v5.5.8 — Operational Hardening

All 3,093 tests pass. Zero TypeScript errors.

All 3,093 tests pass. Zero TypeScript errors.

Features

approvalTimeoutMs — fail-closed approval gate timeout (lib/phase-pipeline.ts) PhasePipelineOptions now accepts approvalTimeoutMs (default 300,000 ms / 5 min). If the onApproval callback does not settle within the deadline, the gate automatically denies — { approved: false } — preventing indefinite hangs in automated pipelines.

enforcePromotionChain — strict environment promotion (lib/env-manager.ts) EnvironmentManager constructor accepts enforcePromotionChain: true. When enabled, promote() checks for a .promotion-record.json in the source environment directory and throws if missing, preventing skipped-stage deployments (e.g., direct dev → prod bypassing sit/qa/preprod). A record is written after every successful promotion regardless of flag state, so existing deployments accumulate records incrementally.

onCompact — archived phase results (lib/phase-pipeline.ts) CompactionOptions.onCompact now receives a third argument: archivedPhases: ReadonlyArray<PhaseResult> containing the phases that were compacted. Existing two-argument callbacks continue to work without changes.

Improvements

• CLI --json error output (bin/cli.ts) — Fatal errors now emit {"error":"..."} JSON to stdout when --json is present, enabling consistent machine-readable pipeline consumption.
• Adapter discovery warning (adapters/adapter-registry.ts) — discoverAgents() now logs console.warn for each adapter that fails during discovery rather than silently dropping it.
• FederatedBudget persist failure warning (lib/federated-budget.ts) — Blackboard persistence errors in _persist() now emit console.warn instead of being silently swallowed.

Documentation

• AuthGuardian advisory token notice — Class-level JSDoc clarifies that grant tokens are advisory scoring outputs only; agentId is not cryptographically verified; callers must add a separate identity-verification step before gating PAYMENTS, DATABASE, or FILE_EXPORT operations.
• FileAccessor error contract — JSDoc documents that read, write, and list never throw; all access-denied paths are caught at the method boundary and returned as { success: false, error: <message> }.
• LockedBlackboard semantics — Options JSDoc documents dirty-read window with recommended optimistic-retry pattern, equal-priority last-writer-wins tie-break, and env value frozen at construction.
• SandboxPolicyConfig.env freeze notice — JSDoc states NETWORK_AI_ENV is captured at construction; runtime changes have no effect.
• StreamingBaseAdapter auth once-at-start — executeAgentStream() JSDoc documents that the permission check fires once at stream start, not per-chunk.
• SECURITY.md — Added Fail-Closed Approval Timeout (v5.5.8) and Strict Promotion Chain Enforcement (v5.5.8) entries to both SECURITY.md copies.
• README.md — Phase Pipeline row updated to reflect approvalTimeoutMs fail-closed timeout.