Releases: justyn-clark/loopexec
Release list
loopexec v0.2.0 - deterministic loop-engineering runtime
loopexec v0.2.0 is the real engine. Where v0.1.0 locked down the CLI/JSON/exit-code contract, v0.2.0 implements the loop-engineering runtime end to end - 18 commands, every capability in SPEC.md section 11 with a Shipped core, hardened by two adversarial security reviews.
A loop runs until an external check passes, a guard trips, a budget is spent, or a human is required - never because an agent reports it is done. Every halt emits a computed reason; every run leaves a receipt you can verify offline.
What's in it
run- real boundedcheck_fixpointloop: iterate--execthen--checkuntil green, a bound trips, or work fails; computed halt reasons -> stable exit-code classes; typed JSONL receipts + atomic durable state; "no check, no loop".probe-check- determinism as a 95% confidence bound (rule of three), not a one-time probe.doctor- precondition gate (determinism + isolation preflight).- Ratchet +
explain-halt- set-based progress with oscillation / no-progress / regression halts; distinguishes "raise the limit" from "do not retry". - Metric-integrity gate (
run --integrity-cmd) - guards dominate success: a suite that goes green by testing less halts instead. - Receipt pinning +
replay+attest- pin the model tuple / sampling / context manifest / cost / check fingerprint; verify a receipt offline (agent-free); HMAC-sign it. reexecute+escalate/watch+ comprehensionack- live re-run distribution, heartbeat staleness detection + structured escalation, and a forced-read gate.build-context- budgeted, workdir-confined, symlink-safe relevant-file slice (untrusted failure text cannot read outside the workdir).isolate- two-zone orchestration: detached-clone sandbox + per-run minted/revoked credential (0600 env-file, never on the argv) + rendered/launched exec-zone (network:none) and agent-zone (egress-allowlist).
Honest boundaries
loopexec orchestrates; it does not reinvent Docker or a cloud provider. isolate composes with operator-provided hooks: the container engine (--runtime), the auditing egress proxy (--egress-proxy), and the provider key API (--mint-cmd / --revoke-cmd). The remaining work is named, inline sub-parts - live cost metering + cost_anomaly, the deeper metric-integrity layers, the import_closure / dep_graph context tiers, github/slack channels, the kill-the-PID actuator, git revert-to-best - not whole capabilities. The full Shipped / Planned matrix is at https://loopexec.dev/capabilities/.
Quality
63 tests; gofmt / go vet / go test ./... green on Go 1.26. Two adversarial security reviews caught and fixed a path-traversal in build-context and a container-escape (docker argument-injection) in isolate before release - both regression-tested.
Install
go install github.com/justyn-clark/loopexec/cmd/loopexec@latest
Requires Go 1.26+. Docs: https://loopexec.dev - Contract: SPEC.md.
loopexec v0.1.0
- Standalone execution harness (SMALL optional)
- Strict --json mode (single JSON object to stdout)
- Stable exit codes (0, 10, 11, 12, 20, 30, 40, 50)
- CLI contract tests
- Deterministic feeltest script
- CI gate enforcing fmt, vet, test