feat: 0.1.0

.agent/controllers/portable-tool-route/goal.md

@@ -0,0 +1,2 @@
+### Goal
+Define and lock a deterministic, versioned distribution contract for this Rust autonomous controller so other projects can consume it safely via immutable artifacts, explicit metadata, and machine-readable instructions with minimal maintenance overhead.

.agent/controllers/portable-tool-route/plan.toon

@@ -0,0 +1,73 @@
+version: 3
+goal_summary: "Publish a stable distribution contract and deterministic artifact pipeline with validated checksums, consumer-facing metadata, and CI enforcement to make reuse by external projects repeatable and low-risk."
+steps[5]:
+  - id: "sm-1"
+    title: Finalize a canonical distribution contract and compatibility surface
+    purpose: "Create a versioned, explicit contract that external projects can trust for install, pinning, and upgrade behavior."
+    notes: Define what consumers can depend on before changing packaging code.
+    inputs[3]: "Existing ask to enable cross-project consumption",Current supported Rust targets and runtime assumptions,Current release/versioning model
+    outputs[3]: A new distribution ADR or docs/distribution.md,"Machine-readable contract file (e.g., JSON/YAML)","Compatibility matrix for Rust version, OS, arch, and binary/runtime expectations"
+    dependencies[0]:
+    verification[1]:
+      - label: Contract review
+        commands[2]: "Verify contract includes entrypoints, versioning, naming, retention, and checksum policy",Check contract is versioned and immutable for released artifacts
+    cleanup_requirements[1]{label,description}:
+      Contract drift prevention,Require contract updates to include a changelog entry when compatibility assumptions change.
+    status: done
+    attempts: 1
+  - id: "sm-2"
+    title: Implement one deterministic release layout and builder orchestrator
+    purpose: Generate all distributable outputs from a single script into a fixed path and filename schema.
+    notes: "No redesign needed; execute this immediately as the first active workstream and keep outputs constrained to a single canonical contract-first generator. Controller recovered this step from stale active state and returned it to todo."
+    inputs[4]: Distribution contract,Existing build profile configuration,Release target matrix,Release/version manifest schema
+    outputs[4]: Single deterministic `dist/` generator entrypoint,Canonical artifact path format and index manifest (version/target/platform keyed),Stable directory naming policy and versioned path template,Deterministic provenance snapshot included in generated index
+    dependencies[1]: "sm-1"
+    verification[1]:
+      - label: Path determinism check
+        commands[2]: Run generator twice from a clean tree and diff outputs,Assert artifact paths and filenames are pure functions of version + target + toolchain + source inputs
+    cleanup_requirements[1]{label,description}:
+      Legacy cleanup,"Document/remove old ad-hoc release paths and disable ambiguous aliases."
+    status: done
+    attempts: 1
+  - id: "sm-3"
+    title: Add reproducible packaging plus integrity metadata
+    purpose: "Bundle binaries/assets consistently and attach machine-verifiable metadata for downstream integrity checks."
+    notes: Focus execution on deterministic archive layout + checksum/provenance emission so downstream consumers can reproduce exact bytes. Controller recovered this step from stale active state and returned it to todo.
+    inputs[3]: Canonical output layout,Cargo/binary build inputs,Target/toolchain metadata
+    outputs[3]: Versioned package archive (tar/zip),SHA256 manifest and optional signature metadata,"Build provenance fields (version,target,profile,build timestamp,toolchain,git rev)"
+    dependencies[1]: "sm-2"
+    verification[1]:
+      - label: Artifact integrity check
+        commands[2]: Verify archive manifest matches emitted tree,Validate checksum file against generated artifact using standard tooling
+    cleanup_requirements[1]{label,description}:
+      Reproducibility hardening,"Strip non-deterministic fields from archives (timestamps, local paths, unordered metadata order) and document required reproducible tooling constraints. "
+    status: done
+    attempts: 1
+  - id: "sm-4"
+    title: Expose stable consumer integration interface and examples
+    purpose: Make consumption path predictable with one recommended model and explicit alternatives.
+    notes: "Define a single canonical, immutable distribution entrypoint (`dist/index.json`), version+target+profile resolution examples, and explicit migration/deprecation guidance; avoid additional active aliases. Controller recovered this step from stale active state and returned it to todo."
+    inputs[3]: Generated artifacts and checksums,"Machine-readable distribution contract/schema",Generated manifests and metadata
+    outputs[3]: Consumer integration guide for external projects,"Machine-readable release index for discovery and download","Compatibility-safe fallback/legacy path note, limited duration and explicit deprecation timeline"
+    dependencies[1]: "sm-3"
+    verification[1]:
+      - label: Consumption validation
+        commands[3]: Resolve immutable artifact by version+target from `dist/index.json` and assert only one canonical artifact path is documented,"Verify README/docs examples use index-based resolution and hash verification before execution",Confirm checksum verification command is included in quickstart
+    cleanup_requirements[1]{label,description}:
+      Alias minimization,Ensure only one active install/path alias remains for canonical artifacts and document sunset date for any temporary compatibility path.
+    status: done
+    attempts: 1
+  - id: "sm-5"
+    title: Enforce distribution contract in CI and maintenance workflow
+    purpose: Make distribution drift and nondeterminism observable so releases remain safely consumable by external projects.
+    notes: "Activate this final hardening step: wire release generation, reproducibility, manifest/schema validation, docs sync, and compatibility/retention/deprecation checks into existing CI quality gates. Controller recovered this step from stale active state and returned it to todo."
+    inputs[3]: Distribution scripts,Current CI workflow,Release contract docs
+    outputs[3]: CI distribution gate job with deterministic artifact and checksum enforcement,Automated contract/manifest/compatibility validation in pipeline,"Operational release guardrails for ownership handoff, deprecation, and retention policy"
+    dependencies[1]: "sm-4"
+    verification[1]:
+      - label: Release gate check
+        commands[4]: "Run tests, lint, and build before dist steps","Execute deterministic build + checksum validation and fail on byte-drift","Validate machine-readable distribution contract (compatibility matrix, migration/deprecation, checksum policy)",Ensure docs sync is validated in the same release gate
+    cleanup_requirements[1]{label,description}:
+      Operational hygiene,"Document and gate explicit version ownership transfer, deprecation workflow, and minimum compatibility retention window in CI/docs."
+    status: done
+    attempts: 2

.agent/controllers/portable-tool-route/standards.md

@@ -0,0 +1,12 @@
+### Standards
+1. Same git ref + source + toolchain + build inputs must yield identical artifact bytes and metadata.
+2. Use one canonical `dist/` layout and semantic naming convention that never changes once released.
+3. Keep a machine-readable distribution contract (format, compatibility matrix, assumptions, checksum policy, deprecation policy) as a first-class interface.
+4. Always emit reproducibility metadata in every release artifact: version, target, profile, build time inputs, git rev, and content checksums.
+5. Centralize release behavior in one versioned orchestration script/config; avoid scattered shell snippets and hidden paths.
+6. Gate releases through CI checks (tests, lint/build, artifact determinism, manifest validity, docs sync) before publishing.
+7. Treat compatibility, retention, and migration steps as part of the contract to reduce future operational risk.
+
+## Quality Gate Annotations
+
+- Iteration-aware review note: confirm long-term ownership and cleanup path.

.agent/controllers/portable-tool-route/state.toon

@@ -0,0 +1,49 @@
+version: 1
+phase: done
+stop_reason: null
+goal_status: done
+goal_revision: 1
+current_step_id: null
+iteration: 5
+replan_required: true
+completed_steps[5]: "sm-1","sm-2","sm-3","sm-4","sm-5"
+blocked_steps[0]:
+last_verification:
+  passed: true
+  summary: No commands requested
+  commands[0]:
+  output[0]:
+last_cleanup_summary:
+  passed: true
+  summary: "Cleanup accepted for sm-5"
+  commands[0]:
+  output[0]:
+last_full_test_summary:
+  passed: true
+  summary: No commands requested
+  commands[0]:
+  output[0]:
+history[5]{timestamp,kind,detail}:
+  "1775319621","step-complete","Completed sm-1"
+  "1775319737","step-complete","Completed sm-2"
+  "1775319845","step-complete","Completed sm-3"
+  "1775319900","step-complete","Completed sm-4"
+  "1775319970","step-complete","Completed sm-5"
+notes[4]: "Recovered stale active step state for portable-tool-route. Reset sm-2 to todo.","Recovered stale active step state for portable-tool-route. Reset sm-3 to todo.","Recovered stale active step state for portable-tool-route. Reset sm-4 to todo.","Recovered stale active step state for portable-tool-route. Reset sm-5 to todo."
+planning_rejection_counters:
+planning_annotation_counters:
+planning_session:
+  pending_input: null
+  pending_question: null
+  transcript[2]{role,content}:
+    user,Can you setup a distribution path so i can use this tool in other projects?
+    assistant,Planning completed
+started_at: "1775319559"
+last_usage_refresh_at: "1775320044"
+last_usage_input_tokens: null
+last_usage_output_tokens: null
+last_usage_primary_window: null
+last_usage_secondary_window: null
+run_model: "gpt-5.3-codex-spark"
+fast_mode: false
+allow_branching: false