{"id":50119460,"url":"https://github.com/vannadii/devplat","last_synced_at":"2026-05-23T18:04:18.869Z","repository":{"id":349240514,"uuid":"1201366040","full_name":"VannaDii/devplat","owner":"VannaDii","description":"An autonamous agentic development platform with OpenClaw and Discord.","archived":false,"fork":false,"pushed_at":"2026-05-16T03:35:21.000Z","size":5380,"stargazers_count":0,"open_issues_count":6,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-16T05:36:16.204Z","etag":null,"topics":["agent","develoment","discord","openclaw","openclaw-plugin"],"latest_commit_sha":null,"homepage":"https://vannadii.github.io/devplat/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/VannaDii.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-04-04T15:26:22.000Z","updated_at":"2026-05-16T03:24:41.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/VannaDii/devplat","commit_stats":null,"previous_names":["vannadii/devplat"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/VannaDii/devplat","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VannaDii%2Fdevplat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VannaDii%2Fdevplat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VannaDii%2Fdevplat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VannaDii%2Fdevplat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/VannaDii","download_url":"https://codeload.github.com/VannaDii/devplat/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VannaDii%2Fdevplat/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33406480,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-23T04:15:53.637Z","status":"ssl_error","status_checked_at":"2026-05-23T04:15:53.242Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","develoment","discord","openclaw","openclaw-plugin"],"created_at":"2026-05-23T18:04:09.309Z","updated_at":"2026-05-23T18:04:18.861Z","avatar_url":"https://github.com/VannaDii.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![CI](https://github.com/VannaDii/devplat/actions/workflows/ci.yml/badge.svg)](https://github.com/VannaDii/devplat/actions/workflows/ci.yml) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=vannadii_devplat\u0026metric=alert_status)](https://sonarcloud.io/summary/new_code?id=vannadii_devplat) [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=vannadii_devplat\u0026metric=coverage)](https://sonarcloud.io/summary/new_code?id=vannadii_devplat) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=vannadii_devplat\u0026metric=bugs)](https://sonarcloud.io/summary/new_code?id=vannadii_devplat) [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/devplat)](https://artifacthub.io/packages/search?repo=devplat)\n\n# Development Platform\n\nDevPlat is a Discord-first autonomous software-delivery platform built as a strict native-ESM TypeScript monorepo. Platform packages own domain logic, orchestration, contracts, and persistence; `@vannadii/devplat-openclaw` exposes that platform into OpenClaw; Discord operates as the primary human control plane; GitHub remains the system of record for specs, pull requests, reviews, and merge history.\n\n## Platform Model\n\n- research -\u003e spec PR -\u003e human approval -\u003e slicing -\u003e implementation PRs\n- automated gates, review, and remediation loops\n- operator control through OpenClaw + Discord with auditable artifacts\n- publication through GitHub Packages npm packages, GHCR Docker, GHCR OCI Helm, and GitHub Pages\n\n```mermaid\nflowchart TD\n  Operator[Discord operator] --\u003e OpenClaw[OpenClaw agent loop]\n  Operator --\u003e Commands[Discord command contracts]\n  Commands --\u003e DiscordGuild[Sandbox guild command registration]\n  DiscordGuild --\u003e Approval\n  OpenClaw --\u003e Adapter[\"@vannadii/devplat-openclaw adapter\"]\n  Adapter --\u003e Config[Repository runtime config]\n  Adapter --\u003e Supervisor[Supervisor lifecycle routing]\n  Supervisor --\u003e Policy[Policy allow deny and audit reason]\n  Policy --\u003e Storage[Storage indexes and durable records]\n  Supervisor --\u003e Research[Research briefs with sources]\n  Research --\u003e Specs[Spec revisions and PR-ready body]\n  Specs --\u003e GitHubSpec[GitHub spec pull request]\n  GitHubSpec --\u003e Approval[Discord approval bound to thread]\n  Approval --\u003e Slicing[Slice dependency graph and work packets]\n  Slicing --\u003e Queue[Task queue transitions]\n  Queue --\u003e Worktrees[Git worktree allocate sync release]\n  Worktrees --\u003e Execution[Command execution retry timeout truncation]\n  Execution --\u003e Gates[Gate classification and next action]\n  Gates --\u003e Sonar[Sonar issue normalization]\n  Gates --\u003e Review[Spec vs implementation review]\n  Sonar --\u003e Review\n  Review --\u003e Remediation[Remediation plan and result artifacts]\n  Remediation --\u003e Execution\n  Review --\u003e PRs[PR projection and merge readiness]\n  PRs --\u003e GitHubPR[GitHub PR update merge workflow dispatch]\n  GitHubPR --\u003e Branching[Dependent branch graph and rebase execution]\n  Branching --\u003e Conflict{Branch conflicts?}\n  Conflict --\u003e|yes| Remediation\n  Conflict --\u003e|no| Worktrees\n  GitHubPR --\u003e Publishing[Docker Helm npm docs release surfaces]\n  Storage --\u003e Artifacts[Versioned artifacts and audit logs]\n  Artifacts --\u003e Operator\n```\n\n## Runtime Baseline\n\n- Node.js `v24.14.1` from `.nvmrc`\n- `packageManager` `npm@11.12.1`\n- TypeScript `6.0.3` as the authoring baseline\n\nAlways activate the pinned runtime before development:\n\n```bash\nnvm use\nnpm ci\n```\n\nCompatibility validation runs on Linux only against the latest stable TypeScript `5.x` and `6.x` releases. Primary authoring targets TypeScript `6.0.3`.\n\n## Baseline Commands\n\n```bash\nnpm run check:repo\nnpm run check:pre-push\nnpm run test:coverage\nnpm run test:openclaw:deep\nnpm run docs:build\nnpm run act:pr\nnpm run sonar:install-cli\nnpm run sonar:analyze:changed\n```\n\n`npm run lint`, included in `check:repo`, verifies authored package JSDoc,\nstructured `const cases = [...]` test tables, banned TypeScript assertions,\nregular-expression placement and naming, sibling tests for non-trivial\n`logic.ts` and `service.ts` units, and static policy boundaries through ESLint\nrules.\n`npm run check:regex-governance`, also included in `check:repo`, verifies that\npackage regular-expression patterns defined in `constants.ts` are referenced\nby package tests.\n\n`npm run act:pr` runs the pull-request CI and TypeScript matrix workflows\nlocally through Docker using `act`, `.actrc`, and\n`.github/act/pull_request.json`. The wrapper at `scripts/run-act.sh` cleans up\n`act-*` Docker containers and `.artifacts/act` before and after each workflow,\nthen runs the hermetic OpenClaw deep test outside `act` so nested Docker volume\npaths resolve on the host. The fixture deliberately uses a secretless bot-style\nPR event so publish and Sonar upload paths stay skipped locally. The CI workflow\nalso skips remote artifact upload/download actions under `ACT=true` and skips\nthe nested-Docker deep-test job for the `devplat-local-act` actor while still\nexecuting repo, coverage, build, docs, generated artifact, and compatibility\njobs. Remote CI names shared generated, coverage, build, and docs artifacts by\nworkflow run id rather than run attempt, with overwrite enabled, so rerunning a\nfailed job can still download the artifacts produced earlier in the same run.\n\n`npm run sonar:install-cli` installs the SonarQube CLI through the repo helper,\nwhich selects the documented SonarSource installer for macOS, Linux, or Windows.\nAfter authenticating with `sonar auth login`, run `npm run sonar:analyze:changed`\nto scan changed files with `sonar analyze secrets` and per-file\n`sonar verify --file` commands. The wrapper runs configured analyses in\nparallel, prints a plain-text summary by default, and supports `--json` for\nagent-readable reports. SQAA/A3S analysis is intentionally disabled unless\n`SONAR_A3S_ENABLED=true`, `DEVPLAT_SONAR_A3S_ENABLED=true`, or `--sqaa enabled`\nis supplied; when enabled it also runs per-file `sonar analyze sqaa --file`\ncommands. If SQAA returns\n`A3S analysis is not activated for this organization`, the helper reports that\ncapability as skipped instead of allowing the whole analysis run to fail. If the\nlocal CLI is not authenticated, the helper reports changed-file verification as\nskipped with an explicit `sonar auth login` hint while CI remains the\nauthoritative Sonar gate. The wrapper derives the current branch and defaults\nthe project to `vannadii_devplat`; override with `--project`, `--branch`,\n`--base`, or `--head` only for exceptional local comparisons.\n\nRuntime configuration is repository-scoped for the single-repo production path.\nSet `GITHUB_OWNER`, `GITHUB_REPO`, `GITHUB_DEFAULT_BRANCH`, GitHub API/token\noverrides, runtime storage/worktree overrides, Docker/Helm deployment\noverrides, and the Discord/OpenClaw/Sonar variables documented in the\nconfiguration guide before running live operator flows. Config loading now\nnormalizes those defaults, derives the Discord category name from `GITHUB_REPO`\nfor multi-repository guild separation unless test traffic explicitly sets\n`DISCORD_CATEGORY_NAME=test`, configures outbound Discord Gateway interaction\nhandling with `DISCORD_GATEWAY_URL` and `DISCORD_GATEWAY_INTENTS`, and returns\nstructured validation issues for bad URLs, empty required paths, invalid\ndeployment targets, and invalid gateway ports. The storage package remains the\nonly package that directly reads or writes the committed runtime state\ndirectory.\nThe Helm chart mirrors that runtime path with typed `discordGateway.enabled`,\n`discordGateway.url`, and `discordGateway.intents` values that render the\nGateway env vars into the runtime container.\n\nThe live lab posts compact status payloads without stale interactive components,\nregisters Discord operator commands in the sandbox guild, and records\ncallback-shaped slash-command and button interaction evidence in its report.\nThe automated probe keeps its simulated deferred acknowledgements as local\nreceipts because those payloads do not have real Discord interaction tokens;\nthe bound control-plane payloads still post through the real Discord channel\ntransport and record response endpoints, Discord message ids, posted content,\nand component custom ids from the posted messages. The initial\nproject-management bootstrap message is a required acceptance signal; if\nDiscord cannot post it, the live lab fails before mutating sandbox repository\nstate. The report preserves that bootstrap receipt with channel id, message id,\nposted content, and an empty component id list so operators can audit the\nvisible start signal without leaving unbound status buttons that outlive the\nephemeral runner.\nHuman-triggered Discord client clicks are deferred as a manual sandbox-guild\nacceptance check because Discord does not expose a supported bot API for\nclicking buttons as a user. The `operator_hold_ms` live-lab input defaults to\n`150000`, keeping the private Gateway runtime open for a bounded 2.5 minute\nmanual-click window after the control message is posted. The live-lab control\nmessage is posted in a short-lived implementation thread created under the\n`test` category's standard implementation channel, so real button clicks\nresolve to the same thread id encoded in the component payload and persisted\nGateway session.\nThe docs operator guide includes the full Mermaid command flow from research\nand spec creation through PR acceptance, and the Discord workflows guide lists\nthe exact registered slash commands that drive bound threads.\nLive-lab status posts render compact workflow links with URL previews\nsuppressed, and reports include selected channel `parentId` values so category\nplacement can be audited.\nLive-lab runtime containers receive the same repo-scoped Discord/OpenClaw/Sonar\nenvironment through Docker env-name pass-through while report artifacts keep\nsecret values redacted. The live container explicitly starts the private\nDiscord Gateway worker and points `DEVPLAT_STORAGE_ROOT` at the mounted\n`.devplat` state directory so real sandbox-guild slash commands and button\nclicks are acknowledged through the same thread binding store used by OpenClaw\ntool execution. OpenClaw storage, telemetry, memory, Discord lifecycle,\nGitHub submission, pull-request submission, and supervisor-step tools also\nhonor the trimmed configured storage root, and pull-request submission uses the\ntrimmed configured GitHub owner/repository identity. Worktree allocation and\ndependent rebase tools honor the trimmed configured worktree root, so\ntool-driven artifacts, telemetry, worktrees, and Discord interaction state stay\nin the same repository-scoped store. Gate runs and Sonar quality-gate\nevaluations record passed/failed classification, actor, coverage, blocking\nissue, and next-action telemetry through that same store.\nOpenClaw tool responses include an `operationalResult` summary whenever the\ndelegated package result exposes lifecycle evidence. That summary carries the\nnormalized status, artifact id, persisted record key, policy decision id,\ntelemetry event id, and next-action hint for fast agent and operator handoff\nwithout replacing the package-owned payload.\nValid operator\ninteractions are deferred before state, telemetry, and audit persistence\nbegins, then the bound thread receives the structured status payload after the\ncontrol result is durable. This avoids posting the same operator payload twice\nin the thread while still satisfying Discord's prompt response window. If Discord\nrejects the initial deferred acknowledgement, the acknowledgement transport throws, or a\nroute-refusal acknowledgement is rejected, DevPlat fails the action closed,\nwrites an audit event, and reports `responsePostError` without lifecycle state\nchanges. If the post-acknowledgement thread update fails, the control result\nkeeps the interaction receipt and durable action record while reporting\n`threadPostError`. Interaction-originated requests are normalized once, so\npersisted traces contain one Discord route marker for the action.\nThe live-lab runner loads built workspace package entrypoints during normal\nexecution and fails fast with a `npm run build:workspace` instruction if those\ncompiled entrypoints are missing under plain Node. Source package entrypoints\nare only allowed for preflight tests or explicit TypeScript-loader execution.\nBefore host-side live-lab cleanup hooks persist extra Discord session records,\nthe deep-test runner normalizes container-owned `.devplat` bind-mount content\nto the host runner owner with owner-only write permissions. If that auxiliary\nnormalization fails, the report records a warning and cleanup still runs, so\nplatform contract failures remain separate from local Docker permission repair.\n\nPublic contract schemas are generated from exported `io-ts` codecs. For\ncodec-owned lifecycle records, derive TypeScript types from those codecs rather\nthan duplicating interface shapes, then run `npm run generate:schemas` and\n`npm run generate:openclaw-manifest` with the code change.\n\n## Instruction Surfaces\n\n- [`PLATFORM.md`](./PLATFORM.md): foundation-scope objective, package responsibilities, delivery surfaces, and acceptance criteria\n- [`CONTRIBUTING.md`](./CONTRIBUTING.md): human workflow, review, and release contract\n- [`AGENTS.md`](./AGENTS.md): terse coding-agent operating rules\n- [`.github/copilot-instructions.md`](./.github/copilot-instructions.md): AI pair-programming rules\n- [`.github/instructions/`](./.github/instructions): platform, architecture, performance, compatibility, release, testing, schema, review, and operator policies\n- [`site/guide-docs/guides/platform-lifecycle.md`](./site/guide-docs/guides/platform-lifecycle.md): end-to-end platform flow\n- [`site/guide-docs/guides/user-guide.md`](./site/guide-docs/guides/user-guide.md): setup, first small project validation, Discord checks, and troubleshooting\n- [`site/guide-docs/guides/quality-performance-policy.md`](./site/guide-docs/guides/quality-performance-policy.md): complete-change and performance expectations\n- [`site/guide-docs/guides/live-test-lab.md`](./site/guide-docs/guides/live-test-lab.md): dispatchable live end-to-end test lane and setup references\n- `packages/*/README.md`: package-local ownership, boundary, and validation notes\n\n## Distribution Surfaces\n\n- `docker/openclaw-runtime`: GHCR runtime image\n- `deploy/helm/devplat`: GHCR OCI Helm chart\n- `site/guide-docs`: GitHub Pages documentation site\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvannadii%2Fdevplat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvannadii%2Fdevplat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvannadii%2Fdevplat/lists"}