Skip to content

Release 2.0.76 (2026-05-31)

Chores

  • add .vergil/ scratch directory to gitignore

Documentation

  • rework permission model around subset-of-human-rights, drop track mode Replaces the track-mode/admin elevated identity with a single User identity plus a reserved (unprovisioned) Admin slot. No agent identity holds workflows permission; the human carries workflow-touching pushes via vrg-submit-pr ensure-pushed, and action-pin bumps go to vrg-dependency-update (#918).

Adds the subset-of-human-rights principle as the spine, redraws the Racetrack Model to Driver/Officials/Race Director with Admin as escorted access to the regulated zone, expands the audit pull_requests:write gap with the GitHub merge-vs-write granularity problem, and adds cooperative-vs-adversarial and infrastructure-advocacy framing.

  • add foundational host-as-owner assumption and merge-time provenance gate Strengthens the permission-model design from pushback review:

  • Elevate the subset-of-human-rights principle to a stated Foundational Assumption: the host operator is the owner holding maximum rights; agents are sandboxed minions with a strict subset; an operator lacking the umbrella rights is a showstopper by design, not a case to degrade for.

  • Add the 'human chokepoints are verification points' principle and a pre-merge provenance check in vrg-finalize-pr that inspects a PR's attributed action history and blocks out-of-role agent actions. This closes the audit pull_requests:write hard-gate gap at the irreversible step that GitHub's coarse permissions cannot.
  • Clarify VRG_IDENTITY_MODE is a Layer 1 ergonomic, not a control; the App credential is the identity boundary and spoofing the mode changes nothing GitHub enforces.
  • State that vrg-dependency-update (#918) is an ergonomic optimization, not a prerequisite; ensure-pushed already carries workflow-touching pushes.
  • Add radical-transparency strategic posture and sharpen Mimir framing so soft gates are explicitly expected to fall while effort concentrates on hard gates.

  • consolidate merge into vrg-finalize-pr with provenance check; make gh api identity-aware

  • add stale-session lifecycle implementation plan 13-task TDD plan: config thresholds, archived-name parsing, age model + bands, plan_session (sweep/most-recent/--fresh), resolver age/archive/prompt/sweep, list-json states, host CLI, and a comprehensive docs/site session user guide. Ref #1323.

  • align list --sessions task with merged host-side architecture Per alignment review: keep host-side transcript reads + per-VM active/updatedAt merge (extend _vm_active_session_ids -> _vm_active_sessions); list_rows already dedups by (identity,slot,path) active-wins. Removes the duplicate-state dedup bug. Ref #1323.

Features

  • add identity-mode detection module for VM mode awareness
  • add PR template library for .vergil/ scratch convention
  • add session_stale_days/session_archive_days config Cascading thresholds (identity -> config -> 7/14) with validation that archive is 0 or > stale. Ref #1323.

  • parse archived session labels; guard parse_name parse_name rejects archived@ prefix (it would otherwise mis-parse into a bogus slot); add make_archived_name/parse_archived. Ref #1323.

  • add last_active to Slot and SessionRow Thread an optional last_active map through build_slots/list_rows. Ref #1323.

  • add session age-band classifier FRESH/WARN/STALE by stale_days/archive_days; unknown age = FRESH; archive_days=0 disables STALE. Ref #1323.

  • add plan_session: bands, sweep, most-recent resume, --fresh Pure planner returning auto-archive list + action (Resume/Create/Fork/Refuse/PromptStale). Ref #1323.

  • tail-read last timestamped entry for session age Bounded end-first read; skips agent-name (no timestamp); ISO->epoch. Ref #1323.

  • compute last_active map in resolver state Active uses roster updatedAt (ms->s); idle uses tail-read transcript timestamp. Ref #1323.

  • compute last_active map in resolver state Active uses roster updatedAt (ms->s); idle uses tail-read transcript timestamp. Ref #1323.

  • archive a session by appending an archived agent-name Relabel-in-place; no-op if transcript missing/unnamed. Ref #1323.

  • execute session plan: sweep, stale prompt, resume/create/fork TTY-gated prompt (non-TTY resumes); auto-archive sweep with notes; plan_session integration. Ref #1323.

  • emit age + state (active/idle/archived) in --list-json Archived rows parsed from archived@ labels; idle/active state + lastActive. Ref #1323.

  • wire --fresh, thresholds, and list --sessions states/age Resolver main gains --fresh/--stale-days/--archive-days. Host plumbs thresholds + --fresh into the resolver; list --sessions gains state filters (--active/--idle/--archived/--all), a LAST ACTIVE column, and host-side merge (transcripts + per-VM active/updatedAt). Ref #1323.

Testing

  • satisfy lint and reach full coverage for foundation modules
  • complete branch coverage for stale-lifecycle Cover _last_activity bad-timestamp branches, _archive_session OSError, list --sessions idle-with-age + non-active rows, and the identity archive-override resolve branch. ruff/type fixes. Ref #1323.