Skip to content

v0.10.0 — multi-agent + admin + signed audit + onboarding

Choose a tag to compare

@jeremylongshore jeremylongshore released this 24 May 21:24
e2dafbf

What shipped

Three programs closed end-to-end since v0.9.1 (~4 weeks, 20 PRs):

v0.10 rollout (PRs #169–181)

  • Journal v2 — Ed25519-signed audit events with policy attestation
  • RFC 8785 JCS canonicalization interop suite (40 vectors)
  • Policy.deny context-stripping (closes retry-rephrase loop)
  • Tier-aware evaluate() — strictest-tier-wins, first-applicable within tier
  • Cross-tier shadow detection in policy lint
  • HMAC nonce + cross-channel HITL primitives
  • Admin command hardening — !clear / !restart routed through gate → policy → journal → execute
  • ACP adapter extracted into dedicated module

Multi-agent epic (PRs #182–184)

  • Per-bot per-channel sliding-window rate limit (loop breaker)
  • !mute / !unmute operator verbs with auto-expiring TTL
  • Multi-agent setup recipe doc — 000-docs/multi-agent-channels.md

Server wiring (PRs #185–189)

  • SOPS+age boot-time loading of Ed25519 audit-signing key
  • Admin dispatcher wired to gate → policy → journal → tmux
  • Mute + rate-limit stores active on the inbound gate
  • Streaming replies via chat.update with single-finalize
  • ccsc audit-key {init, rotate} operator CLI

Fresh-clone onboarding (PR #191)

  • AGENTS.md — cross-tool agent-instruction surface (agents.md spec)
  • CONTRIBUTING.md — full contributor guide
  • /slack-channel:install — multi-mode lifecycle skill (install/doctor/verify/repair/manifest/reset/tour/uninstall)
  • README Quick Start hygiene — Prerequisites, add-bot-to-channel step, verification round-trip, Troubleshooting

Metrics

  • Tests: 704 → 986+ (~280 new)
  • EventKinds: 19 → 34
  • Production modules: 6 → 17
  • CRAP max: 29 (under threshold of 30)
  • Coverage: 95%+ line / func (gate floor)
  • Architecture: 17 modules, 52 deps, 3 enforced invariants, 0 violations

Backward compatibility

No breaking changes. Journal v1 → v2 transition is backward-compatible; existing access.json files load and evaluate identically; new ChannelPolicy fields default-off.

Operator notes

  • Enable signed audit log: bun scripts/audit-key.ts init (see 000-docs/key-management.md)
  • Add a second bot: see 000-docs/multi-agent-channels.md
  • Fresh install: run /slack-channel:install and your AI assistant will walk you through every step

Full changelog: see CHANGELOG.md