@synapsor/runner 0.1.0-alpha.3 → 0.1.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -152,7 +152,7 @@ This plan maps the existing open-source runner repository to the commit-safe dat
152
152
  ## Release blockers
153
153
 
154
154
  - Live hosted Cloud-linked E2E still requires a compatible Synapsor Cloud workspace, adapter, and scoped runner token. A local hosted-compatible Cloud-linked smoke now covers the protocol/API lifecycle against a mock Cloud API and real disposable Postgres writeback.
155
- - `packages/proposal-store` currently uses Node 22 `node:sqlite`, which is still marked experimental by Node. Before a public runner release, either pin/support that runtime explicitly or replace it with a stable SQLite dependency.
155
+ - `packages/proposal-store` uses Node 22 `node:sqlite`. The alpha package pins Node >= 22.5.0 in `engines` and the package/source wrappers fail early with a clear message on older Node versions. Replacing this with a broader-LTS SQLite dependency remains a future compatibility option.
156
156
  - Release docs present: `LICENSE` is Apache License 2.0, and `CONTRIBUTING.md` / `CODE_OF_CONDUCT.md` exist with project-specific safety guidance.
157
157
 
158
158
  ## Verification log
@@ -53,7 +53,7 @@ Cloud mode uses the same MCP server command with a `mode: "cloud"` config:
53
53
  "base_url_env": "SYNAPSOR_CLOUD_BASE_URL",
54
54
  "runner_token_env": "SYNAPSOR_RUNNER_TOKEN",
55
55
  "runner_id": "synapsor_runner_local",
56
- "runner_version": "0.1.0-alpha.3",
56
+ "runner_version": "0.1.0-alpha.4",
57
57
  "project_id": "token_scope",
58
58
  "adapter_id": "mcp.your_adapter",
59
59
  "source_id": "src_replace_me",
@@ -1,73 +1,161 @@
1
- # First-Run Demo Transcript
1
+ # Demo Transcript
2
2
 
3
- This is the expected high-level transcript for:
3
+ This transcript shows the intended public demo path. Exact timestamps, hashes,
4
+ ports, and generated proposal ids vary.
5
+
6
+ ## Quick demo
4
7
 
5
8
  ```bash
6
- ./scripts/try-synapsor.sh
9
+ npx -y -p @synapsor/runner@alpha synapsor demo --quick
7
10
  ```
8
11
 
9
- Exact timings and log paths vary.
12
+ The local-ledger fixture output below requires this checkout or package version
13
+ `0.1.0-alpha.4` or newer.
14
+
15
+ Expected shape:
10
16
 
11
17
  ```text
12
- Synapsor Runner first-run demo
18
+ Synapsor Runner quick demo
13
19
 
14
- You are about to see an MCP agent propose a database change without receiving SQL or write credentials.
15
- Full logs will be written to: ./.synapsor/logs/try-synapsor-<timestamp>.log
20
+ This is a fixture-only first look. It does not start Docker, connect a database,
21
+ or require an MCP client. It writes an inspectable local ledger fixture to:
22
+ ./.synapsor/quick-demo.db
16
23
 
17
- Step 1: MCP tools exposed
18
- In this fixture, the model sees semantic tools such as billing.inspect_invoice and billing.propose_late_fee_waiver.
24
+ Raw MCP shape:
25
+ execute_sql(sql: string)
26
+ Risk: the model can write arbitrary SQL with database authority.
19
27
 
20
- Step 2: Agent inspects business object
21
- Step 3: Agent proposes change
22
- Step 4: Source DB changed: No
23
- Step 5: Human approval outside MCP
24
- Step 6: Trusted runner applies guarded writeback
25
- Step 7: Replay explains what happened
26
- Step 8: Extra safety checks catch stale rows and unsafe tools
28
+ Synapsor shape:
29
+ billing.inspect_invoice(invoice_id)
30
+ billing.propose_late_fee_waiver(invoice_id, reason)
27
31
 
28
- Running the disposable Docker proof. This can take a few minutes...
32
+ Agent requested:
33
+ billing.propose_late_fee_waiver(invoice_id="INV-3001", reason="approved support waiver")
29
34
 
30
- Success. You saw the Synapsor commit boundary.
35
+ Trusted context:
36
+ tenant_id = acme
37
+ principal = support.agent
31
38
 
32
- In the included fixture, the model got:
33
- * billing.inspect_invoice
34
- * billing.propose_late_fee_waiver
39
+ Proposal:
40
+ invoice.late_fee_cents: 5500 -> 0
35
41
 
36
- The model did not get:
37
- * execute_sql
38
- * write credentials
39
- * approve/commit tools
42
+ Source DB changed:
43
+ no
40
44
 
41
- Next:
45
+ Approval:
46
+ required outside MCP
47
+
48
+ Replay:
49
+ replay_wrp_quick_INV_3001 captures the local proposal, evidence handle, query audit, and events.
50
+ ```
42
51
 
43
- 1. Open proposal UI:
44
- npx -y -p @synapsor/runner@alpha synapsor ui --tour --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
52
+ Inspect the fixture:
53
+
54
+ ```bash
55
+ synapsor proposals show latest --store ./.synapsor/quick-demo.db
56
+ synapsor activity search --object invoice:INV-3001 --store ./.synapsor/quick-demo.db
57
+ synapsor replay show latest --store ./.synapsor/quick-demo.db
58
+ ```
45
59
 
46
- 2. Run the reference app:
47
- corepack pnpm demo:reference
60
+ ## Full Docker-backed demo
48
61
 
49
- 3. Generate MCP client config:
50
- npx -y -p @synapsor/runner@alpha synapsor mcp config --absolute-paths --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
62
+ Start the disposable local Postgres demo:
51
63
 
52
- 4. Use your own staging Postgres/MySQL:
53
- export DATABASE_URL='<postgres-or-mysql-read-url>'
54
- npx -y -p @synapsor/runner@alpha synapsor inspect --from-env DATABASE_URL
55
- npx -y -p @synapsor/runner@alpha synapsor init --wizard --from-env DATABASE_URL
64
+ ```bash
65
+ synapsor demo
56
66
  ```
57
67
 
58
- The full log should include the lower-level proof:
59
-
60
- - local MCP Postgres example passed;
61
- - local MCP MySQL example passed;
62
- - `ACCEPT semantic tools present`;
63
- - `ACCEPT execute_sql approval and commit tools absent`;
64
- - `ACCEPT proposal created successfully`;
65
- - `ACCEPT source row unchanged after proposal`;
66
- - `ACCEPT approval happened outside MCP`;
67
- - `ACCEPT guarded writeback applied`;
68
- - retry was idempotent;
69
- - `ACCEPT stale-row conflict detected`;
70
- - `ACCEPT replay export contains applied receipt`.
71
-
72
- The first-run script fails if the log appears to contain database URLs,
73
- fixture passwords, or bearer tokens.
68
+ Expected shape:
69
+
70
+ ```text
71
+ Synapsor Runner demo
72
+
73
+ Raw database MCP tools can hand the model SQL and write authority.
74
+ Synapsor Runner exposes semantic capabilities instead:
75
+ billing.inspect_invoice
76
+ billing.propose_late_fee_waiver
77
+
78
+ Demo flow:
79
+ proposal first -> source unchanged -> approval outside MCP -> guarded writeback -> replay
80
+
81
+ Starting disposable Postgres fixture...
82
+ Synapsor Runner demo is ready.
83
+ ```
84
+
85
+ Create the proposal the MCP tool would create:
86
+
87
+ ```bash
88
+ synapsor propose billing.propose_late_fee_waiver --sample
89
+ ```
90
+
91
+ Expected shape:
92
+
93
+ ```text
94
+ Proposal created
95
+ Capability: billing.propose_late_fee_waiver
96
+ Proposal: wrp_...
97
+ Status: review_required
98
+ Source database changed: no
99
+ ```
100
+
101
+ Review and approve outside MCP:
102
+
103
+ ```bash
104
+ synapsor proposals show latest
105
+ synapsor proposals approve latest --yes
106
+ ```
107
+
108
+ Apply through guarded writeback:
109
+
110
+ ```bash
111
+ synapsor apply latest
112
+ ```
113
+
114
+ Expected shape:
115
+
116
+ ```text
117
+ Guarded writeback applied.
118
+ Proposal: wrp_...
119
+ Status: applied
120
+ Rows affected: 1
121
+ Source database mutated: yes
122
+ ```
123
+
124
+ Search by business object:
125
+
126
+ ```bash
127
+ synapsor activity search --object invoice:INV-3001
128
+ ```
129
+
130
+ Expected shape:
131
+
132
+ ```text
133
+ Found local interactions
134
+
135
+ kind: proposal
136
+ capability: billing.propose_late_fee_waiver
137
+ object: invoice:INV-3001
138
+ proposal: wrp_...
139
+ evidence: ev_...
140
+ status: applied
141
+ replay: replay_wrp_...
142
+ ```
143
+
144
+ Export a copy-pasteable review artifact:
145
+
146
+ ```bash
147
+ synapsor replay export --proposal wrp_... --format markdown --output replay.md
148
+ ```
149
+
150
+ The Markdown includes:
151
+
152
+ - what the agent requested;
153
+ - trusted tenant/principal context;
154
+ - captured evidence and query audit;
155
+ - exact proposed diff;
156
+ - approval event;
157
+ - guarded writeback receipt;
158
+ - replay note explaining this is local captured interaction replay, not
159
+ external database time travel.
160
+
161
+ The full demo should show the happy path before the stale-row conflict path.
@@ -1,7 +1,32 @@
1
1
  # First 10 Minutes
2
2
 
3
- This path is for a developer who cloned Synapsor Runner and wants to understand
4
- the product without reading the full docs first.
3
+ This path is for a developer who wants to understand Synapsor Runner without
4
+ reading the full docs first.
5
+
6
+ ## Fastest First Look
7
+
8
+ If you only want the 15-second value proof and have Node >= 22.5.0:
9
+
10
+ ```bash
11
+ npx -y -p @synapsor/runner@alpha synapsor demo --quick
12
+ ```
13
+
14
+ The local-ledger quick fixture requires this checkout or package version
15
+ `0.1.0-alpha.4` or newer. If `npm view @synapsor/runner@alpha version` reports
16
+ an older alpha, run `./bin/synapsor demo --quick` from this checkout until the
17
+ next alpha is published.
18
+
19
+ That command does not require Docker, a database, a config file, an MCP client,
20
+ or a Synapsor Cloud account. It seeds `./.synapsor/quick-demo.db` with a local
21
+ proposal/evidence/replay fixture you can inspect:
22
+
23
+ ```bash
24
+ synapsor activity search --object invoice:INV-3001 --store ./.synapsor/quick-demo.db
25
+ synapsor replay show latest --store ./.synapsor/quick-demo.db
26
+ ```
27
+
28
+ Use the Docker-backed path below when you want the full disposable
29
+ Postgres/MySQL proof with guarded writeback.
5
30
 
6
31
  ## What You Need
7
32
 
@@ -25,6 +25,8 @@ Synapsor Runner is intentionally narrow in the current alpha.
25
25
  - Capability recipes that generate reviewed starter configs.
26
26
  - Shadow-mode proposal-vs-human-action comparison.
27
27
  - Static MCP database risk review.
28
+ - Local indexed search for proposals, evidence bundles, query audit, writeback
29
+ receipts, and proposal replay.
28
30
 
29
31
  ## Runtime Contract
30
32
 
@@ -61,6 +63,24 @@ External Postgres/MySQL databases are not branched or merged by Synapsor Runner.
61
63
 
62
64
  The proposal, evidence, replay, and approval state live in Synapsor Runner locally or in Synapsor Cloud. The external source database changes only when a trusted runner applies an approved writeback job.
63
65
 
66
+ Local replay means replay of records captured by the runner:
67
+
68
+ - trusted context values used by the capability;
69
+ - captured/projected source-row excerpts;
70
+ - query audit fingerprints and redacted parameter metadata;
71
+ - proposal before/proposed diffs;
72
+ - approval/rejection events;
73
+ - guarded writeback jobs;
74
+ - applied/conflict/failed receipts.
75
+
76
+ It does not mean external Postgres/MySQL time travel. Runner cannot reconstruct
77
+ arbitrary historical rows that were never captured as evidence, and it does not
78
+ provide `AS OF` queries over an external source.
79
+
80
+ Local search is single-node SQLite search over the local runner store. It is
81
+ useful for local/dev/staging usage. It is not a hosted central evidence ledger,
82
+ not cross-runner aggregation, not RBAC/SSO, and not compliance retention.
83
+
64
84
  Use this wording:
65
85
 
66
86
  ```text
@@ -23,7 +23,15 @@ Current local-mode foundation:
23
23
 
24
24
  Still pending:
25
25
 
26
- - Public-release hardening around the experimental `node:sqlite` dependency.
26
+ The alpha package requires Node >= 22.5.0 because the local evidence/replay
27
+ ledger uses Node's `node:sqlite` runtime. The published package declares that
28
+ engine requirement and the CLI exits early with a clear message on older Node
29
+ versions. The Docker-backed demo remains the recommended path when you do not
30
+ want to change your host Node version.
31
+
32
+ Commands in this page that use local ledger search/export or `synapsor store`
33
+ require this checkout or package version `0.1.0-alpha.4` or newer while npm
34
+ `@alpha` still points to an older alpha.
27
35
 
28
36
  ## Initialize a config
29
37
 
@@ -164,6 +172,9 @@ Show replay:
164
172
 
165
173
  ```bash
166
174
  npx -y -p @synapsor/runner@alpha synapsor replay show wrp_123 --store ./.synapsor/local.db
175
+ npx -y -p @synapsor/runner@alpha synapsor replay show --proposal wrp_123 --store ./.synapsor/local.db
176
+ npx -y -p @synapsor/runner@alpha synapsor replay show --replay replay_wrp_123 --store ./.synapsor/local.db
177
+ npx -y -p @synapsor/runner@alpha synapsor replay show --evidence ev_123 --store ./.synapsor/local.db
167
178
  ```
168
179
 
169
180
  Export replay:
@@ -172,10 +183,62 @@ Export replay:
172
183
  npx -y -p @synapsor/runner@alpha synapsor replay export wrp_123 \
173
184
  --store ./.synapsor/local.db \
174
185
  --output replay.json
186
+
187
+ npx -y -p @synapsor/runner@alpha synapsor replay export --proposal wrp_123 \
188
+ --format markdown \
189
+ --store ./.synapsor/local.db \
190
+ --output replay.md
175
191
  ```
176
192
 
177
193
  Replay records include proposal metadata, before/after diff, events, writeback receipts, evidence summaries, and query audit rows currently stored for the proposal.
178
194
 
195
+ ## Local evidence, query audit, and receipts
196
+
197
+ The local SQLite store is also searchable without relying on `latest`:
198
+
199
+ ```bash
200
+ synapsor activity search \
201
+ --tenant acme \
202
+ --object invoice:INV-3001 \
203
+ --store ./.synapsor/local.db
204
+
205
+ synapsor evidence list \
206
+ --tenant acme \
207
+ --capability billing.inspect_invoice \
208
+ --source app_postgres \
209
+ --table invoices \
210
+ --store ./.synapsor/local.db
211
+
212
+ synapsor evidence show ev_123 --store ./.synapsor/local.db
213
+ synapsor query-audit list --evidence ev_123 --store ./.synapsor/local.db
214
+ synapsor receipts list --proposal wrp_123 --store ./.synapsor/local.db
215
+ synapsor receipts show <receipt_id> --store ./.synapsor/local.db
216
+ ```
217
+
218
+ Read-only MCP tools record evidence bundles and query-audit rows and return an
219
+ evidence handle. Use `evidence show`, `evidence list`, and `query-audit list`
220
+ to inspect those captured rows and fingerprints later without rerunning the
221
+ external database read.
222
+
223
+ This is local indexed search over the runner's SQLite ledger. It is not
224
+ external Postgres/MySQL time travel, not native branching, and not a hosted
225
+ cross-runner audit ledger.
226
+
227
+ ## Local store maintenance
228
+
229
+ The local ledger is a developer/staging SQLite file. You can inspect, compact,
230
+ or prune it without touching your source Postgres/MySQL database:
231
+
232
+ ```bash
233
+ synapsor store stats --store ./.synapsor/local.db
234
+ synapsor store vacuum --store ./.synapsor/local.db
235
+ synapsor store prune --store ./.synapsor/local.db --older-than 30d --dry-run
236
+ synapsor store prune --store ./.synapsor/local.db --older-than 30d --yes
237
+ ```
238
+
239
+ `store prune` defaults to dry-run. Use `--yes` only after reviewing the row
240
+ counts it will remove.
241
+
179
242
  ## Boundary
180
243
 
181
244
  Local mode does not expose `approve_proposal` or `commit_proposal` as model-callable MCP tools. The intended flow is:
@@ -184,7 +247,7 @@ Local mode does not expose `approve_proposal` or `commit_proposal` as model-call
184
247
  MCP tool call
185
248
  -> reviewed semantic proposal
186
249
  -> local store
187
- -> human/policy approval outside the model
250
+ -> human/operator approval outside the model
188
251
  -> guarded worker writeback
189
252
  -> terminal receipt
190
253
  -> replay
package/docs/mcp-audit.md CHANGED
@@ -26,6 +26,10 @@ Built-in database MCP risk example:
26
26
  npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp
27
27
  ```
28
28
 
29
+ Markdown output requires this checkout or package version `0.1.0-alpha.4` or
30
+ newer. Check `npm view @synapsor/runner@alpha version` before promoting npm
31
+ snippets publicly.
32
+
29
33
  This bundled example does not require a source checkout or local examples file.
30
34
  It audits a deliberately risky database MCP shape with `execute_sql`,
31
35
  `run_query`, model-callable approval/update/delete tools, arbitrary
@@ -41,13 +45,13 @@ Remote `tools/list` endpoint with a bearer token kept in the environment:
41
45
 
42
46
  ```bash
43
47
  SYNAPSOR_MCP_AUDIT_BEARER="..." \
44
- npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --json
48
+ npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --format json
45
49
  ```
46
50
 
47
51
  Remote endpoint with a custom bearer-token environment variable:
48
52
 
49
53
  ```bash
50
- npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --json
54
+ npx -y -p @synapsor/runner@alpha synapsor audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
51
55
  ```
52
56
 
53
57
  Stdio MCP server:
@@ -59,14 +63,20 @@ npx -y -p @synapsor/runner@alpha synapsor audit 'stdio:node ./server.mjs' --time
59
63
  JSON output:
60
64
 
61
65
  ```bash
62
- npx -y -p @synapsor/runner@alpha synapsor audit ./tools-list.json --json
66
+ npx -y -p @synapsor/runner@alpha synapsor audit ./tools-list.json --format json
67
+ ```
68
+
69
+ Markdown output for issues, PRs, or security review notes:
70
+
71
+ ```bash
72
+ npx -y -p @synapsor/runner@alpha synapsor audit --example dangerous-db-mcp --format markdown
63
73
  ```
64
74
 
65
75
  During local development, the repo-local wrapper can run the same command:
66
76
 
67
77
  ```bash
68
78
  ./bin/synapsor audit ./tools-list.json
69
- ./bin/synapsor audit ./tools-list.json --json
79
+ ./bin/synapsor audit ./tools-list.json --format json
70
80
  ```
71
81
 
72
82
  ## Supported inputs