pi-evalset-lab 0.1.0 → 0.2.0

package/.github/workflows/publish.yml

@@ -1,60 +0,0 @@
-name: publish
-
-on:
-  release:
-    types:
-      - published
-
-permissions:
-  contents: read
-
-jobs:
-  publish-npm:
-    if: startsWith(github.event.release.tag_name, 'v')
-    runs-on: ubuntu-latest
-    environment: npm-publish
-    permissions:
-      contents: read
-      id-token: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v6
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: "22"
-          registry-url: https://registry.npmjs.org
-
-      - name: Upgrade npm for trusted publishing
-        run: npm install --global npm@^11.5.1
-
-      - name: Validate release tag + package version
-        env:
-          TAG_NAME: ${{ github.event.release.tag_name }}
-        run: |
-          if [[ ! "$TAG_NAME" =~ ^v[0-9]+\.[0-9]+\.[0-9]+([-.][0-9A-Za-z.]+)?$ ]]; then
-            echo "Release tag must match vX.Y.Z (optional prerelease/build suffix)." >&2
-            exit 1
-          fi
-
-          PKG_VERSION="$(node -p "JSON.parse(require('node:fs').readFileSync('package.json', 'utf8')).version")"
-          if [[ "v${PKG_VERSION}" != "$TAG_NAME" ]]; then
-            echo "package.json version (${PKG_VERSION}) does not match release tag (${TAG_NAME})." >&2
-            exit 1
-          fi
-
-      - name: Install dependencies
-        run: |
-          if [[ -f package-lock.json ]]; then
-            npm ci
-          else
-            npm install --package-lock-only --ignore-scripts
-            npm ci
-          fi
-
-      - name: Validate structure
-        run: npm run check
-
-      - name: Publish to npm (OIDC + provenance)
-        run: npm publish --provenance --access public

package/.github/workflows/release-please.yml

@@ -1,25 +0,0 @@
-name: release-please
-
-on:
-  push:
-    branches:
-      - main
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  pull-requests: read
-
-jobs:
-  release-please:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-      pull-requests: write
-      issues: write
-    steps:
-      - name: Run release-please
-        uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0
-        with:
-          config-file: .release-please-config.json
-          manifest-file: .release-please-manifest.json

package/.github/workflows/vouch-check-pr.yml

@@ -1,29 +0,0 @@
-name: vouch-check-pr
-
-on:
-  pull_request_target:
-    types:
-      - opened
-      - reopened
-
-permissions:
-  contents: read
-
-jobs:
-  check:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
-    steps:
-      - name: Enforce vouch trust gate on PR author
-        # require-vouch=true: unvouched users are treated as blocked.
-        # auto-close=true: blocked PRs are automatically closed.
-        uses: mitchellh/vouch/action/check-pr@0e11a71bba23218a284d3ecca162e75a110fd7e3
-        with:
-          pr-number: ${{ github.event.pull_request.number }}
-          vouched-file: .github/VOUCHED.td
-          require-vouch: "true"
-          auto-close: "true"
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.github/workflows/vouch-manage.yml

@@ -1,34 +0,0 @@
-name: vouch-manage
-
-on:
-  issue_comment:
-    types:
-      - created
-
-concurrency:
-  group: vouch-manage-${{ github.repository }}
-  cancel-in-progress: false
-
-permissions:
-  contents: read
-
-jobs:
-  manage:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-      issues: write
-      pull-requests: read
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-
-      - name: Apply vouch / denounce / unvouch from maintainer comments
-        uses: mitchellh/vouch/action/manage-by-issue@0e11a71bba23218a284d3ecca162e75a110fd7e3
-        with:
-          repo: ${{ github.repository }}
-          issue-id: ${{ github.event.issue.number }}
-          comment-id: ${{ github.event.comment.id }}
-          vouched-file: .github/VOUCHED.td
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.pi/extensions/startup-intake-router.ts

@@ -1,151 +0,0 @@
-import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
-
-const WORKFLOW_VERSION = "startup-intake-v1";
-const STATE_ENTRY = "startup-intake-router-state";
-
-type RouterPhase = "idle" | "intent_captured" | "command_proposed";
-
-interface RouterState {
-  workflowVersion: string;
-  phase: RouterPhase;
-  firstMessageProcessed: boolean;
-  intent?: string;
-  command?: string;
-  updatedAt: number;
-}
-
-function newState(overrides: Partial<RouterState> = {}): RouterState {
-  return {
-    workflowVersion: WORKFLOW_VERSION,
-    phase: "idle",
-    firstMessageProcessed: false,
-    updatedAt: Date.now(),
-    ...overrides,
-  };
-}
-
-function normalizeInline(value: string, maxLen = 1200): string {
-  const compact = value.replace(/\s+/g, " ").trim();
-  if (compact.length <= maxLen) return compact;
-  return compact.slice(0, maxLen - 1) + "…";
-}
-
-function quoteArg(value: string): string {
-  return JSON.stringify(value);
-}
-
-function formatCommand(name: string, args: string[]): string {
-  return `/${name} ${args.map((arg) => quoteArg(arg)).join(" ")}`;
-}
-
-export default function startupIntakeRouter(pi: ExtensionAPI) {
-  let state = newState();
-
-  const persist = () => {
-    state.updatedAt = Date.now();
-    pi.appendEntry(STATE_ENTRY, state);
-  };
-
-  const setState = (patch: Partial<RouterState>, save = true) => {
-    state = { ...state, ...patch, workflowVersion: WORKFLOW_VERSION };
-    if (save) persist();
-  };
-
-  const restore = (ctx: any) => {
-    const branch = ctx.sessionManager.getBranch();
-    let restored: RouterState | undefined;
-
-    for (const entry of branch) {
-      if (entry.type === "custom" && entry.customType === STATE_ENTRY && entry.data && typeof entry.data === "object") {
-        restored = entry.data as RouterState;
-      }
-    }
-
-    state = restored ? { ...newState(), ...restored, workflowVersion: WORKFLOW_VERSION } : newState();
-    setState({
-      firstMessageProcessed: false,
-      phase: "idle",
-      intent: undefined,
-      command: undefined,
-    });
-  };
-
-  const prefill = (ctx: any, command: string, notice: string) => {
-    if (!ctx.hasUI) return;
-    ctx.ui.setEditorText(command);
-    ctx.ui.notify(notice, "info");
-  };
-
-  pi.on("session_start", async (_event, ctx) => {
-    restore(ctx);
-    if (ctx.hasUI) {
-      ctx.ui.setStatus("startup-intake", "ready (first-message intake)");
-    }
-  });
-
-  pi.on("session_switch", async (_event, ctx) => {
-    restore(ctx);
-  });
-
-  pi.on("input", async (event, ctx) => {
-    if (event.source === "extension") return { action: "continue" as const };
-    if (!ctx.hasUI) return { action: "continue" as const };
-    if (state.firstMessageProcessed) return { action: "continue" as const };
-
-    const text = event.text.trim();
-    if (!text) return { action: "continue" as const };
-
-    if (text.startsWith("/")) {
-      // Utility commands should not consume first-message intake.
-      return { action: "continue" as const };
-    }
-
-    setState({ firstMessageProcessed: true, phase: "intent_captured" });
-
-    const intent = normalizeInline(text, 1200);
-    const command = formatCommand("init-project-docs", [intent]);
-
-    setState({
-      intent,
-      command,
-      phase: "command_proposed",
-    });
-
-    prefill(
-      ctx,
-      command,
-      "Startup intent captured. Review/edit and run the command to launch interview-first project doc setup.",
-    );
-    ctx.ui.setStatus("startup-intake", "init-project-docs command ready");
-
-    return { action: "handled" as const };
-  });
-
-  pi.registerCommand("startup-intake-router-status", {
-    description: "Show startup intake router state",
-    handler: async (_args, ctx) => {
-      if (!ctx.hasUI) return;
-
-      const summary = [
-        `phase: ${state.phase}`,
-        `first_message_processed: ${state.firstMessageProcessed ? "yes" : "no"}`,
-        `intent: ${state.intent ?? "<none>"}`,
-        `command: ${state.command ?? "<none>"}`,
-        `updated_at: ${new Date(state.updatedAt).toISOString()}`,
-      ];
-      ctx.ui.notify(summary.join(" | "), "info");
-    },
-  });
-
-  pi.registerCommand("startup-intake-router-reset", {
-    description: "Reset startup intake router state for this session",
-    handler: async (_args, ctx) => {
-      state = newState();
-      persist();
-      if (ctx.hasUI) {
-        ctx.ui.setStatus("startup-intake", "ready (reset)");
-        ctx.ui.notify("Startup intake router reset. Next non-command message will propose /init-project-docs.", "info");
-      }
-    },
-  });
-}

package/.pi/prompts/init-project-docs.md

@@ -1,32 +0,0 @@
----
-description: Run interview-first initialization for organization and project docs
-system4d:
-  container: "Project-local prompt template for startup interview flow."
-  compass: "Route startup intent into interview-driven document setup."
-  engine: "Intent -> interview -> synthesize -> update docs -> verify."
-  fog: "If interview data is incomplete, docs may remain ambiguous."
----
-
-Initialize organization and project docs from interactive intake.
-
-Startup intent (if provided): $@
-
-Steps:
-1. Read `docs/org/project-docs-intake.questions.json`.
-2. If startup intent is non-empty, create `docs/org/project-docs-intake.runtime.questions.json` with one prepended question:
-   - `id`: `startup_intent_confirmation`
-   - `type`: `text`
-   - `question`: `Startup intent captured: <startup intent>. Confirm or refine this intent before continuing.`
-3. Run the `interview` tool:
-   - `questions`: runtime file from step 2 if created, otherwise `docs/org/project-docs-intake.questions.json`
-   - `timeout`: `900`
-4. Use interview responses to update these files:
-   - `docs/org/operating_model.md`
-   - `docs/project/foundation.md`
-   - `docs/project/vision.md`
-   - `docs/project/strategic_goals.md`
-   - `docs/project/tactical_goals.md`
-5. Keep wording fully in English.
-6. Keep **organization purpose** separate from **project purpose**.
-7. Keep output compact.
-8. Run `bash ./scripts/validate-structure.sh`.

package/.release-please-config.json

@@ -1,11 +0,0 @@
-{
-  "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json",
-  "release-type": "node",
-  "include-v-in-tag": true,
-  "include-component-in-tag": false,
-  "packages": {
-    ".": {
-      "release-type": "node"
-    }
-  }
-}

package/.release-please-manifest.json

@@ -1,3 +0,0 @@
-{
-  ".": "0.1.0"
-}

package/AGENTS.md

@@ -1,39 +0,0 @@
----
-summary: "Agent operating guardrails for this repository."
-read_when:
-  - "Before an agent edits code or docs in this repository."
-system4d:
-  container: "Local repo rules for coding agents."
-  compass: "Small diffs, clear validation, no silent assumptions."
-  engine: "Read docs -> implement -> validate -> summarize."
-  fog: "Task ambiguity resolved by asking concise clarifying questions."
----
-
-# AGENTS.md
-
-## Defaults
-
-- Keep changes reviewable and scoped.
-- Prefer `read` before edits.
-- Prefer markdown links like `[text](path)`.
-- Avoid destructive git/file ops unless explicitly requested.
-
-## Docs workflow
-
-- Run `npm run docs:list` at task start to surface docs and `read_when` hints.
-- Use `npm run docs:list:workspace` for workspace/monorepo scans.
-- If your docs-list script is not at `~/ai-society/core/agent-scripts/scripts/docs-list.mjs`, set `DOCS_LIST_SCRIPT`.
-
-## Validation
-
-- Run `npm run check` after structural/documentation changes.
-
-## Copier policy
-
-- Keep `.copier-answers.yml` tracked.
-- Do not manually edit `.copier-answers.yml`.
-- Run update/recopy from a clean destination repo (commit or stash pending changes first).
-- Use `copier update --trust` when `.copier-answers.yml` includes `_commit` and update is supported.
-- In non-interactive shells/CI, append `--defaults` to update/recopy.
-- Use `copier recopy --trust` when update is unavailable (for example local non-VCS source) or cannot reconcile cleanly.
-- After recopy, re-apply local deltas intentionally and run `npm run check`.

package/CODE_OF_CONDUCT.md

@@ -1,50 +0,0 @@
----
-summary: "Community behavior expectations and enforcement path."
-read_when:
-  - "Participating in issues, discussions, or pull requests."
-  - "Handling conduct incidents."
-system4d:
-  container: "Shared standards for respectful collaboration."
-  compass: "Safety, respect, and clarity over conflict escalation."
-  engine: "Observe -> report -> review -> enforce -> document."
-  fog: "Context around incidents can be incomplete at first report."
----
-
-# Code of Conduct
-
-## Our commitment
-
-We want this repository to be a respectful, harassment-free space for everyone,
-regardless of background or identity.
-
-## Expected behavior
-
-- Be respectful and constructive.
-- Assume good intent, ask clarifying questions, and stay technical.
-- Accept feedback and correct mistakes quickly.
-- Keep discussions focused on project outcomes.
-
-## Unacceptable behavior
-
-- Harassment, threats, hate speech, or intimidation.
-- Personal attacks, repeated hostile behavior, or trolling.
-- Sharing private information without consent.
-- Sexualized language or unwanted attention.
-
-## Reporting incidents
-
-If you experience or witness unacceptable behavior:
-
-1. Contact maintainers privately using the channels listed in [SUPPORT.md](SUPPORT.md).
-2. Share relevant links/screenshots and timeline details.
-3. Do not post sensitive personal data publicly.
-
-## Enforcement
-
-Maintainers may remove or edit comments, close threads, or block contributors for
-behavior that violates this policy. Responses may include warning, temporary ban,
-or permanent ban depending on severity and repetition.
-
-## Attribution
-
-Adapted from the [Contributor Covenant](https://www.contributor-covenant.org/version/2/0/code_of_conduct.html).

package/CONTRIBUTING.md

@@ -1,28 +0,0 @@
----
-summary: "Top-level contribution entrypoint linking to the detailed contributor guide."
-read_when:
-  - "Preparing to submit code or docs changes."
-  - "Looking for contribution quality gates."
-system4d:
-  container: "Contribution intake and quality policy."
-  compass: "Small, reviewable, verified changes."
-  engine: "Read guide -> implement -> validate -> open PR."
-  fog: "Project-specific constraints may evolve with release policy changes."
----
-
-# Contributing
-
-Primary contributor guide: [docs/dev/CONTRIBUTING.md](docs/dev/CONTRIBUTING.md)
-
-## Minimum checklist
-
-1. Read applicable docs (`npm run docs:list`).
-2. Keep changes scoped.
-3. Run `npm run check`.
-4. Update docs/changelog when behavior changes.
-5. Open a PR with validation output.
-
-## Conduct + support
-
-- [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)
-- [SUPPORT.md](SUPPORT.md)

package/NEXT_SESSION_PROMPT.md

@@ -1,14 +0,0 @@
----
-summary: "Session handoff prompt for pi-evalset-lab."
-read_when:
-  - "Starting the next focused development session."
-system4d:
-  container: "Session handoff artifact."
-  compass: "Resume work quickly with explicit priorities."
-  engine: "Capture context, constraints, and next actions."
-  fog: "Staleness risk if not updated after major changes."
----
-
-# Next session prompt for pi-evalset-lab
-
-Use this file to capture exact follow-up tasks for the next coding session.

package/SECURITY.md

@@ -1,34 +0,0 @@
----
-summary: "Security reporting process and release hardening baseline."
-read_when:
-  - "Reporting a vulnerability."
-  - "Reviewing release and workflow security controls."
-system4d:
-  container: "Security policy for maintainers and contributors."
-  compass: "Private reporting, least privilege, auditable releases."
-  engine: "Report privately -> triage -> patch -> verify -> disclose."
-  fog: "Dependency and ecosystem risk shifts over time."
----
-
-# Security Policy
-
-## Supported versions
-
-Security fixes target the latest release and `main` branch.
-
-## Reporting a vulnerability
-
-Use **private reporting**.
-
-1. Preferred: GitHub Security tab -> **Report a vulnerability**.
-2. If private reporting is unavailable, open a minimal issue titled
-   `Security contact request` without exploit details and request a private channel.
-3. Include impact, affected versions, and reproduction steps.
-4. Avoid public disclosure until maintainers confirm a fix/release plan.
-
-## Release and supply-chain baseline
-
-- Release flow uses release-please PRs before tags/releases.
-- Publish flow uses npm Trusted Publishing (OIDC) and `npm publish --provenance`.
-- Workflow permissions default to read and elevate per job only.
-- Third-party actions must stay explicit; high-risk paths should be SHA pinned.

package/SUPPORT.md

@@ -1,37 +0,0 @@
----
-summary: "How users and contributors request help or report problems."
-read_when:
-  - "Needing help, troubleshooting, or reporting non-security issues."
-  - "Deciding where to file bug/feature/docs requests."
-system4d:
-  container: "Support intake and routing guidance."
-  compass: "Route requests to the right channel with enough context."
-  engine: "Self-check -> search -> file focused issue -> iterate."
-  fog: "Reproduction context is often incomplete in first reports."
----
-
-# Support
-
-## Before opening an issue
-
-1. Read [README.md](README.md) and relevant docs in `docs/`.
-2. Search existing issues/PRs for duplicates.
-3. Re-test on the latest release.
-
-## Open the right issue type
-
-Use the GitHub issue forms for:
-
-- Bug reports
-- Feature requests
-- Documentation improvements
-
-## Security reports
-
-For vulnerabilities, follow [SECURITY.md](SECURITY.md) and use private reporting.
-Do **not** post exploit details in public issues.
-
-## Maintainer response expectations
-
-This project may be maintained part-time. Triage and response times can vary,
-but actionable reports with reproduction details are prioritized.

package/docs/dev/CONTRIBUTING.md

@@ -1,37 +0,0 @@
----
-summary: "Contribution workflow for this extension repository."
-read_when:
-  - "Before opening PRs or submitting local changes."
-system4d:
-  container: "Contributor process and quality gates."
-  compass: "Small, validated, documented changes."
-  engine: "Branch -> implement -> check -> document -> review."
-  fog: "Process details may adjust with team scale."
----
-
-# Contributing
-
-## Workflow
-
-1. Create a focused branch.
-2. Run `npm run docs:list` and read matched docs before cross-cutting changes.
-3. Implement one scoped change.
-4. Run `npm run check`.
-5. Update docs/changelog where relevant.
-6. Open PR with concise rationale and validation output.
-
-## Standards
-
-- Keep diffs small and reviewable.
-- Preserve markdown frontmatter in generated docs.
-- Prefer explicit scripts over manual one-off commands.
-
-## Copier policy
-
-- Keep `.copier-answers.yml` in version control.
-- Do not edit `.copier-answers.yml` manually.
-- Run update/recopy from a clean destination repo (commit or stash pending changes first).
-- Use `copier update --trust` when `.copier-answers.yml` includes `_commit` and update is supported.
-- In non-interactive shells/CI, append `--defaults` to update/recopy.
-- Use `copier recopy --trust` when update is unavailable (for example local non-VCS source) or cannot reconcile cleanly.
-- After recopy, re-apply local deltas intentionally and run `npm run check`.

package/docs/dev/EXTENSION_SOP.md

@@ -1,43 +0,0 @@
----
-summary: "Lifecycle SOP for extension delivery and maintenance."
-read_when:
-  - "Planning, implementing, verifying, releasing, or maintaining extension work."
-system4d:
-  container: "End-to-end extension operating procedure."
-  compass: "Consistent quality from idea to maintenance."
-  engine: "plan -> implement -> verify -> release -> maintain."
-  fog: "Unknowns resolved through incremental validation loops."
----
-
-# Extension SOP
-
-## 1) Plan
-
-- Define scope and acceptance criteria.
-- Run `npm run docs:list` and read docs matching your task domain.
-- Capture work in `docs/dev/plans/`.
-- Confirm risks and dependencies.
-
-## 2) Implement
-
-- Build in small commits.
-- Keep command/tool behavior explicit.
-- Update docs as behavior changes.
-
-## 3) Verify
-
-- Run `npm run check`.
-- Execute relevant extension tests.
-- Validate prompt templates if changed.
-
-## 4) Release
-
-- Update `CHANGELOG.md`.
-- Tag/version according to team policy.
-- Sync extension to live pi when needed.
-
-## 5) Maintain
-
-- Monitor regressions and user feedback.
-- Re-run validation after dependency/script changes.
-- Keep `docs/dev/status.md` and `docs/dev/next_steps.md` current.

package/docs/dev/next_steps.md

@@ -1,17 +0,0 @@
----
-summary: "Prioritized next actions for active development."
-read_when:
-  - "Starting a coding session or grooming tasks."
-system4d:
-  container: "Execution queue for maintainers."
-  compass: "Maintain momentum with clear, ordered tasks."
-  engine: "Do highest-leverage item first, then validate."
-  fog: "Task order may change after discovery."
----
-
-# Next steps
-
-1. Complete npm publish on npmjs (login, registry, publish, verify install).
-2. Add at least one automated test for argument parsing and expectation scoring.
-3. Add a small repeatable report-share helper (JSON -> static HTML export command/script).
-4. Evaluate optional LLM-judge scoring mode (`expectJudgePrompt`) after parser/scoring tests exist.

package/docs/dev/plans/001-initial-plan.md

@@ -1,24 +0,0 @@
----
-summary: "Initial implementation plan for first extension iteration."
-read_when:
-  - "Executing the first feature slice from scaffold state."
-system4d:
-  container: "Plan artifact for incremental delivery."
-  compass: "Move from scaffold to validated feature quickly."
-  engine: "Plan -> implement -> verify -> document."
-  fog: "Scope creep risk if tasks are not constrained."
----
-
-# Plan 001: first feature slice
-
-## Objective
-
-Ship one useful command behavior end-to-end.
-
-## Steps
-
-1. Define expected command input/output.
-2. Implement logic in `extensions/`.
-3. Add tests in `tests/`.
-4. Run `npm run check`.
-5. Update `docs/dev/status.md` and `CHANGELOG.md`.