cool-workflow 0.1.94 → 0.1.96
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/.codex-plugin/plugin.json +1 -1
- package/README.md +4 -0
- package/apps/architecture-review/app.json +1 -1
- package/apps/architecture-review/workflow.js +3 -3
- package/apps/architecture-review-fast/app.json +1 -1
- package/apps/end-to-end-golden-path/app.json +1 -1
- package/apps/pdca-blackboard-loop/app.json +45 -0
- package/apps/pdca-blackboard-loop/workflow.js +59 -0
- package/apps/pr-review-fix-ci/app.json +1 -1
- package/apps/release-cut/app.json +1 -1
- package/apps/research-synthesis/app.json +1 -1
- package/dist/agent-config.js +2 -1
- package/dist/cli/command-surface.js +3 -1
- package/dist/dispatch.js +12 -6
- package/dist/evidence-grounding.js +18 -13
- package/dist/execution-backend/probes.js +22 -6
- package/dist/execution-backend.js +37 -4
- package/dist/node-snapshot.js +3 -3
- package/dist/orchestrator/lifecycle-operations.js +13 -5
- package/dist/orchestrator.js +28 -2
- package/dist/reclamation.js +8 -2
- package/dist/run-registry/derive.js +4 -1
- package/dist/scheduler.js +14 -14
- package/dist/schema-validate.js +8 -2
- package/dist/state-explosion/helpers.js +4 -21
- package/dist/state-explosion/size.js +63 -0
- package/dist/state-explosion.js +18 -71
- package/dist/state.js +47 -9
- package/dist/trust-audit.js +27 -2
- package/dist/util/fingerprint.js +19 -0
- package/dist/util/fingerprint.test.js +27 -0
- package/dist/version.js +1 -1
- package/dist/workbench-host.js +11 -0
- package/dist/workbench.js +19 -17
- package/dist/worker-isolation.js +25 -1
- package/docs/agent-delegation-drive.7.md +66 -1
- package/docs/cli-mcp-parity.7.md +4 -0
- package/docs/contract-migration-tooling.7.md +4 -0
- package/docs/control-plane-scheduling.7.md +4 -0
- package/docs/durable-state-and-locking.7.md +4 -0
- package/docs/evidence-adoption-reasoning-chain.7.md +4 -0
- package/docs/execution-backends.7.md +4 -0
- package/docs/multi-agent-cli-mcp-surface.7.md +12 -0
- package/docs/multi-agent-eval-replay-harness.7.md +4 -0
- package/docs/multi-agent-operator-ux.7.md +4 -0
- package/docs/node-snapshot-diff-replay.7.md +4 -0
- package/docs/observability-cost-accounting.7.md +4 -0
- package/docs/project-index.md +11 -4
- package/docs/real-execution-backends.7.md +4 -0
- package/docs/release-and-migration.7.md +4 -0
- package/docs/release-tooling.7.md +20 -0
- package/docs/routines.md +30 -0
- package/docs/run-registry-control-plane.7.md +4 -0
- package/docs/run-retention-reclamation.7.md +4 -0
- package/docs/sandbox-profiles.7.md +15 -0
- package/docs/state-explosion-management.7.md +4 -0
- package/docs/team-collaboration.7.md +4 -0
- package/docs/web-desktop-workbench.7.md +4 -0
- package/manifest/plugin.manifest.json +1 -1
- package/package.json +8 -5
- package/scripts/agents/agent-adapter-core.js +22 -1
- package/scripts/agents/claude-p-agent.js +10 -2
- package/scripts/agents/codex-agent.js +22 -2
- package/scripts/agents/gemini-agent.js +10 -2
- package/scripts/agents/opencode-agent.js +10 -2
- package/scripts/bump-version.js +10 -0
- package/scripts/canonical-apps.js +4 -4
- package/scripts/dogfood-release.js +1 -1
- package/scripts/golden-path.js +4 -4
- package/scripts/release-check.js +7 -1
- package/scripts/release-flow.js +44 -3
- package/scripts/release-gate.sh +1 -1
- package/scripts/version-sync-check.js +2 -0
package/dist/workbench.js
CHANGED
|
@@ -110,23 +110,25 @@ function buildPanels(runner, runId) {
|
|
|
110
110
|
* never fabricated. */
|
|
111
111
|
function buildWorkbenchRunView(runner, runId) {
|
|
112
112
|
const id = String(runId || "");
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
113
|
+
return runner.loadWithCache((r) => {
|
|
114
|
+
let resolved = true;
|
|
115
|
+
let error;
|
|
116
|
+
try {
|
|
117
|
+
r.loadRun(id);
|
|
118
|
+
}
|
|
119
|
+
catch (caught) {
|
|
120
|
+
resolved = false;
|
|
121
|
+
error = caught instanceof Error ? caught.message : String(caught);
|
|
122
|
+
}
|
|
123
|
+
return {
|
|
124
|
+
schemaVersion: 1,
|
|
125
|
+
surface: "workbench",
|
|
126
|
+
runId: id,
|
|
127
|
+
resolved,
|
|
128
|
+
...(error ? { error } : {}),
|
|
129
|
+
panels: buildPanels(r, id)
|
|
130
|
+
};
|
|
131
|
+
});
|
|
130
132
|
}
|
|
131
133
|
// ---------------------------------------------------------------------------
|
|
132
134
|
// Cross-run entry (v0.1.28 Run Registry) — composed from already-declared
|
package/dist/worker-isolation.js
CHANGED
|
@@ -393,7 +393,31 @@ function recordWorkerRetryAttempt(run, workerId, attempts, reason, options = {})
|
|
|
393
393
|
function validateWorkerBoundary(run, workerId, options = {}) {
|
|
394
394
|
const scope = requireWorkerScope(run, workerId);
|
|
395
395
|
const rawPath = String(options.path || scope.resultPath);
|
|
396
|
-
|
|
396
|
+
const policy = sandboxPolicyForBoundary(run, scope, options);
|
|
397
|
+
const violation = (0, sandbox_profile_1.validateSandboxWrite)(policy, rawPath, workerId);
|
|
398
|
+
if (!violation) {
|
|
399
|
+
// Write paths are enforced by CW at this boundary. Command and network limits
|
|
400
|
+
// are declared in the sandbox policy but enforced by the execution backend
|
|
401
|
+
// (the host/container runtime). Record the policy split transparently so the
|
|
402
|
+
// audit trail shows what CW checked vs what was delegated to the host.
|
|
403
|
+
(0, trust_audit_1.recordTrustAuditEvent)(run, {
|
|
404
|
+
kind: "worker.sandbox-boundary",
|
|
405
|
+
decision: "allowed",
|
|
406
|
+
source: "cw-validated",
|
|
407
|
+
workerId,
|
|
408
|
+
taskId: scope.taskId,
|
|
409
|
+
sandboxProfileId: policy.id,
|
|
410
|
+
policyRef: `execute=${policy.execute.mode} network=${policy.network.mode} env.inherit=${policy.env.inherit}`,
|
|
411
|
+
command: policy.execute.mode,
|
|
412
|
+
networkTarget: policy.network.mode,
|
|
413
|
+
metadata: {
|
|
414
|
+
enforced_by_cw: ["write-paths"],
|
|
415
|
+
delegated_to_host: ["execute", "network", "env"],
|
|
416
|
+
env_inherit: policy.env.inherit
|
|
417
|
+
}
|
|
418
|
+
});
|
|
419
|
+
}
|
|
420
|
+
return violation;
|
|
397
421
|
}
|
|
398
422
|
function summarizeWorkers(run) {
|
|
399
423
|
const workers = listWorkerScopes(run);
|
|
@@ -27,6 +27,52 @@ HTTP API. Any API key comes from the agent's *own* inherited env; CW never reads
|
|
|
27
27
|
or keeps a record of it. Adding a provider SDK to `package.json` would lose the
|
|
28
28
|
neutral-audit moat and is the red line.
|
|
29
29
|
|
|
30
|
+
## Architecture — the boundary (core ↔ agent backend ↔ wrappers)
|
|
31
|
+
|
|
32
|
+
The core gives only an INTERFACE: the `agent` execution backend plus a small
|
|
33
|
+
text/process contract. The four vendors (claude / codex / gemini / deepseek)
|
|
34
|
+
live OUTSIDE the core as out-of-process wrapper scripts in `scripts/agents/` —
|
|
35
|
+
pure config, never imported by `src/`, behind the same seam.
|
|
36
|
+
|
|
37
|
+
```text
|
|
38
|
+
user
|
|
39
|
+
│ cw -q "…" -codex (headline shortcut; also -claude/-gemini/-deepseek)
|
|
40
|
+
▼
|
|
41
|
+
┌──────────── CW core (src/ — zero runtime deps, imports NO model SDK, holds NO key) ───────────┐
|
|
42
|
+
│ │
|
|
43
|
+
│ command-surface.ts agent-config.ts execution-backend ("agent" driver) │
|
|
44
|
+
│ -codex → builtin:codex ─► builtin:<name> ─► runAgentProcess: │
|
|
45
|
+
│ node <dir>/<name>-agent.js spawnSync(binary, args, shell:false)│
|
|
46
|
+
│ {{input}} {{result}} · inherits env · captures stdout │
|
|
47
|
+
│ (builtin-templates.json: DATA) · records handle{process}+attestation│
|
|
48
|
+
└───────────────────────────────────────┬───────────────────────────────────────────────────────┘
|
|
49
|
+
THE SEAM (text / process contract) │
|
|
50
|
+
in : argv {{input}}=worker input.md {{result}}=worker result.md
|
|
51
|
+
out: wrapper writes result.md + ONE stdout JSON line {model,usage,result} → parseAgentReport
|
|
52
|
+
│
|
|
53
|
+
── red line ── core never reads a key; each wrapper resolves its OWN key from inherited env
|
|
54
|
+
│
|
|
55
|
+
┌──────── external wrappers (scripts/agents/*.js — "CONFIG, not a CW runtime dependency") ───────┐
|
|
56
|
+
│ claude-p-agent.js codex-agent.js gemini-opencode-agent.js deepseek-agent.js │
|
|
57
|
+
│ │ │ └──────────┬──────────────┘ │
|
|
58
|
+
│ ▼ ▼ ▼ (3-line shims) │
|
|
59
|
+
│ claude -p codex exec opencode-agent.js │
|
|
60
|
+
│ (Anthropic CLI) (-c effort, sandbox) opencode run --model … │
|
|
61
|
+
│ (deepseek + gemini keys live here) │
|
|
62
|
+
└─────────────────────────────────────────────────────────────────────────────────────────────────┘
|
|
63
|
+
Add a vendor = drop a wrapper script + one line in builtin-templates.json — NO core edit.
|
|
64
|
+
```
|
|
65
|
+
|
|
66
|
+
Each box maps to one source seam: the flag map lives in `command-surface.ts`
|
|
67
|
+
(`-codex` → `builtin:codex`); `agent-config.ts` expands `builtin:<name>` into
|
|
68
|
+
`node <dir>/<name>-agent.js {{input}} {{result}}` by reading
|
|
69
|
+
`builtin-templates.json` (the registry is DATA, not a kernel literal); the
|
|
70
|
+
`agent` driver's `runAgentProcess` does the `spawnSync` and reads back the one
|
|
71
|
+
stdout JSON line via `parseAgentReport`. So the four vendors are **delegated
|
|
72
|
+
agent wrappers, not an event-"hook" system**. The seam is generic: any
|
|
73
|
+
`CW_AGENT_COMMAND="node my-agent.js {{input}} {{result}}"` or a configured HTTP
|
|
74
|
+
endpoint plugs in the same way — the four builtins are just bundled examples.
|
|
75
|
+
|
|
30
76
|
## Operator-chosen model is policy; agent-reported model is the attestation
|
|
31
77
|
|
|
32
78
|
Any model id CW passes **into** the agent invocation (`CW_AGENT_MODEL`
|
|
@@ -250,7 +296,22 @@ The built-in templates are:
|
|
|
250
296
|
claude and codex run their own CLIs; gemini and deepseek route through opencode
|
|
251
297
|
(where their keys live), each proven by a local, deterministic wrapper smoke
|
|
252
298
|
(override the model with CW_GEMINI_MODEL / CW_DEEPSEEK_MODEL). GLM stays an
|
|
253
|
-
external agent command or HTTP endpoint. CW still imports no model SDK.
|
|
299
|
+
external agent command or HTTP endpoint. CW still imports no model SDK. The same
|
|
300
|
+
headline shortcuts pick these builtins on the top-level CLI: `cw -q "..."
|
|
301
|
+
-claude` / `-codex` / `-gemini` / `-deepseek`.
|
|
302
|
+
|
|
303
|
+
The codex wrapper caps codex's reasoning effort for CW runs so a heavy
|
|
304
|
+
`model_reasoning_effort = "high"` in the user's `~/.codex/config.toml` does not
|
|
305
|
+
make every read/grep turn slow. It passes `codex exec -c
|
|
306
|
+
model_reasoning_effort=<effort>` (default `low`) for THAT run only — the user's
|
|
307
|
+
interactive codex is untouched. Raise it with `CW_CODEX_REASONING_EFFORT`
|
|
308
|
+
(`low` | `medium` | `high`).
|
|
309
|
+
|
|
310
|
+
When an agent hop fails, CW core keeps only the child's stdout + exit code, so a
|
|
311
|
+
bare `failed (exit 1)` hid the real cause (a relay 5xx, an auth error, a killed
|
|
312
|
+
run). Each wrapper now also drops the failed child's stderr to
|
|
313
|
+
`<run>/workers/<worker>/logs/agent-stderr.log`, so the reason is readable after
|
|
314
|
+
the fact without changing the recorded, byte-stable evidence.
|
|
254
315
|
|
|
255
316
|
## Compatibility
|
|
256
317
|
|
|
@@ -344,3 +405,7 @@ The one-command `cw -q` headline now routes the question and defaults the repo t
|
|
|
344
405
|
0.1.93
|
|
345
406
|
|
|
346
407
|
0.1.94
|
|
408
|
+
|
|
409
|
+
0.1.95
|
|
410
|
+
|
|
411
|
+
0.1.96
|
package/docs/cli-mcp-parity.7.md
CHANGED
|
@@ -129,6 +129,14 @@ The host surface fails closed when:
|
|
|
129
129
|
- selection is missing a score or verifier readiness
|
|
130
130
|
- a verifier-gated commit is not ready
|
|
131
131
|
|
|
132
|
+
## PDCA Blackboard Loop
|
|
133
|
+
|
|
134
|
+
`pdca-blackboard-loop` is a small workflow app for three-role work over one
|
|
135
|
+
blackboard: planner, builder, and auditor. The host can plan the app, post each
|
|
136
|
+
role result to one board topic through MCP, snapshot after the check step, and
|
|
137
|
+
snapshot again after the next action. Builder, auditor, and next-action tasks
|
|
138
|
+
require grounded evidence, so a verdict with no builder evidence is refused.
|
|
139
|
+
|
|
132
140
|
## Smoke Coverage
|
|
133
141
|
|
|
134
142
|
`test/multi-agent-cli-mcp-surface-smoke.js` covers the full host loop over the
|
|
@@ -307,3 +315,7 @@ The host-facing surface tracks the CLI golden-path fixes (`cw -q` routing + repo
|
|
|
307
315
|
0.1.93
|
|
308
316
|
|
|
309
317
|
0.1.94
|
|
318
|
+
|
|
319
|
+
0.1.95
|
|
320
|
+
|
|
321
|
+
0.1.96
|
package/docs/project-index.md
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
# Cool Workflow Project Index
|
|
2
2
|
|
|
3
|
-
Generated from the current repository code on 2026-06-
|
|
3
|
+
Generated from the current repository code on 2026-06-28 by `npm run sync:project-index`.
|
|
4
4
|
|
|
5
5
|
## Snapshot
|
|
6
6
|
|
|
7
7
|
- Package: `cool-workflow`
|
|
8
|
-
- Version: `0.1.
|
|
8
|
+
- Version: `0.1.96`
|
|
9
9
|
- Source modules: `68`
|
|
10
|
-
- Workflow apps: `
|
|
10
|
+
- Workflow apps: `8`
|
|
11
11
|
- Docs: `53`
|
|
12
|
-
- Smoke tests: `
|
|
12
|
+
- Smoke tests: `158`
|
|
13
13
|
- Repository: https://github.com/coo1white/cool-workflow
|
|
14
14
|
|
|
15
15
|
## Architecture
|
|
@@ -128,6 +128,7 @@ multi-agent host -> topology -> blackboard/coordinator
|
|
|
128
128
|
| `architecture-review` - Map a repository architecture, assess risks, verify important findings, and synthesize an evidence-backed verdict. | canonical | `repo`, `question`, `invariant`, `focus` | `readonly` | [manifest](../apps/architecture-review/app.json) / [workflow](../apps/architecture-review/workflow.js) |
|
|
129
129
|
| `architecture-review-fast` - Run a shorter architecture review with parallel map and assess phases for faster first results. | canonical | `repo`, `question`, `invariant`, `focus`, `sourceContext`, `sourceContextDigest` | `readonly` | [manifest](../apps/architecture-review-fast/app.json) / [workflow](../apps/architecture-review-fast/workflow.js) |
|
|
130
130
|
| `end-to-end-golden-path` - Deterministic one-worker workflow app for proving the CW integration chain. | userland | `question` | `readonly` | [manifest](../apps/end-to-end-golden-path/app.json) / [workflow](../apps/end-to-end-golden-path/workflow.js) |
|
|
131
|
+
| `pdca-blackboard-loop` - Three agents use one blackboard to plan, build, check, and choose the next step. | example | `goal`, `repo`, `acceptance` | `readonly`, `workspace-write` | [manifest](../apps/pdca-blackboard-loop/app.json) / [workflow](../apps/pdca-blackboard-loop/workflow.js) |
|
|
131
132
|
| `pr-review-fix-ci` - Review a pull request or branch, inspect CI failures, diagnose actionable issues, optionally patch, verify, and summarize with evidence. | canonical | `repo`, `pr`, `branch`, `base`, `ci`, `mode` | `readonly`, `workspace-write` | [manifest](../apps/pr-review-fix-ci/app.json) / [workflow](../apps/pr-review-fix-ci/workflow.js) |
|
|
132
133
|
| `release-cut` - Prepare a release with checklist discipline: version checks, changelog, tests, packaging, release notes, and final verification. | canonical | `repo`, `version`, `previousVersion`, `releaseBranch`, `dryRun` | `readonly`, `workspace-write` | [manifest](../apps/release-cut/app.json) / [workflow](../apps/release-cut/workflow.js) |
|
|
133
134
|
| `research-synthesis` - Split a research question into claims, investigate sources, cross-check evidence, verify claims, and synthesize a concise answer. | canonical | `question`, `source`, `scope`, `freshness` | `readonly`, `locked-down` | [manifest](../apps/research-synthesis/app.json) / [workflow](../apps/research-synthesis/workflow.js) |
|
|
@@ -193,6 +194,7 @@ multi-agent host -> topology -> blackboard/coordinator
|
|
|
193
194
|
|
|
194
195
|
Smoke tests mirror the public contracts. The high-signal suites are:
|
|
195
196
|
|
|
197
|
+
- [agent-config-atomic-write-smoke.js](../test/agent-config-atomic-write-smoke.js)
|
|
196
198
|
- [agent-delegation-drive-smoke.js](../test/agent-delegation-drive-smoke.js)
|
|
197
199
|
- [append-run-node-no-realloc-smoke.js](../test/append-run-node-no-realloc-smoke.js)
|
|
198
200
|
- [architecture-review-fast-automation-smoke.js](../test/architecture-review-fast-automation-smoke.js)
|
|
@@ -223,6 +225,7 @@ Smoke tests mirror the public contracts. The high-signal suites are:
|
|
|
223
225
|
- [cli-render-smoke.js](../test/cli-render-smoke.js)
|
|
224
226
|
- [clones-gc-smoke.js](../test/clones-gc-smoke.js)
|
|
225
227
|
- [codex-agent-wrapper-smoke.js](../test/codex-agent-wrapper-smoke.js)
|
|
228
|
+
- [collaboration-ops-unit-smoke.js](../test/collaboration-ops-unit-smoke.js)
|
|
226
229
|
- [concurrency-default-smoke.js](../test/concurrency-default-smoke.js)
|
|
227
230
|
- [concurrent-failure-semantics-smoke.js](../test/concurrent-failure-semantics-smoke.js)
|
|
228
231
|
- [concurrent-workflow-dsl-smoke.js](../test/concurrent-workflow-dsl-smoke.js)
|
|
@@ -247,6 +250,7 @@ Smoke tests mirror the public contracts. The high-signal suites are:
|
|
|
247
250
|
- [execution-backend-agent-smoke.js](../test/execution-backend-agent-smoke.js)
|
|
248
251
|
- [execution-backend-ci-smoke.js](../test/execution-backend-ci-smoke.js)
|
|
249
252
|
- [execution-backends-smoke.js](../test/execution-backends-smoke.js)
|
|
253
|
+
- [feedback-ops-unit-smoke.js](../test/feedback-ops-unit-smoke.js)
|
|
250
254
|
- [freebsd-audit-fixes-smoke.js](../test/freebsd-audit-fixes-smoke.js)
|
|
251
255
|
- [gemini-agent-wrapper-smoke.js](../test/gemini-agent-wrapper-smoke.js)
|
|
252
256
|
- [gemini-opencode-agent-wrapper-smoke.js](../test/gemini-opencode-agent-wrapper-smoke.js)
|
|
@@ -256,6 +260,7 @@ Smoke tests mirror the public contracts. The high-signal suites are:
|
|
|
256
260
|
- [loop-bounded-expansion-smoke.js](../test/loop-bounded-expansion-smoke.js)
|
|
257
261
|
- [mcp-app-surface-smoke.js](../test/mcp-app-surface-smoke.js)
|
|
258
262
|
- [mcp-surface-registry-smoke.js](../test/mcp-surface-registry-smoke.js)
|
|
263
|
+
- [mcp-tool-call-coverage-smoke.js](../test/mcp-tool-call-coverage-smoke.js)
|
|
259
264
|
- [multi-agent-cli-mcp-surface-smoke.js](../test/multi-agent-cli-mcp-surface-smoke.js)
|
|
260
265
|
- [multi-agent-eval-determinism-regression-smoke.js](../test/multi-agent-eval-determinism-regression-smoke.js)
|
|
261
266
|
- [multi-agent-eval-replay-harness-smoke.js](../test/multi-agent-eval-replay-harness-smoke.js)
|
|
@@ -277,6 +282,7 @@ Smoke tests mirror the public contracts. The high-signal suites are:
|
|
|
277
282
|
- [operator-ux-smoke.js](../test/operator-ux-smoke.js)
|
|
278
283
|
- [parallel-onramp-smoke.js](../test/parallel-onramp-smoke.js)
|
|
279
284
|
- [parity-doc-sync-smoke.js](../test/parity-doc-sync-smoke.js)
|
|
285
|
+
- [pdca-blackboard-loop-smoke.js](../test/pdca-blackboard-loop-smoke.js)
|
|
280
286
|
- [pii-redaction-smoke.js](../test/pii-redaction-smoke.js)
|
|
281
287
|
- [pipeline-auto-advance-smoke.js](../test/pipeline-auto-advance-smoke.js)
|
|
282
288
|
- [pipeline-runner-smoke.js](../test/pipeline-runner-smoke.js)
|
|
@@ -291,6 +297,7 @@ Smoke tests mirror the public contracts. The high-signal suites are:
|
|
|
291
297
|
- [readme-trust-claim-smoke.js](../test/readme-trust-claim-smoke.js)
|
|
292
298
|
- [real-execution-backends-smoke.js](../test/real-execution-backends-smoke.js)
|
|
293
299
|
- [registry-corrupt-fail-closed-smoke.js](../test/registry-corrupt-fail-closed-smoke.js)
|
|
300
|
+
- [release-check-skip-smoke.js](../test/release-check-skip-smoke.js)
|
|
294
301
|
- [release-flow-smoke.js](../test/release-flow-smoke.js)
|
|
295
302
|
- [release-gate-smoke.js](../test/release-gate-smoke.js)
|
|
296
303
|
- [release-tooling-smoke.js](../test/release-tooling-smoke.js)
|
|
@@ -85,6 +85,22 @@ The dogfood release smoke and the architecture-review dogfood smoke are separate
|
|
|
85
85
|
test files. The split keeps the same release and agent-drive proof, but lets
|
|
86
86
|
`test:ci` schedule the two long checks in parallel.
|
|
87
87
|
|
|
88
|
+
## PR CI Merge Notes
|
|
89
|
+
|
|
90
|
+
When a PR is ready, list open PRs by creation time and merge the oldest ready
|
|
91
|
+
one first. After each merge, check the next PR again; a new main commit may make
|
|
92
|
+
it need a rebase.
|
|
93
|
+
|
|
94
|
+
If main moved after the PR branch was made, replay the PR commits on top of the
|
|
95
|
+
new main in a clean worktree. Keep local unrelated changes out of the rebase and
|
|
96
|
+
out of the PR.
|
|
97
|
+
|
|
98
|
+
Treat CI as the source of truth for what blocks the merge. Read the failed step
|
|
99
|
+
first, fix only that drift, then push again. A common drift is the npm README:
|
|
100
|
+
when `readme-sync-smoke.js` says the package README is stale, run
|
|
101
|
+
`npm run sync:readme`, add only `plugins/cool-workflow/README.md`, and let CI run
|
|
102
|
+
again.
|
|
103
|
+
|
|
88
104
|
## Boundary
|
|
89
105
|
|
|
90
106
|
Release Tooling touches only the build/release surfaces. It adds no runtime
|
|
@@ -268,3 +284,7 @@ _No behavioral change in v0.1.89 (CLI-surface golden-path + help-output fixes on
|
|
|
268
284
|
0.1.93
|
|
269
285
|
|
|
270
286
|
0.1.94
|
|
287
|
+
|
|
288
|
+
0.1.95
|
|
289
|
+
|
|
290
|
+
0.1.96
|
package/docs/routines.md
CHANGED
|
@@ -64,6 +64,36 @@ report path and digest.
|
|
|
64
64
|
The `--metrics` flag is not required and it gives back foreground time used plus
|
|
65
65
|
agent-spawn and result-cache-hit counts for the fast run.
|
|
66
66
|
|
|
67
|
+
## PDCA Blackboard Development Lessons
|
|
68
|
+
|
|
69
|
+
When a task asks for agents to work together, first try the parts CW already
|
|
70
|
+
has:
|
|
71
|
+
|
|
72
|
+
- workflow apps give the work shape
|
|
73
|
+
- worker output gives checked facts
|
|
74
|
+
- the blackboard gives shared state
|
|
75
|
+
- MCP gives tool access to the same state
|
|
76
|
+
- smoke tests prove the loop
|
|
77
|
+
|
|
78
|
+
Do not make a new MCP server when the existing server can show the same run
|
|
79
|
+
state. Add a workflow app first, then prove the app with one smoke that uses
|
|
80
|
+
both CLI and MCP.
|
|
81
|
+
|
|
82
|
+
For a three-agent loop, keep the order plain:
|
|
83
|
+
|
|
84
|
+
```text
|
|
85
|
+
plan -> build -> audit -> next action
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
Each agent should write one blackboard message and, when there is a result
|
|
89
|
+
file, one artifact ref. Take a snapshot after the audit and after the next
|
|
90
|
+
action. If audit evidence is missing, let the worker evidence gate refuse the
|
|
91
|
+
result instead of adding a new policy layer.
|
|
92
|
+
|
|
93
|
+
Before a PR, base the branch on `origin/main`, run the generated-doc checks,
|
|
94
|
+
and sync generated docs when the gate says they are stale. This keeps unrelated
|
|
95
|
+
local commits and generated README/index drift out of the work.
|
|
96
|
+
|
|
67
97
|
## Boundary
|
|
68
98
|
|
|
69
99
|
CW v0.1.1 does not give managed cloud infrastructure. It gives a local
|
|
@@ -26,6 +26,21 @@ normalization, worker result acceptance, and durable feedback for denied worker
|
|
|
26
26
|
output. The agent host has to do OS-level file access, process execution,
|
|
27
27
|
network access, and environment filtering.
|
|
28
28
|
|
|
29
|
+
**IMPORTANT**: Under the default `node` backend, a sandbox profile's
|
|
30
|
+
`execute`, `network`, and `env` policy is **attested, not enforced**. CW
|
|
31
|
+
validates the policy, records it in the worker manifest, and attests that
|
|
32
|
+
these limits were declared — but the actual enforcement of command execution
|
|
33
|
+
restrictions, network isolation, and environment variable filtering is
|
|
34
|
+
DELEGATED to the host runtime. For full enforcement, use the `container`
|
|
35
|
+
backend (`--backend container`) with Docker/Podman, or apply OS-level
|
|
36
|
+
sandboxing to the agent process. Without OS enforcement, a worker under a
|
|
37
|
+
`locked-down` profile can still run arbitrary commands and access the network.
|
|
38
|
+
|
|
39
|
+
CW also now (v0.1.95) applies `buildChildEnv(policy)` as a baseline for agent
|
|
40
|
+
spawns — only `PATH`, `HOME`, explicit `expose` entries, and well-known
|
|
41
|
+
`CW_*` + LLM provider API key environment variables pass through. The
|
|
42
|
+
operator's other process environment is not inherited by default.
|
|
43
|
+
|
|
29
44
|
The design goal is simple:
|
|
30
45
|
|
|
31
46
|
```text
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"_comment": "SINGLE SOURCE OF TRUTH for every vendor manifest. Edit THIS file, then run `npm run gen:manifests`. Do NOT hand-edit the generated vendor manifests (.claude-plugin/, .codex-plugin/, .agents/, .mcp.json) — `npm run gen:manifests -- --check` (run by release:check) will fail if they drift from this source.",
|
|
3
3
|
"identity": {
|
|
4
4
|
"name": "cool-workflow",
|
|
5
|
-
"version": "0.1.
|
|
5
|
+
"version": "0.1.96",
|
|
6
6
|
"license": "BSD-2-Clause",
|
|
7
7
|
"homepage": "https://github.com/coo1white/cool-workflow",
|
|
8
8
|
"author": {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.96",
|
|
4
4
|
"bin": {
|
|
5
5
|
"cool-workflow": "scripts/cw.js",
|
|
6
6
|
"cw": "scripts/cw.js"
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
"bugs": {
|
|
15
15
|
"url": "https://github.com/coo1white/cool-workflow/issues"
|
|
16
16
|
},
|
|
17
|
-
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents
|
|
17
|
+
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents \u2014 it never runs the models itself.",
|
|
18
18
|
"type": "commonjs",
|
|
19
19
|
"engines": {
|
|
20
20
|
"node": ">=18"
|
|
@@ -62,9 +62,11 @@
|
|
|
62
62
|
"onramp:check": "node scripts/onramp-check.js --check",
|
|
63
63
|
"version:sync": "node scripts/version-sync-check.js",
|
|
64
64
|
"release:check": "node scripts/release-check.js",
|
|
65
|
-
"test": "node dist/cli.js version > /dev/null && node test/run-all.js",
|
|
65
|
+
"test": "node dist/cli.js version > /dev/null && node test/run-all.js --fast --sample 35",
|
|
66
|
+
"test:full": "node dist/cli.js version > /dev/null && node test/run-all.js --sample 55",
|
|
67
|
+
"test:gate": "node dist/cli.js version > /dev/null && node test/run-all.js",
|
|
66
68
|
"test:fast": "npm run build --if-present && node dist/cli.js version > /dev/null && node test/run-all.js --concurrency auto",
|
|
67
|
-
"test:ci": "node dist/cli.js version > /dev/null && node test/run-all.js --
|
|
69
|
+
"test:ci": "npm run build && node dist/cli.js version > /dev/null && node test/run-all.js --sample 55",
|
|
68
70
|
"test:coverage": "node dist/cli.js version > /dev/null && node scripts/coverage-gate.js --concurrency auto",
|
|
69
71
|
"eval:replay": "tsc -p tsconfig.json && node test/multi-agent-eval-replay-harness-smoke.js",
|
|
70
72
|
"ci": "npm run build && npm run check && npm run test && npm run release:check",
|
|
@@ -85,5 +87,6 @@
|
|
|
85
87
|
"llm-pipeline",
|
|
86
88
|
"claude",
|
|
87
89
|
"delegation"
|
|
88
|
-
]
|
|
90
|
+
],
|
|
91
|
+
"mcpName": "io.github.coo1white/cool-workflow"
|
|
89
92
|
}
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
"use strict";
|
|
3
3
|
|
|
4
4
|
const fs = require("node:fs");
|
|
5
|
+
const path = require("node:path");
|
|
5
6
|
|
|
6
7
|
const RESULT_CONTRACT = `
|
|
7
8
|
=== HOW TO RETURN YOUR ANSWER (overrides any 'write to result.md' instruction above) ===
|
|
@@ -448,6 +449,25 @@ function emitReport(model, usage, resultText) {
|
|
|
448
449
|
process.stdout.write(JSON.stringify({ model, usage, result: resultText }));
|
|
449
450
|
}
|
|
450
451
|
|
|
452
|
+
// Drop the failed agent's stderr beside the worker's result.md so a `failed (exit
|
|
453
|
+
// 1)` is readable AFTER the fact. CW core keeps only the child's stdout + exit
|
|
454
|
+
// code (byte-stable evidence), so without this the real reason — a relay 5xx, an
|
|
455
|
+
// auth error, a killed run — is lost. The worker dir already has a `logs/` folder
|
|
456
|
+
// (src/worker-isolation.ts); resultPath is `<workerDir>/result.md`, so its
|
|
457
|
+
// `logs/agent-stderr.log` sibling is the natural home. Advisory only: never throws,
|
|
458
|
+
// never changes the exit code or the recorded evidence.
|
|
459
|
+
function persistStderr(resultPath, text) {
|
|
460
|
+
const t = String(text || "").trim();
|
|
461
|
+
if (!t || !resultPath) return;
|
|
462
|
+
try {
|
|
463
|
+
const dir = path.join(path.dirname(resultPath), "logs");
|
|
464
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
465
|
+
fs.writeFileSync(path.join(dir, "agent-stderr.log"), `${t}\n`, "utf8");
|
|
466
|
+
} catch {
|
|
467
|
+
/* advisory only — diagnostics must never break the run */
|
|
468
|
+
}
|
|
469
|
+
}
|
|
470
|
+
|
|
451
471
|
module.exports = {
|
|
452
472
|
RESULT_CONTRACT,
|
|
453
473
|
buildPrompt,
|
|
@@ -461,5 +481,6 @@ module.exports = {
|
|
|
461
481
|
parseJsonLines,
|
|
462
482
|
flushJsonLines,
|
|
463
483
|
writeResult,
|
|
464
|
-
emitReport
|
|
484
|
+
emitReport,
|
|
485
|
+
persistStderr // save a failed agent's stderr to <workerDir>/logs/agent-stderr.log (shared by all wrappers)
|
|
465
486
|
};
|