You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
P0 governance kernel: unified cfgov.Backend abstraction (Coordinate{namespace,key} → blob + revision/CAS) with a Nacos backend; Nacos group/dataId details are confined to the backend adapter.
cfgclass fail-closed config-write risk classifier (R0–R3) wired to opskit-core safety: protected-context escalation via EffectiveRisk, ticket gating at R2, and a precise --allow-production-config-delete allow flag at R3.
Backend-bound contexts (ctx set --backend nacos) with --backend per-command override; credentials stored via opskit-core credstore.
Audit trail records only content fingerprints (sha256) and byte counts — never plaintext config.
Single-config read verbs: config list/diff/validate/pull/history/listen (diff reports only sha256 + line deltas; listen is a bounded, cancellable long-poll).
Local backup primitive with backup-before-write enforcement on config push/delete: --backup/--no-backup + safety.ValidateBackupPolicy; protected contexts require an explicit backup decision; the destructive write aborts if the backup fails; backups store under ~/.cfgov-cli/backups and audit records only the backup id + sha256.
cfgov.Backend extended with History and Watch (capability-gated via supportsHistory/supportsWatch); config keys reject ./.. path-traversal segments and backup paths encode them.
Config write-class verbs: config export/import/promote/rollback/reconcile; batch plans expose create/update/delete/prune counts and key lists, rollback supports local backup files/ids or Nacos history, and reconcile prune requires the precise --allow-production-prune R3 allow flag.
Nacos namespace and service parity verbs via separate capability interfaces: namespace list/create/update/delete and service list/get/instances/register/deregister; destructive verbs require precise --allow-production-namespace-delete / --allow-production-service-deregister flags at R3.
Sentinel rule schema-over-backend read kernel: rule list/get/export/diff/validate reads rule sets as config blobs via derived Nacos coordinates, validates flow/degrade/system/authority/param schemas, and reports only sha256/count metadata in audit.
Governed Sentinel rule writes: rule create/update/import/delete/rollback persist rule arrays through the config backend with CAS, mandatory deep validation, backup-before-overwrite/delete, and the single R3 --allow-production-rule-delete flag for protected deletes.
Apollo config backend adapter: cfgov can now bind contexts to Apollo OpenAPI for config get/list/push/delete with item-level coordinate mapping, CAS revisions, release publishing, and honest NotImplemented gates for unsupported history/watch/rule/service capabilities.
Apollo RuleStore support: Sentinel rule commands now work against Apollo with sentinel-compatible item keys ({app}-{type}-rules) and a separate default rule namespace of SENTINEL.
cfgov install <agent> --skills: installs the embedded cfgov AI Skill into an agent's skills directory (claude/codex/opencode/copilot/cursor/cc-switch/windsurf/aider or a custom path), writes an .installed-by manifest, and verifies the copy.
npm distribution: package.json (unscoped cfgov-cli), bin/cfgov-cli.js launcher, and scripts/install.js postinstall that downloads the platform binary from the signed GitHub Release with SHA-256 verification and a redirect-host allowlist; release.yml tag pipeline (multi-platform build, cosign signing, checksums, GitHub Release, npm publish via OIDC).
Backend-agnostic config key validation: cfgov.Backend.ValidateKey (Nacos group/dataId rules vs Apollo item-key rules); backup identity is backend-adapted; ParseNacosKey rejects any ./.. path segment (split on / and \).
Config flag parity with nacos-cli: diff/validate/push --content (mutually exclusive with --file), push --no-validate (skips only content-format validation, never governance), validate/push --type xml, list --query/-q; import --skip-existing/--overwrite/--validate/--force-large-import, reconcile --prune-scope/--overwrite/--force-large-reconcile, rollback --validate, promote --validate/--overwrite/--type; diff --source-context/--target-context cross-context comparison with LCS line-level output. --force-large-* lifts only the change-count ceiling, never the cfgclass/authorize/backup gates; --prune now requires an explicit --prune-scope.
Context parity: ctx set exposes the remaining governance fields (--env, --ticket-pattern, --roles-source/--roles-url/--allow-insecure-roles-url, Vault --vault-addr/--vault-path/--vault-role-id/--vault-secret-id/--vault-namespace, per-context OTel --otel-endpoint/--otel-metrics-endpoint/--otel-insecure); new ctx delete (alias remove/rm), ctx export, ctx import, ctx test; ctx/context alias; ctx list/current --show-secrets. Security: --vault-secret-id is set only in the process VAULT_SECRET_ID (never persisted); credentials require a non-plain-yaml backend; ctx export redacts credentials by default and refuses cleartext export of credstore-backed secrets; ctx import needs --force to overwrite and --yes when non-interactive; roles-url must be https unless --allow-insecure-roles-url; --show-secrets is audited as a credential reveal.
Platform parity: global --context (temporary context override, preserving the target context's protected/governance), --debug/--trace/--trace-body-limit (wired to the existing redacting backend trace), --strict-no-change (exit 13 when a plan has no changes), --audit-max-size (active-log rotation size), --backup-keep (backup retention). audit prune (rotated-log retention; --before/--keep-last, dry-run by default, --confirm to delete, and the prune itself is audited); audit query filters (--context-filter/--namespace-filter/--protected/--ticket/--env/--data-id/--app/--group/--rule-type/--path/--resource) and audit query/verify table/plain output; audit verify --path/--strict/--confirm/--decrypt. capabilities now self-reports the bound backend's real capabilities plus limits/features; Apollo no longer lists a phantom rule verb and Nacos advertises the rule resource type.
Operational parity: service register/deregister now enforce the same backup-policy decision as config writes (protected contexts require explicit --backup/--no-backup), and register warns on stderr when registering an ephemeral instance. Idempotent no-op writes are detected after authorization and recorded as skipped audit events (fingerprint-only): config push and rule create/update/import skip the backend write when the remote content already matches, and config import/promote/reconcile audit already-matching items as skipped. New backup list/backup clean local-store maintenance (clean mirrors audit prune: --before/--keep-last, dry-run by default, --confirm to delete, and the clean itself is audited). namespace delete adds a human y/N confirmation after authorization (skipped by --yes/--non-interactive; never replaces the R2/R3 authorization gate).
Ops/UX parity: read-only doctor diagnostics (context/backend-ping/audit-log-writability; all output redacted, self-audited, no backend mutation); OpenTelemetry command spans plus trace/metrics exporter shutdown-flush (span/metric attributes carry only safe metadata — operator, context, env, ticket, protected — never config/rule content or credentials); completion {bash|zsh|fish|powershell}; "did you mean" suggestions on mistyped commands; command aliases (list→ls, delete→del/rm) and short flags (config -f/-g/-q, service -s); rule validate --fail-on-warnings (non-zero exit when deep validation reports warnings); rule get --resource (display-only exact-match filter on the rule resource field — audit still records the full rule set). capabilities no longer advertises backup clean as an R-tier verb (it is a --confirm/dry-run local-maintenance op like audit prune); DoctorResult added to the kind list.
