pluribus-context 0.3.33 → 0.3.35

package/examples/review-primitive-gate/fail-review-receipt.json

@@ -0,0 +1,42 @@
+{
+  "type": "agent.review_primitive_receipt.v1",
+  "assignment_id": "agent-auth-audit-43",
+  "run_id": "run-2026-05-31T17-05Z",
+  "agent": {
+    "tool": "claude-code",
+    "role": "auth-reviewer"
+  },
+  "approved_boundaries": {
+    "read": ["src/auth/**", "tests/auth/**"],
+    "write": ["tests/auth/**"],
+    "network": false
+  },
+  "scope_access_changes": [
+    {
+      "change": "write src/auth/session.ts",
+      "reason": "agent decided implementation change was easier than fixture-only test",
+      "approved": false
+    }
+  ],
+  "commands_and_checks": [
+    {
+      "name": "npm test -- tests/auth",
+      "kind": "required_test",
+      "status": "skipped",
+      "evidence": "not-run"
+    }
+  ],
+  "refused_operations": [],
+  "handoff": {
+    "changed_files_bucket": "under_5",
+    "evidence_path": "artifacts/agent-auth-audit-43.json",
+    "next_safe_action": "human must review scope change before any continuation"
+  },
+  "resume_state": "unsafe-to-resume",
+  "privacy": {
+    "raw_prompts_logged": false,
+    "raw_tool_output_logged": false,
+    "source_code_logged": false,
+    "secrets_logged": false
+  }
+}

package/examples/review-primitive-gate/pass-review-receipt.json

@@ -0,0 +1,54 @@
+{
+  "type": "agent.review_primitive_receipt.v1",
+  "assignment_id": "agent-auth-audit-42",
+  "run_id": "run-2026-05-31T17-00Z",
+  "agent": {
+    "tool": "claude-code",
+    "role": "auth-reviewer"
+  },
+  "approved_boundaries": {
+    "read": ["src/auth/**", "tests/auth/**"],
+    "write": ["tests/auth/**"],
+    "network": false
+  },
+  "scope_access_changes": [
+    {
+      "change": "read docs/security/**",
+      "reason": "needed policy wording for test fixture",
+      "approved": true,
+      "approved_by": "human-reviewer"
+    }
+  ],
+  "commands_and_checks": [
+    {
+      "name": "npm test -- tests/auth",
+      "kind": "required_test",
+      "status": "passed",
+      "evidence": "ci://job/123#auth-tests"
+    },
+    {
+      "name": "npm run lint",
+      "kind": "required_check",
+      "status": "passed",
+      "evidence": "ci://job/123#lint"
+    }
+  ],
+  "refused_operations": [
+    {
+      "operation": "write src/auth/session.ts",
+      "reason": "outside approved write boundary"
+    }
+  ],
+  "handoff": {
+    "changed_files_bucket": "under_5",
+    "evidence_path": "artifacts/agent-auth-audit-42.json",
+    "next_safe_action": "review tests/auth/session.test.ts before merge"
+  },
+  "resume_state": "complete",
+  "privacy": {
+    "raw_prompts_logged": false,
+    "raw_tool_output_logged": false,
+    "source_code_logged": false,
+    "secrets_logged": false
+  }
+}

package/examples/subagent-role-receipts/README.md

@@ -0,0 +1,15 @@
+# Subagent role receipts example
+
+This directory contains a small `agents.toml` example for teams experimenting with project-local subagent roles.
+
+The important artifact is not the exact TOML dialect. The important artifact is the receipt that proves the role boundary:
+
+- requested role vs effective role;
+- role source and coarse hash/version;
+- whether role instructions loaded;
+- allowed/refused write and tool capabilities;
+- boundary decisions made by the role;
+- where the role stopped and the next safe action;
+- privacy flags excluding raw prompts, code, transcripts, secrets, customer data, and raw tool output.
+
+See [`../../docs/subagent-role-receipts.md`](../../docs/subagent-role-receipts.md) for the full recipe.

package/examples/subagent-role-receipts/agents.toml

@@ -0,0 +1,36 @@
+# Example only: adapt field names and location to the subagent runner you use.
+# The stable idea is the receipt, not this exact TOML dialect.
+
+[[agents]]
+name = "blast-radius-reviewer"
+description = "Reviews AI-generated PRs by operational blast radius before merge."
+model = "default"
+tools = ["read", "grep", "test-summary"]
+writes_allowed = false
+instructions = """
+Review by blast radius, not diff size.
+
+Require explicit evidence for:
+- schema or persisted data contracts;
+- live reader/writer compatibility;
+- async jobs, queues, cron, webhooks, and retries;
+- rollout gates, feature flags, or kill switches;
+- external side effects such as email, payments, auth, billing, analytics, or third-party APIs;
+- generated files, public APIs, plugin manifests, MCP/Skill/hook configuration.
+
+Do not approve merge when any high-risk boundary is ambiguous. Emit a privacy-safe review.blast_radius.v1 or subagent.role_boundary.v1 receipt instead of logging raw source, prompts, transcripts, or tool output.
+"""
+
+[[agents]]
+name = "temporal-authority-checker"
+description = "Checks whether matched docs/specs are current authority or historical citations before edits."
+model = "default"
+tools = ["read", "grep"]
+writes_allowed = false
+instructions = """
+Before code changes, identify the current authority source and any historical/superseded specs.
+
+Refuse writes when two sources conflict and neither one declares status, date, scope, or superseded_by metadata. Emit a privacy-safe context.temporal_authority.v1 or subagent.role_boundary.v1 receipt with coarse document names, status, decision, stopped_at, and next_safe_action.
+
+Do not log raw prompts, source code, private paths, transcripts, secrets, or customer data.
+"""

package/examples/temporal-context-receipts/CURRENT_STATE.md

@@ -0,0 +1,13 @@
+# Current state
+
+## checkout-flow
+
+- status: current
+- as_of: 2026-05-28
+- current authority: this section
+- scope: checkout-flow
+- related historical specs:
+  - `specs/2025-checkout-rewrite.md` — superseded; rationale only
+  - `specs/2026-checkout-risk-notes.md` — current supporting context
+
+Agents may cite superseded specs for rationale, but must not implement from them unless this file explicitly reactivates that behavior.

package/examples/temporal-context-receipts/specs/2025-checkout-rewrite.md

@@ -0,0 +1,10 @@
+---
+status: superseded
+scope: checkout-flow
+date: 2025-11-10
+superseded_by: ../CURRENT_STATE.md#checkout-flow
+---
+
+# 2025 checkout rewrite
+
+Historical note. This file is kept for rationale only and is not implementation authority.

package/examples/temporal-context-receipts/specs/2026-checkout-risk-notes.md

@@ -0,0 +1,10 @@
+---
+status: current
+scope: checkout-flow
+date: 2026-05-20
+superseded_by: null
+---
+
+# 2026 checkout risk notes
+
+Current supporting context for known risk areas. Use together with `CURRENT_STATE.md`.

package/examples/temporal-context-receipts/temporal-authority-receipt.json

@@ -0,0 +1,27 @@
+{
+  "receipt_type": "context.temporal_authority.v1",
+  "request_id": "local-run-2026-05-28T16:00Z",
+  "current_authority": {
+    "file": "CURRENT_STATE.md",
+    "status": "current",
+    "as_of": "2026-05-28",
+    "scope": "checkout-flow"
+  },
+  "sources_considered": [
+    {
+      "file": "specs/2025-checkout-rewrite.md",
+      "status": "superseded",
+      "superseded_by": "CURRENT_STATE.md#checkout-flow",
+      "decision": "historical_citation_only"
+    },
+    {
+      "file": "specs/2026-checkout-risk-notes.md",
+      "status": "current",
+      "scope": "checkout-flow",
+      "decision": "allowed_as_supporting_context"
+    }
+  ],
+  "ambiguous_sources": [],
+  "write_started": true,
+  "stopped_at": "temporal_authority_resolved"
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pluribus-context",
-  "version": "0.3.33",
+  "version": "0.3.35",
   "description": "AI context and rules sync CLI for Claude.md, Claude Code, Cursor, and Copilot instructions, with privacy-safe context receipts that prove what memory, tools, skills, compactions, and security findings crossed agent boundaries without logging raw content.",
   "type": "module",
   "homepage": "https://github.com/caioribeiroclw-pixel/pluribus#readme",

package/src/utils/version.js

@@ -1 +1 @@
-export const VERSION = '0.3.33'
+export const VERSION = '0.3.35'