gsdd-cli 0.21.0 → 0.23.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -1
- package/agents/executor.md +12 -1
- package/agents/planner.md +2 -0
- package/agents/verifier.md +1 -1
- package/bin/gsdd.mjs +3 -2
- package/bin/lib/control-map.mjs +629 -0
- package/bin/lib/health.mjs +2 -2
- package/bin/lib/init-flow.mjs +7 -7
- package/bin/lib/init-runtime.mjs +3 -0
- package/bin/lib/rendering.mjs +5 -0
- package/bin/lib/ui-proof.mjs +136 -13
- package/distilled/DESIGN.md +63 -7
- package/distilled/EVIDENCE-INDEX.md +23 -0
- package/distilled/README.md +9 -0
- package/distilled/templates/delegates/plan-checker.md +1 -0
- package/distilled/templates/ui-proof.md +33 -7
- package/distilled/workflows/execute.md +5 -4
- package/distilled/workflows/pause.md +2 -0
- package/distilled/workflows/plan.md +7 -6
- package/distilled/workflows/progress.md +4 -0
- package/distilled/workflows/quick.md +6 -3
- package/distilled/workflows/resume.md +4 -0
- package/distilled/workflows/verify.md +1 -0
- package/docs/USER-GUIDE.md +2 -0
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -69,7 +69,7 @@ Invariant suites (I-series), guard suites (G-series), and scenario suites (S-ser
|
|
|
69
69
|
|
|
70
70
|
### Smaller surface, stricter closure
|
|
71
71
|
|
|
72
|
-
|
|
72
|
+
4 main workflows, 14 public workflow surfaces, 10 roles, one CLI. The daily spine is `new-project -> plan -> execute -> verify`; milestone, quick, pause/resume, progress, audit, and mapping surfaces support that spine. Lifecycle progression goes through deterministic preflight gates — not conversational inference. Plans are checked by a separate agent in a separate context before execution begins. Closure requires evidence, not just file existence.
|
|
73
73
|
|
|
74
74
|
<details>
|
|
75
75
|
<summary>How it works</summary>
|
|
@@ -346,6 +346,7 @@ Workflows are agent skills or commands, not plain shell utilities. How you invok
|
|
|
346
346
|
| `npx -y gsdd-cli init [--tools <platform>]` | Set up `.planning/`, generate skills/adapters |
|
|
347
347
|
| `npx -y gsdd-cli update [--tools <platform>] [--templates]` | Regenerate skills/adapters and refresh the repo-local helper runtime; `--templates` refreshes `.planning/templates/` and role contracts |
|
|
348
348
|
| `npx -y gsdd-cli health [--json]` | Check workspace integrity and generated-surface freshness (healthy/degraded/broken) |
|
|
349
|
+
| `npx -y gsdd-cli control-map [--json] [--with-ignored]` | Report computed repo/worktree/planning state, dirty buckets, optional ignored-path scan, local annotations, and safe next interventions |
|
|
349
350
|
| `npx -y gsdd-cli ui-proof validate <path> [--claim <public\|publication\|tracked\|delivery\|release>]` | Validate UI proof bundle metadata without requiring browser tooling; use `--claim` only when validating that stronger proof use |
|
|
350
351
|
| `npx -y gsdd-cli file-op <copy\|delete\|regex-sub>` | Run deterministic workspace-confined file copy, delete, and regex substitution |
|
|
351
352
|
| `npx -y gsdd-cli find-phase [N]` | Show phase info as JSON (for agent consumption) |
|
|
@@ -415,6 +416,7 @@ Model IDs pass through a two-layer injection guard: a regex whitelist (`/^[a-zA-
|
|
|
415
416
|
| `.planning/research/` | Research outputs |
|
|
416
417
|
| `.planning/codebase/` | Codebase maps (4 files) |
|
|
417
418
|
| `.planning/quick/` | Quick task tracking |
|
|
419
|
+
| `.planning/.local/` | Local-only operational annotations such as control-map intent; never product truth |
|
|
418
420
|
| `.planning/.continue-here.md` | Session checkpoint (created by pause, consumed by resume) |
|
|
419
421
|
|
|
420
422
|
### Advisory Git Protocol
|
package/agents/executor.md
CHANGED
|
@@ -211,7 +211,18 @@ Before reporting a task complete:
|
|
|
211
211
|
- A task is not complete because code was written. It is complete when the intended verification path actually passes.
|
|
212
212
|
|
|
213
213
|
### UI Proof Execution
|
|
214
|
-
If the plan defines UI proof slots, record observed proof against the exact claim, route/state, observation, evidence kind, artifact path or manual step, privacy metadata, result, and claim limit before claiming task completion.
|
|
214
|
+
If the plan defines UI proof slots, record observed proof against the exact claim, route/state, observation, evidence kind, artifact path or manual step, privacy metadata, result, and claim limit before claiming task completion.
|
|
215
|
+
|
|
216
|
+
Use `agent-browser` as the default live UI proof path:
|
|
217
|
+
- open the planned route/state
|
|
218
|
+
- capture interactive snapshots/refs when relevant
|
|
219
|
+
- exercise the changed flow
|
|
220
|
+
- capture screenshots for the planned viewport(s)
|
|
221
|
+
- record relevant console/network observations
|
|
222
|
+
|
|
223
|
+
If `agent-browser` is unavailable, record the availability constraint and closest project-native interactive browser fallback in the proof bundle instead of silently treating the fallback as the default path. Existing Playwright/package-script browser tests remain canonical repeatable regression evidence when present; use Playwright scripting only for checks `agent-browser` cannot cover cleanly, such as JS-disabled, structured console, or multi-context verification.
|
|
224
|
+
|
|
225
|
+
Artifact metadata must include `visibility`, `retention`, `sensitivity`, and `safe_to_publish`; raw screenshots, traces, videos, DOM snapshots, and reports are local-only/unsafe by default and cannot back public, tracked, delivery, release, or publication proof claims. Use `gsdd ui-proof validate <path>` or `gsdd health` when a bundle exists. Artifact count, source comments, AST/cAST findings, semantic search, and Semble-like retrieval are not proof. Missing or weakly linked evidence must be recorded as proof debt, waiver, deferment, or reduced claim language rather than satisfied proof.
|
|
215
226
|
</execution_loop>
|
|
216
227
|
|
|
217
228
|
<checkpoint_protocol>
|
package/agents/planner.md
CHANGED
|
@@ -158,6 +158,8 @@ For UI-sensitive work, plan proof slots that can later be matched exactly to cla
|
|
|
158
158
|
|
|
159
159
|
Require observed artifacts to carry `visibility`, `retention`, `sensitivity`, and `safe_to_publish`; when a planned slot is meant to support public, publication, tracked, delivery, or release proof, say to validate the observed bundle with `gsdd ui-proof validate <path> --claim <...>`. `gsdd ui-proof validate`/`gsdd health` must catch invalid bundle metadata when present.
|
|
160
160
|
|
|
161
|
+
For live rendered UI proof, plan `agent-browser` as the default runtime evidence path: route open, interactive snapshot/refs when relevant, changed-flow interaction, screenshots for the planned viewport(s), and relevant console/network observations. If `agent-browser` is unavailable in the runtime, require an explicit availability constraint and the closest project-native interactive browser fallback before narrowing the claim. Existing Playwright/package-script browser tests remain the canonical repeatable regression path when present; do not scaffold new browser infrastructure by default. The planner chooses viewport coverage, but must explain why the viewport set is sufficient for the claim or narrow the claim limit; responsive claims need desktop/mobile or equivalent state coverage.
|
|
162
|
+
|
|
161
163
|
Do not let source annotations, AST/cAST findings, semantic search, comments, or Semble-like retrieval satisfy proof slots; they are discovery hints only. Human acceptance can narrow or waive a claim and record proof debt, but it must not turn missing or mismatched non-human evidence into `satisfied` proof.
|
|
162
164
|
</ui_proof_planning>
|
|
163
165
|
|
package/agents/verifier.md
CHANGED
|
@@ -123,7 +123,7 @@ Do not return a flat symptom list when the same underlying breakage explains mul
|
|
|
123
123
|
|
|
124
124
|
Visual correctness, live interaction quality, and some external integrations still need explicit human checks.
|
|
125
125
|
|
|
126
|
-
For UI proof slots, fail closed unless observed proof is matched to the exact claim, route/state, observation, evidence kind, artifact path or manual step, privacy metadata, result, and claim limit. Artifact metadata must include `visibility`, `retention`, `sensitivity`, and `safe_to_publish`; local-only or unsafe artifacts cannot back public, tracked, delivery, release, or publication proof claims, and `gsdd ui-proof validate`/`gsdd health` metadata failures block the stronger proof claim. Screenshots, traces, reports, Gherkin, a11y scans, E2E outputs, manual notes, source annotations, AST/cAST findings, semantic search, comments, and Semble-like retrieval do not satisfy proof by existence alone. Human acceptance records risk, waiver, deferment, proof debt, or a narrowed claim; it does not upgrade missing or mismatched non-human proof to `satisfied`.
|
|
126
|
+
For UI proof slots, fail closed unless observed proof is matched to the exact claim, route/state, observation, evidence kind, artifact path or manual step, privacy metadata, result, and claim limit. For live UI runtime proof, expect `agent-browser` as the default captured tool unless the observed bundle explains a project-native equivalent or an availability constraint; do not fail solely because another browser tool was used, but downgrade vague proof that lacks exact route/state, viewport coverage or rationale, interactive steps/refs where relevant, screenshot/report artifacts, or relevant console/network observations. Existing Playwright/package-script browser tests count as canonical repeatable regression evidence, not as a replacement for scoped runtime proof when the slot requires `runtime`. Artifact metadata must include `visibility`, `retention`, `sensitivity`, and `safe_to_publish`; local-only or unsafe artifacts cannot back public, tracked, delivery, release, or publication proof claims, and `gsdd ui-proof validate`/`gsdd health` metadata failures block the stronger proof claim. Screenshots, traces, reports, Gherkin, a11y scans, E2E outputs, manual notes, source annotations, AST/cAST findings, semantic search, comments, and Semble-like retrieval do not satisfy proof by existence alone. Human acceptance records risk, waiver, deferment, proof debt, or a narrowed claim; it does not upgrade missing or mismatched non-human proof to `satisfied`.
|
|
127
127
|
|
|
128
128
|
## Step 9: Determine overall status
|
|
129
129
|
|
package/bin/gsdd.mjs
CHANGED
|
@@ -20,6 +20,7 @@ import { createCmdHealth } from './lib/health.mjs';
|
|
|
20
20
|
import { cmdLifecyclePreflight } from './lib/lifecycle-preflight.mjs';
|
|
21
21
|
import { cmdSessionFingerprint } from './lib/session-fingerprint.mjs';
|
|
22
22
|
import { cmdUiProof } from './lib/ui-proof.mjs';
|
|
23
|
+
import { cmdControlMap } from './lib/control-map.mjs';
|
|
23
24
|
import { resolveWorkspaceContext } from './lib/workspace-root.mjs';
|
|
24
25
|
|
|
25
26
|
const __filename = fileURLToPath(import.meta.url);
|
|
@@ -86,7 +87,6 @@ function createCliContext(cwd = process.cwd()) {
|
|
|
86
87
|
}
|
|
87
88
|
|
|
88
89
|
const INIT_CONTEXT = createCliContext(process.cwd());
|
|
89
|
-
|
|
90
90
|
const cmdInit = createCmdInit(INIT_CONTEXT);
|
|
91
91
|
const cmdHealth = createCmdHealth(INIT_CONTEXT);
|
|
92
92
|
|
|
@@ -109,6 +109,7 @@ const COMMANDS = {
|
|
|
109
109
|
'lifecycle-preflight': cmdLifecyclePreflight,
|
|
110
110
|
'session-fingerprint': cmdSessionFingerprint,
|
|
111
111
|
'ui-proof': cmdUiProof,
|
|
112
|
+
'control-map': cmdControlMap,
|
|
112
113
|
'find-phase': cmdFindPhase,
|
|
113
114
|
'phase-status': cmdPhaseStatus,
|
|
114
115
|
verify: cmdVerify,
|
|
@@ -135,4 +136,4 @@ async function runCli(cliCommand = command, ...cliArgs) {
|
|
|
135
136
|
}
|
|
136
137
|
|
|
137
138
|
if (IS_MAIN) await runCli();
|
|
138
|
-
export { cmdHelp, cmdInit, cmdUpdate, cmdModels, cmdHealth, cmdFileOp, cmdLifecyclePreflight, cmdSessionFingerprint, cmdUiProof, cmdFindPhase, cmdPhaseStatus, cmdVerify, cmdScaffold, runCli, FRAMEWORK_VERSION, createCliContext };
|
|
139
|
+
export { cmdHelp, cmdInit, cmdUpdate, cmdModels, cmdHealth, cmdFileOp, cmdLifecyclePreflight, cmdSessionFingerprint, cmdUiProof, cmdControlMap, cmdFindPhase, cmdPhaseStatus, cmdVerify, cmdScaffold, runCli, FRAMEWORK_VERSION, createCliContext };
|