@synapsor/runner 0.1.0-alpha.2 → 0.1.0-alpha.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +111 -4
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +5 -0
- package/dist/runner.mjs +2229 -100
- package/docs/MCP_RUNNER_IMPLEMENTATION_PLAN.md +1 -1
- package/docs/cloud-mode.md +3 -3
- package/docs/config-migrations.md +3 -3
- package/docs/demo-transcript.md +140 -52
- package/docs/first-10-minutes.md +30 -5
- package/docs/getting-started-own-database.md +27 -27
- package/docs/limitations.md +20 -0
- package/docs/local-mode.md +78 -15
- package/docs/local-ui.md +4 -4
- package/docs/mcp-audit.md +28 -7
- package/docs/mcp-client-setup.md +6 -6
- package/docs/mcp-efficiency-benchmark.md +2 -2
- package/docs/open-source-feature-inventory.md +254 -0
- package/docs/operations.md +3 -3
- package/docs/own-db-20-minutes.md +14 -14
- package/docs/recipes.md +6 -6
- package/docs/schema-inspection.md +3 -3
- package/docs/security-boundary.md +17 -0
- package/docs/shadow-mode.md +4 -4
- package/docs/troubleshooting-first-run.md +6 -6
- package/docs/writeback-executors.md +1 -1
- package/examples/reference-support-billing-app/README.md +60 -9
- package/examples/reference-support-billing-app/schema.sql +14 -1
- package/examples/reference-support-billing-app/seed.sql +12 -5
- package/examples/reference-support-billing-app/synapsor.runner.json +105 -0
- package/package.json +1 -1
|
@@ -152,7 +152,7 @@ This plan maps the existing open-source runner repository to the commit-safe dat
|
|
|
152
152
|
## Release blockers
|
|
153
153
|
|
|
154
154
|
- Live hosted Cloud-linked E2E still requires a compatible Synapsor Cloud workspace, adapter, and scoped runner token. A local hosted-compatible Cloud-linked smoke now covers the protocol/API lifecycle against a mock Cloud API and real disposable Postgres writeback.
|
|
155
|
-
- `packages/proposal-store`
|
|
155
|
+
- `packages/proposal-store` uses Node 22 `node:sqlite`. The alpha package pins Node >= 22.5.0 in `engines` and the package/source wrappers fail early with a clear message on older Node versions. Replacing this with a broader-LTS SQLite dependency remains a future compatibility option.
|
|
156
156
|
- Release docs present: `LICENSE` is Apache License 2.0, and `CONTRIBUTING.md` / `CODE_OF_CONDUCT.md` exist with project-specific safety guidance.
|
|
157
157
|
|
|
158
158
|
## Verification log
|
package/docs/cloud-mode.md
CHANGED
|
@@ -53,7 +53,7 @@ Cloud mode uses the same MCP server command with a `mode: "cloud"` config:
|
|
|
53
53
|
"base_url_env": "SYNAPSOR_CLOUD_BASE_URL",
|
|
54
54
|
"runner_token_env": "SYNAPSOR_RUNNER_TOKEN",
|
|
55
55
|
"runner_id": "synapsor_runner_local",
|
|
56
|
-
"runner_version": "0.1.0-alpha.
|
|
56
|
+
"runner_version": "0.1.0-alpha.4",
|
|
57
57
|
"project_id": "token_scope",
|
|
58
58
|
"adapter_id": "mcp.your_adapter",
|
|
59
59
|
"source_id": "src_replace_me",
|
|
@@ -71,7 +71,7 @@ Run:
|
|
|
71
71
|
```bash
|
|
72
72
|
SYNAPSOR_CLOUD_BASE_URL="https://api.synapsor.ai" \
|
|
73
73
|
SYNAPSOR_RUNNER_TOKEN="syn_wbr_..." \
|
|
74
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
74
|
+
npx -y -p @synapsor/runner@alpha synapsor mcp serve --config ./synapsor.cloud.json
|
|
75
75
|
```
|
|
76
76
|
|
|
77
77
|
Validate the Cloud runner token and source scope before serving tools:
|
|
@@ -79,7 +79,7 @@ Validate the Cloud runner token and source scope before serving tools:
|
|
|
79
79
|
```bash
|
|
80
80
|
SYNAPSOR_CLOUD_BASE_URL="https://api.synapsor.ai" \
|
|
81
81
|
SYNAPSOR_RUNNER_TOKEN="syn_wbr_..." \
|
|
82
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
82
|
+
npx -y -p @synapsor/runner@alpha synapsor cloud connect --config ./synapsor.cloud.json
|
|
83
83
|
```
|
|
84
84
|
|
|
85
85
|
`cloud connect` verifies the runner token, registers the runner id/version, sends engine/capability/source metadata, and posts an initial heartbeat. It does not send Postgres/MySQL URLs, passwords, write credentials, prompts, or table data. The `project_id` field may be the literal `token_scope` because Synapsor Cloud validates the real project/source from the scoped runner token.
|
|
@@ -29,7 +29,7 @@ validation.
|
|
|
29
29
|
Because version 1 is the only supported schema today, migration is conservative:
|
|
30
30
|
|
|
31
31
|
```bash
|
|
32
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
32
|
+
npx -y -p @synapsor/runner@alpha synapsor config migrate --config synapsor.runner.json
|
|
33
33
|
```
|
|
34
34
|
|
|
35
35
|
prints that the config is already current and writes nothing.
|
|
@@ -37,7 +37,7 @@ prints that the config is already current and writes nothing.
|
|
|
37
37
|
To write a normalized copy:
|
|
38
38
|
|
|
39
39
|
```bash
|
|
40
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
40
|
+
npx -y -p @synapsor/runner@alpha synapsor config migrate \
|
|
41
41
|
--config synapsor.runner.json \
|
|
42
42
|
--output migrated.json \
|
|
43
43
|
--yes
|
|
@@ -47,7 +47,7 @@ To rewrite in place, the command requires an explicit write and creates a
|
|
|
47
47
|
timestamped backup:
|
|
48
48
|
|
|
49
49
|
```bash
|
|
50
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
50
|
+
npx -y -p @synapsor/runner@alpha synapsor config migrate \
|
|
51
51
|
--config synapsor.runner.json \
|
|
52
52
|
--write \
|
|
53
53
|
--yes
|
package/docs/demo-transcript.md
CHANGED
|
@@ -1,73 +1,161 @@
|
|
|
1
|
-
#
|
|
1
|
+
# Demo Transcript
|
|
2
2
|
|
|
3
|
-
This
|
|
3
|
+
This transcript shows the intended public demo path. Exact timestamps, hashes,
|
|
4
|
+
ports, and generated proposal ids vary.
|
|
5
|
+
|
|
6
|
+
## Quick demo
|
|
4
7
|
|
|
5
8
|
```bash
|
|
6
|
-
|
|
9
|
+
npx -y -p @synapsor/runner@alpha synapsor demo --quick
|
|
7
10
|
```
|
|
8
11
|
|
|
9
|
-
|
|
12
|
+
The local-ledger fixture output below requires this checkout or package version
|
|
13
|
+
`0.1.0-alpha.4` or newer.
|
|
14
|
+
|
|
15
|
+
Expected shape:
|
|
10
16
|
|
|
11
17
|
```text
|
|
12
|
-
Synapsor Runner
|
|
18
|
+
Synapsor Runner quick demo
|
|
13
19
|
|
|
14
|
-
|
|
15
|
-
|
|
20
|
+
This is a fixture-only first look. It does not start Docker, connect a database,
|
|
21
|
+
or require an MCP client. It writes an inspectable local ledger fixture to:
|
|
22
|
+
./.synapsor/quick-demo.db
|
|
16
23
|
|
|
17
|
-
|
|
18
|
-
|
|
24
|
+
Raw MCP shape:
|
|
25
|
+
execute_sql(sql: string)
|
|
26
|
+
Risk: the model can write arbitrary SQL with database authority.
|
|
19
27
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
Step 5: Human approval outside MCP
|
|
24
|
-
Step 6: Trusted runner applies guarded writeback
|
|
25
|
-
Step 7: Replay explains what happened
|
|
26
|
-
Step 8: Extra safety checks catch stale rows and unsafe tools
|
|
28
|
+
Synapsor shape:
|
|
29
|
+
billing.inspect_invoice(invoice_id)
|
|
30
|
+
billing.propose_late_fee_waiver(invoice_id, reason)
|
|
27
31
|
|
|
28
|
-
|
|
32
|
+
Agent requested:
|
|
33
|
+
billing.propose_late_fee_waiver(invoice_id="INV-3001", reason="approved support waiver")
|
|
29
34
|
|
|
30
|
-
|
|
35
|
+
Trusted context:
|
|
36
|
+
tenant_id = acme
|
|
37
|
+
principal = support.agent
|
|
31
38
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
* billing.propose_late_fee_waiver
|
|
39
|
+
Proposal:
|
|
40
|
+
invoice.late_fee_cents: 5500 -> 0
|
|
35
41
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
* write credentials
|
|
39
|
-
* approve/commit tools
|
|
42
|
+
Source DB changed:
|
|
43
|
+
no
|
|
40
44
|
|
|
41
|
-
|
|
45
|
+
Approval:
|
|
46
|
+
required outside MCP
|
|
47
|
+
|
|
48
|
+
Replay:
|
|
49
|
+
replay_wrp_quick_INV_3001 captures the local proposal, evidence handle, query audit, and events.
|
|
50
|
+
```
|
|
42
51
|
|
|
43
|
-
|
|
44
|
-
|
|
52
|
+
Inspect the fixture:
|
|
53
|
+
|
|
54
|
+
```bash
|
|
55
|
+
synapsor proposals show latest --store ./.synapsor/quick-demo.db
|
|
56
|
+
synapsor activity search --object invoice:INV-3001 --store ./.synapsor/quick-demo.db
|
|
57
|
+
synapsor replay show latest --store ./.synapsor/quick-demo.db
|
|
58
|
+
```
|
|
45
59
|
|
|
46
|
-
|
|
47
|
-
corepack pnpm demo:reference
|
|
60
|
+
## Full Docker-backed demo
|
|
48
61
|
|
|
49
|
-
|
|
50
|
-
npx -y -p @synapsor/runner@alpha synapsor-runner mcp config --absolute-paths --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
|
|
62
|
+
Start the disposable local Postgres demo:
|
|
51
63
|
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
npx -y -p @synapsor/runner@alpha synapsor-runner inspect --from-env DATABASE_URL
|
|
55
|
-
npx -y -p @synapsor/runner@alpha synapsor-runner init --wizard --from-env DATABASE_URL
|
|
64
|
+
```bash
|
|
65
|
+
synapsor demo
|
|
56
66
|
```
|
|
57
67
|
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
68
|
+
Expected shape:
|
|
69
|
+
|
|
70
|
+
```text
|
|
71
|
+
Synapsor Runner demo
|
|
72
|
+
|
|
73
|
+
Raw database MCP tools can hand the model SQL and write authority.
|
|
74
|
+
Synapsor Runner exposes semantic capabilities instead:
|
|
75
|
+
billing.inspect_invoice
|
|
76
|
+
billing.propose_late_fee_waiver
|
|
77
|
+
|
|
78
|
+
Demo flow:
|
|
79
|
+
proposal first -> source unchanged -> approval outside MCP -> guarded writeback -> replay
|
|
80
|
+
|
|
81
|
+
Starting disposable Postgres fixture...
|
|
82
|
+
Synapsor Runner demo is ready.
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
Create the proposal the MCP tool would create:
|
|
86
|
+
|
|
87
|
+
```bash
|
|
88
|
+
synapsor propose billing.propose_late_fee_waiver --sample
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
Expected shape:
|
|
92
|
+
|
|
93
|
+
```text
|
|
94
|
+
Proposal created
|
|
95
|
+
Capability: billing.propose_late_fee_waiver
|
|
96
|
+
Proposal: wrp_...
|
|
97
|
+
Status: review_required
|
|
98
|
+
Source database changed: no
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
Review and approve outside MCP:
|
|
102
|
+
|
|
103
|
+
```bash
|
|
104
|
+
synapsor proposals show latest
|
|
105
|
+
synapsor proposals approve latest --yes
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
Apply through guarded writeback:
|
|
109
|
+
|
|
110
|
+
```bash
|
|
111
|
+
synapsor apply latest
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
Expected shape:
|
|
115
|
+
|
|
116
|
+
```text
|
|
117
|
+
Guarded writeback applied.
|
|
118
|
+
Proposal: wrp_...
|
|
119
|
+
Status: applied
|
|
120
|
+
Rows affected: 1
|
|
121
|
+
Source database mutated: yes
|
|
122
|
+
```
|
|
123
|
+
|
|
124
|
+
Search by business object:
|
|
125
|
+
|
|
126
|
+
```bash
|
|
127
|
+
synapsor activity search --object invoice:INV-3001
|
|
128
|
+
```
|
|
129
|
+
|
|
130
|
+
Expected shape:
|
|
131
|
+
|
|
132
|
+
```text
|
|
133
|
+
Found local interactions
|
|
134
|
+
|
|
135
|
+
kind: proposal
|
|
136
|
+
capability: billing.propose_late_fee_waiver
|
|
137
|
+
object: invoice:INV-3001
|
|
138
|
+
proposal: wrp_...
|
|
139
|
+
evidence: ev_...
|
|
140
|
+
status: applied
|
|
141
|
+
replay: replay_wrp_...
|
|
142
|
+
```
|
|
143
|
+
|
|
144
|
+
Export a copy-pasteable review artifact:
|
|
145
|
+
|
|
146
|
+
```bash
|
|
147
|
+
synapsor replay export --proposal wrp_... --format markdown --output replay.md
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
The Markdown includes:
|
|
151
|
+
|
|
152
|
+
- what the agent requested;
|
|
153
|
+
- trusted tenant/principal context;
|
|
154
|
+
- captured evidence and query audit;
|
|
155
|
+
- exact proposed diff;
|
|
156
|
+
- approval event;
|
|
157
|
+
- guarded writeback receipt;
|
|
158
|
+
- replay note explaining this is local captured interaction replay, not
|
|
159
|
+
external database time travel.
|
|
160
|
+
|
|
161
|
+
The full demo should show the happy path before the stale-row conflict path.
|
package/docs/first-10-minutes.md
CHANGED
|
@@ -1,7 +1,32 @@
|
|
|
1
1
|
# First 10 Minutes
|
|
2
2
|
|
|
3
|
-
This path is for a developer who
|
|
4
|
-
|
|
3
|
+
This path is for a developer who wants to understand Synapsor Runner without
|
|
4
|
+
reading the full docs first.
|
|
5
|
+
|
|
6
|
+
## Fastest First Look
|
|
7
|
+
|
|
8
|
+
If you only want the 15-second value proof and have Node >= 22.5.0:
|
|
9
|
+
|
|
10
|
+
```bash
|
|
11
|
+
npx -y -p @synapsor/runner@alpha synapsor demo --quick
|
|
12
|
+
```
|
|
13
|
+
|
|
14
|
+
The local-ledger quick fixture requires this checkout or package version
|
|
15
|
+
`0.1.0-alpha.4` or newer. If `npm view @synapsor/runner@alpha version` reports
|
|
16
|
+
an older alpha, run `./bin/synapsor demo --quick` from this checkout until the
|
|
17
|
+
next alpha is published.
|
|
18
|
+
|
|
19
|
+
That command does not require Docker, a database, a config file, an MCP client,
|
|
20
|
+
or a Synapsor Cloud account. It seeds `./.synapsor/quick-demo.db` with a local
|
|
21
|
+
proposal/evidence/replay fixture you can inspect:
|
|
22
|
+
|
|
23
|
+
```bash
|
|
24
|
+
synapsor activity search --object invoice:INV-3001 --store ./.synapsor/quick-demo.db
|
|
25
|
+
synapsor replay show latest --store ./.synapsor/quick-demo.db
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
Use the Docker-backed path below when you want the full disposable
|
|
29
|
+
Postgres/MySQL proof with guarded writeback.
|
|
5
30
|
|
|
6
31
|
## What You Need
|
|
7
32
|
|
|
@@ -70,7 +95,7 @@ authority.
|
|
|
70
95
|
## Next Command 1: Open The Local UI
|
|
71
96
|
|
|
72
97
|
```bash
|
|
73
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
98
|
+
npx -y -p @synapsor/runner@alpha synapsor ui --tour \
|
|
74
99
|
--config ./examples/mcp-postgres-billing/synapsor.runner.json \
|
|
75
100
|
--store ./.synapsor/local.db
|
|
76
101
|
```
|
|
@@ -97,7 +122,7 @@ The reference app uses a disposable support/billing Postgres database and proves
|
|
|
97
122
|
## Next Command 3: Generate MCP Client Config
|
|
98
123
|
|
|
99
124
|
```bash
|
|
100
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
125
|
+
npx -y -p @synapsor/runner@alpha synapsor mcp config claude-desktop \
|
|
101
126
|
--absolute-paths \
|
|
102
127
|
--config ./examples/mcp-postgres-billing/synapsor.runner.json \
|
|
103
128
|
--store ./.synapsor/local.db
|
|
@@ -110,7 +135,7 @@ tools, commit tools, or write credentials.
|
|
|
110
135
|
Verify the configured tool boundary with:
|
|
111
136
|
|
|
112
137
|
```bash
|
|
113
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
138
|
+
npx -y -p @synapsor/runner@alpha synapsor tools preview \
|
|
114
139
|
--config ./examples/mcp-postgres-billing/synapsor.runner.json \
|
|
115
140
|
--store ./.synapsor/local.db
|
|
116
141
|
```
|
|
@@ -76,7 +76,7 @@ other trusted database TLS setup.
|
|
|
76
76
|
## 2. Inspect metadata
|
|
77
77
|
|
|
78
78
|
```bash
|
|
79
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
79
|
+
npx -y -p @synapsor/runner@alpha synapsor inspect \
|
|
80
80
|
--engine auto \
|
|
81
81
|
--from-env DATABASE_URL \
|
|
82
82
|
--schema public
|
|
@@ -85,13 +85,13 @@ npx -y -p @synapsor/runner@alpha synapsor-runner inspect \
|
|
|
85
85
|
For a disposable staging URL, this also works:
|
|
86
86
|
|
|
87
87
|
```bash
|
|
88
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
88
|
+
npx -y -p @synapsor/runner@alpha synapsor inspect "$DATABASE_URL" --engine auto --schema public
|
|
89
89
|
```
|
|
90
90
|
|
|
91
91
|
For automation:
|
|
92
92
|
|
|
93
93
|
```bash
|
|
94
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
94
|
+
npx -y -p @synapsor/runner@alpha synapsor inspect \
|
|
95
95
|
--engine postgres \
|
|
96
96
|
--from-env DATABASE_URL \
|
|
97
97
|
--schema public \
|
|
@@ -108,9 +108,9 @@ to your staging table, primary key, tenant key, conflict column, visible fields,
|
|
|
108
108
|
allowed write fields, and business limits.
|
|
109
109
|
|
|
110
110
|
```bash
|
|
111
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
112
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
113
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
111
|
+
npx -y -p @synapsor/runner@alpha synapsor recipes list
|
|
112
|
+
npx -y -p @synapsor/runner@alpha synapsor recipes show billing.late_fee_waiver
|
|
113
|
+
npx -y -p @synapsor/runner@alpha synapsor recipes init billing.late_fee_waiver --output synapsor.runner.json
|
|
114
114
|
```
|
|
115
115
|
|
|
116
116
|
Use a recipe when the shape is close. Use the guided wizard or explicit flags
|
|
@@ -125,7 +125,7 @@ only the capabilities in your generated `synapsor.runner.json`.
|
|
|
125
125
|
In an interactive terminal, run the guided wizard:
|
|
126
126
|
|
|
127
127
|
```bash
|
|
128
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
128
|
+
npx -y -p @synapsor/runner@alpha synapsor init --from-env DATABASE_URL --mode read_only --wizard
|
|
129
129
|
```
|
|
130
130
|
|
|
131
131
|
The generated capabilities are based on your selections. Synapsor Runner does
|
|
@@ -161,7 +161,7 @@ If you already know the reviewed table/action, generate config directly from
|
|
|
161
161
|
metadata and explicit flags:
|
|
162
162
|
|
|
163
163
|
```bash
|
|
164
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
164
|
+
npx -y -p @synapsor/runner@alpha synapsor init \
|
|
165
165
|
--from-env DATABASE_URL \
|
|
166
166
|
--engine postgres \
|
|
167
167
|
--schema public \
|
|
@@ -180,7 +180,7 @@ npx -y -p @synapsor/runner@alpha synapsor-runner init \
|
|
|
180
180
|
Or generate from a saved inspection snapshot without reconnecting:
|
|
181
181
|
|
|
182
182
|
```bash
|
|
183
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
183
|
+
npx -y -p @synapsor/runner@alpha synapsor init \
|
|
184
184
|
--inspection-json schema-inspection.json \
|
|
185
185
|
--table invoices \
|
|
186
186
|
--namespace billing \
|
|
@@ -248,7 +248,7 @@ contain database URLs or passwords.
|
|
|
248
248
|
## 6. Generate runner files
|
|
249
249
|
|
|
250
250
|
```bash
|
|
251
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
251
|
+
npx -y -p @synapsor/runner@alpha synapsor init \
|
|
252
252
|
--spec onboarding-selection.json \
|
|
253
253
|
--non-interactive
|
|
254
254
|
```
|
|
@@ -268,10 +268,10 @@ files.
|
|
|
268
268
|
Generate or refresh MCP client snippets later with:
|
|
269
269
|
|
|
270
270
|
```bash
|
|
271
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
272
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
273
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
274
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
271
|
+
npx -y -p @synapsor/runner@alpha synapsor mcp config generic --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
272
|
+
npx -y -p @synapsor/runner@alpha synapsor mcp config claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
273
|
+
npx -y -p @synapsor/runner@alpha synapsor mcp config cursor --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
274
|
+
npx -y -p @synapsor/runner@alpha synapsor tools preview --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
275
275
|
```
|
|
276
276
|
|
|
277
277
|
The snippets contain the local command and args. They must not contain database
|
|
@@ -280,8 +280,8 @@ URLs, passwords, approval tools, commit tools, or write credentials.
|
|
|
280
280
|
## 7. Validate the config
|
|
281
281
|
|
|
282
282
|
```bash
|
|
283
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
284
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
283
|
+
npx -y -p @synapsor/runner@alpha synapsor config validate --config synapsor.runner.json
|
|
284
|
+
npx -y -p @synapsor/runner@alpha synapsor config show --config synapsor.runner.json --redacted
|
|
285
285
|
```
|
|
286
286
|
|
|
287
287
|
The config stores environment-variable names, not connection-string values.
|
|
@@ -289,7 +289,7 @@ The config stores environment-variable names, not connection-string values.
|
|
|
289
289
|
Run doctor after setting the referenced environment variables:
|
|
290
290
|
|
|
291
291
|
```bash
|
|
292
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
292
|
+
npx -y -p @synapsor/runner@alpha synapsor doctor --config synapsor.runner.json
|
|
293
293
|
```
|
|
294
294
|
|
|
295
295
|
Doctor validates config shape, trusted context env vars, source env vars,
|
|
@@ -297,7 +297,7 @@ read/write credential separation, table/column metadata when the read URL is
|
|
|
297
297
|
available, and the semantic MCP tool boundary. Use JSON for automation:
|
|
298
298
|
|
|
299
299
|
```bash
|
|
300
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
300
|
+
npx -y -p @synapsor/runner@alpha synapsor doctor --config synapsor.runner.json --json
|
|
301
301
|
```
|
|
302
302
|
|
|
303
303
|
## 8. Serve semantic MCP tools
|
|
@@ -305,7 +305,7 @@ npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner
|
|
|
305
305
|
```bash
|
|
306
306
|
export SYNAPSOR_TENANT_ID="acme"
|
|
307
307
|
export SYNAPSOR_PRINCIPAL="local_operator"
|
|
308
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
308
|
+
npx -y -p @synapsor/runner@alpha synapsor mcp serve --config ./synapsor.runner.json --store ./.synapsor/local.db
|
|
309
309
|
```
|
|
310
310
|
|
|
311
311
|
The model-facing MCP server exposes semantic tools such as:
|
|
@@ -325,10 +325,10 @@ tools, commit tools, database URLs, write credentials, or tenant authority.
|
|
|
325
325
|
Proposal tools leave the source database unchanged. Review locally:
|
|
326
326
|
|
|
327
327
|
```bash
|
|
328
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
329
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
330
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
331
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
328
|
+
npx -y -p @synapsor/runner@alpha synapsor proposals list --store ./.synapsor/local.db
|
|
329
|
+
npx -y -p @synapsor/runner@alpha synapsor proposals show wrp_123 --store ./.synapsor/local.db
|
|
330
|
+
npx -y -p @synapsor/runner@alpha synapsor proposals approve wrp_123 --store ./.synapsor/local.db --actor local_reviewer --yes
|
|
331
|
+
npx -y -p @synapsor/runner@alpha synapsor proposals writeback-job wrp_123 --store ./.synapsor/local.db --output job.json
|
|
332
332
|
```
|
|
333
333
|
|
|
334
334
|
Apply through the trusted worker path with a separate writer credential:
|
|
@@ -337,7 +337,7 @@ Apply through the trusted worker path with a separate writer credential:
|
|
|
337
337
|
export SYNAPSOR_DATABASE_WRITE_URL="<postgres-or-mysql-write-url>"
|
|
338
338
|
SYNAPSOR_ENGINE=postgres \
|
|
339
339
|
SYNAPSOR_DATABASE_URL="$SYNAPSOR_DATABASE_WRITE_URL" \
|
|
340
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
340
|
+
npx -y -p @synapsor/runner@alpha synapsor apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
|
|
341
341
|
```
|
|
342
342
|
|
|
343
343
|
If your application/API should own the business write, use an `http_handler`
|
|
@@ -346,7 +346,7 @@ from environment variables, and the handler receives a structured proposal/job
|
|
|
346
346
|
payload, not arbitrary model SQL:
|
|
347
347
|
|
|
348
348
|
```bash
|
|
349
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
349
|
+
npx -y -p @synapsor/runner@alpha synapsor apply --proposal wrp_123 --config synapsor.runner.json --store ./.synapsor/local.db
|
|
350
350
|
```
|
|
351
351
|
|
|
352
352
|
See `docs/writeback-executors.md`.
|
|
@@ -354,8 +354,8 @@ See `docs/writeback-executors.md`.
|
|
|
354
354
|
Replay afterward:
|
|
355
355
|
|
|
356
356
|
```bash
|
|
357
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
358
|
-
npx -y -p @synapsor/runner@alpha synapsor
|
|
357
|
+
npx -y -p @synapsor/runner@alpha synapsor replay show wrp_123 --store ./.synapsor/local.db
|
|
358
|
+
npx -y -p @synapsor/runner@alpha synapsor replay export wrp_123 --store ./.synapsor/local.db --output replay.json
|
|
359
359
|
```
|
|
360
360
|
|
|
361
361
|
## Boundary
|
package/docs/limitations.md
CHANGED
|
@@ -25,6 +25,8 @@ Synapsor Runner is intentionally narrow in the current alpha.
|
|
|
25
25
|
- Capability recipes that generate reviewed starter configs.
|
|
26
26
|
- Shadow-mode proposal-vs-human-action comparison.
|
|
27
27
|
- Static MCP database risk review.
|
|
28
|
+
- Local indexed search for proposals, evidence bundles, query audit, writeback
|
|
29
|
+
receipts, and proposal replay.
|
|
28
30
|
|
|
29
31
|
## Runtime Contract
|
|
30
32
|
|
|
@@ -61,6 +63,24 @@ External Postgres/MySQL databases are not branched or merged by Synapsor Runner.
|
|
|
61
63
|
|
|
62
64
|
The proposal, evidence, replay, and approval state live in Synapsor Runner locally or in Synapsor Cloud. The external source database changes only when a trusted runner applies an approved writeback job.
|
|
63
65
|
|
|
66
|
+
Local replay means replay of records captured by the runner:
|
|
67
|
+
|
|
68
|
+
- trusted context values used by the capability;
|
|
69
|
+
- captured/projected source-row excerpts;
|
|
70
|
+
- query audit fingerprints and redacted parameter metadata;
|
|
71
|
+
- proposal before/proposed diffs;
|
|
72
|
+
- approval/rejection events;
|
|
73
|
+
- guarded writeback jobs;
|
|
74
|
+
- applied/conflict/failed receipts.
|
|
75
|
+
|
|
76
|
+
It does not mean external Postgres/MySQL time travel. Runner cannot reconstruct
|
|
77
|
+
arbitrary historical rows that were never captured as evidence, and it does not
|
|
78
|
+
provide `AS OF` queries over an external source.
|
|
79
|
+
|
|
80
|
+
Local search is single-node SQLite search over the local runner store. It is
|
|
81
|
+
useful for local/dev/staging usage. It is not a hosted central evidence ledger,
|
|
82
|
+
not cross-runner aggregation, not RBAC/SSO, and not compliance retention.
|
|
83
|
+
|
|
64
84
|
Use this wording:
|
|
65
85
|
|
|
66
86
|
```text
|