Skip to main content

Roadmap

Missing pieces

These are primarily documentation/contract gaps, not functional gaps — the manifest is explicit that "missing CTS artifacts are primarily documentation/contract items rather than functional network or algorithmic gaps."

  • Formal CTS-style command contracts for each public command (purpose, invocation, inputs, stdout/stderr norms, machine-readable mode, exit codes, examples, stability notes)
  • Documented exit code table mapping existing os.Exit uses to CTS exit code bands
  • Documented JSON command output envelope (CommandOutput.schema.json), or a deliberate, written justification for the per-command JSONL format instead
  • Explicit machine-readable /api/status schema and CLI JSON output schema documentation
  • Structured error examples and a machine-readable error object spec for JSON mode
  • Release checklist and verified artifact publication steps (build_verified=false, release_verified=false in the manifest)
  • CI workflow for reproducible builds, tests, and release artifact publication
  • Integration test harness covering end-to-end bundle + extraction workflows
  • Grafana dashboard examples for the Prometheus metrics
  • CONTRIBUTING.md, CODEOWNERS, and release automation

Next steps

  1. Run and record a full build/test/release verification (build binaries, go test ./..., produce checksums)
  2. Add explicit CTS command contracts per CLI (download-crates, generate-sidecars, extract-bundles, Clone-Index.py)
  3. Document the exit code table and map existing os.Exit uses to CTS bands
  4. Publish JSON output schema(s) and adopt a CommandOutput envelope, or document the rationale for the JSONL manifest exception
  5. Create a CI workflow to run tests, vet packages, and publish release artifacts with checksums
  6. Author CONTRIBUTING.md and a basic release checklist
  7. Provide Grafana dashboard examples and sample manifests for automation consumers
  8. Reconcile legacy manifest fields and confirm lifecycle state with the maintainer

Potential improvements

  • --json / --format json machine-readable flag with a CTS CommandOutput envelope for CLI status endpoints
  • Formal exit-code mapping doc, with all commands returning documented codes
  • --dry-run / preview mode for extract-bundles (it's currently a destructive operation with no safety rail)
  • Stable published JSON schemas for manifest.jsonl and /api/status
  • Small automation-friendly examples for parsing manifest.jsonl and detecting errors via exit codes
  • Grafana dashboard JSON and example Prometheus scrape configs

Creative enhancements (not committed, just ideas on file)

  • An optional CTS-compliant --status-json command returning a CommandOutput envelope summarizing run state and metrics for automation
  • A lightweight local DuckDB dataset builder that ingests manifest.jsonl for ad-hoc queries and reports
  • Bundle-level cryptographic provenance: sign bundles and produce a signed bundles.index.jsonl for verifiable airgap transfer
  • An OCI-like packaging mode to publish bundles as immutable artifacts to a private registry
  • A small Tauri-based desktop inspector that loads manifest.jsonl and the Prometheus endpoints for visual inspection
  • A delta-sync mode that computes file-level diffs against a previous manifest and emits a compact transport plan