Scaffold + engine core: modulex-core and modulex-cli#1
Merged
Conversation
WHAT: Cargo workspace (kyln version 0.6.20260605, MIT OR Apache-2.0, Rust 1.85), justfile with the canonical 'just check' gate, pre-push hook mirroring .github/workflows/ci.yml (hook-parity comments both ways), CLAUDE.md hard rules (ExecGate-only spawns, unserializable Secret, no credentials at rest, generation counters not wall-clock, soft failures), and modulex.toml.example showing the full morning routine with credential REFERENCES only. WHY: Establish the governance surface before the code: the example config is executable documentation (integration tests parse it), and hook/CI parity is a workspace-wide policy. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
WHAT: The engine crate. Config model (TOML; $MODULEX_CONFIG →
./modulex.toml → ~/.modulex/config.toml; flattened per-step params),
CredentialRef {env|file|cmd} resolving to an unprintable, unserializable
Secret (compile_fail doctest guards the no-Serialize invariant),
GrantedCaveats three-tier leash sourcing ($MODULEX_CAVEATS JSON →
[caveats] → declared-default deny-all-exec-except-declared), ExecGate as
the single subprocess seam (agent-bridle check_exec BEFORE spawn, secret
scrubbing after), StepHandler trait + registry, Report/StepResult/
RepoResult mirroring gila-plugin-morning's proven shapes, and the Engine
(monotonic generation counter, adjacent-parallel batching re-ordered to
config order, soft skips for missing tools, 16-report retention).
Builtin steps: git-tend/git-status/git-unpushed, deadline-calc/
countdown-calc (pure ports incl. work_days_between), script, harness
(JSON-on-stdout contract for enclave AI harnesses like pa).
WHY: gilabot#1892 asked for the good-morning routine as a single
deterministic command; this engine is the standalone-Rust answer scoped
so multiple agents can drive it (MCP server lands next). 50 unit tests +
4 gated real-subprocess integration tests + example-config tests.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
WHAT: clap-based 'modulex' binary: run <routine> [--only/--skip/
--dry-run/--json], step <routine> <step>, list, steps, doctor (config
path, leash provenance banner, per-program availability). Exit codes:
0 success, 1 engine error, 2 ran-with-step-failures.
WHY: The human-facing surface and the smoke-test harness for the engine
('just demo' dry-runs the example morning routine).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
WHAT: (1) Config::declared_programs now includes the argv0 of every
{cmd=..} credential reference (tilde-expanded, matching what resolve()
spawns) — previously the declared-default leash denied all credential
commands and their steps silently soft-skipped. (2) A panicked handler
in a parallel batch now lands in the report as a failed step instead of
being silently dropped (slot-based collection). (3) Report retention
uses a defensive >= bound; removed a duplicate match arm in script's
run_command.
WHY: Fresh-eyes review findings. Regression tests:
declared_programs_include_cmd_credentials,
declared_program_extracts_cmd_argv0_only,
cmd_resolution_is_leash_gated_and_uses_stdout.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
WHAT: Set the executable bit on .githooks/pre-push (in the index, so every clone gets it). WHY: git silently ignores non-executable hooks — the gate did not run. Spotted via the hint on the bootstrap push. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
First slice of the modulex routine engine (per the approved plan; origin: gilabot#1892 redirected to a standalone Rust binary):
0.6.20260605, MIT OR Apache-2.0, justfile (just checkgate),.githooks/pre-push⟷ci.ymlparity with cross-reference comments, CLAUDE.md hard rules,modulex.toml.example(executable documentation — integration tests parse it).$MODULEX_CONFIG→./modulex.toml→~/.modulex/config.toml; flattened per-step params)CredentialRef {env|file|cmd}→Secret(unprintable; unserializable by construction, guarded by acompile_faildoctest); resolved at spawn, scrubbed from outputExecGate— the single subprocess seam; agent-bridlecheck_execbefore spawnGrantedCaveatsthree-tier sourcing; default = deny-all-exec-except-declaredgit-tend/git-status/git-unpushed,deadline-calc/countdown-calc,script,harness(JSON-on-stdout, thepacontract)modulex run|step|list|steps|doctor(exit 0/1/2 = ok / engine error / step failures)Fresh-eyes fixes included:
{cmd=..}credential programs now part of the declared grant; panicked parallel steps surface as failed steps; hook exec bit.Test plan
just checkgreen locally: fmt, clippy--all-targets --all-features -D warnings, 61 tests (53 unit + 7 integration + 1 compile_fail doctest)echogranted runs;shungranted denied before spawn; injected secret reaches child env and is scrubbed from output; timeout kills)just demodry-runs the example morning routine end-to-endNext slices per plan: PR 2 MCP server crate, PR 3 forge/board steps, PR 4 Python surface.