werktools 0.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- werktools-0.1.0/.github/ISSUE_TEMPLATE/bug_report.md +72 -0
- werktools-0.1.0/.github/ISSUE_TEMPLATE/config.yml +17 -0
- werktools-0.1.0/.github/ISSUE_TEMPLATE/feature_request.md +46 -0
- werktools-0.1.0/.github/PULL_REQUEST_TEMPLATE.md +48 -0
- werktools-0.1.0/.github/workflows/ci.yml +58 -0
- werktools-0.1.0/.github/workflows/pages.yml +55 -0
- werktools-0.1.0/.github/workflows/publish.yml +43 -0
- werktools-0.1.0/.gitignore +33 -0
- werktools-0.1.0/AGENTS.md +58 -0
- werktools-0.1.0/CHANGELOG.md +30 -0
- werktools-0.1.0/CITATION.cff +12 -0
- werktools-0.1.0/CODE_OF_CONDUCT.md +32 -0
- werktools-0.1.0/CONTRIBUTING.md +40 -0
- werktools-0.1.0/LICENSE +661 -0
- werktools-0.1.0/PKG-INFO +421 -0
- werktools-0.1.0/README.md +386 -0
- werktools-0.1.0/SECURITY.md +128 -0
- werktools-0.1.0/SETUP.md +131 -0
- werktools-0.1.0/desktop/.gitignore +6 -0
- werktools-0.1.0/desktop/README.md +68 -0
- werktools-0.1.0/desktop/assets/seam-w.svg +5 -0
- werktools-0.1.0/desktop/backend/.gitignore +4 -0
- werktools-0.1.0/desktop/backend/werkhub-backend.spec +54 -0
- werktools-0.1.0/desktop/backend/werkhub_backend.py +13 -0
- werktools-0.1.0/desktop/bridge/sidecar.ts +95 -0
- werktools-0.1.0/desktop/deno.json +16 -0
- werktools-0.1.0/desktop/deno.lock +1650 -0
- werktools-0.1.0/desktop/design-system.json +116 -0
- werktools-0.1.0/desktop/docs/design-system.html +316 -0
- werktools-0.1.0/desktop/index.html +15 -0
- werktools-0.1.0/desktop/main.ts +50 -0
- werktools-0.1.0/desktop/package.json +34 -0
- werktools-0.1.0/desktop/pnpm-lock.yaml +2480 -0
- werktools-0.1.0/desktop/pnpm-workspace.yaml +2 -0
- werktools-0.1.0/desktop/public/seam-w.svg +5 -0
- werktools-0.1.0/desktop/scripts/gen-tokens.mjs +102 -0
- werktools-0.1.0/desktop/src/App.tsx +75 -0
- werktools-0.1.0/desktop/src/api/client.test.ts +41 -0
- werktools-0.1.0/desktop/src/api/client.ts +59 -0
- werktools-0.1.0/desktop/src/api/events.test.ts +72 -0
- werktools-0.1.0/desktop/src/api/events.ts +32 -0
- werktools-0.1.0/desktop/src/api/types.ts +135 -0
- werktools-0.1.0/desktop/src/badges/Badge.test.tsx +49 -0
- werktools-0.1.0/desktop/src/badges/Badge.tsx +54 -0
- werktools-0.1.0/desktop/src/badges/PORTABLE.md +36 -0
- werktools-0.1.0/desktop/src/badges/RoleBadge.tsx +24 -0
- werktools-0.1.0/desktop/src/badges/roles.test.ts +76 -0
- werktools-0.1.0/desktop/src/badges/roles.ts +159 -0
- werktools-0.1.0/desktop/src/main.tsx +20 -0
- werktools-0.1.0/desktop/src/shadcn-preset.css +24 -0
- werktools-0.1.0/desktop/src/shell/Cockpit.test.tsx +21 -0
- werktools-0.1.0/desktop/src/shell/Cockpit.tsx +29 -0
- werktools-0.1.0/desktop/src/shell/CommandBar.tsx +66 -0
- werktools-0.1.0/desktop/src/shell/ErrorBoundary.tsx +48 -0
- werktools-0.1.0/desktop/src/shell/IconRail.tsx +145 -0
- werktools-0.1.0/desktop/src/shell/ThemeSwitcher.tsx +74 -0
- werktools-0.1.0/desktop/src/tokens.css +228 -0
- werktools-0.1.0/desktop/src/views/Approvals.css +26 -0
- werktools-0.1.0/desktop/src/views/Approvals.test.tsx +102 -0
- werktools-0.1.0/desktop/src/views/Approvals.tsx +277 -0
- werktools-0.1.0/desktop/src/views/Board.test.tsx +177 -0
- werktools-0.1.0/desktop/src/views/Board.tsx +860 -0
- werktools-0.1.0/desktop/src/views/Connectors.test.tsx +43 -0
- werktools-0.1.0/desktop/src/views/Connectors.tsx +450 -0
- werktools-0.1.0/desktop/src/views/Console.test.tsx +103 -0
- werktools-0.1.0/desktop/src/views/Console.tsx +288 -0
- werktools-0.1.0/desktop/src/views/Onboard.test.tsx +119 -0
- werktools-0.1.0/desktop/src/views/Onboard.tsx +283 -0
- werktools-0.1.0/desktop/src/views/Permissions.test.tsx +46 -0
- werktools-0.1.0/desktop/src/views/Permissions.tsx +254 -0
- werktools-0.1.0/desktop/src/views/Registry.test.tsx +162 -0
- werktools-0.1.0/desktop/src/views/Registry.tsx +751 -0
- werktools-0.1.0/desktop/src/views/Timeline.test.tsx +156 -0
- werktools-0.1.0/desktop/src/views/Timeline.tsx +463 -0
- werktools-0.1.0/desktop/test/setup.ts +1 -0
- werktools-0.1.0/desktop/tsconfig.json +18 -0
- werktools-0.1.0/desktop/vite.config.ts +19 -0
- werktools-0.1.0/docs/ACCEPTANCE_MATRIX.md +32 -0
- werktools-0.1.0/docs/DESIGN.md +90 -0
- werktools-0.1.0/docs/adr/ADR-001-two-policy-models.md +74 -0
- werktools-0.1.0/docs/adr/ADR-002-store-bridge.md +58 -0
- werktools-0.1.0/docs/adr/ADR-003-werk-werkhub-boundary.md +90 -0
- werktools-0.1.0/docs/adr/ADR-004-string-trust-tiers.md +64 -0
- werktools-0.1.0/docs/adr/ADR-005-tier1-allowlist-gate.md +67 -0
- werktools-0.1.0/docs/adr/ADR-006-cross-harness-standard.md +74 -0
- werktools-0.1.0/docs/assets/.gitkeep +1 -0
- werktools-0.1.0/docs/assets/seam-w.svg +1 -0
- werktools-0.1.0/docs/assets/werkhub-dashboard.svg +103 -0
- werktools-0.1.0/docs/bench.md +117 -0
- werktools-0.1.0/docs/cli.md +354 -0
- werktools-0.1.0/docs/concepts.md +128 -0
- werktools-0.1.0/docs/dashboard.md +107 -0
- werktools-0.1.0/docs/getting-started.md +137 -0
- werktools-0.1.0/docs/index.md +86 -0
- werktools-0.1.0/docs/onboarding.md +121 -0
- werktools-0.1.0/docs/registry.md +128 -0
- werktools-0.1.0/docs/security.md +140 -0
- werktools-0.1.0/docs/skills-library/README.md +30 -0
- werktools-0.1.0/docs/skills-library/antigravity-evidence-worker/SKILL.md +146 -0
- werktools-0.1.0/docs/skills-library/cinematic-ai-director/SKILL.md +428 -0
- werktools-0.1.0/docs/skills-library/lip-sync-avatar-reel/SKILL.md +489 -0
- werktools-0.1.0/docs/skills-library/local-first-gen-media-pipeline/SKILL.md +129 -0
- werktools-0.1.0/docs/skills-library/local-first-gen-media-pipeline/references/REFERENCE.md +924 -0
- werktools-0.1.0/docs/skills-library/loop-engineering/SKILL.md +305 -0
- werktools-0.1.0/docs/stylesheets/werkhub.css +244 -0
- werktools-0.1.0/examples/echo_server.py +111 -0
- werktools-0.1.0/examples/truth_server.py +106 -0
- werktools-0.1.0/mkdocs.yml +69 -0
- werktools-0.1.0/pyproject.toml +67 -0
- werktools-0.1.0/requirements-docs.txt +1 -0
- werktools-0.1.0/scripts/__init__.py +0 -0
- werktools-0.1.0/scripts/check_release_hygiene.py +267 -0
- werktools-0.1.0/scripts/check_unicode_safety.py +350 -0
- werktools-0.1.0/scripts/fix_import_position.py +50 -0
- werktools-0.1.0/src/werktools/__init__.py +3 -0
- werktools-0.1.0/src/werktools/__main__.py +16 -0
- werktools-0.1.0/src/werktools/catalog.py +223 -0
- werktools-0.1.0/src/werktools/classify.py +179 -0
- werktools-0.1.0/src/werktools/cli.py +2090 -0
- werktools-0.1.0/src/werktools/envelope.py +42 -0
- werktools-0.1.0/src/werktools/hub/__init__.py +2 -0
- werktools-0.1.0/src/werktools/hub/allowlist.py +318 -0
- werktools-0.1.0/src/werktools/hub/approvals.py +461 -0
- werktools-0.1.0/src/werktools/hub/capabilities.py +38 -0
- werktools-0.1.0/src/werktools/hub/capability_select.py +135 -0
- werktools-0.1.0/src/werktools/hub/contracts.py +474 -0
- werktools-0.1.0/src/werktools/hub/dashboard.py +1467 -0
- werktools-0.1.0/src/werktools/hub/dashboard_fonts.py +16 -0
- werktools-0.1.0/src/werktools/hub/diagnose.py +120 -0
- werktools-0.1.0/src/werktools/hub/discovery.py +367 -0
- werktools-0.1.0/src/werktools/hub/export_rules.py +246 -0
- werktools-0.1.0/src/werktools/hub/invariants.py +176 -0
- werktools-0.1.0/src/werktools/hub/ledger.py +64 -0
- werktools-0.1.0/src/werktools/hub/lifecycle.py +658 -0
- werktools-0.1.0/src/werktools/hub/onboarding.py +505 -0
- werktools-0.1.0/src/werktools/hub/policy.py +146 -0
- werktools-0.1.0/src/werktools/hub/pool.py +138 -0
- werktools-0.1.0/src/werktools/hub/registry.py +215 -0
- werktools-0.1.0/src/werktools/hub/registry_db.py +289 -0
- werktools-0.1.0/src/werktools/hub/registry_seed.json +1592 -0
- werktools-0.1.0/src/werktools/hub/relay.py +289 -0
- werktools-0.1.0/src/werktools/hub/render.py +139 -0
- werktools-0.1.0/src/werktools/hub/runtime_row.py +36 -0
- werktools-0.1.0/src/werktools/hub/runtimes.py +376 -0
- werktools-0.1.0/src/werktools/hub/server.py +654 -0
- werktools-0.1.0/src/werktools/hub/status.py +111 -0
- werktools-0.1.0/src/werktools/hub/store_bridge.py +87 -0
- werktools-0.1.0/src/werktools/hub/workers.py +323 -0
- werktools-0.1.0/src/werktools/ledger.py +167 -0
- werktools-0.1.0/src/werktools/policy.py +102 -0
- werktools-0.1.0/src/werktools/profile.py +104 -0
- werktools-0.1.0/src/werktools/redaction.py +107 -0
- werktools-0.1.0/src/werktools/server.py +123 -0
- werktools-0.1.0/src/werktools/tools/__init__.py +2 -0
- werktools-0.1.0/src/werktools/tools/audit.py +186 -0
- werktools-0.1.0/src/werktools/tools/bench.py +1205 -0
- werktools-0.1.0/src/werktools/tools/canon.py +242 -0
- werktools-0.1.0/src/werktools/tools/cost.py +267 -0
- werktools-0.1.0/src/werktools/tools/data_gate.py +392 -0
- werktools-0.1.0/src/werktools/tools/eval.py +124 -0
- werktools-0.1.0/src/werktools/tools/integration_gate.py +318 -0
- werktools-0.1.0/src/werktools/tools/mine.py +255 -0
- werktools-0.1.0/src/werktools/tools/skills.py +73 -0
- werktools-0.1.0/src/werktools/tools/skills_discover.py +322 -0
- werktools-0.1.0/src/werktools/tools/swarm.py +257 -0
- werktools-0.1.0/src/werktools/tools/trace.py +227 -0
- werktools-0.1.0/src/werktools/tools/truth.py +274 -0
- werktools-0.1.0/src/werktools/tools/vault.py +388 -0
- werktools-0.1.0/tests/__init__.py +1 -0
- werktools-0.1.0/tests/cassette.py +80 -0
- werktools-0.1.0/tests/cassettes/workers_policy.json +5 -0
- werktools-0.1.0/tests/conftest.py +76 -0
- werktools-0.1.0/tests/fake_process.py +52 -0
- werktools-0.1.0/tests/fixtures/agents_base.md +9 -0
- werktools-0.1.0/tests/fixtures/bench_results.json +54 -0
- werktools-0.1.0/tests/fixtures/marketplace_anthropic.json +7 -0
- werktools-0.1.0/tests/fixtures/registry_cassette.json +34 -0
- werktools-0.1.0/tests/fixtures/skill_yaml_frontmatter.md +9 -0
- werktools-0.1.0/tests/fixtures/skill_yaml_no_frontmatter.md +7 -0
- werktools-0.1.0/tests/fixtures/skills/admin-deploy.md +7 -0
- werktools-0.1.0/tests/fixtures/skills/review-policy.md +7 -0
- werktools-0.1.0/tests/test_bench.py +1011 -0
- werktools-0.1.0/tests/test_canon.py +138 -0
- werktools-0.1.0/tests/test_capability_catalog.py +106 -0
- werktools-0.1.0/tests/test_capability_select.py +131 -0
- werktools-0.1.0/tests/test_catalog.py +164 -0
- werktools-0.1.0/tests/test_cc_cassette.py +50 -0
- werktools-0.1.0/tests/test_cc_conftest.py +37 -0
- werktools-0.1.0/tests/test_cc_invariants.py +147 -0
- werktools-0.1.0/tests/test_cc_store_bridge.py +163 -0
- werktools-0.1.0/tests/test_check_release_hygiene.py +215 -0
- werktools-0.1.0/tests/test_classify.py +421 -0
- werktools-0.1.0/tests/test_envelope.py +123 -0
- werktools-0.1.0/tests/test_export_rules.py +169 -0
- werktools-0.1.0/tests/test_extras_matrix.py +313 -0
- werktools-0.1.0/tests/test_hub_allowlist.py +348 -0
- werktools-0.1.0/tests/test_hub_approvals.py +437 -0
- werktools-0.1.0/tests/test_hub_approvals_server.py +342 -0
- werktools-0.1.0/tests/test_hub_cli.py +364 -0
- werktools-0.1.0/tests/test_hub_contracts.py +177 -0
- werktools-0.1.0/tests/test_hub_dashboard.py +1878 -0
- werktools-0.1.0/tests/test_hub_diagnose.py +99 -0
- werktools-0.1.0/tests/test_hub_discovery.py +399 -0
- werktools-0.1.0/tests/test_hub_ledger.py +63 -0
- werktools-0.1.0/tests/test_hub_lifecycle.py +455 -0
- werktools-0.1.0/tests/test_hub_onboarding.py +576 -0
- werktools-0.1.0/tests/test_hub_policy.py +106 -0
- werktools-0.1.0/tests/test_hub_pool.py +117 -0
- werktools-0.1.0/tests/test_hub_reaper.py +199 -0
- werktools-0.1.0/tests/test_hub_registry.py +77 -0
- werktools-0.1.0/tests/test_hub_relay.py +444 -0
- werktools-0.1.0/tests/test_hub_render.py +149 -0
- werktools-0.1.0/tests/test_hub_runtime_row.py +137 -0
- werktools-0.1.0/tests/test_hub_runtimes.py +376 -0
- werktools-0.1.0/tests/test_hub_server.py +401 -0
- werktools-0.1.0/tests/test_hub_status.py +94 -0
- werktools-0.1.0/tests/test_hub_workers.py +305 -0
- werktools-0.1.0/tests/test_hub_workers_server.py +254 -0
- werktools-0.1.0/tests/test_integration_gate.py +227 -0
- werktools-0.1.0/tests/test_ledger.py +232 -0
- werktools-0.1.0/tests/test_policy.py +298 -0
- werktools-0.1.0/tests/test_profile.py +217 -0
- werktools-0.1.0/tests/test_redaction.py +66 -0
- werktools-0.1.0/tests/test_registry_cli.py +56 -0
- werktools-0.1.0/tests/test_registry_db.py +267 -0
- werktools-0.1.0/tests/test_server.py +229 -0
- werktools-0.1.0/tests/test_skill_library.py +103 -0
- werktools-0.1.0/tests/test_skills_discover.py +132 -0
- werktools-0.1.0/tests/test_trust_taxonomy.py +162 -0
- werktools-0.1.0/tests/test_truth_auditor.py +171 -0
- werktools-0.1.0/tests/test_unicode_safety.py +321 -0
- werktools-0.1.0/tests/test_version.py +15 -0
- werktools-0.1.0/tests/test_werk_audit.py +149 -0
- werktools-0.1.0/tests/test_werk_cost.py +147 -0
- werktools-0.1.0/tests/test_werk_data_gate.py +168 -0
- werktools-0.1.0/tests/test_werk_eval.py +65 -0
- werktools-0.1.0/tests/test_werk_mine.py +145 -0
- werktools-0.1.0/tests/test_werk_swarm.py +142 -0
- werktools-0.1.0/tests/test_werk_trace.py +196 -0
- werktools-0.1.0/tests/test_werk_vault.py +225 -0
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: Bug report
|
|
3
|
+
about: Report a reproducible defect in WERKHub (the local, governed MCP control plane)
|
|
4
|
+
title: "bug: <short summary>"
|
|
5
|
+
labels: [bug, triage]
|
|
6
|
+
assignees: []
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
<!--
|
|
10
|
+
For a security vulnerability, DO NOT open a public issue.
|
|
11
|
+
Use GitHub private vulnerability reporting (Security > Report a vulnerability)
|
|
12
|
+
and see SECURITY.md. This keeps the fail-closed trust boundary intact.
|
|
13
|
+
-->
|
|
14
|
+
|
|
15
|
+
## Summary
|
|
16
|
+
|
|
17
|
+
A clear, one-sentence description of the defect and the observed wrong behavior.
|
|
18
|
+
|
|
19
|
+
## Surface
|
|
20
|
+
|
|
21
|
+
Which WERKHub surface is affected (check all that apply):
|
|
22
|
+
|
|
23
|
+
- [ ] CLI (`werktools hub ...`)
|
|
24
|
+
- [ ] MCP server (`hub serve`)
|
|
25
|
+
- [ ] Dashboard (`hub doctor` / `hub dashboard`)
|
|
26
|
+
- [ ] Policy / classification (gating, allowlist, approval tokens)
|
|
27
|
+
- [ ] Ledger / evidence chain
|
|
28
|
+
- [ ] Other (describe below)
|
|
29
|
+
|
|
30
|
+
## Steps to reproduce
|
|
31
|
+
|
|
32
|
+
A minimal, deterministic, offline reproduction (no network, no real keys).
|
|
33
|
+
|
|
34
|
+
```text
|
|
35
|
+
1.
|
|
36
|
+
2.
|
|
37
|
+
3.
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
## Expected behavior
|
|
41
|
+
|
|
42
|
+
What you expected to happen. If this involves a guardrail (deny-by-default,
|
|
43
|
+
fail-closed, approval-gated, ledgered), state the invariant you expected to hold.
|
|
44
|
+
|
|
45
|
+
## Actual behavior
|
|
46
|
+
|
|
47
|
+
What actually happened. Paste the exact envelope / error output. Redact any
|
|
48
|
+
secrets and personal paths before pasting.
|
|
49
|
+
|
|
50
|
+
```text
|
|
51
|
+
<output>
|
|
52
|
+
```
|
|
53
|
+
|
|
54
|
+
## Environment
|
|
55
|
+
|
|
56
|
+
- WERKHub version: <e.g. 0.2.0> (`werktools --version` / pyproject)
|
|
57
|
+
- Python version: <e.g. 3.10 / 3.11 / 3.12>
|
|
58
|
+
- OS: <e.g. Windows 11 / Ubuntu 22.04>
|
|
59
|
+
- Install extras: <core only / [server] / [yaml] / [worker] / [all]>
|
|
60
|
+
|
|
61
|
+
## Impact
|
|
62
|
+
|
|
63
|
+
- [ ] Guardrail bypass or fail-open behavior (security-relevant — consider private reporting instead)
|
|
64
|
+
- [ ] Data loss / ledger integrity
|
|
65
|
+
- [ ] Crash / unhandled error
|
|
66
|
+
- [ ] Incorrect result, no integrity impact
|
|
67
|
+
- [ ] Cosmetic / docs
|
|
68
|
+
|
|
69
|
+
## Additional context
|
|
70
|
+
|
|
71
|
+
Logs, ledger excerpts (redacted), or links. Confirm no secrets or personal
|
|
72
|
+
paths are present in anything you paste.
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
blank_issues_enabled: false
|
|
2
|
+
contact_links:
|
|
3
|
+
- name: Security vulnerability (private)
|
|
4
|
+
url: https://github.com/Shuwajaja/WERKHub/security/advisories/new
|
|
5
|
+
about: >-
|
|
6
|
+
Do NOT open a public issue for security problems. Use GitHub private
|
|
7
|
+
vulnerability reporting. See SECURITY.md for the threat model and scope.
|
|
8
|
+
- name: Questions & discussion
|
|
9
|
+
url: https://github.com/Shuwajaja/WERKHub/discussions
|
|
10
|
+
about: >-
|
|
11
|
+
Ask usage questions, share ideas, or discuss design before filing a
|
|
12
|
+
feature request. Keep bug reports and feature requests in the issue tracker.
|
|
13
|
+
- name: Contributing guide
|
|
14
|
+
url: https://github.com/Shuwajaja/WERKHub/blob/main/CONTRIBUTING.md
|
|
15
|
+
about: >-
|
|
16
|
+
Read the local gate (ruff, mypy, hub doctor invariants, offline tests)
|
|
17
|
+
and hard guardrails before opening a pull request.
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: Feature request
|
|
3
|
+
about: Propose a capability or change for WERKHub that respects the governed, fail-closed core
|
|
4
|
+
title: "feat: <short summary>"
|
|
5
|
+
labels: [enhancement, triage]
|
|
6
|
+
assignees: []
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
## Problem
|
|
10
|
+
|
|
11
|
+
What problem are you trying to solve? Describe the situation and who it affects.
|
|
12
|
+
Lead with the pain, not the solution.
|
|
13
|
+
|
|
14
|
+
## Proposed change
|
|
15
|
+
|
|
16
|
+
What you would like WERKHub to do. Be concrete about the surface (CLI, MCP
|
|
17
|
+
server, dashboard, policy, ledger) and the expected behavior.
|
|
18
|
+
|
|
19
|
+
## Why it belongs in WERKHub
|
|
20
|
+
|
|
21
|
+
WERKHub is the local, governed MCP control plane: browse, connect, and
|
|
22
|
+
supervise agent MCP extensions, deny-by-default and everything ledgered.
|
|
23
|
+
Explain how this proposal fits that scope rather than expanding it elsewhere.
|
|
24
|
+
|
|
25
|
+
## Guardrail check
|
|
26
|
+
|
|
27
|
+
Confirm the proposal is compatible with the project's hard invariants:
|
|
28
|
+
|
|
29
|
+
- [ ] Keeps the core **stdlib-only** (`dependencies = []`); any new dependency
|
|
30
|
+
lives behind an optional extra and is imported inside function bodies, not
|
|
31
|
+
at module scope in the core.
|
|
32
|
+
- [ ] **No daemon / background network** added to the core; long-lived loops
|
|
33
|
+
stay in the serve/dashboard entry points only.
|
|
34
|
+
- [ ] **Fail-closed**: new write/destructive paths are gated (approval token)
|
|
35
|
+
and unknown profiles/tools/scopes still deny.
|
|
36
|
+
- [ ] **Ledgered**: new state-changing actions emit a tamper-evident event.
|
|
37
|
+
- [ ] Testable **offline and deterministically** (no network, no real keys).
|
|
38
|
+
|
|
39
|
+
## Alternatives considered
|
|
40
|
+
|
|
41
|
+
Other approaches you weighed and why you rejected them.
|
|
42
|
+
|
|
43
|
+
## Additional context
|
|
44
|
+
|
|
45
|
+
Mockups, links, prior art, or related issues. Note any new event names or
|
|
46
|
+
policy scopes the change would introduce.
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
<!--
|
|
2
|
+
WERKHub is the local, governed MCP control plane. Keep the core stdlib-only and
|
|
3
|
+
fail-closed. PRs that touch policy, ledger, or approval-token paths get extra
|
|
4
|
+
scrutiny. Run the full local gate before requesting review.
|
|
5
|
+
-->
|
|
6
|
+
|
|
7
|
+
## What & why
|
|
8
|
+
|
|
9
|
+
Briefly describe the change and the problem it solves. Link the issue it closes.
|
|
10
|
+
|
|
11
|
+
Closes #
|
|
12
|
+
|
|
13
|
+
## Type of change
|
|
14
|
+
|
|
15
|
+
- [ ] Bug fix (non-breaking)
|
|
16
|
+
- [ ] New feature (non-breaking)
|
|
17
|
+
- [ ] Breaking change (behavior, CLI, MCP contract, or event names)
|
|
18
|
+
- [ ] Docs / chore / refactor (no behavior change)
|
|
19
|
+
|
|
20
|
+
## How tested
|
|
21
|
+
|
|
22
|
+
Describe the offline, deterministic verification. Note new fixtures, cassettes,
|
|
23
|
+
golden files, injected clocks, or platform skip-guards.
|
|
24
|
+
|
|
25
|
+
## Checklist (required)
|
|
26
|
+
|
|
27
|
+
- [ ] **Tests added/updated** and pass (`pytest -q`, offline & deterministic)
|
|
28
|
+
- [ ] **ruff clean** (`ruff check src/ tests/ examples/`)
|
|
29
|
+
- [ ] **mypy clean** (`mypy src/werktools`)
|
|
30
|
+
- [ ] **Invariants pass** (`werktools hub doctor`: `dependencies = []`, no module-scope
|
|
31
|
+
FastMCP outside allowed files, no daemon in core, unique event names)
|
|
32
|
+
- [ ] **Release-hygiene clean** (`python scripts/check_release_hygiene.py --strict`)
|
|
33
|
+
- [ ] **No secrets / no personal paths** committed (keys, tokens, absolute home
|
|
34
|
+
paths, machine names); redaction holds and unicode-safety passes
|
|
35
|
+
|
|
36
|
+
## Guardrail impact
|
|
37
|
+
|
|
38
|
+
- [ ] Core stays **stdlib-only**; any new dependency is behind an optional extra
|
|
39
|
+
and imported inside function bodies (never module-scope in the core)
|
|
40
|
+
- [ ] No new daemon or background network call in the core
|
|
41
|
+
- [ ] New write/destructive paths are **fail-closed** and approval-gated
|
|
42
|
+
- [ ] New state-changing actions are **ledgered** (tamper-evident events)
|
|
43
|
+
- [ ] Public behavior changes (CLI, MCP contract, event names) are documented
|
|
44
|
+
in `CHANGELOG.md`
|
|
45
|
+
|
|
46
|
+
## Notes for the reviewer
|
|
47
|
+
|
|
48
|
+
Anything reviewers should focus on, trade-offs made, or follow-ups deferred.
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main, master]
|
|
6
|
+
pull_request:
|
|
7
|
+
workflow_dispatch:
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
test:
|
|
11
|
+
strategy:
|
|
12
|
+
fail-fast: false
|
|
13
|
+
matrix:
|
|
14
|
+
os: [ubuntu-latest, windows-latest]
|
|
15
|
+
python-version: ["3.10", "3.11", "3.12"]
|
|
16
|
+
runs-on: ${{ matrix.os }}
|
|
17
|
+
steps:
|
|
18
|
+
- uses: actions/checkout@v4
|
|
19
|
+
- uses: actions/setup-python@v5
|
|
20
|
+
with:
|
|
21
|
+
python-version: ${{ matrix.python-version }}
|
|
22
|
+
- name: Install
|
|
23
|
+
run: |
|
|
24
|
+
python -m pip install --upgrade pip
|
|
25
|
+
pip install -e .[all]
|
|
26
|
+
pip install ruff mypy pytest
|
|
27
|
+
- name: Release-hygiene validator (strict)
|
|
28
|
+
run: python scripts/check_release_hygiene.py --strict
|
|
29
|
+
- name: Doctor (guardrail invariants)
|
|
30
|
+
run: python -c "from werktools.cli import main; import sys; sys.exit(main(['hub','doctor']))"
|
|
31
|
+
- name: Unicode safety
|
|
32
|
+
run: python scripts/check_unicode_safety.py --strict .
|
|
33
|
+
- name: Lint
|
|
34
|
+
run: ruff check src/ tests/ examples/
|
|
35
|
+
- name: Types
|
|
36
|
+
run: mypy src/werktools --ignore-missing-imports
|
|
37
|
+
- name: Tests (offline)
|
|
38
|
+
run: pytest
|
|
39
|
+
|
|
40
|
+
|
|
41
|
+
bare-install:
|
|
42
|
+
name: Bare install smoke (no extras)
|
|
43
|
+
runs-on: ubuntu-latest
|
|
44
|
+
steps:
|
|
45
|
+
- uses: actions/checkout@v4
|
|
46
|
+
- uses: actions/setup-python@v5
|
|
47
|
+
with:
|
|
48
|
+
python-version: "3.12"
|
|
49
|
+
- name: Install core only (no extras)
|
|
50
|
+
run: |
|
|
51
|
+
python -m pip install --upgrade pip
|
|
52
|
+
pip install -e .
|
|
53
|
+
pip install pytest
|
|
54
|
+
- name: Import smoke
|
|
55
|
+
run: |
|
|
56
|
+
python -c "import werktools; from werktools.envelope import ok, err; from werktools.ledger import append, read; from werktools.classify import classify_tool; from werktools.policy import decide; from werktools.profile import load_profile; from werktools.redaction import redact_payload; from werktools.catalog import CatalogCard; print('core import OK')"
|
|
57
|
+
- name: Extras guard smoke
|
|
58
|
+
run: python -m pytest tests/test_extras_matrix.py -q
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
name: Deploy docs to GitHub Pages
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
|
|
8
|
+
# Allow only one concurrent deployment
|
|
9
|
+
concurrency:
|
|
10
|
+
group: pages
|
|
11
|
+
cancel-in-progress: false
|
|
12
|
+
|
|
13
|
+
permissions:
|
|
14
|
+
contents: read
|
|
15
|
+
pages: write
|
|
16
|
+
id-token: write
|
|
17
|
+
|
|
18
|
+
jobs:
|
|
19
|
+
build:
|
|
20
|
+
name: Build documentation
|
|
21
|
+
runs-on: ubuntu-latest
|
|
22
|
+
steps:
|
|
23
|
+
- name: Checkout
|
|
24
|
+
uses: actions/checkout@v4
|
|
25
|
+
|
|
26
|
+
- name: Set up Python
|
|
27
|
+
uses: actions/setup-python@v5
|
|
28
|
+
with:
|
|
29
|
+
python-version: "3.12"
|
|
30
|
+
|
|
31
|
+
- name: Install docs dependencies
|
|
32
|
+
run: pip install -r requirements-docs.txt
|
|
33
|
+
|
|
34
|
+
- name: Build docs
|
|
35
|
+
run: mkdocs build --strict --site-dir _site
|
|
36
|
+
|
|
37
|
+
- name: Configure Pages
|
|
38
|
+
uses: actions/configure-pages@v5
|
|
39
|
+
|
|
40
|
+
- name: Upload pages artifact
|
|
41
|
+
uses: actions/upload-pages-artifact@v3
|
|
42
|
+
with:
|
|
43
|
+
path: _site
|
|
44
|
+
|
|
45
|
+
deploy:
|
|
46
|
+
name: Deploy to GitHub Pages
|
|
47
|
+
needs: build
|
|
48
|
+
runs-on: ubuntu-latest
|
|
49
|
+
environment:
|
|
50
|
+
name: github-pages
|
|
51
|
+
url: ${{ steps.deployment.outputs.page_url }}
|
|
52
|
+
steps:
|
|
53
|
+
- name: Deploy to GitHub Pages
|
|
54
|
+
id: deployment
|
|
55
|
+
uses: actions/deploy-pages@v4
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
name: Publish
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
tags: ["v*.*.*"]
|
|
6
|
+
|
|
7
|
+
# OPERATOR-SIGN-OFF: requires a PyPI token (or OIDC trusted publishing) and a
|
|
8
|
+
# real version tag. Do not enable until the operator has set PYPI_API_TOKEN.
|
|
9
|
+
# Fail-closed: refuses pre-release/rc/dev builds, requires the tag to match the
|
|
10
|
+
# package version, and is gated behind a protected `pypi` environment (add
|
|
11
|
+
# required reviewers in repo Settings -> Environments).
|
|
12
|
+
jobs:
|
|
13
|
+
publish:
|
|
14
|
+
runs-on: ubuntu-latest
|
|
15
|
+
environment: pypi
|
|
16
|
+
steps:
|
|
17
|
+
- uses: actions/checkout@v4
|
|
18
|
+
- uses: actions/setup-python@v5
|
|
19
|
+
with:
|
|
20
|
+
python-version: "3.11"
|
|
21
|
+
- name: Verify tag matches package version
|
|
22
|
+
run: |
|
|
23
|
+
TAG="${GITHUB_REF_NAME#v}"
|
|
24
|
+
PKG=$(python -c "import tomllib; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
|
|
25
|
+
echo "tag=$TAG pkg=$PKG"
|
|
26
|
+
test "$TAG" = "$PKG" || { echo "Tag $TAG != package version $PKG"; exit 1; }
|
|
27
|
+
- name: Refuse pre-release / rc / dev builds
|
|
28
|
+
run: |
|
|
29
|
+
PKG=$(python -c "import tomllib; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
|
|
30
|
+
case "$PKG" in
|
|
31
|
+
*rc*|*a*|*b*|*dev*|*alpha*|*beta*) echo "Refusing to publish pre-release $PKG"; exit 1 ;;
|
|
32
|
+
esac
|
|
33
|
+
- name: Build
|
|
34
|
+
run: |
|
|
35
|
+
python -m pip install --upgrade pip build twine
|
|
36
|
+
python -m build
|
|
37
|
+
- name: Check artifacts
|
|
38
|
+
run: twine check dist/*
|
|
39
|
+
- name: Publish to PyPI
|
|
40
|
+
env:
|
|
41
|
+
TWINE_USERNAME: __token__
|
|
42
|
+
TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
|
|
43
|
+
run: twine upload dist/*
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
__pycache__/
|
|
2
|
+
*.py[cod]
|
|
3
|
+
.pytest_cache/
|
|
4
|
+
.mypy_cache/
|
|
5
|
+
.ruff_cache/
|
|
6
|
+
build/
|
|
7
|
+
dist/
|
|
8
|
+
*.egg-info/
|
|
9
|
+
.codex-remote-attachments/
|
|
10
|
+
.deepeval/
|
|
11
|
+
.werktools/
|
|
12
|
+
outputs/
|
|
13
|
+
|
|
14
|
+
# Secrets & local config — never commit
|
|
15
|
+
.env
|
|
16
|
+
.env.*
|
|
17
|
+
!.env.example
|
|
18
|
+
*.local.*
|
|
19
|
+
*.key
|
|
20
|
+
*.pem
|
|
21
|
+
*.p12
|
|
22
|
+
credentials.json
|
|
23
|
+
secrets.*
|
|
24
|
+
.mcp.json
|
|
25
|
+
.venv/
|
|
26
|
+
venv/
|
|
27
|
+
|
|
28
|
+
# Internal launch-prep drafts (superseded by the real README/CI/SECURITY files;
|
|
29
|
+
# kept locally, never published — one draft carried a personal email)
|
|
30
|
+
docs/launch-drafts/
|
|
31
|
+
|
|
32
|
+
# MkDocs build output (docs site)
|
|
33
|
+
/site/
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# AGENTS.md
|
|
2
|
+
|
|
3
|
+
Project context for AI coding agents (and humans) working on **werktools / WERKHub** —
|
|
4
|
+
the local, governed MCP control plane. This file is the authoritative source of repo
|
|
5
|
+
rules; see [README.md](README.md) for the full overview and [CONTRIBUTING.md](CONTRIBUTING.md)
|
|
6
|
+
for setup.
|
|
7
|
+
|
|
8
|
+
## What this repo is
|
|
9
|
+
|
|
10
|
+
A Python package (`werktools`) that ships the WERKHub MCP gateway: a stdio MCP server, a
|
|
11
|
+
local HTTP dashboard, a CLI, and local tool slices. A separate native desktop console
|
|
12
|
+
lives under `desktop/`. The package core is **stdlib-only and offline-testable**.
|
|
13
|
+
|
|
14
|
+
## Hard rules
|
|
15
|
+
|
|
16
|
+
- **Keep the core dependency-free.** Third-party imports are allowed only inside the
|
|
17
|
+
optional extras (`server` / `worker` / `yaml`); every other sub-import must succeed with
|
|
18
|
+
zero third-party packages installed (`tests/test_extras_matrix.py` enforces this).
|
|
19
|
+
- **No daemon constructs in core modules.** No extra OS threads, busy-loops, scheduled
|
|
20
|
+
async tasks, exit hooks, or threaded HTTP servers. This is machine-checked by the
|
|
21
|
+
invariants module under src/werktools/hub (its run_all check must return all-empty).
|
|
22
|
+
- **Deny-by-default, fail-closed.** A tool runs only when `enforce()` returns `allow`.
|
|
23
|
+
Resolve unknown or ambiguous states to the safe option.
|
|
24
|
+
- **Presence-only on secrets.** Extract env-var key *names*, never values; mask secrets
|
|
25
|
+
before anything is logged or written to the ledger.
|
|
26
|
+
- **The ledger is append-only and hash-chained.** Treat JSONL events, SQLite, and the
|
|
27
|
+
ledger as the source of truth — not draft Markdown.
|
|
28
|
+
- **ASCII-only in printed/logged output.** No em-dashes or curly quotes in strings the CLI
|
|
29
|
+
or ledger emit (they corrupt on legacy code pages).
|
|
30
|
+
|
|
31
|
+
## Workflow
|
|
32
|
+
|
|
33
|
+
Before reporting a change complete, run and pass:
|
|
34
|
+
|
|
35
|
+
```
|
|
36
|
+
pytest -q # the test suite
|
|
37
|
+
python -m mypy src/werktools # types
|
|
38
|
+
python -m ruff check src # lint
|
|
39
|
+
python -c "from werktools.hub.invariants import run_all; print(run_all())" # invariants
|
|
40
|
+
python -m werktools canon check --strict # repo-canon and release hygiene
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
Agents should:
|
|
44
|
+
|
|
45
|
+
- inspect the existing structure before changing code;
|
|
46
|
+
- prefer small, reviewable changes and add tests for new behavior;
|
|
47
|
+
- update docs when behavior changes; keep generated files separate from source;
|
|
48
|
+
- preserve evidence and avoid deleting files unless explicitly instructed.
|
|
49
|
+
|
|
50
|
+
Agents should not:
|
|
51
|
+
|
|
52
|
+
- invent missing architecture or silently rewrite unrelated files;
|
|
53
|
+
- treat draft documents as production truth;
|
|
54
|
+
- bypass the policy, approval, or invariant layers.
|
|
55
|
+
|
|
56
|
+
## License
|
|
57
|
+
|
|
58
|
+
AGPL-3.0-or-later. Contributions are accepted under the same license.
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# Changelog
|
|
2
|
+
|
|
3
|
+
All notable changes to werktools are documented here. The format follows
|
|
4
|
+
[Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
|
5
|
+
|
|
6
|
+
## [0.1.0] - 2026-07-08
|
|
7
|
+
|
|
8
|
+
Initial release of WERKHub — the local, governed MCP control plane.
|
|
9
|
+
|
|
10
|
+
### Added
|
|
11
|
+
|
|
12
|
+
- **MCP Bridge Server** — single FastMCP endpoint with 8 always-on bridge tools:
|
|
13
|
+
`tool_search`, `tool_describe`, `tool_call`, `profile_info`, `ledger_recent`,
|
|
14
|
+
`approval_status`, `hub_status`, `registry_search`.
|
|
15
|
+
- **Policy Gate** — deny-by-default enforcement via `enforce()`; allowlist-driven
|
|
16
|
+
trust tiers (Tier-1 OCI-pinned, Security-Scanned, Community-Unverified).
|
|
17
|
+
- **Approvals** — one-use token-gated install approval, argument-bound, expiring.
|
|
18
|
+
- **Tamper-Evident Ledger** — hash-chained JSONL evidence log.
|
|
19
|
+
- **Downstream Relay** — MCP Discovery + policy-gated forwarding to downstream servers.
|
|
20
|
+
- **Process Lifecycle** — POSIX process-group spawning (`start_new_session=True`),
|
|
21
|
+
Windows Job Object bind (`KILL_ON_JOB_CLOSE`), TTL-based reaper with SIGTERM/SIGKILL
|
|
22
|
+
escalation, cross-session orphan sweep.
|
|
23
|
+
- **Diagnostics** — discovery-failure classifier (`hub/diagnose.py`) with actionable
|
|
24
|
+
verdicts (single_instance, not_found, needs_auth, missing_cwd_or_file, startup_hang).
|
|
25
|
+
- **Runtime Doctor** — detects Claude Code, Cursor, Windsurf, Gemini CLI, Kimi,
|
|
26
|
+
Antigravity, Codex, Goose, VS Code MCP; all invariants check (core deps, lifecycle
|
|
27
|
+
extras, event names, subprocess deferral).
|
|
28
|
+
- **Local Tool Slices** — truth, mine, trace, vault, data-gate, swarm, cost, eval,
|
|
29
|
+
audit, skills, integration-gate, canon.
|
|
30
|
+
- **Desktop Dashboard** — local HTTP supervisor console + Deno/Vite/React supervisor UI.
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
cff-version: 1.2.0
|
|
2
|
+
message: "If you use this software, please cite it as below."
|
|
3
|
+
title: "WERKHub"
|
|
4
|
+
abstract: "WERKHub is a local, governed MCP control plane to browse, connect, and supervise agent MCP extensions."
|
|
5
|
+
type: software
|
|
6
|
+
authors:
|
|
7
|
+
- family-names: "Langner"
|
|
8
|
+
given-names: "Christian"
|
|
9
|
+
repository-code: "https://github.com/ChristianLangner/WERK_HUB"
|
|
10
|
+
license: AGPL-3.0-or-later
|
|
11
|
+
version: 0.2.0rc2
|
|
12
|
+
# date-released: YYYY-MM-DD # TODO(operator): set the release date when publishing
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# Code of Conduct
|
|
2
|
+
|
|
3
|
+
This project adopts the **Contributor Covenant, version 2.1** as its code of conduct.
|
|
4
|
+
The full, canonical text is published here:
|
|
5
|
+
https://www.contributor-covenant.org/version/2/1/code_of_conduct/
|
|
6
|
+
|
|
7
|
+
## In short
|
|
8
|
+
|
|
9
|
+
Everyone interacting in this project — issues, pull requests, discussions, and any
|
|
10
|
+
other channel — is expected to be respectful, considerate, and professional. We want
|
|
11
|
+
a welcoming, inclusive community focused on building good software together. Conduct
|
|
12
|
+
that makes the community unwelcoming or unsafe for others is not acceptable.
|
|
13
|
+
|
|
14
|
+
## Reporting
|
|
15
|
+
|
|
16
|
+
If you experience or witness unacceptable behaviour, report it **privately** to the
|
|
17
|
+
maintainers via GitHub's private vulnerability reporting
|
|
18
|
+
(repository **Security → Report a vulnerability**); see [SECURITY.md](SECURITY.md).
|
|
19
|
+
All reports are reviewed and handled confidentially. The maintainers are responsible
|
|
20
|
+
for clarifying standards and may take appropriate, fair corrective action in response
|
|
21
|
+
to any behaviour they deem inappropriate.
|
|
22
|
+
|
|
23
|
+
## Scope
|
|
24
|
+
|
|
25
|
+
This Code of Conduct applies within all project spaces and in public spaces when an
|
|
26
|
+
individual is representing the project or its community.
|
|
27
|
+
|
|
28
|
+
## Attribution
|
|
29
|
+
|
|
30
|
+
Adapted from the [Contributor Covenant](https://www.contributor-covenant.org),
|
|
31
|
+
version 2.1. Community Impact Guidelines and the full enforcement ladder are part of
|
|
32
|
+
the canonical text linked above.
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
# Contributing to werktools / WERKHub
|
|
2
|
+
|
|
3
|
+
WERKHub is a local, governed MCP control plane. The core stays stdlib-only
|
|
4
|
+
and offline-testable. Contributions are welcome under AGPL-3.0-or-later
|
|
5
|
+
(the project license — see [LICENSE](LICENSE)).
|
|
6
|
+
|
|
7
|
+
## Setup
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
pip install -e .[all] # core + server + yaml extras
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
## The local gate (all offline, no network, no keys)
|
|
14
|
+
|
|
15
|
+
```bash
|
|
16
|
+
python -c "from werktools.cli import main; import sys; sys.exit(main(['hub','doctor']))" # guardrail invariants
|
|
17
|
+
ruff check src/ tests/ examples/
|
|
18
|
+
mypy src/werktools --ignore-missing-imports
|
|
19
|
+
pytest -q
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
`hub doctor` enforces the hard invariants: `dependencies = []`, no
|
|
23
|
+
module-scope FastMCP outside the two allowed files, no daemon in the core,
|
|
24
|
+
unique event names. Keep them green.
|
|
25
|
+
|
|
26
|
+
## Hard guardrails
|
|
27
|
+
|
|
28
|
+
- Core stays stdlib-only; optional deps live behind extras (`[server]`,
|
|
29
|
+
`[yaml]`, `[worker]`, `[lifecycle]`) and are imported only inside function
|
|
30
|
+
bodies, never at module scope in the core.
|
|
31
|
+
- No daemon in library modules. Long-lived loops live only inside the serve/
|
|
32
|
+
dashboard entry points.
|
|
33
|
+
- Fail-closed policy; everything ledgered; write/destructive actions gated.
|
|
34
|
+
- Tests must be offline and deterministic (fake child processes, cassettes,
|
|
35
|
+
golden fixtures, injected clocks; platform skip-guards for win/posix).
|
|
36
|
+
|
|
37
|
+
## TDD
|
|
38
|
+
|
|
39
|
+
Write the failing test first, confirm red, implement the minimum, confirm
|
|
40
|
+
green. One focused change per commit.
|