CLI Reference¶
This is the full searchable reference for the cruxible command line. Walkthroughs and agent recipes live elsewhere; this file is intentionally detailed so an agent can look up command names, flags, side effects, and failure modes without shelling out to --help first.
Runtime Model¶
- Use
--server-urlor--server-socketfor daemon transport, and--instance-idor CLI context for daemon-backed instances. - The CLI context commands remember transport and the active instance for shell users; MCP does not use CLI context.
- Commands that mutate governed state are blocked locally when the command requires a daemon surface.
init --kitaccepts standalone kits. Overlay kits are created withstate create-overlay --kit.runrejects proposal workflows; useproposefor workflows that return governed relationship proposals.explainandexport edgesare direct-local file/rendering utilities. Use receipts and list/query tools for daemon/MCP flows.
Command Word Order¶
Operations on a specific named resource instance are noun-first:
cruxible entity add, cruxible entity update, cruxible relationship add,
and cruxible relationship update. Cross-resource collection and inspection
commands remain top-level where the target is not a single CRUD-style resource,
for example list, inspect, and sample.
There is no hard-delete/remove command. Cruxible state is receipted and
append-oriented; retire entities by setting ontology lifecycle fields such as
status=closed or status=superseded, and reject relationship assertions with
the feedback/review surfaces.
Direct Write Shorthand¶
Usage:
cruxible entity add ENTITY_TYPE ENTITY_ID [--set FIELD=VALUE] [--set-json FIELD=JSON] [--dry-run] [--json]
cruxible entity update ENTITY_TYPE ENTITY_ID --set FIELD=VALUE [--set-json FIELD=JSON] [--dry-run] [--json]
cruxible relationship add REL_TYPE FROM_TYPE FROM_ID TO_TYPE TO_ID [--set FIELD=VALUE] [--set-json FIELD=JSON] [--dry-run] [--json]
cruxible relationship update REL_TYPE FROM_TYPE FROM_ID TO_TYPE TO_ID [--set FIELD=VALUE] [--set-json FIELD=JSON] [--dry-run] [--json]
Purpose: Ergonomic CLI shorthand for creating and updating entities and relationships without hand-authoring a direct-write payload file.
Field Assignment:
- --set FIELD=VALUE stores VALUE as a string. Values such as NO, no,
1.20, 0755, and null are not coerced.
- --set-json FIELD=JSON stores an explicitly typed JSON value.
- --props JSON remains accepted on noun write commands for compatibility.
- Duplicate fields, blank field names, and malformed assignments are rejected.
Relationship Evidence Options:
- --evidence-ref JSON
- --source-evidence JSON
- --evidence-rationale TEXT
Output And Side Effects:
- Uses the same guarded direct-write path as batch-direct-write, with the same
dry-run behavior, receipts, mutation guards, and group-interaction notices.
- entity add and relationship add fail if the target already exists.
- entity update and relationship update fail if the target does not exist.
- --json emits the same BatchDirectWriteResult envelope as
batch-direct-write.
- Actor attribution remains credential-derived when daemon auth is enabled.
Examples:
cruxible entity add WorkItem wi-example --set title="Add write verbs" --set status=planned
cruxible entity update WorkItem wi-example --set status=closed
cruxible relationship add work_item_part_of_work_item WorkItem wi-child WorkItem wi-parent --set composition_basis="Same ergonomics slice"
cruxible relationship update work_item_part_of_work_item WorkItem wi-child WorkItem wi-parent --set composition_basis="Refined after review"
cruxible config¶
Usage: cruxible config [OPTIONS]
Purpose: Edit, validate, and render the active config.
Subcommands:
cruxible config reload- Validate the active config or repoint the instance to a new config file.cruxible config views- Render canonical Mermaid/Markdown views for a Cruxible config.cruxible config expand- Expand a compact authoring config to the explicit engine config.cruxible config add-constraint- Add a constraint rule to the config.cruxible config add-decision-policy- Add a decision policy to the config.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, or rendered file output depending on the subcommand.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible config expand¶
Usage: cruxible config expand [OPTIONS]
Purpose: Expand a compact authoring config to the explicit engine config. The compact form is the single source of truth; the loader expands it on load, so the explicit output is for inspection/review (e.g. diffing the resolved graph), not a committed artifact.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--in |
yes | `` | file | Path to the compact authoring YAML to expand. |
--out |
no | stdout | file | Write the expanded explicit YAML here. |
--validate / --no-validate |
no | validate |
flag | Validate the expanded config as a CoreConfig before writing. |
Output And Side Effects:
- Pure transform: reads the compact YAML and writes the expanded explicit YAML to --out (or stdout). No instance, daemon, or graph state is touched.
Common Errors:
- Malformed compact grammar (raises a compact-expansion error naming the construct).
- The expanded config fails CoreConfig validation (unless --no-validate).
cruxible config add-constraint¶
Usage: cruxible config add-constraint [OPTIONS]
Purpose: Add a constraint rule to the config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--name |
yes | Sentinel.UNSET |
text | Constraint name. |
--rule |
yes | Sentinel.UNSET |
text | Constraint rule expression. |
--severity |
no | warning |
choice | Severity level (default: warning). |
--description |
no | `` | text | Optional description. |
Output And Side Effects: - Config mutation. Adds a constraint rule to the active config and reports the constraint name plus any validation warnings. Server-mode only.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations.
- Local mutation disabled when not server-backed; run against a server-mode instance.
cruxible config add-decision-policy¶
Usage: cruxible config add-decision-policy [OPTIONS]
Purpose: Add a decision policy to the config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--name |
yes | Sentinel.UNSET |
text | Decision policy name. |
--applies-to |
yes | Sentinel.UNSET |
choice | Policy application surface. |
--relationship |
yes | Sentinel.UNSET |
text | Relationship type. |
--effect |
yes | Sentinel.UNSET |
choice | Policy effect. |
--query-name |
no | `` | text | Named query for query policies. |
--workflow-name |
no | `` | text | Workflow name for workflow policies. |
--match |
no | {} |
text | JSON object for exact-match selectors. |
--description |
no | `` | text | Optional description. |
--rationale |
no | `` | text | Policy rationale. |
--expires-at |
no | `` | text | Optional ISO timestamp/date. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible entity¶
Usage: cruxible entity [OPTIONS]
Purpose: Entity reads and writes.
Subcommands:
cruxible entity add- Create one entity.cruxible entity get- Look up a specific entity by type and ID.cruxible entity history- Inspect receipt-derived entity change history for one entity type or entity.cruxible entity inspect- Inspect an entity and its immediate neighbors.cruxible entity update- Update one existing entity.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible entity add¶
Usage: cruxible entity add [OPTIONS] [ENTITY_TYPE] [ENTITY_ID]
Purpose: Create one entity using JSON properties or FIELD=VALUE assignments.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
ENTITY_TYPE |
no | `` | argument | Entity type. |
ENTITY_ID |
no | `` | argument | Entity ID. |
--type |
no | `` | text | Entity type, for compatibility with older noun command usage. |
--id |
no | `` | text | Entity ID, for compatibility with older noun command usage. |
--props |
no | `` | text | JSON object of properties. |
--set |
no | `` | text | String property assignment FIELD=VALUE. Repeat for multiple properties. |
--set-json |
no | `` | text | Typed JSON property assignment FIELD=JSON. Repeat for multiple properties. |
--dry-run |
no | False |
boolean | Validate without mutating graph state. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Uses the same guarded direct-write path as batch-direct-write.
- Fails if the entity already exists.
- JSON output is a BatchDirectWriteResult.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible entity update¶
Usage: cruxible entity update [OPTIONS] [ENTITY_TYPE] [ENTITY_ID]
Purpose: Update one existing entity using JSON properties or FIELD=VALUE assignments.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
ENTITY_TYPE |
no | `` | argument | Entity type. |
ENTITY_ID |
no | `` | argument | Entity ID. |
--type |
no | `` | text | Entity type, for compatibility with older noun command usage. |
--id |
no | `` | text | Entity ID, for compatibility with older noun command usage. |
--props |
no | `` | text | JSON object of properties. |
--set |
no | `` | text | String property assignment FIELD=VALUE. Repeat for multiple properties. |
--set-json |
no | `` | text | Typed JSON property assignment FIELD=JSON. Repeat for multiple properties. |
--dry-run |
no | False |
boolean | Validate without mutating graph state. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Uses the same guarded direct-write path as batch-direct-write.
- Fails if the entity does not already exist.
- Requires at least one --props, --set, or --set-json property update.
- JSON output is a BatchDirectWriteResult.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible entity get¶
Usage: cruxible entity get [OPTIONS]
Purpose: Look up a specific entity by type and ID.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--type |
yes | Sentinel.UNSET |
text | Entity type. |
--id |
yes | Sentinel.UNSET |
text | Entity ID. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
- A by-id get is not subject to live-only lifecycle gating: it returns the
entity even when its lifecycle.status is retired/superseded,
and surfaces that status (in the Lifecycle table column and in the JSON
metadata.lifecycle.status). This is the recovery/inspection path for an
entity hidden from live query/list reads.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible entity history¶
Usage: cruxible entity history [OPTIONS]
Purpose: Inspect receipt-derived entity change history for one entity type or entity.
Noun-first read of an entity's history.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--type |
yes | Sentinel.UNSET |
text | Entity type. |
--id |
no | `` | text | Optional entity ID. |
--limit |
no | 50 |
integer range | |
--offset |
no | 0 |
integer range | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only. Shows property diffs recorded on mutation receipts for entity writes.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible entity inspect¶
Usage: cruxible entity inspect [OPTIONS]
Purpose: Inspect an entity and its immediate neighbors.
Noun-first read of a single entity with its neighbors.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--type |
yes | Sentinel.UNSET |
text | Entity type. |
--id |
yes | Sentinel.UNSET |
text | Entity ID. |
--direction |
no | both |
choice | Neighbor traversal direction. |
--relationship |
no | `` | text | Optional relationship filter. |
--limit |
no | `` | integer range | Max neighbors to show. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible relationship¶
Usage: cruxible relationship [OPTIONS]
Purpose: Relationship reads and writes.
Subcommands:
cruxible relationship add- Create one relationship.cruxible relationship get- Look up a specific relationship by its endpoints and type.cruxible relationship lineage- Inspect a relationship's stored provenance lineage.cruxible relationship update- Update one existing relationship.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible relationship add¶
Usage: cruxible relationship add [OPTIONS] [RELATIONSHIP_TYPE] [FROM_TYPE] [FROM_ID] [TO_TYPE] [TO_ID]
Purpose: Create one relationship using JSON properties, FIELD=VALUE assignments, or evidence flags.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
RELATIONSHIP_TYPE |
no | `` | argument | Relationship type. |
FROM_TYPE |
no | `` | argument | Source entity type. |
FROM_ID |
no | `` | argument | Source entity ID. |
TO_TYPE |
no | `` | argument | Target entity type. |
TO_ID |
no | `` | argument | Target entity ID. |
--from-type |
no | `` | text | Source entity type, for compatibility with older noun command usage. |
--from-id |
no | `` | text | Source entity ID, for compatibility with older noun command usage. |
--relationship |
no | `` | text | Relationship type, for compatibility with older noun command usage. |
--to-type |
no | `` | text | Target entity type, for compatibility with older noun command usage. |
--to-id |
no | `` | text | Target entity ID, for compatibility with older noun command usage. |
--props |
no | `` | text | JSON object of edge properties. |
--set |
no | `` | text | String relationship property assignment FIELD=VALUE. |
--set-json |
no | `` | text | Typed JSON relationship property assignment FIELD=JSON. |
--evidence-ref |
no | `` | text | JSON evidence ref object. Repeat to attach multiple refs. |
--source-evidence |
no | `` | text | JSON source-evidence locator. Repeat to attach multiple locators. |
--evidence-rationale |
no | `` | text | Optional rationale for the attached relationship evidence. |
--dry-run |
no | False |
boolean | Validate without mutating graph state. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Uses the same guarded direct-write path as batch-direct-write.
- Fails if the relationship tuple already exists.
- Evidence refs and source-evidence locators are persisted as relationship evidence metadata.
Direct adds are not group-reviewed accepted relationships; use group propose
and group resolve --action approve when review/acceptance state matters.
- JSON output is a BatchDirectWriteResult.
Example:
cruxible relationship add \
roadmap_item_depends_on_roadmap_item \
RoadmapItem ri-compact-workflow-trace-payloads \
RoadmapItem ri-transactional-sqlite-state \
--source-evidence '{"source_artifact_id":"SRC-...","chunk_id":"CHK-..."}' \
--evidence-rationale "Extracted from the P0 section."
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible relationship update¶
Usage: cruxible relationship update [OPTIONS] [RELATIONSHIP_TYPE] [FROM_TYPE] [FROM_ID] [TO_TYPE] [TO_ID]
Purpose: Update one existing relationship using JSON properties, FIELD=VALUE assignments, or evidence flags.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
RELATIONSHIP_TYPE |
no | `` | argument | Relationship type. |
FROM_TYPE |
no | `` | argument | Source entity type. |
FROM_ID |
no | `` | argument | Source entity ID. |
TO_TYPE |
no | `` | argument | Target entity type. |
TO_ID |
no | `` | argument | Target entity ID. |
--from-type |
no | `` | text | Source entity type, for compatibility with older noun command usage. |
--from-id |
no | `` | text | Source entity ID, for compatibility with older noun command usage. |
--relationship |
no | `` | text | Relationship type, for compatibility with older noun command usage. |
--to-type |
no | `` | text | Target entity type, for compatibility with older noun command usage. |
--to-id |
no | `` | text | Target entity ID, for compatibility with older noun command usage. |
--props |
no | `` | text | JSON object of edge properties. |
--set |
no | `` | text | String relationship property assignment FIELD=VALUE. |
--set-json |
no | `` | text | Typed JSON relationship property assignment FIELD=JSON. |
--evidence-ref |
no | `` | text | JSON evidence ref object. Repeat to attach multiple refs. |
--source-evidence |
no | `` | text | JSON source-evidence locator. Repeat to attach multiple locators. |
--evidence-rationale |
no | `` | text | Optional rationale for the attached relationship evidence. |
--dry-run |
no | False |
boolean | Validate without mutating graph state. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Uses the same guarded direct-write path as batch-direct-write.
- Fails if the relationship tuple does not already exist.
- Requires at least one property or evidence update.
- JSON output is a BatchDirectWriteResult.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible relationship get¶
Usage: cruxible relationship get [OPTIONS]
Purpose: Look up a specific relationship by its endpoints and type.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--from-type |
yes | Sentinel.UNSET |
text | Source entity type. |
--from-id |
yes | Sentinel.UNSET |
text | Source entity ID. |
--relationship |
yes | Sentinel.UNSET |
text | Relationship type. |
--to-type |
yes | Sentinel.UNSET |
text | Target entity type. |
--to-id |
yes | Sentinel.UNSET |
text | Target entity ID. |
--edge-key |
no | `` | integer | Edge key (multi-edge disambiguation). |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible relationship lineage¶
Usage: cruxible relationship lineage [OPTIONS]
Purpose: Inspect a relationship's stored provenance lineage.
Noun-first read of a relationship's lineage.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--from-type |
yes | Sentinel.UNSET |
text | Source entity type. |
--from-id |
yes | Sentinel.UNSET |
text | Source entity ID. |
--relationship |
yes | Sentinel.UNSET |
text | Relationship type. |
--to-type |
yes | Sentinel.UNSET |
text | Target entity type. |
--to-id |
yes | Sentinel.UNSET |
text | Target entity ID. |
--edge-key |
no | `` | integer | Edge key (multi-edge disambiguation). |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Read-only. Returns the matching relationship, _provenance, linked proposal group/resolution when provenance points to a group, source workflow receipt ID, source trace IDs, and warnings for missing or non-group provenance.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for read operations.
- Ambiguous relationship tuple without --edge-key.
cruxible batch-direct-write¶
Usage: cruxible batch-direct-write --payload-file PATH [--dry-run] [--json]
Purpose: Validate or apply one structured direct graph write payload containing entities, relationships, and optional payload-local shared evidence.
Payload Shape:
entities:
- entity_type: RoadmapItem
entity_id: ri-example
properties:
roadmap_item_id: ri-example
title: Example roadmap item
relationships:
- from_type: WorkItem
from_id: wi-example
relationship_type: work_item_implements_roadmap_item
to_type: RoadmapItem
to_id: ri-example
shared_evidence_keys: [source_section]
evidence_rationale: Extracted from the referenced section.
shared_evidence:
source_section:
source_evidence:
- source_artifact_id: SRC-...
chunk_id: mdchunk_...
Output And Side Effects:
- --dry-run validates entity properties, relationship endpoints/properties,
evidence locators, duplicate IDs, and missing shared evidence keys without
mutating graph state.
- Apply mode writes all valid entities and relationships through one mutation
receipt and returns a compact summary. Direct writes are live/unreviewed
state, not group-reviewed accepted state.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Payload file is not a JSON/YAML object.
- Unknown shared evidence key or invalid source-evidence locator.
cruxible feedback analyze¶
Usage: cruxible feedback analyze [OPTIONS]
Purpose: Analyze structured feedback and print remediation suggestions.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--relationship |
yes | Sentinel.UNSET |
text | Relationship type. |
--limit |
no | 200 |
integer range | Rows to inspect. |
--min-support |
no | 5 |
integer range | Minimum support for suggestions. |
--decision-surface-type |
no | `` | choice | Optional decision surface type filter. |
--decision-surface-name |
no | `` | text | Optional decision surface name filter. |
--pair |
no | Sentinel.UNSET |
text | Explicit mismatch pair as FROM_PROP=TO_PROP. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible outcome analyze¶
Usage: cruxible outcome analyze [OPTIONS]
Purpose: Analyze structured outcomes and print trust/debugging suggestions.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--anchor-type |
yes | Sentinel.UNSET |
choice | Outcome anchor type to analyze. |
--relationship |
no | `` | text | Relationship type. |
--workflow |
no | `` | text | Workflow name filter. |
--query |
no | `` | text | Query name filter. |
--surface-type |
no | `` | choice | Explicit surface type filter. |
--surface-name |
no | `` | text | Explicit surface name filter. |
--limit |
no | 200 |
integer range | Rows to inspect. |
--min-support |
no | 5 |
integer range | Minimum support for suggestions. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible apply¶
Usage: cruxible apply [OPTIONS]
Purpose: Commit a previously previewed canonical workflow after verifying the preview identity.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--workflow |
no | `` | text | Workflow name from config. |
--input |
no | `` | text | Inline JSON or YAML workflow input. |
--input-file |
no | `` | path | JSON or YAML file providing workflow input. |
--apply-digest |
no | `` | text | Preview apply digest from workflow run. |
--head-snapshot |
no | `` | text | Expected head snapshot ID from workflow preview. |
--preview-file |
no | `` | file | Read preview state from a file saved by run --save-preview. |
--from-last-preview |
no | False |
boolean | Apply the latest stored preview for the workflow. Mutually exclusive with --preview-file/--apply-digest. |
--decision-record |
no | `` | text | Decision record ID for audit logging. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible clone¶
Usage: cruxible clone [OPTIONS]
Purpose: Create a new local instance from a chosen snapshot.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--snapshot |
yes | Sentinel.UNSET |
text | Snapshot ID to clone from. |
--root-dir |
yes | Sentinel.UNSET |
text | Root directory for the new cloned instance. |
--activate / --no-activate |
no | True |
boolean | Make the cloned server instance the active CLI context instance. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible config views¶
Usage: cruxible config views [OPTIONS]
Purpose: Render canonical Mermaid/Markdown views for a Cruxible config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--config |
yes | Sentinel.UNSET |
file | Path to config YAML file. |
--view |
no | all |
choice | View to render. 'all' emits the standard config-drafting diagrams. |
--bare |
no | False |
boolean | Emit the raw selected view without Markdown wrapping. |
--update-readme |
no | Sentinel.UNSET |
file | Replace matching CRUXIBLE marker blocks in a README. |
--runtime |
no | False |
boolean | Compose extends overlays as a runtime composed view. This includes inherited ontology/query surfaces but strips upstream build-only workflows. |
Output And Side Effects: - Produces documentation or file output; graph state is not changed.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible context¶
Usage: cruxible context [OPTIONS]
Purpose: Manage remembered governed server and instance context.
Subcommands:
cruxible context clear- Clear remembered governed CLI context.cruxible context connect- Persist the current governed transport and optional instance.cruxible context show- Show the remembered CLI context.cruxible context use- Set the active governed instance ID.
Output And Side Effects: - Mutates only the remembered CLI context file, not graph state.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible context clear¶
Usage: cruxible context clear [OPTIONS]
Purpose: Clear remembered governed CLI context.
Output And Side Effects: - Mutates only the remembered CLI context file, not graph state.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible context connect¶
Usage: cruxible context connect [OPTIONS]
Purpose: Persist the current governed transport and optional instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--server-url |
no | `` | text | Remote Cruxible server base URL. |
--server-socket |
no | `` | text | Local Cruxible server Unix socket path. |
--instance-id |
no | `` | text | Opaque server-mode instance ID. Defaults to remembered CLI context. |
Output And Side Effects: - Mutates only the remembered CLI context file, not graph state.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible context show¶
Usage: cruxible context show [OPTIONS]
Purpose: Show the remembered CLI context.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Mutates only the remembered CLI context file, not graph state.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible context use¶
Usage: cruxible context use [OPTIONS]
Purpose: Set the active governed instance ID.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
instance_id |
yes | Sentinel.UNSET |
text | Positional argument. |
Output And Side Effects: - Mutates only the remembered CLI context file, not graph state.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible credential¶
Usage: cruxible credential [OPTIONS]
Purpose: Manage runtime bearer credentials for a governed server instance.
Subcommands:
cruxible credential claim-bootstrap- Exchange the one-time bootstrap secret for the first ADMIN runtime token.cruxible credential mint- Mint a new runtime bearer credential.cruxible credential list- List runtime bearer credentials for the active instance.cruxible credential revoke- Revoke a runtime bearer credential.cruxible credential rotate- Rotate a runtime bearer credential and print the replacement token once.cruxible credential recover-admin- Recover an ADMIN token by local filesystem ownership of server state.
Output And Side Effects:
- Server-mode only. Uses the remembered CLI context or --instance-id for the target instance.
- Credential creation and rotation print plaintext tokens once. Save them immediately; later list calls show metadata only.
Common Errors:
- Missing server transport or missing/stale --instance-id.
- Permission mode too low; runtime credential management requires ADMIN.
- The bootstrap secret was already claimed or does not match the server secret.
cruxible credential claim-bootstrap¶
Usage: cruxible credential claim-bootstrap [OPTIONS]
Purpose: Exchange the one-time runtime bootstrap secret for the initial ADMIN runtime token.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--secret-file |
no | CRUXIBLE_RUNTIME_BOOTSTRAP_SECRET |
file | File containing the runtime bootstrap secret. |
Output And Side Effects:
- Calls the existing runtime bootstrap claim route for the active instance.
- Prints the ADMIN token once with the save hint
Save it now, for example: export CRUXIBLE_SERVER_BEARER_TOKEN=<token>.
Common Errors:
- Provide --secret-file or set CRUXIBLE_RUNTIME_BOOTSTRAP_SECRET.
- The bootstrap secret is invalid or has already been claimed.
cruxible credential mint¶
Usage: cruxible credential mint [OPTIONS]
Purpose: Mint a new runtime bearer credential for the active server instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--label |
yes | Sentinel.UNSET |
text | Human-readable credential label. |
--mode |
yes | Sentinel.UNSET |
choice | Permission mode: admin, graph_write, governed_write, or read_only. |
Output And Side Effects: - Creates an instance-scoped runtime credential and prints its plaintext token once.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low; credential minting requires ADMIN.
cruxible credential list¶
Usage: cruxible credential list [OPTIONS]
Purpose: List runtime bearer credential metadata for the active server instance.
Output And Side Effects: - Read-only metadata output. Plaintext tokens are never returned by list.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low; credential listing requires ADMIN.
cruxible credential revoke¶
Usage: cruxible credential revoke [OPTIONS] CREDENTIAL_ID
Purpose: Revoke a runtime bearer credential.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
CREDENTIAL_ID |
yes | Sentinel.UNSET |
argument | Runtime credential ID to revoke. |
Output And Side Effects: - Revokes the credential for the active instance and prints updated metadata.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Credential ID not found for the active instance.
cruxible credential rotate¶
Usage: cruxible credential rotate [OPTIONS] CREDENTIAL_ID
Purpose: Rotate a runtime bearer credential and print the replacement token once.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
CREDENTIAL_ID |
yes | Sentinel.UNSET |
argument | Runtime credential ID to rotate. |
Output And Side Effects: - Revokes the old credential, creates a replacement with the same permission mode, and prints the new plaintext token once.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Credential ID not found for the active instance.
cruxible credential recover-admin¶
Usage: cruxible credential recover-admin [OPTIONS]
Purpose: Recover an ADMIN runtime token by local filesystem ownership of server state. Local-only: refuses to run with any resolved server connection, never contacts a daemon, and treats invoking-uid ownership of --state-dir and its runtime_credentials.db as the recovery authority.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--state-dir |
yes | Sentinel.UNSET |
path | Server state directory containing runtime_credentials.db. Stop the daemon first; the lock check only refuses a writer caught mid-transaction and does not detect an idle running daemon. |
--instance-id |
no | None |
text | Target instance ID when the credentials DB contains multiple instances. |
--label |
no | recovered-admin |
text | Human-readable label for the recovered ADMIN credential. |
--json |
no | False |
flag | Output as JSON. |
Output And Side Effects:
- Mints one new ADMIN credential (created_by: local_recovery), records a recovery audit event in the same transaction, and prints the plaintext token once. Existing credentials are not revoked automatically.
Common Errors:
- Refused in server mode: unset --server-url/--server-socket (and their environment variables) and run locally.
- State dir or credentials DB not owned by the invoking uid.
- Credentials DB locked by an active writer, or no ADMIN credential record exists for the target instance.
cruxible decision-record¶
Usage: cruxible decision-record [OPTIONS]
Purpose: Manage decision records and their logged receipts.
Subcommands:
cruxible decision-record abandon- Abandon an open decision record.cruxible decision-record create- Create an open decision record.cruxible decision-record events- List decision-record events.cruxible decision-record finalize- Finalize an open decision record.cruxible decision-record get- Fetch one decision record.cruxible decision-record list- List decision records.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible decision-record abandon¶
Usage: cruxible decision-record abandon [OPTIONS]
Purpose: Abandon an open decision record.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--id |
yes | Sentinel.UNSET |
text | Decision record ID. |
--reason |
no | `` | text | Reason for abandoning the record. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible decision-record create¶
Usage: cruxible decision-record create [OPTIONS]
Purpose: Create an open decision record.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--question |
yes | Sentinel.UNSET |
text | Question or decision being evaluated. |
--subject-type |
no | `` | text | Optional subject type. |
--subject-id |
no | `` | text | Optional subject identifier. |
--opened-by |
no | human |
choice | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible decision-record events¶
Usage: cruxible decision-record events [OPTIONS]
Purpose: List decision-record events.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--id |
no | `` | text | Decision record ID. |
--receipt |
no | `` | text | Receipt ID. |
--trace |
no | `` | text | Trace ID. |
--status |
no | `` | choice | |
--limit |
no | 100 |
integer range | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible decision-record finalize¶
Usage: cruxible decision-record finalize [OPTIONS]
Purpose: Finalize an open decision record.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--id |
yes | Sentinel.UNSET |
text | Decision record ID. |
--final-decision |
yes | Sentinel.UNSET |
text | Final decision text. |
--decision-class |
yes | Sentinel.UNSET |
choice | |
--rationale |
no | `` | text | Decision rationale. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible decision-record get¶
Usage: cruxible decision-record get [OPTIONS]
Purpose: Fetch one decision record.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--id |
yes | Sentinel.UNSET |
text | Decision record ID. |
--events, --no-events |
no | True |
boolean | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible decision-record list¶
Usage: cruxible decision-record list [OPTIONS]
Purpose: List decision records.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--status |
no | `` | choice | |
--subject-type |
no | `` | text | |
--subject-id |
no | `` | text | |
--decision-class |
no | `` | choice | |
--limit |
no | 100 |
integer range | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible evaluate¶
Usage: cruxible evaluate [OPTIONS]
Purpose: Assess graph quality: orphans, gaps, violations, unreviewed co-members.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--limit |
no | 100 |
integer | Max findings to show. |
--severity |
no | choice: error, warning, info |
Only return findings at this severity. Repeatable. | |
--category |
no | choice: orphan_entity, coverage_gap, constraint_violation, governed_support_relationship, unreviewed_co_member, quality_check_failed |
Only return findings in this category. Repeatable. | |
--json |
no | False |
boolean | Output as JSON. |
Agent triage example: cruxible evaluate --severity error --limit 1 --json
checks whether any error-level finding exists without fetching lower-severity
noise. Summaries still reflect the full graph evaluation, not just the filtered
findings.
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible explain¶
Usage: cruxible explain [OPTIONS]
Purpose: Explain a query result using its receipt.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--receipt |
yes | Sentinel.UNSET |
text | Receipt ID to explain. |
--format |
no | markdown |
choice | Output format. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible export¶
Usage: cruxible export [OPTIONS]
Purpose: Export graph data to files.
Subcommands:
cruxible export edges- Export all edges to CSV.
Output And Side Effects: - Produces documentation or file output; graph state is not changed.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible export edges¶
Usage: cruxible export edges [OPTIONS]
Purpose: Export all edges to CSV.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--output, -o |
yes | Sentinel.UNSET |
file | Output file path. |
--relationship |
no | `` | text | Filter by relationship type. |
--exclude-rejected |
no | False |
boolean | Exclude edges with rejected review_status. |
Output And Side Effects: - Produces documentation or file output; graph state is not changed.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible feedback¶
Usage: cruxible feedback [OPTIONS]
Purpose: Record, batch, analyze, and inspect edge feedback.
Subcommands:
cruxible feedback record- Submit feedback on a specific edge by explicit relationship coordinates.cruxible feedback from-query- Submit edge feedback by selecting relationship evidence from a query receipt.cruxible feedback batch- Submit a batch of edge feedback with one top-level receipt.cruxible feedback profile- Display the configured feedback profile for one relationship type.cruxible feedback analyze- Analyze structured feedback and print remediation suggestions.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible feedback record¶
Usage: cruxible feedback record [OPTIONS]
Purpose: Submit feedback on a specific edge by explicit relationship coordinates.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--receipt |
yes | Sentinel.UNSET |
text | Receipt ID. |
--action |
yes | Sentinel.UNSET |
choice | Feedback action. |
--from-type |
yes | Sentinel.UNSET |
text | Source entity type. |
--from-id |
yes | Sentinel.UNSET |
text | Source entity ID. |
--relationship |
yes | Sentinel.UNSET |
text | Relationship type. |
--to-type |
yes | Sentinel.UNSET |
text | Target entity type. |
--to-id |
yes | Sentinel.UNSET |
text | Target entity ID. |
--edge-key |
no | `` | integer | Edge key (multi-edge disambiguation). |
--reason |
no | `` | text | Reason for feedback. |
--reason-code |
no | `` | text | Structured feedback reason code. |
--scope-hints |
no | `` | text | JSON object of structured scope hints. |
--corrections |
no | `` | text | JSON object of edge property corrections (for action=correct). |
--source |
no | human |
choice | Who produced this feedback (default: human). |
--group-override |
no | False |
boolean | Mark relationship assertion metadata as a group override (edge must exist). |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible feedback from-query¶
Usage: cruxible feedback from-query [OPTIONS]
Purpose: Submit edge-level feedback by selecting one relationship row or path segment from a query receipt.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--receipt |
yes | Sentinel.UNSET |
text | Query receipt ID. |
--result-index |
yes | Sentinel.UNSET |
integer | Zero-based index of the query result row to adjudicate. |
--action |
yes | Sentinel.UNSET |
choice | Feedback action. |
--source |
no | human |
choice | Who produced this feedback (default: human). |
--reason |
no | `` | text | Reason for feedback. |
--reason-code |
no | `` | text | Structured feedback reason code. |
--scope-hints |
no | `` | text | JSON object of structured scope hints. |
--corrections |
no | `` | text | JSON object of edge property corrections (for action=correct). |
--group-override |
no | False |
boolean | Mark selected edge assertion metadata as a group override (edge must exist). |
--path-index |
no | `` | integer | Zero-based path segment index for path query rows. |
--path-alias |
no | `` | text | Traversal alias for the selected path segment. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Creates normal feedback records and feedback receipts through the existing edge-feedback path.
- Adjudicates one existing relationship assertion from query evidence. It does not resolve candidate groups.
- Use cruxible group get --group <group_id> and cruxible group resolve --group <group_id> --action approve|reject --expected-pending-version <n> when the decision is about a group thesis or member set.
Common Errors:
- The receipt is missing, is not a query receipt, or the result index is out of range.
- Entity-shaped query rows do not contain relationship evidence.
- Multi-hop path rows require exactly one of --path-index or --path-alias.
- The selected path alias is missing or duplicated, or the selected edge is no longer in the graph.
cruxible feedback batch¶
Usage: cruxible feedback batch [OPTIONS]
Purpose: Submit a batch of edge feedback with one top-level receipt.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--items-file |
no | `` | path | JSON or YAML file with batch feedback items. |
--items |
no | `` | text | Inline JSON array of feedback items. |
--source |
no | human |
choice | Who produced this feedback batch (default: human). |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible feedback profile¶
Usage: cruxible feedback profile [OPTIONS]
Purpose: Display the configured feedback profile for one relationship type.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--relationship |
yes | Sentinel.UNSET |
text | Relationship type. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group¶
Usage: cruxible group [OPTIONS]
Purpose: Manage candidate groups for batch edge review.
Subcommands:
cruxible group get- Get details of a candidate group.cruxible group list- List candidate groups.cruxible group propose- Propose a candidate group of edges for batch review.cruxible group resolutions- List group resolutions.cruxible group resolve- Resolve a candidate group (approve or reject).cruxible group status- Show lifecycle status for a signature bucket.cruxible group trust- Update trust status on a resolution.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group get¶
Usage: cruxible group get [OPTIONS]
Purpose: Get details of a candidate group.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--group |
yes | Sentinel.UNSET |
text | Group ID. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group list¶
Usage: cruxible group list [OPTIONS]
Purpose: List candidate groups.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--relationship |
no | `` | text | Filter by relationship type. |
--status |
no | `` | choice | Filter by status. |
--limit |
no | 50 |
integer | Max groups to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group propose¶
Usage: cruxible group propose [OPTIONS]
Purpose: Propose a candidate group of edges for batch review.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--relationship |
yes | Sentinel.UNSET |
text | Relationship type for the group. |
--members-file |
no | `` | path | JSON file with member list. |
--members |
no | `` | text | Inline JSON array of members. |
--thesis |
no | `` | text | Human-readable thesis text. |
--thesis-facts |
no | `` | text | Optional JSON object used as agent-supplied direct proposal scope. |
--analysis-state |
no | `` | text | JSON object of opaque analysis state. |
--signal-source |
no | () |
text | Deprecated and hidden; signal sources are derived from member signals. Optional, repeatable. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group resolutions¶
Usage: cruxible group resolutions [OPTIONS]
Purpose: List group resolutions.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--relationship |
no | `` | text | Filter by relationship type. |
--action |
no | `` | choice | Filter by action. |
--limit |
no | 50 |
integer | Max resolutions to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group resolve¶
Usage: cruxible group resolve [OPTIONS]
Purpose: Resolve a candidate group (approve or reject).
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--group |
yes | Sentinel.UNSET |
text | Group ID to resolve. |
--action |
yes | Sentinel.UNSET |
choice | Resolution action. |
--rationale |
no | `` | text | Rationale for this resolution. |
--source |
no | human |
choice | Who resolved (default: human). |
--expected-pending-version |
yes | Sentinel.UNSET |
integer | Pending version the reviewer saw when deciding. |
--stamp-existing |
no | False |
boolean | On approve, bless each surviving pre-existing edge with this group's review status and provenance instead of skipping it. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group status¶
Usage: cruxible group status [OPTIONS]
Purpose: Show lifecycle status for a signature bucket.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--group |
no | `` | text | Concrete group ID. |
--signature |
no | `` | text | Signature bucket ID. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible group trust¶
Usage: cruxible group trust [OPTIONS]
Purpose: Update trust status on a resolution.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--resolution |
yes | Sentinel.UNSET |
text | Resolution ID. |
--status |
yes | Sentinel.UNSET |
choice | Trust status to set. |
--reason |
no | `` | text | Reason for trust status change. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible init¶
Usage: cruxible init [OPTIONS]
Purpose: Initialize a new instance or governed server-backed workspace.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--config |
no | `` | text | Path to config YAML file. |
--kit |
no | `` | text | Kit alias or ref to materialize; repeatable. Order is composition order: a standalone base kit first, overlay kits after. |
--root-dir |
no | `` | text | Workspace root for config/artifact provenance (defaults to current directory). |
--data-dir |
no | `` | text | Directory for data files. |
--bootstrap |
no | False |
boolean | Use hosted kit init authorized by the runtime bootstrap bearer. Requires --kit. |
--activate / --no-activate |
no | True |
boolean | Make a new server instance the active CLI context instance. |
Output And Side Effects:
- Normal server init calls the governed instance lifecycle route. With --bootstrap --kit, calls the hosted runtime kit-init route so the one-time bootstrap bearer can create the first auth-enabled instance.
- New server instances are remembered in CLI context unless --no-activate is used.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Auth rejecting plain init --kit; run cruxible init --kit <ref> --bootstrap with CRUXIBLE_SERVER_BEARER_TOKEN set to the bootstrap secret, then run cruxible credential claim-bootstrap.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible inspect¶
Usage: cruxible inspect [OPTIONS]
Purpose: Inspect entities plus canonical read-only system views.
Subcommands:
cruxible inspect governance- Show the canonical governance view for the current instance.cruxible inspect ontology- Show the canonical ontology view for the current instance config.cruxible inspect overview- Show the generated config overview built from canonical views.cruxible inspect queries- Show the canonical query view for the current instance config.cruxible inspect trace- Inspect a provider execution trace by ID.cruxible inspect workflows- Show the canonical workflow view for the current instance config.
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible inspect governance¶
Usage: cruxible inspect governance [OPTIONS]
Purpose: Show the canonical governance view for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--format |
no | markdown |
choice | Output format. |
--limit |
no | 200 |
integer range | Max pending groups and resolutions to inspect. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible inspect trace¶
Usage: cruxible inspect trace [OPTIONS] TRACE_ID
Purpose: Inspect a provider execution trace by ID.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
trace_id |
yes | Sentinel.UNSET |
text | Positional argument. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Read-only. Returns the persisted provider execution trace, including provider metadata, retained input/output payload fields, payload digest/size metadata, status, timings, and error details when present. Payload fields follow the instance config's runtime.trace_payloads retention policy.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Trace ID not found.
- Permission mode too low for read operations.
cruxible inspect ontology¶
Usage: cruxible inspect ontology [OPTIONS]
Purpose: Show the canonical ontology view for the current instance config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--format |
no | markdown |
choice | Output format. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible inspect overview¶
Usage: cruxible inspect overview [OPTIONS]
Purpose: Show the generated config overview built from canonical views.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--format |
no | markdown |
choice | Output format. |
--limit |
no | 200 |
integer range | Max pending groups and resolutions to inspect. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible inspect queries¶
Usage: cruxible inspect queries [OPTIONS]
Purpose: Show the canonical query view for the current instance config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--format |
no | markdown |
choice | Output format. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible inspect workflows¶
Usage: cruxible inspect workflows [OPTIONS]
Purpose: Show the canonical workflow view for the current instance config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--format |
no | markdown |
choice | Output format: json, markdown, mermaid, mermaid-dependencies, or mermaid-steps. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible lint¶
Usage: cruxible lint [OPTIONS]
Purpose: Run the aggregate read-only corpus lint pass.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--max-findings |
no | 100 |
integer | Max graph findings to include. |
--analysis-limit |
no | 200 |
integer | Rows to inspect for feedback and outcome analysis. |
--min-support |
no | 5 |
integer | Minimum support for lint suggestions. |
--exclude-orphan-type |
no | Sentinel.UNSET |
text | Entity type to exclude from orphan checks. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list¶
Usage: cruxible list [OPTIONS]
Purpose: List entities, receipts, or feedback.
Subcommands:
cruxible list edges- List edges in the graph.cruxible list entities- List entities of a given type.cruxible list feedback- List feedback records.cruxible list outcomes- List outcome records.cruxible list receipts- List receipt summaries.cruxible list traces- List provider execution trace summaries.
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list edges¶
Usage: cruxible list edges [OPTIONS]
Purpose: List edges in the graph.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--relationship |
no | `` | text | Filter by relationship type. |
--where |
no | `` | text | Property predicate. Repeatable. Use field=value, field~value, or field:in=a,b. |
--limit |
no | 50 |
integer | Max edges to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--state |
no | `` | choice | Read-visibility state: live, accepted, all, not-live, pending, or reviewable. Omit to return every stored edge (the inspection default); not-live surfaces rejected/closed edges, live hides them. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
- list edges is a stored-relationship inspection surface. With no --state
it returns every stored edge, including pending, rejected, or otherwise
non-live ones. Pass --state live (or use named queries, which are logical
reads) when you need live/reviewable truth rather than store inspection;
--state not-live surfaces exactly the rejected/closed edges for recovery.
- Example: cruxible list edges --relationship work_item_depends_on_work_item --where dependency_basis~schema --json
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list entities¶
Usage: cruxible list entities [OPTIONS]
Purpose: List entities of a given type.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--type |
yes | Sentinel.UNSET |
text | Entity type to list. |
--field |
no | `` | text | Property field to include. Repeat to project compact entity payloads. |
--where |
no | `` | text | Property predicate. Repeatable. Use field=value, field~value, or field:in=a,b. |
--limit |
no | 50 |
integer | Max entities to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--state |
no | `` | choice | Read-visibility state by entity lifecycle: live (default — hides retired/superseded entities), all, or not-live (only the gated-out set). Review-only values resolve to live (entities have no review axis). |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Read-only. Defaults to --state live: retired/superseded entities
(entity lifecycle.status != live) are hidden. Use --state not-live to find
the gated-out set (recovery), or --state all for everything. Without
--field, returns full entity records. With --field,
returns the same list envelope but trims each entity's properties to the
requested fields while always keeping entity_type and entity_id.
- --where filters configured entity properties after the caller has selected
an entity type. It is bounded predicate filtering, not topic or semantic
search. Examples:
cruxible list entities --type WorkItem --where status=active --field title --json
and
cruxible list entities --type WorkItem --where title~query --field status --json.
- Field projection reduces payload size after the caller has already selected
an entity type; it is not topic search.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list feedback¶
Usage: cruxible list feedback [OPTIONS]
Purpose: List feedback records.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--receipt |
no | `` | text | Filter by receipt ID. |
--limit |
no | 50 |
integer | Max records to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list outcomes¶
Usage: cruxible list outcomes [OPTIONS]
Purpose: List outcome records.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--receipt |
no | `` | text | Filter by receipt ID. |
--limit |
no | 50 |
integer | Max records to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list receipts¶
Usage: cruxible list receipts [OPTIONS]
Purpose: List receipt summaries.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--query-name |
no | `` | text | Filter by query name. |
--operation-type |
no | `` | text | Filter by operation type. |
--limit |
no | 50 |
integer | Max receipts to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible list traces¶
Usage: cruxible list traces [OPTIONS]
Purpose: List provider execution trace summaries.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--workflow |
no | `` | text | Filter by workflow name. |
--provider |
no | `` | text | Filter by provider name. |
--limit |
no | 100 |
integer range | Max traces to show. |
--offset |
no | 0 |
integer range | Rows to skip. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only. Returns trace summary rows with trace ID, workflow, step, provider, runtime, and creation time.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for read operations.
- Invalid limit or offset.
cruxible lock¶
Usage: cruxible lock [OPTIONS]
Purpose: Generate a workflow lock file for the current instance config, or for a bare kit directory with --kit-dir.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--force |
no | False |
boolean | Accept live canonical artifact hashes when regenerating the lock. |
--kit-dir |
no | `` | directory | Build <kit-dir>/cruxible.lock.yaml from <kit-dir>/config.yaml without loading an instance or contacting a daemon. |
Output And Side Effects:
- Without --kit-dir, updates the active instance workflow lock through the local service layer or configured daemon.
- With --kit-dir, performs a pure local kit lock refresh: reads the kit's own config layer (no target_state composition — base-layer content is pinned by the base kit's own lock), writes <kit-dir>/cruxible.lock.yaml with artifact URIs preserved as written, and prints the lock digest. This is the canonical generation path for a committed kit lock; CI asserts regen-is-noop for every bundled kit.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- --kit-dir cannot be combined with explicit server transport flags or --instance-id, and the kit directory must contain config.yaml.
- Canonical artifact digest mismatches fail unless --force is used to accept the on-disk hash.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible outcome¶
Usage: cruxible outcome [OPTIONS]
Purpose: Record, analyze, and inspect decision outcomes.
Subcommands:
cruxible outcome record- Record the outcome of a decision.cruxible outcome profile- Display the configured outcome profile for one anchor context.cruxible outcome analyze- Analyze structured outcomes and print trust/debugging suggestions.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible outcome record¶
Usage: cruxible outcome record [OPTIONS]
Purpose: Record the outcome of a decision.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--receipt |
yes | Sentinel.UNSET |
text | Receipt ID. |
--outcome |
yes | Sentinel.UNSET |
choice | Outcome of the decision. |
--detail |
no | `` | text | JSON string with outcome details. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible outcome profile¶
Usage: cruxible outcome profile [OPTIONS]
Purpose: Display the configured outcome profile for one anchor context.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--anchor-type |
yes | Sentinel.UNSET |
choice | Anchor type to resolve. |
--relationship |
no | `` | text | Relationship type. |
--workflow |
no | `` | text | Workflow name. |
--surface-type |
no | `` | choice | Receipt surface type. |
--surface-name |
no | `` | text | Receipt surface name. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible plan¶
Usage: cruxible plan [OPTIONS]
Purpose: Compile a workflow plan for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--workflow |
yes | Sentinel.UNSET |
text | Workflow name from config. |
--input |
no | `` | text | Inline JSON or YAML workflow input. |
--input-file |
no | `` | path | JSON or YAML file providing workflow input. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible propose¶
Usage: cruxible propose [OPTIONS]
Purpose: Execute a type: proposal workflow and bridge its output into a candidate group.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--workflow |
yes | Sentinel.UNSET |
text | Workflow name from config. |
--input |
no | `` | text | Inline JSON or YAML workflow input. |
--input-file |
no | `` | path | JSON or YAML file providing workflow input. |
--decision-record |
no | `` | text | Decision record ID for audit logging. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible query¶
Usage: cruxible query [OPTIONS]
Purpose: Run, inspect, and discover named queries on this instance.
Subcommands:
cruxible query describe- Describe one named query with required params and example IDs.cruxible query inline- Execute a bounded inline query definition for exploration.cruxible query list- List named queries with entry points and required params.cruxible query run- Execute a named query and display results plus the receipt.
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible query run¶
Usage: cruxible query run [OPTIONS] QUERY_NAME
Purpose: Execute a named query and display results plus the receipt.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
query_name |
yes | Sentinel.UNSET |
text | Positional argument. |
--param |
no | Sentinel.UNSET |
text | Query parameter as KEY=VALUE. |
--limit |
no | `` | integer range | Max results to display. |
--state |
no | `` | choice | Read-visibility state: live (default), accepted, all, not-live, pending, or reviewable. Gates entities by lifecycle and edges by review+lifecycle. Overriding a named query's configured state requires allow_relationship_state_override: true. |
--count |
no | False |
boolean | Show only summary metadata. |
--decision-record |
no | `` | text | Decision record ID for audit logging. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible query inline¶
Usage: cruxible query inline [OPTIONS]
Purpose: Execute a bounded inline query definition without persisting it to config.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--definition-json |
no | `` | text | Inline query definition as a JSON object. |
--definition-file |
no | `` | path | Path to a JSON or YAML inline query definition. |
--param |
no | Sentinel.UNSET |
text | Query parameter as KEY=VALUE. |
--limit |
no | `` | integer range | Max results to display. |
--state |
no | `` | choice | Read-visibility state: live (default), accepted, all, not-live, pending, or reviewable. Gates entities by lifecycle and edges by review+lifecycle. Overriding the inline definition's configured state requires allow_relationship_state_override: true. |
--count |
no | False |
boolean | Show only summary metadata. |
--decision-record |
no | `` | text | Decision record ID for audit logging. |
--json |
no | False |
boolean | Output as JSON. |
Example:
cruxible query inline \
--definition-json '{"name":"brake_parts","mode":"collection","returns":"Part","result_shape":"entity","where":{"result.properties.category":{"eq":"brakes"}}}' \
--json
Output And Side Effects: - Read-only graph access. Inline queries persist query receipts and optional decision events, but they do not modify or persist config.
Common Errors:
- Provide exactly one of --definition-json or --definition-file.
- Inline query definitions use the same shape as configured named queries plus
required name; repeated or workflow-critical inline queries should be
promoted into config as named queries.
cruxible query describe¶
Usage: cruxible query describe [OPTIONS]
Purpose: Describe one named query with required params and example IDs.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--query |
yes | Sentinel.UNSET |
text | Named query from config. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible query list¶
Usage: cruxible query list [OPTIONS]
Purpose: List named queries with entry points and required params.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible config reload¶
Usage: cruxible config reload [OPTIONS]
Purpose: Validate the active config or repoint the instance to a new config file.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--config |
no | `` | text | Optional new config path. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible run¶
Usage: cruxible run [OPTIONS]
Purpose: Execute a workflow for the current instance. Canonical workflows run as previews and return an apply_digest plus head_snapshot_id; use cruxible apply to commit them. For type: proposal workflows, use cruxible propose instead.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--workflow |
yes | Sentinel.UNSET |
text | Workflow name from config. |
--input |
no | `` | text | Inline JSON or YAML workflow input. |
--input-file |
no | `` | path | JSON or YAML file providing workflow input. |
--save-preview |
no | `` | file | Save preview state to a JSON file for use with apply --preview-file. |
--decision-record |
no | `` | text | Decision record ID for audit logging. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible sample¶
Usage: cruxible sample [OPTIONS]
Purpose: Show a sample of entities of a given type.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--type |
yes | Sentinel.UNSET |
text | Entity type to sample. |
--field |
no | `` | text | Property field to include. Repeat to project compact entity payloads. |
--limit |
no | 5 |
integer | Number of entities to show. |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Read-only. Without --field, returns full sampled entity records. With
--field, trims each entity's properties to the requested fields while
always keeping entity_type and entity_id.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible schema¶
Usage: cruxible schema [OPTIONS]
Purpose: Display the config schema for this instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible server¶
Usage: cruxible server [OPTIONS]
Purpose: Launch and inspect the Cruxible daemon.
Subcommands:
cruxible server start- Launch the Cruxible daemon in the foreground (the only daemon launch path).cruxible server status- Report a running daemon's version, state dir, transport, and instances.cruxible server info- Show live daemon metadata such as auth mode and state dir.cruxible server restart- Re-exec the live daemon in place, preserving its port, state dir, and env.
Client Vs Launch:
- start LAUNCHES the daemon; it takes no --server-url and becomes the
long-running daemon process.
- status, info, and restart are CLIENT RPCs against an already-running
daemon: they need a transport (--server-url / --server-socket or the
matching env vars) and fail with a clear message when no daemon is reachable.
Output And Side Effects: - Command-specific output only.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible server start¶
Usage: cruxible server start [OPTIONS]
Purpose: Launch the Cruxible daemon in the foreground.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--host |
no | CRUXIBLE_HOST or 127.0.0.1 |
text | Bind host. Ignored when --socket is set. |
--port |
no | CRUXIBLE_PORT or 8100 |
integer | Bind port. Ignored when --socket is set. |
--state-dir |
no | CRUXIBLE_SERVER_STATE_DIR or ~/.cruxible/server |
text | Server-owned state directory. |
--socket |
no | CRUXIBLE_SERVER_SOCKET |
text | Listen on this Unix socket path instead of host/port. |
--bootstrap-secret-file |
no | `` | file | Write an auto-generated runtime bootstrap secret to this file with mode 0600. |
Output And Side Effects:
- This process becomes the long-running daemon (it is not a client of an
existing one, so it takes no --server-url). Flags override the matching
environment variables (CRUXIBLE_HOST, CRUXIBLE_PORT,
CRUXIBLE_SERVER_STATE_DIR, CRUXIBLE_SERVER_SOCKET); unset flags fall back to
the env value or the built-in default. Use a durable --state-dir; Cruxible
warns at startup when the state path resolves under a volatile temp location.
Stop with Ctrl-C. cruxible server start --help prints help and exits without
serving.
- When CRUXIBLE_SERVER_AUTH=true and no CRUXIBLE_RUNTIME_BOOTSTRAP_SECRET
is set, generates a one-time bootstrap secret. Without
--bootstrap-secret-file, prints it once with hosted-init and claim hints.
With --bootstrap-secret-file, writes it to that path as 0600 and prints only
the path plus hosted-init and claim hints.
Common Errors:
- Binding a non-loopback host without CRUXIBLE_SERVER_AUTH=true is refused.
- A state dir that previously required auth is refused unless auth is re-enabled.
- The daemon ships in the default install (pip install cruxible); no extra is required.
cruxible server status¶
Usage: cruxible server status [OPTIONS]
Purpose: Report a running daemon's version, state dir, transport, and instances.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- A CLIENT command: queries an already-running daemon over the configured
transport (--server-url / --server-socket or the matching env vars) and
prints whether it is reachable, plus its version, state directory, configured
transport, instance count, and auth status. With --json, returns the same
fields plus transport.
Common Errors:
- No transport configured, or the daemon is down: fails with a clear message
(no hang) pointing at cruxible server start / --server-url.
- Permission mode too low to read cross-tenant daemon metadata.
cruxible server info¶
Usage: cruxible server info [OPTIONS]
Purpose: Show live daemon metadata such as auth mode and state dir.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects:
- Prints daemon version, server requirement, auth enabled/required status, state
directory, and instance count. With --json, returns the same fields.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible server restart¶
Usage: cruxible server restart [OPTIONS]
Purpose: Re-exec the live daemon in place, preserving its port, state dir, and env.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
--no-wait |
no | False |
boolean | Return immediately after scheduling the restart, without confirming the daemon is back. |
--timeout |
no | 30.0 |
float | Seconds to wait for the restarted daemon to answer again. |
Output And Side Effects:
- Replaces the daemon's own process image (os.execv), preserving port, state
directory, and environment, so it picks up code changes without losing its
transport or instances. By default waits for the new image to answer and
prints the confirmed version; --no-wait skips the wait. Requires ADMIN.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible snapshot¶
Usage: cruxible snapshot [OPTIONS]
Purpose: Manage immutable state snapshots.
Subcommands:
cruxible snapshot create- Create an immutable full snapshot for the current instance.cruxible snapshot list- List snapshots for the current instance.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible snapshot create¶
Usage: cruxible snapshot create [OPTIONS]
Purpose: Create an immutable full snapshot for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--label |
no | `` | text | Optional human label for the snapshot. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible snapshot list¶
Usage: cruxible snapshot list [OPTIONS]
Purpose: List snapshots for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--limit |
no | `` | integer | Max snapshots to show. |
--offset |
no | 0 |
integer | Rows to skip. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible source¶
Usage: cruxible source [OPTIONS] COMMAND [ARGS]...
Purpose: Register local source documents and dereference source-backed evidence locators.
Subcommands:
cruxible source list- List registered source artifact summaries.cruxible source get- Read one registered source artifact's metadata and chunk map.cruxible source register- Parse and register a local Markdown source artifact.cruxible source dereference- Resolve a registered source-evidence locator back to source text.
Output And Side Effects:
- source list, source get, and source dereference are read-only.
- source register writes a source artifact manifest, parsed chunk metadata, and
optional archived source bytes into the current instance.
Common Errors:
- Missing local instance or stale daemon --instance-id.
- Permission mode too low for governed write/read operations.
- Unsupported source kind, missing local source path, incomplete locator, or
drifted source content hash.
cruxible source list¶
Usage: cruxible source list [OPTIONS]
Purpose: List registered source artifact summaries for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--limit |
no | 50 |
integer | Max artifacts to show. |
--offset |
no | 0 |
integer | Rows to skip. |
--json |
no | False |
boolean | Output the full list contract payload as JSON. |
Output And Side Effects:
- Read-only. Human output renders a table with artifact id, kind, label,
retention, chunk count, and registration timestamp, followed by total and
truncated pagination status.
- With --json, emits the full SourceArtifactListResult contract payload.
Common Errors:
- Missing local instance or stale daemon --instance-id.
- Permission mode too low for source artifact reads.
- Invalid negative pagination values.
cruxible source get¶
Usage: cruxible source get [OPTIONS] ARTIFACT_ID
Purpose: Read a registered source artifact's metadata and chunk map.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
ARTIFACT_ID |
yes | Sentinel.UNSET |
text | Source artifact ID returned by source register. |
--chunks / --no-chunks |
no | True |
boolean | Show or hide the chunk metadata table in human output. |
--json |
no | False |
boolean | Output the full read contract payload as JSON, including chunk text when available. |
Output And Side Effects:
- Read-only. Human output renders an artifact header with id, kind, label,
original URI, retention, and content availability; when content is unavailable,
the reason is shown.
- By default, human output also renders a chunk table with chunk id, heading path,
block type, and line range. It does not print full chunk text; use --json
or source dereference when source body text is needed.
- With --json, emits the full SourceArtifactReadResult contract payload.
Common Errors:
- Missing local instance or stale daemon --instance-id.
- Permission mode too low for source artifact reads.
- Unknown source artifact ID.
cruxible source register¶
Usage: cruxible source register [OPTIONS]
Purpose: Register a Markdown document as source-backed proposal evidence.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--path |
yes | Sentinel.UNSET |
text | Local Markdown source path. Relative paths resolve from the current workspace. |
--id |
no | `` | text | Caller-supplied deterministic artifact id (3-64 chars of [A-Za-z0-9._-], alphanumeric start); duplicates are refused. Omit for a generated SRC-* id. |
--kind |
no | markdown |
choice | Source parser kind. |
--retention |
no | manifest_only |
choice | Source retention mode: manifest_only or archive. |
--original-uri |
no | `` | text | Optional display/provenance URI to preserve in the manifest. |
--label |
no | `` | text | Optional display label. |
--json |
no | False |
boolean | Output the registered artifact and chunk manifest as JSON. |
Examples:
cruxible source register \
--path docs/vendor-evidence.md \
--original-uri https://vendor.example/evidence.md \
--label "Vendor evidence" \
--json
Output And Side Effects:
- Persists a source artifact ID, document hash, parser version, byte count, and
deterministic chunk IDs in state.db.
- With manifest_only, Cruxible stores the manifest and local path but not a
deep copy of the source bytes.
- With archive, Cruxible also stores the source bytes so later dereference can
use the archived body if the local file is missing or changed.
Common Errors: - Missing source path, unsupported source kind, path outside the registered workspace in daemon mode, or unreadable source file.
cruxible source dereference¶
Usage: cruxible source dereference [OPTIONS]
Purpose: Resolve a registered source-evidence locator back to source text.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--artifact |
yes | Sentinel.UNSET |
text | Source artifact ID returned by source register. |
--chunk |
no | `` | text | Deterministic chunk ID from the registered manifest. |
--heading |
no | `` | text | Heading path segment. Repeat for nested headings. |
--block-selector |
no | `` | text | Block selector under the heading path, such as paragraph:1. |
--expected-content-hash |
no | `` | text | Optional expected chunk content hash for drift checks. |
--json |
no | False |
boolean | Output dereference status, chunk metadata, and body as JSON. |
Source-evidence locators must use one of two forms:
--chunk <chunk-id>--heading <heading> [--heading <nested-heading> ...] --block-selector <selector>
Examples:
cruxible source dereference \
--artifact SRC-... \
--heading "Compatibility Evidence" \
--block-selector paragraph:1
Output And Side Effects:
- Read-only. Returns available, drifted, or unavailable plus source body
when Cruxible can safely dereference the locator.
- body_origin is archive when archived bytes are used, or local_path when
Cruxible rereads the registered local file.
Common Errors:
- Missing artifact, incomplete locator, unknown chunk, unavailable local source
file for manifest_only, or content drift against the stored manifest/hash.
cruxible stats¶
Usage: cruxible stats [OPTIONS]
Purpose: Display entity and relationship counts for this instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only output unless the command records an explicit receipt, feedback, outcome, or decision event.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible test¶
Usage: cruxible test [OPTIONS]
Purpose: Execute config-defined workflow tests for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--name |
no | `` | text | Run only a named workflow test. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible validate¶
Usage: cruxible validate [OPTIONS]
Purpose: Validate a config YAML file without creating an instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--config |
yes | Sentinel.UNSET |
text | Path to config YAML file. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible instance¶
Usage: cruxible instance [OPTIONS]
Purpose: Back up and restore exact Cruxible instances.
Subcommands:
cruxible instance backup- Write a portable same-identity backup artifact for the current instance.cruxible instance restore- Restore a same-identity backup artifact.cruxible instance relocate- Move the current healthy instance to a new directory, preserving identity.
Output And Side Effects: - Command-specific output only.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible instance backup¶
Usage: cruxible instance backup [OPTIONS] ARTIFACT_PATH
Purpose: Write a portable same-identity backup artifact for the current instance.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
ARTIFACT_PATH |
yes | path | Destination path for the backup artifact. | |
--label |
no | text | Optional human label for the backup artifact. | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Writes a portable same-identity backup artifact (including the authoritative state database) for the current instance. Requires ADMIN.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible instance restore¶
Usage: cruxible instance restore [OPTIONS] ARTIFACT_PATH
Purpose: Restore a same-identity backup artifact.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
ARTIFACT_PATH |
yes | path | Backup artifact to restore from. | |
--at |
no | text | Restore target root directory. | |
--activate / --no-activate |
no | boolean | Make the restored server instance the active CLI context instance. | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Restores a daemon-backed instance from a same-identity backup artifact. Requires ADMIN.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible instance relocate¶
Usage: cruxible instance relocate [OPTIONS]
Purpose: Move the current healthy instance to a new directory, preserving identity.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--to |
yes | text | New root directory for the instance. | |
--remove-source / --keep-source |
no | keep-source |
boolean | Delete the old directory after a successful relocate (default: keep it). |
--activate / --no-activate |
no | boolean | Make the relocated server instance the active CLI context instance. | |
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Moves a healthy daemon-backed instance to a new directory while preserving its identity; the registry is repointed to the new location. Requires ADMIN.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state¶
Usage: cruxible state [OPTIONS]
Purpose: Publish immutable states and manage pullable overlays.
Subcommands:
cruxible state create-overlay- Create a new local overlay instance from a published state release.cruxible state health- Show read-only deterministic state-health maintenance signals.cruxible state publish- Publish the current root state-model instance as an immutable release bundle.cruxible state pull-apply- Apply a previewed upstream release into the current overlay.cruxible state pull-preview- Preview pulling a newer upstream release into the current overlay.cruxible state status- Show upstream tracking metadata for the current instance.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state create-overlay¶
Usage: cruxible state create-overlay [OPTIONS]
Purpose: Create a new local overlay instance from a published state release.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--transport-ref |
no | Sentinel.UNSET |
text | Transport ref, e.g. file://... or oci://... |
--state-ref |
no | Sentinel.UNSET |
text | State alias, e.g. kev-reference or kev-reference@2026-03-27. |
--kit |
no | Sentinel.UNSET |
text | Apply a checked-in local overlay kit, e.g. kev-triage. |
--no-kit |
no | False |
boolean | Skip automatic kit application and create a bare overlay. |
--root-dir |
no | `` | text | Workspace root for the new overlay (defaults to current directory in server mode). |
--activate / --no-activate |
no | True |
boolean | Make the new server overlay the active CLI context instance. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state health¶
Usage: cruxible state health [OPTIONS]
Purpose: Show read-only deterministic state-health maintenance signals.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--json |
no | False |
boolean | Output as JSON. |
Output And Side Effects: - Read-only. Aggregates deterministic maintenance signals (group counts/ages, edge provenance tally, source-artifact/provider-trace freshness, config-compatibility, and graph-integrity counts) into four sections. Reports raw metrics and binary deterministic facts only; no scoring, ranking, severity, or thresholds. Creates no receipts and mutates nothing.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state publish¶
Usage: cruxible state publish [OPTIONS]
Purpose: Publish the current root state-model instance as an immutable release bundle.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--transport-ref |
yes | Sentinel.UNSET |
text | Transport ref, e.g. file://... or oci://... |
--state-id |
yes | Sentinel.UNSET |
text | Stable published state identifier. |
--release-id |
yes | Sentinel.UNSET |
text | User-supplied release identifier. |
--compatibility |
no | data_only |
choice | Compatibility classification for the published release. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state pull-apply¶
Usage: cruxible state pull-apply [OPTIONS]
Purpose: Apply a previewed upstream release into the current overlay.
Options And Arguments:
| Name | Required | Default | Type | Description |
|---|---|---|---|---|
--apply-digest |
yes | Sentinel.UNSET |
text | Apply digest returned by pull-preview. |
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state pull-preview¶
Usage: cruxible state pull-preview [OPTIONS]
Purpose: Preview pulling a newer upstream release into the current overlay.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.
cruxible state status¶
Usage: cruxible state status [OPTIONS]
Purpose: Show upstream tracking metadata for the current instance.
Output And Side Effects: - Calls the service layer and may create receipts, traces, snapshots, config changes, groups, or graph mutations depending on the command.
Common Errors:
- Missing or stale --instance-id for daemon-backed commands.
- Permission mode too low for mutations or admin operations.
- Unknown config/workflow/query/entity names, or stale workflow locks where applicable.