mindforge-cc 10.7.0 → 11.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (85) hide show
  1. package/.agent/hooks/mindforge-statusline.js +2 -2
  2. package/.mindforge/MINDFORGE-V2-SCHEMA.json +43 -10
  3. package/.mindforge/config.json +18 -4
  4. package/CHANGELOG.md +165 -0
  5. package/MINDFORGE.md +3 -3
  6. package/README.md +49 -4
  7. package/RELEASENOTES.md +81 -1
  8. package/SECURITY.md +20 -8
  9. package/bin/autonomous/audit-writer.js +105 -70
  10. package/bin/autonomous/auto-runner.js +377 -34
  11. package/bin/autonomous/context-refactorer.js +26 -11
  12. package/bin/autonomous/dependency-dag.js +59 -0
  13. package/bin/autonomous/state-manager.js +62 -6
  14. package/bin/autonomous/stuck-monitor.js +46 -7
  15. package/bin/autonomous/wave-executor.js +86 -26
  16. package/bin/council-cli.js +161 -0
  17. package/bin/dashboard/api-router.js +43 -0
  18. package/bin/dashboard/approval-handler.js +3 -1
  19. package/bin/dashboard/metrics-aggregator.js +28 -1
  20. package/bin/dashboard/server.js +68 -5
  21. package/bin/dashboard/sse-bridge.js +10 -13
  22. package/bin/engine/council-runtime.js +124 -0
  23. package/bin/engine/feedback-loop.js +8 -0
  24. package/bin/engine/intelligence-interlock.js +32 -15
  25. package/bin/engine/logic-drift-detector.js +2 -1
  26. package/bin/engine/nexus-tracer.js +3 -2
  27. package/bin/engine/otel-exporter.js +123 -0
  28. package/bin/engine/remediation-engine.js +155 -32
  29. package/bin/engine/self-corrective-synthesizer.js +84 -10
  30. package/bin/engine/sre-manager.js +12 -4
  31. package/bin/engine/temporal-cli.js +4 -2
  32. package/bin/engine/temporal-hub.js +131 -34
  33. package/bin/engine/verification-runner.js +131 -0
  34. package/bin/engine/verify-cli.js +34 -0
  35. package/bin/eval/eval-harness.js +82 -0
  36. package/bin/eval/golden-set-retrieval.json +46 -0
  37. package/bin/governance/approve.js +41 -5
  38. package/bin/governance/audit-hash.js +12 -0
  39. package/bin/governance/audit-verifier.js +60 -0
  40. package/bin/governance/impact-analyzer.js +28 -0
  41. package/bin/governance/policy-engine.js +10 -3
  42. package/bin/governance/quantum-crypto.js +95 -28
  43. package/bin/governance/rbac-manager.js +74 -2
  44. package/bin/governance/ztai-manager.js +79 -9
  45. package/bin/hindsight-injector.js +8 -9
  46. package/bin/hooks/instinct-capture-hook.js +186 -0
  47. package/bin/memory/auto-shadow.js +32 -3
  48. package/bin/memory/eis-client.js +71 -34
  49. package/bin/memory/embedding-engine.js +61 -0
  50. package/bin/memory/identity-synthesizer.js +2 -2
  51. package/bin/memory/knowledge-graph.js +58 -5
  52. package/bin/memory/knowledge-indexer.js +53 -6
  53. package/bin/memory/knowledge-store.js +52 -6
  54. package/bin/memory/retrieval-fusion.js +58 -0
  55. package/bin/memory/semantic-hub.js +2 -2
  56. package/bin/memory/vector-hub.js +111 -6
  57. package/bin/migrations/10.7.0-to-11.0.0.js +110 -0
  58. package/bin/migrations/schema-versions.js +13 -0
  59. package/bin/mindforge-cli.js +4 -5
  60. package/bin/models/anthropic-provider.js +58 -4
  61. package/bin/models/cloud-broker.js +68 -20
  62. package/bin/models/cost-tracker.js +3 -1
  63. package/bin/models/difficulty-scorer.js +54 -0
  64. package/bin/models/gemini-provider.js +57 -2
  65. package/bin/models/model-client.js +20 -0
  66. package/bin/models/model-router.js +59 -26
  67. package/bin/models/openai-provider.js +50 -3
  68. package/bin/models/pricing-registry.js +128 -0
  69. package/bin/review/ads-engine.js +1 -1
  70. package/bin/security/trust-boundaries.js +102 -0
  71. package/bin/security/trust-gate-hook.js +39 -0
  72. package/bin/skill-registry.js +3 -2
  73. package/bin/skills-builder/marketplace-cli.js +5 -3
  74. package/bin/skills-builder/skill-registrar.js +4 -6
  75. package/bin/sre/sentinel.js +7 -5
  76. package/bin/utils/append-queue.js +55 -0
  77. package/bin/utils/file-io.js +90 -38
  78. package/bin/utils/index.js +58 -0
  79. package/bin/utils/version-check.js +59 -0
  80. package/bin/verify-audit.js +12 -0
  81. package/bin/wizard/theme.js +1 -2
  82. package/docs/getting-started.md +1 -1
  83. package/docs/user-guide.md +2 -2
  84. package/package.json +2 -2
  85. package/bin/dashboard/team-tracker.js +0 -0
@@ -84,7 +84,7 @@ process.stdin.on('end', () => {
84
84
  const todos = JSON.parse(fs.readFileSync(path.join(todosDir, files[0].name), 'utf8'));
85
85
  const inProgress = todos.find(t => t.status === 'in_progress');
86
86
  if (inProgress) task = inProgress.activeForm || '';
87
- } catch (e) {}
87
+ } catch (e) { /* intentionally empty */ }
88
88
  }
89
89
  } catch (e) {
90
90
  // Silently fail on file system errors - don't break statusline
@@ -103,7 +103,7 @@ process.stdin.on('end', () => {
103
103
  if (cache.stale_hooks && cache.stale_hooks.length > 0) {
104
104
  mindforgeUpdate += '\x1b[31m⚠ stale hooks — run /mindforge:update\x1b[0m │ ';
105
105
  }
106
- } catch (e) {}
106
+ } catch (e) { /* intentionally empty */ }
107
107
  }
108
108
 
109
109
  // Output
@@ -1,14 +1,51 @@
1
1
  {
2
2
  "$schema": "http://json-schema.org/draft-07/schema#",
3
3
  "title": "MindForge v2 Autonomous Engine Schema",
4
- "description": "Schema for HANDOFF.json and auto-state.json in v2.0.0-alpha.1",
4
+ "description": "Schema for HANDOFF.json and auto-state.json in v2.0.0-alpha.1+",
5
5
  "type": "object",
6
6
  "properties": {
7
- "schema_version": { "type": "string", "const": "2.0.0" },
7
+ "schema_version": { "type": "string" },
8
+ "schema_type": { "type": "string", "enum": ["HANDOFF", "AUTO_STATE"] },
8
9
  "auto_mode_active": { "type": "boolean" },
9
- "phase": { "type": "integer" },
10
- "wave_current": { "type": "integer" },
11
- "tasks_completed": { "type": "integer" },
10
+ "phase": { "oneOf": [{ "type": "integer" }, { "type": "string" }] },
11
+ "wave_current": { "type": "integer", "minimum": 0 },
12
+ "tasks_completed": { "type": "integer", "minimum": 0 },
13
+ "status": {
14
+ "type": "string",
15
+ "enum": ["idle", "running", "paused", "completed", "escalated", "timeout"]
16
+ },
17
+ "handoffs": {
18
+ "type": "array",
19
+ "items": {
20
+ "type": "object",
21
+ "properties": {
22
+ "id": { "type": "string" },
23
+ "name": { "type": "string" },
24
+ "plan": { "type": "string" },
25
+ "depends_on": {
26
+ "type": "array",
27
+ "items": { "type": "string" }
28
+ },
29
+ "wave": { "type": "integer", "minimum": 0 }
30
+ },
31
+ "required": ["id", "name"]
32
+ }
33
+ },
34
+ "timestamps": {
35
+ "type": "object",
36
+ "properties": {
37
+ "started_at": { "type": "string", "format": "date-time" },
38
+ "updated_at": { "type": "string", "format": "date-time" }
39
+ }
40
+ },
41
+ "next_task": { "type": "string" },
42
+ "context_refs": { "type": "array", "items": { "type": "string" } },
43
+ "blockers": { "type": "array", "items": { "type": "string" } },
44
+ "decisions_needed": { "type": "array", "items": { "type": "string" } },
45
+ "recent_commits": { "type": "array", "items": { "type": "string" } },
46
+ "recent_files": { "type": "array", "items": { "type": "string" } },
47
+ "current_context": { "type": "string" },
48
+ "last_updated": { "type": "string", "format": "date-time" },
12
49
  "PLANNER_MODEL": { "type": "string" },
13
50
  "EXECUTOR_MODEL": { "type": "string" },
14
51
  "REVIEWER_MODEL": { "type": "string" },
@@ -21,10 +58,6 @@
21
58
  "MODEL_COST_HARD_LIMIT_USD": { "type": "number" },
22
59
  "MODEL_PREFER_CHEAP_BELOW_DIFFICULTY": { "type": "number" },
23
60
  "REQUIRE_CROSS_REVIEW": { "type": "boolean" },
24
- "status": {
25
- "type": "string",
26
- "enum": ["idle", "running", "paused", "completed", "escalated", "timeout"]
27
- },
28
61
  "governance": {
29
62
  "type": "object",
30
63
  "properties": {
@@ -43,5 +76,5 @@
43
76
  }
44
77
  }
45
78
  },
46
- "required": ["schema_version", "auto_mode_active", "status"]
79
+ "required": ["schema_version"]
47
80
  }
@@ -1,11 +1,11 @@
1
1
  {
2
- "version": "10.7.0",
2
+ "version": "11.2.0",
3
3
  "environment": "development",
4
4
  "governance": {
5
5
  "drift_threshold": 0.75,
6
6
  "critical_drift_threshold": 0.5,
7
7
  "res_threshold": 0.8,
8
- "active_did": "did:mindforge:5a537f83-69de-40ac-a613-e96d4a84a270"
8
+ "active_did": "did:mindforge:0f5f4777-ffd4-4aef-aa46-e8eb34c0e8c0"
9
9
  },
10
10
  "revops": {
11
11
  "market_registry": {
@@ -18,6 +18,8 @@
18
18
  "claude-sonnet-4-6": {
19
19
  "cost_input": 0.003,
20
20
  "cost_output": 0.015,
21
+ "cost_cache_read": 0.0003,
22
+ "cost_cache_creation": 0.00375,
21
23
  "benchmark": 99,
22
24
  "provider": "Anthropic"
23
25
  },
@@ -42,12 +44,16 @@
42
44
  "claude-haiku-4-5": {
43
45
  "cost_input": 0.0002,
44
46
  "cost_output": 0.0004,
47
+ "cost_cache_read": 0.00002,
48
+ "cost_cache_creation": 0.00025,
45
49
  "benchmark": 82,
46
50
  "provider": "Anthropic"
47
51
  },
48
52
  "claude-opus-4-7": {
49
53
  "cost_input": 0.015,
50
54
  "cost_output": 0.075,
55
+ "cost_cache_read": 0.0015,
56
+ "cost_cache_creation": 0.01875,
51
57
  "benchmark": 100,
52
58
  "provider": "Anthropic"
53
59
  }
@@ -56,9 +62,12 @@
56
62
  "premium_fallback_model": "claude-opus-4-7"
57
63
  },
58
64
  "security": {
59
- "pqas_enabled": true,
65
+ "pqas_enabled": false,
60
66
  "enclave_tier": 2,
61
- "provider": "simulated-lattice"
67
+ "provider": "Dilithium-5 (simulated — inactive)"
68
+ },
69
+ "experimental": {
70
+ "pqc_demo": false
62
71
  },
63
72
  "mesh": {
64
73
  "node_id": "beta-node",
@@ -69,6 +78,11 @@
69
78
  "max_drift_threshold": 0.1,
70
79
  "auto_verify": false
71
80
  },
81
+ "wave_concurrency": 3,
82
+ "temporal": {
83
+ "max_snapshots": 50,
84
+ "max_age_days": 7
85
+ },
72
86
  "instincts": {
73
87
  "mode": "auto-capture",
74
88
  "max_active_per_project": 100,
package/CHANGELOG.md CHANGED
@@ -1,5 +1,170 @@
1
1
  # Changelog
2
2
 
3
+ ## [11.2.0] - 2026-05-31 — "Verification & Trust"
4
+
5
+ ### Added
6
+
7
+ - **UC-08 — Unified Verification Runner**
8
+ - `bin/engine/verification-runner.js`: orchestrates test/lint/audit/typecheck stages into structured results with pass/fail/skip per stage
9
+ - `bin/engine/verify-cli.js`: CLI entrypoint writing `.planning/VERIFICATION.md` reports
10
+ - `mindforge verify` command registered in CLI
11
+
12
+ - **UC-25 — Eval Harness**
13
+ - `bin/eval/eval-harness.js`: recall@k, nDCG (graded relevance), and `runEval()` orchestrator for measuring retrieval quality
14
+ - `bin/eval/golden-set-retrieval.json`: 10-query seed golden set covering orchestration, security, memory, cost, verification, hooks, and architecture domains
15
+
16
+ - **UC-22 — Tool/MCP Trust Boundaries**
17
+ - `bin/security/trust-boundaries.js`: manifest pinning (deterministic SHA-256 with recursive key sort), tamper detection, untrusted output tagging with provenance, and high-impact command detection
18
+ - `bin/security/trust-gate-hook.js`: PreToolUse hook that blocks destructive Bash commands (rm -rf, force-push, DROP TABLE, hard reset) via native Claude Code hooks
19
+ - Trust-gate registered in `.claude/settings.json` PreToolUse
20
+
21
+ - **Council CLI**
22
+ - `bin/council-cli.js`: thin wrapper wiring `runCouncil` to the `/mindforge:council` command with structured JSON output and formatted display
23
+
24
+ ### Fixed
25
+
26
+ - `auto-runner.js`: removed erroneous `new` on singleton ZTAIManager instance (was line 692)
27
+
28
+ ### Removed
29
+
30
+ - Dead `quantum-verify` CLI command entry (no handler existed)
31
+ - Dead `AuditRotator` references (broke hash chain on rotation boundaries)
32
+
33
+ ### Changed
34
+
35
+ - Config `pqas_signing` provider clarified as "Dilithium-5 (simulated — inactive)"
36
+ - Banner version strings updated to v11.1.0 in self-corrective-synthesizer and remediation-engine
37
+ - SDK README heading updated to "New in v11.1.0"
38
+ - Version bumped to 11.2.0 across package.json and config.json
39
+
40
+ ---
41
+
42
+ ## [11.1.0] - 2026-05-31 — "Beast Mode"
43
+
44
+ ### Added
45
+
46
+ - **Pillar I — Integrity & Trust**
47
+ - `bin/utils/append-queue.js`: single-writer fsync'd append queue for concurrent-safe durable writes (UC-09)
48
+ - `bin/governance/audit-hash.js`: single canonical SHA-256 hasher shared by writer + verifier (UC-04)
49
+ - `bin/governance/audit-verifier.js` + `bin/verify-audit.js` CLI: fail-closed hash-chain verifier (`exit 1` on any break) (UC-04)
50
+ - All 7 audit-write paths unified through `appendAuditEntrySync` — the audit log is now genuinely tamper-evident with a verifiable prev-hash chain (UC-04b)
51
+ - Simulated PQC demoted: `pqas_enabled=false` by default, gated behind `experimental.pqc_demo`; Tier-3 uses real Ed25519 (UC-24)
52
+
53
+ - **Pillar II — Orchestration Correctness**
54
+ - `bin/autonomous/dependency-dag.js`: real Kahn topological sort + cycle detection, ported from test-only to the engine (UC-03)
55
+ - `planWaves(handoffs, {useDag:true})` opt-in DAG wave planning — explicit `.wave` always wins, legacy default unchanged (UC-03)
56
+ - Pre-flight cycle detection halts loud before any wave executes (UC-03)
57
+ - Wave-boundary timeout enforcement: `isTimedOut` + status `'timeout'` + resumable state (UC-14)
58
+ - Opt-in rollback hook records intent on terminal ESCALATE (no auto git-reset by default) (UC-14)
59
+ - `bin/engine/council-runtime.js`: minimal 4-voice council runtime (ADS loop) with injectable model, consensus scoring, dissent capture (UC-10)
60
+
61
+ - **Pillar III — Cost-Aware Routing**
62
+ - `bin/models/pricing-registry.js`: single source of truth for model pricing, loaded from `config.json` market_registry (UC-05)
63
+ - All 3 providers routed through the registry — hardcoded pricing eliminated (UC-05)
64
+ - Prompt-cache accounting: `cache_control:{type:'ephemeral'}` on system blocks, `cache_read`/`cache_creation` parsed + priced at ~10% input rate (UC-21)
65
+ - `bin/models/difficulty-scorer.js`: heuristic 1-10 scorer with Tier-3 floor (UC-06)
66
+ - Shadow-mode difficulty routing: logs intended model without changing actual selection (UC-06)
67
+
68
+ - **Pillar IV — Native Alignment + Observability**
69
+ - `.claude/settings.json` with hooks under real native events (`PostToolUse`/`PreToolUse`/`SessionStart`) — the security guard and context monitor now actually fire (UC-19a)
70
+ - `bin/hooks/instinct-capture-hook.js`: auto-captures behavioral patterns via PostToolUse, respects session limit (UC-11)
71
+ - `bin/engine/otel-exporter.js`: optional OTel GenAI exporter mapping NexusTracer spans to `gen_ai.*` semantic conventions, gated behind `OTEL_EXPORTER_OTLP_ENDPOINT` (UC-18)
72
+ - `bin/memory/retrieval-fusion.js`: Reciprocal Rank Fusion (RRF) over knowledge-graph + BM25 retrieval paths, replacing incomparable linear blends (UC-20)
73
+
74
+ ### Fixed
75
+
76
+ - Audit-writer `close()` data-loss bug: threshold-triggered flushes were un-awaited, losing up to 10 entries on close (UC-09)
77
+ - Audit-writer flush failure no longer crashes the process via unhandled rejection — logs to stderr (UC-09)
78
+ - Vector-hub exit guard: `_dirty` boolean → pending-saves counter, closing a window where scheduled-but-unwritten saves were lost on hard exit (UC-09)
79
+ - `isTimedOut` fails CLOSED on malformed `timeout_at` (garbage deadline = halt, not run unbounded) (UC-14)
80
+ - Council position validation rejects NaN confidence / invalid recommendations (UC-10)
81
+ - Dissent is now captured under NO_CONSENSUS verdict (the deadlock case where it matters most) (UC-10)
82
+ - Pre-flight DAG check only cycle-checks stable-id tasks (id-less tasks can't be dependency targets) (UC-03)
83
+ - `groupIntoWaves` self-defends: dangling dep throws "Unknown dependency" (not misleading "Circular") (UC-03)
84
+
85
+ ### Changed
86
+
87
+ - Audit rotation retired (it broke the hash chain at every 5000-line boundary); AUDIT.jsonl grows unbounded for now — chain-aware compaction is a deferred future feature (UC-04b)
88
+ - `knowledge-store.js` appends now use `appendDurableSync` (openSync+writeSync+fsyncSync+closeSync) for guaranteed durability (UC-09)
89
+ - `auto-shadow.js` `generateShadowContext()` now fuses retrieval paths via RRF instead of a single-path linear blend (UC-20)
90
+
91
+ ### Removed
92
+
93
+ - Orphaned `createAuditWriter` buffered path (zero production callers after UC-04b unification)
94
+ - Hardcoded per-token pricing from `anthropic-provider.js`, `openai-provider.js`, `gemini-provider.js` (replaced by PricingRegistry)
95
+
96
+ ## [11.0.1] - 2026-05-30 — "Stability Patch"
97
+
98
+ ### Fixed
99
+
100
+ - **Version drift**: reconciled `.mindforge/config.json` (was 10.7.0) with the 11.x line; added a fail-closed pre-flight version-consistency assertion (`bin/utils/version-check.js`) and a regression test that runs the migration and asserts its post-state, so the drift cannot silently return. (UC-01)
101
+ - **Lint & dead code**: resolved all 109 ESLint errors, removed orphaned `bin/dashboard/team-tracker.js`, and made CI fail on any lint error. Fixed a latent `no-const-assign` runtime crash in `bin/review/ads-engine.js`. (UC-02)
102
+ - **SDK `executeCommand` no-op**: replaced the published no-op stub (which made `batchExecute` report every task "fulfilled" while executing nothing) with a real `child_process.spawn` executor with stdout/stderr capture, timeout (SIGTERM→SIGKILL), and exit-code propagation; added a regression test against the compiled dist. (UC-07a)
103
+
104
+ ## [11.0.0] - 2026-05-28 — "Sovereign Stability"
105
+
106
+ ### Breaking Changes
107
+
108
+ - `verifyZKProof()` returns structured `{ verified, reason }` instead of throwing
109
+ - `signPQ()` returns `{ signature, simulated, algorithm }` object instead of raw string
110
+ - Wave task execution order within waves is no longer deterministic
111
+ - SDK bumped to 11.0.0 with new type exports
112
+ - Dashboard tokens now expire after 24 hours
113
+ - `TemporalHub.captureState()` and `rollbackTo()` are now async
114
+
115
+ ### Added
116
+
117
+ - LRUMap utility class for bounded caches with eviction callbacks
118
+ - Atomic JSON write primitives (write-to-temp, fsync, rename)
119
+ - AUDIT.jsonl log rotation with gzip archival (max 5000 lines)
120
+ - HANDOFF.json structural validation (fail-open)
121
+ - Temporal snapshot garbage collection (retain 50, expire > 7 days)
122
+ - BM25 scoring with document-length normalization
123
+ - Persistent index cache (mtime-based invalidation)
124
+ - Persistent adjacency index for knowledge graph
125
+ - Correction effectiveness tracking in self-corrective synthesizer
126
+ - Full remediation strategy implementations (CONTEXT_COMPRESSION, GOLDEN_TRACE_INJECTION, REASONING_RESTART)
127
+ - Graduated intelligence interlock (+1/+2/MAX tier) with cost-awareness
128
+ - 3-tier stuck detection (hash → length → truncated Levenshtein)
129
+ - Adaptive context window (10/20/30 based on velocity)
130
+ - Configurable external ZK verifier module path
131
+ - Ephemeral SRE enclave keys (crypto.randomBytes)
132
+ - Time-limited RBAC role elevation with auto-expiry
133
+ - Session-scoped ZTAI agent registry
134
+ - Dashboard rate limiting (100 req/min/IP) and token expiration (24h)
135
+ - /api/v1/token/refresh endpoint
136
+ - Optional GPG approval verification
137
+ - GET /api/v1/system observability endpoint (heap, uptime, audit stats)
138
+ - checkHeapHealth() with warning/critical thresholds
139
+ - Remediation effectiveness persistence
140
+ - Model router dynamic reload (mtime-based, 60s interval)
141
+ - P95 latency ring buffer for cloud broker
142
+ - EIS client with real fetch + 3-retry exponential backoff
143
+ - Semaphore-based parallel wave execution (max concurrency configurable)
144
+ - WebSocketEventStream with auto-reconnect
145
+ - SDK streamExecution() with AsyncIterable<StreamChunk>
146
+ - SDK batchExecute() with concurrent task execution
147
+ - SDK validateRuntimeConfig()
148
+ - Model streaming support (Anthropic, OpenAI, Gemini providers)
149
+ - Migration script (bin/migrations/10.7.0-to-11.0.0.js)
150
+
151
+ ### Changed
152
+
153
+ - sessionDriftHistory bounded to 500 entries via LRUMap
154
+ - entropyCache bounded to 1000 entries via LRUMap
155
+ - Cloud broker failure tracking uses 5-minute sliding window
156
+ - Self-corrective synthesizer window expanded from 10 → 50 events
157
+ - Context refactorer uses adaptive window instead of fixed 20
158
+
159
+ ### Fixed
160
+
161
+ - Memory leaks from unbounded Maps in long-running sessions
162
+ - Data corruption risk on process crash during state file writes
163
+ - Disk exhaustion from unbounded AUDIT.jsonl and snapshot growth
164
+ - Hardcoded SRE enclave private key (security issue)
165
+
166
+ ---
167
+
3
168
  ## [10.7.0] - 2026-05-27 — "Platform Sovereign"
4
169
 
5
170
  ### Added (v10.7.0)
package/MINDFORGE.md CHANGED
@@ -1,12 +1,12 @@
1
- # MINDFORGE.md — Parameter Registry (v10.7.0)
1
+ # MINDFORGE.md — Parameter Registry (v11.2.0)
2
2
 
3
3
  ## 1. IDENTITY & VERSIONING
4
4
 
5
5
  [NAME] = MindForge
6
- [VERSION] = 10.7.0-SOVEREIGN
6
+ [VERSION] = 11.2.0
7
7
  [STABLE] = true
8
8
  [MODE] = "Platform Sovereign"
9
- [REQUIRED_CORE_VERSION] = 10.7.0
9
+ [REQUIRED_CORE_VERSION] = 11.2.0
10
10
  [SOVEREIGN_IDENTITY] = true
11
11
  [SRE_LAYER_ENABLED] = true
12
12
 
package/README.md CHANGED
@@ -1,12 +1,21 @@
1
1
  # MindForge
2
2
 
3
- **An agentic intelligence framework for Claude Code** — orchestrates multi-agent workflows with governance, memory, and autonomous execution. Install once, get structured AI-driven development with built-in quality gates.
3
+ **An agentic intelligence framework for Claude Code** — orchestrates multi-agent workflows with governance, memory, and autonomous execution. Production-hardened with true parallelism, streaming SDK, and zero-trust security. Install once, get structured AI-driven development with built-in quality gates.
4
4
 
5
5
  ---
6
6
 
7
- ## v10.0.3Council Awakens
7
+ ## v11.0.0Sovereign Stability
8
8
 
9
- MindForge v10.0.3 "Council Awakens" introduces the Council decision framework, Instinct Engine, Cost-Aware Routing, 6-phase Verification Loop, and Multi-LLM Consult. This release adds 10 skills (20 core total), 8 commands (71 total), 9 personas (117 total), 3 swarm templates (21 total), and 5 engine subsystems expanding MindForge's autonomous governance and multi-agent reasoning capabilities.
9
+ MindForge v11.0.0 "Sovereign Stability" is a production-hardening release focused on reliability, performance, and real-world deployment readiness. Key highlights:
10
+
11
+ - **Memory-safe operations** — LRU-bounded caches, atomic writes, log rotation, and snapshot garbage collection eliminate resource leaks in long-running sessions.
12
+ - **True wave parallelism** — Semaphore-based concurrent execution with configurable max concurrency replaces sequential task dispatch.
13
+ - **Streaming SDK** — WebSocket event streaming, `streamExecution()` with AsyncIterable, and `batchExecute()` for high-throughput integrations.
14
+ - **Hardened security** — Ephemeral enclave keys, session-scoped agent isolation, time-limited RBAC elevation, dashboard rate limiting, and structured ZK proof returns.
15
+ - **Production observability** — `/api/v1/system` health endpoint, P95 latency tracking, heap health monitoring, and real EIS client with retry logic.
16
+ - **Graduated intelligence** — Adaptive tier escalation (+1/+2/MAX) with cost-awareness, 3-tier stuck detection, and adaptive context windows.
17
+
18
+ This release ships 200+ skills, 400+ personas, 18 pillars, and 49 swarm templates across 12 engineering domains.
10
19
 
11
20
 
12
21
  ## Installation & Setup
@@ -45,6 +54,12 @@ npx mindforge-cc@latest --antigravity --local
45
54
 
46
55
  ---
47
56
 
57
+ - **Production Hardening (v11.0.0)** — LRU caches, atomic JSON writes, log rotation, HANDOFF validation, and temporal snapshot GC for crash-safe long-running sessions.
58
+ - **True Wave Parallelism (v11.0.0)** — Semaphore-based concurrent wave execution with configurable max concurrency replaces sequential dispatch.
59
+ - **Streaming SDK (v11.0.0)** — WebSocket event streaming, `streamExecution()` AsyncIterable, `batchExecute()`, model streaming across Anthropic/OpenAI/Gemini providers.
60
+ - **Graduated Intelligence (v11.0.0)** — Adaptive tier escalation (+1/+2/MAX) with cost-awareness, 3-tier stuck detection, and adaptive context windows (10/20/30).
61
+ - **Security Hardening (v11.0.0)** — Ephemeral enclave keys, session-scoped ZTAI, time-limited RBAC elevation, dashboard rate limiting (100 req/min/IP), token expiration.
62
+ - **Observability (v11.0.0)** — `/api/v1/system` health endpoint, P95 latency ring buffer, heap health monitoring, real EIS client with exponential backoff.
48
63
  - **Grounded Wave Execution (v9.0.0)** — AutoRunner reads HANDOFF.json wave groups, dispatches tasks with audit tracing, persists progress, and resumes on restart (Pillar XXIV).
49
64
  - **Model Topology Modernization (v9.0.0)** — All model references updated to the Claude 4.x family: claude-opus-4-7, claude-sonnet-4-6, claude-haiku-4-5 (Pillar XXV).
50
65
  - **Unified Memory Architecture (v9.0.0)** — Knowledge and graph edges consolidated into SQLite (celestial.db) with FTS5 search. Four JSONL stores replaced by one queryable store (Pillar XXVI).
@@ -272,7 +287,7 @@ MindForge supports multiple interaction models to fit your engineering workflow:
272
287
  ```bash
273
288
  /mindforge:update
274
289
  /mindforge:update --apply
275
- /mindforge:migrate --from v0.6.0 --to v1.0.0
290
+ /mindforge:migrate --from v10.7.0 --to v11.0.0
276
291
  ```
277
292
 
278
293
  ---
@@ -320,6 +335,36 @@ See `.mindforge/production/token-optimiser.md`.
320
335
 
321
336
  ## 📜 Framework Evolution & Version History
322
337
 
338
+ <details>
339
+ <summary><b>v11.0.0 — Sovereign Stability (Production Hardening)</b></summary>
340
+
341
+ - **Phase 1: Foundation** — LRU-bounded caches, atomic JSON writes, AUDIT.jsonl log rotation, HANDOFF.json structural validation, temporal snapshot garbage collection.
342
+ - **Phase 2: Intelligence** — BM25 scoring with document-length normalization, full remediation strategy implementations, graduated intelligence interlock (+1/+2/MAX), 3-tier stuck detection, adaptive context windows.
343
+ - **Phase 3: Security** — Structured ZK proof returns, ephemeral SRE enclave keys, session-scoped ZTAI agent registry, time-limited RBAC elevation, dashboard rate limiting and token expiration, optional GPG approval verification.
344
+ - **Phase 4: Observability** — Async temporal I/O, `/api/v1/system` health endpoint, P95 latency ring buffer, heap health monitoring, EIS client de-stub with real fetch and retry logic.
345
+ - **Phase 5: SDK/Distributed** — Semaphore-based wave parallelism, WebSocket event streaming with auto-reconnect, `batchExecute()`, model streaming (Anthropic/OpenAI/Gemini), migration script from v10.7.0.
346
+ </details>
347
+
348
+ <details>
349
+ <summary><b>v10.x — The 200-Skills Expansion (Council → Platform Sovereign)</b></summary>
350
+
351
+ - **Council Awakens (v10.0.3)**: Council decision framework, Instinct Engine, Cost-Aware Routing, 6-phase Verification Loop, Multi-LLM Consult.
352
+ - **Skills Expansion (v10.0.4–v10.7.0)**: From 20 to 200+ core skills across 12 domains — AI/ML, data engineering, platform engineering, mobile, leadership, industry verticals, and more.
353
+ - **400+ Personas**: Comprehensive specialist coverage with domain-expert identity protocols.
354
+ - **49 Swarm Templates**: Task-aware parallel specialist clusters covering every engineering discipline.
355
+ </details>
356
+
357
+ <details>
358
+ <summary><b>v9.x — Grounded Execution & SQLite Persistence</b></summary>
359
+
360
+ - **Grounded Wave Execution (Pillar XXIV)**: AutoRunner reads HANDOFF.json wave groups with audit tracing and restart persistence.
361
+ - **Model Topology Modernization (Pillar XXV)**: Claude 4.x family (opus-4-7, sonnet-4-6, haiku-4-5).
362
+ - **Unified Memory Architecture (Pillar XXVI)**: SQLite (celestial.db) with FTS5 search replacing JSONL stores.
363
+ - **Schema Migration Engine (Pillar XXVII)**: Versioned migration tracking with transaction-wrapped imports.
364
+ - **Integration Test Chain (Pillar XXVIII)**: 27-assertion end-to-end pipeline validation.
365
+ </details>
366
+
367
+ <details>
323
368
  <summary><b>v8.1.x — Sovereign Identity (Pillar XIX)</b></summary>
324
369
 
325
370
  - **Pillar XIX: Sovereign Identity Synthesis**: Autonomous creation and evolution of `SOUL.md` from execution traces.
package/RELEASENOTES.md CHANGED
@@ -1,3 +1,83 @@
1
+ # Release Notes — v11.0.0 "Sovereign Stability"
2
+
3
+ **Release Date**: 2026-05-28
4
+ **Type**: Major (breaking changes)
5
+ **Upgrade Path**: Run `node bin/migrations/10.7.0-to-11.0.0.js`
6
+
7
+ ## Highlights
8
+
9
+ MindForge v11.0.0 is a production-hardening release that addresses systemic stability, intelligence, security, and SDK capabilities. It eliminates memory leaks, adds crash-safe writes, upgrades semantic search from TF-IDF to BM25, completes previously-stubbed subsystems, and introduces true parallel execution.
10
+
11
+ ## What's New
12
+
13
+ ### Foundation Hardening
14
+ - **Bounded caches** — LRUMap prevents unbounded memory growth in drift detector, entropy cache, and failure tracking
15
+ - **Atomic writes** — State files use write-to-temp → fsync → rename (crash-safe)
16
+ - **Log rotation** — AUDIT.jsonl auto-archives beyond 5000 lines with gzip compression
17
+ - **Schema validation** — HANDOFF.json validated on load (fail-open with warnings)
18
+ - **Snapshot GC** — Temporal history auto-cleaned (retain 50, expire > 7 days)
19
+
20
+ ### Intelligence Upgrades
21
+ - **BM25 scoring** — Document-length-normalized search replacing raw TF-IDF
22
+ - **Persistent caching** — Index and adjacency caches eliminate O(n) rebuilds
23
+ - **Complete remediation** — All three strategies fully implemented (no more stubs)
24
+ - **Adaptive systems** — Intelligence tier, context window, and stuck detection all auto-tune
25
+
26
+ ### Security Hardening
27
+ - **Ephemeral enclave keys** — No more hardcoded secrets in source
28
+ - **Structured crypto boundaries** — Simulated vs real clearly marked
29
+ - **Session isolation** — RBAC elevation with TTL, session-scoped identity
30
+ - **Dashboard security** — Token expiration, rate limiting, refresh endpoint
31
+
32
+ ### Observability
33
+ - **System metrics** — `/api/v1/system` with heap monitoring and alerts
34
+ - **P95 latency tracking** — Real measurements replace hardcoded values
35
+ - **Effectiveness tracking** — Remediations measured for closed-loop improvement
36
+ - **Dynamic config reload** — Model router refreshes on MINDFORGE.md changes
37
+
38
+ ### SDK & Distributed
39
+ - **True parallelism** — Wave tasks execute concurrently via semaphore
40
+ - **WebSocket streaming** — Real-time event delivery with auto-reconnect
41
+ - **Batch execution** — Execute multiple tasks with concurrency control
42
+ - **Model streaming** — Anthropic, OpenAI, and Gemini streaming support
43
+
44
+ ## Breaking Changes
45
+
46
+ | Change | Impact | Migration |
47
+ |--------|--------|-----------|
48
+ | `verifyZKProof()` returns structured result | Code catching throws will miss denials | Check `result.verified` instead |
49
+ | `signPQ()` returns object | Code using return value as string will break | Destructure `{ signature }` from result |
50
+ | Wave execution non-deterministic | Task order within waves no longer guaranteed | Do not rely on execution order |
51
+ | `captureState()`/`rollbackTo()` now async | Callers must await these methods | Add `await` at all call sites |
52
+ | Dashboard tokens expire after 24h | Long-lived tokens stop working | Use `/api/v1/auth/refresh` endpoint |
53
+ | SDK bumped to 11.0.0 | New exports, removed deprecated paths | Update `mindforge-sdk@11.0.0` |
54
+
55
+ See upgrade guide at `docs/upgrade.md` for full migration steps.
56
+
57
+ ## Migration
58
+
59
+ ```bash
60
+ node bin/migrations/10.7.0-to-11.0.0.js
61
+ ```
62
+
63
+ The migration script:
64
+ 1. Backs up `.mindforge/config.json`
65
+ 2. Adds new config sections (temporal, rate_limiting, session, wave_execution)
66
+ 3. Archives old AUDIT.jsonl entries if > 5000 lines
67
+ 4. Runs temporal snapshot GC
68
+ 5. Bumps schema versions
69
+
70
+ ---
71
+
72
+ ## Previous Releases
73
+
74
+ - [v10.0.3 — Council Awakens](https://github.com/sairam0424/MindForge/releases/tag/v10.0.3)
75
+ - [v10.0.1 — Bedrock Fortified](https://github.com/sairam0424/MindForge/releases/tag/v10.0.1)
76
+ - [v9.0.0 — Bedrock Meridian](https://github.com/sairam0424/MindForge/releases/tag/v9.0.0)
77
+
78
+ ---
79
+ ---
80
+
1
81
  # Release Notes — v10.0.3 "Council Awakens"
2
82
 
3
83
  **Release Date**: 2026-05-25
@@ -186,7 +266,7 @@ If your scripts call `mindforge sync-jira` or `mindforge sync-confluence`, remov
186
266
  ### Step 6: Verify
187
267
 
188
268
  ```bash
189
- npx mindforge-cc --version # Should print 10.0.1
269
+ npx mindforge-cc --version # Should print 11.0.0
190
270
  npm test # All 41 tests should pass
191
271
  ```
192
272
 
package/SECURITY.md CHANGED
@@ -4,12 +4,12 @@
4
4
 
5
5
  | Version | Status | Support Level |
6
6
  |---------|--------|---------------|
7
- | 10.x | **Current** | Full security and feature updates |
8
- | 9.x | Maintenance | Critical security patches only (until 2026-08-31) |
9
- | 8.x | End of Life | No further updates |
10
- | 7.x and below | End of Life | No further updates |
7
+ | 11.x | **Current** | Full security and feature updates |
8
+ | 10.x | Maintenance | Critical security patches only (until 2026-11-30) |
9
+ | 9.x | End of Life | No further updates |
10
+ | 8.x and below | End of Life | No further updates |
11
11
 
12
- We recommend all users upgrade to the latest 10.x release. Security patches for 9.x will be provided for critical vulnerabilities only, on a best-effort basis, until August 2026.
12
+ We recommend all users upgrade to the latest 11.x release. Security patches for 10.x will be provided for critical vulnerabilities only, on a best-effort basis, until November 2026.
13
13
 
14
14
  ---
15
15
 
@@ -44,18 +44,29 @@ We follow responsible disclosure practices. We will credit reporters in the rele
44
44
 
45
45
  ---
46
46
 
47
- ## Security Features (v10.0.1)
47
+ ## Security Features (v11.0.0)
48
48
 
49
49
  ### Authentication & Authorization
50
50
 
51
51
  - **Bearer token auth on dashboard** — All mutating endpoints (`/api/steering`, `/api/approve`, SSE control) require `Authorization: Bearer <token>`. Token is sourced from `MINDFORGE_DASHBOARD_TOKEN` environment variable.
52
+ - **Token expiration with refresh** — Dashboard tokens expire after 24 hours. Use `/api/v1/auth/refresh` to obtain a new token without re-authenticating.
53
+ - **Dashboard rate limiting** — 100 requests per minute per IP address. Exceeding the limit returns 429 with `Retry-After` header.
54
+ - **Session-scoped RBAC with TTL elevation** — Elevated permissions are session-scoped and auto-expire. No persistent privilege escalation.
52
55
  - **Browser daemon authentication** — The `/evaluate` endpoint requires auth before executing code in the Playwright context.
53
56
  - **ZTAI Trust Tiers** — 4-tier authorization model (Tier 0-3) controls which agents can perform which actions. Tier 3 (catastrophic-risk) operations require explicit human approval.
54
57
 
58
+ ### Cryptographic Security
59
+
60
+ - **Ephemeral enclave keys** — All crypto keys generated via `crypto.randomBytes()` at runtime. No hardcoded secrets in source.
61
+ - **Structured crypto boundaries** — Simulated (governance-enforcement) vs real (production-grade) cryptographic operations are clearly separated and labeled in code.
62
+ - **GPG approval verification** — Optional GPG signature verification on governance approvals for high-trust environments.
63
+ - **HMAC-signed temporal snapshots** — Temporal state captures are HMAC-signed to detect tampering during rollback operations.
64
+
55
65
  ### Audit & Integrity
56
66
 
57
67
  - **Merkle-chain audit log** — Every entry in `AUDIT.jsonl` includes a SHA-256 hash of the previous entry. Tampering with any historical entry breaks the chain, making modifications detectable.
58
68
  - **AuditWriter with buffered writes** — Atomic append operations prevent partial writes from corrupting the log.
69
+ - **Log rotation with archival** — AUDIT.jsonl auto-archives beyond 5000 lines with gzip compression, preventing unbounded disk growth.
59
70
  - **npm provenance** — Published packages include SLSA Build Level 2 attestation via `--provenance`, proving the package was built from the stated source commit in CI.
60
71
 
61
72
  ### Input Validation & Injection Prevention
@@ -67,7 +78,7 @@ We follow responsible disclosure practices. We will credit reporters in the rele
67
78
 
68
79
  ### Governance & Policy
69
80
 
70
- - **Fail-closed ZK verification** — `verifyZKProof()` throws on invalid or missing proofs. The system denies by default.
81
+ - **Structured ZK verification** — `verifyZKProof()` returns a structured result with `verified`, `reason`, and `timestamp` fields. The system denies by default when `verified` is false.
71
82
  - **Non-overridable parameters** — Security-critical MINDFORGE.md settings cannot be overridden by project-level or session-level configuration.
72
83
  - **CSP headers on dashboard** — Content Security Policy headers prevent XSS in the dashboard UI.
73
84
  - **Localhost-only binding** — The dashboard server binds to `127.0.0.1` only. It is not accessible from the network.
@@ -101,7 +112,8 @@ Before submitting code that touches security-sensitive paths:
101
112
 
102
113
  - **ZK-proofs are simulated** — The Dilithium-5 / ZK-proof layer uses cryptographic simulation, not hardware-backed TEEs. It provides logical governance enforcement, not hardware-grade isolation.
103
114
  - **Dashboard is localhost-only** — The dashboard is designed for local development. Do not expose it to the public internet, even behind a reverse proxy, without adding additional authentication.
104
- - **ZTAI keys are file-based** — Agent identity keys are stored on disk. In production deployments requiring hardware-bound keys, integrate with your organization's HSM or secure enclave.
115
+ - **ZTAI keys are ephemeral** — Agent identity keys are generated per-session via `crypto.randomBytes()`. In production deployments requiring persistent hardware-bound keys, integrate with your organization's HSM or secure enclave.
116
+ - **Rate limiting is per-process** — The 100 req/min limit is tracked in-memory. Restarting the dashboard resets counters. For distributed deployments, add an external rate limiter (e.g., nginx, Cloudflare).
105
117
 
106
118
  ---
107
119