Skip to content

ginee v0.24.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 26 May 21:57
· 11 commits to main since this release
v0.24.0
875756c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

  • Tier 3 compliance closes out the maximum-force Claude playbook (#176). Recency-optimisation pass on the always-loaded surface, six deterministic-template slash commands, main-thread permission lockdown, session-resume injection, and a consent-required attestation gate — the strongest pattern available without a programmatic supervisor.
  • Five hard constraints now appear at the top and bottom of CLAUDE.md (T9). Self-lint marker, SA-never-edits, context-economy trailer, D-free runtime, local/**-only-via-discovery — they survive recency drift on long sessions because LLMs read first/last more carefully than the middle. Spec: migrations/claude-md-bookending.md.
  • Six slash commands replace LLM free-form composition for drift-prone surfaces (T10): /ginee-dispatch <role> <task> · /ginee-phase-report · /ginee-self-lint · /ginee-commit · /ginee-pr · /ginee-issue-pickup #N. Each lands the schema skeleton at composition time — deterministic by construction. Spec: migrations/slash-commands-suite.md.
  • Main-thread permission lockdown forces real work through cardinals (T11). .claude/settings.json § permissions.deny blocks framework-side Edit / Write / MultiEdit + destructive Bash from the main thread; adopter project code untouched. Per-issue warm registry adds a local/framework.config.yaml § warm-reuse.dispatch-cap: 15 soft cap — over-cap triggers fresh-spawn + ## Carry-forward summary payload so the new agent inherits prior decisions instead of starting blind. Spec: migrations/warm-cardinal-default.md.
  • SessionStart hook injects [ginee:resume] with current issue/<N>-… branch state + open ginee:in-progress GitHub issues (T12). Quiet on empty; offline-safe — defeats the "start fresh and re-decide everything" pattern across session boundaries. Spec: migrations/session-start-hook.md.
  • Optimized-By trailer attestation gate (T13, ask-mode, push-time). When git push would push a range carrying Optimized-By: ai-engineer trailer without a verifiable Agent(subagent_type=ai-engineer) dispatch in the session transcript, Claude Code surfaces its native permission prompt; user picks allow (cross-session work · manual lossless pass · WIP push) or deny (cancel + dispatch first). Closes the voluntary-compliance loophole on the context-economy trailer. Spec: migrations/optimized-by-attestation.md.

Adopter migration

Just run /ginee-update. All five tactics land idempotently — installer copies the six slash commands to .claude/commands/; sync-claude-settings.{ps1,sh} wires SessionStart + attestation hook entries + framework-scoped permissions.deny rules; pointer block in your CLAUDE.md gets the bookend on re-paste.

Per-change action

Change Action
CLAUDE.md bookending (T9) · slash commands (T10) · SessionStart (T12) · Optimized-By attestation (T13) None — /ginee-update lands all four.
Main-thread permission lockdown (T11) None — permissions.deny merges idempotently. Adopter project code is untouched (deny rules are framework-scoped to .agents/ginee/{core,adapters,extras}/**).
Warm-registry dispatch cap Optional — set warm-reuse.dispatch-cap: <N> in local/framework.config.yaml to override the default 15.

Notes

  • Per-tactic opt-out: local/framework.config.yaml § compliance.disabled: [slash-commands | main-thread-permissions | session-start-hook | optimized-by-attestation]. Bypass per call: SKIP_GINEE_COMPLIANCE=1.
  • T11 ships adopter-template only. The framework-self-dev .claude/settings.json does NOT get the lockdown — framework devs continue to edit core/** directly. Adopters' deny rules are scoped to .agents/ginee/{core,adapters,extras}/** so their own code is untouched.
  • T13 introduces a new force-class axisconsent-required gate (Class A nuance) alongside the existing binary allow/deny gates. The permission prompt is judgment-bearing; legitimate cases (cross-session optimization · manual lossless pass · WIP push) map naturally to "allow."
  • Other adapters (Cursor / Copilot / Codex / generic) ship Claude-only for the playbook batch — permissionDecision: "ask", slash commands, and SessionStart all rely on Claude-specific surfaces. Cross-adapter ports follow when their tooling matures.
Assets 5
Loading