npm - agent-cli-runtime - Versions diffs - 0.1.0-alpha.1 → 0.1.0-alpha.2 - Mend

agent-cli-runtime 0.1.0-alpha.1 → 0.1.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/CHANGELOG.md +19 -0
package/README.md +44 -9
package/README.zh-CN.md +44 -9
package/dist/core/schema-contract.d.ts +10 -0
package/dist/core/schema-contract.js +36 -0
package/dist/core/schema-contract.js.map +1 -1
package/docs/api-schema-contract.md +14 -3
package/docs/compatibility.md +82 -30
package/docs/daemon-ready-contract.md +51 -0
package/docs/production-readiness.md +44 -15
package/docs/release-checklist.md +115 -266
package/docs/release-publish-runbook.md +35 -19
package/docs/release-report.md +73 -470
package/docs/ssot.md +47 -31
package/package.json +10 -2

package/docs/release-report.md CHANGED Viewed

@@ -1,517 +1,120 @@
-# Release Report: 0.1.0-alpha.1 corrective alpha candidate
+# Release Report: 0.1.0-alpha.2 Publish Dry-Run
-Status: Post-publish documentation repair candidate with non-package release evidence
-Last updated: 2026-06-23
+Status: `0.1.0-alpha.1` published; `0.1.0-alpha.2` publish-ready release candidate / dry-run stop point
+Last updated: 2026-06-25
-This report records release-candidate, alpha publish-readiness, daemon-ready contract hardening, P3-6 real CLI opt-in smoke evidence, P3-7 API / CLI schema freeze evidence, the P3-11 non-package evidence boundary, and the corrective alpha path for `agent-cli-runtime@0.1.0-alpha.1`. Immutable npm version `0.1.0-alpha.0` was published and has GitHub pre-release `v0.1.0-alpha.0`, but its package docs contain stale pre-publish status text; `0.1.0-alpha.1` is the repair release candidate.
+This report is the packaged, stable release-state summary. Volatile release evidence such as current workflow run ids, artifact ids, artifact digests, tarball hashes, pack hashes, local temporary paths, command transcripts, raw logs, raw CLI output, prompt text, and token-looking values belongs outside the npm package under `.release-evidence/` or durable GitHub Release assets.
-## Verdict
-P3-7 freezes the public root boundary, daemon-facing CLI JSON schema inventory, version bump policy, and failure taxonomy in [docs/api-schema-contract.md](./api-schema-contract.md), with drift tests tying the docs to source-level schema/failure vocabularies.
-P3-11 moves current-head release-candidate run evidence out of packaged docs: volatile run ids, artifact ids, artifact digests, tarball shasums, and pack shasums belong under `.release-evidence/` or durable GitHub Release assets. Packaged docs keep stable rules only: trigger a fresh release-candidate workflow for the commit being considered, download all five artifacts, run `npm run release:verify -- --dir <normalized-artifact-dir>`, verify the workflow head SHA equals that commit, and run `npm publish --dry-run --ignore-scripts --tag alpha` before any separately authorized real publish.
-It preserves the product boundary: no trusted publishing setup, no committed npm token, no daemon/API server, no database/WAL, no remote worker, no UI/telemetry layer, and no authenticated real agent run in default gates. Historical P3-9 run `27943672095` only proves target SHA `65fac505ca3eb830a06d8656068cf4ed5f6dd46a`; Historical P3-9 interim run `27942743285` only proves target SHA `a0299a7d81bb614661922bebc8c75496cf0a3d11` before the strict `fixtures?` package-boundary lock; historical P3-8 run `27940814340` only proves target SHA `eb8de0f9b1edfa3f94c35a50b31005c5d3c105d4`; historical P3-5 run `27932628093` only proves workflow head SHA `8d7bc2a19c626caa1ad5223acbcd35df34aff18e`; historical P2-12 run `27869580048` only proves commit `2f8832119b4ebdb8393077052560589a398ebf56`. The package remains a pre-alpha developer preview, does not claim a stable API, and does not claim OpenDesign daemon parity.
-## P3-11 Current-Head Evidence Boundary
-P3-11 solves the P3-10 self-reference problem by separating stable package docs from volatile current-run evidence:
-- Package docs may describe the release-candidate workflow, required artifacts, verification command, dry-run boundary, human publish gate, and historical evidence as historical only.
-- Package docs must not record the current run id, artifact ids, artifact digests, tarball shasum, npm pack shasum, or private downloaded-artifact paths for the commit being considered.
-- Volatile current-head evidence is recorded under `.release-evidence/`, which is outside `package.json` `files` and is explicitly rejected by package-boundary checks if it appears in npm pack metadata.
-- A release-candidate workflow proves only the commit in its `headSha`. Historical runs must not be reused as proof for later commits.
-- A dry-run is not a real publish. A true npm publish remains human-gated and requires a later explicit authorization.
-## P3-10 Pre-Documentation Alpha Release Candidate Evidence
-P3-10 refreshes release-candidate evidence for pre-documentation HEAD SHA `fdba3ebccb2e57a0ad295101028a2a3937a92204` after the P3-9 evidence-recording repair commit. It does not add runtime APIs, publish npm, configure npm tokens/trusted publishing, execute authenticated real agent runs, or add daemon/API server/database/WAL/remote-worker/UI/telemetry layers.
-This report is the repository-resident evidence packet. The remote workflow evidence is intentionally commit-specific and proves only the pre-documentation SHA above and the tarball produced from that SHA. Run `27945938663` must not be used as final post-documentation publish evidence.
-This repository includes `docs/release-report.md`, `docs/release-checklist.md`, `docs/release-publish-runbook.md`, and other release docs in `package.json` `files`. This means committing this packet changes the package shasum. Any commit that records the P3-10 evidence packet changes packaged content and therefore changes `npm pack` shasum. The final package selected for a real publish must be proven by a fresh release-candidate workflow after committing this packet, then re-downloaded and re-verified before publish.
-Historical runs, including P3-9 run `27943672095`, must not be reused for this stage. The rule for later evidence-recording commits is that each must trigger its own fresh release-candidate run before being described as current release-candidate evidence.
-Evidence target and worktree state before remote trigger:
-- Branch: `main`.
-- Pre-documentation HEAD SHA: `fdba3ebccb2e57a0ad295101028a2a3937a92204`.
-- Initial worktree before the P3-10 remote trigger: clean.
-- Local `main`, `origin/main`, and `HEAD` all resolved to `fdba3ebccb2e57a0ad295101028a2a3937a92204` before triggering the workflow.
-P3-10 local validation evidence on 2026-06-22:
-- `npm run typecheck`: passed.
-- `npm run lint`: passed.
-- `npm test`: passed with 196 tests and 1 skipped installed-package smoke.
-- `npm run build`: passed.
-- `npm run package:check`: passed with `package boundary ok: 151 files checked`.
-- `npm run dogfood`: passed.
-- `npm run daemon:verify`: passed with `schemaVersion: "agent-runtime.daemonVerification.v1"`, `ok: true`, and `packageSource: "installed-tarball"`.
-- `npm run runtime:safety`: passed with `schemaVersion: "agent-runtime.runtimeSafety.v1"`, `ok: true`, and `packageSource: "installed-tarball"`.
-- `npm run release:candidate -- --out-dir /tmp/agent-runtime-p3-10-local-release-candidate`: passed, producing `agent-cli-runtime-0.1.0-alpha.0.tgz`, `npm-pack.json`, `package-files.txt`, `gate-evidence.json`, and `release-verification.json`.
-- `npm run release:verify -- --dir /tmp/agent-runtime-p3-10-local-release-candidate`: passed with `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`, `ok: true`, package file count `151`, five artifact names, empty diagnostics, and gate evidence for `daemon:verify` plus `runtime:safety`.
-- `npm audit --omit=dev`: passed with `found 0 vulnerabilities`.
-- `npm pack --dry-run --json --ignore-scripts`: passed with `151` files and tarball `agent-cli-runtime-0.1.0-alpha.0.tgz`.
-- `npm publish --dry-run --ignore-scripts --tag alpha`: passed as a dry-run; npm reported `Publishing to https://registry.npmjs.org/ with tag alpha and default access (dry-run)` and did not publish.
-- `node ./dist/cli/main.js agents --json`: passed; Codex `codex-cli 0.142.0-alpha.6` and OpenCode `1.15.6` available, Claude Code `2.1.178` available with `auth_missing`.
-- `node ./dist/cli/main.js doctor --json`: passed with `ok: true`; Claude Code remains `auth_missing`.
-- `node ./dist/cli/main.js conformance --mode real --agent all --json`: passed without `--allow-real-run`; Codex and OpenCode reported `real_run_skipped`, Claude Code reported `auth_missing`.
-- `node ./dist/cli/main.js smoke --mode real --agent codex --json`: exited `0` as safe preflight with `schemaVersion: "agent-runtime.realSmoke.v1"`, `ok: false`, and `runClassification: "real_run_skipped"`; no authenticated real run was launched.
-- `git diff --check`: passed.
-Remote workflow pre-documentation evidence:
+## Current State
-- Branch: `main`.
-- Workflow head SHA: `fdba3ebccb2e57a0ad295101028a2a3937a92204`.
-- Trigger command: `gh workflow run release-candidate.yml --ref main`.
-- Run id: `27945938663`.
-- Run URL: `https://github.com/iiwish/agent-cli-runtime/actions/runs/27945938663`.
-- Event: `workflow_dispatch`.
-- Workflow: `Release Candidate`.
-- Run status/conclusion: `completed` / `success`.
-- Run created/updated: `2026-06-22T10:22:12Z` / `2026-06-22T10:23:33Z`.
-- Job `Build release candidate artifacts` id `82690587870`, URL `https://github.com/iiwish/agent-cli-runtime/actions/runs/27945938663/job/82690587870`, started at `2026-06-22T10:22:18Z`, completed at `2026-06-22T10:23:33Z`, and concluded `success`.
-- Steps `Install dependencies`, `Run CI gate`, `Run dogfood gate without authenticated real runs`, `Create npm pack artifact and gate evidence without publishing`, `Upload tarball`, `Upload pack metadata`, `Upload package file list`, `Upload daemon-ready gate evidence`, and `Upload release verification` all concluded `success`.
-- Download directory: `/tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded`.
-- Normalized review directory: `/tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized`.
+- Published npm package: `agent-cli-runtime@0.1.0-alpha.1`.
+- Published GitHub pre-release: `v0.1.0-alpha.1`.
+- `agent-cli-runtime@0.1.0-alpha.0` is deprecated because its immutable package docs shipped stale pre-publish status text.
+- Candidate package metadata in this repository: `agent-cli-runtime@0.1.0-alpha.2`.
+- `0.1.0-alpha.2` has fresh main release-candidate evidence and local publish dry-run evidence.
+- `0.1.0-alpha.2` is not published and must not be described as published until a maintainer separately authorizes a real npm publish.
+- Current npm dist-tags remain `alpha -> 0.1.0-alpha.1` and `latest -> 0.1.0-alpha.1`; while there is no stable version, this is recorded as current pre-alpha registry state rather than release failure evidence.
-Current artifact metadata from the GitHub Actions API:
-| Artifact | GitHub artifact id | Archive size | Digest | Expires |
-| --- | ---: | ---: | --- | --- |
-| `agent-cli-runtime-tarball` | `7789535097` | `225632` bytes | `sha256:698d80cd9ce86643396d7c9305424ac0f85cfe9d11bca654912048ed92118a34` | `2026-07-06T10:23:22Z` |
-| `agent-cli-runtime-pack-metadata` | `7789535626` | `1998` bytes | `sha256:6c902654a5a8ddc8c5cb59c63efd82ef600d81488efc9eab7c98669a3e8eb564` | `2026-07-06T10:23:24Z` |
-| `agent-cli-runtime-package-files` | `7789536134` | `961` bytes | `sha256:18b8adab4fc43d54389137cbdcf6db8e744f0a12c9498f88c0238c759ce39b79` | `2026-07-06T10:23:25Z` |
-| `agent-cli-runtime-gate-evidence` | `7789536677` | `443` bytes | `sha256:458f63ff6b59a7b16ec8a918d7253a12e000563a7f9452ae932924902b6e0179` | `2026-07-06T10:23:27Z` |
-| `agent-cli-runtime-release-verification` | `7789537198` | `649` bytes | `sha256:27e094fd6aad1b317d9073bef75a27336fe08850592c408d8861eb14df6e7633` | `2026-07-06T10:23:28Z` |
-Downloaded artifact normalization:
-```bash
-gh run download 27945938663 --dir /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded
-cp /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded/agent-cli-runtime-tarball/agent-cli-runtime-0.1.0-alpha.0.tgz /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized/
-cp /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded/agent-cli-runtime-pack-metadata/npm-pack.json /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized/
-cp /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded/agent-cli-runtime-package-files/package-files.txt /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized/
-cp /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded/agent-cli-runtime-gate-evidence/gate-evidence.json /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized/
-cp /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/downloaded/agent-cli-runtime-release-verification/release-verification.json /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized/
-npm run release:verify -- --dir /tmp/agent-runtime-p3-10-current-head-remote-66VIhN/normalized
-```
-Downloaded artifact re-verification result:
-- `schemaVersion`: `agent-cli-runtime.releaseVerification.v1`
-- `ok`: `true`
-- diagnostics: empty
-- package file count: `151`
-- artifact names: `agent-cli-runtime-tarball`, `agent-cli-runtime-pack-metadata`, `agent-cli-runtime-package-files`, `agent-cli-runtime-gate-evidence`, `agent-cli-runtime-release-verification`
-- tarball: `agent-cli-runtime-0.1.0-alpha.0.tgz`
-- tarball size: `225378` bytes
-- tarball sha256: `b8a9c2beaaed18dd238c27065285362d1c3380e04be57d5f9cec7b198ddd786d`
-- npm pack shasum: `513efc70dcc17d2ef58caed070dcf27a7a0eb90d`
-- npm pack integrity: `sha512-mOpm9L3FbT+24WgKBQxKvbv90V/3odgekzBYmjPdIl4KzW4U0+P6yHk+02FC8ba1Tm1d6fgERoGqwsTiHC5uEA==`
-- package name/version: `agent-cli-runtime@0.1.0-alpha.0`
-- gate evidence schema: `agent-cli-runtime.releaseGateEvidence.v1`
-- gate evidence commands: `npm run daemon:verify`, `npm run runtime:safety`
-- gate evidence package source: both `installed-tarball`
-- gate evidence flags: `noAuthenticatedRealRun: true`, `noNpmPublish: true`, `noNpmToken: true`
-- package file review: 151 entries and no `.reference/`, `tests/`, fixture paths, raw real CLI output, private paths, token-looking values, Bearer values, or auth env assignments.
-## 0.1.0-alpha.1 Corrective Alpha Publish Packet
-Current package candidate: `agent-cli-runtime@0.1.0-alpha.1`.
-Dry-run checkpoint before a separately authorized publish:
-```bash
-npm publish --dry-run --ignore-scripts --tag alpha
-```
-The real publish commands below must not be executed unless the user gives explicit publish authorization for this immutable version:
-```bash
-npm publish --tag alpha
-npm publish --tag alpha --access public
-```
-Before any future real publish, a maintainer must manually confirm:
+## Verdict
-- `git rev-parse HEAD` and `git rev-parse origin/main` still match the intended reviewed SHA.
-- After committing this corrective package-doc update, trigger a fresh `.github/workflows/release-candidate.yml` run for the new commit and verify that `gh run view <new-run-id> --json headSha,status,conclusion,url,jobs` shows that exact commit SHA and success.
-- Do not use run `27945938663` or run `27998762396` as final publish evidence for a later corrective commit; each run proves only its own workflow `headSha`.
-- `npm run typecheck`, `npm run lint`, `npm test`, `npm run build`, `npm run package:check`, `npm run dogfood`, `npm run daemon:verify`, `npm run runtime:safety`, `npm run release:candidate -- --out-dir <tmp>`, `npm run release:verify -- --dir <tmp>`, `npm audit --omit=dev`, `npm pack --dry-run --json --ignore-scripts`, `npm publish --dry-run --ignore-scripts --tag alpha`, `node ./dist/cli/main.js agents --json`, `node ./dist/cli/main.js doctor --json`, and `git diff --check` pass.
-- `npm publish --dry-run --ignore-scripts --tag alpha` reports dry-run mode and `tag alpha`; if it reports `latest`, stop.
-- `npm view agent-cli-runtime@0.1.0-alpha.1 version --json` does not show an already-created immutable version before publish.
-- `npm dist-tag ls agent-cli-runtime` is captured after publish; if npm keeps `latest` on the only published pre-alpha version, record the exact tag state.
-- npm 2FA or the package's configured publish policy is ready for the maintainer account.
-- Trusted publishing is not configured for P3-10. A future trusted-publishing path would need a separate publish workflow, npm-side trusted publisher configuration, and explicit `id-token: write`; none of that is present in this release-candidate workflow.
-- Manual local publish must not claim GitHub Actions provenance. Provenance is a future trusted-publishing concern, not a P3-10 dry-run claim.
+`0.1.0-alpha.2` is ready to be treated as a publish-ready release candidate after fresh main release-candidate evidence, downloaded artifact verification, and local publish dry-run verification. It remains human-controlled:
-Post-publish checks for a separately authorized future publish:
+- no real `npm publish` is performed without explicit maintainer authorization;
+- no GitHub Release is created without explicit maintainer authorization;
+- no npm token, `NODE_AUTH_TOKEN`, trusted publishing setup, or publish workflow secret is added;
+- no authenticated real Codex/Claude/OpenCode run is launched by default gates;
+- `.release-evidence/` and `.reference/` stay outside npm package contents;
+- this package remains a local-first runtime/kernel, not a hosted daemon, control plane, API server, database/WAL, web UI, telemetry system, or remote worker.
-```bash
-npm view agent-cli-runtime@0.1.0-alpha.1 version dist-tags --json
-npm dist-tag ls agent-cli-runtime
-```
-Rollback boundary:
-- If only the dist-tag is wrong, use `npm dist-tag add agent-cli-runtime@0.1.0-alpha.1 alpha` and, only after confirming it points at an unintended pre-alpha, `npm dist-tag rm agent-cli-runtime latest`.
-- If package contents are wrong, publish a new corrected pre-release version; npm does not allow overwriting `agent-cli-runtime@0.1.0-alpha.1`.
-- Use `npm unpublish agent-cli-runtime@0.1.0-alpha.1` only if npm policy allows it and a maintainer accepts the registry impact; otherwise deprecate the bad version.
-## P3-7 API / CLI Schema Freeze
-P3-7 changes documentation and drift protection for existing public/CLI contracts:
-- Added [docs/api-schema-contract.md](./api-schema-contract.md) as the schema inventory and versioning policy entrypoint.
-- Public root value export remains `createAgentRuntime`; public type exports remain source-compatible package-root imports for the runtime facade, run/goal records, replay/event envelopes, diagnostics/store shapes, and adapter-authoring types.
-- Internal `dist/**` files may exist in the package, but subpath imports into storage/parser/adapter implementation are not documented API.
-- Frozen schema inventory: `agent-runtime.event.v1`, `agent-runtime.diagnostics.v1`, `agent-runtime.conformance.v1`, `agent-runtime.realSmoke.v1`, `agent-runtime.storeHealth.v1`, `agent-runtime.storeRepair.v1`, `agent-runtime.cliError.v1`, `agent-cli-runtime.releaseVerification.v1`, and `agent-cli-runtime.releaseGateEvidence.v1`.
-- Version bump policy: optional additive fields may stay in-schema; field removal/rename/type or semantic changes require a schema version bump; terminal reason/classification vocabulary changes require docs, tests, and a migration note.
-- Failure taxonomy remains explicit: skipped evidence is not success, `auth_missing` is not unavailable, and `needs_verification` is not guessed into flag support.
-- Default gates still do not pass `--allow-real-run`.
-P3-7 local validation evidence on 2026-06-22:
-- `npm run typecheck`: passed.
-- `npm run lint`: passed.
-- `npm test`: passed with 196 tests and 1 skipped installed-package smoke.
-- `npm run build`: passed.
-- `npm run package:check`: passed with `package boundary ok: 151 files checked`.
-- `node ./dist/cli/main.js agents --json`: passed; Codex and OpenCode available, Claude Code available with `auth_missing`.
-- `node ./dist/cli/main.js doctor --json`: passed with `ok: true`; Claude Code remains `auth_missing`.
-- `node ./dist/cli/main.js conformance --mode real --agent all --json`: passed without `--allow-real-run`; Codex and OpenCode reported `real_run_skipped`, Claude Code reported `auth_missing`.
-- `node ./dist/cli/main.js smoke --mode real --agent codex --json`: passed as safe preflight and reported `real_run_skipped`.
-- `git diff --check`: passed.
-## P3-6 Real CLI Opt-In Smoke Evidence
-P3-6 changes how real smoke evidence is requested and reviewed:
-- `node ./dist/cli/main.js smoke --mode real --agent <id> --json` does not launch a real agent run; it emits `schemaVersion: "agent-runtime.realSmoke.v1"` with `runClassification: "real_run_skipped"` or another preflight classification.
-- Authenticated real runs require `--allow-real-run` and expected text, for example `node ./dist/cli/main.js smoke --mode real --agent codex --allow-real-run --expect-text <safe_text> --json`.
-- The same command shape is documented for Codex, Claude Code, and OpenCode.
-- The summary includes `adapter`, `version`, `auth`, `modelsSource`, `runClassification`, `expectedTextMatched`, redacted/truncated `observedTextTail`, `cwdMutationChecked`, `cwdMutated`, `diagnosticsCount`, `skippedReason`, and `failureReason`.
-- The summary excludes prompt text, token values, private cwd, raw stdout/stderr, and final run records.
-- A custom `--prompt` or `--prompt-file` without `--expect-text` cannot pass on exit `0`; it is classified as `unexpected_output`.
-- Preflight/run classifications include `auth_missing`, `unavailable_executable`, `unsupported_flag`, `unexpected_output`, `cwd_mutated`, `needs_verification`, and `real_run_skipped`.
-- Claude Anthropic-compatible provider docs use environment variable names and placeholders only; no real token value, provider URL, or private model alias is committed.
-- `.github/workflows/ci.yml`, `.github/workflows/release-candidate.yml`, `scripts/dogfood.mjs`, `scripts/create-release-candidate.mjs`, and `package.json` remain free of `--allow-real-run`.
-P3-6 local validation evidence on 2026-06-22:
-- `npm run typecheck`: passed.
-- `npm run lint`: passed.
-- `npm test`: passed with 191 tests and 1 skipped installed-package smoke.
-- `npm run build`: passed.
-- `npm run package:check`: passed with `package boundary ok: 147 files checked`.
-- `node ./dist/cli/main.js conformance --mode real --agent all --json`: passed without `--allow-real-run`; Codex and OpenCode reported `real_run_skipped`, Claude Code reported `auth_missing`.
-- `node ./dist/cli/main.js smoke --mode real --agent codex --json`: passed as safe preflight and reported `real_run_skipped`.
-- `node ./dist/cli/main.js smoke --mode real --agent codex --allow-real-run --expect-text "agent-runtime real smoke ok" --timeout-ms 120000 --json`: completed with `runClassification: "success"`, `expectedTextMatched: true`, and `cwdMutated: false`. A 30s default-timeout retry can still classify as `timeout` in this environment.
-- `node ./dist/cli/main.js smoke --mode real --agent claude --allow-real-run --expect-text "agent-runtime real smoke ok" --json`: completed with `runClassification: "auth_missing"` before launch.
-- `node ./dist/cli/main.js smoke --mode real --agent opencode --allow-real-run --expect-text "agent-runtime real smoke ok" --timeout-ms 120000 --json`: completed with `runClassification: "success"`, `expectedTextMatched: true`, and `cwdMutated: false`. A 30s default-timeout retry can still classify as `timeout` in this environment.
-## Historical P3-5 Remote Release Evidence Closure
-P3-5 closed the P3-4 remote evidence gap for its workflow head SHA. It remains historical evidence only and does not prove the P3-8, P3-9, or P3-10 target SHA.
-Workflow evidence target:
-- Branch: `main`.
-- Workflow head SHA: `8d7bc2a19c626caa1ad5223acbcd35df34aff18e`.
-- Trigger command: `gh workflow run release-candidate.yml --ref main`.
-- Run id: `27932628093`.
-- Run URL: `https://github.com/iiwish/agent-cli-runtime/actions/runs/27932628093`.
-- Event: `workflow_dispatch`.
-- Workflow: `Release Candidate`.
-- Run status/conclusion: `completed` / `success`.
-- Run created/updated: `2026-06-22T05:56:49Z` / `2026-06-22T05:57:59Z`.
-- Job `Build release candidate artifacts` started at `2026-06-22T05:56:53Z`, completed at `2026-06-22T05:57:58Z`, and concluded `success`.
-- Steps `Install dependencies`, `Run CI gate`, `Run dogfood gate without authenticated real runs`, `Create npm pack artifact and gate evidence without publishing`, `Upload tarball`, `Upload pack metadata`, `Upload package file list`, `Upload daemon-ready gate evidence`, and `Upload release verification` all concluded `success`.
-- Download directory: `/tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded`.
-- Normalized review directory: `/tmp/agent-runtime-p3-5-remote-7rkBqm/normalized`.
-Historical artifact metadata from the GitHub Actions API:
-| Artifact | GitHub artifact id | Archive size | Digest | Expires |
-| --- | ---: | ---: | --- | --- |
-| `agent-cli-runtime-tarball` | `7784276720` | `206911` bytes | `sha256:8f7c4b8d9aa4aee9f375fcbf1de5644884d388693832ed42310dfc41a48e6270` | `2026-07-06T05:57:52Z` |
-| `agent-cli-runtime-pack-metadata` | `7784276910` | `1960` bytes | `sha256:c28f03b875ca489eee15f0867d4dd309f0dbc46a2ed9184f61be8fc5f5b1e773` | `2026-07-06T05:57:53Z` |
-| `agent-cli-runtime-package-files` | `7784277102` | `947` bytes | `sha256:7bff251b88d155027061de0e32a2f065e4614e61d2cc1cdceabbf9333fae4e03` | `2026-07-06T05:57:54Z` |
-| `agent-cli-runtime-gate-evidence` | `7784277275` | `443` bytes | `sha256:ddb608e25f79489f16604a01de10a2ab0664721636b1f20448e18adcd369caf2` | `2026-07-06T05:57:55Z` |
-| `agent-cli-runtime-release-verification` | `7784277464` | `649` bytes | `sha256:c97a91bb356a1934d82ebcc69404ad614968a2ab3904a6e9d5871bd8c818ed78` | `2026-07-06T05:57:56Z` |
-Downloaded artifact normalization:
-```bash
-gh run download 27932628093 --dir /tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded
-cp /tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded/agent-cli-runtime-tarball/agent-cli-runtime-0.1.0-alpha.0.tgz /tmp/agent-runtime-p3-5-remote-7rkBqm/normalized/
-cp /tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded/agent-cli-runtime-pack-metadata/npm-pack.json /tmp/agent-runtime-p3-5-remote-7rkBqm/normalized/
-cp /tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded/agent-cli-runtime-package-files/package-files.txt /tmp/agent-runtime-p3-5-remote-7rkBqm/normalized/
-cp /tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded/agent-cli-runtime-gate-evidence/gate-evidence.json /tmp/agent-runtime-p3-5-remote-7rkBqm/normalized/
-cp /tmp/agent-runtime-p3-5-remote-7rkBqm/downloaded/agent-cli-runtime-release-verification/release-verification.json /tmp/agent-runtime-p3-5-remote-7rkBqm/normalized/
-npm run release:verify -- --dir /tmp/agent-runtime-p3-5-remote-7rkBqm/normalized
-```
+## P7-3 Alpha.2 Publish Dry-Run Flow
-Downloaded artifact re-verification result:
-- `schemaVersion`: `agent-cli-runtime.releaseVerification.v1`
-- `ok`: `true`
-- diagnostics: empty
-- package file count: `147`
-- local `npm pack --dry-run --json --ignore-scripts` file count at review: `147`
-- artifact names: `agent-cli-runtime-tarball`, `agent-cli-runtime-pack-metadata`, `agent-cli-runtime-package-files`, `agent-cli-runtime-gate-evidence`, `agent-cli-runtime-release-verification`
-- tarball: `agent-cli-runtime-0.1.0-alpha.0.tgz`
-- tarball size: `206662` bytes
-- tarball sha256: `6e7711a275a1d58e862809e4dd5d34c76cf79ca5f812af1e16872ea54b97542c`
-- npm pack shasum: `3ee52f4b97131527de752651f5a395b769ccf7c0`
-- package name/version: `agent-cli-runtime@0.1.0-alpha.0`
-- gate evidence schema: `agent-cli-runtime.releaseGateEvidence.v1`
-- gate evidence commands: `npm run daemon:verify`, `npm run runtime:safety`
-- gate evidence package source: both `installed-tarball`
-- gate evidence flags: `noAuthenticatedRealRun: true`, `noNpmPublish: true`, `noNpmToken: true`
-P3-5 local sanity evidence on 2026-06-22:
-- `git diff --check`: passed before P3-5 doc/test edits.
-- `node ./dist/cli/main.js agents --json`: passed; Codex `codex-cli 0.142.0-alpha.6` and OpenCode `1.15.6` available, Claude Code `2.1.178` available with `auth_missing`.
-- `node ./dist/cli/main.js doctor --json`: passed with `ok: true`; Claude Code remains `auth_missing`.
-- `node ./dist/cli/main.js conformance --mode real --agent all --json`: passed without `--allow-real-run`; Codex and OpenCode reported `real_run_skipped` / `real_run_not_allowed`, Claude Code reported `auth_missing`. No authenticated real agent run was launched.
-## P3-4 CI / Release Gate Alignment
-P3-4 is local-first release gate alignment, not a new runtime feature and not an npm publication:
-- CI matrix: `.github/workflows/ci.yml` keeps Node.js 20/22/24 for typecheck, lint, tests, build, production dependency audit, package boundary checks, and pack dry-run.
-- Single-Node release gates: CI now runs `npm run daemon:verify`, `npm run runtime:safety`, and `npm run dogfood` once on Node.js 22 to avoid repeating installed-package gates across the matrix.
-- Release-candidate workflow: `.github/workflows/release-candidate.yml` remains manual `workflow_dispatch`, runs `npm ci`, `npm run ci`, `npm run dogfood`, then runs `npm run release:candidate -- --out-dir release-candidate`.
-- Candidate artifacts: `release:candidate` writes `npm-pack.json`, `package-files.txt`, `gate-evidence.json`, the tarball, and `release-verification.json`.
-- Gate evidence schema: `gate-evidence.json` uses `schemaVersion: "agent-cli-runtime.releaseGateEvidence.v1"` and records `npm run daemon:verify` plus `npm run runtime:safety` with installed-package output schema versions.
-- Verifier: `release:verify` requires `gate-evidence.json`; missing or incomplete daemon-ready gate evidence fails verification while package boundary, private path, token-looking value, Bearer, and auth env checks remain active.
-- Boundary: workflows still contain no `npm publish`, no `NODE_AUTH_TOKEN` / `NPM_TOKEN`, no trusted-publishing credential setup, and no `--allow-real-run`.
-Remote P3-4 evidence was pending until P3-5. P3-5 run `27932628093` is the historical workflow-head evidence closure for the five-artifact set.
-## P3-1 Daemon-Ready Contract Hardening
-P3-1 is a post-P2-13 contract freeze, not a new release publication:
-- New embedding contract: [docs/daemon-ready-contract.md](./daemon-ready-contract.md).
-- Runtime positioning: local-first execution kernel for daemon/product shell embedding, not hosted control plane.
-- Root value API boundary: still `createAgentRuntime` only.
-- Schema freeze: event envelope `agent-runtime.event.v1`, diagnostics bundle `agent-runtime.diagnostics.v1`, conformance report `agent-runtime.conformance.v1`, store health `agent-runtime.storeHealth.v1`, store repair `agent-runtime.storeRepair.v1`, and CLI JSON error `agent-runtime.cliError.v1`.
-- Compatibility rule: optional fields may be added in-schema; removing, renaming, changing type, or changing stable semantics requires a schema bump.
-- Failure taxonomy: event terminal reasons remain stable; CLI/conformance classifications such as `real_run_skipped`, `unsupported_flag`, `unexpected_output`, `cwd_mutated`, `needs_verification`, and `unavailable_executable` remain explicit evidence states rather than being converted to success.
-- Non-goals: no daemon/API server, no database/WAL, no remote worker, no UI/artifact layer, no telemetry, no npm publish, no publish workflow, no npm token/trusted publishing configuration.
-P3-1 local validation on 2026-06-22:
-- `npm run typecheck`: passed.
-- `npm run lint`: passed.
-- `npm test`: passed with 173 tests across 9 files.
-- `npm run build`: passed.
-- `npm run package:check`: passed with `package boundary ok: 147 files checked`.
-- `npm run release:candidate -- --out-dir /tmp/agent-runtime-p3-1-G8WgWS`: passed, producing `agent-cli-runtime-0.1.0-alpha.0.tgz`.
-- `npm run release:verify -- --dir /tmp/agent-runtime-p3-1-G8WgWS`: passed with `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`, `ok: true`, package file count `147`, and empty diagnostics.
-- `npm pack --dry-run`: passed with total files `147` and `docs/daemon-ready-contract.md` included.
-- `node ./dist/cli/main.js agents --json`: passed.
-- `node ./dist/cli/main.js doctor --json`: passed with `ok: true`; Claude Code remains `auth_missing`, which is expected local auth evidence rather than real-run success.
-- `node ./dist/cli/main.js conformance --mode real --agent all --json`: passed without `--allow-real-run`; Codex `0.142.0-alpha.6` and OpenCode `1.15.6` reported `real_run_skipped`, Claude Code `2.1.178` reported `auth_missing`.
-- `git diff --check`: passed.
-- `npm publish --dry-run` was not run for P3-1 because this stage does not change publish readiness or perform publish simulation.
-## P2-13 Alpha Publish Readiness
-Decision state:
-- npm publication: not performed.
-- Package metadata: `repository`, `homepage`, and `bugs` are present alongside the existing package entrypoint, files, engines, keywords, and `publishConfig.tag: "alpha"`.
-- Public API boundary: package root value export remains `createAgentRuntime` only; public types remain declaration/type surface.
-- Publish runbook: [docs/release-publish-runbook.md](./release-publish-runbook.md) records dry-run, real publish commands, human confirmation points, dist-tag checks, rollback/deprecation/unpublish boundaries, 2FA, trusted publishing, provenance, and token strategy.
-- Workflow strategy: `.github/workflows/ci.yml` and `.github/workflows/release-candidate.yml` remain artifact/check workflows only. They do not run `npm publish`, do not configure registry credentials, and do not require npm tokens.
-- Token/provenance/2FA decision: prefer future trusted publishing through a dedicated publish workflow and npm-side trusted publisher configuration; for a first manual alpha, use interactive maintainer publish with npm 2FA and no committed tokens. Trusted publishing is not configured in P2-13, and local manual publish must not claim GitHub Actions provenance.
-- Dist-tag decision: future real publish must use `--tag alpha`; `latest` must not move for this pre-alpha package.
-- Rollback decision: wrong dist-tags are fixed with `npm dist-tag`; unsafe package content requires a new version, deprecation, or npm-policy-eligible unpublish. The same `name@version` cannot be overwritten.
-P2-13 local validation on 2026-06-22:
-- `npm run typecheck`: passed.
-- `npm run lint`: passed.
-- `npm test`: passed with 172 tests across 9 files.
-- `npm run build`: passed.
-- `npm run package:check`: passed with `package boundary ok: 146 files checked`.
-- `npm run release:candidate -- --out-dir <tmp-dir>`: passed, producing `agent-cli-runtime-0.1.0-alpha.0.tgz`.
-- `npm run release:verify -- --dir <tmp-dir>`: passed with `schemaVersion: "agent-cli-runtime.releaseVerification.v1"`, `ok: true`, package file count `146`, and empty diagnostics.
-- `npm pack --dry-run`: passed with total files `146` and `docs/release-publish-runbook.md` included.
-- `npm publish --dry-run --ignore-scripts --tag alpha`: passed as a dry-run. npm reported `Publishing to https://registry.npmjs.org/ with tag alpha and default access (dry-run)` and did not publish.
-- `node ./dist/cli/main.js agents --json`: passed.
-- `node ./dist/cli/main.js doctor --json`: passed with `ok: true`; Claude Code remains `auth_missing`, which is expected local auth evidence rather than real-run success.
-- `git diff --check`: passed.
-## Local Verification Commands
-Run these from the repository root:
+The human-controlled alpha.2 path is:
 ```bash
 npm run typecheck
 npm run lint
 npm test
-npm run build
 npm run package:check
-npm run dogfood
-npm run prepublish:check
-npm run release:candidate -- --out-dir release-candidate
-npm run release:verify -- --dir release-candidate
+npm run compat:real:evidence:verify
+npm run release:candidate -- --out-dir <tmp-dir>
+npm run release:verify -- --dir <tmp-dir>
 npm pack --dry-run
 npm publish --dry-run --ignore-scripts --tag alpha
 node ./dist/cli/main.js agents --json
 node ./dist/cli/main.js doctor --json
-node ./dist/cli/main.js conformance --mode real --agent all --json
-node ./dist/cli/main.js smoke --mode real --agent codex --json
-node ./dist/cli/main.js smoke --mode real --agent codex --allow-real-run --expect-text "agent-runtime real smoke ok" --json
 git diff --check
 ```
-`npm publish --dry-run --ignore-scripts --tag alpha` is a local manual safety check only. The explicit `--tag alpha` is required so dry-run output matches the pre-alpha release intent instead of reporting `latest`. Do not add it as a required CI gate unless npm dry-run output is proven stable for this repository and registry context.
+The dry-run command is the current stop point:
-## Remote CI Evidence
-P2-12 remote audit evidence on 2026-06-20:
-- Local branch: `main`.
-- Remote branch: `main`.
-- Commit SHA: `2f8832119b4ebdb8393077052560589a398ebf56`.
-- `gh auth status` succeeded with workflow-capable GitHub CLI credentials.
-- `gh workflow run release-candidate.yml --ref main` created run `27869580048`.
-- Run URL: `https://github.com/iiwish/agent-cli-runtime/actions/runs/27869580048`.
-- Event: `workflow_dispatch`.
-- Workflow: `Release Candidate`.
-- Run status/conclusion: `completed` / `success`.
-- Run created: `2026-06-20T11:19:33Z`.
-- Run updated: `2026-06-20T11:20:40Z`.
-- Job `Build release candidate artifacts` started at `2026-06-20T11:19:37Z`, completed at `2026-06-20T11:20:39Z`, and concluded `success`.
-- The workflow steps `Install dependencies`, `Run CI gate`, `Run dogfood gate without authenticated real runs`, `Create npm pack artifact without publishing`, and all four artifact upload steps concluded `success`.
-- GitHub emitted a non-blocking annotation that the referenced actions still target deprecated Node.js 20 internals while the runner forces Node.js 24 for those actions.
-Expected remote evidence:
-- `.github/workflows/ci.yml` runs typecheck, lint, tests, build, production dependency audit, package boundary check, and `npm pack --dry-run` on Node.js 20/22/24.
-- The CI release-gates job runs once on Node.js 22 and executes `npm run daemon:verify`, `npm run runtime:safety`, and `npm run dogfood` without passing `--allow-real-run`.
-- `.github/workflows/release-candidate.yml` is manual `workflow_dispatch` only.
-- The release-candidate workflow runs `npm ci`, `npm run ci`, `npm run dogfood`, creates npm pack metadata and daemon-ready gate evidence through `npm run release:candidate`, verifies the generated artifacts through `npm run release:verify`, and uploads artifacts.
-- No workflow runs `npm publish`, sets `NODE_AUTH_TOKEN`, or requires an npm token.
-P2-13 keeps those workflow guarantees and does not add a publish workflow.
+```bash
+npm publish --dry-run --ignore-scripts --tag alpha
+```
-Remote GitHub Actions evidence for the P3-10 pre-documentation release-candidate target is run `27945938663` on SHA `fdba3ebccb2e57a0ad295101028a2a3937a92204`. It must not be reused as final publish evidence after this packaged evidence packet is committed. Historical P3-9 run `27943672095` only proves target SHA `65fac505ca3eb830a06d8656068cf4ed5f6dd46a`; historical P3-9 interim run `27942743285` only proves target SHA `a0299a7d81bb614661922bebc8c75496cf0a3d11` before the strict `fixtures?` package-boundary lock; historical P3-8 run `27940814340` only proves target SHA `eb8de0f9b1edfa3f94c35a50b31005c5d3c105d4`; historical P3-5 run `27932628093` only proves workflow head SHA `8d7bc2a19c626caa1ad5223acbcd35df34aff18e`; historical P2-12 run `27869580048` must not be reused as evidence for later release-candidate targets.
+It must show a dry run with `tag alpha`. A real publish requires a separate explicit maintainer authorization after fresh current-head release-candidate evidence passes.
 ## Release-Candidate Artifacts
-The manual release-candidate workflow uploads:
-- `agent-cli-runtime-tarball`: the packed `agent-cli-runtime-0.1.0-alpha.0.tgz` tarball.
-- `agent-cli-runtime-pack-metadata`: `release-candidate/npm-pack.json` from `npm pack --json`.
-- `agent-cli-runtime-package-files`: `release-candidate/package-files.txt`, one packed package path per line.
-- `agent-cli-runtime-gate-evidence`: `release-candidate/gate-evidence.json` from `npm run release:candidate`.
-- `agent-cli-runtime-release-verification`: `release-candidate/release-verification.json` from `npm run release:verify`.
+`npm run release:candidate -- --out-dir <tmp-dir>` writes five review artifacts:
-Artifacts are retained for 14 days to keep the audit window explicit while avoiding long-lived stale release-candidate evidence.
+- `agent-cli-runtime-tarball`
+- `agent-cli-runtime-pack-metadata`
+- `agent-cli-runtime-package-files`
+- `agent-cli-runtime-gate-evidence`
+- `agent-cli-runtime-release-verification`
-The P3-10 artifact set has five artifacts and all were re-verified from downloaded GitHub Actions artifacts. The P2-12 downloaded artifact table below is retained as historical evidence for commit `2f8832119b4ebdb8393077052560589a398ebf56`; it predates `agent-cli-runtime-gate-evidence` and must not be reused as current release-candidate evidence.
+`npm run release:verify -- --dir <tmp-dir>` emits `schemaVersion: "agent-cli-runtime.releaseVerification.v1"` and must return `ok: true` with empty diagnostics before the candidate can proceed.
-Downloaded artifact evidence from run `27869580048`:
+`gate-evidence.json` must use `schemaVersion: "agent-cli-runtime.releaseGateEvidence.v1"` and include:
-| Artifact | GitHub artifact id | Archive size | Digest | Expires |
-| --- | ---: | ---: | --- | --- |
-| `agent-cli-runtime-tarball` | `7764861497` | `187609` bytes | `sha256:db669f9ccf34873ec1619c9d7fe1669a2bdc49a4de64a7e183c1d8fe5f1a4aea` | `2026-07-04T11:20:35Z` |
-| `agent-cli-runtime-pack-metadata` | `7764861577` | `1921` bytes | `sha256:0b02f459bd8bdf87c1787ecc43b2a748e27841bd59092b2e72b405970503250f` | `2026-07-04T11:20:36Z` |
-| `agent-cli-runtime-package-files` | `7764861640` | `924` bytes | `sha256:9b3d5b591520d5c86723e6cb47c1bf24d11723b85d17251b4cc2095115608c52` | `2026-07-04T11:20:37Z` |
-| `agent-cli-runtime-release-verification` | `7764861710` | `444` bytes | `sha256:56cb8a125a27b88b816762b6cc9ed5320da66fcc26040c4fa4fec39faec2cf99` | `2026-07-04T11:20:37Z` |
+- `daemon:verify`
+- `runtime:safety`
+- `compat:real:evidence:verify`
-`gh run download 27869580048` downloaded artifacts into one subdirectory per artifact name. The downloaded files were copied into a temporary normalized review directory so the verifier could inspect `npm-pack.json`, `package-files.txt`, `release-verification.json`, and the tarball together.
+The gate evidence must keep `noAuthenticatedRealRun`, `noNpmPublish`, and `noNpmToken` true.
-Downloaded artifact re-verification:
-```bash
-npm run release:verify -- --dir /tmp/agent-runtime-p2-12-remote-5P5MSc/normalized
-```
-Result:
-- `schemaVersion`: `agent-cli-runtime.releaseVerification.v1`
-- `ok`: `true`
-- package file count: `145`
-- tarball: `agent-cli-runtime-0.1.0-alpha.0.tgz`
-- tarball size: `187378` bytes
-- tarball sha256: `3701bd6355651bbc200d5c017a9b01c3dd7136140b64dee0781e6eb601a7a657`
-- package name/version: `agent-cli-runtime@0.1.0-alpha.0`
-- diagnostics: empty
-## Local Artifact Generation And Verification
-Generate the same artifact shape locally without publishing:
-```bash
-npm run release:candidate -- --out-dir release-candidate
-```
-The command writes `npm-pack.json`, `package-files.txt`, `gate-evidence.json`, the tarball, and `release-verification.json` to the chosen directory. It does not run `npm publish` and should not leave a tarball in the repository root.
-Verify a local or downloaded artifact directory:
+## Package Boundary
-```bash
-npm run release:verify -- --dir release-candidate
-```
+The npm package may include stable docs, examples, `dist/`, and the runtime entrypoints. It must not include:
-The verification JSON uses `schemaVersion: "agent-cli-runtime.releaseVerification.v1"` and reports `ok`, `checkedFiles`, `tarball`, `diagnostics`, `artifactNames`, `packageName`, and `version`. Paths and secret-looking values in diagnostics are redacted.
+- `.release-evidence/`
+- `.reference/`
+- `tests/`
+- `tests/fixtures/`
+- fault fixtures
+- raw real CLI output
+- local temporary review directories
+- private user paths
+- raw prompts or full command transcripts
+- token-looking values, Bearer values, or auth environment assignment values
-## Artifact Review Checklist
+`npm run package:check`, `npm pack --dry-run`, and `npm run release:verify -- --dir <tmp-dir>` enforce this boundary.
-Review the uploaded package file list and pack metadata before treating the candidate as shippable:
+## P6 Evidence Boundary
-- No `.reference/`.
-- No `tests/` or fixture directories.
-- No fault fixtures.
-- No `repair-backups/`.
-- No raw corrupt samples.
-- No raw real CLI output.
-- No real private paths.
-- No token-looking values, Bearer values, or auth env assignment values.
-- Includes `docs/daemon-ready-contract.md`.
-- Includes `dist/`, README files, LICENSE, docs, examples, `scripts/dogfood.mjs`, and release docs.
-- Includes `docs/release-publish-runbook.md`.
-- Package root value API remains limited to `createAgentRuntime`; public TypeScript types remain type exports.
+P6 added the offline real compatibility evidence verifier and proved that the release-candidate gate can carry compatibility evidence without launching authenticated real agent runs. The current packaged report records only the stable rule:
-## Package Boundary
+- `compat:real:evidence:verify` is part of `prepublish:check` and `release:candidate`;
+- the verifier reads repo-only evidence under `.release-evidence/`;
+- `dogfood` and normal CI do not depend on repo-only compatibility evidence;
+- release gate summaries keep only command, ok state, schema versions, and redacted diagnostic count/codes.
-`npm run package:check` is the local package boundary gate. It checks npm pack file paths and scans committed docs/examples/scripts for private paths and token-looking content. The release report itself is included in the package so consumers can inspect the candidate evidence and non-goals.
+Detailed P6-4, P6-5, and P6-6 run/artifact summaries are repo-local evidence files under `.release-evidence/`. They are not package content and must not be copied into README or packaged docs.
-`npm run release:verify` is the release artifact gate for generated or downloaded artifacts. It validates npm pack JSON, package file list parity, daemon-ready gate evidence, tarball filename/path/existence, disallowed package paths, private paths, and token-looking values, then emits stable redacted JSON.
+## Schema And Compatibility Contracts
-## Real CLI Evidence Boundary
+The API and CLI schema inventory, versioning policy, root export boundary, and failure taxonomy are maintained in [docs/api-schema-contract.md](./api-schema-contract.md). The release-facing schemas are:
-Default release gates do not launch authenticated real agent runs. `conformance --mode real --agent all --json` and `smoke --mode real --agent <id> --json` perform real local executable/version/auth/model/profile certification and report `real_run_skipped`, `auth_missing`, `unsupported_flag`, or `needs_verification` honestly.
+- `agent-cli-runtime.releaseVerification.v1`
+- `agent-cli-runtime.releaseGateEvidence.v1`
+- `agent-cli-runtime.realCompatibilityEvidenceVerification.v1`
+- `agent-cli-runtime.realCompatibilityEvidence.v1`
-Authenticated real runs require explicit `--allow-real-run --expect-text <safe_text>` and remain local/manual evidence. The real-smoke summary is redacted and does not contain prompt text, token values, private cwd, raw stdout/stderr, or the final run record.
+Skipped evidence is not success, `auth_missing` is not unavailable, and `needs_verification` must not be guessed into support.
 ## Known Risks
-- Remote GitHub Actions evidence is commit-specific; P3-10 run `27945938663` proves pre-documentation SHA `fdba3ebccb2e57a0ad295101028a2a3937a92204`, not any later commit containing this report.
-- Because release docs are packaged, committing this report changes npm pack output; final publish evidence requires a fresh post-documentation release-candidate workflow and artifact re-verification.
-- Historical P3-9 run `27943672095` only proves target SHA `65fac505ca3eb830a06d8656068cf4ed5f6dd46a`; historical P3-9 interim run `27942743285` only proves target SHA `a0299a7d81bb614661922bebc8c75496cf0a3d11` before the strict `fixtures?` package-boundary lock; historical P3-8 run `27940814340` only proves target SHA `eb8de0f9b1edfa3f94c35a50b31005c5d3c105d4`; historical P3-5 run `27932628093` only proves workflow head SHA `8d7bc2a19c626caa1ad5223acbcd35df34aff18e`; historical P2-12 run `27869580048` only proves commit `2f8832119b4ebdb8393077052560589a398ebf56` and predates the gate-evidence artifact.
-- Real CLI behavior, auth state, model lists, and flags can drift after this dated evidence.
-- OpenCode explicit read-only/workspace-write flags, extra dirs, and session/resume remain in `needsVerification`.
-- Claude Code authenticated run smoke depends on local auth or a correctly configured provider environment.
-- npm dry-run output can vary by npm version and registry context, so it remains a manual/local gate rather than a flaky CI requirement.
-- Trusted publishing and provenance are not configured in P2-13. Any future provenance claim must match the actual publish path.
-## Explicit Non-Goals
-- Do not publish npm.
-- Do not require npm token or registry credentials.
-- Do not configure trusted publishing or npm provenance.
-- Do not claim stable API.
-- Do not claim OpenDesign daemon parity.
-- Do not add daemon/API server, database, WAL, remote worker, web UI, telemetry, or scheduler expansion.
-- Do not convert `real_run_skipped`, `auth_missing`, `unsupported_flag`, or `needs_verification` into real agent run success.
+- `0.1.0-alpha.2` is still unpublished; registry and GitHub Release post-publish verification can only run after explicit real publish authorization.
+- Real CLI behavior, auth state, model lists, and flags can drift after dated compatibility evidence.
+- npm dry-run output can vary by npm version and registry context, so the alpha dry-run remains a local manual safety gate rather than a required remote CI gate.
+- Trusted publishing and provenance are not configured. Any future provenance claim must match the actual publish path.