brainclaw 1.9.0 → 1.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/README.md +585 -499
  2. package/dist/brainclaw-vscode.vsix +0 -0
  3. package/dist/commands/harvest.js +1 -1
  4. package/dist/commands/hooks.js +73 -73
  5. package/dist/commands/init.js +1 -1
  6. package/dist/commands/install-hooks.js +78 -78
  7. package/dist/commands/mcp-read-handlers.js +57 -14
  8. package/dist/commands/mcp.js +79 -13
  9. package/dist/commands/switch.js +26 -5
  10. package/dist/commands/version.js +1 -1
  11. package/dist/core/agent-capability.js +19 -4
  12. package/dist/core/agent-files.js +119 -119
  13. package/dist/core/codev-prompts.js +38 -38
  14. package/dist/core/default-profiles/doctor.yaml +11 -11
  15. package/dist/core/default-profiles/janitor.yaml +11 -11
  16. package/dist/core/default-profiles/onboarder.yaml +11 -11
  17. package/dist/core/default-profiles/reviewer.yaml +13 -13
  18. package/dist/core/dispatcher.js +1 -1
  19. package/dist/core/entity-operations.js +29 -3
  20. package/dist/core/execution.js +1 -1
  21. package/dist/core/loops/verbs.js +0 -1
  22. package/dist/core/messaging.js +2 -2
  23. package/dist/core/protocol-skills.js +164 -164
  24. package/dist/core/runtime-signals.js +1 -1
  25. package/dist/core/search.js +19 -2
  26. package/dist/core/security-guard.js +207 -207
  27. package/dist/core/spawn-check.js +16 -2
  28. package/dist/core/staleness.js +1 -1
  29. package/dist/core/store-resolution.js +26 -7
  30. package/dist/core/worktree.js +18 -18
  31. package/dist/facts.js +3 -3
  32. package/dist/facts.json +2 -2
  33. package/docs/PROTOCOL.md +1 -1
  34. package/docs/adapters/openclaw.md +43 -43
  35. package/docs/architecture/project-refs.md +328 -328
  36. package/docs/cli.md +2093 -2093
  37. package/docs/concepts/coordination.md +52 -52
  38. package/docs/concepts/coordinator-runbook.md +129 -129
  39. package/docs/concepts/dispatch-lifecycle.md +245 -245
  40. package/docs/concepts/event-log-store.md +928 -928
  41. package/docs/concepts/ideation-loop.md +317 -317
  42. package/docs/concepts/loop-engine.md +520 -511
  43. package/docs/concepts/mcp-governance.md +268 -268
  44. package/docs/concepts/memory.md +84 -84
  45. package/docs/concepts/multi-agent-workflows.md +167 -167
  46. package/docs/concepts/observer-protocol.md +361 -361
  47. package/docs/concepts/plans-and-claims.md +217 -217
  48. package/docs/concepts/project-md-convention.md +35 -35
  49. package/docs/concepts/runtime-notes.md +38 -38
  50. package/docs/concepts/troubleshooting.md +254 -254
  51. package/docs/concepts/workspace-bootstrapping.md +142 -142
  52. package/docs/context-format-changelog.md +35 -35
  53. package/docs/context-format.md +48 -48
  54. package/docs/index.md +65 -65
  55. package/docs/integrations/agents.md +158 -158
  56. package/docs/integrations/claude-code.md +23 -23
  57. package/docs/integrations/cline.md +77 -77
  58. package/docs/integrations/continue.md +55 -55
  59. package/docs/integrations/copilot.md +68 -68
  60. package/docs/integrations/cursor.md +23 -23
  61. package/docs/integrations/kilocode.md +72 -72
  62. package/docs/integrations/mcp.md +377 -377
  63. package/docs/integrations/mistral-vibe.md +122 -122
  64. package/docs/integrations/openclaw.md +92 -92
  65. package/docs/integrations/opencode.md +84 -84
  66. package/docs/integrations/overview.md +115 -115
  67. package/docs/integrations/roo.md +71 -71
  68. package/docs/integrations/windsurf.md +77 -77
  69. package/docs/mcp-schema-changelog.md +360 -356
  70. package/docs/playbooks/integration/index.md +121 -121
  71. package/docs/playbooks/orchestration.md +37 -0
  72. package/docs/playbooks/productivity/index.md +99 -99
  73. package/docs/playbooks/team/index.md +117 -117
  74. package/docs/product/agent-first-model.md +184 -184
  75. package/docs/product/entity-model-audit.md +462 -462
  76. package/docs/product/positioning.md +86 -86
  77. package/docs/quickstart-existing-project.md +107 -107
  78. package/docs/quickstart.md +183 -183
  79. package/docs/release-maintenance.md +79 -79
  80. package/docs/reputation.md +52 -52
  81. package/docs/review.md +45 -45
  82. package/docs/security.md +212 -212
  83. package/docs/server-operations.md +118 -118
  84. package/docs/storage.md +106 -106
  85. package/package.json +80 -65
  86. package/docs/concepts/event-log-store-critique-A.md +0 -333
  87. package/docs/concepts/event-log-store-critique-B.md +0 -353
  88. package/docs/concepts/event-log-store-phase0-measurements.md +0 -58
  89. package/docs/concepts/event-log-store-proposal-A.md +0 -365
  90. package/docs/concepts/event-log-store-proposal-B.md +0 -404
  91. package/docs/concepts/identity-model-proposal.md +0 -371
@@ -1,356 +1,360 @@
1
- # brainclaw MCP Schema Changelog
2
-
3
- This document tracks all breaking and notable changes to the brainclaw MCP server protocol.
4
-
5
- See [docs/concepts/mcp-governance.md](concepts/mcp-governance.md) for the
6
- versioning rules, breaking-change policy, deprecation window, and tier
7
- guarantees this changelog follows.
8
-
9
- ---
10
-
11
- ## Unreleased
12
-
13
- **Changed — agent-UX read-path surface (pln#542)**
14
- - `bclaw_work`, `bclaw_context`, `bclaw_find`, `bclaw_get`, `bclaw_search`
15
- gain an optional `budget_tokens` argument (relevance-ranked fill).
16
- - `bclaw_work` compact payload now includes a trimmed `context_diff`
17
- (event-cursor sourced, all intents) and facade responses carry
18
- `next_actions` affordances.
19
- - `bclaw_quick_capture` gains an optional caller-asserted `type` argument;
20
- contradiction detection is advisory metadata (no longer blocks promotion).
21
- - No tool was removed or renamed; no required argument changed.
22
- - MCP public surface fingerprint: `sha256:eaa8865070b10401`
23
-
24
- **Changed — JSON Schema generation shift (pln#486, zod 4 migration)**
25
- - Migration from zod 3.24 → 4.3.6 changes the introspection output that
26
- feeds `tools/list`. Schemas are semantically equivalent but the emitted
27
- JSON differs in incidental shape (key order, optional-property
28
- encoding). MCP clients that snapshot or hash schemas should re-pin.
29
- - Public surface fingerprint moves from `sha256:a479f710ff043ef6` (zod 3)
30
- to `sha256:860fbaa30a486093` (zod 4). No tool was added, removed,
31
- renamed, or had its required arguments change.
32
-
33
- **Changed — `bclaw_loop(intent: 'open')` anti-pattern gate (pln#461)**
34
- - New optional field `allow_orphan: boolean` on `BclawLoopOpenSchema`.
35
- - Default (absent / `false`) — handler rejects with `validation_error`
36
- and points to `bclaw_coordinate(intent: 'review', open_loop: true)`
37
- as the recommended path. Prevents the "loop opened without
38
- dispatch → no claim, no inbox, no agent picks it up" trap called
39
- out in `CLAUDE.md`.
40
- - `allow_orphan: true` — explicit acknowledgement that the caller
41
- will drive `turn()` + dispatch manually (advanced / test use only).
42
- - Internal callers (`bclaw_coordinate`, `bclaw_dispatch`) are not
43
- affected — they bypass `handleBclawLoop` and invoke the core
44
- `openLoop()` directly.
45
-
46
- **Changed — sequence tools promoted to default discovery (pln#522)**
47
- - `bclaw_list_sequences`, `bclaw_create_sequence`,
48
- `bclaw_update_sequence`, and `bclaw_delete_sequence` move from
49
- `advanced` to `standard`, so fresh agents see them in the default
50
- `tools/list` catalog. Sequences are a core agent-first coordination
51
- primitive for parallel dispatch, not an advanced-only admin surface.
52
- - `bclaw_create_sequence.items` and `bclaw_update_sequence.items` now
53
- expose the full item shape in JSON Schema: `planId`, optional
54
- `stepId`, `rank`, `hard_after`, `soft_after`, `lane`, `scope_hint`,
55
- and `rationale`.
56
-
57
- ---
58
-
59
- ## 1.0.0 (current)
60
-
61
- **Public launch candidate.** Phase 3 slice 3i of `pln_c6472192`.
62
- Completes the canonical grammar refactor: canonical verbs promoted to
63
- the default `standard` tier, legacy per-entity tools removed from the
64
- discoverable surface.
65
-
66
- **Changed — tier promotion**
67
- All canonical verbs land in the default `standard` catalog:
68
- - `bclaw_find`, `bclaw_get`, `bclaw_create`, `bclaw_update`,
69
- `bclaw_remove`, `bclaw_transition`
70
- - `bclaw_context(kind)` — memory / execution / board / board_summary / delta
71
- - `bclaw_dispatch(intent)` — analysis / execute / review
72
- - `bclaw_correct_handoff` — P6.1 tombstone for handoff corrections
73
-
74
- **Breaking — legacy per-entity tools removed from the catalog**
75
- The following tools are no longer returned by `tools/list` default or
76
- `catalog: "standard"`. They were marked deprecated throughout the
77
- 0.8.x window. Replacement is named in parentheses:
78
-
79
- - `bclaw_list_plans` (→ `bclaw_find(entity: "plan")`)
80
- - `bclaw_list_candidates` (→ `bclaw_find(entity: "candidate")`)
81
- - `bclaw_list_claims` (→ `bclaw_find(entity: "claim")`)
82
- - `bclaw_list_actions` (→ `bclaw_find(entity: "action")`)
83
- - `bclaw_list_assignments` (→ `bclaw_find(entity: "assignment")`)
84
- - `bclaw_list_runs` (→ `bclaw_find(entity: "agent_run")`)
85
- - `bclaw_read_handoff` (→ `bclaw_get(entity: "handoff", id)`)
86
- - `bclaw_create_plan` / `bclaw_create_candidate` (→ `bclaw_create`)
87
- - `bclaw_update_plan` (→ `bclaw_update` + `bclaw_transition`)
88
- - `bclaw_accept` / `bclaw_reject` (→ `bclaw_transition(entity: "candidate")`)
89
- - `bclaw_get_execution_context` / `bclaw_get_agent_board` /
90
- `bclaw_get_agent_board_summary` (→ `bclaw_context(kind)`)
91
- - `bclaw_dispatch_analysis` / `bclaw_dispatch_review` (→ `bclaw_dispatch(intent)`)
92
- - `bclaw_update_handoff` (→ `bclaw_correct_handoff` — P6.1 tombstone)
93
-
94
- The tool *handlers* remain in place for now as defensive code — a
95
- direct call by a non-MCP-compliant caller that bypasses `tools/list`
96
- will still succeed. A follow-up PR will strip the dead handler code.
97
-
98
- **Changed — versions**
99
- - `SCHEMA_VERSION` bump: `0.8.0 → 1.0.0`
100
- - `package.json` bump: `0.63.0 → 1.0.0`
101
-
102
- **Changed — governance guard**
103
- - `tests/unit/mcp-governance.test.ts` now checks that the current
104
- changelog records the published MCP surface fingerprint. When a tool
105
- name, tier, category, or input schema changes, the test fails until
106
- this section is updated.
107
- - MCP public surface fingerprint: `sha256:b1d3c6a00a224509`
108
- (updated 2026-06-14: journal ON by default + `migrate --enable-journal`,
109
- registry post-image families + verify gate, and capped auto-handoff diff
110
- preview on `bclaw_get`; pln#567/#568/#569.
111
- Previous: `sha256:21fa9544977a3754`,
112
- updated 2026-06-11b: observability surfaces composite
113
- `attention_required` in board_summary, observer-mode read flags,
114
- `bootstrap_verdict` in FacadeResponse; pln#557/#558/#559.
115
- Previous: `sha256:8f86d3998f8a24e3`,
116
- updated 2026-06-11: uninitialized setup mode the server now boots with
117
- a minimal catalog on a missing project store instead of exit(1), and the
118
- empty-memory decision rule is surfaced in setup/work hints; pln#556.
119
- Previous: `sha256:eaa8865070b10401`,
120
- updated 2026-06-10: agent-UX read-path surface`budget_tokens` on the
121
- read tools, `context_diff`/`next_actions` in facade payloads,
122
- caller-asserted `type` on quick_capture; see the Unreleased entry, pln#542.
123
- Previous: `sha256:333be7c3cda7e166`,
124
- updated 2026-06-09: added the `preflight` boolean to the bclaw_coordinate
125
- inputSchema — pln#533, the pre-flight spawn validation for open_loop reviews
126
- (run one trivial validation spawn per reviewer before opening the loop so an
127
- environment death surfaces with a clear reason instead of a generic timeout).
128
- Prior value `sha256:a1881ff57ddce377` added the `ref` property to the
129
- bclaw_coordinate inputSchema (2026-05-27, pln#520 Tier 2 / trp#371, the
130
- scope-aware dirty guard; `ref` lets a dispatch build its worktree from an
131
- explicit git ref). `sha256:0a4ba280aeff142b` exposed `allow_dirty` in the
132
- bclaw_coordinate inputSchema. `sha256:e88c1a97fc29cfd1` came from the
133
- pln#520 LoopPhase/LoopSlotInput schema resync, which itself reconciled
134
- earlier unrecorded drift from `sha256:724085642dc3e2d7`.)
135
-
136
- See `docs/integrations/mcp.md` for the full canonical surface + an
137
- example gallery per verb. See `docs/concepts/mcp-governance.md` for
138
- the stability contract now that v1.0 has shipped.
139
-
140
- ---
141
-
142
- ## 0.8.0
143
-
144
- Phase 3 canonical grammar slices shipped under `pln_c6472192` (slices
145
- 3a–3g). Every addition is behind `catalog: "all"` until the v1.0 cut
146
- (slice 3i) promotes the new verbs to the default catalog and removes
147
- the deprecated surface.
148
-
149
- **Added (canonical CRUD verbs)**
150
- - `bclaw_find(entity, filter?)` list query with default provenance
151
- filter (excludes `legacy` + `auto_reflect < 0.6`; override via
152
- `filter.includeLegacy` / `filter.minAutoReflectConfidence`).
153
- - `bclaw_get(entity, id)` — fetch by id or short_label.
154
- - `bclaw_create(entity, data)` — auto-stamps provenance (kind: user
155
- by default).
156
- - `bclaw_update(entity, id, patch)` — rejects non-updatable fields
157
- per EntityRegistry.
158
- - `bclaw_remove(entity, id, purge?)` — archive (default) or purge.
159
- - `bclaw_transition(entity, id, to, reason?)` — validated against
160
- declarative transition matrix; returns side-effect tags.
161
-
162
- **Added (unified intent dispatchers)**
163
- - `bclaw_context(kind)` — unifies `bclaw_get_context` /
164
- `_execution_context` / `_agent_board` / `_agent_board_summary`.
165
- Adds `kind: "delta", since: <session_id>` for memory diffs (P6.4).
166
- - `bclaw_dispatch(intent)` intent discriminator over the existing
167
- bclaw_dispatch tool. `analysis` / `execute` (default, legacy) /
168
- `review` (with openLoop + reviewMode).
169
- - `bclaw_correct_handoff(originalId, ...)` P6.1 tombstone pattern.
170
- Writes a correction handoff with `supersedes` / `superseded_by`
171
- pointers; refuses to supersede already-superseded or closed
172
- handoffs.
173
-
174
- **Added (schema)**
175
- - `Provenance` discriminated union: agent / auto_reflect / user /
176
- loop_artifact / federation / correction / legacy. Exported from
177
- `src/core/schema.ts`. Stamped on creates; federation-safe.
178
- - `Handoff.superseded_by` and `Handoff.supersedes` — P6.1 tombstone
179
- pointers, optional passthrough.
180
-
181
- **Deprecated (19 tools)**
182
- All redirects are non-breaking (old tools still work until slice 3i
183
- removal). Warnings surface on every call through the
184
- `executeMcpToolCall` exit wrapper:
185
- - `bclaw_list_plans/candidates/claims/actions/assignments/runs`
186
- `bclaw_find(entity, filter)`
187
- - `bclaw_read_handoff` `bclaw_get(entity: "handoff", id)`
188
- - `bclaw_create_plan/candidate` `bclaw_create`
189
- - `bclaw_update_plan` → `bclaw_update` / `bclaw_transition`
190
- - `bclaw_accept/reject` → `bclaw_transition(entity: "candidate")`
191
- - `bclaw_get_execution_context/_agent_board/_agent_board_summary` →
192
- `bclaw_context(kind)`
193
- - `bclaw_dispatch_analysis/_review` → `bclaw_dispatch(intent)`
194
- - `bclaw_update_handoff` → `bclaw_correct_handoff` (P6.1)
195
-
196
- ---
197
-
198
- ## 0.7.0
199
-
200
- Shipped in brainclaw app `0.63.0`. Consolidates the surface listed
201
- below — previously accumulating under an inaccurate `SCHEMA_VERSION = '0.6.0'`
202
- constant — and brings the runtime value in line with the documented
203
- state. Governance cross-check now passes (see governance doc).
204
-
205
- **Added (this landing)**
206
- - `bclaw_doctor --after-migration` post-v1-upgrade health check
207
- reporting one finding per invariant (provenance coverage, handoff
208
- review-strip, candidate archive, schema-version marker). Exits
209
- non-zero on any failure.
210
- - `brainclaw upgrade --to=1.0` — one-shot v1 schema migration
211
- covering candidate archive (P6.6), handoff review-strip (P6.1
212
- groundwork), provenance rollout (P6.3), schema-version bump
213
- (0.6.0 0.8.0 in the store marker). Plus `--backup` /
214
- `--no-backup` / `--rollback` flags.
215
- - `provenance` optional passthrough field on Decision, Constraint,
216
- Trap, Handoff, RuntimeNote discriminated-union typing lands in
217
- Phase 3 (`pln_c6472192 / 3f`). The declaration lets migration
218
- patches stamp `{ kind: 'legacy' }` without Zod stripping it on
219
- persist.
220
-
221
- **Added (previously unreleased 0.7.0 surface)**
222
- - `bclaw_check_policy` pre-execution governance check for a scope
223
- - Input: `scope` (required), `agent`, `agentId`, `action`
224
- - Returns `allowed` boolean, `blocks[]` (hard stops), `warnings[]` (context)
225
- - Checks: claim active, claim conflict, constraint matching, trap matching
226
- - Returns `governance_context` with active instructions count, matching items
227
- - `bclaw_audit` now supports `governance: true` parameter
228
- - Returns aggregated posture report instead of chronological log
229
- - Includes: constitution (global instructions), red lines (constraints by category), claims by agent, open traps by severity, mutations without claim, recommendations
230
- - Supports `scope` filter for governance mode
231
- - `bclaw_claim` response now includes automatic policy warnings
232
- - Constraints and traps matching the claimed scope are surfaced as warnings
233
- - No extra call needed governance context is provided at claim time
234
- - Enriched `AuditEntry` fields: `scope`, `session_id`, `host_id`
235
- - Claim/release entries include the scope being claimed
236
- - Session start/end entries include session and host IDs
237
- - `promote_direct` and `trust_change` actions now propagated to events.jsonl
238
-
239
- **Changed**
240
- - MCP schema version bumped to 0.7.0
241
- - Governance report filters machine/private traps only shared-visibility traps affect project posture
242
- - Audit chronological mode now shows `scope` field for claim actions
243
-
244
- ---
245
-
246
- ## 0.6.0
247
-
248
- **Added**
249
- - `bclaw_get_capabilities` — list all registered project capabilities with optional filtering by category
250
- - Returns array of capabilities with id, name, category, and tags
251
- - Supports category filtering parameter
252
- - `bclaw_list_tools` — list all registered project tools with optional filtering by type
253
- - Returns array of tools with id, name, type, and tags
254
- - Supports type and tag filtering parameters
255
- - `bclaw_search_tools` full-text search across project tools
256
- - Filters by query string, type, and tags
257
- - Returns matching tools with detailed metadata
258
- - Enhanced `bclaw_get_context` to include metadata discovery:
259
- - New `available_capabilities` field in structured content (array of capability objects)
260
- - New `available_tools` field in structured content (array of tool objects)
261
- - Suggestions section in text output showing relevant capabilities and tools (up to 5 each)
262
- - Support for `category` and `outcome` fields in `bclaw_create_candidate`:
263
- - Constraints can now have a category: architecture, performance, security, reliability, compatibility, process, other
264
- - Decisions can now have an outcome: approved, rejected, deferred, pending
265
- - Doctor check `metadata_consistency` validates capability and tool completeness
266
- - `bclaw_bootstrap` now returns adaptive interview prompts alongside the import proposal when bootstrap confidence is incomplete
267
- - `structuredContent.import_plan.interview` exposes `summary`, `question_count`, and audience-tagged questions
268
- - Questions can be targeted to `cli`, `ide_chat`, or `any`
269
- - Interview questions now expose stable IDs and `target_hints`
270
- - `structuredContent.onboarding_mode` distinguishes `empty_workspace`, `existing_documented`, and `existing_sparse`
271
- - `structuredContent.import_plan.confirmed_suggestion_count` reports how many suggestions were confirmed by interview answers
272
- - `bclaw_bootstrap` now accepts `interviewAnswers`, `apply`, `uninstall`, `audience`, and `interview`
273
- - capable agents can preview confirmed selective imports through MCP before applying them
274
- - bootstrap apply/uninstall now covers selective canonical memory imports beyond instructions
275
-
276
- **Changed**
277
- - MCP schema version bumped to 0.6.0 to reflect new metadata discovery capabilities
278
-
279
- ---
280
-
281
- ## 0.5.0
282
-
283
- **Added**
284
- - `bclaw_delete_memory` — delete a constraint, decision, or trap by ID (trusted trust required)
285
- - Searches across store chain to locate item
286
- - Supports deletion from any store level (local, repo, workspace, user)
287
- - Returns `deleted_id`, `item_type`, `store_level` in response
288
- - `bclaw_update_memory` — update text/tags or move an item to a different store level (trusted trust required)
289
- - Supports updating constraint, decision, or trap in-place
290
- - `moveToStore` parameter enables moving items between levels (local repo workspace user)
291
- - Returns `updated_id`, `item_type`, `previous_store`, `new_store` in response
292
- - Doctor checks `scope_hygiene` and `cross_level_duplicates` warn about machine-level items at project scope and potential duplicates across store levels
293
-
294
- **Changed**
295
- - `bclaw_get_context` and related tools now properly merge instructions from parent stores in the chain
296
-
297
- ---
298
-
299
- ## 0.4.0
300
-
301
- **Added**
302
- - `bclaw_create_plan` — create a plan item from an agent (contributor trust required)
303
- - `bclaw_update_plan` — update status, actual effort, priority, or assignee of a plan item
304
- - `bclaw_add_step` — add a sub-step to a plan item
305
- - `bclaw_complete_step` — mark a plan sub-step as done
306
- - All plan management tools return structured `plan_id`, `step_id`, `status`, `progress` fields
307
-
308
- **Fixed**
309
- - `bclaw_release_claim`: `planStatus` parameter was declared in the schema but not applied now correctly updates the linked plan's status when provided
310
-
311
- ---
312
-
313
- ## 0.3.0
314
-
315
- **Added**
316
- - `initialize` handshake support (MCP protocol conformance)
317
- - `schema_version: "0.3.0"` field in all `structuredContent` responses
318
- - Write tools: `bclaw_write_note`, `bclaw_create_candidate`, `bclaw_accept`, `bclaw_reject`, `bclaw_claim`, `bclaw_release_claim`, `bclaw_session_start`, `bclaw_session_end`
319
- - `bclaw_search` tool — full-text BM25 search across all memory items
320
- - Trust-level access control on write tools (contributor / trusted / curator)
321
- - `context_schema` field in `bclaw_get_context` structured responses
322
- - Explicit identity arguments on mutation tools:
323
- - `agentId` on `bclaw_write_note`, `bclaw_create_candidate`, `bclaw_claim`, `bclaw_session_start`, `bclaw_session_end`
324
- - `byId` on `bclaw_accept`, `bclaw_reject`
325
- - Stable MCP tool errors:
326
- - `identity_error`
327
- - `trust_error`
328
- - `validation_error`
329
-
330
- **Changed**
331
- - All read tool responses now include `schema_version` in `structuredContent`
332
- - `bclaw_get_context` `structuredContent` flattens the full `ContextResult` object
333
- - `bclaw_get_context` now exposes `context_schema: "1.2"` and additive fields from the current public context contract
334
- - Mutation tools now require a registered identity on write paths; `agent`/`agentId` and `by`/`byId` must resolve to the same registered identity when both are provided
335
- - `bclaw_reject` is now restricted to `trusted` / `curator` agents, aligned with `bclaw_accept`
336
-
337
- ---
338
-
339
- ## 0.2.0
340
-
341
- **Added**
342
- - `bclaw_get_agent_board` read tool
343
- - `bclaw_read_handoff` read tool
344
- - Tool prefix renamed: `tmem_` → `bclaw_`
345
-
346
- **Changed**
347
- - Environment variables renamed: `TEAM_MEMORY_*` `BRAINCLAW_*`
348
- - Storage directory renamed: `.memory/``.brainclaw/`
349
-
350
- ---
351
-
352
- ## 0.1.0
353
-
354
- **Initial**
355
- - `bclaw_get_context` read tool (was `tmem_get_context`)
356
- - Basic stdio NDJSON transport
1
+ # brainclaw MCP Schema Changelog
2
+
3
+ This document tracks all breaking and notable changes to the brainclaw MCP server protocol.
4
+
5
+ See [docs/concepts/mcp-governance.md](concepts/mcp-governance.md) for the
6
+ versioning rules, breaking-change policy, deprecation window, and tier
7
+ guarantees this changelog follows.
8
+
9
+ ---
10
+
11
+ ## Unreleased
12
+
13
+ **Changed — agent-UX read-path surface (pln#542)**
14
+ - `bclaw_work`, `bclaw_context`, `bclaw_find`, `bclaw_get`, `bclaw_search`
15
+ gain an optional `budget_tokens` argument (relevance-ranked fill).
16
+ - `bclaw_work` compact payload now includes a trimmed `context_diff`
17
+ (event-cursor sourced, all intents) and facade responses carry
18
+ `next_actions` affordances.
19
+ - `bclaw_quick_capture` gains an optional caller-asserted `type` argument;
20
+ contradiction detection is advisory metadata (no longer blocks promotion).
21
+ - No tool was removed or renamed; no required argument changed.
22
+ - MCP public surface fingerprint: `sha256:eaa8865070b10401`
23
+
24
+ **Changed — JSON Schema generation shift (pln#486, zod 4 migration)**
25
+ - Migration from zod 3.24 → 4.3.6 changes the introspection output that
26
+ feeds `tools/list`. Schemas are semantically equivalent but the emitted
27
+ JSON differs in incidental shape (key order, optional-property
28
+ encoding). MCP clients that snapshot or hash schemas should re-pin.
29
+ - Public surface fingerprint moves from `sha256:a479f710ff043ef6` (zod 3)
30
+ to `sha256:860fbaa30a486093` (zod 4). No tool was added, removed,
31
+ renamed, or had its required arguments change.
32
+
33
+ **Changed — `bclaw_loop(intent: 'open')` anti-pattern gate (pln#461)**
34
+ - New optional field `allow_orphan: boolean` on `BclawLoopOpenSchema`.
35
+ - Default (absent / `false`) — handler rejects with `validation_error`
36
+ and points to `bclaw_coordinate(intent: 'review', open_loop: true)`
37
+ as the recommended path. Prevents the "loop opened without
38
+ dispatch → no claim, no inbox, no agent picks it up" trap called
39
+ out in `CLAUDE.md`.
40
+ - `allow_orphan: true` — explicit acknowledgement that the caller
41
+ will drive `turn()` + dispatch manually (advanced / test use only).
42
+ - Internal callers (`bclaw_coordinate`, `bclaw_dispatch`) are not
43
+ affected — they bypass `handleBclawLoop` and invoke the core
44
+ `openLoop()` directly.
45
+
46
+ **Changed — sequence tools promoted to default discovery (pln#522)**
47
+ - `bclaw_list_sequences`, `bclaw_create_sequence`,
48
+ `bclaw_update_sequence`, and `bclaw_delete_sequence` move from
49
+ `advanced` to `standard`, so fresh agents see them in the default
50
+ `tools/list` catalog. Sequences are a core agent-first coordination
51
+ primitive for parallel dispatch, not an advanced-only admin surface.
52
+ - `bclaw_create_sequence.items` and `bclaw_update_sequence.items` now
53
+ expose the full item shape in JSON Schema: `planId`, optional
54
+ `stepId`, `rank`, `hard_after`, `soft_after`, `lane`, `scope_hint`,
55
+ and `rationale`.
56
+
57
+ ---
58
+
59
+ ## 1.0.0 (current)
60
+
61
+ **Public launch candidate.** Phase 3 slice 3i of `pln_c6472192`.
62
+ Completes the canonical grammar refactor: canonical verbs promoted to
63
+ the default `standard` tier, legacy per-entity tools removed from the
64
+ discoverable surface.
65
+
66
+ **Changed — tier promotion**
67
+ All canonical verbs land in the default `standard` catalog:
68
+ - `bclaw_find`, `bclaw_get`, `bclaw_create`, `bclaw_update`,
69
+ `bclaw_remove`, `bclaw_transition`
70
+ - `bclaw_context(kind)` — memory / execution / board / board_summary / delta
71
+ - `bclaw_dispatch(intent)` — analysis / execute / review
72
+ - `bclaw_correct_handoff` — P6.1 tombstone for handoff corrections
73
+
74
+ **Breaking — legacy per-entity tools removed from the catalog**
75
+ The following tools are no longer returned by `tools/list` default or
76
+ `catalog: "standard"`. They were marked deprecated throughout the
77
+ 0.8.x window. Replacement is named in parentheses:
78
+
79
+ - `bclaw_list_plans` (→ `bclaw_find(entity: "plan")`)
80
+ - `bclaw_list_candidates` (→ `bclaw_find(entity: "candidate")`)
81
+ - `bclaw_list_claims` (→ `bclaw_find(entity: "claim")`)
82
+ - `bclaw_list_actions` (→ `bclaw_find(entity: "action")`)
83
+ - `bclaw_list_assignments` (→ `bclaw_find(entity: "assignment")`)
84
+ - `bclaw_list_runs` (→ `bclaw_find(entity: "agent_run")`)
85
+ - `bclaw_read_handoff` (→ `bclaw_get(entity: "handoff", id)`)
86
+ - `bclaw_create_plan` / `bclaw_create_candidate` (→ `bclaw_create`)
87
+ - `bclaw_update_plan` (→ `bclaw_update` + `bclaw_transition`)
88
+ - `bclaw_accept` / `bclaw_reject` (→ `bclaw_transition(entity: "candidate")`)
89
+ - `bclaw_get_execution_context` / `bclaw_get_agent_board` /
90
+ `bclaw_get_agent_board_summary` (→ `bclaw_context(kind)`)
91
+ - `bclaw_dispatch_analysis` / `bclaw_dispatch_review` (→ `bclaw_dispatch(intent)`)
92
+ - `bclaw_update_handoff` (→ `bclaw_correct_handoff` — P6.1 tombstone)
93
+
94
+ The tool *handlers* remain in place for now as defensive code — a
95
+ direct call by a non-MCP-compliant caller that bypasses `tools/list`
96
+ will still succeed. A follow-up PR will strip the dead handler code.
97
+
98
+ **Changed — versions**
99
+ - `SCHEMA_VERSION` bump: `0.8.0 → 1.0.0`
100
+ - `package.json` bump: `0.63.0 → 1.0.0`
101
+
102
+ **Changed — governance guard**
103
+ - `tests/unit/mcp-governance.test.ts` now checks that the current
104
+ changelog records the published MCP surface fingerprint. When a tool
105
+ name, tier, category, or input schema changes, the test fails until
106
+ this section is updated.
107
+ - MCP public surface fingerprint: `sha256:70cf80b9615f631f`
108
+ (updated 2026-06-18 for 1.9.1: monorepo project-scoping fix session-aware
109
+ effective-cwd resolution and read-path project scoping shift the published
110
+ input-schema surface. Additive: no tool added, removed, or renamed.)
111
+ Previous: `sha256:b1d3c6a00a224509`,
112
+ updated 2026-06-14: journal ON by default + `migrate --enable-journal`,
113
+ registry post-image families + verify gate, and capped auto-handoff diff
114
+ preview on `bclaw_get`; pln#567/#568/#569.
115
+ Previous: `sha256:21fa9544977a3754`,
116
+ updated 2026-06-11b: observability surfacescomposite
117
+ `attention_required` in board_summary, observer-mode read flags,
118
+ `bootstrap_verdict` in FacadeResponse; pln#557/#558/#559.
119
+ Previous: `sha256:8f86d3998f8a24e3`,
120
+ updated 2026-06-11: uninitialized setup modethe server now boots with
121
+ a minimal catalog on a missing project store instead of exit(1), and the
122
+ empty-memory decision rule is surfaced in setup/work hints; pln#556.
123
+ Previous: `sha256:eaa8865070b10401`,
124
+ updated 2026-06-10: agent-UX read-path surface — `budget_tokens` on the
125
+ read tools, `context_diff`/`next_actions` in facade payloads,
126
+ caller-asserted `type` on quick_capture; see the Unreleased entry, pln#542.
127
+ Previous: `sha256:333be7c3cda7e166`,
128
+ updated 2026-06-09: added the `preflight` boolean to the bclaw_coordinate
129
+ inputSchema pln#533, the pre-flight spawn validation for open_loop reviews
130
+ (run one trivial validation spawn per reviewer before opening the loop so an
131
+ environment death surfaces with a clear reason instead of a generic timeout).
132
+ Prior value `sha256:a1881ff57ddce377` added the `ref` property to the
133
+ bclaw_coordinate inputSchema (2026-05-27, pln#520 Tier 2 / trp#371, the
134
+ scope-aware dirty guard; `ref` lets a dispatch build its worktree from an
135
+ explicit git ref). `sha256:0a4ba280aeff142b` exposed `allow_dirty` in the
136
+ bclaw_coordinate inputSchema. `sha256:e88c1a97fc29cfd1` came from the
137
+ pln#520 LoopPhase/LoopSlotInput schema resync, which itself reconciled
138
+ earlier unrecorded drift from `sha256:724085642dc3e2d7`.)
139
+
140
+ See `docs/integrations/mcp.md` for the full canonical surface + an
141
+ example gallery per verb. See `docs/concepts/mcp-governance.md` for
142
+ the stability contract now that v1.0 has shipped.
143
+
144
+ ---
145
+
146
+ ## 0.8.0
147
+
148
+ Phase 3 canonical grammar slices shipped under `pln_c6472192` (slices
149
+ 3a–3g). Every addition is behind `catalog: "all"` until the v1.0 cut
150
+ (slice 3i) promotes the new verbs to the default catalog and removes
151
+ the deprecated surface.
152
+
153
+ **Added (canonical CRUD verbs)**
154
+ - `bclaw_find(entity, filter?)` — list query with default provenance
155
+ filter (excludes `legacy` + `auto_reflect < 0.6`; override via
156
+ `filter.includeLegacy` / `filter.minAutoReflectConfidence`).
157
+ - `bclaw_get(entity, id)` — fetch by id or short_label.
158
+ - `bclaw_create(entity, data)` — auto-stamps provenance (kind: user
159
+ by default).
160
+ - `bclaw_update(entity, id, patch)` — rejects non-updatable fields
161
+ per EntityRegistry.
162
+ - `bclaw_remove(entity, id, purge?)` — archive (default) or purge.
163
+ - `bclaw_transition(entity, id, to, reason?)` — validated against
164
+ declarative transition matrix; returns side-effect tags.
165
+
166
+ **Added (unified intent dispatchers)**
167
+ - `bclaw_context(kind)` unifies `bclaw_get_context` /
168
+ `_execution_context` / `_agent_board` / `_agent_board_summary`.
169
+ Adds `kind: "delta", since: <session_id>` for memory diffs (P6.4).
170
+ - `bclaw_dispatch(intent)` intent discriminator over the existing
171
+ bclaw_dispatch tool. `analysis` / `execute` (default, legacy) /
172
+ `review` (with openLoop + reviewMode).
173
+ - `bclaw_correct_handoff(originalId, ...)` — P6.1 tombstone pattern.
174
+ Writes a correction handoff with `supersedes` / `superseded_by`
175
+ pointers; refuses to supersede already-superseded or closed
176
+ handoffs.
177
+
178
+ **Added (schema)**
179
+ - `Provenance` discriminated union: agent / auto_reflect / user /
180
+ loop_artifact / federation / correction / legacy. Exported from
181
+ `src/core/schema.ts`. Stamped on creates; federation-safe.
182
+ - `Handoff.superseded_by` and `Handoff.supersedes` P6.1 tombstone
183
+ pointers, optional passthrough.
184
+
185
+ **Deprecated (19 tools)**
186
+ All redirects are non-breaking (old tools still work until slice 3i
187
+ removal). Warnings surface on every call through the
188
+ `executeMcpToolCall` exit wrapper:
189
+ - `bclaw_list_plans/candidates/claims/actions/assignments/runs` →
190
+ `bclaw_find(entity, filter)`
191
+ - `bclaw_read_handoff` → `bclaw_get(entity: "handoff", id)`
192
+ - `bclaw_create_plan/candidate` → `bclaw_create`
193
+ - `bclaw_update_plan` → `bclaw_update` / `bclaw_transition`
194
+ - `bclaw_accept/reject` → `bclaw_transition(entity: "candidate")`
195
+ - `bclaw_get_execution_context/_agent_board/_agent_board_summary` →
196
+ `bclaw_context(kind)`
197
+ - `bclaw_dispatch_analysis/_review` → `bclaw_dispatch(intent)`
198
+ - `bclaw_update_handoff` → `bclaw_correct_handoff` (P6.1)
199
+
200
+ ---
201
+
202
+ ## 0.7.0
203
+
204
+ Shipped in brainclaw app `0.63.0`. Consolidates the surface listed
205
+ below previously accumulating under an inaccurate `SCHEMA_VERSION = '0.6.0'`
206
+ constant and brings the runtime value in line with the documented
207
+ state. Governance cross-check now passes (see governance doc).
208
+
209
+ **Added (this landing)**
210
+ - `bclaw_doctor --after-migration` — post-v1-upgrade health check
211
+ reporting one finding per invariant (provenance coverage, handoff
212
+ review-strip, candidate archive, schema-version marker). Exits
213
+ non-zero on any failure.
214
+ - `brainclaw upgrade --to=1.0` — one-shot v1 schema migration
215
+ covering candidate archive (P6.6), handoff review-strip (P6.1
216
+ groundwork), provenance rollout (P6.3), schema-version bump
217
+ (0.6.0 0.8.0 in the store marker). Plus `--backup` /
218
+ `--no-backup` / `--rollback` flags.
219
+ - `provenance` optional passthrough field on Decision, Constraint,
220
+ Trap, Handoff, RuntimeNote — discriminated-union typing lands in
221
+ Phase 3 (`pln_c6472192 / 3f`). The declaration lets migration
222
+ patches stamp `{ kind: 'legacy' }` without Zod stripping it on
223
+ persist.
224
+
225
+ **Added (previously unreleased 0.7.0 surface)**
226
+ - `bclaw_check_policy` pre-execution governance check for a scope
227
+ - Input: `scope` (required), `agent`, `agentId`, `action`
228
+ - Returns `allowed` boolean, `blocks[]` (hard stops), `warnings[]` (context)
229
+ - Checks: claim active, claim conflict, constraint matching, trap matching
230
+ - Returns `governance_context` with active instructions count, matching items
231
+ - `bclaw_audit` now supports `governance: true` parameter
232
+ - Returns aggregated posture report instead of chronological log
233
+ - Includes: constitution (global instructions), red lines (constraints by category), claims by agent, open traps by severity, mutations without claim, recommendations
234
+ - Supports `scope` filter for governance mode
235
+ - `bclaw_claim` response now includes automatic policy warnings
236
+ - Constraints and traps matching the claimed scope are surfaced as warnings
237
+ - No extra call needed governance context is provided at claim time
238
+ - Enriched `AuditEntry` fields: `scope`, `session_id`, `host_id`
239
+ - Claim/release entries include the scope being claimed
240
+ - Session start/end entries include session and host IDs
241
+ - `promote_direct` and `trust_change` actions now propagated to events.jsonl
242
+
243
+ **Changed**
244
+ - MCP schema version bumped to 0.7.0
245
+ - Governance report filters machine/private traps — only shared-visibility traps affect project posture
246
+ - Audit chronological mode now shows `scope` field for claim actions
247
+
248
+ ---
249
+
250
+ ## 0.6.0
251
+
252
+ **Added**
253
+ - `bclaw_get_capabilities` list all registered project capabilities with optional filtering by category
254
+ - Returns array of capabilities with id, name, category, and tags
255
+ - Supports category filtering parameter
256
+ - `bclaw_list_tools` list all registered project tools with optional filtering by type
257
+ - Returns array of tools with id, name, type, and tags
258
+ - Supports type and tag filtering parameters
259
+ - `bclaw_search_tools` full-text search across project tools
260
+ - Filters by query string, type, and tags
261
+ - Returns matching tools with detailed metadata
262
+ - Enhanced `bclaw_get_context` to include metadata discovery:
263
+ - New `available_capabilities` field in structured content (array of capability objects)
264
+ - New `available_tools` field in structured content (array of tool objects)
265
+ - Suggestions section in text output showing relevant capabilities and tools (up to 5 each)
266
+ - Support for `category` and `outcome` fields in `bclaw_create_candidate`:
267
+ - Constraints can now have a category: architecture, performance, security, reliability, compatibility, process, other
268
+ - Decisions can now have an outcome: approved, rejected, deferred, pending
269
+ - Doctor check `metadata_consistency` validates capability and tool completeness
270
+ - `bclaw_bootstrap` now returns adaptive interview prompts alongside the import proposal when bootstrap confidence is incomplete
271
+ - `structuredContent.import_plan.interview` exposes `summary`, `question_count`, and audience-tagged questions
272
+ - Questions can be targeted to `cli`, `ide_chat`, or `any`
273
+ - Interview questions now expose stable IDs and `target_hints`
274
+ - `structuredContent.onboarding_mode` distinguishes `empty_workspace`, `existing_documented`, and `existing_sparse`
275
+ - `structuredContent.import_plan.confirmed_suggestion_count` reports how many suggestions were confirmed by interview answers
276
+ - `bclaw_bootstrap` now accepts `interviewAnswers`, `apply`, `uninstall`, `audience`, and `interview`
277
+ - capable agents can preview confirmed selective imports through MCP before applying them
278
+ - bootstrap apply/uninstall now covers selective canonical memory imports beyond instructions
279
+
280
+ **Changed**
281
+ - MCP schema version bumped to 0.6.0 to reflect new metadata discovery capabilities
282
+
283
+ ---
284
+
285
+ ## 0.5.0
286
+
287
+ **Added**
288
+ - `bclaw_delete_memory` — delete a constraint, decision, or trap by ID (trusted trust required)
289
+ - Searches across store chain to locate item
290
+ - Supports deletion from any store level (local, repo, workspace, user)
291
+ - Returns `deleted_id`, `item_type`, `store_level` in response
292
+ - `bclaw_update_memory` update text/tags or move an item to a different store level (trusted trust required)
293
+ - Supports updating constraint, decision, or trap in-place
294
+ - `moveToStore` parameter enables moving items between levels (local → repo → workspace → user)
295
+ - Returns `updated_id`, `item_type`, `previous_store`, `new_store` in response
296
+ - Doctor checks `scope_hygiene` and `cross_level_duplicates` — warn about machine-level items at project scope and potential duplicates across store levels
297
+
298
+ **Changed**
299
+ - `bclaw_get_context` and related tools now properly merge instructions from parent stores in the chain
300
+
301
+ ---
302
+
303
+ ## 0.4.0
304
+
305
+ **Added**
306
+ - `bclaw_create_plan` create a plan item from an agent (contributor trust required)
307
+ - `bclaw_update_plan` — update status, actual effort, priority, or assignee of a plan item
308
+ - `bclaw_add_step` — add a sub-step to a plan item
309
+ - `bclaw_complete_step` — mark a plan sub-step as done
310
+ - All plan management tools return structured `plan_id`, `step_id`, `status`, `progress` fields
311
+
312
+ **Fixed**
313
+ - `bclaw_release_claim`: `planStatus` parameter was declared in the schema but not applied — now correctly updates the linked plan's status when provided
314
+
315
+ ---
316
+
317
+ ## 0.3.0
318
+
319
+ **Added**
320
+ - `initialize` handshake support (MCP protocol conformance)
321
+ - `schema_version: "0.3.0"` field in all `structuredContent` responses
322
+ - Write tools: `bclaw_write_note`, `bclaw_create_candidate`, `bclaw_accept`, `bclaw_reject`, `bclaw_claim`, `bclaw_release_claim`, `bclaw_session_start`, `bclaw_session_end`
323
+ - `bclaw_search` tool full-text BM25 search across all memory items
324
+ - Trust-level access control on write tools (contributor / trusted / curator)
325
+ - `context_schema` field in `bclaw_get_context` structured responses
326
+ - Explicit identity arguments on mutation tools:
327
+ - `agentId` on `bclaw_write_note`, `bclaw_create_candidate`, `bclaw_claim`, `bclaw_session_start`, `bclaw_session_end`
328
+ - `byId` on `bclaw_accept`, `bclaw_reject`
329
+ - Stable MCP tool errors:
330
+ - `identity_error`
331
+ - `trust_error`
332
+ - `validation_error`
333
+
334
+ **Changed**
335
+ - All read tool responses now include `schema_version` in `structuredContent`
336
+ - `bclaw_get_context` `structuredContent` flattens the full `ContextResult` object
337
+ - `bclaw_get_context` now exposes `context_schema: "1.2"` and additive fields from the current public context contract
338
+ - Mutation tools now require a registered identity on write paths; `agent`/`agentId` and `by`/`byId` must resolve to the same registered identity when both are provided
339
+ - `bclaw_reject` is now restricted to `trusted` / `curator` agents, aligned with `bclaw_accept`
340
+
341
+ ---
342
+
343
+ ## 0.2.0
344
+
345
+ **Added**
346
+ - `bclaw_get_agent_board` read tool
347
+ - `bclaw_read_handoff` read tool
348
+ - Tool prefix renamed: `tmem_``bclaw_`
349
+
350
+ **Changed**
351
+ - Environment variables renamed: `TEAM_MEMORY_*` → `BRAINCLAW_*`
352
+ - Storage directory renamed: `.memory/` → `.brainclaw/`
353
+
354
+ ---
355
+
356
+ ## 0.1.0
357
+
358
+ **Initial**
359
+ - `bclaw_get_context` read tool (was `tmem_get_context`)
360
+ - Basic stdio NDJSON transport