agentxchain 2.36.0 → 2.37.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentxchain",
-  "version": "2.36.0",
+  "version": "2.37.0",
   "description": "CLI for AgentXchain — governed multi-agent software delivery",
   "type": "module",
   "bin": {

package/scripts/release-bump.sh

@@ -121,7 +121,11 @@ echo "  OK: tag v${TARGET_VERSION} does not exist"
 # Ensures all governed version surfaces already reference the target version
 # BEFORE the bump commit is created. This catches stale drift that would
 # otherwise only be discovered after minting local release identities.
-echo "[4/8] Verifying version-surface alignment for ${TARGET_VERSION}..."
+#
+# NOTE: Homebrew mirror formula and README are NOT checked here. They are
+# auto-aligned in step 5 because the registry SHA256 is inherently a
+# post-publish artifact. See DEC-HOMEBREW-SHA-SPLIT-001.
+echo "[4/9] Verifying version-surface alignment for ${TARGET_VERSION}..."
 SURFACE_ERRORS=()
 
 # 4a. CHANGELOG top heading
@@ -164,25 +168,6 @@ if ! grep -qE "^# Launch Evidence Report — AgentXchain v${ESCAPED_VERSION}" "$
   SURFACE_ERRORS+=("LAUNCH_EVIDENCE_REPORT.md title does not carry v${TARGET_VERSION}")
 fi
 
-# 4h. Homebrew mirror formula version
-HOMEBREW_MIRROR="${REPO_ROOT}/cli/homebrew/agentxchain.rb"
-if [[ -f "$HOMEBREW_MIRROR" ]]; then
-  if ! grep -q "agentxchain-${TARGET_VERSION}\.tgz" "$HOMEBREW_MIRROR" 2>/dev/null; then
-    SURFACE_ERRORS+=("homebrew mirror formula does not reference agentxchain-${TARGET_VERSION}.tgz")
-  fi
-fi
-
-# 4i. Homebrew mirror maintainer README version
-HOMEBREW_MIRROR_README="${REPO_ROOT}/cli/homebrew/README.md"
-if [[ -f "$HOMEBREW_MIRROR_README" ]]; then
-  if ! grep -q -- "- version: \`${TARGET_VERSION}\`" "$HOMEBREW_MIRROR_README" 2>/dev/null; then
-    SURFACE_ERRORS+=("homebrew mirror README does not declare version ${TARGET_VERSION}")
-  fi
-  if ! grep -q "agentxchain-${TARGET_VERSION}\.tgz" "$HOMEBREW_MIRROR_README" 2>/dev/null; then
-    SURFACE_ERRORS+=("homebrew mirror README does not reference agentxchain-${TARGET_VERSION}.tgz")
-  fi
-fi
-
 if [[ "${#SURFACE_ERRORS[@]}" -gt 0 ]]; then
   echo "FAIL: ${#SURFACE_ERRORS[@]} version-surface(s) not aligned to ${TARGET_VERSION}:" >&2
   printf '  - %s\n' "${SURFACE_ERRORS[@]}" >&2
@@ -191,15 +176,47 @@ if [[ "${#SURFACE_ERRORS[@]}" -gt 0 ]]; then
   echo "create release identity when governed surfaces are stale." >&2
   exit 1
 fi
-echo "  OK: all 10 governed version surfaces reference ${TARGET_VERSION}"
+echo "  OK: all 7 governed version surfaces reference ${TARGET_VERSION}"
+
+# 5. Auto-align Homebrew mirror to target version
+# The formula URL and README version/tarball are updated automatically.
+# The SHA256 is carried from the previous version — it is inherently a
+# post-publish artifact (npm registry tarballs are not byte-identical to
+# local npm-pack output). sync-homebrew.sh corrects the SHA after publish.
+echo "[5/9] Auto-aligning Homebrew mirror to ${TARGET_VERSION}..."
+HOMEBREW_MIRROR="${REPO_ROOT}/cli/homebrew/agentxchain.rb"
+HOMEBREW_MIRROR_README="${REPO_ROOT}/cli/homebrew/README.md"
+TARBALL_URL="https://registry.npmjs.org/agentxchain/-/agentxchain-${TARGET_VERSION}.tgz"
+HOMEBREW_ALIGNED=false
+
+if [[ -f "$HOMEBREW_MIRROR" ]]; then
+  ESCAPED_URL="$(printf '%s' "$TARBALL_URL" | sed 's/[&/\]/\\&/g')"
+  sed -i.bak -E "s|^([[:space:]]*url \").*(\")|\1${ESCAPED_URL}\2|" "$HOMEBREW_MIRROR"
+  rm -f "${HOMEBREW_MIRROR}.bak"
+  HOMEBREW_ALIGNED=true
+  echo "  OK: formula URL -> ${TARBALL_URL}"
+fi
+
+if [[ -f "$HOMEBREW_MIRROR_README" ]]; then
+  sed -i.bak -E "s|^(- version: \`).*(\`)|\1${TARGET_VERSION}\2|" "$HOMEBREW_MIRROR_README"
+  sed -i.bak -E "s|^(- source tarball: \`).*(\`)|\1${TARBALL_URL}\2|" "$HOMEBREW_MIRROR_README"
+  rm -f "${HOMEBREW_MIRROR_README}.bak"
+  echo "  OK: README version and tarball -> ${TARGET_VERSION}"
+fi
+
+if $HOMEBREW_ALIGNED; then
+  echo "  Note: SHA carried from previous version; sync-homebrew.sh will set the real registry SHA post-publish"
+else
+  echo "  Skipped: no Homebrew mirror files found"
+fi
 
-# 5. Update version files (no git operations)
-echo "[5/8] Updating version files..."
+# 6. Update version files (no git operations)
+echo "[6/9] Updating version files..."
 npm version "$TARGET_VERSION" --no-git-tag-version
 echo "  OK: package.json updated to ${TARGET_VERSION}"
 
-# 6. Stage version files
-echo "[6/8] Staging version files..."
+# 7. Stage version files
+echo "[7/9] Staging version files..."
 git add -- package.json
 if [[ -f package-lock.json ]]; then
   git add -- package-lock.json
@@ -209,8 +226,8 @@ for rel_path in "${ALLOWED_RELEASE_PATHS[@]}"; do
 done
 echo "  OK: version files and allowed release surfaces staged"
 
-# 7. Create release commit
-echo "[7/8] Creating release commit..."
+# 8. Create release commit
+echo "[8/9] Creating release commit..."
 git commit -m "${TARGET_VERSION}"
 RELEASE_SHA=$(git rev-parse HEAD)
 COMMIT_MSG=$(git log -1 --format=%s)
@@ -220,8 +237,8 @@ if [[ "$COMMIT_MSG" != "$TARGET_VERSION" ]]; then
 fi
 echo "  OK: commit ${RELEASE_SHA:0:7} with message '${TARGET_VERSION}'"
 
-# 8. Create annotated tag
-echo "[8/8] Creating annotated tag..."
+# 9. Create annotated tag
+echo "[9/9] Creating annotated tag..."
 git tag -a "v${TARGET_VERSION}" -m "v${TARGET_VERSION}"
 TAG_SHA=$(git rev-parse "v${TARGET_VERSION}")
 if [[ -z "$TAG_SHA" ]]; then

package/src/lib/adapters/api-proxy-adapter.js

@@ -23,7 +23,7 @@
  *   All error returns include a `classified` ApiProxyError object with
  *   error_class, recovery instructions, and retryable flag.
  *
- * Supported providers: "anthropic", "openai"
+ * Supported providers: "anthropic", "openai", "google"
  */
 
 import { readFileSync, writeFileSync, existsSync, mkdirSync, rmSync } from 'fs';
@@ -45,9 +45,12 @@ import {
 import { verifyDispatchManifestForAdapter } from '../dispatch-manifest.js';
 
 // Provider endpoint registry
+// Google Gemini endpoint requires the model name interpolated at call time;
+// the registry stores a template with {model} as a placeholder.
 const PROVIDER_ENDPOINTS = {
   anthropic: 'https://api.anthropic.com/v1/messages',
   openai: 'https://api.openai.com/v1/chat/completions',
+  google: 'https://generativelanguage.googleapis.com/v1beta/models/{model}:generateContent',
 };
 
 // Bundled cost rates per million tokens (USD).
@@ -67,6 +70,10 @@ const BUNDLED_COST_RATES = {
   'o3': { input_per_1m: 2.00, output_per_1m: 8.00 },
   'o3-mini': { input_per_1m: 1.10, output_per_1m: 4.40 },
   'o4-mini': { input_per_1m: 1.10, output_per_1m: 4.40 },
+  // Google Gemini — verified 2026-04-09 (training knowledge)
+  'gemini-2.5-pro': { input_per_1m: 1.25, output_per_1m: 10.00 },
+  'gemini-2.5-flash': { input_per_1m: 0.15, output_per_1m: 0.60 },
+  'gemini-2.0-flash': { input_per_1m: 0.10, output_per_1m: 0.40 },
 };
 
 // Resolve cost rates: operator-supplied cost_rates override bundled defaults
@@ -135,6 +142,25 @@ const PROVIDER_ERROR_MAPS = {
       { provider_error_type: 'rate_limit_error', http_status: 429, error_class: 'rate_limited', retryable: true },
     ],
   },
+  google: {
+    extractErrorType(body) {
+      // Google errors use { error: { status: "INVALID_ARGUMENT", ... } }
+      return typeof body?.error?.status === 'string' ? body.error.status : null;
+    },
+    extractErrorCode(body) {
+      return typeof body?.error?.code === 'number' ? String(body.error.code) : null;
+    },
+    mappings: [
+      { provider_error_type: 'UNAUTHENTICATED', http_status: 401, error_class: 'auth_failure', retryable: false },
+      { provider_error_type: 'PERMISSION_DENIED', http_status: 403, error_class: 'auth_failure', retryable: false },
+      { provider_error_type: 'NOT_FOUND', http_status: 404, error_class: 'model_not_found', retryable: false },
+      { provider_error_type: 'RESOURCE_EXHAUSTED', http_status: 429, error_class: 'rate_limited', retryable: true },
+      { provider_error_type: 'INVALID_ARGUMENT', http_status: 400, body_pattern: /token.*limit|context|too.long/i, error_class: 'context_overflow', retryable: false },
+      { provider_error_type: 'INVALID_ARGUMENT', http_status: 400, error_class: 'invalid_request', retryable: false },
+      { provider_error_type: 'UNAVAILABLE', http_status: 503, error_class: 'provider_overloaded', retryable: true },
+      { provider_error_type: 'INTERNAL', http_status: 500, error_class: 'unknown_api_error', retryable: true },
+    ],
+  },
 };
 
 // ── Error classification ──────────────────────────────────────────────────────
@@ -442,6 +468,10 @@ function usageFromTelemetry(provider, model, usage, config) {
   if (provider === 'openai') {
     inputTokens = Number.isFinite(usage.prompt_tokens) ? usage.prompt_tokens : 0;
     outputTokens = Number.isFinite(usage.completion_tokens) ? usage.completion_tokens : 0;
+  } else if (provider === 'google') {
+    // Google Gemini returns usageMetadata at root level with promptTokenCount / candidatesTokenCount
+    inputTokens = Number.isFinite(usage.promptTokenCount) ? usage.promptTokenCount : 0;
+    outputTokens = Number.isFinite(usage.candidatesTokenCount) ? usage.candidatesTokenCount : 0;
   } else {
     inputTokens = Number.isFinite(usage.input_tokens) ? usage.input_tokens : 0;
     outputTokens = Number.isFinite(usage.output_tokens) ? usage.output_tokens : 0;
@@ -691,7 +721,9 @@ async function executeApiCall({
     };
   }
 
-  const usage = usageFromTelemetry(provider, model, responseData.usage, config);
+  // Google Gemini returns usage at responseData.usageMetadata; others at responseData.usage
+  const usageSource = provider === 'google' ? responseData.usageMetadata : responseData.usage;
+  const usage = usageFromTelemetry(provider, model, usageSource, config);
   const extraction = extractTurnResult(responseData, provider);
 
   if (!extraction.ok) {
@@ -791,7 +823,7 @@ export async function dispatchApiProxy(root, state, config, options = {}) {
     return errorReturn(root, turn.turn_id, classified);
   }
 
-  const endpoint = runtime.base_url || PROVIDER_ENDPOINTS[provider];
+  let endpoint = runtime.base_url || PROVIDER_ENDPOINTS[provider];
   if (!endpoint) {
     const classified = classifyError(
       'unsupported_provider',
@@ -802,6 +834,12 @@ export async function dispatchApiProxy(root, state, config, options = {}) {
     return errorReturn(root, turn.turn_id, classified);
   }
 
+  // Google Gemini: interpolate model into endpoint URL and append API key as query param
+  if (provider === 'google') {
+    endpoint = endpoint.replace('{model}', encodeURIComponent(model));
+    endpoint += (endpoint.includes('?') ? '&' : '?') + `key=${encodeURIComponent(apiKey)}`;
+  }
+
   // Build request
   const maxOutputTokens = runtime.max_output_tokens || 4096;
   const timeoutSeconds = runtime.timeout_seconds || 120;
@@ -1086,10 +1124,92 @@ function buildOpenAiRequest(promptMd, contextMd, model, maxOutputTokens) {
   };
 }
 
+function buildGoogleHeaders(_apiKey) {
+  // Google Gemini uses API key as a query parameter, not a header
+  return {
+    'Content-Type': 'application/json',
+  };
+}
+
+function buildGoogleRequest(promptMd, contextMd, model, maxOutputTokens) {
+  const userContent = contextMd
+    ? `${promptMd}${SEPARATOR}${contextMd}`
+    : promptMd;
+
+  return {
+    systemInstruction: {
+      parts: [{ text: SYSTEM_PROMPT }],
+    },
+    contents: [
+      {
+        role: 'user',
+        parts: [{ text: userContent }],
+      },
+    ],
+    generationConfig: {
+      maxOutputTokens,
+      responseMimeType: 'application/json',
+    },
+  };
+}
+
+function extractGoogleTurnResult(responseData) {
+  const promptBlockReason = responseData?.promptFeedback?.blockReason;
+  if (typeof promptBlockReason === 'string' && promptBlockReason.trim()) {
+    return {
+      ok: false,
+      error: `Google Gemini blocked the prompt before generation (blockReason: ${promptBlockReason})`,
+    };
+  }
+
+  if (!Array.isArray(responseData?.candidates) || responseData.candidates.length === 0) {
+    return { ok: false, error: 'API response has no candidates' };
+  }
+
+  const candidate = responseData.candidates[0];
+  const finishReason = typeof candidate?.finishReason === 'string'
+    ? candidate.finishReason
+    : null;
+  const parts = candidate?.content?.parts;
+  if (!Array.isArray(parts) || parts.length === 0) {
+    if (finishReason && finishReason !== 'STOP') {
+      return {
+        ok: false,
+        error: `Google Gemini candidate has no content parts (finishReason: ${finishReason})`,
+      };
+    }
+    return { ok: false, error: 'API response candidate has no content parts' };
+  }
+
+  const textPart = parts.find(p => typeof p.text === 'string');
+  if (!textPart?.text?.trim()) {
+    if (finishReason && finishReason !== 'STOP') {
+      return {
+        ok: false,
+        error: `Google Gemini returned no extractable text (finishReason: ${finishReason})`,
+      };
+    }
+    return { ok: false, error: 'API response has no text content part' };
+  }
+
+  const extraction = extractTurnResultFromText(textPart.text);
+  if (!extraction.ok && finishReason && finishReason !== 'STOP') {
+    return {
+      ok: false,
+      error: `Google Gemini returned non-extractable turn JSON (finishReason: ${finishReason})`,
+    };
+  }
+
+  return extraction;
+}
+
 function buildProviderHeaders(provider, apiKey) {
   if (provider === 'openai') {
     return buildOpenAiHeaders(apiKey);
   }
+  if (provider === 'google') {
+    return buildGoogleHeaders(apiKey);
+  }
   return buildAnthropicHeaders(apiKey);
 }
 
@@ -1097,6 +1217,9 @@ function buildProviderRequest(provider, promptMd, contextMd, model, maxOutputTok
   if (provider === 'openai') {
     return buildOpenAiRequest(promptMd, contextMd, model, maxOutputTokens);
   }
+  if (provider === 'google') {
+    return buildGoogleRequest(promptMd, contextMd, model, maxOutputTokens);
+  }
   return buildAnthropicRequest(promptMd, contextMd, model, maxOutputTokens);
 }
 
@@ -1184,6 +1307,9 @@ function extractTurnResult(responseData, provider = 'anthropic') {
   if (provider === 'openai') {
     return extractOpenAiTurnResult(responseData);
   }
+  if (provider === 'google') {
+    return extractGoogleTurnResult(responseData);
+  }
   return extractAnthropicTurnResult(responseData);
 }
 
@@ -1198,6 +1324,7 @@ export {
   extractTurnResult,
   buildAnthropicRequest,
   buildOpenAiRequest,
+  buildGoogleRequest,
   classifyError,
   classifyHttpError,
   BUNDLED_COST_RATES,

package/src/lib/normalized-config.js

@@ -18,7 +18,7 @@ import { SUPPORTED_TOKEN_COUNTER_PROVIDERS } from './token-counter.js';
 
 const VALID_WRITE_AUTHORITIES = ['authoritative', 'proposed', 'review_only'];
 const VALID_RUNTIME_TYPES = ['manual', 'local_cli', 'api_proxy', 'mcp', 'remote_agent'];
-const VALID_API_PROXY_PROVIDERS = ['anthropic', 'openai'];
+const VALID_API_PROXY_PROVIDERS = ['anthropic', 'openai', 'google'];
 export const VALID_PROMPT_TRANSPORTS = ['argv', 'stdin', 'dispatch_bundle_only'];
 const VALID_MCP_TRANSPORTS = ['stdio', 'streamable_http'];
 const DEFAULT_PHASES = ['planning', 'implementation', 'qa'];