@workflow-cannon/workspace-kit 0.7.0 → 0.8.0

package/README.md

@@ -62,7 +62,7 @@ This keeps automation adaptive without sacrificing safety, governance, or develo
 ## Current Status
 
 - **Phase 0** and **Phase 1** (task engine, `v0.3.0`) are complete.
-- **Phase 2** (layered config, policy gates, cutover docs, `v0.4.0`) is complete in-repo; see `docs/maintainers/TASKS.md` and `docs/maintainers/ROADMAP.md`.
+- **Phase 2** (layered config, policy gates, cutover docs, `v0.4.0`) is complete in-repo; see `.workspace-kit/tasks/state.json` and `docs/maintainers/ROADMAP.md`.
 - **Phase 2b** (policy + config UX, `v0.4.1`) and **Phase 3** (enhancement loop MVP, `v0.5.0`) are complete in-repo: evidence-driven **improvement** tasks, **`approvals`** (`review-item`), heuristic confidence, and append-only lineage.
 - **Phase 4** (`v0.6.0`) is complete in-repo: compatibility matrix/gates, diagnostics/SLO baseline evidence, release-channel mapping, and planning-doc consistency checks.
 
@@ -87,7 +87,7 @@ npm install @workflow-cannon/workspace-kit
 - `README.md` - project entry point
 - `.ai/PRINCIPLES.md` - project goals and decision principles (canonical AI)
 - `docs/maintainers/ROADMAP.md` - roadmap and decision log
-- `docs/maintainers/TASKS.md` - execution tracking
+- `.workspace-kit/tasks/state.json` - execution tracking
 - `docs/maintainers/ARCHITECTURE.md` - architecture direction
 - `docs/maintainers/DECISIONS.md` - focused design/decision notes
 - `docs/maintainers/RELEASING.md` - release checklist and validation expectations
@@ -100,7 +100,7 @@ npm install @workflow-cannon/workspace-kit
 
 - Project goals and decision principles: `.ai/PRINCIPLES.md`
 - Strategy and long-range direction: `docs/maintainers/ROADMAP.md`
-- Active execution tasks: `docs/maintainers/TASKS.md`
+- Active execution tasks: `.workspace-kit/tasks/state.json`
 - Glossary and agent-guidance terms: `docs/maintainers/TERMS.md`
 - Architecture direction: `docs/maintainers/ARCHITECTURE.md`
 - Project decisions: `docs/maintainers/DECISIONS.md`

package/dist/cli.js

@@ -5,6 +5,8 @@ import { pathToFileURL } from "node:url";
 import { ModuleRegistry } from "./core/module-registry.js";
 import { ModuleCommandRouter } from "./core/module-command-router.js";
 import { appendPolicyTrace, isSensitiveModuleCommandForEffective, parsePolicyApproval, parsePolicyApprovalFromEnv, resolveActor, resolvePolicyOperationIdForCommand } from "./core/policy.js";
+import { getSessionGrant, recordSessionGrant, resolveSessionId } from "./core/session-policy.js";
+import { applyResponseTemplateApplication } from "./core/response-template-shaping.js";
 import { runWorkspaceConfigCli } from "./core/config-cli.js";
 import { resolveWorkspaceConfigWithLayers } from "./core/workspace-kit-config.js";
 import { documentationModule } from "./modules/documentation/index.js";
@@ -639,14 +641,22 @@ export async function runCli(args, options = {}) {
         }
         const actor = resolveActor(cwd, commandArgs, process.env);
         const sensitive = isSensitiveModuleCommandForEffective(subcommand, commandArgs, effective);
+        const sessionId = resolveSessionId(process.env);
+        const policyOp = resolvePolicyOperationIdForCommand(subcommand, effective);
+        const explicitPolicyApproval = parsePolicyApproval(commandArgs);
+        let resolvedSensitiveApproval = explicitPolicyApproval;
         if (sensitive) {
-            const approval = parsePolicyApproval(commandArgs);
-            if (!approval) {
-                const op = resolvePolicyOperationIdForCommand(subcommand, effective);
-                if (op) {
+            if (!resolvedSensitiveApproval && policyOp) {
+                const grant = await getSessionGrant(cwd, policyOp, sessionId);
+                if (grant) {
+                    resolvedSensitiveApproval = { confirmed: true, rationale: grant.rationale };
+                }
+            }
+            if (!resolvedSensitiveApproval) {
+                if (policyOp) {
                     await appendPolicyTrace(cwd, {
                         timestamp: new Date().toISOString(),
-                        operationId: op,
+                        operationId: policyOp,
                         command: `run ${subcommand}`,
                         actor,
                         allowed: false,
@@ -656,7 +666,7 @@ export async function runCli(args, options = {}) {
                 writeLine(JSON.stringify({
                     ok: false,
                     code: "policy-denied",
-                    message: 'Sensitive command requires policyApproval in JSON args: {"policyApproval":{"confirmed":true,"rationale":"user approved in chat"}}'
+                    message: 'Sensitive command requires policyApproval in JSON args (or an existing session grant for this operation): {"policyApproval":{"confirmed":true,"rationale":"why","scope":"session"}}'
                 }, null, 2));
                 return EXIT_VALIDATION_FAILURE;
             }
@@ -669,23 +679,23 @@ export async function runCli(args, options = {}) {
             moduleRegistry: registry
         };
         try {
-            const result = await router.execute(subcommand, commandArgs, ctx);
-            if (sensitive) {
-                const approval = parsePolicyApproval(commandArgs);
-                const op = resolvePolicyOperationIdForCommand(subcommand, effective);
-                if (approval && op) {
-                    await appendPolicyTrace(cwd, {
-                        timestamp: new Date().toISOString(),
-                        operationId: op,
-                        command: `run ${subcommand}`,
-                        actor,
-                        allowed: true,
-                        rationale: approval.rationale,
-                        commandOk: result.ok,
-                        message: result.message
-                    });
+            const rawResult = await router.execute(subcommand, commandArgs, ctx);
+            if (sensitive && resolvedSensitiveApproval && policyOp) {
+                await appendPolicyTrace(cwd, {
+                    timestamp: new Date().toISOString(),
+                    operationId: policyOp,
+                    command: `run ${subcommand}`,
+                    actor,
+                    allowed: true,
+                    rationale: resolvedSensitiveApproval.rationale,
+                    commandOk: rawResult.ok,
+                    message: rawResult.message
+                });
+                if (explicitPolicyApproval?.scope === "session" && rawResult.ok) {
+                    await recordSessionGrant(cwd, policyOp, sessionId, explicitPolicyApproval.rationale);
                 }
             }
+            const result = applyResponseTemplateApplication(subcommand, commandArgs, rawResult, effective);
             writeLine(JSON.stringify(result, null, 2));
             return result.ok ? EXIT_SUCCESS : EXIT_VALIDATION_FAILURE;
         }

package/dist/contracts/index.d.ts

@@ -1 +1 @@
-export type { ConfigRegistryView, ModuleCommand, ModuleCommandResult, ModuleCapability, ModuleDocumentContract, ModuleEvent, ModuleInstructionContract, ModuleInstructionEntry, ModuleLifecycleContext, ModuleRegistration, WorkflowModule } from "./module-contract.js";
+export type { ConfigRegistryView, ResponseTemplateApplicationMeta, ModuleCommand, ModuleCommandResult, ModuleCapability, ModuleDocumentContract, ModuleEvent, ModuleInstructionContract, ModuleInstructionEntry, ModuleLifecycleContext, ModuleRegistration, WorkflowModule } from "./module-contract.js";

package/dist/contracts/module-contract.d.ts

@@ -30,11 +30,24 @@ export type ModuleCommand = {
     name: string;
     args?: Record<string, unknown>;
 };
+/** Structured response-template application record (Phase 6b); mirrored in core for shaping. */
+export type ResponseTemplateApplicationMeta = {
+    requestedTemplateId: string | null;
+    appliedTemplateId: string | null;
+    enforcementMode: "advisory" | "strict";
+    warnings: string[];
+    telemetry?: {
+        resolveNs: number;
+        warningCount: number;
+    };
+};
 export type ModuleCommandResult = {
     ok: boolean;
     code: string;
     message?: string;
     data?: Record<string, unknown>;
+    /** Advisory response-template shaping metadata; always present for `workspace-kit run` JSON output when enabled. */
+    responseTemplate?: ResponseTemplateApplicationMeta;
 };
 /** Subset of module registry used for config layer ordering (avoids core↔contracts cycles). */
 export type ConfigRegistryView = {

package/dist/core/config-metadata.js

@@ -80,6 +80,125 @@ const REGISTRY = {
         requiresApproval: false,
         exposure: "maintainer",
         writableLayers: ["project", "user"]
+    },
+    "improvement.cadence.maxRecommendationCandidatesPerRun": {
+        key: "improvement.cadence.maxRecommendationCandidatesPerRun",
+        type: "number",
+        description: "Upper bound on new improvement tasks created per generate-recommendations run (safety cap; direct runs still respect dedupe).",
+        default: 500,
+        domainScope: "project",
+        owningModule: "improvement",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "improvement.transcripts.maxFilesPerSync": {
+        key: "improvement.transcripts.maxFilesPerSync",
+        type: "number",
+        description: "Maximum JSONL transcript files processed per sync (deterministic order).",
+        default: 5000,
+        domainScope: "project",
+        owningModule: "improvement",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "improvement.transcripts.maxBytesPerFile": {
+        key: "improvement.transcripts.maxBytesPerFile",
+        type: "number",
+        description: "Skip transcript files larger than this many bytes during sync.",
+        default: 50_000_000,
+        domainScope: "project",
+        owningModule: "improvement",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "improvement.transcripts.maxTotalScanBytes": {
+        key: "improvement.transcripts.maxTotalScanBytes",
+        type: "number",
+        description: "Approximate cap on total bytes read for hashing during one sync.",
+        default: 500_000_000,
+        domainScope: "project",
+        owningModule: "improvement",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "improvement.transcripts.discoveryPaths": {
+        key: "improvement.transcripts.discoveryPaths",
+        type: "array",
+        description: "Ordered relative paths tried when improvement.transcripts.sourcePath is unset (first existing wins).",
+        default: [],
+        domainScope: "project",
+        owningModule: "improvement",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "improvement.hooks.afterTaskCompleted": {
+        key: "improvement.hooks.afterTaskCompleted",
+        type: "string",
+        description: "Optional background transcript sync after task-engine transition to completed: off (default), sync, or ingest (ingest requires WORKSPACE_KIT_POLICY_APPROVAL in env).",
+        default: "off",
+        allowedValues: ["off", "sync", "ingest"],
+        domainScope: "project",
+        owningModule: "improvement",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "responseTemplates.enforcementMode": {
+        key: "responseTemplates.enforcementMode",
+        type: "string",
+        description: "Whether unknown/mismatched response templates fail commands (`strict`) or only emit warnings (`advisory`).",
+        default: "advisory",
+        allowedValues: ["advisory", "strict"],
+        domainScope: "project",
+        owningModule: "workspace-kit",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "responseTemplates.defaultTemplateId": {
+        key: "responseTemplates.defaultTemplateId",
+        type: "string",
+        description: "Builtin response template id applied when a run does not specify one.",
+        default: "default",
+        domainScope: "project",
+        owningModule: "workspace-kit",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
+    },
+    "responseTemplates.commandOverrides": {
+        key: "responseTemplates.commandOverrides",
+        type: "object",
+        description: "Map of module command name to builtin response template id.",
+        default: {},
+        domainScope: "project",
+        owningModule: "workspace-kit",
+        sensitive: false,
+        requiresRestart: false,
+        requiresApproval: false,
+        exposure: "maintainer",
+        writableLayers: ["project", "user"]
     }
 };
 export function getConfigKeyMetadata(key) {
@@ -120,6 +239,13 @@ export function validateValueForMetadata(meta, value) {
                 }
             }
         }
+        if (meta.key === "improvement.transcripts.discoveryPaths") {
+            for (const item of value) {
+                if (typeof item !== "string" || item.trim().length === 0) {
+                    throw new Error(`config-type-error(${meta.key}): array entries must be non-empty strings`);
+                }
+            }
+        }
         return;
     }
     if (meta.type === "string" && typeof value !== "string") {
@@ -135,6 +261,16 @@ export function validateValueForMetadata(meta, value) {
         if (value === null || typeof value !== "object" || Array.isArray(value)) {
             throw typeError(meta.key, "object", value);
         }
+        if (meta.key === "responseTemplates.commandOverrides") {
+            for (const [k, v] of Object.entries(value)) {
+                if (typeof k !== "string" || !k.trim()) {
+                    throw new Error(`config-type-error(${meta.key}): keys must be non-empty strings`);
+                }
+                if (typeof v !== "string" || !v.trim()) {
+                    throw new Error(`config-type-error(${meta.key}): values must be non-empty strings`);
+                }
+            }
+        }
     }
     if (meta.allowedValues && meta.allowedValues.length > 0) {
         if (!meta.allowedValues.some((v) => deepEqualLoose(v, value))) {
@@ -161,6 +297,7 @@ export function validatePersistedConfigDocument(data, label) {
         "documentation",
         "policy",
         "improvement",
+        "responseTemplates",
         "modules"
     ]);
     for (const k of Object.keys(data)) {
@@ -223,7 +360,7 @@ export function validatePersistedConfigDocument(data, label) {
         }
         const imp = improvement;
         for (const k of Object.keys(imp)) {
-            if (k !== "transcripts" && k !== "cadence") {
+            if (k !== "transcripts" && k !== "cadence" && k !== "hooks") {
                 throw new Error(`config-invalid(${label}): unknown improvement.${k}`);
             }
         }
@@ -235,7 +372,12 @@ export function validatePersistedConfigDocument(data, label) {
             }
             const tr = imp.transcripts;
             for (const k of Object.keys(tr)) {
-                if (k !== "sourcePath" && k !== "archivePath") {
+                if (k !== "sourcePath" &&
+                    k !== "archivePath" &&
+                    k !== "maxFilesPerSync" &&
+                    k !== "maxBytesPerFile" &&
+                    k !== "maxTotalScanBytes" &&
+                    k !== "discoveryPaths") {
                     throw new Error(`config-invalid(${label}): unknown improvement.transcripts.${k}`);
                 }
             }
@@ -245,6 +387,18 @@ export function validatePersistedConfigDocument(data, label) {
             if (tr.archivePath !== undefined) {
                 validateValueForMetadata(REGISTRY["improvement.transcripts.archivePath"], tr.archivePath);
             }
+            if (tr.maxFilesPerSync !== undefined) {
+                validateValueForMetadata(REGISTRY["improvement.transcripts.maxFilesPerSync"], tr.maxFilesPerSync);
+            }
+            if (tr.maxBytesPerFile !== undefined) {
+                validateValueForMetadata(REGISTRY["improvement.transcripts.maxBytesPerFile"], tr.maxBytesPerFile);
+            }
+            if (tr.maxTotalScanBytes !== undefined) {
+                validateValueForMetadata(REGISTRY["improvement.transcripts.maxTotalScanBytes"], tr.maxTotalScanBytes);
+            }
+            if (tr.discoveryPaths !== undefined) {
+                validateValueForMetadata(REGISTRY["improvement.transcripts.discoveryPaths"], tr.discoveryPaths);
+            }
         }
         if (imp.cadence !== undefined) {
             if (typeof imp.cadence !== "object" || imp.cadence === null || Array.isArray(imp.cadence)) {
@@ -252,7 +406,7 @@ export function validatePersistedConfigDocument(data, label) {
             }
             const cd = imp.cadence;
             for (const k of Object.keys(cd)) {
-                if (k !== "minIntervalMinutes" && k !== "skipIfNoNewTranscripts") {
+                if (k !== "minIntervalMinutes" && k !== "skipIfNoNewTranscripts" && k !== "maxRecommendationCandidatesPerRun") {
                     throw new Error(`config-invalid(${label}): unknown improvement.cadence.${k}`);
                 }
             }
@@ -262,6 +416,46 @@ export function validatePersistedConfigDocument(data, label) {
             if (cd.skipIfNoNewTranscripts !== undefined) {
                 validateValueForMetadata(REGISTRY["improvement.cadence.skipIfNoNewTranscripts"], cd.skipIfNoNewTranscripts);
             }
+            if (cd.maxRecommendationCandidatesPerRun !== undefined) {
+                validateValueForMetadata(REGISTRY["improvement.cadence.maxRecommendationCandidatesPerRun"], cd.maxRecommendationCandidatesPerRun);
+            }
+        }
+        if (imp.hooks !== undefined) {
+            if (typeof imp.hooks !== "object" || imp.hooks === null || Array.isArray(imp.hooks)) {
+                throw new Error(`config-invalid(${label}): improvement.hooks must be an object`);
+            }
+            const hk = imp.hooks;
+            for (const k of Object.keys(hk)) {
+                if (k !== "afterTaskCompleted") {
+                    throw new Error(`config-invalid(${label}): unknown improvement.hooks.${k}`);
+                }
+            }
+            if (hk.afterTaskCompleted !== undefined) {
+                validateValueForMetadata(REGISTRY["improvement.hooks.afterTaskCompleted"], hk.afterTaskCompleted);
+            }
+        }
+    }
+    const responseTemplates = data.responseTemplates;
+    if (responseTemplates !== undefined) {
+        if (typeof responseTemplates !== "object" ||
+            responseTemplates === null ||
+            Array.isArray(responseTemplates)) {
+            throw new Error(`config-invalid(${label}): responseTemplates must be an object`);
+        }
+        const rt = responseTemplates;
+        for (const k of Object.keys(rt)) {
+            if (k !== "enforcementMode" && k !== "defaultTemplateId" && k !== "commandOverrides") {
+                throw new Error(`config-invalid(${label}): unknown responseTemplates.${k}`);
+            }
+        }
+        if (rt.enforcementMode !== undefined) {
+            validateValueForMetadata(REGISTRY["responseTemplates.enforcementMode"], rt.enforcementMode);
+        }
+        if (rt.defaultTemplateId !== undefined) {
+            validateValueForMetadata(REGISTRY["responseTemplates.defaultTemplateId"], rt.defaultTemplateId);
+        }
+        if (rt.commandOverrides !== undefined) {
+            validateValueForMetadata(REGISTRY["responseTemplates.commandOverrides"], rt.commandOverrides);
         }
     }
 }

package/dist/core/index.d.ts

@@ -2,6 +2,12 @@ export { ModuleRegistry, ModuleRegistryError, validateModuleSet, type ModuleRegi
 export { ModuleCommandRouter, ModuleCommandRouterError, type ModuleCommandDescriptor, type ModuleCommandRouterOptions } from "./module-command-router.js";
 export { buildBaseConfigLayers, deepMerge, envToConfigOverlay, explainConfigPath, getAtPath, getProjectConfigPath, getUserConfigFilePath, KIT_CONFIG_DEFAULTS, loadUserLayer, mergeConfigLayers, MODULE_CONFIG_CONTRIBUTIONS, normalizeConfigForExport, PROJECT_CONFIG_REL, resolveWorkspaceConfigWithLayers, stableStringifyConfig, type ConfigLayer, type ConfigLayerId, type EffectiveWorkspaceConfig, type ExplainConfigResult, type ResolveWorkspaceConfigOptions } from "./workspace-kit-config.js";
 export { appendPolicyTrace, getExtraSensitiveModuleCommandsFromEffective, getOperationIdForCommand, isSensitiveModuleCommand, isSensitiveModuleCommandForEffective, parsePolicyApproval, parsePolicyApprovalFromEnv, POLICY_TRACE_SCHEMA_VERSION, resolveActor, resolvePolicyOperationIdForCommand, type PolicyOperationId, type PolicyTraceRecord, type PolicyTraceRecordInput } from "./policy.js";
+export { getSessionGrant, loadSessionPolicyDocument, recordSessionGrant, resolveSessionId, SESSION_POLICY_SCHEMA_VERSION, type SessionPolicyDocument, type SessionPolicyGrant } from "./session-policy.js";
+export { parseTemplateDirectiveFromText } from "./instruction-template-mapper.js";
+export { RESPONSE_TEMPLATE_CONTRACT_VERSION, MAX_TEMPLATE_WARNING_LENGTH, truncateTemplateWarning, type ResponseTemplateDefinition, type ResponseTemplateEnforcementMode } from "./response-template-contract.js";
+export { allBuiltinDefinitions, getResponseTemplateDefinition, listBuiltinResponseTemplateIds } from "./response-template-registry.js";
+export { applyResponseTemplateApplication } from "./response-template-shaping.js";
+export { maybeSpawnTranscriptHookAfterCompletion, readAfterTaskCompletedHook, resolveWorkspaceKitCli } from "./transcript-completion-hook.js";
 export { assertWritableKey, getConfigKeyMetadata, getConfigRegistryExport, listConfigMetadata, validatePersistedConfigDocument, validateValueForMetadata, type ConfigKeyExposure, type ConfigKeyMetadata, type ConfigValueType } from "./config-metadata.js";
 export { appendConfigMutation, CONFIG_MUTATIONS_SCHEMA_VERSION, summarizeForEvidence, type ConfigMutationRecord } from "./config-mutations.js";
 export { generateConfigReferenceDocs, runWorkspaceConfigCli, type ConfigCliIo } from "./config-cli.js";

package/dist/core/index.js

@@ -2,6 +2,12 @@ export { ModuleRegistry, ModuleRegistryError, validateModuleSet } from "./module
 export { ModuleCommandRouter, ModuleCommandRouterError } from "./module-command-router.js";
 export { buildBaseConfigLayers, deepMerge, envToConfigOverlay, explainConfigPath, getAtPath, getProjectConfigPath, getUserConfigFilePath, KIT_CONFIG_DEFAULTS, loadUserLayer, mergeConfigLayers, MODULE_CONFIG_CONTRIBUTIONS, normalizeConfigForExport, PROJECT_CONFIG_REL, resolveWorkspaceConfigWithLayers, stableStringifyConfig } from "./workspace-kit-config.js";
 export { appendPolicyTrace, getExtraSensitiveModuleCommandsFromEffective, getOperationIdForCommand, isSensitiveModuleCommand, isSensitiveModuleCommandForEffective, parsePolicyApproval, parsePolicyApprovalFromEnv, POLICY_TRACE_SCHEMA_VERSION, resolveActor, resolvePolicyOperationIdForCommand } from "./policy.js";
+export { getSessionGrant, loadSessionPolicyDocument, recordSessionGrant, resolveSessionId, SESSION_POLICY_SCHEMA_VERSION } from "./session-policy.js";
+export { parseTemplateDirectiveFromText } from "./instruction-template-mapper.js";
+export { RESPONSE_TEMPLATE_CONTRACT_VERSION, MAX_TEMPLATE_WARNING_LENGTH, truncateTemplateWarning } from "./response-template-contract.js";
+export { allBuiltinDefinitions, getResponseTemplateDefinition, listBuiltinResponseTemplateIds } from "./response-template-registry.js";
+export { applyResponseTemplateApplication } from "./response-template-shaping.js";
+export { maybeSpawnTranscriptHookAfterCompletion, readAfterTaskCompletedHook, resolveWorkspaceKitCli } from "./transcript-completion-hook.js";
 export { assertWritableKey, getConfigKeyMetadata, getConfigRegistryExport, listConfigMetadata, validatePersistedConfigDocument, validateValueForMetadata } from "./config-metadata.js";
 export { appendConfigMutation, CONFIG_MUTATIONS_SCHEMA_VERSION, summarizeForEvidence } from "./config-mutations.js";
 export { generateConfigReferenceDocs, runWorkspaceConfigCli } from "./config-cli.js";

package/dist/core/instruction-template-mapper.d.ts

@@ -0,0 +1,9 @@
+export type TemplateDirectiveParseResult = {
+    templateId: string | null;
+    warnings: string[];
+};
+/**
+ * Resolve a template id from free-form instruction text (T263).
+ * Examples: "Use the COMPLETED_TASK template", "template: compact"
+ */
+export declare function parseTemplateDirectiveFromText(text: string): TemplateDirectiveParseResult;

package/dist/core/instruction-template-mapper.js

@@ -0,0 +1,35 @@
+import { truncateTemplateWarning } from "./response-template-contract.js";
+/**
+ * Resolve a template id from free-form instruction text (T263).
+ * Examples: "Use the COMPLETED_TASK template", "template: compact"
+ */
+export function parseTemplateDirectiveFromText(text) {
+    const warnings = [];
+    if (!text || typeof text !== "string") {
+        return { templateId: null, warnings };
+    }
+    const s = text.trim();
+    if (!s)
+        return { templateId: null, warnings };
+    const ids = new Set();
+    const reUseThe = /\buse\s+the\s+([A-Za-z0-9_-]+)\s+template\b/gi;
+    let m;
+    while ((m = reUseThe.exec(s)) !== null) {
+        ids.add(m[1]);
+    }
+    const reTemplateEq = /\btemplate\s*[:=]\s*([A-Za-z0-9_-]+)\b/gi;
+    while ((m = reTemplateEq.exec(s)) !== null) {
+        ids.add(m[1]);
+    }
+    const reBare = /\b(?:responseTemplateId|templateId)\s+is\s+([A-Za-z0-9_-]+)\b/gi;
+    while ((m = reBare.exec(s)) !== null) {
+        ids.add(m[1]);
+    }
+    if (ids.size === 0) {
+        return { templateId: null, warnings };
+    }
+    if (ids.size > 1) {
+        warnings.push(truncateTemplateWarning("Ambiguous template directive: multiple template ids referenced; using first match."));
+    }
+    return { templateId: [...ids][0], warnings };
+}

package/dist/core/lineage-contract.d.ts

@@ -1,6 +1,6 @@
 /**
  * T203: Immutable lineage event contract (append-only store, correlation fields).
- * @see docs/maintainers/TASKS.md T192, T203
+ * @see .workspace-kit/tasks/state.json T192, T203
  */
 export declare const LINEAGE_SCHEMA_VERSION: 1;
 export type LineageEventType = "rec" | "dec" | "app" | "corr";

package/dist/core/lineage-contract.js

@@ -1,6 +1,6 @@
 /**
  * T203: Immutable lineage event contract (append-only store, correlation fields).
- * @see docs/maintainers/TASKS.md T192, T203
+ * @see .workspace-kit/tasks/state.json T192, T203
  */
 export const LINEAGE_SCHEMA_VERSION = 1;
 /** Stable correlation root: ties chain to recommendation + evidence identity. */

package/dist/core/policy.d.ts

@@ -1,5 +1,5 @@
 export declare const POLICY_TRACE_SCHEMA_VERSION: 1;
-export type PolicyOperationId = "cli.upgrade" | "cli.init" | "cli.config-mutate" | "policy.dynamic-sensitive" | "doc.document-project" | "doc.generate-document" | "tasks.import-tasks" | "tasks.generate-tasks-md" | "tasks.run-transition" | "approvals.review-item" | "improvement.generate-recommendations" | "improvement.ingest-transcripts";
+export type PolicyOperationId = "cli.upgrade" | "cli.init" | "cli.config-mutate" | "policy.dynamic-sensitive" | "doc.document-project" | "doc.generate-document" | "tasks.run-transition" | "approvals.review-item" | "improvement.generate-recommendations" | "improvement.ingest-transcripts";
 export declare function getOperationIdForCommand(commandName: string): PolicyOperationId | undefined;
 export declare function getExtraSensitiveModuleCommandsFromEffective(effective: Record<string, unknown>): string[];
 /** Resolve operation id for tracing, including config-declared sensitive module commands. */
@@ -8,9 +8,12 @@ export declare function resolvePolicyOperationIdForCommand(commandName: string,
  * Sensitive when mutation / write is possible. Documentation commands are exempt when dryRun is true.
  */
 export declare function isSensitiveModuleCommand(commandName: string, args: Record<string, unknown>): boolean;
+export type PolicyApprovalScope = "once" | "session";
 export type PolicyApprovalPayload = {
     confirmed: boolean;
     rationale: string;
+    /** When `session`, persist approval for this operation until session id changes or grants file is cleared. */
+    scope?: PolicyApprovalScope;
 };
 export declare function parsePolicyApprovalFromEnv(env: NodeJS.ProcessEnv): PolicyApprovalPayload | undefined;
 export declare function parsePolicyApproval(args: Record<string, unknown>): PolicyApprovalPayload | undefined;

package/dist/core/policy.js

@@ -5,8 +5,6 @@ export const POLICY_TRACE_SCHEMA_VERSION = 1;
 const COMMAND_TO_OPERATION = {
     "document-project": "doc.document-project",
     "generate-document": "doc.generate-document",
-    "import-tasks": "tasks.import-tasks",
-    "generate-tasks-md": "tasks.generate-tasks-md",
     "run-transition": "tasks.run-transition",
     "review-item": "approvals.review-item",
     "generate-recommendations": "improvement.generate-recommendations",
@@ -81,7 +79,9 @@ export function parsePolicyApproval(args) {
     if (!confirmed || rationale.length === 0) {
         return undefined;
     }
-    return { confirmed, rationale };
+    const scopeRaw = o.scope;
+    const scope = scopeRaw === "session" || scopeRaw === "once" ? scopeRaw : undefined;
+    return { confirmed, rationale, ...(scope ? { scope } : {}) };
 }
 export function resolveActor(workspacePath, args, env) {
     if (typeof args.actor === "string" && args.actor.trim().length > 0) {

package/dist/core/response-template-contract.d.ts

@@ -0,0 +1,15 @@
+/** Contract version for response template definitions and CLI shaping metadata. */
+export declare const RESPONSE_TEMPLATE_CONTRACT_VERSION: 1;
+export type ResponseTemplateEnforcementMode = "advisory" | "strict";
+export type ResponseTemplateDefinition = {
+    id: string;
+    /** Monotonic template definition revision for compatibility notes. */
+    version: number;
+    scope: "global" | "command";
+    description: string;
+    /** Logical section keys expected in shaped command `data` (advisory hints only). */
+    expectedSections: string[];
+};
+/** Max length for a single advisory warning line (T265 / T266). */
+export declare const MAX_TEMPLATE_WARNING_LENGTH = 120;
+export declare function truncateTemplateWarning(message: string): string;

package/dist/core/response-template-contract.js

@@ -0,0 +1,10 @@
+/** Contract version for response template definitions and CLI shaping metadata. */
+export const RESPONSE_TEMPLATE_CONTRACT_VERSION = 1;
+/** Max length for a single advisory warning line (T265 / T266). */
+export const MAX_TEMPLATE_WARNING_LENGTH = 120;
+export function truncateTemplateWarning(message) {
+    const t = message.trim();
+    if (t.length <= MAX_TEMPLATE_WARNING_LENGTH)
+        return t;
+    return `${t.slice(0, MAX_TEMPLATE_WARNING_LENGTH - 1)}…`;
+}

package/dist/core/response-template-registry.d.ts

@@ -0,0 +1,4 @@
+import type { ResponseTemplateDefinition } from "./response-template-contract.js";
+export declare function getResponseTemplateDefinition(id: string | undefined): ResponseTemplateDefinition | undefined;
+export declare function listBuiltinResponseTemplateIds(): string[];
+export declare function allBuiltinDefinitions(): ResponseTemplateDefinition[];

package/dist/core/response-template-registry.js

@@ -0,0 +1,44 @@
+const BUILTIN = {
+    default: {
+        id: "default",
+        version: 1,
+        scope: "global",
+        description: "Passthrough with standard ok/code/message/data fields.",
+        expectedSections: ["ok", "code", "message", "data"]
+    },
+    compact: {
+        id: "compact",
+        version: 1,
+        scope: "global",
+        description: "Emphasizes top-level code and message for quick scanning.",
+        expectedSections: ["ok", "code", "message"]
+    },
+    completed_task: {
+        id: "completed_task",
+        version: 1,
+        scope: "command",
+        description: "Structured completion-style surface for task-style commands.",
+        expectedSections: ["ok", "code", "message", "data"]
+    },
+    COMPLETED_TASK: {
+        id: "COMPLETED_TASK",
+        version: 1,
+        scope: "command",
+        description: "Alias id matching plain-English directive spelling.",
+        expectedSections: ["ok", "code", "message", "data"]
+    }
+};
+export function getResponseTemplateDefinition(id) {
+    if (!id || typeof id !== "string")
+        return undefined;
+    const trimmed = id.trim();
+    if (!trimmed)
+        return undefined;
+    return BUILTIN[trimmed] ?? BUILTIN[trimmed.toLowerCase()] ?? undefined;
+}
+export function listBuiltinResponseTemplateIds() {
+    return Object.keys(BUILTIN).sort((a, b) => a.localeCompare(b));
+}
+export function allBuiltinDefinitions() {
+    return Object.values(BUILTIN);
+}

package/dist/core/response-template-shaping.d.ts

@@ -0,0 +1,6 @@
+import type { ModuleCommandResult } from "../contracts/module-contract.js";
+/**
+ * Apply response template metadata and optional presentation hints (T262, T265).
+ * Advisory mode never flips `ok`. Strict mode fails closed on unknown template ids when a template was explicitly requested or command override is set.
+ */
+export declare function applyResponseTemplateApplication(commandName: string, args: Record<string, unknown>, result: ModuleCommandResult, effective: Record<string, unknown>): ModuleCommandResult;