pi-evalset-lab 0.1.0

package/.copier-answers.yml

@@ -0,0 +1,5 @@
+# Changes here will be overwritten by Copier. Do not edit manually.
+_commit: v0.3.0
+_src_path: /home/lightningralf/programming/pi-extensions/template
+command_name: evalset
+repo_name: pi-evalset-lab

package/.githooks/pre-commit

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+
+if command -v prek >/dev/null 2>&1; then
+  (cd "$ROOT_DIR" && prek run --hook-stage pre-commit)
+elif [[ -x "$ROOT_DIR/node_modules/.bin/prek" ]]; then
+  (cd "$ROOT_DIR" && "$ROOT_DIR/node_modules/.bin/prek" run --hook-stage pre-commit)
+else
+  "$ROOT_DIR/scripts/validate-structure.sh"
+fi

package/.github/CODEOWNERS

@@ -0,0 +1,12 @@
+# Default owner for generated repositories. Update if you use a different maintainer/team.
+
+* @tryingET
+
+/.github/workflows/* @tryingET
+/.github/ISSUE_TEMPLATE/* @tryingET
+/.github/VOUCHED.td @tryingET
+/extensions/* @tryingET
+/package.json @tryingET
+/SECURITY.md @tryingET
+/.release-please-config.json @tryingET
+/.release-please-manifest.json @tryingET

package/.github/ISSUE_TEMPLATE/bug-report.yml

@@ -0,0 +1,63 @@
+name: Bug report
+description: Report a reproducible defect.
+labels: ["bug", "needs-triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for reporting a bug.
+        Please provide a minimal reproduction and include exact versions.
+
+  - type: checkboxes
+    id: preflight
+    attributes:
+      label: Preflight
+      options:
+        - label: I searched existing issues and did not find a duplicate.
+          required: true
+        - label: I can reproduce this on the latest release.
+          required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+      description: What should happen?
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behavior
+      description: What happened instead?
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduce
+    attributes:
+      label: Steps to reproduce
+      description: Include exact commands, inputs, and files.
+      placeholder: |
+        1. Run ...
+        2. Execute ...
+        3. Observe ...
+    validations:
+      required: true
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs and screenshots
+      description: Paste relevant logs/errors. Remove secrets before posting.
+      render: shell
+
+  - type: input
+    id: environment
+    attributes:
+      label: Environment
+      description: OS, runtime version, package version.
+      placeholder: "ubuntu-24.04, node 20.x, package 0.1.0"
+    validations:
+      required: true

package/.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security vulnerability reporting
+    url: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/about-coordinated-disclosure-of-security-vulnerabilities
+    about: Follow SECURITY.md and use private vulnerability reporting. Do not post exploit details publicly.

package/.github/ISSUE_TEMPLATE/docs.yml

@@ -0,0 +1,39 @@
+name: Documentation improvement
+description: Request a docs clarification, correction, or new guide.
+labels: ["docs", "needs-triage"]
+body:
+  - type: checkboxes
+    id: preflight
+    attributes:
+      label: Preflight
+      options:
+        - label: I searched existing issues and did not find a duplicate docs request.
+          required: true
+
+  - type: textarea
+    id: location
+    attributes:
+      label: Affected documentation
+      description: Link file/path/section that needs improvement.
+    validations:
+      required: true
+
+  - type: textarea
+    id: change
+    attributes:
+      label: Requested change
+      description: What should be clarified, corrected, or added?
+    validations:
+      required: true
+
+  - type: textarea
+    id: reason
+    attributes:
+      label: Why this matters
+      description: What confusion or failure does this currently cause?
+
+  - type: textarea
+    id: references
+    attributes:
+      label: Supporting references
+      description: Optional examples, screenshots, or related links.

package/.github/ISSUE_TEMPLATE/feature-request.yml

@@ -0,0 +1,41 @@
+name: Feature request
+description: Suggest a new capability or improvement.
+labels: ["enhancement", "needs-triage"]
+body:
+  - type: checkboxes
+    id: preflight
+    attributes:
+      label: Preflight
+      options:
+        - label: I searched existing issues and did not find a duplicate request.
+          required: true
+        - label: This request describes one focused capability.
+          required: true
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem statement
+      description: What user or maintainer problem should be solved?
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed solution
+      description: Describe the desired behavior and expected outcome.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: What other options did you evaluate?
+
+  - type: textarea
+    id: additional
+    attributes:
+      label: Additional context
+      description: Links, examples, screenshots, or constraints.

package/.github/VOUCHED.td

@@ -0,0 +1,8 @@
+# Vouched (trusted) contributors list for this repository.
+#
+# Keep one handle per line, sorted alphabetically.
+# Prefix with '-' to denounce a user and block contribution.
+#
+# Default maintainer bootstrap (adjust to your owner/team policy).
+github:tryingET Initial repository owner
+# github:co-maintainer Optional second maintainer

package/.github/dependabot.yml

@@ -0,0 +1,13 @@
+version: 2
+updates:
+  - package-ecosystem: npm
+    directory: "/"
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    open-pull-requests-limit: 10

package/.github/pull_request_template.md

@@ -0,0 +1,34 @@
+---
+summary: "PR template for scoped changes with explicit validation."
+read_when:
+  - "Opening a pull request for review."
+system4d:
+  container: "Reviewer-ready pull request intake format."
+  compass: "Clarity, verification, and rollback awareness."
+  engine: "Summarize -> validate -> assess risk -> request review."
+  fog: "Integration side effects may appear after merge."
+---
+
+## Summary
+
+- What changed?
+- Why now?
+
+## Validation
+
+```bash
+npm run check
+```
+
+Paste relevant output (and any additional checks) below.
+
+## Risk and rollback
+
+- Risk level: low / medium / high
+- Rollback plan if this regresses production behavior:
+
+## Checklist
+
+- [ ] Scope is focused and reviewable.
+- [ ] Docs/changelog updated when behavior changed.
+- [ ] No secrets or credentials added.

package/.github/workflows/ci.yml

@@ -0,0 +1,37 @@
+name: ci
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: "20"
+
+      - name: Install dependencies
+        run: |
+          if [[ -f package-lock.json ]]; then
+            npm ci
+          else
+            npm install --package-lock-only --ignore-scripts
+            npm ci
+          fi
+
+      - name: Validate structure
+        run: npm run check
+
+      - name: npm pack dry run
+        run: npm pack --dry-run

package/.github/workflows/publish.yml

@@ -0,0 +1,60 @@
+name: publish
+
+on:
+  release:
+    types:
+      - published
+
+permissions:
+  contents: read
+
+jobs:
+  publish-npm:
+    if: startsWith(github.event.release.tag_name, 'v')
+    runs-on: ubuntu-latest
+    environment: npm-publish
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: "22"
+          registry-url: https://registry.npmjs.org
+
+      - name: Upgrade npm for trusted publishing
+        run: npm install --global npm@^11.5.1
+
+      - name: Validate release tag + package version
+        env:
+          TAG_NAME: ${{ github.event.release.tag_name }}
+        run: |
+          if [[ ! "$TAG_NAME" =~ ^v[0-9]+\.[0-9]+\.[0-9]+([-.][0-9A-Za-z.]+)?$ ]]; then
+            echo "Release tag must match vX.Y.Z (optional prerelease/build suffix)." >&2
+            exit 1
+          fi
+
+          PKG_VERSION="$(node -p "JSON.parse(require('node:fs').readFileSync('package.json', 'utf8')).version")"
+          if [[ "v${PKG_VERSION}" != "$TAG_NAME" ]]; then
+            echo "package.json version (${PKG_VERSION}) does not match release tag (${TAG_NAME})." >&2
+            exit 1
+          fi
+
+      - name: Install dependencies
+        run: |
+          if [[ -f package-lock.json ]]; then
+            npm ci
+          else
+            npm install --package-lock-only --ignore-scripts
+            npm ci
+          fi
+
+      - name: Validate structure
+        run: npm run check
+
+      - name: Publish to npm (OIDC + provenance)
+        run: npm publish --provenance --access public

package/.github/workflows/release-please.yml

@@ -0,0 +1,25 @@
+name: release-please
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pull-requests: read
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write
+    steps:
+      - name: Run release-please
+        uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0
+        with:
+          config-file: .release-please-config.json
+          manifest-file: .release-please-manifest.json

package/.github/workflows/vouch-check-pr.yml

@@ -0,0 +1,29 @@
+name: vouch-check-pr
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - reopened
+
+permissions:
+  contents: read
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - name: Enforce vouch trust gate on PR author
+        # require-vouch=true: unvouched users are treated as blocked.
+        # auto-close=true: blocked PRs are automatically closed.
+        uses: mitchellh/vouch/action/check-pr@0e11a71bba23218a284d3ecca162e75a110fd7e3
+        with:
+          pr-number: ${{ github.event.pull_request.number }}
+          vouched-file: .github/VOUCHED.td
+          require-vouch: "true"
+          auto-close: "true"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.github/workflows/vouch-manage.yml

@@ -0,0 +1,34 @@
+name: vouch-manage
+
+on:
+  issue_comment:
+    types:
+      - created
+
+concurrency:
+  group: vouch-manage-${{ github.repository }}
+  cancel-in-progress: false
+
+permissions:
+  contents: read
+
+jobs:
+  manage:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+      pull-requests: read
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Apply vouch / denounce / unvouch from maintainer comments
+        uses: mitchellh/vouch/action/manage-by-issue@0e11a71bba23218a284d3ecca162e75a110fd7e3
+        with:
+          repo: ${{ github.repository }}
+          issue-id: ${{ github.event.issue.number }}
+          comment-id: ${{ github.event.comment.id }}
+          vouched-file: .github/VOUCHED.td
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.pi/extensions/startup-intake-router.ts

@@ -0,0 +1,151 @@
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+
+const WORKFLOW_VERSION = "startup-intake-v1";
+const STATE_ENTRY = "startup-intake-router-state";
+
+type RouterPhase = "idle" | "intent_captured" | "command_proposed";
+
+interface RouterState {
+  workflowVersion: string;
+  phase: RouterPhase;
+  firstMessageProcessed: boolean;
+  intent?: string;
+  command?: string;
+  updatedAt: number;
+}
+
+function newState(overrides: Partial<RouterState> = {}): RouterState {
+  return {
+    workflowVersion: WORKFLOW_VERSION,
+    phase: "idle",
+    firstMessageProcessed: false,
+    updatedAt: Date.now(),
+    ...overrides,
+  };
+}
+
+function normalizeInline(value: string, maxLen = 1200): string {
+  const compact = value.replace(/\s+/g, " ").trim();
+  if (compact.length <= maxLen) return compact;
+  return compact.slice(0, maxLen - 1) + "…";
+}
+
+function quoteArg(value: string): string {
+  return JSON.stringify(value);
+}
+
+function formatCommand(name: string, args: string[]): string {
+  return `/${name} ${args.map((arg) => quoteArg(arg)).join(" ")}`;
+}
+
+export default function startupIntakeRouter(pi: ExtensionAPI) {
+  let state = newState();
+
+  const persist = () => {
+    state.updatedAt = Date.now();
+    pi.appendEntry(STATE_ENTRY, state);
+  };
+
+  const setState = (patch: Partial<RouterState>, save = true) => {
+    state = { ...state, ...patch, workflowVersion: WORKFLOW_VERSION };
+    if (save) persist();
+  };
+
+  const restore = (ctx: any) => {
+    const branch = ctx.sessionManager.getBranch();
+    let restored: RouterState | undefined;
+
+    for (const entry of branch) {
+      if (entry.type === "custom" && entry.customType === STATE_ENTRY && entry.data && typeof entry.data === "object") {
+        restored = entry.data as RouterState;
+      }
+    }
+
+    state = restored ? { ...newState(), ...restored, workflowVersion: WORKFLOW_VERSION } : newState();
+    setState({
+      firstMessageProcessed: false,
+      phase: "idle",
+      intent: undefined,
+      command: undefined,
+    });
+  };
+
+  const prefill = (ctx: any, command: string, notice: string) => {
+    if (!ctx.hasUI) return;
+    ctx.ui.setEditorText(command);
+    ctx.ui.notify(notice, "info");
+  };
+
+  pi.on("session_start", async (_event, ctx) => {
+    restore(ctx);
+    if (ctx.hasUI) {
+      ctx.ui.setStatus("startup-intake", "ready (first-message intake)");
+    }
+  });
+
+  pi.on("session_switch", async (_event, ctx) => {
+    restore(ctx);
+  });
+
+  pi.on("input", async (event, ctx) => {
+    if (event.source === "extension") return { action: "continue" as const };
+    if (!ctx.hasUI) return { action: "continue" as const };
+    if (state.firstMessageProcessed) return { action: "continue" as const };
+
+    const text = event.text.trim();
+    if (!text) return { action: "continue" as const };
+
+    if (text.startsWith("/")) {
+      // Utility commands should not consume first-message intake.
+      return { action: "continue" as const };
+    }
+
+    setState({ firstMessageProcessed: true, phase: "intent_captured" });
+
+    const intent = normalizeInline(text, 1200);
+    const command = formatCommand("init-project-docs", [intent]);
+
+    setState({
+      intent,
+      command,
+      phase: "command_proposed",
+    });
+
+    prefill(
+      ctx,
+      command,
+      "Startup intent captured. Review/edit and run the command to launch interview-first project doc setup.",
+    );
+    ctx.ui.setStatus("startup-intake", "init-project-docs command ready");
+
+    return { action: "handled" as const };
+  });
+
+  pi.registerCommand("startup-intake-router-status", {
+    description: "Show startup intake router state",
+    handler: async (_args, ctx) => {
+      if (!ctx.hasUI) return;
+
+      const summary = [
+        `phase: ${state.phase}`,
+        `first_message_processed: ${state.firstMessageProcessed ? "yes" : "no"}`,
+        `intent: ${state.intent ?? "<none>"}`,
+        `command: ${state.command ?? "<none>"}`,
+        `updated_at: ${new Date(state.updatedAt).toISOString()}`,
+      ];
+      ctx.ui.notify(summary.join(" | "), "info");
+    },
+  });
+
+  pi.registerCommand("startup-intake-router-reset", {
+    description: "Reset startup intake router state for this session",
+    handler: async (_args, ctx) => {
+      state = newState();
+      persist();
+      if (ctx.hasUI) {
+        ctx.ui.setStatus("startup-intake", "ready (reset)");
+        ctx.ui.notify("Startup intake router reset. Next non-command message will propose /init-project-docs.", "info");
+      }
+    },
+  });
+}

package/.pi/prompts/init-project-docs.md

@@ -0,0 +1,32 @@
+---
+description: Run interview-first initialization for organization and project docs
+system4d:
+  container: "Project-local prompt template for startup interview flow."
+  compass: "Route startup intent into interview-driven document setup."
+  engine: "Intent -> interview -> synthesize -> update docs -> verify."
+  fog: "If interview data is incomplete, docs may remain ambiguous."
+---
+
+Initialize organization and project docs from interactive intake.
+
+Startup intent (if provided): $@
+
+Steps:
+1. Read `docs/org/project-docs-intake.questions.json`.
+2. If startup intent is non-empty, create `docs/org/project-docs-intake.runtime.questions.json` with one prepended question:
+   - `id`: `startup_intent_confirmation`
+   - `type`: `text`
+   - `question`: `Startup intent captured: <startup intent>. Confirm or refine this intent before continuing.`
+3. Run the `interview` tool:
+   - `questions`: runtime file from step 2 if created, otherwise `docs/org/project-docs-intake.questions.json`
+   - `timeout`: `900`
+4. Use interview responses to update these files:
+   - `docs/org/operating_model.md`
+   - `docs/project/foundation.md`
+   - `docs/project/vision.md`
+   - `docs/project/strategic_goals.md`
+   - `docs/project/tactical_goals.md`
+5. Keep wording fully in English.
+6. Keep **organization purpose** separate from **project purpose**.
+7. Keep output compact.
+8. Run `bash ./scripts/validate-structure.sh`.

package/.release-please-config.json

@@ -0,0 +1,11 @@
+{
+  "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json",
+  "release-type": "node",
+  "include-v-in-tag": true,
+  "include-component-in-tag": false,
+  "packages": {
+    ".": {
+      "release-type": "node"
+    }
+  }
+}

package/.release-please-manifest.json

@@ -0,0 +1,3 @@
+{
+  ".": "0.1.0"
+}

package/AGENTS.md

@@ -0,0 +1,39 @@
+---
+summary: "Agent operating guardrails for this repository."
+read_when:
+  - "Before an agent edits code or docs in this repository."
+system4d:
+  container: "Local repo rules for coding agents."
+  compass: "Small diffs, clear validation, no silent assumptions."
+  engine: "Read docs -> implement -> validate -> summarize."
+  fog: "Task ambiguity resolved by asking concise clarifying questions."
+---
+
+# AGENTS.md
+
+## Defaults
+
+- Keep changes reviewable and scoped.
+- Prefer `read` before edits.
+- Prefer markdown links like `[text](path)`.
+- Avoid destructive git/file ops unless explicitly requested.
+
+## Docs workflow
+
+- Run `npm run docs:list` at task start to surface docs and `read_when` hints.
+- Use `npm run docs:list:workspace` for workspace/monorepo scans.
+- If your docs-list script is not at `~/ai-society/core/agent-scripts/scripts/docs-list.mjs`, set `DOCS_LIST_SCRIPT`.
+
+## Validation
+
+- Run `npm run check` after structural/documentation changes.
+
+## Copier policy
+
+- Keep `.copier-answers.yml` tracked.
+- Do not manually edit `.copier-answers.yml`.
+- Run update/recopy from a clean destination repo (commit or stash pending changes first).
+- Use `copier update --trust` when `.copier-answers.yml` includes `_commit` and update is supported.
+- In non-interactive shells/CI, append `--defaults` to update/recopy.
+- Use `copier recopy --trust` when update is unavailable (for example local non-VCS source) or cannot reconcile cleanly.
+- After recopy, re-apply local deltas intentionally and run `npm run check`.