cool-workflow 0.1.86 → 0.1.88
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/.codex-plugin/plugin.json +1 -1
- package/README.md +111 -68
- package/apps/architecture-review/app.json +1 -1
- package/apps/architecture-review-fast/app.json +1 -1
- package/apps/end-to-end-golden-path/app.json +1 -1
- package/apps/pr-review-fix-ci/app.json +1 -1
- package/apps/release-cut/app.json +1 -1
- package/apps/research-synthesis/app.json +1 -1
- package/dist/agent-config.js +42 -1
- package/dist/capability-core.js +9 -4
- package/dist/capability-registry.js +48 -0
- package/dist/cli/command-surface.js +182 -11
- package/dist/cli.js +2 -1
- package/dist/doctor.js +27 -5
- package/dist/drive.js +222 -16
- package/dist/execution-backend.js +12 -4
- package/dist/loop-expansion.js +60 -0
- package/dist/onramp.js +25 -0
- package/dist/operator-ux/format.js +21 -15
- package/dist/operator-ux.js +2 -1
- package/dist/orchestrator/lifecycle-operations.js +134 -3
- package/dist/orchestrator.js +122 -76
- package/dist/run-export.js +106 -2
- package/dist/state-node.js +13 -3
- package/dist/state.js +21 -0
- package/dist/telemetry-attestation.js +30 -6
- package/dist/telemetry-demo.js +29 -1
- package/dist/telemetry-ledger.js +6 -0
- package/dist/term.js +93 -0
- package/dist/version.js +1 -1
- package/dist/worker-accept/telemetry-ledger.js +12 -2
- package/dist/workflow-api.js +33 -0
- package/dist/workflow-app-framework.js +20 -0
- package/docs/agent-delegation-drive.7.md +28 -6
- package/docs/capability-topology-registry.7.md +69 -46
- package/docs/cli-mcp-parity.7.md +22 -2
- package/docs/contract-migration-tooling.7.md +8 -0
- package/docs/control-plane-scheduling.7.md +8 -0
- package/docs/durable-state-and-locking.7.md +8 -0
- package/docs/evidence-adoption-reasoning-chain.7.md +8 -0
- package/docs/execution-backends.7.md +8 -0
- package/docs/launch/launch-kit.md +9 -9
- package/docs/multi-agent-cli-mcp-surface.7.md +8 -0
- package/docs/multi-agent-eval-replay-harness.7.md +8 -0
- package/docs/multi-agent-operator-ux.7.md +8 -0
- package/docs/node-snapshot-diff-replay.7.md +8 -0
- package/docs/observability-cost-accounting.7.md +8 -0
- package/docs/project-index.md +26 -5
- package/docs/readme-v0.1.87-full.md +301 -0
- package/docs/real-execution-backends.7.md +8 -0
- package/docs/release-and-migration.7.md +8 -0
- package/docs/release-history.md +10 -0
- package/docs/release-tooling.7.md +16 -0
- package/docs/report-verifiable-bundle.7.md +34 -2
- package/docs/run-registry-control-plane.7.md +18 -0
- package/docs/run-retention-reclamation.7.md +8 -0
- package/docs/state-explosion-management.7.md +8 -0
- package/docs/team-collaboration.7.md +8 -0
- package/docs/trust-model.md +6 -4
- package/docs/web-desktop-workbench.7.md +8 -0
- package/manifest/plugin.manifest.json +1 -1
- package/manifest/source-context-profiles.json +1 -1
- package/package.json +8 -5
- package/scripts/agents/agent-adapter-core.js +180 -0
- package/scripts/agents/builtin-templates.json +5 -1
- package/scripts/agents/claude-p-agent.js +7 -33
- package/scripts/agents/codex-agent.js +134 -0
- package/scripts/agents/cw-attest-wrap.js +9 -1
- package/scripts/agents/gemini-agent.js +115 -0
- package/scripts/agents/opencode-agent.js +119 -0
- package/scripts/canonical-apps.js +4 -4
- package/scripts/coverage-gate.js +15 -1
- package/scripts/cw.js +0 -0
- package/scripts/dogfood-release.js +1 -1
- package/scripts/golden-path.js +4 -4
- package/scripts/parity-check.js +6 -5
- package/scripts/release-check.js +3 -3
- package/scripts/release-flow.js +49 -2
- package/scripts/release-gate.sh +1 -1
- package/tsconfig.json +3 -1
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
3
|
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
4
|
-
"version": "0.1.
|
|
4
|
+
"version": "0.1.88",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "COOLWHITE LLC"
|
|
7
7
|
},
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.88",
|
|
4
4
|
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "COOLWHITE LLC"
|
package/README.md
CHANGED
|
@@ -1,119 +1,139 @@
|
|
|
1
|
+
<div align="center">
|
|
2
|
+
|
|
1
3
|
# Cool Workflow
|
|
2
4
|
|
|
3
|
-
|
|
4
|
-
══════════════════════════════════════════════════════════════════════
|
|
5
|
-
auditable agent-workflow control-plane — delegate, don't execute
|
|
6
|
-
plan → dispatch → record → verify → commit → report
|
|
7
|
-
══════════════════════════════════════════════════════════════════════
|
|
8
|
-
```
|
|
5
|
+
**Get a saved, cited report from your AI agent — not a chat message you lose.**
|
|
9
6
|
|
|
10
7
|
[](https://github.com/coo1white/cool-workflow/actions/workflows/ci.yml)
|
|
11
8
|
[](https://www.npmjs.com/package/cool-workflow)
|
|
12
9
|
[](https://www.npmjs.com/package/cool-workflow)
|
|
10
|
+
[](https://www.npmjs.com/package/cool-workflow)
|
|
13
11
|
[](https://github.com/coo1white/cool-workflow/tags)
|
|
14
|
-
[](
|
|
12
|
+
[](https://github.com/coo1white/cool-workflow/blob/main/LICENSE)
|
|
15
13
|

|
|
16
14
|

|
|
17
15
|
|
|
18
|
-
|
|
16
|
+
<img src="https://raw.githubusercontent.com/coo1white/cool-workflow/main/docs/assets/cool-workflow-readme-promo.png" alt="Cool Workflow turns AI agent repo questions into saved, cited, tamper-evident reports." width="100%">
|
|
19
17
|
|
|
20
|
-
|
|
21
|
-
TypeScript runtime. It gives a COL-Architecture: Router / Orchestrator,
|
|
22
|
-
Subagent Dispatch, Deterministic Harness, Adversarial Verifier, Git/State
|
|
23
|
-
Commit, and MCP JSON-RPC 2.0 bridge.
|
|
18
|
+
</div>
|
|
24
19
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
`apps/<app-id>/app.json`. Old `workflows/*.workflow.js` files still
|
|
28
|
-
load as fit-together wrappers.
|
|
20
|
+
> An auditable agent-workflow control-plane — **delegate, don't execute**.
|
|
21
|
+
> `plan → dispatch → record → verify → commit → report`
|
|
29
22
|
|
|
30
|
-
|
|
23
|
+
## Install
|
|
31
24
|
|
|
32
|
-
```
|
|
33
|
-
|
|
25
|
+
```bash
|
|
26
|
+
npm install -g cool-workflow
|
|
34
27
|
```
|
|
35
28
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
CW keeps orchestration state and task queues in files. An agent host does
|
|
40
|
-
the tasks and gives results back to the workflow.
|
|
41
|
-
|
|
42
|
-
CW keeps to a small set of Unix-based workflow rules: small kernel,
|
|
43
|
-
clear state, pipes that join, workers kept apart, and verifier-gated commits.
|
|
44
|
-
See [docs/unix-principles.md](docs/unix-principles.md).
|
|
29
|
+
What you need: **Node.js v18+** (`node --version`) and one AI agent CLI on your machine
|
|
30
|
+
(`claude`, `codex`, `gemini`, or `opencode`). No agent? `cw demo` still works — CW never runs a model itself.
|
|
45
31
|
|
|
46
|
-
## Start
|
|
32
|
+
## Quick Start (3 steps)
|
|
47
33
|
|
|
48
|
-
|
|
49
|
-
not the first run.
|
|
34
|
+
### 1. Prove it works (30 seconds, no agent needed)
|
|
50
35
|
|
|
51
36
|
```bash
|
|
52
37
|
cw demo tamper
|
|
53
|
-
|
|
54
|
-
cw quickstart architecture-review --check --repo /path/to/repo \
|
|
55
|
-
--question "What are the main risks?" --agent-command builtin:claude
|
|
56
|
-
cw quickstart architecture-review --repo /path/to/repo \
|
|
57
|
-
--question "What are the main risks?" --agent-command builtin:claude --bundle
|
|
58
|
-
cw report verify-bundle report.cwrun.json
|
|
38
|
+
# → VERDICT: tamper-evidence holds ✓
|
|
59
39
|
```
|
|
60
40
|
|
|
61
|
-
|
|
41
|
+
### 2. Run a review on your code — one command
|
|
62
42
|
|
|
63
43
|
```bash
|
|
64
|
-
|
|
65
|
-
node test/<nearest-smoke>.js
|
|
66
|
-
npm run test:fast
|
|
44
|
+
cw -q "What are the main risks here?"
|
|
67
45
|
```
|
|
68
46
|
|
|
69
|
-
|
|
70
|
-
|
|
47
|
+
CW auto-detects the repo (current folder) and your agent (first found on PATH).
|
|
48
|
+
Pick a specific agent with a flag:
|
|
71
49
|
|
|
72
|
-
|
|
73
|
-
|
|
50
|
+
```bash
|
|
51
|
+
cw -q "What are the security risks?" -claude
|
|
52
|
+
cw -q "What are the security risks?" -codex
|
|
53
|
+
cw -q "What are the security risks?" -deepseek
|
|
54
|
+
```
|
|
74
55
|
|
|
75
|
-
|
|
56
|
+
You will see live streaming output as the agent works — no env vars needed.
|
|
76
57
|
|
|
77
|
-
|
|
58
|
+
### 3. Open the report
|
|
78
59
|
|
|
79
60
|
```bash
|
|
80
|
-
|
|
81
|
-
#
|
|
82
|
-
# -> VERDICT: tamper-evidence holds ✓
|
|
61
|
+
cat .cw/runs/<run-id>/report.md
|
|
62
|
+
# → findings with clickable file.ts:42 pointers for every claim
|
|
83
63
|
```
|
|
84
64
|
|
|
85
|
-
|
|
65
|
+
## What Else Can It Do?
|
|
86
66
|
|
|
87
67
|
```bash
|
|
88
|
-
|
|
89
|
-
|
|
68
|
+
cw version # show version
|
|
69
|
+
cw update # update to latest release
|
|
70
|
+
cw doctor # check your setup
|
|
71
|
+
cw fix # show fix commands for setup issues
|
|
90
72
|
```
|
|
91
73
|
|
|
92
|
-
|
|
93
|
-
|
|
74
|
+
| Workflow | Does |
|
|
75
|
+
|---|---|
|
|
76
|
+
| `architecture-review` | Map a repo, rank risks, back every claim with evidence |
|
|
77
|
+
| `pr-review-fix-ci` | Review a pull request, suggest fixes, verify CI |
|
|
78
|
+
| `research-synthesis` | Answer a question with fact-backed research |
|
|
79
|
+
| `release-cut` | Run a gated, reviewed release |
|
|
80
|
+
|
|
81
|
+
**Multi-agent, when you need it.** Fan work out across agents with built-in topologies,
|
|
82
|
+
compose flows (a task can run a whole child workflow with `subWorkflow`, or a `loop()` phase
|
|
83
|
+
can keep iterating until a predicate or a token budget says stop) — and re-run fast:
|
|
84
|
+
`cw run <app> --drive --incremental` reuses every step whose inputs didn't change.
|
|
94
85
|
|
|
95
|
-
CW
|
|
96
|
-
|
|
97
|
-
result. `--agent-command builtin:claude` points to a bundled read-only `claude -p`
|
|
98
|
-
wrapper (needs `claude` on your PATH).
|
|
86
|
+
CW also has an **MCP** surface — **Claude Desktop, Cursor, and VS Code call CW as a tool**, so
|
|
87
|
+
your agent can plan a run, drive it, and verify a report without leaving the editor.
|
|
99
88
|
|
|
100
|
-
|
|
89
|
+
## Can I Trust the Report?
|
|
90
|
+
|
|
91
|
+
CW does not run the AI model — it keeps the books. The agent signs its findings (ed25519), and
|
|
92
|
+
`cw report verify-bundle` checks — offline, with nothing but the public key — that every signed
|
|
93
|
+
finding is in the report **unaltered**: edit a finding, in the report or in the agent's own result,
|
|
94
|
+
and the check fails. CW holds no private key — the agent signs, CW only verifies.
|
|
101
95
|
|
|
102
96
|
```bash
|
|
103
|
-
cw
|
|
104
|
-
cw telemetry verify <run-id>
|
|
105
|
-
cw audit verify <run-id>
|
|
97
|
+
cw demo tamper # proves it in 30s — edits a signed result, watch it fail
|
|
98
|
+
cw telemetry verify <run-id> # checks a real run
|
|
99
|
+
cw audit verify <run-id> # re-proves the trust-audit hash chain
|
|
106
100
|
```
|
|
107
101
|
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
102
|
+
Give the report to another person — they need nothing but the file:
|
|
103
|
+
|
|
104
|
+
```bash
|
|
105
|
+
cw -q "…" --bundle # seal into one portable file
|
|
106
|
+
cw report verify-bundle report.cwrun.json # they check it offline
|
|
107
|
+
cw report verify-bundle report.cwrun.json \
|
|
108
|
+
--require-signatures # …and insist the findings are signed
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
This attests the agent's **signed findings** — not that the report holds nothing else, and not that
|
|
112
|
+
none were left out. CW has no key to sign the rendered report, and a determined re-chainer can drop a
|
|
113
|
+
signed finding entirely — so check the findings you act on against the signed results. For exactly
|
|
114
|
+
what is and is not proven, see the [Trust Model](docs/trust-model.md).
|
|
115
|
+
|
|
116
|
+
## Troubleshooting
|
|
117
|
+
|
|
118
|
+
| Problem | Fix |
|
|
119
|
+
|---|---|
|
|
120
|
+
| No agent found | Run `cw doctor` — it shows which agents are on your machine |
|
|
121
|
+
| `status: blocked` | CW failing closed (it never makes up a result). Set `CW_AGENT_COMMAND=builtin:claude` or pass `-claude`; `cw doctor` names the exact reason |
|
|
122
|
+
| `claude: command not found` | Install Claude Code (`npm install -g @anthropic-ai/claude-code`) and run again |
|
|
123
|
+
| Where is my report? | `<repo>/.cw/runs/<id>/report.md` |
|
|
124
|
+
| Preflight before a spawn | `cw quickstart --check` — a zero-write check |
|
|
125
|
+
|
|
126
|
+
---
|
|
127
|
+
|
|
128
|
+
The rest of this README is the **developer / operator reference**: the build loop, repo
|
|
129
|
+
structure, the full command surface, scheduling, and the result-envelope contract.
|
|
111
130
|
|
|
112
131
|
## Developer Loop
|
|
113
132
|
|
|
114
|
-
Use the shortest check that fits the change:
|
|
133
|
+
Use the shortest check that fits the change (from `plugins/cool-workflow/`):
|
|
115
134
|
|
|
116
135
|
```bash
|
|
136
|
+
cd plugins/cool-workflow
|
|
117
137
|
npm run build
|
|
118
138
|
node test/<nearest-smoke>.js
|
|
119
139
|
npm run test:fast
|
|
@@ -186,6 +206,22 @@ node scripts/cw.js app package architecture-review
|
|
|
186
206
|
node scripts/cw.js app init my-app --title "My App"
|
|
187
207
|
```
|
|
188
208
|
|
|
209
|
+
Compose flows from smaller verified ones (app-authoring surface, `workflow-api.ts`):
|
|
210
|
+
|
|
211
|
+
- **Sub-workflow nesting** — a task can run a whole child app instead of one agent:
|
|
212
|
+
`subWorkflow(id, appId, { inputs?, bindResult? })`. The drive plans and drives the
|
|
213
|
+
child, then binds its report (or verdict result) back as the task's result, so the
|
|
214
|
+
parent's verifier/schema gate consumes it like any other. Leaf work stays external-agent
|
|
215
|
+
delegation at every depth; recursion is depth- and cycle-bounded, fail-closed.
|
|
216
|
+
- **Bounded dynamic loops** — converge without unbounded recursion:
|
|
217
|
+
`loop(name, tasks, { maxRounds, until })` is a per-round template. After each round a
|
|
218
|
+
named, registered pure predicate (`until: { kind: "predicate", ref }`) decides whether to
|
|
219
|
+
append another round or stop, hard-capped at `maxRounds`; built-ins `no-new-findings` and
|
|
220
|
+
`single-round`. Or scale by budget — `until: { kind: "budget-target", target }` keeps
|
|
221
|
+
going while recorded (attested-only) usage stays under `target`, with the fail-closed
|
|
222
|
+
`limits.tokenBudget` cap as the absolute backstop. Predicates are registry refs (not
|
|
223
|
+
closures), so runs replay byte-identically; an unregistered predicate stops fail-closed.
|
|
224
|
+
|
|
189
225
|
Create a reusable workflow script:
|
|
190
226
|
|
|
191
227
|
```bash
|
|
@@ -322,6 +358,7 @@ node scripts/cw.js registry refresh --scope home
|
|
|
322
358
|
node scripts/cw.js run search --app architecture-review --status failed
|
|
323
359
|
node scripts/cw.js run show <run-id>
|
|
324
360
|
node scripts/cw.js run resume <run-id>
|
|
361
|
+
node scripts/cw.js run resume <run-id> --drive --incremental # re-drive, reusing every step whose inputs are unchanged
|
|
325
362
|
node scripts/cw.js run rerun <failed-run-id> --reason "retry"
|
|
326
363
|
node scripts/cw.js run archive <run-id> --reason "old"
|
|
327
364
|
node scripts/cw.js queue add --app release-cut --priority 10
|
|
@@ -425,4 +462,10 @@ Verification and synthesis tasks need a structured result block:
|
|
|
425
462
|
```
|
|
426
463
|
````
|
|
427
464
|
|
|
428
|
-
v0.1.
|
|
465
|
+
## 0.1.88 (v0.1.88)
|
|
466
|
+
|
|
467
|
+
Orchestration-parity for the agent drive — inline `subWorkflow()` nesting, bounded dynamic `loop()` phases (a `predicate` or a `budget-target` token `until`), and `cw run --drive --incremental` step-level resume; the agent now signs its findings (result-bound ed25519) and `cw report verify-bundle --require-signatures` proves offline that every signed finding is in the report unaltered; CLI simplified to 6 commands with agent streaming on by default; path-traversal run ids refused on archive import.
|
|
468
|
+
|
|
469
|
+
## 0.1.87 (v0.1.87)
|
|
470
|
+
|
|
471
|
+
npm test parallel, 4-vendor wrappers (Claude/Codex/Gemini/OpenCode), Homebrew-style CLI UX (colors/did-you-mean/categorized help/error tips/cw info/cw search/cw man/doctor --fix), post-success summaries, agent execution timing
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "architecture-review",
|
|
4
4
|
"title": "Architecture Review",
|
|
5
5
|
"summary": "Map a repository architecture, assess risks, verify important findings, and synthesize an evidence-backed verdict.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.88",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "architecture-review-fast",
|
|
4
4
|
"title": "Architecture Review Fast",
|
|
5
5
|
"summary": "Run a shorter architecture review with parallel map and assess phases for faster first results.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.88",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "pr-review-fix-ci",
|
|
4
4
|
"title": "PR Review Fix CI",
|
|
5
5
|
"summary": "Review a pull request or branch, inspect CI failures, diagnose actionable issues, optionally patch, verify, and summarize with evidence.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.88",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "release-cut",
|
|
4
4
|
"title": "Release Cut",
|
|
5
5
|
"summary": "Prepare a release with checklist discipline: version checks, changelog, tests, packaging, release notes, and final verification.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.88",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"id": "research-synthesis",
|
|
4
4
|
"title": "Research Synthesis",
|
|
5
5
|
"summary": "Split a research question into claims, investigate sources, cross-check evidence, verify claims, and synthesize a concise answer.",
|
|
6
|
-
"version": "0.1.
|
|
6
|
+
"version": "0.1.88",
|
|
7
7
|
"author": "COOLWHITE LLC",
|
|
8
8
|
"inputs": [
|
|
9
9
|
{
|
package/dist/agent-config.js
CHANGED
|
@@ -146,6 +146,31 @@ function agentConfigFromArgs(args) {
|
|
|
146
146
|
// in scripts/agents/builtin-templates.json (vendor name -> wrapper script name).
|
|
147
147
|
// Adding a vendor is a content/distribution step (drop a wrapper + a JSON line),
|
|
148
148
|
// not a kernel edit — keeping CW vendor-agnostic at the source level.
|
|
149
|
+
/** Detect which known agent CLIs are on PATH. Returns the first found, or undefined.
|
|
150
|
+
* Skipped when CW_NO_AUTO_AGENT=1 (test sandboxes, CI without real agents). */
|
|
151
|
+
function detectAgentFromPath(env = process.env) {
|
|
152
|
+
if (env.CW_NO_AUTO_AGENT === "1")
|
|
153
|
+
return undefined;
|
|
154
|
+
const known = ["claude", "codex", "gemini", "opencode"];
|
|
155
|
+
const dirs = (env.PATH || "").split(node_path_1.default.delimiter).filter(Boolean);
|
|
156
|
+
const exts = process.platform === "win32" ? (env.PATHEXT || ".EXE;.CMD;.BAT").split(";") : [""];
|
|
157
|
+
for (const name of known) {
|
|
158
|
+
// Also check if the builtin template exists (so we don't suggest an unsupported agent).
|
|
159
|
+
const templates = builtinAgentTemplates();
|
|
160
|
+
if (!templates[name])
|
|
161
|
+
continue;
|
|
162
|
+
for (const dir of dirs) {
|
|
163
|
+
for (const ext of exts) {
|
|
164
|
+
try {
|
|
165
|
+
if (node_fs_1.default.statSync(node_path_1.default.join(dir, name + ext)).isFile())
|
|
166
|
+
return name;
|
|
167
|
+
}
|
|
168
|
+
catch { /* keep looking */ }
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
return undefined;
|
|
173
|
+
}
|
|
149
174
|
function builtinAgentTemplates() {
|
|
150
175
|
const agentsDir = node_path_1.default.join(__dirname, "..", "scripts", "agents");
|
|
151
176
|
const manifest = JSON.parse(node_fs_1.default.readFileSync(node_path_1.default.join(agentsDir, "builtin-templates.json"), "utf8"));
|
|
@@ -186,7 +211,23 @@ function resolveAgentConfig(args = {}, env = process.env) {
|
|
|
186
211
|
: fileCfg && (fileCfg.command || fileCfg.endpoint)
|
|
187
212
|
? "file"
|
|
188
213
|
: "none";
|
|
189
|
-
|
|
214
|
+
// Auto-detect: if no agent is configured, check PATH for known agent CLIs and
|
|
215
|
+
// resolve via builtin:<name>. This makes `cw quickstart` work without
|
|
216
|
+
// --agent-command on machines where claude/codex/gemini/opencode are installed.
|
|
217
|
+
let finalCommand = command;
|
|
218
|
+
let finalSource = source;
|
|
219
|
+
let finalModel = model;
|
|
220
|
+
if (!finalCommand && !endpoint) {
|
|
221
|
+
const detected = detectAgentFromPath(env);
|
|
222
|
+
if (detected) {
|
|
223
|
+
finalCommand = expandBuiltinAgentCommand(`builtin:${detected}`);
|
|
224
|
+
finalSource = "auto";
|
|
225
|
+
// Store the detected vendor name as the model hint so doctor can show it.
|
|
226
|
+
if (!finalModel)
|
|
227
|
+
finalModel = `builtin:${detected}`;
|
|
228
|
+
}
|
|
229
|
+
}
|
|
230
|
+
return { schemaVersion: 1, command: finalCommand, args: cfgArgs, endpoint, model: finalModel, timeoutMs, attestPublicKey, requireAttestedTelemetry, source: finalSource };
|
|
190
231
|
}
|
|
191
232
|
/** True iff a command-template OR endpoint is configured (after resolution). */
|
|
192
233
|
function agentConfigured(args = {}, env = process.env) {
|
package/dist/capability-core.js
CHANGED
|
@@ -324,7 +324,8 @@ function reportBundle(runner, runId, args) {
|
|
|
324
324
|
const verification = (0, run_export_1.verifyReportBundle)(exported.path, {
|
|
325
325
|
pubkey: optionalString(args.pubkey || args.pubKey || args.publicKey),
|
|
326
326
|
extractReportTo: extractReportTo ? node_path_1.default.resolve(base, extractReportTo) : undefined,
|
|
327
|
-
strictSignatures: Boolean(args["strict-signatures"] || args.strictSignatures || args.strictSigs)
|
|
327
|
+
strictSignatures: Boolean(args["strict-signatures"] || args.strictSignatures || args.strictSigs),
|
|
328
|
+
requireSignatures: Boolean(args["require-signatures"] || args.requireSignatures || args.requireSigs)
|
|
328
329
|
});
|
|
329
330
|
return {
|
|
330
331
|
schemaVersion: 1,
|
|
@@ -349,7 +350,8 @@ function runVerifyReportBundle(_runner, args) {
|
|
|
349
350
|
return (0, run_export_1.verifyReportBundle)(node_path_1.default.resolve(base, archive), {
|
|
350
351
|
pubkey: optionalString(args.pubkey || args.pubKey || args.publicKey),
|
|
351
352
|
extractReportTo: extractReportTo ? node_path_1.default.resolve(base, extractReportTo) : undefined,
|
|
352
|
-
strictSignatures: Boolean(args["strict-signatures"] || args.strictSignatures || args.strictSigs)
|
|
353
|
+
strictSignatures: Boolean(args["strict-signatures"] || args.strictSignatures || args.strictSigs),
|
|
354
|
+
requireSignatures: Boolean(args["require-signatures"] || args.requireSignatures || args.requireSigs)
|
|
353
355
|
});
|
|
354
356
|
}
|
|
355
357
|
function queueAdd(reg, args) {
|
|
@@ -494,7 +496,8 @@ const DRIVE_RUNTIME_KEYS = [
|
|
|
494
496
|
"agent-model",
|
|
495
497
|
"agentTimeoutMs",
|
|
496
498
|
"agent-timeout-ms",
|
|
497
|
-
"resume"
|
|
499
|
+
"resume",
|
|
500
|
+
"incremental"
|
|
498
501
|
];
|
|
499
502
|
function planInputsFor(args) {
|
|
500
503
|
const copy = withoutRuntimeKeys(args);
|
|
@@ -527,6 +530,7 @@ function runDrive(runner, args) {
|
|
|
527
530
|
return (0, drive_1.drive)(runner.withBaseDir(target), driveRunId, {
|
|
528
531
|
once: isTrue(args.once),
|
|
529
532
|
now: optionalString(args.now),
|
|
533
|
+
incremental: isTrue(args.incremental),
|
|
530
534
|
args
|
|
531
535
|
});
|
|
532
536
|
}
|
|
@@ -970,7 +974,8 @@ function auditVerify(runner, args) {
|
|
|
970
974
|
}
|
|
971
975
|
// ---- demo: tamper-evidence (the one-command proof) -------------------------
|
|
972
976
|
// Hermetic, deterministic-shape: builds a real ed25519-signed telemetry ledger,
|
|
973
|
-
// then forges it
|
|
977
|
+
// then forges it three ways and shows all three tamper-evidence layers (ledger,
|
|
978
|
+
// signature, result) catch it. CLI-only
|
|
974
979
|
// (a human-facing demonstration; the underlying verify is the telemetry.verify verb).
|
|
975
980
|
function demoTamper(_runner, _args = {}) {
|
|
976
981
|
return (0, telemetry_demo_1.runTamperDemo)();
|
|
@@ -53,6 +53,30 @@ const BUILTIN_CAPABILITIES = [
|
|
|
53
53
|
cli: { path: ["help"], jsonMode: "human" },
|
|
54
54
|
reason: "Human help text. MCP hosts enumerate capabilities via tools/list, not a help command."
|
|
55
55
|
},
|
|
56
|
+
{
|
|
57
|
+
capability: "version",
|
|
58
|
+
summary: "Print the current cool-workflow version.",
|
|
59
|
+
entry: "CURRENT_COOL_WORKFLOW_VERSION",
|
|
60
|
+
surface: "cli-only",
|
|
61
|
+
cli: { path: ["version"], jsonMode: "human" },
|
|
62
|
+
reason: "Version string — no structured data contract."
|
|
63
|
+
},
|
|
64
|
+
{
|
|
65
|
+
capability: "update",
|
|
66
|
+
summary: "Update cool-workflow to the latest release via npm.",
|
|
67
|
+
entry: "npmUpdate",
|
|
68
|
+
surface: "cli-only",
|
|
69
|
+
cli: { path: ["update"], jsonMode: "human" },
|
|
70
|
+
reason: "Self-update via npm — inherently local shell operation, no MCP surface."
|
|
71
|
+
},
|
|
72
|
+
{
|
|
73
|
+
capability: "fix",
|
|
74
|
+
summary: "Print consolidated fix commands for CW setup issues.",
|
|
75
|
+
entry: "runDoctor",
|
|
76
|
+
surface: "cli-only",
|
|
77
|
+
cli: { path: ["fix"], jsonMode: "human" },
|
|
78
|
+
reason: "Environment fix commands are local diagnostics, same reasoning as doctor."
|
|
79
|
+
},
|
|
56
80
|
{
|
|
57
81
|
capability: "list",
|
|
58
82
|
summary: "List bundled CW workflows.",
|
|
@@ -61,6 +85,30 @@ const BUILTIN_CAPABILITIES = [
|
|
|
61
85
|
cli: { path: ["list"], jsonMode: "default" },
|
|
62
86
|
mcp: { tool: "cw_list" }
|
|
63
87
|
},
|
|
88
|
+
{
|
|
89
|
+
capability: "info",
|
|
90
|
+
summary: "Show what a workflow app does: title, description, inputs, sandbox, phases, and a runnable example.",
|
|
91
|
+
entry: "showApp",
|
|
92
|
+
surface: "cli-only",
|
|
93
|
+
cli: { path: ["info"], jsonMode: "flag" },
|
|
94
|
+
reason: "Human-focused workflow discovery tool (like Homebrew's `brew info`). MCP agents discover workflows via cw_list and cw_app_show tools."
|
|
95
|
+
},
|
|
96
|
+
{
|
|
97
|
+
capability: "search",
|
|
98
|
+
summary: "Search workflow apps by keyword (title, description, id).",
|
|
99
|
+
entry: "listApps",
|
|
100
|
+
surface: "cli-only",
|
|
101
|
+
cli: { path: ["search"], jsonMode: "flag" },
|
|
102
|
+
reason: "Human-focused workflow discovery (like Homebrew's `brew search`). MCP agents discover workflows via cw_list tool."
|
|
103
|
+
},
|
|
104
|
+
{
|
|
105
|
+
capability: "man",
|
|
106
|
+
summary: "Show a man page from docs/ (e.g. cw man release-tooling).",
|
|
107
|
+
entry: "n/a",
|
|
108
|
+
surface: "cli-only",
|
|
109
|
+
cli: { path: ["man"], jsonMode: "human" },
|
|
110
|
+
reason: "Human documentation viewer. MCP agents read docs/ directly via file tools."
|
|
111
|
+
},
|
|
64
112
|
{
|
|
65
113
|
capability: "doctor",
|
|
66
114
|
summary: "Diagnose the host for setup problems (Node version, agent backend, agent binary on PATH, git, writable home/repo state) and print an actionable fix per check.",
|