cool-workflow 0.1.84 → 0.1.86
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/.codex-plugin/plugin.json +1 -1
- package/README.md +47 -331
- package/apps/architecture-review/app.json +1 -1
- package/apps/architecture-review-fast/app.json +1 -1
- package/apps/architecture-review-fast/workflow.js +2 -0
- package/apps/end-to-end-golden-path/app.json +1 -1
- package/apps/pr-review-fix-ci/app.json +1 -1
- package/apps/release-cut/app.json +1 -1
- package/apps/research-synthesis/app.json +1 -1
- package/dist/capability-core.js +220 -5
- package/dist/capability-registry.js +90 -51
- package/dist/cli/command-surface.js +47 -2
- package/dist/doctor.js +37 -1
- package/dist/mcp/tool-call.js +428 -0
- package/dist/mcp/tool-definitions.js +1027 -0
- package/dist/mcp-surface.js +5 -1416
- package/dist/onramp.js +421 -0
- package/dist/orchestrator.js +20 -15
- package/dist/run-export.js +139 -1
- package/dist/telemetry-demo.js +119 -0
- package/dist/types/report-bundle.js +6 -0
- package/dist/types.js +1 -0
- package/dist/version.js +1 -1
- package/dist/workbench-host.js +1 -8
- package/docs/agent-delegation-drive.7.md +23 -2
- package/docs/cli-mcp-parity.7.md +38 -7
- package/docs/contract-migration-tooling.7.md +4 -0
- package/docs/control-plane-scheduling.7.md +4 -0
- package/docs/dogfood-one-real-repo.7.md +9 -1
- package/docs/durable-state-and-locking.7.md +4 -0
- package/docs/evidence-adoption-reasoning-chain.7.md +4 -0
- package/docs/execution-backends.7.md +4 -0
- package/docs/getting-started.md +40 -2
- package/docs/index.md +51 -37
- package/docs/multi-agent-cli-mcp-surface.7.md +4 -0
- package/docs/multi-agent-eval-replay-harness.7.md +4 -0
- package/docs/multi-agent-operator-ux.7.md +4 -0
- package/docs/node-snapshot-diff-replay.7.md +4 -0
- package/docs/observability-cost-accounting.7.md +4 -0
- package/docs/project-index.md +23 -7
- package/docs/real-execution-backends.7.md +4 -0
- package/docs/release-and-migration.7.md +5 -1
- package/docs/release-history.md +342 -0
- package/docs/release-tooling.7.md +18 -0
- package/docs/report-verifiable-bundle.7.md +123 -0
- package/docs/run-registry-control-plane.7.md +4 -0
- package/docs/run-retention-reclamation.7.md +4 -0
- package/docs/state-explosion-management.7.md +4 -0
- package/docs/team-collaboration.7.md +4 -0
- package/docs/web-desktop-workbench.7.md +4 -0
- package/manifest/plugin.manifest.json +1 -1
- package/manifest/source-context-profiles.json +1 -1
- package/package.json +2 -1
- package/scripts/architecture-review-fast.js +44 -2
- package/scripts/canonical-apps.js +4 -4
- package/scripts/dogfood-release.js +55 -133
- package/scripts/golden-path.js +4 -4
- package/scripts/onramp-check.js +47 -0
- package/scripts/parity-check.js +740 -2
- package/scripts/release-check.js +2 -0
- package/scripts/source-context.js +31 -5
- package/scripts/version-sync-check.js +4 -2
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
3
|
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
4
|
-
"version": "0.1.
|
|
4
|
+
"version": "0.1.86",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "COOLWHITE LLC"
|
|
7
7
|
},
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.86",
|
|
4
4
|
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "COOLWHITE LLC"
|
package/README.md
CHANGED
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|

|
|
16
16
|

|
|
17
17
|
|
|
18
|
-
**[
|
|
18
|
+
**[Start Here](#start-here)** · [Quickstart](#quickstart) · [Developer Loop](#developer-loop) · [Commands](#commands) · [Release History](docs/release-history.md)
|
|
19
19
|
|
|
20
20
|
Cool Workflow, or CW, is a free-standing agent workflow control-plane put up as a
|
|
21
21
|
TypeScript runtime. It gives a COL-Architecture: Router / Orchestrator,
|
|
@@ -43,225 +43,34 @@ CW keeps to a small set of Unix-based workflow rules: small kernel,
|
|
|
43
43
|
clear state, pipes that join, workers kept apart, and verifier-gated commits.
|
|
44
44
|
See [docs/unix-principles.md](docs/unix-principles.md).
|
|
45
45
|
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
byte-stable evidence on `node`, `shell`, and `bun`); the backend id + sandbox
|
|
75
|
-
attestation are recorded AS provenance, so eval/replay, the verifier gates, and
|
|
76
|
-
the v0.1.28 run registry stay backend-agnostic. The container/remote/ci drivers
|
|
77
|
-
DELEGATE and record a handle + attestation + result — CW does not become the
|
|
78
|
-
executor. Selection is like `--sandbox` with a parallel `--backend` flag and
|
|
79
|
-
`backend list|show|probe`, declared once in the capability registry so
|
|
80
|
-
`cw <cmd> --json` is schema-identical to `cw_<tool>`. The default (`node`) backend
|
|
81
|
-
gives pre-v0.1.29 behavior just the same. See
|
|
82
|
-
[docs/execution-backends.7.md](docs/execution-backends.7.md).
|
|
83
|
-
|
|
84
|
-
CW v0.1.31 adds Observability + Cost Accounting: time/duration, failure rate,
|
|
85
|
-
verifier pass rate, candidate acceptance rate, and token/cost — all DERIVED from
|
|
86
|
-
the run state CW already keeps (timestamps → durations; verifier nodes → pass
|
|
87
|
-
rate; candidates → acceptance; failed workers/feedback → failure rate). There is
|
|
88
|
-
NO metrics database, NO collector daemon, NO secret counter. A rate over zero
|
|
89
|
-
samples is `n/a`, never a made-up 0%/100%. Cost is ATTESTED, never measured:
|
|
90
|
-
CW does not call the model, so token usage is recorded as host-attested
|
|
91
|
-
provenance on the existing result/worker intake (absent ⇒ `unreported`, never 0),
|
|
92
|
-
and a money figure is `attested` only from attested usage × a recorded pricing
|
|
93
|
-
policy — guessed pricing is a SEPARATE `estimated` figure, never mixed in.
|
|
94
|
-
Pricing is POLICY as data (`--pricing <path>|default`), out of the kernel.
|
|
95
|
-
`metrics show`/`metrics summary` are declared once in the capability registry so
|
|
96
|
-
`cw <cmd> --json` is byte-identical to `cw_<tool>`, and the v0.1.30 Workbench
|
|
97
|
-
shows a read-only metrics panel from the same payload. See
|
|
98
|
-
[docs/observability-cost-accounting.7.md](docs/observability-cost-accounting.7.md).
|
|
99
|
-
|
|
100
|
-
CW v0.1.30 adds the Web / Desktop Workbench: a console for people that shows a
|
|
101
|
-
run's run graph, blackboard, worker logs, candidate compare, and audit timeline,
|
|
102
|
-
plus a cross-run way in over the v0.1.28 Run Registry. It is a THIRD FRONT
|
|
103
|
-
DOOR next to the CLI (human speed) and MCP (machine context) — all three are
|
|
104
|
-
presentation policy over ONE mechanism. Keeping CW's "no hidden dashboard
|
|
105
|
-
database" promise, the Workbench holds ZERO authoritative state: it is a
|
|
106
|
-
stateless, READ-ONLY renderer over the durable `.cw/` files and the existing
|
|
107
|
-
capability payloads, so each panel is the same as its `cw <cmd> --json` payload
|
|
108
|
-
byte-for-byte (parity-gated) and refresh works it all out again from disk — delete
|
|
109
|
-
the host and nothing is lost. The optional localhost host (`cw workbench serve`)
|
|
110
|
-
binds `127.0.0.1` only, is read-only (writes refused `405`), says no to non-localhost
|
|
111
|
-
`Host` headers and path traversal, and fails closed on unreadable state. It is an
|
|
112
|
-
OPTIONAL surface: the committed `dist/` and a plain `node` runtime keep working
|
|
113
|
-
with the Workbench (and its dependency-light static UI) gone. See
|
|
114
|
-
[docs/web-desktop-workbench.7.md](docs/web-desktop-workbench.7.md).
|
|
115
|
-
|
|
116
|
-
CW v0.1.28 adds the Run Registry / Control Plane: a layer that looks after MANY
|
|
117
|
-
workflow runs across repositories — `run search`, `run resume`, `run archive`, a
|
|
118
|
-
durable `queue`, cross-repo `history`, and failed-run `run rerun` — over the
|
|
119
|
-
per-run `.cw/runs/<id>/state.json`, which stays the one true source. The
|
|
120
|
-
registry (`src/run-registry.ts`) is a DERIVED, rebuildable, fingerprinted index:
|
|
121
|
-
it sorts a documented lifecycle (`queued → running → blocked → completed →
|
|
122
|
-
failed → archived`), finds runs cross-repo through a plain-file home registry
|
|
123
|
-
(`CW_HOME`/XDG), and fails closed — tampered or missing source comes up as
|
|
124
|
-
`stale`/`missing` and starts a rebuild, never a made-up status. Resume
|
|
125
|
-
goes on with a run, rerun makes a NEW run tied to the first one by provenance, and
|
|
126
|
-
archive marks it without deleting source. Every verb is declared once in the
|
|
127
|
-
capability registry, so `cw <cmd> --json` is schema-identical to `cw_<tool>`. See
|
|
128
|
-
[docs/run-registry-control-plane.7.md](docs/run-registry-control-plane.7.md).
|
|
129
|
-
|
|
130
|
-
CW v0.1.27 adds CLI ↔ MCP Parity: the command-line surface and the MCP surface
|
|
131
|
-
are now two views of ONE data source, declared in a single capability
|
|
132
|
-
registry (`src/capability-registry.ts`) and kept fail-closed. Each capability
|
|
133
|
-
names one shared core `entry`; `cw <cmd> --json` is payload-identical to the
|
|
134
|
-
matching `cw_<tool>` MCP result, the CLI stays short for people while MCP stays
|
|
135
|
-
full for machines, and `npm run parity:check` (wired into `release:check`)
|
|
136
|
-
stops any drift — a capability on only one surface, an undeclared tool or
|
|
137
|
-
command, or a payload that does not match. See
|
|
138
|
-
[docs/cli-mcp-parity.7.md](docs/cli-mcp-parity.7.md).
|
|
139
|
-
|
|
140
|
-
CW v0.1.26 adds the Evidence Adoption Reasoning Chain: a derived, fingerprinted,
|
|
141
|
-
fail-closed view that makes clear *why* each evidence item was adopted, rejected,
|
|
142
|
-
superseded, or conflicting. For every gate (`fanin`, `candidate-score`,
|
|
143
|
-
`selection`, `verifier`, `commit`) it records the decision, basis (evidence +
|
|
144
|
-
provenance + trust source), authority (role/membership/worker + role policy),
|
|
145
|
-
rationale (using existing reason fields again), and counterfactual (the other choices
|
|
146
|
-
that lost). A "why" that cannot be traced to a real record comes up as
|
|
147
|
-
`unexplained` rather than a made-up rationale. New surfaces: `multi-agent
|
|
148
|
-
reasoning <run-id> [--evidence <id>] [--refresh]`, the MCP tools
|
|
149
|
-
`cw_evidence_reasoning` and `cw_evidence_reasoning_refresh`, and an added
|
|
150
|
-
`rationaleStatus` on `multi-agent evidence`. The chain is derived, never
|
|
151
|
-
the top authority over raw state, and kept under `.cw/runs/<run-id>/reasoning/`.
|
|
152
|
-
See
|
|
153
|
-
[docs/evidence-adoption-reasoning-chain.7.md](docs/evidence-adoption-reasoning-chain.7.md).
|
|
154
|
-
|
|
155
|
-
CW v0.1.25 adds State Explosion Management: durable, versioned,
|
|
156
|
-
provenance-backed summary records (`MultiAgentSummaryIndex`,
|
|
157
|
-
`BlackboardSummaryRecord`, `GraphSummaryRecord`, `OperatorDigest`,
|
|
158
|
-
`StateExplosionReport`), small and pointed graph views with built-up summary
|
|
159
|
-
nodes, blackboard digests, and eval/replay-gated freshness checks. Summaries are
|
|
160
|
-
derived userland indexes that never delete raw blackboard, graph, audit, or
|
|
161
|
-
evidence records and fail closed when stale. New surfaces: `summary refresh`,
|
|
162
|
-
`summary show`, `blackboard summarize`, `multi-agent summarize`, and
|
|
163
|
-
`multi-agent graph --view`. See
|
|
164
|
-
[docs/state-explosion-management.7.md](docs/state-explosion-management.7.md).
|
|
165
|
-
|
|
166
|
-
CW v0.1.24 makes harder state loading, migrations, MCP tool calls, multi-agent and
|
|
167
|
-
blackboard persistence, and eval/replay artifact validation with fail-closed
|
|
168
|
-
operator diagnostics.
|
|
169
|
-
|
|
170
|
-
CW v0.1.23 adds Multi-Agent Eval & Replay Harness: deterministic snapshots,
|
|
171
|
-
isolated replays, normalized comparisons, replay scoring, release gates, human
|
|
172
|
-
reports, and MCP parity for topology-backed multi-agent runs. See
|
|
173
|
-
[docs/multi-agent-eval-replay-harness.7.md](docs/multi-agent-eval-replay-harness.7.md).
|
|
174
|
-
|
|
175
|
-
CW v0.1.22 adds Multi-Agent Trust / Policy / Audit: role policies, permission
|
|
176
|
-
decisions, provenance-rich blackboard messages, blackboard write audit, judge
|
|
177
|
-
rationale, panel decisions, and policy violations in the existing trust-audit
|
|
178
|
-
log. See
|
|
179
|
-
[docs/multi-agent-trust-policy-audit.7.md](docs/multi-agent-trust-policy-audit.7.md).
|
|
180
|
-
|
|
181
|
-
CW v0.1.21 adds Multi-Agent Operator UX: small graph, dependencies,
|
|
182
|
-
failures, and evidence adoption views for topology-backed multi-agent runs.
|
|
183
|
-
Operators can trace agent -> dependency -> evidence -> fanin -> score ->
|
|
184
|
-
selection -> verifier-gated commit with no separate dashboard state. See
|
|
185
|
-
[docs/multi-agent-operator-ux.7.md](docs/multi-agent-operator-ux.7.md).
|
|
186
|
-
|
|
187
|
-
CW v0.1.20 adds Multi-Agent CLI + MCP Surface: the host loop to go for, for
|
|
188
|
-
`multi-agent run`, `multi-agent status`, `multi-agent step`,
|
|
189
|
-
`multi-agent blackboard`, `multi-agent score`, and `multi-agent select`.
|
|
190
|
-
The matching MCP tools are `cw_multi_agent_run`, `cw_multi_agent_status`,
|
|
191
|
-
`cw_multi_agent_step`, `cw_multi_agent_blackboard`, `cw_multi_agent_score`,
|
|
192
|
-
and `cw_multi_agent_select`. See
|
|
193
|
-
[docs/multi-agent-cli-mcp-surface.7.md](docs/multi-agent-cli-mcp-surface.7.md).
|
|
194
|
-
|
|
195
|
-
CW v0.1.19 adds Multi-Agent Topologies: official `map-reduce`, `debate`, and
|
|
196
|
-
`judge-panel` coordination definitions with validation, apply-time
|
|
197
|
-
materialization, topology run state, topology graphs, Operator UX panels, trust
|
|
198
|
-
audit provenance, CLI commands, and MCP parity. Applying a topology makes the
|
|
199
|
-
linked MultiAgentRun, roles, groups, fanout, blackboard topics, coordinator
|
|
200
|
-
decisions, and deterministic next actions that the agent host can do.
|
|
201
|
-
See [docs/multi-agent-topologies.7.md](docs/multi-agent-topologies.7.md).
|
|
202
|
-
|
|
203
|
-
CW v0.1.18 adds Coordinator / Blackboard: first-class shared topics,
|
|
204
|
-
messages, context frames, artifact refs, snapshots, and coordinator decisions.
|
|
205
|
-
The blackboard is the coordination filesystem used by topology runs to index
|
|
206
|
-
evidence, conflicts, fanin readiness, and synthesis decisions. See
|
|
207
|
-
[docs/coordinator-blackboard.7.md](docs/coordinator-blackboard.7.md).
|
|
208
|
-
|
|
209
|
-
CW v0.1.17 added Multi-Agent Runtime Core: first-class `MultiAgentRun`,
|
|
210
|
-
`AgentRole`, `AgentGroup`, `AgentMembership`, `AgentFanout`, and `AgentFanin`
|
|
211
|
-
state with lifecycle validation, dispatch attachment, worker manifest metadata,
|
|
212
|
-
fanin evidence coverage, Operator UX panels, trust audit events, CLI commands,
|
|
213
|
-
and MCP parity. See
|
|
214
|
-
[docs/multi-agent-runtime-core.7.md](docs/multi-agent-runtime-core.7.md).
|
|
215
|
-
|
|
216
|
-
CW v0.1.16 adds Dogfood One Real Repo: a dry-run release proof that runs the
|
|
217
|
-
canonical `release-cut` app against this repository, records real command
|
|
218
|
-
evidence, scores/selects a release candidate, makes a verifier-gated CW state
|
|
219
|
-
commit, and makes trust clear through audit provenance. See
|
|
220
|
-
[docs/dogfood-one-real-repo.7.md](docs/dogfood-one-real-repo.7.md).
|
|
221
|
-
|
|
222
|
-
CW v0.1.15 adds Security / Trust Hardening: durable trust audit records,
|
|
223
|
-
worker sandbox decision history, evidence provenance, acceptance rationale,
|
|
224
|
-
and CLI/MCP audit inspection. See
|
|
225
|
-
[docs/security-trust-hardening.7.md](docs/security-trust-hardening.7.md).
|
|
226
|
-
|
|
227
|
-
CW v0.1.14 added Release & Migration Discipline: clear run-state schema
|
|
228
|
-
migration policy, fixture-based backward compatibility tests, version
|
|
229
|
-
synchronization checks, and a dry-run release gate. See
|
|
230
|
-
[docs/release-and-migration.7.md](docs/release-and-migration.7.md).
|
|
231
|
-
|
|
232
|
-
CW v0.1.13 completes the MCP / App Surface so agent hosts can take CW as a
|
|
233
|
-
runtime in place of a CLI wrapper. MCP now covers app runs, worker inspection and
|
|
234
|
-
output recording, candidate scoring/selection, sandbox profile resolution,
|
|
235
|
-
verifier-gated commits, and structured operator summaries while keeping old
|
|
236
|
-
tool names. See [docs/mcp-app-surface.7.md](docs/mcp-app-surface.7.md).
|
|
237
|
-
|
|
238
|
-
CW v0.1.12 added Operator UX: human-readable status, graph, report summaries,
|
|
239
|
-
resource summaries, commit/feedback/worker/candidate panels, and deterministic
|
|
240
|
-
next-step suggestions. JSON is still there with `--json` or
|
|
241
|
-
`--format json`. See [docs/operator-ux.7.md](docs/operator-ux.7.md).
|
|
242
|
-
|
|
243
|
-
CW v0.1.11 added Canonical Workflow Apps: official app-directory userland for
|
|
244
|
-
`architecture-review`, `pr-review-fix-ci`, `release-cut`, and
|
|
245
|
-
`research-synthesis`. They validate and plan through `npm run canonical-apps`
|
|
246
|
-
and are the app matrix used to judge if the framework is nice to use, steady, and
|
|
247
|
-
able to say much. See
|
|
248
|
-
[docs/canonical-workflow-apps.7.md](docs/canonical-workflow-apps.7.md).
|
|
249
|
-
|
|
250
|
-
CW v0.1.10 added the End-to-End Golden Path: a deterministic regression command
|
|
251
|
-
that validates a first-class app, plans a run, dispatches a readonly isolated
|
|
252
|
-
worker, records a simulated worker result, scores/selects a candidate, makes a
|
|
253
|
-
verifier-gated commit, and renders a report. See
|
|
254
|
-
[docs/end-to-end-golden-path.7.md](docs/end-to-end-golden-path.7.md).
|
|
255
|
-
|
|
256
|
-
CW v0.1.9 added the Workflow App framework: first-class app metadata, validation,
|
|
257
|
-
deterministic app discovery, app CLI/MCP tools, app templates, and run
|
|
258
|
-
state/report metadata. See
|
|
259
|
-
[docs/workflow-app-framework.7.md](docs/workflow-app-framework.7.md).
|
|
260
|
-
|
|
261
|
-
CW v0.1.8 added Sandbox Profiles: named worker policy contracts for read paths,
|
|
262
|
-
write paths, command execution, network access, and environment exposure. CW
|
|
263
|
-
keeps and validates the policy, while the agent host makes good the OS/process
|
|
264
|
-
runtime controls. See [docs/sandbox-profiles.7.md](docs/sandbox-profiles.7.md).
|
|
46
|
+
## Start Here
|
|
47
|
+
|
|
48
|
+
Use the short path first. The long notes below are history and deep reference,
|
|
49
|
+
not the first run.
|
|
50
|
+
|
|
51
|
+
```bash
|
|
52
|
+
cw demo tamper
|
|
53
|
+
cw doctor --onramp
|
|
54
|
+
cw quickstart architecture-review --check --repo /path/to/repo \
|
|
55
|
+
--question "What are the main risks?" --agent-command builtin:claude
|
|
56
|
+
cw quickstart architecture-review --repo /path/to/repo \
|
|
57
|
+
--question "What are the main risks?" --agent-command builtin:claude --bundle
|
|
58
|
+
cw report verify-bundle report.cwrun.json
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
For source work, keep the loop small:
|
|
62
|
+
|
|
63
|
+
```bash
|
|
64
|
+
npm run build
|
|
65
|
+
node test/<nearest-smoke>.js
|
|
66
|
+
npm run test:fast
|
|
67
|
+
```
|
|
68
|
+
|
|
69
|
+
Run `npm run release:check` only when the batch is ready for the full gate. Start
|
|
70
|
+
with `quickstart` and `report` before the multi-agent pages.
|
|
71
|
+
|
|
72
|
+
For the full capability and release history, see [docs/release-history.md](docs/release-history.md).
|
|
73
|
+
This README tracks CW v0.1.85.
|
|
265
74
|
|
|
266
75
|
## Quickstart
|
|
267
76
|
|
|
@@ -280,6 +89,9 @@ npx cool-workflow quickstart architecture-review --repo /path/to/repo \
|
|
|
280
89
|
--question "Is this architecture sound?" --agent-command builtin:claude
|
|
281
90
|
```
|
|
282
91
|
|
|
92
|
+
Add `--bundle` when the report has to go to someone else; then check the file
|
|
93
|
+
offline with `cw report verify-bundle report.cwrun.json`.
|
|
94
|
+
|
|
283
95
|
CW DELEGATES worker execution to your own agent. With no `--agent-command` (or
|
|
284
96
|
`CW_AGENT_COMMAND`) the drive fails closed (status `blocked`) — it never makes up a
|
|
285
97
|
result. `--agent-command builtin:claude` points to a bundled read-only `claude -p`
|
|
@@ -297,6 +109,20 @@ More: `cw quickstart <app> --preview` (read-only dry run), `cw run resume <run-i
|
|
|
297
109
|
(go on with a run that was stopped), `cw run inspect-archive <archive>` (integrity-check a
|
|
298
110
|
portable run archive without bringing it in).
|
|
299
111
|
|
|
112
|
+
## Developer Loop
|
|
113
|
+
|
|
114
|
+
Use the shortest check that fits the change:
|
|
115
|
+
|
|
116
|
+
```bash
|
|
117
|
+
npm run build
|
|
118
|
+
node test/<nearest-smoke>.js
|
|
119
|
+
npm run test:fast
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
For a source checkout, `cw doctor --onramp --changed-from origin/main` gives the
|
|
123
|
+
nearest smoke tests and release gate commands for the current change. Before a
|
|
124
|
+
release, run `npm run release:check`.
|
|
125
|
+
|
|
300
126
|
## Structure
|
|
301
127
|
|
|
302
128
|
```text
|
|
@@ -599,114 +425,4 @@ Verification and synthesis tasks need a structured result block:
|
|
|
599
425
|
```
|
|
600
426
|
````
|
|
601
427
|
|
|
602
|
-
|
|
603
|
-
|
|
604
|
-
the per-tag mechanical surfaces (version bump across 17 surfaces, feature scaffold, and the forward-reference docs) become deterministic scripts, with a release gate that has no copies. See release-tooling(7).
|
|
605
|
-
|
|
606
|
-
## Real Execution Backend Integrations (v0.1.34)
|
|
607
|
-
|
|
608
|
-
container/remote/ci backends really do the work (docker/podman run, remote/CI POST-and-poll) under the sandbox contract, with byte-stable evidence vs node and fail-closed refusal when a runtime/endpoint is not there to use. See real-execution-backends(7).
|
|
609
|
-
|
|
610
|
-
## Node Snapshot / Diff / Replay (v0.1.35)
|
|
611
|
-
|
|
612
|
-
per-node snapshot, structural diff, and isolated deterministic replay over StateNode, using the v0.1.23 eval harness again; fail-closed on source drift (valid|stale|absent). See node-snapshot-diff-replay(7).
|
|
613
|
-
|
|
614
|
-
## Contract Migration Tooling (v0.1.36)
|
|
615
|
-
|
|
616
|
-
first-class declared migration registry (run-state + workflow-app) with per-edge compatibility proofs, fail-closed reachability, and a round-trip/non-destruction prover. See contract-migration-tooling(7).
|
|
617
|
-
|
|
618
|
-
## Control-Plane Scheduling (v0.1.37)
|
|
619
|
-
|
|
620
|
-
priority + concurrency limits + lease lifecycle + retry/backoff + fail-closed park over the v0.1.28 Run Registry queue; policy-as-data, deterministic. See control-plane-scheduling(7).
|
|
621
|
-
|
|
622
|
-
## Agent Delegation Drive (v0.1.38)
|
|
623
|
-
|
|
624
|
-
start up an outside agent process per worker, catch result.md + attestation, auto-drive plan->dispatch->fulfill->accept->commit
|
|
625
|
-
|
|
626
|
-
## Run Retention & Provable Reclamation (v0.1.39)
|
|
627
|
-
|
|
628
|
-
tiered, append-only, cryptographically-verifiable disk reclamation: `gc plan|run|verify` close up the audit skeleton, free the reconstructable/scratch bulk, and prove it by way of a hash-chained tombstone. Write-ahead + fail-closed (skeleton -> tombstone -> fsync -> free); clear capability downgrade (verify-only / re-runnable-by-reconstruction); CW never reclaims to start with.
|
|
629
|
-
|
|
630
|
-
## Durable State & Locking (v0.1.40)
|
|
631
|
-
|
|
632
|
-
every authoritative write is now atomic (temp -> rename, so a crash can never cut short state.json) with fsync-durability for the audit-essential stores; the cross-process read-modify-write stores (home queue, archive overlay, reclamation chain) are serialized by a portable stale-stealing file lock. Closes the architecture self-audit's non-atomic/unlocked P1 and pulls reclamation's result-node re-point inside the write-ahead boundary (durable persist + dangling-ref proof before any free) with a content-validated skeleton.
|
|
633
|
-
|
|
634
|
-
## Self-Audit Hardening & Pure-Router Decomposition (v0.1.41)
|
|
635
|
-
|
|
636
|
-
closes the v0.1.41 architecture self-audit's real findings and pays down its top maintainability debt. Hardening: evidence-gated commits now need GROUNDED locators (path/URL/namespace:value), not just presence, with opt-in `CW_REQUIRE_RESOLVABLE_EVIDENCE` on-disk resolution; the trust-audit event log is appended with fsync (durable like state.json); path containment is symlink-hardened (realpath of the deepest existing ancestor) across sandbox checks and reclamation proofs; worker ids are deterministic; coordinator secret redaction recurses. Maintainability: the `descriptor.id ===` switches in the execution backend are gone — drivers self-describe through a `registerBackend` registry — and the ~2100-line CoolWorkflowRunner god-object is broken up into per-domain operation modules under `src/orchestrator/`, leaving the runner a pure `loadRun -> delegate` router. Behavior-preserving (verified by adversarial review + full release:check).
|
|
637
|
-
|
|
638
|
-
## Robust Result Ingest (v0.1.42)
|
|
639
|
-
|
|
640
|
-
catch findings/evidence from any agent shape that makes sense (alt keys + prose), CW works out grounded evidence itself, warn on empty capture — closes the v0.1.41 live-drive 'accepted with 0 captured' failure
|
|
641
|
-
|
|
642
|
-
## No-False-Green Gate & Launch Prep (v0.1.43)
|
|
643
|
-
|
|
644
|
-
Hard gate stopping empty-capture verifier-gated commits, plus quickstart and launch-prep docs.
|
|
645
|
-
|
|
646
|
-
## Release-Gate Determinism & Agents Vendor (v0.1.44)
|
|
647
|
-
|
|
648
|
-
Release-readiness checks now validate the committed blob (`git show HEAD:<path>`) in place of the mutable working tree — doing away with false-red/false-green from concurrent working-tree writes (iCloud/Spotlight/editor). Adds the `agents` vendor manifest target: a generated `.agents/plugins/cool-workflow/` adapter that gives any non-Claude AI agent one shared way in to CW.
|
|
649
|
-
|
|
650
|
-
## Migration DAG (v0.1.45)
|
|
651
|
-
|
|
652
|
-
Puts in place of the linear migration chain a BFS graph path resolver (`findMigrationPath()`) over directed migration edges. Each `StateMigrationStep` carries an optional `reverse()` function, which makes rollback/downgrade paths possible by way of `reverseRunState()`.
|
|
653
|
-
|
|
654
|
-
## Capability Auto-Discovery (v0.1.46)
|
|
655
|
-
|
|
656
|
-
`registerCapability()` builder pattern takes the place of by-hand registry entries. Capabilities self-register at implementation sites by way of Map-based dedup; no need to touch `capability-registry.ts`. New capabilities call `registerCapability()` next to their entry function.
|
|
657
|
-
|
|
658
|
-
## Vendor-Adapter Registry (v0.1.47)
|
|
659
|
-
|
|
660
|
-
Data-driven manifest generation: vendor JSON shapes taken out of `gen-manifests.js` into declarative templates in `plugin.manifest.json`. A `_resolveTemplate()` engine works out `{{path.to.field}}` markers. Adding a new AI platform is pure data. Cross-vendor is proven by boot, not just by generation: `npm run manifest:load-check` (`node test/vendor-manifest-load-smoke.js`) loads every generated manifest (claude, codex, agents, gemini, opencode) and makes sure each shows the full tool surface (184 tools).
|
|
661
|
-
|
|
662
|
-
## P2 Fixes (v0.1.48)
|
|
663
|
-
|
|
664
|
-
State auto-compaction by way of `setPostSaveCallback()` hook — after every `saveCheckpoint()`, the orchestrator checks `computeStateSize()` and auto-starts compaction. Agent dedup docs, npm `ci` aggregate script.
|
|
665
|
-
|
|
666
|
-
## CI Content-Surface Fix (v0.1.49)
|
|
667
|
-
|
|
668
|
-
CHANGELOG.md and RELEASE.md are content surfaces checked by the dogfood-release gate. The bump-version script covers structured surfaces only; content surface updates are now written down as a release step.
|
|
669
|
-
|
|
670
|
-
## Auto-Compaction Fix (v0.1.50, v0.1.51)
|
|
671
|
-
|
|
672
|
-
Auto-compaction hook moved from `saveCheckpoint()` to clear `maybeCompactRun()` calls after big lifecycle mutations. Fixes test fixture fingerprint instability. Also fixes the dogfood-release version-sync pipeline: always use `npm run bump:version`, never hand-edit version.ts alone.
|
|
673
|
-
|
|
674
|
-
## Control-plane naming (v0.1.76)
|
|
675
|
-
|
|
676
|
-
Positioning consistency: every self-describing surface names CW an auditable workflow control-plane / Workflow App framework, not an "SDK" (which lives on only in the red-line disclaimer "embeds no model SDK").
|
|
677
|
-
|
|
678
|
-
## Workflow orchestration: Tracks 1–3 (v0.1.77)
|
|
679
|
-
|
|
680
|
-
The orchestration vision came in one release, all reviewer-gated:
|
|
681
|
-
|
|
682
|
-
- **Track 1 — telemetry attestation**: each agent's reported token usage is checked against an operator ed25519 trust key (`attested`/`unattested`/`absent`, shown loudly), recorded in a tamper-evident hash-chained ledger; opt-in `require-attested-telemetry` fails closed on usage it cannot check.
|
|
683
|
-
- **Track 2 — concurrent failure semantics**: a `parallel()` phase runs its agents at the same time with declared collapse rules — **collect-all** (a failing hop never stops siblings) and **kill-on-timeout** (a hung agent is killed at its deadline and counted as one failure). 16 agents with a forced hang + crash + dirty-return finish with no deadlock and a replay-complete record.
|
|
684
|
-
- **Track 3 — boundary contract**: per-task output `schema` validation (dependency-free, parks on mismatch), `limits.tokenBudget` made good against recorded usage, and the one-way executor boundary welded into the type layer (a callable crossing it fails `npm run build`).
|
|
685
|
-
|
|
686
|
-
## Working onboarding + npm distribution (v0.1.78)
|
|
687
|
-
|
|
688
|
-
`--agent-command builtin:claude` points to a bundled read-only claude wrapper that finishes workers with a real agent; the cross-directory quickstart crash is fixed; missing optional inputs no longer let `{{name}}` slip into prompts. Published to npm (`cool-workflow`, bins `cw`/`cool-workflow`) with LICENSE and metadata. Live dogfood proof committed under `docs/dogfood/`.
|
|
689
|
-
|
|
690
|
-
## Tamper-evidence demo (v0.1.79)
|
|
691
|
-
|
|
692
|
-
`cw demo tamper` — a hermetic, one-command proof that a recorded telemetry verdict cannot be faked without being caught: it builds a real ed25519-signed ledger, fakes it at the ledger layer (verdict flip + recomputed local hash → the chain still breaks) and the signature layer (inflated tokens, reused signature → ed25519 rejects), all checked offline with only the public key. `cw telemetry verify <run>` (`cw_telemetry_verify` on MCP) is the operator-facing re-proof: by default it recomputes the hash chain on disk so any later edit to a recorded verdict or usage digest is caught; add `--pubkey <pem-or-path>` to re-run each `attested` hop's ed25519 signature check against the stored raw usage too. What this does and does **not** prove — taking in the single-keyholder ceiling — is set down in a true way in [Trust Model & Limitations](docs/trust-model.md); read it before you put trust in a green verdict.
|
|
693
|
-
|
|
694
|
-
## Opt-in live agent output during a drive (on main, ships next)
|
|
695
|
-
|
|
696
|
-
Set `CW_AGENT_STREAM=1` to see each worker's live agent trace. The bundled claude wrapper (`builtin:claude` / `scripts/agents/claude-p-agent.js`) keeps the legacy `--output-format json` path by default; only the opt-in path runs claude in `--output-format stream-json` and renders a short human trace (tool uses, assistant text, per-turn summaries) to **stderr**. CW core sends that stderr on to the operator's terminal only when `CW_AGENT_STREAM=1`, CW's own stderr is a TTY, and `CW_NO_STREAM` is not set; piped/CI runs stay quiet (Rule of Silence). Core only sends the stream on, never reads it — vendor-specific rendering is the wrapper's business (policy), not the kernel's (mechanism).
|
|
697
|
-
|
|
698
|
-
v0.1.79
|
|
699
|
-
|
|
700
|
-
## Fast Architecture Review (v0.1.80)
|
|
701
|
-
|
|
702
|
-
Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, Map and Assess results you can use again, wrapper metrics you can measure, a background full-review handoff you can act on, and userland model policy flags for routing fast/strong workers without changing the full review contract.
|
|
703
|
-
|
|
704
|
-
_This documentation tracks Cool Workflow v0.1.82. See [CHANGELOG](../../CHANGELOG.md) for the release notes._
|
|
705
|
-
|
|
706
|
-
## Hardening and Onboarding (v0.1.83)
|
|
707
|
-
|
|
708
|
-
Loaders fail closed on corrupt state; store writes are made safe under more than one writer; a new cw doctor checks your setup; help lists every command; and the docs are put into Basic English.
|
|
709
|
-
|
|
710
|
-
## Privacy Release (v0.1.84)
|
|
711
|
-
|
|
712
|
-
This release removes local user path text from saved release review input and adds a scan that keeps those words out of tracked files.
|
|
428
|
+
v0.1.86
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "architecture-review",
|
|
4
4
|
"title": "Architecture Review",
|
|
5
5
|
"summary": "Map a repository architecture, assess risks, verify important findings, and synthesize an evidence-backed verdict.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.86",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "architecture-review-fast",
|
|
4
4
|
"title": "Architecture Review Fast",
|
|
5
5
|
"summary": "Run a shorter architecture review with parallel map and assess phases for faster first results.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.86",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -96,6 +96,7 @@ module.exports = ({ workflow, phase, parallel, agent, artifact, input }) => {
|
|
|
96
96
|
"verify:p0-p2-risks",
|
|
97
97
|
[
|
|
98
98
|
"Re-open evidence for every candidate P0/P1/P2 risk from the fast assessment.",
|
|
99
|
+
contextInstruction(),
|
|
99
100
|
"Confirm real risks, downgrade unsupported claims, and list exact file paths, commands, logs, or unknowns.",
|
|
100
101
|
"The cw:result evidence array must cite durable locators."
|
|
101
102
|
].join(" "),
|
|
@@ -107,6 +108,7 @@ module.exports = ({ workflow, phase, parallel, agent, artifact, input }) => {
|
|
|
107
108
|
"verdict:fast-synthesis",
|
|
108
109
|
[
|
|
109
110
|
"Synthesize a fast architecture verdict for {{question}}.",
|
|
111
|
+
contextInstruction(),
|
|
110
112
|
"Include a short answer, compact architecture map, ranked risks, speed recommendations, non-issues, and evidence links.",
|
|
111
113
|
"State when the full architecture-review app should be scheduled as a background routine.",
|
|
112
114
|
"The cw:result evidence array must support the final verdict."
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "pr-review-fix-ci",
|
|
4
4
|
"title": "PR Review Fix CI",
|
|
5
5
|
"summary": "Review a pull request or branch, inspect CI failures, diagnose actionable issues, optionally patch, verify, and summarize with evidence.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.86",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "release-cut",
|
|
4
4
|
"title": "Release Cut",
|
|
5
5
|
"summary": "Prepare a release with checklist discipline: version checks, changelog, tests, packaging, release notes, and final verification.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.86",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "research-synthesis",
|
|
4
4
|
"title": "Research Synthesis",
|
|
5
5
|
"summary": "Split a research question into claims, investigate sources, cross-check evidence, verify claims, and synthesize a concise answer.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.86",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|