Skip to content

Releases: mohamedzhioua/agent-done-or-not

v0.9.0 — state-bound trust

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 02 Jul 19:17

v0.9.0 — state-bound trust

v0.8.0 defined what counts as done. v0.9.0 binds every receipt to the source
it verified
and closes the Windows and setup gaps that blocked adoption. A
green receipt from before your last edit no longer looks identical to a fresh
one, and the hard Stop gate is now as strict as assert.

Highlights

  • Git-state binding. capture now records the commit (full HEAD SHA),
    tree, and dirty working-tree state in every receipt. Empty/false outside
    a git repo, so nothing breaks off-VCS.
  • State-drift detection. assert, the Stop gate, and report warn when the
    newest passing receipt was captured against a different commit (or a dirty
    tree) — the stale-CI-cache / edit-after-check gap. Advisory by default; set
    AGENT_DONE_BIND_STATE=1 to make drift a hard failure/block.
  • Policy-aware Stop gate. stop-gate.sh / stop-gate.ps1 now enforce an
    agent-done.json policy — a single passing receipt of any label no longer
    clears the gate when a policy requires more (parity with assert). Fails
    closed if it can't evaluate the policy.
  • Test-file-diff guard. report flags a "done" claim sitting on uncommitted
    changes to test/spec files (advisory) — the most-cited agent check-gaming
    pattern.
  • npx agent-done-or-not stop-gate. Run the Stop hook with no vendored
    scripts; it pipes the hook payload on stdin.

Fixes (adoption blockers)

  • init --claude-hook now installs a working hook — it copies the gate
    scripts into the repo, so the generated hook resolves instead of pointing at
    missing files.
  • Windows PowerShell 5.1 encoding — removed non-ASCII characters from
    done-gate.ps1 that broke WinPS 5.1's UTF-8-no-BOM parse. All engine .ps1
    files are pure ASCII now.
  • npm wrapper Windows/WSL trap — the wrapper tries PowerShell first on
    Windows, so a WSL bash.exe that chokes on a Windows path no longer aborts
    before the native .ps1 engine.
  • Windows CI matrix — CI runs the PowerShell parity suite under both Windows
    PowerShell 5.1 and PowerShell 7+, plus an npm-wrapper smoke, so these stay
    fixed.

Positioning

The receipt is a verification receipt — evidence that the configured check
ran and passed against a specific commit. The SHA-256 is proof of the command's
output; it is not proof of semantic correctness. You still choose a command
that verifies what you claim.

Full details in CHANGELOG.md.

v0.8.0 — trust layer

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 23 Jun 23:21

v0.8.0 — the trust layer

Turns "a check passed" into "the required checks passed," and makes a
completion claim shareable. Built cross-engine (bash + PowerShell + Node), zero
new dependencies, and dogfooded through the gate itself: 77 passing, 0 failed
(incl. the PowerShell parity suite).

Added

  • Required-checks policy — an optional agent-done.json declares required
    labels, each with an optional command_regex, plus ttl. assert reads it
    when no --label is given. Resolution order: explicit --label (legacy) →
    policy → most-recent receipt. Policy mode searches all run dirs per label,
    so checks captured in separate runs still count. New --policy / --no-policy
    flags; assert --json gains a policy key. Parsed dependency-free in bash +
    PowerShell. Documented in the new policy.schema.json. A present-but-unparseable
    policy fails closed — it never silently degrades to the latest receipt.
  • Wrong-check detection — a label strength taxonomy (strong: test/build/
    typecheck/e2e/smoke…; weak: lint/format/style/manual/docs). When the only
    passing evidence is weak, assert and report emit an advisory
    latest proof is lint-only — … warning. Advisory only; never changes an exit code.
  • report --format pr — a sticky, paste-ready PR comment wrapped in
    <!-- agent-done-or-not:proof --> markers, plus a human "Proof of Done" card
    on the markdown report.
  • Action PR commentpr-comment + github-token inputs upsert a sticky
    proof comment via gh api, without changing the job's pass/fail (assert still decides).
  • init polish--claude alias for --claude-hook; --policy scaffolds
    an agent-done.json (never overwriting an existing one).

Changed

  • assert --json now includes a top-level policy field (empty in legacy/--label modes). All existing keys unchanged.

Hardening (from an adversarial cross-model review, all with regression tests)

  • Present-but-unparseable policy now fails closed (was a wrong-PASS that fell back to latest-receipt).
  • report --format pr escapes </> so a crafted command can't inject the proof marker.
  • PowerShell -match on an invalid command_regex is now caught (was throwing → no JSON); --ttl non-integer fails exit 2 in both engines (parity).

Release

  • Tag v0.8.0 pushed; agent-done-or-not@0.8.0 published to npm.
  • Homebrew + Scoop pinned to the v0.8.0 tarball (sha256 25bf2050…).

🤖 Generated with Claude Code

v0.7.0

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 23 Jun 13:34
4d3aba9

v0.7.0 — init flow, proof report, GitHub Action job summary

Adds a 60-second onboarding flow and an inspectable proof report.

Added

  • agent-done-or-not init — detects the stack (npm/pnpm/yarn, Python, Go, Cargo, Maven/Gradle), infers conservative test/build/lint labels, and patches a managed proof block into agent instruction files (AGENTS.md, CLAUDE.md, .cursorrules, …) with backups. Supports --dry-run, --label/--command, --claude-hook.
  • agent-done-or-not report --format markdown|html|json — proof summary from .agent-proof ledgers with an explicit non-green state vocabulary (missing/failed/stale/bypassed/local-only), commit + dirty-tree status. Bypassed/stale/missing/failed are never shown as verified.
  • GitHub Action proof job summary via $GITHUB_STEP_SUMMARY; npm run smoke.

Hardened (review pass)

  • report escapes agent-controlled receipt fields in markdown + HTML; --format html renders a real table.
  • init preserves block/content separation on re-run and never overwrites a backup.
  • Action summary writes gate output into an HTML-escaped <pre> (no markdown injection).
  • Fixed a job-summary printf regression caught by CI (leading-dash format aborted the step).

Install: npx agent-done-or-not init --yes · npm i -g agent-done-or-not@0.7.0

Tests: 65 bash scenarios + the PowerShell parity suite, green.

v0.6.0 - Windows-native engine + full agent roster

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 23 Jun 00:44

What's new in v0.6.0

Completes Windows-native support and broadens agent coverage to every major AI coding tool on the skills.sh platform.

Added

  • done-gate.ps1 — native PowerShell port of the engine (capture / assert / verify / show, --json, all flags). Runs on Windows PowerShell 5.1 and PS 7+ with built-ins only — Windows no longer needs Git Bash. Receipts from both engines are interchangeable.
  • stop-gate.ps1 — native PowerShell Stop-event hook, full parity port of stop-gate.sh. All 13 trust rules preserved.
  • Homebrew formula (packaging/homebrew/agent-done-or-not.rb) and Scoop manifest (packaging/scoop/agent-done-or-not.json) — pinned to v0.6.0 source tarball + SHA-256.
  • Agent rules files for Windsurf (.windsurfrules), Cline (.clinerules), Roo (.roo/rules/done-or-not.md), Zed (.zed/prompts/done-or-not.md), Goose (.goosehints).
  • CI templates for GitLab CI and Azure DevOps, joining the existing GitHub Actions composite action.
  • Improved skills/done-or-not/SKILL.md with PowerShell usage examples and fuller installation table.

Fixed

  • Packaging tests no longer hardcode stale v0.5.0 values.
  • Windows Git Bash path handling in done-gate.sh / stop-gate.sh.
  • npm wrapper falls back to native PowerShell on Windows when Bash is unavailable.
  • Scoop manifest now launches done-gate.ps1 so Windows users do not need Git Bash.

Install

# npm
npx agent-done-or-not capture --label check -- <your-command>

# Homebrew
brew tap mohamedzhioua/agent-done-or-not
brew install agent-done-or-not

# Scoop
scoop bucket add agent-done-or-not https://github.com/mohamedzhioua/agent-done-or-not
scoop install agent-done-or-not

Run the gate straight from npx

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 22 Jun 09:02

v0.5.0 — run the gate straight from npx

v0.5.0 adds an npm package wrapper so you can run the proof-of-done gate
without cloning the repo — handy in a CI step or an npm script.

What's new

  • npm / npxagent-done-or-not on npm:
    npx agent-done-or-not capture --label test -- npm test
    npx agent-done-or-not assert --label test --ttl 3600
    A zero-dependency Node shim (bin/agent-done-or-not.js) forwards every
    argument to the bundled done-gate.sh, preserves the caller's working
    directory (so .agent-proof/ lands in your repo), and exits with the
    underlying command's own code. Requires bash on PATH — Git Bash on Windows.
    The published tarball bundles only the engine, the scripts, the schema, and
    the drop-in rules (10 files).

Notes

  • 49-test suite, green on Ubuntu + macOS (plus the action self-test); the npm
    shim is covered end-to-end (capture writes a receipt in cwd; assert
    propagates pass/fail exit codes).
  • Thin wrapper — the canonical bash core is unchanged.

Full changelog: see CHANGELOG.md.

Claude Code plugin + skills.sh Agent Skill

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 22 Jun 08:53

v0.4.0 — native packaging for the agent-skill ecosystems

v0.4.0 makes agent-done-or-not installable as a first-class citizen of the two
agent-skill ecosystems — a Claude Code plugin and a skills.sh Agent
Skill
. Both are thin wrappers; the canonical bash core stays the source of
truth (no duplicated logic).

What's new

  • Claude Code plugin — hard "prove done" enforcement in one install:
    claude plugin marketplace add mohamedzhioua/agent-done-or-not
    claude plugin install agent-done-or-not
    Ships .claude-plugin/plugin.json, a Stop hook (hooks/hooks.json
    bash "${CLAUDE_PLUGIN_ROOT}/stop-gate.sh"), and a single-plugin
    self-marketplace (.claude-plugin/marketplace.json). Validated with
    claude plugin validate.
  • Agent Skill (skills.sh) — install the proof-of-done rule for any agent:
    npx skills add mohamedzhioua/agent-done-or-not
    skills/done-or-not/SKILL.md packages the rule; the README carries the live
    skills.sh install-count badge. The nested skill also rides along as bundled
    context for the Claude plugin.

Notes

  • 44-test suite, green on Ubuntu + macOS (plus the action self-test).
  • Completes the P1 distribution arc: installer + Action + pre-commit (v0.3.0)
    and plugin + skill (v0.4.0).

Full changelog: see CHANGELOG.md.

Three drop-in ways to adopt the gate

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 22 Jun 08:53

v0.3.0 — three drop-in ways to adopt the gate

Distribution release. The proof-gate core was already stable; v0.3.0 makes it
trivial to add to any repo without copy-pasting files. Builds on the assert +
--json contract from v0.2.0.

What's new

  • install.sh one-liner — bootstrap any repo in one command:
    curl -fsSL https://raw.githubusercontent.com/mohamedzhioua/agent-done-or-not/main/install.sh | sh
    Conservative, inspectable POSIX sh: drops done-gate.sh + stop-gate.sh
    into the current repo, marks them executable, and adds .agent-proof/ to
    .gitignore (idempotent). Pin a ref with REF=v0.3.0; offline installs via
    AGENT_DONE_LOCAL_SRC. Prefer to inspect first? The manual two-file method is
    still documented.
  • GitHub Action — gate a CI job on proof-of-done:
    - uses: actions/checkout@v4
    - uses: mohamedzhioua/agent-done-or-not@v0.3.0
      with:
        mode: assert
        labels: "test build"
        ttl: "3600"
    A composite action that resolves its own done-gate.sh and asserts the
    consumer's receipt ledger. Self-test workflow dogfoods both the pass and the
    expected-failure path.
  • Pre-commit framework hook — block commits that lack a fresh passing receipt:
    repos:
      - repo: https://github.com/mohamedzhioua/agent-done-or-not
        rev: v0.3.0
        hooks:
          - id: agent-done-assert

Notes

  • 38-test suite, green on Ubuntu + macOS (plus the action self-test).
  • Every new surface is a thin wrapper — the canonical bash core is unchanged.

Full changelog: see CHANGELOG.md.

Useful beyond the agent loop (CI / pre-commit) + machine-readable

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 22 Jun 08:53

v0.2.0 — useful beyond the agent loop (CI / pre-commit) + machine-readable

v0.2.0 takes the proof-gate from an in-loop guardrail to something you can also
gate CI, pre-commit, and release on — and makes every decision
machine-readable so other tools can build on it.

What's new

  • done-gate.sh assert — verify the ledger without running anything, for
    CI / pre-commit / release gates. Require one or more labels (--label,
    repeatable), reject stale receipts (--ttl), and constrain the recorded
    command class (--allow-command-regex / AGENT_DONE_ALLOWED_COMMANDS).
    bash done-gate.sh assert --label test --label build --ttl 3600
  • --json on capture, assert, verify, and show — stable,
    dependency-free decision objects for Actions, hooks, and editor integrations.
  • Trust pack: README badges, a comparison table (vs a plain CLAUDE.md
    rule), a "how it can and can't be fooled" threat model, an FAQ, SECURITY.md,
    examples/proof.jsonl, and an asciinema cast at docs/demo.cast.

Changed

  • epoch is documented in proof.schema.json; freshness is judged from the
    recorded epoch, never file mtime.
  • Tests: 18 → 28 (assert pass/fail/all-labels/ttl/regex + --json parse checks),
    green on Ubuntu + macOS.

Notes

  • Backward compatible with v0.1.0 — capture / verify / show are unchanged;
    assert and --json are additive.

Full changelog: see CHANGELOG.md.

Make your AI agent prove "done"

Choose a tag to compare

@mohamedzhioua mohamedzhioua released this 22 Jun 08:53

v0.1.0 — make your AI agent prove "done"

Your AI agent just said "Done ✅" — but did it verify? agent-done-or-not is
a single-file, zero-dependency proof-gate that forces it to back the claim with a
hash before it can finish. Works with Claude Code, Cursor, and Codex.

What's in it

  • done-gate.sh — runs your real check, streams output, records a
    tamper-evident receipt (command + exit code + SHA-256), and exits with the
    command's own code
    so a failing check can't be dressed up as green.
  • stop-gate.sh — a Stop-event hook that blocks "done" unless the most
    recent receipt is passing, fresh, and not already used. It fails closed
    and can't be looped forever (bounded safety valve).
  • Drop-in rules for all three tools (CLAUDE.md, .cursorrules, AGENTS.md),
    a documented receipt schema, and an 18-test suite (green on Ubuntu + macOS).

Install (60 seconds)

curl -O https://raw.githubusercontent.com/mohamedzhioua/agent-done-or-not/main/done-gate.sh
curl -O https://raw.githubusercontent.com/mohamedzhioua/agent-done-or-not/main/stop-gate.sh
chmod +x done-gate.sh stop-gate.sh
echo '.agent-proof/' >> .gitignore

Then wire it for your tool — see examples/install.md.

Notes

  • Hardened with an independent cross-model (Codex) security review before release.
  • It's a forcing function, not a semantic oracle — it makes the agent run a
    check and proves it passed; you choose the check. Task-specific proof binding
    is on the v0.2 roadmap.

Full changelog: see CHANGELOG.md.