lhumina_research/hero_demo
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases 2 Packages Wiki Activity Actions

[vision] Hero OS as an ambient AI desktop — sovereign, voice-native, multi-context #52

New issue
Closed
opened 2026-05-01 02:05:19 +00:00 by mik-tf · 9 comments
mik-tf commented 2026-05-01 02:05:19 +00:00
Copy link

§0 Current state

Last session: 140 (2026-05-21) — Track D s140 methodology-only session: D2 Forge user lifecycle decision-locking; D-22 BYO landing locked end-to-end; zero code commits — Triggered by Phase B.5 catching two load-bearing gaps in the initial "D2 code start" plan: (a) herolib_tools::forge::ForgeClient::connect() hard-reads core/FORGE_TOKEN (D-16 conflation footgun), (b) D2 Q2 "can admin mint on behalf?" unresolved. Live API probe answered Q2 definitively against forge.ourworld.tf: POST /api/v1/users/<u>/tokens refuses bearer-token auth on both admin + Sudo paths (HTTP 401 "auth method not allowed"); basic-auth-with-deployer-known-password bridge works (HTTP 201) but rejected on security grounds (deployer would become long-lived impersonation-credential vault; repudiation breaks; token outlives password change). Throwaway test user purged. Spec re-read showed 4 canonical sources converging on BYO: #1 §3.4 "where needed" + #1 §4 "required" + #1 §7 cockpit "Set or update: Forge token" UI feature + #2 step 1 "admin captures the password to share OOB". D-22 locked: deployer creates Forge account via POST /api/v1/admin/users with must_change_password=true, hands password OOB; user mints own scoped write:issue token via Forge UI in same forge.ourworld.tf session they're in from OAuth-gated VM front door (~30s detour); paste into cockpit Settings lands at cockpit/USER_FORGE_TOKEN per D-16; deployer admin token namespaced at deployer/FORGE_TOKEN extending D-16's three-actor isolation matrix. Posted hero_os_tfgrid_deployer#4#35866 closing the spec hedge + dropping generate_token_for from D2 scope. Filed hero_cockpit#2 — Option 3 OAuth-session-reuse polish (zero-setup if hero_proxy passes OAuth access token to backend; forward-compatible with D-22). Wrote memory/investigation_forge_admin_token_mint_2026_05_21.md documenting probe + basic-auth bridge as known-but-rejected escape hatch. Per feedback_phase_b_5_finding_is_slow_down_signal.md, code work cleanly deferred to s141. s141 next: (1) upstream ForgeClient::connect_with_secret(context, key) in herolib_tools (standalone squash on hero_lib); (2) deployer-side forge.rs + 3 OpenRPC methods (deployer.create_user / get_user / list_users) + sqlite users table. No new D-NN expected. Effort tier: high. Full narrative: sessions/140.yml.

  • s140 commits: zero code commits (methodology-only session, same shape as s88/s106/s108/s126).
  • s140 decisions: D-22 lockeddeployer-forge-token-namespacing-and-byo-landing; D-NN next-free bumped D-22 → D-23.
  • s140 limitations: none minted; L-NN slot stays at L-09 next-free.
  • s140 issues: posted hero_os_tfgrid_deployer#4#35866 (BYO landing comment); filed hero_cockpit#2 (Option 3 polish follow-up).

Previous: s139 (2026-05-21) — hero_cockpit A7 closes Track A; herolab destroyed; deployer becomes canonical TFGrid deploy path; Track D critical-path: hero_cockpit f880247cockpit.expose/unexpose/list_exposures + get/set_base_domain (13→18 OpenRPC methods); new exposures.rs. Track A closed (A1-A7). Post-session pivot: herolab.gent02.grid.tf destroyed via make destroy ENV=herolab. D-20 SendGrid locked.

Demo-deployer arc (s133-onward): Track A (cockpit) CLOSED at s139 (A1-A7). Track D (deployer) CRITICAL-PATH s140-s144: s140 = decision-lock (this session), s141 = code start, s142-s144 = D3-D5. Tracks B/C local-code parallel; Track E feeds D4; Track F gated on all. Full 6-track A-F roadmap in home#235.

What Hero OS becomes

Hero OS is a sovereign personal operating system that runs in your browser, owns its own data, and is operated by an always-on AI assistant that understands your workspace as well as you do. The interface isn't an app launcher — it's a conversation.

This issue is the long-form vision. Every other issue in the program tree (hero_demo, hero_agent, hero_books, hero_proc, hero_osis, …) implements one piece of this picture. The vision is what we're optimising for; the issues are how we get there.

The product story (what a user lives in)

You wake up, open the browser, and Hero OS is your second brain. You don't navigate menus. You say:

"Hey hero, what's on my calendar today?"

A small widget in the top right wakes up, listens, transcribes, queries hero_osis_calendar for the current context, summarises:

"You have a 10 a.m. with the Geomind team, a 2 p.m. infrastructure review with Alex, and a 4 p.m. open block. The 10 a.m. has a doc attached called Q3 architecture — want me to summarise it?"

You say "yes." It pulls the doc from hero_foundry, embeds it via hero_embedder, summarises through hero_aibroker. You hear the answer, no clicks.

You say:

"Add Alice Smith from Acme as a contact in ThreeFold."

It switches context, calls business.contact.create via curated MCP tools, confirms:

"Done. Alice is now in your ThreeFold contacts list."

You say:

"Show me the slide deck Alex sent me last week."

It searches hero_books + hero_foundry for documents tagged Alex, ranks via hero_indexer, opens the most likely match in the Slides island.

That's the vision. The whole OS is reachable by voice. The AI is the operating layer. Every island is also a tool the AI can invoke.

Why this is achievable now (the stack we already have)

The pieces are mostly built — what's needed is wiring + content + polish, not new features.

Piece What it does Status
hero_agent LLM orchestration, tool calling, MCP host working — verified live (grounds on docs, calls Python, queries biz)
hero_aibroker LLM provider routing (OpenRouter, Groq, OpenAI, Gemini) working
hero_embedder Document embeddings + semantic search working — books library + indexer use it
hero_indexer Triage + ranking layer working
hero_books Library UI with "Ask the Librarian" AI grounding working — verified live
hero_voice + kokoro-micro STT (Whisper-style) + TTS (Kokoro + Groq fallback) + wake-word detection partially working — TTS verified, STT path exists, wake word built
hero_osis (multi-domain) Per-context data backend for biz/calendar/projects/contacts/etc. working — per-context routing verified live
docs_hero Documentation library that the AI grounds on exists, but coverage is the bottleneck for AI capability
hero_os shell Dock + island system + theme + per-context routing working
hero_proc Service supervisor working — reliability bugs filed in lhumina_code/hero_proc#86

What's verified live as of 2026-04-30:

  • AI Assistant grounds on docs_hero ("What is Hero OS?" → coherent answer with citations)
  • AI Assistant queries hero_biz contacts (eventually — see "MCP tool discovery" below)
  • AI Assistant runs Python (uv) during reasoning
  • "Ask the Librarian" generates AI summaries in Books
  • Per-context isolation across all four contexts (default/geomind/threefold/incubaid)
  • Photos, Videos, Books, Office (read), Biz, AI Assistant all functional in browser

So we're closer to the vision than this issue makes it sound. The gap is polish + ambient access + wiring.

The four enabling moves (everything else flows from these)

1. AI Assistant becomes ambient (OS-wide, always-on)

Today: AI Assistant lives in its own island. You have to open it.

Vision:

  • A small widget pinned top-right of the OS shell, on every page, every island.
  • Wake word triggers it ("hey hero" by default; user-customisable).
  • Conversation mode: speak → AI responds → you reply → back-and-forth without re-arming.
  • Cross-island commands: "open contacts", "show videos", "go to ThreeFold context" — the assistant routes the OS via the same hero_route postMessage protocol the dock already uses.

The wake-word machinery is built; it's the always-on widget + conversation-mode UI + OS-routing intent layer that's missing. Tracked in hero_agent issue (filed alongside this one).

2. Curated MCP tool surface (instead of socket-path brute force)

Today (verified live in screenshots): when asked "who are my contacts in hero_biz?", the AI Assistant emitted ~30 lines of "Let me try this... let me check the socket path... let me search for the RPC method..." before eventually returning the answer. It got there, but it brute-forced through service paths.

Vision:

  • Every domain (biz, calendar, photos, videos, projects, books, ...) exposes a tight, well-named MCP tool surface with semantic descriptions.
  • Tool discovery uses hero_embedder + hero_indexer: when the agent gets a prompt, it embeds it, queries the indexer for the best-matching tools, calls them. No brute-forcing.
  • Per-context routing is automatic — if the user is in Geomind context, the tool call carries X-Hero-Context: geomind without the AI having to think about it.

Tracked in hero_agent issue (filed alongside this one).

3. docs_hero as the agent's brain

Today: docs_hero exists, the AI grounds on it, the answers are good when the docs cover the question. When they don't, the AI falls back to brute force.

Vision:

  • docs_hero is the single source of truth for what Hero OS can do, written for the AI as much as for humans.
  • Every service has a documentation page describing its capabilities, common queries, example prompts, MCP tools, and per-context behaviour.
  • New capabilities ship with their docs page first, code second — because the agent sees the docs the moment they're embedded.

This is the multiplier. Investing in docs_hero makes the AI feel measurably smarter without changing a line of agent code. Tracked in docs_hero issue (filed alongside this one).

4. Reliability so the demo doesn't fall over

Today: supervisor reports green when reality is broken; service restarts can knock children into half-broken states; logs can OOM the supervisor. Filed in hero_proc#86 META + sister issues.

Vision:

  • Smoke loop continuously verifies the user-visible demo from outside.
  • Supervisor uses real readiness contracts (not PID-alive guesses).
  • OServer panic isolation is a structural property — a panicked handler dies cleanly, doesn't poison shared state.
  • 24-hour soak run is green.

Tracked in lhumina_code/hero_proc#86 (META) and sister issues (#83/#84/#85, home#201/#202/#204).

What v1 of Hero OS looks like

A user can:

  • Provision a Hero OS instance with one command on a fresh VM (hero_demo#31).
  • Log in, see their personal desktop with their contexts.
  • Speak to the OS: "Hey hero, …" — wake word triggers, conversation flows, commands land.
  • Ask any question grounded on their library content (books, docs, contacts, calendar, photos, videos, projects).
  • Edit and save Office docs round-trip.
  • Add/edit data through voice or chat: "add Alice as a contact", "schedule a meeting", "create a task".
  • Switch contexts cleanly — every per-context query returns the right slice.
  • Customize the wake word, the voice, the model, the theme.
  • Run for 24 hours unattended without supervisor restarts, OOMs, or half-broken services.

v1 acceptance: that user-flow works end-to-end on a fresh deploy with no manual interventions, no env-var workarounds, no half-broken state mid-flow.

Three-track roadmap

Track Now (this week) Next (next 2 weeks) Later (month+)
A. Demo polish docs_hero capability pages; curated MCP tools (biz first); collapse AI scratchpad; snapshot herodemo Office round-trip; STT verification; AI write-flows; ambient widget v1 Wake-word polish; conversation-mode polish; cross-island intent routing
B. Reliability Smoke loop (home#201) hero_proc#83 (handler probes); home#202 investigation hero_proc#84 readiness contract; home#204 OServer panic isolation
C. Architecture hero_osis#43 design; home#203 audit hero_osis#43 implementation phase 1; hero_proc#85 measurement hero_proc#85 implementation; home#118 auth on hero_proxy

Cross-references — every implementing issue

Demo capabilities:

  • lhumina_code/hero_demo#51 — Killer demo capabilities
  • 24-hour demo execution plan — filed alongside this issue
  • MCP tool discovery via embedder + indexer — filed alongside (hero_agent)
  • Ambient AI: wake word + conversation + OS-wide widget — filed alongside (hero_agent)
  • docs_hero comprehensive coverage — filed alongside (docs_hero)

Reliability:

Architecture:

Known blockers:

Signed-off-by: mik-tf

## §0 Current state <!-- BEGIN-AUTOGEN current-state --> **Last session: 140 (2026-05-21) — Track D s140 methodology-only session: D2 Forge user lifecycle decision-locking; [D-22 BYO landing](https://forge.ourworld.tf/lhumina_code/home/issues/235) locked end-to-end; zero code commits** — Triggered by Phase B.5 catching two load-bearing gaps in the initial "D2 code start" plan: (a) `herolib_tools::forge::ForgeClient::connect()` hard-reads `core/FORGE_TOKEN` (D-16 conflation footgun), (b) D2 Q2 "can admin mint on behalf?" unresolved. **Live API probe** answered Q2 definitively against forge.ourworld.tf: `POST /api/v1/users/<u>/tokens` refuses bearer-token auth on both admin + Sudo paths (HTTP 401 "auth method not allowed"); basic-auth-with-deployer-known-password bridge works (HTTP 201) but rejected on security grounds (deployer would become long-lived impersonation-credential vault; repudiation breaks; token outlives password change). Throwaway test user purged. **Spec re-read** showed 4 canonical sources converging on BYO: [#1 §3.4](https://forge.ourworld.tf/lhumina_code/hero_os_tfgrid_deployer/issues/1) "where needed" + [#1 §4](https://forge.ourworld.tf/lhumina_code/hero_os_tfgrid_deployer/issues/1) "required" + [#1 §7](https://forge.ourworld.tf/lhumina_code/hero_os_tfgrid_deployer/issues/1) cockpit "Set or update: Forge token" UI feature + [#2 step 1](https://forge.ourworld.tf/lhumina_code/hero_os_tfgrid_deployer/issues/2) "admin captures the password to share OOB". **D-22 locked**: deployer creates Forge account via `POST /api/v1/admin/users` with `must_change_password=true`, hands password OOB; user mints own scoped `write:issue` token via Forge UI in same forge.ourworld.tf session they're in from OAuth-gated VM front door (~30s detour); paste into cockpit Settings lands at `cockpit/USER_FORGE_TOKEN` per D-16; deployer admin token namespaced at `deployer/FORGE_TOKEN` extending D-16's three-actor isolation matrix. Posted [hero_os_tfgrid_deployer#4#35866](https://forge.ourworld.tf/lhumina_code/hero_os_tfgrid_deployer/issues/4#issuecomment-35866) closing the spec hedge + dropping `generate_token_for` from D2 scope. Filed [hero_cockpit#2](https://forge.ourworld.tf/lhumina_code/hero_cockpit/issues/2) — Option 3 OAuth-session-reuse polish (zero-setup if hero_proxy passes OAuth access token to backend; forward-compatible with D-22). Wrote `memory/investigation_forge_admin_token_mint_2026_05_21.md` documenting probe + basic-auth bridge as known-but-rejected escape hatch. Per `feedback_phase_b_5_finding_is_slow_down_signal.md`, code work cleanly deferred to s141. **s141 next**: (1) upstream `ForgeClient::connect_with_secret(context, key)` in `herolib_tools` (standalone squash on `hero_lib`); (2) deployer-side `forge.rs` + 3 OpenRPC methods (`deployer.create_user` / `get_user` / `list_users`) + sqlite users table. No new D-NN expected. Effort tier: high. Full narrative: [sessions/140.yml](https://forge.ourworld.tf/lhumina_code/hero_work/sessions/140.yml). - **s140 commits**: zero code commits (methodology-only session, same shape as s88/s106/s108/s126). - **s140 decisions**: [D-22 locked](https://forge.ourworld.tf/lhumina_code/home/issues/235) — `deployer-forge-token-namespacing-and-byo-landing`; D-NN next-free bumped D-22 → D-23. - **s140 limitations**: none minted; L-NN slot stays at L-09 next-free. - **s140 issues**: posted hero_os_tfgrid_deployer#4#35866 (BYO landing comment); filed hero_cockpit#2 (Option 3 polish follow-up). **Previous: s139 (2026-05-21) — hero_cockpit A7 closes Track A; herolab destroyed; deployer becomes canonical TFGrid deploy path; Track D critical-path**: hero_cockpit [`f880247`](https://forge.ourworld.tf/lhumina_code/hero_cockpit/commit/f880247) — `cockpit.expose/unexpose/list_exposures` + `get/set_base_domain` (13→18 OpenRPC methods); new `exposures.rs`. **Track A closed** (A1-A7). Post-session pivot: `herolab.gent02.grid.tf` destroyed via `make destroy ENV=herolab`. [D-20 SendGrid](https://forge.ourworld.tf/lhumina_code/home/issues/236) locked. **Demo-deployer arc (s133-onward)**: Track A (cockpit) **CLOSED** at s139 (A1-A7). Track D (deployer) **CRITICAL-PATH** s140-s144: s140 = decision-lock (this session), s141 = code start, s142-s144 = D3-D5. Tracks B/C local-code parallel; Track E feeds D4; Track F gated on all. Full 6-track A-F roadmap in [home#235](https://forge.ourworld.tf/lhumina_code/home/issues/235). <!-- END-AUTOGEN current-state --> --- ## What Hero OS becomes Hero OS is a **sovereign personal operating system** that runs in your browser, owns its own data, and is operated by an **always-on AI assistant** that understands your workspace as well as you do. The interface isn't an app launcher — it's a conversation. This issue is the long-form vision. Every other issue in the program tree (hero_demo, hero_agent, hero_books, hero_proc, hero_osis, …) implements one piece of this picture. The vision is what we're optimising for; the issues are how we get there. --- ## The product story (what a user lives in) You wake up, open the browser, and Hero OS is your second brain. You don't navigate menus. You say: > "Hey hero, what's on my calendar today?" A small widget in the top right wakes up, listens, transcribes, queries `hero_osis_calendar` for the current context, summarises: > "You have a 10 a.m. with the Geomind team, a 2 p.m. infrastructure review with Alex, and a 4 p.m. open block. The 10 a.m. has a doc attached called *Q3 architecture* — want me to summarise it?" You say "yes." It pulls the doc from `hero_foundry`, embeds it via `hero_embedder`, summarises through `hero_aibroker`. You hear the answer, no clicks. You say: > "Add Alice Smith from Acme as a contact in ThreeFold." It switches context, calls `business.contact.create` via curated MCP tools, confirms: > "Done. Alice is now in your ThreeFold contacts list." You say: > "Show me the slide deck Alex sent me last week." It searches `hero_books` + `hero_foundry` for documents tagged Alex, ranks via `hero_indexer`, opens the most likely match in the Slides island. That's the vision. **The whole OS is reachable by voice. The AI is the operating layer. Every island is also a tool the AI can invoke.** --- ## Why this is achievable now (the stack we already have) The pieces are mostly built — what's needed is **wiring + content + polish**, not new features. | Piece | What it does | Status | |---|---|---| | **hero_agent** | LLM orchestration, tool calling, MCP host | working — verified live (grounds on docs, calls Python, queries biz) | | **hero_aibroker** | LLM provider routing (OpenRouter, Groq, OpenAI, Gemini) | working | | **hero_embedder** | Document embeddings + semantic search | working — books library + indexer use it | | **hero_indexer** | Triage + ranking layer | working | | **hero_books** | Library UI with "Ask the Librarian" AI grounding | working — verified live | | **hero_voice** + **kokoro-micro** | STT (Whisper-style) + TTS (Kokoro + Groq fallback) + wake-word detection | partially working — TTS verified, STT path exists, wake word built | | **hero_osis** (multi-domain) | Per-context data backend for biz/calendar/projects/contacts/etc. | working — per-context routing verified live | | **docs_hero** | Documentation library that the AI grounds on | exists, but coverage is the bottleneck for AI capability | | **hero_os shell** | Dock + island system + theme + per-context routing | working | | **hero_proc** | Service supervisor | working — reliability bugs filed in https://forge.ourworld.tf/lhumina_code/hero_proc/issues/86 | What's verified live as of 2026-04-30: - AI Assistant grounds on docs_hero ("What is Hero OS?" → coherent answer with citations) - AI Assistant queries hero_biz contacts (eventually — see "MCP tool discovery" below) - AI Assistant runs Python (uv) during reasoning - "Ask the Librarian" generates AI summaries in Books - Per-context isolation across all four contexts (default/geomind/threefold/incubaid) - Photos, Videos, Books, Office (read), Biz, AI Assistant all functional in browser So we're closer to the vision than this issue makes it sound. The gap is polish + ambient access + wiring. --- ## The four enabling moves (everything else flows from these) ### 1. AI Assistant becomes ambient (OS-wide, always-on) Today: AI Assistant lives in its own island. You have to open it. Vision: - A small widget pinned top-right of the OS shell, on every page, every island. - **Wake word** triggers it ("hey hero" by default; user-customisable). - **Conversation mode**: speak → AI responds → you reply → back-and-forth without re-arming. - **Cross-island commands**: "open contacts", "show videos", "go to ThreeFold context" — the assistant routes the OS via the same `hero_route` postMessage protocol the dock already uses. The wake-word machinery is built; it's the always-on widget + conversation-mode UI + OS-routing intent layer that's missing. Tracked in **hero_agent issue (filed alongside this one)**. ### 2. Curated MCP tool surface (instead of socket-path brute force) Today (verified live in screenshots): when asked "who are my contacts in hero_biz?", the AI Assistant emitted ~30 lines of "Let me try this... let me check the socket path... let me search for the RPC method..." before eventually returning the answer. It got there, but it brute-forced through service paths. Vision: - Every domain (biz, calendar, photos, videos, projects, books, ...) exposes a tight, well-named MCP tool surface with semantic descriptions. - Tool *discovery* uses **hero_embedder** + **hero_indexer**: when the agent gets a prompt, it embeds it, queries the indexer for the best-matching tools, calls them. No brute-forcing. - Per-context routing is automatic — if the user is in Geomind context, the tool call carries `X-Hero-Context: geomind` without the AI having to think about it. Tracked in **hero_agent issue (filed alongside this one)**. ### 3. docs_hero as the agent's brain Today: docs_hero exists, the AI grounds on it, the answers are good when the docs cover the question. When they don't, the AI falls back to brute force. Vision: - docs_hero is the **single source of truth for what Hero OS can do**, written for the AI as much as for humans. - Every service has a documentation page describing its capabilities, common queries, example prompts, MCP tools, and per-context behaviour. - New capabilities ship with their docs page first, code second — because the agent sees the docs the moment they're embedded. This is the **multiplier**. Investing in docs_hero makes the AI feel measurably smarter without changing a line of agent code. Tracked in **docs_hero issue (filed alongside this one)**. ### 4. Reliability so the demo doesn't fall over Today: supervisor reports green when reality is broken; service restarts can knock children into half-broken states; logs can OOM the supervisor. Filed in hero_proc#86 META + sister issues. Vision: - Smoke loop continuously verifies the user-visible demo from outside. - Supervisor uses real readiness contracts (not PID-alive guesses). - OServer panic isolation is a structural property — a panicked handler dies cleanly, doesn't poison shared state. - 24-hour soak run is green. Tracked in https://forge.ourworld.tf/lhumina_code/hero_proc/issues/86 (META) and sister issues (#83/#84/#85, home#201/#202/#204). --- ## What v1 of Hero OS looks like A user can: - [ ] Provision a Hero OS instance with one command on a fresh VM (hero_demo#31). - [ ] Log in, see their personal desktop with their contexts. - [ ] Speak to the OS: "Hey hero, …" — wake word triggers, conversation flows, commands land. - [ ] Ask any question grounded on their library content (books, docs, contacts, calendar, photos, videos, projects). - [ ] Edit and save Office docs round-trip. - [ ] Add/edit data through voice or chat: "add Alice as a contact", "schedule a meeting", "create a task". - [ ] Switch contexts cleanly — every per-context query returns the right slice. - [ ] Customize the wake word, the voice, the model, the theme. - [ ] Run for 24 hours unattended without supervisor restarts, OOMs, or half-broken services. **v1 acceptance**: that user-flow works end-to-end on a fresh deploy with no manual interventions, no env-var workarounds, no half-broken state mid-flow. --- ## Three-track roadmap | Track | Now (this week) | Next (next 2 weeks) | Later (month+) | |---|---|---|---| | **A. Demo polish** | docs_hero capability pages; curated MCP tools (biz first); collapse AI scratchpad; snapshot herodemo | Office round-trip; STT verification; AI write-flows; ambient widget v1 | Wake-word polish; conversation-mode polish; cross-island intent routing | | **B. Reliability** | Smoke loop (home#201) | hero_proc#83 (handler probes); home#202 investigation | hero_proc#84 readiness contract; home#204 OServer panic isolation | | **C. Architecture** | hero_osis#43 design; home#203 audit | hero_osis#43 implementation phase 1; hero_proc#85 measurement | hero_proc#85 implementation; home#118 auth on hero_proxy | --- ## Cross-references — every implementing issue **Demo capabilities**: - https://forge.ourworld.tf/lhumina_code/hero_demo/issues/51 — Killer demo capabilities - 24-hour demo execution plan — filed alongside this issue - MCP tool discovery via embedder + indexer — filed alongside (hero_agent) - Ambient AI: wake word + conversation + OS-wide widget — filed alongside (hero_agent) - docs_hero comprehensive coverage — filed alongside (docs_hero) **Reliability**: - https://forge.ourworld.tf/lhumina_code/hero_proc/issues/86 — META hero_proc roadmap - https://forge.ourworld.tf/lhumina_code/home/issues/201 — smoke loop - https://forge.ourworld.tf/lhumina_code/home/issues/202 — half-broken listener - https://forge.ourworld.tf/lhumina_code/home/issues/204 — OServer panic isolation - https://forge.ourworld.tf/lhumina_code/hero_proc/issues/83 — handler probes - https://forge.ourworld.tf/lhumina_code/hero_proc/issues/84 — readiness contract **Architecture**: - https://forge.ourworld.tf/lhumina_code/hero_osis/issues/43 — contexts as data - https://forge.ourworld.tf/lhumina_code/home/issues/203 — codegen drift audit - https://forge.ourworld.tf/lhumina_code/home/issues/118 — auth on hero_proxy **Known blockers**: - https://forge.ourworld.tf/lhumina_code/home/issues/173 — hero_voice ONNX 1.24 - https://forge.ourworld.tf/lhumina_code/home/issues/174 — Office round-trip - https://forge.ourworld.tf/lhumina_code/home/issues/180 — biz routing (closed) Signed-off-by: mik-tf
mik-tf self-assigned this 2026-05-01 02:05:19 +00:00
mik-tf commented 2026-05-01 04:09:13 +00:00
Author
Copy link

Capabilities the vision under-pitches (session 52 source-grounded read)

After reading the 13 CORE repos for docs_hero Phase 1, five capabilities the demo ALREADY ships are not headlined in the vision body:

  1. Plug Claude Code into any Hero service via claude mcp add --transport http <slug> <endpoint>. Every healthy Hero service auto-becomes an MCP server — hero_router exposes POST /mcp/{service_name} and auto-derives tools from each service's OpenRPC spec (hero_router/.../mcp.rs:30, :591). The sovereignty + composability story this enables — "your AI tools, your hardware, plug in any MCP-speaking client" — isn't in the vision today.

  2. Every service has a self-driving Python agent built-in. agent_run is auto-appended as a free MCP tool per service (mcp.rs:132-158) — natural-language description → generated Python → executed against the live service with retry. This is a top-tier "ambient AI" feature.

  3. Auto-generated Python clients per service via router.python_client / router.python_interface. DX story: spin up a typed client for any Hero service from its OpenRPC.

  4. Embedded PTY terminal sessions deep-linked from the browser via terminal.create (supports nu/bash/tmux). Power-user / admin-grade capability that many "AI desktop" pitches don't have.

  5. Inline AI agent pipelinerouter.agent.run / .start / .play / .models running hero_logic's service_agent_v3 workflow directly from the router's own surface.

Suggested: update the vision body to headline (1) + (2) explicitly. (3)–(5) are demo-amplifiers worth mentioning in a "developer experience" section.

The auto-MCP gateway also has implications for hero_agent#15 — see comment there for the rescope.

Reconciliation memo: memory/investigation_roadmap_reconciliation.md (private workspace, session 52).

## Capabilities the vision under-pitches (session 52 source-grounded read) After reading the 13 CORE repos for [docs_hero](https://forge.ourworld.tf/lhumina_code/docs_hero) Phase 1, five capabilities the demo ALREADY ships are not headlined in the vision body: 1. **Plug Claude Code into any Hero service** via `claude mcp add --transport http <slug> <endpoint>`. Every healthy Hero service auto-becomes an MCP server — hero_router exposes `POST /mcp/{service_name}` and auto-derives tools from each service's OpenRPC spec ([`hero_router/.../mcp.rs:30, :591`](https://forge.ourworld.tf/lhumina_code/hero_router/src/branch/development/crates/hero_router/src/server/mcp.rs)). The sovereignty + composability story this enables — "your AI tools, your hardware, plug in any MCP-speaking client" — isn't in the vision today. 2. **Every service has a self-driving Python agent built-in.** `agent_run` is auto-appended as a free MCP tool per service ([`mcp.rs:132-158`](https://forge.ourworld.tf/lhumina_code/hero_router/src/branch/development/crates/hero_router/src/server/mcp.rs)) — natural-language description → generated Python → executed against the live service with retry. This is a top-tier "ambient AI" feature. 3. **Auto-generated Python clients per service** via `router.python_client` / `router.python_interface`. DX story: spin up a typed client for any Hero service from its OpenRPC. 4. **Embedded PTY terminal sessions** deep-linked from the browser via `terminal.create` (supports nu/bash/tmux). Power-user / admin-grade capability that many "AI desktop" pitches don't have. 5. **Inline AI agent pipeline** — `router.agent.run` / `.start` / `.play` / `.models` running hero_logic's `service_agent_v3` workflow directly from the router's own surface. **Suggested:** update the vision body to headline (1) + (2) explicitly. (3)–(5) are demo-amplifiers worth mentioning in a "developer experience" section. The auto-MCP gateway also has implications for [hero_agent#15](https://forge.ourworld.tf/lhumina_code/hero_agent/issues/15) — see comment there for the rescope. Reconciliation memo: `memory/investigation_roadmap_reconciliation.md` (private workspace, session 52).
mik-tf commented 2026-05-02 03:28:19 +00:00
Author
Copy link

Session 52 — 2026-05-01 status update

Tier A landed on docs_hero/development at commit 6ed62f69 — 10 source-grounded service pages (1891 LOC). Session then pivoted into a multi-hour herodemo VM redeploy stabilization. Demo verified working end-to-end at session close.

Demo state (verified live, 2026-05-01 23:35 UTC):

  • OnlyOffice .xlsx + .pptx open / load / save (was three-layer broken — see hero_demo#57)
  • Contexts dropdown shows 4 distinct names + colors
  • Photos archipelago renders (mycelium 0.7.5 daemon back up)
  • Hero Books AI summary returns text (Llama 3.3 70B via Groq)
  • "Ask the Librarian" indexed Tier A pages
  • AI Assistant biz CRM query — "who are my contacts" returns 11 contacts in geomind
  • hero_collab healthy post-FD-leak restart
  • 24/24 services running

Open work surfaced:

  • hero_skills PR #192 — 4 hotfix commits (OnlyOffice host detection, nginx auth bypass, mycelium 0.7.5 flags, env overrides) awaiting user squash-merge OK
  • hero_skills#191load_init_sh doesn't follow source directives (env.sh exports silently lost)
  • hero_agent#17 — UTF-8 panic at agent.rs:853 on multi-byte chars in tool results
  • hero_agent#15 Phase 0 plan filed — per-service MCP wiring sweep, ~3-5 working days

Full session manifest: sessions/52.yml in the workspace.

Signed-off-by: mik-tf

## Session 52 — 2026-05-01 status update Tier A landed on `docs_hero/development` at commit [`6ed62f69`](https://forge.ourworld.tf/lhumina_code/docs_hero/commit/6ed62f69) — 10 source-grounded service pages (1891 LOC). Session then pivoted into a multi-hour herodemo VM redeploy stabilization. Demo verified working end-to-end at session close. **Demo state (verified live, 2026-05-01 23:35 UTC):** - OnlyOffice .xlsx + .pptx open / load / save (was three-layer broken — see [hero_demo#57](https://forge.ourworld.tf/lhumina_code/hero_demo/issues/57)) - Contexts dropdown shows 4 distinct names + colors - Photos archipelago renders (mycelium 0.7.5 daemon back up) - Hero Books AI summary returns text (Llama 3.3 70B via Groq) - "Ask the Librarian" indexed Tier A pages - AI Assistant biz CRM query — "who are my contacts" returns 11 contacts in geomind - hero_collab healthy post-FD-leak restart - 24/24 services running **Open work surfaced:** - [hero_skills PR #192](https://forge.ourworld.tf/lhumina_code/hero_skills/pulls/192) — 4 hotfix commits (OnlyOffice host detection, nginx auth bypass, mycelium 0.7.5 flags, env overrides) awaiting user squash-merge OK - [hero_skills#191](https://forge.ourworld.tf/lhumina_code/hero_skills/issues/191) — `load_init_sh` doesn't follow `source` directives (env.sh exports silently lost) - [hero_agent#17](https://forge.ourworld.tf/lhumina_code/hero_agent/issues/17) — UTF-8 panic at `agent.rs:853` on multi-byte chars in tool results - [hero_agent#15](https://forge.ourworld.tf/lhumina_code/hero_agent/issues/15) Phase 0 plan filed — per-service MCP wiring sweep, ~3-5 working days Full session manifest: `sessions/52.yml` in the workspace. Signed-off-by: mik-tf
mik-tf commented 2026-05-06 14:06:09 +00:00
Author
Copy link

Session 62 closed (2026-05-06) — verification + drift cleanup.

Outcome: confirmed CEO restructure (tools/nutools/, --from-ci--download) preserved sessions 53–61's work verbatim. Re-validated hero_voice end-to-end on heroci against hero_skills @ 1b721d8 (now 908c775 after the dispatcher fix below) — service_voice install --download --reset fetched all 4 v0.1.0-rc2 assets cleanly, libonnxruntime.so.1.25.1 exports the expected OrtGetApiBase@@VERS_1.25.1 symbol, binary boots under ORT_DYLIB_PATH. Coverage stable at 16/15 (15 original Phase 2 set + editor + voice). hero_embedder remains the last D-05 service.

Shipped:

  • hero_demo ed982e0hero_voice.toml comment rename --from-ci--download.
  • hero_skills 908c775fix(dispatcher): forward --download/--version to 9 service install aliases. Closes the alias-form gap surfaced this session: service voice install --download (alias) was silently degrading to a cargo build because dispatcher dropped the flag. 9 install entries fixed (biz, books, browser, editor, foundry, matrixchat, slides, voice, whiteboard) plus voice start. embedder intentionally left for session 63.
  • Synced local repos: hero_skills 1b721d8→908c775, hero_proc ca792da→7979d29, home 10a9007→bd4595d.
  • Pruned closed META issues from CLAUDE.md reading-order, prompt.md §6, kickstart.sh watchlist (hero_proc#86 closed 2026-05-01; hero_agent#15 closed 2026-05-03).
  • Refreshed prompt.md §3 verify assertions for nutools/--download reality.

Not shipped (intentional):

  • hero_embedder D-05 wiring — pinned for session 63 (rule-of-three trigger to factor svx_install_onnx_runtime_download into lib.nu).

See sessions/62.yml for the full manifest.

**Session 62 closed (2026-05-06)** — verification + drift cleanup. **Outcome:** confirmed CEO restructure (`tools/`→`nutools/`, `--from-ci`→`--download`) preserved sessions 53–61's work verbatim. Re-validated **hero_voice end-to-end on heroci** against `hero_skills @ 1b721d8` (now `908c775` after the dispatcher fix below) — `service_voice install --download --reset` fetched all 4 v0.1.0-rc2 assets cleanly, `libonnxruntime.so.1.25.1` exports the expected `OrtGetApiBase@@VERS_1.25.1` symbol, binary boots under `ORT_DYLIB_PATH`. Coverage stable at **16/15** (15 original Phase 2 set + editor + voice). hero_embedder remains the last D-05 service. **Shipped:** - [hero_demo ed982e0](https://forge.ourworld.tf/lhumina_code/hero_demo/commit/ed982e0) — `hero_voice.toml` comment rename `--from-ci` → `--download`. - [hero_skills 908c775](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/908c775) — `fix(dispatcher): forward --download/--version to 9 service install aliases`. Closes the alias-form gap surfaced this session: `service voice install --download` (alias) was silently degrading to a cargo build because dispatcher dropped the flag. 9 install entries fixed (biz, books, browser, editor, foundry, matrixchat, slides, voice, whiteboard) plus voice start. embedder intentionally left for session 63. - Synced local repos: hero_skills 1b721d8→908c775, hero_proc ca792da→7979d29, home 10a9007→bd4595d. - Pruned closed META issues from CLAUDE.md reading-order, prompt.md §6, kickstart.sh watchlist (hero_proc#86 closed 2026-05-01; hero_agent#15 closed 2026-05-03). - Refreshed prompt.md §3 verify assertions for nutools/`--download` reality. **Not shipped (intentional):** - hero_embedder D-05 wiring — pinned for session 63 (rule-of-three trigger to factor `svx_install_onnx_runtime_download` into `lib.nu`). See `sessions/62.yml` for the full manifest.
mik-tf commented 2026-05-07 00:02:42 +00:00
Author
Copy link

Session 71 close (2026-05-07): Bucket D item 1 — hero_compute v0.1.8 sentinel rename + nutools --download wiring. Coverage reframed: 25/27 in-scope (93%) + 4 Tier D deferred (mail/sync/tfspores/ledger). Strategic pivot to ecosystem-on-heroci trio.

Producer: lhumina_code/hero_compute#105 d710d48 (matrix artifact: flip).
Consumer: lhumina_code/hero_skills#227 10493a9 (service_compute.nu + dispatcher gap).
8 Forgejo PATCH renames on v0.1.8 in-place (no rebuild). Heroci smoke: 4 musl static-pie binaries land green; hero_compute --version → 0.1.8.
Hygiene: cleaned hero_logic v0.1.0-rc1 dup assets (6→3, carried over from session 70).

End-of-session archipelagos recon (highest-leverage): library-only hypothesis disproved. archipelagos ships 1 native binary (archipelagos_server, port 8886) + 24 WASM islands packaged as hero_archipelagos-wasm.tar.gz and uploaded to Forgejo'''s Generic Package registry (which bypasses Releases — that'''s why "0 releases" on the API). Session 72 path: ADD native-binary publish alongside existing WASM flow.

Pinned next: session 72 = hero_archipelagos first release (native side; WASM stays as today). Then session 73+74 = hero_os (mixed-artifact, planned 1.5 sessions). After: ecosystem-on-heroci unblocked.

**Session 71 close** (2026-05-07): Bucket D item 1 — `hero_compute` v0.1.8 sentinel rename + nutools `--download` wiring. **Coverage reframed: 25/27 in-scope (93%)** + 4 Tier D deferred (mail/sync/tfspores/ledger). Strategic pivot to ecosystem-on-heroci trio. Producer: https://forge.ourworld.tf/lhumina_code/hero_compute/pulls/105 `d710d48` (matrix `artifact:` flip). Consumer: https://forge.ourworld.tf/lhumina_code/hero_skills/pulls/227 `10493a9` (`service_compute.nu` + dispatcher gap). 8 Forgejo PATCH renames on v0.1.8 in-place (no rebuild). Heroci smoke: 4 musl static-pie binaries land green; `hero_compute --version → 0.1.8`. Hygiene: cleaned `hero_logic` v0.1.0-rc1 dup assets (6→3, carried over from session 70). **End-of-session archipelagos recon** (highest-leverage): library-only hypothesis disproved. archipelagos ships 1 native binary (`archipelagos_server`, port 8886) + 24 WASM islands packaged as `hero_archipelagos-wasm.tar.gz` and uploaded to Forgejo'''s **Generic Package registry** (which bypasses Releases — that'''s why "0 releases" on the API). Session 72 path: ADD native-binary publish alongside existing WASM flow. Pinned next: **session 72 = `hero_archipelagos`** first release (native side; WASM stays as today). Then session 73+74 = `hero_os` (mixed-artifact, planned 1.5 sessions). After: ecosystem-on-heroci unblocked.
mik-tf commented 2026-05-08 02:19:29 +00:00
Author
Copy link

Session 77 complete — workspace-wide _ui → _admin convention rollout closed in one sweep

Scope expansion mid-session per user direction: from "hero_proc + finalize hero_db" (s76 §3 plan) to "all 26 service producers so we can build it all".

Outcome

  • hero_db PR #29 squash-merged + tag v0.5.0-rc1 pushed (reference impl).
  • Mechanized sweep opened 19 producer PRs:
    • 12 squash-merged this session: hero_agent, hero_compute, hero_planner, hero_biz, hero_browser, hero_codescalers, hero_editor, hero_lib_rhai, hero_logic, hero_office, hero_foundry (_web), hero_livekit
    • 7 closed-superseded by parallel CEO+Sonnet upstream work: hero_proc, hero_voice, hero_proxy, hero_whiteboard, hero_collab (upstream chose _web — correct per skill), hero_matrixchat, hero_osis
  • 20 fresh tags pushed to ship renamed binaries via Forgejo build-linux.yaml CI.
  • Consumer side (hero_skills/service_*.nu) already aligned per pre-sweep audit; no consumer PRs needed.
  • Filed home#229 for standalone hero_foundry_ui repo-rename decision (deferred).

Sweep correctness gap (s78 follow-up)

The sweep defaulted single-_ui repos to _admin. Per hero_service_test skill §2, _admin is admin Askama UI and _web is end-user-facing. hero_collab was caught by upstream + corrected to _web. Sister audit candidates: hero_office, hero_biz, hero_browser, hero_editor — flagged for per-repo classification in s78.

Sweep-mechanics bugs caught + filed for posterity

  • grep -Z does not mean --null on this GNU grep build (silently emits newline-separated). Use grep -rl --null or -l0.
  • set -e + pipefail trips when grep finds zero matches (rc=1). Wrap with { grep ... || true; } so xargs -r handles empty input cleanly.

Standing instruction

Never merge lhumina_code/hero_router#92 (saved as feedback_never_merge_hero_router_pr92.md).

Next session (s78)

  1. Verify Forgejo CI on all 20 tags; fix-forward per s64-s73 playbook.
  2. DO from-nothing re-validation on hero.threefold.store — target 17/17 services starting from CI artifacts with zero hand-patches (s75 had 14/17; the s77 sweep should close the cascade).
  3. _admin vs _web correctness audit on s77 sweep set.
  4. home#229 — decide standalone hero_foundry_ui fate.
  5. Carryover: hero_books in packages.nu starts_extra (one-line).

META home#228 is now substantively closed pending CI green + DO re-validation.

Session manifest: sessions/77.yml.

Signed-off-by: mik-tf

## Session 77 complete — workspace-wide `_ui → _admin` convention rollout closed in one sweep **Scope expansion mid-session** per user direction: from "hero_proc + finalize hero_db" (s76 §3 plan) to "all 26 service producers so we can build it all". ### Outcome - **hero_db PR #29** squash-merged + tag [v0.5.0-rc1](https://forge.ourworld.tf/lhumina_code/hero_db/releases/tag/v0.5.0-rc1) pushed (reference impl). - **Mechanized sweep** opened 19 producer PRs: - 12 squash-merged this session: hero_agent, hero_compute, hero_planner, hero_biz, hero_browser, hero_codescalers, hero_editor, hero_lib_rhai, hero_logic, hero_office, hero_foundry (`_web`), hero_livekit - 7 closed-superseded by parallel CEO+Sonnet upstream work: hero_proc, hero_voice, hero_proxy, hero_whiteboard, hero_collab (upstream chose `_web` — correct per skill), hero_matrixchat, hero_osis - **20 fresh tags pushed** to ship renamed binaries via Forgejo `build-linux.yaml` CI. - Consumer side (`hero_skills/service_*.nu`) already aligned per pre-sweep audit; no consumer PRs needed. - Filed [home#229](https://forge.ourworld.tf/lhumina_code/home/issues/229) for standalone `hero_foundry_ui` repo-rename decision (deferred). ### Sweep correctness gap (s78 follow-up) The sweep defaulted single-`_ui` repos to `_admin`. Per `hero_service_test` skill §2, `_admin` is admin Askama UI and `_web` is end-user-facing. hero_collab was caught by upstream + corrected to `_web`. Sister audit candidates: hero_office, hero_biz, hero_browser, hero_editor — flagged for per-repo classification in s78. ### Sweep-mechanics bugs caught + filed for posterity - `grep -Z` does not mean `--null` on this GNU grep build (silently emits newline-separated). Use `grep -rl --null` or `-l0`. - `set -e + pipefail` trips when grep finds zero matches (rc=1). Wrap with `{ grep ... || true; }` so xargs -r handles empty input cleanly. ### Standing instruction Never merge https://forge.ourworld.tf/lhumina_code/hero_router/pulls/92 (saved as `feedback_never_merge_hero_router_pr92.md`). ### Next session (s78) 1. Verify Forgejo CI on all 20 tags; fix-forward per s64-s73 playbook. 2. DO from-nothing re-validation on `hero.threefold.store` — target **17/17 services starting from CI artifacts with zero hand-patches** (s75 had 14/17; the s77 sweep should close the cascade). 3. `_admin` vs `_web` correctness audit on s77 sweep set. 4. [home#229](https://forge.ourworld.tf/lhumina_code/home/issues/229) — decide standalone `hero_foundry_ui` fate. 5. Carryover: hero_books in `packages.nu` `starts_extra` (one-line). META [home#228](https://forge.ourworld.tf/lhumina_code/home/issues/228) is now substantively closed pending CI green + DO re-validation. Session manifest: `sessions/77.yml`. Signed-off-by: mik-tf
mik-tf commented 2026-05-11 03:44:40 +00:00
Author
Copy link

Session 92 (2026-05-11) — closed hero_slides#60.

hero_slides PR #61 f34f18a (3 files, +112/-3):

  • slide.getIncomingLinks — new RPC handler walks the collection root scanning metadata.toml.slides[*].source_link with canonical-path equality. Closes the ~11x-per-dashboard-load Method not found server log spam since PR #55 added the "used as link source" badge.
  • bg.listFolders — returns {folders: [], root_files: []} for absent backgrounds dirs instead of -32000. "No backgrounds" is the steady state for new decks.

Verified locally:

  • python3 scripts/smoke_openrpc.py — 91 methods, METHOD_MISSING 0, no new dispatch regressions.
  • Curl reproducer from the #60 body returns the empty shape.
  • Positive e2e: probe link hero_slides_intro/07_s92_link_probesample_deck/01_intro returned the linker; probe cleaned up.
  • Negative e2e: getIncomingLinks for an unlinked slide returns {incoming_links: []}.

Latent finding (documented, not fixed): legacy_param_shim synthesizes path = <deck_path>/backgrounds for all bg.* methods (rpc.rs:399), but every lib helper expects to receive a deck root and internally appends content/background/. So all bg.* mutation paths (createFolder, uploadFile, deleteFile, moveFile, ...) silently write into a non-existent <deck_path>/backgrounds/content/background/ in steady state. Not user-visible if the dashboard's background-folder feature isn't actively used; user-visible the moment someone tries to upload a logo via that path. Candidate for next session if not Rule 6 redeploy.

Pinned next: Rule 6 UX gate (herodemo.gent01 redeploy now 5+ sessions deferred) | fix bg.* shim path | re-engage #58 if multimodal still broken on boss's end.

Signed-off-by: mik-tf

**Session 92 (2026-05-11) — closed hero_slides#60.** [hero_slides PR #61](https://forge.ourworld.tf/lhumina_code/hero_slides/pulls/61) `f34f18a` (3 files, +112/-3): - **`slide.getIncomingLinks`** — new RPC handler walks the collection root scanning `metadata.toml.slides[*].source_link` with canonical-path equality. Closes the ~11x-per-dashboard-load `Method not found` server log spam since PR #55 added the "used as link source" badge. - **`bg.listFolders`** — returns `{folders: [], root_files: []}` for absent backgrounds dirs instead of `-32000`. "No backgrounds" is the steady state for new decks. **Verified locally**: - `python3 scripts/smoke_openrpc.py` — 91 methods, METHOD_MISSING **0**, no new dispatch regressions. - Curl reproducer from the #60 body returns the empty shape. - Positive e2e: probe link `hero_slides_intro/07_s92_link_probe` → `sample_deck/01_intro` returned the linker; probe cleaned up. - Negative e2e: getIncomingLinks for an unlinked slide returns `{incoming_links: []}`. **Latent finding (documented, not fixed):** `legacy_param_shim` synthesizes `path = <deck_path>/backgrounds` for all `bg.*` methods (`rpc.rs:399`), but every lib helper expects to receive a deck root and internally appends `content/background/`. So all `bg.*` mutation paths (createFolder, uploadFile, deleteFile, moveFile, ...) silently write into a non-existent `<deck_path>/backgrounds/content/background/` in steady state. Not user-visible *if* the dashboard's background-folder feature isn't actively used; user-visible the moment someone tries to upload a logo via that path. Candidate for next session if not Rule 6 redeploy. **Pinned next:** Rule 6 UX gate (herodemo.gent01 redeploy now 5+ sessions deferred) | fix bg.* shim path | re-engage #58 if multimodal still broken on boss's end. Signed-off-by: mik-tf
mik-tf commented 2026-05-15 17:49:28 +00:00
Author
Copy link

Session 94 — setup complete

Setup-only session for the hero_proc#102 workspace service.toml + lab service cleanup sweep that boss filed today.

Zero code commits. Pipeline state shipped:

  • Posted plan comment #102#33220 (8540 chars, mik-tf, 17:30 UTC) with full proposed plan: scope (D-07 35-set), tier order (T1 core → T2 app → T3 infra+UI), 5-criterion per-repo acceptance, STT name reconciliation, prep steps, per-repo loop, 35-repo ordering, WIP unknowns, closure criteria. CEO can adjust when awake; plan is defensible from origin tip as of 17:11 UTC.
  • Locked decisions/D-10-service-toml-sweep-scope-order-acceptance.md so the multi-session loop resumes consistently across /start boundaries.
  • Workspace clone lhumina_code/hero_skills fast-forwarded 73762cb → be20458 (12 commits today). All commits map to sections of #102's body — the issue is the writeup of code boss pushed 03:57–15:46 UTC.
  • prompt.md §3 rewired for the multi-session loop with a per-repo effort table: bulk = medium, foundational/adversarial = high, no xhigh unless boss-WIP collision forces it. Rationale: mechanical lab infocheck fix loops don't benefit from xhigh-grade reasoning; cost arithmetic favors per-tier sizing.

STT skill-name reconciliation (Issue body uses friendly notation from voice recording → real artifacts):

#102 body Real artifact
service.info hero_service_info SKILL
service.check lab infocheck
service.fix hero_tests_fix_errors SKILL + lab infocheck fix-loop

Resolved side-fire: hero_skills#245 — dispatcher.nu booby-trap resolved by completion at be20458. 47 service_*.nu + dispatcher.nu archived under _archive/nutools/modules/services/. lab service replaces nu dispatch. Runtime clone pull is now safe (queued for s95 prep).

One open question for boss when awake: "Singleton services in hero_proc" mentioned in #102 §"Important Proc Updates" has no visible commit in today's hero_proc 3-commit window (4b2afbc tags / 4495a09 run.submit concurrency / e7f1d2a RunBuilder SDK). Either pre-existing, or local-WIP. Not blocking — sweep proceeds; will note if a repo's smoke checks depend on singleton behavior.

Estimate: 10–15 sessions to close 35/35. Most likely 12. Wall-clock 3–5 days continuous / 1–2 weeks intermittent given per-PR squash-merge human gate.

Next session (s95): prep (re-mirror ~/.claude/skills/, FF runtime clone, rebuild lab, re-read updated hero_service_info) + Tier 1 / 1 of 5: hero_proc sweep. Effort: high.

— Signed-off-by: mik-tf

## Session 94 — setup complete Setup-only session for the [hero_proc#102](https://forge.ourworld.tf/lhumina_code/hero_proc/issues/102) workspace `service.toml` + `lab service` cleanup sweep that boss filed today. **Zero code commits.** Pipeline state shipped: - Posted plan comment [#102#33220](https://forge.ourworld.tf/lhumina_code/hero_proc/issues/102#issuecomment-33220) (8540 chars, mik-tf, 17:30 UTC) with full proposed plan: scope (D-07 35-set), tier order (T1 core → T2 app → T3 infra+UI), 5-criterion per-repo acceptance, STT name reconciliation, prep steps, per-repo loop, 35-repo ordering, WIP unknowns, closure criteria. CEO can adjust when awake; plan is defensible from origin tip as of 17:11 UTC. - Locked `decisions/D-10-service-toml-sweep-scope-order-acceptance.md` so the multi-session loop resumes consistently across `/start` boundaries. - Workspace clone `lhumina_code/hero_skills` fast-forwarded `73762cb → be20458` (12 commits today). All commits map to sections of #102's body — the issue is the writeup of code boss pushed 03:57–15:46 UTC. - `prompt.md §3` rewired for the multi-session loop with a per-repo effort table: bulk = `medium`, foundational/adversarial = `high`, no `xhigh` unless boss-WIP collision forces it. Rationale: mechanical `lab infocheck` fix loops don't benefit from xhigh-grade reasoning; cost arithmetic favors per-tier sizing. **STT skill-name reconciliation** (Issue body uses friendly notation from voice recording → real artifacts): | #102 body | Real artifact | |---|---| | `service.info` | `hero_service_info` SKILL | | `service.check` | `lab infocheck` | | `service.fix` | `hero_tests_fix_errors` SKILL + `lab infocheck` fix-loop | **Resolved side-fire:** [hero_skills#245](https://forge.ourworld.tf/lhumina_code/hero_skills/issues/245) — dispatcher.nu booby-trap resolved by completion at `be20458`. 47 `service_*.nu` + `dispatcher.nu` archived under `_archive/nutools/modules/services/`. `lab service` replaces nu dispatch. Runtime clone pull is now safe (queued for s95 prep). **One open question for boss when awake:** "Singleton services in hero_proc" mentioned in #102 §"Important Proc Updates" has no visible commit in today's hero_proc 3-commit window (`4b2afbc` tags / `4495a09` run.submit concurrency / `e7f1d2a` RunBuilder SDK). Either pre-existing, or local-WIP. Not blocking — sweep proceeds; will note if a repo's smoke checks depend on singleton behavior. **Estimate:** 10–15 sessions to close 35/35. Most likely 12. Wall-clock 3–5 days continuous / 1–2 weeks intermittent given per-PR squash-merge human gate. **Next session (s95):** prep (re-mirror `~/.claude/skills/`, FF runtime clone, rebuild `lab`, re-read updated `hero_service_info`) + Tier 1 / 1 of 5: `hero_proc` sweep. Effort: high. — Signed-off-by: mik-tf
mik-tf commented 2026-05-19 22:17:45 +00:00
Author
Copy link

s127 — CI auto-publish wired (closes 5/6 of hero_skills#268 DoD)

Canonical lab-publish.yaml workflow now lives in 31 of 35 D-07 demo-set repos. 17 of those 31 auto-publish fresh musl-x86_64 binaries to releases/tag/latest on every push to development — the ecosystem-bootstrap path (VM does lab build --download and gets the whole stack in ~5 min) works out-of-the-box for them.

Shipped this session

  • crates/lab/install.sh (63e0ef7) — fixes the documented-but-404 install URL the lab skill has been advertising
  • .forgejo/workflows/lab-publish.yaml (ad537ae + 3 iterations → 4767f67) — canonical workflow: Rust 1.95 install / musl-tools / lab install via install.sh / lab build --release --platforms linux-musl-x86_64 --upload --workspace
  • scripts/wire-lab-publish.sh (7ca5874 + fix b9f7ae0) — idempotent templating script, rolled the workflow to 31 repos in 6 batches of 5
  • crates/lab/src/builder/orchestrator.rs (777a7ec) — MIN_BINARY_BYTES made env-overridable via HERO_MIN_BIN_BYTES; CI sets it to 0 so legitimately-small Rust tools (mcp_*, *_admin shims) don't false-trip the < 512 KB "likely corrupt" guard. Unblocked hero_aibroker + hero_compute + hero_lib without touching their source.
  • skills/lab/lab.md (d660a96) — drift fix lab-latest → latest (lab source has always used latest; skill docs were wrong from day one)
  • CLAUDE.md "Release pipeline" — rewritten so CI auto-publish is canonical, manual lab build --upload is the bypass case
  • Filed hero_skills#269 — per-repo cleanup catalogue for the 14 still-red repos (9 failure categories × suggested fix surface)

Outcome

17 green / 14 red / 4 deferred = 17/35 actually shipping today. The 14 red are pre-existing per-repo bugs (path-deps, cargo feature errors, musl portability, etc.) — none are CI-workflow issues. The workflow file is in place, so each goes green automatically on the next push after its per-repo fix lands. The 4 deferred (hero_voice / hero_os / hero_office / mycelium_network) need workflow variants (gnu matrix-swap, WASM target, private auth, branch override).

Next session (s128) target: drive to 35/35 shipping. Two parallel work surfaces detailed in prompt.md §3 — Surface A clears the 14 per-repo bugs (recommend path-dep cluster of 6 repos as first head, mechanical one-pattern fix), Surface B wires the 4 special-case repos. Each fix unlocks one or more repos toward the ecosystem-bootstrap goal.

Sessions/127.yml has the full narrative + commit ledger across all 31 repos.

## s127 — CI auto-publish wired (closes 5/6 of [hero_skills#268](https://forge.ourworld.tf/lhumina_code/hero_skills/issues/268) DoD) Canonical `lab-publish.yaml` workflow now lives in **31 of 35** D-07 demo-set repos. **17 of those 31 auto-publish fresh musl-x86_64 binaries to `releases/tag/latest` on every push to `development`** — the ecosystem-bootstrap path (VM does `lab build --download` and gets the whole stack in ~5 min) works out-of-the-box for them. ### Shipped this session - `crates/lab/install.sh` ([`63e0ef7`](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/63e0ef7)) — fixes the documented-but-404 install URL the lab skill has been advertising - `.forgejo/workflows/lab-publish.yaml` ([`ad537ae`](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/ad537ae) + 3 iterations → `4767f67`) — canonical workflow: Rust 1.95 install / musl-tools / lab install via install.sh / `lab build --release --platforms linux-musl-x86_64 --upload --workspace` - `scripts/wire-lab-publish.sh` ([`7ca5874`](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/7ca5874) + fix [`b9f7ae0`](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/b9f7ae0)) — idempotent templating script, rolled the workflow to 31 repos in 6 batches of 5 - `crates/lab/src/builder/orchestrator.rs` ([`777a7ec`](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/777a7ec)) — `MIN_BINARY_BYTES` made env-overridable via `HERO_MIN_BIN_BYTES`; CI sets it to 0 so legitimately-small Rust tools (mcp_*, *_admin shims) don't false-trip the < 512 KB "likely corrupt" guard. Unblocked hero_aibroker + hero_compute + hero_lib without touching their source. - `skills/lab/lab.md` ([`d660a96`](https://forge.ourworld.tf/lhumina_code/hero_skills/commit/d660a96)) — drift fix `lab-latest → latest` (lab source has always used `latest`; skill docs were wrong from day one) - CLAUDE.md "Release pipeline" — rewritten so CI auto-publish is canonical, manual `lab build --upload` is the bypass case - Filed [hero_skills#269](https://forge.ourworld.tf/lhumina_code/hero_skills/issues/269) — per-repo cleanup catalogue for the 14 still-red repos (9 failure categories × suggested fix surface) ### Outcome **17 green / 14 red / 4 deferred = 17/35 actually shipping today.** The 14 red are pre-existing per-repo bugs (path-deps, cargo feature errors, musl portability, etc.) — none are CI-workflow issues. The workflow file is in place, so each goes green automatically on the next push after its per-repo fix lands. The 4 deferred (hero_voice / hero_os / hero_office / mycelium_network) need workflow variants (gnu matrix-swap, WASM target, private auth, branch override). **Next session (s128) target: drive to 35/35 shipping.** Two parallel work surfaces detailed in prompt.md §3 — Surface A clears the 14 per-repo bugs (recommend path-dep cluster of 6 repos as first head, mechanical one-pattern fix), Surface B wires the 4 special-case repos. Each fix unlocks one or more repos toward the ecosystem-bootstrap goal. Sessions/127.yml has the full narrative + commit ledger across all 31 repos.
mik-tf commented 2026-05-20 01:15:28 +00:00
Author
Copy link

s128 complete — #269 Surface A swept

9 per-repo lab-publish unblock pushes squashed direct-to-development:

repo commit category
hero_codescalers 3bc4d07 path-dep workspace
hero_lib_rhai febfa42 path-dep workspace
hero_matrixchat 89a983a path-dep workspace
hero_planner 231f268 path-dep workspace
hero_collab e833369 path-dep crate-inline
hero_agent 51c6551 reqwest rustls-tls
hero_wallet 2f601c7 drop askama with-axum
hero_logic a55deca target_env-gated RlimitResource
hero_foundry a4a9e5d dep_overrides rusqlite=0.31

Followups filed:

  • hero_slides#71 — broken merge 6e39d677 (138 markers / 46 regions across 10 files); needs despiegk + Casper to reconcile.
  • hero_skills#270 — lab executor.rs:54 CWD bug on nested workspaces; blocks hero_rpc CI.

Diagnoses corrected: hero_code already shipping pre-session; hero_books APIs exist + builds clean (infra CI failure); hero_rpc failure is lab orchestrator bug not per-repo bug.

Coverage projected post-CI: 25/31 wired (81%) / 25/35 D-07 (71%).

Tracker close-out: hero_skills#269#34413. Full narrative in sessions/128.yml (local; not committed).

s129 recommended head: land #270 lab patch (executor.rs + plumbing) to unblock hero_rpc — small, high-leverage, single-site bug with two documented fix shapes.

## s128 complete — #269 Surface A swept 9 per-repo lab-publish unblock pushes squashed direct-to-development: | repo | commit | category | |---|---|---| | hero_codescalers | [`3bc4d07`](https://forge.ourworld.tf/lhumina_code/hero_codescalers/commit/3bc4d07) | path-dep workspace | | hero_lib_rhai | [`febfa42`](https://forge.ourworld.tf/lhumina_code/hero_lib_rhai/commit/febfa42) | path-dep workspace | | hero_matrixchat | [`89a983a`](https://forge.ourworld.tf/lhumina_code/hero_matrixchat/commit/89a983a) | path-dep workspace | | hero_planner | [`231f268`](https://forge.ourworld.tf/lhumina_code/hero_planner/commit/231f268) | path-dep workspace | | hero_collab | [`e833369`](https://forge.ourworld.tf/lhumina_code/hero_collab/commit/e833369) | path-dep crate-inline | | hero_agent | [`51c6551`](https://forge.ourworld.tf/lhumina_code/hero_agent/commit/51c6551) | reqwest `rustls-tls` | | hero_wallet | [`2f601c7`](https://forge.ourworld.tf/lhumina_code/hero_wallet/commit/2f601c7) | drop askama `with-axum` | | hero_logic | [`a55deca`](https://forge.ourworld.tf/lhumina_code/hero_logic/commit/a55deca) | `target_env`-gated `RlimitResource` | | hero_foundry | [`a4a9e5d`](https://forge.ourworld.tf/lhumina_code/hero_foundry/commit/a4a9e5d) | `dep_overrides` rusqlite=0.31 | **Followups filed**: - [hero_slides#71](https://forge.ourworld.tf/lhumina_code/hero_slides/issues/71) — broken merge `6e39d677` (138 markers / 46 regions across 10 files); needs despiegk + Casper to reconcile. - [hero_skills#270](https://forge.ourworld.tf/lhumina_code/hero_skills/issues/270) — lab `executor.rs:54` CWD bug on nested workspaces; blocks hero_rpc CI. **Diagnoses corrected**: hero_code already shipping pre-session; hero_books APIs exist + builds clean (infra CI failure); hero_rpc failure is lab orchestrator bug not per-repo bug. **Coverage projected post-CI**: 25/31 wired (81%) / 25/35 D-07 (71%). **Tracker close-out**: [hero_skills#269#34413](https://forge.ourworld.tf/lhumina_code/hero_skills/issues/269#issuecomment-34413). Full narrative in [`sessions/128.yml`](https://forge.ourworld.tf/lhumina_code/hero_demo/blob/development/) (local; not committed). **s129 recommended head**: land #270 lab patch (`executor.rs` + plumbing) to unblock hero_rpc — small, high-leverage, single-site bug with two documented fix shapes.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
development
v0.9.3-dev
v0.9.0-dev
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
mik-tf
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
lhumina_research/hero_demo#52
No description provided.