Arcrun

Leo/Arcrun

Author	SHA1	Message	Date
Leo	93bb4d3327	feat(registry): Phase 3 G0 人類閘門（submit 端強制人類確認 + 舉證） - submitComponent 加 SubmitOptions（human_confirmation + gherkin_evidence + skip_acceptance） - G0 閘門：非 skip_acceptance 的新投稿，缺 human_confirmation（confirmed_by_human + 非空 reason_why_not_workflow）→ 退稿指回「先試工作流，需人類確認」 - human_confirmation + gherkin_evidence 寫進 KV metadata（軌跡可審） - components route 從 multipart/JSON 解析這些欄位傳入 - backfill（skip_acceptance）不受閘門影響 design 命名修正：投稿走既有 acr parts publish（非另建指令，符合「修改現有不重建」）。待續: G0-CLI（acr parts publish 互動式問人類）、G4-CLI（本地跑 Gherkin + evidence）、 R5（MVP_COMPONENTS.txt 白名單 + 本機 hook）。 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-05-29 18:03:49 +08:00
Leo	202a5ab8d6	feat(registry): Phase 3 零件投稿靜態把關 + component-gatekeeping SDD 新 SDD .agents/specs/component-gatekeeping/（richblack 確認，含 venue 修訂 + 信任模型）。 registry 端靜態把關（CF Worker 可跑，不執行 wasm）： - G1 detectFakeComponent: 外部 URL/domain + http_request 子集偵測，硬擋退稿指回 recipe - G3 wasmImports: 解析 wasm import section，只准 wasi_snapshot_preview1 + u6u 白名單 - G5/G6: unimplemented_steps 明列 gherkin/cold_start/runtime_compat，不假綠（§3c/§7） - gherkin_evidence 一致性驗證（投稿者本地跑，registry 不重跑——CF 禁 runtime 編譯 wasm）把關範圍：公共庫 + self-hosted 私人庫同一套（design §0.0）。信任模型（design §4.5）：Gherkin 全綠≠安全；純 WASI 沙箱框死能力才是發佈底氣；第一期 evidence 可造假（誠實標明），平台重跑列未來。 hook: pre-write-guard 白名單加 component-gatekeeping / component-registry-canon SDD 目錄。測試: sandboxAcceptance.test.ts 4 綠（含 G1 假零件被擋）。待續（同 SDD）: G4 CLI 投稿指令本地跑 Gherkin、G0 人類閘門、R5 白名單+本機 hook。 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-05-29 17:53:03 +08:00
Leo	17a076d35c	feat(arcrun): Phase 2 降級假零件成 recipe + credential 鏈路修復 Phase 1（credential 注入鏈路）： - 修 auth_static_key ENCRYPTION_KEY 漂移根因（見 docs/incidents） - component-loader: readBodyOnce() 修 "Body has already been used" Phase 2（降級假零件成 recipe，registry/components 33→22）： - 引擎: RecipeDefinition 加 auth_service（多 recipe 共用一把 auth） auth-dispatcher 先查 recipe.auth_service 再 fallback componentId - 引擎: auth_static_key inject.path + makeRecipeRunner {{auth.K}} （endpoint 可插 secret，解 telegram 類 URL-path token） - 引擎: makeRecipeRunner auto-body 剔除 _ 前綴內部欄位 - 降級並刪除: kbdb_{get,create_block,patch_block,delete,ingest} gmail/telegram/line_notify/google_sheets（改建為 recipe） - 刪除: ai_transform_{compile,run}（Arcrun 是 AI 呼叫的工具，工作流不該內嵌 AI 節點回頭呼叫 AI） - deferred（源碼暫留）: claude_api/km_writer（交 Mira 收成工作流）、 kbdb_upsert_block（交 KBDB 出 upsert endpoint）文件: DECISIONS.md（工作流是 default/建零件人類閘門/AI→工具）、 BACKLOG.md、auth-recipe.md §七、docs/incidents 加密 key 漂移驗收: KBDB get/create/ingest/delete 2xx；telegram auth 注入綠； gmail/sheets/line recipe 正確但缺 credential 未驗收； kbdb patch 403 為 KBDB 端 bug（已交 kbdb/docs） Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-05-29 16:18:18 +08:00
Leo	475c95aaae	feat(kbdb_upsert_block): add create_only flag (#2 stub support) leo 反饋 2026-05-17：「至少建一個 placeholder 給未來累積」但 upsert 預設 PATCH 既有會把完整 wiki 覆寫成 stub。新 input field：create_only (bool, default false) - false (預設)：既有 → PATCH (傳統 upsert 行為) - true：既有 → return action='exists' 不動，避免 stub 覆寫 full wiki 用於 wiki_synthesis V3.1 referenced_entities → ensure_stub_wiki_page 場景。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-17 11:07:31 +08:00
Leo	388c193ae7	docs(registry): seed 10 examples + 5 skills (LI SDD M3.1 + M3.3) 對應 .agents/specs/llm-interface/ Milestone 3.1 + 3.3。 registry/examples/ — 10 個可直接 push 的 workflow 範本： starter: webhook-to-http common: cron-watcher, llm-classify, rag-search-answer, daily-digest external: email-summary (gmail+claude+telegram), pdf-to-blocks, github-issue-bot advanced: parallel-fanout (trigger_workflow fan-out), error-retry (try_catch+wait pattern) 每個含：workflow.yaml（可直接 push）+ description.md（解決什麼問題 / 改成你自己的 / 學到什麼）+ tags.json（搜尋用） registry/skills/ — 5 個 AI playbook（markdown）： build_watcher_workflow — cron + filter + trigger 模式 debug_paused_workflow — claude_api callback paused 怎麼追 migrate_http_to_trigger_workflow — 從 self-fetch 換 trigger_workflow rag_with_arcrun — KBDB + claude_api 組裝 RAG add_new_wasm_component — TinyGo 寫 + 部署全流程兩者差異： examples = 可直接拿來改的 YAML skills = 面對 X 問題該怎麼想 + 該用哪個 example 兩者後續：CI 自動同步進 KBDB（type=workflow-example / type=agent-skill）， MCP arcrun_search_examples / arcrun_list_skills 走 KBDB semantic search。（CI sync 是 M3.4 工作） Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-16 16:33:54 +08:00
Leo	bc6360ccfc	feat(arcrun): http_request body_json + error heuristic; mira feed fire-and-forget http_request 零件擴展（registry/components/http_request）： - 加 body_json 物件欄位（內部 JSON.stringify），yaml 端不用手組 JSON 字串 - 新增 JSON 回應的 error 欄位偵測 → 若 body 含 `{"error":"..."}` 則零件回 success=false 解 cascade bug：mira_feed_watcher 用 http_request trigger wiki_synthesis，原本 4xx response 也被當 success，ON_SUCCESS 鏈會誤觸發根因架構債：host fn 沒回 HTTP status code（arcrun.md 列為 P1 follow-up） landing 河道 feed (landing/app/mira/feed/page.tsx)： - 加回 triggerWikiSynthesis fire-and-forget 對 cypher.arcrun.dev/webhooks/named/ wiki_synthesis/trigger 公開觸發 endpoint（arcrun-native，非 mira-specific route） - 不走 watcher 是因為 cypher-executor 自己 fetch 自己 workers.dev URL = CF 1042 self-fetch 擋 watcher 仍存在當 cron backup，但目前因 self-fetch 1042 不會真正觸發下游 wiki_synthesis（arcrun.md 列為 P1 follow-up）。	2026-05-14 16:06:46 +08:00
Leo	711af5dbf2	feat(arcrun): kbdb_get 加 type/source/user_id filter 之前只支援 block_id / page_name，撈「source=km-writer-direct 的 note」這類跨 page 查詢做不到。Wiki UI 7B.3g 跟 mira_feed_watcher 都要用 client-side filter 繞，違反「邊用 arcrun 邊修」原則。擴 contract：保留既有 block_id (mode A) + page_name (mode B)，新增純 filter mode C：type / source / user_id 任意組合。同時 page_name + filter 也允許組合。驗證：source=km-writer-direct&type=note&limit=5 撈到 leo 5 筆未處理河道貼文。對應 SDD: arcrun.md 三-B 新零件 checklist + tasks.md 7B.3h（mira_feed_watcher 正在組）。	2026-05-14 14:18:43 +08:00
Leo	4e746986b4	feat(arcrun): add kbdb_upsert_block component for idempotent block writes 對應 mira 7B.3f：per-entity index-entry 維護需要「找有則 PATCH 沒找到 POST」， arcrun workflow 沒 IF/branch 能力（已知限制 #1 + 新 P1 #1），用 kbdb_upsert_block 零件把分支邏輯封進零件內：GET /blocks?page_name=X → user_id filter → 找到 PATCH 沒找到 POST。 page_name 當 idempotency key，未來其他「找有則改沒則建」場景共用。 SDD：polaris/mira/.agents/specs/mira-app/design.md §3.5.12.4.1 matrix/arcrun/.agents/specs/arcrun/arcrun.md 三-A P1 #1 + 三-B 新零件加入紀錄	2026-05-14 10:18:21 +08:00
Leo	519423cb0d	feat(arcrun): mira wiki page with tag filter + accumulated WIP - landing/app/mira/wiki: tag=mira-wiki list now shows all wiki paragraphs (depends on KBDB tag filter exposed in matrix/kbdb commit, separate repo) - landing: app/mira hub + feed split + various WIP from prior sessions - registry/components: claude_api / kbdb_create_block / kbdb_get / km_writer / platform_crypto / auth_oauth2 contracts + main.go (accumulated) - .component-builds: pkg-lock updates + index.ts adjustments (WIP) - .agents/specs/arcrun/frontend-redesign: design notes - docs/test_credentials, docs/user_requirements/arcrun-landing-page: WIP docs - cypher-executor: auth-dispatcher / wasi-shim adjustments (WIP) Includes accumulated work from prior sessions plus the wiki UI tag-filter update that surfaces the AI-generated wiki paragraphs at /mira/wiki. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-07 16:52:01 +08:00
Leo	497f92a268	feat(arcrun): recipe system + resumable workflow + component registry canon Three new platform capabilities + one component (kbdb_get) to enable real AI workflow execution through cypher binding YAML. ## Recipe System (容器 + Recipe 模式) SDD: .agents/specs/recipe-system/ - prompt_recipe schema (Zod): fragments + inputs + assembly + output - recipe-expander.ts: expand recipe ref → real prompt by fetching KBDB blocks + pulling context fields with transforms (pluck_content / extract_field / etc) - 7 transform whitelist: json_array / to_string / join / markdown_list / extract_field / first / pluck_content - graph-executor hooks: detect node.data.recipe → expand → inject into ctx - output JSON parser (with markdown fence stripping for Claude-wrapped JSON) - Stored in RECIPES KV under prompt_recipe:{name} ## Resumable Workflow (webhook callback resume) SDD: .agents/specs/resumable-workflow/ - WorkflowPaused class + paused-runs.ts (persist/load/consume in EXEC_CONTEXT KV, 24h TTL) - graph-executor: detect {pending:true, task_id} → persist state → throw WorkflowPaused - cypher-handlers: catch → return {success:true, paused:true, task_id, run_id} - POST /workflows/resume route: consume KV state → resumeFromPaused() - Auto-inject callback_url for claude_api nodes (PUBLIC_BASE_URL or default cypher.arcrun.dev) - claude_api/main.go: forward callback_url to Mira daemon, default timeout 25s→120s - Idempotent (consume = load+delete) ## Component Registry Canon SDD: .agents/specs/component-registry-canon/ - Add POST /components/index-only endpoint (metadata-only, no wasm/sandbox) - Backfill script (mjs): scan registry/components/*/contract.yaml → submit to KV - register-component.sh: SSOT for local + CI hook (deploy.yml change in next commit) - Drop R2 dead storage from submitComponent + types + wrangler - Schema relaxed: category enum + auth/ai/platform; cold_start 50→500ms; size 2→8MB ## kbdb_get component - registry/components/kbdb_get/: TinyGo WASM, two modes (block_id / page_name list) - .component-builds/kbdb_get/: WASI shim worker (kbdb-get.arcrun.dev) End-to-end validation: AI uses MCP execute_workflow with recipe ref → cypher-executor expands prompt from KBDB schema/skill blocks + drafts → claude_api calls Mira daemon → daemon callback fires resume route → workflow continues. Verified with real 2KB+ Karpathy LLM Wiki draft. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-07 15:52:19 +08:00
Leo	83a01fe028	feat(auth_static_key): auto-encode Basic Auth; seed gemini/trello/mailgun recipes - auth_static_key WASM: 偵測 Authorization header "Basic <x>:<y>" (含冒號的 user:pass 原文), 自動 base64 編碼; 無冒號則維持原樣 (向後相容已 base64 過的值). 這涵蓋 twilio / jira / mailgun 三個 Basic Auth recipe, 用戶 recipe 只需寫 'Basic {{secret.user}}:{{secret.key}}' 直覺語法. - 新增 3 個 recipe (auth-recipe-seeds.ts): • gemini — static_key / header x-goog-api-key (單 secret) • trello — static_key / QUERY key+token (雙 secret, 第一個 query injection 測試覆蓋) • mailgun — static_key / HEADER Basic api:<key> (雙 secret Basic Auth) - hook fix (pre-write-guard.sh): 放行 auth-recipe-seeds.ts 的 {{secret.X}} 字面值. 該檔是 RECIPES KV 的 seed 資料, 不是 TS 展開邏輯; 真正展開仍在 WASM 完成. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-22 08:29:02 +08:00
Leo	258ef38f7a	fix(ci): regenerate tier2 pnpm-lock.yaml after adding wrangler Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-20 21:21:18 +08:00
Leo	200a8e14dc	fix(ci): add wrangler to tier2 devDependencies tier2 deploy failed with ERR_PNPM_RECURSIVE_EXEC_FIRST_FAIL because cypher-executor / registry / builtins package.json didn't list wrangler; local dev worked via global install only. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-20 21:05:55 +08:00
Leo	8c14562a2f	feat(auth): auth_service_account WASM primitive + remove TS JWT signer - registry/components/auth_service_account: TinyGo impl for Google Service Account (JWT-bearer → token exchange) and base structure for AWS SigV4. - .component-builds/auth_service_account: independent Worker at auth-service-account.arcrun.dev, extends wasi-shim with an http_request host function for the token exchange step. - Delete cypher-executor/src/lib/wasm-executor.ts (legacy, replaced by component-loader WASM HTTP runner path). - credential-injector.ts service_account branch now throws — all service_account recipes must route through auth-dispatcher. Per .agents/specs/arcrun/credential-primitives-wasm Phase 2. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-20 17:34:42 +08:00
Leo	18f04448ce	feat(auth): auth_static_key WASM primitive + host functions - wasi-shim gains kv_get / crypto_decrypt / crypto_sign_rs256 host functions with strict boundary (ENCRYPTION_KEY never exits Worker). - registry/components/auth_static_key: TinyGo impl for API-key / Bearer / Basic Auth recipes (80% of supported services). - .component-builds/auth_static_key: independent Worker at auth-static-key.arcrun.dev, imports wasi-shim cross-directory. - cypher-executor/auth-dispatcher routes static_key recipes to the new Worker instead of credential-injector TS. Replaces TS credential injection per .agents/specs/arcrun/credential-primitives-wasm Phase 1. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-20 16:54:18 +08:00
Leo	9168253357	chore: fill wrangler.toml KV/R2 IDs and routes for production deploy cypher-executor: EXEC_CONTEXT, WEBHOOKS, CREDENTIALS_KV, ANALYTICS_KV KV IDs, arcrun-wasm R2, route cypher.arcrun.dev/* registry: SUBMISSIONS_KV, ANALYTICS_KV KV IDs, arcrun-wasm R2, route registry.arcrun.dev/* credentials: CREDENTIALS_KV KV ID Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 15:36:26 +08:00
Leo	8e2c32e466	feat(registry): component_hash_id — stable id system for workflow references Problem: canonical_id is readable but mutable; if a component is renamed, all workflows referencing it by canonical_id break. Solution: dual-id system - component_hash_id: cmp_{sha256(canonical_id).slice(0,8)}, derived deterministically, never changes, safe for workflow references - canonical_id: human-readable name, used for search and display - idx:{canonical_id} KV key: reverse-lookup index for resolving canonical_id → hash_id Changes: - types.ts: SandboxResult.component_id → component_hash_id + canonical_id, added 'data' to category enum - submitComponent.ts: deriveHashId(), writes idx: reverse-lookup on submit - queryComponents.ts: full rewrite — removed KBDB dependency, uses SUBMISSIONS_KV; supports both cmp_* and canonical_id as query id; Phase 0 keyword search with note to upgrade to Vectorize in Phase 2 - sandboxAcceptance.ts: updated field names, fixed TextDecoder TS type - ensureTemplate.ts: removed KBDB dependency, now a KV health check - tests: updated component_id → canonical_id - CONTRIBUTING.md: explain hash_id derivation and dual-id workflow reference syntax Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 14:41:22 +08:00
Leo	d8028eabe0	feat(registry): aliases.yaml scope synonym table + contract aliases field - registry/aliases.yaml: scope-level synonym table for 21 built-in components covers api (gmail/google_sheets/telegram/line_notify/http_request), data (string/array/date/number/json), logic (if/foreach/switch/try_catch/wait), ai scopes; includes zh/en/abbrev variants - types.ts: add optional aliases[] field to ComponentContractSchema - CONTRIBUTING.md: explain aliases auto-merge from aliases.yaml vs manual contract aliases Note: manual maintenance for now; aliases.yaml becomes KBDB synonym graph seed data when KBDB is introduced. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 14:34:16 +08:00
Leo	e630fca2df	fix(arcrun): address PR #2 review findings Security: - init.ts: remove cf_api_token from POST /register (only email sent to arcrun.dev) - cf-api.ts: remove base64 fallback in encryptCredential, throw clear error if key missing Correctness: - submitComponent.ts: replace KBDB dependency with SUBMISSIONS_KV + R2 (standalone) - registry/types.ts: remove KBDB_URL/KBDB_INTERNAL_TOKEN, add SUBMISSIONS_KV/ANALYTICS_KV - webhooks.ts: add waitUntil(writeExecutionVerdict) for fire-and-forget analytics - execution-logger.ts: create missing module (was imported but didn't exist) - cypher-executor/types.ts + wrangler.toml: add ANALYTICS_KV binding - gmail/telegram/google_sheets/line_notify/http_request: no_network_syscall false (api category) - init.ts: replace require() with await import() for ES module compatibility Cleanup: - Remove arcrun/builtins/ (dead code — initComponents used old HTTP endpoint model, all 21 components now in TinyGo WASM under registry/components/) Docs: - tasks.md: update to reflect completed work and remaining items Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-16 13:07:28 +08:00
Claude	2707fca32b	feat(arcrun): implement arcrun MVP — open-source AI workflow engine Phase 1-5 complete per .agents/specs/u6u-core-mvp/: Phase 1 — Cherry-pick & cleanup - Create arcrun/ from cypher-executor, credentials, builtins, registry - Remove 9 InkStone Service Bindings (KBDB, REGISTRY, CLINIC_, AICEO, MINI_ME) - Rewrite component-loader: 3-layer (builtin → WASM_BUCKET R2 → error) - Remove autoPublishMissing.ts, proxy.ts (AICEO), execution-logger.ts (KBDB) - Clean all KV namespace IDs and InkStone internal URLs from config files Phase 2 — contract.yaml completeness* - Add credentials_required to gmail, google_sheets, telegram, line_notify - Add config_example to all 21 components with annotated field descriptions Phase 3 — Credential injection - Add credential-injector.ts: AES-GCM decrypt from CREDENTIALS_KV - Integrate into GraphExecutor before WASM execution - Structured errors with repair instructions when credential missing Phase 4 — CLI (acr) - cli/package.json: arcrun package, bin: acr, deps: commander/js-yaml/chalk/ora - 8 commands: init, creds push, push, run, validate, parts, list, logs - Standard mode: writes directly to user's CF KV via CF REST API - acr init: interactive setup with arcrun.dev API Key registration Phase 5 — Open source release prep - README.md: 5-minute quickstart, component table, workflow YAML syntax - CONTRIBUTING.md: TinyGo dev env, component scaffolding, submission flow - Security audit: no InkStone internal URLs/IDs in committed files - .gitignore: exclude credentials.yaml, .wrangler, *.wasm https://claude.ai/code/session_01BnCdSLVH8tUed9VrrPavgT	2026-04-16 04:06:25 +00:00

20 Commits