rework: make prove_it a generalized workflow tool with support for any agentic harness#10
rework: make prove_it a generalized workflow tool with support for any agentic harness#10davemo wants to merge 54 commits into
Conversation
|
Thanks Dave, I'm fried tonight but will take a look at this tomorrow. Appreciate your agent's help in making prove_it agent agnostic. |
|
I still have some open issues to work through today, but I updated the draft PR description with a much clearer breakdown of where I took some inspiration from past work (Lineman), new features (Git 2.54 config-based hooks), and a higher level product vision for prove_it. Also added some open questions that would be good to discuss. I should be able to have the open issues wrapped up today, and if you have bandwidth would love to hop on a call sometime this week and tease out any oddities that arise once it's in a good place and you've had a chance to digest and test it when the rest of the issues are closed. I've been testing with |
This captures the current Claude adapter contract before the harness-neutral redesign starts moving behavior behind shared methodology, state, and workflow boundaries. The new integration suite focuses on external behavior rather than implementation placement: PreToolUse config-guard denial, done-gated Stop blocking, done signal preserve-on-fail and clear-on-pass, backchannel write bypass, SessionStart context/env injection, and Bash prove_it signal interception. This came out of the Pi issue-runner review loop for issue #1. Pi implemented the characterization tests, then we reviewed that only test coverage changed, verified the new suite directly, checked Standard formatting, and confirmed the full run log reported ./script/test_fast and ./script/test passing before and after the change.
Closes #9 Review note: the first pass only added a runWorkflowEngine wrapper around existing config_guard behavior and did not execute script tasks, so it missed the core issue requirement. Review feedback asked the agent to finish #9 by running script tasks through an injected task runner port, returning allow on pass, block on failure, passing normalized event/effective config context, and adding tests for task ordering and first-failure stop behavior.
Closes #15
Route Pi completion-remediation follow-ups through turn_end where print-mode follow-up delivery can trigger a new turn. Keep agent_end verification settlement as a fallback and guard against repeated automatic remediation for the same done signal. Closes #18
Create the source-of-truth behavior inventory for the Claude hard-break cutover onto the clean .prove_it runtime. Classify legacy Claude behavior into core platform capabilities, Claude adapter mechanics, clean profile defaults, and intentional removals, with parity test references and target issue mapping. Closes #19
Add a narrow Claude clean-runtime activation boundary for strict .prove_it projects, with safe invalid-config diagnostics and tests proving legacy .claude/prove_it config is not read by the clean route. Closes #20
Add clean-runtime SessionStart guidance, Claude env-file export, and session baseline recording for strict .prove_it Claude projects. Keep disabled-session parity documented for the session-control slice. Closes #21
Route strict .prove_it config_guard tasks through Claude clean PreToolUse, including Claude file_path/notebook_path payloads and supported Bash write redirects. Keep legacy .claude/prove_it paths out of clean-runtime defaults. Closes #22
Execute strict .prove_it PreToolUse script tasks through the Claude clean route, including matcher/trigger filtering, normalized event context, first-failure blocking, and legacy config isolation. Closes #23
Intercept Bash prove_it signal commands in the clean PreToolUse path, record done/stuck/idle through shared signal lifecycle state, and return Claude context output before normal pre-tool tasks can deny the command. Closes #24
Run strict .prove_it completion verification for Claude Stop when done is active, hard-block failures while preserving done, approve passing verification while clearing done, and keep legacy .claude/prove_it Stop tasks out of the clean path. Closes #25
Add strict task when schema and core condition evaluation for signal gates, source/test edits, modified-since-last-run facts, and net/gross churn thresholds. Conditions use adapter-provided observation facts so Claude observation recording can follow in the next slice. Closes #26
Record clean observation facts from Claude PostToolUse and PostToolUseFailure events, including command outcomes, failed commands, edited files, source/test classification, and gross churn for when-condition evaluation. Closes #27
Add strict async/parallel task flags, clean task lifecycle state, async launch/harvest semantics, deferred async failure enforcement, and parallel batch settlement through task-provider ports. Closes #28
Introduce strict reviewer tasks, active-harness reviewer ports, Claude and Pi reviewer backends, structured verdicts, and reviewer lifecycle integration for async and parallel task handling. Closes #29
Add appeal configuration, shared task failure lifecycle state, adapter-owned backchannel provider hooks, Claude backchannel write bypass, and failure reset/suspension behavior for clean runtime tasks and reviewers. Closes #30
Add clean session control state for disable, enable, and cancel; route clean Claude disabled sessions safely; add cancellation checkpoints for async and parallel lifecycle work; and avoid leaving stale cancel requests when no work is active. Closes #31
Add shared clean phase state, strict when.phase support, Claude phase command interception, EnterPlanMode phase tracking, ExitPlanMode plan block injection, and Done completion phase reset. Closes #32
Route strict Claude TaskCompleted events through the clean adapter, set the shared done signal from clean done-gated tasks, preserve no-output protocol behavior, and verify Stop still enforces completion after auto-signal. Closes #33
Express retained Claude defaults as strict clean profile data, map skill-backed reviewer prompts through the Claude reviewer backend, activate the profile for Claude-only strict init, keep multi-adapter init on the strict profile so Pi does not inherit Claude-only defaults, and pass profile globs/output context to script tasks. Closes #34
Retire legacy .claude/prove_it config as a normal Claude hook runtime source, report stale legacy configs in doctor, and quarantine legacy characterization through a test-only oracle guard. Closes #35
Update README, adapter docs, and examples to describe strict .prove_it as the workflow source of truth after the Claude hard break. Clarify retired legacy Claude config, current strict schema boundaries, Pi capability differences, multi-adapter strict profile behavior, and future worktree platform capability work. Closes #36
Route git pre-commit and pre-push dispatch through strict .prove_it git_workflows, ignore legacy Claude workflow config, and configure prove_it-owned Git 2.54 config hooks for active Git workflows during strict init. Closes #37
Allow clean script tasks to declare structured params, task-local string env, and timeout_ms through the strict config schema. Pass those values through Claude, Git, async, parallel, and mirrored Pi runtime script task paths, and document them as core execution options rather than legacy compatibility. Closes #38
Introduce strict output policies with failures_only to suppress routine pass/skip noise without hiding failures. Apply the policy across clean engine effects, script and reviewer ports, Git dispatch output, async worker logging, and mirrored Pi runtime files. Closes #39
Allow strict reviewer tasks to declare project-relative context_files, resolve them safely inside the project root, include their contents in active-harness reviewer context, and fail clearly when files are missing or unsafe. Update Claude and Pi reviewer paths, docs, skills, tests, and the Pi runtime mirror. Closes #40
Allow strict Claude adapter config to declare extra file_editing_tools for MCP or harness-specific edit tools. Configured tools now participate in clean source/test edit observations and gross linesWritten tracking while keeping legacy top-level fileEditingTools retired and Pi adapter config unaffected. Closes #41
Introduce strict session_env tasks for SessionStart startup/resume, parse JSON and shell-style environment output, and emit clean env_update effects for Claude CLAUDE_ENV_FILE delivery. Keep legacy env tasks retired, surface command/parse/delivery failures as non-blocking SessionStart diagnostics, and mirror the shared runtime into the Pi package. Closes #42
Add focused docs and tests for strict pipeline patching and task shadowing of built-in Claude parity defaults. Show local removal and replacement without copying the profile, prove explain lineage/shadowing output, keep legacy enabled false invalid, and cover Git workflow removal in effective config. Closes #43
Introduce a strict Pi methodology profile with Pi-owned config guard and Done-gated fast/full completion verification defaults, select it for Pi-only init, and document Pi capability semantics without Claude-only reviewer/backchannel/TaskCompleted mechanics. Update the Pi example, package docs, tests, and runtime mirror. Closes #44
The reviewer integration test shells out to a live Claude invocation, so exact output formatting is nondeterministic even when the reviewer reaches the correct judgment. In full-suite runs Claude can emit a short explanatory preamble before the requested one-line verdict, followed by the correct FAIL: line. The old parser only inspected the first stdout line, which turned a correct reviewer failure verdict into parsed.pass === undefined and caused a spurious integration failure. Parse the first explicit PASS/FAIL verdict line anywhere in the output instead, while leaving the test focused on the reviewer judgment rather than brittle LLM formatting obedience.
Document Justin's Claude Parity Cutover acceptance flow for strict .prove_it projects, including fresh init/doctor/explain validation, non-interactive hook probes, manual Claude Code checks, retained-vs-retired behavior, troubleshooting, and an automated coverage map. Add a thin acceptance test that validates the document, fresh Claude init artifacts, stale legacy config isolation, explain/doctor output, retired-field rejection, and clean replacement shapes without duplicating every lower-level parity test. Closes #45
The Git config hook init/deinit tests assert behavior that requires Git 2.54 config-hook support. GitHub Actions runners may provide an older Git, which makes initStrictProject correctly skip hook activation and leaves the asserted hook.prove-it-* config values empty. Use the existing PROVE_IT_TEST_GIT_VERSION seam in those focused tests so they exercise the Git 2.54 code path regardless of the runner's installed Git version. Also print Node, npm, and Git versions in CI so future environment-related failures are easier to diagnose.
Add the Codex capability discovery research report requested by #17. The report records local Codex CLI evidence, public documentation/source references, empirical hook probes, a capability matrix against the Clean Runtime adapter model, enforcement semantics, architecture fit, recommendation, follow-on experimental slices, and open questions. Codex remains not implemented as a prove_it Adapter in this slice. The recommendation is to plan experimental adapter work only after the documented tracer bullets validate activation, hook coverage, Stop continuation, signal delivery, and reviewer execution. No Codex-specific Workflow Engine logic is added. Closes #17
Strict Git workflow activation intentionally targets Git 2.54+ config hooks. GitHub's ubuntu runner currently reports Git 2.53.0, so CI should install a supported Git before running the suite instead of relying on the runner default. Keep the tool-version diagnostic so future CI environment changes are visible in logs.
Add a static architecture visualizer for the Clean Runtime adapter model. The visualizer builds a source-driven model from adapter capability declarations, renders a documentation-friendly Markdown/Mermaid architecture artifact, and links the generated architecture overview from the main docs. The first version is intentionally documentation-oriented rather than a live debugger: it explains harness-to-adapter normalization, shared Workflow Engine ownership, adapter-owned effect rendering, capability differences between Claude and Pi, and Codex as not implemented/future-facing without changing runtime behavior. Closes #46
ddb0f74 to
501956c
Compare
(outstanding issues to be implemented still: https://github.com/davemo/prove_it/issues)
(apologies in advance for the LLM-isms, this was me dictating to superwhisper while heading out the door this morning) 😂
What this PR is trying to do
This PR is a draft of the clean-runtime path for making
prove_ita harness-neutral workflow/methodology engine instead of a Claude-shaped hook runner.The original product vision I wanted to explore here was: keep the prove_it workflow ideas — signals, completion verification, test-first pressure, reviewers, evidence, and “make the agent prove it” — but move the product center of gravity into a shared Workflow Engine backed by strict
.prove_it/config.json. Claude Code, Pi, and future harnesses should integrate through adapters that translate their native lifecycle events into shared workflow stages and render effects back in the way that harness actually supports.A big inspiration was Lineman's config pattern: the config should be inspectable, explainable, and rendered back to the user clearly enough that you can see what the system thinks is active. That shows up here in the strict config model, profile lineage,
prove_it explain/doctor output, and the emphasis on making generated/owned artifacts explicit.High-level design decisions
.prove_itis the workflow source of truthThe clean runtime uses strict
.prove_it/config.jsonas the source of truth for Workflow Engine behavior.Claude-specific files like
.claude/settings.jsonare now adapter activation artifacts: they register Claude hooks that callprove_it hook claude:*, but they are not workflow config. Likewise, Pi activation lives in Pi-native package/settings files, and Git workflow activation now uses Git 2.54 config-based hooks.This is intentionally a hard break from the old
.claude/prove_it/config.jsonruntime model. I did not build a migration command or a dual-runtime compatibility mode. The old Claude runtime/config is useful as a behavioral oracle and test fixture, but not as an ongoing second source of truth.Core owns workflow concepts; adapters own harness mechanics
The split I’m trying to make is:
CLAUDE_ENV_FILE, Claude backchannel paths, Pi extension lifecycle events, Pi remediation follow-ups, Git config hook activation, etc.Some legacy Claude features are being pulled into core where they are really generic task/workflow behavior. Others should stay adapter/provider-owned. The remaining open issues are mostly about finishing that separation cleanly.
Preserve retained Claude product behavior, not legacy config shape
A major goal was to keep the product behavior Claude users expect while expressing it through the clean runtime:
But I am not trying to preserve every old config spelling. For example, old fields like
promptType,ruleFile,taskEnv,taskAllowedTools,taskBypassPermissions,fileEditingTools,quiet,enabled,briefing,params, andenvtasks are being reconsidered one-by-one. Some should come back as clean core fields, some as adapter/provider options, and some may stay retired.Pi is first-class, not experimental
Pi is the proving-ground adapter for the clean runtime. It is not labeled experimental just because its enforcement mechanics differ from Claude.
The important distinction is capability profile:
Stophook, so failed completion verification can hard-block.turn_end.That is a real capability difference, not a reason to treat Pi as second-class. The goal is to describe these differences honestly and let each adapter enforce the shared workflow as strongly as its harness allows.
Git 2.54 simplifies the Git story
Git 2.54 added config-based hooks, which lets prove_it avoid writing or merging
.git/hooks/*shim files for strict projects.For active strict Git workflows, prove_it can now configure local Git config like:
That is a much nicer activation model: policy stays in
.prove_it/config.json, and Git config only activates the dispatcher. It also makes coexistence with other tools cleaner than editing hook scripts.What is implemented in this branch
This branch includes the clean-runtime foundation and a number of vertical slices across Pi, Claude, and Git:
.prove_itconfig/profile model with explainable effective config and lineage@davemo/pi-prove-itwhenconditions needed by the Claude defaults.prove_itconfigWhat I’m hoping this enables
The direction I’m trying to enable is:
prove_itcan become a general workflow/methodology engine for coding agents, not a Claude-only product..prove_itconfig.Open questions / areas where I especially want review
1. Does the core/adapter split feel right?
I tried to pull product concepts into the Workflow Engine while keeping harness mechanics in adapters. I’d like review on whether anything is in the wrong place — especially features that originated in Claude but may actually be generic workflow behavior.
2. Is the config shape understandable?
The strict config model is intentionally different from legacy
.claude/prove_itconfig. It uses tasks, agent workflows, git workflows, adapters, profiles, and lineage. I’m curious whether this feels like a useful, inspectable config model or whether it feels too far from the original prove_it mental model.3. How much customization did you expect users to do?
One thing I was not sure about from the original product was whether users generally customized task definitions/pipelines heavily, or mostly used the defaults. That affects how much ergonomics we should invest in for overriding/removing built-in profile tasks.
4. Which legacy Claude features should come back cleanly?
Some useful behavior from the legacy runtime is not yet reintroduced in strict config, or is being reintroduced under a cleaner shape. Open follow-up issues cover things like script
params/task-local env, task output policy, reviewer context files, Claude file-editing tool observation config, and SessionStart environment effects.5. Manual invocation / skills / slash commands
I also want review on the intended product direction for manual invocation. In Claude Code I only saw the main
/proveskill exposed when I installed prove_it, while the Pi implementation can expose slash-command-like entry points that delegate to the prove_* skills/reviewers. I’m not sure whether the narrower Claude exposure was intentional, whether I installed something incorrectly, or whether richer manual invocation is a direction worth pursuing across harnesses.6. Are the parity claims honest?
For Claude, I’m aiming for retained product parity backed by
.prove_it, not legacy config compatibility.For Pi, I’m aiming for analogous methodology behavior with honest capability differences, especially around remediation vs hard Stop blocking.
I’d like review on whether the docs and implementation draw those lines clearly.
Notable non-goals in this PR
.claude/prove_itcompatibility mode.claude/prove_itto.prove_itFollow-up issues
The remaining issues are intended to keep driving this toward full parity/core extraction:
Review guidance
This is a large draft PR, so I would not start by reviewing every line. The places where design feedback is most valuable are:
.prove_itconfig/profile model;