Skip to content

EPIC: proto 1.0 readiness — Phase 1 (hardening) #481

Description

@mabry1985

Tracking epic for proto 1.0, from the 6-dimension readiness audit run at v0.71.2 (backlog · code-health · public contract · test/CI · docs/distribution · security). Every finding below was verified against the code.

Verdict

There is no pile of bugs — 0 open bug/p0 issues, no milestone, no previously-declared 1.0 gate. The gaps are four coherent workstreams, not defects:

  1. an unfinished Qwen→proto rebrand baked into the surface a 1.0 would freeze under semver,
  2. a fail-open security default that contradicts the "privacy-first" claim,
  3. release/CI gates too soft to stand behind a 1.0,
  4. a few features that silently do nothing.

Scope decisions (made)

  • 1.0 = the proto CLI only. @protolabsai/sdk versions independently (stays 0.x) — separate track. packages/webui (108 src, 0 tests) is out of scope / experimental.
  • Phased: cut a hardening 1.0 (identity + security defaults + gates) first; features land in 1.x.

Phase 1 — the 1.0 gate

# Item Severity
Qwen fork-leftovers: SECURITY.md→Aliyun, sandbox image→qwenlm, Dockerfile CMD qwen, --help prints "qwen", dead PROTO_ENABLE_CRON shipped #471 / v0.71.3
#473 Folder-trust is off by default and fails open — a checked-in repo config runs code on launch 🔴 blocker
#474 Rebrand coherence — canonical npm scope, PROTO_* env aliasing, stale CHANGELOG/CONTRIBUTING 🟠 major
#475 Harden CI/release gates — e2e not a PR gate, no coverage/typecheck gate, no Windows, release publishes untested 🟠 major
#476 Features that silently do nothing — prompt hooks, getCustomExcludes, hook_callback 🟠 major
#477 API freeze prep — settings stability metadata, versioned JSON output, retire duplicate mechanisms 🟠 major
#478 Telemetry collection/disclosure vs the privacy-first claim 🟠 major
#479 Robustness — SIGTERM swallows cleanup, LSP children orphaned, unbounded shell output 🟠 major
#480 TUI render-path stabilization freeze — soak + regression tests 🟡 watch

Suggested order: #473 (severity) → #475 (cheap, high-leverage, protects everything after) → #476 + #479 (correctness) → #474 + #477 (the freeze itself) → #478#480 soak → cut 1.0.

Phase 2 — post-1.0 (1.x)

TUI Wave-2 #450#455 (high blast radius; #452 touches the ~1100-line KeypressContext, #453 refactors AppContainer's ~120-field memo) · benchmark-PRD P1–P5 score optimization (specs/benchmark-competitiveness-prd.md) · i18n removal #401 · Arena naming #402 · #456 minor TUI follow-ups · #162 Langfuse trace coordination.

Housekeeping: #223 (@protolabsai/sdk surface for workstacean fleet) should be closed — workstacean was abandoned.

Notes on things that are fine (audited, no action)

  • Install/first-run UX is not blocked: curl … cli.protolabs.studio/install.sh returns 200, @protolabsai/proto@0.71.3 publishes, proto setup wizard + getting-started docs are coherent. The VitePress docs site is genuinely comprehensive (no "coming soon" placeholders).
  • LICENSE (Apache 2.0) + fork attribution are correct; Copyright 2025 Google LLC SPDX headers are acceptable under Apache 2.0.
  • Telemetry is opt-in with a hard init gate; no third-party analytics/crash reporting.
  • Shell tool defaults to ask for non-read-only commands; read-only AST classifier + minimum-scope rule extraction.
  • The folder-trust machinery is correctly written — only the default is wrong (1.0 BLOCKER: folder-trust is off by default and fails open — a checked-in repo config runs code on launch #473), so one flip closes the whole chain.
  • Plugin auto-discovery (~/.claude/plugins) inherits only slash-command prompt templates from user home — no code execution on load; a malicious repo can't plant them.

Metadata

Metadata

Assignees

No one assigned

    Labels

    1.01.0 readiness (see 1.0 epic)

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions