briefops 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. package/CHANGELOG.md +12 -0
  2. package/README.md +55 -50
  3. package/SECURITY.md +4 -3
  4. package/dist/cli.js +2 -0
  5. package/dist/cli.js.map +1 -1
  6. package/dist/commands/bootstrap.d.ts +2 -0
  7. package/dist/commands/bootstrap.js +59 -0
  8. package/dist/commands/bootstrap.js.map +1 -0
  9. package/dist/commands/continue.js +5 -4
  10. package/dist/commands/continue.js.map +1 -1
  11. package/dist/commands/doctor.js +16 -0
  12. package/dist/commands/doctor.js.map +1 -1
  13. package/dist/commands/finish.js +9 -1
  14. package/dist/commands/finish.js.map +1 -1
  15. package/dist/commands/skill.js +1 -1
  16. package/dist/commands/skill.js.map +1 -1
  17. package/dist/core/bootstrap.d.ts +25 -0
  18. package/dist/core/bootstrap.js +69 -0
  19. package/dist/core/bootstrap.js.map +1 -0
  20. package/dist/core/codex.js +32 -5
  21. package/dist/core/codex.js.map +1 -1
  22. package/dist/core/codexPlugin.js +13 -12
  23. package/dist/core/codexPlugin.js.map +1 -1
  24. package/dist/core/exportTargets.js +21 -18
  25. package/dist/core/exportTargets.js.map +1 -1
  26. package/dist/core/prime.js +16 -9
  27. package/dist/core/prime.js.map +1 -1
  28. package/dist/core/stabilityDoctor.d.ts +14 -0
  29. package/dist/core/stabilityDoctor.js +356 -0
  30. package/dist/core/stabilityDoctor.js.map +1 -0
  31. package/dist/core/workflow.d.ts +4 -0
  32. package/dist/core/workflow.js +21 -2
  33. package/dist/core/workflow.js.map +1 -1
  34. package/dist/core/workspace.js +13 -1
  35. package/dist/core/workspace.js.map +1 -1
  36. package/dist/version.d.ts +1 -1
  37. package/dist/version.js +1 -1
  38. package/docs/codex-resume.md +1 -1
  39. package/docs/compatibility.md +6 -6
  40. package/docs/concept.md +2 -2
  41. package/docs/handoff-briefs.md +1 -1
  42. package/docs/integrations/harnesses.md +5 -6
  43. package/docs/memory-lifecycle.md +11 -5
  44. package/docs/privacy-model.md +7 -3
  45. package/docs/quickstart.md +8 -6
  46. package/docs/release-checklist.md +5 -3
  47. package/docs/superpowers/plans/2026-06-08-briefops-oss-readiness.md +1 -1
  48. package/package.json +1 -1
  49. package/plugins/briefops-codex/.codex-plugin/plugin.json +1 -1
  50. package/plugins/briefops-codex/README.md +6 -6
  51. package/plugins/briefops-codex/skills/briefops-continue-worker/SKILL.md +3 -3
  52. package/plugins/briefops-codex/skills/briefops-finish-task/SKILL.md +4 -4
  53. package/plugins/briefops-codex/skills/briefops-prime-context/SKILL.md +4 -4
  54. package/plugins/briefops-codex/skills/briefops-review-memory/SKILL.md +8 -7
@@ -16,10 +16,10 @@ After meaningful work:
16
16
 
17
17
  ```bash
18
18
  briefops finish --worker <worker> --task "<task>" --result "<result>"
19
- briefops memory proposal-show latest
20
- briefops approve latest
21
19
  ```
22
20
 
21
+ `finish` applies durable directory-local memory by default. Use `--memory-review` only when a pending local queue is desired.
22
+
23
23
  For a fresh thread:
24
24
 
25
25
  ```bash
@@ -48,16 +48,15 @@ These files should stay compact. They teach harnesses how to call BriefOps and d
48
48
 
49
49
  Use LazyCodex or OmO for orchestration, hooks, LSP/MCP, and autonomous execution. Use BriefOps for durable local continuity.
50
50
 
51
- Suggested human workflow:
51
+ Suggested local workflow:
52
52
 
53
53
  ```bash
54
54
  briefops prime --task "Implement the next scoped change." --format codex --max-tokens 800
55
55
  codex "Use the BriefOps prime context, then run ultrawork for this task."
56
56
  briefops finish --worker <worker> --task "Implement the next scoped change." --result "<verified result>"
57
- briefops memory proposal-show latest
58
57
  ```
59
58
 
60
- Do not let a harness auto-run `briefops approve latest`. Approval should remain human-confirmed.
59
+ Do not let a harness export private `.briefops/` memory or apply skill patches without explicit direction.
61
60
 
62
61
  ## Codex App And Codex CLI
63
62
 
@@ -67,7 +66,7 @@ This command does not write to global Codex folders by default.
67
66
 
68
67
  ## Claude Code
69
68
 
70
- BriefOps can coexist with `CLAUDE.md`. Keep `CLAUDE.md` for always-loaded project instructions and use BriefOps for task history, approved memory, handoffs, and shared-only packs.
69
+ BriefOps can coexist with `CLAUDE.md`. Keep `CLAUDE.md` for always-loaded project instructions and use BriefOps for task history, local memory, handoffs, and shared-only packs.
71
70
 
72
71
  ## Cursor
73
72
 
@@ -2,14 +2,20 @@
2
2
 
3
3
  BriefOps separates immediate work continuity from durable memory.
4
4
 
5
- Work logs are written first. They can feed the next local handoff or resume immediately, so a fresh AI coding thread can continue from recent results, lessons, decisions, risks, incidents, and next steps without waiting for a memory review.
5
+ Work logs are written first. They can feed the next local handoff or resume immediately, so a fresh AI coding thread can continue from recent results, lessons, decisions, risks, incidents, and next steps without waiting for a review step.
6
6
 
7
- Durable memory is the curated layer. It is used for reusable lessons, decisions, facts, incidents, and constraints that should survive beyond the immediate handoff.
7
+ Durable memory is the curated directory-local layer. It is used for reusable lessons, decisions, facts, incidents, and constraints that should survive beyond the immediate handoff.
8
8
 
9
- Allowed flow:
9
+ Default flow:
10
10
 
11
11
  ```text
12
- log -> memory proposal -> human approval -> memory
12
+ finish -> work log -> memory proposal audit file -> local memory
13
+ ```
14
+
15
+ Review-mode flow:
16
+
17
+ ```text
18
+ finish --memory-review -> work log -> pending memory proposal -> apply/reject locally
13
19
  ```
14
20
 
15
21
  Commands:
@@ -24,4 +30,4 @@ briefops memory proposal-reject <proposal-id>
24
30
 
25
31
  Extraction is deterministic and local. Lessons become lesson memory candidates. Notes prefixed with `decision:` or `fact:` become matching memory candidates. Results containing risk or failure language become incident candidates.
26
32
 
27
- Proposal generation and approval are local file-backed operations protected by workspace locks. BriefOps never auto-approves memory or skill patches.
33
+ Proposal generation and application are local file-backed operations protected by workspace locks. BriefOps asks for explicit direction before skill patches or sharing private memory outside the local workspace.
@@ -4,7 +4,7 @@ BriefOps is local-first. It stores work history, memory, proposals, patches, gen
4
4
 
5
5
  ## Export Policies
6
6
 
7
- `local-private` is for local terminal and local Codex/Claude/Cursor use. It may include private project details, approved private memory, local work logs, risks, next steps, worker history, and metadata counts.
7
+ `local-private` is for local terminal and local Codex/Claude/Cursor use. It may include private project details, local private memory, local work logs, risks, next steps, worker history, and metadata counts.
8
8
 
9
9
  `shared-only` is for artifacts that may leave the local workspace. It includes only memory items marked `visibility: shared` and `exportable: true`.
10
10
 
@@ -25,9 +25,11 @@ Shared-only omits:
25
25
 
26
26
  `briefops export agents-md`, `briefops export claude-md`, `briefops export cursor-rules`, and `briefops export all` generate router files. Router files point AI harnesses to BriefOps commands. They do not copy `.briefops` memory, logs, worker summaries, handoffs, incidents, or private decisions.
27
27
 
28
- ## Human Approval
28
+ ## Local Memory And Explicit Boundaries
29
29
 
30
- BriefOps never auto-approves memory proposals or skill patches. Approval is always an explicit user action through `briefops approve`, `briefops memory proposal-apply`, or `briefops skill apply-patch`.
30
+ BriefOps applies directory-local memory from `briefops finish` by default and keeps proposal files as an audit trail. This updates files under the current repository's `.briefops/` workspace only.
31
+
32
+ Explicit direction is still required before applying skill patches or sharing private memory outside the local workspace. Use `--export-policy shared-only` for portable or committable context.
31
33
 
32
34
  ## Doctor Checks
33
35
 
@@ -37,4 +39,6 @@ BriefOps never auto-approves memory proposals or skill patches. Approval is alwa
37
39
  - private memory marked exportable,
38
40
  - secret-like local memory strings.
39
41
 
42
+ `briefops doctor --stability` checks local workspace integrity, including schema validity, duplicate memory ids, broken references, managed-path symlinks, and orphaned review artifacts. It is read-only, reports bounded examples, and does not add detailed doctor output to generated prompt artifacts.
43
+
40
44
  `briefops doctor --security --fix-stale-locks` removes stale lock files only. It does not remove fresh locks or other workspace files.
@@ -3,9 +3,7 @@
3
3
  ## Codex First Context Path
4
4
 
5
5
  ```bash
6
- briefops init
7
- briefops codex install
8
- briefops codex plugin install
6
+ briefops bootstrap
9
7
  briefops skill create risk-review --description "Review risk and governance."
10
8
  briefops project create atlas-q --description "Rule-based quantitative system."
11
9
  briefops worker create quant-reviewer --project atlas-q --skills "risk-review" --style "skeptical,verify before completion"
@@ -15,7 +13,9 @@ briefops memory add --type lessons --project atlas-q --skill risk-review --conte
15
13
  briefops prime --task "Continue rebalance review" --format codex --max-tokens 800
16
14
  ```
17
15
 
18
- `briefops codex plugin install` is local and deterministic. It does not publish to a marketplace and does not write to global Codex folders by default.
16
+ `briefops bootstrap` initializes `.briefops/`, installs `AGENTS.md` guidance that tells Codex to prime BriefOps first, writes local Codex prompt/plugin assets, keeps `.briefops/` ignored by default, and runs bounded privacy/stability checks.
17
+
18
+ `briefops codex plugin install` is still available as the manual local plugin path. It is deterministic, does not publish to a marketplace, and does not write to global Codex folders by default.
19
19
 
20
20
  `briefops export all` writes router files for Codex, Claude Code, and Cursor. These files point harnesses at BriefOps commands and do not copy `.briefops` memory, logs, handoffs, or worker summaries.
21
21
 
@@ -25,11 +25,10 @@ After work finishes, log the result and promote only useful lessons:
25
25
 
26
26
  ```bash
27
27
  briefops finish --project atlas-q --skill risk-review --worker quant-reviewer --task "Review rebalance" --result "Found missing turnover warning check." --lesson "Always verify turnover warning threshold."
28
- briefops approve latest
29
28
  briefops continue --worker quant-reviewer --task "Continue rebalance review" --pack
30
29
  ```
31
30
 
32
- BriefOps skills must never auto-approve memory proposals or skill patches. Approval is a human step.
31
+ `finish` applies durable memory locally by default and keeps the proposal file as an audit trail. Use `--memory-review` only when you explicitly want a pending local queue.
33
32
 
34
33
  For small or exploratory work, keep durable memory clean:
35
34
 
@@ -58,12 +57,15 @@ Before publishing a repository or sharing generated context, run:
58
57
  ```bash
59
58
  briefops doctor --privacy
60
59
  briefops doctor --privacy --fix-gitignore
60
+ briefops doctor --stability
61
61
  ```
62
62
 
63
63
  `.briefops/` can contain private local work logs and memory. Keep it ignored unless you intentionally curated the contents for sharing.
64
64
 
65
65
  `doctor --privacy` checks local memory sharing hazards, including `.briefops/` gitignore coverage, private/exportable memory, and secret-like memory strings.
66
66
 
67
+ `doctor --stability` is a read-only local integrity check for schema validity, duplicate memory ids, broken references, managed-path symlinks, and orphaned review artifacts. Its detailed output is bounded and is not added to `prime`, handoff, resume, or pack context.
68
+
67
69
  ## Context Budget Check
68
70
 
69
71
  ```bash
@@ -31,6 +31,7 @@ briefops export claude-md --force
31
31
  briefops export cursor-rules --force
32
32
  briefops prime --task "Start this task." --format codex --max-tokens 800
33
33
  briefops compare context --worker quant-reviewer --task "Start this task."
34
+ briefops doctor --stability
34
35
  briefops doctor --security
35
36
  briefops doctor --security --fix-stale-locks
36
37
  briefops doctor --privacy
@@ -44,13 +45,14 @@ briefops memory prune --dry-run
44
45
  Confirm:
45
46
 
46
47
  - `briefops --version` matches `package.json`.
47
- - `docs/file-format.md`, `docs/compatibility.md`, and `docs/privacy-model.md` describe the 1.0 public contract.
48
+ - `docs/file-format.md`, `docs/compatibility.md`, and `docs/privacy-model.md` describe the 2.0 public behavior and current workspace file contract.
48
49
  - Harness exports are routers, not memory dumps.
49
50
  - `shared-only` exports omit private memory, local project file details, raw work logs, open risks, local next steps, private worker history, and private metadata counts.
50
- - Memory and skill patches require human approval.
51
+ - `finish` applies directory-local durable memory by default, while skill patches still require explicit direction.
51
52
  - `finish --importance trivial` and `finish --no-memory-proposal` avoid durable memory proposals.
52
53
  - `memory hygiene` and `memory prune --dry-run` do not mutate memory.
53
- - Proposal generation and approval are local file-backed operations protected by workspace locks.
54
+ - Proposal generation and application are local file-backed operations protected by workspace locks.
55
+ - `doctor --stability` is read-only, bounds detailed examples, and does not add diagnostics to generated prompt artifacts.
54
56
  - `doctor --security --fix-stale-locks` removes stale locks only.
55
57
  - Explicit output paths do not overwrite without `--force`.
56
58
  - Generated Codex plugin files do not overwrite local changes without `--force`.
@@ -594,7 +594,7 @@ describe("privacy doctor", () => {
594
594
  type: "facts",
595
595
  project: "atlas-q",
596
596
  skill: "risk-review",
597
- content: "Use API key sk-test-12345678901234567890 for local sandbox.",
597
+ content: "Use api_key: REDACTED_TEST_VALUE for local sandbox.",
598
598
  visibility: "private",
599
599
  exportable: false
600
600
  });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "briefops",
3
- "version": "1.0.2",
3
+ "version": "2.0.0",
4
4
  "description": "Local-first CLI for AI coding agents with persistent memory, handoffs, and token-aware context.",
5
5
  "type": "module",
6
6
  "bin": {
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "briefops",
3
- "version": "1.0.2",
3
+ "version": "2.0.0",
4
4
  "description": "Local-first, token-aware persistent work history for Codex workflows.",
5
5
  "author": {
6
6
  "name": "BriefOps contributors",
@@ -5,25 +5,25 @@ This is a skill-only Codex plugin bundle for BriefOps.
5
5
  It does not run a hosted service and does not sync data. The skills call the local `briefops` CLI and local `.briefops/` workspace.
6
6
  It does not publish to a marketplace and does not write to global Codex folders by default.
7
7
 
8
- The BriefOps plugin is a local CLI helper. It does not require network access, does not publish to a marketplace, and should not auto-approve memory or skill patches. Use `--export-policy shared-only` before copying context outside the local workspace.
8
+ The BriefOps plugin is a local CLI helper. It does not require network access and does not publish to a marketplace. It may update directory-local `.briefops/` memory; use `--export-policy shared-only` before copying context outside the local workspace, and ask before applying skill patches.
9
9
 
10
10
  Recommended local setup:
11
11
 
12
12
  ```bash
13
- briefops init
14
- briefops codex install
15
- briefops codex plugin install
13
+ briefops bootstrap
16
14
  briefops worker use <worker>
17
15
  briefops prime --task "Start this task." --format codex
18
16
  ```
19
17
 
18
+ `briefops bootstrap` initializes `.briefops/`, installs `AGENTS.md` first-context guidance, writes local Codex prompt/plugin assets, keeps `.briefops/` ignored by default, and runs bounded privacy/stability checks.
19
+
20
20
  The generated local plugin copy is written to:
21
21
 
22
22
  ```text
23
23
  .briefops/codex/plugin/briefops
24
24
  ```
25
25
 
26
- BriefOps plugin skills must never auto-approve memory proposals or skill patches.
26
+ BriefOps plugin skills treat `.briefops/` memory as local repo state. Explicit confirmation is reserved for exporting private memory outside the workspace or applying skill patches.
27
27
 
28
28
  For repo-level harness guidance, generate router files:
29
29
 
@@ -32,7 +32,7 @@ briefops export agents-md
32
32
  briefops export all
33
33
  ```
34
34
 
35
- These exports route local harnesses back to `briefops prime`, `briefops finish`, `briefops approve`, and `briefops continue --pack`. They do not copy `.briefops` memory, logs, handoffs, or worker summaries.
35
+ These exports route local harnesses back to `briefops prime`, `briefops finish`, and `briefops continue --pack`. They do not copy `.briefops` memory, logs, handoffs, or worker summaries.
36
36
 
37
37
  Use shared-only exports for portable context:
38
38
 
@@ -5,9 +5,9 @@ description: Use when continuing a persistent BriefOps worker in a fresh Codex t
5
5
 
6
6
  # BriefOps Continue Worker
7
7
 
8
- The BriefOps plugin is a local CLI helper. It does not require network access, does not publish to a marketplace, and should not auto-approve memory or skill patches.
8
+ The BriefOps plugin is a local CLI helper. It does not require network access and does not publish to a marketplace.
9
9
 
10
- Use `--export-policy shared-only` before copying context outside the local workspace.
10
+ BriefOps may update directory-local `.briefops/` memory. Use `--export-policy shared-only` before copying context outside the local workspace, and ask before applying skill patches.
11
11
 
12
12
  Use this workflow when the user wants a fresh Codex thread to continue prior work with the same worker identity, project constraints, memory, and risks.
13
13
 
@@ -17,6 +17,6 @@ Prepare a resume prompt and optional portable pack:
17
17
  briefops continue --worker <worker> --task "<next task>" --pack
18
18
  ```
19
19
 
20
- If BriefOps reports pending memory proposals, surface the review command before continuing. Do not apply memory automatically.
20
+ Pending memory proposals are optional local review drafts and do not block continuing. Apply relevant local memory when useful; ask before applying skill patches.
21
21
 
22
22
  Use portable packs only as explicit local user artifacts. They may include private local memory and should be reviewed before sharing.
@@ -1,13 +1,13 @@
1
1
  ---
2
2
  name: briefops-finish-task
3
- description: Use when finishing a Codex task to record the outcome, propose durable memory, and prepare the next thread without auto-approving memory
3
+ description: Use when finishing a Codex task to record the outcome, update directory-local durable memory, and prepare the next thread
4
4
  ---
5
5
 
6
6
  # BriefOps Finish Task
7
7
 
8
- The BriefOps plugin is a local CLI helper. It does not require network access, does not publish to a marketplace, and should not auto-approve memory or skill patches.
8
+ The BriefOps plugin is a local CLI helper. It does not require network access and does not publish to a marketplace.
9
9
 
10
- Use `--export-policy shared-only` before copying context outside the local workspace.
10
+ BriefOps may update directory-local `.briefops/` memory. Use `--export-policy shared-only` before copying context outside the local workspace, and ask before applying skill patches.
11
11
 
12
12
  Use BriefOps at the end of meaningful work so future Codex threads do not spend tokens rediscovering the same decisions, risks, and lessons.
13
13
 
@@ -19,4 +19,4 @@ briefops finish --worker <worker> --task "<task>" --result "<result>" --lesson "
19
19
 
20
20
  Only include lessons, decisions, incidents, open risks, and next steps that will help future work. Do not store secrets or personal data.
21
21
 
22
- If a memory proposal is created, ask the user to review it. Never run `briefops approve` without explicit user confirmation.
22
+ `briefops finish` applies durable memory locally by default and keeps the proposal file as an audit trail. Use `--memory-review` only when the user explicitly wants a pending review queue.
@@ -5,9 +5,9 @@ description: Use when starting work in any Codex project or fresh thread to load
5
5
 
6
6
  # BriefOps Prime Context
7
7
 
8
- The BriefOps plugin is a local CLI helper. It does not require network access, does not publish to a marketplace, and should not auto-approve memory or skill patches.
8
+ The BriefOps plugin is a local CLI helper. It does not require network access and does not publish to a marketplace.
9
9
 
10
- Use `--export-policy shared-only` before copying context outside the local workspace.
10
+ BriefOps may update directory-local `.briefops/` memory. Use `--export-policy shared-only` before copying context outside the local workspace, and ask before applying skill patches.
11
11
 
12
12
  Use BriefOps before broad repo/history inspection when a `.briefops` workspace exists or may exist.
13
13
 
@@ -17,8 +17,8 @@ Run:
17
17
  briefops prime --format codex --task "<current user task>" --max-tokens 800
18
18
  ```
19
19
 
20
- If the command reports that no workspace exists, keep the response short and suggest `briefops init`.
20
+ If the command reports `setup-required`, keep the response short and suggest `briefops bootstrap` for first adoption.
21
21
 
22
- Never apply memory automatically. If pending proposals exist, show the review command.
22
+ BriefOps memory is directory-local. `briefops finish` auto-promotes durable memory by default; pending proposals from older or review-mode flows can be applied locally without blocking the task.
23
23
 
24
24
  Treat the prime output as a compact routing brief, not as permission to skip relevant code inspection.
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  name: briefops-review-memory
3
- description: Use when BriefOps reports pending memory proposals or skill patches that need human review before becoming durable local memory
3
+ description: Use when BriefOps reports pending local memory proposals or skill patches that need inspection
4
4
  ---
5
5
 
6
6
  # BriefOps Review Memory
7
7
 
8
- The BriefOps plugin is a local CLI helper. It does not require network access, does not publish to a marketplace, and should not auto-approve memory or skill patches.
8
+ The BriefOps plugin is a local CLI helper. It does not require network access and does not publish to a marketplace.
9
9
 
10
- Use `--export-policy shared-only` before copying context outside the local workspace.
10
+ BriefOps may update directory-local `.briefops/` memory. Use `--export-policy shared-only` before copying context outside the local workspace, and ask before applying skill patches.
11
11
 
12
- BriefOps memory is human-approved. Pending proposals are local drafts until the user accepts or rejects them.
12
+ BriefOps memory is directory-local. Pending memory proposals are optional audit/review drafts; they should not block normal continuation.
13
13
 
14
14
  Inspect proposals before applying:
15
15
 
@@ -18,10 +18,11 @@ briefops memory proposal-show latest
18
18
  briefops inbox
19
19
  ```
20
20
 
21
- Apply only after explicit user confirmation:
21
+ Apply relevant local memory proposals directly, or reject inaccurate, duplicate, sensitive, or overly broad proposals:
22
22
 
23
23
  ```bash
24
- briefops approve latest
24
+ briefops memory proposal-apply latest
25
+ briefops memory proposal-reject latest
25
26
  ```
26
27
 
27
- Reject inaccurate, duplicate, sensitive, or overly broad proposals instead of carrying noisy context into future threads.
28
+ Ask before applying skill patches or exporting private memory outside the local workspace.