multimodel-dev-os 2.0.1 → 2.8.0

package/docs/workflow-orchestration.md

@@ -0,0 +1,62 @@
+# Workflow Orchestration
+
+MultiModel Dev OS `v2.5.0` features a built-in **Workflow Runner** designed to orchestrate codebase diagnostic pipelines safely.
+
+---
+
+## 1. CLI Commands
+
+Workflows are registered in [.ai/registries/workflows.yaml](file:///.ai/registries/workflows.yaml) and can be executed via the following subcommands:
+
+### List Registered Workflows
+Prints name, risk, and summary of all active workflows:
+```bash
+npx multimodel-dev-os workflow list
+```
+
+### Show Workflow Specifications
+Displays details, memory write permissions, code modification permissions, and individual logical steps:
+```bash
+npx multimodel-dev-os workflow show repo-health
+```
+
+### Plan Workflow Execution (Dry-Run)
+Prints the execution sequence, command lists, and expected outputs without executing any logic:
+```bash
+npx multimodel-dev-os workflow plan repo-health
+```
+
+### Run Workflow
+Executes the workflow steps sequentially:
+```bash
+npx multimodel-dev-os workflow run repo-health
+```
+
+> [!TIP]
+> You can also run, plan, and list workflows interactively through the [TUI Dashboard](file:///f:/multimodel-dev-os/docs/dashboard.md) under the **Quality Gates & Diagnostics** or **Memory & Intelligence** menus.
+
+---
+
+## 2. Standard Built-in Workflows
+
+MultiModel Dev OS defines 5 baseline workflows:
+
+1.  **`repo-health`** (Low Risk): Scans framework signals, performs advisory doctor audits, and verifies file structures.
+2.  **`memory-refresh`** (Medium Risk): Assesses memory differences and incremental refreshes.
+3.  **`feedback-review`** (Low Risk): Lists active developer logs and compiles rules to `learning-rules.md`.
+4.  **`proposal-review`** (Low Risk): Inspects codebase proposals, checks status counts, and displays audit apply logs.
+5.  **`release-check`** (Low Risk): Verifies codebase structures, executes release doctors, and runs package pack checks.
+
+---
+
+## 3. Strict Safety Gates
+
+The workflow engine enforces strict safety boundaries:
+
+*   **No File Modifications**: Allowed workflows only execute read-only checkups and incremental metadata updates (memory file compilation, feedback summaries).
+*   **No Shell Execution**: Shell command execution from `workflows.yaml` is prohibited. Steps map directly to internal Javascript CLI functions.
+*   **No Autonomy**: Any step requiring code changes (e.g. applying proposals) stops and outputs manual next-step instructions for the developer.
+
+## 4. Bundled Registry Fallback
+
+If the repository does not have a local `.ai/registries/workflows.yaml` registry file initialized yet, the workflow runner will automatically fall back to the bundled registry package templates and output a notice. This allows running read-only diagnostics prior to full project onboarding.

package/examples/adapter-sync/README.md

@@ -0,0 +1,45 @@
+# Example: Adapter Sync
+
+Sync your AGENTS.md rules to `.cursorrules`, `CLAUDE.md`, `.vscode/settings.json`, and more — automatically.
+
+## Prerequisites
+
+- Node.js 18+
+- A MultiModel Dev OS workspace (`npx multimodel-dev-os@latest init`)
+
+## Commands
+
+```bash
+# Check which adapters are enabled/disabled
+npx multimodel-dev-os@latest adapter status
+
+# Preview diff for a specific adapter
+npx multimodel-dev-os@latest adapter diff cursor
+
+# Sync all enabled adapters (requires approval)
+npx multimodel-dev-os@latest adapter sync all --approved
+
+# Verify workspace health
+npx multimodel-dev-os@latest validate
+```
+
+## Expected Result
+
+```
+🔄 Syncing adapters...
+  CREATE .cursorrules
+  CREATE CLAUDE.md
+  CREATE .vscode/settings.json
+✅ 3 adapters synced.
+```
+
+## Safety
+
+- `adapter status` and `adapter diff` are read-only
+- `adapter sync` requires `--approved` flag
+- Existing files need `--force` to overwrite
+- All overwrites create `.bak` backups
+
+## Full Demo
+
+See the [complete walkthrough](/demos/adapter-sync) for step-by-step instructions.

package/examples/command-center/README.md

@@ -0,0 +1,59 @@
+# Example: Command Center
+
+Use the repository command center to get a compact operational dashboard and run automated workflows.
+
+## Prerequisites
+
+- Node.js 18+
+- A MultiModel Dev OS workspace (`npx multimodel-dev-os@latest init`)
+
+## Commands
+
+```bash
+# View compact project dashboard
+npx multimodel-dev-os@latest status
+
+# List available workflows
+npx multimodel-dev-os@latest workflow list
+
+# Dry-run a workflow to see what would execute
+npx multimodel-dev-os@latest workflow plan repo-health
+
+# Run a workflow (read-only, safe execution boundaries)
+npx multimodel-dev-os@latest workflow run repo-health
+
+# Build and view session handoff
+npx multimodel-dev-os@latest handoff build
+npx multimodel-dev-os@latest handoff show
+```
+
+## Expected Result
+
+```
+📊 Repository Status: my-project
+  Version: 1.0.0
+  Frameworks: nextjs, typescript
+  Memory: fresh (updated 2 min ago)
+  Feedback entries: 3
+  Proposals: 1 draft, 0 applied
+```
+
+## Available Workflows
+
+| Workflow | Purpose |
+|----------|---------|
+| `repo-health` | Run validate, doctor, and scan checks |
+| `memory-refresh` | Update hash-compressed memory index |
+| `feedback-review` | Summarize pending feedback entries |
+| `proposal-review` | Review and display proposal statuses |
+| `release-check` | Pre-flight release verification |
+
+## Safety
+
+- `status`, `workflow list`, and `workflow plan` are read-only
+- `workflow run` is restricted to safe, non-destructive CLI functions
+- No proposals are applied, no shell commands are executed destructively
+
+## Full Demo
+
+See the [release check walkthrough](/demos/release-check) for the verification workflow.

package/examples/real-repo-onboarding/README.md

@@ -0,0 +1,53 @@
+# Example: Real Repo Onboarding
+
+Onboard an existing codebase into MultiModel Dev OS safely — no breaking changes, automatic backups.
+
+## Prerequisites
+
+- Node.js 18+
+- An existing project directory with source code
+
+## Commands
+
+```bash
+# Step 1: Analyze your project (read-only)
+npx multimodel-dev-os@latest onboard analyze
+
+# Step 2: Get template recommendations (read-only)
+npx multimodel-dev-os@latest onboard recommend
+
+# Step 3: Generate onboarding plan (writes to .ai/intelligence/, gitignored)
+npx multimodel-dev-os@latest onboard plan
+
+# Step 4: Apply configs (creates files, requires approval)
+npx multimodel-dev-os@latest onboard apply --approved
+
+# Step 5: Verify completeness
+npx multimodel-dev-os@latest onboard status
+```
+
+## Expected Result
+
+```
+📊 Onboarding Status
+  Completeness: 100%
+  Root files: AGENTS.md ✓ MEMORY.md ✓ TASKS.md ✓ RUNBOOK.md ✓
+  Config: .ai/config.yaml ✓
+```
+
+## Files Created
+
+- `AGENTS.md`, `MEMORY.md`, `TASKS.md`, `RUNBOOK.md`
+- `.ai/config.yaml` and `.ai/context/` directory
+- `.ai/intelligence/onboarding.plan.json` (gitignored)
+- `.ai/intelligence/onboarding.report.md` (gitignored)
+
+## Safety
+
+- Steps 1-3 are fully read-only
+- Step 4 never overwrites existing files without `--force`
+- All overwrites create `.bak` backups automatically
+
+## Full Demo
+
+See the [complete walkthrough](/demos/existing-repo-onboarding) for expected terminal output and detailed explanations.

package/examples/safe-improvement-loop/README.md

@@ -0,0 +1,48 @@
+# Example: Safe Improvement Loop
+
+Capture developer corrections, propose improvements, validate safety gates, and apply changes with full audit trails.
+
+## Prerequisites
+
+- Node.js 18+
+- A MultiModel Dev OS workspace (`npx multimodel-dev-os@latest init`)
+
+## Commands
+
+```bash
+# Record developer feedback
+npx multimodel-dev-os@latest feedback add "Always use TypeScript strict mode" --type preference
+
+# Compile feedback into learning rules
+npx multimodel-dev-os@latest feedback summarize
+
+# Draft an improvement proposal
+npx multimodel-dev-os@latest improve propose --title "Add strict mode config"
+
+# Review all proposals
+npx multimodel-dev-os@latest improve review
+
+# Validate a proposal's safety gates (12 checks)
+npx multimodel-dev-os@latest improve validate .ai/proposals/proposal-XXXX.md
+
+# Preview changes without modifying files
+npx multimodel-dev-os@latest improve diff .ai/proposals/proposal-XXXX.md
+
+# Apply approved proposal with audit logging
+npx multimodel-dev-os@latest improve apply .ai/proposals/proposal-XXXX.md --approved
+
+# View the audit log
+npx multimodel-dev-os@latest improve log
+```
+
+## Safety
+
+- Feedback logging, proposal drafting, review, and diff are non-destructive
+- `improve apply` requires explicit `--approved` flag
+- 12 safety gates validated before any apply
+- Protected paths blocked: `.git/`, `.env`, `node_modules/`, `apply-log.jsonl`
+- All operations audited with SHA-256 pre/post file hashes
+
+## Full Demo
+
+See the [complete walkthrough](/demos/safe-improvement-loop) for detailed explanations and expected output.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "multimodel-dev-os",
-  "version": "2.0.1",
+  "version": "2.8.0",
   "bin": {
     "multimodel-dev-os": "bin/multimodel-dev-os.js"
   },

package/scripts/install.ps1

@@ -11,7 +11,7 @@ param(
   [switch]$Help
 )
 
-$Version = "2.0.1"
+$Version = "2.8.0"
 $RepoUrl = "https://raw.githubusercontent.com/rizvee/multimodel-dev-os/main"
 
 if ($Help) {

package/scripts/install.sh

@@ -7,7 +7,7 @@ set -euo pipefail
 #        --all      (install all adapters)
 #        --dry-run  (show what would be created without creating)
 
-VERSION="2.0.1"
+VERSION="2.8.0"
 REPO_URL="https://raw.githubusercontent.com/rizvee/multimodel-dev-os/main"
 CAVEMAN=false
 DRY_RUN=false

package/scripts/verify.js

@@ -231,6 +231,21 @@ checkFile('docs/v2-migration.md');
 checkFile('docs/v2-release-checklist.md');
 checkFile('docs/package-safety.md');
 
+// --- v2.1.0 Intelligence Layer Documentation ---
+console.log('\nIntelligence Layer Documentation:');
+checkFile('docs/future-proof-architecture.md');
+checkFile('docs/self-improving-codebase.md');
+checkFile('docs/feedback-learning.md');
+checkFile('docs/hash-compressed-memory.md');
+checkFile('docs/capability-registry.md');
+checkFile('docs/tool-registry.md');
+checkFile('docs/improvement-proposals.md');
+checkFile('docs/learning-rules.md');
+checkFile('docs/approved-proposal-apply.md');
+checkFile('docs/repository-command-center.md');
+checkFile('docs/workflow-orchestration.md');
+checkFile('docs/agent-handoff.md');
+
 // --- Model & Adapter Registries ---
 console.log('\nModel & Adapter Registries:');
 checkFile('.ai/models/registry.yaml');
@@ -250,6 +265,28 @@ checkFile('.ai/schema/config.schema.json');
 checkFile('.ai/schema/template.schema.json');
 checkFile('.ai/schema/adapter.schema.json');
 
+// --- v2.1.0 Intelligence Layer (Schemas, Policies, Registries) ---
+console.log('\nIntelligence Layer Schemas:');
+checkFile('.ai/intelligence/memory.schema.json');
+checkFile('.ai/intelligence/feedback.schema.json');
+checkFile('.ai/intelligence/README.md');
+checkFile('.ai/intelligence/feedback-log.example.jsonl');
+checkFile('.ai/intelligence/learning-rules.example.md');
+checkFile('.ai/intelligence/improvement-proposal.schema.json');
+checkFile('.ai/intelligence/apply-log.schema.json');
+checkFile('.ai/proposals/README.md');
+checkFile('.ai/proposals/apply-operation.example.json');
+
+console.log('\nIntelligence Layer Policies:');
+checkFile('.ai/policies/self-improvement-policy.md');
+checkFile('.ai/policies/memory-policy.md');
+checkFile('.ai/policies/approval-gates.md');
+
+console.log('\nIntelligence Layer Registries:');
+checkFile('.ai/registries/capabilities.yaml');
+checkFile('.ai/registries/tools.yaml');
+checkFile('.ai/registries/workflows.yaml');
+
 // --- Test Blueprints ---
 console.log('\nTest Manuals:');
 checkFile('tests/README.md');
@@ -377,6 +414,9 @@ verifyRegistryParsed('.ai/models/routing-presets.yaml', 'presets');
 verifyRegistryParsed('.ai/models/local-models.yaml', 'local_engines');
 verifyRegistryParsed('.ai/adapters/registry.yaml', 'adapters');
 verifyRegistryParsed('.ai/templates/registry.yaml', 'templates');
+verifyRegistryParsed('.ai/registries/capabilities.yaml', 'capabilities');
+verifyRegistryParsed('.ai/registries/tools.yaml', 'tools');
+verifyRegistryParsed('.ai/registries/workflows.yaml', 'workflows');
 
 // --- CLI & Packaging Pre-Flight Tests ---
 console.log('\nRunning CLI & Packaging Pre-Flight Tests...');
@@ -408,11 +448,70 @@ try {
     console.log(`  ${GREEN}✓${NC} CLI help displays v${expectedVersion}`);
     pass++;
   }
+  
+  if (helpOutput.includes('scan') && helpOutput.includes('memory') && helpOutput.includes('status') && helpOutput.includes('workflow') && helpOutput.includes('handoff')) {
+    console.log(`  ${GREEN}✓${NC} CLI help includes scan, memory, status, workflow, and handoff commands`);
+    pass++;
+  } else {
+    console.error(`  ${RED}✗${NC} CLI help is missing scan, memory, status, workflow, or handoff commands`);
+    fail++;
+  }
 } catch (e) {
   console.error(`  ${RED}✗${NC} node bin/multimodel-dev-os.js --help failed: ${e.message}`);
   fail++;
 }
 
+// Verify docs mention memory build
+try {
+  const mdContent = readFileSync(join(projectRoot, 'docs', 'hash-compressed-memory.md'), 'utf8');
+  if (mdContent.includes('memory build')) {
+    console.log(`  ${GREEN}✓${NC} docs/hash-compressed-memory.md mentions 'memory build'`);
+    pass++;
+  } else {
+    console.error(`  ${RED}✗${NC} docs/hash-compressed-memory.md does not mention 'memory build'`);
+    fail++;
+  }
+} catch (e) {
+  console.error(`  ${RED}✗${NC} docs check failed: ${e.message}`);
+  fail++;
+}
+
+// Verify no generated memory or feedback logs or proposals are committed/tracked in git root/intelligence folder
+try {
+  const checkUntracked = (relPath) => {
+    if (existsSync(join(projectRoot, relPath))) {
+      console.error(`  ${RED}✗${NC} ${relPath} should not be tracked/committed!`);
+      fail++;
+    } else {
+      console.log(`  ${GREEN}✓${NC} ${relPath} is not tracked/committed`);
+      pass++;
+    }
+  };
+  checkUntracked('.ai/intelligence/memory.hash.json');
+  checkUntracked('.ai/intelligence/memory.summary.md');
+  checkUntracked('.ai/intelligence/feedback-log.jsonl');
+  checkUntracked('.ai/intelligence/learning-rules.md');
+  checkUntracked('.ai/intelligence/handoff.md');
+  checkUntracked('.ai/proposals/apply-log.jsonl');
+  
+  // also check if any proposal-*.md file exists directly in projectRoot/proposals (since it shouldn't be tracked)
+  const proposalsDir = join(projectRoot, '.ai', 'proposals');
+  if (existsSync(proposalsDir)) {
+    const files = readdirSync(proposalsDir);
+    const hasRuntimeProposals = files.some(f => f.startsWith('proposal-') && f !== 'proposal-template.md' && f.endsWith('.md'));
+    if (hasRuntimeProposals) {
+      console.error(`  ${RED}✗${NC} Runtime proposals should not be committed/tracked!`);
+      fail++;
+    } else {
+      console.log(`  ${GREEN}✓${NC} No runtime proposals committed`);
+      pass++;
+    }
+  }
+} catch (e) {
+  console.error(`  ${RED}✗${NC} Tracking verification of generated files failed: ${e.message}`);
+  fail++;
+}
+
 // Verify npm pack dry-run shows current version dynamically
 try {
   const packOutput = execSync('npm pack --dry-run', { cwd: projectRoot, encoding: 'utf8', stdio: ['ignore', 'pipe', 'pipe'] });
@@ -447,12 +546,17 @@ try {
 
 // --- Package Safety & Hygiene Checks ---
 console.log('\nPackage Safety & Hygiene Checks:');
-if (existsSync(join(projectRoot, '.npmrc'))) {
+if (existsSync(join(projectRoot, '.npmrc')) && process.env.MMDO_ALLOW_PUBLISH !== 'true') {
   console.error(`  ${RED}✗ .npmrc file exists in package root (security risk)${NC}`);
   fail++;
 } else {
-  console.log(`  ${GREEN}✓${NC} No .npmrc file present in package root`);
-  pass++;
+  if (existsSync(join(projectRoot, '.npmrc'))) {
+    console.log(`  ${YELLOW}!${NC} .npmrc file present in package root (allowed via MMDO_ALLOW_PUBLISH)`);
+    warn++;
+  } else {
+    console.log(`  ${GREEN}✓${NC} No .npmrc file present in package root`);
+    pass++;
+  }
 }
 
 const checkExamplesHygiene = (dir) => {