delimit-cli 4.5.8 → 4.5.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -6
- package/gateway/ai/governance.py +1 -1
- package/gateway/ai/server.py +32 -7
- package/gateway/core/contract_ledger.py +1 -1
- package/gateway/core/dependency_graph.py +1 -1
- package/gateway/core/dependency_manifest.py +1 -1
- package/gateway/core/event_backbone.py +2 -2
- package/gateway/core/event_schema.py +1 -1
- package/gateway/core/impact_analyzer.py +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -219,7 +219,7 @@ Real-world specs can ship malformed shapes. The diff engine now defends against
|
|
|
219
219
|
|
|
220
220
|
### Fixed
|
|
221
221
|
- **Exit-shim counter undercounting** — previously missed commits outside `SESSION_CWD` and dropped Z-suffixed timestamps; both now captured.
|
|
222
|
-
- **Proprietary path leaks** — sync-gateway.sh EXCLUDE list hardened to keep
|
|
222
|
+
- **Proprietary path leaks** — sync-gateway.sh EXCLUDE list hardened to keep portfolio-specific files (social.py, social_target.py, inbox_daemon.py, founding_users.py, deliberation.py) out of the npm bundle.
|
|
223
223
|
|
|
224
224
|
### Tests
|
|
225
225
|
- Gateway: 163/163 passing on changed-file tests (social.py, social_target.py, supabase_sync).
|
|
@@ -610,8 +610,8 @@ Real-world specs can ship malformed shapes. The diff engine now defends against
|
|
|
610
610
|
- Wire local API server into setup flow (STR-057) (223a647d)
|
|
611
611
|
- release: v3.11.4 — CLAUDE.md auto-update with versioned markers (66db96dd)
|
|
612
612
|
- security: remove infect.js, hardcoded paths, stale shell scripts (ddb2b1a8)
|
|
613
|
-
- security: remove all
|
|
614
|
-
- security: remove
|
|
613
|
+
- security: remove all internal doctrine references from gateway stubs (1d802a2b)
|
|
614
|
+
- security: remove holdco adapters from public repo (c976fa8a)
|
|
615
615
|
- release: v3.11.1 — MCP/AI keywords for npm discoverability (ba984f17)
|
|
616
616
|
- release: v3.11.0 — agent identity, secrets broker, approval gates (78557ea8)
|
|
617
617
|
- update: CLI description to match brand positioning (75ff6842)
|
|
@@ -623,7 +623,7 @@ Real-world specs can ship malformed shapes. The diff engine now defends against
|
|
|
623
623
|
- v3.9.1: download Pro modules from delimit.ai CDN (public URL, no auth needed) (b1462fd4)
|
|
624
624
|
- v3.9.0: Pro source removed from public package — compiled modules download at install (e4fe7baf)
|
|
625
625
|
- v3.8.2: Gemini governance trigger + history scrub (116ffb1a)
|
|
626
|
-
- security: remove node_modules and
|
|
626
|
+
- security: remove node_modules and holdco adapters from public repo (f67f3b92)
|
|
627
627
|
- v3.8.1: governance trigger in all instruction files + MCP server description (7c525231)
|
|
628
628
|
- v3.7.1: CLI-first deliberation + gateway sync + path cleanup (1555691d)
|
|
629
629
|
- v3.7.0: cross-model positioning + models configure + release sync (4c9cbcb7)
|
|
@@ -698,7 +698,7 @@ Real-world specs can ship malformed shapes. The diff engine now defends against
|
|
|
698
698
|
- **LED-061**: [P0] DomainVested: Consistency audit — verdict/flip/action must agree
|
|
699
699
|
- **LED-062**: [P1] Brand: Add SVG logo to site, favicon, GitHub org avatar, npm
|
|
700
700
|
- **LED-063**: [P0] Governance trigger shipped in npm — instruction files + MCP description
|
|
701
|
-
- **LED-064**: [P0] Security: removed
|
|
701
|
+
- **LED-064**: [P0] Security: removed holdco adapters + node_modules from public repo
|
|
702
702
|
- **LED-065**: [P0] ChatOps: Build app.delimit.ai into a unified project management interface
|
|
703
703
|
- **LED-066**: [P0] Split repos: free tools public, Pro tools private, npm bundles both
|
|
704
704
|
- **LED-067**: [P0] License: add periodic re-validation (30 day) with 7 day grace period
|
|
@@ -1064,7 +1064,7 @@ Real-world specs can ship malformed shapes. The diff engine now defends against
|
|
|
1064
1064
|
- GitHub Action smoke test workflow
|
|
1065
1065
|
|
|
1066
1066
|
### Fixed
|
|
1067
|
-
- Gemini deliberation HTTP 400 (ADC credentials +
|
|
1067
|
+
- Gemini deliberation HTTP 400 (ADC credentials + project mismatch)
|
|
1068
1068
|
- Deliberation timeout: parallelized round 1 (46% faster)
|
|
1069
1069
|
- Sensor dedup: titles include repo/issue to prevent duplicates
|
|
1070
1070
|
- Test-mode guard prevents ledger pollution from tests
|
package/gateway/ai/governance.py
CHANGED
|
@@ -49,7 +49,7 @@ NON_DELEGABLE_OPERATION_CLASSES = frozenset({
|
|
|
49
49
|
"constitutional_rewrite", # edits to founder doctrine canon outside managed sections
|
|
50
50
|
"authority_class_expansion", # adding a new class of tool / agent / gate
|
|
51
51
|
"irreversible_capital_commit", # capital commitments above non-delegable threshold
|
|
52
|
-
"venture_kill", # shutting down
|
|
52
|
+
"venture_kill", # shutting down an internal venture
|
|
53
53
|
"permission_escalation", # granting elevated access (sudo, admin, write-as-other)
|
|
54
54
|
"public_truth_claim", # public statement / marketing assertion outrunning evidence
|
|
55
55
|
})
|
package/gateway/ai/server.py
CHANGED
|
@@ -8498,7 +8498,16 @@ def delimit_inbox_daemon(action: str = "status") -> Dict[str, Any]:
|
|
|
8498
8498
|
action: 'start' (begin polling), 'stop' (halt polling),
|
|
8499
8499
|
'status' (show daemon state, last poll, failures).
|
|
8500
8500
|
"""
|
|
8501
|
-
|
|
8501
|
+
try:
|
|
8502
|
+
from ai.inbox_daemon import start_daemon, stop_daemon, get_daemon_status
|
|
8503
|
+
except (ImportError, ModuleNotFoundError):
|
|
8504
|
+
# LED-1261: backing module is gateway-only (excluded from npm bundle).
|
|
8505
|
+
# Customers calling this get a graceful message instead of a raw traceback.
|
|
8506
|
+
return _with_next_steps("inbox_daemon", {
|
|
8507
|
+
"status": "not_available",
|
|
8508
|
+
"error": "delimit_inbox_daemon is an internal Delimit feature not shipped in the npm bundle.",
|
|
8509
|
+
"hint": "Pro customers interested in inbox automation can contact pro@delimit.ai.",
|
|
8510
|
+
})
|
|
8502
8511
|
|
|
8503
8512
|
if action == "start":
|
|
8504
8513
|
return _with_next_steps("inbox_daemon", start_daemon())
|
|
@@ -8547,11 +8556,19 @@ def delimit_self_repair_daemon(action: str = "status") -> Dict[str, Any]:
|
|
|
8547
8556
|
'status' (running / last_pass / breaches_emitted /
|
|
8548
8557
|
consecutive_failures).
|
|
8549
8558
|
"""
|
|
8550
|
-
|
|
8551
|
-
|
|
8552
|
-
|
|
8553
|
-
|
|
8554
|
-
|
|
8559
|
+
try:
|
|
8560
|
+
from ai.self_repair_daemon import (
|
|
8561
|
+
start_daemon as _sr_start,
|
|
8562
|
+
stop_daemon as _sr_stop,
|
|
8563
|
+
get_daemon_status as _sr_status,
|
|
8564
|
+
)
|
|
8565
|
+
except (ImportError, ModuleNotFoundError):
|
|
8566
|
+
# LED-1261: backing module is gateway-only (excluded from npm bundle).
|
|
8567
|
+
return _with_next_steps("self_repair_daemon", {
|
|
8568
|
+
"status": "not_available",
|
|
8569
|
+
"error": "delimit_self_repair_daemon is an internal Delimit feature not shipped in the npm bundle.",
|
|
8570
|
+
"hint": "Pro customers interested in self-repair watcher can contact pro@delimit.ai.",
|
|
8571
|
+
})
|
|
8555
8572
|
|
|
8556
8573
|
if action == "start":
|
|
8557
8574
|
return _with_next_steps("self_repair_daemon", _sr_start())
|
|
@@ -8581,7 +8598,15 @@ def delimit_corp_dashboard() -> Dict[str, Any]:
|
|
|
8581
8598
|
{"error": "..."} for that key only and never crashes the whole call.
|
|
8582
8599
|
Gateway-only — not shipped in the npm bundle.
|
|
8583
8600
|
"""
|
|
8584
|
-
|
|
8601
|
+
try:
|
|
8602
|
+
from ai.corp_dashboard import get_corp_dashboard
|
|
8603
|
+
except (ImportError, ModuleNotFoundError):
|
|
8604
|
+
# LED-1261: backing module is gateway-only (excluded from npm bundle).
|
|
8605
|
+
return _with_next_steps("corp_dashboard", {
|
|
8606
|
+
"status": "not_available",
|
|
8607
|
+
"error": "delimit_corp_dashboard is an internal Delimit feature not shipped in the npm bundle.",
|
|
8608
|
+
"hint": "Pro customers interested in the corp dashboard surface can contact pro@delimit.ai.",
|
|
8609
|
+
})
|
|
8585
8610
|
result = get_corp_dashboard()
|
|
8586
8611
|
return _with_next_steps("corp_dashboard", result)
|
|
8587
8612
|
|
|
@@ -3,7 +3,7 @@ Delimit Contract Ledger
|
|
|
3
3
|
Reads, validates, and queries the append-only JSONL event ledger.
|
|
4
4
|
Optional SQLite index for fast lookups (never required for CI).
|
|
5
5
|
|
|
6
|
-
Per
|
|
6
|
+
Per Delimit governance principles:
|
|
7
7
|
- Deterministic outputs
|
|
8
8
|
- Append-only artifacts
|
|
9
9
|
- SQLite index is optional, not required for CI
|
|
@@ -5,7 +5,7 @@ Constructs a deterministic service dependency graph from manifests.
|
|
|
5
5
|
The graph maps each API/service to its downstream consumers,
|
|
6
6
|
enabling impact analysis when an API contract changes.
|
|
7
7
|
|
|
8
|
-
Per
|
|
8
|
+
Per Delimit governance principles:
|
|
9
9
|
- Deterministic outputs (sorted, reproducible)
|
|
10
10
|
- No telemetry
|
|
11
11
|
- Graceful degradation when manifests are missing
|
|
@@ -3,7 +3,7 @@ Delimit Event Backbone
|
|
|
3
3
|
Constructs ledger events, generates SHA-256 hashes, links hash chains,
|
|
4
4
|
and appends to the append-only JSONL ledger.
|
|
5
5
|
|
|
6
|
-
Per
|
|
6
|
+
Per Delimit governance principles:
|
|
7
7
|
- Deterministic outputs
|
|
8
8
|
- Append-only artifacts
|
|
9
9
|
- Fail-closed CI behavior (ledger failures never affect CI)
|
|
@@ -199,7 +199,7 @@ class EventBackbone:
|
|
|
199
199
|
This is the primary API for event generation. It is best-effort:
|
|
200
200
|
if the ledger write fails, the event is still returned but not persisted.
|
|
201
201
|
|
|
202
|
-
CRITICAL: This method NEVER raises exceptions. Per
|
|
202
|
+
CRITICAL: This method NEVER raises exceptions. Per Delimit doctrine,
|
|
203
203
|
ledger failures must not affect CI pass/fail outcome.
|
|
204
204
|
|
|
205
205
|
Returns:
|
|
@@ -3,7 +3,7 @@ Delimit Impact Analyzer
|
|
|
3
3
|
Determines downstream consumers affected by an API change
|
|
4
4
|
and produces informational impact summaries for CI output.
|
|
5
5
|
|
|
6
|
-
Per
|
|
6
|
+
Per Delimit governance principles:
|
|
7
7
|
- Impact analysis is INFORMATIONAL ONLY
|
|
8
8
|
- NEVER affects CI pass/fail outcome
|
|
9
9
|
- Deterministic outputs
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "delimit-cli",
|
|
3
3
|
"mcpName": "io.github.delimit-ai/delimit-mcp-server",
|
|
4
|
-
"version": "4.5.
|
|
4
|
+
"version": "4.5.10",
|
|
5
5
|
"description": "Unify Claude Code, Codex, Cursor, and Gemini CLI with persistent context, governance, and multi-model debate.",
|
|
6
6
|
"main": "index.js",
|
|
7
7
|
"files": [
|