Skip to content
FractalOps

@fractalops/workspace-shims

@fractalops/workspace-shims

Section titled “@fractalops/workspace-shims”

Versioned internal workspace runtime adapters for FractalOps-managed Daytona and agent workspaces.

The package is published only to the company Nexus registry. Daytona templates install or execute a pinned package version instead of embedding large shell/Python heredocs.

This package follows the FractalOps internal package supply-chain contract in colocated/packages/internal-package-supply-chain.md: the package source repo owns source and release artifacts, Nexus serves approved tarballs, and workspaces receive only short-lived brokered install credentials.

Commands

Section titled “Commands”
  • fractalops-gh: GitHub App command proxy for agent-owned issue and PR operations, including App-backed PR view and merge.
  • fractalops-agent-session: AgentSquad session runtime adapter for Claude/ClipProxy runs, GitHub delivery references, and workspace PR handoff.

Ubiquitous Names

Section titled “Ubiquitous Names”

The canonical glossary is architecture/agentsquad-delivery-language.md.

  • controller message: the operator or graph instruction carried into the next agent attempt.
  • delivery reference: a GitHub pull request or issue URL that proves where agent work converges.
  • missing delivery reference blocker: runtime blocker github_issue_or_pr_link_missing.
  • agent-owned worktree: the writable Git worktree for one agent lane.
  • assembly worktree: the shared read/observation checkout for cross-repository context.
  • merge lifecycle decision: the committer’s closed decision after PR and tester proof inspection.
  • merge_lifecycle_decision_required: blocker emitted when a committer has a delivery reference but no canonical merge lifecycle decision.

Security Contract

Section titled “Security Contract”
  • Package tarballs include dist/ only; source and source maps are not published.
  • scripts/build.mjs bundles and minifies with source maps disabled.
  • Runtime adapters do not store GitHub tokens or secret values.
  • GitHub writes are brokered through fops github-app ....
  • docker is hard-walled in the sandbox (baked exit-127 stub); there is no in-sandbox compose/build plane. Live preview is the bare dev server (vite / next / uvicorn bound to 0.0.0.0), exposed through the daytona-proxy signed preview URL via the dev-preview MCP; per-project hosting is the project’s Dokploy plane.
  • Daytona and agent workspaces install an exact pinned package spec with a short-lived .npmrc.
  • The runtime image must not be customized per package; version changes happen through the package pin and runtime config.