@shenlee/devcrew 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/README.md +15 -7
  2. package/README.zh-CN.md +12 -7
  3. package/dist/packages/adapters/src/index.js +60 -7
  4. package/dist/packages/core/src/artifacts.js +14 -4
  5. package/dist/packages/core/src/config.js +1 -1
  6. package/dist/packages/core/src/paths.js +7 -6
  7. package/dist/packages/core/src/store.js +30 -0
  8. package/dist/packages/core/src/types.js +4 -1
  9. package/dist/packages/core/src/validation.js +7 -1
  10. package/dist/packages/core/src/version.js +1 -1
  11. package/dist/packages/core/src/workflow.js +70 -12
  12. package/dist/packages/orchestrator/src/index.js +230 -15
  13. package/dist/packages/plugins/src/index.js +2 -32
  14. package/dist/packages/service/src/tools.js +43 -4
  15. package/docs/claude-code.md +5 -3
  16. package/docs/codex.md +9 -5
  17. package/docs/quickstart.md +1 -1
  18. package/docs/superpowers/plans/2026-07-13-safety-semantics.md +313 -0
  19. package/docs/superpowers/specs/2026-07-13-execution-boundaries-design.md +126 -0
  20. package/docs/workflow.md +19 -4
  21. package/package.json +1 -1
  22. package/packages/adapters/src/index.ts +84 -9
  23. package/packages/core/src/artifacts.ts +16 -4
  24. package/packages/core/src/config.ts +1 -1
  25. package/packages/core/src/paths.ts +7 -6
  26. package/packages/core/src/store.ts +34 -1
  27. package/packages/core/src/types.ts +46 -2
  28. package/packages/core/src/validation.ts +10 -0
  29. package/packages/core/src/version.ts +1 -1
  30. package/packages/core/src/workflow.ts +82 -11
  31. package/packages/orchestrator/src/index.ts +252 -14
  32. package/packages/plugins/src/index.ts +2 -44
  33. package/packages/service/src/tools.ts +44 -3
  34. package/plugins/devcrew-codex/.codex-plugin/plugin.json +1 -1
  35. package/plugins/devcrew-codex/.mcp.json +1 -1
  36. package/plugins/devcrew-codex/skills/devcrew/SKILL.md +8 -7
  37. package/scripts/smoke-codex-plugin.mjs +1 -1
  38. package/plugins/devcrew-codex/agents/architect.toml +0 -12
  39. package/plugins/devcrew-codex/agents/implementer.toml +0 -12
  40. package/plugins/devcrew-codex/agents/pm.toml +0 -13
  41. package/plugins/devcrew-codex/agents/tester.toml +0 -12
@@ -9,9 +9,11 @@ import {
9
9
  import {
10
10
  answerOrchestratedWorkflow,
11
11
  approveOrchestratedWorkflow,
12
+ completeOrchestratedExecution,
12
13
  continueOrchestratedWorkflow,
13
14
  rejectOrchestratedWorkflow,
14
15
  startOrchestratedWorkflow,
16
+ waiveOrchestratedVerification,
15
17
  } from "../../orchestrator/src/index.js";
16
18
 
17
19
  export interface DevCrewTool {
@@ -73,6 +75,11 @@ export function listDevCrewTools(): DevCrewTool[] {
73
75
  enum: ["plan", "apply"],
74
76
  description: "Execution mode. Defaults to plan; apply must be explicit.",
75
77
  },
78
+ executionPolicy: {
79
+ type: "string",
80
+ enum: ["interactive-host", "headless-restricted", "headless-unattended"],
81
+ description: "Apply execution policy. Defaults to interactive-host; headless policies are explicit DevCrew SDK policies.",
82
+ },
76
83
  request: { type: "string" },
77
84
  backend: { type: "string", enum: ["codex", "claude", "local"] },
78
85
  },
@@ -105,7 +112,7 @@ export function listDevCrewTools(): DevCrewTool[] {
105
112
  properties: {
106
113
  cwd: cwdProperty,
107
114
  runId: runIdProperty,
108
- gate: { type: "string", enum: ["requirements", "architecture", "implementation", "testing"] },
115
+ gate: { type: "string", enum: ["requirements", "architecture", "implementation", "implementation-review", "testing"] },
109
116
  note: { type: "string" },
110
117
  },
111
118
  },
@@ -119,7 +126,7 @@ export function listDevCrewTools(): DevCrewTool[] {
119
126
  properties: {
120
127
  cwd: cwdProperty,
121
128
  runId: runIdProperty,
122
- gate: { type: "string", enum: ["requirements", "architecture", "implementation", "testing"] },
129
+ gate: { type: "string", enum: ["requirements", "architecture", "implementation", "implementation-review", "testing"] },
123
130
  feedback: { type: "string" },
124
131
  },
125
132
  },
@@ -133,6 +140,32 @@ export function listDevCrewTools(): DevCrewTool[] {
133
140
  properties: { cwd: cwdProperty, runId: runIdProperty },
134
141
  },
135
142
  },
143
+ {
144
+ name: "devcrew_complete_execution",
145
+ description: "Record completion by the native host for an interactive-host execution or testing step.",
146
+ inputSchema: {
147
+ type: "object",
148
+ required: ["cwd", "summary"],
149
+ properties: {
150
+ cwd: cwdProperty,
151
+ runId: runIdProperty,
152
+ summary: { type: "string" },
153
+ verification: {
154
+ type: "array",
155
+ description: "Required only when completing testing: command, exitCode, output, startedAt, and completedAt for each validation command.",
156
+ },
157
+ },
158
+ },
159
+ },
160
+ {
161
+ name: "devcrew_waive_verification",
162
+ description: "Record a reasoned risk waiver after failed apply-mode verification, then reopen the testing gate for approval.",
163
+ inputSchema: {
164
+ type: "object",
165
+ required: ["cwd", "reason"],
166
+ properties: { cwd: cwdProperty, runId: runIdProperty, reason: { type: "string" } },
167
+ },
168
+ },
136
169
  {
137
170
  name: "devcrew_artifact",
138
171
  description: "Read a generated workflow artifact.",
@@ -144,7 +177,7 @@ export function listDevCrewTools(): DevCrewTool[] {
144
177
  runId: runIdProperty,
145
178
  name: {
146
179
  type: "string",
147
- enum: ["requirements", "architecture", "implementation-plan", "implementation-review", "test-report", "acceptance"],
180
+ enum: ["requirements", "architecture", "implementation-plan", "implementation-review", "architecture-review", "test-report", "acceptance"],
148
181
  },
149
182
  },
150
183
  },
@@ -204,6 +237,14 @@ export async function callDevCrewTool(name: string, args: Record<string, unknown
204
237
  const state = await continueOrchestratedWorkflow((await withActiveRun(args)) as never);
205
238
  return success(`${summarizeState(state)}.`, { state });
206
239
  }
240
+ if (name === "devcrew_complete_execution") {
241
+ const state = await completeOrchestratedExecution((await withActiveRun(args)) as never);
242
+ return success(`${summarizeState(state)}. Native host completion recorded.`, { state });
243
+ }
244
+ if (name === "devcrew_waive_verification") {
245
+ const state = await waiveOrchestratedVerification((await withActiveRun(args)) as never);
246
+ return success(`${summarizeState(state)}. Verification waiver recorded.`, { state });
247
+ }
207
248
  if (name === "devcrew_artifact") {
208
249
  const artifact = await getArtifact((await withActiveRun(args)) as never);
209
250
  return success(artifact.content, { artifact });
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "devcrew",
3
- "version": "0.1.2",
3
+ "version": "0.1.3",
4
4
  "description": "DevCrew gated multi-role workflow service for Codex.",
5
5
  "author": {
6
6
  "name": "DevCrew Contributors",
@@ -6,7 +6,7 @@
6
6
  "exec",
7
7
  "--silent",
8
8
  "--yes",
9
- "--package=@shenlee/devcrew@0.1.2",
9
+ "--package=@shenlee/devcrew@0.1.3",
10
10
  "--",
11
11
  "node",
12
12
  "-e",
@@ -5,13 +5,14 @@ description: Run the DevCrew PM -> architecture -> implementation -> testing wor
5
5
 
6
6
  Use the DevCrew MCP tools to manage the workflow:
7
7
 
8
- 1. Start with `devcrew_start` using the current repository cwd, mode, request, and optional executionMode. Host is inferred from the plugin's `DEVCREW_HOST`; pass host only for an explicit override. Omit executionMode unless the requester explicitly asks DevCrew to apply changes; the default safe mode is `plan`.
9
- 2. After start, DevCrew records the active run for this repository. For follow-up tools, omit runId unless you need to target a different run explicitly.
10
- 3. Use `executionMode: "apply"` only when the requester explicitly wants DevCrew to write code or run validation commands. This still inherits host sandbox, approval, and tool permissions.
11
- 4. Use `devcrew_status` to show the current phase and pending gate.
8
+ 1. Start with `devcrew_start` using the current repository cwd, mode, request, and optional `executionMode`. Host is inferred from the plugin's `DEVCREW_HOST`; pass host only for an explicit override. Omit `executionMode` unless the requester explicitly asks DevCrew to apply changes; the default safe mode is `plan`.
9
+ 2. After start, DevCrew records the active run for this repository. For follow-up tools, omit `runId` unless you need to target a different run explicitly.
10
+ 3. For `executionMode: "apply"`, choose an explicit `executionPolicy`. The default `interactive-host` pauses at implementation and testing for the host's native agent to work in DevCrew's isolated worktree. `headless-restricted` and `headless-unattended` are DevCrew SDK policies; they do not inherit the current host approval session.
11
+ 4. Use `devcrew_status` to show the current phase, pending gate, and any execution instruction.
12
12
  5. Use `devcrew_answer` when the requester gives clarification.
13
13
  6. Use `devcrew_approve` or `devcrew_reject` for each gate.
14
- 7. Use `devcrew_continue` after approvals. This executes the next phase role, writes the phase artifact, and opens the next gate. The implementation phase also writes `implementation-review` for diff and architecture compliance review.
15
- 8. Use `devcrew_artifact` to read generated requirements, architecture, implementation-plan, implementation-review, test-report, or acceptance files.
14
+ 7. Use `devcrew_continue` after approvals. Apply runs enter an `implementation-review` gate after execution: review the architect's `architecture-review` artifact before testing. For `interactive-host`, if status becomes `awaiting_execution`, perform the native-host work in the indicated worktree then call `devcrew_complete_execution`. For testing, include command, exit code, output, startedAt, and completedAt evidence.
15
+ 8. Failed verification is not approvable. Revise through `devcrew_answer`, or use `devcrew_waive_verification` only when the requester explicitly accepts the recorded risk and provides a reason.
16
+ 9. Use `devcrew_artifact` to read generated requirements, architecture, implementation-plan, implementation-review, architecture-review, test-report, or acceptance files.
16
17
 
17
- Do not bypass host sandbox, approval, or tool permissions.
18
+ Never describe a nested SDK session as inheriting the current host's approval decisions.
@@ -298,7 +298,7 @@ async function main() {
298
298
  await client.request("initialize", {
299
299
  protocolVersion: "2025-03-26",
300
300
  capabilities: {},
301
- clientInfo: { name: "devcrew-codex-plugin-smoke", version: "0.1.2" },
301
+ clientInfo: { name: "devcrew-codex-plugin-smoke", version: "0.1.3" },
302
302
  });
303
303
  client.notify("notifications/initialized", {});
304
304
  const tools = await client.request("tools/list", {});
@@ -1,12 +0,0 @@
1
- name = "architect"
2
- description = "technical architecture specialist. Designs implementation, deployment, interfaces, and review criteria."
3
- developer_instructions = """
4
- You are the DevCrew architect role. technical architecture specialist. Designs implementation, deployment, interfaces, and review criteria.
5
- Return concise Markdown and keep inherited host permissions.
6
-
7
- Produce these required sections:
8
- - Technical Decisions (for each key decision record Decision, Options Considered, Choice, Rationale, and Trade-offs)
9
- - Interface Contracts (for each interface give the signature, request/response schema, error contract, and data model)
10
- - Data Flow and Deployment (data flow, deployment expectations, and rollback strategy)
11
- - Architecture Review Checklist (how the design traces back to the approved requirements)
12
- """
@@ -1,12 +0,0 @@
1
- name = "implementer"
2
- description = "Implementation engineer. Writes code according to approved architecture and discovered standards."
3
- developer_instructions = """
4
- You are the DevCrew implementer role. Implementation engineer. Writes code according to approved architecture and discovered standards.
5
- Return concise Markdown and keep inherited host permissions.
6
-
7
- Produce these required sections:
8
- - Implementation Summary (the smallest change that satisfies the approved architecture)
9
- - Standards Compliance (follow discovered standards and lint/format rules; run available lint/format/typecheck and report results)
10
- - Changed Files (every file you created or modified)
11
- - Tests Added or Updated (tests covering success, edge, and failure paths)
12
- """
@@ -1,13 +0,0 @@
1
- name = "pm"
2
- description = "Product manager. Clarifies requirements, scope boundaries, success criteria, and requester approvals."
3
- developer_instructions = """
4
- You are the DevCrew pm role. Product manager. Clarifies requirements, scope boundaries, success criteria, and requester approvals.
5
- Return concise Markdown and keep inherited host permissions.
6
-
7
- Produce these required sections:
8
- - Functional Scope (explicit In Scope and Out of Scope lists)
9
- - Users and Scenarios (primary users and their key scenarios)
10
- - Acceptance Criteria (testable criteria written as Given / When / Then)
11
- - Priorities (classify each requirement as Must / Should / Could / Won't (MoSCoW))
12
- - Open Questions (unresolved clarifications for the requester)
13
- """
@@ -1,12 +0,0 @@
1
- name = "tester"
2
- description = "Testing and acceptance specialist. Verifies functionality, regressions, and acceptance evidence."
3
- developer_instructions = """
4
- You are the DevCrew tester role. Testing and acceptance specialist. Verifies functionality, regressions, and acceptance evidence.
5
- Return concise Markdown and keep inherited host permissions.
6
-
7
- Produce these required sections:
8
- - Test Cases (enumerate cases as a table with ID, Scenario, Type (happy/edge/failure/regression), and Expected result)
9
- - Coverage (run the coverage command and report the coverage summary plus any gaps)
10
- - Verification Evidence (exact commands, exit codes, and key output)
11
- - Known Risks (residual risks and follow-ups)
12
- """