You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Tracking epic for proto 1.0, from the 6-dimension readiness audit run at v0.71.2 (backlog · code-health · public contract · test/CI · docs/distribution · security). Every finding below was verified against the code.
Verdict
There is no pile of bugs — 0 open bug/p0 issues, no milestone, no previously-declared 1.0 gate. The gaps are four coherent workstreams, not defects:
an unfinished Qwen→proto rebrand baked into the surface a 1.0 would freeze under semver,
a fail-open security default that contradicts the "privacy-first" claim,
release/CI gates too soft to stand behind a 1.0,
a few features that silently do nothing.
Scope decisions (made)
1.0 = the proto CLI only.@protolabsai/sdk versions independently (stays 0.x) — separate track. packages/webui (108 src, 0 tests) is out of scope / experimental.
Phased: cut a hardening 1.0 (identity + security defaults + gates) first; features land in 1.x.
Phase 1 — the 1.0 gate
#
Item
Severity
—
Qwen fork-leftovers: SECURITY.md→Aliyun, sandbox image→qwenlm, Dockerfile CMD qwen, --help prints "qwen", dead PROTO_ENABLE_CRON
Housekeeping:#223 (@protolabsai/sdk surface for workstacean fleet) should be closed — workstacean was abandoned.
Notes on things that are fine (audited, no action)
Install/first-run UX is not blocked: curl … cli.protolabs.studio/install.sh returns 200, @protolabsai/proto@0.71.3 publishes, proto setup wizard + getting-started docs are coherent. The VitePress docs site is genuinely comprehensive (no "coming soon" placeholders).
LICENSE (Apache 2.0) + fork attribution are correct; Copyright 2025 Google LLC SPDX headers are acceptable under Apache 2.0.
Telemetry is opt-in with a hard init gate; no third-party analytics/crash reporting.
Shell tool defaults to ask for non-read-only commands; read-only AST classifier + minimum-scope rule extraction.
Plugin auto-discovery (~/.claude/plugins) inherits only slash-command prompt templates from user home — no code execution on load; a malicious repo can't plant them.
Tracking epic for proto 1.0, from the 6-dimension readiness audit run at v0.71.2 (backlog · code-health · public contract · test/CI · docs/distribution · security). Every finding below was verified against the code.
Verdict
There is no pile of bugs — 0 open
bug/p0issues, no milestone, no previously-declared 1.0 gate. The gaps are four coherent workstreams, not defects:Scope decisions (made)
protoCLI only.@protolabsai/sdkversions independently (stays 0.x) — separate track.packages/webui(108 src, 0 tests) is out of scope / experimental.Phase 1 — the 1.0 gate
—Qwen fork-leftovers: SECURITY.md→Aliyun, sandbox image→qwenlm, DockerfileCMD qwen,--helpprints "qwen", deadPROTO_ENABLE_CRONPROTO_*env aliasing, stale CHANGELOG/CONTRIBUTINGgetCustomExcludes,hook_callbackSuggested order: #473 (severity) → #475 (cheap, high-leverage, protects everything after) → #476 + #479 (correctness) → #474 + #477 (the freeze itself) → #478 → #480 soak → cut 1.0.
Phase 2 — post-1.0 (1.x)
TUI Wave-2 #450–#455 (high blast radius; #452 touches the ~1100-line KeypressContext, #453 refactors AppContainer's ~120-field memo) · benchmark-PRD P1–P5 score optimization (
specs/benchmark-competitiveness-prd.md) · i18n removal #401 · Arena naming #402 · #456 minor TUI follow-ups · #162 Langfuse trace coordination.Housekeeping: #223 (
@protolabsai/sdksurface for workstacean fleet) should be closed — workstacean was abandoned.Notes on things that are fine (audited, no action)
curl … cli.protolabs.studio/install.shreturns 200,@protolabsai/proto@0.71.3publishes,proto setupwizard + getting-started docs are coherent. The VitePress docs site is genuinely comprehensive (no "coming soon" placeholders).Copyright 2025 Google LLCSPDX headers are acceptable under Apache 2.0.askfor non-read-only commands; read-only AST classifier + minimum-scope rule extraction.~/.claude/plugins) inherits only slash-command prompt templates from user home — no code execution on load; a malicious repo can't plant them.