cool-workflow 0.1.82 → 0.1.83

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (79) hide show
  1. package/.claude-plugin/plugin.json +2 -2
  2. package/.codex-plugin/plugin.json +4 -4
  3. package/README.md +124 -120
  4. package/apps/architecture-review/app.json +1 -1
  5. package/apps/architecture-review-fast/app.json +1 -1
  6. package/apps/end-to-end-golden-path/app.json +1 -1
  7. package/apps/pr-review-fix-ci/app.json +1 -1
  8. package/apps/release-cut/app.json +1 -1
  9. package/apps/research-synthesis/app.json +1 -1
  10. package/dist/capability-core.js +16 -8
  11. package/dist/capability-registry.js +8 -0
  12. package/dist/cli.js +12 -1
  13. package/dist/commit.js +5 -1
  14. package/dist/doctor.js +153 -0
  15. package/dist/mcp-server.js +11 -0
  16. package/dist/orchestrator.js +13 -0
  17. package/dist/reclamation/hash.js +72 -0
  18. package/dist/reclamation.js +25 -78
  19. package/dist/run-registry/queue.js +6 -7
  20. package/dist/run-registry.js +35 -24
  21. package/dist/scheduler.js +78 -53
  22. package/dist/version.js +1 -1
  23. package/dist/worker-isolation.js +22 -2
  24. package/docs/agent-delegation-drive.7.md +90 -86
  25. package/docs/agent-framework.md +33 -32
  26. package/docs/candidate-scoring.7.md +26 -24
  27. package/docs/canonical-workflow-apps.7.md +40 -40
  28. package/docs/capability-topology-registry.7.md +24 -24
  29. package/docs/cli-mcp-parity.7.md +226 -154
  30. package/docs/contract-migration-tooling.7.md +48 -41
  31. package/docs/control-plane-scheduling.7.md +45 -41
  32. package/docs/coordinator-blackboard.7.md +30 -30
  33. package/docs/dogfood-one-real-repo.7.md +44 -44
  34. package/docs/durable-state-and-locking.7.md +34 -30
  35. package/docs/end-to-end-golden-path.7.md +29 -29
  36. package/docs/error-feedback.7.md +27 -27
  37. package/docs/evidence-adoption-reasoning-chain.7.md +62 -58
  38. package/docs/execution-backends.7.md +84 -80
  39. package/docs/getting-started.md +35 -18
  40. package/docs/index.md +3 -3
  41. package/docs/mcp-app-surface.7.md +64 -64
  42. package/docs/multi-agent-cli-mcp-surface.7.md +82 -77
  43. package/docs/multi-agent-eval-replay-harness.7.md +59 -55
  44. package/docs/multi-agent-operator-ux.7.md +69 -65
  45. package/docs/multi-agent-runtime-core.7.md +39 -39
  46. package/docs/multi-agent-topologies.7.md +24 -24
  47. package/docs/multi-agent-trust-policy-audit.7.md +38 -38
  48. package/docs/node-snapshot-diff-replay.7.md +26 -22
  49. package/docs/observability-cost-accounting.7.md +49 -45
  50. package/docs/operator-ux.7.md +30 -30
  51. package/docs/pipeline-runner.7.md +31 -31
  52. package/docs/project-index.md +10 -5
  53. package/docs/real-execution-backends.7.md +47 -43
  54. package/docs/release-and-migration.7.md +42 -38
  55. package/docs/release-tooling.7.md +53 -49
  56. package/docs/routines.md +16 -16
  57. package/docs/run-registry-control-plane.7.md +120 -116
  58. package/docs/run-retention-reclamation.7.md +45 -41
  59. package/docs/sandbox-profiles.7.md +32 -32
  60. package/docs/scheduled-tasks.md +14 -14
  61. package/docs/security-trust-hardening.7.md +29 -29
  62. package/docs/source-context-profiles.7.md +28 -28
  63. package/docs/state-explosion-management.7.md +63 -59
  64. package/docs/state-node.7.md +8 -8
  65. package/docs/team-collaboration.7.md +62 -58
  66. package/docs/trust-model.md +126 -126
  67. package/docs/unix-principles.md +80 -80
  68. package/docs/vendor-manifest-loadability.7.md +20 -20
  69. package/docs/verifier-gated-commit.7.md +16 -16
  70. package/docs/web-desktop-workbench.7.md +69 -65
  71. package/docs/worker-isolation.7.md +34 -37
  72. package/docs/workflow-app-framework.7.md +38 -38
  73. package/manifest/plugin.manifest.json +4 -4
  74. package/package.json +3 -2
  75. package/scripts/canonical-apps.js +4 -4
  76. package/scripts/dogfood-release.js +1 -1
  77. package/scripts/gen-parity-doc.js +106 -0
  78. package/scripts/golden-path.js +4 -4
  79. package/dist/verifier-registry.js +0 -46
@@ -2,12 +2,12 @@
2
2
 
3
3
  CW keeps source-context slimming out of the runtime kernel. The profile is policy
4
4
  data in `manifest/source-context-profiles.json`; `scripts/source-context.js` is a
5
- small mechanism that reads a git ref and writes JSONL to stdout.
5
+ small part that reads a git ref and writes JSONL to stdout.
6
6
 
7
7
  ## Core Profile
8
8
 
9
9
  The default `core` profile is the project memory for AI source imports. It keeps
10
- runtime source and app/userland entrypoints, and leaves generated artifacts,
10
+ runtime source and app/userland entrypoints, and leaves made artifacts,
11
11
  tests, docs, release records, and long logs as manifest-only records.
12
12
 
13
13
  Included:
@@ -30,26 +30,26 @@ Excluded from exported content:
30
30
  - `CHANGELOG.md`
31
31
  - `ITERATION_LOG.md`
32
32
 
33
- Exclusion does not delete files and does not change release behavior. `dist/`
34
- remains a committed release artifact until the release contract is explicitly
33
+ Leaving a file out does not delete it and does not change release behavior. `dist/`
34
+ stays a committed release artifact till the release contract is clearly
35
35
  changed.
36
36
 
37
37
  ## Narrow Profiles
38
38
 
39
- Use a narrower opt-in profile when the question is already scoped:
39
+ Use a narrower opt-in profile when the question is already scoped down:
40
40
 
41
41
  - `runtime`: the full `src/**` runtime kernel plus package and TypeScript
42
42
  metadata.
43
43
  - `mcp`: capability core/registry, CLI routing, MCP server, MCP launcher scripts,
44
44
  and shared types.
45
- - `workflow-apps`: canonical apps plus the Workflow App framework and app
45
+ - `workflow-apps`: the true apps plus the Workflow App framework and app
46
46
  planning/orchestration surface.
47
47
  - `release`: release flow, gates, manifest/version tooling, package metadata, and
48
48
  release-tooling docs.
49
- - `agent-wrappers`: external agent wrappers, agent config, execution backend,
49
+ - `agent-wrappers`: outside agent wrappers, agent config, execution backend,
50
50
  drive loop, and agent-delegation docs.
51
51
 
52
- The narrow profiles are policy data only. Selecting one changes only the JSONL
52
+ The narrow profiles are policy data only. Picking one changes only the JSONL
53
53
  context pack; it does not change runtime behavior, release contents, or the
54
54
  default `core` profile.
55
55
 
@@ -73,35 +73,35 @@ node scripts/source-context.js export --profile core --ref HEAD --repo-root /pat
73
73
  `export` emits only included text files and adds `content`. Both commands use
74
74
  stdout for JSONL data only. Diagnostics and refusal messages go to stderr.
75
75
 
76
- `--changed-from REF` is opt-in diff-aware mode. It filters `manifest` and
77
- `export` to paths changed between the resolved base commit and `--ref`, then
78
- applies the selected profile include/exclude rules. Deleted files are omitted
79
- because there is no blob at the target ref. Records include `changedFrom` with
80
- the resolved base commit. Empty diffs are valid and emit empty JSONL.
76
+ `--changed-from REF` is opt-in diff-aware mode. It cuts `manifest` and
77
+ `export` down to paths changed between the resolved base commit and `--ref`, then
78
+ applies the selected profile include/exclude rules. Deleted files are left out
79
+ because there is no blob at the target ref. Records take in `changedFrom` with
80
+ the resolved base commit. Empty diffs are good and emit empty JSONL.
81
81
 
82
82
  `export --cache-dir DIR` is opt-in. The cache key is the resolved git commit SHA
83
- plus a digest of the selected source profile, so changing either the ref or the
84
- include/exclude policy produces a different JSONL cache file. Cache hits write the
85
- same JSONL bytes to stdout and stay silent on stderr. Corrupt or mismatched cache
86
- records fail closed instead of falling back silently. Diff-aware exports include
83
+ plus a digest of the selected source profile, so changing the ref or the
84
+ include/exclude policy makes a different JSONL cache file. Cache hits write the
85
+ same JSONL bytes to stdout and stay quiet on stderr. Broken or wrong cache
86
+ records fail closed in place of falling back without a word. Diff-aware exports take in
87
87
  the resolved `--changed-from` commit in the cache key, so full and changed exports
88
88
  do not share cache files.
89
89
 
90
- `--repo-root DIR` is also opt-in; when omitted, the script keeps its historical
90
+ `--repo-root DIR` is opt-in too; when left out, the script keeps its past
91
91
  default and reads the Cool Workflow repository root.
92
92
 
93
93
  ## Verification
94
94
 
95
95
  The smoke test checks that:
96
96
 
97
- - the profile includes and excludes exactly the remembered paths;
97
+ - the profile takes in and leaves out the very same remembered paths;
98
98
  - `dist/`, tests, docs, release records, and long logs are manifest-only;
99
- - exported records are parseable JSONL with content and sha256;
100
- - narrow profiles are slimmer than `core` and include/exclude their intended
101
- surfaces;
102
- - `--changed-from` emits only changed current-ref files, still honors excludes,
103
- and caches separately from full exports;
104
- - cached exports are byte-identical to uncached exports and corrupt cache hits
99
+ - exported records are JSONL that parses with content and sha256;
100
+ - narrow profiles are slimmer than `core` and include/exclude the surfaces they
101
+ are meant to;
102
+ - `--changed-from` emits only changed current-ref files, still keeps its excludes,
103
+ and caches apart from full exports;
104
+ - cached exports are byte-identical to uncached exports and broken cache hits
105
105
  fail closed;
106
106
  - the `core` profile stays under its `maxLines` guard.
107
107
 
@@ -113,7 +113,7 @@ node test/source-context-profile-smoke.js
113
113
 
114
114
  ## FreeBSD Discipline
115
115
 
116
- This feature is opt-in and does not alter existing CLI output. It is mechanism,
116
+ This feature is opt-in and does not change present CLI output. It is mechanism,
117
117
  not policy: profile selection lives in data, and vendor prompt/stream behavior
118
- stays in wrappers. It fails closed on invalid profiles, unknown refs, binary
119
- included files, and line-count drift past the configured guard.
118
+ stays in wrappers. It fails closed on bad profiles, unknown refs, binary
119
+ included files, and line-count drift past the set guard.
@@ -1,30 +1,30 @@
1
1
  # State Explosion Management
2
2
 
3
- CW v0.1.25 adds State Explosion Management. As multi-agent collaboration grows,
4
- blackboard and graph output can become too large to read. This release adds a
5
- first-class summarization and compaction layer that makes complex runs
6
- understandable without hiding source truth.
3
+ CW v0.1.25 adds State Explosion Management. When multi-agent work grows,
4
+ blackboard and graph output can get too big to read. This release adds a
5
+ first-class summarization and compaction layer that makes hard runs
6
+ clear to read without hiding source truth.
7
7
 
8
8
  CW v0.1.26 builds on this layer with the Evidence Adoption Reasoning Chain, which
9
- reuses the same derived, fingerprinted, fail-closed discipline and whose
10
- reasoning steps are exempt from the compaction described here. See
9
+ reuses the same derived, fingerprinted, fail-closed way of working and whose
10
+ reasoning steps are free from the compaction talked about here. See
11
11
  [evidence-adoption-reasoning-chain.7.md](evidence-adoption-reasoning-chain.7.md).
12
12
 
13
- The design follows a base-system observability philosophy:
13
+ The design keeps to a base-system observability way of thinking:
14
14
 
15
15
  - raw state is the source of truth
16
- - summaries are derived userland indexes, never replacements for source records
16
+ - summaries are derived userland indexes, never a substitute for source records
17
17
  - plain files, stable JSON, deterministic output
18
- - small composable commands and readable console views with full
19
- machine-readable output available
20
- - fail closed when a summary is stale, incomplete, ambiguous, or loses
18
+ - small composable commands and readable console views, with full
19
+ machine-readable output ready to use
20
+ - fail closed when a summary is stale, not complete, not clear, or loses
21
21
  provenance
22
22
  - backward compatible; no hidden daemon; no lossy deletion of blackboard,
23
23
  graph, audit, or evidence records
24
24
 
25
25
  ## Derived summary model
26
26
 
27
- Summary records are durable, versioned, and provenance-backed. Each carries
27
+ Summary records are durable, versioned, and backed by provenance. Each one carries
28
28
  `schemaVersion`, `runId`, a summary `id`, a `scope`
29
29
  (`run`, `topology`, `multi-agent-run`, `group`, `role`, `membership`, `fanout`,
30
30
  `fanin`, `blackboard`, `topic`, `evidence`, `trust`, or `eval`),
@@ -43,14 +43,14 @@ Record types:
43
43
 
44
44
  Summaries are written under `.cw/runs/<run-id>/summaries/` as plain JSON. Raw
45
45
  blackboard messages, graph nodes, graph edges, audit events, evidence refs, and
46
- eval artifacts are never deleted or overwritten.
46
+ eval artifacts are never deleted or written over.
47
47
 
48
48
  Within a single summary build, CW shares the derived full operator graph,
49
49
  operator status, blackboard digest, state-size record, and graph view records
50
- through a short-lived in-memory context. This avoids rebuilding the same graph
51
- for `summary refresh`, `summary show`, and the top-level state-explosion report.
52
- It is not a daemon or persistent cache: the next command re-reads run state from
53
- disk, recomputes source fingerprints, and still fails closed on stale summaries.
50
+ through a short-lived in-memory context. This way it does not build the same graph
51
+ again for `summary refresh`, `summary show`, and the top-level state-explosion report.
52
+ It is not a daemon or persistent cache: the next command reads run state from
53
+ disk again, works out source fingerprints again, and still fails closed on stale summaries.
54
54
 
55
55
  ## Blackboard summarization
56
56
 
@@ -58,28 +58,28 @@ disk, recomputes source fingerprints, and still fails closed on stale summaries.
58
58
  deterministic structural digest with topic rollups, message thread summaries,
59
59
  unresolved questions, conflicts, decisions, artifacts, adopted evidence,
60
60
  missing evidence, policy violations, judge rationale, recent changes, and
61
- high-signal records. Every entry preserves links back to source messages,
61
+ high-signal records. Every entry keeps links back to source messages,
62
62
  contexts, artifacts, snapshots, coordinator decisions, and audit events, plus an
63
63
  expansion command for the raw records. Structural summaries exist without any
64
- LLM output; any semantic summary must be explicit, provenance-backed, and
65
- evidence-linked.
64
+ LLM output; any semantic summary must be clear, backed by provenance, and
65
+ linked to evidence.
66
66
 
67
67
  ## Graph compaction
68
68
 
69
69
  `multi-agent graph <run-id> --view <view>` produces compact graph views.
70
70
  Supported views: `full`, `compact`, `critical-path`, `failures`, `evidence`,
71
71
  `trust`, `topology`, `blackboard`, `candidate`, and `commit-gate`. Use
72
- `--focus <id>` and `--depth <n>` to center the view on a node and its
73
- neighborhood.
72
+ `--focus <id>` and `--depth <n>` to put the view on a node and the
73
+ nodes near it.
74
74
 
75
- Compact views collapse high-volume groups, topics, fanouts, fanins, message
75
+ Compact views fold high-volume groups, topics, fanouts, fanins, message
76
76
  clusters, and evidence chains into synthetic summary nodes. Each synthetic node
77
- exposes `collapsedNodeCount`, `collapsedEdgeCount`, `sourceIds`,
77
+ shows `collapsedNodeCount`, `collapsedEdgeCount`, `sourceIds`,
78
78
  `dominantStatus`, an optional `blockedReason`, and an `expansionCommand`.
79
79
 
80
- The critical path is always preserved, and failures, blocked records,
80
+ The critical path is always kept, and failures, blocked records,
81
81
  conflicts, missing evidence, policy violations, and judge rationale are never
82
- collapsed.
82
+ folded.
83
83
 
84
84
  ## CLI
85
85
 
@@ -98,11 +98,11 @@ Every command supports deterministic JSON with `--json` or `--format json`.
98
98
  Human output is organized into stable panels: State Size, Compact Graph,
99
99
  Blackboard Digest, Critical Path, Failures / Blockers, Evidence Digest,
100
100
  Trust / Policy Digest, Hidden Source Records, Expansion Commands, and Next
101
- Action. JSON output is never silently compacted; compaction is applied only to
102
- human views or when a compact view is explicitly requested.
101
+ Action. JSON output is never quietly compacted; compaction is used only on
102
+ human views or when a compact view is clearly asked for.
103
103
 
104
- When thresholds are exceeded, human output automatically shows compact
105
- summaries and tells the operator how to inspect the full data, for example:
104
+ When thresholds are gone past, human output by itself shows compact
105
+ summaries and tells the operator how to look at the full data, for example:
106
106
 
107
107
  ```text
108
108
  Graph compacted: 420 nodes collapsed into 18 summary nodes
@@ -122,7 +122,7 @@ MCP responses include source refs and expansion hints.
122
122
 
123
123
  ## Eval / replay integration
124
124
 
125
- Eval snapshots include summary artifacts, and replay comparison treats them as
125
+ Eval snapshots take in summary artifacts, and replay comparison treats them as
126
126
  regression-gated. Metrics: `summary_freshness`, `compact_graph_parity`,
127
127
  `blackboard_digest_parity`, `critical_path_parity`, `evidence_digest_parity`,
128
128
  and `expansion_ref_integrity`. The eval gate fails closed on stale summaries,
@@ -133,36 +133,36 @@ summary/report mismatch.
133
133
  ## Trust and audit
134
134
 
135
135
  Summary generation is recorded in the trust-audit log. `summary refresh` records
136
- a `summary.refresh` event noting who or what generated the summary, which scopes
137
- were summarized, how many records were included and omitted, whether the summary
136
+ a `summary.refresh` event noting who or what made the summary, which scopes
137
+ were summarized, how many records were put in and left out, whether the summary
138
138
  is deterministic, the source fingerprint, and whether it is stale. `summary
139
- show` records a `summary.stale` event when the persisted fingerprint no longer
140
- matches current source state. Audit metadata never stores secrets or large raw
139
+ show` records a `summary.stale` event when the kept fingerprint no longer
140
+ matches current source state. Audit metadata never keeps secrets or large raw
141
141
  message bodies.
142
142
 
143
143
  ## Freshness and fail-closed behavior
144
144
 
145
- `summary show` recomputes the current source fingerprint and compares it to the
146
- persisted record. If they differ, the report status is `stale`, stale scopes are
145
+ `summary show` works out the current source fingerprint again and compares it to the
146
+ kept record. If they are not the same, the report status is `stale`, stale scopes are
147
147
  listed, and the next action is `summary refresh`. This keeps derived indexes
148
- honest: a summary is never trusted once its source records change.
148
+ true: a summary is never trusted once its source records change.
149
149
 
150
150
  ## Migration
151
151
 
152
152
  Pre-0.1.25 runs have no `summaries/` directory; `summary show` reports `absent`
153
- and recommends `summary refresh`. Pre-0.1.25 eval snapshots load with empty
154
- summary sections, so existing fixtures and replays remain backward compatible.
153
+ and tells you to use `summary refresh`. Pre-0.1.25 eval snapshots load with empty
154
+ summary sections, so existing fixtures and replays stay backward compatible.
155
155
  Newer unsupported run-state schemas still fail closed.
156
156
  ## CLI ↔ MCP Parity (v0.1.27)
157
157
 
158
- Every command and tool referenced above is declared in the v0.1.27 capability
159
- registry (`src/capability-registry.ts`) and validated by `npm run parity:check`,
160
- so `cw <cmd> --json` and the matching `cw_<tool>` result render one data source.
158
+ Every command and tool named above is declared in the v0.1.27 capability
159
+ registry (`src/capability-registry.ts`) and checked by `npm run parity:check`,
160
+ so `cw <cmd> --json` and the matching `cw_<tool>` result show one data source.
161
161
  See [cli-mcp-parity.7.md](cli-mcp-parity.7.md).
162
162
 
163
163
  ## Run Registry / Control Plane (v0.1.28)
164
164
 
165
- The runs described here are indexed, searchable, resumable, archivable, and
165
+ The runs talked about here are indexed, searchable, resumable, archivable, and
166
166
  rerunnable across repos by the v0.1.28 Run Registry / Control Plane, which derives
167
167
  a fingerprinted, fail-closed index over the same per-run `.cw/runs/<id>/state.json`
168
168
  source of truth. See [run-registry-control-plane.7.md](run-registry-control-plane.7.md).
@@ -170,21 +170,21 @@ source of truth. See [run-registry-control-plane.7.md](run-registry-control-plan
170
170
  ## Execution Backends (v0.1.29)
171
171
 
172
172
  v0.1.29 lifts execution into a pluggable driver layer: one narrow `ExecutionBackend`
173
- contract with interchangeable `node`/`bun`/`shell`/`container`/`remote`/`ci`
174
- drivers, selected by `--backend` (parallel to `--sandbox`) and inspected via
173
+ contract with swappable `node`/`bun`/`shell`/`container`/`remote`/`ci`
174
+ drivers, picked by `--backend` (parallel to `--sandbox`) and looked at through
175
175
  `backend list|show|probe`. The result/evidence envelope is schema-identical across
176
176
  backends; the backend id + sandbox attestation are recorded as provenance, so this
177
- surface is unchanged regardless of which backend executed a run. See
177
+ surface stays the same no matter which backend ran a run. See
178
178
  [execution-backends.7.md](execution-backends.7.md).
179
179
  ## Web / Desktop Workbench (v0.1.30)
180
180
 
181
181
  v0.1.30 adds the Web / Desktop Workbench: a read-only, localhost-only human
182
- console that renders this surface (and the other four operator panels — run
182
+ console that shows this surface (and the other four operator panels — run
183
183
  graph, blackboard, worker logs, candidate compare, audit timeline) for any run,
184
- reading the SAME capability `--json` payloads. It is a THIRD FRONT DOOR alongside
184
+ reading the SAME capability `--json` payloads. It is a THIRD FRONT DOOR next to
185
185
  the CLI and MCP that holds no authoritative state and forks no schema: each panel
186
186
  equals its `cw <cmd> --json` payload byte-for-byte (parity-gated), and refresh
187
- re-derives everything from disk. See
187
+ derives everything again from disk. See
188
188
  [web-desktop-workbench.7.md](web-desktop-workbench.7.md).
189
189
 
190
190
  ## Observability + Cost Accounting (v0.1.31)
@@ -195,7 +195,7 @@ fail-closed `n/a`), and host-attested token/cost from existing durable run state
195
195
  — no metrics database, no collector daemon, no hidden counter. Usage is additive
196
196
  and optional (absent ⇒ `unreported`, never 0); cost is `attested` (attested usage
197
197
  × a recorded pricing policy) or clearly `estimated`, with pricing as policy. Both
198
- verbs are parity-gated and render read-only in the v0.1.30 Workbench. See
198
+ verbs are parity-gated and show read-only in the v0.1.30 Workbench. See
199
199
  [observability-cost-accounting.7.md](observability-cost-accounting.7.md).
200
200
 
201
201
 
@@ -205,10 +205,10 @@ v0.1.32 adds Team Collaboration: a host-attested actor and append-only
205
205
  approvals/rejections/comments/handoffs provenance-linked to a durable target,
206
206
  plus a review gate that STACKS ON the verifier gate — required approvals from
207
207
  authorized roles, enforced inside `resolveCommitGate` AFTER the verifier checks
208
- and never instead of them, failing closed on quorum/authority/self-approval and
208
+ and never in place of them, failing closed on quorum/authority/self-approval and
209
209
  recording who approved the very artifact that shipped. Policy (required approvals,
210
210
  authorized roles, self-approval) is data, default off (pre-v0.1.32 behavior
211
- unchanged). The verbs are parity-gated and render read-only in the v0.1.30
211
+ not changed). The verbs are parity-gated and show read-only in the v0.1.30
212
212
  Workbench. See [Team Collaboration](team-collaboration.7.md).
213
213
 
214
214
  ## Release Tooling (v0.1.33)
@@ -217,7 +217,7 @@ the per-tag mechanical surfaces (version bump across 17 surfaces, feature scaffo
217
217
 
218
218
  ## Real Execution Backend Integrations (v0.1.34)
219
219
 
220
- container/remote/ci backends really execute (docker/podman run, remote/CI POST-and-poll) under the sandbox contract, with byte-stable evidence vs node and fail-closed refusal when a runtime/endpoint is unavailable. See real-execution-backends(7).
220
+ container/remote/ci backends really run (docker/podman run, remote/CI POST-and-poll) under the sandbox contract, with byte-stable evidence vs node and fail-closed refusal when a runtime/endpoint is not there to use. See real-execution-backends(7).
221
221
 
222
222
  ## Node Snapshot / Diff / Replay (v0.1.35)
223
223
 
@@ -249,15 +249,15 @@ evidence grounding + durable audit append + symlink-hardened containment + deter
249
249
 
250
250
  ## Robust Result Ingest (v0.1.42)
251
251
 
252
- capture findings/evidence from any reasonable agent shape (alt keys + prose), CW derives grounded evidence itself, warn on empty capture — closes the v0.1.41 live-drive 'accepted with 0 captured' failure
252
+ capture findings/evidence from any sensible agent shape (alt keys + prose), CW derives grounded evidence itself, warn on empty capture — closes the v0.1.41 live-drive 'accepted with 0 captured' failure
253
253
 
254
254
  ## No-False-Green Gate & Launch Prep (v0.1.43)
255
255
 
256
- Hard gate blocking empty-capture verifier-gated commits, plus quickstart and launch-prep docs.
256
+ Hard gate stopping empty-capture verifier-gated commits, plus quickstart and launch-prep docs.
257
257
 
258
258
  ## Release-Gate Determinism & Agents Vendor (v0.1.44)
259
259
 
260
- Release-readiness checks now validate the committed blob (`git show HEAD:<path>`) instead of the mutable working tree — eliminating false-red/false-green from concurrent working-tree writes (iCloud/Spotlight/editor). Adds the `agents` vendor manifest target: a generated `.agents/plugins/cool-workflow/` adapter giving any non-Claude AI agent one common interface to CW.
260
+ Release-readiness checks now check the committed blob (`git show HEAD:<path>`) instead of the changeable working tree — taking away false-red/false-green from working-tree writes at the same time (iCloud/Spotlight/editor). Adds the `agents` vendor manifest target: a generated `.agents/plugins/cool-workflow/` adapter giving any non-Claude AI agent one common interface to CW.
261
261
 
262
262
  ## P1-P2 Fixes & CI Content Surfaces (v0.1.49)
263
263
 
@@ -274,7 +274,11 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
274
274
 
275
275
  ## Fast Architecture Review (v0.1.80)
276
276
 
277
- Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, actionable background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
277
+ Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, useful background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
278
278
 
279
- _No changes to the state-explosion management surface in v0.1.81 (the module was carved into behavior-preserving siblings; output is byte-identical)._
279
+ _No changes to the state-explosion management surface in v0.1.81 (the module was cut into behavior-preserving siblings; output is byte-identical)._
280
280
  _No changes in v0.1.82._
281
+
282
+ ## Hardening and Onboarding (v0.1.83)
283
+
284
+ Loaders fail closed on corrupt state; store writes are made safe under more than one writer; a new cw doctor checks your setup; help lists every command; and the docs are put into Basic English.
@@ -29,17 +29,17 @@ const verified = transitionStateNode(result, { status: "verified", loopStage: "a
29
29
 
30
30
  ## DESCRIPTION
31
31
 
32
- `StateNode` is the small runtime object used to represent meaningful CW transitions as JSON. It is not a workflow app model and does not encode domain behavior.
32
+ `StateNode` is the small runtime object used to show important CW transitions as JSON. It is not a workflow app model and it does not hold domain behavior.
33
33
 
34
- The kernel owns node creation, explicit status transitions, artifact paths, contract validation, and structured errors. Workflow apps own prompts, phase order, and domain-specific interpretation.
34
+ The kernel owns node creation, clear status transitions, artifact paths, contract checks, and structured errors. Workflow apps own prompts, phase order, and the reading of domain-specific meaning.
35
35
 
36
- CW writes node JSON artifacts under:
36
+ CW writes node JSON artifacts in:
37
37
 
38
38
  ```text
39
39
  .cw/runs/<run-id>/nodes/
40
40
  ```
41
41
 
42
- The normal flow is:
42
+ The common flow is:
43
43
 
44
44
  ```text
45
45
  input node -> task node -> dispatch node -> result node -> verifier node -> commit/report node
@@ -51,11 +51,11 @@ Every `StateNode` includes `schemaVersion`, `id`, `kind`, `status`, `loopStage`,
51
51
 
52
52
  Every `PipelineContract` includes `schemaVersion`, `id`, `title`, `stages`, optional input/output schemas, artifact/evidence/failure/commit policies, and compatibility bounds.
53
53
 
54
- Each stage declares accepted input node kinds and statuses, produced output kind, required artifacts, required evidence, verifier gate, and retry/failure behavior.
54
+ Each stage names the input node kinds and statuses it takes, the output kind it makes, required artifacts, required evidence, verifier gate, and retry/failure behavior.
55
55
 
56
56
  ## FAILURE MODES
57
57
 
58
- Contract failures are raised as `PipelineContractError`. Each error carries a structured `StateNodeError` with:
58
+ Contract failures come up as `PipelineContractError`. Each error carries a structured `StateNodeError` with:
59
59
 
60
60
  - `code`
61
61
  - `message`
@@ -65,7 +65,7 @@ Contract failures are raised as `PipelineContractError`. Each error carries a st
65
65
  - optional `retryable`
66
66
  - optional `details`
67
67
 
68
- Illegal status transitions fail before mutating the node. Missing artifacts and missing evidence fail with locatable error records suitable for saving into a failure node.
68
+ Illegal status transitions fail before they change the node. Missing artifacts and missing evidence fail with error records you can locate, ready for saving into a failure node.
69
69
 
70
70
  Commit status is verifier-gated. A node cannot transition into `committed` unless it is already `verified`.
71
71
 
@@ -73,7 +73,7 @@ Commit status is verifier-gated. A node cannot transition into `committed` unles
73
73
 
74
74
  `schemaVersion` is required on both nodes and contracts. The current schema is `1`.
75
75
 
76
- New fields should be optional unless the runtime cannot proceed without them. Older run state without `nodes` or `contracts` remains readable; those arrays are initialized when loaded.
76
+ New fields should be optional unless the runtime cannot go on without them. Older run state without `nodes` or `contracts` can still be read; those arrays are set up when loaded.
77
77
 
78
78
  ## EXAMPLES
79
79