Advance the Claw Code 2.0 ultragoal from completed G010 into G011 ecosystem, issue-ops, and UX lateral work.\n\nConstraint: G011 must remain an intermediate OMX story under the active aggregate Codex goal; G012 final gate remains pending.\nRejected: calling update_goal | aggregate delivery is not complete until G011 and G012 finish.\nConfidence: high\nScope-risk: narrow\nDirective: Implement G011 with team lanes for ACP/Zed/JSON-RPC serve plan/status, anti-slop issue/PR triage/templates, navigation/file-context docs, TUI UX improvements, and explicit desktop/marketplace deferrals.\nTested: omx ultragoal start-next --json selected G011-ecosystem-ops-ux after G010 checkpoint.\nNot-tested: G011 implementation not started in this commit.
Record G010-session-hygiene as complete so the remaining Claw Code 2.0 delivery can advance to G011/G012.\n\nConstraint: OMX ultragoal checkpoint requires fresh Codex get_goal evidence and durable .omx/ultragoal ledger/goals artifacts.\nRejected: marking the aggregate Codex goal complete | only G010 is complete; G011 and G012 remain pending.\nConfidence: high\nScope-risk: narrow\nDirective: Continue with G011-ecosystem-ops-ux next; do not call update_goal until G012/final audit is complete.\nTested: omx ultragoal checkpoint --goal-id G010-session-hygiene --status complete with .omx/ultragoal/get-goal-G010-session-hygiene.complete.json and .omx/ultragoal/quality-gate-G010-session-hygiene.json; G010 final verification evidence in .omx/ultragoal/g010-final-quality-gate-rerun.log.\nNot-tested: G011/G012 not started in this commit.
Preserve the passing G010 quality-gate evidence after fixing resumed /session exhaustiveness.\n\nConstraint: Ultragoal checkpoints require concrete verification artifacts that mention G010-session-hygiene and .omx/ultragoal state.\nRejected: relying only on terminal scrollback | rerun log is durable and reviewable.\nConfidence: high\nScope-risk: narrow\nDirective: Use this rerun log, not the earlier failed g010-final-quality-gate.log, as the passing G010 quality evidence.\nTested: .omx/ultragoal/g010-final-quality-gate-rerun.log records fmt, targeted runtime/commands/CLI tests, workspace check, and git diff --check passing.\nNot-tested: full cargo test --workspace remains not run for G010.
The resumed session command matcher now owns every /session variant in one arm so adding supported actions does not leave a redundant fallback that triggers unreachable-pattern warnings.\n\nConstraint: G010 session hygiene verification requires clean focused tests around resume/session recovery UX.\nRejected: Leave the warning in place | it obscures real regressions in the focused recovery checks.\nConfidence: high\nScope-risk: narrow\nDirective: Keep new /session resume-mode actions inside run_resumed_session_command rather than duplicating match arms.\nTested: cargo test -p rusty-claude-cli context_window_preflight_errors_render_recovery_steps\nNot-tested: full workspace test suite
Co-authored-by: OmX <omx@local>
Resolve an overlap introduced while adding G010 session command UX so resumed /session handling remains exhaustive without an unreachable fallback arm.\n\nConstraint: G010 leader verification found rusty-claude-cli failed to compile because SlashCommand::Session was both handled and still listed in the unsupported command union.\nRejected: leaving worker lanes to rediscover the compile failure | leader had direct verification evidence and a one-line localized fix.\nConfidence: high\nScope-risk: narrow\nDirective: Keep resumed /session subcommands routed through run_resumed_session_command; do not re-add Session to the unsupported slash-command union.\nTested: cargo fmt --manifest-path rust/Cargo.toml --all -- --check; cargo test --manifest-path rust/Cargo.toml -p rusty-claude-cli --test resume_slash_commands -- --nocapture; cargo test --manifest-path rust/Cargo.toml -p rusty-claude-cli --test compact_output -- --nocapture; git diff --check\nNot-tested: full cargo test --workspace not rerun for this one-line compile fix; G010 leader verification continues separately.
The ultragoal has advanced from Windows/docs readiness to Stream 9 session hygiene. Record the in-progress marker before launching the implementation team so ledger state matches the active work.
Constraint: .omx/ultragoal/goals.json and ledger.jsonl are the durable audit trail for stream transitions.
Confidence: high
Scope-risk: narrow
Tested: omx ultragoal start-next --json; get_goal confirmed aggregate Codex goal remains active
Co-authored-by: OmX <omx@oh-my-codex.dev>
The Windows docs/release stream now has terminal team tasks and final local verification evidence. Persist the Codex goal snapshot and quality gate so ultragoal checkpointing can reconcile against durable artifacts.
Constraint: Ultragoal completion requires get_goal reconciliation and quality-gate evidence before checkpointing.
Confidence: high
Scope-risk: narrow
Tested: python3 .github/scripts/check_release_readiness.py; python3 .github/scripts/check_doc_source_of_truth.py; cargo fmt --manifest-path rust/Cargo.toml --all -- --check; cargo test --manifest-path rust/Cargo.toml -p rusty-claude-cli --test cli_flags_and_config_defaults local_smoke_commands_do_not_require_live_credentials -- --nocapture; cargo check --manifest-path rust/Cargo.toml --workspace; git diff --check; G009 coverage check
Co-authored-by: OmX <omx@oh-my-codex.dev>
PowerShell-first install and provider-switching guidance was missing from the release-readiness path, so add a focused quickstart and link it from the primary docs without touching runtime code.
Constraint: G009 task 4 scope is docs-only install/release quickstart and provider switching; do not mutate .omx/ultragoal.
Rejected: Runtime or installer changes | task asks for command-copyable docs and source-of-truth alignment, not product behavior changes.
Confidence: high
Scope-risk: narrow
Directive: Keep Windows examples placeholder-secret only and prefer explicit provider model prefixes when multiple credentials may exist.
Tested: cargo fmt --check; cargo check --workspace; cargo clippy --workspace --no-deps; markdown link/fence/grep validation.
Not-tested: cargo test --workspace has pre-existing failing rusty-claude-cli::tests::session_lifecycle_prefers_running_process_over_idle_shell unrelated to docs; targeted rerun reproduces.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Add the missing repository policy files and a dependency-free release-readiness validator so Windows/install release docs have a local and CI-friendly policy/link/command safety gate.
Constraint: G009 worker-4 scope requires license, contribution, security, support, conduct, docs link, and command-example validation without mutating .omx/ultragoal.
Rejected: relying on manual review only | release-readiness docs need a repeatable local check.
Confidence: high
Scope-risk: narrow
Directive: Keep release policy links and command examples covered by .github/scripts/check_release_readiness.py when adding new onboarding docs.
Tested: python3 .github/scripts/check_release_readiness.py; python3 .github/scripts/check_doc_source_of_truth.py; cargo fmt --all --check; cargo check --workspace; cargo test -p rusty-claude-cli --bin claw render_session_markdown; claw --help; claw doctor --help
Not-tested: cargo test --workspace has two pre-existing/unrelated rusty-claude-cli failures: rejects_empty_allowed_tools_flag and session_lifecycle_prefers_running_process_over_idle_shell.
Co-authored-by: OmX <omx@local>
G009 Stream 8 acceptance requires a Windows release artifact quickstart with checksum evidence, not just source-build docs. Add Windows release asset packaging and make the release-readiness check assert the workflow/docs contract.
Constraint: Stream 8 requires release artifact quickstart with checksums and no-credential smoke paths.
Rejected: Documenting a future Windows asset without workflow support | would leave acceptance unverifiable.
Confidence: high
Scope-risk: narrow
Tested: python3 .github/scripts/check_release_readiness.py; python3 .github/scripts/check_doc_source_of_truth.py; git diff --check
Not-tested: actual GitHub release workflow execution on windows-latest.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Keep the G008 capability and diagnostic helpers compile-ready by restoring the public report/support/severity types that team integrations referenced after merge reconciliation.
Constraint: Final G008 verification failed on missing provider capability and diagnostic type definitions.
Confidence: high
Scope-risk: narrow
Directive: Keep provider diagnostics exported as typed API surfaces; do not replace them with ad-hoc JSON-only status fields.
Tested: cargo fmt --manifest-path rust/Cargo.toml --all -- --check; git diff --check; cargo test --manifest-path rust/Cargo.toml -p api providers:: -- --nocapture --test-threads=1; cargo test --manifest-path rust/Cargo.toml -p api --test openai_compat_integration -- --nocapture --test-threads=1
Not-tested: full workspace clippy; known unrelated runtime policy_engine struct_excessive_bools remains outside G008.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Explain the provider compatibility behavior that now has executable coverage so future changes preserve routing, custom gateway slugs, diagnostics, and extra-body passthrough semantics.
Constraint: Task 2 requires docs/status evidence while leader owns Ultragoal checkpoints and .omx/ultragoal remains untouched.
Rejected: Add a new CLI status command | broader than the assigned provider compatibility documentation/status surface.
Confidence: high
Scope-risk: narrow
Directive: Keep docs aligned with provider_diagnostics_for_model, MessageRequest::extra_body, and OpenAI-compatible slash-model tests.
Tested: cargo test --manifest-path rust/Cargo.toml -p api custom_openai_gateway_preserves_slash_model_ids_and_extra_body_params; cargo test --manifest-path rust/Cargo.toml -p api provider_diagnostics_explain_openai_compatible_capabilities; cargo check --manifest-path rust/Cargo.toml -p api
Not-tested: Live provider calls requiring external credentials.
Co-authored-by: OmX <omx@local>
Keep the mock HTTP/SSE/proxy coverage deterministic under strict linting while preserving provider request behavior.\n\nConstraint: Task 4 scope is limited to OpenAI-compatible HTTP/SSE/proxy coverage and provider compatibility surfaces.\nRejected: Environment-variable proxy testing | It races with parallel integration tests and can route unrelated localhost mocks through a single proxy fixture.\nConfidence: high\nScope-risk: narrow\nDirective: Prefer explicit injected reqwest clients for proxy integration tests instead of mutating process proxy environment.\nTested: cargo fmt --check; cargo check -p api; cargo test -p api --test openai_compat_integration -- --nocapture; cargo test -p api\nNot-tested: cargo clippy --no-deps -p api --all-targets -- -D warnings fails on pre-existing anthropic.rs/providers/mod.rs lints outside task scope.\n\nCo-authored-by: OmX <omx@local>
Keep integrated G008 provider changes formatted and compile-ready so worker follow-up commits can merge against a clean leader baseline.
Constraint: G008 provider verification must pass before ultragoal checkpointing.
Confidence: high
Scope-risk: narrow
Directive: Keep provider compatibility follow-ups rebased on this formatted baseline before retrying failed cherry-picks.
Tested: cargo test --manifest-path rust/Cargo.toml -p api providers:: -- --nocapture; cargo test --manifest-path rust/Cargo.toml -p api --test openai_compat_integration -- --nocapture --test-threads=1
Not-tested: full workspace clippy; known pre-existing runtime policy_engine LaneContext clippy warning remains outside this change.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Document the current degraded startup, required/optional, interpolation, redaction, and plugin lifecycle boundaries so follow-up implementation work has a verified source map.
Constraint: Task 7 requested a mapping artifact and worker scope forbids .omx/ultragoal mutation.
Rejected: Implement interpolation or redaction policy changes in this slice | task wording and prior Task 3/6 lanes only required mapping plus verification.
Confidence: high
Scope-risk: narrow
Directive: Treat required MCP server handling as metadata-only until a future policy slice explicitly defines fail-hard semantics.
Tested: cargo test -p runtime parses_typed_mcp_and_oauth_config -- --nocapture; cargo test -p runtime manager_discovery_report_keeps_healthy_servers_when_one_server_fails -- --nocapture; cargo test -p runtime manager_records_unsupported_non_stdio_servers_without_panicking -- --nocapture; cargo test -p commands renders_mcp_reports -- --nocapture; cargo test -p plugins installed_plugin_registry_report_collects_load_failures_from_install_root -- --nocapture; cargo test -p rusty-claude-cli --test output_format_contract plugins_json_surfaces_lifecycle_contract_when_plugin_is_installed -- --nocapture
Not-tested: cargo clippy remains blocked by pre-existing runtime::policy_engine::LaneContext clippy::struct_excessive_bools from earlier verification.
Co-authored-by: OmX <omx@oh-my-codex.dev>
The follow-up docs gate needed the parity manifest reference string that the mock parity diff checker requires, so this records the verified map-only repair after leader integration.
Constraint: Task 11 scope allowed only PARITY.md, rust/MOCK_PARITY_HARNESS.md, and docs/g007-plugin-mcp-verification-map.md; only PARITY.md needed a change.
Rejected: Editing harness code or .omx/ultragoal | checks proved the remaining gap was docs-map text only and Ultragoal state is leader-owned.
Confidence: high
Scope-risk: narrow
Directive: Keep auto_compact_triggered parity_refs synchronized with PARITY.md when mock parity scenarios change.
Tested: cd rust && python3 scripts/run_mock_parity_diff.py; python3 scripts/validate_cc2_board.py --board .omx/cc2/board.json; rg -n auto_compact_triggered token_cost_reporting auto_compaction threshold from env G007 Plugin/MCP G007-plugin-mcp 12 scripted scenarios 21 captured PARITY.md rust/MOCK_PARITY_HARNESS.md docs/g007-plugin-mcp-verification-map.md; git diff --check
Not-tested: Full workspace suite; Task 11 was a docs/parity-map follow-up with focused executable map validation.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Expose MCP server requiredness through config parsing, inventory reports, config hashes, and degraded startup failure context so orchestrators can distinguish optional degradation from required startup breakage.
Constraint: G007-plugin-mcp Task 3 requires required vs optional MCP behavior and must not mutate .omx/ultragoal.
Rejected: Treating all MCP failures as equivalent | it preserves the existing opacity that prevents required-server failures from being escalated differently.
Confidence: high
Scope-risk: moderate
Directive: Preserve required=false as the backward-compatible default; keep required surfaced in JSON/text inventory and degraded failure context when extending MCP lifecycle states.
Tested: cargo test -p runtime parses_typed_mcp_and_oauth_config -- --nocapture; cargo test -p runtime manager_discovery_report_keeps_healthy_servers_when_one_server_fails -- --nocapture; cargo test -p runtime manager_records_unsupported_non_stdio_servers_without_panicking -- --nocapture; cargo test -p commands renders_mcp_reports -- --nocapture; cargo check --workspace; cargo fmt --all -- --check
Not-tested: cargo clippy -p runtime -p commands -- -D warnings is blocked by pre-existing runtime/src/policy_engine.rs LaneContext clippy::struct_excessive_bools.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Lock the plugin inventory JSON contract so lifecycle state and lifecycle summary fields stay visible to orchestrators while allowing bundled plugins to coexist in isolated inventories.
Constraint: G007-plugin-mcp Task 1 requires plugin/MCP lifecycle contract evidence without mutating .omx/ultragoal.
Rejected: Assuming an empty plugin inventory in tests | bundled plugins are auto-synced and should not make lifecycle contract verification brittle.
Confidence: high
Scope-risk: narrow
Directive: Keep plugin inventory JSON machine-readable for lifecycle_state, lifecycle, status, and load_failures; do not collapse it back to message-only JSON.
Tested: cargo test -p plugins plugin_registry_report_collects_load_failures_without_dropping_valid_plugins -- --nocapture; cargo test -p commands renders_plugins_report -- --nocapture; cargo test -p rusty-claude-cli --test output_format_contract plugins_json_surfaces_lifecycle_contract_when_plugin_is_installed -- --nocapture; cargo test -p rusty-claude-cli --test output_format_contract inventory_commands_emit_structured_json_when_requested -- --nocapture; cargo check --workspace; cargo fmt --all -- --check
Not-tested: cargo clippy -p rusty-claude-cli --test output_format_contract -- -D warnings is blocked by pre-existing runtime::policy_engine::LaneContext clippy::struct_excessive_bools.
Co-authored-by: OmX <omx@oh-my-codex.dev>
Route plugin command rendering through the same degraded config envelope used by status and MCP, falling back to empty runtime config when config loading fails so local plugin listing remains inspectable.
Constraint: Task 4 requires malformed MCP config consistency across status, doctor, mcp, and plugins surfaces.
Rejected: Hard-failing plugins on ConfigLoader errors | inconsistent with status/mcp degraded-mode contract and hides local plugin diagnostics.
Confidence: high
Scope-risk: narrow
Directive: Keep config_load_error/status fields aligned across local introspection commands when adding new config-dependent surfaces.
Tested: cargo test -p rusty-claude-cli malformed_mcp_config -- --nocapture; cargo test -p commands mcp_degrades_gracefully_on_malformed_mcp_config_144 -- --nocapture; cargo check -p rusty-claude-cli; cargo fmt --all -- --check; claw plugins --output-format json malformed-MCP smoke.
Not-tested: full workspace clippy remains blocked by pre-existing clippy warnings in runtime and rusty-claude-cli unrelated to this change.