Skip to content

SpecBridge v0.6.1: Gemini CLI, OpenAI-compatible, and Antigravity adapters#7

Merged
HelloThisWorld merged 1 commit into
mainfrom
v0.6.1-adapter-expansion
Jul 14, 2026
Merged

SpecBridge v0.6.1: Gemini CLI, OpenAI-compatible, and Antigravity adapters#7
HelloThisWorld merged 1 commit into
mainfrom
v0.6.1-adapter-expansion

Conversation

@HelloThisWorld

Copy link
Copy Markdown
Owner

What changed

v0.6.1 is an adapter expansion release against the frozen v0.6.0 runner platform — no core redesign, no parallel contracts or registries. All v0.6.0 contract snapshot tests pass unchanged; the only contract changes are additive (optional AgentRunner.declaredSupportLevel, new AgentRunnerKind values).

Gemini CLI adapter (gemini-cli, built-in profile gemini-default)

  • Bounded token-probe detection (--version/--help only): no model request, no login, no trusted-folder change; authentication honestly unknown with a runner test --network path.
  • Authoring through a proven read-only boundary: plan approval mode plus a repository-reading tool allowlist, prompt via stdin, strict JSON-only validation, one append-only correction retry. Candidates are applied by SpecBridge and stay draft.
  • Capability-gated task execution: requires headless + machine-readable output + auto_edit + (tool allowlist or sandbox). An installation that cannot prove the bounded edit policy keeps safe authoring while execution is refused before invocation, with the exact gap and compatible claude-code/codex-cli suggestions. YOLO is impossible at three layers (schema enums + config-wide fragment rejection, argv assembly, pre-spawn assertion); shell tools are excluded from every allowlist.
  • Resume by explicit session UUID only (never latest/index); a session-identity mismatch is reported, never claimed as a successful resume. thought events are redacted from normalized events and retained output.

OpenAI-compatible authoring adapter (openai-compatible, built-in openai-compatible-local)

  • Production stage generation/refinement for chat-completions and responses API styles; authoring only — task execution and resume are capability-rejected before any request.
  • Explicit structured-output modes (json-schema, json-object, strict-json-prompt) with complete-response Zod validation in every mode (no fences, no substring extraction, no silent repair) and an opt-in-only, warned downgrade.
  • API keys as environment-variable names only; values are read at request time, redacted from every retained byte, never stored/logged, never passed to verification commands.
  • Shared HTTP client extended backward-compatibly with headers and opt-in bounded redirects: Authorization never crosses origins, HTTPS→HTTP downgrades and unsupported schemes are rejected, safe redirect metadata recorded. Default behavior (reject redirects) unchanged.
  • Data boundaries reported before network-backed authoring; dry-run sends no request; model listing only for declared endpoints, never by inference, never guessing capabilities.

Experimental Antigravity adapter (antigravity-cli, built-in antigravity)

  • Detection and diagnostics only ("Detected / Not proven / Automation is disabled"). Every capability declared false; all operations refused before any process starts; conformance can never confirm production. No PTY/keystroke/ANSI automation exists — enforced by dependency and source-scan tests. The fake executable hangs on any invocation other than --version/--help, so accidental TUI automation fails tests.

Platform integration

  • New profiles registered through the existing registry/selection engine, all disabled by default, never selected implicitly; migration adds them disabled and changes no defaults.
  • Read-only MCP tools runner_list / runner_show / runner_doctor / runner_matrix over the shared runner services; the capability matrix moved to one shared implementation feeding CLI, MCP, README, and docs identically (asserted by test).
  • Ninth plugin skill /specbridge:runners (MCP-diagnostics-driven, read-only, no provider invocation, no login, no config edits); plugin bundle revalidated in isolation.
  • Fake providers for offline CI: fake Gemini + fake Antigravity child processes and a fake OpenAI-compatible loopback server (records headers for Authorization-forwarding assertions).
  • Provider docs (gemini-cli-runner, openai-compatible-runner, antigravity-cli-runner) plus focused updates to 15 existing docs, README matrix, CHANGELOG, roadmap; all versions bumped to 0.6.1.

Small pre-existing fix

runner conformance printed "production confirmed" from check counts alone; it now respects productionConfirmed, so a passing experimental adapter is no longer mislabeled.

Why

Completes roadmap Phase P: keep .kiro specs usable with more agents/models under the same capability-driven safety model — provider claims stay non-authoritative, Git evidence + trusted verification decide task completion, and no new provider weakens the permission, evidence, structured-output, or endpoint-security requirements.

Verification

  • pnpm lint / pnpm typecheck: pass
  • pnpm test: 910/910 (baseline 772; +138 new tests: adapters, execution-level orchestration, MCP tools, plugin, selection, security scans)
  • pnpm build, pnpm build:plugin, pnpm validate:plugin (9 skills, versions 0.6.1), pnpm verify:plugin-bundle (8/8 isolated checks): pass
  • node scripts/smoke.mjs: 34/34
  • End-to-end CLI smoke against fake providers (22/22): gemini authoring + verified task execution, unsafe-fixture refusal with suggestions, both OpenAI API styles, rejected API/antigravity task execution, conformance (gemini production-confirmed; antigravity never), config doctor/migrate, runner diagnostics

Reviewer notes

  • The frozen-contract additions are deliberately minimal and documented in docs/runner-adapter-contract.md + CHANGELOG; tests/runners/contracts.test.ts is untouched.
  • tests/runners/security-v061.test.ts encodes the release's security searches (no YOLO argv, no PTY deps, no credential-file reads, single env-var access, read-only MCP wiring).
  • Legitimate forbidden strings (e.g. --yolo, danger-full-access) appear only in prohibition lists, assertions, docs, and negative-test fixtures.

…pters

Adapter expansion against the frozen v0.6.0 runner contract (additive-only
contract changes: optional AgentRunner.declaredSupportLevel and new
AgentRunnerKind values; all v0.6.0 snapshot tests pass unchanged).

- Gemini CLI adapter: token-probe detection (no inference, no login),
  plan-mode/read-only-allowlist authoring, capability-gated auto_edit task
  execution (no arbitrary shell; YOLO rejected at three layers),
  explicit-UUID resume with session-identity verification, thought-event
  redaction.
- OpenAI-compatible authoring adapter: chat-completions and responses API
  styles, explicit structured-output modes (json-schema / json-object /
  strict-json-prompt) with complete-response validation and opt-in-only
  fallback, env-var-NAME credentials with full value redaction, bounded
  redirects that never forward Authorization across origins and reject
  HTTPS downgrades. Authoring only; task execution rejected before any
  request.
- Experimental Antigravity CLI adapter: executable/version/documented-
  capability detection and diagnostics only; no PTY/TUI automation exists
  (enforced by tests); never production, never selected automatically.
- Read-only MCP runner diagnostic tools (runner_list, runner_show,
  runner_doctor, runner_matrix) over the shared runner services; the
  capability matrix moved to one shared implementation for CLI, MCP, and
  docs.
- Ninth plugin skill /specbridge:runners (MCP-diagnostics-driven,
  read-only, no provider invocation).
- Config schema v2 profile variants (all new profiles default disabled;
  migration never enables a provider), fake Gemini/Antigravity executables
  and a fake OpenAI-compatible server for offline CI, provider docs, and
  version bump to 0.6.1.

910 tests pass; plugin validation and isolated bundle verification pass;
CLI smoke suites pass end-to-end against fake providers.
@HelloThisWorld HelloThisWorld merged commit 2606000 into main Jul 14, 2026
6 checks passed
@HelloThisWorld HelloThisWorld deleted the v0.6.1-adapter-expansion branch July 14, 2026 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant