baldart 4.16.0 → 4.16.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,23 @@ All notable changes to BALDART will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [4.16.1] - 2026-06-05
|
|
9
|
+
|
|
10
|
+
**Review di allineamento `new` ↔ `new2`: 9 fix di fedeltà sui workflow `new2`/`new2-resolve` emersi da una review adversariale a 3 reviewer paralleli.** La v4.16.0 ha introdotto `new2` come variante workflow-hosted di `/new`; una review di allineamento (gate-coverage · child-workflow wiring · control-flow) ha refutato l'implementazione su difetti reali — di semantica/allineamento, non di esecuzione (il wiring tra i 3 workflow era contract-fedele). **PATCH** (bugfix di allineamento del nuovo `new2`, nessun cambio di capability, nessuna chiave `baldart.config.yml`).
|
|
11
|
+
|
|
12
|
+
> **Why.** `new2` deve essere un A/B equo di `/new`: ogni gate va mappato con policy *fedele* alla semantica di `/new` (meno l'AskUserQuestion), e tutti i path/child-workflow vanno cablati. La review ha trovato punti dove la policy deterministica divergeva silenziosamente dalla SSOT o dove un segnale veniva letto ma non agito.
|
|
13
|
+
|
|
14
|
+
### Fixed
|
|
15
|
+
|
|
16
|
+
- **`framework/.claude/workflows/new2.js`**:
|
|
17
|
+
- **Final review `NEEDS_MANUAL_CONFIRMATION` non più ignorato** — il filtro blocker includeva solo `VERIFIED` mentre il commento dichiarava "treat as VERIFIED": ora include anche `NEEDS_MANUAL_CONFIRMATION` (tentato il fix, mai scartato in silenzio → ripristina l'invariante zero-drop di `final-review.md` F.4).
|
|
18
|
+
- **`status:'fatal'` di `new2-resolve` ora onorato** — `resolve()` setta `batchFatal` e sospende final review + merge, invece di degradarlo a `followup`.
|
|
19
|
+
- **Phase 7 Production Readiness aggiunta** (post-merge, non-bloccante) — ripristina la full-parity dichiarata (auto-esegue i deploy stack-matched, riporta gli item manuali).
|
|
20
|
+
- **Card crashata non più persa** — il catch del driver passa da `resolve('agent-crash')` (retry specialista, mai bypass su security/migration) e garantisce un follow-up tracciato (path `agent-crash` prima irraggiungibile).
|
|
21
|
+
- **G3 cross-card / G5 depends-on rafforzati** — il prompt pre-flight ora *applica* le azioni cross-card (force-sequential/warning in executionMode/groups), non le logga soltanto; G5 garantisce l'esclusione **transitiva** dei dipendenti.
|
|
22
|
+
- **Minori**: `fileDiffViolation` (E4) ora loggato nel gate ledger; `hasApiDataFiles` non più sempre-true (rimosso il disgiunto che rendeva irraggiungibile lo skip dell'api-perf-auditor); i resolve di `merge-blocker`/`qa-fail` passano `mayEditPaths` (confine ownership sui fix batch-wide).
|
|
23
|
+
- **`framework/.claude/workflows/new2-resolve.js`**: obbligo esplicito di **re-run E2E (Phase 2.6)** quando un fix tocca file UI (app/components/`*.css`/`*.scss`), allineato a `codex-gate.md` step 6.
|
|
24
|
+
|
|
8
25
|
## [4.16.0] - 2026-06-05
|
|
9
26
|
|
|
10
27
|
**Nuova skill sperimentale `new2` + i workflow `new2`/`new2-resolve`: l'INTERA batch di `/new` può girare come un singolo dynamic workflow autonomo in background, per fare A/B testing sul context economy.** `/new` è una skill che gira nel main loop, quindi l'output di ogni subagent (architect, coder, reviewer, Codex, QA, E2E) gonfia il contesto dell'orchestrator — il driver di costo che si sposta d'asse a ogni fix (v4.12→v4.15). I dynamic workflow spostano l'orchestrazione in un runtime **isolato**: i risultati intermedi vivono in variabili di script e nel main loop torna **solo il report finale**. `new2` è la versione workflow-hosted di `/new`, **parallela e additiva** (NON sostituisce `/new`), pensata per misurare il delta di `usage` reale a parità di semantica. **MINOR** (nuova skill + 2 workflow, opt-in, Claude-only; nessun breaking change, nessuna chiave `baldart.config.yml` — il gating è runtime via presenza del tool `Workflow`, come v4.14.0).
|
package/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
4.16.
|
|
1
|
+
4.16.1
|
|
@@ -67,6 +67,7 @@ const brief = [
|
|
|
67
67
|
`Scope files for re-verify: ${scopeFiles.join(', ') || '(diff)'}`,
|
|
68
68
|
`Domain: ${domain}${protectedDomain ? ' (PROTECTED — security/migration: never inline-bypass; the right specialist MUST apply)' : ''}`,
|
|
69
69
|
`Reference modules (Read for exact semantics): ${REF}/`,
|
|
70
|
+
`UI re-verify obligation: if your fix touches a UI file (app dir / components / *.css / *.scss), you MUST re-run the Phase 2.6 E2E review (per ${REF}/review-cycle.md) before declaring verified — a code-review/Codex fix can reintroduce visual/functional drift (mirrors codex-gate.md step 6).`,
|
|
70
71
|
].join('\n')
|
|
71
72
|
|
|
72
73
|
// The agent that OWNS a fix in this domain (Domain-Override): doc → doc-reviewer.
|
|
@@ -7,6 +7,7 @@ export const meta = {
|
|
|
7
7
|
{ title: 'Implement', detail: 'per-card implement+review pipeline; team-mode runs coders in parallel per wave' },
|
|
8
8
|
{ title: 'Final', detail: 'cross-batch final review (delegates to new-final-review)' },
|
|
9
9
|
{ title: 'Merge', detail: 'auto-merge to trunk via git.merge_strategy + cleanup' },
|
|
10
|
+
{ title: 'Production', detail: 'post-merge production-readiness checklist (Phase 7, non-blocking)' },
|
|
10
11
|
],
|
|
11
12
|
}
|
|
12
13
|
|
|
@@ -46,6 +47,8 @@ const firstCard = cardIds[0] || 'BATCH'
|
|
|
46
47
|
const gateLedger = [] // { card, gate, decision, detail }
|
|
47
48
|
const residualFollowups = []// { card, kind, followupCard, reason }
|
|
48
49
|
const perCardResults = [] // structured per-card outcome
|
|
50
|
+
let batchFatal = false // set when a resolve() returns 'fatal' (unrecoverable)
|
|
51
|
+
let prodReadiness = null // Phase 7 result (post-merge, non-blocking)
|
|
49
52
|
|
|
50
53
|
function ledger(card, gate, decision, detail) {
|
|
51
54
|
gateLedger.push({ card, gate, decision, detail: detail || '' })
|
|
@@ -120,9 +123,9 @@ const preflight = await agent(
|
|
|
120
123
|
`DETERMINISTIC GATE POLICIES (NO user prompts):\n` +
|
|
121
124
|
`• G1 dirty-tree (main repo ${MAIN}): partition framework-managed noise exactly as setup.md step 3 ($METRICS=${METRICS}, .baldart/generated|state.json|skill-conflicts.json — NOT overlays/). If genuine user work remains → auto-stash 'baldart-new2-${firstCard}-<ts>' (main checkout, safe) and record the MESSAGE label for restore at merge. Never commit/abort/prompt.\n` +
|
|
122
125
|
`• G2 divergence vs origin/${TRUNK}: behind-only AND HEAD==${TRUNK} → ff-pull; ahead-genuine or diverged → DO NOT push/rebase/reset; proceed (the worktree is isolated) and put a one-line note in workspaceNote. Framework-management commits are auto-ignored (setup.md step 4 reclassification).\n` +
|
|
123
|
-
`• G3 cross-card grounding (setup.md 3d): run the Codex cross-card check with the provenance skip; on CODEX_NOT_FOUND fall back to code-reviewer; if BOTH unavailable → proceed and set crossCard='CAPABILITY_UNAVAILABLE'. Read the audit file ONLY via the [codex]-stripping filter; return DISTILLED findings.\n` +
|
|
126
|
+
`• G3 cross-card grounding (setup.md 3d): run the Codex cross-card check with the provenance skip; on CODEX_NOT_FOUND fall back to code-reviewer; if BOTH unavailable → proceed and set crossCard='CAPABILITY_UNAVAILABLE'. Read the audit file ONLY via the [codex]-stripping filter; return DISTILLED findings. CRITICAL — if conflicts are FOUND you MUST APPLY them, not just report: FILE_CONFLICT / ORDER_RISK → force the conflicting cards SEQUENTIAL (encode this in executionMode/groups AND the ownership map); STATE_MUTATION → fold a warning into the affected cards via the ownership map. The returned executionMode/groups MUST already reflect these constraints.\n` +
|
|
124
127
|
`• G4 card-field validation (setup.md 1b/1c): a card missing requirements/acceptance_criteria/files_likely_touched → EXCLUDE it (add to excluded[] with reason); continue with valid cards. Never HALT the batch for one bad card.\n` +
|
|
125
|
-
`• G5 depends-on (implement.md Phase 1 step 2): if a card's depends_on names a card that is NOT DONE and is NOT in this batch → exclude that card AND
|
|
128
|
+
`• G5 depends-on (implement.md Phase 1 step 2): if a card's depends_on names a card that is NOT DONE and is NOT in this batch → exclude that card AND, TRANSITIVELY, every in-batch card that depends on it (excluded[], reason 'depends_on <dep> not DONE'). GUARANTEE: the returned cards[] must contain NO card that transitively depends on an excluded card. If the dep IS in this batch, keep it and order it first.\n` +
|
|
126
129
|
`• Worktree (setup.md step 4): create ONE code worktree off ${TRUNK} (slug from git_strategy.branch or the parent/lead card title), install deps, assign a port, run the baseline (tsc+lint+build). Use the git-authoritative idempotency pre-check (step 4a2). E2: if baseline FAILS, fix-attempt once (the trunk itself may not build); if still failing return baseline:'fail' with baselineLog (the caller treats it as batch-fatal).\n` +
|
|
127
130
|
`• Complexity (setup.md 3c): decide executionMode sequential|team and, for team, the groups [{level,cards}]. Build the file-ownership map; write it to /tmp and return ownershipMapPath.\n` +
|
|
128
131
|
`• Persist per-card architecture baselines you gather to /tmp/arch-baseline-<CARD>.md and return archBaselinePaths (final review reuses them).\n\n` +
|
|
@@ -165,6 +168,7 @@ async function resolve(kind, card, evidence, extra) {
|
|
|
165
168
|
config: cfg,
|
|
166
169
|
}).catch((e) => ({ status: 'followup', reason: 'resolve workflow error: ' + (e && e.message) }))
|
|
167
170
|
const status = (res && res.status) || 'followup'
|
|
171
|
+
if (status === 'fatal') { batchFatal = true; ledger(card, 'resolve:' + kind, 'FATAL', (res && res.reason) || ''); return status }
|
|
168
172
|
if (status === 'followup' && res && res.followupCard) {
|
|
169
173
|
residualFollowups.push({ card, kind, followupCard: res.followupCard, reason: res.reason || '' })
|
|
170
174
|
}
|
|
@@ -172,6 +176,15 @@ async function resolve(kind, card, evidence, extra) {
|
|
|
172
176
|
return status
|
|
173
177
|
}
|
|
174
178
|
|
|
179
|
+
// A crashed runCard (E1) routes through new2-resolve(agent-crash) for a specialist
|
|
180
|
+
// retry, then ALWAYS lands as a tracked followup — never a silent drop.
|
|
181
|
+
async function crashFollowup(id, e) {
|
|
182
|
+
const msg = String(e && e.message)
|
|
183
|
+
const s = await resolve('agent-crash', id, 'runCard crashed: ' + msg, { mayEditPaths: [], scopeFiles: [] })
|
|
184
|
+
if (s !== 'followup') residualFollowups.push({ card: id, kind: 'agent-crash', followupCard: '(specialist retry attempted — manual check)', reason: msg })
|
|
185
|
+
return { card: id, status: 'followup', gates: [{ gate: 'runCard', decision: 'ERROR', detail: msg }], commit: '-', telemetry: {} }
|
|
186
|
+
}
|
|
187
|
+
|
|
175
188
|
// ───────────────────────────────────────────────────────────────────────────
|
|
176
189
|
// Per-card pipeline — sequences /new Phases 1→4 via agents that Read the modules.
|
|
177
190
|
// Each phase agent returns a structured verdict; this function applies the
|
|
@@ -200,6 +213,7 @@ async function runCard(cardId, cardPath, lessons) {
|
|
|
200
213
|
|
|
201
214
|
const mayEdit = (impl && impl.mayEditPaths) || []
|
|
202
215
|
const scopeFiles = (impl && impl.scopeFiles) || []
|
|
216
|
+
if (impl && impl.fileDiffViolation) g('E4-file-diff', 'AUTO-REVERTED', 'coder touched files outside ownership — reverted per implement.md 11b')
|
|
203
217
|
|
|
204
218
|
// G26 — build gates not converging → self-heal.
|
|
205
219
|
if (impl && impl.buildBlocked) {
|
|
@@ -291,13 +305,13 @@ if (preflight.executionMode === 'team' && Array.isArray(preflight.groups) && pre
|
|
|
291
305
|
const ids = (grp.cards || []).filter((id) => runnableCards.includes(id))
|
|
292
306
|
if (!ids.length) continue
|
|
293
307
|
log(`Team wave level=${grp.level}: ${ids.length} card(s) in parallel.`)
|
|
294
|
-
const waveResults = await parallel(ids.map((id) => () => runCard(id, pathById[id], lessons).catch((e) => (
|
|
308
|
+
const waveResults = await parallel(ids.map((id) => () => runCard(id, pathById[id], lessons).catch((e) => crashFollowup(id, e))))
|
|
295
309
|
for (const r of waveResults.filter(Boolean)) { perCardResults.push(r); if (r.note) lessons.push(`${r.card}: ${r.note}`) }
|
|
296
310
|
}
|
|
297
311
|
} else {
|
|
298
312
|
// Sequential — cards share one worktree and run one at a time.
|
|
299
313
|
for (const id of runnableCards) {
|
|
300
|
-
const r = await runCard(id, pathById[id], lessons).catch((e) => (
|
|
314
|
+
const r = await runCard(id, pathById[id], lessons).catch((e) => crashFollowup(id, e))
|
|
301
315
|
perCardResults.push(r)
|
|
302
316
|
if (r && r.note) lessons.push(`${r.card}: ${r.note}`)
|
|
303
317
|
}
|
|
@@ -313,12 +327,12 @@ const committed = perCardResults.filter((r) => r.status === 'committed')
|
|
|
313
327
|
// ───────────────────────────────────────────────────────────────────────────
|
|
314
328
|
phase('Final')
|
|
315
329
|
let finalSummary = null
|
|
316
|
-
let mergeBlocked =
|
|
317
|
-
if (committed.length) {
|
|
330
|
+
let mergeBlocked = batchFatal
|
|
331
|
+
if (committed.length && !batchFatal) {
|
|
318
332
|
const reviewScopeFiles = dedupe(committed.flatMap((r) => r.scopeFiles || []))
|
|
319
333
|
const archPaths = committed.map((r) => r.archBaselinePath).filter(Boolean)
|
|
320
334
|
const allArch = archPaths.length === committed.length ? archPaths : null
|
|
321
|
-
const hasApiDataFiles = reviewScopeFiles.some((f) => /api\/|data-model|\.sql$|migrations?\//i.test(f))
|
|
335
|
+
const hasApiDataFiles = reviewScopeFiles.some((f) => /api\/|data-model|\.sql$|migrations?\//i.test(f))
|
|
322
336
|
|
|
323
337
|
const final = await workflow('new-final-review', {
|
|
324
338
|
firstCardId: firstCard,
|
|
@@ -334,21 +348,23 @@ if (committed.length) {
|
|
|
334
348
|
if (final) {
|
|
335
349
|
finalSummary = final.summary || null
|
|
336
350
|
ledger(firstCard, 'final-review', 'DONE', `engine=${final.codexEngine}; verified=${final.summary ? final.summary.verified : '?'}`)
|
|
337
|
-
// G18 — apply
|
|
338
|
-
|
|
351
|
+
// G18 — apply BLOCKER/HIGH fixes; unresolved → block merge. G17: a workflow
|
|
352
|
+
// cannot ask the user, so NEEDS_MANUAL_CONFIRMATION is treated as VERIFIED
|
|
353
|
+
// (attempt the fix) — never silently ignored (the count-only path was the bug).
|
|
354
|
+
const blockers = (final.findings || []).filter((f) => (f.classification === 'VERIFIED' || f.classification === 'NEEDS_MANUAL_CONFIRMATION') && (f.severity === 'BLOCKER' || f.severity === 'HIGH'))
|
|
339
355
|
for (const f of blockers) {
|
|
340
|
-
const s = await resolve('merge-blocker', f.finding_id || firstCard, `${f.severity} ${f.title}: ${f.evidence}`, { scopeFiles: reviewScopeFiles, domain: f.domain || 'code' })
|
|
356
|
+
const s = await resolve('merge-blocker', f.finding_id || firstCard, `${f.classification} ${f.severity} ${f.title}: ${f.evidence}`, { mayEditPaths: reviewScopeFiles, scopeFiles: reviewScopeFiles, domain: f.domain || 'code' })
|
|
341
357
|
if (s !== 'resolved') mergeBlocked = true
|
|
342
358
|
}
|
|
343
359
|
if ((final.summary && final.summary.failingGates && final.summary.failingGates.length)) {
|
|
344
|
-
const s = await resolve('qa-fail', firstCard, `final gates failing: ${final.summary.failingGates.join(', ')}`, { scopeFiles: reviewScopeFiles, domain: 'code' })
|
|
360
|
+
const s = await resolve('qa-fail', firstCard, `final gates failing: ${final.summary.failingGates.join(', ')}`, { mayEditPaths: reviewScopeFiles, scopeFiles: reviewScopeFiles, domain: 'code' })
|
|
345
361
|
if (s !== 'resolved') mergeBlocked = true
|
|
346
362
|
}
|
|
347
363
|
} else {
|
|
348
364
|
ledger(firstCard, 'final-review', 'SKIPPED', 'workflow returned null')
|
|
349
365
|
}
|
|
350
366
|
} else {
|
|
351
|
-
ledger(firstCard, 'final-review', 'SKIPPED', 'no committed cards')
|
|
367
|
+
ledger(firstCard, 'final-review', 'SKIPPED', batchFatal ? 'batch fatal — review/merge halted' : 'no committed cards')
|
|
352
368
|
}
|
|
353
369
|
|
|
354
370
|
// ───────────────────────────────────────────────────────────────────────────
|
|
@@ -372,6 +388,22 @@ if (!committed.length) {
|
|
|
372
388
|
if (mergeResult && mergeResult.reconciliation) ledger(firstCard, 'G19-23-reconcile', 'AUTO', mergeResult.reconciliation)
|
|
373
389
|
}
|
|
374
390
|
|
|
391
|
+
// ───────────────────────────────────────────────────────────────────────────
|
|
392
|
+
// Phase Production (Phase 7) — post-merge readiness checklist (non-blocking, full
|
|
393
|
+
// parity with /new). Auto-executes stack-matched deploys; reports the manual items.
|
|
394
|
+
// ───────────────────────────────────────────────────────────────────────────
|
|
395
|
+
phase('Production')
|
|
396
|
+
if (mergeResult && mergeResult.merged) {
|
|
397
|
+
prodReadiness = await agent(
|
|
398
|
+
`Run the post-merge Production Readiness checklist per ${REF}/production-readiness.md (Phase 7) over the batch's changed files. Auto-EXECUTE only stack-matched index / access-rule / cron deploys; REPORT (do not execute) env vars, feature flags, DB migrations, third-party secrets, DNS changes. NON-BLOCKING — never fail the batch.\n\n${projectBrief}\nChanged files: ${dedupe(committed.flatMap((r) => r.filesChanged || [])).join(', ') || '(derive from git)'}\n\nReturn: { autoExecuted:[...], manualItems:[...], note }`,
|
|
399
|
+
{ label: 'production-readiness', phase: 'Production', agentType: 'general-purpose',
|
|
400
|
+
schema: { type: 'object', required: ['manualItems'], additionalProperties: true, properties: { autoExecuted: { type: 'array', items: { type: 'string' } }, manualItems: { type: 'array', items: { type: 'string' } }, note: { type: 'string' } } } }
|
|
401
|
+
)
|
|
402
|
+
ledger(firstCard, 'phase7-production', 'DONE', `auto=${((prodReadiness && prodReadiness.autoExecuted) || []).length} manual=${((prodReadiness && prodReadiness.manualItems) || []).length}`)
|
|
403
|
+
} else {
|
|
404
|
+
ledger(firstCard, 'phase7-production', 'SKIPPED', 'not merged')
|
|
405
|
+
}
|
|
406
|
+
|
|
375
407
|
// ───────────────────────────────────────────────────────────────────────────
|
|
376
408
|
// Return — assemble the report + Phase-8 telemetry (variant new2).
|
|
377
409
|
// ───────────────────────────────────────────────────────────────────────────
|
|
@@ -421,8 +453,14 @@ function buildReport(o) {
|
|
|
421
453
|
}
|
|
422
454
|
L.push(``, `## Merge`)
|
|
423
455
|
if (mergeResult && mergeResult.merged) L.push(`Merged → ${TRUNK} @ ${mergeResult.mergeCommit || '?'}${mergeResult.reconciliation ? ' · ' + mergeResult.reconciliation : ''}`)
|
|
424
|
-
else if (mergeBlocked) L.push(`Merge BLOCKED — unresolved final BLOCKER/HIGH. Worktree left intact at ${sharedCtx.worktreePath}.`)
|
|
456
|
+
else if (mergeBlocked) L.push(`Merge BLOCKED — ${batchFatal ? 'batch fatal (new2-resolve)' : 'unresolved final BLOCKER/HIGH'}. Worktree left intact at ${sharedCtx.worktreePath}.`)
|
|
425
457
|
else L.push(`Not merged (no committed cards or incomplete).`)
|
|
458
|
+
if (prodReadiness) {
|
|
459
|
+
const man = prodReadiness.manualItems || []
|
|
460
|
+
L.push(``, `## Production readiness (Phase 7)`)
|
|
461
|
+
L.push(`Auto-eseguiti: ${(prodReadiness.autoExecuted || []).length} · Da fare a mano: ${man.length}`)
|
|
462
|
+
for (const m of man) L.push(`- [ ] ${m}`)
|
|
463
|
+
}
|
|
426
464
|
if (residualFollowups.length) {
|
|
427
465
|
L.push(``, `## ⚠️ Follow-up auto-creati (residui non risolti autonomamente — nulla perso)`)
|
|
428
466
|
for (const f of residualFollowups) L.push(`- **${f.followupCard}** ← ${f.card} (${f.kind})${f.reason ? ': ' + f.reason : ''}`)
|