nativesoul 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -15,6 +15,45 @@ product after ADR-045; there is no Free/Pro split.
15
15
  ### Product
16
16
  - _Nothing yet._
17
17
 
18
+ ## [0.1.3] — 2026-07-06
19
+
20
+ ### Product
21
+ - **Auditable bootstrap** — `nativesoul bootstrap --plan [--json]`: a read-only
22
+ diagnostic that shows exactly which files/memories were injected, which were
23
+ omitted (and why), per-file hash/chars/truncation, the memory-recall summary,
24
+ budget usage, cache hit, and warnings — so context assembly is verifiable
25
+ instead of a black box. Read-only; no behavior change when the flag is absent.
26
+ (EPIC-025 · 25.1)
27
+ - **Central fail-closed policy gate** (ADR-046) — sensitive mutations now pass a
28
+ single shared policy gate before they run: `life_memory_promote/forget/reject`
29
+ and `life_work_item_create/claim/complete` at the MCP boundary, and
30
+ `policy packs apply` at the CLI boundary. `POLICY.md` / standing orders can
31
+ deny or require approval for any of them; ambiguity or a gate error **fails
32
+ closed** and is written to the local audit log. Default behavior is unchanged
33
+ (additive) — the gate adds control, not new friction. (EPIC-025 · 25.2 Layer A)
34
+ - **Path-safety at the write boundary** (ADR-046) — managed-block writes, MCP
35
+ config writes, plugin installs, policy-change proposals, and policy-pack apply
36
+ now validate the resolved target before writing and refuse path-escape,
37
+ world-writable parents, unsafe symlinks, suspicious ownership, or a direct
38
+ write to a protected file. Dependency-free; POSIX-guarded. (EPIC-025 · 25.2 Layer B)
39
+
40
+ ## [0.1.2] — 2026-07-02
41
+
42
+ ### Product
43
+ - Patch release target for the version-drift fix after `0.1.1` was published.
44
+ - License activation/status now derives the product version from `package.json`,
45
+ so `version_at_activation` and `current_version` match the published package
46
+ version.
47
+ - Grok install now writes NativeSoul lifecycle hooks into
48
+ `~/.grok/hooks/nativesoul.json`, so `grok inspect` lists them under Hooks and
49
+ session bootstrap can run automatically.
50
+ - Grok managed instructions now require NativeSoul bootstrap before the first
51
+ answer in every new session, because Grok passive hooks execute for side
52
+ effects but do not inject stdout into model context.
53
+ - Grok install now also creates `~/.grok/agents/nativesoul.md` and sets
54
+ `[agent].name = "nativesoul"` so first-turn bootstrap is enforced by the
55
+ active Grok agent profile, not only by project rules.
56
+
18
57
  ## [0.1.1] — 2026-07-01
19
58
 
20
59
  ### Product
@@ -0,0 +1,61 @@
1
+ {
2
+ "name": "nativesoul",
3
+ "version": "0.1.3",
4
+ "description": "Local-first continuity layer for coding agents.",
5
+ "type": "module",
6
+ "license": "UNLICENSED",
7
+ "main": "dist/packages/cli/src/index.js",
8
+ "repository": {
9
+ "type": "git",
10
+ "url": "git+https://github.com/fillipeweb/nativesoul.git"
11
+ },
12
+ "bugs": {
13
+ "url": "https://github.com/fillipeweb/nativesoul/issues"
14
+ },
15
+ "homepage": "https://github.com/fillipeweb/nativesoul#readme",
16
+ "files": [
17
+ "dist/",
18
+ "plugins/",
19
+ "policy-packs/",
20
+ "schemas/",
21
+ "docs/adr/",
22
+ "docs/legal/",
23
+ "llm-install.txt",
24
+ "README.md",
25
+ "CHANGELOG.md"
26
+ ],
27
+ "bin": {
28
+ "nativesoul": "dist/packages/cli/src/index.js",
29
+ "nativesoul-mcp": "dist/packages/mcp-server/src/index.js"
30
+ },
31
+ "scripts": {
32
+ "lint": "eslint .",
33
+ "typecheck": "tsc -p tsconfig.json --noEmit",
34
+ "test": "npm run build && npm run test:non-e2e",
35
+ "test:non-e2e": "node scripts/run-non-e2e-tests.mjs",
36
+ "build": "npm run build:ts && npm run build:minify",
37
+ "build:ts": "tsc -p tsconfig.build.json",
38
+ "build:minify": "node scripts/build-min.mjs",
39
+ "policy:generate": "node scripts/generate-policy-fail-closed.mjs",
40
+ "policy:check": "node scripts/generate-policy-fail-closed.mjs --check",
41
+ "release:security:audit": "node scripts/release-security-audit.mjs",
42
+ "release:provenance:dry-run": "node scripts/release-provenance-dry-run.mjs",
43
+ "package:local": "node scripts/package-local.mjs",
44
+ "package:dry-run": "node scripts/package-dry-run.mjs",
45
+ "package:smoke": "node scripts/package-smoke.mjs",
46
+ "test:e2e": "npm run build && vitest run tests/e2e"
47
+ },
48
+ "engines": {
49
+ "node": ">=22.17.0"
50
+ },
51
+ "dependencies": {},
52
+ "devDependencies": {
53
+ "@eslint/js": "^10.0.1",
54
+ "@types/node": "^26.0.0",
55
+ "esbuild": "^0.28.1",
56
+ "eslint": "^10.5.0",
57
+ "typescript": "^6.0.3",
58
+ "typescript-eslint": "^8.62.0",
59
+ "vitest": "^4.1.9"
60
+ }
61
+ }