cool-workflow 0.1.82 → 0.1.84
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +2 -2
- package/.codex-plugin/plugin.json +4 -4
- package/README.md +128 -120
- package/apps/architecture-review/app.json +1 -1
- package/apps/architecture-review-fast/app.json +1 -1
- package/apps/end-to-end-golden-path/app.json +1 -1
- package/apps/pr-review-fix-ci/app.json +1 -1
- package/apps/release-cut/app.json +1 -1
- package/apps/research-synthesis/app.json +1 -1
- package/dist/capability-core.js +16 -8
- package/dist/capability-registry.js +270 -0
- package/dist/cli/command-surface.js +1320 -0
- package/dist/cli.js +2 -1307
- package/dist/commit.js +5 -1
- package/dist/doctor.js +153 -0
- package/dist/mcp-server.js +15 -1451
- package/dist/mcp-surface.js +1441 -0
- package/dist/orchestrator.js +13 -0
- package/dist/reclamation/hash.js +72 -0
- package/dist/reclamation.js +25 -78
- package/dist/run-registry/queue.js +6 -7
- package/dist/run-registry.js +35 -24
- package/dist/scheduler.js +78 -53
- package/dist/version.js +1 -1
- package/dist/worker-accept/acceptance.js +114 -0
- package/dist/worker-accept/blackboard-fanout.js +80 -0
- package/dist/worker-accept/blackboard-linkage.js +19 -0
- package/dist/worker-accept/context.js +2 -0
- package/dist/worker-accept/telemetry-ledger.js +116 -0
- package/dist/worker-accept/validation.js +77 -0
- package/dist/worker-accept/verifier-completion.js +73 -0
- package/dist/worker-isolation.js +41 -446
- package/docs/agent-delegation-drive.7.md +94 -86
- package/docs/agent-framework.md +33 -32
- package/docs/candidate-scoring.7.md +26 -24
- package/docs/canonical-workflow-apps.7.md +40 -40
- package/docs/capability-topology-registry.7.md +24 -24
- package/docs/cli-mcp-parity.7.md +230 -154
- package/docs/contract-migration-tooling.7.md +52 -41
- package/docs/control-plane-scheduling.7.md +49 -41
- package/docs/coordinator-blackboard.7.md +30 -30
- package/docs/dogfood-one-real-repo.7.md +44 -44
- package/docs/durable-state-and-locking.7.md +38 -30
- package/docs/end-to-end-golden-path.7.md +29 -29
- package/docs/error-feedback.7.md +27 -27
- package/docs/evidence-adoption-reasoning-chain.7.md +66 -58
- package/docs/execution-backends.7.md +88 -80
- package/docs/getting-started.md +35 -18
- package/docs/index.md +3 -3
- package/docs/mcp-app-surface.7.md +64 -64
- package/docs/multi-agent-cli-mcp-surface.7.md +86 -77
- package/docs/multi-agent-eval-replay-harness.7.md +63 -55
- package/docs/multi-agent-operator-ux.7.md +73 -65
- package/docs/multi-agent-runtime-core.7.md +39 -39
- package/docs/multi-agent-topologies.7.md +24 -24
- package/docs/multi-agent-trust-policy-audit.7.md +38 -38
- package/docs/node-snapshot-diff-replay.7.md +30 -22
- package/docs/observability-cost-accounting.7.md +53 -45
- package/docs/operator-ux.7.md +30 -30
- package/docs/pipeline-runner.7.md +31 -31
- package/docs/project-index.md +16 -5
- package/docs/real-execution-backends.7.md +51 -43
- package/docs/release-and-migration.7.md +46 -38
- package/docs/release-tooling.7.md +67 -50
- package/docs/routines.md +16 -16
- package/docs/run-registry-control-plane.7.md +124 -116
- package/docs/run-retention-reclamation.7.md +49 -41
- package/docs/sandbox-profiles.7.md +32 -32
- package/docs/scheduled-tasks.md +14 -14
- package/docs/security-trust-hardening.7.md +29 -29
- package/docs/source-context-profiles.7.md +28 -28
- package/docs/state-explosion-management.7.md +67 -59
- package/docs/state-node.7.md +8 -8
- package/docs/team-collaboration.7.md +66 -58
- package/docs/trust-model.md +126 -126
- package/docs/unix-principles.md +80 -80
- package/docs/vendor-manifest-loadability.7.md +20 -20
- package/docs/verifier-gated-commit.7.md +16 -16
- package/docs/web-desktop-workbench.7.md +73 -65
- package/docs/worker-isolation.7.md +34 -37
- package/docs/workflow-app-framework.7.md +38 -38
- package/manifest/plugin.manifest.json +4 -4
- package/package.json +3 -2
- package/scripts/bump-version.js +9 -1
- package/scripts/canonical-apps.js +4 -4
- package/scripts/dogfood-release.js +1 -1
- package/scripts/gen-parity-doc.js +106 -0
- package/scripts/golden-path.js +4 -4
- package/scripts/parity-check.js +27 -57
- package/scripts/release-flow.js +7 -6
- package/scripts/sync-project-index.js +1 -1
- package/dist/verifier-registry.js +0 -46
|
@@ -2,48 +2,48 @@
|
|
|
2
2
|
|
|
3
3
|
CW v0.1.32 adds Team Collaboration: a host-attested actor, append-only approvals,
|
|
4
4
|
rejections, comments, and handoffs, and a review gate that STACKS ON the verifier
|
|
5
|
-
gate. Before v0.1.32 there was no review/approval/comment/handoff/identity
|
|
6
|
-
anywhere; the
|
|
7
|
-
with an `actor`, candidate selection
|
|
8
|
-
and commits were verifier-gated. This release adds the human-decision layer ON TOP
|
|
9
|
-
of those mechanisms
|
|
5
|
+
gate. Before v0.1.32 there was no review/approval/comment/handoff/identity idea
|
|
6
|
+
anywhere; the base parts were already there — trust-audit kept a note of every
|
|
7
|
+
decision with an `actor`, candidate selection had `selectedBy`, role policies were
|
|
8
|
+
there, and commits were verifier-gated. This release adds the human-decision layer ON TOP
|
|
9
|
+
of those mechanisms. It does not change them and does not take ownership of source
|
|
10
10
|
truth.
|
|
11
11
|
|
|
12
|
-
The design
|
|
12
|
+
The design keeps to the same base-system way as
|
|
13
13
|
[Security / Trust Hardening](security-trust-hardening.7.md) and the
|
|
14
14
|
[Verifier-Gated Commit](verifier-gated-commit.7.md):
|
|
15
15
|
|
|
16
16
|
- the per-run `.cw/runs/<id>/state.json` is the SINGLE source of truth
|
|
17
|
-
- collaboration records are an APPEND-ONLY log, never
|
|
17
|
+
- collaboration records are an APPEND-ONLY log, never changed in place
|
|
18
18
|
- identity is ATTESTED provenance, never authenticated; CW is not an auth server
|
|
19
|
-
- the review gate is POLICY
|
|
20
|
-
- fail closed: missing authority,
|
|
19
|
+
- the review gate is POLICY put over the verifier MECHANISM — never a bypass
|
|
20
|
+
- fail closed: missing authority, unclear role, or self-approval is a denial
|
|
21
21
|
- policy (required approvals, authorized roles, self-approval) is data, not kernel
|
|
22
|
-
- backward compatible; every collaboration field is
|
|
22
|
+
- backward compatible; every collaboration field is added on and optional
|
|
23
23
|
|
|
24
24
|
## Identity is attested, not authenticated
|
|
25
25
|
|
|
26
|
-
An `Actor` is host-attested provenance, not an authenticated principal. CW
|
|
27
|
-
WHO acted; it does not
|
|
28
|
-
trust-boundary
|
|
29
|
-
provenances: `host-attested` (the host
|
|
30
|
-
(
|
|
31
|
-
becomes the
|
|
32
|
-
"unattributed", attested: false }` — never a
|
|
33
|
-
|
|
26
|
+
An `Actor` is host-attested provenance, not an authenticated principal. CW keeps a
|
|
27
|
+
note of WHO acted; it does not check a password, a token, or a signature — that is a host
|
|
28
|
+
trust-boundary thing. `normalizeActor` maps an actor input to one of three
|
|
29
|
+
provenances: `host-attested` (the host said so, `--attested`), `operator-recorded`
|
|
30
|
+
(given but not checked), or `unattributed` (no identity given). A missing identity
|
|
31
|
+
becomes the plain `unattributed` actor — `{ kind: "unattributed", id:
|
|
32
|
+
"unattributed", attested: false }` — never a made-up one. Spoofing is kept on record
|
|
33
|
+
in a true way as whatever provenance the host attested, not hidden. This builds on the
|
|
34
34
|
existing trust-audit `actor` string and the v0.1.29/v0.1.31 attestation pattern.
|
|
35
35
|
|
|
36
36
|
## Approvals and rejections are append-only and provenance-linked
|
|
37
37
|
|
|
38
38
|
`approve` and `reject` append an `ApprovalRecord` to `run.collaboration.approvals`.
|
|
39
|
-
Each record
|
|
39
|
+
Each record holds the actor, the decision, the durable target it joins to, an
|
|
40
40
|
optional rationale, the role the actor claims, and `auditEventIds` linking it to a
|
|
41
41
|
`collaboration.approval`/`collaboration.rejection` event in the trust-audit log —
|
|
42
|
-
|
|
42
|
+
just as `candidate.selection` keeps a note of both a `CandidateSelection` and an audit
|
|
43
43
|
event. The approved artifact (candidate/commit/selection) is NEVER edited in place:
|
|
44
|
-
"who approved what" is a provenance link, not a field overwrite. A
|
|
45
|
-
NEW record
|
|
46
|
-
log, no longer counts, and the original is
|
|
44
|
+
"who approved what" is a provenance link, not a field overwrite. A fix is a
|
|
45
|
+
NEW record holding `supersedes` (git-style); the superseded record stays in the
|
|
46
|
+
log, no longer counts, and the original is left as it was.
|
|
47
47
|
|
|
48
48
|
A target is one of `run | task | candidate | selection | commit | node`. "Who
|
|
49
49
|
approved which candidate/commit" is answered by filtering the append-only records
|
|
@@ -54,76 +54,76 @@ by target.
|
|
|
54
54
|
The verifier-gated commit is the MECHANISM (see
|
|
55
55
|
[Verifier-Gated Commit](verifier-gated-commit.7.md)): `resolveCommitGate` accepts a
|
|
56
56
|
commit only when a verified verifier node, a scored+verified candidate, and a
|
|
57
|
-
|
|
57
|
+
full acceptance rationale are present. A review gate is POLICY put on top.
|
|
58
58
|
`reviewGateErrors` runs INSIDE `resolveCommitGate`, AFTER the verifier checks, and
|
|
59
|
-
can only ADD errors — required approvals from authorized roles — never
|
|
59
|
+
can only ADD errors — required approvals from authorized roles — never take away the
|
|
60
60
|
verifier's. The same call guards candidate selection in `selectCandidate`.
|
|
61
61
|
|
|
62
62
|
Data flow for a gated commit:
|
|
63
63
|
|
|
64
|
-
1. `resolveCommitGate`
|
|
64
|
+
1. `resolveCommitGate` works out the candidate/selection and runs every verifier
|
|
65
65
|
check; if any fail the commit is blocked as before.
|
|
66
66
|
2. If a `ReviewGatePolicy` applies to `commit` (or `selection`), `reviewGateErrors`
|
|
67
|
-
|
|
67
|
+
works out the review state over the approvals pointing at the commit AND its
|
|
68
68
|
underlying selection/candidate (you approve the candidate; the commit honors it).
|
|
69
69
|
3. If the review state is not `approved`, a single `review-gate-missing-approvals`
|
|
70
|
-
StateNodeError is appended, listing
|
|
71
|
-
`commitState` throws `CommitGateError`,
|
|
70
|
+
StateNodeError is appended, listing just which approvals are missing.
|
|
71
|
+
`commitState` throws `CommitGateError`, kept on record as append-only feedback.
|
|
72
72
|
4. Only when BOTH gates pass is the commit written — and it is stamped with a
|
|
73
|
-
`CommitReviewProvenance`
|
|
73
|
+
`CommitReviewProvenance` keeping a note of WHO approved the very artifact that shipped.
|
|
74
74
|
|
|
75
|
-
Because the review errors are appended after the verifier errors and never
|
|
76
|
-
|
|
75
|
+
Because the review errors are appended after the verifier errors and never take their
|
|
76
|
+
place, an approval can never turn an unverified result into a committed one: an
|
|
77
77
|
approved-but-unverified candidate is still blocked by the verifier gate.
|
|
78
78
|
|
|
79
79
|
## Fail closed on authority and quorum
|
|
80
80
|
|
|
81
81
|
`deriveReviewState` is a pure, deterministic projection of the append-only records
|
|
82
|
-
plus a policy. It counts ONLY approvals that are, all at
|
|
82
|
+
plus a policy. It counts ONLY approvals that are, all at the same time: from an attested
|
|
83
83
|
identity (when `requireAttestedActor`), from a role in `authorizedRoles` (or `*`),
|
|
84
84
|
and not a self-approval (when `allowSelfApproval` is false; "self" is the
|
|
85
|
-
candidate's producing worker and its selector).
|
|
86
|
-
reach `requiredApprovals`. Anything
|
|
85
|
+
candidate's producing worker and its selector). The number of separate counted approvers must
|
|
86
|
+
reach `requiredApprovals`. Anything less is not let through on its own; the status is:
|
|
87
87
|
|
|
88
88
|
- `approved` — requirement met (or the target is not gated)
|
|
89
89
|
- `pending` — gated, no blocking reject, fewer than required counted approvals
|
|
90
|
-
- `blocked` — recorded approvals
|
|
90
|
+
- `blocked` — recorded approvals are there but none count (authority/self)
|
|
91
91
|
- `unattributed` — the only recorded approvals are from unattributed actors
|
|
92
92
|
- `rejected` — an authorized, attested reject is a blocking veto
|
|
93
93
|
|
|
94
|
-
Every
|
|
94
|
+
Every approval that does not qualify is shown with its reason (`unattributed`,
|
|
95
95
|
`unauthorized-role`, `self-approval`, `superseded`), so a reader can audit why an
|
|
96
|
-
approval did not count. A target
|
|
97
|
-
BLOCKED, and the block
|
|
96
|
+
approval did not count. A target needing N approvals with fewer recorded is
|
|
97
|
+
BLOCKED, and the block keeps a note of just what is missing.
|
|
98
98
|
|
|
99
99
|
## Comments and handoffs are state, not chat
|
|
100
100
|
|
|
101
101
|
A `comment` appends a `CommentRecord` to a durable target with an actor, a thread
|
|
102
|
-
id, and an audit link; threads are
|
|
103
|
-
place. A `handoff` appends a `HandoffRecord` —
|
|
104
|
-
a from-actor, a to-actor, and a reason — and the
|
|
105
|
-
DERIVED from the
|
|
106
|
-
channel: the collaboration IS the durable, inspectable state,
|
|
102
|
+
id, and an audit link; threads are put in order by `createdAt` and never edited in
|
|
103
|
+
place. A `handoff` appends a `HandoffRecord` — a clear ownership transfer with
|
|
104
|
+
a from-actor, a to-actor, and a reason — and the present owner of a run/task is
|
|
105
|
+
DERIVED from the newest handoff, never an overwritten field. There is no side
|
|
106
|
+
channel: the collaboration IS the durable, inspectable state, in keeping with CW's
|
|
107
107
|
no-hidden-dashboard-database rule.
|
|
108
108
|
|
|
109
109
|
## Policy as data, kept out of the kernel
|
|
110
110
|
|
|
111
111
|
`review policy <run-id>` writes a `ReviewGatePolicy` to `run.collaboration.policy`:
|
|
112
112
|
`requiredApprovals` (0 = no gate), `authorizedRoles` (`*` = any), `allowSelfApproval`,
|
|
113
|
-
`requireAttestedActor`, and `appliesTo` (target kinds). The default —
|
|
114
|
-
or `requiredApprovals: 0` —
|
|
115
|
-
without a policy
|
|
116
|
-
|
|
113
|
+
`requireAttestedActor`, and `appliesTo` (target kinds). The default — no policy
|
|
114
|
+
or `requiredApprovals: 0` — needs no approvals, so pre-v0.1.32 runs and any run
|
|
115
|
+
without a policy act just as before. The policy is data; the kernel only
|
|
116
|
+
makes the mechanism hold.
|
|
117
117
|
|
|
118
118
|
## One source, every surface
|
|
119
119
|
|
|
120
120
|
Each collaboration verb is declared once in `src/capability-registry.ts`, so
|
|
121
121
|
`cw <cmd> --json` is schema-identical to `cw_<cmd>` and passes the parity gate. The
|
|
122
|
-
read-only `review status` and `comment list` are byte-for-byte
|
|
123
|
-
and MCP (the payload-identity probe
|
|
122
|
+
read-only `review status` and `comment list` are byte-for-byte the same across CLI
|
|
123
|
+
and MCP (the payload-identity probe takes out only ISO timestamps; the only
|
|
124
124
|
now-derived field in a review report is `generatedAt`). The v0.1.30 Workbench
|
|
125
|
-
|
|
126
|
-
panel,
|
|
125
|
+
shows the review timeline and per-target approval state read-only as a sixth
|
|
126
|
+
panel, putting in the `review status` payload word for word. The v0.1.31 metrics report
|
|
127
127
|
adds derived approval-rate, time-to-approval, handoff-count, and reviewer-count,
|
|
128
128
|
all from recorded timestamps — deterministic over a fixed snapshot.
|
|
129
129
|
|
|
@@ -141,7 +141,7 @@ cw review status <run-id> [--json]
|
|
|
141
141
|
|
|
142
142
|
`<kind>` is one of `run | task | candidate | selection | commit | node`. Approve a
|
|
143
143
|
candidate (or selection), then commit `--candidate`/`--selection`; the commit gate
|
|
144
|
-
honors the candidate's approvals and
|
|
144
|
+
honors the candidate's approvals and keeps a note of who approved the shipped commit.
|
|
145
145
|
|
|
146
146
|
CW is the base system. Workflow apps are userland. Collaboration adds the human
|
|
147
147
|
decision as durable, attested, append-only state — never a hidden dashboard, never
|
|
@@ -149,11 +149,11 @@ a bypass of the verifier gate.
|
|
|
149
149
|
|
|
150
150
|
## Release Tooling (v0.1.33)
|
|
151
151
|
|
|
152
|
-
the per-tag mechanical surfaces (version bump across 17 surfaces, feature scaffold, and the forward-reference docs) become deterministic scripts, with a de-duplicated release gate. See release-tooling(7).
|
|
152
|
+
the per-tag mechanical surfaces (version bump across 17 surfaces, feature scaffold, and the forward-reference docs) become deterministic scripts, with a de-duplicated release gate. See release-tooling(7) for more.
|
|
153
153
|
|
|
154
154
|
## Real Execution Backend Integrations (v0.1.34)
|
|
155
155
|
|
|
156
|
-
container/remote/ci backends really execute (docker/podman run, remote/CI POST-and-poll) under the sandbox contract, with byte-stable evidence vs node and fail-closed refusal when a runtime/endpoint is
|
|
156
|
+
container/remote/ci backends really execute (docker/podman run, remote/CI POST-and-poll) under the sandbox contract, with byte-stable evidence vs node and fail-closed refusal when a runtime/endpoint is not there to use. See real-execution-backends(7).
|
|
157
157
|
|
|
158
158
|
## Node Snapshot / Diff / Replay (v0.1.35)
|
|
159
159
|
|
|
@@ -193,11 +193,11 @@ Hard gate blocking empty-capture verifier-gated commits, plus quickstart and lau
|
|
|
193
193
|
|
|
194
194
|
## Release-Gate Determinism & Agents Vendor (v0.1.44)
|
|
195
195
|
|
|
196
|
-
Release-readiness checks now validate the committed blob (`git show HEAD:<path>`)
|
|
196
|
+
Release-readiness checks now validate the committed blob (`git show HEAD:<path>`) in place of the mutable working tree — doing away with false-red/false-green from concurrent working-tree writes (iCloud/Spotlight/editor). Adds the `agents` vendor manifest target: a generated `.agents/plugins/cool-workflow/` adapter giving any non-Claude AI agent one common interface to CW.
|
|
197
197
|
|
|
198
198
|
## P1-P2 Fixes & CI Content Surfaces (v0.1.49)
|
|
199
199
|
|
|
200
|
-
Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.46), vendor-adapter registry (v0.1.47), state auto-compaction and P2 fixes (v0.1.48),
|
|
200
|
+
Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.46), vendor-adapter registry (v0.1.47), state auto-compaction and P2 fixes (v0.1.48), and CI content-surface determinism hardening (v0.1.49).
|
|
201
201
|
0.1.51
|
|
202
202
|
|
|
203
203
|
0.1.76
|
|
@@ -210,7 +210,15 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
|
|
|
210
210
|
|
|
211
211
|
## Fast Architecture Review (v0.1.80)
|
|
212
212
|
|
|
213
|
-
Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics,
|
|
213
|
+
Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, reusable Map and Assess results, measurable wrapper metrics, useful background full-review handoff, and userland model policy flags for routing fast/strong workers without changing the full review contract.
|
|
214
214
|
|
|
215
215
|
_No changes to the team-collaboration surface in v0.1.81._
|
|
216
216
|
_No changes in v0.1.82._
|
|
217
|
+
|
|
218
|
+
## Hardening and Onboarding (v0.1.83)
|
|
219
|
+
|
|
220
|
+
Loaders fail closed on corrupt state; store writes are made safe under more than one writer; a new cw doctor checks your setup; help lists every command; and the docs are put into Basic English.
|
|
221
|
+
|
|
222
|
+
## Privacy Release (v0.1.84)
|
|
223
|
+
|
|
224
|
+
No other change to this page in v0.1.84.
|