godpowers 3.13.0 → 3.13.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +97 -0
- package/README.md +33 -25
- package/RELEASE.md +20 -21
- package/bin/install.js +1 -16
- package/hooks/pre-tool-use.sh +52 -40
- package/lib/README.md +12 -1
- package/lib/artifact-map.js +6 -0
- package/lib/cli-dispatch.js +29 -20
- package/lib/cli-log.js +24 -0
- package/lib/dashboard.js +1 -10
- package/lib/evidence.js +54 -13
- package/lib/gate.js +2 -2
- package/lib/have-nots-validator.js +5 -1
- package/lib/installer-args.js +140 -290
- package/lib/installer-core.js +1 -12
- package/lib/intent.js +9 -4
- package/lib/pillars.js +13 -0
- package/lib/planning-systems.js +2 -10
- package/lib/recipe-coverage-sync.js +4 -23
- package/lib/release-surface-sync.js +5 -32
- package/lib/repo-doc-sync.js +1 -16
- package/lib/repo-surface-sync.js +4 -55
- package/lib/requirements.js +6 -17
- package/lib/reverse-sync.js +9 -2
- package/lib/route-quality-sync.js +4 -33
- package/lib/source-sync.js +0 -4
- package/lib/state.js +19 -8
- package/lib/sync-check.js +56 -0
- package/lib/sync-fs.js +49 -0
- package/lib/text-util.js +19 -0
- package/lib/workflow-helper-groups.js +4 -0
- package/package.json +3 -3
- package/references/orchestration/GOD-ORCHESTRATOR-RUNBOOK.md +7 -0
- package/workflows/full-arc.yaml +18 -0
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,103 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [3.13.2] - 2026-06-17
|
|
11
|
+
|
|
12
|
+
Maintenance release that drives a third self-audit (`codeaudit.md`) to zero: one
|
|
13
|
+
Medium and twelve Low findings across de-duplication, error handling, security
|
|
14
|
+
hardening, the test gate, and docs. No public command/agent/workflow/recipe
|
|
15
|
+
surface change (counts stay 120 / 40 / 13 / 44); lib module count 90 -> 91.
|
|
16
|
+
|
|
17
|
+
### Changed
|
|
18
|
+
- **Shared sync check-builder (ARC-001):** the four `*-sync` modules no longer
|
|
19
|
+
copy-paste `addCheck`/`listFiles`; they share `lib/sync-check.js` (full
|
|
20
|
+
`addCheck` for the aggregator, area-bound `makeAddCheck` for the rest).
|
|
21
|
+
- **Per-file coverage floor (TEST-001):** `coverage:lib` now emits a json-summary
|
|
22
|
+
and `scripts/check-per-file-coverage.js` (in `release:check`) fails any lib
|
|
23
|
+
module below 70% lines (excluding the two environment-bound browser drivers),
|
|
24
|
+
so a single file can no longer rot while the aggregate stays green.
|
|
25
|
+
- **De-duplication and cleanup (QUAL-001/002/003):** removed dead helpers
|
|
26
|
+
(two unused `rel()`, an unused `sha`), added `sync-fs.readTextOrNull` adopted by
|
|
27
|
+
`requirements.js` (which now sources PRD/ROADMAP paths from `artifact-map`), and
|
|
28
|
+
fixed a boolean/string status wart in `repo-surface-sync`.
|
|
29
|
+
- **Pillars delineation (ARC-002):** `pillars.js` now has section dividers
|
|
30
|
+
separating the model and artifact-sync halves (a full split was deferred; the
|
|
31
|
+
halves share construction functions that are public API).
|
|
32
|
+
|
|
33
|
+
### Fixed
|
|
34
|
+
- **Reverse-sync error visibility (ERR-001):** the requirements step now writes
|
|
35
|
+
state before the ledger and surfaces a caught error as `requirementsError`
|
|
36
|
+
instead of silently nulling it.
|
|
37
|
+
|
|
38
|
+
### Security
|
|
39
|
+
- **MCP module-name guard (SEC-001):** `requireRuntime` rejects any name that is
|
|
40
|
+
not a plain lib basename (defense-in-depth).
|
|
41
|
+
- **YAML recursion cap (SEC-002):** `intent.cleanArrays` caps recursion depth so a
|
|
42
|
+
pathologically deep file cannot overflow the stack.
|
|
43
|
+
|
|
44
|
+
### Performance
|
|
45
|
+
- **have-nots regex (PERF-001):** `findPositions` compiles its regex once instead
|
|
46
|
+
of per line. The whole-ledger read in `evidence.readJsonl` is documented as
|
|
47
|
+
bounded/acceptable with an opt-in prune noted for the future (PERF-002).
|
|
48
|
+
|
|
49
|
+
### Docs
|
|
50
|
+
- **Absolute README doc links (DOC-001):** `docs/` is deliberately excluded from
|
|
51
|
+
the package, so the README's `docs/*` links are now absolute GitHub URLs that
|
|
52
|
+
resolve on the npm page and in the tarball.
|
|
53
|
+
|
|
54
|
+
## [3.13.1] - 2026-06-16
|
|
55
|
+
|
|
56
|
+
Maintenance release that drives a full self-audit (`codeaudit.md`) to zero: one
|
|
57
|
+
High finding, plus the Medium and Low findings, fixed across runtime correctness,
|
|
58
|
+
security hardening, the test gate, documentation, and de-duplication. No public
|
|
59
|
+
command, agent, workflow, or recipe surface changes (counts stay 120 / 40 / 13 / 44).
|
|
60
|
+
|
|
61
|
+
### Fixed
|
|
62
|
+
- **Ledger record loss under concurrency (ERR-001):** `lib/evidence.js`
|
|
63
|
+
`appendJsonlAtomic` did a read-modify-write of the whole ledger, so two
|
|
64
|
+
concurrent `verify`/`outcome check` processes lost each other's records and
|
|
65
|
+
every append was O(n). It now uses `fs.appendFileSync` (O_APPEND), mirroring
|
|
66
|
+
`lib/events.js`; a concurrency regression test asserts 8 writers x 25 records
|
|
67
|
+
all survive.
|
|
68
|
+
- **Buffer-overflow verdicts (ERR-003):** a `maxBuffer` (ENOBUFS) overflow was
|
|
69
|
+
recorded as a plain command failure; it is now surfaced distinctly. The 16 MB
|
|
70
|
+
cap is the named constant `MAX_OUTPUT_BYTES`.
|
|
71
|
+
- **Doc accuracy:** `SECURITY.md` no longer recommends the non-existent
|
|
72
|
+
`npm install --verify` (use `npm audit signatures`); the stale
|
|
73
|
+
`ARCHITECTURE-MAP.md` counts are regenerated and now machine-guarded.
|
|
74
|
+
|
|
75
|
+
### Security
|
|
76
|
+
- **Advisory hook (SEC-001):** `hooks/pre-tool-use.sh` is reframed as a
|
|
77
|
+
best-effort typo guard (not a security boundary) and now normalizes whitespace
|
|
78
|
+
and matches common destructive-command variants (`rm -fr`, `-r -f`, `./`
|
|
79
|
+
prefix, `git push -f`/`--force-with-lease`). Covered by `scripts/test-hooks.js`.
|
|
80
|
+
- **Disk-sourced verifier (SEC-002):** `outcome check` now announces the verifier
|
|
81
|
+
command and its `goal.json` source path before executing, so running it in an
|
|
82
|
+
untrusted cloned repo cannot silently run a planted command.
|
|
83
|
+
- **Ledger secrets (SEC-003):** the human-readable `LEDGER-LOG.md` command echo
|
|
84
|
+
masks obvious secret shapes; `SECURITY.md` documents that `.godpowers/ledger/`
|
|
85
|
+
may capture command output.
|
|
86
|
+
- **Codex sandbox (SEC-004):** `SECURITY.md` documents the Codex
|
|
87
|
+
`sandbox_mode = "workspace-write"` install default.
|
|
88
|
+
|
|
89
|
+
### Changed
|
|
90
|
+
- **Test gate (TEST-001/002/003):** `coverage:lib` now enforces `--branches 75`;
|
|
91
|
+
new `scripts/test-runtime-audit.js` raises `runtime-audit.js` line coverage
|
|
92
|
+
68.8% -> 77.8%; `scripts/test-router.js` no longer shares cumulative state and
|
|
93
|
+
cleans up its temp dirs.
|
|
94
|
+
- **De-duplication (ARC-001/002, QUAL-001/002):** the five `*-sync` modules share
|
|
95
|
+
`lib/sync-fs.js`; the ANSI logger moves to `lib/cli-log.js` and `slugify` to
|
|
96
|
+
`lib/text-util.js`; `installer-args.parseArgs` is now table-driven (was a
|
|
97
|
+
358-line function); `state.STATE_FILE` is the canonical state-file constant and
|
|
98
|
+
`artifact-map.js`'s scope is documented accurately.
|
|
99
|
+
- **Re-audit follow-ups (ARC-003, QUAL-003, DOC-004/005, ERR-004, TEST-005):** a
|
|
100
|
+
fresh self-audit of the above confirmed no regressions and closed the residual
|
|
101
|
+
gaps: `installer-core.js` now imports the shared logger; `dashboard.js`/
|
|
102
|
+
`planning-systems.js` use `sync-fs`; the `lib/README` module catalog is complete
|
|
103
|
+
and guarded by a completeness check; the corrupt-state error is typed
|
|
104
|
+
(`err.code = 'CORRUPT_STATE'`) instead of message-matched; and the hook tests
|
|
105
|
+
assert each warning's text, not just its exit code.
|
|
106
|
+
|
|
10
107
|
## [3.13.0] - 2026-06-16
|
|
11
108
|
|
|
12
109
|
### Changed
|
package/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
[](https://github.com/aihxp/godpowers/actions/workflows/ci.yml)
|
|
4
4
|
[](LICENSE)
|
|
5
|
-
[](CHANGELOG.md)
|
|
6
6
|
[](https://www.npmjs.com/package/godpowers)
|
|
7
7
|
|
|
8
8
|
**Ship fast. Ship right. Ship everything. Ship accountably.**
|
|
@@ -12,26 +12,34 @@ idea to hardened production. It runs as **slash commands inside your AI coding
|
|
|
12
12
|
tool** (Claude Code, Codex, Cursor, etc.) that orchestrate **specialist agents**
|
|
13
13
|
in fresh contexts to do the work.
|
|
14
14
|
|
|
15
|
-
Want the short proof first? Start with [Quick Proof](docs/quick-proof.md) to
|
|
15
|
+
Want the short proof first? Start with [Quick Proof](https://github.com/aihxp/godpowers/blob/main/docs/quick-proof.md) to
|
|
16
16
|
run `npx godpowers quick-proof --project=. --brief`, see outcome metrics, pick
|
|
17
17
|
a starter command set, and understand runtime expectations before reading the
|
|
18
|
-
full reference. The [First 10 Minute Proof Case Study](docs/case-studies/first-10-minute-proof.md)
|
|
18
|
+
full reference. The [First 10 Minute Proof Case Study](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/first-10-minute-proof.md)
|
|
19
19
|
shows the same evidence as a before-and-after adoption story. External
|
|
20
|
-
CLI-verifiable canaries now cover [sindresorhus/is](docs/case-studies/sindresorhus-is-adoption-canary.md),
|
|
21
|
-
[expressjs/cors](docs/case-studies/expressjs-cors-adoption-canary.md), and
|
|
22
|
-
[tinyhttp/tinyhttp](docs/case-studies/tinyhttp-adoption-canary.md), with host
|
|
20
|
+
CLI-verifiable canaries now cover [sindresorhus/is](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/sindresorhus-is-adoption-canary.md),
|
|
21
|
+
[expressjs/cors](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/expressjs-cors-adoption-canary.md), and
|
|
22
|
+
[tinyhttp/tinyhttp](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/tinyhttp-adoption-canary.md), with host
|
|
23
23
|
slash-command gaps called out rather than hidden.
|
|
24
|
-
Host-run proof studies now cover [slugify-cli](docs/case-studies/run-a.md),
|
|
25
|
-
[Countdown](docs/case-studies/run-b.md), and
|
|
26
|
-
[react-github-readme-button](docs/case-studies/run-c.md), including one
|
|
24
|
+
Host-run proof studies now cover [slugify-cli](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/run-a.md),
|
|
25
|
+
[Countdown](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/run-b.md), and
|
|
26
|
+
[react-github-readme-button](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/run-c.md), including one
|
|
27
27
|
blocked harden run recorded as evidence instead of hidden as success.
|
|
28
28
|
|
|
29
29
|
Godpowers makes AI coding accountable: every serious run should leave disk
|
|
30
30
|
state, artifacts, validation gates, host guarantees, and a next action. Code is
|
|
31
31
|
only one output. The project memory and proof trail matter too.
|
|
32
32
|
|
|
33
|
-
Version 3.13.
|
|
34
|
-
|
|
33
|
+
Version 3.13.2 is a maintenance release that drives a third self-audit to zero:
|
|
34
|
+
the `*-sync` modules now share one check-builder, the coverage gate enforces a
|
|
35
|
+
per-file floor, the corrupt-state error is typed, dead helpers are removed, and
|
|
36
|
+
the MCP module loader and YAML parser gain defense-in-depth guards. Version
|
|
37
|
+
3.13.1 drove a full self-audit to zero: the runtime ledger no longer loses
|
|
38
|
+
verification records under concurrent writes, the `outcome check` verifier and
|
|
39
|
+
the pre-tool-use hook are hardened, the `*-sync` modules share one filesystem
|
|
40
|
+
helper, the argument parser is table-driven, and branch coverage is gated.
|
|
41
|
+
Version 3.13.0 makes the default greenfield arc (`/god-mode`) miss
|
|
42
|
+
less. The one-shot `full-arc` workflow now runs a whole-codebase code audit after the
|
|
35
43
|
build (so it catches what the per-slice reviews missed in AI-generated code) and
|
|
36
44
|
a documentation pass after harden (so the shipped product has docs verified
|
|
37
45
|
against the code, not vibes). The arc goes build, code-audit, deploy, observe,
|
|
@@ -178,7 +186,7 @@ instead of pretending a background agent ran.
|
|
|
178
186
|
| Other install targets | Skills and agent contracts install, while host-native spawning depends on the tool. |
|
|
179
187
|
| Degraded hosts | Godpowers must report local-only or simulated agent behavior instead of hiding the limitation. |
|
|
180
188
|
|
|
181
|
-
See [Host capabilities](docs/host-capabilities.md) for the detailed guarantee
|
|
189
|
+
See [Host capabilities](https://github.com/aihxp/godpowers/blob/main/docs/host-capabilities.md) for the detailed guarantee
|
|
182
190
|
model.
|
|
183
191
|
|
|
184
192
|
## Usage
|
|
@@ -329,17 +337,17 @@ dependency to the main `godpowers` package:
|
|
|
329
337
|
|
|
330
338
|
```bash
|
|
331
339
|
npx godpowers mcp-info --project=.
|
|
332
|
-
npx -y -p godpowers@3.13.
|
|
340
|
+
npx -y -p godpowers@3.13.2 -p @godpowers/mcp@3.13.2 godpowers-mcp serve --project=.
|
|
333
341
|
```
|
|
334
342
|
|
|
335
343
|
The companion exposes `status`, `next`, `gate_check`, `lint_artifact`, and
|
|
336
344
|
`trace_requirement`. Host registration is opt-in:
|
|
337
345
|
|
|
338
346
|
```bash
|
|
339
|
-
npx -y -p godpowers@3.13.
|
|
347
|
+
npx -y -p godpowers@3.13.2 -p @godpowers/mcp@3.13.2 godpowers-mcp setup --host=codex --project=. --write
|
|
340
348
|
```
|
|
341
349
|
|
|
342
|
-
See [MCP Companion](docs/mcp.md) for package boundaries and setup details.
|
|
350
|
+
See [MCP Companion](https://github.com/aihxp/godpowers/blob/main/docs/mcp.md) for package boundaries and setup details.
|
|
343
351
|
|
|
344
352
|
### Slash Commands
|
|
345
353
|
|
|
@@ -613,16 +621,16 @@ Pi. T3 Code inherits from the underlying agent (Codex / Claude / OpenCode).
|
|
|
613
621
|
|
|
614
622
|
## Full reference
|
|
615
623
|
|
|
616
|
-
- [Getting Started](docs/getting-started.md)
|
|
617
|
-
- [Quick Proof](docs/quick-proof.md)
|
|
618
|
-
- [First 10 Minute Proof Case Study](docs/case-studies/first-10-minute-proof.md)
|
|
619
|
-
- [Concepts](docs/concepts.md)
|
|
620
|
-
- [Command reference (all 120 skills + 40 agents)](docs/reference.md)
|
|
621
|
-
- [Feature awareness](docs/feature-awareness.md)
|
|
622
|
-
- [Adoption Canary](docs/adoption-canary.md)
|
|
623
|
-
- [Repository documentation sync](docs/repo-doc-sync.md)
|
|
624
|
-
- [Repository surface sync](docs/repo-surface-sync.md)
|
|
625
|
-
- [Roadmap](docs/ROADMAP.md)
|
|
624
|
+
- [Getting Started](https://github.com/aihxp/godpowers/blob/main/docs/getting-started.md)
|
|
625
|
+
- [Quick Proof](https://github.com/aihxp/godpowers/blob/main/docs/quick-proof.md)
|
|
626
|
+
- [First 10 Minute Proof Case Study](https://github.com/aihxp/godpowers/blob/main/docs/case-studies/first-10-minute-proof.md)
|
|
627
|
+
- [Concepts](https://github.com/aihxp/godpowers/blob/main/docs/concepts.md)
|
|
628
|
+
- [Command reference (all 120 skills + 40 agents)](https://github.com/aihxp/godpowers/blob/main/docs/reference.md)
|
|
629
|
+
- [Feature awareness](https://github.com/aihxp/godpowers/blob/main/docs/feature-awareness.md)
|
|
630
|
+
- [Adoption Canary](https://github.com/aihxp/godpowers/blob/main/docs/adoption-canary.md)
|
|
631
|
+
- [Repository documentation sync](https://github.com/aihxp/godpowers/blob/main/docs/repo-doc-sync.md)
|
|
632
|
+
- [Repository surface sync](https://github.com/aihxp/godpowers/blob/main/docs/repo-surface-sync.md)
|
|
633
|
+
- [Roadmap](https://github.com/aihxp/godpowers/blob/main/docs/ROADMAP.md)
|
|
626
634
|
- [Release Notes](RELEASE.md)
|
|
627
635
|
- [Changelog](CHANGELOG.md)
|
|
628
636
|
- [Inspiration](INSPIRATION.md)
|
package/RELEASE.md
CHANGED
|
@@ -1,41 +1,40 @@
|
|
|
1
|
-
# Godpowers 3.13.
|
|
1
|
+
# Godpowers 3.13.2 Release
|
|
2
2
|
|
|
3
3
|
> Status: Prepared
|
|
4
|
-
> Date: 2026-06-
|
|
4
|
+
> Date: 2026-06-17
|
|
5
5
|
|
|
6
|
-
[DECISION] Godpowers 3.13.
|
|
7
|
-
[DECISION] No new skill, agent, workflow, or recipe surface is added:
|
|
8
|
-
[DECISION] This release keeps `core` as the omitted installer profile, keeps `--profile=full` as the complete compatibility surface, and keeps the full 3.1.0-3.
|
|
6
|
+
[DECISION] Godpowers 3.13.2 is a maintenance release that drives a third self-audit (`codeaudit.md`, codeauditor-grade, nine weighted dimensions) to zero. It fixes one Medium finding and twelve Low findings across de-duplication, error handling, security hardening, the test gate, and documentation.
|
|
7
|
+
[DECISION] No new skill, agent, workflow, or recipe surface is added or removed. Surface counts are unchanged from 3.13.1: 120 slash commands, 40 specialist agents, 13 workflows, 44 recipes. The lib module count rises from 90 to 91 (`lib/sync-check.js`).
|
|
8
|
+
[DECISION] This release keeps `core` as the omitted installer profile, keeps `--profile=full` as the complete compatibility surface, and keeps the full 3.1.0-3.13.1 surface.
|
|
9
9
|
|
|
10
10
|
## What's in this release
|
|
11
11
|
|
|
12
|
-
- [DECISION]
|
|
13
|
-
- [DECISION]
|
|
14
|
-
- [DECISION]
|
|
15
|
-
- [DECISION]
|
|
16
|
-
- [DECISION]
|
|
12
|
+
- [DECISION] De-duplication (ARC-001, QUAL-001/002/003): the four `*-sync` modules share `lib/sync-check.js` (`addCheck`/`makeAddCheck`/`listFiles`) instead of copy-pasting them; removed dead helpers (two unused `rel()`, an unused `sha`); added `sync-fs.readTextOrNull` adopted by `requirements.js`, which now sources PRD/ROADMAP paths from `artifact-map`; fixed a boolean/string status wart in `repo-surface-sync`.
|
|
13
|
+
- [DECISION] Test gate (TEST-001, TEST-002): `coverage:lib` now emits a json-summary and `scripts/check-per-file-coverage.js` (in `release:check`) fails any lib module below 70% lines, excluding the two environment-bound browser drivers, so a single file can no longer rot while the aggregate stays green; the `run()`/`appendLog()` write path of the three sync siblings is now tested for the no-banned-dash invariant.
|
|
14
|
+
- [DECISION] Error handling (ERR-001): reverse-sync writes state before the ledger and surfaces a caught error as `requirementsError` instead of silently nulling it.
|
|
15
|
+
- [DECISION] Security hardening (SEC-001, SEC-002): the MCP `requireRuntime` rejects any module name that is not a plain lib basename; `intent.cleanArrays` caps recursion depth so a pathologically deep YAML cannot overflow the stack.
|
|
16
|
+
- [DECISION] Performance and docs (PERF-001/002, DOC-001, ARC-002): `have-nots` `findPositions` compiles its regex once per call; the bounded whole-ledger read is documented with an opt-in prune noted; the README's `docs/*` links are now absolute GitHub URLs (docs are deliberately excluded from the package); and `pillars.js` is delineated into its model and artifact-sync halves (a full split was deferred because the halves share public-API construction functions).
|
|
17
17
|
|
|
18
18
|
## Changes
|
|
19
19
|
|
|
20
|
-
- [DECISION] `package.json`, `package-lock.json`, and `packages/mcp/package.json` now publish the 3.13.
|
|
21
|
-
- [DECISION]
|
|
22
|
-
- [DECISION] CHANGELOG, RELEASE notes, README, roadmap, reference, architecture, and the
|
|
20
|
+
- [DECISION] `package.json`, `package-lock.json`, and `packages/mcp/package.json` now publish the 3.13.2 version.
|
|
21
|
+
- [DECISION] New runtime module `lib/sync-check.js` (lib module count 90 -> 91). No public command/agent/workflow/recipe surface change.
|
|
22
|
+
- [DECISION] CHANGELOG, RELEASE notes, README, roadmap, reference, architecture, and the architecture map now reflect 3.13.2. The SECURITY supported-version table already carries the `3.13.x` row.
|
|
23
23
|
|
|
24
24
|
## Validation
|
|
25
25
|
|
|
26
|
-
- [DECISION] `npm
|
|
27
|
-
- [DECISION] `
|
|
28
|
-
- [DECISION] `npm run release:check` passed `
|
|
29
|
-
- [DECISION] `npm run release:check` passed
|
|
30
|
-
- [DECISION] `npm run release:check` passed public surface docs for version 3.13.0 with 120 skills, 40 agents, 13 workflows, and 44 recipes.
|
|
26
|
+
- [DECISION] `npm test` passed all command groups.
|
|
27
|
+
- [DECISION] `npm run release:check` passed `coverage:lib` above the 90 percent line floor and the 75 percent branch floor, and the new per-file floor (>= 70 percent lines across 88 lib modules).
|
|
28
|
+
- [DECISION] `npm run release:check` passed `npm audit --omit=dev` with 0 vulnerabilities and `git diff --check`.
|
|
29
|
+
- [DECISION] `npm run release:check` passed public surface docs for version 3.13.2 with 120 skills, 40 agents, 13 workflows, and 44 recipes.
|
|
31
30
|
- [DECISION] `npm run release:check` passed root and `@godpowers/mcp` package contents.
|
|
32
31
|
|
|
33
32
|
## Upgrade
|
|
34
33
|
|
|
35
|
-
- [DECISION] Use `npm install -g godpowers@3.13.
|
|
36
|
-
- [DECISION] No migration is required.
|
|
34
|
+
- [DECISION] Use `npm install -g godpowers@3.13.2` or `npx godpowers@3.13.2`.
|
|
35
|
+
- [DECISION] No migration is required. The changes are internal de-duplication, error-visibility, security, test-gate, and documentation improvements with no surface change.
|
|
37
36
|
|
|
38
37
|
## Notes
|
|
39
38
|
|
|
40
|
-
- [DECISION] The publish targets are npm `godpowers@3.13.
|
|
39
|
+
- [DECISION] The publish targets are npm `godpowers@3.13.2`, npm `@godpowers/mcp@3.13.2`, and GitHub release `https://github.com/aihxp/godpowers/releases/tag/v3.13.2`.
|
|
41
40
|
- [DECISION] The tag-triggered GitHub publish workflow remains the preferred npm path because it publishes with provenance. This release has not been tagged or published to npm yet.
|
package/bin/install.js
CHANGED
|
@@ -21,6 +21,7 @@ const { describeProfiles } = require('../lib/install-profiles');
|
|
|
21
21
|
const commandFamilies = require('../lib/command-families');
|
|
22
22
|
const identity = require('../lib/package-identity');
|
|
23
23
|
const cliDispatch = require('../lib/cli-dispatch');
|
|
24
|
+
const { log, success, warn, error } = require('../lib/cli-log');
|
|
24
25
|
|
|
25
26
|
const VERSION = identity.PACKAGE_VERSION;
|
|
26
27
|
|
|
@@ -29,22 +30,6 @@ const BANNER = `
|
|
|
29
30
|
Ship fast. Ship right. Ship everything.
|
|
30
31
|
`;
|
|
31
32
|
|
|
32
|
-
function log(msg) {
|
|
33
|
-
console.log(` ${msg}`);
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
function success(msg) {
|
|
37
|
-
console.log(` \x1b[32m+\x1b[0m ${msg}`);
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
function warn(msg) {
|
|
41
|
-
console.log(` \x1b[33m!\x1b[0m ${msg}`);
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
function error(msg) {
|
|
45
|
-
console.error(` \x1b[31mx\x1b[0m ${msg}`);
|
|
46
|
-
}
|
|
47
|
-
|
|
48
33
|
function showHelp() {
|
|
49
34
|
console.log(BANNER);
|
|
50
35
|
log('Usage: npx godpowers [command] [options]\n');
|
package/hooks/pre-tool-use.sh
CHANGED
|
@@ -1,52 +1,64 @@
|
|
|
1
1
|
#!/usr/bin/env bash
|
|
2
|
-
# Godpowers PreToolUse
|
|
3
|
-
#
|
|
4
|
-
# Warns
|
|
5
|
-
#
|
|
2
|
+
# Godpowers PreToolUse advisory hook (best-effort, NOT a security boundary).
|
|
3
|
+
#
|
|
4
|
+
# Warns before some common destructive command spellings when run inside a
|
|
5
|
+
# Godpowers project: deleting .godpowers/, git reset --hard, force push,
|
|
6
|
+
# npm publish, gh release create. It matches command text heuristically after
|
|
7
|
+
# normalizing whitespace, so it tolerates spacing and short-flag variants
|
|
8
|
+
# (rm -fr, -r -f, ./ prefix, trailing slash, push -f). It is still deliberately
|
|
9
|
+
# conservative and is easily bypassed by uncommon spellings, quoting, aliases,
|
|
10
|
+
# or a child process that does the deletion. Treat it as a typo guard that buys
|
|
11
|
+
# a confirmation prompt, not as a guarantee. See SECURITY.md.
|
|
6
12
|
|
|
7
13
|
set -euo pipefail
|
|
8
14
|
|
|
9
|
-
TOOL_NAME="${CLAUDE_TOOL_NAME:-}"
|
|
10
15
|
TOOL_INPUT="${CLAUDE_TOOL_INPUT:-}"
|
|
11
16
|
|
|
12
17
|
if [ ! -d ".godpowers" ]; then
|
|
13
18
|
exit 0
|
|
14
19
|
fi
|
|
15
20
|
|
|
16
|
-
#
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
21
|
+
# Collapse tabs and runs of spaces so spacing variants normalize to one form.
|
|
22
|
+
norm="$(printf '%s' "$TOOL_INPUT" | tr '\t' ' ' | tr -s ' ')"
|
|
23
|
+
|
|
24
|
+
matches() {
|
|
25
|
+
printf '%s' "$norm" | grep -Eq -- "$1"
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
# rm targeting .godpowers (optional ./ or / prefix, optional trailing slash)
|
|
29
|
+
# that carries a recursive flag in any spelling: -rf, -fr, -r -f, -R, --recursive.
|
|
30
|
+
if matches 'rm( +-[a-zA-Z]+)* +\.?/?\.godpowers(/|$| )' && matches ' -[a-zA-Z]*[rR]|--recursive'; then
|
|
31
|
+
echo "WARNING: About to delete the .godpowers/ directory."
|
|
32
|
+
echo "This destroys all PROGRESS, PRD, ARCH, ROADMAP, and other artifacts."
|
|
33
|
+
echo "If this is intentional, confirm in chat before proceeding."
|
|
34
|
+
exit 1
|
|
35
|
+
fi
|
|
36
|
+
|
|
37
|
+
if matches 'git +reset +--hard'; then
|
|
38
|
+
echo "WARNING: git reset --hard discards uncommitted work."
|
|
39
|
+
echo "If you have artifacts not yet committed, they will be lost."
|
|
40
|
+
echo "Consider git stash first."
|
|
41
|
+
exit 1
|
|
42
|
+
fi
|
|
43
|
+
|
|
44
|
+
# git push with a force flag: --force, --force-with-lease, or a standalone -f.
|
|
45
|
+
if matches 'git +push +' && matches '(--force(-with-lease)?| -f( |$))'; then
|
|
46
|
+
echo "WARNING: Force pushing. If pushing to main/master, this can"
|
|
47
|
+
echo "destroy collaborators' work."
|
|
48
|
+
exit 1
|
|
49
|
+
fi
|
|
50
|
+
|
|
51
|
+
if matches 'npm +publish'; then
|
|
52
|
+
echo "WARNING: npm publish is a public release action."
|
|
53
|
+
echo "Confirm release checklist, repo-doc-sync, repo-surface-sync,"
|
|
54
|
+
echo "release-surface-sync, package contents, and installer smoke first."
|
|
55
|
+
exit 1
|
|
56
|
+
fi
|
|
57
|
+
|
|
58
|
+
if matches 'gh +release +create'; then
|
|
59
|
+
echo "WARNING: gh release create publishes public release notes."
|
|
60
|
+
echo "Confirm README, badges, CHANGELOG, RELEASE, package, tag, and npm version agree."
|
|
61
|
+
exit 1
|
|
62
|
+
fi
|
|
51
63
|
|
|
52
64
|
exit 0
|
package/lib/README.md
CHANGED
|
@@ -28,6 +28,8 @@ package-level integrations.
|
|
|
28
28
|
| `cost-tracker.js` | Track token and cost estimates from event streams. |
|
|
29
29
|
| `atomic-write.js` | Write load-bearing files through temp-file validation and atomic rename. |
|
|
30
30
|
| `fs-async.js` | Promise-based file read/write helpers for non-blocking runtime paths. |
|
|
31
|
+
| `sync-fs.js` | Shared project-relative read/write/exists/readJson helpers for the `*-sync` modules. |
|
|
32
|
+
| `sync-check.js` | Shared check-builder (`addCheck`/`makeAddCheck`) and file-lister for the `*-sync` modules. |
|
|
31
33
|
|
|
32
34
|
## Events and observability
|
|
33
35
|
|
|
@@ -38,12 +40,17 @@ package-level integrations.
|
|
|
38
40
|
| `otel-exporter.js` | Export Godpowers events in an OpenTelemetry-shaped format. |
|
|
39
41
|
| `runtime-audit.js` | Audit runtime health and expected project state. |
|
|
40
42
|
| `runtime-test.js` | Provide runtime checks used by package tests. |
|
|
43
|
+
| `evidence.js` | Enforced producer of executed/attested verification records, the state.json rollup, gate events, reflections, memory, lessons, and outcome loops. |
|
|
44
|
+
| `evidence-import.js` | Import an existing `.mythify/` ledger into `.godpowers/ledger/`. |
|
|
45
|
+
| `work-report.js` | Render the verification play-by-play from the evidence ledger. |
|
|
46
|
+
| `adoption-metrics.js` | Derive adoption and outcome metrics from event streams. |
|
|
41
47
|
|
|
42
48
|
## Routing and execution
|
|
43
49
|
|
|
44
50
|
| Module | Purpose |
|
|
45
51
|
|--------|---------|
|
|
46
52
|
| `router.js` | Resolve user intent to skills, agents, recipes, and workflows. |
|
|
53
|
+
| `quarterback.js` | Entry router that classifies a prompt into a play and refuses new work when the project is on red. |
|
|
47
54
|
| `command-families.js` | Define UX command families, status views, decision ladders, and trigger precedence helpers. |
|
|
48
55
|
| `recipes.js` | Load and validate routing recipes. |
|
|
49
56
|
| `workflow-parser.js` | Parse workflow YAML into executable steps. |
|
|
@@ -59,7 +66,7 @@ package-level integrations.
|
|
|
59
66
|
|
|
60
67
|
| Module | Purpose |
|
|
61
68
|
|--------|---------|
|
|
62
|
-
| `artifact-map.js` |
|
|
69
|
+
| `artifact-map.js` | Tier gate artifact map: the per-tier required artifacts and state steps used by dashboards, gates, and doc-count checks. (Module-local paths stay in their owning module; `state.json` is named via `state.STATE_FILE`.) |
|
|
63
70
|
| `artifact-linter.js` | Check artifacts for required labels, evidence, and domain precision. |
|
|
64
71
|
| `artifact-diff.js` | Compare artifact changes for review and release workflows. |
|
|
65
72
|
| `gate.js` | Run executable artifact gates for Phase 1 tier completion checks. |
|
|
@@ -98,6 +105,7 @@ package-level integrations.
|
|
|
98
105
|
| `drift-detector.js` | Detect context drift between artifacts and implementation. |
|
|
99
106
|
| `impact.js` | Summarize expected impact of proposed changes. |
|
|
100
107
|
| `linkage.js` | Connect artifacts, stories, and implementation files. |
|
|
108
|
+
| `requirements.js` | Track which PRD requirements are done, in progress, or untouched from disk evidence. |
|
|
101
109
|
| `multi-repo-detector.js` | Detect multi-repository workspaces. |
|
|
102
110
|
| `reverse-sync.js` | Reflect implementation changes back into artifacts. |
|
|
103
111
|
| `review-required.js` | Decide when review gates should block progress. |
|
|
@@ -111,6 +119,9 @@ package-level integrations.
|
|
|
111
119
|
| `installer-files.js` | File-copy helpers shared by the installer and its tests. |
|
|
112
120
|
| `installer-args.js` | Parse `bin/install.js` arguments and subcommands. |
|
|
113
121
|
| `cli-dispatch.js` | Dispatch local CLI helper commands such as status, quick-proof, gate, dogfood, and extension-scaffold. |
|
|
122
|
+
| `cli-log.js` | Shared ANSI console logger (log/success/warn/error) for the binary and CLI dispatch. |
|
|
123
|
+
| `text-util.js` | Small shared string helpers (the canonical `slugify`). |
|
|
124
|
+
| `mcp-info.js` | Render read-only MCP companion setup instructions for `npx godpowers mcp-info`. |
|
|
114
125
|
| `install-profiles.js` | Select smaller role-specific slash-command install surfaces. |
|
|
115
126
|
| `surface-profile.js` | Preview and apply runtime command surface profile switches after install. |
|
|
116
127
|
| `installer-runtimes.js` | Map supported runtimes to their config directories. |
|
package/lib/artifact-map.js
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Shared tier artifact map for dashboard, gates, and documentation checks.
|
|
3
|
+
*
|
|
4
|
+
* Scope: this owns the per-tier *gate artifacts* (which files a tier requires
|
|
5
|
+
* and the state step it maps to). It is not a flat registry of every
|
|
6
|
+
* `.godpowers/...` path: module-local artifacts (a sync module's log file, the
|
|
7
|
+
* evidence ledger) live in their owning module, and `state.json` is named via
|
|
8
|
+
* `state.STATE_FILE`.
|
|
3
9
|
*/
|
|
4
10
|
|
|
5
11
|
const TIER_ARTIFACTS = {
|
package/lib/cli-dispatch.js
CHANGED
|
@@ -5,25 +5,10 @@
|
|
|
5
5
|
const gate = require('./gate');
|
|
6
6
|
const identity = require('./package-identity');
|
|
7
7
|
const stateAdvance = require('./state-advance');
|
|
8
|
+
const { log, success, warn, error } = require('./cli-log');
|
|
8
9
|
|
|
9
10
|
const VERSION = identity.PACKAGE_VERSION;
|
|
10
11
|
|
|
11
|
-
function log(msg) {
|
|
12
|
-
console.log(` ${msg}`);
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
function success(msg) {
|
|
16
|
-
console.log(` \x1b[32m+\x1b[0m ${msg}`);
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
function warn(msg) {
|
|
20
|
-
console.log(` \x1b[33m!\x1b[0m ${msg}`);
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
function error(msg) {
|
|
24
|
-
console.error(` \x1b[31mx\x1b[0m ${msg}`);
|
|
25
|
-
}
|
|
26
|
-
|
|
27
12
|
function runAutomationCommand(opts) {
|
|
28
13
|
const automation = require('./automation-providers');
|
|
29
14
|
const result = opts.command === 'automation-setup'
|
|
@@ -501,7 +486,20 @@ function runOutcomeCommand(opts) {
|
|
|
501
486
|
projectRoot
|
|
502
487
|
});
|
|
503
488
|
} else if (action === 'check') {
|
|
504
|
-
payload = evidence.outcome.check(opts.outcomeSlug, {
|
|
489
|
+
payload = evidence.outcome.check(opts.outcomeSlug, {
|
|
490
|
+
projectRoot,
|
|
491
|
+
// SEC-002: announce the disk-sourced verifier before it runs, so running
|
|
492
|
+
// `outcome check` inside an untrusted cloned repo cannot silently execute
|
|
493
|
+
// a planted command. Goes to stderr so it never corrupts --json on stdout.
|
|
494
|
+
notice: ({ verifier, source }) => {
|
|
495
|
+
const rel = relLedger({ project: projectRoot }, source) || source;
|
|
496
|
+
process.stderr.write(
|
|
497
|
+
` notice: outcome '${opts.outcomeSlug}' runs a verifier loaded from ${rel}\n` +
|
|
498
|
+
` command: ${verifier}\n` +
|
|
499
|
+
` (.godpowers/ledger/ carries executable state; only run 'outcome check' in repos you trust)\n`
|
|
500
|
+
);
|
|
501
|
+
}
|
|
502
|
+
});
|
|
505
503
|
} else if (action === 'stop') {
|
|
506
504
|
payload = evidence.outcome.stop(opts.outcomeSlug, opts.reason || undefined, { projectRoot });
|
|
507
505
|
} else {
|
|
@@ -626,11 +624,22 @@ const COMMAND_RUNNERS = {
|
|
|
626
624
|
|
|
627
625
|
function runCommand(opts) {
|
|
628
626
|
const runner = COMMAND_RUNNERS[opts.command];
|
|
629
|
-
if (runner)
|
|
627
|
+
if (!runner) return false;
|
|
628
|
+
try {
|
|
630
629
|
runner(opts);
|
|
631
|
-
|
|
630
|
+
} catch (err) {
|
|
631
|
+
// ERR-002: a corrupt state.json throws from state.read(). Surface the
|
|
632
|
+
// helpful message as a clean one-liner with a non-zero exit instead of a
|
|
633
|
+
// raw stack trace. Match the typed error code (ERR-004), not the message
|
|
634
|
+
// prose. Re-throw anything else so genuine bugs still surface.
|
|
635
|
+
if (err && err.code === 'CORRUPT_STATE') {
|
|
636
|
+
error(err.message);
|
|
637
|
+
process.exitCode = 1;
|
|
638
|
+
} else {
|
|
639
|
+
throw err;
|
|
640
|
+
}
|
|
632
641
|
}
|
|
633
|
-
return
|
|
642
|
+
return true;
|
|
634
643
|
}
|
|
635
644
|
|
|
636
645
|
module.exports = {
|
package/lib/cli-log.js
ADDED
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared ANSI console logger for the installer binary and CLI dispatch (QUAL-002).
|
|
3
|
+
*
|
|
4
|
+
* bin/install.js and lib/cli-dispatch.js previously defined these four helpers
|
|
5
|
+
* verbatim. They now share one copy so the prefix/colour convention lives once.
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
function log(msg) {
|
|
9
|
+
console.log(` ${msg}`);
|
|
10
|
+
}
|
|
11
|
+
|
|
12
|
+
function success(msg) {
|
|
13
|
+
console.log(` \x1b[32m+\x1b[0m ${msg}`);
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
function warn(msg) {
|
|
17
|
+
console.log(` \x1b[33m!\x1b[0m ${msg}`);
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
function error(msg) {
|
|
21
|
+
console.error(` \x1b[31mx\x1b[0m ${msg}`);
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
module.exports = { log, success, warn, error };
|
package/lib/dashboard.js
CHANGED
|
@@ -17,6 +17,7 @@ const repoDocSync = require('./repo-doc-sync');
|
|
|
17
17
|
const repoSurfaceSync = require('./repo-surface-sync');
|
|
18
18
|
const hostCapabilities = require('./host-capabilities');
|
|
19
19
|
const artifactMap = require('./artifact-map');
|
|
20
|
+
const { read: readText, exists } = require('./sync-fs');
|
|
20
21
|
|
|
21
22
|
const GOD_DIR = '.godpowers';
|
|
22
23
|
const PRD_PATH = artifactMap.requiredArtifactsForTier('prd')[0].path;
|
|
@@ -25,16 +26,6 @@ const CHECKPOINT_PATH = '.godpowers/CHECKPOINT.md';
|
|
|
25
26
|
const SYNC_LOG_PATH = '.godpowers/SYNC-LOG.md';
|
|
26
27
|
const REVIEW_PATH = '.godpowers/REVIEW-REQUIRED.md';
|
|
27
28
|
|
|
28
|
-
function exists(projectRoot, relPath) {
|
|
29
|
-
return fs.existsSync(path.join(projectRoot, relPath));
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
function readText(projectRoot, relPath) {
|
|
33
|
-
const file = path.join(projectRoot, relPath);
|
|
34
|
-
if (!fs.existsSync(file)) return '';
|
|
35
|
-
return fs.readFileSync(file, 'utf8');
|
|
36
|
-
}
|
|
37
|
-
|
|
38
29
|
function mtimeMs(projectRoot, relPath) {
|
|
39
30
|
const file = path.join(projectRoot, relPath);
|
|
40
31
|
if (!fs.existsSync(file)) return null;
|