@opencode_weave/weave 0.5.1 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -25
- package/dist/index.js +23 -6
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -21,9 +21,8 @@ Weave is a lean OpenCode plugin with multi-agent orchestration. It provides a co
|
|
|
21
21
|
- [Quick Tasks (No Plan Needed)](#quick-tasks-no-plan-needed)
|
|
22
22
|
- [Installation](#installation)
|
|
23
23
|
- [Prerequisites](#prerequisites)
|
|
24
|
-
- [Step 1:
|
|
25
|
-
- [Step 2:
|
|
26
|
-
- [Step 3: Restart OpenCode](#step-3-restart-opencode)
|
|
24
|
+
- [Step 1: Add to opencode.json](#step-1-add-to-opencodejson)
|
|
25
|
+
- [Step 2: Restart OpenCode](#step-2-restart-opencode)
|
|
27
26
|
- [Troubleshooting](#troubleshooting)
|
|
28
27
|
- [Uninstalling](#uninstalling)
|
|
29
28
|
- [Configuration](#configuration)
|
|
@@ -149,17 +148,8 @@ This package is published on [npm](https://www.npmjs.com/package/@opencode_weave
|
|
|
149
148
|
### Prerequisites
|
|
150
149
|
|
|
151
150
|
- [OpenCode](https://opencode.ai)
|
|
152
|
-
- Bun or Node.js
|
|
153
151
|
|
|
154
|
-
### Step 1:
|
|
155
|
-
|
|
156
|
-
```bash
|
|
157
|
-
bun add @opencode_weave/weave
|
|
158
|
-
# or
|
|
159
|
-
npm install @opencode_weave/weave
|
|
160
|
-
```
|
|
161
|
-
|
|
162
|
-
### Step 2: Register in opencode.json
|
|
152
|
+
### Step 1: Add to opencode.json
|
|
163
153
|
|
|
164
154
|
Add the plugin to your `opencode.json` file:
|
|
165
155
|
|
|
@@ -169,9 +159,9 @@ Add the plugin to your `opencode.json` file:
|
|
|
169
159
|
}
|
|
170
160
|
```
|
|
171
161
|
|
|
172
|
-
### Step
|
|
162
|
+
### Step 2: Restart OpenCode
|
|
173
163
|
|
|
174
|
-
The plugin loads automatically upon restart and works with zero configuration out of the box.
|
|
164
|
+
OpenCode automatically installs npm plugins at startup — no manual `bun add` or `npm install` required. The plugin loads automatically upon restart and works with zero configuration out of the box.
|
|
175
165
|
|
|
176
166
|
### Troubleshooting
|
|
177
167
|
|
|
@@ -194,15 +184,7 @@ Delete the `@opencode_weave/weave` entry from the `plugin` array in your `openco
|
|
|
194
184
|
}
|
|
195
185
|
```
|
|
196
186
|
|
|
197
|
-
### Step 2:
|
|
198
|
-
|
|
199
|
-
```bash
|
|
200
|
-
bun remove @opencode_weave/weave
|
|
201
|
-
# or
|
|
202
|
-
npm uninstall @opencode_weave/weave
|
|
203
|
-
```
|
|
204
|
-
|
|
205
|
-
### Step 3: Clean up project artifacts (optional)
|
|
187
|
+
### Step 2: Clean up project artifacts (optional)
|
|
206
188
|
|
|
207
189
|
Weave may have created plan and state files during usage. Remove them if no longer needed:
|
|
208
190
|
|
|
@@ -216,7 +198,7 @@ You can also remove any project-level configuration if present:
|
|
|
216
198
|
rm -f .opencode/weave-opencode.jsonc .opencode/weave-opencode.json
|
|
217
199
|
```
|
|
218
200
|
|
|
219
|
-
### Step
|
|
201
|
+
### Step 3: Clean up user-level configuration (optional)
|
|
220
202
|
|
|
221
203
|
If you no longer use Weave in any project, remove the global configuration:
|
|
222
204
|
|
package/dist/index.js
CHANGED
|
@@ -525,7 +525,7 @@ FORMAT RULES:
|
|
|
525
525
|
- Use /start-work to hand off to Tapestry for todo-list driven execution of multi-step plans
|
|
526
526
|
- Use shuttle for category-specific specialized work
|
|
527
527
|
- Use Weft for reviewing completed work or validating plans before execution
|
|
528
|
-
- MUST use Warp for security audits when changes touch auth, crypto, certificates, tokens, signatures,
|
|
528
|
+
- MUST use Warp for security audits when changes touch auth, crypto, certificates, tokens, signatures, input validation, secrets, passwords, sessions, CORS, CSP, .env files, or OAuth/OIDC/SAML flows — not optional. When in doubt, invoke Warp — false positives (fast APPROVE) are cheap.
|
|
529
529
|
- Delegate aggressively to keep your context lean
|
|
530
530
|
</Delegation>
|
|
531
531
|
|
|
@@ -573,6 +573,15 @@ For complex tasks that benefit from structured planning before execution:
|
|
|
573
573
|
- /start-work loads the plan, creates work state at \`.weave/state.json\`, and switches to Tapestry
|
|
574
574
|
- Tapestry reads the plan and works through tasks, marking checkboxes as it goes
|
|
575
575
|
4. RESUME: If work was interrupted, \`/start-work\` resumes from the last unchecked task
|
|
576
|
+
5. POST-EXECUTION REVIEW (MANDATORY — NO SKIP CONDITIONS):
|
|
577
|
+
After Tapestry reports all tasks complete, you MUST run this gate before reporting success to the user:
|
|
578
|
+
a. Run \`git diff --stat\` to identify all changed files
|
|
579
|
+
b. Delegate to Weft (quality review) AND Warp (security audit) in parallel
|
|
580
|
+
c. Warp self-triages: if no security-relevant changes, it fast-exits with APPROVE — so always invoke it
|
|
581
|
+
d. If Weft or Warp REJECT → address blocking issues, then re-run the rejecting reviewer
|
|
582
|
+
e. Only report success to the user after BOTH Weft and Warp APPROVE
|
|
583
|
+
- This step has NO skip conditions. Not for small changes, not for user request, not for time pressure.
|
|
584
|
+
- Skipping this step is a workflow violation.
|
|
576
585
|
|
|
577
586
|
When to use this workflow vs. direct execution:
|
|
578
587
|
- USE plan workflow: Large features, multi-file refactors, anything with 5+ steps or architectural decisions
|
|
@@ -580,19 +589,26 @@ When to use this workflow vs. direct execution:
|
|
|
580
589
|
</PlanWorkflow>
|
|
581
590
|
|
|
582
591
|
<ReviewWorkflow>
|
|
583
|
-
|
|
592
|
+
Two review modes — different rules for each:
|
|
593
|
+
|
|
594
|
+
**Post-Plan-Execution Review (after PlanWorkflow Step 5):**
|
|
595
|
+
- ALWAYS mandatory. No skip conditions. See PlanWorkflow Step 5 for the full protocol.
|
|
596
|
+
- ALWAYS delegate to BOTH Weft (quality) AND Warp (security) in parallel
|
|
597
|
+
- Warp self-triages: fast-exits with APPROVE if no security-relevant changes detected
|
|
598
|
+
- Both must APPROVE before reporting success to the user
|
|
599
|
+
|
|
600
|
+
**Ad-Hoc Review (non-plan work):**
|
|
584
601
|
- Delegate to Weft to review the changes
|
|
585
602
|
- Weft is read-only and approval-biased — it rejects only for real problems
|
|
586
603
|
- If Weft approves: proceed confidently
|
|
587
604
|
- If Weft rejects: address the specific blocking issues, then re-review
|
|
588
605
|
|
|
589
|
-
When to invoke Weft:
|
|
590
|
-
- After completing a multi-step plan
|
|
606
|
+
When to invoke ad-hoc Weft:
|
|
591
607
|
- After any task that touches 3+ files
|
|
592
608
|
- Before shipping to the user when quality matters
|
|
593
609
|
- When you're unsure if work meets acceptance criteria
|
|
594
610
|
|
|
595
|
-
When to skip Weft:
|
|
611
|
+
When to skip ad-hoc Weft:
|
|
596
612
|
- Single-file trivial changes
|
|
597
613
|
- User explicitly says "skip review"
|
|
598
614
|
- Simple question-answering (no code changes)
|
|
@@ -688,7 +704,8 @@ When activated by /start-work with a plan file:
|
|
|
688
704
|
d. Mark complete: use Edit tool to change \`- [ ]\` to \`- [x]\` in the plan file
|
|
689
705
|
e. Report: "Completed task N/M: [title]"
|
|
690
706
|
4. CONTINUE to the next unchecked task
|
|
691
|
-
5. When ALL checkboxes are checked, report final summary
|
|
707
|
+
5. When ALL checkboxes are checked, report final summary and include:
|
|
708
|
+
"All tasks complete. **Post-execution review required** — Loom must run Weft and Warp before reporting success."
|
|
692
709
|
|
|
693
710
|
NEVER stop mid-plan unless explicitly told to or completely blocked.
|
|
694
711
|
</PlanExecution>
|