Skip to content

Releases: justyn-clark/loopexec

loopexec v0.2.0 - deterministic loop-engineering runtime

Choose a tag to compare

@justyn-clark justyn-clark released this 27 Jun 01:23

loopexec v0.2.0 is the real engine. Where v0.1.0 locked down the CLI/JSON/exit-code contract, v0.2.0 implements the loop-engineering runtime end to end - 18 commands, every capability in SPEC.md section 11 with a Shipped core, hardened by two adversarial security reviews.

A loop runs until an external check passes, a guard trips, a budget is spent, or a human is required - never because an agent reports it is done. Every halt emits a computed reason; every run leaves a receipt you can verify offline.

What's in it

  • run - real bounded check_fixpoint loop: iterate --exec then --check until green, a bound trips, or work fails; computed halt reasons -> stable exit-code classes; typed JSONL receipts + atomic durable state; "no check, no loop".
  • probe-check - determinism as a 95% confidence bound (rule of three), not a one-time probe. doctor - precondition gate (determinism + isolation preflight).
  • Ratchet + explain-halt - set-based progress with oscillation / no-progress / regression halts; distinguishes "raise the limit" from "do not retry".
  • Metric-integrity gate (run --integrity-cmd) - guards dominate success: a suite that goes green by testing less halts instead.
  • Receipt pinning + replay + attest - pin the model tuple / sampling / context manifest / cost / check fingerprint; verify a receipt offline (agent-free); HMAC-sign it.
  • reexecute + escalate / watch + comprehension ack - live re-run distribution, heartbeat staleness detection + structured escalation, and a forced-read gate.
  • build-context - budgeted, workdir-confined, symlink-safe relevant-file slice (untrusted failure text cannot read outside the workdir).
  • isolate - two-zone orchestration: detached-clone sandbox + per-run minted/revoked credential (0600 env-file, never on the argv) + rendered/launched exec-zone (network:none) and agent-zone (egress-allowlist).

Honest boundaries

loopexec orchestrates; it does not reinvent Docker or a cloud provider. isolate composes with operator-provided hooks: the container engine (--runtime), the auditing egress proxy (--egress-proxy), and the provider key API (--mint-cmd / --revoke-cmd). The remaining work is named, inline sub-parts - live cost metering + cost_anomaly, the deeper metric-integrity layers, the import_closure / dep_graph context tiers, github/slack channels, the kill-the-PID actuator, git revert-to-best - not whole capabilities. The full Shipped / Planned matrix is at https://loopexec.dev/capabilities/.

Quality

63 tests; gofmt / go vet / go test ./... green on Go 1.26. Two adversarial security reviews caught and fixed a path-traversal in build-context and a container-escape (docker argument-injection) in isolate before release - both regression-tested.

Install

go install github.com/justyn-clark/loopexec/cmd/loopexec@latest

Requires Go 1.26+. Docs: https://loopexec.dev - Contract: SPEC.md.

loopexec v0.1.0

Choose a tag to compare

@justyn-clark justyn-clark released this 22 Feb 10:47
  • Standalone execution harness (SMALL optional)
  • Strict --json mode (single JSON object to stdout)
  • Stable exit codes (0, 10, 11, 12, 20, 30, 40, 50)
  • CLI contract tests
  • Deterministic feeltest script
  • CI gate enforcing fmt, vet, test