Roadmap
aglang is already useful as a local CLI and CI-friendly architecture verification layer. The next goal is narrower and harder: make it the architecture guardrail protocol that different agents, subagents, editors, and CI systems can all speak consistently.
This roadmap is organized as issue-ready milestones. Each section can be copied directly into a GitHub epic or split into smaller delivery issues.
v0.3 - Stable machine interfaces
Focus: make aglang a dependable machine contract instead of only a strong CLI.
Scope
- Freeze and document the JSON verdict schema.
- Freeze and document the
architecture.oschema, required fields, and compatibility rules. - Add capability discovery for:
- schema version
- supported policy kinds
- extractor coverage
- confidence semantics
- Tighten TypeScript and JavaScript extraction:
- component imports
fetch/axios/ common HTTP clients- Express / Fastify / Next route extraction
- direct DB client detection
- Publish a default agent behavior contract:
- read
AGENTS.md - use
check-filewhile editing - use
check --allbefore finishing - do not mutate
.agfiles without approval
- read
Exit criteria
- Agents can discover what aglang supports without reading prose docs.
- Verdict JSON is versioned and documented as a stable interface.
architecture.ois treated as a formal contract, not an internal artifact.- TS/JS users can get credible flow extraction in a normal service or monorepo.
v0.4 - Multi-agent integration
Focus: let different agent runtimes share the same guarded view of the repo.
Scope
- Ship an official MCP server for aglang.
- Add protocol-style operations:
get_rules_for_filecheck_filecheck_projectgraph_projectget_change_requirementsexplain_violation
- Add shared task-envelope output:
- touched components
- blocking policies
- required companion changes
- relevant architecture files
- Improve violation evidence and path summaries for subagent handoff.
- Strengthen authorization extraction:
- C# policy attributes
RequireAuthorization(...)- authorization handlers
- common TS middleware patterns where evidence is definite
Exit criteria
- Codex-style agents, editor agents, and CI can call the same aglang interface.
- Subagents can receive a bounded architecture context instead of rereading the whole repo.
- Violations are explainable enough for automated repair loops.
v0.5 - Easier policy authoring
Focus: reduce the cost of adoption for teams that are not architecture-language enthusiasts.
Scope
- Improve starter generation from real repos.
- Add stack-specific templates:
- TypeScript monorepo
- ASP.NET
- Python service
- GitHub Actions-heavy repo
- Improve malformed-policy diagnostics and missing-evidence diagnostics.
- Improve editor support:
- completions
- validation
- quick fixes
- Add more public examples and golden demo repos.
Exit criteria
- A team can adopt aglang without a custom workshop.
- New specs start from credible templates instead of blank files.
- Policy errors are precise enough to fix quickly.
v0.6 - Agent protocol and remediation
Focus: make aglang a usable coordination layer for parent agents and subagents, not only a checker.
Scope
- Publish the first protocol draft for:
- repository refs
- normalized facts
- stable fact and violation IDs
- scope-aware check operations
- remediation hints
- Expose protocol operations over a machine interface:
check_filecheck_scopecheck_repograph_componenttrace_violationfind_related_filessuggest_fix_targetsrecheck_scope
- Add fix metadata to violations:
- suggested files
- suggested components
- safe fix class
- architecture-approval requirement
- Add bounded recheck so subagents can verify only the slice they changed.
Exit criteria
- Parent agents can assign violations to subagents using stable IDs.
- Subagents can recheck their own scope without forcing a full repo rerun.
- Violation payloads are strong enough to support automated repair loops.
v0.7 - Cross-repo compliance graph
Focus: connect multiple repos into one architecture and drift surface.
Scope
- Add repo registry and repo identity model.
- Add persistent multi-repo graph:
- components
- contracts
- dependencies
- extracted facts
- Add cross-repo operations:
list_contract_consumerslist_drift- impact traces across repos
- Add waiver and baseline lifecycle for real environments.
Exit criteria
- A provider or consumer change can be traced across repos.
- Parent agents can coordinate multi-repo repair tasks from one protocol surface.
- Existing accepted drift can be separated from newly introduced drift.
v0.8 - Enterprise readiness and audit evidence
Focus: make aglang credible for enterprise adoption by improving evidence quality, repeatable audit artifacts, CI integration, governance, and security posture.
Scope
- Improve evidence quality:
- publish extractor capability matrices per language and framework
- attach source, extractor, confidence, strategy, and extractor version to every emitted fact
- add golden fixture suites for ASP.NET, Spring, Express/Nest, FastAPI, Go HTTP, Kotlin Android, Swift, Terraform, and GitHub Actions
- add
aglc query-testfor.agq.ymlfixtures
- Add audit artifacts:
- emit hash-linked reports covering
.ag,.agq.yml,architecture.o, CLI version, git SHA, changed files, verdict, and plugin metadata - add
aglc report --json --html --sarif - support SARIF output for GitHub code scanning
- persist stable violation IDs and
aglc explainoutput in report form
- emit hash-linked reports covering
- Strengthen CI/CD integration:
- ship official GitHub Actions, GitLab CI, and Azure DevOps examples
- add baseline mode so known violations can be accepted while new violations still fail
- add
--severity-threshold - document clean machine setup for monorepos and multi-repos
- Improve spec governance:
- add owner metadata for rules, components, semantic queries, and generated context
- add
aglc reviewto show the semantic impact of.agand.agq.ymledits - add drift detection for unmapped code, stale components, and rules with no evidence
- treat generated query/spec changes as privileged architecture changes in docs and machine output
- Mature the query layer:
- add stricter
.agq.ymlschema validation and diagnostics - add query dry-run output showing matched graph facts before emitting blocking facts
- add query coverage showing which rules had evidence and which did not
- support versioned query packs for common frameworks
- add stricter
- Improve performance and scale:
- benchmark large repos and publish baseline numbers
- improve extractor cache invalidation
- parallelize extractor execution safely
- make solver slice diagnostics first-class with timeout budgets, hotspot ranking, and suggested decomposition
- Improve developer UX:
- make
aglc explainthe primary repair loop - add
aglc doctor - add
aglc init-ci - improve diagnostics for no matched files, no rule evidence, empty query matches, and missing architecture artifacts
- add examples that show complete violation-to-repair workflows
- make
- Harden security and trust:
- pin and record plugin versions
- sandbox external plugins where practical
- record plugin binary/package hashes in verdicts and reports
- support offline and locked execution
- document review requirements for generated specs and queries
- Add enterprise reporting surfaces:
- rule coverage over time
- violations by repo/team
- stale specs and unmapped files
- slow solver slices and path-explosion hotspots
- unowned rules/components
Exit criteria
- An enterprise can see exactly which facts were extracted, by which extractor/query, from which source, and under which tool version.
- CI can fail only on new or severe violations while retaining a durable audit trail.
.agand.agq.ymlchanges have reviewable semantic impact summaries.- Reports are suitable for security, platform, and compliance review without requiring raw CLI logs.
- Large-repo failure modes are diagnosable instead of looking like generic solver or extractor failures.
v1.0 - Protocol status
Focus: standardize the interface and make third-party integrations realistic.
Scope
- Publish a standalone protocol specification.
- Guarantee backward compatibility for:
- verdict JSON
architecture.o- MCP methods
- Add reference integrations for:
- GitHub Actions
- GitLab CI
- one local agent runtime
- one editor agent runtime
- Raise extractor credibility in common stacks.
- Ship conformance tests for external integrations.
Exit criteria
- aglang is no longer just a repo tool; it is a stable architecture protocol.
- Third-party runtimes can implement against published contracts with confidence.
- Compatibility promises are explicit and test-backed.
v1.1 - Runtime evidence and SLO verification
Focus: extend aglang from static architecture/code-fact verification into runtime architecture verification by treating logs, traces, metrics, and deployment observations as first-class evidence.
Scope
- Add runtime fact model:
- latency facts with component, edge, percentile, value, window, environment, and source
- error-rate and availability facts
- queue lag and processing-time facts
- CPU, memory, replica, and saturation facts
- observed runtime flow facts from traces
- deployment/config facts from Kubernetes, Terraform state, cloud inventory, or CI environments
- Add SLO and runtime policy syntax:
- component latency thresholds, for example
p95 < 30ms - edge latency thresholds, for example
CheckoutApi -> Payments p99 < 200ms - error budget and error-rate rules
- queue lag and processing deadlines
- resource bounds for memory, CPU, replicas, and cold start
- forbidden observed runtime paths
- required runtime auth/TLS/mTLS evidence where telemetry can prove it
- component latency thresholds, for example
- Add ingestion adapters:
- OpenTelemetry traces and metrics
- Prometheus query snapshots
- structured application logs
- Kubernetes deployment/state snapshots
- cloud or platform inventory snapshots
- Add runtime check commands:
aglc ingest-runtime --source <otel|prometheus|logs|k8s> --out runtime-facts.jsonaglc check-runtime --arch architecture.o --facts runtime-facts.json --jsonaglc explain-runtime --violation <id> --json
- Add runtime audit reports:
- include evidence window, environment, metric source, query, sample count, and aggregation method
- hash-link runtime facts to reports
- separate dev/staging/prod environments
- support baseline mode for known SLO violations
- Add examples:
- service p95 latency under 30ms
- forbidden service-to-service call observed in traces
- queue lag above declared deadline
- PII-tagged runtime path crossing an untrusted boundary
- production deployment drift from declared component topology
Exit criteria
- A team can declare simple runtime SLOs and verify them from imported telemetry snapshots.
- Runtime violations include the metric source, time window, aggregation method, and architecture rule.
- Static and runtime evidence can appear in the same audit report.
- aglang can distinguish architecture drift in source from architecture drift in the running system.
Highest-leverage priorities
If only a few things move next, they should be these:
- Stable schema and capability discovery
- Evidence and query testing
- Official MCP server
- Better TS extraction
- CI/reporting outputs
- Runtime evidence model
- Conformance tests
Suggested issue split
Use this roadmap as the top-level epic set:
Epic: v0.3 stable machine interfacesEpic: v0.4 multi-agent integrationEpic: v0.5 policy authoring ergonomicsEpic: v0.6 agent protocol and remediationEpic: v0.7 cross-repo compliance graphEpic: v0.8 enterprise readiness and audit evidenceEpic: v1.0 protocol standardizationEpic: v1.1 runtime evidence and SLO verification
Then split each epic into bounded delivery issues with one implementation surface each:
- schema / artifact
- CLI / MCP surface
- extractor work
- docs / examples
- reports / CI integrations
- security / plugin trust
- conformance / tests