Roadmap
Missing pieces
These are primarily documentation/contract gaps, not functional gaps — the manifest is explicit that "missing CTS artifacts are primarily documentation/contract items rather than functional network or algorithmic gaps."
- Formal CTS-style command contracts for each public command (purpose, invocation, inputs, stdout/stderr norms, machine-readable mode, exit codes, examples, stability notes)
- Documented exit code table mapping existing
os.Exituses to CTS exit code bands - Documented JSON command output envelope (
CommandOutput.schema.json), or a deliberate, written justification for the per-command JSONL format instead - Explicit machine-readable
/api/statusschema and CLI JSON output schema documentation - Structured error examples and a machine-readable error object spec for JSON mode
- Release checklist and verified artifact publication steps (
build_verified=false,release_verified=falsein the manifest) - CI workflow for reproducible builds, tests, and release artifact publication
- Integration test harness covering end-to-end bundle + extraction workflows
- Grafana dashboard examples for the Prometheus metrics
CONTRIBUTING.md,CODEOWNERS, and release automation
Next steps
- Run and record a full build/test/release verification (build binaries,
go test ./..., produce checksums) - Add explicit CTS command contracts per CLI (
download-crates,generate-sidecars,extract-bundles,Clone-Index.py) - Document the exit code table and map existing
os.Exituses to CTS bands - Publish JSON output schema(s) and adopt a
CommandOutputenvelope, or document the rationale for the JSONL manifest exception - Create a CI workflow to run tests, vet packages, and publish release artifacts with checksums
- Author
CONTRIBUTING.mdand a basic release checklist - Provide Grafana dashboard examples and sample manifests for automation consumers
- Reconcile legacy manifest fields and confirm lifecycle state with the maintainer
Potential improvements
--json/--format jsonmachine-readable flag with a CTSCommandOutputenvelope for CLI status endpoints- Formal exit-code mapping doc, with all commands returning documented codes
--dry-run/ preview mode forextract-bundles(it's currently a destructive operation with no safety rail)- Stable published JSON schemas for
manifest.jsonland/api/status - Small automation-friendly examples for parsing
manifest.jsonland detecting errors via exit codes - Grafana dashboard JSON and example Prometheus scrape configs
Creative enhancements (not committed, just ideas on file)
- An optional CTS-compliant
--status-jsoncommand returning aCommandOutputenvelope summarizing run state and metrics for automation - A lightweight local DuckDB dataset builder that ingests
manifest.jsonlfor ad-hoc queries and reports - Bundle-level cryptographic provenance: sign bundles and produce a signed
bundles.index.jsonlfor verifiable airgap transfer - An OCI-like packaging mode to publish bundles as immutable artifacts to a private registry
- A small Tauri-based desktop inspector that loads
manifest.jsonland the Prometheus endpoints for visual inspection - A delta-sync mode that computes file-level diffs against a previous manifest and emits a compact transport plan