-
Notifications
You must be signed in to change notification settings - Fork 62
docs(vision): frame autonomy as configurable per workflow #3378
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
|
|
||
| ## The goal | ||
|
|
||
| A GitHub organization's repos operate with fully autonomous agents handling the routine software development lifecycle: issue triage, implementation, code review, testing, and merge-to-production. Humans participate at two points: | ||
| Everything autonomous is the goal. A GitHub organization's repos operate with agents handling the full software development lifecycle: issue triage, implementation, code review, testing, and merge-to-production. Humans participate at two points: | ||
|
|
||
| 1. **Strategic intent** — defining what the system should do and become. Features, architecture, direction. | ||
| 2. **Guarded paths** — CODEOWNERS-enforced human approval for security-critical, API-changing, or architecturally significant code paths. | ||
| 2. **Guardrails** — CODEOWNERS-enforced human approval for security-critical, API-changing, or architecturally significant code paths. | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. [medium] terminology-consistency The change from "Guarded paths" to "Guardrails" alters an established term used across 8+ documentation files (ADRs, problem docs, human-factors.md, security-threat-model.md, AGENTS.md). "Guarded paths" specifically refers to CODEOWNERS-enforced code paths requiring human approval, while "Guardrails" is used elsewhere in the codebase to refer to broader system-level safety mechanisms (sandboxing, policies, org-wide constraints). The explanatory text after the bold term is preserved, but the label change creates cross-document inconsistency. Suggested fix: Preserve "Guarded paths" in this context, or if the rename is intentional, plan a follow-up to update references across all documentation files.
ralphbean marked this conversation as resolved.
|
||
|
|
||
| Everything else is autonomous. | ||
| Getting there is incremental. Each phase and transition in the [agentic SDLC](#the-agentic-sdlc) can be configured — per workflow — as human-driven, agent-driven, or both. A bugfix workflow might run fully autonomously while a feature workflow keeps a human in the loop at refinement and review. Teams adopt at whatever pace builds confidence, shifting one phase at a time rather than flipping a giant switch. | ||
|
Comment on lines
+5
to
+10
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 1. Unclear autonomy model In docs/vision.md the intro states humans participate at "two points", but immediately after it says each SDLC phase/transition can be configured per-workflow as human-driven, agent-driven, or both. This makes the intended steady-state vs incremental-migration model ambiguous and can mislead readers about what "everything autonomous" concretely means. Agent Prompt
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 3. Human-factors doc now stale docs/problems/human-factors.md explicitly frames its analysis around the vision’s “two points of human participation” model, but the updated vision now emphasizes per-workflow/per-phase configurability and incremental adoption. Leaving human-factors.md unchanged makes the documentation set internally inconsistent and can mislead readers about what the current vision actually claims. Agent Prompt
ralphbean marked this conversation as resolved.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. [medium] unsubstantiated-architecture-claim The added paragraph claims "Each phase and transition in the agentic SDLC can be configured — per workflow — as human-driven, agent-driven, or both." No other documentation (architecture.md, ADRs, problems/) describes per-workflow configuration of SDLC phases. The existing architecture describes per-repo autonomy (AGENTS.md: "Binary per-repo, with CODEOWNERS enforcing human approval on specific paths"). The present-tense "can be configured" implies existing capability rather than aspirational direction. Suggested fix: Qualify the claim as aspirational ("will be configurable" or "the goal is for each phase..."), or add a brief note that this is the design direction rather than current state.
ralphbean marked this conversation as resolved.
|
||
|
|
||
| ## The agentic SDLC | ||
|
|
||
|
|
@@ -35,7 +35,7 @@ The current bugfix workflow spans three phases. The remaining phases are planned | |
| ***Feedback*** ◄─── Monitor ◄─────── Delivery | ||
| ``` | ||
|
|
||
| **Current (bugfix workflow):** An issue reports a bug (***feedback***). An agent triages, implements a fix (***execution***), and validates it against tests and review (***verification***). Humans set strategic intent and approve guarded paths; everything else is autonomous. | ||
| **Current (bugfix workflow):** An issue reports a bug (***feedback***). An agent triages, implements a fix (***execution***), and validates it against tests and review (***verification***). Humans must set strategic intent and approve guardrails; the rest may be fully autonomous based on configuration. | ||
|
|
||
| **Planned:** Discovery (identifying what needs work from production signals and tech debt), refinement (scoping and decomposing work), prioritization (ordering the backlog), delivery (merge-to-production with graduated autonomy), and monitor (production observability feeding back into the loop). | ||
|
|
||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.