feat!: capability-driven compliance runner + tarball-sourced storyboards (#553)#560
Merged
feat!: capability-driven compliance runner + tarball-sourced storyboards (#553)#560
Conversation
…rds (#553) Storyboards move out of `@adcp/client` — `npm run sync-schemas` now pulls `/protocol/{version}.tgz` from adcontextprotocol.org, verifies its sha256, and extracts schemas + compliance into local caches. Bundled `storyboards/` is gone; the compliance cache ships with the published package. Selection is driven by `get_adcp_capabilities`: `supported_protocols` resolves to domain baselines, `specialisms` resolves to specialism bundles. Fails closed when a declared specialism's bundle isn't cached, when a specialism's parent domain isn't declared, or when the capabilities probe fails on an agent that advertises the tool. Unknown protocols warn. Breaking: `platform_type`, `PlatformProfile`, `PLATFORM_STORYBOARDS`, `platform_coherence`, `expected_tracks`, bundled loaders, and platform coherence reporting are all removed. See changeset for full migration. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
# Conflicts: # src/lib/types/schemas.generated.ts
Pulls latest `/protocol/latest.tgz` and regenerates types.generated, core.generated, schemas.generated, and wellknown-schemas.generated. Runs prettier over the files modified in this branch. Fixes CI: Code Quality, Test & Build, Validate Schema Synchronization. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The agent docs generator still read from the deleted `storyboards/` directory, so llms.txt dropped all 49 storyboard flows. Walks the compliance cache now (universal, domains/**, specialisms/**) and updates the deep-dive + fictional-entities pointers. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Upstream adcontextprotocol/adcp#2273 signs released `/protocol/{version}.tgz` with Sigstore keyless OIDC. `sync-schemas` now verifies the `.sig` + `.crt` sidecars against the upstream release workflow's identity when they're present. Graceful degradation: - `latest.tgz` is intentionally unsigned — skip. - Missing sidecars (predates signing) → checksum-only, informational log. - Sidecars present but `cosign` not installed → checksum-only, install hint. - Sidecars present and `cosign` available → verify; fail hard on mismatch. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #553.
Summary
npm run sync-schemaspulls/protocol/{version}.tgzfrom adcontextprotocol.org, verifies its sha256, and extracts schemas + compliance intoschemas/cache/andcompliance/cache/. The published npm package ships the baseline compliance cache so first-run works offline.get_adcp_capabilitiesdrives which storyboards run:supported_protocols→ domain baselines,specialisms→ specialism bundles.discoverAgentProfilenow calls the capabilities probe and surfaces failures so agents can't silently downgrade to universal-only.storyboards/,platform_type,PlatformProfile,PLATFORM_STORYBOARDS,platform_coherence, and theexpectedtrack status are all removed.comply({ platform_type })throws a runtime migration error. See the changeset for the full list.Fail-closed
npm run sync-schemas).supported_protocols→ throw.profile.capabilities_probe_error+ error-severity observation (loud, not silent).supported_protocolsentry → warn and skip.Spec-evolution escape hatch
adcp storyboard run <agent> --file <path.yaml>loads an ad-hoc YAML from disk without touching the cache — useful for testing in-development storyboards before they land upstream.Test plan
npm run typecheckcleannpm run test:lib— 3005/3005 pass (including new protocol-mapping drift alarm)test-mcp: 23 storyboards executed across media-buy, creative, governance, signals, brand + universalnpm pack --dry-runconfirmscompliance/cache/latest/ships (1.4MB packed, up from ~400KB pre-refactor)Follow-ups
/protocol/{version}.tgz.🤖 Generated with Claude Code