godpowers 3.0.2 → 3.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +229 -0
- package/README.md +16 -10
- package/RELEASE.md +21 -33
- package/bin/install.js +34 -0
- package/fixtures/gate/harden-pass/.godpowers/state.json +26 -0
- package/lib/artifact-map.js +2 -1
- package/lib/cli-dispatch.js +409 -2
- package/lib/evidence/.provenance.json +45 -0
- package/lib/evidence-import.js +147 -0
- package/lib/evidence.js +908 -0
- package/lib/gate.js +26 -15
- package/lib/installer-args.js +219 -1
- package/lib/quarterback.js +183 -0
- package/lib/work-report.js +137 -0
- package/package.json +1 -1
- package/references/orchestration/GOD-ORCHESTRATOR-RUNBOOK.md +9 -4
- package/skills/god-harden.md +5 -2
|
@@ -487,12 +487,17 @@ requested or final sign-off begins.
|
|
|
487
487
|
5. Spawn the appropriate specialist agent in a fresh context
|
|
488
488
|
6. Verify their output exists on disk
|
|
489
489
|
7. Run have-nots check on the artifact and run `standards.gate-command` when configured
|
|
490
|
-
8.
|
|
490
|
+
8. For an executable-gated sub-step (build, deploy, harden), record executed
|
|
491
|
+
evidence with `npx godpowers verify "<cmd>" --substep <tier.substep>` and then
|
|
492
|
+
confirm `npx godpowers can-close --substep <tier.substep> --project=.` exits
|
|
493
|
+
zero before closing. Never advance the sub-step to done while can-close is red.
|
|
494
|
+
9. If pass and can-close is green: advance the sub-step to done via
|
|
495
|
+
`npx godpowers state advance`, sync CHECKPOINT.md, run the proactive
|
|
491
496
|
auto-invoke sweep, print the "Step result" card, then move to next sub-step
|
|
492
|
-
|
|
497
|
+
10. If fail and repairable: print the failed result card, then enter the
|
|
493
498
|
autonomous repair loop
|
|
494
|
-
|
|
495
|
-
|
|
499
|
+
11. If fail and human-only: pause with the smallest needed question
|
|
500
|
+
12. Repeat until all tiers complete and verification is green
|
|
496
501
|
```
|
|
497
502
|
|
|
498
503
|
## Specialist Agent Routing
|
package/skills/god-harden.md
CHANGED
|
@@ -21,8 +21,11 @@ Spawn the **god-harden-auditor** agent in a fresh context via the host platform'
|
|
|
21
21
|
|
|
22
22
|
After god-harden-auditor returns:
|
|
23
23
|
1. Verify FINDINGS.md exists on disk
|
|
24
|
-
2.
|
|
25
|
-
|
|
24
|
+
2. Record the executed security check as evidence so the gate has a passing
|
|
25
|
+
verification record, for example:
|
|
26
|
+
`npx godpowers verify "npm audit --omit=dev" --substep tier-3.harden --claim "dependency audit clean" --project=.`
|
|
27
|
+
3. Run `npx godpowers gate --tier=harden --project=.` and do not proceed on a non-zero exit
|
|
28
|
+
4. Read findings classification:
|
|
26
29
|
- If any Critical: run `npx godpowers state advance --step=harden --status=failed --project=.` and keep launch BLOCKED
|
|
27
30
|
- If only High/Medium/Low: run `npx godpowers state advance --step=harden --status=done --project=.`
|
|
28
31
|
|