instar 1.3.322 → 1.3.324
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +64 -0
- package/dist/commands/init.js.map +1 -1
- package/dist/core/AgentPassport.d.ts +50 -0
- package/dist/core/AgentPassport.d.ts.map +1 -0
- package/dist/core/AgentPassport.js +70 -0
- package/dist/core/AgentPassport.js.map +1 -0
- package/dist/core/AgentReadinessScorer.d.ts +54 -0
- package/dist/core/AgentReadinessScorer.d.ts.map +1 -0
- package/dist/core/AgentReadinessScorer.js +110 -0
- package/dist/core/AgentReadinessScorer.js.map +1 -0
- package/dist/core/PostUpdateMigrator.d.ts.map +1 -1
- package/dist/core/PostUpdateMigrator.js +38 -0
- package/dist/core/PostUpdateMigrator.js.map +1 -1
- package/dist/scaffold/templates.d.ts.map +1 -1
- package/dist/scaffold/templates.js +9 -0
- package/dist/scaffold/templates.js.map +1 -1
- package/dist/server/CapabilityIndex.d.ts.map +1 -1
- package/dist/server/CapabilityIndex.js +18 -0
- package/dist/server/CapabilityIndex.js.map +1 -1
- package/dist/server/routes.d.ts.map +1 -1
- package/dist/server/routes.js +87 -0
- package/dist/server/routes.js.map +1 -1
- package/package.json +1 -1
- package/src/data/builtin-manifest.json +63 -63
- package/src/scaffold/templates.ts +9 -0
- package/upgrades/1.3.323.md +54 -0
- package/upgrades/1.3.324.md +51 -0
- package/upgrades/side-effects/exo3-g2-ci-greening.md +35 -0
- package/upgrades/side-effects/exo3-g3-ci-greening.md +31 -0
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# Upgrade Guide — vNEXT
|
|
2
|
+
|
|
3
|
+
<!-- assembled-by: assemble-next-md -->
|
|
4
|
+
<!-- bump: minor -->
|
|
5
|
+
|
|
6
|
+
## What Changed
|
|
7
|
+
|
|
8
|
+
Adds the **agent digital passport** — Salim Ismail's EXO 3.0 concept (from *The
|
|
9
|
+
80-Year Business Rule AI Just Broke*): "every AI agent gets a digital passport
|
|
10
|
+
with metadata saying what it's allowed to do and what it's not allowed to do,
|
|
11
|
+
and other agents watching that it's complying."
|
|
12
|
+
|
|
13
|
+
This packages Instar's existing primitives — agent identity (name + routing
|
|
14
|
+
fingerprint), trust level, and ORG-INTENT constraints — into one portable
|
|
15
|
+
passport, plus a deterministic compliance check a peer runs before trusting an
|
|
16
|
+
action:
|
|
17
|
+
|
|
18
|
+
- `GET /passport` → `{ version, agent, fingerprint, trustLevel,
|
|
19
|
+
allowedCapabilities, forbiddenActions, issuedAt }`. `forbiddenActions` are
|
|
20
|
+
drawn from the agent's ORG-INTENT constraints.
|
|
21
|
+
- `POST /passport/verify` `{ passport, action }` → `{ permitted, basis, reason,
|
|
22
|
+
matched? }` where `basis` is `forbidden-action` | `trust-floor` (an untrusted
|
|
23
|
+
passport may observe but not act) | `out-of-scope` | `ok`.
|
|
24
|
+
- A `/agent-passport` skill so agents reach for it proactively.
|
|
25
|
+
|
|
26
|
+
Deterministic + advisory — it answers "should I let this passport do this?"; the
|
|
27
|
+
caller decides. Pairs with the MTP Protocol (`/intent/org/test-action`).
|
|
28
|
+
|
|
29
|
+
## What to Tell Your User
|
|
30
|
+
|
|
31
|
+
Your agent now carries a digital passport — one portable card that says who it is (name + cryptographic fingerprint), how trusted it is, and exactly what it's forbidden to do (drawn straight from your organization's written constraints). When two agents work together, one can check the other's proposed action against that passport before trusting it: "is this allowed, forbidden, or outside your scope?" It's the EXO 3.0 idea that agents police each other's compliance — made real. Nothing changes in day-to-day use until agents start exchanging passports; there's nothing you need to configure.
|
|
32
|
+
|
|
33
|
+
## Summary of New Capabilities
|
|
34
|
+
|
|
35
|
+
- `GET /passport` — your own passport: `{ agent, fingerprint, trustLevel, allowedCapabilities, forbiddenActions, issuedAt }` (forbiddenActions = ORG-INTENT constraints).
|
|
36
|
+
- `POST /passport/verify` `{ passport, action }` — deterministic peer compliance check → `{ permitted, basis, reason }` (basis: forbidden-action / trust-floor / out-of-scope / ok). Advisory — the caller decides.
|
|
37
|
+
- `/agent-passport` skill — the proactive entry point before trusting a peer's proposed action.
|
|
38
|
+
|
|
39
|
+
## Evidence
|
|
40
|
+
|
|
41
|
+
Three-tier coverage, all green, `tsc --noEmit` clean:
|
|
42
|
+
|
|
43
|
+
- Unit — `AgentPassport.test.ts` (6): build defaults + `permits()` across every
|
|
44
|
+
boundary (forbidden-action, trust-floor, out-of-scope, in-scope, unscoped).
|
|
45
|
+
- Integration — `agent-passport-routes.test.ts` (3): both routes over real HTTP,
|
|
46
|
+
with ORG-INTENT constraints surfaced as the passport's forbidden actions.
|
|
47
|
+
- E2E — `agent-passport-lifecycle.test.ts` (2): a real server on a real port;
|
|
48
|
+
`GET /passport` and `POST /passport/verify` alive end-to-end (200, not 404/503).
|
|
49
|
+
|
|
50
|
+
Skill registered in `installBuiltinSkills`; CLAUDE.md scaffold template documents
|
|
51
|
+
both endpoints.
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
# Side-effects — EXO 3.0 G2 (#791) CI greening on post-rebase main
|
|
2
|
+
|
|
3
|
+
## Change set
|
|
4
|
+
|
|
5
|
+
- `src/server/CapabilityIndex.ts` — new `agentReadiness` CAPABILITY_INDEX entry
|
|
6
|
+
(prefix `/agent-readiness`, static `configured: true`, one endpoint).
|
|
7
|
+
- `src/core/PostUpdateMigrator.ts` — migrateClaudeMd gains the Agent-Readiness
|
|
8
|
+
Scoring section (content-sniffed, idempotent) + the shadow marker
|
|
9
|
+
`'**Agent-Readiness Scoring (EXO 3.0'` in migrateFrameworkShadowCapabilities.
|
|
10
|
+
- `tests/unit/feature-delivery-completeness.test.ts` — registers the section in
|
|
11
|
+
featureSections (enforces template + migrator + shadow parity).
|
|
12
|
+
- `upgrades/next/agent-readiness-scoring.md` — adds the two user-facing
|
|
13
|
+
sections fragment validation requires.
|
|
14
|
+
|
|
15
|
+
## Side effects considered
|
|
16
|
+
|
|
17
|
+
- **/capabilities response grows** by one block; builder is pure/static (no
|
|
18
|
+
ctx dependency — the route is a stateless scorer behind a dynamic import),
|
|
19
|
+
so no probe-path cost or null-ctx risk.
|
|
20
|
+
- **Existing agents' CLAUDE.md grows** one section on next migration
|
|
21
|
+
(idempotent via `content.includes` sniff on a distinctive phrase that matches
|
|
22
|
+
both template and migrator variants: 'Agent-Readiness Scoring (EXO 3.0').
|
|
23
|
+
- **Shadow files** (AGENTS.md/GEMINI.md) mirror the section; marker bounded by
|
|
24
|
+
the next-marker scan like its siblings.
|
|
25
|
+
- **No scorer behavior change**: AgentReadinessScorer and its route untouched.
|
|
26
|
+
|
|
27
|
+
## Verification
|
|
28
|
+
|
|
29
|
+
- feature-delivery-completeness + capabilities-discoverability + agent-readiness
|
|
30
|
+
unit/integration/e2e suites green locally; `check-repo-invariants` holds;
|
|
31
|
+
`tsc --noEmit` 0 errors.
|
|
32
|
+
|
|
33
|
+
## Rollback
|
|
34
|
+
|
|
35
|
+
Revert this single commit; the feature commits are untouched by it.
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
# Side-effects — EXO 3.0 G3 (#793) CI greening on post-rebase main
|
|
2
|
+
|
|
3
|
+
## Change set
|
|
4
|
+
|
|
5
|
+
- `tests/integration/agent-passport-routes.test.ts` + `tests/e2e/agent-passport-lifecycle.test.ts`
|
|
6
|
+
— teardown `fs.rmSync` → `SafeFsExecutor.safeRmSync` (lint compliance; test-only).
|
|
7
|
+
- `src/server/CapabilityIndex.ts` — new `agentPassport` entry (prefix `/passport`,
|
|
8
|
+
static `configured: true`, two endpoints).
|
|
9
|
+
- `src/core/PostUpdateMigrator.ts` — migrateClaudeMd Agent Digital Passport
|
|
10
|
+
section (content-sniffed, idempotent) + shadow marker
|
|
11
|
+
`'**Agent Digital Passport (EXO 3.0'`.
|
|
12
|
+
- `tests/unit/feature-delivery-completeness.test.ts` — featureSections entry.
|
|
13
|
+
- `upgrades/next/agent-digital-passport.md` — the two required user sections.
|
|
14
|
+
|
|
15
|
+
## Side effects considered
|
|
16
|
+
|
|
17
|
+
- **/capabilities grows** one static block (no ctx dependency; the passport
|
|
18
|
+
builder reads identity/trust/intent lazily inside the route, not the index).
|
|
19
|
+
- **Existing agents' CLAUDE.md grows** one section on next migration; sniff
|
|
20
|
+
phrase 'Agent Digital Passport (EXO 3.0' matches template + migrator variants.
|
|
21
|
+
- **Shadow mirror**: marker bounded by the next-marker scan like its siblings.
|
|
22
|
+
- **No passport behavior change**: AgentPassport module and routes untouched.
|
|
23
|
+
|
|
24
|
+
## Verification
|
|
25
|
+
|
|
26
|
+
- Passport unit/integration/e2e + completeness + discoverability suites green
|
|
27
|
+
locally; `check-repo-invariants` holds; destructive lint clean; `tsc --noEmit` 0.
|
|
28
|
+
|
|
29
|
+
## Rollback
|
|
30
|
+
|
|
31
|
+
Revert this single commit; feature commits untouched.
|