpoint uses `code final`. The review uses auto-disposition mode (minors auto-converted to fix tasks, no user prompts). Disabled by default. Legacy `autoReviewAtCheckpoints` and `oat_auto_review_at_checkpoints` are still read as fallbacks. This does not control Tier 1 per-phase `oat-reviewer` gates.
|
|
88
97
|
|
|
89
98
|
### Phase-review setup during planning
|
|
@@ -207,7 +207,24 @@ Final review `passed` gate requires:
|
|
|
207
207
|
- Project-scope Codex role files are generated from canonical `.agents/agents/*.md` during `oat sync --scope project`.
|
|
208
208
|
- User-config Codex roles materialize under `~/.codex`; project-config and supported-catalogue roles remain in the project-scoped, version-controlled `.codex` view.
|
|
209
209
|
- Some Codex hosts require explicit user authorization before the skill may call `spawn_agent`. In those hosts, `oat-project-review-provide` should ask whether to delegate to `oat-reviewer` instead of reporting the reviewer as unresolved.
|
|
210
|
-
-
|
|
210
|
+
- An accepted launch using the exact materialized `agent_type` is authoritative
|
|
211
|
+
configured-invocation evidence for a reviewer. After the complete payload
|
|
212
|
+
is built, the launcher records its `target`, `model_axis`, and
|
|
213
|
+
`effort_axis`; reviewer self-report cannot supply or overwrite those
|
|
214
|
+
fields. Optional self-report is non-authoritative, while runtime
|
|
215
|
+
attestation is host-generated metadata.
|
|
216
|
+
- A fresh pinned CLI child is a fallback only for an actual native
|
|
217
|
+
role-selection rejection, never for absent self-reporting or model/effort
|
|
218
|
+
telemetry. A child accepted by the native host, including one that later
|
|
219
|
+
returns `BLOCKED`, has produced a review outcome and cannot trigger the
|
|
220
|
+
fallback.
|
|
221
|
+
- An accepted reviewer that returns `BLOCKED` blocks the relevant review. It
|
|
222
|
+
cannot trigger the pinned fallback, and absent findings in that blocked
|
|
223
|
+
outcome cannot be interpreted as a pass.
|
|
224
|
+
- For unmanaged review dispatch, if subagent dispatch is unavailable, follow
|
|
225
|
+
the existing fallback path (fresh session preferred, inline reset as
|
|
226
|
+
fallback). This generic fallback does not override managed exact-target
|
|
227
|
+
rules: a managed reviewer that cannot be launched exactly blocks the review.
|
|
211
228
|
|
|
212
229
|
## Reference artifacts
|
|
213
230
|
|
|
@@ -220,6 +220,8 @@ The package manager for the agent skills ecosystem. Installs skills across 27+ a
|
|
|
220
220
|
- Enable feature flag in config:
|
|
221
221
|
- `[features]`
|
|
222
222
|
- `multi_agent = true`
|
|
223
|
+
- For OAT's nested root → coordinator → worker topology, configure
|
|
224
|
+
`[agents] max_depth = 2` or higher.
|
|
223
225
|
- Define role(s) in config:
|
|
224
226
|
- `[agents.oat-reviewer]` (or role names your workflow dispatches)
|
|
225
227
|
- Dispatch by role name using `agent_type` (not `subagent_type`).
|
|
@@ -228,8 +230,12 @@ The package manager for the agent skills ecosystem. Installs skills across 27+ a
|
|
|
228
230
|
**Note on OAT provider sync:**
|
|
229
231
|
|
|
230
232
|
- Codex runtime dispatch is config-role based (`[agents.<name>]`) and TOML-backed.
|
|
231
|
-
- OAT
|
|
232
|
-
|
|
233
|
+
- OAT sync exports canonical Markdown agents as `.codex/agents/*.toml` role
|
|
234
|
+
configs and registers them in `.codex/config.toml`.
|
|
235
|
+
- Project-scoped output is repository-owned and version controlled. Explicit
|
|
236
|
+
user-scope materialization writes under `~/.codex` instead.
|
|
237
|
+
- Sync and direct materialization merge an `agents.max_depth` floor of `2`
|
|
238
|
+
without lowering a higher project or inherited user value.
|
|
233
239
|
|
|
234
240
|
### Other Codex Resources
|
|
235
241
|
|
|
@@ -220,6 +220,8 @@ The package manager for the agent skills ecosystem. Installs skills across 27+ a
|
|
|
220
220
|
- Enable feature flag in config:
|
|
221
221
|
- `[features]`
|
|
222
222
|
- `multi_agent = true`
|
|
223
|
+
- For OAT's nested root → coordinator → worker topology, configure
|
|
224
|
+
`[agents] max_depth = 2` or higher.
|
|
223
225
|
- Define role(s) in config:
|
|
224
226
|
- `[agents.oat-reviewer]` (or role names your workflow dispatches)
|
|
225
227
|
- Dispatch by role name using `agent_type` (not `subagent_type`).
|
|
@@ -228,8 +230,12 @@ The package manager for the agent skills ecosystem. Installs skills across 27+ a
|
|
|
228
230
|
**Note on OAT provider sync:**
|
|
229
231
|
|
|
230
232
|
- Codex runtime dispatch is config-role based (`[agents.<name>]`) and TOML-backed.
|
|
231
|
-
- OAT
|
|
232
|
-
|
|
233
|
+
- OAT sync exports canonical Markdown agents as `.codex/agents/*.toml` role
|
|
234
|
+
configs and registers them in `.codex/config.toml`.
|
|
235
|
+
- Project-scoped output is repository-owned and version controlled. Explicit
|
|
236
|
+
user-scope materialization writes under `~/.codex` instead.
|
|
237
|
+
- Sync and direct materialization merge an `agents.max_depth` floor of `2`
|
|
238
|
+
without lowering a higher project or inherited user value.
|
|
233
239
|
|
|
234
240
|
### Other Codex Resources
|
|
235
241
|
|