cool-workflow 0.2.4 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (155) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/.codex-plugin/plugin.json +1 -1
  3. package/.gemini-plugin/mcp.json +10 -0
  4. package/.gemini-plugin/plugin.json +40 -0
  5. package/.opencode-plugin/mcp.json +10 -0
  6. package/.opencode-plugin/plugin.json +40 -0
  7. package/README.md +204 -48
  8. package/apps/architecture-review/app.json +1 -1
  9. package/apps/architecture-review-fast/app.json +1 -1
  10. package/apps/end-to-end-golden-path/app.json +1 -1
  11. package/apps/pr-review-fix-ci/app.json +1 -1
  12. package/apps/release-cut/app.json +1 -1
  13. package/apps/research-synthesis/app.json +1 -1
  14. package/dist/cli/dispatch.js +32 -4
  15. package/dist/cli/entry.js +11 -19
  16. package/dist/cli/global-flags.js +113 -0
  17. package/dist/cli/parseargv.js +7 -1
  18. package/dist/core/capability-data.js +337 -8
  19. package/dist/core/format/help.js +73 -3
  20. package/dist/core/format/recovery-hint.js +32 -0
  21. package/dist/core/multi-agent/collaboration.js +35 -6
  22. package/dist/core/multi-agent/runtime.js +7 -0
  23. package/dist/core/multi-agent/trust-policy.js +7 -1
  24. package/dist/core/pipeline/contract.js +7 -0
  25. package/dist/core/pipeline/error-feedback.js +2 -2
  26. package/dist/core/state/run-paths.js +3 -30
  27. package/dist/core/trust/evidence-grounding.js +13 -1
  28. package/dist/core/util/cli-args.js +22 -0
  29. package/dist/core/version.js +1 -1
  30. package/dist/mcp/dispatch.js +22 -2
  31. package/dist/mcp/server.js +215 -36
  32. package/dist/mcp/tool-process.js +181 -0
  33. package/dist/mcp-server.js +28 -1
  34. package/dist/shell/agent-config.js +11 -2
  35. package/dist/shell/audit-cli.js +1 -1
  36. package/dist/shell/commit.js +8 -2
  37. package/dist/shell/coordinator-io.js +73 -1
  38. package/dist/shell/drive.js +195 -128
  39. package/dist/shell/error-feedback-io.js +6 -0
  40. package/dist/shell/execution-backend/agent.js +201 -26
  41. package/dist/shell/execution-backend/container.js +44 -10
  42. package/dist/shell/execution-backend/local.js +33 -0
  43. package/dist/shell/fs-atomic.js +96 -12
  44. package/dist/shell/ledger-cli.js +9 -2
  45. package/dist/shell/metrics-cli.js +1 -1
  46. package/dist/shell/multi-agent-cli.js +9 -2
  47. package/dist/shell/multi-agent-operator-ux.js +1 -1
  48. package/dist/shell/observability.js +7 -4
  49. package/dist/shell/onramp.js +48 -5
  50. package/dist/shell/operator-ux.js +1 -1
  51. package/dist/shell/perf-trace.js +136 -0
  52. package/dist/shell/pipeline.js +3 -2
  53. package/dist/shell/reclamation-io.js +10 -9
  54. package/dist/shell/report-view-cli.js +2 -0
  55. package/dist/shell/run-export-cli.js +5 -2
  56. package/dist/shell/run-export.js +293 -31
  57. package/dist/shell/run-registry-io.js +8 -0
  58. package/dist/shell/run-store.js +183 -3
  59. package/dist/shell/scheduler-io.js +101 -10
  60. package/dist/shell/state-explosion-cli.js +4 -1
  61. package/dist/shell/telemetry-demo.js +1 -1
  62. package/dist/shell/telemetry-ledger-io.js +36 -24
  63. package/dist/shell/trust-audit.js +178 -36
  64. package/dist/shell/workbench-host.js +121 -10
  65. package/dist/shell/workbench.js +83 -6
  66. package/dist/shell/worker-isolation.js +1 -1
  67. package/dist/wiring/capability-table/basics.js +5 -0
  68. package/dist/wiring/capability-table/exec-backend.js +40 -22
  69. package/dist/wiring/capability-table/parity.js +10 -5
  70. package/dist/wiring/capability-table/pipeline.js +32 -0
  71. package/dist/wiring/capability-table/registry-core.js +26 -3
  72. package/dist/wiring/capability-table/reporting.js +7 -1
  73. package/dist/wiring/capability-table/scheduling-registry.js +8 -2
  74. package/dist/wiring/capability-table/trust-ledger.js +54 -12
  75. package/docs/agent-delegation-drive.7.md +17 -0
  76. package/docs/cli-mcp-parity.7.md +46 -5
  77. package/docs/contract-migration-tooling.7.md +4 -0
  78. package/docs/control-plane-scheduling.7.md +38 -0
  79. package/docs/cross-agent-ledger.7.md +20 -8
  80. package/docs/durable-state-and-locking.7.md +4 -0
  81. package/docs/evidence-adoption-reasoning-chain.7.md +4 -0
  82. package/docs/execution-backends.7.md +4 -0
  83. package/docs/fix.7.md +4 -4
  84. package/docs/getting-started.md +40 -32
  85. package/docs/index.md +17 -0
  86. package/docs/launch/demo.tape +4 -3
  87. package/docs/mcp-app-surface.7.md +27 -0
  88. package/docs/multi-agent-cli-mcp-surface.7.md +4 -0
  89. package/docs/multi-agent-eval-replay-harness.7.md +4 -0
  90. package/docs/multi-agent-operator-ux.7.md +4 -0
  91. package/docs/node-snapshot-diff-replay.7.md +4 -0
  92. package/docs/observability-cost-accounting.7.md +4 -0
  93. package/docs/project-index.md +53 -9
  94. package/docs/real-execution-backends.7.md +4 -0
  95. package/docs/release-and-migration.7.md +4 -0
  96. package/docs/release-tooling.7.md +12 -0
  97. package/docs/routine.7.md +22 -0
  98. package/docs/run-registry-control-plane.7.md +37 -9
  99. package/docs/run-retention-reclamation.7.md +12 -4
  100. package/docs/state-explosion-management.7.md +4 -0
  101. package/docs/team-collaboration.7.md +4 -0
  102. package/docs/trust-audit-anchor.7.md +4 -0
  103. package/docs/web-desktop-workbench.7.md +72 -2
  104. package/docs/workflow-app-framework.7.md +31 -0
  105. package/manifest/plugin.manifest.json +1 -1
  106. package/manifest/source-context-profiles.json +4 -3
  107. package/package.json +6 -3
  108. package/scripts/agents/agent-adapter-core.js +26 -0
  109. package/scripts/agents/claude-p-agent.js +4 -1
  110. package/scripts/agents/codex-agent.js +4 -0
  111. package/scripts/agents/cw-attest-wrap.js +1 -1
  112. package/scripts/agents/gemini-agent.js +4 -0
  113. package/scripts/agents/opencode-agent.js +5 -0
  114. package/scripts/block-unapproved-tag.js +160 -0
  115. package/scripts/canonical-apps.js +4 -4
  116. package/scripts/children/batch-delegate-child.js +72 -4
  117. package/scripts/children/http-batch-delegate-child.js +132 -0
  118. package/scripts/children/http-delegate-child.js +8 -0
  119. package/scripts/dogfood-release.js +2 -2
  120. package/scripts/fake-date-for-reproduction.js +1 -1
  121. package/scripts/gen-manifests.js +32 -61
  122. package/scripts/golden-path.js +4 -4
  123. package/scripts/lang-policy-check.js +82 -0
  124. package/scripts/parity-check.js +42 -23
  125. package/scripts/purity-baseline.json +0 -3
  126. package/scripts/purity-gate.js +16 -3
  127. package/scripts/release-check.js +2 -1
  128. package/scripts/release-flow.js +169 -41
  129. package/scripts/release-gate.js +208 -0
  130. package/scripts/release-oneclick.js +38 -7
  131. package/scripts/release-tags.js +47 -0
  132. package/scripts/schema-version-inventory.json +31 -0
  133. package/scripts/validate-run-state-schema.js +95 -4
  134. package/scripts/verdict-keygen.js +2 -2
  135. package/scripts/verify-bump-reproduction.js +193 -0
  136. package/scripts/verify-release-verdict.js +139 -0
  137. package/scripts/verify-verdict-signature.js +1 -1
  138. package/ui/workbench/app.css +50 -10
  139. package/ui/workbench/app.js +269 -34
  140. package/ui/workbench/index.html +4 -2
  141. package/ui/workbench/inspection.js +51 -0
  142. package/ui/workbench/navigation.js +44 -0
  143. package/docs/agent-framework.md +0 -177
  144. package/docs/designs/handoff-ledger.md +0 -145
  145. package/docs/dogfood/resume-drive-real-agent-2026-06-14.md +0 -40
  146. package/docs/launch/launch-kit.md +0 -195
  147. package/docs/launch/pre-launch-checklist.md +0 -53
  148. package/docs/readme-v0.1.87-full.md +0 -301
  149. package/docs/routines.md +0 -101
  150. package/docs/scheduled-tasks.md +0 -80
  151. package/scripts/agents/claude-p-agent.sh +0 -9
  152. package/scripts/block-unapproved-tag.sh +0 -75
  153. package/scripts/release-gate.sh +0 -94
  154. package/scripts/verify-bump-reproduction.sh +0 -148
  155. package/scripts/verify-container-selfref.js +0 -64
@@ -1,148 +0,0 @@
1
- #!/usr/bin/env bash
2
- # verify-bump-reproduction.sh — closes the HEAD~1 verdict-replay bypass.
3
- #
4
- # release-gate.yml / npm-publish.yml tolerate a verdict written for the tag
5
- # commit's PARENT (release-flow.js's cut() reviews content, then adds a
6
- # mechanical version-bump + the verdict as a NEW child commit that actually
7
- # gets tagged). A validly-signed verdict at the parent proves someone once
8
- # approved THAT commit — it does NOT prove the child (the thing actually being
9
- # tagged) is the deterministic bump cut() would have produced, rather than an
10
- # attacker's own commit smuggling in arbitrary changes on top of an old,
11
- # genuinely-approved parent (a real signature on a REPLAYED verdict).
12
- #
13
- # This script independently reproduces the bump: checks out the approved
14
- # parent into a scratch worktree, runs the SAME bump:version/sync:project-index
15
- # steps cut() runs, stages the SAME way cut() stages (git add -u + the
16
- # explicit verdict/.sig paths, never -A), and requires the resulting tree to
17
- # match the ACTUAL tagged commit's tree byte-for-byte. Any difference —
18
- # anywhere, including a single added file — fails closed.
19
- #
20
- # Usage: verify-bump-reproduction.sh <approved-parent-sha> <tagged-sha> <verdict-repo-relative-path> [sig-repo-relative-path]
21
- #
22
- # Exit 0: the tagged commit's tree matches the reproduced bump exactly.
23
- # Exit 1: mismatch, or any step failed (install, bump, sync, worktree, etc).
24
- set -uo pipefail
25
-
26
- # Where THIS SCRIPT ITSELF lives — distinct from REPO_ROOT (the git repo being
27
- # operated ON, resolved below from the invocation cwd). These coincide in
28
- # ordinary production use (the script runs from within the same checkout it
29
- # verifies), but conflating them is wrong: REPO_ROOT could be an ARBITRARY git
30
- # context (e.g. a test harness's throwaway clone of old history, which never
31
- # has this script's own sibling files, since they postdate whatever was
32
- # cloned). Sibling files this script depends on must be found relative to
33
- # where it is installed, never relative to the repo it happens to be pointed at.
34
- SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
35
-
36
- PARENT="${1:-}"
37
- TAGGED="${2:-}"
38
- VERDICT_REL="${3:-}"
39
- SIG_REL="${4:-}"
40
- if [[ -z "$PARENT" || -z "$TAGGED" || -z "$VERDICT_REL" ]]; then
41
- echo "usage: verify-bump-reproduction.sh <parent-sha> <tagged-sha> <verdict-rel-path> [sig-rel-path]" >&2
42
- exit 1
43
- fi
44
-
45
- REPO_ROOT="$(git rev-parse --show-toplevel)" || exit 1
46
- SCRATCH_PARENT="$(mktemp -d)"
47
- SCRATCH="$SCRATCH_PARENT/wt"
48
- cleanup() {
49
- git -C "$REPO_ROOT" worktree remove --force "$SCRATCH" >/dev/null 2>&1
50
- rm -rf "$SCRATCH_PARENT"
51
- }
52
- trap cleanup EXIT
53
-
54
- if ! git -C "$REPO_ROOT" worktree add --quiet --detach "$SCRATCH" "$PARENT" 2>/dev/null; then
55
- echo "verify-bump-reproduction: could not create a scratch worktree at $PARENT" >&2
56
- exit 1
57
- fi
58
-
59
- # The target version comes from the TAGGED commit (not the parent, which may
60
- # still be pre-bump) — read via git plumbing, no separate checkout needed.
61
- VERSION="$(git -C "$REPO_ROOT" show "$TAGGED:plugins/cool-workflow/package.json" 2>/dev/null | node -e '
62
- let s=""; process.stdin.on("data",d=>s+=d).on("end",()=>{ try { process.stdout.write(JSON.parse(s).version||""); } catch { process.stdout.write(""); } });
63
- ')"
64
- if [[ -z "$VERSION" ]]; then
65
- echo "verify-bump-reproduction: could not read package.json version from tagged commit $TAGGED" >&2
66
- exit 1
67
- fi
68
-
69
- # sync-project-index.js embeds a wall-clock "Generated on <date>" line. Pin it
70
- # to the TAGGED commit's own committer date (UTC) via a Node --require preload
71
- # that overrides the global Date constructor (fake-date-for-reproduction.js),
72
- # NOT an application-level env var: the scratch worktree runs the APPROVED
73
- # PARENT's OWN checked-out copy of sync-project-index.js, which for every
74
- # release cut before this mechanism existed has no idea any such env var is
75
- # meant to be read — an app-level opt-in is a no-op against code that doesn't
76
- # know to opt in, so it can only ever "work" for releases cut after the
77
- # mechanism landed (confirmed empirically: re-running an already-shipped
78
- # release's real approved-parent/tagged pair on a later calendar day produced
79
- # a tree mismatch whose ONLY diff was that one date line). A global override
80
- # of the Date constructor, injected before any application code runs, is
81
- # transparent to the code being executed regardless of which version it is.
82
- CUT_DATE="$(TZ=UTC git -C "$REPO_ROOT" show -s --format=%cd --date=format-local:%Y-%m-%d "$TAGGED" 2>/dev/null)"
83
- if [[ -z "$CUT_DATE" ]]; then
84
- echo "verify-bump-reproduction: could not read the tagged commit's committer date" >&2
85
- exit 1
86
- fi
87
- FAKE_DATE_PRELOAD="$SCRIPT_DIR/fake-date-for-reproduction.js"
88
-
89
- # Each step's exit code is checked EXPLICITLY and immediately (not via a
90
- # `cmd1 && cmd2 && cmd3` chain) — a chain's overall success can silently
91
- # survive an earlier step's failure if a future edit ever loosens it (e.g.
92
- # `&&` accidentally becoming `;`), which would flip this fail-closed gate to
93
- # fail-open without changing its outward shape. stdout/stderr from each step
94
- # are captured (not discarded to /dev/null) so a real failure — a transient
95
- # npm registry hiccup vs. an actual reproduction mismatch — is distinguishable
96
- # in the workflow log instead of both collapsing into the same generic message.
97
- run_step() {
98
- local label="$1"
99
- shift
100
- local out
101
- out="$("$@" 2>&1)"
102
- local code=$?
103
- if [[ $code -ne 0 ]]; then
104
- echo "verify-bump-reproduction: $label failed (exit $code):" >&2
105
- echo "$out" >&2
106
- return 1
107
- fi
108
- return 0
109
- }
110
-
111
- (
112
- cd "$SCRATCH/plugins/cool-workflow" || exit 1
113
- export NODE_OPTIONS="--require $FAKE_DATE_PRELOAD"
114
- export CW_FAKE_DATE="$CUT_DATE"
115
- run_step "npm install" npm install --no-package-lock --ignore-scripts || exit 1
116
- run_step "bump:version" npm run bump:version -- "$VERSION" || exit 1
117
- run_step "sync:project-index" npm run sync:project-index -- --repo-only || exit 1
118
- )
119
- BUMP_STATUS=$?
120
- if [[ $BUMP_STATUS -ne 0 ]]; then
121
- echo "verify-bump-reproduction: reproducing the bump for $PARENT -> v$VERSION failed" >&2
122
- exit 1
123
- fi
124
-
125
- mkdir -p "$SCRATCH/.cw-release"
126
- cp "$REPO_ROOT/$VERDICT_REL" "$SCRATCH/$VERDICT_REL" || exit 1
127
- if [[ -n "$SIG_REL" && -f "$REPO_ROOT/$SIG_REL" ]]; then
128
- cp "$REPO_ROOT/$SIG_REL" "$SCRATCH/$SIG_REL" || exit 1
129
- fi
130
-
131
- # Mirror cut()'s OWN staging exactly (git-add -u + the explicit verdict/.sig
132
- # paths) — never -A, so an untracked stray left by npm/tooling in the scratch
133
- # worktree can never silently ride into what we compare.
134
- git -C "$SCRATCH" add -u
135
- git -C "$SCRATCH" add -- "$VERDICT_REL"
136
- if [[ -n "$SIG_REL" && -f "$SCRATCH/$SIG_REL" ]]; then
137
- git -C "$SCRATCH" add -- "$SIG_REL"
138
- fi
139
-
140
- EXPECTED_TREE="$(git -C "$SCRATCH" write-tree)"
141
- ACTUAL_TREE="$(git -C "$REPO_ROOT" rev-parse "$TAGGED^{tree}")"
142
-
143
- if [[ "$EXPECTED_TREE" != "$ACTUAL_TREE" ]]; then
144
- echo "verify-bump-reproduction: $TAGGED's tree ($ACTUAL_TREE) does not match the deterministic bump reproduced from approved parent $PARENT ($EXPECTED_TREE) — refusing" >&2
145
- exit 1
146
- fi
147
-
148
- exit 0
@@ -1,64 +0,0 @@
1
- #!/usr/bin/env node
2
- "use strict";
3
-
4
- // verify-container-selfref — the v0.1.34 self-referential acceptance check.
5
- //
6
- // Runs CW's own `node dist/cli.js list` through the `node` backend AND the
7
- // `container` backend, and asserts result + evidence are byte-IDENTICAL after
8
- // provenance is excluded (backendId/handle/attestation differ by design). This is
9
- // the bar that proves a delegated run is backend-agnostic.
10
- //
11
- // Requires a RUNNING container daemon and a pullable node image. Not part of
12
- // release:check (CI has no daemon); run it manually before tagging v0.1.34.
13
- //
14
- // node scripts/verify-container-selfref.js
15
- // CW_CONTAINER_IMAGE=node:22-slim node scripts/verify-container-selfref.js
16
- //
17
- // Exit: 0 PASS · 1 FAIL (evidence differs) · 2 node backend did not complete ·
18
- // 3 SKIP (container refused — daemon down / image not pullable).
19
-
20
- const path = require("node:path");
21
-
22
- const pluginRoot = path.resolve(__dirname, "..");
23
- const { runBackend } = require(path.join(pluginRoot, "dist/execution-backend.js"));
24
- const { showBundledSandboxProfile, sandboxContextForValidation } = require(path.join(pluginRoot, "dist/sandbox-profile.js"));
25
-
26
- const image = (process.env.CW_CONTAINER_IMAGE || "node:lts-slim").trim();
27
- const cli = path.join(pluginRoot, "dist", "cli.js");
28
- const ctx = sandboxContextForValidation(pluginRoot);
29
- const policy = showBundledSandboxProfile("default", ctx);
30
-
31
- const common = { schemaVersion: 1, command: "node", args: [cli, "list"], cwd: pluginRoot, sandboxPolicy: policy, label: "cw-self-verify" };
32
- const nodeEnv = runBackend({ ...common, backendId: "node" });
33
- const containerEnv = runBackend({ ...common, backendId: "container", delegation: { image } });
34
-
35
- const line = (label, e) => ` ${label.padEnd(9)} status=${e.status} backend=${e.provenance.backendId} evidence=${JSON.stringify(e.evidence)}`;
36
- process.stdout.write(`verify-container-selfref (image: ${image})\n${line("node", nodeEnv)}\n${line("container", containerEnv)}\n`);
37
-
38
- if (nodeEnv.status !== "completed") {
39
- process.stderr.write(`\n✗ node backend did not complete (${nodeEnv.status}) — cannot compare.\n`);
40
- process.exit(2);
41
- }
42
- if (containerEnv.status === "refused") {
43
- process.stderr.write(
44
- `\n⚠ SKIP — container refused (${containerEnv.evidence[0]}).\n` +
45
- ` ${containerEnv.result.summary}\n` +
46
- ` Start the container daemon and ensure the image is pullable (e.g. \`docker pull ${image}\`), then re-run.\n`
47
- );
48
- process.exit(3);
49
- }
50
-
51
- const sameResult = JSON.stringify(nodeEnv.result) === JSON.stringify(containerEnv.result);
52
- const sameEvidence = JSON.stringify(nodeEnv.evidence) === JSON.stringify(containerEnv.evidence);
53
- if (containerEnv.status === "completed" && sameResult && sameEvidence) {
54
- process.stdout.write("\n✓ PASS — container result + evidence are byte-identical to node (provenance differs, as designed).\n");
55
- process.exit(0);
56
- }
57
-
58
- process.stderr.write(
59
- `\n✗ FAIL — container output differs from node (status=${containerEnv.status}):\n` +
60
- ` node evidence: ${JSON.stringify(nodeEnv.evidence)}\n` +
61
- ` container evidence: ${JSON.stringify(containerEnv.evidence)}\n` +
62
- ` (a node-version difference in the image can change stdout; pin CW_CONTAINER_IMAGE to a matching node.)\n`
63
- );
64
- process.exit(1);