Conversation
Benchmarks for all normalization paths: - File write: 105ns (fast path, sub-microsecond) - Git push: 70µs (shell.exec with regex scanning) - Destructive cmd: 82µs - GitHub CLI: 89µs - Compound git: 166µs (KE-5 AST optimization target) All meet the KE-2 target (p50 < 50µs for common actions, p95 < 100µs for shell.exec). Closes #856. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…r plane separation Adds the Shipper plane, the third leg of the kernel's event delivery architecture. Events flow from the EventBus through a configurable pipeline to one or more external destinations. New packages: - internal/event: canonical event model (Bus, Event, Store, Kind/Category) - internal/shipper: three shipper implementations + batch + pipeline - StdoutShipper: JSON events to stdout for CLI piping - FileShipper: JSONL with rotation support - HTTPShipper: batched POST with retry for cloud telemetry - Batch: thread-safe accumulator with size/age thresholds - Pipeline: bus subscriber with fan-out, filtering, error isolation 26 tests covering all shippers, batch mechanics, pipeline fan-out, filtering (governance-only, skip-heartbeats, kind/category), error handling, and end-to-end bus-to-pipeline integration. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…for compound commands Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
# Conflicts: # go/internal/event/bus.go # go/internal/event/schema.go # go/internal/event/store.go
…r external consumption Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds internal/shipper/ package completing the Evaluator/Emitter/Shipper plane separation: - StdoutShipper: JSON lines to stdout - FileShipper: JSONL with rotation - HTTPShipper: batched POST with retry - Batch accumulator (size + age thresholds) - Pipeline with fan-out, filtering, error isolation - 26 shipper tests passing Also aligns event package tests with simplified Bus/Store API from the shipper worktree merge. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
# Conflicts: # go/internal/event/schema.go # go/internal/event/store.go # go/internal/monitor/escalation.go
…d event API
KE-5: AST-based shell command analysis
- Lightweight shell AST parser (&&, ||, ;, |, redirects, quotes, subshells)
- AST-aware scanner finds all actions in compound commands
- Normalizer prefers AST for compound commands, regex fallback for simple
- 31 new tests + 6 benchmarks
KE-6: Control plane signals API
- pkg/signals/ with 8 signal kinds (denial rate, escalation, invariant hits,
blast radius trend, agent compliance, throughput, top violations, session health)
- Aggregator reads from event store (read-only)
- HTTP handler: GET /signals, GET /signals/{kind}
- 35 tests passing
Unified event API across all packages:
- Event with ID, Kind, Timestamp (int64), RunID, SessionID, Data
- Category type + CategoryOf for shipper filtering
- Store with Len, All, Append, QueryByKind, QuerySince, QueryByKindsSince
All 14 packages green. Closes #687, #716, #717.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Go vs Node.js comparison: 33x faster startup, ~100x faster hook eval, 30x less memory, 88x smaller binary, 400x fewer dependencies. Normalization benchmarks from 105ns (file ops) to 130µs (compound AST). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- release-go.yml: cross-compiles Go kernel for 6 platforms (linux/mac/windows x amd64/arm64) on GitHub release publish - install-go-kernel.js: npm postinstall downloads the matching binary from GitHub releases into dist/go-bin/agentguard-go - Falls back gracefully to TypeScript kernel if download fails - Skips in CI by default (set AGENTGUARD_INSTALL_GO=1 to override) - Users can opt out with AGENTGUARD_SKIP_GO=1 - README updated with Go kernel performance benchmarks Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Site: new performance section with stats grid (2ms startup, <3ms eval, 2.7MB memory, 3.2MB binary) and fleet impact table showing 47.5 hrs/mo saved for 100-agent fleets. Updated roadmap: Go kernel SHIPPED, Phase 6 SHIPPED (was incorrectly showing Rust kernel ACTIVE and Phase 6 NEXT). README: expanded fleet impact data showing per-session, 30-min coder, daily fleet, and monthly savings. Added zero-dependency deployment note. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.