@xemahq/kernel-contracts 0.22.2 → 0.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (164) hide show
  1. package/dist/agent-workspace/awp-spec.json +0 -1
  2. package/dist/agent-workspace/lib/workspace-layout.d.ts.map +1 -1
  3. package/dist/agent-workspace/lib/workspace-layout.js.map +1 -1
  4. package/dist/biome/lib/biome-manifest.d.ts +0 -8
  5. package/dist/biome/lib/biome-manifest.d.ts.map +1 -1
  6. package/dist/biome/lib/biome-manifest.js +4 -50
  7. package/dist/biome/lib/biome-manifest.js.map +1 -1
  8. package/dist/capability/lib/errors.d.ts.map +1 -1
  9. package/dist/capability/lib/errors.js.map +1 -1
  10. package/dist/capability/lib/meta-tool.d.ts.map +1 -1
  11. package/dist/capability/lib/meta-tool.js.map +1 -1
  12. package/dist/connector/index.d.ts +2 -0
  13. package/dist/connector/index.d.ts.map +1 -1
  14. package/dist/connector/index.js +2 -0
  15. package/dist/connector/index.js.map +1 -1
  16. package/dist/connector/lib/connector-descriptor.d.ts +13 -0
  17. package/dist/connector/lib/connector-descriptor.d.ts.map +1 -0
  18. package/dist/connector/lib/connector-descriptor.js +3 -0
  19. package/dist/connector/lib/connector-descriptor.js.map +1 -0
  20. package/dist/connector/lib/credential-kind.d.ts.map +1 -1
  21. package/dist/connector/lib/credential-kind.js.map +1 -1
  22. package/dist/connector/lib/filter-expr.js +6 -0
  23. package/dist/connector/lib/filter-expr.js.map +1 -1
  24. package/dist/connector/lib/provider-descriptor.d.ts +37 -0
  25. package/dist/connector/lib/provider-descriptor.d.ts.map +1 -0
  26. package/dist/connector/lib/provider-descriptor.js +26 -0
  27. package/dist/connector/lib/provider-descriptor.js.map +1 -0
  28. package/dist/contribution/lib/contribution-kind.d.ts.map +1 -1
  29. package/dist/contribution/lib/contribution-kind.js.map +1 -1
  30. package/dist/contribution/lib/contribution-source.d.ts.map +1 -1
  31. package/dist/contribution/lib/contribution-source.js.map +1 -1
  32. package/dist/contribution/lib/contribution.d.ts.map +1 -1
  33. package/dist/contribution/lib/contribution.js.map +1 -1
  34. package/dist/document-render/lib/render-enums.d.ts.map +1 -1
  35. package/dist/document-render/lib/render-enums.js.map +1 -1
  36. package/dist/execution-context/lib/execution-context.d.ts.map +1 -1
  37. package/dist/execution-context/lib/execution-context.js.map +1 -1
  38. package/dist/execution-environment/lib/built-in-environments.d.ts.map +1 -1
  39. package/dist/execution-environment/lib/built-in-environments.js.map +1 -1
  40. package/dist/execution-environment/lib/execution-environment.d.ts.map +1 -1
  41. package/dist/execution-environment/lib/execution-environment.js +1 -1
  42. package/dist/execution-environment/lib/execution-environment.js.map +1 -1
  43. package/dist/inquiry/index.d.ts.map +1 -1
  44. package/dist/inquiry/index.js.map +1 -1
  45. package/dist/object/lib/object-lifecycle.d.ts.map +1 -1
  46. package/dist/object/lib/object-lifecycle.js.map +1 -1
  47. package/dist/policy/lib/obligations.d.ts.map +1 -1
  48. package/dist/policy/lib/obligations.js.map +1 -1
  49. package/dist/policy/lib/policy.d.ts +2 -1
  50. package/dist/policy/lib/policy.d.ts.map +1 -1
  51. package/dist/policy/lib/policy.js +1 -0
  52. package/dist/policy/lib/policy.js.map +1 -1
  53. package/dist/runner/lib/runner-registration.d.ts.map +1 -1
  54. package/dist/runner/lib/runner-registration.js.map +1 -1
  55. package/dist/service-registry/lib/service-names.generated.d.ts.map +1 -1
  56. package/dist/service-registry/lib/service-names.generated.js.map +1 -1
  57. package/dist/space/lib/space.d.ts.map +1 -1
  58. package/dist/space/lib/space.js.map +1 -1
  59. package/dist/workflow/index.d.ts.map +1 -1
  60. package/dist/workflow/index.js.map +1 -1
  61. package/dist/workflow/lib/activity-outputs.d.ts.map +1 -1
  62. package/package.json +28 -19
  63. package/src/agent-composition/lib/agent-workspace-config.ts +3 -3
  64. package/src/agent-composition/lib/capability-layer.ts +2 -2
  65. package/src/agent-composition/lib/intrinsic-floor.ts +1 -1
  66. package/src/agent-session/lib/participant.ts +1 -1
  67. package/src/agent-workspace/lib/context-json.ts +1 -1
  68. package/src/agent-workspace/lib/mount-apply.ts +2 -2
  69. package/src/agent-workspace/lib/workspace-layout.ts +2 -4
  70. package/src/app-runtime/lib/app-client.ts +1 -1
  71. package/src/app-runtime/lib/app-lockfile.ts +2 -2
  72. package/src/app-runtime/lib/app.ts +4 -4
  73. package/src/app-runtime/lib/audience-policy.ts +2 -2
  74. package/src/app-runtime/lib/biome-install.ts +3 -3
  75. package/src/app-runtime/lib/branding-config.ts +1 -1
  76. package/src/app-runtime/lib/delegated-session.ts +1 -1
  77. package/src/app-runtime/lib/external-subject.ts +1 -1
  78. package/src/biome/lib/biome-capability-refs.ts +3 -3
  79. package/src/biome/lib/biome-engines.ts +2 -2
  80. package/src/biome/lib/biome-lifecycle-hooks.ts +1 -1
  81. package/src/biome/lib/biome-lifecycle.ts +3 -3
  82. package/src/biome/lib/biome-manifest.ts +68 -122
  83. package/src/biome/lib/biome-permissions.ts +2 -2
  84. package/src/biome/lib/biome-scope.ts +2 -2
  85. package/src/biome/lib/biome-trust-tier.ts +1 -1
  86. package/src/biome/lib/trust-tier-policies.ts +2 -2
  87. package/src/biome-availability/lib/biome-availability.ts +1 -1
  88. package/src/capability/lib/capability-contribution.ts +3 -3
  89. package/src/capability/lib/capability-grant.ts +5 -5
  90. package/src/capability/lib/capability-policy.ts +2 -2
  91. package/src/capability/lib/capability-ref.ts +4 -4
  92. package/src/capability/lib/errors.ts +4 -10
  93. package/src/capability/lib/meta-tool.ts +2 -5
  94. package/src/capability/lib/permission-profile.ts +7 -7
  95. package/src/capability/lib/shell-command-descriptor.ts +3 -3
  96. package/src/connector/index.ts +2 -0
  97. package/src/connector/lib/adapter-kind.ts +1 -1
  98. package/src/connector/lib/capability-refs.ts +1 -1
  99. package/src/connector/lib/connector-descriptor.ts +67 -0
  100. package/src/connector/lib/credential-kind.ts +3 -4
  101. package/src/connector/lib/envelope-schema.ts +2 -2
  102. package/src/connector/lib/filter-expr-validate.ts +1 -1
  103. package/src/connector/lib/filter-expr.ts +8 -0
  104. package/src/connector/lib/provider-descriptor.ts +181 -0
  105. package/src/contribution/lib/contribution-kind.ts +11 -12
  106. package/src/contribution/lib/contribution-source.ts +1 -2
  107. package/src/contribution/lib/contribution.ts +3 -6
  108. package/src/document-render/lib/render-enums.ts +1 -2
  109. package/src/execution-context/lib/caller.ts +2 -2
  110. package/src/execution-context/lib/execution-context.ts +12 -18
  111. package/src/execution-environment/lib/approval-rule.ts +2 -2
  112. package/src/execution-environment/lib/built-in-environments.ts +9 -11
  113. package/src/execution-environment/lib/execution-environment.ts +25 -26
  114. package/src/inquiry/index.ts +1 -2
  115. package/src/invocation/lib/invocation-mode.ts +1 -1
  116. package/src/invocation/lib/invocation-record.ts +1 -1
  117. package/src/invocation/lib/isolation-level.ts +1 -1
  118. package/src/kernel-state/lib/adapter-kind.ts +3 -3
  119. package/src/kernel-state/lib/kernel-state.ts +1 -1
  120. package/src/kernel-state/lib/key-grammar.ts +1 -1
  121. package/src/mcp-tool/lib/tool-selection.ts +1 -1
  122. package/src/object/lib/object-lifecycle.ts +1 -2
  123. package/src/object/lib/xema-object-kind.ts +1 -1
  124. package/src/object/lib/xema-object-ref.ts +2 -2
  125. package/src/org-database/lib/db-result-event.ts +3 -3
  126. package/src/policy/lib/obligations.ts +5 -6
  127. package/src/policy/lib/policy.ts +17 -8
  128. package/src/policy/lib/route-hints.ts +1 -1
  129. package/src/provisioning/index.ts +1 -1
  130. package/src/provisioning/lib/provisioning.ts +4 -4
  131. package/src/resource/lib/resource-ownership-contribution.ts +2 -2
  132. package/src/runner/lib/dispatch.ts +5 -5
  133. package/src/runner/lib/job-token.ts +2 -2
  134. package/src/runner/lib/runner-attestation.ts +2 -2
  135. package/src/runner/lib/runner-job.ts +2 -2
  136. package/src/runner/lib/runner-mode.ts +1 -1
  137. package/src/runner/lib/runner-plane.ts +2 -2
  138. package/src/runner/lib/runner-registration.ts +9 -10
  139. package/src/runner/lib/runner.ts +7 -7
  140. package/src/runner-input-hash/lib/input-hash.ts +2 -2
  141. package/src/service-registry/lib/service-descriptor.ts +1 -1
  142. package/src/service-registry/lib/service-names.generated.ts +1 -3
  143. package/src/space/lib/space-ref-parser.ts +1 -1
  144. package/src/space/lib/space.ts +4 -5
  145. package/src/widget/lib/chat-widget-envelope.ts +1 -1
  146. package/src/worker-runtime/lib/capabilities.ts +1 -1
  147. package/src/workflow/index.ts +2 -3
  148. package/src/workflow/lib/activity-outputs.ts +3 -4
  149. package/src/workflow/lib/agent-role.ts +5 -5
  150. package/src/workflow/lib/artifact-ref.ts +1 -1
  151. package/src/workflow/lib/compiled-run.ts +2 -2
  152. package/src/workflow/lib/compiled-workspace-manifest.ts +2 -2
  153. package/src/workflow/lib/enums.ts +4 -4
  154. package/src/workflow/lib/errors.ts +1 -1
  155. package/src/workflow/lib/model-ref.ts +1 -1
  156. package/src/workflow/lib/mount-plan.ts +1 -1
  157. package/src/workflow/lib/platform-task-queue.ts +3 -3
  158. package/src/workflow/lib/role-capability.ts +1 -1
  159. package/src/workflow/lib/run-progress.ts +2 -2
  160. package/src/workflow/lib/trigger-payload.ts +2 -2
  161. package/src/workflow/lib/variable-requirement.ts +1 -1
  162. package/src/workflow/lib/workspace-manifest-enums.ts +1 -1
  163. package/src/workspace-storage/lib/types.ts +1 -1
  164. package/LICENSE +0 -176
@@ -56,8 +56,8 @@ import {
56
56
  export const BIOME_MANIFEST_FILENAME = 'xema-biome.json';
57
57
 
58
58
  /**
59
- * Declarative event subscription entry of the biome manifest
60
- * (plan §12.4). `event` is the CloudEvents `type` the biome subscribes
59
+ * Declarative event subscription entry of the biome manifest.
60
+ * `event` is the CloudEvents `type` the biome subscribes
61
61
  * to (e.g. `xema.kb.page.published.v1`); `handlerModule` is the module
62
62
  * path relative to the biome package root that `biome-host-api` loads
63
63
  * to dispatch matching events.
@@ -94,19 +94,18 @@ const ManifestBiomeScopeSchema = z.enum([
94
94
  ]);
95
95
 
96
96
  /**
97
- * The Contribution Protocol (`@xemahq/kernel-contracts/contribution`) is the
98
- * single authoritative enum for kinds a biome may ship.
97
+ * Canonical map from a content-kind token to its conventional on-disk
98
+ * directory name. Biome content is discovered by walking these directories
99
+ * for on-disk presence (the file-walk seeders); the kind tokens themselves
100
+ * correspond to the Contribution Protocol
101
+ * (`@xemahq/kernel-contracts/contribution`). Multi-file bundle kinds (agents,
102
+ * skills, workflows, …) live under these dirs; single-file/typed
103
+ * contributions may alternatively use the `xema.contributions` block.
99
104
  *
100
- * Conventional on-disk directory name per `ships.content[]` / `ships.modules[]`
101
- * string. Used ONLY for the `ships`-based file-walk seeders that have not yet
102
- * migrated to the `contributions/` directory protocol. New code MUST use the
103
- * `xema.contributions` block (or inline contributions) instead of
104
- * `ships.content` / `ships.modules`.
105
- *
106
- * Keys are the camelCase tokens accepted in `xema-biome.json`; the mapping
107
- * returns `null` for any key it does not recognise so callers can fail fast.
105
+ * Keys are the camelCase tokens; the mapping throws for any key it does not
106
+ * recognise so callers fail fast.
108
107
  */
109
- const LEGACY_SHIPS_CONTENT_DIR: Readonly<Record<string, string>> = {
108
+ const CONTENT_KIND_DIR: Readonly<Record<string, string>> = {
110
109
  agents: 'agents',
111
110
  workflowConfig: 'workflow-config',
112
111
  deliverableSpecs: 'deliverable-specs',
@@ -127,16 +126,16 @@ const LEGACY_SHIPS_CONTENT_DIR: Readonly<Record<string, string>> = {
127
126
  };
128
127
 
129
128
  /**
130
- * Resolve a legacy `ships.content[]` value to its conventional directory
131
- * name, or `null` for unknown tokens. Used by the legacy file-walk
132
- * catalog/seeders; new code should use the contributions protocol.
129
+ * Resolve a content-kind token to its conventional directory name. Used by
130
+ * the file-walk catalog/seeders that discover content by on-disk presence.
131
+ * Throws for an unknown token so callers fail fast.
133
132
  */
134
133
  export function contentKindToDir(kind: string): string {
135
- const dir = LEGACY_SHIPS_CONTENT_DIR[kind];
134
+ const dir = CONTENT_KIND_DIR[kind];
136
135
  if (!dir) {
137
136
  throw new Error(
138
- `biome-host-sdk: unknown legacy ships.content[] value "${kind}". ` +
139
- `Either migrate the biome to xema.contributions or extend LEGACY_SHIPS_CONTENT_DIR.`,
137
+ `biome-host-sdk: unknown content kind "${kind}". ` +
138
+ `Either use the xema.contributions block or extend CONTENT_KIND_DIR.`,
140
139
  );
141
140
  }
142
141
  return dir;
@@ -155,7 +154,7 @@ export const BiomeDatabaseDeclarationSchema = z
155
154
  export type BiomeDatabaseDeclaration = z.infer<typeof BiomeDatabaseDeclarationSchema>;
156
155
 
157
156
  /**
158
- * Per-API declaration shipped under `xema.ships.apis[]` (Phase 9).
157
+ * Per-API declaration shipped under `xema.ships.apis[]`.
159
158
  * Each entry becomes one subdomain (`<name>.api.<base-domain>`)
160
159
  * served by a biome-shipped API service. biome-host-api applies
161
160
  * the Helm sub-chart at install time and writes a route-registry
@@ -227,7 +226,7 @@ export const BiomeApiDeclarationSchema = z
227
226
  export type BiomeApiDeclaration = z.infer<typeof BiomeApiDeclarationSchema>;
228
227
 
229
228
  /**
230
- * Phase-C Contribution Protocol entry. The body of an
229
+ * Contribution Protocol entry. The body of an
231
230
  * `*.contribution.json` file under a biome's `contributions/` directory,
232
231
  * or an inline entry under `xema.contributions.inline[]` in
233
232
  * `xema-biome.json`.
@@ -235,10 +234,7 @@ export type BiomeApiDeclaration = z.infer<typeof BiomeApiDeclarationSchema>;
235
234
  * Validated structurally here (kind + slug + opaque manifest). The
236
235
  * authoritative per-kind manifest validation lives in the kind-specific
237
236
  * contracts package and is exercised at boot by the generic
238
- * `BootstrapContributionsService` template (see
239
- * `bootstrap-contributions-service.ts`).
240
- *
241
- * See `.claude/plans/following-up-the-xema-os-plan-md-abstract-stream.md` §6.C.1.
237
+ * `BootstrapContributionsService` template.
242
238
  */
243
239
  export const BiomeContributionEntrySchema = z
244
240
  .object({
@@ -268,8 +264,6 @@ export type BiomeContributionEntry = z.infer<typeof BiomeContributionEntrySchema
268
264
  * manifest — directory entries are walked first, inline entries layered
269
265
  * on top with last-write-wins on `(kind, id)` collision (the host fails
270
266
  * fast on duplicates at boot).
271
- *
272
- * Phase C plan-of-record: §6.C.1.
273
267
  */
274
268
  export const BiomeContributionsSchema = z
275
269
  .object({
@@ -289,17 +283,13 @@ export type BiomeContributions = z.infer<typeof BiomeContributionsSchema>;
289
283
  export const BiomeShipsSchema = z
290
284
  .object({
291
285
  /**
292
- * @deprecated PHASE-C-SWEEP: superseded by top-level
293
- * `xema.contributions`. Kept as a free-form string array until the
294
- * codemod sweep migrates every biome to the Contribution Protocol.
295
- * Values are matched against `ContributionKind` at registration time.
286
+ * Per-API service declarations. Content contributions (agents, skills,
287
+ * workflows, deliverable-specs, …) are NOT declared here they are
288
+ * discovered by on-disk presence of their convention directory (see
289
+ * `contentKindToDir`) and/or the `xema.contributions` block. The former
290
+ * `content` / `modules` string arrays were removed once discovery became
291
+ * presence-based; do not re-introduce a per-kind declaration.
296
292
  */
297
- content: z.array(z.string().min(1)).optional(),
298
- /**
299
- * @deprecated PHASE-C-SWEEP: superseded by top-level
300
- * `xema.contributions`. See `content` above — same rationale.
301
- */
302
- modules: z.array(z.string().min(1)).optional(),
303
293
  apis: z.array(BiomeApiDeclarationSchema).optional(),
304
294
  })
305
295
  .strict();
@@ -414,7 +404,7 @@ export type WebhookFilter = z.infer<typeof WebhookFilterSchema>;
414
404
 
415
405
  /**
416
406
  * Server-side capability declarations. Validated at boot for shape +
417
- * closed-set membership; runtime enforcement is Phase 4 (network
407
+ * closed-set membership; runtime enforcement is planned (network
418
408
  * allow-list, MCP ACL, secret scope). Declaring intent now means every
419
409
  * biome already states it — no migration when enforcement turns on.
420
410
  */
@@ -430,7 +420,7 @@ export const ServerBiomeCapabilitiesSchema = z
430
420
  .strict();
431
421
  export type ServerBiomeCapabilities = z.infer<typeof ServerBiomeCapabilitiesSchema>;
432
422
 
433
- /** Web-side capability declarations. Same Phase-4 timing as server. */
423
+ /** Web-side capability declarations. Same runtime-enforcement timing as server. */
434
424
  export const WebBiomeCapabilitiesSchema = z
435
425
  .object({
436
426
  slots: z.array(z.string().min(1)).optional(),
@@ -500,39 +490,39 @@ const BiomeIdSchema = z
500
490
  /**
501
491
  * Per-handler declarative event subscription. Type-aliased to
502
492
  * `BiomeEventSubscription` so the SDK's manifest field and the
503
- * `xema-biome.json` parser share one shape. See plan §12.4.
493
+ * `xema-biome.json` parser share one shape.
504
494
  */
505
495
  export type BiomeManifestSubscribe = BiomeEventSubscription;
506
496
 
507
497
  /**
508
498
  * `requires`: biome id → semver range. Same shape as the kernel biome
509
- * manifest's `requires` block (plan §12.4); the platform refuses to
499
+ * manifest's `requires` block; the platform refuses to
510
500
  * enable a biome/biome whose `requires` cannot be satisfied by the
511
501
  * other enabled biomes/biomes in the org.
512
502
  */
513
503
  export type BiomeManifestRequires = Readonly<Record<string, string>>;
514
504
 
515
505
  /**
516
- * Additive XSI fields layered onto the per-target `xema` block in Phase
517
- * 1A (plan §17.2 item 2). Pure additive. All fields are OPTIONAL.
506
+ * Additive XSI fields layered onto the per-target `xema` block. Pure
507
+ * additive. All fields are OPTIONAL.
518
508
  *
519
- * - `subscribes[]` — declarative event wiring (§12.4). Each entry binds
509
+ * - `subscribes[]` — declarative event wiring. Each entry binds
520
510
  * one CloudEvents `type` to a handler module path.
521
511
  * - `requires` — typed semver dependency declaration on other
522
- * biomes/biomes (§12.4).
512
+ * biomes/biomes.
523
513
  * - `contributes[]` — closed `ContributionKind` enum from
524
514
  * `@xemahq/kernel-contracts/contribution`. The biome-host uses this to know
525
- * which slot registries to walk on install (§12.1).
515
+ * which slot registries to walk on install.
526
516
  * - `requiresCapabilities[]` — capability refs the biome needs the host
527
- * to grant before any of its handlers/contributions execute (§30.2).
517
+ * to grant before any of its handlers/contributions execute.
528
518
  * - `exposesCapabilities[]` — capability refs the biome itself
529
- * implements and offers to others (§30.2).
519
+ * implements and offers to others.
530
520
  * - `permissions` — install-time consent metadata (default profile +
531
- * per-ref hints + UX groupings) for `requiresCapabilities[]` (§30.2).
521
+ * per-ref hints + UX groupings) for `requiresCapabilities[]`.
532
522
  * - `lifecycle` — module paths the host invokes on
533
- * install/upgrade/enable/disable/uninstall transitions (§24.5).
523
+ * install/upgrade/enable/disable/uninstall transitions.
534
524
  * - `engines.xema` — semver range the host enforces against the running
535
- * platform version (§24.4).
525
+ * platform version.
536
526
  *
537
527
  * Kernel-owned types are referenced through the sibling biome contract
538
528
  * modules — never redefined here.
@@ -543,11 +533,10 @@ const XsiManifestExtensionsShape = {
543
533
  contributes: z.array(ContributionKindSchema).optional(),
544
534
  /**
545
535
  * Phase-C Contribution Protocol entries (the actual envelopes, not just
546
- * the kind whitelist). Replaces the legacy `ships.content` +
547
- * `ships.modules` per-kind file-walk seeders with a single generic
548
- * `BootstrapContributionsService` template; see Phase C.1 of the
549
- * plan-of-record. Either inline entries or a pointer to a
550
- * `contributions/` directory at the biome root.
536
+ * the kind whitelist), fed to a single generic
537
+ * `BootstrapContributionsService` template. Either inline entries or a
538
+ * pointer to a `contributions/` directory at the biome root. Complements
539
+ * the presence-based file-walk seeders (see `contentKindToDir`).
551
540
  */
552
541
  contributions: BiomeContributionsSchema.optional(),
553
542
  requiresCapabilities: z.array(CapabilityRefSchema).optional(),
@@ -733,7 +722,7 @@ const ServerBiomeXemaSchema = z
733
722
  ships: BiomeShipsSchema.optional(),
734
723
  capabilities: ServerBiomeCapabilitiesSchema.optional(),
735
724
  /**
736
- * Hosting/provenance posture for adapter-contribution modules (Phase 7).
725
+ * Hosting/provenance posture for adapter-contribution modules.
737
726
  * The same `first-party | third-party` set as {@link BiomeOrigin} (which
738
727
  * documents this very field) — uses `BiomeOriginSchema` so the two cannot
739
728
  * drift. Other biome kinds ignore this field. Defaults to `third-party`.
@@ -883,14 +872,14 @@ const ServerBiomeXemaSchema = z
883
872
  .max(64)
884
873
  .optional(),
885
874
  /**
886
- * Explicit roster of agents this biome ships. Required when
887
- * `ships.content` includes `'agents'`; forbidden otherwise. Each
888
- * entry pins one `agents/<slug>.md` file with its execution mode
889
- * (primary vs subagent).
875
+ * Explicit roster of agents this biome ships. Present ⟺ the biome has an
876
+ * on-disk `agents/` directory (discovered by presence). Each entry pins
877
+ * one `agents/<slug>.md` file with its execution mode (primary vs
878
+ * subagent).
890
879
  *
891
880
  * Why both this field AND the on-disk `agents/` scan exist:
892
881
  * - The declaration makes the roster greppable from outside the
893
- * biome tree (`grep '"slug": "build"' biomes/*\/xema-biome.json`).
882
+ * biome tree by scanning each biome's `xema-biome.json`.
894
883
  * - It lets biome-host fail fast at boot when an agent file is
895
884
  * added or removed without updating the manifest — the prior
896
885
  * convention silently accepted drift.
@@ -904,10 +893,10 @@ const ServerBiomeXemaSchema = z
904
893
  */
905
894
  agents: z.array(BiomeAgentDeclarationSchema).optional(),
906
895
  /**
907
- * Workspace-provisioning scaffolds the biome ships (Epic A). Each
896
+ * Workspace-provisioning scaffolds the biome ships. Each
908
897
  * entry pins one `provisioning/<id>.yaml` recipe and declares when it
909
- * runs + how the resolver expands it. Required`ships.content`
910
- * includes `provisioningScaffolds`; cross-validated in `superRefine`.
898
+ * runs + how the resolver expands it. Presentthe biome has an on-disk
899
+ * `provisioning/` directory (discovered by presence).
911
900
  */
912
901
  provisioning: z.array(ProvisioningScaffoldDeclarationSchema).optional(),
913
902
  /**
@@ -916,7 +905,7 @@ const ServerBiomeXemaSchema = z
916
905
  * injects the org database identifiers into the runtime workload env.
917
906
  */
918
907
  database: BiomeDatabaseDeclarationSchema.optional(),
919
- /** Reserved for Phase 4 third-party signing. Validated only when present. */
908
+ /** Reserved for planned third-party signing. Validated only when present. */
920
909
  signature: z
921
910
  .object({
922
911
  algorithm: z.string().min(1),
@@ -925,15 +914,14 @@ const ServerBiomeXemaSchema = z
925
914
  })
926
915
  .strict()
927
916
  .optional(),
928
- // XSI Phase 1A additive fields. See `XsiManifestExtensionsShape`
929
- // doc-comment above for the per-field meaning + plan citations.
917
+ // XSI additive fields. See `XsiManifestExtensionsShape`
918
+ // doc-comment above for the per-field meaning.
930
919
  ...XsiManifestExtensionsShape,
931
920
  })
932
921
  .strict()
933
922
  .superRefine((value, ctx) => {
934
923
  validateServerPluginWebhookAndIntegrationRequirements(value, ctx);
935
924
  validateServerBiomeAgentDeclarations(value, ctx);
936
- validateServerPluginProvisioningDeclarations(value, ctx);
937
925
  });
938
926
 
939
927
  const WebBiomeXemaSchema = z
@@ -978,7 +966,7 @@ const WebBiomeXemaSchema = z
978
966
  })
979
967
  .strict()
980
968
  .optional(),
981
- // XSI Phase 1A additive fields — same shape on both targets so the
969
+ // XSI additive fields — same shape on both targets so the
982
970
  // biome-host can read them uniformly regardless of where the biome
983
971
  // executes. See `XsiManifestExtensionsShape` above.
984
972
  ...XsiManifestExtensionsShape,
@@ -1008,41 +996,23 @@ function validateServerPluginWebhookAndIntegrationRequirements(
1008
996
  });
1009
997
  }
1010
998
  }
1011
- if (value.integrationRequirements && value.integrationRequirements.length > 0) {
1012
- const shipsInstallSchema = value.ships?.content?.includes('biomeInstallSchema') ?? false;
1013
- if (!shipsInstallSchema) {
1014
- ctx.addIssue({
1015
- code: 'custom',
1016
- path: ['ships', 'content'],
1017
- message:
1018
- 'biomes declaring integrationRequirements must also ship a `biomeInstallSchema` content kind so the install wizard can render a resource-selection form',
1019
- });
1020
- }
1021
- }
999
+ // A biome declaring integrationRequirements must also ship a
1000
+ // `biomeInstallSchema` (the `install-schema/` convention directory) so the
1001
+ // install wizard can render a resource-selection form. That directory is
1002
+ // discovered by on-disk presence; the schema validator has no filesystem
1003
+ // access, so this is enforced at boot-time seeding rather than at
1004
+ // manifest-parse time (there is no longer a `ships.content` list to check).
1022
1005
  }
1023
1006
 
1024
1007
  function validateServerBiomeAgentDeclarations(
1025
1008
  value: ServerBiomeXema,
1026
1009
  ctx: z.RefinementCtx,
1027
1010
  ): void {
1028
- const shipsAgents = value.ships?.content?.includes('agents') ?? false;
1011
+ // The `agents[]` roster is the authoritative declaration of what a biome
1012
+ // ships; boot-time `crossValidateAgentDeclarations` enforces parity with the
1013
+ // on-disk `agents/*.md` files. Here we only enforce slug uniqueness — there
1014
+ // is no longer a `ships.content` list to cross-check the block against.
1029
1015
  const hasAgents = (value.agents?.length ?? 0) > 0;
1030
- if (shipsAgents && !hasAgents) {
1031
- ctx.addIssue({
1032
- code: 'custom',
1033
- path: ['agents'],
1034
- message:
1035
- 'ships.content includes "agents" — manifest must declare each shipped agent under `agents[]` (slug + mode). The boot-time cross-validator enforces parity with on-disk agents/*.md files.',
1036
- });
1037
- }
1038
- if (!shipsAgents && hasAgents) {
1039
- ctx.addIssue({
1040
- code: 'custom',
1041
- path: ['agents'],
1042
- message:
1043
- 'agents[] is declared but ships.content does not include "agents" — add "agents" to ships.content or remove the agents[] block',
1044
- });
1045
- }
1046
1016
  if (hasAgents) {
1047
1017
  const slugs = new Set<string>();
1048
1018
  value.agents?.forEach((decl, idx) => {
@@ -1058,30 +1028,6 @@ function validateServerBiomeAgentDeclarations(
1058
1028
  }
1059
1029
  }
1060
1030
 
1061
- function validateServerPluginProvisioningDeclarations(
1062
- value: ServerBiomeXema,
1063
- ctx: z.RefinementCtx,
1064
- ): void {
1065
- const shipsProvisioning = value.ships?.content?.includes('provisioningScaffolds') ?? false;
1066
- const hasProvisioning = (value.provisioning?.length ?? 0) > 0;
1067
- if (shipsProvisioning && !hasProvisioning) {
1068
- ctx.addIssue({
1069
- code: 'custom',
1070
- path: ['provisioning'],
1071
- message:
1072
- 'ships.content includes "provisioningScaffolds" — manifest must declare each scaffold under `provisioning[]`',
1073
- });
1074
- }
1075
- if (!shipsProvisioning && hasProvisioning) {
1076
- ctx.addIssue({
1077
- code: 'custom',
1078
- path: ['provisioning'],
1079
- message:
1080
- 'provisioning[] is declared but ships.content does not include "provisioningScaffolds" — add it or remove the provisioning[] block',
1081
- });
1082
- }
1083
- }
1084
-
1085
1031
  const ManifestNameSchema = z
1086
1032
  .string()
1087
1033
  .min(1)
@@ -10,9 +10,9 @@ import {
10
10
 
11
11
  /**
12
12
  * `BiomePermissionsManifest` — the optional `permissions` block of the
13
- * biome manifest (plan §30.2). It carries:
13
+ * biome manifest. It carries:
14
14
  *
15
- * - `defaultProfile`: the built-in `BiomePermissionProfile` (plan §30.3)
15
+ * - `defaultProfile`: the built-in `BiomePermissionProfile`
16
16
  * the install UI suggests by default. Third-party biomes MUST NOT
17
17
  * define new profiles — those are kernel-shipped or org-custom only.
18
18
  * - `hints`: one entry per declared `requiresCapabilities[]` ref. The
@@ -2,9 +2,9 @@ import { z } from 'zod';
2
2
 
3
3
  /**
4
4
  * `BiomeScope` is the closed set of installation scopes a biome may live
5
- * in (plan §4). A biome installed twice — once in `Org` and once in
5
+ * in. A biome installed twice — once in `Org` and once in
6
6
  * `Sandbox` — is two installations with disjoint state (storage,
7
- * grants, audit lineage) per §25.2.
7
+ * grants, audit lineage).
8
8
  *
9
9
  * String values match the on-wire representation used by
10
10
  * `biome-host-api` install records and Object Registry projections.
@@ -2,7 +2,7 @@ import { z } from 'zod';
2
2
 
3
3
  /**
4
4
  * `BiomeTrustTier` is the closed set of provenance tiers a biome may
5
- * carry (plan §21 OQ6). The tier is set at biome publication / install
5
+ * carry. The tier is set at biome publication / install
6
6
  * time and is the primary input to the trust-tier default capability
7
7
  * policy (see `trust-tier-policies.ts`).
8
8
  *
@@ -1,7 +1,7 @@
1
1
  import { BiomeTrustTier } from './biome-trust-tier';
2
2
 
3
3
  /**
4
- * Default capability-policy summary per `BiomeTrustTier` (plan §21 OQ6).
4
+ * Default capability-policy summary per `BiomeTrustTier`.
5
5
  *
6
6
  * This table is NOT the authorization decision — `authorization-api` is
7
7
  * the source of truth at runtime. It is the kernel-shipped default that
@@ -20,7 +20,7 @@ import { BiomeTrustTier } from './biome-trust-tier';
20
20
  * defaults to `requiresApproval=true` on the corresponding capability
21
21
  * call (`biome:install@1`, `biome:promote@1`).
22
22
  * - `allowedEnvironments`: the environment slugs the tier may live in by default —
23
- * one of the eight built-in zones declared in plan §3.4
23
+ * one of the eight built-in zones
24
24
  * (`system | org | project | app | session | sandbox | public |
25
25
  * store-review`). Org admins may relax or tighten this through
26
26
  * custom policy; the kernel default is the conservative baseline.
@@ -6,7 +6,7 @@
6
6
  // This is a POST-SCOPE FILTER applied AFTER implicit-by-scope resolution
7
7
  // (the 5-tier `SkillSpace`/`AgentSpace` precedence): it NARROWS the
8
8
  // already-visible set; it never widens it and it is NOT a parallel
9
- // availability/binding table (see `.claude/rules/skills-and-composition.md`).
9
+ // availability/binding table.
10
10
  //
11
11
  // Why a filter and not a binding table: the ownership model is implicit-by-
12
12
  // scope — a contribution is available because its owning biome is installed
@@ -7,8 +7,8 @@ import {
7
7
  } from './permission-profile';
8
8
 
9
9
  /**
10
- * Manifest shape carried by every `ContributionKind.Capability` envelope
11
- * (plan §6.H#2). One contribution = one capability ref.
10
+ * Manifest shape carried by every `ContributionKind.Capability` envelope.
11
+ * One contribution = one capability ref.
12
12
  *
13
13
  * The shape is intentionally a value-identical subset of
14
14
  * `RegisterCapabilityDto` (the `POST /capabilities/register` body shape on
@@ -52,7 +52,7 @@ export interface CapabilityContributionManifest {
52
52
  /**
53
53
  * Identifier of the EXTERNAL service this capability calls (e.g. a provider
54
54
  * slug like `github` or an MCP server ref). Presence is the signal that the
55
- * invocation needs a brokered external credential (plan §W4 / Pillar 3.2):
55
+ * invocation needs a brokered external credential:
56
56
  * authorization-api runs the credential-binding precedence ladder ONLY for
57
57
  * capabilities that declare it, and the executing gateway resolves a sealed
58
58
  * credential for that service. Absent ⇒ the capability is internal and needs
@@ -35,7 +35,7 @@ export type { SubjectRef, ActingForRef };
35
35
  /**
36
36
  * Per-grant runtime caps. None of these are required at the contract level;
37
37
  * absent fields mean "no platform-imposed limit on this axis". Profiles
38
- * (§30.3) may default some of them; admins may tighten or loosen per row.
38
+ * may default some of them; admins may tighten or loosen per row.
39
39
  */
40
40
  export interface GrantConstraints {
41
41
  maxCallsPerHour?: number;
@@ -55,14 +55,14 @@ export const GrantConstraintsSchema = z.object({
55
55
  }) as z.ZodType<GrantConstraints>;
56
56
 
57
57
  /**
58
- * `CapabilityGrant` is the single row shape `authorization-api` stores
59
- * (per §3.4, §30.5). One grant binds ONE `(subject, capability)` pair to a
58
+ * `CapabilityGrant` is the single row shape `authorization-api` stores.
59
+ * One grant binds ONE `(subject, capability)` pair to a
60
60
  * `resourceGlob`, an allowed-environment set, and optional runtime constraints.
61
61
  *
62
62
  * Wildcards (`kb:*@1`) are NOT represented in `capability` at the contract
63
63
  * level — the kernel grammar in `capability-ref.ts` rejects them. Wildcard
64
64
  * grants are stored as multiple per-verb rows OR as a separate
65
- * domain-wildcard table in `authorization-api`; the choice is a Phase 3
65
+ * domain-wildcard table in `authorization-api`; the choice is an
66
66
  * implementation detail, not a kernel concern.
67
67
  */
68
68
  export interface CapabilityGrant {
@@ -71,7 +71,7 @@ export interface CapabilityGrant {
71
71
  capability: CapabilityRef;
72
72
  /**
73
73
  * Glob over XVFS resource refs, e.g. `xema://org/acme/project/*\/kb/**`.
74
- * Authorization-api owns glob semantics (§30.4).
74
+ * Authorization-api owns glob semantics.
75
75
  */
76
76
  resourceGlob: string;
77
77
  allowedEnvironments: readonly string[];
@@ -10,8 +10,8 @@ export { GrantConstraintsSchema } from './capability-grant';
10
10
 
11
11
  /**
12
12
  * `CapabilityPolicy` is what an `ExecutionEnvironment` carries to advertise the
13
- * capability surface allowed *within* that environment (plan §3.4
14
- * `ExecutionEnvironment.allowedCapabilities[]`).
13
+ * capability surface allowed *within* that environment
14
+ * (`ExecutionEnvironment.allowedCapabilities[]`).
15
15
  *
16
16
  * A environment's policy is a NECESSARY-but-not-sufficient condition for a runtime
17
17
  * call: the environment allows the capability AND the subject has a matching
@@ -2,7 +2,7 @@ import { z } from 'zod';
2
2
  import { CapabilityRefParseError } from './errors';
3
3
 
4
4
  /**
5
- * Canonical Capability Reference grammar (plan §3.3):
5
+ * Canonical Capability Reference grammar:
6
6
  *
7
7
  * `<domain>:<resource>.<verb>@<major>`
8
8
  *
@@ -12,14 +12,14 @@ import { CapabilityRefParseError } from './errors';
12
12
  * - `<domain>` and the first `<resource>` segment match
13
13
  * `/^[a-z][a-z0-9-]*$/` (kebab, must start with a letter).
14
14
  * - The `<resource>.<verb>` portion is one OR MORE `.`-joined kebab segments
15
- * (each segment matches the same shape as `<domain>`). This permits the
16
- * examples in the plan such as `kb:page.read@1`, `connector:scm.merge@1`,
15
+ * (each segment matches the same shape as `<domain>`). This permits
16
+ * examples such as `kb:page.read@1`, `connector:scm.merge@1`,
17
17
  * `document:render.pdf@1`, `connector:tracker.issue.create@1`, AND
18
18
  * nested forms such as `model-resolution:select@1` (single segment after
19
19
  * `:`, where the segment IS the verb on the implicit resource).
20
20
  * - `<major>` is one or more digits (no leading sign, no float). The major
21
21
  * version is part of the ref itself — capability refs version like
22
- * syscalls per §3.3.
22
+ * syscalls.
23
23
  *
24
24
  * Invariants enforced by `parseCapabilityRef` / `CapabilityRefSchema`:
25
25
  *
@@ -7,12 +7,10 @@ import { z } from 'zod';
7
7
  * so callers can branch structurally (no string parsing). The set covers:
8
8
  * - parse-time failures on `CapabilityRef`;
9
9
  * - resolution failures when no contribution implements the ref;
10
- * - the four distinct denial axes specified in §3.4 + §30.5
10
+ * - the four distinct denial axes
11
11
  * (environment, grant, rate-limit, human-approval);
12
12
  * - the "you do not even have a grant row" case that drives `xema why-denied`
13
- * suggestion `request-grant` (§31.8).
14
- *
15
- * Plan-of-record references: §3.3, §30.5, §31.8.
13
+ * suggestion `request-grant`.
16
14
  */
17
15
  export enum CapabilityErrorCode {
18
16
  CapabilityRefInvalid = 'CAPABILITY_REF_INVALID',
@@ -25,7 +23,7 @@ export enum CapabilityErrorCode {
25
23
  AuthorizationUnreachable = 'AUTHORIZATION_UNREACHABLE',
26
24
  /**
27
25
  * The invocation passed authorization but its mandatory audit record
28
- * could not be persisted after retries (Gate E). The gateway refuses the
26
+ * could not be persisted after retries. The gateway refuses the
29
27
  * invocation rather than completing it without an audit trail — surfaced
30
28
  * as a 503 so the caller can retry (the audit write is idempotent on
31
29
  * `auditId`). This is the fail-fast path for the audit sink; it is NEVER
@@ -52,7 +50,7 @@ export enum CapabilityErrorCode {
52
50
  * `externalServiceRef`), but authorization-api's credential-binding
53
51
  * precedence resolved no permitted binding for this invocation — no explicit
54
52
  * grant binding, no capability-descriptor default, and no project/org
55
- * default. Fail-fast (plan §W4 / Pillar 3.2): the PDP returns `deny` with
53
+ * default. Fail-fast: the PDP returns `deny` with
56
54
  * this code rather than letting the invocation run credential-less or letting
57
55
  * a gateway silently pick a credential. The broker NEVER chooses a binding;
58
56
  * the PDP is the single authority.
@@ -66,8 +64,6 @@ export const CapabilityErrorCodeSchema = z.nativeEnum(CapabilityErrorCode);
66
64
  * Discriminated "why" structure for a denial decision. One denial may carry
67
65
  * multiple `CapabilityDenialDetail` entries (e.g. the grant exists but the
68
66
  * resource glob does not match AND the rate-limit is exhausted).
69
- *
70
- * Plan-of-record reference: §31.8.
71
67
  */
72
68
  export interface CapabilityDenialDetail {
73
69
  code: CapabilityErrorCode;
@@ -83,8 +79,6 @@ export const CapabilityDenialDetailSchema = z.object({
83
79
  * Suggestions the Capability Gateway returns so an agent (or a human via
84
80
  * `xema why-denied`) can self-correct without trial-and-error.
85
81
  *
86
- * Plan-of-record reference: §31.8.
87
- *
88
82
  * The discriminator `kind` is a closed set; do NOT widen with free-form
89
83
  * strings.
90
84
  */
@@ -3,14 +3,11 @@ import { z } from 'zod';
3
3
  import { CapabilityRefSchema, type CapabilityRef } from './capability-ref';
4
4
 
5
5
  /**
6
- * Xema OS Phase H — the agent-facing MCP surface collapses to exactly three
6
+ * The agent-facing MCP surface collapses to exactly three
7
7
  * meta-tools. The set is CLOSED — no free-form strings — so we ship the
8
8
  * canonical names as a kernel enum that the router controller, the
9
9
  * mcp-gateway federation bridge, and any downstream client can all agree on.
10
10
  *
11
- * Plan-of-record:
12
- * `.claude/plans/following-up-the-xema-os-plan-md-abstract-stream.md` §6.H
13
- *
14
11
  * The string values are the wire names emitted to OpenCode via the
15
12
  * mcp-gateway federation bridge (`resolveAsMetaTools()`). They are also the
16
13
  * suffix segments of the router HTTP routes:
@@ -28,7 +25,7 @@ export enum MetaToolName {
28
25
  export const MetaToolNameSchema = z.nativeEnum(MetaToolName);
29
26
 
30
27
  /**
31
- * Wire-side audit topic for every meta-tool invocation (Phase H.5). Kept here
28
+ * Wire-side audit topic for every meta-tool invocation. Kept here
32
29
  * — not in a service — so analytics consumers and the router emit the same
33
30
  * string.
34
31
  */
@@ -2,12 +2,12 @@ import { z } from 'zod';
2
2
  import { CapabilityRefSchema, type CapabilityRef } from './capability-ref';
3
3
 
4
4
  /**
5
- * Closed set of built-in permission **Profiles** shipped by the kernel
6
- * (plan §30.3). Profiles are pre-canned `GrantPolicy` templates that an
5
+ * Closed set of built-in permission **Profiles** shipped by the kernel.
6
+ * Profiles are pre-canned `GrantPolicy` templates that an
7
7
  * org admin can apply with one click at biome install time.
8
8
  *
9
9
  * Third-party biomes MUST NOT add profiles (would be a privilege-escalation
10
- * vector — §30.3). Orgs may add **Custom Profiles** stored in
10
+ * vector). Orgs may add **Custom Profiles** stored in
11
11
  * `authorization-api`, but those are runtime data, not kernel enum values.
12
12
  *
13
13
  * String values are kebab-case so they match the on-wire / on-disk
@@ -32,7 +32,7 @@ export const BiomePermissionProfileSchema = z.nativeEnum(
32
32
 
33
33
  /**
34
34
  * Risk tier of a single capability ask, declared by the biome author in
35
- * the manifest (plan §30.1, §30.2). Drives the install-time digest and
35
+ * the manifest. Drives the install-time digest and
36
36
  * default approval requirements (`critical` always requires explicit
37
37
  * approval, regardless of profile).
38
38
  */
@@ -47,7 +47,7 @@ export const CapabilityRiskTierSchema = z.nativeEnum(CapabilityRiskTier);
47
47
 
48
48
  /**
49
49
  * `PermissionHint` — one entry per declared `requiresCapabilities[]` ref
50
- * in the biome manifest's `permissions.hints[]` block (plan §30.2).
50
+ * in the biome manifest's `permissions.hints[]` block.
51
51
  *
52
52
  * The hint is author-facing copy that drives the install-time digest UI;
53
53
  * it does NOT itself grant anything. The grant materialises only when the
@@ -76,8 +76,8 @@ export const PermissionHintSchema = z.object({
76
76
 
77
77
  /**
78
78
  * `PermissionGroup` — author-side bundling of related capabilities so the
79
- * install UI can render "Grant the *kb-read* group" as one toggle
80
- * (plan §30.2). Grants are still recorded per-capability in
79
+ * install UI can render "Grant the *kb-read* group" as one toggle.
80
+ * Grants are still recorded per-capability in
81
81
  * `authorization-api`; the group is pure UX sugar.
82
82
  */
83
83
  export interface PermissionGroup {