Packages without permission slips.
Discover an exact version, read its manifest, and install its tarball over ordinary HTTPS. LOVE packages are Locator-independent, Open, Verifiable, and Exchangeable. Publishing to npm is optional, not a prerequisite for release or access.
The package is a set of bytes, not an account relationship. Anyone can fetch it; verified mirrors can serve the same bytes.
No signup and no npm account. The catalog, manifests, and artifacts are public GET and HEAD resources. Pin an exact version in automation. The AgentTool catalog exposes no mutable latest artifact URL.
Install an exact version
Use Bun directly with a versioned tarball. The package keeps its declared scoped name, so application imports stay unchanged.
| Package | Release | Manifest |
|---|---|---|
@agenttool/data | 0.3.0 | inspect JSON |
@agenttool/data-sync | 0.1.0 | inspect JSON |
@agenttool/sdk | 0.11.0 | inspect JSON |
@agenttool/adds | 0.2.0 | inspect JSON |
bun add https://docs.agenttool.dev/packages/v1/@agenttool/data/0.3.0/agenttool-data-0.3.0.tgz import { DataNode } from "@agenttool/data";
bun add https://docs.agenttool.dev/packages/v1/@agenttool/sdk/0.11.0/agenttool-sdk-0.11.0.tgz import { AgentTool } from "@agenttool/sdk";
bun add https://docs.agenttool.dev/packages/v1/@agenttool/adds/0.2.0/agenttool-adds-0.2.0.tgz import { AgentData } from "@agenttool/adds";
bun add https://docs.agenttool.dev/packages/v1/@agenttool/data-sync/0.1.0/agenttool-data-sync-0.1.0.tgz import { DataSyncService } from "@agenttool/data-sync";
The same HTTPS tarballs can be consumed by other package managers that support URL dependencies. For example, npm install https://…/agenttool-data-0.3.0.tgz uses the npm client but does not use npm publication or require an npm account.
This catalog contains the four JavaScript packages above. The Python agenttool-sdk distribution remains on PyPI and is not mirrored through this catalog.
Easy path versus verified path. A direct bun add https://…tgz is an explicit operator install, but LOVE does not claim that Bun checks the sibling manifest's size and digest. For a conforming high-trust install, download to a temporary file, verify both values yourself, then give that verified local file to package machinery.
Dependency boundary. @agenttool/data has no third-party runtime dependency. The SDK and ADDS artifacts declare upstream dependencies; @agenttool/data-sync requires the exact compatible ADDS/data release line. Install those two peer artifacts explicitly when using the bridge. A fresh install may otherwise resolve dependencies through your package manager's configured registry or cache. love-package/v1 distributes the named artifact—it does not vendor its dependency graph or promise an offline install.
Discover it as an agent
The well-known document is the stable entry point. It names the protocol and doctrine, then points to the versioned catalog surface. Its registry_role says explicitly that the catalog is a mirror index, not package-name authority.
# Stable discovery door curl -fsS https://docs.agenttool.dev/.well-known/love-packages # This origin's mirror catalog curl -fsS https://docs.agenttool.dev/packages/v1/index.json # One exact release curl -fsS https://docs.agenttool.dev/packages/v1/@agenttool/data/0.3.0/manifest.json
{
"protocol": "love-package/v1",
"doctrine": "https://docs.agenttool.dev/LOVE-PACKAGE-PROTOCOL.md",
"index_url": "https://docs.agenttool.dev/packages/v1/index.json",
"access": "public_read",
"registry_role": "mirror_index_not_authority"
}
| Resource | Changes? | Job |
|---|---|---|
/.well-known/love-packages | May point at a newer catalog | Origin discovery. Start here when the origin is all you know. |
/packages/v1/index.json | Revalidatable locator index | Lists package labels, available versions, and their manifest locations. It is not ownership authority. |
…/{version}/manifest.json | Revalidatable release record | Binds package labels and claimed source to an installable artifact, its mirrors, size, media type, and digest. Pin the fields you trust. |
…/{version}/*.tgz | Immutable for that version | The installable package bytes. |
What one release manifest carries
A manifest declares protocol, document_type: "package-manifest", name, version, description, nullable license, artifact, runtime, install, and source. Indexes use the distinct document_type: "package-index", so an agent can select the correct schema before reading either shape. The artifact record uses format: "npm-tarball" as a file-format label; that does not mean the artifact was published to the npm registry.
artifactcarries the filename, SHA-256, byte size, media type, and one or more absolute mirror URLs.install.specifieris the primary absolute tarball URL that URL-aware package managers can consume.sourceidentifies the repository, revision, and package path claimed to have produced the release; v1 does not attest the build.runtimeidentifies the ecosystem and declared engine constraints; it is compatibility metadata, not proof that every environment was tested. An emptyenginesobject means no floor was declared, so compatibility is unknown rather than universal.license: nullmeans the release declares no license; public download access is not a public-domain or open-source license grant.
Verify before install
Read the sibling manifest over HTTPS, copy its size and SHA-256 value, download the artifact, and compare both locally before extraction or installation. This catches truncation, cache corruption, and artifact substitution that does not also replace the manifest.
base=https://docs.agenttool.dev/packages/v1/@agenttool/data/0.3.0
curl -fsS "$base/manifest.json"
expected_size='<artifact.size from manifest.json>'
expected_sha256='<artifact.sha256 from manifest.json>'
curl -fsSLo agenttool-data-0.3.0.tgz "$base/agenttool-data-0.3.0.tgz"
actual_size=$(wc -c < agenttool-data-0.3.0.tgz | tr -d '[:space:]')
actual_sha256=$(shasum -a 256 agenttool-data-0.3.0.tgz | awk '{print $1}')
test "$actual_size" = "$expected_size" &&
test "$actual_sha256" = "$expected_sha256" &&
bun add ./agenttool-data-0.3.0.tgz
What the digest proves. A matching SHA-256 proves that the downloaded bytes match the manifest you read. HTTPS authenticates the origin during that fetch. Version 1 manifests are not signed, so a digest does not prove maintainer identity if an attacker can replace both manifest and artifact. Installing any package still executes code under the package manager's rules. Review source and pin trusted manifest bytes where that threat matters.
Mirror without becoming a gatekeeper
An artifact mirror serves a byte-identical copy from another locator. A full catalog mirror can additionally copy the index and manifests. Consumers can choose another HTTPS origin while retaining the package name, version, size, and digest. This site is a convenient origin, not a protocol requirement.
/.well-known/love-packages /packages/v1/index.json /packages/v1/@agenttool/data/0.1.0/ ├── manifest.json └── agenttool-data-0.1.0.tgz /packages/v1/@agenttool/data/0.2.0/ ├── manifest.json └── agenttool-data-0.2.0.tgz /packages/v1/@agenttool/data/0.3.0/ ├── manifest.json └── agenttool-data-0.3.0.tgz /packages/v1/@agenttool/data-sync/0.1.0/ ├── manifest.json └── agenttool-data-sync-0.1.0.tgz /packages/v1/@agenttool/sdk/0.9.0/ ├── manifest.json └── agenttool-sdk-0.9.0.tgz /packages/v1/@agenttool/sdk/0.10.0/ ├── manifest.json └── agenttool-sdk-0.10.0.tgz /packages/v1/@agenttool/sdk/0.11.0/ ├── manifest.json └── agenttool-sdk-0.11.0.tgz /packages/v1/@agenttool/adds/0.1.0/ ├── manifest.json └── agenttool-adds-0.1.0.tgz /packages/v1/@agenttool/adds/0.2.0/ ├── manifest.json └── agenttool-adds-0.2.0.tgz
- Preserve bytes. A mirror must not rebuild a tarball under the same name and version. Copy it and verify the declared digest.
- Preserve history. Add versions; do not retarget an existing version path.
- Choose trust explicitly. A consumer decides which catalog origins it trusts. Discovery is not a claim that every mirror is honest or durable.
- Respect reuse terms. Verifiable bytes do not grant redistribution rights. Check
licenseand obtain any permission required before operating a new public mirror. - Keep npm optional. npm, GitHub Releases, an object store, IPFS, or another compatible source may mirror the same release. None is the identity of the package.
Four standards, four jobs
| Standard | What it moves or describes | What it does not imply |
|---|---|---|
love-package/v1 |
Package discovery, exact release manifests, install artifact locations, and byte integrity. | No code sandbox, dependency vendoring, runtime API, data replication, or durability guarantee. |
agent-data/v1 |
Collections, immutable records, local query, collectors, blobs, and an append-only change feed. | Installing its reference package does not create hosted storage or peer synchronization. |
adds/v0.1experimental |
Encrypted content-addressed Blocks plus signed Manifests and direct read Grants. | Package distribution is not encrypted-object distribution, and ADDS has no peer discovery in this profile. |
agent-data-sync/v1 |
Bounded encrypted pull between explicit operator-configured peers, with private resumable checkpoints. | No discovery, push, consensus, hosted sync service, or multi-master consistency. |
In one line: love-package/v1 gets software onto a machine; agent-data/v1 lets an agent keep and query a corpus; adds/v0.1 lets exact encrypted objects move independently; agent-data-sync/v1 composes them into one explicit bounded pull path.
References
LOVE-PACKAGE-PROTOCOL.md— normativelove-package/v1discovery, manifest, integrity, and mirroring contract.love-package-v1.schema.json— machine-readable release-manifest schema.love-package-index-v1.schema.json— machine-readable non-authoritative index schema./.well-known/love-packages— machine-readable public discovery./packages/v1/index.json— current AgentTool mirror catalog.- Agent data — operate
@agenttool/dataand use SDKat.data. agent-data/v1— collection and query protocol.adds/v0.1— experimental encrypted-object protocol.