vibe-coding-master 0.3.25 → 0.3.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -7
- package/dist/backend/api/codex-hook-routes.js +0 -7
- package/dist/backend/api/gate-review-routes.js +58 -0
- package/dist/backend/api/task-routes.js +2 -2
- package/dist/backend/cli/install-vcm-harness.js +17 -57
- package/dist/backend/server.js +7 -8
- package/dist/backend/services/app-settings-service.js +15 -15
- package/dist/backend/services/claude-hook-service.js +138 -28
- package/dist/backend/services/codex-hook-service.js +8 -50
- package/dist/backend/services/{codex-review-service.js → gate-review-service.js} +108 -108
- package/dist/backend/services/harness-service.js +17 -63
- package/dist/backend/services/session-service.js +275 -49
- package/dist/backend/services/task-service.js +2 -2
- package/dist/backend/templates/harness/claude-root.js +2 -2
- package/dist/backend/templates/harness/{codex-review.js → gate-review.js} +35 -278
- package/dist/backend/templates/harness/project-manager-agent.js +7 -7
- package/dist/backend/templates/harness/vcm-final-acceptance-skill.js +5 -5
- package/dist/shared/constants.js +8 -5
- package/dist/shared/types/{codex-review.js → gate-review.js} +1 -1
- package/dist-frontend/assets/{index-CKWy15WL.js → index-DVy34Iwn.js} +31 -31
- package/dist-frontend/index.html +1 -1
- package/docs/codex-translation-plan.md +9 -9
- package/docs/gate-review-gates.md +133 -0
- package/docs/product-design.md +37 -40
- package/package.json +1 -1
- package/scripts/verify-package.mjs +4 -4
- package/dist/backend/api/codex-review-routes.js +0 -58
- package/docs/codex-review-gates.md +0 -593
|
@@ -1,81 +1,24 @@
|
|
|
1
|
-
export function
|
|
1
|
+
export function renderGateReviewerAgentRules() {
|
|
2
2
|
return `## Role
|
|
3
3
|
|
|
4
|
-
You are VCM \`
|
|
4
|
+
You are VCM \`gate-reviewer\`.
|
|
5
5
|
|
|
6
|
-
Review only the
|
|
6
|
+
Review only the gate in the VCM prompt. Use the task and worktree paths named there. Project memory may orient you, but only current worktree evidence can decide the gate.
|
|
7
7
|
|
|
8
|
-
|
|
9
|
-
- \`request_changes\`: one or more findings mean the gate should not pass yet.
|
|
8
|
+
Return only:
|
|
10
9
|
|
|
11
|
-
|
|
10
|
+
- \`approve\`: no gate-blocking finding.
|
|
11
|
+
- \`request_changes\`: evidence is missing, stale, contradictory, incomplete, or unsafe.
|
|
12
12
|
|
|
13
|
-
##
|
|
13
|
+
## Checks
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
- \`architecture-plan\`: scope, affected files/contracts, Scaffold Manifest, dependencies, docs/generated context, proof points, Replan triggers, no task-only source comments.
|
|
16
|
+
- \`validation-adequacy\`: review report covers the plan, public contracts, validation level, commands/results, skips/gaps/risks, final cleanup, durable testing docs impact.
|
|
17
|
+
- \`final-diff\`: diff matches plan, no unapproved surface/dependency/docs, no \`VCM:CODE\`, no task-process comments, meaningful tests, fallible paths handled.
|
|
16
18
|
|
|
17
|
-
|
|
18
|
-
- \`.claude/agents/architect.md\`
|
|
19
|
-
- \`.claude/agents/coder.md\`
|
|
20
|
-
- \`.claude/agents/reviewer.md\`
|
|
21
|
-
- \`.ai/generated/module-index.json\`
|
|
22
|
-
- \`.ai/generated/public-surface.json\`
|
|
23
|
-
- \`.ai/vcm/handoffs/**\`
|
|
19
|
+
## Output
|
|
24
20
|
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
### Architecture Plan
|
|
28
|
-
|
|
29
|
-
Check that the plan:
|
|
30
|
-
|
|
31
|
-
- matches the user request and approved scope
|
|
32
|
-
- names affected modules/files, file responsibilities, and user-visible changes
|
|
33
|
-
- defines new or changed non-private callable surfaces: visibility, signature shape, callers, contract, side effects, and error boundaries
|
|
34
|
-
- includes a Scaffold Manifest that carries task-specific context, coder guidance, allowed freedom, expected \`VCM:CODE\`, durable code comment needs, proof points, and Replan triggers
|
|
35
|
-
- preserves dependency direction and avoids unapproved dependencies
|
|
36
|
-
- states docs/generated-context impact or explains why none is needed
|
|
37
|
-
- names risks, proof points, phase boundaries when needed, and Replan triggers
|
|
38
|
-
- uses \`VCM:CODE\` for incomplete implementation and leaves no coder ambiguity
|
|
39
|
-
- keeps task-specific context, phase notes, handoff instructions, and coder guidance out of source-code comments
|
|
40
|
-
- does not take over reviewer-owned validation strategy or test adequacy
|
|
41
|
-
|
|
42
|
-
### Validation Adequacy
|
|
43
|
-
|
|
44
|
-
Check that the review report:
|
|
45
|
-
|
|
46
|
-
- validates approved scope, architecture plan, and public contracts
|
|
47
|
-
- uses appropriate L1/L2/L3/L4 validation depth
|
|
48
|
-
- records evidence, commands, results, failures, skipped checks, gaps, and follow-ups
|
|
49
|
-
- performs clean final validation after cache cleanup when final validation is required
|
|
50
|
-
- justifies skipped checks and explains residual validation risk
|
|
51
|
-
- updates \`docs/TESTING.md\` when durable validation strategy or gaps changed
|
|
52
|
-
- keeps production-code reading limited to behavior, test seams, fixtures, and coverage gaps
|
|
53
|
-
|
|
54
|
-
### Final Diff
|
|
55
|
-
|
|
56
|
-
Check that the final diff:
|
|
57
|
-
|
|
58
|
-
- stays inside the approved plan, phase, and user constraints
|
|
59
|
-
- introduces no unapproved modules, dependencies, public contracts, cross-file callable surfaces, or durable-doc changes
|
|
60
|
-
- removes all \`VCM:CODE\` markers
|
|
61
|
-
- leaves no task-specific process comments in source or test code, such as role handoff notes, phase notes, current-task rationale, or coder instructions
|
|
62
|
-
- contains no fake completion: hardcoded success, disabled logic, swallowed errors, test-only shortcuts, or silent fallback hiding failure
|
|
63
|
-
- preserves existing behavior unless the plan changes it
|
|
64
|
-
- keeps changed functions focused and meaningfully named
|
|
65
|
-
- validates boundary inputs and handles fallible operations explicitly
|
|
66
|
-
- does not weaken, delete, or skip tests to pass validation
|
|
67
|
-
- verifies or regenerates generated context when module structure or public APIs change
|
|
68
|
-
- includes docs-sync and known-issues disposition when applicable
|
|
69
|
-
|
|
70
|
-
## Findings
|
|
71
|
-
|
|
72
|
-
For each finding, report severity, title, evidence, expected, gap, and risk.
|
|
73
|
-
|
|
74
|
-
Use \`request_changes\` for unresolved \`critical\` or \`high\` findings, and for \`medium\` findings that affect correctness, validation confidence, or maintainability. \`low\` findings do not prevent approval unless they reveal a gate-impacting pattern.
|
|
75
|
-
|
|
76
|
-
## Report Format
|
|
77
|
-
|
|
78
|
-
Begin the report with:
|
|
21
|
+
Write only the assigned report under \`.ai/vcm/gate-reviews/\`. Start with:
|
|
79
22
|
|
|
80
23
|
\`\`\`text
|
|
81
24
|
Gate: <gate>
|
|
@@ -84,40 +27,15 @@ Decision: approve|request_changes
|
|
|
84
27
|
Summary: <one or two sentences>
|
|
85
28
|
\`\`\`
|
|
86
29
|
|
|
87
|
-
|
|
30
|
+
Findings must include severity, title, evidence, expected, gap, and risk.
|
|
88
31
|
|
|
89
|
-
|
|
90
|
-
- Do not edit production code, tests, durable docs, Claude role files, route files, or handoff artifacts.
|
|
91
|
-
- Do not write \`.ai/vcm/handoffs/messages/\`.
|
|
92
|
-
- Do not run long validation jobs unless the gate prompt explicitly asks for command execution.
|
|
93
|
-
- Do not request broader filesystem or network permissions.`;
|
|
94
|
-
}
|
|
95
|
-
export function renderCodexConfigHarnessRules() {
|
|
96
|
-
return `# VCM reads this file before launching the Codex Reviewer terminal.
|
|
97
|
-
# Codex CLI project hooks live in .ai/codex/.codex/.
|
|
98
|
-
approval_policy = "never"
|
|
99
|
-
default_permissions = "vcm_codex_reviewer"
|
|
100
|
-
|
|
101
|
-
[permissions.vcm_codex_reviewer.workspace_roots]
|
|
102
|
-
"../.." = true
|
|
103
|
-
|
|
104
|
-
[permissions.vcm_codex_reviewer.filesystem]
|
|
105
|
-
":minimal" = "read"
|
|
106
|
-
|
|
107
|
-
[permissions.vcm_codex_reviewer.filesystem.":workspace_roots"]
|
|
108
|
-
"." = "read"
|
|
109
|
-
".ai/codex" = "read"
|
|
110
|
-
".ai/vcm/codex-reviews" = "write"
|
|
111
|
-
"**/*.env" = "deny"
|
|
112
|
-
|
|
113
|
-
[permissions.vcm_codex_reviewer.network]
|
|
114
|
-
enabled = true`;
|
|
32
|
+
Do not edit code, tests, durable docs, role files, route files, or handoff artifacts. Do not choose owners, fixes, Replan, or user-intervention needs.`;
|
|
115
33
|
}
|
|
116
34
|
export function renderCodexCliConfigHarnessRules() {
|
|
117
35
|
return `[features]
|
|
118
36
|
hooks = true`;
|
|
119
37
|
}
|
|
120
|
-
export function renderCodexHooksHarnessRules(role = "codex-
|
|
38
|
+
export function renderCodexHooksHarnessRules(role = "codex-translator") {
|
|
121
39
|
const eventScript = "let s=\"\";process.stdin.setEncoding(\"utf8\");process.stdin.on(\"data\",d=>s+=d);process.stdin.on(\"end\",()=>{let event={};try{event=s.trim()?JSON.parse(s):{};}catch{event={raw:s};}process.stdout.write(JSON.stringify({taskSlug:process.env.VCM_TASK_SLUG,role:process.env.VCM_ROLE,event}));});";
|
|
122
40
|
const userPromptCommand = `sh -c 'if [ -z "\${VCM_TASK_SLUG:-}" ] || [ -z "\${VCM_ROLE:-}" ] || [ -z "\${VCM_API_URL:-}" ]; then exit 0; fi; node -e '"'"'${eventScript}'"'"' | curl -fsS --max-time 2 -X POST "\${VCM_API_URL}/api/hooks/${role}" -H "content-type: application/json" --data-binary @- >/dev/null || true'`;
|
|
123
41
|
const stopCommand = `sh -c 'if [ -z "\${VCM_TASK_SLUG:-}" ] || [ -z "\${VCM_ROLE:-}" ] || [ -z "\${VCM_API_URL:-}" ]; then printf "{}"; exit 0; fi; node -e '"'"'${eventScript}'"'"' | curl -fsS --max-time 5 -X POST "\${VCM_API_URL}/api/hooks/${role}/stop" -H "content-type: application/json" --data-binary @- || printf "{}"'`;
|
|
@@ -220,170 +138,10 @@ default_permissions = "vcm_codex_translator"
|
|
|
220
138
|
[permissions.vcm_codex_translator.network]
|
|
221
139
|
enabled = true`;
|
|
222
140
|
}
|
|
223
|
-
export function
|
|
224
|
-
return `# Codex Gate: architecture-plan
|
|
225
|
-
|
|
226
|
-
Review whether the architecture plan is ready for coder implementation.
|
|
227
|
-
|
|
228
|
-
## Required Evidence
|
|
229
|
-
|
|
230
|
-
- \`../../CLAUDE.md\`
|
|
231
|
-
- \`../../.claude/agents/architect.md\`
|
|
232
|
-
- \`../../.claude/agents/coder.md\`
|
|
233
|
-
- \`../../.claude/agents/reviewer.md\`
|
|
234
|
-
- \`../../.ai/vcm/handoffs/architecture-plan.md\`
|
|
235
|
-
- current git status and scaffold diff from \`../..\`
|
|
236
|
-
- \`../../.ai/generated/module-index.json\`
|
|
237
|
-
- \`../../.ai/generated/public-surface.json\`
|
|
238
|
-
|
|
239
|
-
## Task
|
|
240
|
-
|
|
241
|
-
Check the plan against the VCM Codex Reviewer rules in \`AGENTS.md\`.
|
|
242
|
-
|
|
243
|
-
Write exactly one Markdown report:
|
|
244
|
-
|
|
245
|
-
\`\`\`text
|
|
246
|
-
../vcm/codex-reviews/architecture-plan-review.md
|
|
247
|
-
\`\`\`
|
|
248
|
-
|
|
249
|
-
The report decision must be exactly \`approve\` or \`request_changes\`.
|
|
250
|
-
Do not modify any other file.`;
|
|
251
|
-
}
|
|
252
|
-
export function renderCodexValidationAdequacyPrompt() {
|
|
253
|
-
return `# Codex Gate: validation-adequacy
|
|
254
|
-
|
|
255
|
-
Review whether the reviewer report provides enough validation evidence for the task to continue toward docs sync or final acceptance.
|
|
256
|
-
|
|
257
|
-
## Required Evidence
|
|
258
|
-
|
|
259
|
-
- \`../../CLAUDE.md\`
|
|
260
|
-
- \`../../.claude/agents/reviewer.md\`
|
|
261
|
-
- \`../../.ai/vcm/handoffs/architecture-plan.md\`
|
|
262
|
-
- \`../../.ai/vcm/handoffs/review-report.md\`
|
|
263
|
-
- \`../../docs/TESTING.md\`
|
|
264
|
-
- \`../../.ai/generated/module-index.json\`
|
|
265
|
-
- \`../../.ai/generated/public-surface.json\`
|
|
266
|
-
|
|
267
|
-
## Task
|
|
268
|
-
|
|
269
|
-
Check validation adequacy against the VCM Codex Reviewer rules in \`AGENTS.md\`.
|
|
270
|
-
|
|
271
|
-
Write exactly one Markdown report:
|
|
272
|
-
|
|
273
|
-
\`\`\`text
|
|
274
|
-
../vcm/codex-reviews/validation-adequacy-review.md
|
|
275
|
-
\`\`\`
|
|
276
|
-
|
|
277
|
-
The report decision must be exactly \`approve\` or \`request_changes\`.
|
|
278
|
-
Do not modify any other file.`;
|
|
279
|
-
}
|
|
280
|
-
export function renderCodexFinalDiffPrompt() {
|
|
281
|
-
return `# Codex Gate: final-diff
|
|
282
|
-
|
|
283
|
-
Review whether the final task diff is ready for PR preparation.
|
|
284
|
-
|
|
285
|
-
## Required Evidence
|
|
286
|
-
|
|
287
|
-
- \`../../CLAUDE.md\`
|
|
288
|
-
- \`../../.claude/agents/architect.md\`
|
|
289
|
-
- \`../../.claude/agents/coder.md\`
|
|
290
|
-
- \`../../.claude/agents/reviewer.md\`
|
|
291
|
-
- \`../../.ai/vcm/handoffs/architecture-plan.md\`
|
|
292
|
-
- \`../../.ai/vcm/handoffs/review-report.md\`
|
|
293
|
-
- \`../../.ai/vcm/handoffs/docs-sync-report.md\`
|
|
294
|
-
- \`../../.ai/vcm/handoffs/final-acceptance.md\`
|
|
295
|
-
- current git status and diff from \`../..\`
|
|
296
|
-
- \`../../.ai/generated/module-index.json\`
|
|
297
|
-
- \`../../.ai/generated/public-surface.json\`
|
|
298
|
-
|
|
299
|
-
## Task
|
|
300
|
-
|
|
301
|
-
Check the final diff against the VCM Codex Reviewer rules in \`AGENTS.md\`.
|
|
302
|
-
|
|
303
|
-
Write exactly one Markdown report:
|
|
304
|
-
|
|
305
|
-
\`\`\`text
|
|
306
|
-
../vcm/codex-reviews/final-diff-review.md
|
|
307
|
-
\`\`\`
|
|
308
|
-
|
|
309
|
-
The report decision must be exactly \`approve\` or \`request_changes\`.
|
|
310
|
-
Do not modify any other file.`;
|
|
311
|
-
}
|
|
312
|
-
export function renderCodexReviewResultSchema() {
|
|
313
|
-
return `{
|
|
314
|
-
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
315
|
-
"title": "VCM Codex Review Result",
|
|
316
|
-
"type": "object",
|
|
317
|
-
"additionalProperties": false,
|
|
318
|
-
"required": ["gate", "decision", "summary", "findings", "inputsReviewed"],
|
|
319
|
-
"properties": {
|
|
320
|
-
"gate": {
|
|
321
|
-
"type": "string",
|
|
322
|
-
"enum": ["architecture-plan", "validation-adequacy", "final-diff"]
|
|
323
|
-
},
|
|
324
|
-
"decision": {
|
|
325
|
-
"type": "string",
|
|
326
|
-
"enum": ["approve", "request_changes"]
|
|
327
|
-
},
|
|
328
|
-
"summary": {
|
|
329
|
-
"type": "string"
|
|
330
|
-
},
|
|
331
|
-
"findings": {
|
|
332
|
-
"type": "array",
|
|
333
|
-
"items": {
|
|
334
|
-
"type": "object",
|
|
335
|
-
"additionalProperties": false,
|
|
336
|
-
"required": ["severity", "title", "evidence", "expected", "gap", "risk"],
|
|
337
|
-
"properties": {
|
|
338
|
-
"severity": {
|
|
339
|
-
"type": "string",
|
|
340
|
-
"enum": ["critical", "high", "medium", "low"]
|
|
341
|
-
},
|
|
342
|
-
"title": {
|
|
343
|
-
"type": "string"
|
|
344
|
-
},
|
|
345
|
-
"file": {
|
|
346
|
-
"type": "string"
|
|
347
|
-
},
|
|
348
|
-
"line": {
|
|
349
|
-
"type": "integer",
|
|
350
|
-
"minimum": 1
|
|
351
|
-
},
|
|
352
|
-
"evidence": {
|
|
353
|
-
"type": "string"
|
|
354
|
-
},
|
|
355
|
-
"expected": {
|
|
356
|
-
"type": "string"
|
|
357
|
-
},
|
|
358
|
-
"gap": {
|
|
359
|
-
"type": "string"
|
|
360
|
-
},
|
|
361
|
-
"risk": {
|
|
362
|
-
"type": "string"
|
|
363
|
-
}
|
|
364
|
-
}
|
|
365
|
-
}
|
|
366
|
-
},
|
|
367
|
-
"residualRisks": {
|
|
368
|
-
"type": "array",
|
|
369
|
-
"items": {
|
|
370
|
-
"type": "string"
|
|
371
|
-
},
|
|
372
|
-
"default": []
|
|
373
|
-
},
|
|
374
|
-
"inputsReviewed": {
|
|
375
|
-
"type": "array",
|
|
376
|
-
"items": {
|
|
377
|
-
"type": "string"
|
|
378
|
-
}
|
|
379
|
-
}
|
|
380
|
-
}
|
|
381
|
-
}`;
|
|
382
|
-
}
|
|
383
|
-
export function renderVcmCodexReviewGateSkillRules() {
|
|
141
|
+
export function renderVcmGateReviewSkillRules() {
|
|
384
142
|
return `## Purpose
|
|
385
143
|
|
|
386
|
-
Use this skill when project-manager reaches a VCM
|
|
144
|
+
Use this skill when project-manager reaches a VCM Gate Review or receives a VCM Gate Review callback.
|
|
387
145
|
|
|
388
146
|
## Trigger Points
|
|
389
147
|
|
|
@@ -396,7 +154,7 @@ Use this skill when project-manager reaches a VCM Codex Review Gate or receives
|
|
|
396
154
|
Run:
|
|
397
155
|
|
|
398
156
|
\`\`\`sh
|
|
399
|
-
.ai/tools/request-
|
|
157
|
+
.ai/tools/request-gate-review --gate <architecture-plan|validation-adequacy|final-diff>
|
|
400
158
|
\`\`\`
|
|
401
159
|
|
|
402
160
|
Interpret the first output line:
|
|
@@ -405,22 +163,20 @@ Interpret the first output line:
|
|
|
405
163
|
- \`started\` or \`running\`: stop this turn and wait for the VCM callback.
|
|
406
164
|
- \`failed_to_start\`: report the failure to the user.
|
|
407
165
|
|
|
408
|
-
Do not run \`codex exec\` yourself. VCM owns the Codex adapter and gate state.
|
|
409
|
-
|
|
410
166
|
## Callback
|
|
411
167
|
|
|
412
|
-
When VCM sends \`[VCM
|
|
168
|
+
When VCM sends \`[VCM GATE REVIEW CALLBACK]\`, read the named report path.
|
|
413
169
|
|
|
414
170
|
- \`approve\`: continue to the next normal VCM gate.
|
|
415
171
|
- \`request_changes\`: summarize the findings and route follow-up through the responsible VCM role.
|
|
416
172
|
- \`failed\`: stop and ask the user to retry, skip, or override in VCM.
|
|
417
173
|
- \`skipped\` or \`overridden\`: record the exception reason in PM context and continue only as appropriate.
|
|
418
174
|
|
|
419
|
-
Do not ask
|
|
175
|
+
Do not ask Gate Reviewer to choose owners, fixes, Replan, or user-intervention needs. PM routes those decisions through normal VCM responsibilities.`;
|
|
420
176
|
}
|
|
421
|
-
export function
|
|
177
|
+
export function renderRequestGateReviewTool() {
|
|
422
178
|
return `#!/usr/bin/env python3
|
|
423
|
-
"""Request a VCM-managed
|
|
179
|
+
"""Request a VCM-managed Gate Review Gate."""
|
|
424
180
|
import argparse
|
|
425
181
|
import hashlib
|
|
426
182
|
import json
|
|
@@ -437,9 +193,9 @@ from pathlib import Path
|
|
|
437
193
|
|
|
438
194
|
GATES = ("architecture-plan", "validation-adequacy", "final-diff")
|
|
439
195
|
REPORTS = {
|
|
440
|
-
"architecture-plan": ".ai/vcm/
|
|
441
|
-
"validation-adequacy": ".ai/vcm/
|
|
442
|
-
"final-diff": ".ai/vcm/
|
|
196
|
+
"architecture-plan": ".ai/vcm/gate-reviews/architecture-plan-review.md",
|
|
197
|
+
"validation-adequacy": ".ai/vcm/gate-reviews/validation-adequacy-review.md",
|
|
198
|
+
"final-diff": ".ai/vcm/gate-reviews/final-diff-review.md",
|
|
443
199
|
}
|
|
444
200
|
SOURCE_ARTIFACTS = {
|
|
445
201
|
"architecture-plan": [".ai/vcm/handoffs/architecture-plan.md"],
|
|
@@ -481,7 +237,7 @@ def call_vcm_api(gate: str) -> int | None:
|
|
|
481
237
|
base_url.rstrip("/")
|
|
482
238
|
+ "/api/tasks/"
|
|
483
239
|
+ urllib.parse.quote(task_slug, safe="")
|
|
484
|
-
+ "/
|
|
240
|
+
+ "/gate-review/"
|
|
485
241
|
+ urllib.parse.quote(gate, safe="")
|
|
486
242
|
+ "/request"
|
|
487
243
|
)
|
|
@@ -546,9 +302,9 @@ def input_hash(root: Path, gate: str) -> str:
|
|
|
546
302
|
digest = hashlib.sha256()
|
|
547
303
|
common = [
|
|
548
304
|
"CLAUDE.md",
|
|
549
|
-
".
|
|
550
|
-
".
|
|
551
|
-
|
|
305
|
+
".claude/agents/gate-reviewer.md",
|
|
306
|
+
".claude/skills/vcm-gate-review/SKILL.md",
|
|
307
|
+
".ai/tools/request-gate-review",
|
|
552
308
|
]
|
|
553
309
|
for relative in common + SOURCE_ARTIFACTS[gate]:
|
|
554
310
|
path = root / relative
|
|
@@ -557,7 +313,7 @@ def input_hash(root: Path, gate: str) -> str:
|
|
|
557
313
|
digest.update(path.read_bytes())
|
|
558
314
|
else:
|
|
559
315
|
digest.update(b"<missing>")
|
|
560
|
-
if gate
|
|
316
|
+
if gate in ("architecture-plan", "final-diff"):
|
|
561
317
|
digest.update(command_output(root, ["git", "status", "--porcelain=v1"]))
|
|
562
318
|
digest.update(command_output(root, ["git", "diff", "--binary"]))
|
|
563
319
|
digest.update(command_output(root, ["git", "diff", "--cached", "--binary"]))
|
|
@@ -571,7 +327,7 @@ def request_id(gate: str) -> str:
|
|
|
571
327
|
|
|
572
328
|
def local_request(gate: str) -> int:
|
|
573
329
|
root = root_dir()
|
|
574
|
-
index_path = root / ".ai/vcm/
|
|
330
|
+
index_path = root / ".ai/vcm/gate-reviews/index.json"
|
|
575
331
|
index = read_json(index_path)
|
|
576
332
|
enabled = bool(index.get("enabled", False))
|
|
577
333
|
gate_record = index.get("gates", {}).get(gate, {}) if isinstance(index.get("gates"), dict) else {}
|
|
@@ -603,7 +359,8 @@ def local_request(gate: str) -> int:
|
|
|
603
359
|
return 0
|
|
604
360
|
|
|
605
361
|
rid = request_id(gate)
|
|
606
|
-
request_path = root / ".ai/vcm/
|
|
362
|
+
request_path = root / ".ai/vcm/gate-reviews/requests" / f"{rid}.json"
|
|
363
|
+
prompt_path = f".ai/vcm/gate-reviews/requests/{rid}.prompt.md"
|
|
607
364
|
report_path = REPORTS[gate]
|
|
608
365
|
requested_at = now_iso()
|
|
609
366
|
write_json(request_path, {
|
|
@@ -614,7 +371,7 @@ def local_request(gate: str) -> int:
|
|
|
614
371
|
"requestedAt": requested_at,
|
|
615
372
|
"inputHash": current_hash,
|
|
616
373
|
"reportPath": report_path,
|
|
617
|
-
"promptPath":
|
|
374
|
+
"promptPath": prompt_path,
|
|
618
375
|
})
|
|
619
376
|
|
|
620
377
|
index["activeGate"] = gate
|
|
@@ -624,7 +381,7 @@ def local_request(gate: str) -> int:
|
|
|
624
381
|
"status": "running",
|
|
625
382
|
"decision": None,
|
|
626
383
|
"reportPath": report_path,
|
|
627
|
-
"promptPath":
|
|
384
|
+
"promptPath": prompt_path,
|
|
628
385
|
"inputHash": current_hash,
|
|
629
386
|
"requestId": rid,
|
|
630
387
|
"requestPath": request_path.relative_to(root).as_posix(),
|
|
@@ -63,14 +63,14 @@ PM may lightly rewrite the user's words to:
|
|
|
63
63
|
- If a required artifact is missing, stale, blocked, or asks for a decision, route the issue to the responsible role or user.
|
|
64
64
|
- Request architect post-review docs sync after reviewer completes.
|
|
65
65
|
|
|
66
|
-
###
|
|
66
|
+
### Gate Review Gates
|
|
67
67
|
|
|
68
|
-
- Use the \`vcm-
|
|
69
|
-
- If
|
|
68
|
+
- Use the \`vcm-gate-review\` skill to request a Gate Review or handle a VCM Gate Review callback.
|
|
69
|
+
- If Gate Review is enabled, accept only \`approve\` or \`request_changes\`.
|
|
70
70
|
- Before coder dispatch, request \`architecture-plan\`; on \`request_changes\`, route the report to architect.
|
|
71
71
|
- Before docs sync or final acceptance, request \`validation-adequacy\`; on \`request_changes\`, route the report to reviewer.
|
|
72
72
|
- Before PR preparation, request \`final-diff\`; on \`request_changes\`, route the report to architect for Debug Mode or Replan assessment.
|
|
73
|
-
- Do not
|
|
73
|
+
- Do not ask Gate Reviewer to choose owners, fixes, Replan, or user-intervention needs.
|
|
74
74
|
- Record gate decision, report path, and any skip or override reason.
|
|
75
75
|
|
|
76
76
|
### Partial Role Results
|
|
@@ -84,8 +84,8 @@ PM may lightly rewrite the user's words to:
|
|
|
84
84
|
### Final Acceptance
|
|
85
85
|
|
|
86
86
|
- Use the \`vcm-final-acceptance\` skill before declaring the task complete.
|
|
87
|
-
- Start final acceptance only after reviewer, required
|
|
88
|
-
- Confirm required evidence exists: validation result, review decision, required
|
|
87
|
+
- Start final acceptance only after reviewer, required Gate Reviews, and docs-sync gates pass or an explicit exception is approved.
|
|
88
|
+
- Confirm required evidence exists: validation result, review decision, required Gate Review decisions, docs-sync decision, unresolved risks, known-issues disposition, and cleanup status.
|
|
89
89
|
- If final acceptance finds missing evidence, unresolved risk, or required user approval, route it to the responsible role or user before closing the task.
|
|
90
90
|
|
|
91
91
|
### PR Preparation
|
|
@@ -93,7 +93,7 @@ PM may lightly rewrite the user's words to:
|
|
|
93
93
|
- Prepare or update a GitHub PR only after final acceptance passes.
|
|
94
94
|
- Confirm \`git status\` has no uncommitted changes before creating or updating the PR.
|
|
95
95
|
- Use \`.github/pull_request_template.md\` when present.
|
|
96
|
-
- Fill the PR body from final acceptance, review report,
|
|
96
|
+
- Fill the PR body from final acceptance, review report, Gate Review reports when present, docs-sync report, known-issues disposition, and commits.
|
|
97
97
|
- Do not perform technical review or validation during PR preparation; route missing evidence to the responsible role.
|
|
98
98
|
- Create a draft PR by default unless the user requests a ready PR.
|
|
99
99
|
|
|
@@ -16,7 +16,7 @@ Read the relevant task evidence before deciding:
|
|
|
16
16
|
- \`.ai/vcm/handoffs/review-report.md\` when reviewer validation was required
|
|
17
17
|
- \`.ai/vcm/handoffs/docs-sync-report.md\` when durable docs could be affected
|
|
18
18
|
- \`.ai/vcm/handoffs/known-issues.md\` when unresolved findings were recorded
|
|
19
|
-
- \`.ai/vcm/
|
|
19
|
+
- \`.ai/vcm/gate-reviews/index.json\` and referenced Gate Review reports when Gate Reviews were required, skipped, or overridden
|
|
20
20
|
- current \`git status\` and changed file list
|
|
21
21
|
- relevant long-term docs only when needed to confirm that a docs-sync artifact exists and names the correct durable docs
|
|
22
22
|
|
|
@@ -28,7 +28,7 @@ Acceptable evidence must show:
|
|
|
28
28
|
|
|
29
29
|
- architect plan or docs-sync decision when architecture, public contracts, durable docs, or known issues changed
|
|
30
30
|
- reviewer decision and validation evidence when code, behavior, tests, or generated context changed
|
|
31
|
-
- required
|
|
31
|
+
- required Gate Review decisions, skip reasons, or override reasons when Gate Reviews were enabled
|
|
32
32
|
- known-issues disposition when unresolved findings were recorded
|
|
33
33
|
- explicit user approval for accepted high-risk decisions or intentionally skipped required gates
|
|
34
34
|
|
|
@@ -56,7 +56,7 @@ Check:
|
|
|
56
56
|
- required handoff artifacts exist and are current
|
|
57
57
|
- architecture plan completion, Replan, or architect follow-up decision is recorded
|
|
58
58
|
- reviewer report records validation commands, results, skipped checks with reasons, and an acceptable decision
|
|
59
|
-
- required
|
|
59
|
+
- required Gate Reviews are approved, skipped with a recorded reason, or overridden with a recorded reason
|
|
60
60
|
- docs-sync report records docs updated, docs intentionally left unchanged, or required follow-up
|
|
61
61
|
- known issues are either resolved, promoted to durable docs by architect, or explicitly accepted
|
|
62
62
|
- temporary task state is ready to clean after durable facts are promoted
|
|
@@ -72,7 +72,7 @@ Choose exactly one:
|
|
|
72
72
|
- needs-docs-sync
|
|
73
73
|
- blocked-by-user-decision
|
|
74
74
|
|
|
75
|
-
Do not accept when required role evidence is missing, required
|
|
75
|
+
Do not accept when required role evidence is missing, required Gate Review evidence is missing, reviewer findings are unresolved, docs sync is missing for durable changes, known-issues disposition is missing, or unexplained high-risk files remain.
|
|
76
76
|
|
|
77
77
|
## Output
|
|
78
78
|
|
|
@@ -109,7 +109,7 @@ accepted | accepted-with-known-risks | needs-coder-follow-up | needs-architect-r
|
|
|
109
109
|
|
|
110
110
|
## Review And Docs Sync
|
|
111
111
|
|
|
112
|
-
##
|
|
112
|
+
## Gate Review Gates
|
|
113
113
|
|
|
114
114
|
## Cleanup Readiness
|
|
115
115
|
|
package/dist/shared/constants.js
CHANGED
|
@@ -26,10 +26,10 @@ export const VCM_ROLE_DEFINITIONS = [
|
|
|
26
26
|
dispatchable: true
|
|
27
27
|
}
|
|
28
28
|
];
|
|
29
|
-
export const
|
|
30
|
-
name: "
|
|
31
|
-
label: "
|
|
32
|
-
commandAgent: "
|
|
29
|
+
export const GATE_REVIEWER_ROLE_DEFINITION = {
|
|
30
|
+
name: "gate-reviewer",
|
|
31
|
+
label: "Gate Reviewer",
|
|
32
|
+
commandAgent: "gate-reviewer",
|
|
33
33
|
dispatchable: false
|
|
34
34
|
};
|
|
35
35
|
export const CODEX_TRANSLATOR_ROLE_DEFINITION = {
|
|
@@ -39,11 +39,11 @@ export const CODEX_TRANSLATOR_ROLE_DEFINITION = {
|
|
|
39
39
|
dispatchable: false
|
|
40
40
|
};
|
|
41
41
|
export const CODEX_ROLE_DEFINITIONS = [
|
|
42
|
-
CODEX_REVIEWER_ROLE_DEFINITION,
|
|
43
42
|
CODEX_TRANSLATOR_ROLE_DEFINITION
|
|
44
43
|
];
|
|
45
44
|
export const ROLE_DEFINITIONS = [
|
|
46
45
|
...VCM_ROLE_DEFINITIONS,
|
|
46
|
+
GATE_REVIEWER_ROLE_DEFINITION,
|
|
47
47
|
...CODEX_ROLE_DEFINITIONS
|
|
48
48
|
];
|
|
49
49
|
export const VCM_ROLE_NAMES = VCM_ROLE_DEFINITIONS.map((role) => role.name);
|
|
@@ -58,6 +58,9 @@ export function isRoleName(value) {
|
|
|
58
58
|
export function isVcmRoleName(value) {
|
|
59
59
|
return VCM_ROLE_NAMES.includes(value);
|
|
60
60
|
}
|
|
61
|
+
export function isGateReviewerRoleName(value) {
|
|
62
|
+
return value === GATE_REVIEWER_ROLE_DEFINITION.name;
|
|
63
|
+
}
|
|
61
64
|
export function isCodexRoleName(value) {
|
|
62
65
|
return CODEX_ROLE_NAMES.includes(value);
|
|
63
66
|
}
|