create-issflow 1.6.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/bin/cli.js +11 -5
- package/package.json +1 -1
- package/template/.claude/agents/debugger.md +1 -1
- package/template/.claude/agents/e2e-runner.md +1 -1
- package/template/.claude/agents/implementer.md +1 -1
- package/template/.claude/agents/planner.md +1 -1
- package/template/.claude/agents/researcher.md +1 -1
- package/template/.claude/agents/test-author.md +1 -1
- package/template/.claude/commands/feature.md +6 -0
- package/template/.claude/commands/goal.md +77 -0
- package/template/.claude/commands/quick.md +7 -2
- package/template/.claude/hooks/session-start.js +2 -0
- package/template/.claude/istartsoft-flow/METHODOLOGY.md +38 -4
- package/template/.claude/templates/automation/Dockerfile +4 -0
- package/template/.claude/templates/automation/feature-docker.js +11 -10
- package/template/.claude/templates/automation/issflow-feature.yml +4 -3
- package/template/.claude/templates/automation/issflow-goal.yml +48 -0
package/README.md
CHANGED
|
@@ -31,7 +31,7 @@ Flags:
|
|
|
31
31
|
The portable kit (every tool) in `<project>/.claude/`:
|
|
32
32
|
|
|
33
33
|
- `agents/` — planner · researcher · implementer · test-author · debugger · e2e-runner · synthesizer
|
|
34
|
-
- `commands/` — `/overview` `/feature` `/propose` `/phase` `/sprint` `/ui-audit` `/qa-audit` `/security-audit` `/release` `/uat` `/change-request` `/replan` `/quick` `/synthesize` `/runbook` `/store-wisdom` `/log-issue` `/log-decision` `/unstuck`
|
|
34
|
+
- `commands/` — `/overview` `/feature` `/goal` `/propose` `/phase` `/sprint` `/ui-audit` `/qa-audit` `/security-audit` `/release` `/uat` `/change-request` `/replan` `/quick` `/synthesize` `/runbook` `/store-wisdom` `/log-issue` `/log-decision` `/unstuck`
|
|
35
35
|
- `skills/` — caveman · grill-me · karpathy-guidelines · ux-design · security · code-standards
|
|
36
36
|
- `hooks/` — session-start · context-guard · plan-gate (rule-13 enforcement) · pre-compact · subagent-stop · feature-gate (Stop gate for `/feature`, artifact-verified)
|
|
37
37
|
- `istartsoft-flow/METHODOLOGY.md` — the full methodology (single source of truth)
|
package/bin/cli.js
CHANGED
|
@@ -217,9 +217,9 @@ function agentsMd() {
|
|
|
217
217
|
'## Roles — `.claude/agents/`', '',
|
|
218
218
|
'planner · researcher · implementer · test-author · debugger · e2e-runner · synthesizer', '',
|
|
219
219
|
'## Procedures — `.claude/commands/` (run as `/name`)', '',
|
|
220
|
-
'/overview · /feature · /propose · /phase · /sprint · /ui-audit · /qa-audit ·
|
|
221
|
-
'/release · /uat · /change-request · /replan · /quick · /synthesize ·
|
|
222
|
-
'/log-issue · /log-decision · /unstuck', '',
|
|
220
|
+
'/overview · /feature · /goal · /propose · /phase · /sprint · /ui-audit · /qa-audit ·',
|
|
221
|
+
'/security-audit · /release · /uat · /change-request · /replan · /quick · /synthesize ·',
|
|
222
|
+
'/runbook · /store-wisdom · /log-issue · /log-decision · /unstuck', '',
|
|
223
223
|
'## Skills — `.claude/skills/` (loaded on demand)', '',
|
|
224
224
|
'caveman · grill-me · karpathy-guidelines · ux-design · security (Secure SDLC) · code-standards', '',
|
|
225
225
|
'## Autonomy', '',
|
|
@@ -237,7 +237,9 @@ function agentsMd() {
|
|
|
237
237
|
'11 Secure SDLC: threat-model → secure coding → SAST/SCA/secrets each phase → pentest',
|
|
238
238
|
'gate + security review before deploy (`security` skill) · 12 code-standards gate:',
|
|
239
239
|
'lint/format clean + naming per language idiom + declared architecture (`code-standards`) ·',
|
|
240
|
-
'13 PLAN-APPROVAL gate: no phase/sprint starts until `docs/PLAN.md` is human-approved
|
|
240
|
+
'13 PLAN-APPROVAL gate: no phase/sprint starts until `docs/PLAN.md` is human-approved ·',
|
|
241
|
+
'14 UNDERSTAND-FIRST gate: brief back any new free-text task and wait for confirm',
|
|
242
|
+
'before executing (an approved PLAN/FEATURE/CR/goal is the recorded confirmation).', '',
|
|
241
243
|
'## Your stack', '',
|
|
242
244
|
'Declare your stack (language, framework, infra, auth, test + E2E runner,',
|
|
243
245
|
'planning source) once in `docs/OVERVIEW.md`. Every rule references *your declared',
|
|
@@ -318,7 +320,10 @@ function main() {
|
|
|
318
320
|
|
|
319
321
|
// 3b. headless feature lane (opt-in): materialize the automation templates.
|
|
320
322
|
const autoDir = path.join(TPL, '.claude', 'templates', 'automation');
|
|
321
|
-
if (CI)
|
|
323
|
+
if (CI) {
|
|
324
|
+
writeFile(path.join('.github', 'workflows', 'issflow-feature.yml'), fs.readFileSync(path.join(autoDir, 'issflow-feature.yml'), 'utf8'));
|
|
325
|
+
writeFile(path.join('.github', 'workflows', 'issflow-goal.yml'), fs.readFileSync(path.join(autoDir, 'issflow-goal.yml'), 'utf8'));
|
|
326
|
+
}
|
|
322
327
|
if (DOCKER) {
|
|
323
328
|
writeFile('Dockerfile.issflow', fs.readFileSync(path.join(autoDir, 'Dockerfile'), 'utf8'));
|
|
324
329
|
writeFile(path.join('scripts', 'feature-docker.js'), fs.readFileSync(path.join(autoDir, 'feature-docker.js'), 'utf8'), { exec: true });
|
|
@@ -341,6 +346,7 @@ function main() {
|
|
|
341
346
|
for (const w of warnings) log(` ! ${w}`);
|
|
342
347
|
log(NEXT_STEPS[TOOL] || NEXT_STEPS.claude);
|
|
343
348
|
if (!CI && !DOCKER) log('Headless feature lane: re-run with --ci (GitHub Action) and/or --docker (container runner).');
|
|
349
|
+
log('New to the kit? Plain-language guide (EN/TH): https://iamstarter.github.io/istartsoftflow/how-to-use.html');
|
|
344
350
|
}
|
|
345
351
|
|
|
346
352
|
main();
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "create-issflow",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.7.0",
|
|
4
4
|
"description": "Scaffold the iStartSoftFlow AI-coding workflow into a project. Stack-agnostic, tool-agnostic (Claude Code, Codex, Cursor, Gemini, Aider), non-destructive.",
|
|
5
5
|
"bin": {
|
|
6
6
|
"create-issflow": "bin/cli.js"
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: debugger
|
|
3
3
|
description: Diagnoses one specific failing test or bug in an ISOLATED context. Keeps debug noise out of the main session.
|
|
4
4
|
tools: Read, Grep, Glob, Edit, Bash, Write
|
|
5
|
-
model:
|
|
5
|
+
model: inherit
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
You are the DEBUGGER. Caveman ULTRA mode.
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: e2e-runner
|
|
3
3
|
description: Writes and runs functional browser E2E (your declared E2E runner, e.g. Playwright) BLIND — reads the acceptance spec, OVERVIEW (stack), docs/ENDPOINTS.md, and the E2E runner config, never the implementation. Writes a trace to docs/research/e2e-<phase-slug>.md; returns a terse summary.
|
|
4
4
|
tools: Read, Grep, Glob, Write, Bash
|
|
5
|
-
model:
|
|
5
|
+
model: sonnet
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
You are the E2E-RUNNER. Caveman ULTRA mode.
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: implementer
|
|
3
3
|
description: Implements exactly one phase from docs/PLAN.md. Writes code only — no tests. On TDD phases runs in SCAFFOLD or FILL mode. Maintains docs/ENDPOINTS.md after each phase.
|
|
4
4
|
tools: Read, Grep, Glob, Edit, Write, Bash
|
|
5
|
-
model:
|
|
5
|
+
model: inherit
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
You are the IMPLEMENTER. Caveman ULTRA mode. Apply karpathy-guidelines skill.
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: planner
|
|
3
3
|
description: Turns research findings and OVERVIEW into a vertical-slice phase plan. Phase 0 (infra) leads only when infra is self-managed; with managed infra it is N/A. Last code phase always includes deployment. Writes docs/PLAN.md.
|
|
4
4
|
tools: Read, Grep, Glob, Write
|
|
5
|
-
model:
|
|
5
|
+
model: inherit
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
You are the PLANNER. Caveman ULTRA mode.
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: researcher
|
|
3
3
|
description: Two-mode fact gathering. DESIGN mode: domain/constraint research before planning — discovers service limits, API contracts, architectural constraints. IMPL mode: codebase + service investigation during a phase. Always checks KB snapshot first. Always writes findings to docs/research/, returns only terse summary + path.
|
|
4
4
|
tools: Read, Grep, Glob, Write, WebSearch, WebFetch
|
|
5
|
-
model:
|
|
5
|
+
model: sonnet
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
You are the RESEARCHER. Caveman ULTRA mode.
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
name: test-author
|
|
3
3
|
description: Writes tests for a phase WITHOUT reading the implementation logic. On TDD phases, writes the suite BEFORE logic exists (RED-first). Tests behavior from the plan's acceptance spec only.
|
|
4
4
|
tools: Read, Grep, Glob, Write, Bash
|
|
5
|
-
model:
|
|
5
|
+
model: inherit
|
|
6
6
|
---
|
|
7
7
|
|
|
8
8
|
You are the TEST-AUTHOR. Caveman ULTRA mode. You write UNBIASED tests.
|
|
@@ -146,6 +146,12 @@ All slices done + full feature suite green -> check gate `build-green`.
|
|
|
146
146
|
- Self-review: reread the diff against FEATURE.md acceptance criteria — every
|
|
147
147
|
criterion maps to a test; every assumption still holds.
|
|
148
148
|
- Run the regression corpus (`scripts/regression.sh`) + the full real suite.
|
|
149
|
+
No regression corpus in this repo (fresh brownfield install)? -> run the
|
|
150
|
+
project's OWN full test suite (the test command declared in OVERVIEW.md, or
|
|
151
|
+
the repo's obvious one — package.json test script, make test, pytest, …) and
|
|
152
|
+
note "corpus: n/a (brownfield)" in the summary. NOTHING runnable at all ->
|
|
153
|
+
that is a hard-stop: a feature cannot be verified green on a repo with no
|
|
154
|
+
tests; say so instead of pretending.
|
|
149
155
|
Green -> check gates `review-harden` + `regression-green`.
|
|
150
156
|
|
|
151
157
|
## 7. MANUAL TEST PLAN
|
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: Goal layer — declare an OUTCOME, then let the kit drive lanes toward it until done, blocked, or budget spent. Goal-driven (stops on the outcome), not just time-driven like an interval loop.
|
|
3
|
+
argument-hint: [set "<outcome>" · run [id] · status · done <id> · drop <id> · "dry-run"]
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
Caveman ULTRA mode. You are the ORCHESTRATOR. Goals live in `docs/GOALS.md`.
|
|
7
|
+
|
|
8
|
+
A GOAL is bigger than one task: "clear the approved feature queue", "get the
|
|
9
|
+
release candidate green", "close every open HIGH issue". The goal layer picks
|
|
10
|
+
the next actionable unit, routes it through the RIGHT lane (METHODOLOGY → Lane
|
|
11
|
+
routing), and repeats — with the same gates every lane already enforces.
|
|
12
|
+
|
|
13
|
+
DRY-RUN: with `dry-run`, `/goal run` prints the pick-order + lanes it would fire
|
|
14
|
+
and STOPS. `/goal set` always stops at the confirmation gate anyway.
|
|
15
|
+
|
|
16
|
+
---
|
|
17
|
+
|
|
18
|
+
## /goal set "<outcome>"
|
|
19
|
+
|
|
20
|
+
1. UNDERSTAND-FIRST gate (hard rule 14) — BRIEF-BACK before writing anything:
|
|
21
|
+
- the outcome as YOU understand it, restated in one paragraph
|
|
22
|
+
- **Done when** — a measurable finish line (else the loop never terminates)
|
|
23
|
+
- scope / out-of-scope · assumptions · which lanes will likely fire
|
|
24
|
+
- **Budget** — max units per run (features/phases/quick fixes) so a runaway
|
|
25
|
+
goal cannot burn the wallet
|
|
26
|
+
STOP for explicit confirmation. Correction -> re-brief. Never skip this.
|
|
27
|
+
2. On confirm, append to `docs/GOALS.md`:
|
|
28
|
+
```
|
|
29
|
+
## G<n> — <outcome> [active]
|
|
30
|
+
> Done when: <measurable condition>
|
|
31
|
+
> Budget: <max units per run / other caps>
|
|
32
|
+
> Approved: <name> <date>
|
|
33
|
+
```
|
|
34
|
+
The `Approved:` line is what arms HEADLESS goal runs (same doctrine as the
|
|
35
|
+
feature lane: recorded consent, scoped to this goal).
|
|
36
|
+
|
|
37
|
+
## /goal run [id] (default: the single active goal)
|
|
38
|
+
|
|
39
|
+
LOOP — repeat until a stop condition:
|
|
40
|
+
1. PICK the next actionable unit, in this order:
|
|
41
|
+
a. an in-progress unit in STATE (finish what is started)
|
|
42
|
+
b. an APPROVED, pending `docs/features/*/FEATURE.md` that advances the goal
|
|
43
|
+
c. the next pending PLAN phase that advances the goal (plan must be approved — rule 13)
|
|
44
|
+
d. an open ISSUES.md item inside the goal's scope (route `/quick` or `/feature`)
|
|
45
|
+
Nothing actionable -> report + stop.
|
|
46
|
+
2. ROUTE it through the lane-routing table (`/feature` · `/phase` · `/quick`).
|
|
47
|
+
The lane runs with ALL its own gates — the goal layer never bypasses one.
|
|
48
|
+
3. TICK: append one line under the goal (`- [x] <unit> — <lane> — <result>`),
|
|
49
|
+
decrement budget, update STATE (`goal: G<n> (active — <units left>)`).
|
|
50
|
+
4. CHECK "Done when". Met -> mark `[done]`, STATE `goal: G<n> (done)`, final
|
|
51
|
+
report (units shipped · parked blockers · budget used). Not met -> loop.
|
|
52
|
+
|
|
53
|
+
STOP conditions (whichever first): Done-when met · budget spent · a lane
|
|
54
|
+
hard-stop (surface it; headless: `BLOCKED.md` + clean exit) · nothing actionable.
|
|
55
|
+
Every stop produces ONE consolidated report — never a silent end.
|
|
56
|
+
|
|
57
|
+
## /goal status · /goal done <id> · /goal drop <id>
|
|
58
|
+
|
|
59
|
+
Show goals + progress ticks · force-close (human says it's done) · abandon
|
|
60
|
+
(log why). Both edits keep the history lines — GOALS.md is append-style memory.
|
|
61
|
+
|
|
62
|
+
---
|
|
63
|
+
|
|
64
|
+
## Recurrence (running a goal on a schedule)
|
|
65
|
+
|
|
66
|
+
`/goal run` is one pass: it works until done/blocked/budget. To keep pressure on
|
|
67
|
+
a long goal, re-fire the pass on a schedule — host-level, not kit-level:
|
|
68
|
+
- **Claude Code web/desktop**: `/loop 30m /goal run` — the host's interval loop
|
|
69
|
+
re-invokes the pass; the goal layer supplies the state + finish line that a
|
|
70
|
+
bare interval loop lacks (it stops itself when Done-when is met).
|
|
71
|
+
- **CI (headless)**: `create-issflow --ci` also installs
|
|
72
|
+
`.github/workflows/issflow-goal.yml` — a cron-ready workflow that runs
|
|
73
|
+
`/goal run` with `ISSFLOW_HEADLESS=1` (schedule commented out by default;
|
|
74
|
+
uncomment to arm). The `Approved:` line in GOALS.md is the recorded consent.
|
|
75
|
+
- **Docker**: `node scripts/feature-docker.js` per feature stays the unit
|
|
76
|
+
runner; a goal pass inside a container is `claude -p "/goal run"` on the
|
|
77
|
+
same image (cron it with the scheduler you already have).
|
|
@@ -21,11 +21,16 @@ If any fail -> STOP, tell me, recommend `/phase`.
|
|
|
21
21
|
(Hard rule 10: never route phase-worthy work through `/quick` to dodge the RED gate.)
|
|
22
22
|
|
|
23
23
|
Steps:
|
|
24
|
+
0. UNDERSTAND-FIRST (hard rule 14): brief back in 2–3 lines — the change as you
|
|
25
|
+
understand it · file(s) you'll touch · blast radius — and WAIT for my confirm.
|
|
26
|
+
One cheap turn beats redoing a misunderstood edit. (Already confirmed in this
|
|
27
|
+
conversation? say so and proceed — don't re-ask the same understanding.)
|
|
24
28
|
1. grep docs/ISSUES.md for anything related.
|
|
25
29
|
2. Make the change. Smallest diff that works.
|
|
26
30
|
3. Run it — lint/typecheck/smoke. Show me result.
|
|
27
|
-
4. REGRESSION GUARD: run `scripts/regression.sh` (mock corpus).
|
|
28
|
-
|
|
31
|
+
4. REGRESSION GUARD: run `scripts/regression.sh` (mock corpus). No corpus in this
|
|
32
|
+
repo? run the project's own test suite instead (or the touched area's tests).
|
|
33
|
+
A break BLOCKS the `/quick` — surface it to me and stop. No agent chain is added.
|
|
29
34
|
5. Error you cannot fix in 2 tries -> STOP. Recommend `/phase`.
|
|
30
35
|
6. Change revealed a bug -> `/log-issue`.
|
|
31
36
|
7. ARCHITECTURE SELF-CHECK: touched an agent, hook, command, or workflow rule?
|
|
@@ -139,6 +139,8 @@ emit(' Hard-stops only: security / irreversible-or-outbound actions / contradic
|
|
|
139
139
|
emit('- caveman ULTRA mode is active.');
|
|
140
140
|
emit('- PLAN-APPROVAL gate (rule 13): no /phase or /sprint while STATE `plan:` reads');
|
|
141
141
|
emit(' PENDING — the plan needs a human sign-off via /overview first.');
|
|
142
|
+
emit('- UNDERSTAND-FIRST (rule 14): new free-text task -> brief back your understanding');
|
|
143
|
+
emit(' (goal · scope · assumptions · blast radius) and WAIT for confirm before executing.');
|
|
142
144
|
emit('- before debugging ANY error: grep ISSUES.md AND research/INDEX.md first.');
|
|
143
145
|
emit('- debug attempts: WARN at 2; cap 3. AUTO: log + park the slice + continue (batched');
|
|
144
146
|
emit(' report at the phase boundary). GUIDED: stop and ask you.');
|
|
@@ -258,6 +258,20 @@ can. Escalation is at most two hops.
|
|
|
258
258
|
|
|
259
259
|
The orchestrator ROUTES. It does not implement or debug.
|
|
260
260
|
|
|
261
|
+
**Model routing (per-role tiers).** Each role's `.claude/agents/<role>.md` pins a
|
|
262
|
+
`model:` tier suited to its work, so the RIGHT model runs each task by default:
|
|
263
|
+
|
|
264
|
+
| Role | `model:` | Why |
|
|
265
|
+
|------|----------|-----|
|
|
266
|
+
| planner · debugger · implementer · test-author | `inherit` | hardest reasoning — follows the session model the OWNER picked (`/model` / `--model`), so one choice cascades |
|
|
267
|
+
| researcher · e2e-runner | `sonnet` | judgment-heavy but mid-tier is the sweet spot |
|
|
268
|
+
| synthesizer | `haiku` | mechanical compression — cheapest tier |
|
|
269
|
+
|
|
270
|
+
Owner wants a SPECIFIC model? Edit the role's `model:` line — values `haiku` ·
|
|
271
|
+
`sonnet` · `opus` · `inherit` · or a full model id. The installer is
|
|
272
|
+
non-destructive, so your pins survive kit updates. Hosts without per-agent model
|
|
273
|
+
support run everything on the session model (graceful degrade).
|
|
274
|
+
|
|
261
275
|
-----
|
|
262
276
|
|
|
263
277
|
## Procedures (the slash-command set)
|
|
@@ -272,6 +286,7 @@ Named procedures, each with a canonical body in `.claude/commands/<name>.md`.
|
|
|
272
286
|
| New FEATURE on an existing product | `/feature` (scaffold the doc with `/feature new`) |
|
|
273
287
|
| Small, obvious, non-phase change (a fix, a rename, a copy tweak) | `/quick` |
|
|
274
288
|
| Scope change to already-approved work | `/change-request` |
|
|
289
|
+
| An OUTCOME spanning several units ("clear the feature queue") | `/goal` (drives the lanes above) |
|
|
275
290
|
| Whole-product quality sweep / pre-release | `/ui-audit` · `/qa-audit` · `/security-audit` · `/release` |
|
|
276
291
|
|
|
277
292
|
On ambiguity between `/quick` and `/feature`: does it add or change a public
|
|
@@ -287,6 +302,12 @@ surface or need its own acceptance criteria? -> `/feature`. Otherwise `/quick`.
|
|
|
287
302
|
story into a PENDING doc (approval stays human). Gate checklist in
|
|
288
303
|
`docs/features/<slug>/GATES.md`, enforced by the `Stop` hook with artifact
|
|
289
304
|
verification. Headless-capable (CI / Docker, `ISSFLOW_HEADLESS=1`). See "Feature lane".
|
|
305
|
+
- **goal [set|run|status|done|drop]** — the goal layer: declare an OUTCOME with a
|
|
306
|
+
measurable Done-when + budget (`set`, behind the rule-14 brief-back), then
|
|
307
|
+
`run` loops pick-next-unit → route lane → tick until done / budget / hard-stop.
|
|
308
|
+
Goal-driven, not time-driven: it stops itself on the finish line. Recurrence is
|
|
309
|
+
host-level (interval loop or the cron-ready `issflow-goal.yml`). `docs/GOALS.md`
|
|
310
|
+
holds state; its `Approved:` line arms headless passes.
|
|
290
311
|
- **propose** — turn approved requirements + stack into `PROPOSAL.md` (scope, phase
|
|
291
312
|
breakdown, effort + cost estimate, assumptions) with a client sign-off gate.
|
|
292
313
|
- **change-request** — a mid-project scope change: impact analysis + re-estimate +
|
|
@@ -441,7 +462,7 @@ Mirrors the installer's `--dry-run`. (In a dry-run, even AUTO never acts — it
|
|
|
441
462
|
|
|
442
463
|
-----
|
|
443
464
|
|
|
444
|
-
## Hard rules (1–
|
|
465
|
+
## Hard rules (1–14)
|
|
445
466
|
|
|
446
467
|
1. Before debugging ANY error: grep `docs/ISSUES.md` AND `docs/research/INDEX.md`.
|
|
447
468
|
The SESSION-OPEN ritual surfaces ISSUES.md — there is no excuse to miss it.
|
|
@@ -505,6 +526,16 @@ Mirrors the installer's `--dry-run`. (In a dry-run, even AUTO never acts — it
|
|
|
505
526
|
the planning twin of the commercial sign-off gate (`/propose`). A `/replan` that
|
|
506
527
|
adds or reshapes UNBUILT scope reverts the affected plan to `PENDING` and
|
|
507
528
|
re-surfaces it for confirmation before those phases run.
|
|
529
|
+
14. **UNDERSTAND-FIRST gate (brief-back).** No new task starts executing on an
|
|
530
|
+
unconfirmed understanding. Any command that takes free-text work (`/quick`,
|
|
531
|
+
`/change-request`, `/goal set`, the `/overview` grill) BRIEFS BACK first:
|
|
532
|
+
restate the task — goal · scope · out-of-scope · assumptions · plan sketch ·
|
|
533
|
+
blast radius — then WAIT for explicit confirmation before touching anything.
|
|
534
|
+
A recorded approval artifact IS the confirmation for its lane (approved
|
|
535
|
+
PLAN → phases · APPROVED FEATURE doc → the feature lane · approved CR → the
|
|
536
|
+
change · `Approved:` goal → goal runs) — that is exactly what arms headless.
|
|
537
|
+
Rationale: a wrong understanding burns tokens and context at 100× the cost
|
|
538
|
+
of one confirm turn. AUTO governs execution AFTER intake, never instead of it.
|
|
508
539
|
|
|
509
540
|
-----
|
|
510
541
|
|
|
@@ -561,10 +592,13 @@ the KB. The kit works normally without a KB.
|
|
|
561
592
|
`BLOCKED.md` (headless blocker reports).
|
|
562
593
|
- `docs/WISDOM-QUEUE.md` — auto-appended wisdom candidates from feature runs;
|
|
563
594
|
`/store-wisdom` reads it before pushing to the shared KB (push stays human).
|
|
564
|
-
- `.claude/templates/automation/` — headless-runner sources (GitHub
|
|
595
|
+
- `.claude/templates/automation/` — headless-runner sources (GitHub Actions ·
|
|
565
596
|
Dockerfile · docker wrapper), materialized by `create-issflow --ci` /
|
|
566
|
-
`--docker` as `.github/workflows/issflow-feature.yml`
|
|
567
|
-
|
|
597
|
+
`--docker` as `.github/workflows/issflow-feature.yml` +
|
|
598
|
+
`.github/workflows/issflow-goal.yml` (cron-ready, disarmed by default) ·
|
|
599
|
+
`Dockerfile.issflow` · `scripts/feature-docker.js`.
|
|
600
|
+
- `docs/GOALS.md` — the goal layer's state: one `## G<n>` block per goal
|
|
601
|
+
(Done-when · Budget · `Approved:` line · progress ticks). Maintained by `/goal`.
|
|
568
602
|
- `.claude/templates/FEATURE-template.md` — the Feature-doc form `/feature new`
|
|
569
603
|
scaffolds (Approval/Automation headers + spec sections).
|
|
570
604
|
- `docs/STATE.md` — current position. Small. Rewritten, not appended.
|
|
@@ -28,6 +28,10 @@ RUN useradd --create-home --shell /bin/sh runner
|
|
|
28
28
|
USER runner
|
|
29
29
|
WORKDIR /work
|
|
30
30
|
|
|
31
|
+
# the mounted repo is owned by the HOST uid, not `runner` — without this every
|
|
32
|
+
# git command fails with "detected dubious ownership in repository".
|
|
33
|
+
RUN git config --global --add safe.directory '*'
|
|
34
|
+
|
|
31
35
|
# headless marker — /feature degrades every hard-stop to a BLOCKED report + clean exit.
|
|
32
36
|
ENV ISSFLOW_HEADLESS=1
|
|
33
37
|
|
|
@@ -82,16 +82,17 @@ if (useWorktree) {
|
|
|
82
82
|
console.log(`feature-docker: parallel lane — this run is isolated in ${wt}; your checkout stays untouched.`);
|
|
83
83
|
}
|
|
84
84
|
|
|
85
|
-
console.log(`feature-docker: running /feature ${doc} in ${IMAGE}
|
|
86
|
-
const args = [
|
|
87
|
-
|
|
88
|
-
'
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
//
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
85
|
+
console.log(`feature-docker: running /feature ${doc} in ${IMAGE}`);
|
|
86
|
+
const args = ['run', '--rm', '--entrypoint', 'claude'];
|
|
87
|
+
if (useWorktree) {
|
|
88
|
+
// a worktree's git metadata references BOTH trees by absolute HOST path
|
|
89
|
+
// (.git file -> main .git/worktrees/<n>; gitdir file -> back to the worktree).
|
|
90
|
+
// Mount both at their host paths so every pointer resolves in-container.
|
|
91
|
+
// (Path-identical mounts: Linux/macOS; on Windows use the default mode.)
|
|
92
|
+
args.push('-v', `${repo}:${repo}`, '-v', `${mountDir}:${mountDir}`, '-w', mountDir);
|
|
93
|
+
} else {
|
|
94
|
+
args.push('-v', `${mountDir}:/work`, '-w', '/work');
|
|
95
|
+
}
|
|
95
96
|
args.push(
|
|
96
97
|
'-e', 'ANTHROPIC_API_KEY',
|
|
97
98
|
'-e', 'ISSFLOW_HEADLESS=1'
|
|
@@ -66,9 +66,10 @@ jobs:
|
|
|
66
66
|
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
|
|
67
67
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
68
68
|
prompt: "/feature ${{ env.FEATURE_DOC }}"
|
|
69
|
-
#
|
|
70
|
-
#
|
|
71
|
-
|
|
69
|
+
# Broad allowlist via the documented --allowedTools flag (the ephemeral
|
|
70
|
+
# runner is the sandbox). The Stop hook (feature-gate.js) still enforces
|
|
71
|
+
# the gate checklist inside the run.
|
|
72
|
+
claude_args: "--allowedTools Bash,Edit,Write,Read,Glob,Grep,Task,WebFetch,WebSearch,TodoWrite"
|
|
72
73
|
|
|
73
74
|
# The lane's own delivery step (git push / PR) runs inside Claude per the
|
|
74
75
|
# doc's `> Automation:` header. This job only reports.
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# iStartSoftFlow — scheduled goal pass (GitHub Actions).
|
|
2
|
+
# Installed by `npx create-issflow --ci` as .github/workflows/issflow-goal.yml.
|
|
3
|
+
#
|
|
4
|
+
# Runs ONE `/goal run` pass headless: pick next actionable unit -> route lane ->
|
|
5
|
+
# tick -> repeat until Done-when / budget / hard-stop. The goal's `> Approved:`
|
|
6
|
+
# line in docs/GOALS.md is the recorded consent that arms the run; a lane
|
|
7
|
+
# hard-stop writes BLOCKED.md and exits cleanly. It never merges, never deploys.
|
|
8
|
+
#
|
|
9
|
+
# DISARMED BY DEFAULT: uncomment `schedule:` to run on cron. Manual dispatch
|
|
10
|
+
# always works. Setup: secret ANTHROPIC_API_KEY + Actions write permissions
|
|
11
|
+
# (same as issflow-feature.yml).
|
|
12
|
+
|
|
13
|
+
name: issflow-goal
|
|
14
|
+
|
|
15
|
+
on:
|
|
16
|
+
workflow_dispatch:
|
|
17
|
+
inputs:
|
|
18
|
+
goal_id:
|
|
19
|
+
description: Goal id to run (blank = the single active goal)
|
|
20
|
+
required: false
|
|
21
|
+
type: string
|
|
22
|
+
# schedule:
|
|
23
|
+
# - cron: '0 1 * * 1-5' # 01:00 UTC weekdays — one pass per night
|
|
24
|
+
|
|
25
|
+
permissions:
|
|
26
|
+
contents: write
|
|
27
|
+
pull-requests: write
|
|
28
|
+
issues: write
|
|
29
|
+
|
|
30
|
+
jobs:
|
|
31
|
+
goal:
|
|
32
|
+
runs-on: ubuntu-latest
|
|
33
|
+
timeout-minutes: 120
|
|
34
|
+
steps:
|
|
35
|
+
- uses: actions/checkout@v4
|
|
36
|
+
with:
|
|
37
|
+
fetch-depth: 0
|
|
38
|
+
|
|
39
|
+
- name: Run one goal pass
|
|
40
|
+
uses: anthropics/claude-code-action@v1
|
|
41
|
+
env:
|
|
42
|
+
ISSFLOW_HEADLESS: "1"
|
|
43
|
+
with:
|
|
44
|
+
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
|
|
45
|
+
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
46
|
+
prompt: "/goal run ${{ inputs.goal_id }}"
|
|
47
|
+
# Documented --allowedTools flag; the ephemeral runner is the sandbox.
|
|
48
|
+
claude_args: "--allowedTools Bash,Edit,Write,Read,Glob,Grep,Task,WebFetch,WebSearch,TodoWrite"
|