cool-workflow 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/.codex-plugin/plugin.json +1 -1
  3. package/README.md +7 -5
  4. package/apps/architecture-review/app.json +2 -2
  5. package/apps/architecture-review/workflow.js +12 -12
  6. package/apps/architecture-review-fast/app.json +1 -1
  7. package/apps/end-to-end-golden-path/app.json +1 -1
  8. package/apps/pr-review-fix-ci/app.json +1 -1
  9. package/apps/release-cut/app.json +1 -1
  10. package/apps/research-synthesis/app.json +1 -1
  11. package/dist/cli/dispatch.js +2 -2
  12. package/dist/cli/parseargv.js +2 -2
  13. package/dist/core/capability-table.js +13 -29
  14. package/dist/core/format/help.js +2 -2
  15. package/dist/core/hash.js +1 -1
  16. package/dist/core/multi-agent/candidate-scoring.js +1 -1
  17. package/dist/core/multi-agent/eval-replay.js +1 -1
  18. package/dist/core/multi-agent/runtime.js +2 -2
  19. package/dist/core/multi-agent/trust-policy.js +1 -1
  20. package/dist/core/pipeline/contract.js +1 -1
  21. package/dist/core/pipeline/drive-decide.js +1 -1
  22. package/dist/core/state/contract-migration.js +1 -1
  23. package/dist/core/state/migrations.js +2 -2
  24. package/dist/core/state/node-snapshot.js +1 -1
  25. package/dist/core/state/state-explosion/graph.js +4 -4
  26. package/dist/core/state/state-explosion/helpers.js +3 -3
  27. package/dist/core/state/state-explosion/report.js +1 -1
  28. package/dist/core/state/state-explosion/size.js +1 -1
  29. package/dist/core/state/state-node.js +2 -2
  30. package/dist/core/state/types.js +1 -1
  31. package/dist/core/trust/ledger.js +1 -1
  32. package/dist/core/trust/telemetry-attestation.js +3 -3
  33. package/dist/core/trust/telemetry-ledger.js +2 -2
  34. package/dist/core/version.js +1 -1
  35. package/dist/core/workflow-apps/app-schema.js +1 -1
  36. package/dist/mcp/dispatch.js +1 -1
  37. package/dist/mcp/server.js +1 -1
  38. package/dist/shell/agent-config.js +1 -1
  39. package/dist/shell/doctor.js +17 -4
  40. package/dist/shell/drive.js +21 -9
  41. package/dist/shell/execution-backend/agent.js +42 -10
  42. package/dist/shell/execution-backend/ci.js +1 -1
  43. package/dist/shell/execution-backend/container.js +1 -1
  44. package/dist/shell/execution-backend/envelopes.js +1 -1
  45. package/dist/shell/execution-backend/local.js +1 -1
  46. package/dist/shell/execution-backend/probes.js +1 -1
  47. package/dist/shell/execution-backend/registry.js +1 -1
  48. package/dist/shell/execution-backend/remote.js +1 -1
  49. package/dist/shell/execution-backend/types.js +1 -1
  50. package/dist/shell/fs-atomic.js +1 -1
  51. package/dist/shell/ledger-io.js +1 -1
  52. package/dist/shell/metrics-cli.js +4 -2
  53. package/dist/shell/multi-agent-host.js +1 -1
  54. package/dist/shell/reclamation-io.js +1 -1
  55. package/dist/shell/registry-cli.js +15 -0
  56. package/dist/shell/run-registry-io.js +1 -1
  57. package/dist/shell/sandbox-profile.js +1 -1
  58. package/dist/shell/scheduler-io.js +46 -37
  59. package/dist/shell/scheduling-io.js +32 -22
  60. package/dist/shell/telemetry-ledger-io.js +1 -1
  61. package/dist/shell/term.js +1 -1
  62. package/dist/shell/trust-audit.js +4 -3
  63. package/dist/shell/workbench-host.js +9 -1
  64. package/dist/shell/workbench.js +6 -11
  65. package/docs/agent-delegation-drive.7.md +2 -0
  66. package/docs/cli-mcp-parity.7.md +2 -0
  67. package/docs/contract-migration-tooling.7.md +2 -0
  68. package/docs/control-plane-scheduling.7.md +2 -0
  69. package/docs/durable-state-and-locking.7.md +2 -0
  70. package/docs/evidence-adoption-reasoning-chain.7.md +2 -0
  71. package/docs/execution-backends.7.md +2 -0
  72. package/docs/multi-agent-cli-mcp-surface.7.md +2 -0
  73. package/docs/multi-agent-eval-replay-harness.7.md +2 -0
  74. package/docs/multi-agent-operator-ux.7.md +2 -0
  75. package/docs/node-snapshot-diff-replay.7.md +2 -0
  76. package/docs/observability-cost-accounting.7.md +4 -1
  77. package/docs/project-index.md +8 -3
  78. package/docs/real-execution-backends.7.md +2 -0
  79. package/docs/release-and-migration.7.md +2 -0
  80. package/docs/release-tooling.7.md +2 -0
  81. package/docs/remote-source-review.7.md +4 -4
  82. package/docs/report-verifiable-bundle.7.md +1 -1
  83. package/docs/run-registry-control-plane.7.md +2 -0
  84. package/docs/run-retention-reclamation.7.md +2 -0
  85. package/docs/security-trust-hardening.7.md +3 -1
  86. package/docs/state-explosion-management.7.md +2 -0
  87. package/docs/team-collaboration.7.md +2 -0
  88. package/docs/web-desktop-workbench.7.md +13 -1
  89. package/manifest/plugin.manifest.json +1 -1
  90. package/package.json +1 -1
  91. package/scripts/agents/agent-adapter-core.js +22 -2
  92. package/scripts/agents/claude-p-agent.js +8 -3
  93. package/scripts/agents/gemini-agent.js +5 -1
  94. package/scripts/agents/opencode-agent.js +5 -1
  95. package/scripts/canonical-apps.js +4 -4
  96. package/scripts/dogfood-release.js +1 -1
  97. package/scripts/golden-path.js +4 -4
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "cool-workflow",
3
3
  "description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
4
- "version": "0.2.0",
4
+ "version": "0.2.1",
5
5
  "author": {
6
6
  "name": "COOLWHITE LLC"
7
7
  },
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cool-workflow",
3
- "version": "0.2.0",
3
+ "version": "0.2.1",
4
4
  "description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
5
5
  "author": {
6
6
  "name": "COOLWHITE LLC"
package/README.md CHANGED
@@ -64,16 +64,18 @@ cw demo tamper
64
64
  ### 2 · Ask a question about your code — one command
65
65
 
66
66
  ```bash
67
- cw -q "What are the main risks here?"
67
+ cw -q "How does auth work end-to-end here?"
68
68
  ```
69
69
 
70
- CW auto-detects the current repo and the first agent on your `PATH`. Pin a specific one with a flag
71
- (`-claude`, `-codex`, `-gemini`, `-deepseek`). Point it anywhere no `cd` required or review a
72
- **remote repo by URL** and CW clones, snapshots, and reviews the checkout:
70
+ Any question works, not only a risk audit architecture questions, "is it safe to change X",
71
+ "what would break if Y rotated" all get a direct, cited answer. CW auto-detects the current repo
72
+ and the first agent on your `PATH`. Pin a specific one with a flag (`-claude`, `-codex`, `-gemini`,
73
+ `-deepseek`). Point it anywhere — no `cd` required — or review a **remote repo by URL** and CW
74
+ clones, snapshots, and reviews the checkout:
73
75
 
74
76
  ```bash
75
77
  cw -q "What are the security risks?" -dir /path/to/project
76
- cw -q "What are the risks?" --link https://github.com/owner/repo
78
+ cw -q "Is it safe to swap this queue for Redis?" --link https://github.com/owner/repo
77
79
  ```
78
80
 
79
81
  **Not just code.** Aim CW at a folder of docs, notes, or papers and it reads them as sources for the
@@ -3,7 +3,7 @@
3
3
  "id": "architecture-review",
4
4
  "title": "Architecture Review",
5
5
  "summary": "Map a repository architecture, assess risks, verify important findings, and synthesize an evidence-backed verdict.",
6
- "version": "0.2.0",
6
+ "version": "0.2.1",
7
7
  "author": "COOLWHITE LLC",
8
8
  "inputs": [
9
9
  {
@@ -16,7 +16,7 @@
16
16
  "name": "question",
17
17
  "type": "string",
18
18
  "required": true,
19
- "description": "Architecture question or decision to review."
19
+ "description": "Architecture question or decision to review. Every phase scopes its work to this question - not only a fixed risk list."
20
20
  },
21
21
  {
22
22
  "name": "invariant",
@@ -8,7 +8,7 @@ module.exports = ({ workflow, phase, parallel, agent, artifact, input }) => {
8
8
  input("question", {
9
9
  type: "string",
10
10
  required: true,
11
- description: "Architecture question or decision to review."
11
+ description: "Architecture question or decision to review. Every phase scopes its work to this question - not only a fixed risk list."
12
12
  }),
13
13
  input("invariant", {
14
14
  type: "string",
@@ -41,54 +41,54 @@ module.exports = ({ workflow, phase, parallel, agent, artifact, input }) => {
41
41
  ),
42
42
  agent(
43
43
  "map:web-client",
44
- "Map web/client/UI boundaries, local state, backend dependencies, build/runtime assumptions, and candidate risks in {{repo}}. Focus: {{focus}}. Return exact files and commands that informed the map.",
44
+ "Map web/client/UI boundaries, local state, backend dependencies, build/runtime assumptions, and candidate risks in {{repo}} as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Return exact files and commands that informed the map.",
45
45
  { sandboxProfileId: "readonly" }
46
46
  ),
47
47
  agent(
48
48
  "map:db-security",
49
- "Map database, persistence, migrations, secrets, auth, permissions, and security-sensitive paths in {{repo}}. Return candidate risks with file paths, config names, and uncertainty boundaries.",
49
+ "Map database, persistence, migrations, secrets, auth, permissions, and security-sensitive paths in {{repo}} as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Return candidate risks with file paths, config names, and uncertainty boundaries.",
50
50
  { sandboxProfileId: "readonly" }
51
51
  ),
52
52
  agent(
53
53
  "map:deploy-config",
54
- "Map deployment, CI, package scripts, Docker or compose files, reverse proxies, environment config, supervision, and operational assumptions. Return concrete files and release or runtime risks.",
54
+ "Map deployment, CI, package scripts, Docker or compose files, reverse proxies, environment config, supervision, and operational assumptions in {{repo}} as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Return concrete files and release or runtime risks.",
55
55
  { sandboxProfileId: "readonly" }
56
56
  ),
57
57
  agent(
58
58
  "map:jobs-operators",
59
- "Map background jobs, admin/operator surfaces, queues, scheduled work, generated files, state transitions, and failure recovery paths. Identify missing or non-applicable areas explicitly.",
59
+ "Map background jobs, admin/operator surfaces, queues, scheduled work, generated files, state transitions, and failure recovery paths in {{repo}} as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Identify missing or non-applicable areas explicitly.",
60
60
  { sandboxProfileId: "readonly" }
61
61
  ),
62
62
  agent(
63
63
  "map:transport-core",
64
- "Map protocol, daemon, transport, rendering, networking, worker isolation, or core engine boundaries when present. If absent, explain why with inspected evidence.",
64
+ "Map protocol, daemon, transport, rendering, networking, worker isolation, or core engine boundaries when present in {{repo}}, as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. If absent, explain why with inspected evidence.",
65
65
  { sandboxProfileId: "readonly" }
66
66
  )
67
67
  ]),
68
68
  parallel("Assess", [
69
69
  agent(
70
70
  "assess:security",
71
- "Assess mapper findings through a security lens. Separate real, conditional, non-issue, and unknown risks with evidence, falsifiers, and exact files or config keys.",
71
+ "Assess mapper findings through a security lens as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Separate real, conditional, non-issue, and unknown risks with evidence, falsifiers, and exact files or config keys.",
72
72
  { sandboxProfileId: "readonly" }
73
73
  ),
74
74
  agent(
75
75
  "assess:data-correctness",
76
- "Assess data correctness, schema drift, persistence invariants, concurrency, transactions, cache behavior, and state corruption risks. Tie every important claim to inspected evidence.",
76
+ "Assess data correctness, schema drift, persistence invariants, concurrency, transactions, cache behavior, and state corruption risks as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Tie every important claim to inspected evidence.",
77
77
  { sandboxProfileId: "readonly" }
78
78
  ),
79
79
  agent(
80
80
  "assess:failure-modes",
81
- "Assess startup, shutdown, retries, partial failure, dependency outage, backup/restore, release rollback, and recovery behavior. Identify deterministic commands that could verify the claims.",
81
+ "Assess startup, shutdown, retries, partial failure, dependency outage, backup/restore, release rollback, and recovery behavior as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Identify deterministic commands that could verify the claims.",
82
82
  { sandboxProfileId: "readonly" }
83
83
  ),
84
84
  agent(
85
85
  "assess:scale-ops",
86
- "Assess scale, operational complexity, observability, configuration, packaging, deployment, and maintenance risks. Include exact files, scripts, or missing controls.",
86
+ "Assess scale, operational complexity, observability, configuration, packaging, deployment, and maintenance risks as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Include exact files, scripts, or missing controls.",
87
87
  { sandboxProfileId: "readonly" }
88
88
  ),
89
89
  agent(
90
90
  "assess:maintainability",
91
- "Assess module boundaries, ownership clarity, coupling, extensibility, testability, and future change risk. Distinguish architectural risks from style preferences.",
91
+ "Assess module boundaries, ownership clarity, coupling, extensibility, testability, and future change risk as they relate to {{question}}. Focus: {{focus}}. Invariants: {{invariant}}. Distinguish architectural risks from style preferences.",
92
92
  { sandboxProfileId: "readonly" }
93
93
  ),
94
94
  agent(
@@ -100,7 +100,7 @@ module.exports = ({ workflow, phase, parallel, agent, artifact, input }) => {
100
100
  phase("Verify", [
101
101
  agent(
102
102
  "verify:p0-p2-risks",
103
- "Re-open evidence for every candidate P0/P1/P2 risk. Confirm real risks, downgrade unsupported concerns, and list exact file paths, commands, logs, or unknowns. The cw:result evidence array must cite durable locators.",
103
+ "Re-open evidence for every candidate P0/P1/P2 risk found so far, judged against {{question}}. Confirm real risks, downgrade unsupported concerns, and list exact file paths, commands, logs, or unknowns. The cw:result evidence array must cite durable locators.",
104
104
  { requiresEvidence: true, sandboxProfileId: "readonly" }
105
105
  )
106
106
  ]),
@@ -3,7 +3,7 @@
3
3
  "id": "architecture-review-fast",
4
4
  "title": "Architecture Review Fast",
5
5
  "summary": "Run a shorter architecture review with parallel map and assess phases for faster first results.",
6
- "version": "0.2.0",
6
+ "version": "0.2.1",
7
7
  "author": "COOLWHITE LLC",
8
8
  "inputs": [
9
9
  {
@@ -3,7 +3,7 @@
3
3
  "id": "end-to-end-golden-path",
4
4
  "title": "End-to-End Golden Path",
5
5
  "summary": "Deterministic one-worker workflow app for proving the CW integration chain.",
6
- "version": "0.2.0",
6
+ "version": "0.2.1",
7
7
  "author": "COOLWHITE LLC",
8
8
  "inputs": [
9
9
  {
@@ -3,7 +3,7 @@
3
3
  "id": "pr-review-fix-ci",
4
4
  "title": "PR Review Fix CI",
5
5
  "summary": "Review a pull request or branch, inspect CI failures, diagnose actionable issues, optionally patch, verify, and summarize with evidence.",
6
- "version": "0.2.0",
6
+ "version": "0.2.1",
7
7
  "author": "COOLWHITE LLC",
8
8
  "inputs": [
9
9
  {
@@ -3,7 +3,7 @@
3
3
  "id": "release-cut",
4
4
  "title": "Release Cut",
5
5
  "summary": "Prepare a release with checklist discipline: version checks, changelog, tests, packaging, release notes, and final verification.",
6
- "version": "0.2.0",
6
+ "version": "0.2.1",
7
7
  "author": "COOLWHITE LLC",
8
8
  "inputs": [
9
9
  {
@@ -3,7 +3,7 @@
3
3
  "id": "research-synthesis",
4
4
  "title": "Research Synthesis",
5
5
  "summary": "Split a research question into claims, investigate sources, cross-check evidence, verify claims, and synthesize a concise answer.",
6
- "version": "0.2.0",
6
+ "version": "0.2.1",
7
7
  "author": "COOLWHITE LLC",
8
8
  "inputs": [
9
9
  {
@@ -1,7 +1,7 @@
1
1
  "use strict";
2
2
  // cli/dispatch.ts — the generic CLI executor over core/capability-table.ts.
3
3
  //
4
- // MILESTONE 2 (v2/PLAN.md build order, step 2; see the Revision note there
4
+ // MILESTONE 2 (docs/rebuild/PLAN.md build order, step 2; see the Revision note there
5
5
  // for why this lands here, right after CLI parsing, instead of late).
6
6
  //
7
7
  // `dispatch(args)` first tries the CAPABILITY TABLE: it looks up the row
@@ -16,7 +16,7 @@
16
16
  // cli-argv-parsing.case.js and cli-exit-codes.case.js probe but that do
17
17
  // not yet have a real subsystem behind them (see each case's own
18
18
  // PLACEHOLDER comment for which future milestone owns it). Per the
19
- // Revision note in v2/PLAN.md, THIS file is never hand-extended again —
19
+ // Revision note in docs/rebuild/PLAN.md, THIS file is never hand-extended again —
20
20
  // `dispatchLegacy`'s arms shrink to nothing as later milestones move each
21
21
  // one into a real capability-table row; nothing new is ever added here.
22
22
  Object.defineProperty(exports, "__esModule", { value: true });
@@ -2,7 +2,7 @@
2
2
  // cli/parseargv.ts — parseArgv, KNOWN_COMMANDS, suggestCommand.
3
3
  //
4
4
  // Pure. Byte-exact port of src/orchestrator.ts:789-887 in the old build.
5
- // See v2/PLAN.md byte-compat item 15 and SPEC/cli-surface.md "Argument
5
+ // See docs/rebuild/PLAN.md byte-compat item 15 and SPEC/cli-surface.md "Argument
6
6
  // parsing (parseArgv)" / SPEC/orchestrator.md "Module-level exports".
7
7
  //
8
8
  // Rules (do not "clean up" — every one of these is pinned by a conformance
@@ -103,7 +103,7 @@ function parseArgv(argv) {
103
103
  /** src/orchestrator.ts:842-851 — every top-level command name, used for
104
104
  * "did you mean". NOTE: this deliberately does NOT include "ledger" even
105
105
  * though the dispatcher handles it and formatHelp lists it — a known,
106
- * intentionally-preserved wart (see v2/PLAN.md "Kept byte-for-byte"). */
106
+ * intentionally-preserved wart (see docs/rebuild/PLAN.md "Kept byte-for-byte"). */
107
107
  exports.KNOWN_COMMANDS = new Set([
108
108
  "help", "list", "doctor", "info", "search", "man", "init", "quickstart",
109
109
  "plan", "status", "next", "dispatch", "result", "state", "commit", "report",
@@ -1,7 +1,7 @@
1
1
  "use strict";
2
2
  // core/capability-table.ts — THE one data table: one row per capability.
3
3
  //
4
- // MILESTONE 2 (v2/PLAN.md build order, step 2). Replaces the old build's
4
+ // MILESTONE 2 (docs/rebuild/PLAN.md build order, step 2). Replaces the old build's
5
5
  // `capability-registry.ts` (940 lines) + 40 CLI handler files + the
6
6
  // 196-arm MCP switch + the 1000-line tool-definitions array with ONE data
7
7
  // table plus two generic front-door readers (`cli/dispatch.ts`,
@@ -12,9 +12,9 @@
12
12
  // exactly what conformance/cases/mcp-basic.case.js and the milestone-1
13
13
  // carry-over cases need). Every later milestone adds capabilities as table
14
14
  // ROWS ONLY; this file's shape (and cli/dispatch.ts + mcp/dispatch.ts) is
15
- // not touched again — see v2/PLAN.md's Revision note.
15
+ // not touched again — see docs/rebuild/PLAN.md's Revision note.
16
16
  //
17
- // Byte-compat item 5 (v2/PLAN.md): 12 capabilities have CLI and MCP call
17
+ // Byte-compat item 5 (docs/rebuild/PLAN.md): 12 capabilities have CLI and MCP call
18
18
  // DIFFERENT functions with DIFFERENT payloads. So a row carries a SEPARATE
19
19
  // `cli.handler` and `mcp.handler`, never one shared "handler" — even
20
20
  // though every row landed so far happens to share one function, the type
@@ -67,9 +67,6 @@ var __importStar = (this && this.__importStar) || (function () {
67
67
  return result;
68
68
  };
69
69
  })();
70
- var __importDefault = (this && this.__importDefault) || function (mod) {
71
- return (mod && mod.__esModule) ? mod : { "default": mod };
72
- };
73
70
  Object.defineProperty(exports, "__esModule", { value: true });
74
71
  exports.CAPABILITY_REGISTRY = exports.REGISTRY = exports.CapabilityNotImplementedError = void 0;
75
72
  exports.listBundledWorkflows = listBundledWorkflows;
@@ -149,7 +146,7 @@ const MCP_TOOL_DATA = [
149
146
  { tool: "cw_operator_report", capability: "operator.report", requiredArgs: ["runId"], properties: ["runId", "cwd"], description: "Refresh and read the structured Operator UX report summary." },
150
147
  { tool: "cw_worker_summary", capability: "worker.summary", requiredArgs: ["runId"], properties: ["runId", "cwd"], description: "Read the structured worker summary for a run." },
151
148
  { tool: "cw_workbench_view", capability: "workbench.view", requiredArgs: ["runId"], properties: ["runId", "cwd"], description: "Read the read-only five-panel Workbench view of one run (graph, blackboard, worker, candidate, audit)." },
152
- { tool: "cw_workbench_serve", capability: "workbench.serve", requiredArgs: [], properties: ["cwd", "port", "scope"], description: "Describe/serve the optional localhost-only, read-only Workbench host." },
149
+ { tool: "cw_workbench_serve", capability: "workbench.serve", requiredArgs: [], properties: ["cwd", "port", "scope", "requireToken"], description: "Describe/serve the optional localhost-only, read-only Workbench host. requireToken is a CLI-only opt-in (the MCP path never actually binds, so it is a no-op here)." },
153
150
  { tool: "cw_candidate_summary", capability: "candidate.summary", requiredArgs: ["runId"], properties: ["runId", "cwd"], description: "Read the structured candidate summary for a run." },
154
151
  { tool: "cw_feedback_summary", capability: "feedback.summary", requiredArgs: ["runId"], properties: ["runId", "cwd"], description: "Read the structured feedback summary for a run." },
155
152
  { tool: "cw_commit_summary", capability: "commit.summary", requiredArgs: ["runId"], properties: ["runId", "cwd"], description: "Read the structured commit summary for a run." },
@@ -285,7 +282,7 @@ const MCP_TOOL_DATA = [
285
282
  { tool: "cw_registry_refresh", capability: "registry.refresh", requiredArgs: [], properties: ["cwd", "scope"], description: "Recompute and persist the derived run registry index." },
286
283
  { tool: "cw_registry_show", capability: "registry.show", requiredArgs: [], properties: ["cwd", "scope"], description: "Read the run registry index with valid|stale|absent freshness." },
287
284
  { tool: "cw_metrics_show", capability: "metrics.show", requiredArgs: ["runId"], properties: ["runId", "cwd", "pricing", "now"], description: "Read the derived per-run observability + attested-cost report (durations, failure/verifier/acceptance rates with sample counts, attested usage, cost, coverage)." },
288
- { tool: "cw_metrics_summary", capability: "metrics.summary", requiredArgs: [], properties: ["cwd", "scope", "pricing", "now"], description: "Read the cross-repo observability + cost rollup over the v0.1.28 run registry, with per-app and per-backend breakdowns." },
285
+ { tool: "cw_metrics_summary", capability: "metrics.summary", requiredArgs: [], properties: ["cwd", "scope", "pricing", "now", "limit"], description: "Read the cross-repo observability + cost rollup over the v0.1.28 run registry, with per-app and per-backend breakdowns." },
289
286
  { tool: "cw_run_search", capability: "run.search", requiredArgs: [], properties: ["cwd", "scope", "text", "app", "status", "repo", "since", "until", "includeArchived", "limit", "offset"], description: "Search runs by app/status/time/repo/free-text, deterministic + paginated." },
290
287
  { tool: "cw_run_list", capability: "run.list", requiredArgs: [], properties: ["cwd", "scope", "includeArchived", "limit", "offset"], description: "List indexed runs across repos (search with no filters)." },
291
288
  { tool: "cw_run_show", capability: "run.show", requiredArgs: ["runId"], properties: ["runId", "cwd", "scope"], description: "Resolve one run by id across the registry; fail closed on missing source." },
@@ -487,7 +484,7 @@ function findCapabilityByMcpTool(tool) {
487
484
  // dispatchable command row); `list`/`status`/`sandbox.list` reuse the mcp
488
485
  // row's capability id and get a cli binding layered on top. Every handler
489
486
  // below returns a `CliHandlerResult`; core/ never touches process.stdout
490
- // or process.exitCode directly (see v2/PLAN.md's core/shell split) —
487
+ // or process.exitCode directly (see docs/rebuild/PLAN.md's core/shell split) —
491
488
  // cli/dispatch.ts's generic executor performs the actual write.
492
489
  // ---------------------------------------------------------------------
493
490
  const version_1 = require("./version");
@@ -830,7 +827,7 @@ addCliOnlyCapability("fix", "Print consolidated fix commands for CW setup issues
830
827
  },
831
828
  }, "Environment fix commands are local diagnostics, same reasoning as doctor.");
832
829
  // ---------------------------------------------------------------------
833
- // MILESTONE 6+7 (combined; see v2/PLAN.md Open risk 10) CLI bindings:
830
+ // MILESTONE 6+7 (combined; see docs/rebuild/PLAN.md Open risk 10) CLI bindings:
834
831
  // plan, quickstart, run --drive, run drive (preview), dispatch, result,
835
832
  // commit. Handler BODIES live in shell/pipeline-cli.ts (impure — they
836
833
  // plan/drive/dispatch/commit real run state on disk); this table only
@@ -1843,7 +1840,6 @@ const registry_cli_1 = require("../shell/registry-cli");
1843
1840
  const reclamation_io_1 = require("../shell/reclamation-io");
1844
1841
  const run_registry_io_1 = require("../shell/run-registry-io");
1845
1842
  const scheduling_io_1 = require("../shell/scheduling-io");
1846
- const node_fs_1 = __importDefault(require("node:fs"));
1847
1843
  function firstPositionalArg(args, index = 0) {
1848
1844
  return args.positionals[index];
1849
1845
  }
@@ -1936,13 +1932,7 @@ addCliOnlyCapability("routine", "cw routine create|list|delete|fire|events — A
1936
1932
  return { json: (0, registry_cli_1.routineDeleteCli)((0, io_1.required)(idOrKind, "trigger id"), args.options) };
1937
1933
  case "fire": {
1938
1934
  const kind = (0, io_1.required)(idOrKind, "trigger kind");
1939
- let payload;
1940
- try {
1941
- payload = payloadPath ? JSON.parse(node_fs_1.default.readFileSync(payloadPath, "utf8")) : args.options;
1942
- }
1943
- catch (e) {
1944
- throw new Error(`Failed to parse payload${payloadPath ? ` file "${payloadPath}"` : ""}: ${String((e && e.message) || e)}`);
1945
- }
1935
+ const payload = (0, registry_cli_1.resolveRoutineFirePayload)(payloadPath, args.options);
1946
1936
  return { json: (0, registry_cli_1.routineFireCli)(kind, payload, args.options) };
1947
1937
  }
1948
1938
  case "events":
@@ -1972,13 +1962,7 @@ attachCliBinding("routine.fire", {
1972
1962
  handler: (args) => {
1973
1963
  const kind = (0, io_1.required)(args.positionals[0], "trigger kind");
1974
1964
  const payloadPath = args.positionals[1];
1975
- let payload;
1976
- try {
1977
- payload = payloadPath ? JSON.parse(node_fs_1.default.readFileSync(payloadPath, "utf8")) : args.options;
1978
- }
1979
- catch (e) {
1980
- throw new Error(`Failed to parse payload${payloadPath ? ` file "${payloadPath}"` : ""}: ${String((e && e.message) || e)}`);
1981
- }
1965
+ const payload = (0, registry_cli_1.resolveRoutineFirePayload)(payloadPath, args.options);
1982
1966
  return { json: (0, registry_cli_1.routineFireCli)(kind, payload, args.options) };
1983
1967
  },
1984
1968
  });
@@ -2950,12 +2934,12 @@ addCliOnlyCapability("feedback.usage", "cw.js feedback list|show|summary|collect
2950
2934
  throw new Error("Usage: cw.js feedback list|show|summary|collect|task|resolve <run-id> [feedback-id]");
2951
2935
  },
2952
2936
  }, "feedback.usage exists only to own the fixed usage-error text for an unrecognized feedback subcommand; every real feedback.* action is its own capability row above.");
2953
- addCliOnlyCapability("metrics.usage", "cw.js metrics show <run-id> | metrics summary [--scope repo|home] [--pricing <path>|default] [--json]", {
2937
+ addCliOnlyCapability("metrics.usage", "cw.js metrics show <run-id> | metrics summary [--scope repo|home] [--pricing <path>|default] [--limit N] [--json]", {
2954
2938
  path: ["metrics"],
2955
2939
  jsonMode: "default",
2956
2940
  hiddenFromHelp: true,
2957
2941
  handler: () => {
2958
- throw new Error("Usage: cw.js metrics show <run-id> | metrics summary [--scope repo|home] [--pricing <path>|default] [--json]");
2942
+ throw new Error("Usage: cw.js metrics show <run-id> | metrics summary [--scope repo|home] [--pricing <path>|default] [--limit N] [--json]");
2959
2943
  },
2960
2944
  }, "metrics.usage exists only to own the fixed usage-error text for an unrecognized metrics subcommand; every real metrics.* action is its own capability row above.");
2961
2945
  addCliOnlyCapability("operator.usage", "cw.js operator status|report <run-id> [--json]", {
@@ -2982,12 +2966,12 @@ addCliOnlyCapability("summary.usage", "cw.js summary refresh|show <run-id> [--js
2982
2966
  throw new Error("Usage: cw.js summary refresh|show <run-id> [--json]");
2983
2967
  },
2984
2968
  }, "summary.usage exists only to own the fixed usage-error text for an unrecognized summary subcommand; every real summary.* action is its own capability row above.");
2985
- addCliOnlyCapability("workbench.usage", "cw.js workbench serve [--port N] [--once] | view <run-id> [--json]", {
2969
+ addCliOnlyCapability("workbench.usage", "cw.js workbench serve [--port N] [--once] [--require-token] | view <run-id> [--json]", {
2986
2970
  path: ["workbench"],
2987
2971
  jsonMode: "default",
2988
2972
  hiddenFromHelp: true,
2989
2973
  handler: () => {
2990
- throw new Error("Usage: cw.js workbench serve [--port N] [--once] | view <run-id> [--json]");
2974
+ throw new Error("Usage: cw.js workbench serve [--port N] [--once] [--require-token] | view <run-id> [--json]");
2991
2975
  },
2992
2976
  }, "workbench.usage exists only to own the fixed usage-error text for an unrecognized workbench subcommand; every real workbench.* action is its own capability row above.");
2993
2977
  addCliOnlyCapability("worker.usage", "cw.js worker list|summary|show|manifest|output|fail|validate <run-id> [worker-id] [result-file]", {
@@ -5,7 +5,7 @@
5
5
  // src/orchestrator.ts:899-1007 in the old build (formatHelp,
6
6
  // formatCommandHelp) plus the color helpers `bold`/`dim` keyed off stdout.
7
7
  //
8
- // LOAD-BEARING LAYOUT (v2/PLAN.md byte-compat item 14 — do not "clean up"):
8
+ // LOAD-BEARING LAYOUT (docs/rebuild/PLAN.md byte-compat item 14 — do not "clean up"):
9
9
  // - The command-line rows under "Cool Workflow" and the `cw <path...>`
10
10
  // rows in formatCommandHelp use a 2-space indent. The CLI/MCP parity
11
11
  // help-token checker parses ONLY 2-space lines as command tokens.
@@ -21,7 +21,7 @@
21
21
  // milestone 5) are dropped from the literal table below and read from the
22
22
  // capability table instead, via `cliCommandHelpRows()`; every other verb
23
23
  // stays literal here until its own milestone lands. This satisfies
24
- // v2/PLAN.md milestone 2's own "done when": a CLI `--help` walk and an MCP
24
+ // docs/rebuild/PLAN.md milestone 2's own "done when": a CLI `--help` walk and an MCP
25
25
  // `tools/list` round-trip read the SAME table rows for any capability
26
26
  // wired into both.
27
27
  Object.defineProperty(exports, "__esModule", { value: true });
package/dist/core/hash.js CHANGED
@@ -6,7 +6,7 @@
6
6
  // content object, a list of strings) still comes in as a plain function
7
7
  // argument here.
8
8
  //
9
- // Per v2/PLAN.md's byte-compat section ("Hash dedup — three shapes, not one
9
+ // Per docs/rebuild/PLAN.md's byte-compat section ("Hash dedup — three shapes, not one
10
10
  // edge case"), this file must keep THREE things separate, each with its own
11
11
  // name, never collapsed into a single flagged helper:
12
12
  //
@@ -164,7 +164,7 @@ function stateNodeError(code, message, options = {}, now) {
164
164
  /** Byte-exact port of selectCandidate's own gate ordering: not-selectable
165
165
  * -> verifier-missing/no-evidence/empty-capture -> score-below-threshold.
166
166
  * Review-gate errors are NOT included here; the caller appends them
167
- * (v2/PLAN.md byte-compat / rebuild risk 8: append-only stacking, never
167
+ * (docs/rebuild/PLAN.md byte-compat / rebuild risk 8: append-only stacking, never
168
168
  * replacing a verifier error). */
169
169
  function selectionGateFailures(input, now) {
170
170
  const failures = [];
@@ -17,7 +17,7 @@
17
17
  // `failures`/`evidenceAdoption` from the multi-agent/topology/blackboard/
18
18
  // trust state actually built in this milestone (runtime.ts/topology.ts/
19
19
  // coordinator.ts/candidate-scoring.ts), NOT from the full operator-ux
20
- // module (out of this milestone's scope per v2/PLAN.md's build-order
20
+ // module (out of this milestone's scope per docs/rebuild/PLAN.md's build-order
21
21
  // list). The 9 optional v0.1.25/v0.1.26 sections (summaryFreshness
22
22
  // through reasoningUnexplained) default to `[]`, which SPEC/multi-
23
23
  // agent.md's own edge-case list says is valid for snapshots that predate
@@ -22,7 +22,7 @@
22
22
  // core/multi-agent/topology.ts, candidate-scoring.ts, and the host/step
23
23
  // layer have their OWN separate `unique` that does NOT sort (insertion-
24
24
  // order only) — never merge the two. See uniquedual-role-vs-candidate-
25
- // order.case.js and v2/PLAN.md byte-compat item 3.
25
+ // order.case.js and docs/rebuild/PLAN.md byte-compat item 3.
26
26
  //
27
27
  // Evidence: SPEC/multi-agent.md sections A ("Multi-agent kernel"), the
28
28
  // "Kernel error strings" and "Fanin blocked-reason strings" Exact-outputs
@@ -106,7 +106,7 @@ function pluralKind(kind) {
106
106
  }
107
107
  /** Status -> StateNodeStatus, kernel side (default `pending`). Kept
108
108
  * distinct from coordinator/classify.ts's own table (default
109
- * `completed`) per v2/PLAN.md byte-compat / rebuild risk 7 — collapsing
109
+ * `completed`) per docs/rebuild/PLAN.md byte-compat / rebuild risk 7 — collapsing
110
110
  * the two tables changes graph output and eval dependency_parity. */
111
111
  function statusToNodeStatus(status) {
112
112
  switch (status) {
@@ -25,7 +25,7 @@ function unique(values) {
25
25
  }
26
26
  /** Chair detection: lowercased `metadata.topologyRoleId` (or title)
27
27
  * contains "chair", "reducer", or "synthesizer". Judge detection:
28
- * contains "judge". Renaming a role changes its authority (v2/PLAN.md
28
+ * contains "judge". Renaming a role changes its authority (docs/rebuild/PLAN.md
29
29
  * byte-compat / rebuild risk 4 — substring match, not a flag). */
30
30
  function policyForRole(role) {
31
31
  const topologyRole = String(role.metadata?.topologyRoleId || role.title || "").toLowerCase();
@@ -2,7 +2,7 @@
2
2
  // core/pipeline/contract.ts — DEFAULT_PIPELINE_CONTRACT_ID,
3
3
  // createDefaultPipelineContract.
4
4
  //
5
- // MILESTONE 6+7 (combined; see v2/PLAN.md Open risk 10). Byte-exact port
5
+ // MILESTONE 6+7 (combined; see docs/rebuild/PLAN.md Open risk 10). Byte-exact port
6
6
  // of the old build's src/pipeline-contract.ts. Pure data.
7
7
  //
8
8
  // Evidence: SPEC/pipeline-run.md "Default contract — src/pipeline-
@@ -3,7 +3,7 @@
3
3
  // decision core: task selection, terminal/gate logic, token-budget check,
4
4
  // retry/park math, cache-key formulas.
5
5
  //
6
- // MILESTONE 6+7 (combined; the big one — see v2/PLAN.md Open risk 9).
6
+ // MILESTONE 6+7 (combined; the big one — see docs/rebuild/PLAN.md Open risk 9).
7
7
  // Every branch here is a pure function of already-loaded run state; it
8
8
  // does not itself spawn a process or touch disk. shell/drive.ts is the
9
9
  // thin imperative loop that calls these functions once per step and
@@ -2,7 +2,7 @@
2
2
  // core/state/contract-migration.ts — declared migration registry + prover.
3
3
  //
4
4
  // MILESTONE 3. Byte-exact port of the old build's src/contract-migration.ts
5
- // (renamed target per v2/PLAN.md's module layout note — listed there as
5
+ // (renamed target per docs/rebuild/PLAN.md's module layout note — listed there as
6
6
  // `pipeline/contract-migration.ts`, kept here under state/ since every
7
7
  // symbol it needs — RUN_STATE_MIGRATIONS, migrateRunState,
8
8
  // findMigrationPath — is this milestone's own state kernel and nothing in
@@ -10,7 +10,7 @@
10
10
  //
11
11
  // Evidence: SPEC/state-core.md "src/state-migrations.ts — run-state
12
12
  // migration", "Migration pipeline (migrateRunState)", "Normalization
13
- // defaults" (v2/PLAN.md byte-compat item 4).
13
+ // defaults" (docs/rebuild/PLAN.md byte-compat item 4).
14
14
  var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
15
15
  if (k2 === undefined) k2 = k;
16
16
  var desc = Object.getOwnPropertyDescriptor(m, k);
@@ -232,7 +232,7 @@ function reverseRunState(input, targetSchemaVersion, options = {}) {
232
232
  return { run: state, report };
233
233
  }
234
234
  /** Fill in every WorkflowRun default, each recorded as a StateMigrationChange.
235
- * Pinned defaults (v2/PLAN.md byte-compat item 4): epoch-0 ISO timestamps,
235
+ * Pinned defaults (docs/rebuild/PLAN.md byte-compat item 4): epoch-0 ISO timestamps,
236
236
  * cwd = three dirs above the run dir else process.cwd(), workflow.limits =
237
237
  * { maxAgents: 8, maxConcurrentAgents: 4 }, loopStage = "interpret" (any
238
238
  * unknown value overwritten). */
@@ -9,7 +9,7 @@
9
9
  // given `(run, clock)` — no direct fs/Date calls; `now` is always an
10
10
  // explicit parameter, `persist` is always a caller-supplied callback.
11
11
  //
12
- // RAW vs NORMALIZED fingerprints [v2/PLAN.md byte-compat item 8 — do not
12
+ // RAW vs NORMALIZED fingerprints [docs/rebuild/PLAN.md byte-compat item 8 — do not
13
13
  // merge these two code paths]:
14
14
  // - `sourceFingerprint` is RAW: built from the node's raw id/status/
15
15
  // updatedAt plus raw artifact/evidence id+path strings. ANY transition
@@ -26,7 +26,7 @@
26
26
  // file's collapse-rule machinery changing at all.
27
27
  //
28
28
  // Evidence: SPEC/state-core.md "buildCompactGraph(...)", "State-explosion
29
- // collapse rules"; v2/PLAN.md byte-compat item 9;
29
+ // collapse rules"; docs/rebuild/PLAN.md byte-compat item 9;
30
30
  // src/multi-agent-operator-ux.ts:153-227 (buildMultiAgentOperatorGraph).
31
31
  Object.defineProperty(exports, "__esModule", { value: true });
32
32
  exports.byId = exports.GRAPH_VIEWS = void 0;
@@ -220,7 +220,7 @@ function collapseRuleFor() {
220
220
  },
221
221
  };
222
222
  }
223
- /** Collapsible kinds ONLY (v2/PLAN.md byte-compat item 9): high-volume,
223
+ /** Collapsible kinds ONLY (docs/rebuild/PLAN.md byte-compat item 9): high-volume,
224
224
  * low-individual-signal. `decisions, artifacts, fanins, candidates,
225
225
  * selections, commits, feedback` are NEVER collapsed so failures,
226
226
  * evidence, policy, and judge rationale stay visible. */
@@ -414,7 +414,7 @@ function buildCompactGraphFromView(runId, full, view = "compact", options = {})
414
414
  protectedIds.add(node.id);
415
415
  }
416
416
  // Reasoning-critical nodes are on the critical path and must never be
417
- // collapsed into a synthetic summary node (v2/PLAN.md byte-compat item 9).
417
+ // collapsed into a synthetic summary node (docs/rebuild/PLAN.md byte-compat item 9).
418
418
  for (const id of options.reasoningCriticalIds || [])
419
419
  protectedIds.add(id);
420
420
  const parents = (0, helpers_1.parentMap)(full.edges);
@@ -467,7 +467,7 @@ function buildCompactGraphFromView(runId, full, view = "compact", options = {})
467
467
  buckets.set(bucketKey, [...(buckets.get(bucketKey) || []), node.id]);
468
468
  }
469
469
  // Buckets smaller than the collapse threshold stay expanded (unless
470
- // critical-path — v2/PLAN.md byte-compat item 9).
470
+ // critical-path — docs/rebuild/PLAN.md byte-compat item 9).
471
471
  const synthetic = [];
472
472
  const collapsedNodeIds = new Map(); // sourceNodeId -> syntheticId
473
473
  for (const [bucketKey, ids] of [...buckets.entries()].sort((a, b) => a[0].localeCompare(b[0]))) {
@@ -4,7 +4,7 @@
4
4
  //
5
5
  // MILESTONE 4. Byte-exact port of the old build's
6
6
  // src/state-explosion/helpers.ts. `fingerprintStrings`/`fingerprintRecords`
7
- // live in core/hash.ts (the one hash module, per v2/PLAN.md's byte-compat
7
+ // live in core/hash.ts (the one hash module, per docs/rebuild/PLAN.md's byte-compat
8
8
  // item 2) and are re-exported here so every importer of this file keeps
9
9
  // the same surface the old build had.
10
10
  //
@@ -13,7 +13,7 @@
13
13
  // a later milestone's topology/candidate/host-decide code has its OWN
14
14
  // separate `unique` (dedup-only, unsorted) that must NEVER be merged with
15
15
  // this one; collapsing them changes persisted record order and eval
16
- // parity (v2/PLAN.md byte-compat item 3, Open risk 2). See
16
+ // parity (docs/rebuild/PLAN.md byte-compat item 3, Open risk 2). See
17
17
  // core/state/state-node.ts's own local `unique` for the sibling that must
18
18
  // stay separate.
19
19
  //
@@ -34,7 +34,7 @@ const hash_1 = require("../../hash");
34
34
  Object.defineProperty(exports, "fingerprintRecords", { enumerable: true, get: function () { return hash_1.fingerprintRecords; } });
35
35
  Object.defineProperty(exports, "fingerprintStrings", { enumerable: true, get: function () { return hash_1.fingerprintStrings; } });
36
36
  /** True for `failed`, `blocked`, `rejected`, `conflicting` — the never-
37
- * collapse status set (v2/PLAN.md byte-compat item 9). */
37
+ * collapse status set (docs/rebuild/PLAN.md byte-compat item 9). */
38
38
  function isProtectedStatus(status) {
39
39
  return ["failed", "blocked", "rejected", "conflicting"].includes(status);
40
40
  }
@@ -6,7 +6,7 @@
6
6
  // Report`/`buildOperatorDigestWithContext` (src/state-explosion.ts) minus
7
7
  // the disk I/O — persistence (`refreshStateExplosionSummaries`'s writes,
8
8
  // `loadStateExplosionSummaryIndex`'s read) is shell/state-explosion-
9
- // cli.ts's job per v2/PLAN.md's core/shell split. This file only builds
9
+ // cli.ts's job per docs/rebuild/PLAN.md's core/shell split. This file only builds
10
10
  // the report VALUE from an in-memory run + an already-loaded index.
11
11
  //
12
12
  // See size.ts/graph.ts/digest.ts's own header notes on why `operatorDigest`
@@ -2,7 +2,7 @@
2
2
  // core/state/state-explosion/size.ts — computeStateSizeWithGraph,
3
3
  // DEFAULT_STATE_EXPLOSION_THRESHOLDS.
4
4
  //
5
- // MILESTONE 4 (v2/PLAN.md build order, step 4). Byte-exact port of the old
5
+ // MILESTONE 4 (docs/rebuild/PLAN.md build order, step 4). Byte-exact port of the old
6
6
  // build's src/state-explosion/size.ts. The counts are the same 12
7
7
  // categories the old build reads off `run.multiAgent`/`run.blackboard`
8
8
  // (loose `unknown[]`-typed record arrays at this milestone — see core/