freshcontext-mcp 0.3.20 → 0.3.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. package/README.md +55 -9
  2. package/SECURITY.md +9 -7
  3. package/dist/adapters/arxiv.d.ts +15 -0
  4. package/dist/adapters/arxiv.js +1 -1
  5. package/dist/adapters/changelog.d.ts +2 -0
  6. package/dist/adapters/finance.d.ts +2 -0
  7. package/dist/adapters/finance.js +1 -1
  8. package/dist/adapters/gdelt.d.ts +2 -0
  9. package/dist/adapters/gdelt.js +1 -1
  10. package/dist/adapters/gebiz.d.ts +2 -0
  11. package/dist/adapters/gebiz.js +1 -1
  12. package/dist/adapters/github.d.ts +2 -0
  13. package/dist/adapters/govcontracts.d.ts +2 -0
  14. package/dist/adapters/hackernews.d.ts +2 -0
  15. package/dist/adapters/jobs.d.ts +2 -0
  16. package/dist/adapters/jobs.js +6 -6
  17. package/dist/adapters/packageTrends.d.ts +2 -0
  18. package/dist/adapters/productHunt.d.ts +2 -0
  19. package/dist/adapters/reddit.d.ts +8 -0
  20. package/dist/adapters/reddit.js +1 -1
  21. package/dist/adapters/registry.d.ts +19 -0
  22. package/dist/adapters/repoSearch.d.ts +2 -0
  23. package/dist/adapters/repoSearch.js +1 -1
  24. package/dist/adapters/scholar.d.ts +2 -0
  25. package/dist/adapters/secFilings.d.ts +2 -0
  26. package/dist/adapters/secFilings.js +1 -1
  27. package/dist/adapters/yc.d.ts +2 -0
  28. package/dist/core/decay.d.ts +5 -0
  29. package/dist/core/decision.d.ts +3 -0
  30. package/dist/core/decision.js +1 -3
  31. package/dist/core/envelope.d.ts +5 -0
  32. package/dist/core/explain.d.ts +12 -0
  33. package/dist/core/guards.d.ts +1 -0
  34. package/dist/core/index.d.ts +14 -0
  35. package/dist/core/index.js +2 -0
  36. package/dist/core/pipeline.d.ts +3 -0
  37. package/dist/core/pipeline.js +8 -0
  38. package/dist/core/provenance.d.ts +5 -0
  39. package/dist/core/provenanceReadiness.d.ts +2 -0
  40. package/dist/core/provenanceReadiness.js +220 -0
  41. package/dist/core/rank.d.ts +4 -0
  42. package/dist/core/readable.d.ts +2 -0
  43. package/dist/core/readable.js +75 -0
  44. package/dist/core/signal.d.ts +3 -0
  45. package/dist/core/sourceProfiles.d.ts +4 -0
  46. package/dist/core/sourceProfiles.js +20 -0
  47. package/dist/core/types.d.ts +239 -0
  48. package/dist/core/utility.d.ts +2 -0
  49. package/dist/rest/handler.d.ts +1 -0
  50. package/dist/security.d.ts +15 -0
  51. package/dist/server.d.ts +2 -0
  52. package/dist/server.js +2 -2
  53. package/dist/tools/evaluateContext.d.ts +21 -0
  54. package/dist/tools/evaluateContext.js +3 -1
  55. package/dist/tools/freshnessStamp.d.ts +1 -0
  56. package/dist/types.d.ts +1 -0
  57. package/docs/API_DESIGN.md +28 -1
  58. package/docs/CLIENT_SETUP.md +4 -4
  59. package/docs/CODEX_MCP_USAGE.md +3 -3
  60. package/docs/CORE_API.md +79 -15
  61. package/docs/CORE_MCP_BOUNDARY.md +13 -4
  62. package/docs/FUTURE_LANES.md +43 -43
  63. package/docs/HUMAN_READABLE_OUTPUT_CONTRACT.md +293 -0
  64. package/docs/RELEASE_NOTES.md +49 -5
  65. package/docs/SIGNAL_CONTRACT.md +215 -213
  66. package/docs/SOURCE_PROFILES.md +69 -24
  67. package/package-script-guard.mjs +84 -75
  68. package/package.json +16 -1
  69. package/server.json +2 -2
@@ -0,0 +1,293 @@
1
+ # Human-Readable Output Contract
2
+
3
+ Status: implemented MVP contract.
4
+
5
+ This document describes the reader-facing output layer over FreshContext Core decisions. The MVP is implemented as an additive Core helper and `evaluate_context` structured JSON field. It does not change Core behavior, ranking, decision labels, utility math, Worker behavior, package version, deployment state, or public site copy.
6
+
7
+ FreshContext is not truth itself. FreshContext records why context was trusted, down-ranked, questioned, refreshed, watched, backgrounded, or excluded before an AI system uses it.
8
+
9
+ ## Purpose
10
+
11
+ FreshContext Core already returns machine decisions, reasons, warnings, utility, freshness, confidence, Source Profile context, and provenance material. The human-readable output layer should make those results understandable without exposing every internal score first.
12
+
13
+ The output should answer:
14
+
15
+ - Can I use this context?
16
+ - Why was this source treated this way?
17
+ - What reached the model?
18
+ - What was kept out?
19
+ - Can another agent inherit this context safely?
20
+
21
+ ## Audiences
22
+
23
+ - Normal readers need a short status, reason, and warning.
24
+ - Analysts and buyers need an evidence table that shows why each source was treated differently.
25
+ - Developers need a stable JSON shape for future SDK, API, MCP, and CLI formatting.
26
+ - Multi-agent workflows need enough identity and judgment metadata for one agent to hand context to another without losing evidence boundaries.
27
+
28
+ ## Non-Goals
29
+
30
+ This contract does not:
31
+
32
+ - certify truth
33
+ - provide professional guidance in legal, clinical, tax, employment, academic, or financial domains
34
+ - change Core scoring or ranking
35
+ - make utility control decision labels
36
+ - wire adapters into Core
37
+ - add `evaluate_source`
38
+ - define a live hosted API response
39
+ - replace Signal Contract v1
40
+ - claim Ha-Pri v2 production enforcement
41
+
42
+ ## Decision Vocabulary
43
+
44
+ FreshContext should keep the current Core machine decisions as the stable machine layer.
45
+
46
+ | Machine decision | Reader label | Meaning | Human action | Agent action | Must not claim |
47
+ | --- | --- | --- | --- | --- | --- |
48
+ | `use_first` | Use first | Strong, current context for the task. | Read or place this near the top of the working context. | Prioritize in the context bundle. | This is guaranteed true. |
49
+ | `cite_as_primary` | Primary source | Relevant, current, and traceable enough to use as main evidence. | Use as main evidence while applying normal review. | Use as primary citation evidence. | This source proves the claim by itself. |
50
+ | `cite_as_supporting` | Supporting source | Useful evidence, but not enough to stand alone as the latest or strongest support. | Pair with a clearer, newer, or more authoritative source. | Include as supporting context, not sole evidence. | This is sufficient primary evidence. |
51
+ | `use_as_background` | Background only | Relevant context, but not strong enough for current-evidence claims. | Use for framing, history, or orientation. | Keep lower in the context bundle. | This is current proof. |
52
+ | `needs_verification` | Needs verification | Possibly useful, but timing, confidence, or traceability is uncertain. | Verify before relying on it. | Do not use as trusted primary context. | This source is false. |
53
+ | `needs_refresh` | Needs refresh | Possibly useful, but too stale or date-uncertain for this source type. | Re-query or find a newer source. | Refresh retrieval before use. | This source is useless or false. |
54
+ | `watch_only` | Watch only | Interesting signal, but not strong enough to prioritize. | Monitor or keep as weak signal. | Keep out of primary reasoning unless requested. | This is actionable evidence. |
55
+ | `exclude` | Excluded | Failed, too weak, unsafe, or not useful enough for the final context bundle. | Keep out unless manually reviewed. | Do not pass to the model as useful context. | This is legally or factually invalid. |
56
+
57
+ ## Reader Card
58
+
59
+ The Reader Card is for normal humans. It should be short and decision-first.
60
+
61
+ Example:
62
+
63
+ ```txt
64
+ Status: Primary source
65
+
66
+ Why:
67
+ Recent, directly relevant, and traceable enough for main evidence.
68
+
69
+ Watch-outs:
70
+ FreshContext does not certify truth.
71
+
72
+ What FreshContext did:
73
+ Ranked this source above weaker, stale, or unclear candidates before model use.
74
+ ```
75
+
76
+ Recommended fields:
77
+
78
+ - `status`
79
+ - `why`
80
+ - `watch_outs`
81
+ - `what_freshcontext_did`
82
+
83
+ The Reader Card should not lead with raw scores unless a technical user asks for them.
84
+
85
+ The current MVP is the `readable` object returned inside each structured `evaluate_context` result:
86
+
87
+ ```json
88
+ {
89
+ "decision": "cite_as_primary",
90
+ "label": "Cite as primary",
91
+ "readable": {
92
+ "label": "Primary source",
93
+ "summary": "This source is strong enough to use as main evidence.",
94
+ "why": [
95
+ "Strong semantic match and current freshness for arxiv.",
96
+ "source profile academic_research uses lenient date policy",
97
+ "intent profile citation_check selected"
98
+ ],
99
+ "action": "Use this as main evidence while preserving citation and provenance.",
100
+ "warnings": [
101
+ "FreshContext judges citation readiness and context usefulness; it does not certify truth."
102
+ ]
103
+ }
104
+ }
105
+ ```
106
+
107
+ `readable.why` is capped at five reasons to keep output readable and deterministic.
108
+
109
+ The readable object translates Core decisions into user-facing language. It does not change ranking, decision labels, utility scoring, or source intake.
110
+
111
+ ## Analyst Evidence Table
112
+
113
+ The Analyst Evidence Table is for buyers, reviewers, and smart non-technical readers who need to compare multiple sources.
114
+
115
+ Recommended columns:
116
+
117
+ | Column | Plain meaning |
118
+ | --- | --- |
119
+ | Decision | How FreshContext says this context should be treated. |
120
+ | Source | Where the context came from. |
121
+ | Usefulness | How helpful the context is for this question. |
122
+ | Freshness | Whether the timing is current enough for this use. |
123
+ | Confidence | How reliable the context signal appears. |
124
+ | Provenance | Whether source identity and audit metadata are preserved. |
125
+ | Reason | Short explanation of the treatment label. |
126
+ | Warning | Non-advice or verification warning, if any. |
127
+
128
+ Example row:
129
+
130
+ ```txt
131
+ Primary source | arxiv.org/... | High | Current | High | Clear | Recent, direct academic source | Does not certify truth
132
+ ```
133
+
134
+ ## Developer JSON Contract
135
+
136
+ This is a proposed future response shape for SDK, API, MCP, and CLI formatting. It is not a live API contract yet.
137
+
138
+ ```json
139
+ {
140
+ "context_id": "ctx_...",
141
+ "decision": "cite_as_primary",
142
+ "reader_label": "Primary source",
143
+ "summary": "Recent, directly relevant source with clear provenance.",
144
+ "source": {
145
+ "id": "src_...",
146
+ "url": "https://example.com/source",
147
+ "type": "academic_research",
148
+ "title": "Example source"
149
+ },
150
+ "scores": {
151
+ "rank": 0.92,
152
+ "freshness": 87,
153
+ "utility": 81,
154
+ "confidence": "high"
155
+ },
156
+ "provenance": {
157
+ "published_at": "2026-06-01T00:00:00.000Z",
158
+ "retrieved_at": "2026-06-09T00:00:00.000Z",
159
+ "hash": "sha256:..."
160
+ },
161
+ "reasons": [
162
+ "Strong semantic match and current freshness for arxiv."
163
+ ],
164
+ "warnings": [
165
+ "FreshContext judges citation readiness and context usefulness; it does not certify truth."
166
+ ],
167
+ "handoff": {
168
+ "safe_for_agent_handoff": true,
169
+ "handoff_notes": []
170
+ }
171
+ }
172
+ ```
173
+
174
+ The JSON layer should preserve the current Core decision label while adding a reader label and summary. It should not rename the machine decision.
175
+
176
+ ## Multi-Agent Handoff Contract
177
+
178
+ A multi-agent handoff should let Agent B understand what Agent A used, rejected, or questioned without re-reading the whole original prompt.
179
+
180
+ Required fields to consider:
181
+
182
+ - `context_id`
183
+ - `source_id`
184
+ - `decision`
185
+ - `reader_label`
186
+ - `source_profile`
187
+ - `intent_profile`
188
+ - `freshness_state`
189
+ - `confidence_state`
190
+ - `utility_state`
191
+ - `provenance_hash`
192
+ - `published_at`
193
+ - `retrieved_at`
194
+ - `judged_at`
195
+ - `judged_by`
196
+ - `handoff_safe`
197
+ - `handoff_reason`
198
+ - `reasons`
199
+ - `warnings`
200
+ - `excluded_context_refs`
201
+
202
+ Example:
203
+
204
+ ```json
205
+ {
206
+ "context_id": "ctx_123",
207
+ "source_id": "src_456",
208
+ "decision": "needs_verification",
209
+ "reader_label": "Needs verification",
210
+ "source_profile": "company_intel",
211
+ "intent_profile": "business_due_diligence",
212
+ "freshness_state": "unknown",
213
+ "confidence_state": "medium",
214
+ "utility_state": "partly useful",
215
+ "provenance_hash": "sha256:...",
216
+ "published_at": null,
217
+ "retrieved_at": "2026-06-09T00:00:00.000Z",
218
+ "judged_at": "2026-06-09T00:00:00.000Z",
219
+ "judged_by": "freshcontext-core",
220
+ "handoff_safe": false,
221
+ "handoff_reason": "Useful but missing source date; verify before primary use.",
222
+ "reasons": [
223
+ "published_at/content_date was invalid; cleared"
224
+ ],
225
+ "warnings": [
226
+ "FreshContext supports context triage only; it is not professional legal, tax, or financial guidance."
227
+ ],
228
+ "excluded_context_refs": []
229
+ }
230
+ ```
231
+
232
+ ## Utility Language
233
+
234
+ Utility means usefulness for the current question. It does not mean truth.
235
+
236
+ Allowed wording:
237
+
238
+ - High utility: useful for this question
239
+ - Medium utility: partly useful
240
+ - Low utility: weak fit for this question
241
+
242
+ Forbidden wording:
243
+
244
+ - true
245
+ - verified truth
246
+ - claims that accuracy is guaranteed
247
+ - claims that a source has official approval
248
+ - claims that FreshContext has settled the answer
249
+
250
+ Utility can appear in explanations and reasons, but it must not be described as controlling default decision labels unless a future policy pass explicitly changes that behavior.
251
+
252
+ ## Provenance Language
253
+
254
+ Provenance means traceable source identity and audit material. It does not mean magical truth.
255
+
256
+ Allowed wording:
257
+
258
+ - clear provenance
259
+ - unclear provenance
260
+ - source identity preserved
261
+ - retrieval time recorded
262
+ - source timestamp recorded
263
+ - deterministic audit hash
264
+
265
+ Forbidden wording:
266
+
267
+ - absolute tamper resistance
268
+ - truth certification claims
269
+ - legal verification claims
270
+ - outside audit claims
271
+ - origin-authenticated unless a future signing model provides that guarantee
272
+
273
+ ## Forbidden Claims
274
+
275
+ FreshContext output must not claim:
276
+
277
+ - it determines truth
278
+ - it proves correctness
279
+ - it replaces human review
280
+ - it is a legal, medical, tax, employment, academic, or investment advisor
281
+ - it validates facts beyond the provided context metadata
282
+ - it guarantees source authenticity
283
+ - it has production Ha-Pri v2 enforcement unless that enforcement is actually implemented
284
+
285
+ ## Future Implementation Passes
286
+
287
+ Suggested next passes:
288
+
289
+ - Pass 14-D: review whether the Analyst Evidence Table should become a helper or stay documentation-only.
290
+ - Pass 14-E: decide whether to add human-readable text lines to `evaluate_context`, or keep the readable layer JSON-only.
291
+ - Later: design Diagnostic Mode on top of `why`, `warnings`, and replay mismatch evidence.
292
+
293
+ The MVP is intentionally small: it translates existing judgment into readable output without changing the judgment itself.
@@ -1,8 +1,52 @@
1
- # FreshContext Release Notes
2
-
3
- ## 0.3.19
4
-
5
- FreshContext 0.3.19 syncs the public MCP package with the new generic `evaluate_context` interface.
1
+ # FreshContext Release Notes
2
+
3
+ ## 0.3.22
4
+
5
+ FreshContext 0.3.22 expands Source Profiles as judgment policies without adding adapters or retrieval behavior.
6
+
7
+ ### Source Profile Expansion
8
+
9
+ - Adds `product_research` for product pages, pricing pages, launch pages, vendor docs, changelogs, and adoption evidence.
10
+ - Adds `multi_agent_handoff` for caller-provided context passed between agents or workflow steps.
11
+ - Preserves `official_docs` as an existing built-in profile with replay coverage.
12
+
13
+ ### Validation Coverage
14
+
15
+ - Adds saved Signal Contract v1 replay fixtures for product research and multi-agent handoff.
16
+ - Extends batch validation and `evaluate_context` tests so the new profiles return decision-ready, readable output.
17
+ - Keeps the boundary explicit: profiles are judgment policies, not fetching, crawling, adapter selection, Operator mode, or agent orchestration.
18
+
19
+ ## 0.3.21
20
+
21
+ FreshContext 0.3.21 adds provenance readiness and readable handoff safety for judged context.
22
+
23
+ ### Provenance Readiness
24
+
25
+ - Adds a Core `provenance_readiness` sidecar that classifies caller-provided context as `complete`, `partial`, `incomplete`, `unknown`, or `derived`.
26
+ - Keeps provenance readiness additive: it does not fetch sources, verify truth, change ranking, change utility scoring, or change decision-label policy.
27
+ - Preserves stable structured `evaluate_context` output while adding provenance readiness to each result.
28
+
29
+ ### Public Contract and Boundary Gates
30
+
31
+ - Adds compatibility coverage for pre-provenance `evaluate_context` payloads.
32
+ - Locks Core public imports, package fixture behavior, and the `freshcontext-mcp/core` subpath surface.
33
+ - Audits the adapter boundary so Core remains the judgment layer, while the 21 reference tools remain optional source-intake adapters.
34
+
35
+ ### Readable Handoff Safety
36
+
37
+ - Adds `readable.handoff.safe_for_agent_handoff` and `readable.handoff.reason` to structured readable output.
38
+ - Derives handoff safety only from the existing decision and `provenance_readiness`.
39
+ - Does not add multi-agent orchestration, batch handoff counts, new MCP tools, or adapter orchestration.
40
+
41
+ ### Release Gate
42
+
43
+ - Adds stress coverage for ugly provenance, scoring, decision, readable output, and handoff edge cases.
44
+ - Pins the policy that minimal title-only legacy input is valid but needs verification.
45
+ - Confirms MCP smoke remains at 22 tools and package/server metadata align at 0.3.21 for this release prep.
46
+
47
+ ## 0.3.19
48
+
49
+ FreshContext 0.3.19 syncs the public MCP package with the new generic `evaluate_context` interface.
6
50
 
7
51
  ### Context Evaluation Front Door
8
52