@vectros-ai/blueprints 0.6.2 → 0.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +47 -0
- package/README.md +10 -0
- package/dist/index.js +88 -21
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +88 -21
- package/dist/index.mjs.map +1 -1
- package/guides/agentic-sdlc.md +117 -3
- package/package.json +1 -1
- package/prompts/agentic-sdlc-agent.md +85 -10
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,53 @@
|
|
|
3
3
|
All notable changes to `@vectros-ai/blueprints` are documented here.
|
|
4
4
|
This project adheres to [Semantic Versioning](https://semver.org).
|
|
5
5
|
|
|
6
|
+
## 0.6.4 — 2026-07-03
|
|
7
|
+
|
|
8
|
+
### Added
|
|
9
|
+
|
|
10
|
+
- **`agentic-sdlc` `editor` role now carries full data-plane delete** (blueprint `1.1.0 → 1.2.0`).
|
|
11
|
+
The human owner's `editor` role gains `records:d` / `documents:d` / `folders:d` on top of the
|
|
12
|
+
shared data-plane actions — so a person granted `editor` can hard-delete data-plane content
|
|
13
|
+
(curation cleanup), while the agent's service key stays delete-free and curates by soft-retract
|
|
14
|
+
(archive) instead. Deleting only *your own* data via a scoped credential is a separate, later
|
|
15
|
+
capability; today `editor` is context-wide.
|
|
16
|
+
- **Guide + agent prompt now include KB query-mechanics guidance.** Reach for `record_query`
|
|
17
|
+
before `hybrid_search` for an enumerable ask (exact + compact); query compactly by default
|
|
18
|
+
(`limit: 3` + `uniqueDocuments: true`, since hits carry passages); how to scope by type per
|
|
19
|
+
tool (`hybrid_search` uses `typeName`, which narrows documents and records alike;
|
|
20
|
+
`record_query` uses `type`); and the `textMode: PHRASE` keyword-leg trap on long natural-language queries
|
|
21
|
+
(a `textScore` of 0 on every hit means the keyword leg contributed nothing — use a short
|
|
22
|
+
phrase or `textMode: "OR"`).
|
|
23
|
+
- **`agentic-sdlc` records now carry a `sourceRef` field** (blueprint `1.0.0 → 1.1.0`).
|
|
24
|
+
The four record types (`control`, `convention`, `gotcha`, `term`) gain a `sourceRef` string —
|
|
25
|
+
the repo path of the source file each record was distilled from — as an equality
|
|
26
|
+
lookup. It is the record analog of the provenance a document keeps: because many
|
|
27
|
+
records are extracted from one file, a record can't embed an in-file back-reference,
|
|
28
|
+
so it names its source instead. A change to a source file then finds exactly its
|
|
29
|
+
records (`record_query` by `sourceRef`) to re-extract, keeping the knowledge base in
|
|
30
|
+
sync with the repository without a separate index to maintain. Additive and
|
|
31
|
+
backward-compatible; existing records simply have no `sourceRef` until re-extracted.
|
|
32
|
+
- **Guide + agent prompt now document the repo↔KB sync pattern in full** — the two
|
|
33
|
+
self-describing markers (`vectros-kb-id` for a file that *is* a KB document,
|
|
34
|
+
`vectros-kb-records` for a file that *feeds* records) plus `sourceRef`, so a consumer
|
|
35
|
+
can keep a mirrored repo and its KB in sync with no side index.
|
|
36
|
+
|
|
37
|
+
## 0.6.3 — 2026-07-01
|
|
38
|
+
|
|
39
|
+
### Added
|
|
40
|
+
|
|
41
|
+
- **`agentic-sdlc` now declares an `editor` role for the human owner.** `bootstrap`
|
|
42
|
+
provisions a scoped key for your *agent*, but doesn't join *you* — so a blueprint's
|
|
43
|
+
context doesn't appear in the data-plane app until your own user is granted access
|
|
44
|
+
there. The blueprint now ships a reusable `editor` role at **parity with the service
|
|
45
|
+
key** (`records:r/c/u`, `search:r`, `schemas:r`, `inference:r`, `documents:r/c`,
|
|
46
|
+
`folders:r/c`; no delete, no control-plane), which `bootstrap` creates in the context.
|
|
47
|
+
Bind it to your user once to browse and curate the KB in the app:
|
|
48
|
+
`vectros access grant --principal usr_<your-user-id> --context agentic-sdlc --role editor`
|
|
49
|
+
(or via the admin app's Access → Contexts → Profiles). The guide and walkthrough
|
|
50
|
+
document the one-time join, and the package README now documents the top-level
|
|
51
|
+
`roles` format field (previously undocumented — no bundled blueprint used it).
|
|
52
|
+
|
|
6
53
|
## 0.6.2 — 2026-06-29
|
|
7
54
|
|
|
8
55
|
### Changed
|
package/README.md
CHANGED
|
@@ -115,6 +115,16 @@ The `accessProfile.dataScope` value lists accept a **`null` sentinel** — e.g.
|
|
|
115
115
|
(owner-less / shared) records. Omitting `null` restricts the key to the listed
|
|
116
116
|
owners only.
|
|
117
117
|
|
|
118
|
+
A blueprint may also declare top-level **`roles`** — a map of `roleId` → ordered
|
|
119
|
+
scope clauses (each an `allowedActions` list with an optional `dataScope`). Unlike
|
|
120
|
+
`accessProfile` (which scopes the service-principal key `bootstrap` mints), roles
|
|
121
|
+
are reusable, identity-agnostic rules you bind to a principal *after* bootstrap with
|
|
122
|
+
`vectros access grant --principal <p> --role <roleId>`. `bootstrap` provisions the
|
|
123
|
+
declared roles in the context but binds them to no one. The bundled `agentic-sdlc`
|
|
124
|
+
ships an `editor` role for this — join your own user to the context so you can
|
|
125
|
+
browse and curate the knowledge base in the app. Role clauses pass the same
|
|
126
|
+
data-plane scope gate as `accessProfile`.
|
|
127
|
+
|
|
118
128
|
All of the above are **optional and backward-compatible** — a blueprint that
|
|
119
129
|
omits them parses and provisions exactly as before.
|
|
120
130
|
|
package/dist/index.js
CHANGED
|
@@ -1065,9 +1065,22 @@ var codingAgentMemory = {
|
|
|
1065
1065
|
var coding_agent_memory_default = codingAgentMemory;
|
|
1066
1066
|
|
|
1067
1067
|
// src/blueprints/agentic-sdlc.ts
|
|
1068
|
+
var DATA_PLANE_ACTIONS = [
|
|
1069
|
+
"records:r",
|
|
1070
|
+
"records:c",
|
|
1071
|
+
"records:u",
|
|
1072
|
+
"search:r",
|
|
1073
|
+
"schemas:r",
|
|
1074
|
+
"inference:r",
|
|
1075
|
+
"documents:r",
|
|
1076
|
+
"documents:c",
|
|
1077
|
+
"folders:r",
|
|
1078
|
+
"folders:c"
|
|
1079
|
+
];
|
|
1080
|
+
var EDITOR_ACTIONS = [...DATA_PLANE_ACTIONS, "records:d", "documents:d", "folders:d"];
|
|
1068
1081
|
var agenticSdlc = {
|
|
1069
1082
|
name: "agentic-sdlc",
|
|
1070
|
-
version: "1.
|
|
1083
|
+
version: "1.2.0",
|
|
1071
1084
|
description: "A whole-SDLC system of record for an AI development team \u2014 decisions, designs, references, runbooks, post-mortems (as documents) plus controls, conventions, gotchas, and a glossary (as records), cross-linked and recalled by meaning.",
|
|
1072
1085
|
contextId: "agentic-sdlc",
|
|
1073
1086
|
contextName: "Agentic SDLC Knowledge Base",
|
|
@@ -1502,6 +1515,19 @@ var agenticSdlc = {
|
|
|
1502
1515
|
fieldType: "date",
|
|
1503
1516
|
description: "ISO-8601 last-reviewed date. Range-queryable.",
|
|
1504
1517
|
renderHints: { label: "Reviewed on", widget: "date", order: 12 }
|
|
1518
|
+
},
|
|
1519
|
+
{
|
|
1520
|
+
// Provenance for sync: the source file this record was distilled from. A
|
|
1521
|
+
// record can't carry an in-file marker the way a document can (many records
|
|
1522
|
+
// come from one file), so it names its source instead — a change to that file
|
|
1523
|
+
// finds (equality lookup) and re-extracts exactly its records. Equality, not
|
|
1524
|
+
// range: file-level is the sync unit (re-extraction reprocesses the whole file),
|
|
1525
|
+
// and the schema keeps its single range lookup for the date row.
|
|
1526
|
+
fieldId: "sourceRef",
|
|
1527
|
+
fieldType: "string",
|
|
1528
|
+
filterable: true,
|
|
1529
|
+
description: "The source file (repo path) this record was extracted from \u2014 its provenance; a change to that file re-extracts its records. The specific section is encoded in the record externalId.",
|
|
1530
|
+
renderHints: { label: "Source ref", widget: "text", order: 13 }
|
|
1505
1531
|
}
|
|
1506
1532
|
],
|
|
1507
1533
|
lookupFields: [
|
|
@@ -1511,7 +1537,8 @@ var agenticSdlc = {
|
|
|
1511
1537
|
"area",
|
|
1512
1538
|
"verifiedBy",
|
|
1513
1539
|
"relatedDecision",
|
|
1514
|
-
{ fieldName: "reviewedOn", rangeEnabled: true }
|
|
1540
|
+
{ fieldName: "reviewedOn", rangeEnabled: true },
|
|
1541
|
+
"sourceRef"
|
|
1515
1542
|
]
|
|
1516
1543
|
},
|
|
1517
1544
|
{
|
|
@@ -1588,9 +1615,23 @@ var agenticSdlc = {
|
|
|
1588
1615
|
fieldType: "date",
|
|
1589
1616
|
description: "ISO-8601 \u2014 when last revised. Range-queryable.",
|
|
1590
1617
|
renderHints: { label: "Updated on", widget: "date", order: 9 }
|
|
1618
|
+
},
|
|
1619
|
+
{
|
|
1620
|
+
// Provenance for sync — see the note on `control.sourceRef`.
|
|
1621
|
+
fieldId: "sourceRef",
|
|
1622
|
+
fieldType: "string",
|
|
1623
|
+
filterable: true,
|
|
1624
|
+
description: "The source file (repo path) this record was extracted from \u2014 its provenance; a change to that file re-extracts its records. The specific section is encoded in the record externalId.",
|
|
1625
|
+
renderHints: { label: "Source ref", widget: "text", order: 10 }
|
|
1591
1626
|
}
|
|
1592
1627
|
],
|
|
1593
|
-
lookupFields: [
|
|
1628
|
+
lookupFields: [
|
|
1629
|
+
"area",
|
|
1630
|
+
"status",
|
|
1631
|
+
"establishedBy",
|
|
1632
|
+
{ fieldName: "updatedOn", rangeEnabled: true },
|
|
1633
|
+
"sourceRef"
|
|
1634
|
+
]
|
|
1594
1635
|
},
|
|
1595
1636
|
{
|
|
1596
1637
|
// A GOTCHA / sharp edge: a symptom, its cause, and the fix. A tight typed
|
|
@@ -1644,9 +1685,22 @@ var agenticSdlc = {
|
|
|
1644
1685
|
fieldType: "date",
|
|
1645
1686
|
description: "ISO-8601 \u2014 when first hit. Range-queryable.",
|
|
1646
1687
|
renderHints: { label: "Discovered on", widget: "date", order: 7 }
|
|
1688
|
+
},
|
|
1689
|
+
{
|
|
1690
|
+
// Provenance for sync — see the note on `control.sourceRef`.
|
|
1691
|
+
fieldId: "sourceRef",
|
|
1692
|
+
fieldType: "string",
|
|
1693
|
+
filterable: true,
|
|
1694
|
+
description: "The source file (repo path) this record was extracted from \u2014 its provenance; a change to that file re-extracts its records. The specific section is encoded in the record externalId.",
|
|
1695
|
+
renderHints: { label: "Source ref", widget: "text", order: 8 }
|
|
1647
1696
|
}
|
|
1648
1697
|
],
|
|
1649
|
-
lookupFields: [
|
|
1698
|
+
lookupFields: [
|
|
1699
|
+
"area",
|
|
1700
|
+
"status",
|
|
1701
|
+
{ fieldName: "discoveredOn", rangeEnabled: true },
|
|
1702
|
+
"sourceRef"
|
|
1703
|
+
]
|
|
1650
1704
|
},
|
|
1651
1705
|
{
|
|
1652
1706
|
// A glossary TERM — a definition keyed by the term itself. Structure-dominant:
|
|
@@ -1706,6 +1760,14 @@ var agenticSdlc = {
|
|
|
1706
1760
|
fieldType: "date",
|
|
1707
1761
|
description: "ISO-8601 \u2014 when last revised. Range-queryable.",
|
|
1708
1762
|
renderHints: { label: "Updated on", widget: "date", order: 7 }
|
|
1763
|
+
},
|
|
1764
|
+
{
|
|
1765
|
+
// Provenance for sync — see the note on `control.sourceRef`.
|
|
1766
|
+
fieldId: "sourceRef",
|
|
1767
|
+
fieldType: "string",
|
|
1768
|
+
filterable: true,
|
|
1769
|
+
description: "The source file (repo path) this record was extracted from \u2014 its provenance; a change to that file re-extracts its records. The specific section is encoded in the record externalId.",
|
|
1770
|
+
renderHints: { label: "Source ref", widget: "text", order: 8 }
|
|
1709
1771
|
}
|
|
1710
1772
|
],
|
|
1711
1773
|
// `term` is a UNIQUE equality lookup — exact "define X" + a one-per-term
|
|
@@ -1714,27 +1776,32 @@ var agenticSdlc = {
|
|
|
1714
1776
|
{ fieldName: "term", unique: true },
|
|
1715
1777
|
"area",
|
|
1716
1778
|
"relatedDecision",
|
|
1717
|
-
{ fieldName: "updatedOn", rangeEnabled: true }
|
|
1779
|
+
{ fieldName: "updatedOn", rangeEnabled: true },
|
|
1780
|
+
"sourceRef"
|
|
1718
1781
|
]
|
|
1719
1782
|
}
|
|
1720
1783
|
],
|
|
1721
|
-
// Least-privilege, data-plane only.
|
|
1722
|
-
//
|
|
1723
|
-
//
|
|
1724
|
-
// via a status flip, so the trail of how the team's thinking evolved stays intact.
|
|
1784
|
+
// Least-privilege, data-plane only. The scope of the `ssk_*` key the bootstrap
|
|
1785
|
+
// mints for THIS blueprint's service principal (the MCP/API runtime). See
|
|
1786
|
+
// DATA_PLANE_ACTIONS above for the action set + rationale.
|
|
1725
1787
|
accessProfile: {
|
|
1726
|
-
allowedActions:
|
|
1727
|
-
|
|
1728
|
-
|
|
1729
|
-
|
|
1730
|
-
|
|
1731
|
-
|
|
1732
|
-
|
|
1733
|
-
|
|
1734
|
-
|
|
1735
|
-
|
|
1736
|
-
|
|
1737
|
-
|
|
1788
|
+
allowedActions: DATA_PLANE_ACTIONS
|
|
1789
|
+
},
|
|
1790
|
+
// A reusable `editor` role for the HUMAN owner — DISTINCT from `accessProfile`
|
|
1791
|
+
// (which scopes only the service-principal key). `bootstrap` provisions this
|
|
1792
|
+
// role in the context but binds it to no one; the owner joins themselves so the
|
|
1793
|
+
// data-plane app (app.vectros.ai) shows their KB — its switcher lists only
|
|
1794
|
+
// contexts the signed-in user holds an active access profile in, and bootstrap
|
|
1795
|
+
// grants the human none by default. Bind it after bootstrap with:
|
|
1796
|
+
// vectros access grant --principal usr_<your-user-id> --context agentic-sdlc --role editor
|
|
1797
|
+
// (or the admin app's Access > Contexts > agentic-sdlc > Profiles > Create).
|
|
1798
|
+
// The editor gets the full data plane so a human curator can browse, write/correct,
|
|
1799
|
+
// AND hard-delete the KB (EDITOR_ACTIONS = the service key's set + delete). The
|
|
1800
|
+
// service key deliberately lacks delete and archives instead; the trusted human
|
|
1801
|
+
// owner may permanently remove genuine strays. Still no control-plane action, so
|
|
1802
|
+
// the scope gate accepts it as a data-plane-only role.
|
|
1803
|
+
roles: {
|
|
1804
|
+
editor: [{ allowedActions: EDITOR_ACTIONS }]
|
|
1738
1805
|
},
|
|
1739
1806
|
servicePrincipal: {
|
|
1740
1807
|
externalId: "agentic-sdlc",
|