werktools 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (240) hide show
  1. werktools-0.1.0/.github/ISSUE_TEMPLATE/bug_report.md +72 -0
  2. werktools-0.1.0/.github/ISSUE_TEMPLATE/config.yml +17 -0
  3. werktools-0.1.0/.github/ISSUE_TEMPLATE/feature_request.md +46 -0
  4. werktools-0.1.0/.github/PULL_REQUEST_TEMPLATE.md +48 -0
  5. werktools-0.1.0/.github/workflows/ci.yml +58 -0
  6. werktools-0.1.0/.github/workflows/pages.yml +55 -0
  7. werktools-0.1.0/.github/workflows/publish.yml +43 -0
  8. werktools-0.1.0/.gitignore +33 -0
  9. werktools-0.1.0/AGENTS.md +58 -0
  10. werktools-0.1.0/CHANGELOG.md +30 -0
  11. werktools-0.1.0/CITATION.cff +12 -0
  12. werktools-0.1.0/CODE_OF_CONDUCT.md +32 -0
  13. werktools-0.1.0/CONTRIBUTING.md +40 -0
  14. werktools-0.1.0/LICENSE +661 -0
  15. werktools-0.1.0/PKG-INFO +421 -0
  16. werktools-0.1.0/README.md +386 -0
  17. werktools-0.1.0/SECURITY.md +128 -0
  18. werktools-0.1.0/SETUP.md +131 -0
  19. werktools-0.1.0/desktop/.gitignore +6 -0
  20. werktools-0.1.0/desktop/README.md +68 -0
  21. werktools-0.1.0/desktop/assets/seam-w.svg +5 -0
  22. werktools-0.1.0/desktop/backend/.gitignore +4 -0
  23. werktools-0.1.0/desktop/backend/werkhub-backend.spec +54 -0
  24. werktools-0.1.0/desktop/backend/werkhub_backend.py +13 -0
  25. werktools-0.1.0/desktop/bridge/sidecar.ts +95 -0
  26. werktools-0.1.0/desktop/deno.json +16 -0
  27. werktools-0.1.0/desktop/deno.lock +1650 -0
  28. werktools-0.1.0/desktop/design-system.json +116 -0
  29. werktools-0.1.0/desktop/docs/design-system.html +316 -0
  30. werktools-0.1.0/desktop/index.html +15 -0
  31. werktools-0.1.0/desktop/main.ts +50 -0
  32. werktools-0.1.0/desktop/package.json +34 -0
  33. werktools-0.1.0/desktop/pnpm-lock.yaml +2480 -0
  34. werktools-0.1.0/desktop/pnpm-workspace.yaml +2 -0
  35. werktools-0.1.0/desktop/public/seam-w.svg +5 -0
  36. werktools-0.1.0/desktop/scripts/gen-tokens.mjs +102 -0
  37. werktools-0.1.0/desktop/src/App.tsx +75 -0
  38. werktools-0.1.0/desktop/src/api/client.test.ts +41 -0
  39. werktools-0.1.0/desktop/src/api/client.ts +59 -0
  40. werktools-0.1.0/desktop/src/api/events.test.ts +72 -0
  41. werktools-0.1.0/desktop/src/api/events.ts +32 -0
  42. werktools-0.1.0/desktop/src/api/types.ts +135 -0
  43. werktools-0.1.0/desktop/src/badges/Badge.test.tsx +49 -0
  44. werktools-0.1.0/desktop/src/badges/Badge.tsx +54 -0
  45. werktools-0.1.0/desktop/src/badges/PORTABLE.md +36 -0
  46. werktools-0.1.0/desktop/src/badges/RoleBadge.tsx +24 -0
  47. werktools-0.1.0/desktop/src/badges/roles.test.ts +76 -0
  48. werktools-0.1.0/desktop/src/badges/roles.ts +159 -0
  49. werktools-0.1.0/desktop/src/main.tsx +20 -0
  50. werktools-0.1.0/desktop/src/shadcn-preset.css +24 -0
  51. werktools-0.1.0/desktop/src/shell/Cockpit.test.tsx +21 -0
  52. werktools-0.1.0/desktop/src/shell/Cockpit.tsx +29 -0
  53. werktools-0.1.0/desktop/src/shell/CommandBar.tsx +66 -0
  54. werktools-0.1.0/desktop/src/shell/ErrorBoundary.tsx +48 -0
  55. werktools-0.1.0/desktop/src/shell/IconRail.tsx +145 -0
  56. werktools-0.1.0/desktop/src/shell/ThemeSwitcher.tsx +74 -0
  57. werktools-0.1.0/desktop/src/tokens.css +228 -0
  58. werktools-0.1.0/desktop/src/views/Approvals.css +26 -0
  59. werktools-0.1.0/desktop/src/views/Approvals.test.tsx +102 -0
  60. werktools-0.1.0/desktop/src/views/Approvals.tsx +277 -0
  61. werktools-0.1.0/desktop/src/views/Board.test.tsx +177 -0
  62. werktools-0.1.0/desktop/src/views/Board.tsx +860 -0
  63. werktools-0.1.0/desktop/src/views/Connectors.test.tsx +43 -0
  64. werktools-0.1.0/desktop/src/views/Connectors.tsx +450 -0
  65. werktools-0.1.0/desktop/src/views/Console.test.tsx +103 -0
  66. werktools-0.1.0/desktop/src/views/Console.tsx +288 -0
  67. werktools-0.1.0/desktop/src/views/Onboard.test.tsx +119 -0
  68. werktools-0.1.0/desktop/src/views/Onboard.tsx +283 -0
  69. werktools-0.1.0/desktop/src/views/Permissions.test.tsx +46 -0
  70. werktools-0.1.0/desktop/src/views/Permissions.tsx +254 -0
  71. werktools-0.1.0/desktop/src/views/Registry.test.tsx +162 -0
  72. werktools-0.1.0/desktop/src/views/Registry.tsx +751 -0
  73. werktools-0.1.0/desktop/src/views/Timeline.test.tsx +156 -0
  74. werktools-0.1.0/desktop/src/views/Timeline.tsx +463 -0
  75. werktools-0.1.0/desktop/test/setup.ts +1 -0
  76. werktools-0.1.0/desktop/tsconfig.json +18 -0
  77. werktools-0.1.0/desktop/vite.config.ts +19 -0
  78. werktools-0.1.0/docs/ACCEPTANCE_MATRIX.md +32 -0
  79. werktools-0.1.0/docs/DESIGN.md +90 -0
  80. werktools-0.1.0/docs/adr/ADR-001-two-policy-models.md +74 -0
  81. werktools-0.1.0/docs/adr/ADR-002-store-bridge.md +58 -0
  82. werktools-0.1.0/docs/adr/ADR-003-werk-werkhub-boundary.md +90 -0
  83. werktools-0.1.0/docs/adr/ADR-004-string-trust-tiers.md +64 -0
  84. werktools-0.1.0/docs/adr/ADR-005-tier1-allowlist-gate.md +67 -0
  85. werktools-0.1.0/docs/adr/ADR-006-cross-harness-standard.md +74 -0
  86. werktools-0.1.0/docs/assets/.gitkeep +1 -0
  87. werktools-0.1.0/docs/assets/seam-w.svg +1 -0
  88. werktools-0.1.0/docs/assets/werkhub-dashboard.svg +103 -0
  89. werktools-0.1.0/docs/bench.md +117 -0
  90. werktools-0.1.0/docs/cli.md +354 -0
  91. werktools-0.1.0/docs/concepts.md +128 -0
  92. werktools-0.1.0/docs/dashboard.md +107 -0
  93. werktools-0.1.0/docs/getting-started.md +137 -0
  94. werktools-0.1.0/docs/index.md +86 -0
  95. werktools-0.1.0/docs/onboarding.md +121 -0
  96. werktools-0.1.0/docs/registry.md +128 -0
  97. werktools-0.1.0/docs/security.md +140 -0
  98. werktools-0.1.0/docs/skills-library/README.md +30 -0
  99. werktools-0.1.0/docs/skills-library/antigravity-evidence-worker/SKILL.md +146 -0
  100. werktools-0.1.0/docs/skills-library/cinematic-ai-director/SKILL.md +428 -0
  101. werktools-0.1.0/docs/skills-library/lip-sync-avatar-reel/SKILL.md +489 -0
  102. werktools-0.1.0/docs/skills-library/local-first-gen-media-pipeline/SKILL.md +129 -0
  103. werktools-0.1.0/docs/skills-library/local-first-gen-media-pipeline/references/REFERENCE.md +924 -0
  104. werktools-0.1.0/docs/skills-library/loop-engineering/SKILL.md +305 -0
  105. werktools-0.1.0/docs/stylesheets/werkhub.css +244 -0
  106. werktools-0.1.0/examples/echo_server.py +111 -0
  107. werktools-0.1.0/examples/truth_server.py +106 -0
  108. werktools-0.1.0/mkdocs.yml +69 -0
  109. werktools-0.1.0/pyproject.toml +67 -0
  110. werktools-0.1.0/requirements-docs.txt +1 -0
  111. werktools-0.1.0/scripts/__init__.py +0 -0
  112. werktools-0.1.0/scripts/check_release_hygiene.py +267 -0
  113. werktools-0.1.0/scripts/check_unicode_safety.py +350 -0
  114. werktools-0.1.0/scripts/fix_import_position.py +50 -0
  115. werktools-0.1.0/src/werktools/__init__.py +3 -0
  116. werktools-0.1.0/src/werktools/__main__.py +16 -0
  117. werktools-0.1.0/src/werktools/catalog.py +223 -0
  118. werktools-0.1.0/src/werktools/classify.py +179 -0
  119. werktools-0.1.0/src/werktools/cli.py +2090 -0
  120. werktools-0.1.0/src/werktools/envelope.py +42 -0
  121. werktools-0.1.0/src/werktools/hub/__init__.py +2 -0
  122. werktools-0.1.0/src/werktools/hub/allowlist.py +318 -0
  123. werktools-0.1.0/src/werktools/hub/approvals.py +461 -0
  124. werktools-0.1.0/src/werktools/hub/capabilities.py +38 -0
  125. werktools-0.1.0/src/werktools/hub/capability_select.py +135 -0
  126. werktools-0.1.0/src/werktools/hub/contracts.py +474 -0
  127. werktools-0.1.0/src/werktools/hub/dashboard.py +1467 -0
  128. werktools-0.1.0/src/werktools/hub/dashboard_fonts.py +16 -0
  129. werktools-0.1.0/src/werktools/hub/diagnose.py +120 -0
  130. werktools-0.1.0/src/werktools/hub/discovery.py +367 -0
  131. werktools-0.1.0/src/werktools/hub/export_rules.py +246 -0
  132. werktools-0.1.0/src/werktools/hub/invariants.py +176 -0
  133. werktools-0.1.0/src/werktools/hub/ledger.py +64 -0
  134. werktools-0.1.0/src/werktools/hub/lifecycle.py +658 -0
  135. werktools-0.1.0/src/werktools/hub/onboarding.py +505 -0
  136. werktools-0.1.0/src/werktools/hub/policy.py +146 -0
  137. werktools-0.1.0/src/werktools/hub/pool.py +138 -0
  138. werktools-0.1.0/src/werktools/hub/registry.py +215 -0
  139. werktools-0.1.0/src/werktools/hub/registry_db.py +289 -0
  140. werktools-0.1.0/src/werktools/hub/registry_seed.json +1592 -0
  141. werktools-0.1.0/src/werktools/hub/relay.py +289 -0
  142. werktools-0.1.0/src/werktools/hub/render.py +139 -0
  143. werktools-0.1.0/src/werktools/hub/runtime_row.py +36 -0
  144. werktools-0.1.0/src/werktools/hub/runtimes.py +376 -0
  145. werktools-0.1.0/src/werktools/hub/server.py +654 -0
  146. werktools-0.1.0/src/werktools/hub/status.py +111 -0
  147. werktools-0.1.0/src/werktools/hub/store_bridge.py +87 -0
  148. werktools-0.1.0/src/werktools/hub/workers.py +323 -0
  149. werktools-0.1.0/src/werktools/ledger.py +167 -0
  150. werktools-0.1.0/src/werktools/policy.py +102 -0
  151. werktools-0.1.0/src/werktools/profile.py +104 -0
  152. werktools-0.1.0/src/werktools/redaction.py +107 -0
  153. werktools-0.1.0/src/werktools/server.py +123 -0
  154. werktools-0.1.0/src/werktools/tools/__init__.py +2 -0
  155. werktools-0.1.0/src/werktools/tools/audit.py +186 -0
  156. werktools-0.1.0/src/werktools/tools/bench.py +1205 -0
  157. werktools-0.1.0/src/werktools/tools/canon.py +242 -0
  158. werktools-0.1.0/src/werktools/tools/cost.py +267 -0
  159. werktools-0.1.0/src/werktools/tools/data_gate.py +392 -0
  160. werktools-0.1.0/src/werktools/tools/eval.py +124 -0
  161. werktools-0.1.0/src/werktools/tools/integration_gate.py +318 -0
  162. werktools-0.1.0/src/werktools/tools/mine.py +255 -0
  163. werktools-0.1.0/src/werktools/tools/skills.py +73 -0
  164. werktools-0.1.0/src/werktools/tools/skills_discover.py +322 -0
  165. werktools-0.1.0/src/werktools/tools/swarm.py +257 -0
  166. werktools-0.1.0/src/werktools/tools/trace.py +227 -0
  167. werktools-0.1.0/src/werktools/tools/truth.py +274 -0
  168. werktools-0.1.0/src/werktools/tools/vault.py +388 -0
  169. werktools-0.1.0/tests/__init__.py +1 -0
  170. werktools-0.1.0/tests/cassette.py +80 -0
  171. werktools-0.1.0/tests/cassettes/workers_policy.json +5 -0
  172. werktools-0.1.0/tests/conftest.py +76 -0
  173. werktools-0.1.0/tests/fake_process.py +52 -0
  174. werktools-0.1.0/tests/fixtures/agents_base.md +9 -0
  175. werktools-0.1.0/tests/fixtures/bench_results.json +54 -0
  176. werktools-0.1.0/tests/fixtures/marketplace_anthropic.json +7 -0
  177. werktools-0.1.0/tests/fixtures/registry_cassette.json +34 -0
  178. werktools-0.1.0/tests/fixtures/skill_yaml_frontmatter.md +9 -0
  179. werktools-0.1.0/tests/fixtures/skill_yaml_no_frontmatter.md +7 -0
  180. werktools-0.1.0/tests/fixtures/skills/admin-deploy.md +7 -0
  181. werktools-0.1.0/tests/fixtures/skills/review-policy.md +7 -0
  182. werktools-0.1.0/tests/test_bench.py +1011 -0
  183. werktools-0.1.0/tests/test_canon.py +138 -0
  184. werktools-0.1.0/tests/test_capability_catalog.py +106 -0
  185. werktools-0.1.0/tests/test_capability_select.py +131 -0
  186. werktools-0.1.0/tests/test_catalog.py +164 -0
  187. werktools-0.1.0/tests/test_cc_cassette.py +50 -0
  188. werktools-0.1.0/tests/test_cc_conftest.py +37 -0
  189. werktools-0.1.0/tests/test_cc_invariants.py +147 -0
  190. werktools-0.1.0/tests/test_cc_store_bridge.py +163 -0
  191. werktools-0.1.0/tests/test_check_release_hygiene.py +215 -0
  192. werktools-0.1.0/tests/test_classify.py +421 -0
  193. werktools-0.1.0/tests/test_envelope.py +123 -0
  194. werktools-0.1.0/tests/test_export_rules.py +169 -0
  195. werktools-0.1.0/tests/test_extras_matrix.py +313 -0
  196. werktools-0.1.0/tests/test_hub_allowlist.py +348 -0
  197. werktools-0.1.0/tests/test_hub_approvals.py +437 -0
  198. werktools-0.1.0/tests/test_hub_approvals_server.py +342 -0
  199. werktools-0.1.0/tests/test_hub_cli.py +364 -0
  200. werktools-0.1.0/tests/test_hub_contracts.py +177 -0
  201. werktools-0.1.0/tests/test_hub_dashboard.py +1878 -0
  202. werktools-0.1.0/tests/test_hub_diagnose.py +99 -0
  203. werktools-0.1.0/tests/test_hub_discovery.py +399 -0
  204. werktools-0.1.0/tests/test_hub_ledger.py +63 -0
  205. werktools-0.1.0/tests/test_hub_lifecycle.py +455 -0
  206. werktools-0.1.0/tests/test_hub_onboarding.py +576 -0
  207. werktools-0.1.0/tests/test_hub_policy.py +106 -0
  208. werktools-0.1.0/tests/test_hub_pool.py +117 -0
  209. werktools-0.1.0/tests/test_hub_reaper.py +199 -0
  210. werktools-0.1.0/tests/test_hub_registry.py +77 -0
  211. werktools-0.1.0/tests/test_hub_relay.py +444 -0
  212. werktools-0.1.0/tests/test_hub_render.py +149 -0
  213. werktools-0.1.0/tests/test_hub_runtime_row.py +137 -0
  214. werktools-0.1.0/tests/test_hub_runtimes.py +376 -0
  215. werktools-0.1.0/tests/test_hub_server.py +401 -0
  216. werktools-0.1.0/tests/test_hub_status.py +94 -0
  217. werktools-0.1.0/tests/test_hub_workers.py +305 -0
  218. werktools-0.1.0/tests/test_hub_workers_server.py +254 -0
  219. werktools-0.1.0/tests/test_integration_gate.py +227 -0
  220. werktools-0.1.0/tests/test_ledger.py +232 -0
  221. werktools-0.1.0/tests/test_policy.py +298 -0
  222. werktools-0.1.0/tests/test_profile.py +217 -0
  223. werktools-0.1.0/tests/test_redaction.py +66 -0
  224. werktools-0.1.0/tests/test_registry_cli.py +56 -0
  225. werktools-0.1.0/tests/test_registry_db.py +267 -0
  226. werktools-0.1.0/tests/test_server.py +229 -0
  227. werktools-0.1.0/tests/test_skill_library.py +103 -0
  228. werktools-0.1.0/tests/test_skills_discover.py +132 -0
  229. werktools-0.1.0/tests/test_trust_taxonomy.py +162 -0
  230. werktools-0.1.0/tests/test_truth_auditor.py +171 -0
  231. werktools-0.1.0/tests/test_unicode_safety.py +321 -0
  232. werktools-0.1.0/tests/test_version.py +15 -0
  233. werktools-0.1.0/tests/test_werk_audit.py +149 -0
  234. werktools-0.1.0/tests/test_werk_cost.py +147 -0
  235. werktools-0.1.0/tests/test_werk_data_gate.py +168 -0
  236. werktools-0.1.0/tests/test_werk_eval.py +65 -0
  237. werktools-0.1.0/tests/test_werk_mine.py +145 -0
  238. werktools-0.1.0/tests/test_werk_swarm.py +142 -0
  239. werktools-0.1.0/tests/test_werk_trace.py +196 -0
  240. werktools-0.1.0/tests/test_werk_vault.py +225 -0
@@ -0,0 +1,72 @@
1
+ ---
2
+ name: Bug report
3
+ about: Report a reproducible defect in WERKHub (the local, governed MCP control plane)
4
+ title: "bug: <short summary>"
5
+ labels: [bug, triage]
6
+ assignees: []
7
+ ---
8
+
9
+ <!--
10
+ For a security vulnerability, DO NOT open a public issue.
11
+ Use GitHub private vulnerability reporting (Security > Report a vulnerability)
12
+ and see SECURITY.md. This keeps the fail-closed trust boundary intact.
13
+ -->
14
+
15
+ ## Summary
16
+
17
+ A clear, one-sentence description of the defect and the observed wrong behavior.
18
+
19
+ ## Surface
20
+
21
+ Which WERKHub surface is affected (check all that apply):
22
+
23
+ - [ ] CLI (`werktools hub ...`)
24
+ - [ ] MCP server (`hub serve`)
25
+ - [ ] Dashboard (`hub doctor` / `hub dashboard`)
26
+ - [ ] Policy / classification (gating, allowlist, approval tokens)
27
+ - [ ] Ledger / evidence chain
28
+ - [ ] Other (describe below)
29
+
30
+ ## Steps to reproduce
31
+
32
+ A minimal, deterministic, offline reproduction (no network, no real keys).
33
+
34
+ ```text
35
+ 1.
36
+ 2.
37
+ 3.
38
+ ```
39
+
40
+ ## Expected behavior
41
+
42
+ What you expected to happen. If this involves a guardrail (deny-by-default,
43
+ fail-closed, approval-gated, ledgered), state the invariant you expected to hold.
44
+
45
+ ## Actual behavior
46
+
47
+ What actually happened. Paste the exact envelope / error output. Redact any
48
+ secrets and personal paths before pasting.
49
+
50
+ ```text
51
+ <output>
52
+ ```
53
+
54
+ ## Environment
55
+
56
+ - WERKHub version: <e.g. 0.2.0> (`werktools --version` / pyproject)
57
+ - Python version: <e.g. 3.10 / 3.11 / 3.12>
58
+ - OS: <e.g. Windows 11 / Ubuntu 22.04>
59
+ - Install extras: <core only / [server] / [yaml] / [worker] / [all]>
60
+
61
+ ## Impact
62
+
63
+ - [ ] Guardrail bypass or fail-open behavior (security-relevant — consider private reporting instead)
64
+ - [ ] Data loss / ledger integrity
65
+ - [ ] Crash / unhandled error
66
+ - [ ] Incorrect result, no integrity impact
67
+ - [ ] Cosmetic / docs
68
+
69
+ ## Additional context
70
+
71
+ Logs, ledger excerpts (redacted), or links. Confirm no secrets or personal
72
+ paths are present in anything you paste.
@@ -0,0 +1,17 @@
1
+ blank_issues_enabled: false
2
+ contact_links:
3
+ - name: Security vulnerability (private)
4
+ url: https://github.com/Shuwajaja/WERKHub/security/advisories/new
5
+ about: >-
6
+ Do NOT open a public issue for security problems. Use GitHub private
7
+ vulnerability reporting. See SECURITY.md for the threat model and scope.
8
+ - name: Questions & discussion
9
+ url: https://github.com/Shuwajaja/WERKHub/discussions
10
+ about: >-
11
+ Ask usage questions, share ideas, or discuss design before filing a
12
+ feature request. Keep bug reports and feature requests in the issue tracker.
13
+ - name: Contributing guide
14
+ url: https://github.com/Shuwajaja/WERKHub/blob/main/CONTRIBUTING.md
15
+ about: >-
16
+ Read the local gate (ruff, mypy, hub doctor invariants, offline tests)
17
+ and hard guardrails before opening a pull request.
@@ -0,0 +1,46 @@
1
+ ---
2
+ name: Feature request
3
+ about: Propose a capability or change for WERKHub that respects the governed, fail-closed core
4
+ title: "feat: <short summary>"
5
+ labels: [enhancement, triage]
6
+ assignees: []
7
+ ---
8
+
9
+ ## Problem
10
+
11
+ What problem are you trying to solve? Describe the situation and who it affects.
12
+ Lead with the pain, not the solution.
13
+
14
+ ## Proposed change
15
+
16
+ What you would like WERKHub to do. Be concrete about the surface (CLI, MCP
17
+ server, dashboard, policy, ledger) and the expected behavior.
18
+
19
+ ## Why it belongs in WERKHub
20
+
21
+ WERKHub is the local, governed MCP control plane: browse, connect, and
22
+ supervise agent MCP extensions, deny-by-default and everything ledgered.
23
+ Explain how this proposal fits that scope rather than expanding it elsewhere.
24
+
25
+ ## Guardrail check
26
+
27
+ Confirm the proposal is compatible with the project's hard invariants:
28
+
29
+ - [ ] Keeps the core **stdlib-only** (`dependencies = []`); any new dependency
30
+ lives behind an optional extra and is imported inside function bodies, not
31
+ at module scope in the core.
32
+ - [ ] **No daemon / background network** added to the core; long-lived loops
33
+ stay in the serve/dashboard entry points only.
34
+ - [ ] **Fail-closed**: new write/destructive paths are gated (approval token)
35
+ and unknown profiles/tools/scopes still deny.
36
+ - [ ] **Ledgered**: new state-changing actions emit a tamper-evident event.
37
+ - [ ] Testable **offline and deterministically** (no network, no real keys).
38
+
39
+ ## Alternatives considered
40
+
41
+ Other approaches you weighed and why you rejected them.
42
+
43
+ ## Additional context
44
+
45
+ Mockups, links, prior art, or related issues. Note any new event names or
46
+ policy scopes the change would introduce.
@@ -0,0 +1,48 @@
1
+ <!--
2
+ WERKHub is the local, governed MCP control plane. Keep the core stdlib-only and
3
+ fail-closed. PRs that touch policy, ledger, or approval-token paths get extra
4
+ scrutiny. Run the full local gate before requesting review.
5
+ -->
6
+
7
+ ## What & why
8
+
9
+ Briefly describe the change and the problem it solves. Link the issue it closes.
10
+
11
+ Closes #
12
+
13
+ ## Type of change
14
+
15
+ - [ ] Bug fix (non-breaking)
16
+ - [ ] New feature (non-breaking)
17
+ - [ ] Breaking change (behavior, CLI, MCP contract, or event names)
18
+ - [ ] Docs / chore / refactor (no behavior change)
19
+
20
+ ## How tested
21
+
22
+ Describe the offline, deterministic verification. Note new fixtures, cassettes,
23
+ golden files, injected clocks, or platform skip-guards.
24
+
25
+ ## Checklist (required)
26
+
27
+ - [ ] **Tests added/updated** and pass (`pytest -q`, offline & deterministic)
28
+ - [ ] **ruff clean** (`ruff check src/ tests/ examples/`)
29
+ - [ ] **mypy clean** (`mypy src/werktools`)
30
+ - [ ] **Invariants pass** (`werktools hub doctor`: `dependencies = []`, no module-scope
31
+ FastMCP outside allowed files, no daemon in core, unique event names)
32
+ - [ ] **Release-hygiene clean** (`python scripts/check_release_hygiene.py --strict`)
33
+ - [ ] **No secrets / no personal paths** committed (keys, tokens, absolute home
34
+ paths, machine names); redaction holds and unicode-safety passes
35
+
36
+ ## Guardrail impact
37
+
38
+ - [ ] Core stays **stdlib-only**; any new dependency is behind an optional extra
39
+ and imported inside function bodies (never module-scope in the core)
40
+ - [ ] No new daemon or background network call in the core
41
+ - [ ] New write/destructive paths are **fail-closed** and approval-gated
42
+ - [ ] New state-changing actions are **ledgered** (tamper-evident events)
43
+ - [ ] Public behavior changes (CLI, MCP contract, event names) are documented
44
+ in `CHANGELOG.md`
45
+
46
+ ## Notes for the reviewer
47
+
48
+ Anything reviewers should focus on, trade-offs made, or follow-ups deferred.
@@ -0,0 +1,58 @@
1
+ name: CI
2
+
3
+ on:
4
+ push:
5
+ branches: [main, master]
6
+ pull_request:
7
+ workflow_dispatch:
8
+
9
+ jobs:
10
+ test:
11
+ strategy:
12
+ fail-fast: false
13
+ matrix:
14
+ os: [ubuntu-latest, windows-latest]
15
+ python-version: ["3.10", "3.11", "3.12"]
16
+ runs-on: ${{ matrix.os }}
17
+ steps:
18
+ - uses: actions/checkout@v4
19
+ - uses: actions/setup-python@v5
20
+ with:
21
+ python-version: ${{ matrix.python-version }}
22
+ - name: Install
23
+ run: |
24
+ python -m pip install --upgrade pip
25
+ pip install -e .[all]
26
+ pip install ruff mypy pytest
27
+ - name: Release-hygiene validator (strict)
28
+ run: python scripts/check_release_hygiene.py --strict
29
+ - name: Doctor (guardrail invariants)
30
+ run: python -c "from werktools.cli import main; import sys; sys.exit(main(['hub','doctor']))"
31
+ - name: Unicode safety
32
+ run: python scripts/check_unicode_safety.py --strict .
33
+ - name: Lint
34
+ run: ruff check src/ tests/ examples/
35
+ - name: Types
36
+ run: mypy src/werktools --ignore-missing-imports
37
+ - name: Tests (offline)
38
+ run: pytest
39
+
40
+
41
+ bare-install:
42
+ name: Bare install smoke (no extras)
43
+ runs-on: ubuntu-latest
44
+ steps:
45
+ - uses: actions/checkout@v4
46
+ - uses: actions/setup-python@v5
47
+ with:
48
+ python-version: "3.12"
49
+ - name: Install core only (no extras)
50
+ run: |
51
+ python -m pip install --upgrade pip
52
+ pip install -e .
53
+ pip install pytest
54
+ - name: Import smoke
55
+ run: |
56
+ python -c "import werktools; from werktools.envelope import ok, err; from werktools.ledger import append, read; from werktools.classify import classify_tool; from werktools.policy import decide; from werktools.profile import load_profile; from werktools.redaction import redact_payload; from werktools.catalog import CatalogCard; print('core import OK')"
57
+ - name: Extras guard smoke
58
+ run: python -m pytest tests/test_extras_matrix.py -q
@@ -0,0 +1,55 @@
1
+ name: Deploy docs to GitHub Pages
2
+
3
+ on:
4
+ push:
5
+ branches:
6
+ - main
7
+
8
+ # Allow only one concurrent deployment
9
+ concurrency:
10
+ group: pages
11
+ cancel-in-progress: false
12
+
13
+ permissions:
14
+ contents: read
15
+ pages: write
16
+ id-token: write
17
+
18
+ jobs:
19
+ build:
20
+ name: Build documentation
21
+ runs-on: ubuntu-latest
22
+ steps:
23
+ - name: Checkout
24
+ uses: actions/checkout@v4
25
+
26
+ - name: Set up Python
27
+ uses: actions/setup-python@v5
28
+ with:
29
+ python-version: "3.12"
30
+
31
+ - name: Install docs dependencies
32
+ run: pip install -r requirements-docs.txt
33
+
34
+ - name: Build docs
35
+ run: mkdocs build --strict --site-dir _site
36
+
37
+ - name: Configure Pages
38
+ uses: actions/configure-pages@v5
39
+
40
+ - name: Upload pages artifact
41
+ uses: actions/upload-pages-artifact@v3
42
+ with:
43
+ path: _site
44
+
45
+ deploy:
46
+ name: Deploy to GitHub Pages
47
+ needs: build
48
+ runs-on: ubuntu-latest
49
+ environment:
50
+ name: github-pages
51
+ url: ${{ steps.deployment.outputs.page_url }}
52
+ steps:
53
+ - name: Deploy to GitHub Pages
54
+ id: deployment
55
+ uses: actions/deploy-pages@v4
@@ -0,0 +1,43 @@
1
+ name: Publish
2
+
3
+ on:
4
+ push:
5
+ tags: ["v*.*.*"]
6
+
7
+ # OPERATOR-SIGN-OFF: requires a PyPI token (or OIDC trusted publishing) and a
8
+ # real version tag. Do not enable until the operator has set PYPI_API_TOKEN.
9
+ # Fail-closed: refuses pre-release/rc/dev builds, requires the tag to match the
10
+ # package version, and is gated behind a protected `pypi` environment (add
11
+ # required reviewers in repo Settings -> Environments).
12
+ jobs:
13
+ publish:
14
+ runs-on: ubuntu-latest
15
+ environment: pypi
16
+ steps:
17
+ - uses: actions/checkout@v4
18
+ - uses: actions/setup-python@v5
19
+ with:
20
+ python-version: "3.11"
21
+ - name: Verify tag matches package version
22
+ run: |
23
+ TAG="${GITHUB_REF_NAME#v}"
24
+ PKG=$(python -c "import tomllib; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
25
+ echo "tag=$TAG pkg=$PKG"
26
+ test "$TAG" = "$PKG" || { echo "Tag $TAG != package version $PKG"; exit 1; }
27
+ - name: Refuse pre-release / rc / dev builds
28
+ run: |
29
+ PKG=$(python -c "import tomllib; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
30
+ case "$PKG" in
31
+ *rc*|*a*|*b*|*dev*|*alpha*|*beta*) echo "Refusing to publish pre-release $PKG"; exit 1 ;;
32
+ esac
33
+ - name: Build
34
+ run: |
35
+ python -m pip install --upgrade pip build twine
36
+ python -m build
37
+ - name: Check artifacts
38
+ run: twine check dist/*
39
+ - name: Publish to PyPI
40
+ env:
41
+ TWINE_USERNAME: __token__
42
+ TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
43
+ run: twine upload dist/*
@@ -0,0 +1,33 @@
1
+ __pycache__/
2
+ *.py[cod]
3
+ .pytest_cache/
4
+ .mypy_cache/
5
+ .ruff_cache/
6
+ build/
7
+ dist/
8
+ *.egg-info/
9
+ .codex-remote-attachments/
10
+ .deepeval/
11
+ .werktools/
12
+ outputs/
13
+
14
+ # Secrets & local config — never commit
15
+ .env
16
+ .env.*
17
+ !.env.example
18
+ *.local.*
19
+ *.key
20
+ *.pem
21
+ *.p12
22
+ credentials.json
23
+ secrets.*
24
+ .mcp.json
25
+ .venv/
26
+ venv/
27
+
28
+ # Internal launch-prep drafts (superseded by the real README/CI/SECURITY files;
29
+ # kept locally, never published — one draft carried a personal email)
30
+ docs/launch-drafts/
31
+
32
+ # MkDocs build output (docs site)
33
+ /site/
@@ -0,0 +1,58 @@
1
+ # AGENTS.md
2
+
3
+ Project context for AI coding agents (and humans) working on **werktools / WERKHub** —
4
+ the local, governed MCP control plane. This file is the authoritative source of repo
5
+ rules; see [README.md](README.md) for the full overview and [CONTRIBUTING.md](CONTRIBUTING.md)
6
+ for setup.
7
+
8
+ ## What this repo is
9
+
10
+ A Python package (`werktools`) that ships the WERKHub MCP gateway: a stdio MCP server, a
11
+ local HTTP dashboard, a CLI, and local tool slices. A separate native desktop console
12
+ lives under `desktop/`. The package core is **stdlib-only and offline-testable**.
13
+
14
+ ## Hard rules
15
+
16
+ - **Keep the core dependency-free.** Third-party imports are allowed only inside the
17
+ optional extras (`server` / `worker` / `yaml`); every other sub-import must succeed with
18
+ zero third-party packages installed (`tests/test_extras_matrix.py` enforces this).
19
+ - **No daemon constructs in core modules.** No extra OS threads, busy-loops, scheduled
20
+ async tasks, exit hooks, or threaded HTTP servers. This is machine-checked by the
21
+ invariants module under src/werktools/hub (its run_all check must return all-empty).
22
+ - **Deny-by-default, fail-closed.** A tool runs only when `enforce()` returns `allow`.
23
+ Resolve unknown or ambiguous states to the safe option.
24
+ - **Presence-only on secrets.** Extract env-var key *names*, never values; mask secrets
25
+ before anything is logged or written to the ledger.
26
+ - **The ledger is append-only and hash-chained.** Treat JSONL events, SQLite, and the
27
+ ledger as the source of truth — not draft Markdown.
28
+ - **ASCII-only in printed/logged output.** No em-dashes or curly quotes in strings the CLI
29
+ or ledger emit (they corrupt on legacy code pages).
30
+
31
+ ## Workflow
32
+
33
+ Before reporting a change complete, run and pass:
34
+
35
+ ```
36
+ pytest -q # the test suite
37
+ python -m mypy src/werktools # types
38
+ python -m ruff check src # lint
39
+ python -c "from werktools.hub.invariants import run_all; print(run_all())" # invariants
40
+ python -m werktools canon check --strict # repo-canon and release hygiene
41
+ ```
42
+
43
+ Agents should:
44
+
45
+ - inspect the existing structure before changing code;
46
+ - prefer small, reviewable changes and add tests for new behavior;
47
+ - update docs when behavior changes; keep generated files separate from source;
48
+ - preserve evidence and avoid deleting files unless explicitly instructed.
49
+
50
+ Agents should not:
51
+
52
+ - invent missing architecture or silently rewrite unrelated files;
53
+ - treat draft documents as production truth;
54
+ - bypass the policy, approval, or invariant layers.
55
+
56
+ ## License
57
+
58
+ AGPL-3.0-or-later. Contributions are accepted under the same license.
@@ -0,0 +1,30 @@
1
+ # Changelog
2
+
3
+ All notable changes to werktools are documented here. The format follows
4
+ [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
5
+
6
+ ## [0.1.0] - 2026-07-08
7
+
8
+ Initial release of WERKHub — the local, governed MCP control plane.
9
+
10
+ ### Added
11
+
12
+ - **MCP Bridge Server** — single FastMCP endpoint with 8 always-on bridge tools:
13
+ `tool_search`, `tool_describe`, `tool_call`, `profile_info`, `ledger_recent`,
14
+ `approval_status`, `hub_status`, `registry_search`.
15
+ - **Policy Gate** — deny-by-default enforcement via `enforce()`; allowlist-driven
16
+ trust tiers (Tier-1 OCI-pinned, Security-Scanned, Community-Unverified).
17
+ - **Approvals** — one-use token-gated install approval, argument-bound, expiring.
18
+ - **Tamper-Evident Ledger** — hash-chained JSONL evidence log.
19
+ - **Downstream Relay** — MCP Discovery + policy-gated forwarding to downstream servers.
20
+ - **Process Lifecycle** — POSIX process-group spawning (`start_new_session=True`),
21
+ Windows Job Object bind (`KILL_ON_JOB_CLOSE`), TTL-based reaper with SIGTERM/SIGKILL
22
+ escalation, cross-session orphan sweep.
23
+ - **Diagnostics** — discovery-failure classifier (`hub/diagnose.py`) with actionable
24
+ verdicts (single_instance, not_found, needs_auth, missing_cwd_or_file, startup_hang).
25
+ - **Runtime Doctor** — detects Claude Code, Cursor, Windsurf, Gemini CLI, Kimi,
26
+ Antigravity, Codex, Goose, VS Code MCP; all invariants check (core deps, lifecycle
27
+ extras, event names, subprocess deferral).
28
+ - **Local Tool Slices** — truth, mine, trace, vault, data-gate, swarm, cost, eval,
29
+ audit, skills, integration-gate, canon.
30
+ - **Desktop Dashboard** — local HTTP supervisor console + Deno/Vite/React supervisor UI.
@@ -0,0 +1,12 @@
1
+ cff-version: 1.2.0
2
+ message: "If you use this software, please cite it as below."
3
+ title: "WERKHub"
4
+ abstract: "WERKHub is a local, governed MCP control plane to browse, connect, and supervise agent MCP extensions."
5
+ type: software
6
+ authors:
7
+ - family-names: "Langner"
8
+ given-names: "Christian"
9
+ repository-code: "https://github.com/ChristianLangner/WERK_HUB"
10
+ license: AGPL-3.0-or-later
11
+ version: 0.2.0rc2
12
+ # date-released: YYYY-MM-DD # TODO(operator): set the release date when publishing
@@ -0,0 +1,32 @@
1
+ # Code of Conduct
2
+
3
+ This project adopts the **Contributor Covenant, version 2.1** as its code of conduct.
4
+ The full, canonical text is published here:
5
+ https://www.contributor-covenant.org/version/2/1/code_of_conduct/
6
+
7
+ ## In short
8
+
9
+ Everyone interacting in this project — issues, pull requests, discussions, and any
10
+ other channel — is expected to be respectful, considerate, and professional. We want
11
+ a welcoming, inclusive community focused on building good software together. Conduct
12
+ that makes the community unwelcoming or unsafe for others is not acceptable.
13
+
14
+ ## Reporting
15
+
16
+ If you experience or witness unacceptable behaviour, report it **privately** to the
17
+ maintainers via GitHub's private vulnerability reporting
18
+ (repository **Security → Report a vulnerability**); see [SECURITY.md](SECURITY.md).
19
+ All reports are reviewed and handled confidentially. The maintainers are responsible
20
+ for clarifying standards and may take appropriate, fair corrective action in response
21
+ to any behaviour they deem inappropriate.
22
+
23
+ ## Scope
24
+
25
+ This Code of Conduct applies within all project spaces and in public spaces when an
26
+ individual is representing the project or its community.
27
+
28
+ ## Attribution
29
+
30
+ Adapted from the [Contributor Covenant](https://www.contributor-covenant.org),
31
+ version 2.1. Community Impact Guidelines and the full enforcement ladder are part of
32
+ the canonical text linked above.
@@ -0,0 +1,40 @@
1
+ # Contributing to werktools / WERKHub
2
+
3
+ WERKHub is a local, governed MCP control plane. The core stays stdlib-only
4
+ and offline-testable. Contributions are welcome under AGPL-3.0-or-later
5
+ (the project license — see [LICENSE](LICENSE)).
6
+
7
+ ## Setup
8
+
9
+ ```bash
10
+ pip install -e .[all] # core + server + yaml extras
11
+ ```
12
+
13
+ ## The local gate (all offline, no network, no keys)
14
+
15
+ ```bash
16
+ python -c "from werktools.cli import main; import sys; sys.exit(main(['hub','doctor']))" # guardrail invariants
17
+ ruff check src/ tests/ examples/
18
+ mypy src/werktools --ignore-missing-imports
19
+ pytest -q
20
+ ```
21
+
22
+ `hub doctor` enforces the hard invariants: `dependencies = []`, no
23
+ module-scope FastMCP outside the two allowed files, no daemon in the core,
24
+ unique event names. Keep them green.
25
+
26
+ ## Hard guardrails
27
+
28
+ - Core stays stdlib-only; optional deps live behind extras (`[server]`,
29
+ `[yaml]`, `[worker]`, `[lifecycle]`) and are imported only inside function
30
+ bodies, never at module scope in the core.
31
+ - No daemon in library modules. Long-lived loops live only inside the serve/
32
+ dashboard entry points.
33
+ - Fail-closed policy; everything ledgered; write/destructive actions gated.
34
+ - Tests must be offline and deterministic (fake child processes, cassettes,
35
+ golden fixtures, injected clocks; platform skip-guards for win/posix).
36
+
37
+ ## TDD
38
+
39
+ Write the failing test first, confirm red, implement the minimum, confirm
40
+ green. One focused change per commit.