eeymoo/claw-code
1
0
Fork 0
mirror of https://github.com/instructkr/claw-code.git synced 2026-05-01 22:55:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: eeymoo:fix/linux-hooks-broken-pipe
Branches Tags
eeymoo:main eeymoo:feat/jobdori-168c-emission-routing eeymoo:claw-code-issue-188k-brand-redesign eeymoo:feat/jobdori-122b-doctor-broad-cwd eeymoo:feat/jobdori-122-doctor-stale-base eeymoo:feat/jobdori-152-bootstrap-plan-suffix-guard eeymoo:feat/jobdori-152-init-suffix-guard eeymoo:feat/jobdori-130e-surface-help eeymoo:feat/jobdori-130e-dispatch-help eeymoo:feat/jobdori-130d-config-help eeymoo:feat/jobdori-130c-diff-help eeymoo:feat/jobdori-130b-filesystem-context eeymoo:feat/jobdori-251-session-dispatch eeymoo:feat/jobdori-249-resumed-slash-kind eeymoo:feat/jobdori-248-unknown-verb-option-classify eeymoo:feat/jobdori-247-classify-prompt-errors eeymoo:feat/134-135-session-identity eeymoo:feat/jobdori-130-export-error-envelope eeymoo:fix/linux-hooks-broken-pipe eeymoo:dev/rust eeymoo:feat/provider-routing-parity eeymoo:feat/batch3-all eeymoo:fix/ui-parity eeymoo:fix/plugin-loading-parity eeymoo:fix/skill-invoke eeymoo:release/0.1.0 eeymoo:feat/release-0.1.0-readme eeymoo:feat/uiux-redesign eeymoo:feat/ui-hardening eeymoo:integration/dori-cleanroom eeymoo:rcc/plugins eeymoo:rcc/cache-tracking eeymoo:rcc/telemetry eeymoo:rcc/jsonl-session eeymoo:rcc/grok eeymoo:rcc/hook-pipeline eeymoo:rcc/api eeymoo:rcc/parity-fix eeymoo:rcc/subagent eeymoo:rcc/ant-tools eeymoo:rcc/hooks eeymoo:rcc/ui-polish eeymoo:rcc/cli eeymoo:rcc/render eeymoo:rcc/sandbox eeymoo:rcc/git eeymoo:rcc/thinking eeymoo:rcc/runtime eeymoo:rcc/update eeymoo:rcc/doctor eeymoo:rcc/tools eeymoo:rcc/image eeymoo:rcc/memory eeymoo:rcc/cost
...
compare: eeymoo:feat/jobdori-122b-doctor-broad-cwd
Branches Tags
eeymoo:feat/jobdori-168c-emission-routing eeymoo:claw-code-issue-188k-brand-redesign eeymoo:feat/jobdori-122b-doctor-broad-cwd eeymoo:feat/jobdori-122-doctor-stale-base eeymoo:feat/jobdori-152-bootstrap-plan-suffix-guard eeymoo:feat/jobdori-152-init-suffix-guard eeymoo:feat/jobdori-130e-surface-help eeymoo:feat/jobdori-130e-dispatch-help eeymoo:feat/jobdori-130d-config-help eeymoo:feat/jobdori-130c-diff-help eeymoo:feat/jobdori-130b-filesystem-context eeymoo:feat/jobdori-251-session-dispatch eeymoo:feat/jobdori-249-resumed-slash-kind eeymoo:feat/jobdori-248-unknown-verb-option-classify eeymoo:feat/jobdori-247-classify-prompt-errors eeymoo:main eeymoo:feat/134-135-session-identity eeymoo:feat/jobdori-130-export-error-envelope eeymoo:fix/linux-hooks-broken-pipe eeymoo:dev/rust eeymoo:feat/provider-routing-parity eeymoo:feat/batch3-all eeymoo:fix/ui-parity eeymoo:fix/plugin-loading-parity eeymoo:fix/skill-invoke eeymoo:release/0.1.0 eeymoo:feat/release-0.1.0-readme eeymoo:feat/uiux-redesign eeymoo:feat/ui-hardening eeymoo:integration/dori-cleanroom eeymoo:rcc/plugins eeymoo:rcc/cache-tracking eeymoo:rcc/telemetry eeymoo:rcc/jsonl-session eeymoo:rcc/grok eeymoo:rcc/hook-pipeline eeymoo:rcc/api eeymoo:rcc/parity-fix eeymoo:rcc/subagent eeymoo:rcc/ant-tools eeymoo:rcc/hooks eeymoo:rcc/ui-polish eeymoo:rcc/cli eeymoo:rcc/render eeymoo:rcc/sandbox eeymoo:rcc/git eeymoo:rcc/thinking eeymoo:rcc/runtime eeymoo:rcc/update eeymoo:rcc/doctor eeymoo:rcc/tools eeymoo:rcc/image eeymoo:rcc/memory eeymoo:rcc/cost

247 Commits
fix/linux- ... feat/jobdo

Author SHA1 Message Date
YeonGyu-Kim
0aa0d3f7cf fix(#122b): claw doctor warns when cwd is broad path (home/root) 
## What Was Broken

`claw doctor` reported "Status: ok" when run from ~/ or /, but `claw
prompt` in the same directory would error out with:

    error: claw is running from a very broad directory (/Users/yeongyu).
    The agent can read and search everything under this path.

Diagnostic deception: doctor said green, prompt said red. User runs
doctor to check their setup, sees all green, runs prompt, gets blocked.
Trust in doctor erodes.

This is the exact pattern captured in the 'Diagnostic Commands Must Be
At Least As Strict As Runtime Commands' principle recorded in ROADMAP.md
at cycle #57.

## Root Cause

Two code paths perform the broad-cwd check:
- CliAction::Prompt handler → `enforce_broad_cwd_policy()` (errors out)
- CliAction::Repl handler → same function

But render_doctor_report() never called detect_broad_cwd(). The workspace
health check only looked at whether cwd was inside a git project, not
whether cwd was a dangerously broad path.

## What This Fix Does

Extend `check_workspace_health()` to also probe `detect_broad_cwd()`:

    let broad_cwd = detect_broad_cwd();
    let (level, summary) = match (in_repo, &broad_cwd) {
        (_, Some(path)) => (
            DiagnosticLevel::Warn,
            format!(
                "current directory is a broad path ({}); Prompt/REPL will \
                 refuse to run here without --allow-broad-cwd",
                path.display()
            ),
        ),
        (true, None) => (DiagnosticLevel::Ok, "project root detected"),
        (false, None) => (DiagnosticLevel::Warn, "not inside a git project"),
    };

The check now warns about BOTH failure modes with clear messaging about
what Prompt/REPL will do.

## Dogfood Verification

Before fix:
    $ cd ~ && claw doctor
    Workspace
      Status           warn
      Summary          current directory is not inside a git project
    [all green otherwise]

    $ echo | claw prompt "test"
    error: claw is running from a very broad directory (/Users/yeongyu)...

After fix:
    $ cd ~ && claw doctor
    Workspace
      Status           warn
      Summary          current directory is a broad path (/Users/yeongyu);
                       Prompt/REPL will refuse to run here without
                       --allow-broad-cwd

    $ cd / && claw doctor
    Workspace
      Status           warn
      Summary          current directory is a broad path (/); ...

Non-regression:
    $ cd /tmp/my-project && claw doctor
    Workspace
      Status           warn
      Summary          current directory is not inside a git project
    (unchanged)

    $ cd /path/to/real/git/project && claw doctor
    Workspace
      Status           ok
      Summary          project root detected on branch main
    (unchanged)

## Regression Tests Added

- `workspace_check_in_project_dir_reports_ok` — non-broad + in-project = OK
- `workspace_check_outside_project_reports_warn` — non-broad + not-in-project = Warn with 'not inside git project' summary
- 181 binary tests pass (was 179, added 2)

## Related

- Principle: 'Diagnostic Commands Must Be At Least As Strict As Runtime
  Commands' (ROADMAP.md cycle #57)
- Companion to #122 (stale-base preflight in doctor)
- Sibling: next step is probably a full runtime-vs-doctor audit for
  other asymmetries (auth, sandbox, plugins, hooks)
 2026-04-23 02:35:49 +09:00
YeonGyu-Kim
a389f8dff1 file: #160 — session_store missing list_sessions, delete_session, session_exists — claw cannot enumerate or clean up sessions without filesystem hacks 2026-04-22 08:47:52 +09:00
YeonGyu-Kim
7a014170ba file: #159 — run_turn_loop hardcodes empty denied_tools, permission denials absent from multi-turn sessions 2026-04-22 06:48:03 +09:00
YeonGyu-Kim
986f8e89fd file: #158 — compact_messages_if_needed drops turns silently, no structured compaction event 2026-04-22 06:37:54 +09:00
YeonGyu-Kim
ef1cfa1777 file: #157 — structured remediation registry for error hints (Phase 3 of #77) 
## Gap

#77 Phase 1 added machine-readable error kind discriminants and #156 extended
them to text-mode output. However, the hint field is still prose derived from
splitting existing error text — not a stable registry-backed remediation
contract.

Downstream claws inspecting the hint field still need to parse human wording
to decide whether to retry, escalate, or terminate.

## Fix Shape

1. Remediation registry: remediation_for(kind, operation) -> Remediation struct
   with action (retry/escalate/terminate/configure), target, and stable message
2. Stable hint outputs per error class (no more prose splitting)
3. Golden fixture tests replacing split_error_hint() string hacks

## Source

gaebal-gajae dogfood sweep 2026-04-22 05:30 KST
 2026-04-22 05:31:00 +09:00
YeonGyu-Kim
f1e4ad7574 feat: #156 — error classification for text-mode output (Phase 2 of #77) 
## Problem

#77 Phase 1 added machine-readable error `kind` discriminants to JSON error
payloads. Text-mode (stderr) errors still emit prose-only output with no
structured classification.

Observability tools (log aggregators, CI error parsers) parsing stderr can't
distinguish error classes without regex-scraping the prose.

## Fix

Added `[error-kind: <class>]` prefix line to all text-mode error output.
The prefix appears before the error prose, making it immediately parseable by
line-based log tools without any substring matching.

**Examples:**

## Impact

- Stderr observers (log aggregators, CI systems) can now parse error class
  from the first line without regex or substring scraping
- Same classifier function used for JSON (#77 P1) and text modes
- Text-mode output remains human-readable (error prose unchanged)
- Prefix format follows syslog/structured-logging conventions

## Tests

All 179 rusty-claude-cli tests pass. Verified on 3 different error classes.

Closes ROADMAP #156.
 2026-04-22 00:21:32 +09:00
YeonGyu-Kim
14c5ef1808 file: #156 — error classification for text-mode output (Phase 2 of #77) 
ROADMAP entry for natural Phase 2 follow-up to #77 Phase 1 (JSON error kind
classification). Text-mode errors currently prose-only with no structured
class; observability tools parsing stderr need the kind token.

Two implementation options:
- Prefix line before error prose: [error-kind: missing_credentials]
- Suffix comment: # error_class=missing_credentials

Scope: ~20 lines. Non-breaking (adds classification, doesn't change error text).

Source: Cycle 11 dogfood probe at 23:18 KST — product surface clean after
today's batch, identified natural next step for error-classification symmetry.
 2026-04-21 23:19:58 +09:00
YeonGyu-Kim
9362900b1b feat: #77 Phase 1 — machine-readable error classification in JSON error payloads 
## Problem

All JSON error payloads had the same three-field envelope:
```json
{"type": "error", "error": "<prose with hint baked in>"}
```

Five distinct error classes were indistinguishable at the schema level:
- missing_credentials (no API key)
- missing_worker_state (no state file)
- session_not_found / session_load_failed
- cli_parse (unrecognized args)
- invalid_model_syntax

Downstream claws had to regex-scrape the prose to route failures.

## Fix

1. **Added `classify_error_kind()`** — prefix/keyword classifier that returns a
   snake_case discriminant token for 12 known error classes:
   `missing_credentials`, `missing_manifests`, `missing_worker_state`,
   `session_not_found`, `session_load_failed`, `no_managed_sessions`,
   `cli_parse`, `invalid_model_syntax`, `unsupported_command`,
   `unsupported_resumed_command`, `confirmation_required`, `api_http_error`,
   plus `unknown` fallback.

2. **Added `split_error_hint()`** — splits multi-line error messages into
   (short_reason, optional_hint) so the runbook prose stops being stuffed
   into the `error` field.

3. **Extended JSON envelope** at 4 emit sites:
   - Main error sink (line ~213)
   - Session load failure in resume_session
   - Stub command (unsupported_command)
   - Unknown resumed command (unsupported_resumed_command)

## New JSON shape

```json
{
  "type": "error",
  "error": "short reason (first line)",
  "kind": "missing_credentials",
  "hint": "Hint: export ANTHROPIC_API_KEY..."
}
```

`kind` is always present. `hint` is null when no runbook follows.
`error` now carries only the short reason, not the full multi-line prose.

## Tests

Added 2 new regression tests:
- `classify_error_kind_returns_correct_discriminants` — all 9 known classes + fallback
- `split_error_hint_separates_reason_from_runbook` — with and without hints

All 179 rusty-claude-cli tests pass. Full workspace green.

Closes ROADMAP #77 Phase 1.
 2026-04-21 22:38:13 +09:00
YeonGyu-Kim
ff45e971aa fix: #80 — session-lookup error messages now show actual workspace-fingerprint directory 
## Problem

Two session error messages advertised `.claw/sessions/` as the managed-session
location, but the actual on-disk layout is `.claw/sessions/<workspace_fingerprint>/`
where the fingerprint is a 16-char FNV-1a hash of the CWD path.

Users see error messages like:
```
no managed sessions found in .claw/sessions/
```

But the real directory is:
```
.claw/sessions/8497f4bcf995fc19/
```

The error copy was a direct lie — it made workspace-fingerprint partitioning
invisible and left users confused about whether sessions were lost or just in
a different partition.

## Fix

Updated two error formatters to accept the resolved `sessions_root` path
and extract the actual workspace-fingerprint directory:

1. **format_missing_session_reference**: now shows the actual fingerprint dir
   and explains that it's a workspace-specific partition

2. **format_no_managed_sessions**: now shows the actual fingerprint dir and
   includes a note that sessions from other CWDs are intentionally invisible

Updated all three call sites to pass `&self.sessions_root` to the formatters.

## Examples

**Before:**
```
no managed sessions found in .claw/sessions/
```

**After:**
```
no managed sessions found in .claw/sessions/8497f4bcf995fc19/
Start `claw` to create a session, then rerun with `--resume latest`.
Note: claw partitions sessions per workspace fingerprint; sessions from other CWDs are invisible.
```

```
session not found: nonexistent-id
Hint: managed sessions live in .claw/sessions/8497f4bcf995fc19/ (workspace-specific partition).
Try `latest` for the most recent session or `/session list` in the REPL.
```

## Impact

- Users can now tell from the error message that they're looking in the right
  directory (the one their current CWD maps to)
- The workspace-fingerprint partitioning stops being invisible
- Operators understand why sessions from adjacent CWDs don't appear
- Error copy matches the actual on-disk structure

## Tests

All 466 runtime tests pass. Verified on two real workspaces with actual
workspace-fingerprint directories.

Closes ROADMAP #80.
 2026-04-21 22:18:12 +09:00
YeonGyu-Kim
4b53b97e36 docs: #155 — add USAGE.md documentation for /ultraplan, /teleport, /bughunter commands 
## Problem

Three interactive slash commands are documented in `claw --help` but have no
corresponding section in USAGE.md:

- `/ultraplan [task]` — Run a deep planning prompt with multi-step reasoning
- `/teleport <symbol-or-path>` — Jump to a file or symbol by searching the workspace
- `/bughunter [scope]` — Inspect the codebase for likely bugs

New users see these commands in the help output but don't know:
- What each command does
- How to use it
- When to use it vs. other commands
- What kind of results to expect

## Fix

Added new section "Advanced slash commands (Interactive REPL only)" to USAGE.md
with documentation for all three commands:

1. **`/ultraplan`** — multi-step reasoning for complex tasks
   - Example: `/ultraplan refactor the auth module to use async/await`
   - Output: structured plan with numbered steps and reasoning

2. **`/teleport`** — navigate to a file or symbol
   - Example: `/teleport UserService`, `/teleport src/auth.rs`
   - Output: file content with the requested symbol highlighted

3. **`/bughunter`** — scan for likely bugs
   - Example: `/bughunter src/handlers`, `/bughunter` (all)
   - Output: list of suspicious patterns with explanations

## Impact

Users can now discover these commands and understand when to use them without
having to guess or search external sources. Bridges the gap between `--help`
output and full documentation.

Also filed ROADMAP #155 documenting the gap.

Closes ROADMAP #155.
 2026-04-21 21:49:04 +09:00
YeonGyu-Kim
3cfe6e2b14 feat: #154 — hint provider prefix and env var when model name looks like different provider 
## Problem

When a user types `claw --model gpt-4` or `--model qwen-plus`, they get:
```
error: invalid model syntax: 'gpt-4'. Expected provider/model (e.g., anthropic/claude-opus-4-6) or known alias
```

USAGE.md documents that "The error message now includes a hint that names the detected env var" — but this hint does not actually exist. The user has to re-read USAGE.md or guess the correct prefix.

## Fix

Enhance `validate_model_syntax` to detect when a model name looks like it belongs to a different provider:

1. **OpenAI models** (starts with `gpt-` or `gpt_`):
   ```
   Did you mean `openai/gpt-4`? (Requires OPENAI_API_KEY env var)
   ```

2. **Qwen/DashScope models** (starts with `qwen`):
   ```
   Did you mean `qwen/qwen-plus`? (Requires DASHSCOPE_API_KEY env var)
   ```

3. **Grok/xAI models** (starts with `grok`):
   ```
   Did you mean `xai/grok-3`? (Requires XAI_API_KEY env var)
   ```

Unrelated invalid models (e.g., `asdfgh`) do not get a spurious hint.

## Verification

- `claw --model gpt-4` → hints `openai/gpt-4` + `OPENAI_API_KEY`
- `claw --model qwen-plus` → hints `qwen/qwen-plus` + `DASHSCOPE_API_KEY`
- `claw --model grok-3` → hints `xai/grok-3` + `XAI_API_KEY`
- `claw --model asdfgh` → generic error (no hint)

## Tests

Added 3 new assertions in `parses_multiple_diagnostic_subcommands`:
- GPT model error hints openai/ prefix and OPENAI_API_KEY
- Qwen model error hints qwen/ prefix and DASHSCOPE_API_KEY
- Unrelated models don't get a spurious hint

All 177 rusty-claude-cli tests pass.

Closes ROADMAP #154.
 2026-04-21 21:40:48 +09:00
YeonGyu-Kim
71f5f83adb feat: #153 — add post-build binary location and verification guide to README 
## Problem

Users frequently ask after building:
- "Where is the claw binary?"
- "Did the build actually work?"
- "Why can't I run \`claw\` from anywhere?"

This happens because \`cargo build\` puts the binary in \`rust/target/debug/claw\`
(or \`rust/target/release/claw\`), and new users don't know:
1. Where to find it
2. How to test it
3. How to add it to PATH (optional but common follow-up)

## Fix

Added new section "Post-build: locate the binary and verify" to README covering:

1. **Binary location table:** debug vs. release, macOS/Linux vs. Windows paths
2. **Verification commands:** Test the binary with \`--help\` and \`doctor\`
3. **Three ways to add to PATH:**
   - Symlink (macOS/Linux): \`ln -s ... /usr/local/bin/claw\`
   - cargo install: \`cargo install --path . --force\`
   - Shell profile update: add rust/target/debug to \$PATH
4. **Troubleshooting:** Common errors ("command not found", "permission denied",
   debug vs. release build speed)

## Impact

New users can now:
- Find the binary immediately after build
- Run it and verify with \`claw doctor\`
- Know their options for system-wide access

Also filed ROADMAP #153 documenting the gap.

Closes ROADMAP #153.
 2026-04-21 21:29:59 +09:00
YeonGyu-Kim
79352a2d20 feat: #152 — hint --output-format json when user types --json on diagnostic verbs 
## Problem

Users commonly type `claw doctor --json`, `claw status --json`, or
`claw system-prompt --json` expecting JSON output. These fail with
`unrecognized argument \`--json\` for subcommand` with no hint that
`--output-format json` is the correct flag.

## Discovery

Filed as #152 during 21:17 dogfood nudge. The #127 worktree contained
a more comprehensive patch but conflicted with #141 (unified --help).
On re-investigation of main, Bugs 1 and 3 from #127 are already closed
(positional arg rejection works, no double "error:" prefix). Only
Bug 2 (the `--json` hint) remained.

## Fix

Two call sites add the hint:

1. `parse_single_word_command_alias`'s diagnostic-verb suffix path:
   when rest[1] == "--json", append "Did you mean \`--output-format json\`?"

2. `parse_system_prompt_options` unknown-option path: same hint when
   the option is exactly `--json`.

## Verification

Before:
  $ claw doctor --json
  error: unrecognized argument `--json` for subcommand `doctor`
  Run `claw --help` for usage.

After:
  $ claw doctor --json
  error: unrecognized argument `--json` for subcommand `doctor`
  Did you mean `--output-format json`?
  Run `claw --help` for usage.

Covers: `doctor --json`, `status --json`, `sandbox --json`,
`system-prompt --json`, and any other diagnostic verb that routes
through `parse_single_word_command_alias`.

Other unrecognized args (`claw doctor garbage`) correctly don't
trigger the hint.

## Tests

- 2 new assertions in `parses_multiple_diagnostic_subcommands`:
  - `claw doctor --json` produces hint
  - `claw doctor garbage` does NOT produce hint
- 177 rusty-claude-cli tests pass
- Workspace tests green

Closes ROADMAP #152.
 2026-04-21 21:23:17 +09:00
YeonGyu-Kim
dddbd78dbd file: #152 — diagnostic verb suffixes allow arbitrary positional args, double error prefix 
Filed from nudge directive at 21:17 KST. Implementation exists on worktree
`jobdori-127-verb-suffix` but needs rebase due to merge with #141.
Ready for Phase 1 implementation once conflicts resolved.
 2026-04-21 21:19:51 +09:00
YeonGyu-Kim
7bc66e86e8 feat: #151 — canonicalize workspace path in SessionStore::from_cwd/data_dir 
## Problem

`workspace_fingerprint(path)` hashes the raw path string without
canonicalization. Two equivalent paths (e.g. `/tmp/foo` vs
`/private/tmp/foo` on macOS) produce different fingerprints and
therefore different session stores. #150 fixed the test-side symptom;
this fixes the underlying product contract.

## Discovery path

#150 fix (canonicalize in test) was a workaround. Q's ack on #150
surfaced the deeper gap: the function itself is still fragile for
any caller passing a non-canonical path:

1. Embedded callers with a raw `--data-dir` path
2. Programmatic `SessionStore::from_cwd(user_path)` calls
3. NixOS store paths, Docker bind mounts, case-insensitive normalization

The REPL's default flow happens to work because `env::current_dir()`
returns canonical paths on macOS. But any caller passing a raw path
risks silent session-store divergence.

## Fix

Canonicalize inside `SessionStore::from_cwd()` and `from_data_dir()`
before computing the fingerprint. Kept `workspace_fingerprint()` itself
as a pure function for determinism — canonicalization is the entry
point's responsibility.

```rust
let canonical_cwd = fs::canonicalize(cwd).unwrap_or_else(|_| cwd.to_path_buf());
let sessions_root = canonical_cwd.join(".claw").join("sessions").join(workspace_fingerprint(&canonical_cwd));
```

Falls back to the raw path if canonicalize fails (directory doesn't
exist yet).

## Test-side updates

Three legacy-session tests expected the non-canonical base path to
match the store's workspace_root. Updated them to canonicalize
`base` after creation — same defensive pattern as #150, now
explicit across all three tests.

## Regression test

Added `session_store_from_cwd_canonicalizes_equivalent_paths` that
creates two stores from equivalent paths (raw vs canonical) and
asserts they resolve to the same sessions_dir.

## Verification

- `cargo test -p runtime session_store_` — 9/9 pass
- `cargo test --workspace` — all green, no FAILED markers
- No behavior change for existing users (REPL default flow already
  used canonical paths)

## Backward compatibility

Users on macOS who always went through `env::current_dir()`:
no hash change, sessions resume identically.

Users who ever called with a non-canonical path: hash would change,
but those sessions were already broken (couldn't be resumed from a
canonical-path cwd). Net improvement.

Closes ROADMAP #151.
 2026-04-21 21:06:09 +09:00
YeonGyu-Kim
eaa077bf91 fix: #150 — eliminate symlink canonicalization flake in resume_latest test + file #246 (reminder outcome ambiguity) 
## #150 Fix: resume_latest test flake

**Problem:** `resume_latest_restores_the_most_recent_managed_session` intermittently
fails when run in the workspace suite or multiple times in sequence, but passes in
isolation.

**Root cause:** `workspace_fingerprint(path)` hashes the path string without
canonicalization. On macOS, `/tmp` is a symlink to `/private/tmp`. The test
creates a temp dir via `std::env::temp_dir().join(...)` which returns
`/var/folders/...` (non-canonical). When the subprocess spawns,
`env::current_dir()` returns the canonical path `/private/var/folders/...`.
The two fingerprints differ, so the subprocess looks in
`.claw/sessions/<hash1>` while files are in `.claw/sessions/<hash2>`.
Session discovery fails.

**Fix:** Call `fs::canonicalize(&project_dir)` after creating the directory
to ensure test and subprocess use identical path representations.

**Verification:** 5 consecutive runs of the full test suite — all pass.
Previously: 5/5 failed when run in sequence.

## #246 Filing: Reminder cron outcome ambiguity (control-loop blocker)

The `clawcode-dogfood-cycle-reminder` cron times out repeatedly with no
structured feedback on whether the nudge was delivered, skipped, or died in-flight.

**Phase 1 outcome schema** — add explicit field to cron result:
- `delivered` — nudge posted to Discord
- `timed_out_before_send` — died before posting
- `timed_out_after_send` — posted but cleanup timed out
- `skipped_due_to_active_cycle` — previous cycle active
- `aborted_gateway_draining` — daemon shutdown

Assigned to gaebal-gajae (cron/orchestration domain). Unblocks trustworthy
dogfood cycle observability.

Closes ROADMAP #150. Filed ROADMAP #246.
 2026-04-21 21:01:09 +09:00
YeonGyu-Kim
bc259ec6f9 fix: #149 — eliminate parallel-test flake in runtime::config tests 
## Problem

`runtime::config::tests::validates_unknown_top_level_keys_with_line_and_field_name`
intermittently fails during `cargo test --workspace` (witnessed during
#147 and #148 workspace runs) but passes deterministically in isolation.

Example failure from workspace run:
  test result: FAILED. 464 passed; 1 failed

## Root cause

`runtime/src/config.rs::tests::temp_dir()` used nanosecond timestamp
alone for namespace isolation:

  std::env::temp_dir().join(format!("runtime-config-{nanos}"))

Under parallel test execution on fast machines with coarse clock
resolution, two tests start within the same nanosecond bucket and
collide on the same path. One test's `fs::remove_dir_all(root)` then
races another's in-flight `fs::create_dir_all()`.

Other crates already solved this pattern:
- plugins::tests::temp_dir(label) — label-parameterized
- runtime::git_context::tests::temp_dir(label) — label-parameterized

runtime/src/config.rs was missed.

## Fix

Added process id + monotonically-incrementing atomic counter to the
namespace, making every callsite provably unique regardless of clock
resolution or scheduling:

  static COUNTER: AtomicU64 = AtomicU64::new(0);
  let pid = std::process::id();
  let seq = COUNTER.fetch_add(1, Ordering::Relaxed);
  std::env::temp_dir().join(format!("runtime-config-{pid}-{nanos}-{seq}"))

Chose counter+pid over the label-parameterized pattern to avoid
touching all 20 callsites in the same commit (mechanical noise with
no added safety — counter alone is sufficient).

## Verification

Before: one failure per workspace run (config test flake).
After: 5 consecutive `cargo test --workspace` runs — zero config
test failures. Only pre-existing `resume_latest` flake remains
(orthogonal, unrelated to this change).

  for i in 1 2 3 4 5; do cargo test --workspace; done
  # All 5 runs: config tests green. Only resume_latest flake appears.

  cargo test -p runtime
  # 465 passed; 0 failed

## ROADMAP.md

Added Pinpoint #149 documenting the gap, root cause, and fix.

Closes ROADMAP #149.
 2026-04-21 20:54:12 +09:00
YeonGyu-Kim
f84c7c4ed5 feat: #148 + #128 closure — model provenance in claw status JSON/text 
## Scope

Two deltas in one commit:

### #128 closure (docs)

Re-verified on main HEAD `4cb8fa0`: malformed `--model` strings already
rejected at parse time (`validate_model_syntax` in parse_args). All
historical repro cases now produce specific errors:

  claw --model ''                       → error: model string cannot be empty
  claw --model 'bad model'              → error: invalid model syntax: 'bad model' contains spaces
  claw --model 'sonet'                  → error: invalid model syntax: 'sonet'. Expected provider/model or known alias
  claw --model '@invalid'               → error: invalid model syntax: '@invalid'. Expected provider/model ...
  claw --model 'totally-not-real-xyz'   → error: invalid model syntax: ...
  claw --model sonnet                   → ok, resolves to claude-sonnet-4-6
  claw --model anthropic/claude-opus-4-6 → ok, passes through

Marked #128 CLOSED in ROADMAP with repro block. Residual provenance gap
split off as #148.

### #148 implementation

**Problem.** After #128 closure, `claw status --output-format json`
still surfaces only the resolved model string. No way for a claw to
distinguish whether `claude-sonnet-4-6` came from `--model sonnet`
(alias resolution) vs `--model claude-sonnet-4-6` (pass-through) vs
`ANTHROPIC_MODEL` env vs `.claw.json` config vs compiled-in default.

Debug forensics had to re-read argv instead of reading a structured
field. Clawhip orchestrators sending `--model` couldn't confirm the
flag was honored vs falling back to default.

**Fix.** Added two fields to status JSON envelope:
- `model_source`: "flag" | "env" | "config" | "default"
- `model_raw`: user's input before alias resolution (null on default)

Text mode appends a `Model source` line under `Model`, showing the
source and raw input (e.g. `Model source     flag (raw: sonnet)`).

**Resolution order** (mirrors resolve_repl_model but with source
attribution):
1. If `--model` / `--model=` flag supplied → source: flag, raw: flag value
2. Else if ANTHROPIC_MODEL set → source: env, raw: env value
3. Else if `.claw.json` model key set → source: config, raw: config value
4. Else → source: default, raw: null

## Changes

### rust/crates/rusty-claude-cli/src/main.rs

- Added `ModelSource` enum (Flag/Env/Config/Default) with `as_str()`.
- Added `ModelProvenance` struct (resolved, raw, source) with
  three constructors: `default_fallback()`, `from_flag(raw)`, and
  `from_env_or_config_or_default(cli_model)`.
- Added `model_flag_raw: Option<String>` field to `CliAction::Status`.
- Parse loop captures raw input in `--model` and `--model=` arms.
- Extended `parse_single_word_command_alias` to thread
  `model_flag_raw: Option<&str>` through.
- Extended `print_status_snapshot` signature to accept
  `model_flag_raw: Option<&str>`. Resolves provenance at dispatch time
  (flag provenance from arg; else probe env/config/default).
- Extended `status_json_value` signature with
  `provenance: Option<&ModelProvenance>`. On Some, adds `model_source`
  and `model_raw` fields; on None (legacy resume paths), omits them
  for backward compat.
- Extended `format_status_report` signature with optional provenance.
  On Some, renders `Model source` line after `Model`.
- Updated all existing callers (REPL /status, resume /status, tests)
  to pass None (legacy paths don't carry flag provenance).
- Added 2 regression assertions in parse_args test covering both
  `--model sonnet` and `--model=...` forms.

### ROADMAP.md

- Marked #128 CLOSED with re-verification block.
- Filed #148 documenting the provenance gap split, fix shape, and
  acceptance criteria.

## Live verification

$ claw --model sonnet --output-format json status | jq '{model,model_source,model_raw}'
{"model": "claude-sonnet-4-6", "model_source": "flag", "model_raw": "sonnet"}

$ claw --output-format json status | jq '{model,model_source,model_raw}'
{"model": "claude-opus-4-6", "model_source": "default", "model_raw": null}

$ ANTHROPIC_MODEL=haiku claw --output-format json status | jq '{model,model_source,model_raw}'
{"model": "claude-haiku-4-5-20251213", "model_source": "env", "model_raw": "haiku"}

$ echo '{"model":"claude-opus-4-7"}' > .claw.json && claw --output-format json status | jq '{model,model_source,model_raw}'
{"model": "claude-opus-4-7", "model_source": "config", "model_raw": "claude-opus-4-7"}

$ claw --model sonnet status
Status
  Model            claude-sonnet-4-6
  Model source     flag (raw: sonnet)
  Permission mode  danger-full-access
  ...

## Tests

- rusty-claude-cli bin: 177 tests pass (2 new assertions for #148)
- Full workspace green except pre-existing resume_latest flake (unrelated)

Closes ROADMAP #128, #148.
 2026-04-21 20:48:46 +09:00
YeonGyu-Kim
4cb8fa059a feat: #147 — reject empty / whitespace-only prompts at CLI fallthrough 
## Problem

The `"prompt"` subcommand arm enforced `if prompt.trim().is_empty()`
and returned a specific error. The fallthrough `other` arm in the same
match block — which routes any unrecognized first positional arg to
`CliAction::Prompt` — had no such guard. Result:

$ claw ""
error: missing Anthropic credentials; export ANTHROPIC_AUTH_TOKEN ...

$ claw "   "
error: missing Anthropic credentials; ...

$ claw "" ""
error: missing Anthropic credentials; ...

$ claw --output-format json ""
{"error":"missing Anthropic credentials; ...","type":"error"}

An empty prompt should never reach the credentials check. Worse: with
valid credentials, the literal empty string gets sent to Claude as a
user prompt, either burning tokens for nothing or triggering a model-
side refusal. Same prompt-misdelivery family as #145.

## Root cause

In `parse_subcommand()`, the final `other =>` arm in the top-level
match only guards against typos (#108 guard via `looks_like_subcommand_typo`)
and then unconditionally builds `CliAction::Prompt { prompt: rest.join(" ") }`.
An empty/whitespace-only join passes through.

## Changes

### rust/crates/rusty-claude-cli/src/main.rs

Added the same `if joined.trim().is_empty()` guard already used in the
`"prompt"` arm to the fallthrough path. Error message distinguishes it
from the `prompt` subcommand path:

  empty prompt: provide a subcommand (run `claw --help`) or a
  non-empty prompt string

Runs AFTER the typo guard (so `claw sttaus` still suggests `status`)
and BEFORE CliAction::Prompt construction (so no network call ever
happens for empty inputs).

### Regression tests

Added 4 assertions in the existing parse_args test:
- parse_args([""]) → Err("empty prompt: ...")
- parse_args(["   "]) → Err("empty prompt: ...")
- parse_args(["", ""]) → Err("empty prompt: ...")
- parse_args(["sttaus"]) → Err("unknown subcommand: ...") [verifies #108 typo guard still takes precedence]

### ROADMAP.md

Added Pinpoint #147 documenting the gap, verification, root cause,
fix shape, and acceptance. Joins the prompt-misdelivery cluster
alongside #145.

## Live verification

$ claw ""
error: empty prompt: provide a subcommand (run `claw --help`) or a non-empty prompt string

$ claw "   "
error: empty prompt: provide a subcommand (run `claw --help`) or a non-empty prompt string

$ claw --output-format json ""
{"error":"empty prompt: provide a subcommand ...","type":"error"}

$ claw prompt ""   # unchanged: subcommand-specific error preserved
error: prompt subcommand requires a prompt string

$ claw hello        # unchanged: typo guard still fires
error: unknown subcommand: hello.
  Did you mean     help

$ claw "real prompt here"   # unchanged: real prompts still reach API
error: api returned 401 Unauthorized (with dummy key, as expected)

All empty/whitespace-only paths exit 1. No network call. No misleading
credentials error.

## Tests

- rusty-claude-cli bin: 177 tests pass (4 new assertions)
- Full workspace green except pre-existing resume_latest flake (unrelated)

Closes ROADMAP #147.
 2026-04-21 20:35:17 +09:00
YeonGyu-Kim
f877acacbf feat: #146 — wire claw config and claw diff as standalone subcommands 
## Problem

`claw config` and `claw diff` are pure-local read-only introspection
commands (config merges .claw.json + .claw/settings.json from disk; diff
shells out to `git diff --cached` + `git diff`). Neither needs a session
context, yet both rejected direct CLI invocation:

$ claw config
error: `claw config` is a slash command. Use `claw --resume SESSION.jsonl /config` ...

$ claw diff
error: `claw diff` is a slash command. ...

This forced clawing operators to spin up a full session just to inspect
static disk state, and broke natural pipelines like
`claw config --output-format json | jq`.

## Root cause

Sibling of #145: `SlashCommand::Config { section }` and
`SlashCommand::Diff` had working renderers (`render_config_report`,
`render_config_json`, `render_diff_report`, `render_diff_json_for`)
exposed for resume sessions, but the top-level CLI parser in
`parse_subcommand()` had no arms for them. Zero-arg `config`/`diff`
hit `parse_single_word_command_alias`'s fallback to
`bare_slash_command_guidance`, producing the misleading guidance.

## Changes

### rust/crates/rusty-claude-cli/src/main.rs

- Added `CliAction::Config { section, output_format }` and
  `CliAction::Diff { output_format }` variants.
- Added `"config"` / `"diff"` arms to the top-level parser in
  `parse_subcommand()`. `config` accepts an optional section name
  (env|hooks|model|plugins) matching SlashCommand::Config semantics.
  `diff` takes no positional args. Both reject extra trailing args
  with a clear error.
- Added `"config" | "diff" => None` to
  `parse_single_word_command_alias` so bare invocations fall through
  to the new parser arms instead of the slash-guidance error.
- Added dispatch in run() that calls existing renderers: text mode uses
  `render_config_report` / `render_diff_report`; JSON mode uses
  `render_config_json` / `render_diff_json_for` with
  `serde_json::to_string_pretty`.
- Added 5 regression assertions in parse_args test covering:
  parse_args(["config"]), parse_args(["config", "env"]),
  parse_args(["config", "--output-format", "json"]),
  parse_args(["diff"]), parse_args(["diff", "--output-format", "json"]).

### ROADMAP.md

Added Pinpoint #146 documenting the gap, verification, root cause,
fix shape, and acceptance. Explicitly notes which other slash commands
(`hooks`, `usage`, `context`, etc.) are NOT candidates because they
are session-state-modifying.

## Live verification

$ claw config   # no config files
Config
  Working directory /private/tmp/cd-146-verify
  Loaded files      0
  Merged keys       0
Discovered files
  user    missing ...
  project missing ...
  local   missing ...
Exit 0.

$ claw config --output-format json
{
  "cwd": "...",
  "files": [...],
  ...
}

$ claw diff   # no git
Diff
  Result           no git repository
  Detail           ...
Exit 0.

$ claw diff --output-format json   # inside claw-code
{
  "kind": "diff",
  "result": "changes",
  "staged": "",
  "unstaged": "diff --git ..."
}
Exit 0.

## Tests

- rusty-claude-cli bin: 177 tests pass (5 new assertions in parse_args)
- Full workspace green except pre-existing resume_latest flake (unrelated)

## Not changed

`hooks`, `usage`, `context`, `tasks`, `theme`, `voice`, `rename`,
`copy`, `color`, `effort`, `branch`, `rewind`, `ide`, `tag`,
`output-style`, `add-dir` — all session-mutating or interactive-only;
correctly remain slash-only.

Closes ROADMAP #146.
 2026-04-21 20:07:28 +09:00
YeonGyu-Kim
7d63699f9f feat: #145 — wire claw plugins subcommand to CLI parser (prompt misdelivery fix) 
## Problem

`claw plugins` (and `claw plugins list`, `claw plugins --help`,
`claw plugins info <name>`, etc.) fell through the top-level subcommand
match and got routed into the prompt-execution path. Result: a purely
local introspection command triggered an Anthropic API call and surfaced
`missing Anthropic credentials` to the user. With valid credentials, it
would actually send the literal string "plugins" as a user prompt to
Claude, burning tokens for a local query.

$ claw plugins
error: missing Anthropic credentials; export ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY before calling the Anthropic API

$ ANTHROPIC_API_KEY=dummy claw plugins
⠋ 🦀 Thinking...
✘  Request failed
error: api returned 401 Unauthorized

Meanwhile siblings (`agents`, `mcp`, `skills`) all worked correctly:

$ claw agents
No agents found.
$ claw mcp
MCP
  Working directory ...
  Configured servers 0

## Root cause

`CliAction::Plugins` exists, has a working dispatcher
(`LiveCli::print_plugins`), and is produced inside the REPL via
`SlashCommand::Plugins`. But the top-level CLI parser in
`parse_subcommand()` had arms for `agents`, `mcp`, `skills`, `status`,
`doctor`, `init`, `export`, `prompt`, etc., and **no arm for
`plugins`**. The dispatch never ran from the CLI entry point.

## Changes

### rust/crates/rusty-claude-cli/src/main.rs

Added a `"plugins"` arm to the top-level match in `parse_subcommand()`
that produces `CliAction::Plugins { action, target, output_format }`,
following the same positional convention as `mcp` (`action` = first
positional, `target` = second). Rejects >2 positional args with a clear
error.

Added four regression assertions in the existing `parse_args` test:
- `plugins` alone → `CliAction::Plugins { action: None, target: None }`
- `plugins list` → action: Some("list"), target: None
- `plugins enable <name>` → action: Some("enable"), target: Some(...)
- `plugins --output-format json` → action: None, output_format: Json

### ROADMAP.md

Added Pinpoint #145 documenting the gap, verification, root cause,
fix shape, and acceptance.

## Live verification

$ claw plugins   # no credentials set
Plugins
  example-bundled      v0.1.0      disabled
  sample-hooks         v0.1.0      disabled

$ claw plugins --output-format json   # no credentials set
{
  "action": "list",
  "kind": "plugin",
  "message": "Plugins\n  example-bundled ...\n  sample-hooks ...",
  "reload_runtime": false,
  "target": null
}

Exit 0 in all modes. No network call. No "missing credentials" error.

## Tests

- rusty-claude-cli bin: 177 tests pass (new plugin assertions included)
- Full workspace green except pre-existing resume_latest flake (unrelated)

Closes ROADMAP #145.
 2026-04-21 19:36:49 +09:00
YeonGyu-Kim
faeaa1d30c feat: #144 phase 1 + ROADMAP filing — claw mcp degrades gracefully on malformed config 
Filing + Phase 1 fix in one commit (sibling of #143).

## Context

With #143 Phase 1 landed (`claw status` degrades), `claw mcp` was the
remaining diagnostic surface that hard-failed on a malformed `.claw.json`.
Same input, same parse error, same partial-success violation. Fresh
dogfood at 18:59 KST caught it on main HEAD `e2a43fc`.

## Changes

### ROADMAP.md
Added Pinpoint #144 documenting the gap and acceptance criteria. Joins
the partial-success / Principle #5 cluster with #143.

### rust/crates/commands/src/lib.rs
`render_mcp_report_for()` + `render_mcp_report_json_for()` now catch the
ConfigError at loader.load() instead of propagating:

- **Text mode** prepends a "Config load error" block (same shape as
  #143's status output) before the MCP listing. The listing still renders
  with empty servers so the output structure is preserved.
- **JSON mode** adds top-level `status: "ok" | "degraded"` +
  `config_load_error: string | null` fields alongside existing fields
  (`kind`, `action`, `working_directory`, `configured_servers`,
  `servers[]`). On clean runs, `status: "ok"` and
  `config_load_error: null`. On parse failure, `status: "degraded"`,
  `config_load_error: "..."`, `servers: []`, exit 0.
- Both list and show actions get the same treatment.

### Regression test
`commands::tests::mcp_degrades_gracefully_on_malformed_mcp_config_144`:
- Injects the same malformed .claw.json as #143 (one valid + one broken
  mcpServers entry).
- Asserts mcp list returns Ok (not Err).
- Asserts top-level status: "degraded" and config_load_error names the
  malformed field path.
- Asserts show action also degrades.
- Asserts clean path returns status: "ok" with config_load_error null.

## Live verification

$ claw mcp --output-format json
{
  "action": "list",
  "kind": "mcp",
  "status": "degraded",
  "config_load_error": ".../.claw.json: mcpServers.missing-command: missing string field command",
  "working_directory": "/Users/yeongyu/clawd",
  "configured_servers": 0,
  "servers": []
}
Exit 0.

## Contract alignment after this commit

All three diagnostic surfaces match now:
- `doctor` — degraded envelope with typed check entries 
- `status` — degraded envelope with config_load_error  (#143)
- `mcp` — degraded envelope with config_load_error  (this commit)

Phase 2 (typed-error object joining taxonomy §4.44) tracked separately
across all three surfaces.

Full workspace test green except pre-existing resume_latest flake (unrelated).

Closes ROADMAP #144 phase 1.
 2026-04-21 19:07:17 +09:00
YeonGyu-Kim
e2a43fcd49 feat: #143 phase 1 — claw status degrades gracefully on malformed config 
Previously `claw status` hard-failed on any config parse error, emitting
a bare error string and exiting 1. This took down the entire health
surface for a single malformed MCP entry, even though workspace, git,
model, permission, and sandbox state could all be reported independently.

`claw doctor` already degraded gracefully on the exact same input.
This commit matches `claw status` to that contract.

Changes:
- Add `StatusContext::config_load_error: Option<String>` to capture parse
  errors without aborting.
- Rewrite `status_context()` to match on `ConfigLoader::load()`: on Err,
  fall back to default `SandboxConfig` for sandbox resolution and record
  the parse error, then continue populating workspace/git/memory fields.
- JSON output gains top-level `status: "ok" | "degraded"` marker and a
  `config_load_error` string (null on clean runs). All other existing
  fields preserved for backward compat.
- Text output prepends a "Config load error" block with Details + Hint
  when config failed to parse, then a "Status (degraded)" header on the
  main block. Clean runs show the usual "Status" header.
- Doctor path updated to pass the config load error through StatusContext.

Regression test `status_degrades_gracefully_on_malformed_mcp_config_143`:
- Injects a .claw.json with one valid + one malformed mcpServers entry
- Asserts status_context() returns Ok (not Err)
- Asserts config_load_error names the malformed field path
- Asserts workspace/sandbox fields still populated in JSON
- Asserts top-level status is 'degraded'
- Asserts clean config path still returns status: 'ok'

Verified live on /Users/yeongyu/clawd (contains deliberately broken MCP entries):
  $ claw status --output-format json
  { "status": "degraded",
    "config_load_error": ".../mcpServers.missing-command: missing string field command",
    "model": "claude-opus-4-6",
    "workspace": {...},
    "sandbox": {...},
    ... }

Phase 2 (typed error object joining #4.44 taxonomy) tracked separately.

Full workspace test green except pre-existing resume_latest flake (unrelated).

Closes ROADMAP #143 phase 1.
 2026-04-21 18:37:42 +09:00
YeonGyu-Kim
fcd5b49428 ROADMAP #143: claw status hard-fails on malformed MCP config while doctor degrades gracefully 2026-04-21 18:32:09 +09:00
YeonGyu-Kim
e73b6a2364 docs: USAGE.md sections for claw init (#142) and claw state (#139) 
Add two missing sections documenting the recently-fixed commands:

- **Initialize a repository**: Shows both text and JSON output modes for
  `claw init`. Explains that structured JSON fields (created[], updated[],
  skipped[], artifacts[]) allow claws to detect per-artifact state without
  substring-matching prose. Documents idempotency.

- **Inspect worker state**: Documents `claw state` and the prerequisite
  that a worker must have executed at least once. Includes the helpful error
  message and remediation hints (claw or claw prompt <text>) so users
  discovering the command for the first time see actionable guidance.

These sections complement the product fixes in #142 (init JSON structure)
and #139 (state error actionability) by documenting the contract from a
user perspective.

Related: ROADMAP #142 (structured init output), #139 (worker-state discoverability).
 2026-04-21 18:28:21 +09:00
YeonGyu-Kim
541c5bb95d feat: #139 actionable worker-state guidance in claw state error + help 
Previously `claw state` errored with "no worker state file found ... — run a
worker first" but there is no `claw worker` subcommand, so claws had no
discoverable path from the error to a fix.

Changes:
- Rewrite the missing-state error to name the two concrete commands that
  produce .claw/worker-state.json:
    * `claw` (interactive REPL, writes state on first turn)
    * `claw prompt <text>` (one non-interactive turn)
  Also tell the user what to rerun: `claw state [--output-format json]`.
- Expand the State --help topic with "Produces state", "Observes state",
  and "Exit codes" lines so the worker-state contract is discoverable
  before the user hits the error.
- Add regression test state_error_surfaces_actionable_worker_commands_139
  asserting the error contains `claw prompt`, REPL mention, and the
  rerun path, plus that the help topic documents the producer contract.

Verified live:
  $ claw state
  error: no worker state file found at .claw/worker-state.json
    Hint: worker state is written by the interactive REPL or a non-interactive prompt.
    Run:   claw               # start the REPL (writes state on first turn)
    Or:    claw prompt <text> # run one non-interactive turn
    Then rerun: claw state [--output-format json]

JSON mode preserves the full hint inside the error envelope so CI/claws
can match on `claw prompt` without losing the canonical prefix.

Full workspace test green except pre-existing resume_latest flake (unrelated).

Closes ROADMAP #139.
 2026-04-21 18:04:04 +09:00
YeonGyu-Kim
611eed1537 feat: #142 structured fields in claw init --output-format json 
Previously `claw init --output-format json` emitted a valid JSON envelope but
packed the entire human-formatted output into a single `message` string. Claw
scripts had to substring-match human language to tell `created` from `skipped`.

Changes:
- Add InitStatus::json_tag() returning machine-stable "created"|"updated"|"skipped"
  (unlike label() which includes the human " (already exists)" suffix).
- Add InitReport::NEXT_STEP constant so claws can read the next-step hint
  without grepping the message string.
- Add InitReport::artifacts_with_status() to partition artifacts by state.
- Add InitReport::artifact_json_entries() for the structured artifacts[] array.
- Rewrite run_init + init_json_value to emit first-class fields alongside the
  legacy message string (kept for text consumers): project_path, created[],
  updated[], skipped[], artifacts[], next_step, message.
- Update the slash-command Init dispatch to use the same structured JSON.
- Add regression test artifacts_with_status_partitions_fresh_and_idempotent_runs
  asserting both fresh + idempotent runs produce the right partitioning and
  that the machine-stable tag is bare 'skipped' not label()'s phrasing.

Verified output:
- Fresh dir: created[] has 4 entries, skipped[] empty
- Idempotent call: created[] empty, skipped[] has 4 entries
- project_path, next_step as first-class keys
- message preserved verbatim for backward compat

Full workspace test green except pre-existing resume_latest flake (unrelated).

Closes ROADMAP #142.
 2026-04-21 17:42:00 +09:00
YeonGyu-Kim
7763ca3260 feat: #141 unify claw <subcommand> --help contract across all 14 subcommands 
Previously, `claw <subcommand> --help` had 5 different behaviors:
- 7 subcommands returned subcommand-specific help (correct)
- init/export/state/version silently fell back to global `claw --help`
- system-prompt/dump-manifests errored with `unknown <cmd> option: --help`
- bootstrap-plan printed its phase list instead of help text

Changes:
- Extend LocalHelpTopic enum with Init, State, Export, Version, SystemPrompt,
  DumpManifests, BootstrapPlan variants.
- Extend parse_local_help_action() to resolve those 7 subcommands to their
  local help topic instead of falling through to the main dispatch.
- Remove init/state/export/version from the explicit wants_help=true matcher
  so they reach parse_local_help_action() before being routed to global help.
- Add render_help_topic() entries for the 7 new topics with consistent
  Usage/Purpose/Output/Formats/Related structure.
- Add regression test subcommand_help_flag_has_one_contract_across_all_subcommands_141
  asserting every documented subcommand + both --help and -h variants resolve
  to a HelpTopic with non-empty text that contains a Usage line.

Verification:
- All 14 subcommands now return subcommand-specific help (live dogfood).
- Full workspace test green except pre-existing resume_latest flake.

Closes ROADMAP #141.
 2026-04-21 17:36:48 +09:00
YeonGyu-Kim
2665ada94e ROADMAP #142: claw init --output-format json emits unstructured message string instead of created/skipped fields 2026-04-21 17:31:11 +09:00
YeonGyu-Kim
21b377d9c0 ROADMAP #141: claw <subcommand> --help has 5 different behaviors — inconsistent help surface 2026-04-21 17:01:46 +09:00
YeonGyu-Kim
27ffd75f03 fix: #140 isolate test cwd + env in punctuation_bearing_single_token test 
Previously this test inherited the cargo test runner's CWD, which could contain
a stale .claw/settings.json with "permissionMode": "acceptEdits" written by
another test. The deprecated-field resolver then silently downgraded the
default permission mode to WorkspaceWrite, breaking the test's assertion.

Fix: wrap the assertion in with_current_dir() + env_lock() so the test runs in
an isolated temp directory with no stale config.

Full workspace test now passes except for pre-existing resume_latest flake
(unrelated to #140, environment-dependent, tracked separately).

Closes ROADMAP #140.
 2026-04-21 16:34:58 +09:00
YeonGyu-Kim
0cf8241978 ROADMAP #140: deprecated permissionMode migration silently downgrades DangerFullAccess to WorkspaceWrite — 1 test failure on main HEAD 36b3a09 2026-04-21 16:23:00 +09:00
YeonGyu-Kim
36b3a09818 ROADMAP #139: claw state error references undocumented 'worker' concept (unactionable for claws) 2026-04-21 16:01:54 +09:00
YeonGyu-Kim
f3f6643fb9 feat: #108 add did-you-mean guard for subcommand typos (prevents silent LLM dispatch) 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-04-21 15:37:58 +09:00
YeonGyu-Kim
883cef1a26 docs: #138 add concrete evidence — feat/134-135 branch pushed but no PR (closure-state gap) 2026-04-21 15:02:33 +09:00
YeonGyu-Kim
768c1abc78 ROADMAP #138: dogfood cycle report-gate opacity — nudge surface needs explicit closure state 2026-04-21 14:49:36 +09:00
YeonGyu-Kim
a8beca1463 fix: #136 support --output-format json with --compact flag 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-04-21 14:47:15 +09:00
YeonGyu-Kim
21adae9570 fix: #137 update test fixtures to use canonical 'opus' alias for main branch consistency 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-04-21 14:32:49 +09:00
YeonGyu-Kim
724a78604d ROADMAP #137: model-alias shorthand regression in test suite — bare alias parsing broken on feat/134-135-session-identity; 3 tests fail with invalid model syntax error after #134/#135 validation tightening 2026-04-21 13:27:10 +09:00
YeonGyu-Kim
91ba54d39f ROADMAP #136: --compact flag silently overrides --output-format json — compact turn always emits plain text even when JSON requested; unreachable Json arm in run_with_output() match; joins output-format completeness cluster #90/#91/#92/#127/#130 and CLI/REPL parity §7.1 2026-04-21 12:27:06 +09:00
YeonGyu-Kim
8b52e77f23 ROADMAP #135: claw status --json missing active_session bool and session.id cross-reference — status query side of #134 round-trip; joins session identity completeness §4.7 and status surface completeness cluster #80/#83/#114/#122; natural bundle #134+#135 closes session-identity round-trip 2026-04-21 06:55:09 +09:00
YeonGyu-Kim
2c42f8bcc8 docs: remove duplicate ROADMAP #134 entry 2026-04-21 04:50:43 +09:00
YeonGyu-Kim
f266505546 ROADMAP #134: no run/correlation ID at session boundary — session.id missing from startup event and status JSON; observer must infer session identity from timing 2026-04-21 01:55:42 +09:00
YeonGyu-Kim
50e3fa3a83 docs: add --output-format to diagnostic verb help text 
Updated LocalHelpTopic help strings to surface --output-format support:
- Status, Sandbox, Doctor, Acp all now show [--output-format <format>]
- Added 'Formats: text (default), json' line to each

Diagnostic verbs support JSON output but help text didn't advertise it.
Post-#127 fix: help text now matches actual CLI surface.

Verified: cargo build passes, claw doctor --help shows output-format.

Refs: #127
 2026-04-20 21:32:02 +09:00
YeonGyu-Kim
a51b2105ed docs: add JSON output example for diagnostic verbs post-#127 
USAGE.md now documents:
-  for machine-readable diagnostics
- Note about parse-time rejection of invalid suffix args (post-#127 fix)

Verifies that diagnostic verbs support JSON output for scripting,
and documents the behavior change from #127 (invalid args rejected
at parse time instead of falling through to prompt dispatch).

Refs: #127
 2026-04-20 21:01:10 +09:00
YeonGyu-Kim
a3270db602 fix: #127 reject unrecognized suffix args for diagnostic verbs 
Diagnostic verbs (help, version, status, sandbox, doctor, state) now
reject unrecognized suffix arguments at parse time instead of silently
falling through to Prompt dispatch.

Fixes: claw doctor --json (and similar) no longer accepts --json silently
and attempts to send it to the LLM as a prompt. Now properly emits:
'unrecognized argument `--json` for subcommand `doctor`'

Joined parser-level trust gap quintet #108 + #117 + #119 + #122 + #127.
Prevents token burn on rejected arguments.

Verified: cargo build --workspace passes, claw doctor --json errors cleanly.

Refs: #127, ROADMAP
 2026-04-20 19:23:35 +09:00
YeonGyu-Kim
12f1f9a74e feat: wire ship.prepared provenance emission at bash execution boundary 
Adds ship provenance detection and emission in execute_bash_async():
- Detects git push to main/master commands
- Captures current branch, HEAD commit, git user as actor
- Emits ship.prepared event with ShipProvenance payload
- Logs to stderr as interim routing (event stream integration pending)

This is the first wired provenance event — schema (§4.44.5) now has
runtime emission at actual git operation boundary.

Verified: cargo build --workspace passes.
Next: wire ship.commits_selected, ship.merged, ship.pushed_main events.

Refs: §4.44.5.1, ROADMAP #4.44.5
 2026-04-20 17:03:28 +09:00
YeonGyu-Kim
2678fa0af5 fix: #124 --model validation rejects malformed syntax at parse time 
Adds validate_model_syntax() that rejects:
- Empty strings
- Strings with spaces (e.g., 'bad model')
- Invalid provider/model format

Accepts:
- Known aliases (opus, sonnet, haiku)
- Valid provider/model format (provider/model)

Wired into parse_args for both --model <value> and --model=<value> forms.
Errors exit with clear message before any API calls (no token burn).

Verified:
- 'claw --model "bad model" version' → error, exit 1
- 'claw --model "" version' → error, exit 1
- 'claw --model opus version' → works
- 'claw --model anthropic/claude-opus-4-6 version' → works

Refs: ROADMAP #124 (debbcbe cluster — parser-level trust gap family)
 2026-04-20 16:32:17 +09:00
YeonGyu-Kim
b9990bb27c fix: #122 + #125 doctor consistency and git_state clarity 
#122: doctor invocation now checks stale-base condition
- Calls run_stale_base_preflight(None) in render_doctor_report()
- Emits stale-base warnings to stderr when branch is behind main
- Fixes inconsistency: doctor 'ok' vs prompt 'stale base' warning

#125: git_state field reflects non-git directories
- When !in_git_repo, git_state = 'not in git repo' instead of 'clean'
- Fixes contradiction: in_git_repo: false but git_state: 'clean'
- Applied in both doctor text output and status JSON

Verified: cargo build --workspace passes.

Refs: ROADMAP #122 (dd73962), #125 (debbcbe)
 2026-04-20 16:13:43 +09:00
YeonGyu-Kim
f33c315c93 fix: #122 doctor invocation now checks stale-base condition 
Adds run_stale_base_preflight(None) call to render_doctor_report() so that
claw doctor emits stale-base warnings to stderr when the current branch is
behind main. Previously doctor reported 'ok' even when branch was stale,
creating inconsistency with prompt path warnings.

Fixes silent-state inventory gap: doctor now consistent with prompt/repl
stale-base checking. No behavior change for non-stale branches.

Verified: cargo build --workspace passes, no test failures.

Ref: ROADMAP #122 dogfood filing @ dd73962
 2026-04-20 15:49:56 +09:00
YeonGyu-Kim
5c579e4a09 §4.44.5.1: file ship event wiring pinpoint (schema landed, wiring missing) 
Dogfood cycle 2026-04-20 identified that §4.44.5 ship/provenance event schema
is implemented (ShipProvenance struct, ship.* constructors, tests pass) but
actual git push/merge/commit-range operations do not yet emit these events.

Events remain dead code—constructors exist but are never called during real
workflows. This pinpoint tracks the missing wiring: locating actual git
operation call sites in main.rs/tools/lib.rs/worker_boot.rs and intercepting
to emit ship.prepared/commits_selected/merged/pushed_main with real metadata
(source_branch, commit_range, merge_method, actor, pr_number).

Acceptance: at least one real git push emits all 4 events with actual payload
values, claw state JSON surfaces ship provenance.

Ref: dogfood gaebal-gajae @ 1495672954573291571 (15:30 KST)
 2026-04-20 15:30:34 +09:00
YeonGyu-Kim
8a8ca8a355 ROADMAP #4.44.5: Ship/provenance events — implement §4.44.5 
Adds structured ship provenance surface to eliminate delivery-path opacity:

New lane events:
- ship.prepared — intent to ship established
- ship.commits_selected — commit range locked
- ship.merged — merge completed with provenance
- ship.pushed_main — delivery to main confirmed

ShipProvenance struct carries:
- source_branch, base_commit
- commit_count, commit_range
- merge_method (direct_push/fast_forward/merge_commit/squash_merge/rebase_merge)
- actor, pr_number

Constructor methods added to LaneEvent for all four ship events.

Tests:
- Wire value serialization for ship events
- Round-trip deserialization
- Canonical event name coverage

Runtime: 465 tests pass
ROADMAP updated with IMPLEMENTED status

This closes the gap where 56 commits pushed to main had no structured
provenance trail — now emits first-class events for clawhip consumption.
 2026-04-20 15:06:50 +09:00
YeonGyu-Kim
b0b579ebe9 ROADMAP #133: Blocked-state subphase contract — implement §6.5 
Adds BlockedSubphase enum with 7 variants for structured blocked-state reporting:
- blocked.trust_prompt — trust gate blockers
- blocked.prompt_delivery — prompt misdelivery
- blocked.plugin_init — plugin startup failures
- blocked.mcp_handshake — MCP connection issues
- blocked.branch_freshness — stale branch blockers
- blocked.test_hang — test timeout/hang
- blocked.report_pending — report generation stuck

LaneEventBlocker now carries optional subphase field that gets serialized
into LaneEvent data. Enables clawhip to route recovery without pane scraping.

Updates:
- lane_events.rs: BlockedSubphase enum, LaneEventBlocker.subphase field
- lane_events.rs: blocked()/failed() constructors with subphase serialization
- lib.rs: Export BlockedSubphase
- tools/src/lib.rs: classify_lane_blocker() with subphase: None
- Test imports and fixtures updated

Backward-compatible: subphase is Option<>, existing events continue to work.
 2026-04-20 15:04:08 +09:00
YeonGyu-Kim
c956f78e8a ROADMAP #4.44.5: Ship/provenance opacity — filed from dogfood 
Added structured delivery-path contract to surface branch → merge → main-push
provenance as first-class events. Filed from the 56-commit 2026-04-20 push
that exposed the gap.

Also fixes: ApiError test compilation — add suggested_action: None to 4 sites

- Line ~8414: opaque_provider_wrapper_surfaces_failure_class_session_and_trace
- Line ~8436: retry_exhaustion_uses_retry_failure_class_for_generic_provider_wrapper
- Line ~8499: provider_context_window_errors_are_reframed_with_same_guidance
- Line ~8533: retry_wrapped_context_window_errors_keep_recovery_guidance
 2026-04-20 14:35:07 +09:00
YeonGyu-Kim
dd73962d0b ROADMAP #122: doctor invocation does not check stale-base condition — run_stale_base_preflight() only invoked in Prompt + REPL paths, missing in doctor action handler; inconsistency: doctor says 'ok' but prompt warns 'stale base'; joins boot preflight / doctor contract family (#80-#83/#114) and silent-state inventory (#102/#127/#129/#245) 2026-04-20 13:11:12 +09:00
YeonGyu-Kim
027efb2f9f ROADMAP §4.44: Typed-error envelope contract (Silent-state inventory roll-up) — locks in structured error.kind/operation/target/errno/hint/retryable contract that closes the family of pinpoints currently scattered across #102 + #121 + #127 + #129 + #130 + #245; backward-compat additive; regression locked via golden-fixture; gates 'Run claw --help for usage' trailer on error.kind == usage; drafted jointly with gaebal-gajae during 2026-04-20 dogfood cycle 2026-04-20 13:03:50 +09:00
YeonGyu-Kim
866f030713 ROADMAP #130: claw export --output filesystem errors surface raw OS errno strings with zero context — 5 distinct failure modes all produce different errno strings but the same zero-context shape; no path echoed, no operation named, no io::ErrorKind classification, no actionable hint; JSON envelope flattens to {error, type} losing all structure; Run claw --help for usage trailer misleads on non-usage errors; joins JSON-envelope asymmetry family #90/#91/#92/#110/#115/#116 and truth-audit #80-#127/#129 2026-04-20 12:52:22 +09:00
YeonGyu-Kim
d2a83415dc ROADMAP #129: MCP server startup blocks credential validation in Prompt path — cred check ordered AFTER MCP child handshake await; misbehaved/slow MCP wedges every claw <prompt> invocation indefinitely; npx restart loop wastes resources; runtime-side companion to #102's config-time MCP gap; PARITY.md Lane 7 acceptance gap 2026-04-20 12:43:11 +09:00
YeonGyu-Kim
8122029eba ROADMAP #128: claw --model <malformed> (spaces, empty string, invalid syntax) silently accepted at parse time, falls through to cred-error misdirection; joins parser-level trust gap family #108/#117/#119/#122/#127; joins token-burn family #99/#127 2026-04-20 12:32:56 +09:00
YeonGyu-Kim
d284ef774e ROADMAP #127: claw <subcommand> --json silently falls through to LLM Prompt dispatch — diagnostic verbs (doctor, status, sandbox, skills, version, help) reject --json with cred-error misdirection; valid verb + unrecognized suffix arg = Prompt fall-through; 18th silent-flag, 5th parser-level trust gap, joins #108 + #117 + #119 + #122 2026-04-20 12:05:05 +09:00
YeonGyu-Kim
7370546c1c ROADMAP #126: /config [env|hooks|model|plugins] ignores section argument — all 4 subcommands return bit-identical file-list envelope; 4-way dispatch collapse 
Dogfooded 2026-04-18 on main HEAD b56841c from /tmp/cdFF2.

/config model, /config hooks, /config plugins, /config env all
return: {kind:'config', cwd, files:[...], loaded_files,
merged_keys} — BIT-IDENTICAL.

diff /config model vs /config hooks → empty.
Section argument parsed at slash-command level but not branched
on in the handler.

Help: '/config [env|hooks|model|plugins] Inspect Claude config
files or merged sections [resume]'
→ 'merged sections' never shown. Same file-list for all.

Third dispatch-collapse finding:
  #111: /providers → Doctor (2-way, wildly wrong)
  #118: /stats + /tokens + /cache → Stats (3-way, distinct)
  #126: /config env + hooks + model + plugins → file-list (4-way)

Fix shape (~60 lines):
- Section-specific handlers:
    /config model → resolved model, source, aliases
    /config hooks → pre_tool_use, post_tool_use arrays
    /config plugins → enabled_plugins list
    /config env → current file-list (already correct)
- Bare /config → current file-list envelope
- Regression per section

Joins Silent-flag/documented-but-unenforced.
Joins Truth-audit — help promises section inspection.
Joins Dispatch-collapse family: #111 + #118 + #126.

Natural bundle: #111 + #118 + #126 — dispatch-collapse trio.
Complete parser-dispatch-collapse audit across slash commands.

Filed in response to Clawhip pinpoint nudge 1495023618529300580
in #clawcode-building-in-public.
 2026-04-18 20:32:52 +09:00
YeonGyu-Kim
b56841c5f4 ROADMAP #125: git_state 'clean' emitted for non-git directories; GitWorkspaceSummary default all-zeros → is_clean() → 'clean' even when in_git_repo: false; contradictory doctor fields 
Dogfooded 2026-04-18 on main HEAD debbcbe from /tmp/cdBB2.

Non-git directory:
  $ mkdir /tmp/cdBB2 && cd /tmp/cdBB2   # NO git init
  $ claw --output-format json status | jq .workspace.git_state
  'clean'      # should be null — not in a git repo

  $ claw --output-format json doctor | jq '.checks[]
    | select(.name=="workspace") | {in_git_repo, git_state}'
  {"in_git_repo": false, "git_state": "clean"}
  # CONTRADICTORY: not in git BUT git is 'clean'

Trace:
  main.rs:2550-2554 parse_git_workspace_summary:
    let Some(status) = status else {
        return summary;   // all-zero default when no git
    };
  All-zero GitWorkspaceSummary → is_clean() (changed_files==0)
    → true → headline() = 'clean'

  main.rs:4950 status JSON: git_summary.headline() for git_state
  main.rs:1856 doctor workspace: same headline() for git_state

Fix shape (~25 lines):
- Return Option<GitWorkspaceSummary> when status is None
- headline() returns Option<String>: None when no git
- Status JSON: git_state: null when not in git
- Doctor: omit git_state when in_git_repo: false, or set null
- Optional: claw init skip .gitignore in non-git dirs
- Regression: non-git → null, git clean → 'clean',
  detached HEAD → 'clean' + 'detached HEAD'

Joins Truth-audit — 'clean' is a lie for non-git dirs.
Adjacent to #89 (claw blind to mid-rebase) — same field,
  different missing state.
Joins #100 (status/doctor JSON gaps) — another field whose
  value doesn't reflect reality.

Natural bundle: #89 + #100 + #125 — git-state-completeness
  triple: rebase/merge invisible (#89) + stale-base unplumbed
  (#100) + non-git 'clean' lie (#125). Complete git_state
  field failure coverage.

Filed in response to Clawhip pinpoint nudge 1495016073085583442
in #clawcode-building-in-public.
 2026-04-18 20:03:32 +09:00
YeonGyu-Kim
debbcbe7fb ROADMAP #124: --model accepts any string with zero validation; typos silently pass through; empty string accepted; status JSON has no model provenance 
Dogfooded 2026-04-18 on main HEAD bb76ec9 from /tmp/cdAA2.

--model flag has zero validation:
  claw --model sonet status → model:'sonet' (typo passthrough)
  claw --model '' status → model:'' (empty accepted)
  claw --model garbage status → model:'garbage' (any string)

Valid aliases do resolve:
  sonnet → claude-sonnet-4-6
  opus → claude-opus-4-6
  Config aliases also resolve via resolve_model_alias_with_config

But unresolved strings pass through silently. Typo 'sonet'
becomes literal model ID sent to API → fails late with
'model not found' after full context assembly.

Compare:
  --reasoning-effort: validates low|medium|high. Has guard.
  --permission-mode: validates against known set. Has guard.
  --model: no guard. Any string.
  --base-commit: no guard (#122). Same pattern.

status JSON:
  {model: 'sonet'} — shows resolved name only.
  No model_source (flag/config/default).
  No model_raw (pre-resolution input).
  No model_valid (known to any provider).
  Claw can't distinguish typo from exact model from alias.

Trace:
  main.rs:470-480 --model parsing:
    model = value.clone(); index += 2;
    No validation. Raw string stored.

  main.rs:1032-1046 resolve_model_alias_with_config:
    resolves known aliases. Unknown strings pass through.

  main.rs:~4951 status JSON builder:
    reports resolved model. No source/raw/valid fields.

Fix shape (~65 lines):
- Reject empty string at parse time
- Warn on unresolved aliases with fuzzy-match suggestion
- Add model_source, model_raw to status JSON
- Add model-validity check to doctor
- Regression per failure mode

Joins #105 (4-surface model disagreement) — model pair:
  #105 status ignores config model, doctor mislabels
  #124 --model flag unvalidated, no provenance in JSON

Joins #122 (--base-commit zero validation) — unvalidated-flag
pair: same parser pattern, no guards.

Joins Silent-flag/documented-but-unenforced as 17th.
Joins Truth-audit — status model field has no provenance.
Joins Parallel-entry-point asymmetry as 10th.

Filed in response to Clawhip pinpoint nudge 1495000973914144819
in #clawcode-building-in-public.
 2026-04-18 19:03:02 +09:00
YeonGyu-Kim
bb76ec9730 ROADMAP #123: --allowedTools tool-name normalization asymmetric; snake_case canonicals accept variants, PascalCase canonicals reject snake_case; whitespace+comma split undocumented; allowed_tools not surfaced in JSON 
Dogfooded 2026-04-18 on main HEAD 2bf2a11 from /tmp/cdZZ.

Asymmetric normalization:
  normalize_tool_name(value) = trim + lowercase + replace -→_

  Canonical 'read_file' (snake_case):
    accepts: read_file, READ_FILE, Read-File, read-file,
             Read (alias), read (alias)
    rejects: ReadFile, readfile, READFILE
    → Because normalize('ReadFile')='readfile', and name_map
      has key 'read_file' not 'readfile'.

  Canonical 'WebFetch' (PascalCase):
    accepts: WebFetch, webfetch, WEBFETCH
    rejects: web_fetch, web-fetch, Web-Fetch
    → Because normalize('WebFetch')='webfetch' (no underscore).
      User input 'web_fetch' normalizes to 'web_fetch' (keeps
      underscore). Keys don't match.

The normalize function ADDS underscores (hyphen→underscore) but
DOESN'T REMOVE them. So PascalCase canonicals have underscore-
free normalized keys; user input with explicit underscores keeps
them, creating key mismatch.

Result: 'bash,Bash,BASH,Read,read_file,Read-File,WebFetch' all
accepted, but 'web_fetch,web-fetch' rejected.

Additional silent-flag issues:
- Splits on commas OR whitespace (undocumented — help says
  TOOL[,TOOL...])
- 'bash,Bash,BASH' silently accepts all 3 case variants, no
  dedup warning
- Allowed tools NOT in status/doctor JSON — claw passing
  --allowedTools has no way to verify what runtime accepted

Trace:
  tools/src/lib.rs:192-244 normalize_allowed_tools:
    canonical_names from mvp_tool_specs + plugin_tools + runtime
    name_map: (normalize_tool_name(canonical), canonical)
    for token in value.split(|c| c==',' || c.is_whitespace()):
      lookup normalize_tool_name(token) in name_map

  tools/src/lib.rs:370-372 normalize_tool_name:
    fn normalize_tool_name(value: &str) -> String {
        value.trim().replace('-', '_').to_ascii_lowercase()
    }
    Replaces - with _. Lowercases. Does NOT remove _.

  Asymmetry source: normalize('WebFetch')='webfetch',
  normalize('web_fetch')='web_fetch'. Different keys.

  --allowedTools NOT plumbed into Status JSON output
  (no 'allowed_tools' field).

Fix shape (~50 lines):
- Symmetric normalization: strip underscores from both canonical
  and input, OR don't normalize hyphens in input either.
  Pick one convention.
- claw tools list / --allowedTools help subcommand that prints
  canonical names + accepted variants.
- Surface allowed_tools in status/doctor JSON when flag set.
- Document comma+whitespace split semantics in --help.
- Warn on duplicate tokens (bash,Bash,BASH = 3 tokens, 1 unique).
- Regression per normalization pair + status surface + duplicate.

Joins Silent-flag/documented-but-unenforced (#96-#101, #104,
#108, #111, #115, #116, #117, #118, #119, #121, #122) as 16th.

Joins Permission-audit/tool-allow-list (#94, #97, #101, #106,
#115, #120) as 7th.

Joins Truth-audit — status/doctor JSON hides what allowed-tools
set actually is.

Joins Parallel-entry-point asymmetry (#91, #101, #104, #105,
#108, #114, #117, #122) as 9th — --allowedTools vs
.claw.json permissions.allow likely disagree on normalization.

Natural bundles:
  #97 + #123 — --allowedTools trust-gap pair:
    empty silently blocks (#97) +
    asymmetric normalization + invisible runtime state (#123)

  Permission-audit 7-way (grown):
    #94 + #97 + #101 + #106 + #115 + #120 + #123

  Flagship permission-audit sweep 8-way (grown):
    #50 + #87 + #91 + #94 + #97 + #101 + #115 + #123

Filed in response to Clawhip pinpoint nudge 1494993419536306176
in #clawcode-building-in-public.
 2026-04-18 18:38:24 +09:00
YeonGyu-Kim
2bf2a11943 ROADMAP #122: --base-commit greedy-consumes next arg with zero validation; subcommand/flag swallow; stale-base signal missing from status/doctor JSON surfaces 
Dogfooded 2026-04-18 on main HEAD d1608ae from /tmp/cdYY.

Three related findings:

1. --base-commit has zero validation:
   $ claw --base-commit doctor
   warning: worktree HEAD (...) does not match expected
     base commit (doctor). Session may run against a stale
     codebase.
   error: missing Anthropic credentials; ...
   # 'doctor' used as base-commit value literally.
   # Subcommand absorbed. Prompt fallthrough. Billable.

2. Greedy swallow of next flag:
   $ claw --base-commit --model sonnet status
   warning: ...does not match expected base commit (--model)
   # '--model' taken as value. status never dispatched.

3. Garbage values silently accepted:
   $ claw --base-commit garbage status
   Status ...
   # No validation. No warning (status path doesn't run check).

4. Stale-base signal missing from JSON surfaces:
   $ claw --output-format json --base-commit $BASE status
   {"kind":"status", ...}
   # no stale_base, no base_commit, no base_commit_mismatch.

   Stale-base check runs ONLY on Prompt path, as stderr prose.

Trace:
  main.rs:487-494 --base-commit parsing:
    'base-commit' => {
        let value = args.get(index + 1).ok_or_else(...)?;
        base_commit = Some(value.clone());
        index += 2;
    }
    No format check. No reject-on-flag-prefix. No reject-on-
    known-subcommand.

  Compare main.rs:498-510 --reasoning-effort:
    validates 'low' | 'medium' | 'high'. Has guard.

  stale_base.rs check_base_commit runs on Prompt/turn path
  only. No Status/Doctor handler includes base_commit field.

  grep 'stale_base|base_commit_matches|base_commit:'
    rust/crates/rusty-claude-cli/src/main.rs | grep status|doctor
  → zero matches.

Fix shape (~40 lines):
- Reject values starting with '-' (flag-like)
- Reject known-subcommand names as values
- Optionally run 'git cat-file -e {value}' to verify real commit
- Plumb base_commit + base_commit_matches + stale_base_warning
  into Status and Doctor JSON surfaces
- Emit warning as structured JSON event too (not just stderr)
- Regression per failure mode

Joins Silent-flag/documented-but-unenforced (#96-#101, #104,
#108, #111, #115, #116, #117, #118, #119, #121) as 15th.

Joins Parser-level trust gaps: #108 + #117 + #119 + #122 —
billable-token silent-burn via parser too-eager consumption.

Joins Parallel-entry-point asymmetry (#91, #101, #104, #105,
#108, #114, #117) as 8th — stale-base implemented for Prompt
but absent from Status/Doctor.

Joins Truth-audit — 'expected base commit (doctor)' lies by
including user's mistake as truth.

Cross-cluster with Unplumbed-subsystem (#78, #96, #100, #102,
#103, #107, #109, #111, #113, #121) — stale-base signal in
runtime but not JSON.

Natural bundles:
  Parser-level trust gap quintet (grown):
    #108 + #117 + #119 + #122 — billable-token silent-burn
    via parser too-eager consumption.

  #100 + #122 — stale-base diagnostic-integrity pair:
    #100 stale-base subsystem unplumbed (general)
    #122 --base-commit accepts anything, greedy, Status/Doctor
      JSON unplumbed (specific)

Filed in response to Clawhip pinpoint nudge 1494978319920136232
in #clawcode-building-in-public.
 2026-04-18 18:03:35 +09:00
YeonGyu-Kim
d1608aede4 ROADMAP #121: hooks schema incompatible with Claude Code; error message misleading; doctor JSON emits 2 objects on failure breaking single-doc parsing; doctor has duplicate message+report fields 
Dogfooded 2026-04-18 on main HEAD b81e642 from /tmp/cdWW.

Four related findings in one:

1. hooks schema incompatible with Claude Code (primary):
   claw-code: {'hooks':{'PreToolUse':['cmd1','cmd2']}}
   Claude Code: {'hooks':{'PreToolUse':[
     {'matcher':'Bash','hooks':[{'type':'command','command':'...'}]}
   ]}}

   Flat string array vs matcher-keyed object array. Incompatible.
   User copying .claude.json hooks to .claw.json hits parse-fail.

2. Error message misleading:
   'field hooks.PreToolUse must be an array of strings, got an array'
   Both input and expected are arrays. Correct diagnosis:
   'got an array of objects where array of strings expected'

3. Missing Claude Code hook event types:
   claw-code supports: PreToolUse, PostToolUse, PostToolUseFailure
   Claude Code supports: above + UserPromptSubmit, Notification,
   Stop, SubagentStop, PreCompact, SessionStart
   5+ event types missing.
   matcher regex not supported.
   type: 'command' vs type: 'http' extensibility not supported.

4. doctor NDJSON output on failures:
   With failures present, --output-format json emits TWO
   concatenated JSON objects on stdout:
     Object 1: {kind:'doctor', has_failures:true, ...}
     Object 2: {type:'error', error:'doctor found failing checks'}

   python json.load() fails: 'Extra data: line 133 column 1'
   Flag name 'json' violated — NDJSON is not JSON.

5. doctor message + report byte-duplicated:
   .message and .report top-level fields have identical prose
   content. Parser ambiguity + byte waste.

Trace:
  config.rs:750-771 parse_optional_hooks_config_object:
    optional_string_array(hooks, 'PreToolUse', context)
    Expects ['cmd1', 'cmd2']. Claude Code gives
    [{matcher,hooks:[{type,command}]}]. Schema-incompatible.

  config.rs:775-779 validate_optional_hooks_config:
    calls same parser. Error bubbles up.
    Message comes from optional_string_array path —
    technically correct but misleading.

Fix shape (~200 lines + migration docs):
- Dual-schema hooks parser: accept native + Claude Code forms
- Add missing event types to RuntimeHookConfig
- Implement matcher regex
- Fix error message to distinguish array-element types
- Fix doctor: single JSON object regardless of failure state
- De-duplicate message + report (keep report, drop message)
- Regression per schema form + event type + matcher

Joins Claude Code migration parity (#103, #109, #116, #117,
#119, #120) as 7th — most severe parity break since hooks is
load-bearing automation infrastructure.

Joins Truth-audit on misleading error message.

Joins Silent-flag on --output-format json emitting NDJSON.

Cross-cluster with Unplumbed-subsystem (#78, #96, #100, #102,
#103, #107, #109, #111, #113) — hooks subsystem exists but
schema incompatible with reference implementation.

Natural bundles:
  Claude Code migration parity septet (grown flagship):
    #103 + #109 + #116 + #117 + #119 + #120 + #121
    Complete coverage of every migration failure mode.

  #107 + #121 — hooks-subsystem pair:
    #107 hooks invisible to JSON diagnostics
    #121 hooks schema incompatible with migration source

Filed in response to Clawhip pinpoint nudge 1494963222157983774
in #clawcode-building-in-public.
 2026-04-18 17:03:14 +09:00
YeonGyu-Kim
b81e6422b4 ROADMAP #120: .claw.json custom JSON5-partial parser accepts trailing commas but silently drops comments/unquoted/BOM; combined with alias table 'default'→ReadOnly + no-config→DangerFullAccess creates security-critical user-intent inversion 
Dogfooded 2026-04-18 on main HEAD 7859222 from /tmp/cdVV.

Extends #86 (silent-drop general case) with two new angles:

1. JSON5-partial acceptance matrix:
   ACCEPTED (loaded correctly):
     - trailing comma (one)
   SILENTLY DROPPED (loaded_config_files=0, zero stderr, exit 0):
     - line comments (//)
     - block comments (/* */)
     - unquoted keys
     - UTF-8 BOM
     - single quotes
     - hex numbers
     - leading commas
     - multiple trailing commas

   8 cases tested, 1 accepted, 7 silently dropped.
   The 1 accepted gives false signal of JSON5 tolerance.

2. Alias table creates user-intent inversion:
   config.rs:856-858:
     'default' | 'plan' | 'read-only' => ReadOnly
     'acceptEdits' | 'auto' | 'workspace-write' => WorkspaceWrite
     'dontAsk' | 'danger-full-access' => DangerFullAccess

   CRITICAL: 'default' in the config file = ReadOnly
             no config at all = DangerFullAccess (per #87)
   These are OPPOSITE modes.

   Security-inversion chain:
     user writes: {'// comment', 'defaultMode': 'default'}
     user intent: read-only
     parser: rejects comment
     read_optional_json_object: silently returns Ok(None)
     config loader: no config present
     permission_mode: falls back to no-config default
                      = DangerFullAccess
     ACTUAL RESULT: opposite of intent. ZERO warning.

Trace:
  config.rs:674-692 read_optional_json_object:
    is_legacy_config = (file_name == '.claw.json')
    match JsonValue::parse(&contents) {
        Ok(parsed) => parsed,
        Err(_error) if is_legacy_config => return Ok(None),
        Err(error) => return Err(ConfigError::Parse(...)),
    }
    is_legacy silent-drop. (#86 covers general case)

  json.rs JsonValue::parse — custom parser:
    accepts trailing comma
    rejects everything else JSON5-ish

Fix shape (~80 lines, overlaps with #86):
- Pick policy: strict JSON or explicit JSON5. Enforce consistently.
- Apply #86 fix here: replace silent-drop with warn-and-continue,
  structured warning in stderr + JSON surface.
- Rename 'default' alias OR map to 'ask' (matches English meaning).
- Structure status output: add config_parse_errors:[] field so
  claws detect silent drops via JSON without stderr-parsing.
- Regression matrix per JSON5 feature + security-invariant test.

Joins Permission-audit/tool-allow-list (#94, #97, #101, #106,
#115) as 6th — this is the CONFIG-PARSE anchor of the permission-
posture problem. Complete matrix:
  #87 absence → DangerFullAccess
  #101 env-var fail-OPEN → DangerFullAccess
  #115 init-generated dangerous default → DangerFullAccess
  #120 config parse-drops → DangerFullAccess

Joins Truth-audit on loaded_config_files=0 + permission_mode=
danger-full-access inconsistency without config_parse_errors[].

Joins Reporting-surface/config-hygiene (#90, #91, #92, #110,
#115, #116) on silent-drop-no-stderr-exit-0 axis.

Joins Claude Code migration parity (#103, #109, #116, #117,
#119) as 6th — claw-code is strict-where-Claude-was-lax (#116)
AND lax-where-Claude-was-strict (#120). Maximum migration confusion.

Natural bundles:
  #86 + #120 — config-parse reliability pair:
    silent-drop general case (#86) +
    JSON5-partial-acceptance + alias-inversion (#120)

  Permission-drift-at-every-boundary 4-way:
    #87 + #101 + #115 + #120 — absence + env-var + init +
    config-drop. Complete coverage of every path to DangerFullAccess.

  Security-critical permission drift audit mega-bundle:
    #86 + #87 + #101 + #115 + #116 + #120 — five-way sweep of
    every path to wrong permissions.

Filed in response to Clawhip pinpoint nudge 1494955670791913508
in #clawcode-building-in-public.
 2026-04-18 16:34:19 +09:00
YeonGyu-Kim
78592221ec ROADMAP #119: claw <slash-only verb> + any arg silently falls through to Prompt; bare_slash_command_guidance gated by rest.len() != 1; 9 known verbs affected 
Dogfooded 2026-04-18 on main HEAD 3848ea6 from /tmp/cdUU.

The 'this is a slash command' helpful-error only fires when
invoked EXACTLY bare. Adding ANY argument silently falls through
to Prompt dispatch and burns billable tokens.

$ claw --output-format json hooks
{"error":"`claw hooks` is a slash command. Use `claw
--resume SESSION.jsonl /hooks`..."}
# clean error

$ claw --output-format json hooks --help
{"error":"missing Anthropic credentials; ..."}
# Prompt fallthrough. The CLI tried to send 'hooks --help'
# to the LLM as a user prompt.

9 known slash-only verbs affected:
  hooks, plan, theme, tasks, subagent, agent, providers,
  tokens, cache

All exhibit identical pattern:
  bare verb → clean error
  verb + any arg (--help, list, on, off, --json, etc) →
    Prompt fallthrough, billable LLM call

User pattern: 'claw status --help' prints usage. So users
naturally try 'claw hooks --help' expecting same. Gets
charged for prompt 'hooks --help' to LLM instead.

Trace:
  main.rs:745-763 entry point:
    if rest.len() != 1 { return None; }   <-- THE BUG
    match rest[0].as_str() {
        'help' => ...,
        'version' => ...,
        other => bare_slash_command_guidance(other).map(Err),
    }

  main.rs:765-793 bare_slash_command_guidance:
    looks up command in slash_command_specs()
    returns helpful error string
    WORKS CORRECTLY — just never called when args present

Claude Code convention: 'claude hooks --help' prints usage,
'claude hooks list' lists hooks. claw-code silently charges.

Compare sibling bugs:
  #108 typo'd verb + args → Prompt (typo path)
  #117 -p 'text' --arg → Prompt with swallowed flags (greedy -p)
  #119 known slash-verb + any arg → Prompt (too-narrow guidance)

All three are silent-billable-token-burn. Same underlying cause:
too-narrow parser detection + greedy Prompt dispatch.

Fix shape (~35 lines):
- Remove rest.len() != 1 gate. Widen to:
    if rest.is_empty() { return None; }
    let first = rest[0].as_str();
    if rest.len() == 1 {
        // existing bare-verb handling
    }
    if let Some(guidance) = bare_slash_command_guidance(first) {
        return Some(Err(format!(
            '{} The extra argument `{}` was not recognized.',
            guidance, rest[1..].join(' ')
        )));
    }
    None
- Subcommand --help support: catch --help for all recognized
  slash verbs, print SlashCommandSpec.description
- Regression tests: 'claw <verb> --help' prints help,
  'claw <verb> any arg' prints guidance, no Prompt fallthrough

Joins Silent-flag/documented-but-unenforced (#96-#101, #104,
#108, #111, #115, #116, #117, #118) as 14th.

Joins Claude Code migration parity (#103, #109, #116, #117)
as 5th — muscle memory from claude <verb> --help burns tokens.

Joins Truth-audit — 'missing credentials' is a lie; real cause
is CLI invocation was interpreted as chat prompt.

Cross-cluster with Parallel-entry-point asymmetry — slash-verb
with args is another entry point differing from bare form.

Natural bundles:
  #108 + #117 + #119 — billable-token silent-burn triangle:
    typo fallthrough (#108) +
    flag swallow (#117) +
    known-slash-verb fallthrough (#119)
  #108 + #111 + #118 + #119 — parser-level trust gap quartet:
    typo fallthrough + 2-way collapse + 3-way collapse +
    known-verb fallthrough

Filed in response to Clawhip pinpoint nudge 1494948121099243550
in #clawcode-building-in-public.
 2026-04-18 16:03:37 +09:00
YeonGyu-Kim
3848ea64e3 ROADMAP #118: /stats, /tokens, /cache all collapse to SlashCommand::Stats; 3-way dispatch collapse with 3 distinct help descriptions 
Dogfooded 2026-04-18 on main HEAD b9331ae from /tmp/cdTT.

Three slash commands collapse to one handler:

$ claw --help | grep -E '^\s*/(stats|tokens|cache)\s'
  /stats   Show workspace and session statistics [resume]
  /tokens  Show token count for the current conversation [resume]
  /cache   Show prompt cache statistics [resume]

Three distinct promises. One implementation:

$ claw --resume s --output-format json /stats
{"kind":"stats","input_tokens":0,"output_tokens":0,
 "cache_creation_input_tokens":0,"cache_read_input_tokens":0,
 "total_tokens":0}

$ claw --resume s --output-format json /tokens
{"kind":"stats", ...identical...}

$ claw --resume s --output-format json /cache
{"kind":"stats", ...identical...}

diff /stats /tokens → empty
diff /stats /cache → empty
kind field is always 'stats', never 'tokens' or 'cache'.

Trace:
  commands/src/lib.rs:1405-1408:
    'stats' | 'tokens' | 'cache' => {
        validate_no_args(command, &args)?;
        SlashCommand::Stats
    }

  commands/src/lib.rs:317 SlashCommandSpec name='stats' registered
  commands/src/lib.rs:702 SlashCommandSpec name='tokens' registered
  SlashCommandSpec name='cache' also registered
  Each has distinct summary/description in help.

  No SlashCommand::Tokens or SlashCommand::Cache variant exists.

  main.rs:2872-2879 SlashCommand::Stats handler hard-codes
    'kind': 'stats' regardless of which alias invoked.

More severe than #111:
  #111: /providers → Doctor (2-way collapse, wildly wrong category)
  #118: /stats + /tokens + /cache → Stats (3-way collapse with
    THREE distinct advertised purposes)

The collapse hides information that IS available. /stats output
has cache_creation_input_tokens + cache_read_input_tokens as
top-level fields, so cache data is PRESENT. But /cache should
probably return {kind:'cache', cache_hits, cache_misses,
hit_rate}, a cache-specific schema. Similarly /tokens should
return {kind:'tokens', conversation_total, turns,
average_per_turn}. Implementation returns the union for all.

Fix shape (~90 lines):
- Add SlashCommand::Tokens and SlashCommand::Cache variants
- Parser arms:
    'tokens' => SlashCommand::Tokens
    'cache' => SlashCommand::Cache
    'stats' => SlashCommand::Stats
- Handlers with distinct output schemas:
    /tokens: {kind:'tokens', conversation_total, input_tokens,
             output_tokens, turns, average_per_turn}
    /cache: {kind:'cache', cache_creation_input_tokens,
            cache_read_input_tokens, cache_hits, cache_misses,
            hit_rate_pct}
    /stats: {kind:'stats', subsystem:'all', ...}
- Regression per alias: kind matches, schema matches purpose
- Sweep parser for other collapse arms
- If aliasing intentional, annotate --help with (alias for X)

Joins Silent-flag/documented-but-unenforced (#96-#101, #104,
#108, #111, #115, #116, #117) as 13th — more severe than #111.

Joins Truth-audit on help-vs-implementation mismatch axis.

Cross-cluster with Parallel-entry-point asymmetry on multiple-
surfaces-identical-implementation axis.

Natural bundles:
  #111 + #118 — dispatch-collapse pair:
    /providers → Doctor (2-way, wildly wrong)
    /stats+/tokens+/cache → Stats (3-way, distinct purposes)
    Complete parser-dispatch audit shape.
  #108 + #111 + #118 — parser-level trust gaps:
    typo fallthrough (#108) +
    2-way collapse (#111) +
    3-way collapse (#118)

Filed in response to Clawhip pinpoint nudge 1494940571385593958
in #clawcode-building-in-public.
 2026-04-18 15:32:30 +09:00
YeonGyu-Kim
b9331ae61b ROADMAP #117: -p flag is super-greedy, swallows all subsequent args into prompt; --help/--version/--model after -p silently consumed; flag-like prompts bypass emptiness check 
Dogfooded 2026-04-18 on main HEAD f2d6538 from /tmp/cdSS.

-p (Claude Code compat shortcut) at main.rs:524-538:
  "-p" => {
      let prompt = args[index + 1..].join(" ");
      if prompt.trim().is_empty() {
          return Err(...);
      }
      return Ok(CliAction::Prompt {...});
  }

args[index+1..].join(" ") = ABSORBS EVERY subsequent arg.
return Ok(...) = short-circuits parser, discards wants_help etc.

Failure modes:

1. Silent flag swallow:
   claw -p "test" --model sonnet --output-format json
   → prompt = "test --model sonnet --output-format json"
   → model: default (not sonnet), format: text (not json)
   → LLM receives literal string '--model sonnet' as user input
   → billable tokens burned on corrupted prompt

2. --help/--version defeated:
   claw -p "test" --help         → sends 'test --help' to LLM
   claw -p "test" --version      → sends 'test --version' to LLM
   claw --help -p "test"         → wants_help=true set, then discarded
     by -p's early return. Help never prints.

3. Emptiness check too weak:
   claw -p --model sonnet
   → prompt = "--model sonnet" (non-empty)
   → passes is_empty() check
   → sends '--model sonnet' to LLM as the user prompt
   → no error raised

4. Flag-order invisible:
   claw --model sonnet -p "test"   → WORKS (model parsed first)
   claw -p "test" --model sonnet   → BROKEN (--model swallowed)
   Same flags, different order, different behavior.
   --help has zero warning about flag-order semantics.

Compare Claude Code:
  claude -p "prompt" --model sonnet → works (model takes effect)
  claw -p "prompt" --model sonnet   → silently broken

Fix shape (~40 lines):
- "-p" takes exactly args[index+1] as prompt, continues parsing:
    let prompt = args.get(index+1).cloned().unwrap_or_default();
    if prompt.trim().is_empty() || prompt.starts_with('-') {
        return Err("-p requires a prompt string");
    }
    pending_prompt = Some(prompt);
    index += 2;
- Reject prompts that start with '-' unless preceded by '--':
    'claw -p -- --literal-prompt' = literal '--literal-prompt'
- Consult wants_help before returning from -p branch.
- Regression tests:
    -p "prompt" --model sonnet → model takes effect
    -p "prompt" --help → help prints
    -p --foo → error
    --help -p "test" → help prints
    -p -- --literal → literal prompt sent

Joins Silent-flag/documented-but-unenforced (#96-#101, #104,
#108, #111, #115, #116) as 12th — -p is undocumented in --help
yet actively broken.

Joins Parallel-entry-point asymmetry (#91, #101, #104, #105,
#108, #114) as 7th — three entry points (prompt TEXT, bare
positional, -p TEXT) with subtly different arg-parsing.

Joins Claude Code migration parity (#103, #109, #116) as 4th —
users typing 'claude -p "..." --model ...' muscle memory get
silent prompt corruption.

Joins Truth-audit — parser lies about what it parsed.

Natural bundles:
  #108 + #117 — billable-token silent-burn pair:
    typo fallthrough burns tokens (#108) +
    flag-swallow burns tokens (#117)
  #105 + #108 + #117 — model-resolution triangle:
    status ignores .claw.json model (#105) +
    typo statuss burns tokens (#108) +
    -p --model sonnet silently ignored (#117)

Filed in response to Clawhip pinpoint nudge 1494933025857736836
in #clawcode-building-in-public.
 2026-04-18 15:01:47 +09:00
YeonGyu-Kim
f2d653896d ROADMAP #116: unknown keys in .claw.json hard-fail startup with exit 1; Claude Code migration parity broken (apiKeyHelper rejected); forward-compat impossible; only first error surfaces 
Dogfooded 2026-04-18 on main HEAD ad02761 from /tmp/cdRR.

Three related gaps in one finding:

1. Unknown keys are strict ERRORS, not warnings:
   {"permissions":{"defaultMode":"default"},"futureField":"x"}
   $ claw --output-format json status
     # stdout: empty
     # stderr: {"type":"error","error":"unknown key futureField"}
     # exit: 1

2. Claude Code migration parity broken:
   $ cp .claude.json .claw.json
   # .claude.json has apiKeyHelper (real Claude Code field)
   $ claw --output-format json status
     # stderr: unknown key apiKeyHelper → exit 1
   No 'this is a Claude Code field we don't support, ignored' message.

3. Only errors[0] is reported — iterative discovery required:
   3 unknown fields → 3 edit-run-fix cycles to fix them all.

Error-routing split with --output-format json:
  success → stdout
  errors → stderr (structured JSON)
  Empty stdout on config errors. A claw piping stdout silently
  gets nothing. Must capture both streams.

No escape hatch. No --ignore-unknown-config, no --strict flag,
no strictValidation config option.

Trace:
  config.rs:282-291 ConfigLoader gate:
    let validation = validate_config_file(...);
    if !validation.is_ok() {
        let first_error = &validation.errors[0];
        return Err(ConfigError::Parse(first_error.to_string()));
    }
    all_warnings.extend(validation.warnings);

  config_validate.rs:19-47 DiagnosticKind::UnknownKey:
    level: DiagnosticLevel::Error (not Warning)

  config_validate.rs schema allow-list is hard-coded. No
  forward-compat extension (no x-* reserved namespace, no
  additionalProperties: true, no opt-in lax mode).

  grep 'apiKeyHelper' rust/crates/runtime/ → 0 matches.
  Claude-Code-native fields not tolerated as no-ops.

  grep 'ignore.*unknown|--no-validate|strict.*validation'
    rust/crates/ → 0 matches. No escape hatch.

Fix shape (~100 lines):
- Downgrade UnknownKey Error → Warning default. ~5 lines.
- Add strict mode flag: .claw.json strictValidation: true OR
  --strict-config CLI flag. Default off. ~15 lines.
- Collect all diagnostics, don't halt on first. ~20 lines.
- TOLERATED_CLAUDE_CODE_FIELDS allow-list: apiKeyHelper, env
  etc. emit migration-hint warning 'not yet supported; ignored'
  instead of hard-fail. ~30 lines.
- Emit structured error envelope on stdout too, not just stderr.
  --output-format json stdout includes config_diagnostics[]. ~15.
- Wire suggestion: Option<String> for UnknownKey via fuzzy
  match ('permisions' → 'permissions'). ~15 lines.
- Regression tests per outcome.

Joins Claude Code migration parity (#103, #109) as 3rd member —
most severe migration break. #103 silently drops .md files,
#109 stderr-prose warnings, #116 outright hard-fails.

Joins Reporting-surface/config-hygiene (#90, #91, #92, #110,
#115) on error-routing-vs-stdout axis.

Joins Silent-flag/documented-but-unenforced (#96-#101, #104,
#108, #111, #115) — only first error reported, rest silent.

Cross-cluster with Truth-audit — validation.is_ok() hides all
but first structured problem.

Natural bundles:
  #103 + #109 + #116 — Claude Code migration parity triangle:
    loss of compat (.md dropped) +
    loss of structure (stderr prose warnings) +
    loss of forward-compat (unknowns hard-fail)
  #109 + #116 — config validation reporting surface:
    only first warning surfaces structurally (#109)
    only first error surfaces structurally AND halts (#116)

Filed in response to Clawhip pinpoint nudge 1494925472239321160
in #clawcode-building-in-public.
 2026-04-18 14:03:20 +09:00
YeonGyu-Kim
ad02761918 ROADMAP #115: claw init hardcodes 'defaultMode: dontAsk' alias for danger-full-access; init output zero security signal; JSON wraps prose 
Dogfooded 2026-04-18 on main HEAD ca09b6b from /tmp/cdPP.

Three compounding issues in one finding:

1. claw init generates .claw.json with dangerous default:
   $ claw init && cat .claw.json
   {"permissions":{"defaultMode":"dontAsk"}}

   $ claw status | grep permission_mode
   permission_mode: danger-full-access

2. The 'dontAsk' alias obscures the actual security posture:
   config.rs:858 "dontAsk" | "danger-full-access" =>
     Ok(ResolvedPermissionMode::DangerFullAccess)

   User reads 'dontAsk' as 'skip confirmations I'd otherwise see'
   — NOT 'grant every tool unconditional access'. But the two
   parse identically. Alias name dilutes severity.

3. claw init --output-format json wraps prose in message field:
   {
     "kind": "init",
     "message": "Init\n  Project  /private/tmp/cdPP\n
        .claw/  created\n..."
   }
   Claws orchestrating setup must string-parse \n-prose to
   know what got created. No files_created[], no
   resolved_permission_mode, no security_posture.

Zero mention of 'danger', 'permission', or 'access' anywhere
in init output. The init report says 'Review and tailor the
generated guidance' — implying there's something benign to tailor.

Trace:
  rusty-claude-cli/src/init.rs:4-9 STARTER_CLAW_JSON constant:
    hardcoded {"permissions":{"defaultMode":"dontAsk"}}
  runtime/src/config.rs:858 alias resolution:
    "dontAsk" | "danger-full-access" => DangerFullAccess
  rusty-claude-cli/src/init.rs:370 JSON-output also emits
    'defaultMode': 'dontAsk' literal.
  grep 'dontAsk' rust/crates/ → 4 matches. None explain that
    dontAsk == danger-full-access anywhere user-facing.

Fix shape (~60 lines):
- STARTER_CLAW_JSON default → 'default' (explicit safe). Users
  wanting danger-full-access opt in. ~5 lines.
- init output warns when effective mode is DangerFullAccess:
  'security: danger-full-access (unconditional tool approval).'
  ~15 lines.
- Structure the init JSON:
  {kind, files:[{path,action}], resolved_permission_mode,
   permission_mode_source, security_warnings:[]}
  ~30 lines.
- Deprecate 'dontAsk' alias OR log warning at parse: 'alias for
  danger-full-access; grants unconditional tool access'. ~8 lines.
- Regression tests per outcome.

Builds on #87 and amplifies it:
  #87: absence-of-config default = danger-full-access
  #101: fail-OPEN on bad RUSTY_CLAUDE_PERMISSION_MODE env var
  #115: init actively generates the dangerous default

Three sequential compounding permission-posture failures.

Joins Permission-audit/tool-allow-list (#94, #97, #101, #106)
as 5th member — init-time anchor of the permission problem.
Joins Silent-flag/documented-but-unenforced on silent-setting
axis. Cross-cluster with Reporting-surface/config-hygiene
(prose-wrapped JSON) and Truth-audit (misleading 'Next step'
phrasing).

Natural bundle: #87 + #101 + #115 — 'permission drift at every
boundary': absence default + env-var bypass + init-generated.

Flagship permission-audit sweep grows 7-way:
  #50 + #87 + #91 + #94 + #97 + #101 + #115

Filed in response to Clawhip pinpoint nudge 1494917922076889139
in #clawcode-building-in-public.
 2026-04-18 13:32:46 +09:00
YeonGyu-Kim
ca09b6b374 ROADMAP #114: /session list and --resume disagree after /clear; reported session_id unresumable; .bak files invisible; 0-byte files fabricate phantoms 
Dogfooded 2026-04-18 on main HEAD 43eac4d from /tmp/cdNN and /tmp/cdOO.

Three related findings on session reference resolution asymmetry:

1. /clear divergence (primary):
   - /clear --confirm rewrites session_id inside the file header
     but reuses the old filename.
   - /session list reads meta header, reports new id.
   - --resume looks up by filename stem, not meta header.
   - Net: /session list reports ids that --resume can't resolve.

   Concrete:
     claw --resume ses /clear --confirm
       → new_session_id: session-1776481564268-1
       → file still named ses.jsonl, meta session_id now the new id
     claw --resume ses /session list
       → active: session-1776481564268-1
     claw --resume session-1776481564268-1
       → ERROR session not found

2. .bak files filtered out of /session list silently:
   ls .claw/sessions/<bucket>/
     ses.jsonl    ses.jsonl.before-clear-<ts>.bak
   /session list → only ses.jsonl visible, .bak zero discoverability
   is_managed_session_file only matches .jsonl and .json.

3. 0-byte session files fabricate phantom sessions:
   touch .claw/sessions/<bucket>/emptyses.jsonl
   claw --resume emptyses /session list
     → active: session-<ms>-0
     → sessions: [session-<ms>-1]
     Two different fabricated ids, neither persisted to disk.
     --resume either fabricated id → 'session not found'.

Trace:
  session_control.rs:86-116 resolve_reference:
    handle.id = session_id_from_path(&path)     (filename stem)
                .unwrap_or_else(|| ref.to_string())
    Meta header NEVER consulted for ref → id mapping.

  session_control.rs:118-137 resolve_managed_path:
    for ext in [jsonl, json]:
      path = sessions_root / '{ref}.{ext}'
      if path.exists(): return
    Lookup key is filename. Zero fallback to meta scan.

  session_control.rs:228-285 collect_sessions_from_dir:
    on load success: summary.id = session.session_id    (meta)
    on load failure: summary.id = path.file_stem()      (filename)
    /session list thus reports meta ids for good files.

  /clear handler rewrites session_id in-place, writes to same
  session_path. File keeps old name, gets new id inside.

  is_managed_session_file filters .jsonl/.json only. .bak invisible.

Fix shape (~90 lines):
- /clear preserves filename's identity (Option A: keep session_id,
  wipe content). /session fork handles new-id semantics (#113).
- resolve_reference falls back to meta-header scan when filename
  lookup fails. Covers legacy divergent files.
- /session list surfaces backups via --include-backups flag OR
  separate backups: [] array with structured metadata.
- 0-byte session files produce SessionError::EmptySessionFile
  instead of silent fabrication. Structured error, not phantom.
- regression tests per failure mode.

Joins Session-handling: #93 + #112 + #113 + #114 — reference
resolution + concurrent-modification + programmatic management +
reference/enumeration asymmetry. Complete session-handling cluster.

Joins Truth-audit — /session list output factually wrong about
what is resumable.

Cross-cluster with Parallel-entry-point asymmetry (#91, #101,
#104, #105, #108) — entry points reading same underlying data
produce mutually inconsistent identifiers.

Natural bundle: #93 + #112 + #113 + #114 (session-handling
quartet — complete coverage).

Alternative bundle: #104 + #114 — /clear filename semantics +
/export filename semantics both hide identity in filename.

Filed in response to Clawhip pinpoint nudge 1494895272936079493
in #clawcode-building-in-public.
 2026-04-18 12:09:31 +09:00
YeonGyu-Kim
43eac4d94b ROADMAP #113: /session switch/fork/delete unsupported from --resume; no claw session CLI subcommand; REPL-only programmatic gap 
Dogfooded 2026-04-18 on main HEAD 8b25daf from /tmp/cdJJ.

Test matrix:
  /session list              → works (structured JSON)
  /session switch s          → 'unsupported resumed slash command'
  /session fork foo          → 'unsupported resumed slash command'
  /session delete s          → 'unsupported resumed slash command'
  /session delete s --force  → 'unsupported resumed slash command'

  claw session delete s      → Prompt fallthrough (#108), 'missing
                               credentials' from LLM error path

Help documents ALL session verbs as one unified capability:
  /session [list|switch <session-id>|fork [branch-name]|delete
           <session-id> [--force]]
  Summary: 'List, switch, fork, or delete managed local sessions'

Implementation:
  main.rs:10618 parser builds SlashCommand::Session{action, target}
    for every subverb. All parse successfully.
  main.rs:2908-2925 dedicated /session list handler. Only one.
  main.rs:2936-2940+ catch-all:
    SlashCommand::Session {..} | SlashCommand::Plugins {..} | ...
    => Err(format_unsupported_resumed_slash_command(...))
  main.rs:3963 SlashCommand::Session IS handled in LiveCli REPL
    path — switch/fork/delete implemented for interactive mode.
  runtime/session_control.rs:131+ SessionStore::resolve_reference,
    delete_managed_session, fork_managed_session all exist.
  grep 'claw session\b' main.rs → zero matches. No CLI subcommand.

Gap: backing code exists, parser understands verbs, REPL handler
wired — ONLY the --resume dispatch path lacks switch/fork/delete
plumbing, and there's no claw session CLI subcommand as
programmatic alternative.

A claw orchestrating session lifecycle at scale has three options:
  a) start interactive REPL (impossible without TTY)
  b) manual .claw/sessions/ rm/cp (bypasses bookkeeping, breaks
     with #112's proposed locking)
  c) stick to /session list + /clear, accept missing verbs

Fix shape (~130 lines):
- /session switch <id> in run_resume_command (~25 lines)
- /session fork [branch] in run_resume_command (~30 lines)
- /session delete <id> [--force] in run_resume_command (~30),
  --force required without TTY
- claw session <verb> CLI subcommand (~40)
- --help: annotate which session verbs are resume-safe vs REPL-only
- regression tests per verb x (CLI / slash-via-resume)

Joins Unplumbed-subsystem (#78, #96, #100, #102, #103, #107, #109,
#111) as 9th declared-but-not-delivered surface. Joins Session-
handling (#93, #112) as 3rd member. Cross-cluster with Silent-
flag on help-vs-impl mismatch.

Natural bundles:
  #93 + #112 + #113 — session-handling triangle (semantic /
    concurrency / management API)
  #78 + #111 + #113 — declared-but-not-delivered triangle with
    three flavors:
      #78 fails-noisy (CLI variant → Prompt fallthrough)
      #111 fails-quiet (slash → wrong handler)
      #113 no-handler-at-all (slash → unsupported-resumed)

Filed in response to Clawhip pinpoint nudge 1494887723818029156
in #clawcode-building-in-public.
 2026-04-18 11:33:10 +09:00
YeonGyu-Kim
8b25daf915 ROADMAP #112: concurrent /compact and /clear race with raw 'No such file or directory (os error 2)' on session file 
Dogfooded 2026-04-18 on main HEAD a049bd2 from /tmp/cdII.

5 concurrent /compact on same session → 4 succeed, 1 races with
raw ENOENT. Same pattern with concurrent /clear --confirm.

Trace:
  session.rs:204-212 save_to_path:
    rotate_session_file_if_needed(path)?
    write_atomic(path, &snapshot)?
    cleanup_rotated_logs(path)?
  Three steps. No lock around sequence.

  session.rs:1085-1094 rotate_session_file_if_needed:
    metadata(path) → rename(path, rot_path)
  Classic TOCTOU. Race window between check and rename.

  session.rs:1063-1071 write_atomic:
    writes .tmp-{ts}-{counter}, renames to path
  Atomic per rename, not per multi-step sequence.

  cleanup_rotated_logs deletes .rot-{ts} files older than 3 most
  recent. Can race against another process reading that rot file.

  No flock, no advisory lock file, no fcntl.
  grep 'flock|FileLock|advisory' session.rs → zero matches.

  SessionError::Io Display forwards os::Error Display:
    'No such file or directory (os error 2)'
  No domain translation to 'session file vanished during save'
  or 'concurrent modification detected, retry safe'.

Fix shape (~90 lines + test):
- advisory lock: .claw/sessions/<bucket>/<session>.jsonl.lock
  exclusive flock for duration of save_to_path (fs2 crate)
- domain error variants:
    SessionError::ConcurrentModification {path, operation}
    SessionError::SessionFileVanished {path}
- error-to-JSON mapping:
    {error_kind: 'concurrent_modification', retry_safe: true}
- retry-policy hints on idempotent ops (/compact, /clear)
- regression test: spawn 10 concurrent /compact, assert all
  success OR structured ConcurrentModification (no raw os_error)

Affected operations:
- /compact (session save_to_path after compaction)
- /clear --confirm (save_to_path after new session)
- /export (may hit rotation boundary)
- Turn-persist (append_persisted_message can race rotation)

Not inherently a bug if sessions are single-writer, but
workspace-bucket scoping at session_control.rs:31-32 assumes
one claw per workspace. Parallel ulw lanes, CI matrix runners,
orchestration loops all violate that assumption.

Joins truth-audit (error lies by omission about what happened).
New micro-cluster 'session handling' with #93. Adjacent to
#104 on session-file-handling axis.

Natural bundle: #93 + #112 (session semantic correctness +
concurrency error clarity).

Filed in response to Clawhip pinpoint nudge 1494880177099116586
in #clawcode-building-in-public.
 2026-04-18 11:03:12 +09:00
YeonGyu-Kim
a049bd29b1 ROADMAP #111: /providers documented as 'List available model providers' but dispatches to Doctor 
Dogfooded 2026-04-18 on main HEAD b2366d1 from /tmp/cdHH.

Specification mismatch at the command-dispatch layer:
  commands/src/lib.rs:716-720  SlashCommandSpec registry:
    name: 'providers', summary: 'List available model providers'
  commands/src/lib.rs:1386     parser:
    'doctor' | 'providers' => SlashCommand::Doctor

So /providers dispatches to SlashCommand::Doctor. A claw calling
/providers expecting {kind: 'providers', providers: [...]} gets
{kind: 'doctor', checks: [auth, config, install_source, workspace,
sandbox, system]} instead. Same top-level kind field name,
completely different payload.

Help text lies twice:
  --help slash listing: '/providers   List available model providers'
  --help Resume-safe summary: includes /providers

Unlike STUB_COMMANDS (#96) which fail noisily, /providers fails
QUIETLY — returns wrong subsystem output.

Runtime has provider data:
  ProviderKind::{Anthropic, Xai, OpenAi, ...} at main.rs:1143-1147
  resolve_repl_model with provider-prefix routing
  pricing_for_model with per-provider costs
  provider_fallbacks config field
Scaffolding is present; /providers just doesn't use it.

By contrast /tokens → Stats and /cache → Stats are semantically
reasonable (Stats has the requested data). /providers → Doctor
is genuinely bizarre.

Fix shape:
  A. Implement: SlashCommand::Providers variant + render helper
     using ProviderKind + provider_fallbacks + env-var check (~60)
  B. Remove: delete 'providers' from registry + parser (~3 lines)
     then /providers becomes 'unknown, did you mean /doctor?'
  Either way: fix --help to match.

Parallel to #78 (claw plugins CLI variant never constructed,
falls through to prompt). Both are 'declared in spec, not
implemented as declared.' #78 fails noisy, #111 fails quiet.

Joins silent-flag cluster (#96-#101, #104, #108) — 8th
doc-vs-impl mismatch. Joins unplumbed-subsystem (#78, #96,
#100, #102, #103, #107, #109) as 8th declared-but-not-
delivered surface. Joins truth-audit.

Natural bundles:
  #78 + #96 + #111 — declared-but-not-as-declared triangle
  #96 + #108 + #111 — full --help/dispatch hygiene quartet
    (help-filter-leaks + subcommand typo fallthrough + slash
    mis-dispatch)

Filed in response to Clawhip pinpoint nudge 1494872623782301817
in #clawcode-building-in-public.
 2026-04-18 10:34:25 +09:00
YeonGyu-Kim
b2366d113a ROADMAP #110: ConfigLoader only checks cwd paths; .claw.json at project_root invisible from subdirectories 
Dogfooded 2026-04-18 on main HEAD 16244ce from /tmp/cdGG/nested/deep/dir.

ConfigLoader::discover at config.rs:242-270 hardcodes every
project/local path as self.cwd.join(...):
  - self.cwd.join('.claw.json')
  - self.cwd.join('.claw').join('settings.json')
  - self.cwd.join('.claw').join('settings.local.json')

No ancestor walk. No consultation of project_root.

Concrete:
  cd /tmp/cdGG && git init && echo '{permissions:{defaultMode:read-only}}' > .claw.json
  cd /tmp/cdGG/nested/deep/dir
  claw status → permission_mode: 'danger-full-access' (fallback)
  claw doctor → 'Config files loaded 0/0, defaults are active'
  But project_root: /tmp/cdGG is correctly detected via git walk.
  Same config file, same repo, invisible from subdirectory.

Meanwhile CLAUDE.md discovery walks ancestors unbounded (per #85
over-discovery). Same subsystem category, opposite policy, no doc.

Security-adjacent per #87: permission-mode fallback is
danger-full-access. cd'ing to a subdirectory silently upgrades
from read-only (configured) → danger-full-access (fallback) —
workspace-location-dependent permission drift.

Fix shape (~90 lines):
- add project_root_for(&cwd) helper (reuse git-root walker from
  render_doctor_report)
- config search: user → project_root/.claw.json →
  project_root/.claw/settings.json → cwd/.claw.json (overlay) →
  cwd/.claw/settings.* (overlays)
- optionally walk intermediate ancestors
- surface 'where did my config come from' in doctor (pairs with
  #106 + #109 provenance)
- warn when cwd has no config but project_root does
- documentation parity with CLAUDE.md
- regression tests per cwd depth + overlay precedence

Joins truth-audit (doctor says 'ok, defaults active' when config
exists). Joins discovery-overreach as opposite-direction sibling:
  #85: skills ancestor walk UNBOUNDED (over-discovery)
  #88: CLAUDE.md ancestor walk enables injection
  #110: config NO ancestor walk (under-discovery)

Natural bundle: #85 + #110 (ancestor policy unification), or
#85 + #88 + #110 (full three-way ancestor-walk audit).

Filed in response to Clawhip pinpoint nudge 1494865079567519834
in #clawcode-building-in-public.
 2026-04-18 10:05:31 +09:00
YeonGyu-Kim
16244cec34 ROADMAP #109: config validation warnings stderr-only; structured ConfigDiagnostic flattened to prose, JSON-invisible 
Dogfooded 2026-04-18 on main HEAD 21b2773 from /tmp/cdDD.

Validator produces structured diagnostics but loader discards
them after stderr eprintln:

  config_validate.rs:19-66 ConfigDiagnostic {path, field, line,
    kind: UnknownKey|WrongType|Deprecated}
  config_validate.rs:313-322 DEPRECATED_FIELDS: permissionMode,
    enabledPlugins
  config_validate.rs:451 emits DiagnosticKind::Deprecated
  config.rs:285-300 ConfigLoader::load:
    if !validation.is_ok() {
        return Err(validation.errors[0].to_string())  // ERRORS propagate
    }
    all_warnings.extend(validation.warnings);
    for warning in &all_warnings {
        eprintln!('warning: {warning}');             // WARNINGS stderr only
    }

RuntimeConfig has no warnings field. No accessor. No route from
validator structured data to doctor/status JSON envelope.

Concrete:
  .claw.json with enabledPlugins:{foo:true}
    → config check: {status: 'ok', summary: 'runtime config
      loaded successfully'}
    → stderr: 'warning: field enabledPlugins is deprecated'
    → claw with 2>/dev/null loses the warning entirely

Errors DO propagate correctly:
  .claw.json with 'permisions' (typo)
    → config check: {status: 'fail', summary: 'unknown key
      permisions... Did you mean permissions?'}

Warning→stderr, Error→JSON asymmetry: a claw reading JSON can
see errors structurally but can't see warnings at all. Silent
migration drift: legacy claude-code 'permissionMode' key still
works, warning lost, operator never sees 'use permissions.
defaultMode' guidance unless they notice stderr.

Fix shape (~85 lines, all additive):
- add warnings: Vec<ConfigDiagnostic> field to RuntimeConfig
- populate from all_warnings, keep eprintln for human ops
- add ConfigDiagnostic::to_json_value emitting
  {path, field, line, kind, message, replacement?}
- check_config_health: status='warn' + warnings[] JSON when
  non-empty
- surface in status JSON (config_warnings[] or top-level
  warnings[])
- surface in /config slash-command output
- regression tests per deprecated field + aggregation + no-warn

Joins truth-audit (#80-#87, #89, #100, #102, #103, #105, #107)
— doctor says 'ok' while validator flagged deprecations. Joins
unplumbed-subsystem (#78, #96, #100, #102, #103, #107) — 7th
surface. Joins Claude Code migration parity (#103) —
permissionMode legacy path is stderr-only.

Natural bundles:
  #100 + #102 + #103 + #107 + #109 — 5-way doctor-surface
    coverage plus structured warnings (doctor stops lying PR)
  #107 + #109 — stderr-only-prose-warning sweep (hook events +
    config warnings = same plumbing pattern)

Filed in response to Clawhip pinpoint nudge 1494857528335532174
in #clawcode-building-in-public.
 2026-04-18 09:34:05 +09:00
YeonGyu-Kim
21b2773233 ROADMAP #108: subcommand typos silently fall through to LLM prompt dispatch, burning billed tokens 
Dogfooded 2026-04-18 on main HEAD 91c79ba from /tmp/cdCC.

Unrecognized first-positional tokens fall through the
_other => Ok(CliAction::Prompt { ... }) arm at main.rs:707.
Per --help this is 'Shorthand non-interactive prompt mode' —
documented behavior — but it eats known-subcommand typos too:

  claw doctorr    → Prompt("doctorr") → LLM API call
  claw skilsl     → Prompt("skilsl") → LLM API call
  claw statuss    → Prompt("statuss") → LLM API call
  claw deply      → Prompt("deply") → LLM API call

With credentials set, each burns real tokens. Without creds,
returns 'missing Anthropic credentials' — indistinguishable
from a legitimate prompt failure. No 'did you mean' suggestion.

Infrastructure exists:
  slash command typos:
    claw --resume s /skilsl
    → 'Unknown slash command: /skilsl. Did you mean /skill, /skills'
  flag typos:
    claw --fake-flag
    → structured error 'unknown option: --fake-flag'
  subcommand typos:
    → silently become LLM prompts

The did-you-mean helper exists for slash commands. Flag
validation exists. Only subcommand dispatch has the silent-
fallthrough.

Fix shape (~60 lines):
- suggest_similar_subcommand(token) using levenshtein ≤ 2
  against the ~16-item known-subcommand list
- gate the Prompt fallthrough on a shape heuristic:
  single-token + near-match → return structured error with
  did-you-mean. Otherwise fall through unchanged.
- preserve shorthand-prompt mode for multi-word inputs,
  quoted inputs, and non-near-match tokens
- regression tests per typo shape + legit prompt + quoted
  workaround

Cross-claw orchestration hazard: claws constructing subcommand
names from config or other claws' output have a latent 'typo →
live LLM call' vector. Over CI matrix with 1% typo rate, that's
billed-token waste + structural signal loss (error handler
can't distinguish typo from legit prompt failure).

Joins silent-flag cluster (#96-#101, #104) on subcommand axis —
6th instance of 'malformed input silently produces unintended
behavior.' Joins parallel-entry-point asymmetry (#91, #101,
#104, #105) — slash vs subcommand disagree on typo handling.

Natural bundles: #96 + #98 + #108 (--help/dispatch surface
hygiene triangle), #91 + #101 + #104 + #105 + #108 (parallel-
entry-point 5-way).

Filed in response to Clawhip pinpoint nudge 1494849975530815590
in #clawcode-building-in-public.
 2026-04-18 09:05:32 +09:00
YeonGyu-Kim
91c79baf20 ROADMAP #107: hooks subsystem fully invisible to JSON diagnostic surfaces; doctor no hook check, /hooks is stub, progress events stderr-only 
Dogfooded 2026-04-18 on main HEAD a436f9e from /tmp/cdBB.

Complete hook invisibility across JSON diagnostic surfaces:

1. doctor: no check_hooks_health function exists. check_config_health
   emits 'Config files loaded N/M, MCP servers N, Discovered file X'
   — NO hook count, no hook event breakdown, no hook health.
   .claw.json with 3 hooks (including /does/not/exist and
   curl-pipe-sh remote-exec payload) → doctor: ok, has_failures: false.

2. /hooks list: in STUB_COMMANDS (main.rs:7272) → returns 'not yet
   implemented in this build'. Parallel /mcp list / /agents list /
   /skills list work fine. /hooks has no sibling.

3. /config hooks: reports loaded_files and merged_keys but NOT
   hook bodies, NOT hook source files, NOT per-event breakdown.

4. Hook progress events route to eprintln! as prose:
   CliHookProgressReporter (main.rs:6660-6695) emits
   '[hook PreToolUse] tool_name: command' to stderr unconditionally.
   NEVER into --output-format json. A claw piping stderr to
   /dev/null (common in pipelines) loses all hook visibility.

5. parse_optional_hooks_config_object (config.rs:766) accepts any
   non-empty string. No fs::metadata() check, no which() check,
   no shell-syntax sanity check.

6. shell_command (hooks.rs:739-754) runs 'sh -lc <command>' with
   full shell expansion — env vars, globs, pipes, , remote
   curl pipes.

Compounds with #106: downstream .claw/settings.local.json can
silently replace the entire upstream hook array via the
deep_merge_objects replace-semantic. A team-level audit hook in
~/.claw/settings.json is erasable and replaceable by an
attacker-controlled hook with zero visibility anywhere
machine-readable.

Fix shape (~220 lines, all additive):
- check_hooks_health doctor check (like #102's check_mcp_health)
- status JSON exposes {pre_tool_use, post_tool_use,
  post_tool_use_failure} with source-file provenance
- implement /hooks list (remove from STUB_COMMANDS)
- route HookProgressEvent into JSON turn-summary as hook_events[]
- validate hook commands at config-load, classify execution_kind
- regression tests

Joins truth-audit (#80-#87, #89, #100, #102, #103, #105) — doctor
lies when hooks are broken or hostile. Joins unplumbed-subsystem
(#78, #96, #100, #102, #103) — HookProgressEvent exists,
JSON-invisible. Joins subsystem-doctor-coverage (#100, #102, #103)
as fourth opaque subsystem. Cross-cluster with permission-audit
(#94, #97, #101, #106) because hooks ARE a permission mechanism.

Natural bundle: #102 + #103 + #107 (subsystem-doctor-coverage
3-way becomes 4-way). Plus #106 + #107 (policy-erasure + policy-
visibility = complete hook-security story).

Filed in response to Clawhip pinpoint nudge 1494834879127486544
in #clawcode-building-in-public.
 2026-04-18 08:05:20 +09:00
YeonGyu-Kim
a436f9e2d6 ROADMAP #106: config merge deep_merge_objects REPLACES arrays; permission deny rules can be silently erased by downstream config layer 
Dogfooded 2026-04-18 on main HEAD 71e7729 from /tmp/cdAA.

deep_merge_objects at config.rs:1216-1230 recurses into nested
objects but REPLACES arrays. So:
  ~/.claw/settings.json: {"permissions":{"deny":["Bash(rm *)"]}}
  .claw.json:             {"permissions":{"deny":["Bash(sudo *)"]}}
  Merged:                 {"permissions":{"deny":["Bash(sudo *)"]}}

User's Bash(rm *) deny rule SILENTLY LOST. No warning. doctor: ok.

Worst case:
  ~/.claw/settings.json:       {deny: [...strict list...]}
  .claw/settings.local.json:   {deny: []}
  Merged:                       {deny: []}
Every deny rule from every upstream layer silently removed by a
workspace-local file. Any team/org security policy distributed
via user-home config is trivially erasable.

Arrays affected:
  permissions.allow/deny/ask
  hooks.PreToolUse/PostToolUse/PostToolUseFailure
  plugins.externalDirectories

MCP servers are merged BY-KEY (merge_mcp_servers at :709) so
distinct server names across layers coexist. Author chose
merge-by-key for MCP but not for policy arrays. Design is
internally inconsistent.

extend_unique + push_unique helpers EXIST at :1232-1244 that do
union-merge with dedup. They are not called on the config-merge
axis for any policy array.

Fix shape (~100 lines):
- union-merge permissions.allow/deny/ask via extend_unique
- union-merge hooks.* arrays
- union-merge plugins.externalDirectories
- explicit replace-semantic opt-in via 'deny!' sentinel or
  'permissions.replace: [...]' form (opt-in, not default)
- doctor surfaces policy provenance per rule (also helps #94)
- emit warning when replace-sentinel is used
- regression tests for union + explicit replace + multi-layer

Joins permission-audit sweep as 4-way composition-axis finding
(#94, #97, #101, #106). Joins truth-audit (doctor says 'ok'
while silently deleted every deny rule).

Natural bundle: #94 + #106 (rule validation + rule composition).
Plus #91 + #94 + #97 + #101 + #106 as 5-way policy-surface-audit.

Filed in response to Clawhip pinpoint nudge 1494827325085454407
in #clawcode-building-in-public.
 2026-04-18 07:33:47 +09:00
YeonGyu-Kim
71e77290b9 ROADMAP #105: claw status ignores .claw.json model, doctor mislabels alias as Resolved, 4 surfaces disagree 
Dogfooded 2026-04-18 on main HEAD 6580903 from /tmp/cdZ.

.claw.json with {"model":"haiku"} produces:
  claw status → model: 'claude-opus-4-6' (DEFAULT_MODEL, config ignored)
  claw doctor → 'Resolved model    haiku' (raw alias, label lies)
  turn dispatch → claude-haiku-4-5-20251213 (actually-resolved canonical)
  ANTHROPIC_MODEL=sonnet → status still says claude-opus-4-6

FOUR separate understandings of 'active model':
  1. config file (alias as written)
  2. doctor (alias mislabeled as 'Resolved')
  3. status (hardcoded DEFAULT_MODEL ignoring config entirely)
  4. turn dispatch (canonical, alias-resolved, what turns actually use)

Trace:
  main.rs:59  DEFAULT_MODEL const = claude-opus-4-6
  main.rs:400 parse_args starts model = DEFAULT_MODEL
  main.rs:753 Status dispatch: model.to_string() — never calls
      resolve_repl_model, never reads config or env
  main.rs:1125 resolve_repl_model: source of truth for actual
      model, consults ANTHROPIC_MODEL env + config + alias table.
      Called from Prompt and Repl dispatch. NOT from Status.
  main.rs:1701 check_config_health: 'Resolved model {model}'
      where model is raw configured string, not resolved.
      Label says Resolved, value is pre-resolution alias.

Orchestration hazard: a claw picks tool strategy based on
status.model assuming it reflects what turns will use. Status
lies: always reports DEFAULT_MODEL unless --model flag was
passed. Config and env var completely ignored by status.

Fix shape (~30 lines):
- call resolve_repl_model from print_status_snapshot
- add effective_model field to status JSON (or rename/enrich)
- fix doctor 'Resolved model' label (either rename to 'Configured'
  or actually alias-resolve before emitting)
- honor ANTHROPIC_MODEL env in status
- regression tests per model source with cross-surface equality

Joins truth-audit (#80-#84, #86, #87, #89, #100, #102, #103).
Joins two-paths-diverge (#91, #101, #104) — now 4-way with #105.
Joins doctor-surface-coverage triangle (#100 + #102 + #105).

Filed in response to Clawhip pinpoint nudge 1494819785676947543
in #clawcode-building-in-public.
 2026-04-18 07:08:25 +09:00
YeonGyu-Kim
6580903d20 ROADMAP #104: /export and claw export are two paths with incompatible filename semantics; slash silently .txt-rewrites 
Dogfooded 2026-04-18 on main HEAD 7447232 from /tmp/cdY.

Two-path-diverge problem:

A. /export slash command (resolve_export_path at main.rs:5990-6010):
   - If extension != 'txt', silently appends '.txt'
   - /export foo.md → writes foo.md.txt
   - /export report.json → writes report.json.txt
   - cwd.join(relative_path_with_dotdot) resolves outside cwd
   - No path-traversal rejection

B. claw export CLI (run_export at main.rs:6021-6055):
   - fs::write(path, &markdown) directly, no suffix munging
   - /tmp/cli-export.md → writes /tmp/cli-export.md
   - Also no path-traversal check, absolute paths write wherever

Same logical action, incompatible output contracts. A claw that
switches between /export and claw export sees different output
filenames for the same input.

Compounded:
- Content is Markdown (render_session_markdown emits '# Conversation
  Export', '## 1. User', fenced code blocks) but slash path forces
  .txt extension → content/extension mismatch. File-routing
  pipelines (archival by extension, syntax highlight, preview)
  misclassify.
- --help says just '/export [file]'. No mention of .txt forcing,
  no mention of path-resolution semantics.
- Claw pipelines that glob *.md won't find /export outputs.

Trace:
  main.rs:5990 resolve_export_path: extension check + conditional
    .txt append
  main.rs:6021 run_export: fs::write direct, no path munging
  main.rs:5975 default_export_filename: hardcodes .txt fallback
  Content renderer is Markdown (render_session_markdown:6075)

Fix shape (~70 lines):
- unify both paths via shared export_session_to_path helper
- respect caller's extension (pick renderer by extension or
  accept that content is Markdown and name accordingly)
- path-traversal policy decision: restrict to project root or
  allow-with-warning
- --help: document suffix preservation + path semantics
- regression tests for extension preservation + dotdot rejection

Joins silent-flag cluster (#96-#101) on silent-rewrite axis.
New two-paths-diverge sub-cluster: #91 (permission-mode parser
disagree) + #101 (CLI vs env asymmetry) + #104 (slash vs CLI
export asymmetry) — three instances of parallel entry points
doing subtly different things.

Natural bundles: #91 + #101 + #104 (two-paths-diverge trio),
#96 + #98 + #99 + #101 + #104 (silent-rewrite-or-noop quintet).

Filed in response to Clawhip pinpoint nudge 1494812230372294849
in #clawcode-building-in-public.
 2026-04-18 06:34:38 +09:00
YeonGyu-Kim
7447232688 ROADMAP #103: claw agents silently drops every non-.toml file; claude-code convention .md files ignored, no content validation 
Dogfooded 2026-04-18 on main HEAD 6a16f08 from /tmp/cdX.

Two-part gap on agent subsystem:

1. File-format gate silently discards .md (YAML frontmatter):
   commands/src/lib.rs:3180-3220 load_agents_from_roots filters
   extension() != 'toml' and silently continues. No log, no warn.
   .claw/agents/foo.md → agents list count: 0, doctor: ok.
   Same file renamed to .toml → discovered instantly.

2. No content validation inside accepted .toml:
   model='nonexistent/model-that-does-not-exist' → accepted.
   tools=['DoesNotExist', 'AlsoFake'] → accepted.
   reasoning_effort string → unvalidated.
   No check against model registry, tool registry, or
   reasoning-effort enum — all machinery exists elsewhere
   (#97 validates tools for --allowedTools flag).

Compounded:
- agents help JSON lists sources but NOT accepted file formats.
  Operators have zero documentation-surface way to diagnose
  'why does my .md file not work?'
- Doctor check set has no agents check. 3 files present with
  1 silently skipped → summary: 'ok'.
- Skills use .md (SKILL.md). MCP uses .json (.claw.json).
  Agents uses .toml. Three subsystems, three formats, no
  cross-subsystem consistency or documentation.
- Claude Code convention is .md with YAML frontmatter.
  Migrating operators copy that and silently fail.

Fix shape (~100 lines):
- accept .md with YAML frontmatter via existing
  parse_skill_frontmatter helper
- validate model/tools/reasoning_effort against existing
  registries; emit status: 'invalid' + validation_errors
  instead of silently accepting
- agents list summary.skipped: [{path, reason}]
- add agents doctor check (total/active/skipped/invalid)
- agents help: accepted_formats list

Joins truth-audit (#80-#84, #86, #87, #89, #100, #102) on
silent-ok-while-ignoring axis. Joins silent-flag (#96-#101) at
subsystem scale. Joins unplumbed-subsystem (#78, #96, #100,
#102) as 5th unreachable surface: load_agents_from_roots
present, parse_skill_frontmatter present, validation helpers
present, agents path calls none of them.

Also opens new 'Claude Code migration parity' cross-cluster:
claw-code silently breaks the expected convention migration
path for a first-class subsystem.

Natural bundles: #102 + #103 (subsystem-doctor-coverage),
#78 + #96 + #100 + #102 + #103 (unplumbed-surface quintet).

Filed in response to Clawhip pinpoint nudge 1494804679962661187
in #clawcode-building-in-public.
 2026-04-18 06:03:22 +09:00
YeonGyu-Kim
6a16f0824d ROADMAP #102: mcp list/show/doctor surface MCP config-time only; no preflight, no liveness, not even command-exists check 
Dogfooded 2026-04-18 on main HEAD eabd257 from /tmp/cdW2.

A .claw.json pointing at command='/does/not/exist' as an MCP server
cheerfully reports:
  mcp show unreachable → found: true
  mcp list → configured_servers: 1, status field absent
  doctor → config: ok, MCP servers: 1, has_failures: false

The broken server is invisible until agent tries to call a tool
from it mid-turn — burning tokens on failed tool call and forcing
retry loop.

Trace:
  main.rs:1701-1780 check_config_health counts via
    runtime_config.mcp().servers().len()
    No which(). No TcpStream::connect(). No filesystem touch.
  render_doctor_report has 6 checks (auth/config/install_source/
    workspace/sandbox/system). No check_mcp_health exists.
  commands/src/lib.rs mcp list/show emit config-side repr only.
    No status field, no reachable field, no startup_state.
  runtime/mcp_stdio.rs HAS startup machinery with error types,
    but only invoked at turn-execution time — too late for
    preflight.

Roadmap prescribes this exact surface:
  - Phase 1 §3.5 Boot preflight / doctor contract explicitly lists
    'MCP config presence and server reachability expectations'
  - Phase 2 §4 canonical lane event schema includes lane.ready
  - Phase 4.4.4 event provenance / environment labeling
  - Product Principle #5 'Partial success is first-class' —
    'MCP startup can succeed for some servers and fail for
    others, with structured degraded-mode reporting'

All four unimplementable without preflight + per-server status.

Fix shape (~110 lines):
- check_mcp_health: which(command) for stdio, 1s TcpStream
  connect for http/sse. Aggregate ok/warn/fail with per-server
  detail lines.
- mcp list/show: add status field
  (configured/resolved/command_not_found/connect_refused/
  startup_failed). --probe flag for deeper handshake.
- doctor top-level: degraded_mode: bool, startup_summary.
- Wire preflight into prompt/repl bootstrap; emit one-time
  mcp_preflight event.

Joins unplumbed-subsystem cross-cluster (#78, #100, #102) —
subsystem exists, diagnostic surface JSON-invisible. Joins
truth-audit (#80-#84, #86, #87, #89, #100) — doctor: ok lies
when MCP broken.

Natural bundle: #78 + #96 + #100 + #102 unplumbed-surface
quartet. Also #100 + #102 as pure doctor-surface-coverage 2-way.

Filed in response to Clawhip pinpoint nudge 1494797126041862285
in #clawcode-building-in-public.
 2026-04-18 05:34:30 +09:00
YeonGyu-Kim
eabd257968 ROADMAP #101: RUSTY_CLAUDE_PERMISSION_MODE env var silently fails OPEN to danger-full-access on any invalid value 
Dogfooded 2026-04-18 on main HEAD d63d58f from /tmp/cdV.

Qualitatively worse than #96-#100 silent-flag class because this
is fail-OPEN, not fail-inert: operator intent 'restrict this lane'
silently becomes 'full access.'

Tested matrix:
  VALID → correct mode:
    read-only            → read-only
    workspace-write      → workspace-write
    danger-full-access   → danger-full-access
    ' read-only '        → read-only (trim works)

  INVALID → silent danger-full-access:
    ''                   → danger-full-access
    'readonly'           → danger-full-access (typo: missing hyphen)
    'read_only'          → danger-full-access (typo: underscore)
    'READ-ONLY'          → danger-full-access (case)
    'ReadOnly'           → danger-full-access (case)
    'dontAsk'            → danger-full-access (config alias not recognized by env parser, but ultimate default happens to be dfa)
    'garbage'            → danger-full-access (pure garbage)
    'readonly\n'         → danger-full-access

CLI asymmetry: --permission-mode readonly → loud structured error.
Same misspelling, same input, opposite outcomes via env vs CLI.

Trace:
  main.rs:1099-1107 default_permission_mode:
    env::var(...).ok().and_then(normalize_permission_mode)
    .or_else(config...).unwrap_or(DangerFullAccess)
  → .and_then drops error context on invalid;
    .unwrap_or fail-OPEN to most permissive mode

  main.rs:5455-5462 normalize_permission_mode accepts 3 canonical;
  runtime/config.rs:855-863 parse_permission_mode_label accepts 7
  including config aliases (default/plan/acceptEdits/auto/dontAsk).
  Two parsers, disagree on accepted set, no shared source of truth.

Plus: env var RUSTY_CLAUDE_PERMISSION_MODE is UNDOCUMENTED.
grep of README/docs/help returns zero hits.

Fix shape (~60 lines total):
- rewrite default_permission_mode to surface invalid values via Result
- share ONE parser across CLI/config/env (extract from config.rs:855)
- decide broad (7 aliases) vs narrow (3 canonical) accepted set
- document the env var in --help Environment section
- add doctor check surfacing permission_mode.source attribution
- optional: rename to CLAW_PERMISSION_MODE with deprecation alias

Joins permission-audit sweep (#50/#87/#91/#94/#97/#101) on the env
axis. Completes the three-way input-surface audit: CLI + config +
env. Cross-cluster with silent-flag #96-#100 (worse variant: fail-OPEN)
and truth-audit (#80-#87, #89, #100) (operator can't verify source).

Natural 6-way bundle: #50 + #87 + #91 + #94 + #97 + #101 closes the
entire permission-input attack surface in one pass.

Filed in response to Clawhip pinpoint nudge 1494789577687437373
in #clawcode-building-in-public.
 2026-04-18 05:04:28 +09:00
YeonGyu-Kim
d63d58f3d0 ROADMAP #100: claw status/doctor JSON expose no commit identity; stale-base subsystem unplumbed 
Dogfooded 2026-04-18 on main HEAD 63a0d30 from /tmp/cdU + /tmp/cdO*.

Three-fold gap:
1. status/doctor JSON workspace object has 13 fields; none of them
   contain: head_sha, head_short_sha, expected_base, base_source,
   stale_base_state, upstream, ahead, behind, merge_base, is_detached,
   is_bare, is_worktree. A claw cannot answer 'is this lane at the
   expected base?' from the JSON surface alone.

2. --base-commit flag is silently accepted by status/doctor/sandbox/
   init/export/mcp/skills/agents and silently dropped on dispatch.
   Same silent-no-op class as #98. A claw running
   'claw --base-commit $expected status' gets zero effect — flag
   parses into a local, discharged at dispatch.

3. runtime::stale_base subsystem is FULLY implemented with 30+ tests
   (BaseCommitState, BaseCommitSource, resolve_expected_base,
   read_claw_base_file, check_base_commit, format_stale_base_warning).
   run_stale_base_preflight at main.rs:3058 calls it from Prompt/Repl
   only, writes output to stderr as human prose. .claw-base file is
   honored internally but invisible to status/doctor JSON. Complete
   implementation, wrong dispatch points.

Plus: detached HEAD reported as magic string 'git_branch: "detached HEAD"'
without accompanying SHA. Bare repo/worktree/submodule indistinguishable
from regular repo in JSON. parse_git_status_branch has latent dot-split
truncation bug on branch names like 'feat.ui' with upstream.

Hits roadmap Product Principle #4 (Branch freshness before blame) and
Phase 2 §4.2 (branch.stale_against_main event) directly — both
unimplementable without commit identity in the JSON surface.

Fix shape (~80 lines plumbing):
- add head_sha/head_short_sha/is_detached/head_ref/is_bare/is_worktree
- add base_commit: {source, expected, state}
- add upstream: {ref, ahead, behind, merge_base}
- wire --base-commit into CliAction::Status + CliAction::Doctor
- add stale_base doctor check
- fix parse_git_status_branch dot-split at :2541

Cross-cluster: truth-audit/diagnostic-integrity (#80-#87, #89) +
silent-flag (#96-#99) + unplumbed-subsystem (#78). Natural bundles:
#89+#100 (git-state completeness) and #78+#96+#100 (unplumbed surface).

Milestone: ROADMAP #100.

Filed in response to Clawhip pinpoint nudge 1494782026660712672
in #clawcode-building-in-public.
 2026-04-18 04:36:47 +09:00
YeonGyu-Kim
63a0d30f57 ROADMAP #99: claw system-prompt --cwd/--date unvalidated, prompt-injection via newline 
Dogfooded 2026-04-18 on main HEAD 0e263be from /tmp/cdN.

parse_system_prompt_args at main.rs:1162-1190 does:
  cwd = PathBuf::from(value);
  date.clone_from(value);

Zero validation. Both values flow through to
SystemPromptBuilder::render_env_context (prompt.rs:175-186) and
render_project_context (prompt.rs:289-293) where they are formatted
into the system prompt output verbatim via format!().

Two injection points per value:
  - # Environment context
    - 'Working directory: {cwd}'
    - 'Date: {date}'
  - # Project context
    - 'Working directory: {cwd}'
    - 'Today's date is {date}.'

Demonstrated attacks:
  --date 'not-a-date'     → accepted
  --date '9999-99-99'     → accepted
  --date '1900-01-01'     → accepted
  --date "2025-01-01'; DROP TABLE users;--" → accepted verbatim
  --date $'2025-01-01\nMALICIOUS: ignore all previous rules'
    → newline breaks out of bullet into standalone system-prompt
      instruction line that the LLM will read as separate guidance

  --cwd '/does/not/exist'  → silently accepted, rendered verbatim
  --cwd ''                 → empty 'Working directory: ' line
  --cwd $'/tmp\nMALICIOUS: pwn' → newline injection same pattern

--help documents format as '[--cwd PATH] [--date YYYY-MM-DD]'.
Parser enforces neither. Same class as #96 / #98 — documented
constraint, unenforced at parse boundary.

Severity note: most severe of the #96/#97/#98/#99 silent-flag
class because the failure mode is prompt injection, not a silent
feature no-op. A claw or CI pipeline piping tainted
$REPO_PATH / $USER_INPUT into claw system-prompt is a
vector for LLM manipulation.

Fix shape:
  1. parse --date as chrono::NaiveDate::parse_from_str(value, '%Y-%m-%d')
  2. validate --cwd via std::fs::canonicalize(value)
  3. defense-in-depth: debug_assert no-newlines at render boundary
  4. regression tests for each rejected case

Cross-cluster: sibling of #83 (system-prompt date = build date)
and #84 (dump-manifests bakes abs path) — all three are about
the system-prompt / manifest surface trusting compile-time or
operator-supplied values that should be validated.

Filed in response to Clawhip pinpoint nudge 1494774477009981502
in #clawcode-building-in-public.
 2026-04-18 04:03:29 +09:00
YeonGyu-Kim
0e263bee42 ROADMAP #98: --compact silently ignored in 9 dispatch paths + stdin-piped Prompt hardcodes compact=false 
Dogfooded 2026-04-18 on main HEAD 7a172a2 from /tmp/cdM.

--help at main.rs:8251 documents --compact as 'text mode only;
useful for piping.' The implementation knows the constraint but
never enforces it at the parse boundary — the flag is silently
dropped in every non-{Prompt+Text} dispatch path:

1. --output-format json prompt: run_turn_with_output (:3807-3817)
   has no CliOutputFormat::Json if compact arm; JSON branch
   ignores compact entirely
2. status/sandbox/doctor/init/export/mcp/skills/agents: those
   CliAction variants have no compact field at all; parse_args
   parses --compact into a local bool and then discharges it
   with nowhere to go on dispatch
3. claw --compact with piped stdin: the stdin fallthrough at
   main.rs:614 hardcodes compact: false regardless of the
   user-supplied --compact — actively overriding operator intent

No error, no warning, no diagnostic. A claw using
claw --compact --output-format json '...' to pipe-friendly output
gets full verbose JSON silently.

Fix shape:
- reject --compact + --output-format json at parse time (~5 lines)
- reject --compact on non-Prompt subcommands with a named error
  (~15 lines)
- honor --compact in stdin-piped Prompt fallthrough: change
  compact: false to compact at :614 (1 line)
- optionally add CliOutputFormat::Json if compact arm if
  compact-JSON is desirable

Joins silent-flag no-op class with #96 (Resume-safe leak) and
#97 (silent-empty allow-set). Natural bundle #96+#97+#98 covers
the --help/flag-validation hygiene triangle.

Filed in response to Clawhip pinpoint nudge 1494766926826700921
in #clawcode-building-in-public.
 2026-04-18 03:32:57 +09:00
YeonGyu-Kim
7a172a2534 ROADMAP #97: --allowedTools empty-string silently blocks all tools, no observable signal 
Dogfooded 2026-04-18 on main HEAD 3ab920a from /tmp/cdL.

Silent vs loud asymmetry for equivalent mis-input at the
tool-allow-list knob:
- `--allowedTools "nonsense"` → loud structured error naming
  every valid tool (works as intended)
- `--allowedTools ""` (shell-expansion failure, $TOOLS expanded
  empty) → silent Ok(Some(BTreeSet::new())) → all tools blocked
- `--allowedTools ",,"` → same silent empty set
- `.claw.json` with `allowedTools` → fails config load with
  'unknown key allowedTools' — config-file surface locked out,
  CLI flag is the only knob, and the CLI flag has the footgun

Trace: tools/src/lib.rs:192-248 normalize_allowed_tools. Input
values=[""] is NOT empty (len=1) so the early None guard at
main.rs:1048 skips. Inner split/filter on empty-only tokens
produces zero elements; the error-producing branch never runs.
Returns Ok(Some(empty)), which downstream filter treats as
'allow zero tools' instead of 'allow all tools.'

No observable recovery: status JSON exposes kind/model/
permission_mode/sandbox/usage/workspace but no allowed_tools
field. doctor check set has no tool_restrictions category. A
lane that silently restricted itself to zero tools gets no
signal until an actual tool call fails at runtime.

Fix shape: reject empty-token input at parse time with a clear
error. Add explicit --allowedTools none opt-in if zero-tool
lanes are desirable. Surface active allow-set in status JSON
and as a doctor check. Consider supporting allowedTools in
.claw.json or improving its rejection message.

Joins permission-audit sweep (#50/#87/#91/#94) on the
tool-allow-list axis. Sibling of #86 on the truth-audit side:
both are 'misconfigured claws have no observable signal.'

Filed in response to Clawhip pinpoint nudge 1494759381068419115
in #clawcode-building-in-public.
 2026-04-18 03:04:08 +09:00
YeonGyu-Kim
3ab920ac30 ROADMAP #96: claw --help Resume-safe summary leaks 62 STUB_COMMANDS entries 
Dogfooded 2026-04-18 on main HEAD 8db8e49 from /tmp/cdK. Partial
regression of ROADMAP #39 / #54 at the help-output layer.

'claw --help' emits two separate slash-command enumerations:
(1) Interactive slash commands block -- correctly filtered via
    render_slash_command_help_filtered(STUB_COMMANDS) at main.rs:8268
(2) Resume-safe commands one-liner -- UNFILTERED, emits every entry
    from resume_supported_slash_commands() at main.rs:8270-8278

Programmatic cross-check: intersect the Resume-safe listing with
STUB_COMMANDS (60+ entries at main.rs:7240-7320) returns 62
overlaps: budget, rate-limit, metrics, diagnostics, workspace,
reasoning, changelog, bookmarks, allowed-tools, tool-details,
language, max-tokens, temperature, system-prompt, output-style,
privacy-settings, keybindings, thinkback, insights, stickers,
advisor, brief, summary, vim, and more. All advertised as
resume-safe; all produce 'Did you mean /X' stub-guard errors when
actually invoked in resume mode.

Fix shape: one-line filter at main.rs:8270 adding
.filter(|spec| !STUB_COMMANDS.contains(&spec.name)) or extract
shared helper resume_supported_slash_commands_filtered. Add
regression test parallel to stub_commands_absent_from_repl_
completions that parses the Resume-safe line and asserts no entry
matches STUB_COMMANDS.

Filed in response to Clawhip pinpoint nudge 1494751832399024178 in
#clawcode-building-in-public.
 2026-04-18 02:35:06 +09:00
YeonGyu-Kim
8db8e4902b ROADMAP #95: skills install is user-scope only, no uninstall, leaks across workspaces 
Dogfooded 2026-04-18 on main HEAD b7539e6 from /tmp/cdJ. Three
stacked gaps on the skill-install surface:

(1) User-scope only install. default_skill_install_root at
    commands/src/lib.rs returns CLAW_CONFIG_HOME/skills ->
    CODEX_HOME/skills -> HOME/.claw/skills -- all user-level. No
    project-scope code path. Installing from workspace A writes to
    ~/.claw/skills/X and makes X active:true in every other
    workspace with source.id=user_claw.

(2) No uninstall. claw --help enumerates /skills
    [list|install|help|<skill>] -- no uninstall. 'claw skills
    uninstall X' falls through to prompt-dispatch. REPL /skill is
    identical. Removing a bad skill requires manual rm -rf on the
    installed path parsed out of install receipt output.

(3) No scope signal. Install receipt shows 'Registry
    /Users/yeongyu/.claw/skills' but the operator is never asked
    project vs user, and JSON receipt does not distinguish install
    scope.

Doubly compounds with #85 (skill discovery ancestor walk): an
attacker who can write under an ancestor OR can trick the operator
into one bad 'skills install' lands a skill in the user-level
registry that's active in every future claw invocation.

Runs contrary to the project/user/local three-tier scope settings
already use (User / Project / Local via ConfigSource). Skills
collapse all three onto User at install time.

Fix shape (~60 lines): --scope user|project|local flag on skills
install (no default in --output-format json mode, prompt
interactively); claw skills uninstall + /skills uninstall
slash-command; installed_path per skill record in --output-format
json skills output.

Filed in response to Clawhip pinpoint nudge 1494744278423961742 in
#clawcode-building-in-public.
 2026-04-18 02:03:10 +09:00
YeonGyu-Kim
b7539e679e ROADMAP #94: permission rules accept typos, case-sensitive match disagrees with ecosystem convention, invisible in all diagnostic surfaces 
Dogfooded 2026-04-18 on main HEAD 7f76e6b from /tmp/cdI. Three
stacked failures on the permission-rule surface:

(1) Typo tolerance. parse_optional_permission_rules at
    runtime/src/config.rs:780-798 is just optional_string_array with
    no per-entry validation. Typo rules like 'Reed', 'Bsh(echo:*)',
    'WebFech' load silently; doctor reports config: ok.

(2) Case-sensitive match against lowercase runtime names.
    PermissionRule::matches does self.tool_name != tool_name strict
    compare. Runtime registers tools lowercase (bash).
    Claude Code convention / MCP docs use capitalized (Bash). So
    'deny: ["Bash(rm:*)"]' never fires because tool_name='bash' !=
    rule.tool_name='Bash'. Cross-harness config portability fails
    open, not closed.

(3) Loaded rules invisible. status JSON has no permission_rules
    field. doctor has no rules check. A clawhip preflight asking
    'does this lane actually deny Bash(rm:*)?' has no
    machine-readable answer; has to re-parse .claw.json and
    re-implement parse semantics.

Contrast: --allowedTools CLI flag HAS tool-name validation with a
50+ tool registry. The same registry is not consulted when parsing
permissions.allow/deny/ask. Asymmetric validation, same shape as
#91 (config accepts more permission-mode labels than CLI).

Fix shape (~30-45 lines): validate rule tool names against the
same registry --allowedTools uses; case-fold tool_name compare in
PermissionRule::matches; expose loaded rules in status/doctor JSON
with unknown_tool flag.

Filed in response to Clawhip pinpoint nudge 1494736729582862446 in
#clawcode-building-in-public.
 2026-04-18 01:34:15 +09:00
YeonGyu-Kim
7f76e6bbd6 ROADMAP #93: --resume reference heuristic forks silently; no workspace scoping 
Dogfooded 2026-04-18 on main HEAD bab66bb from /tmp/cdH.
SessionStore::resolve_reference at runtime/src/session_control.rs:
86-116 branches on a textual heuristic -- looks_like_path =
direct.extension().is_some() || direct.components().count() > 1.
Same-looking reference triggers two different code paths:

Repros:
- 'claw --resume session-123' -> managed store lookup (no extension,
  no slash) -> 'session not found: session-123'
- 'claw --resume session-123.jsonl' -> workspace-relative file path
  (extension triggers path branch) -> opens /cwd/session-123.jsonl,
  succeeds if present
- 'claw --resume /etc/passwd' -> absolute path opened verbatim,
  fails only because JSONL parse errors ('invalid JSONL record at
  line 1: unexpected character: #')
- 'claw --resume /etc/hosts' -> same; file is read, structural
  details (first char, line number) leak in error
- symlink inside .claw/sessions/<fp>/passwd-symlink.jsonl pointing
  at /etc/passwd -> claw --resume passwd-symlink follows it

Clawability impact: operators copying session ids from /session
list naturally try adding .jsonl and silently hit the wrong branch.
Orchestrators round-tripping session ids through --resume cannot
do any path normalization without flipping lookup modes. No
workspace scoping, so any readable file on disk is a valid target.
Symlinks inside managed path escape the workspace silently.

Fix shape (~15 lines minimum): canonicalize the resolved candidate
and assert prefix match with workspace_root before opening; return
OutsideWorkspace typed error otherwise. Optional cleanup: split
--resume <id> and --resume-file <path> into explicit shapes.

Filed in response to Clawhip pinpoint nudge 1494729188895359097 in
#clawcode-building-in-public.
 2026-04-18 01:04:37 +09:00
YeonGyu-Kim
bab66bb226 ROADMAP #92: MCP config does not expand ${VAR} or ~/ — standard configs fail silently 
Dogfooded 2026-04-18 on main HEAD d0de86e from /tmp/cdE. MCP
command, args, url, headers, headersHelper config fields are
loaded and passed to execve/URL-parse verbatim. No ${VAR}
interpolation, no ~/ home expansion, no preflight check, no doctor
warning.

Repros:
- {'command':'~/bin/my-server','args':['~/config/file.json']} ->
  execve('~/bin/my-server', ['~/config/file.json']) -> ENOENT at
  MCP connect time.
- {'command':'${HOME}/bin/my-server','args':['--tenant=${TENANT_ID}']}
  -> literal ${HOME}/bin/my-server handed to execve; literal
  ${TENANT_ID} passed to the server as tenant argument.
- {'headers':{'Authorization':'Bearer ${API_TOKEN}'}} -> literal
  string 'Bearer ${API_TOKEN}' sent as HTTP header.

Trace: parse_mcp_server_config in runtime/src/config.rs stores
strings raw; McpStdioProcess::spawn at mcp_stdio.rs:1150-1170 is
Command::new(&transport.command).args(&transport.args).spawn().
grep interpolate/expand_env/substitute/${ across runtime/src/
returns empty outside format-string literals.

Clawability impact: every public MCP server README uses ${VAR}/~/
in examples; copy-pasted configs load with doctor:ok and fail
opaquely at spawn with generic ENOENT that has lost the context
about why. Operators forced to hardcode secrets in .claw.json
(triggering #90) or wrap commands in shell scripts -- both worse
security postures than the ecosystem norm. Cross-harness round-trip
from Claude Code /.mcp.json breaks when interpolation is present.

Fix shape (~50 lines): config-load-time interpolation of ${VAR}
and leading ~/ in command/args/url/headers/headers_helper; missing-
variable warnings captured into ConfigLoader all_warnings; optional
{'config':{'expand_env':false}} toggle; mcp_config_interpolation
doctor check that flags literal ${ / ~/ remaining after substitution.

Filed in response to Clawhip pinpoint nudge 1494721628917989417 in
#clawcode-building-in-public.
 2026-04-18 00:35:44 +09:00
YeonGyu-Kim
d0de86e8bc ROADMAP #91: permission-mode parsers disagree; dontAsk silently means danger-full-access 
Dogfooded 2026-04-18 on main HEAD 478ba55 from /tmp/cdC. Two
permission-mode parsers disagree on valid labels:
- Config parse_permission_mode_label (runtime/src/config.rs:851-862)
  accepts 8 labels and collapses 5 aliases onto 3 canonical modes.
- CLI normalize_permission_mode (rusty-claude-cli/src/main.rs:5455-
  5461) accepts only the 3 canonical labels.

Same binary, same intent, opposite verdicts:
  .claw.json {"defaultMode":"plan"} -> silent ReadOnly + doctor ok
  --permission-mode plan -> rejected with 'unsupported permission mode'

Semantic collapses of note:
- 'default' -> ReadOnly (name says nothing about what default means)
- 'plan' -> ReadOnly (upstream plan-mode semantics don't exist in
  claw; ExitPlanMode tool exists but has no matching PermissionMode
  variant)
- 'acceptEdits'/'auto' -> WorkspaceWrite (ambiguous names)
- 'dontAsk' -> DangerFullAccess (FOOTGUN: sounds like 'quiet mode',
  actually the most permissive; community copy-paste bypasses every
  danger-keyword audit)

Status JSON exposes canonicalized permission_mode only; original
label lost. Claw reading status cannot distinguish 'plan' from
explicit 'read-only', or 'dontAsk' from explicit 'danger-full-access'.

Fix shape (~20-30 lines): align the two parsers to accept/reject
identical labels; add permission_mode_raw to status JSON (paired
with permission_mode_source from #87); either remove the 'dontAsk'
alias or trigger a doctor warn when raw='dontAsk'; optionally
introduce a real PermissionMode::Plan runtime variant.

Filed in response to Clawhip pinpoint nudge 1494714078965403848 in
#clawcode-building-in-public.
 2026-04-18 00:05:13 +09:00
YeonGyu-Kim
478ba55063 ROADMAP #90: claw mcp surface redacts env but dumps args/url/headersHelper 
Dogfooded 2026-04-17 on main HEAD 64b29f1 from /tmp/cdB. The MCP
details surface correctly redacts env -> env_keys and headers ->
header_keys (deliberate precedent for 'show config without secrets'),
but dumps args, url, and headersHelper verbatim even though all
three standardly carry inline credentials.

Repros:
(1) args leak: {'args':['--api-key','sk-secret-ABC123','--token=...',
    '--url=https://user:password@host/db']} appears unredacted in
    both details.args and the summary string.
(2) URL leak: 'url':'https://user:SECRET@api.example.com/mcp' and
    matching summary.
(3) headersHelper leak: helper command path + its secret-bearing
    argv emitted whole.

Trace: mcp_server_details_json at commands/src/lib.rs:3972-3999 is
the single redaction point. env/headers get key-only projection;
args/url/headers_helper carve-out with no explaining comment. Text
surface at :3873-3920 mirrors the same leak.

Clawability shape: mcp list --output-format json is exactly the
surface orchestrators scrape for preflight and that logs / Discord
announcements / claw export / CI artifacts will carry. Asymmetric
redaction sends the wrong signal -- consumers assume secret-aware,
the leak is unexpected and easy to miss. Standard MCP wiring
patterns (--api-key, postgres://user:pass@, token helper scripts)
all hit the leak.

Fix shape (~40-60 lines): redact args with secret heuristic
(--api-key, --token, --password, high-entropy tails, user:pass@);
redact URL basic-auth + query-string secrets; split headersHelper
argv and apply args heuristic; add optional --show-sensitive
opt-in; add mcp_secret_posture doctor check. No MCP runtime
behavior changes -- only reporting surface.

Filed in response to Clawhip pinpoint nudge 1494706529918517390 in
#clawcode-building-in-public.
 2026-04-17 23:32:40 +09:00
YeonGyu-Kim
64b29f16d5 ROADMAP #89: claw blind to mid-rebase/merge/cherry-pick git states 
Dogfooded 2026-04-17 on main HEAD 9882f07. A rebase halted on
conflict leaves .git/rebase-merge/ on disk + HEAD detached on the
rebase intermediate commit. 'claw --output-format json status'
reports git_state='dirty ... 1 conflicted', git_branch='detached
HEAD', no rebase flag. 'claw --output-format json doctor' reports
workspace: {status:ok, summary:'project root detected on branch
detached HEAD'}.

Trace: parse_git_workspace_summary at rusty-claude-cli/src/main.rs:
2550-2587 scans git status --short output only; no .git/rebase-
merge, .git/rebase-apply, .git/MERGE_HEAD, .git/CHERRY_PICK_HEAD,
.git/BISECT_LOG check anywhere in rust/crates/. check_workspace_
health emits Ok so long as a project root was detected.

Clawability impact: preflight blindness (doctor ok on paused lane),
stale-branch detection breaks (freshness vs base is meaningless
when HEAD is a rebase intermediate), no recovery surface (no
abort/resume hints), same 'surface lies about runtime truth' family
as #80-#87.

Fix shape (~20 lines): detect marker files, expose typed
workspace.git_operation field (kind/paused/abort_hint/resume_hint),
flip workspace doctor verdict to warn when git_operation != null.

Filed in response to Clawhip pinpoint nudge 1494698980091756678 in
#clawcode-building-in-public.
 2026-04-17 23:03:53 +09:00
YeonGyu-Kim
9882f07e7d ROADMAP #88: unbounded CLAUDE.md ancestor walk = prompt injection via /tmp 
Dogfooded 2026-04-17 on main HEAD 82bd8bb from
/tmp/claude-md-injection/inner/work. discover_instruction_files at
runtime/src/prompt.rs:203-224 walks cursor.parent() until None with
no project-root bound, no HOME containment, no git boundary. Four
candidate paths per ancestor (CLAUDE.md, CLAUDE.local.md,
.claw/CLAUDE.md, .claw/instructions.md) are loaded and inlined
verbatim into the agent's system prompt under '# Claude instructions'.

Repro: /tmp/claude-md-injection/CLAUDE.md containing adversarial
guidance appears under 'CLAUDE.md (scope: /private/tmp/claude-md-
injection)' in claw system-prompt from any nested CWD. git init
inside the worker does not terminate the walk. /tmp/CLAUDE.md alone
is sufficient -- /tmp is world-writable with sticky bit on macOS/
Linux, so any local user can plant agent guidance for every other
user's claw invocation under /tmp/anything.

Worse than #85 (skills ancestor walk): no agent action required
(injection fires on every turn before first user message), lower
bar for the attacker (raw Markdown, no frontmatter), standard
world-writable drop point (/tmp), no doctor signal. Same structural
fix family though: prompt.rs:203, commands/src/lib.rs:2795
(skills), and commands/src/lib.rs:2724 (agents) all need the same
project_root / HOME bound.

Fix shape (~30-50 lines): bound ancestor walk at project root /
HOME; add doctor check that surfaces loaded instruction files with
paths; add settings.json opt-in toggle for monorepo ancestor
inheritance with 'source: ancestor' annotation.

Filed in response to Clawhip pinpoint nudge 1494691430096961767 in
#clawcode-building-in-public.
 2026-04-17 22:33:13 +09:00
YeonGyu-Kim
82bd8bbf77 ROADMAP #87: fresh-workspace permission default is danger-full-access, doctor silent 
Dogfooded 2026-04-17 on main HEAD d6003be against /tmp/cd8. Fresh
workspace, no config, no env, no CLI flag: claw status reports
'Permission mode  danger-full-access'. 'claw doctor' has no
permission-mode check at all -- zero lines mention it.

Trace: rusty-claude-cli/src/main.rs:1099-1107 default_permission_mode
falls back to PermissionMode::DangerFullAccess when env/config miss.
runtime/src/permissions.rs:7-15 PermissionMode ordinal puts
DangerFullAccess above WorkspaceWrite/ReadOnly, so current_mode >=
required_mode gate at :260-264 auto-approves every tool spec requiring
DangerFullAccess or below -- including bash and PowerShell.
check_sandbox_health exists at :1895-1910 but no parallel
check_permission_health. Status JSON exposes permission_mode but no
permission_mode_source field -- fallback indistinguishable from
deliberate choice.

Interacts badly with #86: corrupt .claw.json silently drops the
user's 'plan' choice AND escalates to danger-full-access fallback,
and doctor reports Config: ok across both failures.

Fix shape (~30-40 lines): add permission doctor check (warn when
effective=DangerFullAccess via fallback); add permission_mode_source
to status JSON; optionally flip fallback to WorkspaceWrite/Prompt
for non-interactive invocations.

Filed in response to Clawhip pinpoint nudge 1494683886658257071 in
#clawcode-building-in-public.
 2026-04-17 22:06:49 +09:00
YeonGyu-Kim
d6003be373 ROADMAP #86: corrupt .claw.json silently dropped, doctor says config ok 
Dogfooded 2026-04-17 on main HEAD 586a92b against /tmp/cd7. A valid
.claw.json with permissions.defaultMode=plan applies correctly
(claw status shows Permission mode read-only). Corrupt the same
file to junk text and: (1) claw status reverts to
danger-full-access, (2) claw doctor still reports
Config: status=ok, summary='runtime config loaded successfully',
with loaded_config_files=0 and discovered_files_count=1 side by
side in the same check.

Trace: read_optional_json_object at runtime/src/config.rs:674-692
sets is_legacy_config = (file_name == '.claw.json') and on parse
failure returns Ok(None) instead of Err(ConfigError::Parse). No
warning, no eprintln. ConfigLoader::load() continues past the None,
reports overall success. Doctor check at
rusty-claude-cli/src/main.rs:1725-1754 emits DiagnosticLevel::Ok
whenever load() returned Ok, even with loaded 0/1.

Compare a non-legacy settings path at .claw/settings.json with
identical corruption: doctor correctly fails loudly. Same file
contents, different filename -> opposite diagnostic verdict.

Intent was presumably legacy compat with stale historical .claw.json.
Implementation now masks live user-written typos. A clawhip preflight
that gates on 'status != ok' never sees this. Same surface-lies-
about-runtime-truth shape as #80-#84, at the config layer.

Fix shape (~20-30 lines): replace silent skip with warn-and-skip
carrying the parse error; flip doctor verdict when
loaded_count < present_count; expose skipped_files in JSON surface.

Filed in response to Clawhip pinpoint nudge 1494676332507041872 in
#clawcode-building-in-public.
 2026-04-17 21:33:44 +09:00
YeonGyu-Kim
586a92ba79 ROADMAP #85: unbounded ancestor walk enumerates attacker-placed skills 
Dogfooded 2026-04-17 on main HEAD 2eb6e0c. discover_skill_roots at
commands/src/lib.rs:2795 iterates cwd.ancestors() unbounded -- no
project-root check, no HOME containment, no git boundary. Any
.claw/skills, .omc/skills, .agents/skills, .codex/skills,
.claude/skills directory on any ancestor path up to / is enumerated
and marked active: true in 'claw --output-format json skills'.

Repro 1 (cross-tenant skill injection): write
/tmp/trap/.agents/skills/rogue/SKILL.md; cd /tmp/trap/inner/work
and 'claw skills' shows rogue as active, sourced as Project roots.
git init inside the inner CWD does NOT stop the walk.

Repro 2 (CWD-dependent skill set): CWD under $HOME yields
~/.agents/skills contents; CWD outside $HOME hides them. Same user,
same binary, 26-skill delta driven by CWD alone.

Security shape: any attacker-writable ancestor becomes a skill
injection primitive. Skill descriptions are free-form Markdown fed
into the agent context -- crafted descriptions become prompt
injection. tools/src/lib.rs:3295 independently walks ancestors for
dispatch, so the injected skill is also executable via slash
command, not just listed.

Fix shape (~30-50 lines): bound ancestor walk at project root
(ConfigLoader::project_root), optionally also at $HOME; require
explicit settings.json toggle for monorepo ancestor inheritance;
mirror fix in tools/src/lib.rs::push_project_skill_lookup_roots so
listed and dispatchable skill surfaces match.

Filed in response to Clawhip pinpoint nudge 1494668784382771280 in
#clawcode-building-in-public.
 2026-04-17 21:07:10 +09:00
YeonGyu-Kim
2eb6e0c1ee ROADMAP #84: dump-manifests bakes build machine's absolute path into binary 
Dogfooded 2026-04-17 on main HEAD 70a0f0c from /tmp/cd4.
'claw dump-manifests' with no arguments emits:
  error: Manifest source files are missing.
    repo root: /Users/yeongyu/clawd/claw-code
    missing: src/commands.ts, src/tools.ts, src/entrypoints/cli.tsx

That path is the *build machine*'s absolute filesystem layout, baked
in via env!('CARGO_MANIFEST_DIR') at rusty-claude-cli/src/main.rs:2016.
strings on the binary reveals the raw path verbatim. JSON surface
(--output-format json) leaks the same path identically.

Three problems: (1) broken default for any user running a distributed
binary because the path won't exist on their machine; (2) privacy
leak -- build user's $HOME segment embedded in the binary and
surfaced to every recipient; (3) reproducibility violation -- two
binaries built from the same commit on different machines produce
different runtime behavior. Same compile-time-vs-runtime family as
ROADMAP #83 (build date injected as 'today').

Fix shape (<=20 lines): drop env!('CARGO_MANIFEST_DIR') from the
runtime default, require CLAUDE_CODE_UPSTREAM / --manifests-dir /
settings entry, reword error to name the required config instead of
leaking a path the user never asked for. Optional polish: add a
settings.json [upstream] entry.

Acceptance: strings <binary> | grep '^/Users/' returns empty for the
shipped binary. Default error surface contains zero absolute paths
from the build machine.

Filed in response to Clawhip pinpoint nudge 1494661235336282248 in
#clawcode-building-in-public.
 2026-04-17 20:36:51 +09:00
YeonGyu-Kim
70a0f0cf44 ROADMAP #83: DEFAULT_DATE injects build date as 'today' in live system prompt 
Dogfooded 2026-04-17 on main HEAD e58c194 against /tmp/cd3. Binary
built 2026-04-10; today is 2026-04-17. 'claw system-prompt' emits
'Today's date is 2026-04-10.' The same DEFAULT_DATE constant
(rusty-claude-cli/src/main.rs:69-72) is threaded into
build_system_prompt() at :6173-6180 and every ClaudeCliSession /
StreamingCliSession / non-interactive runner (lines 3649, 3746,
4165, 4211, ...), so the stale date lives in the LIVE agent prompt,
not just the system-prompt subcommand.

Agents reason from 'today = compile day,' which silently breaks any
task that depends on real time (freshness, deadlines, staleness,
expiry). Violates ROADMAP principle #4 (branch freshness before
blame) and mixes compile-time context into runtime behavior,
producing different prompts for two agents on the same main HEAD
built a week apart.

Fix shape (~30 lines): compute current_date at runtime via
chrono::Utc::now().date_naive(), sweep DEFAULT_DATE call sites in
main.rs, keep --date override and --version's build-date meaning,
add CLAWD_OVERRIDE_DATE env escape for reproducible tests.

Filed in response to Clawhip pinpoint nudge 1494653681222811751 in
#clawcode-building-in-public.
 2026-04-17 20:02:37 +09:00
YeonGyu-Kim
e58c1947c1 ROADMAP #82: macOS sandbox filesystem_active=true is a lie 
Dogfooded 2026-04-17 on main HEAD 1743e60 against /tmp/claw-dogfood-2.
claw --output-format json sandbox on macOS reports filesystem_active=
true, filesystem_mode=workspace-only but the actual enforcement is
only HOME/TMPDIR env-var rebasing at bash.rs:205-209 / :228-232.
build_linux_sandbox_command is cfg(target_os=linux)-gated and returns
None on macOS, so the fallback path is sh -lc <command> with env
tweaks and nothing else. Direct escape proof: a child with
HOME=/ws/.sandbox-home TMPDIR=/ws/.sandbox-tmp writes
/tmp/claw-escape-proof.txt and mkdir /tmp/claw-probe-target without
error.

Clawability problem: claws/orchestrators read SandboxStatus JSON and
branch on filesystem_active && filesystem_mode=='workspace-only' to
decide whether a worker can safely touch /tmp or $HOME. Today that
branch lies on macOS.

Fix shape option A (low-risk, ~15 lines): compute filesystem_active
only where an enforcement path exists, so macOS reports false by
default and fallback_reason surfaces the real story. Option B:
wire a Seatbelt (sandbox-exec) profile for actual macOS enforcement.

Filed in response to Clawhip pinpoint nudge 1494646135317598239 in
#clawcode-building-in-public.
 2026-04-17 19:33:06 +09:00
YeonGyu-Kim
1743e600e1 ROADMAP #81: claw status Project root lies about session scope 
Dogfooded 2026-04-17 on main HEAD a48575f inside claw-code itself
and reproduced on /tmp/claw-split-17. SessionStore::from_cwd at
session_control.rs:32-40 uses the raw CWD as input to
workspace_fingerprint() (line 295-303), not the project root
surfaced in claw status. Result: two CWDs in the same git repo
(e.g. ~/clawd/claw-code vs ~/clawd/claw-code/rust) report the same
Project root in status but land in two disjoint .claw/sessions/
<fp>/ partitions. claw --resume latest from one CWD returns
'no managed sessions found' even though the adjacent CWD has a
live session visible via /session list.

Status-layer truth (Project root) and session-layer truth
(fingerprint-of-CWD) disagree and neither surface exposes the
disagreement -- classic split-truth per ROADMAP pain point #2.

Fix shape (<=40 lines): (a) fingerprint the project root instead
of raw CWD, or (b) surface partition key explicitly in status.

Filed in response to Clawhip pinpoint nudge 1494638583481372833
in #clawcode-building-in-public.
 2026-04-17 19:05:12 +09:00
Jobdori
a48575fd83 ROADMAP #80: session-lookup error copy lies about on-disk layout 
Dogfooded 2026-04-17 on main HEAD 688295e against /tmp/claw-d4.
SessionStore::from_cwd at session_control.rs:32-40 places sessions
under .claw/sessions/<workspace_fingerprint>/ (16-char FNV-1a hex
at line 295-303), but format_no_managed_sessions and
format_missing_session_reference at line 516-526 advertise plain
.claw/sessions/ with no fingerprint context.

Concrete repro: fresh workspace, no sessions yet, .claw/sessions/
contains foo/ (hash dir, empty) + ffffffffffffffff/foreign.jsonl
(foreign workspace session). 'claw --resume latest' still says
'no managed sessions found in .claw/sessions/' even though that
directory is not empty -- the sessions just belong to other
workspace partitions.

Fix shape is ~30 lines: plumb the resolved sessions_root/workspace
into the two format helpers, optionally enumerate sibling partitions
so error copy tells the operator where sessions from other workspaces
are and why they're invisible.

Filed in response to Clawhip pinpoint nudge 1494615932222439456 in
#clawcode-building-in-public.
 2026-04-17 17:33:05 +09:00
Jobdori
688295ea6c ROADMAP #79: claw --output-format json init discards structured InitReport 
Dogfooded 2026-04-17 on main HEAD 9deaa29. init.rs:38-113 already
builds a fully-typed InitReport { project_root, artifacts: Vec<
InitArtifact { name, status: InitStatus }> } but main.rs:5436-5454
calls .render() on it and throws the structure away, emitting only
{kind, message: '<prose>'} via init_json_value(). Downstream claws
have to regex 'created|updated|skipped' out of the message string
to know per-artifact state.

version/system-prompt/acp/bootstrap-plan all emit structured payloads
on the same binary -- init is the sole odd-one-out. Fix shape is ~20
lines: add InitReport::to_json_value + InitStatus::as_str, switch
run_init to hold the report instead of .render()-ing it eagerly,
preserve message for backward compat, add output_format_contract
regression.

Filed in response to Clawhip pinpoint nudge 1494608389068558386 in
#clawcode-building-in-public.
 2026-04-17 17:02:58 +09:00
Jobdori
9deaa29710 ROADMAP #78: claw plugins CLI route is a dead constructor 
Dogfooded 2026-04-17 on main HEAD d05c868. CliAction::Plugins variant
is declared at main.rs:303-307 and wired to LiveCli::print_plugins at
main.rs:202-206, but parse_args has no "plugins" arm, so
claw plugins / claw plugins list / claw --output-format json plugins
all fall through to the LLM-prompt catch-all and emit a missing
Anthropic credentials error. This is the sole documented-shaped
subcommand that does NOT resolve to a local CLI route:
agents, mcp, skills, acp, init, dump-manifests, bootstrap-plan,
system-prompt, export all work. grep confirms CliAction::Plugins has
exactly one hit in crates/ (the handler), not a constructor anywhere.

Filed with a ~15 line parser fix shape plus help/test wiring, matching
the pattern already used by agents/mcp/skills.

Filed in response to Clawhip pinpoint nudge 1494600832652546151 in
#clawcode-building-in-public.
 2026-04-17 16:33:09 +09:00
Jobdori
d05c8686b8 ROADMAP #77: typed error-kind contract for --output-format json errors 
Dogfooded 2026-04-17 against main HEAD 00d0eb6. Five distinct failure
classes (missing credentials, missing manifests, missing worker state,
session not found, CLI parse) all emit the same {type,error} envelope
with no machine-readable kind/code, so downstream claws have to regex
the prose to route failures. Success payloads already carry a stable
'kind' discriminator; error payloads do not. Fix shape proposes an
ErrorKind discriminant plus hint/context fields to match the success
side contract.

Filed in response to Clawhip pinpoint nudge 1494593284180414484 in
#clawcode-building-in-public.
 2026-04-17 16:08:41 +09:00
Yeachan-Heo
00d0eb61d4 US-024: Add token limit metadata for kimi models 
Add ModelTokenLimit entries for kimi-k2.5 and kimi-k1.5 to enable
preflight context window validation. Per Moonshot AI documentation:
- Context window: 256,000 tokens
- Max output: 16,384 tokens

Includes 3 unit tests:
- returns_context_window_metadata_for_kimi_models
- kimi_alias_resolves_to_kimi_k25_token_limits
- preflight_blocks_oversized_requests_for_kimi_models

All tests pass, clippy clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-17 04:15:38 +00:00
Yeachan-Heo
8d8e2c3afd Mark prd.json status as completed 
All 23 stories (US-001 through US-023) are now complete.
Updated status from "in_progress" to "completed".

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 20:05:13 +00:00
Yeachan-Heo
d037f9faa8 Fix strip_routing_prefix to handle kimi provider prefix (US-023) 
Add "kimi" to the strip_routing_prefix matches so that models like
"kimi/kimi-k2.5" have their prefix stripped before sending to the
DashScope API (consistent with qwen/openai/xai/grok handling).

Also add unit test strip_routing_prefix_strips_kimi_provider_prefix.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 19:50:15 +00:00
Yeachan-Heo
330dc28fc2 Mark US-023 as complete in prd.json 
- Move US-023 from inProgressStories to completedStories
- All acceptance criteria met and verified

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 19:45:56 +00:00
Yeachan-Heo
cec8d17ca8 Implement US-023: Add automatic routing for kimi models to DashScope 
Changes in rust/crates/api/src/providers/mod.rs:
- Add 'kimi' alias to MODEL_REGISTRY resolving to 'kimi-k2.5' with DashScope config
- Add kimi/kimi- prefix routing to DashScope endpoint in metadata_for_model()
- Add resolve_model_alias() handling for kimi -> kimi-k2.5
- Add unit tests: kimi_prefix_routes_to_dashscope, kimi_alias_resolves_to_kimi_k2_5

Users can now use:
- --model kimi (resolves to kimi-k2.5)
- --model kimi-k2.5 (auto-routes to DashScope)
- --model kimi/kimi-k2.5 (explicit provider prefix)

All 127 tests pass, clippy clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 19:44:21 +00:00
Yeachan-Heo
4cb1db9faa Implement US-022: Enhanced error context for API failures 
Add structured error context to API failures:
- Request ID tracking across retries with full context in error messages
- Provider-specific error code mapping with actionable suggestions
- Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504)
- Added suggested_action field to ApiError::Api variant
- Updated enrich_bearer_auth_error to preserve suggested_action

Files changed:
- rust/crates/api/src/error.rs: Add suggested_action field, update Display
- rust/crates/api/src/providers/openai_compat.rs: Add suggested_action_for_status()
- rust/crates/api/src/providers/anthropic.rs: Update error handling

All tests pass, clippy clean.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 19:15:00 +00:00
Yeachan-Heo
5e65b33042 US-021: Add request body size pre-flight check for OpenAI-compatible provider 2026-04-16 17:41:57 +00:00
Yeachan-Heo
87b982ece5 US-011: Performance optimization for API request serialization 
Added criterion benchmarks and optimized flatten_tool_result_content:
- Added criterion dev-dependency and request_building benchmark suite
- Optimized flatten_tool_result_content to pre-allocate capacity and avoid
  intermediate Vec construction (was collecting to Vec then joining)
- Made key functions public for benchmarking: translate_message,
  build_chat_completion_request, flatten_tool_result_content,
  is_reasoning_model, model_rejects_is_error_field

Benchmark results:
- flatten_tool_result_content/single_text: ~17ns
- translate_message/text_only: ~200ns
- build_chat_completion_request/10 messages: ~16.4µs
- is_reasoning_model detection: ~26-42ns

All 119 unit tests and 29 integration tests pass.
cargo clippy passes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 11:11:45 +00:00
Yeachan-Heo
f65d15fb2f US-010: Add model compatibility documentation 
Created comprehensive MODEL_COMPATIBILITY.md documenting:
- Kimi models is_error exclusion (prevents 400 Bad Request)
- Reasoning models tuning parameter stripping (o1, o3, o4, grok-3-mini, qwen-qwq)
- GPT-5 max_completion_tokens requirement
- Qwen model routing through DashScope

Includes implementation details, key functions table, guide for adding new
models, and testing commands. Cross-referenced with existing code comments.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 10:55:58 +00:00
Yeachan-Heo
3e4e1585b5 US-009: Add comprehensive unit tests for kimi model compatibility fix 
Added 4 unit tests to verify is_error field handling for kimi models:
- model_rejects_is_error_field_detects_kimi_models: Detects kimi-k2.5, kimi-k1.5, dashscope/kimi-k2.5 (case insensitive)
- translate_message_includes_is_error_for_non_kimi_models: Verifies gpt-4o, grok-3, claude include is_error
- translate_message_excludes_is_error_for_kimi_models: Verifies kimi models exclude is_error (prevents 400 Bad Request)
- build_chat_completion_request_kimi_vs_non_kimi_tool_results: Full integration test for request building

All 119 unit tests and 29 integration tests pass.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 10:54:48 +00:00
Yeachan-Heo
110d568bcf Mark US-008 complete: kimi-k2.5 API compatibility fix 
- translate_message now conditionally includes is_error field
- kimi models (kimi-k2.5, kimi-k1.5, etc.) exclude is_error
- Other models (openai, grok, xai) keep is_error support
 2026-04-16 10:12:36 +00:00
Yeachan-Heo
866ae7562c Fix formatting in task_packet.rs for CI 2026-04-16 09:35:18 +00:00
Yeachan-Heo
6376694669 Mark all 7 roadmap stories complete with PRD and progress record 
- Update prd.json: mark US-001 through US-007 as passes: true
- Add progress.txt: detailed implementation summary for all stories

All acceptance criteria verified:
- US-001: Startup failure evidence bundle + classifier
- US-002: Lane event schema with provenance and deduplication
- US-003: Stale branch detection with policy integration
- US-004: Recovery recipes with ledger
- US-005: Typed task packet format with TaskScope
- US-006: Policy engine for autonomous coding
- US-007: Plugin/MCP lifecycle maturity
 2026-04-16 09:31:47 +00:00
Yeachan-Heo
1d5748f71f US-005: Typed task packet format with TaskScope enum 
- Add TaskScope enum with Workspace, Module, SingleFile, Custom variants
- Update TaskPacket struct with scope_path and worktree fields
- Add validation for scope-specific requirements
- Fix tests in task_packet.rs, task_registry.rs, and tools/src/lib.rs
- Export TaskScope from runtime crate

Closes US-005 (Phase 4)
 2026-04-16 09:28:42 +00:00
Yeachan-Heo
77fb62a9f1 Implement LaneEvent schema extensions for event ordering, provenance, and dedupe (US-002) 
Adds comprehensive metadata support to LaneEvent for the canonical lane event schema:

- EventProvenance enum: live_lane, test, healthcheck, replay, transport
- SessionIdentity: title, workspace, purpose, with placeholder support
- LaneOwnership: owner, workflow_scope, watcher_action (Act/Observe/Ignore)
- LaneEventMetadata: seq, provenance, session_identity, ownership, nudge_id,
  event_fingerprint, timestamp_ms
- LaneEventBuilder: fluent API for constructing events with full metadata
- is_terminal_event(): detects Finished, Failed, Superseded, Closed, Merged
- compute_event_fingerprint(): deterministic fingerprint for terminal events
- dedupe_terminal_events(): suppresses duplicate terminal events by fingerprint

Provides machine-readable event provenance, session identity at creation,
monotonic sequence ordering, nudge deduplication, and terminal event suppression.

Adds 10 regression tests covering:
- Monotonic sequence ordering
- Provenance serialization round-trip
- Session identity completeness
- Ownership and workflow scope binding
- Watcher action variants
- Terminal event detection
- Fingerprint determinism and uniqueness
- Terminal event deduplication
- Builder construction with metadata
- Metadata serialization round-trip

Closes Phase 2 (partial) from ROADMAP.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 09:12:31 +00:00
Yeachan-Heo
21909da0b5 Implement startup-no-evidence evidence bundle + classifier (US-001) 
Adds typed worker.startup_no_evidence event with evidence bundle when worker
startup times out. The classifier attempts to down-rank the vague bucket into
specific failure classifications:
- trust_required
- prompt_misdelivery
- prompt_acceptance_timeout
- transport_dead
- worker_crashed
- unknown

Evidence bundle includes:
- Last known worker lifecycle state
- Pane/command being executed
- Prompt-send timestamp
- Prompt-acceptance state
- Trust-prompt detection result
- Transport health summary
- MCP health summary
- Elapsed seconds since worker creation

Includes 6 regression tests covering:
- Evidence bundle serialization
- Transport dead classification
- Trust required classification
- Prompt acceptance timeout
- Worker crashed detection
- Unknown fallback

Closes Phase 1.6 from ROADMAP.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-16 09:05:33 +00:00
Yeachan-Heo
ac45bbec15 Make ACP/Zed status obvious before users go source-diving 
ROADMAP #21, #22, and #23 were already closed on current main, so the next real repo-local backlog item was the ACP/Zed discoverability gap. This adds a local `claw acp` status surface plus aliases, updates help/docs, and separates the shipped discoverability fix from the still-open daemon/protocol follow-up so editor-first users get a crisp answer immediately.

Constraint: No ACP/Zed daemon or protocol server exists in claw-code yet, so the new surface must be explicit status guidance rather than a fake implementation
Rejected: Add a pretend `acp serve` daemon path | would imply supported protocol behavior that does not exist
Rejected: Docs-only clarification | still leaves `claw --help` unable to answer the editor-launch question directly
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep ROADMAP discoverability fixes separate from future ACP daemon/protocol work so help text and backlog IDs stay unambiguous
Tested: cargo fmt --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; cargo run -q -p rusty-claude-cli -- acp; cargo run -q -p rusty-claude-cli -- --output-format json acp; architect review APPROVED
Not-tested: Real ACP/Zed daemon launch because no protocol-serving surface exists yet
 2026-04-16 03:13:50 +00:00
Yeachan-Heo
64e058f720 refresh 2026-04-16 02:50:54 +00:00
Yeachan-Heo
e874bc6a44 Improve malformed hook failures so operators can diagnose broken JSON 
Malformed hook stdout that looks like JSON was collapsing into low-signal failure text during hook execution. This change preserves plain-text hook feedback for normal text hooks, but upgrades malformed JSON-like output into an explicit hook_invalid_json diagnostic that includes phase, tool, command, and bounded stdout/stderr previews. It also adds a regression test for malformed-but-nonempty output.

Constraint: User scoped the implementation to rust/crates/runtime/src/hooks.rs and tests only
Constraint: Existing plain-text hook feedback must remain intact for non-JSON hook output
Rejected: Treat every non-JSON stdout payload as invalid JSON | would break legitimate plain-text hook feedback
Confidence: high
Scope-risk: narrow
Directive: Keep malformed-hook diagnostics bounded and preserve the plain-text fallback for hooks that intentionally emit text
Tested: cargo test --manifest-path rust/Cargo.toml -p runtime hooks::tests:: -- --nocapture
Tested: cargo test --manifest-path rust/Cargo.toml -p runtime -- --nocapture
Tested: cargo clippy --manifest-path rust/Cargo.toml -p runtime --all-targets -- -D warnings
Not-tested: Full workspace clippy/test sweep outside runtime crate
 2026-04-13 12:44:52 +00:00
Yeachan-Heo
6a957560bd Make recovery handoffs explain why a lane resumed instead of leaking control prose 
Recent OMX dogfooding kept surfacing raw `[OMX_TMUX_INJECT]`
messages as lane results, which told operators that tmux reinjection
happened but not why or what lane/state it applied to. The lane-finished
persistence path now recognizes that control prose, stores structured
recovery metadata, and emits a human-meaningful fallback summary instead
of preserving the raw marker as the primary result.

Constraint: Keep the fix in the existing lane-finished metadata surface rather than inventing a new runtime channel
Rejected: Treat all reinjection prose as ordinary quality-floor mush | loses the recovery cause and target lane operators actually need
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Recovery classification is heuristic; extend the parser only when new operator phrasing shows up in real dogfood evidence
Tested: cargo fmt --all --check
Tested: cargo clippy --workspace --all-targets -- -D warnings
Tested: cargo test --workspace
Tested: LSP diagnostics on rust/crates/tools/src/lib.rs (0 errors)
Tested: Architect review (APPROVE)
Not-tested: Additional reinjection phrasings beyond the currently observed `[OMX_TMUX_INJECT]` / current-mode-state variants
Related: ROADMAP #68
 2026-04-12 15:50:39 +00:00
Yeachan-Heo
42bb6cdba6 Keep local clawhip artifacts from tripping routine repo work 
Dogfooding kept reproducing OMX team merge conflicts on
`.clawhip/state/prompt-submit.json`, so the init bootstrap now
teaches repos to ignore `.clawhip/` alongside the existing local
`.claw/` artifacts. This also updates the current repo ignore list
so the fix helps immediately instead of only on future `claw init`
runs.

Constraint: Keep the fix narrow and centered on repo-local ignore hygiene
Rejected: Broader team merge-hygiene changes | unnecessary for the proven local root cause
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If more runtime-local artifact directories appear, extend the shared init gitignore list instead of patching repos ad hoc
Tested: cargo fmt --all --check
Tested: cargo clippy --workspace --all-targets -- -D warnings
Tested: cargo test --workspace
Tested: Architect review (APPROVE)
Not-tested: Existing clones with already-tracked `.clawhip` files still need manual cleanup
Related: ROADMAP #75
 2026-04-12 14:47:40 +00:00
Yeachan-Heo
f91d156f85 Keep poisoned test locks from cascading across unrelated regressions 
The repo-local backlog was effectively exhausted, so this sweep promoted the
newly observed test-lock poisoning pain point into ROADMAP #74 and fixed it in
place. Test-only env/cwd lock acquisition now recovers poisoned mutexes in the
remaining strict call sites, and each affected surface has a regression that
proves a panic no longer permanently poisons later tests.

Constraint: Keep the fix test-only and avoid widening runtime behavior changes
Rejected: Refactor shared helper signatures across broader call paths | unnecessary churn beyond the remaining strict test sites
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: These guards only recover the mutex; tests that mutate env or cwd still must restore process-global state explicitly
Tested: cargo fmt --all --check
Tested: cargo clippy --workspace --all-targets -- -D warnings
Tested: cargo test --workspace
Tested: Architect review (APPROVE)
Not-tested: Additional fault-injection around partially restored env/cwd state after panic
Related: ROADMAP #74
 2026-04-12 13:52:41 +00:00
Yeachan-Heo
6b4bb4ac26 Keep finished lanes from leaving stale reminders armed 
The next repo-local sweep target was ROADMAP #66: reminder/cron
state could stay enabled after the associated lane had already
finished, which left stale nudges firing into completed work. The
fix teaches successful lane persistence to disable matching enabled
cron entries and record which reminder ids were shut down on the
finished event.

Constraint: Preserve existing cron/task registries and add the shutdown behavior only on the successful lane-finished path
Rejected: Add a separate reminder-cleanup command that operators must remember to run | leaves the completion leak unfixed at the source
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If cron-matching heuristics change later, update `disable_matching_crons`, its regression, and the ROADMAP closeout together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: Cross-process cron/reminder persistence beyond the in-memory registry used in this repo
 2026-04-12 12:52:27 +00:00
Yeachan-Heo
e75d67dfd3 Make successful lanes explain what artifacts they actually produced 
The next repo-local sweep target was ROADMAP #64: downstream consumers
still had to infer artifact provenance from prose even though the repo
already emitted structured lane events. The fix extends `lane.finished`
metadata with structured artifact provenance so successful completions
can report roadmap ids, files, diff stat, verification state, and commit
sha without relying on narration alone.

Constraint: Preserve the existing commit-created event and lane-finished metadata paths while adding structured provenance to successful completions
Rejected: Introduce a separate artifact event type first | unnecessary for this focused closeout because `lane.finished` already carries structured data and existing consumers can read it there
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If artifact provenance extraction rules change later, update `extract_artifact_provenance`, its regression payload, and the ROADMAP closeout together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: Downstream consumers that ignore `lane.finished.data.artifactProvenance` and still parse only prose output
 2026-04-12 11:56:00 +00:00
Yeachan-Heo
2e34949507 Keep latest-session timestamps increasing under tight loops 
The next repo-local sweep target was ROADMAP #73: repeated backlog
sweeps exposed that session writes could share the same wall-clock
millisecond, which made semantic recency fragile and forced the
resume-latest regression to sleep between saves. The fix makes session
timestamps monotonic within the process and removes the timing hack
from the test so latest-session selection stays stable under tight
loops.

Constraint: Preserve the existing session file format while changing only the timestamp source semantics
Rejected: Keep the sleep-based test workaround | hides the real ordering hazard instead of fixing timestamp generation
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Any future session-recency logic must keep `current_time_millis`, ordering tests, and latest-session expectations aligned
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: Cross-process monotonicity when multiple binaries write sessions concurrently
 2026-04-12 10:51:19 +00:00
Yeachan-Heo
8f53524bd3 Make backlog-scan lanes say what they actually selected 
The next repo-local sweep target was ROADMAP #65: backlog-scanning
lanes could stop with prose-only summaries naming roadmap items, but
there was no machine-readable record of which items were chosen,
which were skipped, or whether the lane intended to execute, review,
or no-op. The fix teaches completed lane persistence to extract a
structured selection outcome while preserving the existing quality-
floor and review-verdict behavior for other lanes.

Constraint: Keep selection-outcome extraction on the existing `lane.finished` metadata path instead of inventing a separate event stream
Rejected: Add a dedicated selection event type first | unnecessary for this focused closeout because `lane.finished` already persists structured data downstream can read
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If backlog-scan summary conventions change later, update `extract_selection_outcome`, its regression test, and the ROADMAP closeout wording together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE after roadmap closeout update
Not-tested: Downstream consumers that may still ignore `lane.finished.data.selectionOutcome`
 2026-04-12 09:54:37 +00:00
Yeachan-Heo
b5e30e2975 Make completed review lanes emit machine-readable verdicts 
The next repo-local sweep target was ROADMAP #67: scoped review lanes
could stop with prose-only output, leaving downstream consumers to infer
approval or rejection from later chatter. The fix teaches completed lane
persistence to recognize review-style `APPROVE`/`REJECT`/`BLOCKED`
results, attach structured verdict metadata to `lane.finished`, and keep
ordinary non-review lanes on the existing quality-floor path.

Constraint: Preserve the existing non-review lane summary path while enriching only review-style completions
Rejected: Add a brand-new lane event type just for review results | unnecessary when `lane.finished` already carries structured metadata and downstream consumers can read it there
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If review verdict parsing changes later, update `extract_review_outcome`, the finished-event payload fields, and the review-lane regression together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: External consumers that may still ignore `lane.finished.data.reviewVerdict`
 2026-04-12 08:49:40 +00:00
Yeachan-Heo
dbc2824a3e Keep latest session selection tied to real session recency 
The next repo-local sweep target was ROADMAP #72: the `latest`
managed-session alias could depend on filesystem mtime before the
session's own persisted recency markers, which made the selection
path vulnerable to coarse or misleading file timestamps. The fix
promotes `updated_at_ms` into the summary/order path, keeps CLI
wrappers in sync, and locks the mtime-vs-session-recency case with
regression coverage.

Constraint: Preserve existing managed-session storage layout while changing only the ordering signal
Rejected: Keep sorting by filesystem mtime and just sleep longer in tests | hides the semantic ordering bug instead of fixing it
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Any future managed-session ordering change must keep runtime and CLI summary structs aligned on the same recency fields
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: Cross-filesystem behavior where persisted session JSON cannot be read and fallback ordering uses mtime only
 2026-04-12 07:49:32 +00:00
Yeachan-Heo
f309ff8642 Stop repo lanes from executing the wrong task payload 
The next repo-local sweep target was ROADMAP #71: a claw-code lane
accepted an unrelated KakaoTalk/image-analysis prompt even though the
lane itself was supposed to be repo-scoped work. This extends the
existing prompt-misdelivery guardrail with an optional structured task
receipt so worker boot can reject visible wrong-task context before the
lane continues executing.

Constraint: Keep the fix inside the existing worker_boot / WorkerSendPrompt control surface instead of inventing a new external OMX-only protocol
Rejected: Treat wrong-task receipts as generic shell misdelivery | loses the expected-vs-observed task context needed to debug contaminated lanes
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If task-receipt fields change later, update the WorkerSendPrompt schema, worker payload serialization, and wrong-task regression together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: External orchestrators that have not yet started populating the optional task_receipt field
 2026-04-12 07:00:07 +00:00
Yeachan-Heo
3b806702e7 Make the CLI point users at the real install source 
The next repo-local backlog item was ROADMAP #70: users could
mistake third-party pages or the deprecated `cargo install
claw-code` path for the official install route. The CLI now
surfaces the source of truth directly in `claw doctor` and
`claw --help`, and the roadmap closeout records the change.

Constraint: Keep the fix inside repo-local Rust CLI surfaces instead of relying on docs alone
Rejected: Close #70 with README-only wording | the bug was user-facing CLI ambiguity, so the warning needed to appear in runtime help/doctor output
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If install guidance changes later, update both the doctor check payload and the help-text warning together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: Third-party websites outside this repo that may still present stale install instructions
 2026-04-12 04:50:03 +00:00
Yeachan-Heo
26b89e583f Keep completed lanes from ending on mushy stop summaries 
The next repo-local sweep target was ROADMAP #69: completed lane
runs could persist vague control text like “commit push everyting,
keep sweeping $ralph”, which made downstream stop summaries
operationally useless. The fix adds a lane-finished quality floor
that preserves strong summaries, rewrites empty/control-only/too-
short-without-context summaries into a contextual fallback, and
records structured metadata explaining when the fallback fired.

Constraint: Keep legitimate concise lane summaries intact while improving only low-signal completions
Rejected: Blanket-rewrite every completed summary into a templated sentence | would erase useful model-authored detail from good lane outputs
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If lane-finished summary heuristics change later, update the structured `qualityFloorApplied/rawSummary/reasons/wordCount` contract and its regression tests together
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: External OMX consumers that may still ignore the new lane.finished data payload
 2026-04-12 03:23:39 +00:00
YeonGyu-Kim
17e21bc4ad docs(roadmap): add #70 — install-source ambiguity misleads users 
User treated claw-code.io as official, hit clawcode vs deprecated
claw-code naming collision. Adding requirement for canonical
docs to explicitly state official source and warn against
deprecated crate.

Source: gaebal-gajae community watch 2026-04-12
 2026-04-12 12:08:52 +09:00
Yeachan-Heo
4f83a81cf6 Make dump-manifests recoverable outside the inferred build tree 
The backlog sweep found that the user-cited #21-#23 items were already
closed, and the next real pain point was `claw dump-manifests` failing
without a direct way to point at the upstream manifest source. This adds
an explicit `--manifests-dir` path, upgrades the failure messages to say
whether the source root or required files are missing, and updates the
ROADMAP closeout to reflect that #45 is now fixed.

Constraint: Preserve existing dump-manifests behavior when no explicit override is supplied
Rejected: Require CLAUDE_CODE_UPSTREAM for every invocation | breaks existing build-tree workflows and is unnecessarily rigid
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep manifest-source override guidance centralized so future error-path edits do not drift
Tested: cargo fmt --all; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: Manual invocation against every legacy env-based manifest lookup layout
 2026-04-12 02:57:11 +00:00
Yeachan-Heo
1d83e67802 Keep the backlog sweep from chasing external executor notes 
ROADMAP #31 described acpx/droid executor quirks, but a fresh repo-local
search showed no implementation surface outside ROADMAP.md. This rewrites
the local unpushed team checkpoint commits into one docs-only closeout so the
branch reflects the real claw-code backlog instead of runtime-generated state.

Constraint: Current evidence is limited to repo-local search plus existing prior closeouts
Rejected: Leave team auto-checkpoint commits intact | they pollute the branch with runtime state and obscure the actual closeout
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep generated .clawhip prompt-submit artifacts out of backlog closeout commits
Tested: Repo-local grep evidence for #31/#63-#68 terms; ROADMAP.md line review; architect approval x2
Not-tested: Fresh remote/backlog audit beyond the current repo-local evidence set
 2026-04-12 02:57:11 +00:00
YeonGyu-Kim
763437a0b3 docs(roadmap): add #69 — lane stop summary quality floor 
clawcode-human session stopped with sloppy summary
('commit push everyting, keep sweeping '). Adding
requirement for minimum stop/result summary standards.

Source: gaebal-gajae dogfood analysis 2026-04-12
 2026-04-12 11:18:18 +09:00
Yeachan-Heo
491386f0a5 Keep external orchestration gaps out of the claw-code sweep path 
ROADMAP #63-#68 describe OMX/Ultraclaw orchestration behavior, but a repo-local
search shows those implementation markers do not exist in claw-code source.
Marking that scope boundary directly in the roadmap keeps future backlog sweeps
from repeatedly targeting the wrong repository.

Constraint: Stay within claw-code repo scope while continuing the user-requested backlog sweep
Rejected: Attempt repo-local fixes for #63-#68 | implementation surface is absent from this repository
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Treat #63-#68 as external tracking notes unless claw-code later grows the corresponding orchestration/runtime surface
Tested: Repo-local search for acpx/ultraclaw/roadmap-nudge-10min/OMX_TMUX_INJECT outside ROADMAP.md
Not-tested: No code/test/static-analysis rerun because the change is docs-only
 2026-04-12 02:14:43 +00:00
Yeachan-Heo
5c85e5ad12 Keep the worker-state backlog honest with current main behavior 
ROADMAP #62 was stale. Current main already emits `.claw/worker-state.json`
on worker status transitions and exposes the documented `claw state`
reader surface, so leaving the item open would keep sending future
backlog passes after already-landed work.

Fresh verification on the exact branch confirmed the implementation and
left the workspace green, so this commit closes the item with current
proof instead of duplicating the feature.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before push
Constraint: OMX team runtime was explicitly requested, but the verification lane stalled before producing any diff
Rejected: Re-implement the worker-state feature from scratch | current main already contains the runtime hook, CLI surface, and regression coverage
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #62 only with a fresh repro showing missing `.claw/worker-state.json` writes or a broken `claw state` surface on current main
Tested: cargo test -p runtime emit_state_file_writes_worker_status_on_transition -- --nocapture; cargo test -p tools recovery_loop_state_file_reflects_transitions -- --nocapture; cargo test -p rusty-claude-cli removed_login_and_logout_subcommands_error_helpfully -- --nocapture; cargo fmt; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; architect review APPROVE
Not-tested: No dedicated automated end-to-end CLI regression for reading `.claw/worker-state.json` beyond parser coverage and focused smoke validation
 2026-04-12 01:51:15 +00:00
Yeachan-Heo
b825713db3 Retire the stale slash-command backlog item without breaking verification 
ROADMAP #39 was stale: current main already hides the unimplemented slash
commands from the help/completion surfaces that triggered the original report,
so the backlog entry should be marked done with current evidence instead of
staying open forever.

While rerunning the user's required Rust verification gates on the exact commit
we planned to push, clippy exposed duplicate and unused imports in the plugin
state-isolation files. Folding those cleanup fixes into the same closeout keeps
the proof honest and restores a green workspace before the backlog retirement
lands.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before push
Rejected: Push the roadmap-only closeout without fixing the workspace | would violate the required verification gate and leave main red
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Re-run the full Rust workspace gates on the exact commit you intend to push when retiring stale roadmap items
Tested: cargo fmt; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No manual interactive REPL completion/help smoke test beyond the existing automated coverage
 2026-04-12 00:59:29 +00:00
YeonGyu-Kim
06d1b8ac87 docs(roadmap): add #68 — internal reinjection/resume path opacity 
OMX lanes leaking internal control prose like [OMX_TMUX_INJECT]
instead of operator-meaningful state. Adding requirement for
structured recovery/reinject events with clear cause, preserved
state, and target lane info.

Also fixes merge conflict in test_isolation.rs.

Source: gaebal-gajae dogfood analysis 2026-04-12
 2026-04-12 08:53:10 +09:00
Yeachan-Heo
4f84607ad6 Align the plugin-state isolation roadmap note with current green verification 
The roadmap still implied that the ambient-plugin-state isolation work sat
outside a green full-workspace verification story. Current main already has
both the test-isolation helpers and the host-plugin-leakage regression, and
the required workspace fmt/clippy/test sequence is green. This updates the
remaining stale roadmap wording to match reality.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before closeout
Rejected: Leave the stale note in place | contradicts the current verified workspace state
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When backlog items are retired as stale, update any nearby stale verification caveats in the same pass
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No additional runtime behavior beyond already-covered regression paths
 2026-04-11 23:51:00 +00:00
Yeachan-Heo
8eb93e906c Retire the stale bare-word skill discovery backlog item 
ROADMAP #36 remained open even though current main already resolves bare
project skill names in the REPL through `resolve_skill_invocation()` instead
of forwarding them to the model. This change adds direct regression coverage
for the known-skill dispatch path and the unknown-skill/non-skill bypass, then
marks the roadmap item done with fresh proof.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before closeout
Rejected: Leave #36 open because the implementation already existed | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #36 only with a fresh repro showing a listed project skill still falls through to plain prompt handling on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No interactive manual REPL session beyond the new bare-skill unit coverage
 2026-04-11 23:45:46 +00:00
Yeachan-Heo
264fdc214e Retire the stale bare-skill dispatch backlog item 
ROADMAP #36 remained open even though current main already dispatches bare
skill names in the REPL through skill resolution instead of forwarding them
to the model. This change adds a direct regression test for that behavior
and marks the backlog item done with fresh verification evidence.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before closeout
Rejected: Leave #36 open because the implementation already existed | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #36 only with a fresh repro showing a listed project skill still falls through to plain prompt handling on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No interactive manual REPL session beyond the new bare-skill unit coverage
 2026-04-11 22:50:28 +00:00
Yeachan-Heo
a4921cb262 Retire the stale gpt-5 max-completion-tokens backlog item 
ROADMAP #35 remained open even though current main already switches
OpenAI-compatible gpt-5 requests from `max_tokens` to
`max_completion_tokens` and has regression coverage for that behavior.
This change marks the backlog item done with fresh proof from the current
workspace.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before closeout
Rejected: Leave #35 open because the implementation already existed | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #35 only with a fresh repro showing gpt-5 requests emit max_tokens instead of max_completion_tokens on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; cargo test -p api gpt5_uses_max_completion_tokens_not_max_tokens -- --nocapture
Not-tested: No live external OpenAI-compatible backend run beyond the existing automated coverage
 2026-04-11 21:45:49 +00:00
Yeachan-Heo
d40929cada Retire the stale OpenAI reasoning-effort backlog item 
ROADMAP #34 was still open even though current main already carries the
reasoning-effort parity fix for the OpenAI-compatible path. This change marks
it done with fresh proof from current tests and documents the historical
commits that landed the implementation.

Constraint: User required fresh cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before closeout
Rejected: Leave #34 open because implementation already existed | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #34 only with a fresh repro that OpenAI-compatible reasoning-effort is absent on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; cargo test -p api reasoning_effort -- --nocapture; cargo test -p rusty-claude-cli reasoning_effort -- --nocapture
Not-tested: No live external OpenAI-compatible backend run beyond the existing automated coverage
 2026-04-11 20:47:08 +00:00
Yeachan-Heo
2d5f836988 Retire the stale broken-plugin warning backlog item 
ROADMAP #40 was still listed as open even though current main already keeps
valid plugins visible while surfacing broken-plugin load failures. This change
adds a direct command-surface regression test for the warning block and marks
#40 done with fresh verification evidence.

Constraint: User required fresh cargo fmt/clippy/test evidence before closing any backlog item
Rejected: Leave #40 open because the implementation already existed | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #40 only with a fresh repro showing broken installed plugins are hidden or warning-free on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; cargo test -p plugins plugin_registry_report_collects_load_failures_without_dropping_valid_plugins -- --nocapture; cargo test -p plugins installed_plugin_registry_report_collects_load_failures_from_install_root -- --nocapture
Not-tested: No interactive manual /plugins list run beyond automated command-layer rendering coverage
 2026-04-11 19:47:21 +00:00
YeonGyu-Kim
4e199ec52a docs(roadmap): add #67 — structured review verdict events 
Scoped review lanes now have clear scope but still emit only
the review request in stop events, not the actual verdict.
Adding requirement for structured approve/reject/blocked events.

Source: gaebal-gajae dogfood analysis 2026-04-12
 2026-04-12 04:00:41 +09:00
Yeachan-Heo
a7b1fef176 Keep the rebased workspace green after the backlog closeout 
The ROADMAP #38 closeout was rebased onto a moving main branch. That pulled in
new workspace files whose clippy/rustfmt fixes were required for the exact
verification gate the user asked for. This follow-up records those remaining
cleanups so the pushed branch matches the green tree that was actually tested.

Constraint: The user-required full-workspace fmt/clippy/test sequence had to stay green after rebasing onto newer origin/main
Rejected: Leave the rebase cleanup uncommitted locally | working tree would stay dirty and the pushed branch would not match the verified code
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When rebasing onto a moving main, commit any gate-fixing follow-up so pushed history matches the verified tree
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No additional behavior beyond the already-green verification sweep
 2026-04-11 18:52:48 +00:00
Yeachan-Heo
12d955ac26 Close the stale dead-session opacity backlog item with verified probe coverage 
ROADMAP #38 stayed open even though the runtime already had a post-compaction
session-health probe. This change adds direct regression tests for that health
probe behavior and marks the roadmap item done. While re-running the required
workspace verification after a remote rebase, a small set of upstream clippy /
compile issues in plugins and test-isolation code also had to be repaired so the
user-requested full fmt/clippy/test sequence could pass on the rebased main.

Constraint: User required cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before commit/push
Constraint: Remote main advanced during execution, so the change had to be rebased and re-verified before push
Rejected: Leave #38 open because the implementation pre-existed | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Reopen #38 only with a fresh compaction-vs-broken-surface repro on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No live long-running dogfood session replay beyond the new runtime regression tests
 2026-04-11 18:52:02 +00:00
Yeachan-Heo
257aeb82dd Retire the stale dead-session opacity backlog item with regression proof 
ROADMAP #38 no longer reflects current main. The runtime already runs a
post-compaction session-health probe, but the backlog lacked explicit
regression proof. This change adds focused tests for the two important
behaviors: a broken tool surface aborts a compacted session with a targeted
error, while a freshly compacted empty session does not false-positive as
dead. With that proof in place, the roadmap item can be marked done.

Constraint: User required fresh cargo fmt/clippy/test evidence before closing any backlog item
Rejected: Leave #38 open because the implementation already existed | backlog stays stale and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #38 only with a fresh same-turn repro that bypasses the current health-probe gate
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: No live long-running dogfood session replay beyond existing automated coverage
 2026-04-11 18:47:37 +00:00
YeonGyu-Kim
7ea4535cce docs(roadmap): add #65 backlog selection outcomes, #66 completion-aware reminders 
ROADMAP #65: Team lanes need structured selection events (chosenItems,
skippedItems, rationale) instead of opaque prose summaries.

ROADMAP #66: Reminder/cron should auto-expire when terminal task
completes — currently keeps firing after work is done.

Source: gaebal-gajae dogfood analysis 2026-04-12
 2026-04-12 03:43:58 +09:00
YeonGyu-Kim
2329ddbe3d docs(roadmap): add #64 — structured artifact events 
Artifact provenance currently requires post-hoc narration to
reconstruct what landed. Adding requirement for first-class
events with sourceLanes, roadmapIds, diffStat, verification state.

Source: gaebal-gajae dogfood analysis 2026-04-12
 2026-04-12 03:31:36 +09:00
YeonGyu-Kim
56b4acefd4 docs(roadmap): add #63 — droid session completion semantics broken 
Documents the late-arriving droid output issue discovered during
ultraclaw batch processing. Sessions report completion before
file writes are fully flushed to working tree.

Source: ultraclaw dogfood 2026-04-12
 2026-04-12 03:30:50 +09:00
YeonGyu-Kim
16b9febdae feat: ultraclaw droid batch — ROADMAP #41 test isolation + #50 PowerShell permissions 
Merged late-arriving droid output from 10 parallel ultraclaw sessions.

ROADMAP #41 — Test isolation for plugin regression checks:
- Add test_isolation.rs module with env_lock() for test environment isolation
- Redirect HOME/XDG_CONFIG_HOME/XDG_DATA_HOME to unique temp dirs per test
- Prevent host ~/.claude/plugins/ from bleeding into test runs
- Auto-cleanup temp directories on drop via RAII pattern
- Tests: 39 plugin tests passing

ROADMAP #50 — PowerShell workspace-aware permissions:
- Add is_safe_powershell_command() for command-level permission analysis
- Add is_path_within_workspace() for workspace boundary validation
- Classify read-only vs write-requiring bash commands (60+ commands)
- Dynamic permission requirements based on command type and target path
- Tests: permission enforcer and workspace boundary tests passing

Additional improvements:
- runtime/src/permission_enforcer.rs: Dynamic permission enforcement layer
  - check_with_required_mode() for dynamically-determined permissions
  - 60+ read-only command patterns (cat, find, grep, cargo, git, jq, yq, etc.)
  - Workspace-path detection for safe commands
- compat-harness/src/lib.rs: Compat harness updates for permission testing
- rusty-claude-cli/src/main.rs: CLI integration for permission modes
- plugins/src/lib.rs: Updated imports for test isolation module

Total: +410 lines across 5 files
Workspace tests: 448+ passed
Droid source: ultraclaw-04-test-isolation, ultraclaw-08-powershell-permissions

Ultraclaw total: 4 ROADMAP items committed (38, 40, 41, 50)
 2026-04-12 03:06:24 +09:00
Yeachan-Heo
723e2117af Retire the stale plugin lifecycle flake backlog item 
ROADMAP #24 no longer reproduces on current main. Both focused plugin
lifecycle tests pass in isolation and the current full workspace test run
includes them as green, so the backlog entry was stale rather than still
actionable.

Constraint: User explicitly required re-verifying with cargo fmt, cargo clippy --workspace --all-targets -- -D warnings, and cargo test --workspace before closeout
Rejected: Leave #24 open without a fresh repro | keeps the immediate backlog inaccurate and invites duplicate work
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Reopen #24 only with a fresh parallel-execution repro on current main
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace; cargo test -p rusty-claude-cli build_runtime_runs_plugin_lifecycle_init_and_shutdown -- --nocapture; cargo test -p plugins plugin_registry_runs_initialize_and_shutdown_for_enabled_plugins -- --nocapture
Not-tested: No synthetic stress harness beyond the existing workspace-parallel run
 2026-04-11 17:49:10 +00:00
Yeachan-Heo
0082bf1640 Align auth docs with the removed login/logout surface 
The ROADMAP #37 code path was correct, but the Rust and usage guides still
advertised `claw login` / `claw logout` and OAuth-login wording after the
command surface had been removed. This follow-up updates both docs to point
users at `ANTHROPIC_API_KEY` or `ANTHROPIC_AUTH_TOKEN` only and removes the
stale command examples.

Constraint: Prior follow-up review rejected the closeout until user-facing auth docs matched the landed behavior
Rejected: Leave docs stale because runtime behavior was already correct | contradicts shipped CLI and re-opens support confusion
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When auth policy changes, update both rust/README.md and USAGE.md in the same change as the code surface
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: External rendered-doc consumers beyond repository markdown
 2026-04-11 17:28:47 +00:00
Yeachan-Heo
124e8661ed Remove the deprecated Claude subscription login path and restore a green Rust workspace 
ROADMAP #37 was still open even though several earlier backlog items were
already closed. This change removes the local login/logout surface, stops
startup auth resolution from treating saved OAuth credentials as a supported
path, and updates diagnostics/help to point users at ANTHROPIC_API_KEY or
ANTHROPIC_AUTH_TOKEN only.

While proving the change with the user-requested workspace gates, clippy
surfaced additional pre-existing warning failures across the Rust workspace.
Those were cleaned up in-place so the required `cargo fmt`, `cargo clippy
--workspace --all-targets -- -D warnings`, and `cargo test --workspace`
sequence now passes end to end.

Constraint: User explicitly required full-workspace fmt/clippy/test before commit/push
Constraint: Existing dirty leader worktree had to be stashed before attempted OMX team worktree launch
Rejected: Keep login/logout but hide them from help | left unsupported auth flow and saved OAuth fallback intact
Rejected: Stop after ROADMAP #37 targeted tests | did not satisfy required full-workspace verification gate
Confidence: medium
Scope-risk: moderate
Reversibility: clean
Directive: Do not reintroduce saved OAuth as a silent Anthropic startup fallback without an explicit supported auth policy
Tested: cargo fmt --all --check; cargo clippy --workspace --all-targets -- -D warnings; cargo test --workspace
Not-tested: Remote push effects beyond origin/main update
 2026-04-11 17:24:44 +00:00
Yeachan-Heo
61c01ff7da Prevent cross-worktree session bleed during managed session resume/load 
ROADMAP #41 was still leaving a phantom-completion class open: managed
sessions could be resumed from the wrong workspace, and the CLI/runtime
paths were split between partially isolated storage and older helper
flows. This squashes the verified team work into one deliverable that
routes managed session operations through the per-worktree SessionStore,
rejects workspace mismatches explicitly, extends lane-event taxonomy for
workspace mismatch reporting, and updates the affected CLI regression
fixtures/docs so the new contract is enforced without losing same-
workspace legacy coverage.

Constraint: Keep same-workspace legacy flat sessions readable while blocking cross-worktree misuse
Constraint: No new dependencies; stay within the ROADMAP #41 changed-file scope
Rejected: Leave team auto-checkpoint history as final branch state | noisy/non-lore history for a single roadmap fix
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Preserve workspace_root validation on future resume/load helpers; do not reintroduce path-only fallback without equivalent mismatch checks
Tested: cargo test -p runtime session_control -- --nocapture; cargo test -p rusty-claude-cli resume -- --nocapture; cargo test -p rusty-claude-cli --test cli_flags_and_config_defaults; cargo test -p rusty-claude-cli --test output_format_contract; cargo test -p rusty-claude-cli --test resume_slash_commands; cargo test --workspace --exclude compat-harness; cargo check --workspace --all-targets; git diff --check
Not-tested: cargo clippy --workspace --all-targets -- -D warnings (pre-existing failures in unchanged rust/crates/rusty-claude-cli/build.rs)
Related: ROADMAP #41
 2026-04-11 16:08:28 +00:00
YeonGyu-Kim
56218d7d8a feat(runtime): add session health probe for dead-session detection (ROADMAP #38) 
Implements ROADMAP #38: Dead-session opacity detection via health canary.

- Add run_session_health_probe() to ConversationRuntime
- Probe runs after compaction to verify tool executor responsiveness
- Add last_health_check_ms field to Session for tracking
- Returns structured error if session appears broken after compaction

Ultraclaw droid session: ultraclaw-02-session-health

Tests: runtime crate 436 passed, integration 12 passed
 2026-04-12 00:33:26 +09:00
YeonGyu-Kim
2ef447bd07 feat(commands): surface broken plugin warnings in /plugins list 
Implements ROADMAP #40: Show warnings for broken/missing plugin manifests
instead of silently failing.

- Add PluginLoadFailure import
- New render_plugins_report_with_failures() function
- Shows ⚠️ warnings for failed plugin loads with error details
- Updates ROADMAP.md to mark #40 in progress

Ultraclaw droid session: ultraclaw-03-broken-plugins
 2026-04-11 22:44:29 +09:00
YeonGyu-Kim
8aa1fa2cc9 docs(roadmap): file ROADMAP #61 — OPENAI_BASE_URL routing fix (done) 
Local provider routing: OPENAI_BASE_URL now wins over Anthropic fallback
for unrecognized model names. Done at 1ecdb10.
 2026-04-10 13:00:46 +09:00
YeonGyu-Kim
1ecdb1076c fix(api): OPENAI_BASE_URL wins over Anthropic fallback for unknown models 
When OPENAI_BASE_URL is set, the user explicitly configured an
OpenAI-compatible endpoint (Ollama, LM Studio, vLLM, etc.). Model names
like 'qwen2.5-coder:7b' or 'llama3:latest' don't match any recognized
prefix, so detect_provider_kind() fell through to Anthropic — asking for
Anthropic credentials even though the user clearly intended a local
provider.

Now: OPENAI_BASE_URL + OPENAI_API_KEY beats Anthropic env-check in the
cascade. OPENAI_BASE_URL alone (no API key — common for Ollama) is a
last-resort fallback before the Anthropic default.

Source: MaxDerVerpeilte in #claw-code (Ollama + qwen2.5-coder:7b);
traced by gaebal-gajae.
 2026-04-10 12:37:39 +09:00
YeonGyu-Kim
6c07cd682d docs(roadmap): mark #59 done, file #60 glob brace expansion (done) 
#59 session model persistence — done at 0f34c66
#60 glob_search brace expansion — done at 3a6c9a5
 2026-04-10 11:30:42 +09:00
YeonGyu-Kim
3a6c9a55c1 fix(tools): support brace expansion in glob_search patterns 
The glob crate (v0.3) does not support shell-style brace groups like
{cs,uxml,uss}. Patterns such as 'Assets/**/*.{cs,uxml,uss}' silently
returned 0 results.

Added expand_braces() to pre-expand brace groups before passing patterns
to glob::glob(). Handles nested braces (e.g. src/{a,b}.{rs,toml}).
Results are deduplicated via HashSet.

5 new tests:
- expand_braces_no_braces
- expand_braces_single_group
- expand_braces_nested
- expand_braces_unmatched
- glob_search_with_braces_finds_files

Source: user 'zero' in #claw-code (Windows, Unity project with
Assets/**/*.{cs,uxml,uss} glob). Traced by gaebal-gajae.
 2026-04-10 11:22:38 +09:00
YeonGyu-Kim
810036bf09 test(cli): add integration test for model persistence in resumed /status 
New test: resumed_status_surfaces_persisted_model
- Creates session with model='claude-sonnet-4-6'
- Resumes with --output-format json /status
- Asserts model round-trips through session metadata

Resume integration tests: 11 → 12.
 2026-04-10 10:31:05 +09:00
YeonGyu-Kim
0f34c66acd feat(session): persist model in session metadata — ROADMAP #59 
Add 'model: Option<String>' to Session struct. The model used is now
saved in the session_meta JSONL record and surfaced in resumed /status:
- JSON mode: {model: 'claude-sonnet-4-6'} instead of null
- Text mode: shows actual model instead of 'restored-session'

Model is set in build_runtime_with_plugin_state() before the runtime
is constructed, and only when not already set (preserves model through
fork/resume cycles).

Backward compatible: old sessions without a model field load cleanly
with model: None (shown as null in JSON, 'restored-session' in text).

All workspace tests pass.
 2026-04-10 10:05:42 +09:00
YeonGyu-Kim
6af0189906 docs(roadmap): file ROADMAP #58 (Windows HOME crash) and #59 (session model persistence) 
#58 Windows startup crash from missing HOME env var — done at b95d330.
#59 Session metadata does not persist the model used — open.
 2026-04-10 09:00:41 +09:00
YeonGyu-Kim
b95d330310 fix(startup): fall back to USERPROFILE when HOME is not set (Windows) 
On Windows, HOME is often unset. The CLI crashed at startup with
'error: io error: HOME is not set' because three paths only checked
HOME:
- config_home_dir() in tools crate (config/settings loading)
- credentials_home_dir() in runtime crate (OAuth credentials)
- detect_broad_cwd() in CLI (CWD-is-home-dir check)
- skill lookup roots in tools crate

All now fall through to USERPROFILE when HOME is absent. Error message
updated to suggest USERPROFILE or CLAW_CONFIG_HOME on Windows.

Source: MaxDerVerpeilte in #claw-code (Windows user, 2026-04-10).
 2026-04-10 08:33:35 +09:00
YeonGyu-Kim
74311cc511 test(cli): add 5 integration tests for resume JSON parity 
New integration tests covering recent JSON parity work:
- resumed_version_command_emits_structured_json
- resumed_export_command_emits_structured_json
- resumed_help_command_emits_structured_json
- resumed_no_command_emits_restored_json
- resumed_stub_command_emits_not_implemented_json

Prevents regression on ROADMAP #54 (stub command error), #55 (session
list), #56 (--resume no-command JSON), #57 (session load errors).

Resume integration tests: 6 → 11.
 2026-04-10 08:03:17 +09:00
YeonGyu-Kim
6ae8850d45 fix(api): silence dead_code warning and remove duplicated #[test] attr 
- Add #[allow(dead_code)] on test-only Delta struct (content field
  used for deserialization but not read in assertion)
- Remove duplicated #[test] attribute on
  assistant_message_without_tool_calls_omits_tool_calls_field

Zero warnings in cargo test --workspace.
 2026-04-10 07:33:22 +09:00
YeonGyu-Kim
ef9439d772 docs(roadmap): file ROADMAP #54-#57 from 2026-04-10 dogfood cycle 
#54 circular 'Did you mean /X?' for spec commands with no parse arm (done)
#55 /session list unsupported in resume mode (done)
#56 --resume no-command ignores --output-format json (done)
#57 session load errors bypass --output-format json (done)
 2026-04-10 07:04:21 +09:00
YeonGyu-Kim
4f670e5513 fix(cli): emit JSON for --resume with no command in --output-format json mode 
claw --output-format json --resume <session> (no command) was printing:
  'Restored session from <path> (N messages).'
to stdout as prose, regardless of output format.

Now emits:
  {"kind":"restored","session_id":"...","path":"...","message_count":N}

159 CLI tests pass.
 2026-04-10 06:31:16 +09:00
YeonGyu-Kim
8dcf10361f fix(cli): implement /session list in resume mode — ROADMAP #21 partial 
/session list previously returned 'unsupported resumed slash command' in
--output-format json --resume mode. It only reads the sessions directory
so does not need a live runtime session.

Adds a Session{action:"list"} arm in run_resume_command() before the
unsupported catchall. Emits:
  {kind:session_list, sessions:[...ids], active:<current-session-id>}

159 CLI tests pass.
 2026-04-10 06:03:29 +09:00
YeonGyu-Kim
cf129c8793 fix(cli): emit JSON error when session fails to load in --output-format json mode 
'failed to restore session' errors from both the path-resolution step
and the JSONL-load step now check output_format and emit:
  {"type":"error","error":"failed to restore session: <detail>"}
instead of bare eprintln prose.

Covers: session not found, corrupt JSONL, permission errors.
 2026-04-10 05:01:56 +09:00
YeonGyu-Kim
c0248253ac fix(cli): remove 'stats' from STUB_COMMANDS — it is implemented 
/stats was accidentally listed in STUB_COMMANDS (both in the original list
and overlooked in 1e14d59). Since SlashCommand::Stats is fully implemented
with REPL and resume dispatch, it should not be intercepted as unimplemented.

/tokens and /cache alias to Stats and were already working correctly.
/stats now works again in all modes.
 2026-04-10 04:32:05 +09:00
YeonGyu-Kim
1e14d59a71 fix(cli): stop circular 'Did you mean /X?' for spec commands with no parse arm 
23 spec-registered commands had no parse arm in validate_slash_command_input,
causing the circular error 'Unknown slash command: /X — Did you mean /X?'
when users typed them in --resume mode.

Two fixes:
1. Add the 23 confirmed parse-armless commands to STUB_COMMANDS (excluded
   from REPL completions and help output).
2. In resume dispatch, intercept STUB_COMMANDS before SlashCommand::parse
   and emit a clean '{error: "/X is not yet implemented in this build"}'
   instead of the confusing error from the Err parse path.

Affected: /allowed-tools, /bookmarks, /workspace, /reasoning, /budget,
/rate-limit, /changelog, /diagnostics, /metrics, /tool-details, /focus,
/unfocus, /pin, /unpin, /language, /profile, /max-tokens, /temperature,
/system-prompt, /notifications, /telemetry, /env, /project, plus ~40
additional unreachable spec names.

159 CLI tests pass.
 2026-04-10 04:05:41 +09:00
YeonGyu-Kim
11e2353585 fix(cli): JSON parity for /export and /agents in resume mode 
/export now emits: {kind:export, file:<path>, message_count:<n>}
/agents now emits: {kind:agents, text:<agents report>}

Previously both returned json:None and fell through to prose output even
in --output-format json --resume mode. 159 CLI tests pass.
 2026-04-10 03:32:24 +09:00
YeonGyu-Kim
0845705639 fix(tests): update test assertions for null model in resume /status; drop unused import 
Two integration tests expected 'model':'restored-session' in the /status
JSON output but dc4fa55 changed resume mode to emit null for model.
Updated both assertions to assert model is null (correct behavior).

Also remove unused 'estimate_session_tokens' import in compact.rs tests
(surfaced as warning in CI, kept failing CI green noise).

All workspace tests pass.
 2026-04-10 03:21:58 +09:00
YeonGyu-Kim
316864227c fix(cli): JSON parity for /help and /diff in resume mode 
/help now emits: {kind:help, text:<full help text>}
/diff now emits:
  - no git repo: {kind:diff, result:no_git_repo, detail:...}
  - clean tree:  {kind:diff, result:clean, staged:'', unstaged:''}
  - changes:     {kind:diff, result:changes, staged:..., unstaged:...}

Previously both returned json:None and fell through to prose output even
in --output-format json --resume mode. 159 CLI tests pass.
 2026-04-10 03:02:00 +09:00
YeonGyu-Kim
ece48c7174 docs: correct agent-code binary name in warning — ROADMAP #53 
'cargo install agent-code' installs 'agent.exe' (Windows) / 'agent'
(Unix), NOT 'agent-code'. Previous note said "binary name is 'agent-code'"
which sent users to the wrong command.

Updated the install warning to show the actual binary name.
ROADMAP #53 filed: package vs binary name mismatch in the install path.
 2026-04-10 02:36:43 +09:00
YeonGyu-Kim
c8cac7cae8 fix(cli): doctor config check hides non-existent candidate paths 
Before: doctor reported 'loaded 0/5' and listed 5 'Discovered file'
entries for paths that don't exist on disk. This looked like 5 files
failed to load, when in fact they are just standard search locations.

After: only paths that actually exist on disk are shown as 'Discovered
file'. 'loaded N/M' denominator is now the count of present files, not
candidate paths. With no config files present: 'loaded 0/0' +
'Discovered files  <none> (defaults active)'.

159 CLI tests pass.
 2026-04-10 02:32:47 +09:00
YeonGyu-Kim
57943b17f3 docs: reframe Windows setup — PowerShell is supported, Git Bash/WSL optional 
Previous wording said 'recommended shell is Git Bash or WSL (not PowerShell,
not cmd)' which was incorrect — claw builds and runs fine in PowerShell.

New framing:
- PowerShell: supported primary Windows path with PowerShell-style commands
- Git Bash / WSL: optional alternatives, not requirements
- MINGW64 note moved to Git Bash callout (no longer implies it is required)

Source: gaebal-gajae correction 2026-04-10.
 2026-04-10 02:25:47 +09:00
YeonGyu-Kim
4730b667c4 docs: warn against 'cargo install claw-code' false-positive — ROADMAP #52 
The claw-code crate on crates.io is a deprecated stub. cargo install
claw-code succeeds but places claw-code-deprecated.exe, not claw.
Running it only prints 'claw-code has been renamed to agent-code'.

Previous note only warned about 'clawcode' (no hyphen) — the actual trap
is the hyphenated name.

Updated the warning block with explicit caution: do not use
'cargo install claw-code', install agent-code or build from source.
ROADMAP #52 filed.
 2026-04-10 02:16:58 +09:00
YeonGyu-Kim
dc4fa55d64 fix(cli): /status JSON emits null model and correct session_id in resume mode 
Two bugs in --output-format json --resume /status:

1. 'model' field emitted 'restored-session' (a run-mode label) instead of
   the actual model or null. Fixed: status_json_value now takes Option<&str>
   for model; resume path passes None; live REPL path passes Some(model).

2. 'session_id' extracted parent dir name ('sessions') instead of the file
   stem. Session files are session-<id>.jsonl directly under .claw/sessions/,
   not in a subdirectory. Fixed: extract file_stem() instead of
   parent().file_name().

159 CLI tests pass.
 2026-04-10 02:03:14 +09:00
YeonGyu-Kim
9cf4033fdf docs: add Windows setup section (Git Bash/WSL prereqs) — ROADMAP #51 
Users were hitting:
- bash: cargo: command not found (Rust not installed or not on PATH)
- C:\... vs /c/... path confusion in Git Bash
- MINGW64 prompt misread as broken install

New '### Windows setup' section in README covers:
1. Install Rust via rustup.rs
2. Open Git Bash (MINGW64 is normal)
3. Verify cargo --version / run . ~/.cargo/env if missing
4. Use /c/Users/... paths
5. Clone + build + run steps

WSL2 tip added for lower-friction alternative.

ROADMAP #51 filed.
 2026-04-10 01:42:43 +09:00
YeonGyu-Kim
a3d0c9e5e7 fix(api): sanitize orphaned tool messages at request-building layer 
Adds sanitize_tool_message_pairing() called from build_chat_completion_request()
after translate_message() runs. Drops any role:"tool" message whose
immediately-preceding non-tool message is role:"assistant" but has no
tool_calls entry matching the tool_call_id.

This is the second layer of the tool-pairing invariant defense:
- 6e301c8: compaction boundary fix (producer layer)
- this commit: request-builder sanitizer (sender layer)

Together these close the 400-error loop for resumed/compacted multi-turn
tool sessions on OpenAI-compatible backends.

Sanitization only fires when preceding message is role:assistant (not
user/system) to avoid dropping valid translation artifacts from mixed
user-message content blocks.

Regression tests: sanitize_drops_orphaned_tool_messages covers valid pair,
orphaned tool (no tool_calls in preceding assistant), mismatched id, and
two tool results both referencing the same assistant turn.

116 api + 159 CLI + 431 runtime tests pass. Fmt clean.
 2026-04-10 01:35:00 +09:00
YeonGyu-Kim
78dca71f3f fix(cli): JSON parity for /compact and /clear in resume mode 
/compact now emits: {kind:compact, skipped, removed_messages, kept_messages}
/clear now emits:  {kind:clear, previous_session_id, new_session_id, backup, session_file}
/clear (no --confirm) now emits: {kind:error, error:..., hint:...}

Previously both returned json:None and fell through to prose output even
in --output-format json --resume mode. 159 CLI tests pass.
 2026-04-10 01:31:21 +09:00
YeonGyu-Kim
39a7dd08bb docs(roadmap): file PowerShell permission over-escalation as ROADMAP #50 
PowerShell tool is registered as danger-full-access regardless of command
semantics. Workspace-write sessions still require escalation for read-only
in-workspace commands (Get-Content, Get-ChildItem, etc.).

Root cause: mvp_tool_specs registers PowerShell and bash both with
PermissionMode::DangerFullAccess unconditionally. Fix needs command-level
heuristic analysis to classify read-only in-workspace commands at
WorkspaceWrite rather than DangerFullAccess.

Source: tanishq_devil in #claw-code 2026-04-10; traced by gaebal-gajae.
 2026-04-10 01:12:39 +09:00
YeonGyu-Kim
d95149b347 fix(cli): surface resolved path in dump-manifests error — ROADMAP #45 partial 
Before:
  error: failed to extract manifests: No such file or directory (os error 2)

After:
  error: failed to extract manifests: No such file or directory (os error 2)
    looked in: /Users/yeongyu/clawd/claw-code/rust

The workspace_dir is computed from CARGO_MANIFEST_DIR at compile time and
only resolves correctly when running from the build tree. Surfacing the
resolved path lets users understand immediately why it fails outside the
build context.

ROADMAP #45 root cause (build-tree-only path) remains open.
 2026-04-10 01:01:53 +09:00
YeonGyu-Kim
47aa1a57ca fix(cli): surface command name in 'not yet implemented' REPL message 
Add SlashCommand::slash_name() to the commands crate — returns the
canonical '/name' string for any variant. Used in the REPL's stub
catch-all arm to surface which command was typed instead of printing
the opaque 'Command registered but not yet implemented.'

Before: typing /rewind → 'Command registered but not yet implemented.'
After:  typing /rewind → '/rewind is not yet implemented in this build.'

Also update the compacts_sessions_via_slash_command test assertion to
tolerate the boundary-guard fix from 6e301c8 (removed_message_count
can be 1 or 2 depending on whether the boundary falls on a tool-result
pair). All 159 CLI + 431 runtime + 115 api tests pass.
 2026-04-10 00:39:16 +09:00
YeonGyu-Kim
6e301c8bb3 fix(runtime): prevent orphaned tool-result at compaction boundary; /cost JSON 
Two fixes:

1. compact.rs: When the compaction boundary falls at the start of a
   tool-result turn, the preceding assistant turn with ToolUse would be
   removed — leaving an orphaned role:tool message with no preceding
   assistant tool_calls. OpenAI-compat backends reject this with 400.

   Fix: after computing raw_keep_from, walk the boundary back until the
   first preserved message is not a ToolResult (or its preceding assistant
   has been included). Regression test added:
   compaction_does_not_split_tool_use_tool_result_pair.

   Source: gaebal-gajae multi-turn tool-call 400 repro 2026-04-09.

2. /cost resume: add JSON output:
   {kind:cost, input_tokens, output_tokens, cache_creation_input_tokens,
    cache_read_input_tokens, total_tokens}

159 CLI + 431 runtime tests pass. Fmt clean.
 2026-04-10 00:13:45 +09:00
YeonGyu-Kim
7587f2c1eb fix(cli): JSON parity for /memory and /providers in resume mode 
Two gaps closed:

1. /memory (resume): json field was None, emitting prose regardless of
   --output-format json. Now emits:
     {kind:memory, cwd, instruction_files:N, files:[{path,lines,preview}...]}

2. /providers (resume): had a spec entry but no parse arm, producing the
   circular 'Unknown slash command: /providers — Did you mean /providers'.
   Added 'providers' as an alias for 'doctor' in the parse match so
   /providers dispatches to the same structured diagnostic output.

3. /doctor (resume): also wired json_value() so --output-format json
   returns the structured doctor report instead of None.

Continues ROADMAP #26 resumed-command JSON parity track.
159 CLI tests pass, fmt clean.
 2026-04-09 23:35:25 +09:00
YeonGyu-Kim
ed42f8f298 fix(api): surface provider error in SSE stream frames (companion to ff416ff) 
Same fix as ff416ff but for the streaming path. Some backends embed an
error JSON object in an SSE data: frame:

  data: {"error":{"message":"context too long","code":400}}

parse_sse_frame() was attempting to deserialize this as ChatCompletionChunk
and failing with 'missing field' / 'invalid type', hiding the actual
backend error message.

Fix: check for an 'error' key before full chunk deserialization, same as
the non-streaming path in ff416ff. Symmetric pair:
- ff416ff: non-streaming path (response body)
- this:    streaming path (SSE data: frame)

115 api + 159 CLI tests pass. Fmt clean.
 2026-04-09 23:03:33 +09:00
YeonGyu-Kim
ff416ff3e7 fix(api): surface provider error body before attempting completion parse 
When a local/proxy OpenAI-compatible backend returns an error object:
  {"error":{"message":"...","type":"...","code":...}}

claw was trying to deserialize it as a ChatCompletionResponse and
failing with the cryptic 'failed to parse OpenAI response: missing
field id', completely hiding the actual backend error message.

Fix: before full deserialization, check if the parsed JSON has an
'error' key and promote it directly to ApiError::Api so the user
sees the real error (e.g. 'The number of tokens to keep from the
initial prompt is greater than the context length').

Source: devilayu in #claw-code 2026-04-09 — local LM Studio context
limit error was invisible; user saw 'missing field id' instead.
159 CLI + 115 api tests pass. Fmt clean.
 2026-04-09 22:33:07 +09:00
YeonGyu-Kim
6ac7d8cd46 fix(api): omit tool_calls field from assistant messages when empty 
When serializing a multi-turn conversation for the OpenAI-compatible path,
assistant messages with no tool calls were always emitting 'tool_calls: []'.
Some providers reject requests where a prior assistant turn carries an
explicit empty tool_calls array (400 on subsequent turns after a plain
text assistant response).

Fix: only include 'tool_calls' in the serialized assistant message when
the vec is non-empty. Empty case omits the field entirely.

This is a companion fix to fd7aade (null tool_calls in stream delta).
The two bugs are symmetric: fd7aade handled inbound null -> empty vec;
this handles outbound empty vec -> field omitted.

Two regression tests added:
- assistant_message_without_tool_calls_omits_tool_calls_field
- assistant_message_with_tool_calls_includes_tool_calls_field

115 api tests pass. Fmt clean.

Source: gaebal-gajae repro 2026-04-09 (400 on multi-turn, companion to
null tool_calls stream-delta fix).
 2026-04-09 22:06:25 +09:00
YeonGyu-Kim
7ec6860d9a fix(cli): emit JSON for /config in --output-format json --resume mode 
/config resumed returned json:None, falling back to prose output even in
--output-format json mode. Adds render_config_json() that produces:

  {
    "kind": "config",
    "cwd": "...",
    "loaded_files": N,
    "merged_keys": N,
    "files": [{"path":"...","source":"user|project|local","loaded":true|false}, ...]
  }

Wires it into the SlashCommand::Config resume arm alongside the existing
prose render. Continues the resumed-command JSON parity track (ROADMAP #26).
159 CLI tests pass, fmt clean.
 2026-04-09 22:03:11 +09:00
YeonGyu-Kim
0e12d15daf fix(cli): add --allow-broad-cwd; require confirmation or flag in broad-CWD mode 2026-04-09 21:55:22 +09:00
YeonGyu-Kim
fd7aade5b5 fix(api): tolerate null tool_calls in OpenAI-compat stream delta chunks 
Some OpenAI-compatible providers emit 'tool_calls: null' in streaming
delta chunks instead of omitting the field or using an empty array:

  "delta": {"content":"","function_call":null,"tool_calls":null}

serde's #[serde(default)] only handles absent keys — an explicit null
value still fails deserialization with:
  'invalid type: null, expected a sequence'

Fix: replace #[serde(default)] with a custom deserializer helper
deserialize_null_as_empty_vec() that maps null -> Vec::default(),
keeping the existing absent-key default behaviour.

Regression test added: delta_with_null_tool_calls_deserializes_as_empty_vec
uses the exact provider response shape from gaebal-gajae's repro (2026-04-09).

112 api lib tests pass. Fmt clean.

Companion to gaebal-gajae's local 448cf2c — independently reproduced
and landed on main.
 2026-04-09 21:39:52 +09:00
YeonGyu-Kim
de916152cb docs(roadmap): file #44-#49 from 2026-04-09 dogfood cycle 
#44 — broad-CWD warning-only; policy-level enforcement needed
#45 — claw dump-manifests opaque error (no path context)
#46 — /tokens /cache /stats dead spec (done at 60ec2ae)
#47 — /diff cryptic error outside git repo (done at aef85f8)
#48 — piped stdin triggers REPL instead of prompt (done at 84b77ec)
#49 — resumed slash errors emitted as prose in json mode (done at da42421)
 2026-04-09 21:36:09 +09:00
YeonGyu-Kim
60ec2aed9b fix(cli): wire /tokens and /cache as aliases for /stats; implement /stats 
Dogfood found that /tokens and /cache had spec entries (resume_supported:
true) but no parse arms in the command parser, resulting in:
  'Unknown slash command: /tokens — Did you mean /tokens'
(the suggestion engine found the spec entry but parsing always failed)

Fix three things:
1. Add 'tokens' | 'cache' as aliases for 'stats' in the parse match so
   the commands actually resolve to SlashCommand::Stats
2. Implement SlashCommand::Stats in the REPL dispatch — previously fell
   through to 'Command registered but not yet implemented'. Now shows
   cumulative token usage for the session.
3. Implement SlashCommand::Stats in run_resume_command — previously
   returned 'unsupported resumed slash command'. Now emits:
   text:  Cost / Input tokens / Output tokens / Cache create / Cache read
   json:  {kind:stats, input_tokens, output_tokens, cache_*, total_tokens}

159 CLI tests pass, fmt clean.
 2026-04-09 21:34:36 +09:00
YeonGyu-Kim
5f6f453b8d fix(cli): warn when launched from home dir or filesystem root 
Users launching claw from their home directory (or /) have no project
boundary — the agent can read/search the entire machine, often far beyond
the intended scope. kapcomunica in #claw-code reported exactly this:
'it searched my entire computer.'

Add warn_if_broad_cwd() called at prompt and REPL startup:
- checks if CWD == $HOME or CWD has no parent (fs root)
- prints a clear warning to stderr:
    Warning: claw is running from a very broad directory (/home/user).
    The agent can read and search everything under this path.
    Consider running from inside your project: cd /path/to/project && claw

Warning fires on both claw (REPL) and claw prompt '...' paths.
Does not fire from project subdirectories. Uses std::env::var_os("HOME"),
no extra deps.

159 CLI tests pass, fmt clean.
 2026-04-09 21:26:51 +09:00
YeonGyu-Kim
da4242198f fix(cli): emit JSON error for unsupported resumed slash commands in JSON mode 
When claw --output-format json --resume <session> /commit (or /plugins, etc.)
encountered an 'unsupported resumed slash command' error, it called
eprintln!() and exit(2) directly, bypassing both the main() JSON error
handler and the output_format check.

Fix: in both the slash-command parse-error path and the run_resume_command
Err path, check output_format and emit a structured JSON error:

  {"type":"error","error":"unsupported resumed slash command","command":"/commit"}

Text mode unchanged (still exits 2 with prose to stderr).
Addresses the resumed-command parity gap (gaebal-gajae ROADMAP #26 track).
159 CLI tests pass, fmt clean.
 2026-04-09 21:04:50 +09:00
YeonGyu-Kim
84b77ece4d fix(cli): pipe stdin to prompt when no args given (suppress REPL on pipe) 
When stdin is not a terminal (pipe or redirect) and no prompt is given on
the command line, claw was starting the interactive REPL and printing the
startup banner, then consuming the pipe without sending anything to the API.

Fix: in parse_args, when rest.is_empty() and stdin is not a terminal, read
stdin synchronously and dispatch as CliAction::Prompt instead of Repl.
Empty pipe still falls through to Repl (interactive launch with no input).

Before: echo 'hello' | claw  -> startup banner + REPL start
After:  echo 'hello' | claw  -> dispatches as one-shot prompt

159 CLI tests pass, fmt clean.
 2026-04-09 20:36:14 +09:00
YeonGyu-Kim
aef85f8af5 fix(cli): /diff shows clear error when not in a git repo 
Previously claw --resume <session> /diff would produce:
  'git diff --cached failed: error: unknown option `cached\''
when the CWD was not inside a git project, because git falls back to
--no-index mode which does not support --cached.

Two fixes:
1. render_diff_report_for() checks 'git rev-parse --is-inside-work-tree'
   before running git diff, and returns a human-readable message if not
   in a git repo:
     'Diff\n  Result  no git repository\n  Detail  <cwd> is not inside a git project'
2. resume /diff now uses std::env::current_dir() instead of the session
   file's parent directory as the CWD for the diff (session parent dir
   is the .claw/sessions/<id>/ directory, never a git repo).

159 CLI tests pass, fmt clean.
 2026-04-09 20:04:21 +09:00
YeonGyu-Kim
3ed27d5cba fix(cli): emit JSON for /history in --output-format json --resume mode 
Previously claw --output-format json --resume <session> /history emitted
prose text regardless of the output format flag. Now emits structured JSON:

  {"kind":"history","total":N,"showing":M,"entries":[{"timestamp_ms":...,"text":"..."},...]}

Mirrors the parity pattern established in ROADMAP #26 for other resume commands.
159 CLI tests pass, fmt clean.
 2026-04-09 19:33:50 +09:00
YeonGyu-Kim
e1ed30a038 fix(cli): surface session_id in /status JSON output 
When running claw --output-format json --resume <session> /status, the
JSON output had 'session' (full file path) but no 'session_id' field,
making it impossible for scripts to extract the loaded session ID.

Now extracts the session-id directory component from the session path
(e.g. .claw/sessions/<session-id>/session-xxx.jsonl → session-id)
and includes it as 'session_id' in the JSON status envelope.

159 CLI tests pass, fmt clean.
 2026-04-09 19:06:36 +09:00
YeonGyu-Kim
54269da157 fix(cli): claw state exits 1 when no worker state file exists 
Previously 'claw state' printed an error message but exited 0, making it
impossible for scripts/CI to detect the absence of state without parsing
prose. Now propagates Err() to main() which exits 1 and formats the error
correctly for both text and --output-format json modes.

Text: 'error: no worker state file found at ... — run a worker first'
JSON: {"type":"error","error":"no worker state file found at ..."}
 2026-04-09 18:34:41 +09:00
YeonGyu-Kim
f741a42507 test(cli): add regression coverage for reasoning-effort validation and stub-command filtering 
3 new tests in mod tests:
- rejects_invalid_reasoning_effort_value: confirms 'turbo' etc rejected at parse time
- accepts_valid_reasoning_effort_values: confirms low/medium/high accepted and threaded
- stub_commands_absent_from_repl_completions: asserts STUB_COMMANDS are not in completions

156 -> 159 CLI tests pass.
 2026-04-09 18:06:32 +09:00
YeonGyu-Kim
6b3e2d8854 docs(roadmap): file hook ingress opacity as ROADMAP #43 2026-04-09 17:34:15 +09:00
YeonGyu-Kim
1a8f73da01 fix(cli): emit JSON error on --output-format json — ROADMAP #42 
When claw --output-format json hits an error, the error was previously
printed as plain prose to stderr, making it invisible to downstream tooling
that parses JSON output. Now:

  {"type":"error","error":"api returned 401 ..."}

Detection: scan argv at process exit for --output-format json or
--output-format=json. Non-JSON error path unchanged. 156 CLI tests pass.
 2026-04-09 16:33:20 +09:00
YeonGyu-Kim
7d9f11b91f docs(roadmap): track community-support plugin-test-sealing as #41 2026-04-09 16:18:48 +09:00
YeonGyu-Kim
8e1bca6b99 docs(roadmap): track community-support plugin-list-load-failures as #40 2026-04-09 16:17:28 +09:00
YeonGyu-Kim
8d0308eecb fix(cli): dispatch bare skill names to skill invoker in REPL — ROADMAP #36 
Users were typing skill names (e.g. 'caveman', 'find-skills') directly in
the REPL and getting LLM responses instead of skill invocation. Only
'/skills <name>' triggered dispatch; bare names fell through to run_turn.

Fix: after slash-command parse returns None (bare text), check if the first
token looks like a skill name (alphanumeric/dash/underscore, no slash).
If resolve_skill_invocation() confirms the skill exists, dispatch the full
input as a skill prompt. Unknown words fall through unchanged.

156 CLI tests pass, fmt clean.
 2026-04-09 16:01:18 +09:00
YeonGyu-Kim
4d10caebc6 fix(cli): validate --reasoning-effort accepts only low|medium|high 
Previously any string was accepted and silently forwarded to the API,
which would fail at the provider with an unhelpful error. Now invalid
values produce a clear error at parse time:

  invalid value for --reasoning-effort: 'xyz'; must be low, medium, or high

156 CLI tests pass, fmt clean.
 2026-04-09 15:03:36 +09:00
YeonGyu-Kim
414526c1bd fix(cli): exclude stub slash commands from help output — ROADMAP #39 
The --help slash-command section was listing ~35 unimplemented commands
alongside working ones. Combined with the completions fix (c55c510), the
discovery surface now consistently shows only implemented commands.

Changes:
- commands crate: add render_slash_command_help_filtered(exclude: &[&str])
- move STUB_COMMANDS to module-level const in main.rs (reused by both
  completions and help rendering)
- replace render_slash_command_help() with filtered variant at all
  help-rendering call sites

156 CLI tests pass, fmt clean.
 2026-04-09 14:36:00 +09:00
YeonGyu-Kim
2a2e205414 fix(cli): intercept --help for prompt/login/logout/version subcommands before API dispatch 
'claw prompt --help' was triggering an API call instead of showing help
because --help was parsed as part of the prompt args. Now '--help' after
known pass-through subcommands (prompt, login, logout, version, state,
init, export, commit, pr, issue) sets wants_help=true and shows the
top-level help page.

Subcommands that consume their own args (agents, mcp, plugins, skills)
and local help-topic subcommands (status, sandbox, doctor) are excluded
from this interception so their existing --help handling is preserved.

156 CLI tests pass, fmt clean.
 2026-04-09 14:06:26 +09:00
YeonGyu-Kim
c55c510883 fix(cli): exclude stub slash commands from REPL completions — ROADMAP #39 
Commands registered in the spec list but not yet implemented in this build
were appearing in REPL tab-completions, making the discovery surface
over-promise what actually works. Users (mezz2301) reported 'many features
are not supported' after discovering these through completions.

Add STUB_COMMANDS exclusion list in slash_command_completion_candidates_with_sessions.
Excluded: login logout vim upgrade stats share feedback files fast exit
summary desktop brief advisor stickers insights thinkback release-notes
security-review keybindings privacy-settings plan review tasks theme
voice usage rename copy hooks context color effort branch rewind ide
tag output-style add-dir

These commands still parse and run (with the 'not yet implemented' message
for users who type them directly), but they no longer surface as
tab-completion candidates.
 2026-04-09 13:36:12 +09:00
YeonGyu-Kim
3fe0caf348 docs(roadmap): file stub slash commands as ROADMAP #39 (/branch /rewind /ide /tag /output-style /add-dir) 2026-04-09 12:31:17 +09:00
YeonGyu-Kim
47086c1c14 docs(readme): fix cold-start quick-start sequence — set API key before prompt, add claw doctor step 
The previous quick start jumped from 'cargo build' to 'claw prompt' without
showing the required auth step or the health-check command. A user following
it linearly would fail because the prompt needs an API key.

Changes:
- Numbered steps: build -> set ANTHROPIC_API_KEY -> claw doctor -> prompt
- Windows note updated to show cargo run form as alternative
- Added explicit NOTE that Claude subscription login is not supported (pre-empts #claw-code FAQ)

Source: cold-start friction observed from mezz/mukduk and kapcomunica in #claw-code 2026-04-09.
 2026-04-09 12:00:59 +09:00
YeonGyu-Kim
e579902782 docs(readme): add Windows PowerShell note — binary is claw.exe not claw 
User repro: mezz on Windows PowerShell tried './target/debug/claw'
which fails because the binary is 'claw.exe' on Windows.
Add a NOTE callout after the quick-start block directing Windows users
to use .\target\debug\claw.exe or cargo run -- --help.
 2026-04-09 11:30:53 +09:00
YeonGyu-Kim
ca8950c26b feat(cli): wire --reasoning-effort flag end-to-end — closes ROADMAP #34 
Parse --reasoning-effort <low|medium|high> in parse_args, thread through
CliAction::Prompt and CliAction::Repl, LiveCli::set_reasoning_effort(),
AnthropicRuntimeClient.reasoning_effort field, and MessageRequest.reasoning_effort.

Changes:
- parse_args: new --reasoning-effort / --reasoning-effort=VAL flag arms
- AnthropicRuntimeClient: new reasoning_effort field + set_reasoning_effort() method
- LiveCli: new set_reasoning_effort() that reaches through BuiltRuntime -> ConversationRuntime -> api_client_mut()
- runtime::ConversationRuntime: new pub api_client_mut() accessor
- MessageRequest construction: reasoning_effort: self.reasoning_effort.clone()
- run_repl(): accepts and applies reasoning_effort parameter
- parse_direct_slash_cli_action(): propagates reasoning_effort

All 156 CLI tests pass, all api tests pass, cargo fmt clean.
 2026-04-09 11:08:00 +09:00
YeonGyu-Kim
b1d76983d2 docs(readme): warn that cargo install clawcode is not supported; show build-from-source path 
Repeated onboarding friction in #claw-code: users try 'cargo install clawcode'
which fails because the package is not published on crates.io. Add a prominent
NOTE callout before the quick-start block directing users to build from source.

Source: gaebal-gajae pinpoint 2026-04-09 from #claw-code.
 2026-04-09 10:35:50 +09:00
YeonGyu-Kim
c1b1ce465e feat(cli): add reasoning_effort field to CliAction::Prompt/Repl variants — ROADMAP #34 struct groundwork 
Adds reasoning_effort: Option<String> to CliAction::Prompt and
CliAction::Repl enum variants. All constructor and pattern sites updated.
All test literals updated with reasoning_effort: None.

156 cli tests pass, fmt clean. The --reasoning-effort flag parse and
propagation to AnthropicRuntimeClient remains as follow-up work.
 2026-04-09 10:34:28 +09:00
YeonGyu-Kim
8e25611064 docs(roadmap): file dead-session opacity as ROADMAP #38 2026-04-09 10:00:50 +09:00
YeonGyu-Kim
eb044f0a02 fix(api): emit max_completion_tokens for gpt-5* on OpenAI-compat path — closes ROADMAP #35 
gpt-5.x models reject requests with max_tokens and require max_completion_tokens.
Detect wire model starting with 'gpt-5' and switch the JSON key accordingly.
Older models (gpt-4o etc.) continue to receive max_tokens unchanged.

Two regression tests added:
- gpt5_uses_max_completion_tokens_not_max_tokens
- non_gpt5_uses_max_tokens

140 api tests pass, cargo fmt clean.
 2026-04-09 09:33:45 +09:00
YeonGyu-Kim
75476c9005 docs(roadmap): file #35 max_completion_tokens, #36 skill dispatch gap, #37 auth policy cleanup 2026-04-09 09:32:16 +09:00
Jobdori
e4c3871882 feat(api): add reasoning_effort field to MessageRequest and OpenAI-compat path 
Users of OpenAI-compatible reasoning models (o4-mini, o3, deepseek-r1,
etc.) had no way to control reasoning effort — the field was missing from
MessageRequest and never emitted in the request body.

Changes:
- Add `reasoning_effort: Option<String>` to `MessageRequest` in types.rs
  - Annotated with skip_serializing_if = "Option::is_none" for clean JSON
  - Accepted values: "low", "medium", "high" (passed through verbatim)
- In `build_chat_completion_request`, emit `"reasoning_effort"` when set
- Two unit tests:
  - `reasoning_effort_is_included_when_set`: o4-mini + "high" → field present
  - `reasoning_effort_omitted_when_not_set`: gpt-4o, no field → absent

Existing callers use `..Default::default()` and are unaffected.
One struct-literal test that listed all fields explicitly updated with
`reasoning_effort: None`.

The CLI flag to expose this to users is a follow-up (ROADMAP #34 partial).
This commit lands the foundational API-layer plumbing needed for that.

Partial ROADMAP #34.
 2026-04-09 04:02:59 +09:00
Jobdori
beb09df4b8 style(api): cargo fmt fix on normalize_object_schema test assertions 2026-04-09 03:43:59 +09:00
Jobdori
811b7b4c24 docs(roadmap): mark #32 verified no-bug; file reasoning_effort gap as #34 2026-04-09 03:32:22 +09:00
Jobdori
8a9300ea96 docs(roadmap): mark #33 done, dedup #32 and #33 entries 2026-04-09 03:04:36 +09:00
Jobdori
e7e0fd2dbf fix(api): strict object schema for OpenAI /responses endpoint 
OpenAI /responses validates tool function schemas strictly:
- object types must have "properties" (at minimum {})
- "additionalProperties": false is required

/chat/completions is lenient and accepts schemas without these fields,
but /responses rejects them with "object schema missing properties" /
"invalid_function_parameters".

Add normalize_object_schema() which recursively walks the JSON Schema
tree and fills in missing "properties"/{} and "additionalProperties":false
on every object-type node. Existing values are not overwritten.

Call it in openai_tool_definition() before building the request payload
so both /chat/completions and /responses receive strict-validator-safe
schemas.

Add unit tests covering:
- bare object schema gets both fields injected
- nested object schemas are normalised recursively
- existing additionalProperties is not overwritten

Fixes the live repro where gpt-5.4 via OpenAI compat accepted connection
and routing but rejected every tool call with schema validation errors.

Closes ROADMAP #33.
 2026-04-09 03:03:43 +09:00
Jobdori
da451c66db docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:23:45 +09:00
Jobdori
ad38032ab8 docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:23:37 +09:00
Jobdori
7173f2d6c6 docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:23:28 +09:00
Jobdori
a0b4156174 docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:23:20 +09:00
Jobdori
3bf45fc44a docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:23:12 +09:00
Jobdori
af58b6a7c7 docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:23:04 +09:00
Jobdori
514c3da7ad docs(roadmap): file /responses tool-schema compatibility bug as #33 2026-04-08 21:22:56 +09:00
54 changed files with 15927 additions and 1442 deletions
Expand all files Collapse all files

5
.claw.json Normal file
View File

@@ -0,0 +1,5 @@
{
"aliases": {
"quick": "haiku"
}
}

5
.gitignore vendored
View File

@@ -5,3 +5,8 @@ archive/
# Claude Code local artifacts # Claude Code local artifacts
.claude/settings.local.json .claude/settings.local.json
.claude/sessions/ .claude/sessions/
# Claw Code local artifacts
.claw/settings.local.json
.claw/sessions/
.clawhip/
status-help.txt

135
README.md
View File

@@ -33,6 +33,8 @@ The canonical implementation lives in [`rust/`](./rust), and the current source
> [!IMPORTANT] > [!IMPORTANT]
> Start with [`USAGE.md`](./USAGE.md) for build, auth, CLI, session, and parity-harness workflows. Make `claw doctor` your first health check after building, use [`rust/README.md`](./rust/README.md) for crate-level details, read [`PARITY.md`](./PARITY.md) for the current Rust-port checkpoint, and see [`docs/container.md`](./docs/container.md) for the container-first workflow. > Start with [`USAGE.md`](./USAGE.md) for build, auth, CLI, session, and parity-harness workflows. Make `claw doctor` your first health check after building, use [`rust/README.md`](./rust/README.md) for crate-level details, read [`PARITY.md`](./PARITY.md) for the current Rust-port checkpoint, and see [`docs/container.md`](./docs/container.md) for the container-first workflow.
>
> **ACP / Zed status:** `claw-code` does not ship an ACP/Zed daemon entrypoint yet. Run `claw acp` (or `claw --acp`) for the current status instead of guessing from source layout; `claw acp serve` is currently a discoverability alias only, and real ACP support remains tracked separately in `ROADMAP.md`.
## Current repository shape ## Current repository shape
@@ -45,23 +47,138 @@ The canonical implementation lives in [`rust/`](./rust), and the current source
## Quick start ## Quick start
> [!NOTE]
> [!WARNING]
> **`cargo install claw-code` installs the wrong thing.** The `claw-code` crate on crates.io is a deprecated stub that places `claw-code-deprecated.exe` — not `claw`. Running it only prints `"claw-code has been renamed to agent-code"`. **Do not use `cargo install claw-code`.** Either build from source (this repo) or install the upstream binary:
> ```bash
> cargo install agent-code # upstream binary — installs 'agent.exe' (Windows) / 'agent' (Unix), NOT 'agent-code'
> ```
> This repo (`ultraworkers/claw-code`) is **build-from-source only** — follow the steps below.
```bash ```bash
cd rust # 1. Clone and build
git clone https://github.com/ultraworkers/claw-code
cd claw-code/rust
cargo build --workspace cargo build --workspace
./target/debug/claw --help
./target/debug/claw prompt "summarize this repository" # 2. Set your API key (Anthropic API key — not a Claude subscription)
export ANTHROPIC_API_KEY="sk-ant-..."
# 3. Verify everything is wired correctly
./target/debug/claw doctor
# 4. Run a prompt
./target/debug/claw prompt "say hello"
``` ```
Authenticate with either an API key or the built-in OAuth flow: > [!NOTE]
> **Windows (PowerShell):** the binary is `claw.exe`, not `claw`. Use `.\target\debug\claw.exe` or run `cargo run -- prompt "say hello"` to skip the path lookup.
### Windows setup
**PowerShell is a supported Windows path.** Use whichever shell works for you. The common onboarding issues on Windows are:
1. **Install Rust first** — download from <https://rustup.rs/> and run the installer. Close and reopen your terminal when it finishes.
2. **Verify Rust is on PATH:**
```powershell
cargo --version
```
If this fails, reopen your terminal or run the PATH setup from the Rust installer output, then retry.
3. **Clone and build** (works in PowerShell, Git Bash, or WSL):
```powershell
git clone https://github.com/ultraworkers/claw-code
cd claw-code/rust
cargo build --workspace
```
4. **Run** (PowerShell — note `.exe` and backslash):
```powershell
$env:ANTHROPIC_API_KEY = "sk-ant-..."
.\target\debug\claw.exe prompt "say hello"
```
**Git Bash / WSL** are optional alternatives, not requirements. If you prefer bash-style paths (`/c/Users/you/...` instead of `C:\Users\you\...`), Git Bash (ships with Git for Windows) works well. In Git Bash, the `MINGW64` prompt is expected and normal — not a broken install.
## Post-build: locate the binary and verify
After running `cargo build --workspace`, the `claw` binary is built but **not** automatically installed to your system. Here's where to find it and how to verify the build succeeded.
### Binary location
After `cargo build --workspace` in `claw-code/rust/`:
**Debug build (default, faster compile):**
- **macOS/Linux:** `rust/target/debug/claw`
- **Windows:** `rust/target/debug/claw.exe`
**Release build (optimized, slower compile):**
- **macOS/Linux:** `rust/target/release/claw`
- **Windows:** `rust/target/release/claw.exe`
If you ran `cargo build` without `--release`, the binary is in the `debug/` folder.
### Verify the build succeeded
Test the binary directly using its path:
```bash ```bash
export ANTHROPIC_API_KEY="sk-ant-..." # macOS/Linux (debug build)
# or ./rust/target/debug/claw --help
cd rust ./rust/target/debug/claw doctor
./target/debug/claw login
# Windows PowerShell (debug build)
.\rust\target\debug\claw.exe --help
.\rust\target\debug\claw.exe doctor
``` ```
Run the workspace test suite: If these commands succeed, the build is working. `claw doctor` is your first health check — it validates your API key, model access, and tool configuration.
### Optional: Add to PATH
If you want to run `claw` from any directory without the full path, choose one of these approaches:
**Option 1: Symlink (macOS/Linux)**
```bash
ln -s $(pwd)/rust/target/debug/claw /usr/local/bin/claw
```
Then reload your shell and test:
```bash
claw --help
```
**Option 2: Use `cargo install` (all platforms)**
Build and install to Cargo's default location (`~/.cargo/bin/`, which is usually on PATH):
```bash
# From the claw-code/rust/ directory
cargo install --path . --force
# Then from anywhere
claw --help
```
**Option 3: Update shell profile (bash/zsh)**
Add this line to `~/.bashrc` or `~/.zshrc`:
```bash
export PATH="$(pwd)/rust/target/debug:$PATH"
```
Reload your shell:
```bash
source ~/.bashrc # or source ~/.zshrc
claw --help
```
### Troubleshooting
- **"command not found: claw"** — The binary is in `rust/target/debug/claw`, but it's not on your PATH. Use the full path `./rust/target/debug/claw` or symlink/install as above.
- **"permission denied"** — On macOS/Linux, you may need `chmod +x rust/target/debug/claw` if the executable bit isn't set (rare).
- **Debug vs. release** — If the build is slow, you're in debug mode (default). Add `--release` to `cargo build` for faster runtime, but the build itself will take 510 minutes.
> [!NOTE]
> **Auth:** claw requires an **API key** (`ANTHROPIC_API_KEY`, `OPENAI_API_KEY`, etc.) — Claude subscription login is not a supported auth path.
Run the workspace test suite after verifying the binary works:
```bash ```bash
cd rust cd rust

5787
ROADMAP.md
View File

File diff suppressed because one or more lines are too long

119
USAGE.md
View File

@@ -21,7 +21,7 @@ cargo build --workspace
- Rust toolchain with `cargo` - Rust toolchain with `cargo`
- One of: - One of:
- `ANTHROPIC_API_KEY` for direct API access - `ANTHROPIC_API_KEY` for direct API access
- `claw login` for OAuth-based auth - `ANTHROPIC_AUTH_TOKEN` for bearer-token auth
- Optional: `ANTHROPIC_BASE_URL` when targeting a proxy or local service - Optional: `ANTHROPIC_BASE_URL` when targeting a proxy or local service
## Install / build the workspace ## Install / build the workspace
@@ -43,6 +43,35 @@ cd rust
/doctor /doctor
``` ```
Or run doctor directly with JSON output for scripting:
```bash
cd rust
./target/debug/claw doctor --output-format json
```
**Note:** Diagnostic verbs (`doctor`, `status`, `sandbox`, `version`) support `--output-format json` for machine-readable output. Invalid suffix arguments (e.g., `--json`) are now rejected at parse time rather than falling through to prompt dispatch.
### Initialize a repository
Set up a new repository with `.claw` config, `.claw.json`, `.gitignore` entries, and a `CLAUDE.md` guidance file:
```bash
cd /path/to/your/repo
./target/debug/claw init
```
Text mode (human-readable) shows artifact creation summary with project path and next steps. Idempotent — running multiple times in the same repo marks already-created files as "skipped".
JSON mode for scripting:
```bash
./target/debug/claw init --output-format json
```
Returns structured output with `project_path`, `created[]`, `updated[]`, `skipped[]` arrays (one per artifact), and `artifacts[]` carrying each file's `name` and machine-stable `status` tag. The legacy `message` field preserves backward compatibility.
**Why structured fields matter:** Claws can detect per-artifact state (`created` vs `updated` vs `skipped`) without substring-matching human prose. Use the `created[]`, `updated[]`, and `skipped[]` arrays for conditional follow-up logic (e.g., only commit if files were actually created, not just updated).
### Interactive REPL ### Interactive REPL
```bash ```bash
@@ -71,6 +100,85 @@ cd rust
./target/debug/claw --output-format json prompt "status" ./target/debug/claw --output-format json prompt "status"
``` ```
### Inspect worker state
The `claw state` command reads `.claw/worker-state.json`, which is written by the interactive REPL or a one-shot prompt when a worker executes a task. This file contains the worker ID, session reference, model, and permission mode.
Prerequisite: You must run `claw` (interactive REPL) or `claw prompt <text>` at least once in the repository to produce the worker state file.
```bash
cd rust
./target/debug/claw state
```
JSON mode:
```bash
./target/debug/claw state --output-format json
```
If you run `claw state` before any worker has executed, you will see a helpful error:
```
error: no worker state file found at .claw/worker-state.json
Hint: worker state is written by the interactive REPL or a non-interactive prompt.
Run: claw # start the REPL (writes state on first turn)
Or: claw prompt <text> # run one non-interactive turn
Then rerun: claw state [--output-format json]
```
## Advanced slash commands (Interactive REPL only)
These commands are available inside the interactive REPL (`claw` with no args). They extend the assistant with workspace analysis, planning, and navigation features.
### `/ultraplan` — Deep planning with multi-step reasoning
**Purpose:** Break down a complex task into steps using extended reasoning.
```bash
# Start the REPL
claw
# Inside the REPL
/ultraplan refactor the auth module to use async/await
/ultraplan design a caching layer for database queries
/ultraplan analyze this module for performance bottlenecks
```
Output: A structured plan with numbered steps, reasoning for each step, and expected outcomes. Use this when you want the assistant to think through a problem in detail before coding.
### `/teleport` — Jump to a file or symbol
**Purpose:** Quickly navigate to a file, function, class, or struct by name.
```bash
# Jump to a symbol
/teleport UserService
/teleport authenticate_user
/teleport RequestHandler
# Jump to a file
/teleport src/auth.rs
/teleport crates/runtime/lib.rs
/teleport ./ARCHITECTURE.md
```
Output: The file content, with the requested symbol highlighted or the file fully loaded. Useful for exploring the codebase without manually navigating directories. If multiple matches exist, the assistant shows the top candidates.
### `/bughunter` — Scan for likely bugs and issues
**Purpose:** Analyze code for common pitfalls, anti-patterns, and potential bugs.
```bash
# Scan the entire workspace
/bughunter
# Scan a specific directory or file
/bughunter src/handlers
/bughunter rust/crates/runtime
/bughunter src/auth.rs
```
Output: A list of suspicious patterns with explanations (e.g., "unchecked unwrap()", "potential race condition", "missing error handling"). Each finding includes the file, line number, and suggested fix. Use this as a first pass before a full code review.
## Model and permission controls ## Model and permission controls
```bash ```bash
@@ -105,8 +213,7 @@ export ANTHROPIC_API_KEY="sk-ant-..."
```bash ```bash
cd rust cd rust
./target/debug/claw login export ANTHROPIC_AUTH_TOKEN="anthropic-oauth-or-proxy-bearer-token"
./target/debug/claw logout
``` ```
### Which env var goes where ### Which env var goes where
@@ -116,7 +223,7 @@ cd rust
| Credential shape | Env var | HTTP header | Typical source | | Credential shape | Env var | HTTP header | Typical source |
|---|---|---|---| |---|---|---|---|
| `sk-ant-*` API key | `ANTHROPIC_API_KEY` | `x-api-key: sk-ant-...` | [console.anthropic.com](https://console.anthropic.com) | | `sk-ant-*` API key | `ANTHROPIC_API_KEY` | `x-api-key: sk-ant-...` | [console.anthropic.com](https://console.anthropic.com) |
| OAuth access token (opaque) | `ANTHROPIC_AUTH_TOKEN` | `Authorization: Bearer ...` | `claw login` or an Anthropic-compatible proxy that mints Bearer tokens | | OAuth access token (opaque) | `ANTHROPIC_AUTH_TOKEN` | `Authorization: Bearer ...` | an Anthropic-compatible proxy or OAuth flow that mints bearer tokens |
| OpenRouter key (`sk-or-v1-*`) | `OPENAI_API_KEY` + `OPENAI_BASE_URL=https://openrouter.ai/api/v1` | `Authorization: Bearer ...` | [openrouter.ai/keys](https://openrouter.ai/keys) | | OpenRouter key (`sk-or-v1-*`) | `OPENAI_API_KEY` + `OPENAI_BASE_URL=https://openrouter.ai/api/v1` | `Authorization: Bearer ...` | [openrouter.ai/keys](https://openrouter.ai/keys) |
**Why this matters:** if you paste an `sk-ant-*` key into `ANTHROPIC_AUTH_TOKEN`, Anthropic's API will return `401 Invalid bearer token` because `sk-ant-*` keys are rejected over the Bearer header. The fix is a one-line env var swap — move the key to `ANTHROPIC_API_KEY`. Recent `claw` builds detect this exact shape (401 + `sk-ant-*` in the Bearer slot) and append a hint to the error message pointing at the fix. **Why this matters:** if you paste an `sk-ant-*` key into `ANTHROPIC_AUTH_TOKEN`, Anthropic's API will return `401 Invalid bearer token` because `sk-ant-*` keys are rejected over the Bearer header. The fix is a one-line env var swap — move the key to `ANTHROPIC_API_KEY`. Recent `claw` builds detect this exact shape (401 + `sk-ant-*` in the Bearer slot) and append a hint to the error message pointing at the fix.
@@ -125,7 +232,7 @@ cd rust
## Local Models ## Local Models
`claw` can talk to local servers and provider gateways through either Anthropic-compatible or OpenAI-compatible endpoints. Use `ANTHROPIC_BASE_URL` with `ANTHROPIC_AUTH_TOKEN` for Anthropic-compatible services, or `OPENAI_BASE_URL` with `OPENAI_API_KEY` for OpenAI-compatible services. OAuth is Anthropic-only, so when `OPENAI_BASE_URL` is set you should use API-key style auth instead of `claw login`. `claw` can talk to local servers and provider gateways through either Anthropic-compatible or OpenAI-compatible endpoints. Use `ANTHROPIC_BASE_URL` with `ANTHROPIC_AUTH_TOKEN` for Anthropic-compatible services, or `OPENAI_BASE_URL` with `OPENAI_API_KEY` for OpenAI-compatible services.
### Anthropic-compatible endpoint ### Anthropic-compatible endpoint
@@ -192,7 +299,7 @@ Reasoning variants (`qwen-qwq-*`, `qwq-*`, `*-thinking`) automatically strip `te
| Provider | Protocol | Auth env var(s) | Base URL env var | Default base URL | | Provider | Protocol | Auth env var(s) | Base URL env var | Default base URL |
|---|---|---|---|---| |---|---|---|---|---|
| **Anthropic** (direct) | Anthropic Messages API | `ANTHROPIC_API_KEY` or `ANTHROPIC_AUTH_TOKEN` or OAuth (`claw login`) | `ANTHROPIC_BASE_URL` | `https://api.anthropic.com` | | **Anthropic** (direct) | Anthropic Messages API | `ANTHROPIC_API_KEY` or `ANTHROPIC_AUTH_TOKEN` | `ANTHROPIC_BASE_URL` | `https://api.anthropic.com` |
| **xAI** | OpenAI-compatible | `XAI_API_KEY` | `XAI_BASE_URL` | `https://api.x.ai/v1` | | **xAI** | OpenAI-compatible | `XAI_API_KEY` | `XAI_BASE_URL` | `https://api.x.ai/v1` |
| **OpenAI-compatible** | OpenAI Chat Completions | `OPENAI_API_KEY` | `OPENAI_BASE_URL` | `https://api.openai.com/v1` | | **OpenAI-compatible** | OpenAI Chat Completions | `OPENAI_API_KEY` | `OPENAI_BASE_URL` | `https://api.openai.com/v1` |
| **DashScope** (Alibaba) | OpenAI-compatible | `DASHSCOPE_API_KEY` | `DASHSCOPE_BASE_URL` | `https://dashscope.aliyuncs.com/compatible-mode/v1` | | **DashScope** (Alibaba) | OpenAI-compatible | `DASHSCOPE_API_KEY` | `DASHSCOPE_BASE_URL` | `https://dashscope.aliyuncs.com/compatible-mode/v1` |

236
docs/MODEL_COMPATIBILITY.md Normal file
View File

@@ -0,0 +1,236 @@
# Model Compatibility Guide
This document describes model-specific handling in the OpenAI-compatible provider. When adding new models or providers, review this guide to ensure proper compatibility.
## Table of Contents
- [Overview](#overview)
- [Model-Specific Handling](#model-specific-handling)
- [Kimi Models (is_error Exclusion)](#kimi-models-is_error-exclusion)
- [Reasoning Models (Tuning Parameter Stripping)](#reasoning-models-tuning-parameter-stripping)
- [GPT-5 (max_completion_tokens)](#gpt-5-max_completion_tokens)
- [Qwen Models (DashScope Routing)](#qwen-models-dashscope-routing)
- [Implementation Details](#implementation-details)
- [Adding New Models](#adding-new-models)
- [Testing](#testing)
## Overview
The `openai_compat.rs` provider translates Claude Code's internal message format to OpenAI-compatible chat completion requests. Different models have varying requirements for:
- Tool result message fields (`is_error`)
- Sampling parameters (temperature, top_p, etc.)
- Token limit fields (`max_tokens` vs `max_completion_tokens`)
- Base URL routing
## Model-Specific Handling
### Kimi Models (is_error Exclusion)
**Affected models:** `kimi-k2.5`, `kimi-k1.5`, `kimi-moonshot`, and any model with `kimi` in the name (case-insensitive)
**Behavior:** The `is_error` field is **excluded** from tool result messages.
**Rationale:** Kimi models (via Moonshot AI and DashScope) reject the `is_error` field with a 400 Bad Request error:
```json
{
"error": {
"type": "invalid_request_error",
"message": "Unknown field: is_error"
}
}
```
**Detection:**
```rust
fn model_rejects_is_error_field(model: &str) -> bool {
let lowered = model.to_ascii_lowercase();
let canonical = lowered.rsplit('/').next().unwrap_or(lowered.as_str());
canonical.starts_with("kimi-")
}
```
**Testing:** See `model_rejects_is_error_field_detects_kimi_models` and related tests in `openai_compat.rs`.
---
### Reasoning Models (Tuning Parameter Stripping)
**Affected models:**
- OpenAI: `o1`, `o1-*`, `o3`, `o3-*`, `o4`, `o4-*`
- xAI: `grok-3-mini`
- Alibaba DashScope: `qwen-qwq-*`, `qwq-*`, `qwen3-*-thinking`
**Behavior:** The following tuning parameters are **stripped** from requests:
- `temperature`
- `top_p`
- `frequency_penalty`
- `presence_penalty`
**Rationale:** Reasoning/chain-of-thought models use fixed sampling strategies and reject these parameters with 400 errors.
**Exception:** `reasoning_effort` is included for compatible models when explicitly set.
**Detection:**
```rust
fn is_reasoning_model(model: &str) -> bool {
let canonical = model.to_ascii_lowercase()
.rsplit('/')
.next()
.unwrap_or(model);
canonical.starts_with("o1")
|| canonical.starts_with("o3")
|| canonical.starts_with("o4")
|| canonical == "grok-3-mini"
|| canonical.starts_with("qwen-qwq")
|| canonical.starts_with("qwq")
|| (canonical.starts_with("qwen3") && canonical.contains("-thinking"))
}
```
**Testing:** See `reasoning_model_strips_tuning_params`, `grok_3_mini_is_reasoning_model`, and `qwen_reasoning_variants_are_detected` tests.
---
### GPT-5 (max_completion_tokens)
**Affected models:** All models starting with `gpt-5`
**Behavior:** Uses `max_completion_tokens` instead of `max_tokens` in the request payload.
**Rationale:** GPT-5 models require the `max_completion_tokens` field. Legacy `max_tokens` causes request validation failures:
```json
{
"error": {
"message": "Unknown field: max_tokens"
}
}
```
**Implementation:**
```rust
let max_tokens_key = if wire_model.starts_with("gpt-5") {
"max_completion_tokens"
} else {
"max_tokens"
};
```
**Testing:** See `gpt5_uses_max_completion_tokens_not_max_tokens` and `non_gpt5_uses_max_tokens` tests.
---
### Qwen Models (DashScope Routing)
**Affected models:** All models with `qwen` prefix
**Behavior:** Routed to DashScope (`https://dashscope.aliyuncs.com/compatible-mode/v1`) rather than default providers.
**Rationale:** Qwen models are hosted by Alibaba Cloud's DashScope service, not OpenAI or Anthropic.
**Configuration:**
```rust
pub const DEFAULT_DASHSCOPE_BASE_URL: &str = "https://dashscope.aliyuncs.com/compatible-mode/v1";
```
**Authentication:** Uses `DASHSCOPE_API_KEY` environment variable.
**Note:** Some Qwen models are also reasoning models (see [Reasoning Models](#reasoning-models-tuning-parameter-stripping) above) and receive both treatments.
## Implementation Details
### File Location
All model-specific logic is in:
```
rust/crates/api/src/providers/openai_compat.rs
```
### Key Functions
| Function | Purpose |
|----------|---------|
| `model_rejects_is_error_field()` | Detects models that don't support `is_error` in tool results |
| `is_reasoning_model()` | Detects reasoning models that need tuning param stripping |
| `translate_message()` | Converts internal messages to OpenAI format (applies `is_error` logic) |
| `build_chat_completion_request()` | Constructs full request payload (applies all model-specific logic) |
### Provider Prefix Handling
All model detection functions strip provider prefixes (e.g., `dashscope/kimi-k2.5``kimi-k2.5`) before matching:
```rust
let canonical = model.to_ascii_lowercase()
.rsplit('/')
.next()
.unwrap_or(model);
```
This ensures consistent detection regardless of whether models are referenced with or without provider prefixes.
## Adding New Models
When adding support for new models:
1. **Check if the model is a reasoning model**
- Does it reject temperature/top_p parameters?
- Add to `is_reasoning_model()` detection
2. **Check tool result compatibility**
- Does it reject the `is_error` field?
- Add to `model_rejects_is_error_field()` detection
3. **Check token limit field**
- Does it require `max_completion_tokens` instead of `max_tokens`?
- Update the `max_tokens_key` logic
4. **Add tests**
- Unit test for detection function
- Integration test in `build_chat_completion_request`
5. **Update this documentation**
- Add the model to the affected lists
- Document any special behavior
## Testing
### Running Model-Specific Tests
```bash
# All OpenAI compatibility tests
cargo test --package api providers::openai_compat
# Specific test categories
cargo test --package api model_rejects_is_error_field
cargo test --package api reasoning_model
cargo test --package api gpt5
cargo test --package api qwen
```
### Test Files
- Unit tests: `rust/crates/api/src/providers/openai_compat.rs` (in `mod tests`)
- Integration tests: `rust/crates/api/tests/openai_compat_integration.rs`
### Verifying Model Detection
To verify a model is detected correctly without making API calls:
```rust
#[test]
fn my_new_model_is_detected() {
// is_error handling
assert!(model_rejects_is_error_field("my-model"));
// Reasoning model detection
assert!(is_reasoning_model("my-model"));
// Provider prefix handling
assert!(model_rejects_is_error_field("provider/my-model"));
}
```
---
*Last updated: 2026-04-16*
For questions or updates, see the implementation in `rust/crates/api/src/providers/openai_compat.rs`.

356
prd.json Normal file
View File

@@ -0,0 +1,356 @@
{
"version": "1.0",
"description": "Clawable Coding Harness - Clear roadmap stories and commit each",
"stories": [
{
"id": "US-001",
"title": "Phase 1.6 - startup-no-evidence evidence bundle + classifier",
"description": "When startup times out, emit typed worker.startup_no_evidence event with evidence bundle including last known worker lifecycle state, pane command, prompt-send timestamp, prompt-acceptance state, trust-prompt detection result, and transport/MCP health summary. Classifier should down-rank into specific failure classes.",
"acceptanceCriteria": [
"worker.startup_no_evidence event emitted on startup timeout with evidence bundle",
"Evidence bundle includes: last lifecycle state, pane command, prompt-send timestamp, prompt-acceptance state, trust-prompt detection, transport/MCP health",
"Classifier attempts to categorize into: trust_required, prompt_misdelivery, prompt_acceptance_timeout, transport_dead, worker_crashed, or unknown",
"Tests verify evidence bundle structure and classifier behavior"
],
"passes": true,
"priority": "P0"
},
{
"id": "US-002",
"title": "Phase 2 - Canonical lane event schema (4.x series)",
"description": "Define typed events for lane lifecycle: lane.started, lane.ready, lane.prompt_misdelivery, lane.blocked, lane.red, lane.green, lane.commit.created, lane.pr.opened, lane.merge.ready, lane.finished, lane.failed, branch.stale_against_main. Also implement event ordering, reconciliation, provenance, deduplication, and projection contracts.",
"acceptanceCriteria": [
"LaneEvent enum with all required variants defined",
"Event ordering with monotonic sequence metadata attached",
"Event provenance labels (live_lane, test, healthcheck, replay, transport)",
"Session identity completeness at creation (title, workspace, purpose)",
"Duplicate terminal-event suppression with fingerprinting",
"Lane ownership/scope binding in events",
"Nudge acknowledgment with dedupe contract",
"clawhip consumes typed lane events instead of pane scraping"
],
"passes": true,
"priority": "P0"
},
{
"id": "US-003",
"title": "Phase 3 - Stale-branch detection before broad verification",
"description": "Before broad test runs, compare current branch to main and detect if known fixes are missing. Emit branch.stale_against_main event and suggest/auto-run rebase/merge-forward.",
"acceptanceCriteria": [
"Branch freshness comparison against main implemented",
"branch.stale_against_main event emitted when behind",
"Auto-rebase/merge-forward policy integration",
"Avoid misclassifying stale-branch failures as new regressions"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-004",
"title": "Phase 3 - Recovery recipes with ledger",
"description": "Encode automatic recoveries for common failures (trust prompt, prompt misdelivery, stale branch, compile red, MCP startup). Expose recovery attempt ledger with recipe id, attempt count, state, timestamps, failure summary.",
"acceptanceCriteria": [
"Recovery recipes defined for: trust_prompt_unresolved, prompt_delivered_to_shell, stale_branch, compile_red_after_refactor, MCP_handshake_failure, partial_plugin_startup",
"Recovery attempt ledger with: recipe id, attempt count, state, timestamps, failure summary, escalation reason",
"One automatic recovery attempt before escalation",
"Ledger emitted as structured event data"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-005",
"title": "Phase 4 - Typed task packet format",
"description": "Define structured task packet with fields: objective, scope, repo/worktree, branch policy, acceptance tests, commit policy, reporting contract, escalation policy.",
"acceptanceCriteria": [
"TaskPacket struct with all required fields",
"TaskScope resolution (workspace/module/single-file/custom)",
"Validation and serialization support",
"Integration into tools/src/lib.rs"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-006",
"title": "Phase 4 - Policy engine for autonomous coding",
"description": "Encode automation rules: if green + scoped diff + review passed -> merge to dev; if stale branch -> merge-forward before broad tests; if startup blocked -> recover once, then escalate; if lane completed -> emit closeout and cleanup session.",
"acceptanceCriteria": [
"Policy rules engine implemented",
"Rules: green + scoped diff + review -> merge",
"Rules: stale branch -> merge-forward before tests",
"Rules: startup blocked -> recover once, then escalate",
"Rules: lane completed -> closeout and cleanup"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-007",
"title": "Phase 5 - Plugin/MCP lifecycle maturity",
"description": "First-class plugin/MCP lifecycle contract: config validation, startup healthcheck, discovery result, degraded-mode behavior, shutdown/cleanup. Close gaps in end-to-end lifecycle.",
"acceptanceCriteria": [
"Plugin/MCP config validation contract",
"Startup healthcheck with structured results",
"Discovery result reporting",
"Degraded-mode behavior documented and implemented",
"Shutdown/cleanup contract",
"Partial startup and per-server failures reported structurally"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-008",
"title": "Fix kimi-k2.5 model API compatibility",
"description": "The kimi-k2.5 model (and other kimi models) reject API requests containing the is_error field in tool result messages. The OpenAI-compatible provider currently always includes is_error for all models. Need to make this field conditional based on model support.",
"acceptanceCriteria": [
"translate_message function accepts model parameter",
"is_error field excluded for kimi models (kimi-k2.5, kimi-k1.5, etc.)",
"is_error field included for models that support it (openai, grok, xai, etc.)",
"build_chat_completion_request passes model to translate_message",
"Tests verify is_error presence/absence based on model",
"cargo test passes",
"cargo clippy passes",
"cargo fmt passes"
],
"passes": true,
"priority": "P0"
},
{
"id": "US-009",
"title": "Add unit tests for kimi model compatibility fix",
"description": "During dogfooding we discovered the existing test coverage for model-specific is_error handling is insufficient. Need to add dedicated tests for model_rejects_is_error_field function and translate_message behavior with different models.",
"acceptanceCriteria": [
"Test model_rejects_is_error_field identifies kimi-k2.5, kimi-k1.5, dashscope/kimi-k2.5",
"Test translate_message includes is_error for gpt-4, grok-3, claude models",
"Test translate_message excludes is_error for kimi models",
"Test build_chat_completion_request produces correct payload for kimi vs non-kimi",
"All new tests pass",
"cargo test --package api passes"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-010",
"title": "Add model compatibility documentation",
"description": "Document which models require special handling (is_error exclusion, reasoning model tuning param stripping, etc.) in a MODEL_COMPATIBILITY.md file for operators and contributors.",
"acceptanceCriteria": [
"MODEL_COMPATIBILITY.md created in docs/ or repo root",
"Document kimi models is_error exclusion",
"Document reasoning models (o1, o3, grok-3-mini) tuning param stripping",
"Document gpt-5 max_completion_tokens requirement",
"Document qwen model routing through dashscope",
"Cross-reference with existing code comments"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-011",
"title": "Performance optimization: reduce API request serialization overhead",
"description": "The translate_message function creates intermediate JSON Value objects that could be optimized. Profile and optimize the hot path for API request building, especially for conversations with many tool results.",
"acceptanceCriteria": [
"Profile current request building with criterion or similar",
"Identify bottlenecks in translate_message and build_chat_completion_request",
"Implement optimizations (Vec pre-allocation, reduced cloning, etc.)",
"Benchmark before/after showing improvement",
"No functional changes or API breakage"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-012",
"title": "Trust prompt resolver with allowlist auto-trust",
"description": "Add allowlisted auto-trust behavior for known repos/worktrees. Trust prompts currently block TUI startup and require manual intervention. Implement automatic trust resolution for pre-approved repositories.",
"acceptanceCriteria": [
"TrustAllowlist config structure with repo patterns",
"Auto-trust behavior for allowlisted repos/worktrees",
"trust_required event emitted when trust prompt detected",
"trust_resolved event emitted when trust is granted",
"Non-allowlisted repos remain gated (manual trust required)",
"Integration with worker boot lifecycle",
"Tests for allowlist matching and event emission"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-013",
"title": "Phase 2 - Session event ordering + terminal-state reconciliation",
"description": "When the same session emits contradictory lifecycle events (idle, error, completed, transport/server-down) in close succession, expose deterministic final truth. Attach monotonic sequence/causal ordering metadata, classify terminal vs advisory events, reconcile duplicate/out-of-order terminal events into one canonical lane outcome.",
"acceptanceCriteria": [
"Monotonic sequence / causal ordering metadata attached to session lifecycle events",
"Terminal vs advisory event classification implemented",
"Reconcile duplicate or out-of-order terminal events into one canonical outcome",
"Distinguish 'session terminal state unknown because transport died' from real 'completed'",
"Tests verify reconciliation behavior with out-of-order event bursts"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-014",
"title": "Phase 2 - Event provenance / environment labeling",
"description": "Every emitted event should declare its source (live_lane, test, healthcheck, replay, transport) so claws do not mistake test noise for production truth. Include environment/channel label, emitter identity, and confidence/trust level.",
"acceptanceCriteria": [
"EventProvenance enum with live_lane, test, healthcheck, replay, transport variants",
"Environment/channel label attached to all events",
"Emitter identity field on events",
"Confidence/trust level field for downstream automation",
"Tests verify provenance labeling and filtering"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-015",
"title": "Phase 2 - Session identity completeness at creation time",
"description": "A newly created session should emit stable title, workspace/worktree path, and lane/session purpose at creation time. If any field is not yet known, emit explicit typed placeholder reason rather than bare unknown string.",
"acceptanceCriteria": [
"Session creation emits stable title, workspace/worktree path, purpose immediately",
"Explicit typed placeholder when fields unknown (not bare 'unknown' strings)",
"Later-enriched metadata reconciles onto same session identity without ambiguity",
"Tests verify session identity completeness and placeholder handling"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-016",
"title": "Phase 2 - Duplicate terminal-event suppression",
"description": "When the same session emits repeated completed/failed/terminal notifications, collapse duplicates before they trigger repeated downstream reactions. Attach canonical terminal-event fingerprint per lane/session outcome.",
"acceptanceCriteria": [
"Canonical terminal-event fingerprint attached per lane/session outcome",
"Suppress/coalesce repeated terminal notifications within reconciliation window",
"Preserve raw event history for audit while exposing one actionable outcome downstream",
"Surface when later duplicate materially differs from original terminal payload",
"Tests verify deduplication and material difference detection"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-017",
"title": "Phase 2 - Lane ownership / scope binding",
"description": "Each session and lane event should declare who owns it and what workflow scope it belongs to. Attach owner/assignee identity, workflow scope (claw-code-dogfood, external-git-maintenance, infra-health, manual-operator), and mark whether watcher is expected to act, observe only, or ignore.",
"acceptanceCriteria": [
"Owner/assignee identity attached to sessions and lane events",
"Workflow scope field (claw-code-dogfood, external-git-maintenance, etc.)",
"Watcher action expectation field (act, observe-only, ignore)",
"Preserve scope through session restarts, resumes, and late terminal events",
"Tests verify ownership and scope binding"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-018",
"title": "Phase 2 - Nudge acknowledgment / dedupe contract",
"description": "Periodic clawhip nudges should carry nudge id/cycle id and delivery timestamp. Expose whether claw has already acknowledged or responded for that cycle. Distinguish new nudge, retry nudge, and stale duplicate.",
"acceptanceCriteria": [
"Nudge id / cycle id and delivery timestamp attached",
"Acknowledgment state exposed (already acknowledged or not)",
"Distinguish new nudge vs retry nudge vs stale duplicate",
"Allow downstream summaries to bind reported pinpoint back to triggering nudge id",
"Tests verify nudge deduplication and acknowledgment tracking"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-019",
"title": "Phase 2 - Stable roadmap-id assignment for newly filed pinpoints",
"description": "When a claw records a new pinpoint/follow-up, assign or expose a stable tracking id immediately. Expose that id in structured event/report payload and preserve across edits, reorderings, and summary compression.",
"acceptanceCriteria": [
"Canonical roadmap id assigned at filing time",
"Roadmap id exposed in structured event/report payload",
"Same id preserved across edits, reorderings, summary compression",
"Distinguish 'new roadmap filing' from 'update to existing roadmap item'",
"Tests verify stable id assignment and update detection"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-020",
"title": "Phase 2 - Roadmap item lifecycle state contract",
"description": "Each roadmap pinpoint should carry machine-readable lifecycle state (filed, acknowledged, in_progress, blocked, done, superseded). Attach last state-change timestamp and preserve lineage when one pinpoint supersedes or merges into another.",
"acceptanceCriteria": [
"Lifecycle state enum with filed, acknowledged, in_progress, blocked, done, superseded",
"Last state-change timestamp attached",
"New report can declare first filing, status update, or closure",
"Preserve lineage when one pinpoint supersedes or merges into another",
"Tests verify lifecycle state transitions"
],
"passes": true,
"priority": "P2"
},
{
"id": "US-021",
"title": "Request body size pre-flight check for OpenAI-compatible provider",
"description": "Implement pre-flight request body size estimation to prevent 400 Bad Request errors from API gateways with size limits. Based on dogfood findings with kimi-k2.5 testing, DashScope API has a 6MB request body limit that was exceeded by large system prompts.",
"acceptanceCriteria": [
"Pre-flight size estimation before sending requests to OpenAI-compatible providers",
"Clear error message when request exceeds provider-specific size limit",
"Configuration for different provider limits (6MB DashScope, 100MB OpenAI, etc.)",
"Unit tests for size estimation and limit checking",
"Integration with existing error handling for actionable user messages"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-022",
"title": "Enhanced error context for API failures",
"description": "Add structured error context to API failures including request ID tracking across retries, provider-specific error code mapping, and suggested user actions based on error type (e.g., 'Reduce prompt size' for 413, 'Check API key' for 401).",
"acceptanceCriteria": [
"Request ID tracking across retries with full context in error messages",
"Provider-specific error code mapping with actionable suggestions",
"Suggested user actions for common error types (401, 403, 413, 429, 500, 502-504)",
"Unit tests for error context extraction",
"All existing tests pass and clippy is clean"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-023",
"title": "Add automatic routing for kimi models to DashScope",
"description": "Based on dogfood findings with kimi-k2.5 testing, users must manually prefix with dashscope/kimi-k2.5 instead of just using kimi-k2.5. Add automatic routing for kimi/ and kimi- prefixed models to DashScope (similar to qwen models), and add a 'kimi' alias to the model registry.",
"acceptanceCriteria": [
"kimi/ and kimi- prefix routing to DashScope in metadata_for_model()",
"'kimi' alias in MODEL_REGISTRY that resolves to 'kimi-k2.5'",
"resolve_model_alias() handles the kimi alias correctly",
"Unit tests for kimi routing (similar to qwen routing tests)",
"All tests pass and clippy is clean"
],
"passes": true,
"priority": "P1"
},
{
"id": "US-024",
"title": "Add token limit metadata for kimi models",
"description": "The model_token_limit() function has no entries for kimi-k2.5 or kimi-k1.5, causing preflight context window validation to skip these models. Add token limit metadata to enable preflight checks and accurate max token defaults. Per Moonshot AI documentation, kimi-k2.5 supports 256K context window and 16K max output tokens.",
"acceptanceCriteria": [
"model_token_limit('kimi-k2.5') returns Some(ModelTokenLimit { max_output_tokens: 16384, context_window_tokens: 256000 })",
"model_token_limit('kimi-k1.5') returns appropriate limits",
"model_token_limit('kimi') follows alias chain (kimi → kimi-k2.5) and returns k2.5 limits",
"preflight_message_request() validates context window for kimi models (via generic preflight, no provider-specific code needed)",
"Unit tests verify limits and preflight behavior for kimi models",
"All tests pass and clippy is clean"
],
"passes": true,
"priority": "P1"
}
],
"metadata": {
"lastUpdated": "2026-04-17",
"completedStories": ["US-001", "US-002", "US-003", "US-004", "US-005", "US-006", "US-007", "US-008", "US-009", "US-010", "US-011", "US-012", "US-013", "US-014", "US-015", "US-016", "US-017", "US-018", "US-019", "US-020", "US-021", "US-022", "US-023", "US-024"],
"inProgressStories": [],
"totalStories": 24,
"status": "completed"
}
}

133
progress.txt Normal file
View File

@@ -0,0 +1,133 @@
Ralph Iteration Summary - claw-code Roadmap Implementation
===========================================================
Iteration 1: 2026-04-16
------------------------
US-001 COMPLETED (Phase 1.6 - startup-no-evidence evidence bundle + classifier)
- Files: rust/crates/runtime/src/worker_boot.rs
- Added StartupFailureClassification enum with 6 variants
- Added StartupEvidenceBundle with 8 fields
- Implemented classify_startup_failure() logic
- Added observe_startup_timeout() method to Worker
- Tests: 6 new tests verifying classification logic
US-002 COMPLETED (Phase 2 - Canonical lane event schema)
- Files: rust/crates/runtime/src/lane_events.rs
- Added EventProvenance enum with 5 labels
- Added SessionIdentity, LaneOwnership structs
- Added LaneEventMetadata with sequence/ordering
- Added LaneEventBuilder for construction
- Implemented is_terminal_event(), dedupe_terminal_events()
- Tests: 10 new tests for events and deduplication
US-005 COMPLETED (Phase 4 - Typed task packet format)
- Files:
- rust/crates/runtime/src/task_packet.rs
- rust/crates/runtime/src/task_registry.rs
- rust/crates/tools/src/lib.rs
- Added TaskScope enum (Workspace, Module, SingleFile, Custom)
- Updated TaskPacket with scope_path and worktree fields
- Added validate_scope_requirements() validation logic
- Fixed all test compilation errors in dependent modules
- Tests: Updated existing tests to use new types
PRE-EXISTING IMPLEMENTATIONS (verified working):
------------------------------------------------
US-003 COMPLETE (Phase 3 - Stale-branch detection)
- Files: rust/crates/runtime/src/stale_branch.rs
- BranchFreshness enum (Fresh, Stale, Diverged)
- StaleBranchPolicy (AutoRebase, AutoMergeForward, WarnOnly, Block)
- StaleBranchEvent with structured events
- check_freshness() with git integration
- apply_policy() with policy resolution
- Tests: 12 unit tests + 5 integration tests passing
US-004 COMPLETE (Phase 3 - Recovery recipes with ledger)
- Files: rust/crates/runtime/src/recovery_recipes.rs
- FailureScenario enum with 7 scenarios
- RecoveryStep enum with actionable steps
- RecoveryRecipe with step sequences
- RecoveryLedger for attempt tracking
- RecoveryEvent for structured emission
- attempt_recovery() with escalation logic
- Tests: 15 unit tests + 1 integration test passing
US-006 COMPLETE (Phase 4 - Policy engine for autonomous coding)
- Files: rust/crates/runtime/src/policy_engine.rs
- PolicyRule with condition/action/priority
- PolicyCondition (And, Or, GreenAt, StaleBranch, etc.)
- PolicyAction (MergeToDev, RecoverOnce, Escalate, etc.)
- LaneContext for evaluation context
- evaluate() for rule matching
- Tests: 18 unit tests + 6 integration tests passing
US-007 COMPLETE (Phase 5 - Plugin/MCP lifecycle maturity)
- Files: rust/crates/runtime/src/plugin_lifecycle.rs
- ServerStatus enum (Healthy, Degraded, Failed)
- ServerHealth with capabilities tracking
- PluginState with full lifecycle states
- PluginLifecycle event tracking
- PluginHealthcheck structured results
- DiscoveryResult for capability discovery
- DegradedMode behavior
- Tests: 11 unit tests passing
VERIFICATION STATUS:
------------------
- cargo build --workspace: PASSED
- cargo test --workspace: PASSED (476+ unit tests, 12 integration tests)
- cargo clippy --workspace: PASSED
All 7 stories from prd.json now have passes: true
Iteration 2: 2026-04-16
------------------------
US-009 COMPLETED (Add unit tests for kimi model compatibility fix)
- Files: rust/crates/api/src/providers/openai_compat.rs
- Added 4 comprehensive unit tests:
1. model_rejects_is_error_field_detects_kimi_models - verifies detection of kimi-k2.5, kimi-k1.5, dashscope/kimi-k2.5, case insensitivity
2. translate_message_includes_is_error_for_non_kimi_models - verifies gpt-4o, grok-3, claude include is_error
3. translate_message_excludes_is_error_for_kimi_models - verifies kimi models exclude is_error (prevents 400 Bad Request)
4. build_chat_completion_request_kimi_vs_non_kimi_tool_results - full integration test for request building
- Tests: 4 new tests, 119 unit tests total in api crate (+4), all passing
- Integration tests: 29 passing (no regressions)
US-010 COMPLETED (Add model compatibility documentation)
- Files: docs/MODEL_COMPATIBILITY.md
- Created comprehensive documentation covering:
1. Kimi Models (is_error Exclusion) - documents the 400 Bad Request issue and solution
2. Reasoning Models (Tuning Parameter Stripping) - covers o1, o3, o4, grok-3-mini, qwen-qwq, qwen3-thinking
3. GPT-5 (max_completion_tokens) - documents max_tokens vs max_completion_tokens requirement
4. Qwen Models (DashScope Routing) - explains routing and authentication
- Added implementation details section with key functions
- Added "Adding New Models" guide for future contributors
- Added testing section with example commands
- Cross-referenced with existing code comments in openai_compat.rs
- cargo clippy passes
US-011 COMPLETED (Performance optimization: reduce API request serialization overhead)
- Files:
- rust/crates/api/Cargo.toml (added criterion dev-dependency and bench config)
- rust/crates/api/benches/request_building.rs (new benchmark suite)
- rust/crates/api/src/providers/openai_compat.rs (optimizations)
- rust/crates/api/src/lib.rs (public exports for benchmarks)
- Optimizations implemented:
1. flatten_tool_result_content: Pre-allocate String capacity and avoid intermediate Vec
- Before: collected to Vec<String> then joined
- After: single String with pre-calculated capacity, push directly
2. Made key functions public for benchmarking: translate_message, build_chat_completion_request,
flatten_tool_result_content, is_reasoning_model, model_rejects_is_error_field
- Benchmark results:
- flatten_tool_result_content/single_text: ~17ns
- flatten_tool_result_content/multi_text (10 blocks): ~46ns
- flatten_tool_result_content/large_content (50 blocks): ~11.7µs
- translate_message/text_only: ~200ns
- translate_message/tool_result: ~348ns
- build_chat_completion_request/10 messages: ~16.4µs
- build_chat_completion_request/100 messages: ~209µs
- is_reasoning_model detection: ~26-42ns depending on model
- All tests pass (119 unit tests + 29 integration tests)
- cargo clippy passes

5
rust/.claw.json Normal file
View File

@@ -0,0 +1,5 @@
{
"permissions": {
"defaultMode": "dontAsk"
}
}

3
rust/.claw/sessions/session-1775386832313-0.jsonl
View File

@@ -1,2 +1 @@
{"created_at_ms":1775386832313,"session_id":"session-1775386832313-0","type":"session_meta","updated_at_ms":1775386832313,"version":1} {"created_at_ms":1775777421902,"session_id":"session-1775777421902-1","type":"session_meta","updated_at_ms":1775777421902,"version":1}
{"message":{"blocks":[{"text":"status --help","type":"text"}],"role":"user"},"type":"message"}

4
rust/.gitignore vendored
View File

@@ -1,3 +1,7 @@
target/ target/
.omx/ .omx/
.clawd-agents/ .clawd-agents/
# Claw Code local artifacts
.claw/settings.local.json
.claw/sessions/
.clawhip/

15
rust/CLAUDE.md Normal file
View File

@@ -0,0 +1,15 @@
# CLAUDE.md
This file provides guidance to Claw Code (clawcode.dev) when working with code in this repository.
## Detected stack
- Languages: Rust.
- Frameworks: none detected from the supported starter markers.
## Verification
- Run Rust verification from the repo root: `cargo fmt`, `cargo clippy --workspace --all-targets -- -D warnings`, `cargo test --workspace`
## Working agreement
- Prefer small, reviewable changes and keep generated bootstrap files aligned with actual repo workflows.
- Keep shared defaults in `.claw.json`; reserve `.claw/settings.local.json` for machine-local overrides.
- Do not overwrite existing `CLAUDE.md` content automatically; update it intentionally when repo workflows change.

264
rust/Cargo.lock generated
View File

@@ -17,10 +17,23 @@ dependencies = [
"memchr", "memchr",
] ]
[[package]]
name = "anes"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299"
[[package]]
name = "anstyle"
version = "1.0.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "940b3a0ca603d1eade50a4846a2afffd5ef57a9feac2c0e2ec2e14f9ead76000"
[[package]] [[package]]
name = "api" name = "api"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"criterion",
"reqwest", "reqwest",
"runtime", "runtime",
"serde", "serde",
@@ -35,6 +48,12 @@ version = "1.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0" checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
[[package]]
name = "autocfg"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8"
[[package]] [[package]]
name = "base64" name = "base64"
version = "0.22.1" version = "0.22.1"
@@ -77,6 +96,12 @@ version = "1.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33" checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33"
[[package]]
name = "cast"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5"
[[package]] [[package]]
name = "cc" name = "cc"
version = "1.2.58" version = "1.2.58"
@@ -99,6 +124,58 @@ version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
[[package]]
name = "ciborium"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "42e69ffd6f0917f5c029256a24d0161db17cea3997d185db0d35926308770f0e"
dependencies = [
"ciborium-io",
"ciborium-ll",
"serde",
]
[[package]]
name = "ciborium-io"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "05afea1e0a06c9be33d539b876f1ce3692f4afea2cb41f740e7743225ed1c757"
[[package]]
name = "ciborium-ll"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "57663b653d948a338bfb3eeba9bb2fd5fcfaecb9e199e87e1eda4d9e8b240fd9"
dependencies = [
"ciborium-io",
"half",
]
[[package]]
name = "clap"
version = "4.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1ddb117e43bbf7dacf0a4190fef4d345b9bad68dfc649cb349e7d17d28428e51"
dependencies = [
"clap_builder",
]
[[package]]
name = "clap_builder"
version = "4.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "714a53001bf66416adb0e2ef5ac857140e7dc3a0c48fb28b2f10762fc4b5069f"
dependencies = [
"anstyle",
"clap_lex",
]
[[package]]
name = "clap_lex"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c8d4a3bb8b1e0c1050499d1815f5ab16d04f0959b233085fb31653fbfc9d98f9"
[[package]] [[package]]
name = "clipboard-win" name = "clipboard-win"
version = "5.4.1" version = "5.4.1"
@@ -144,6 +221,67 @@ dependencies = [
"cfg-if", "cfg-if",
] ]
[[package]]
name = "criterion"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2b12d017a929603d80db1831cd3a24082f8137ce19c69e6447f54f5fc8d692f"
dependencies = [
"anes",
"cast",
"ciborium",
"clap",
"criterion-plot",
"is-terminal",
"itertools",
"num-traits",
"once_cell",
"oorandom",
"plotters",
"rayon",
"regex",
"serde",
"serde_derive",
"serde_json",
"tinytemplate",
"walkdir",
]
[[package]]
name = "criterion-plot"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1"
dependencies = [
"cast",
"itertools",
]
[[package]]
name = "crossbeam-deque"
version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9dd111b7b7f7d55b72c0a6ae361660ee5853c9af73f70c3c2ef6858b950e2e51"
dependencies = [
"crossbeam-epoch",
"crossbeam-utils",
]
[[package]]
name = "crossbeam-epoch"
version = "0.9.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5b82ac4a3c2ca9c3460964f020e1402edd5753411d7737aa39c3714ad1b5420e"
dependencies = [
"crossbeam-utils",
]
[[package]]
name = "crossbeam-utils"
version = "0.8.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28"
[[package]] [[package]]
name = "crossterm" name = "crossterm"
version = "0.28.1" version = "0.28.1"
@@ -169,6 +307,12 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "crunchy"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5"
[[package]] [[package]]
name = "crypto-common" name = "crypto-common"
version = "0.1.7" version = "0.1.7"
@@ -209,6 +353,12 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "either"
version = "1.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719"
[[package]] [[package]]
name = "endian-type" name = "endian-type"
version = "0.1.2" version = "0.1.2"
@@ -245,7 +395,7 @@ checksum = "0ce92ff622d6dadf7349484f42c93271a0d49b7cc4d466a936405bacbe10aa78"
dependencies = [ dependencies = [
"cfg-if", "cfg-if",
"rustix 1.1.4", "rustix 1.1.4",
"windows-sys 0.52.0", "windows-sys 0.59.0",
] ]
[[package]] [[package]]
@@ -380,12 +530,29 @@ version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280" checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280"
[[package]]
name = "half"
version = "2.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6ea2d84b969582b4b1864a92dc5d27cd2b77b622a8d79306834f1be5ba20d84b"
dependencies = [
"cfg-if",
"crunchy",
"zerocopy",
]
[[package]] [[package]]
name = "hashbrown" name = "hashbrown"
version = "0.16.1" version = "0.16.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100" checksum = "841d1cc9bed7f9236f321df977030373f4a4163ae1a7dbfe1a51a2c1a51d9100"
[[package]]
name = "hermit-abi"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c"
[[package]] [[package]]
name = "home" name = "home"
version = "0.5.12" version = "0.5.12"
@@ -622,6 +789,26 @@ dependencies = [
"serde", "serde",
] ]
[[package]]
name = "is-terminal"
version = "0.4.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3640c1c38b8e4e43584d8df18be5fc6b0aa314ce6ebf51b53313d4306cca8e46"
dependencies = [
"hermit-abi",
"libc",
"windows-sys 0.61.2",
]
[[package]]
name = "itertools"
version = "0.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473"
dependencies = [
"either",
]
[[package]] [[package]]
name = "itoa" name = "itoa"
version = "1.0.18" version = "1.0.18"
@@ -755,6 +942,15 @@ version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c6673768db2d862beb9b39a78fdcb1a69439615d5794a1be50caa9bc92c81967" checksum = "c6673768db2d862beb9b39a78fdcb1a69439615d5794a1be50caa9bc92c81967"
[[package]]
name = "num-traits"
version = "0.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
dependencies = [
"autocfg",
]
[[package]] [[package]]
name = "once_cell" name = "once_cell"
version = "1.21.4" version = "1.21.4"
@@ -783,6 +979,12 @@ dependencies = [
"pkg-config", "pkg-config",
] ]
[[package]]
name = "oorandom"
version = "11.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d6790f58c7ff633d8771f42965289203411a5e5c68388703c06e14f24770b41e"
[[package]] [[package]]
name = "parking_lot" name = "parking_lot"
version = "0.12.5" version = "0.12.5"
@@ -837,6 +1039,34 @@ dependencies = [
"time", "time",
] ]
[[package]]
name = "plotters"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5aeb6f403d7a4911efb1e33402027fc44f29b5bf6def3effcc22d7bb75f2b747"
dependencies = [
"num-traits",
"plotters-backend",
"plotters-svg",
"wasm-bindgen",
"web-sys",
]
[[package]]
name = "plotters-backend"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df42e13c12958a16b3f7f4386b9ab1f3e7933914ecea48da7139435263a4172a"
[[package]]
name = "plotters-svg"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51bae2ac328883f7acdfea3d66a7c35751187f870bc81f94563733a154d7a670"
dependencies = [
"plotters-backend",
]
[[package]] [[package]]
name = "plugins" name = "plugins"
version = "0.1.0" version = "0.1.0"
@@ -1015,6 +1245,26 @@ dependencies = [
"getrandom 0.3.4", "getrandom 0.3.4",
] ]
[[package]]
name = "rayon"
version = "1.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb39b166781f92d482534ef4b4b1b2568f42613b53e5b6c160e24cfbfa30926d"
dependencies = [
"either",
"rayon-core",
]
[[package]]
name = "rayon-core"
version = "1.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "22e18b0f0062d30d4230b2e85ff77fdfe4326feb054b9783a3460d8435c8ab91"
dependencies = [
"crossbeam-deque",
"crossbeam-utils",
]
[[package]] [[package]]
name = "redox_syscall" name = "redox_syscall"
version = "0.5.18" version = "0.5.18"
@@ -1138,7 +1388,7 @@ dependencies = [
"errno", "errno",
"libc", "libc",
"linux-raw-sys 0.4.15", "linux-raw-sys 0.4.15",
"windows-sys 0.52.0", "windows-sys 0.59.0",
] ]
[[package]] [[package]]
@@ -1522,6 +1772,16 @@ dependencies = [
"zerovec", "zerovec",
] ]
[[package]]
name = "tinytemplate"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "be4d6b5f19ff7664e8c98d03e2139cb510db9b0a60b55f8e8709b689d939b6bc"
dependencies = [
"serde",
"serde_json",
]
[[package]] [[package]]
name = "tinyvec" name = "tinyvec"
version = "1.11.0" version = "1.11.0"

17
rust/README.md
View File

@@ -34,10 +34,10 @@ export ANTHROPIC_API_KEY="sk-ant-..."
export ANTHROPIC_BASE_URL="https://your-proxy.com" export ANTHROPIC_BASE_URL="https://your-proxy.com"
``` ```
Or authenticate via OAuth and let the CLI persist credentials locally: Or provide an OAuth bearer token directly:
```bash ```bash
cargo run -p rusty-claude-cli -- login export ANTHROPIC_AUTH_TOKEN="anthropic-oauth-or-proxy-bearer-token"
``` ```
## Mock parity harness ## Mock parity harness
@@ -80,7 +80,7 @@ Primary artifacts:
| Feature | Status | | Feature | Status |
|---------|--------| |---------|--------|
| Anthropic / OpenAI-compatible provider flows + streaming | ✅ | | Anthropic / OpenAI-compatible provider flows + streaming | ✅ |
| OAuth login/logout | ✅ | | Direct bearer-token auth via `ANTHROPIC_AUTH_TOKEN` | ✅ |
| Interactive REPL (rustyline) | ✅ | | Interactive REPL (rustyline) | ✅ |
| Tool system (bash, read, write, edit, grep, glob) | ✅ | | Tool system (bash, read, write, edit, grep, glob) | ✅ |
| Web tools (search, fetch) | ✅ | | Web tools (search, fetch) | ✅ |
@@ -135,17 +135,18 @@ Top-level commands:
version version
status status
sandbox sandbox
acp [serve]
dump-manifests dump-manifests
bootstrap-plan bootstrap-plan
agents agents
mcp mcp
skills skills
system-prompt system-prompt
login
logout
init init
``` ```
`claw acp` is a local discoverability surface for editor-first users: it reports the current ACP/Zed status without starting the runtime. As of April 16, 2026, claw-code does **not** ship an ACP/Zed daemon entrypoint yet, and `claw acp serve` is only a status alias until the real protocol surface lands.
The command surface is moving quickly. For the canonical live help text, run: The command surface is moving quickly. For the canonical live help text, run:
```bash ```bash
@@ -159,8 +160,8 @@ Tab completion expands slash commands, model aliases, permission modes, and rece
The REPL now exposes a much broader surface than the original minimal shell: The REPL now exposes a much broader surface than the original minimal shell:
- session / visibility: `/help`, `/status`, `/sandbox`, `/cost`, `/resume`, `/session`, `/version`, `/usage`, `/stats` - session / visibility: `/help`, `/status`, `/sandbox`, `/cost`, `/resume`, `/session`, `/version`, `/usage`, `/stats`
- workspace / git: `/compact`, `/clear`, `/config`, `/memory`, `/init`, `/diff`, `/commit`, `/pr`, `/issue`, `/export`, `/hooks`, `/files`, `/branch`, `/release-notes`, `/add-dir` - workspace / git: `/compact`, `/clear`, `/config`, `/memory`, `/init`, `/diff`, `/commit`, `/pr`, `/issue`, `/export`, `/hooks`, `/files`, `/release-notes`
- discovery / debugging: `/mcp`, `/agents`, `/skills`, `/doctor`, `/tasks`, `/context`, `/desktop`, `/ide` - discovery / debugging: `/mcp`, `/agents`, `/skills`, `/doctor`, `/tasks`, `/context`, `/desktop`
- automation / analysis: `/review`, `/advisor`, `/insights`, `/security-review`, `/subagent`, `/team`, `/telemetry`, `/providers`, `/cron`, and more - automation / analysis: `/review`, `/advisor`, `/insights`, `/security-review`, `/subagent`, `/team`, `/telemetry`, `/providers`, `/cron`, and more
- plugin management: `/plugin` (with aliases `/plugins`, `/marketplace`) - plugin management: `/plugin` (with aliases `/plugins`, `/marketplace`)
@@ -194,7 +195,7 @@ rust/
### Crate Responsibilities ### Crate Responsibilities
- **api** — provider clients, SSE streaming, request/response types, auth (API key + OAuth bearer), request-size/context-window preflight - **api** — provider clients, SSE streaming, request/response types, auth (`ANTHROPIC_API_KEY` + bearer-token support), request-size/context-window preflight
- **commands** — slash command definitions, parsing, help text generation, JSON/text command rendering - **commands** — slash command definitions, parsing, help text generation, JSON/text command rendering
- **compat-harness** — extracts tool/prompt manifests from upstream TS source - **compat-harness** — extracts tool/prompt manifests from upstream TS source
- **mock-anthropic-service** — deterministic `/v1/messages` mock for CLI parity tests and local harness runs - **mock-anthropic-service** — deterministic `/v1/messages` mock for CLI parity tests and local harness runs

7
rust/crates/api/Cargo.toml
View File

@@ -13,5 +13,12 @@ serde_json.workspace = true
telemetry = { path = "../telemetry" } telemetry = { path = "../telemetry" }
tokio = { version = "1", features = ["io-util", "macros", "net", "rt-multi-thread", "time"] } tokio = { version = "1", features = ["io-util", "macros", "net", "rt-multi-thread", "time"] }
[dev-dependencies]
criterion = { version = "0.5", features = ["html_reports"] }
[lints] [lints]
workspace = true workspace = true
[[bench]]
name = "request_building"
harness = false

329
rust/crates/api/benches/request_building.rs Normal file
View File

@@ -0,0 +1,329 @@
// Benchmarks for API request building performance
// Benchmarks are exempt from strict linting as they are test/performance code
#![allow(
clippy::cognitive_complexity,
clippy::doc_markdown,
clippy::explicit_iter_loop,
clippy::format_in_format_args,
clippy::missing_docs_in_private_items,
clippy::must_use_candidate,
clippy::needless_pass_by_value,
clippy::clone_on_copy,
clippy::too_many_lines,
clippy::uninlined_format_args
)]
use api::{
build_chat_completion_request, flatten_tool_result_content, is_reasoning_model,
translate_message, InputContentBlock, InputMessage, MessageRequest, OpenAiCompatConfig,
ToolResultContentBlock,
};
use criterion::{black_box, criterion_group, criterion_main, BenchmarkId, Criterion};
use serde_json::json;
/// Create a sample message request with various content types
fn create_sample_request(message_count: usize) -> MessageRequest {
let mut messages = Vec::with_capacity(message_count);
for i in 0..message_count {
match i % 4 {
0 => messages.push(InputMessage::user_text(format!("Message {}", i))),
1 => messages.push(InputMessage {
role: "assistant".to_string(),
content: vec![
InputContentBlock::Text {
text: format!("Assistant response {}", i),
},
InputContentBlock::ToolUse {
id: format!("call_{}", i),
name: "read_file".to_string(),
input: json!({"path": format!("/tmp/file{}", i)}),
},
],
}),
2 => messages.push(InputMessage {
role: "user".to_string(),
content: vec![InputContentBlock::ToolResult {
tool_use_id: format!("call_{}", i - 1),
content: vec![ToolResultContentBlock::Text {
text: format!("Tool result content {}", i),
}],
is_error: false,
}],
}),
_ => messages.push(InputMessage {
role: "assistant".to_string(),
content: vec![InputContentBlock::ToolUse {
id: format!("call_{}", i),
name: "write_file".to_string(),
input: json!({"path": format!("/tmp/out{}", i), "content": "data"}),
}],
}),
}
}
MessageRequest {
model: "gpt-4o".to_string(),
max_tokens: 1024,
messages,
stream: false,
system: Some("You are a helpful assistant.".to_string()),
temperature: Some(0.7),
top_p: None,
tools: None,
tool_choice: None,
frequency_penalty: None,
presence_penalty: None,
stop: None,
reasoning_effort: None,
}
}
/// Benchmark translate_message with various message types
fn bench_translate_message(c: &mut Criterion) {
let mut group = c.benchmark_group("translate_message");
// Text-only message
let text_message = InputMessage::user_text("Simple text message".to_string());
group.bench_with_input(
BenchmarkId::new("text_only", "single"),
&text_message,
|b, msg| {
b.iter(|| translate_message(black_box(msg), black_box("gpt-4o")));
},
);
// Assistant message with tool calls
let assistant_message = InputMessage {
role: "assistant".to_string(),
content: vec![
InputContentBlock::Text {
text: "I'll help you with that.".to_string(),
},
InputContentBlock::ToolUse {
id: "call_1".to_string(),
name: "read_file".to_string(),
input: json!({"path": "/tmp/test"}),
},
InputContentBlock::ToolUse {
id: "call_2".to_string(),
name: "write_file".to_string(),
input: json!({"path": "/tmp/out", "content": "data"}),
},
],
};
group.bench_with_input(
BenchmarkId::new("assistant_with_tools", "2_tools"),
&assistant_message,
|b, msg| {
b.iter(|| translate_message(black_box(msg), black_box("gpt-4o")));
},
);
// Tool result message
let tool_result_message = InputMessage {
role: "user".to_string(),
content: vec![InputContentBlock::ToolResult {
tool_use_id: "call_1".to_string(),
content: vec![ToolResultContentBlock::Text {
text: "File contents here".to_string(),
}],
is_error: false,
}],
};
group.bench_with_input(
BenchmarkId::new("tool_result", "single"),
&tool_result_message,
|b, msg| {
b.iter(|| translate_message(black_box(msg), black_box("gpt-4o")));
},
);
// Tool result for kimi model (is_error excluded)
group.bench_with_input(
BenchmarkId::new("tool_result_kimi", "kimi-k2.5"),
&tool_result_message,
|b, msg| {
b.iter(|| translate_message(black_box(msg), black_box("kimi-k2.5")));
},
);
// Large content message
let large_content = "x".repeat(10000);
let large_message = InputMessage::user_text(large_content);
group.bench_with_input(
BenchmarkId::new("large_text", "10kb"),
&large_message,
|b, msg| {
b.iter(|| translate_message(black_box(msg), black_box("gpt-4o")));
},
);
group.finish();
}
/// Benchmark build_chat_completion_request with various message counts
fn bench_build_request(c: &mut Criterion) {
let mut group = c.benchmark_group("build_chat_completion_request");
let config = OpenAiCompatConfig::openai();
for message_count in [10, 50, 100].iter() {
let request = create_sample_request(*message_count);
group.bench_with_input(
BenchmarkId::new("message_count", message_count),
&request,
|b, req| {
b.iter(|| build_chat_completion_request(black_box(req), config.clone()));
},
);
}
// Benchmark with reasoning model (tuning params stripped)
let mut reasoning_request = create_sample_request(50);
reasoning_request.model = "o1-mini".to_string();
group.bench_with_input(
BenchmarkId::new("reasoning_model", "o1-mini"),
&reasoning_request,
|b, req| {
b.iter(|| build_chat_completion_request(black_box(req), config.clone()));
},
);
// Benchmark with gpt-5 (max_completion_tokens)
let mut gpt5_request = create_sample_request(50);
gpt5_request.model = "gpt-5".to_string();
group.bench_with_input(
BenchmarkId::new("gpt5", "gpt-5"),
&gpt5_request,
|b, req| {
b.iter(|| build_chat_completion_request(black_box(req), config.clone()));
},
);
group.finish();
}
/// Benchmark flatten_tool_result_content
fn bench_flatten_tool_result(c: &mut Criterion) {
let mut group = c.benchmark_group("flatten_tool_result_content");
// Single text block
let single_text = vec![ToolResultContentBlock::Text {
text: "Simple result".to_string(),
}];
group.bench_with_input(
BenchmarkId::new("single_text", "1_block"),
&single_text,
|b, content| {
b.iter(|| flatten_tool_result_content(black_box(content)));
},
);
// Multiple text blocks
let multi_text: Vec<ToolResultContentBlock> = (0..10)
.map(|i| ToolResultContentBlock::Text {
text: format!("Line {}: some content here\n", i),
})
.collect();
group.bench_with_input(
BenchmarkId::new("multi_text", "10_blocks"),
&multi_text,
|b, content| {
b.iter(|| flatten_tool_result_content(black_box(content)));
},
);
// JSON content blocks
let json_content: Vec<ToolResultContentBlock> = (0..5)
.map(|i| ToolResultContentBlock::Json {
value: json!({"index": i, "data": "test content", "nested": {"key": "value"}}),
})
.collect();
group.bench_with_input(
BenchmarkId::new("json_content", "5_blocks"),
&json_content,
|b, content| {
b.iter(|| flatten_tool_result_content(black_box(content)));
},
);
// Mixed content
let mixed_content = vec![
ToolResultContentBlock::Text {
text: "Here's the result:".to_string(),
},
ToolResultContentBlock::Json {
value: json!({"status": "success", "count": 42}),
},
ToolResultContentBlock::Text {
text: "Processing complete.".to_string(),
},
];
group.bench_with_input(
BenchmarkId::new("mixed_content", "text+json"),
&mixed_content,
|b, content| {
b.iter(|| flatten_tool_result_content(black_box(content)));
},
);
// Large content - simulating typical tool output
let large_content: Vec<ToolResultContentBlock> = (0..50)
.map(|i| {
if i % 3 == 0 {
ToolResultContentBlock::Json {
value: json!({"line": i, "content": "x".repeat(100)}),
}
} else {
ToolResultContentBlock::Text {
text: format!("Line {}: {}", i, "some output content here"),
}
}
})
.collect();
group.bench_with_input(
BenchmarkId::new("large_content", "50_blocks"),
&large_content,
|b, content| {
b.iter(|| flatten_tool_result_content(black_box(content)));
},
);
group.finish();
}
/// Benchmark is_reasoning_model detection
fn bench_is_reasoning_model(c: &mut Criterion) {
let mut group = c.benchmark_group("is_reasoning_model");
let models = vec![
("gpt-4o", false),
("o1-mini", true),
("o3", true),
("grok-3", false),
("grok-3-mini", true),
("qwen/qwen-qwq-32b", true),
("qwen/qwen-plus", false),
];
for (model, expected) in models {
group.bench_with_input(
BenchmarkId::new(model, if expected { "reasoning" } else { "normal" }),
model,
|b, m| {
b.iter(|| is_reasoning_model(black_box(m)));
},
);
}
group.finish();
}
criterion_group!(
benches,
bench_translate_message,
bench_build_request,
bench_flatten_tool_result,
bench_is_reasoning_model
);
criterion_main!(benches);

5
rust/crates/api/src/client.rs
View File

@@ -232,10 +232,7 @@ mod tests {
openai_client.base_url() openai_client.base_url()
); );
} }
other => panic!( other => panic!("Expected ProviderClient::OpenAi for qwen-plus, got: {other:?}"),
"Expected ProviderClient::OpenAi for qwen-plus, got: {:?}",
other
),
} }
} }
} }

34
rust/crates/api/src/error.rs
View File

@@ -24,7 +24,7 @@ pub enum ApiError {
env_vars: &'static [&'static str], env_vars: &'static [&'static str],
/// Optional, runtime-computed hint appended to the error Display /// Optional, runtime-computed hint appended to the error Display
/// output. Populated when the provider resolver can infer what the /// output. Populated when the provider resolver can infer what the
/// user probably intended (e.g. an OpenAI key is set but Anthropic /// user probably intended (e.g. an `OpenAI` key is set but Anthropic
/// was selected because no Anthropic credentials exist). /// was selected because no Anthropic credentials exist).
hint: Option<String>, hint: Option<String>,
}, },
@@ -53,6 +53,8 @@ pub enum ApiError {
request_id: Option<String>, request_id: Option<String>,
body: String, body: String,
retryable: bool, retryable: bool,
/// Suggested user action based on error type (e.g., "Reduce prompt size" for 413)
suggested_action: Option<String>,
}, },
RetriesExhausted { RetriesExhausted {
attempts: u32, attempts: u32,
@@ -63,6 +65,11 @@ pub enum ApiError {
attempt: u32, attempt: u32,
base_delay: Duration, base_delay: Duration,
}, },
RequestBodySizeExceeded {
estimated_bytes: usize,
max_bytes: usize,
provider: &'static str,
},
} }
impl ApiError { impl ApiError {
@@ -129,7 +136,8 @@ impl ApiError {
| Self::Io(_) | Self::Io(_)
| Self::Json { .. } | Self::Json { .. }
| Self::InvalidSseFrame(_) | Self::InvalidSseFrame(_)
| Self::BackoffOverflow { .. } => false, | Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => false,
} }
} }
@@ -147,7 +155,8 @@ impl ApiError {
| Self::Io(_) | Self::Io(_)
| Self::Json { .. } | Self::Json { .. }
| Self::InvalidSseFrame(_) | Self::InvalidSseFrame(_)
| Self::BackoffOverflow { .. } => None, | Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => None,
} }
} }
@@ -172,6 +181,7 @@ impl ApiError {
"provider_transport" "provider_transport"
} }
Self::InvalidApiKeyEnv(_) | Self::Io(_) | Self::Json { .. } => "runtime_io", Self::InvalidApiKeyEnv(_) | Self::Io(_) | Self::Json { .. } => "runtime_io",
Self::RequestBodySizeExceeded { .. } => "request_size",
} }
} }
@@ -194,7 +204,8 @@ impl ApiError {
| Self::Io(_) | Self::Io(_)
| Self::Json { .. } | Self::Json { .. }
| Self::InvalidSseFrame(_) | Self::InvalidSseFrame(_)
| Self::BackoffOverflow { .. } => false, | Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => false,
} }
} }
@@ -223,12 +234,14 @@ impl ApiError {
| Self::Io(_) | Self::Io(_)
| Self::Json { .. } | Self::Json { .. }
| Self::InvalidSseFrame(_) | Self::InvalidSseFrame(_)
| Self::BackoffOverflow { .. } => false, | Self::BackoffOverflow { .. }
| Self::RequestBodySizeExceeded { .. } => false,
} }
} }
} }
impl Display for ApiError { impl Display for ApiError {
#[allow(clippy::too_many_lines)]
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result { fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
match self { match self {
Self::MissingCredentials { Self::MissingCredentials {
@@ -324,6 +337,14 @@ impl Display for ApiError {
f, f,
"retry backoff overflowed on attempt {attempt} with base delay {base_delay:?}" "retry backoff overflowed on attempt {attempt} with base delay {base_delay:?}"
), ),
Self::RequestBodySizeExceeded {
estimated_bytes,
max_bytes,
provider,
} => write!(
f,
"request body size ({estimated_bytes} bytes) exceeds {provider} limit ({max_bytes} bytes); reduce prompt length or context before retrying"
),
} }
} }
} }
@@ -469,6 +490,7 @@ mod tests {
request_id: Some("req_jobdori_123".to_string()), request_id: Some("req_jobdori_123".to_string()),
body: String::new(), body: String::new(),
retryable: true, retryable: true,
suggested_action: None,
}; };
assert!(error.is_generic_fatal_wrapper()); assert!(error.is_generic_fatal_wrapper());
@@ -491,6 +513,7 @@ mod tests {
request_id: Some("req_nested_456".to_string()), request_id: Some("req_nested_456".to_string()),
body: String::new(), body: String::new(),
retryable: true, retryable: true,
suggested_action: None,
}), }),
}; };
@@ -511,6 +534,7 @@ mod tests {
request_id: Some("req_ctx_123".to_string()), request_id: Some("req_ctx_123".to_string()),
body: String::new(), body: String::new(),
retryable: false, retryable: false,
suggested_action: None,
}; };
assert!(error.is_context_window_failure()); assert!(error.is_context_window_failure());

4
rust/crates/api/src/http_client.rs
View File

@@ -88,12 +88,12 @@ pub fn build_http_client_with(config: &ProxyConfig) -> Result<reqwest::Client, A
.as_deref() .as_deref()
.and_then(reqwest::NoProxy::from_string); .and_then(reqwest::NoProxy::from_string);
let (http_proxy_url, https_proxy_url) = match config.proxy_url.as_deref() { let (http_proxy_url, https_url) = match config.proxy_url.as_deref() {
Some(unified) => (Some(unified), Some(unified)), Some(unified) => (Some(unified), Some(unified)),
None => (config.http_proxy.as_deref(), config.https_proxy.as_deref()), None => (config.http_proxy.as_deref(), config.https_proxy.as_deref()),
}; };
if let Some(url) = https_proxy_url { if let Some(url) = https_url {
let mut proxy = reqwest::Proxy::https(url)?; let mut proxy = reqwest::Proxy::https(url)?;
if let Some(filter) = no_proxy.clone() { if let Some(filter) = no_proxy.clone() {
proxy = proxy.no_proxy(Some(filter)); proxy = proxy.no_proxy(Some(filter));

5
rust/crates/api/src/lib.rs
View File

@@ -19,7 +19,10 @@ pub use prompt_cache::{
PromptCacheStats, PromptCacheStats,
}; };
pub use providers::anthropic::{AnthropicClient, AnthropicClient as ApiClient, AuthSource}; pub use providers::anthropic::{AnthropicClient, AnthropicClient as ApiClient, AuthSource};
pub use providers::openai_compat::{OpenAiCompatClient, OpenAiCompatConfig}; pub use providers::openai_compat::{
build_chat_completion_request, flatten_tool_result_content, is_reasoning_model,
model_rejects_is_error_field, translate_message, OpenAiCompatClient, OpenAiCompatConfig,
};
pub use providers::{ pub use providers::{
detect_provider_kind, max_tokens_for_model, max_tokens_for_model_with_override, detect_provider_kind, max_tokens_for_model, max_tokens_for_model_with_override,
resolve_model_alias, ProviderKind, resolve_model_alias, ProviderKind,

105
rust/crates/api/src/providers/anthropic.rs
View File

@@ -502,9 +502,8 @@ impl AnthropicClient {
// Best-effort refinement using the Anthropic count_tokens endpoint. // Best-effort refinement using the Anthropic count_tokens endpoint.
// On any failure (network, parse, auth), fall back to the local // On any failure (network, parse, auth), fall back to the local
// byte-estimate result which already passed above. // byte-estimate result which already passed above.
let counted_input_tokens = match self.count_tokens(request).await { let Ok(counted_input_tokens) = self.count_tokens(request).await else {
Ok(count) => count, return Ok(());
Err(_) => return Ok(()),
}; };
let estimated_total_tokens = counted_input_tokens.saturating_add(request.max_tokens); let estimated_total_tokens = counted_input_tokens.saturating_add(request.max_tokens);
if estimated_total_tokens > limit.context_window_tokens { if estimated_total_tokens > limit.context_window_tokens {
@@ -631,21 +630,7 @@ impl AuthSource {
if let Some(bearer_token) = read_env_non_empty("ANTHROPIC_AUTH_TOKEN")? { if let Some(bearer_token) = read_env_non_empty("ANTHROPIC_AUTH_TOKEN")? {
return Ok(Self::BearerToken(bearer_token)); return Ok(Self::BearerToken(bearer_token));
} }
match load_saved_oauth_token() { Err(anthropic_missing_credentials())
Ok(Some(token_set)) if oauth_token_is_expired(&token_set) => {
if token_set.refresh_token.is_some() {
Err(ApiError::Auth(
"saved OAuth token is expired; load runtime OAuth config to refresh it"
.to_string(),
))
} else {
Err(ApiError::ExpiredOAuthToken)
}
}
Ok(Some(token_set)) => Ok(Self::BearerToken(token_set.access_token)),
Ok(None) => Err(anthropic_missing_credentials()),
Err(error) => Err(error),
}
} }
} }
@@ -665,14 +650,14 @@ pub fn resolve_saved_oauth_token(config: &OAuthConfig) -> Result<Option<OAuthTok
pub fn has_auth_from_env_or_saved() -> Result<bool, ApiError> { pub fn has_auth_from_env_or_saved() -> Result<bool, ApiError> {
Ok(read_env_non_empty("ANTHROPIC_API_KEY")?.is_some() Ok(read_env_non_empty("ANTHROPIC_API_KEY")?.is_some()
|| read_env_non_empty("ANTHROPIC_AUTH_TOKEN")?.is_some() || read_env_non_empty("ANTHROPIC_AUTH_TOKEN")?.is_some())
|| load_saved_oauth_token()?.is_some())
} }
pub fn resolve_startup_auth_source<F>(load_oauth_config: F) -> Result<AuthSource, ApiError> pub fn resolve_startup_auth_source<F>(load_oauth_config: F) -> Result<AuthSource, ApiError>
where where
F: FnOnce() -> Result<Option<OAuthConfig>, ApiError>, F: FnOnce() -> Result<Option<OAuthConfig>, ApiError>,
{ {
let _ = load_oauth_config;
if let Some(api_key) = read_env_non_empty("ANTHROPIC_API_KEY")? { if let Some(api_key) = read_env_non_empty("ANTHROPIC_API_KEY")? {
return match read_env_non_empty("ANTHROPIC_AUTH_TOKEN")? { return match read_env_non_empty("ANTHROPIC_AUTH_TOKEN")? {
Some(bearer_token) => Ok(AuthSource::ApiKeyAndBearer { Some(bearer_token) => Ok(AuthSource::ApiKeyAndBearer {
@@ -685,25 +670,7 @@ where
if let Some(bearer_token) = read_env_non_empty("ANTHROPIC_AUTH_TOKEN")? { if let Some(bearer_token) = read_env_non_empty("ANTHROPIC_AUTH_TOKEN")? {
return Ok(AuthSource::BearerToken(bearer_token)); return Ok(AuthSource::BearerToken(bearer_token));
} }
Err(anthropic_missing_credentials())
let Some(token_set) = load_saved_oauth_token()? else {
return Err(anthropic_missing_credentials());
};
if !oauth_token_is_expired(&token_set) {
return Ok(AuthSource::BearerToken(token_set.access_token));
}
if token_set.refresh_token.is_none() {
return Err(ApiError::ExpiredOAuthToken);
}
let Some(config) = load_oauth_config()? else {
return Err(ApiError::Auth(
"saved OAuth token is expired; runtime OAuth config is missing".to_string(),
));
};
Ok(AuthSource::from(resolve_saved_oauth_token_set(
&config, token_set,
)?))
} }
fn resolve_saved_oauth_token_set( fn resolve_saved_oauth_token_set(
@@ -918,6 +885,7 @@ async fn expect_success(response: reqwest::Response) -> Result<reqwest::Response
request_id, request_id,
body, body,
retryable, retryable,
suggested_action: None,
}) })
} }
@@ -942,6 +910,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
request_id, request_id,
body, body,
retryable, retryable,
suggested_action,
} = error } = error
else { else {
return error; return error;
@@ -954,6 +923,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
request_id, request_id,
body, body,
retryable, retryable,
suggested_action,
}; };
} }
let Some(bearer_token) = auth.bearer_token() else { let Some(bearer_token) = auth.bearer_token() else {
@@ -964,6 +934,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
request_id, request_id,
body, body,
retryable, retryable,
suggested_action,
}; };
}; };
if !bearer_token.starts_with("sk-ant-") { if !bearer_token.starts_with("sk-ant-") {
@@ -974,6 +945,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
request_id, request_id,
body, body,
retryable, retryable,
suggested_action,
}; };
} }
// Only append the hint when the AuthSource is pure BearerToken. If both // Only append the hint when the AuthSource is pure BearerToken. If both
@@ -988,6 +960,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
request_id, request_id,
body, body,
retryable, retryable,
suggested_action,
}; };
} }
let enriched_message = match message { let enriched_message = match message {
@@ -1001,6 +974,7 @@ fn enrich_bearer_auth_error(error: ApiError, auth: &AuthSource) -> ApiError {
request_id, request_id,
body, body,
retryable, retryable,
suggested_action,
} }
} }
@@ -1016,7 +990,7 @@ fn strip_unsupported_beta_body_fields(body: &mut Value) {
object.remove("presence_penalty"); object.remove("presence_penalty");
// Anthropic uses "stop_sequences" not "stop". Convert if present. // Anthropic uses "stop_sequences" not "stop". Convert if present.
if let Some(stop_val) = object.remove("stop") { if let Some(stop_val) = object.remove("stop") {
if stop_val.as_array().map_or(false, |a| !a.is_empty()) { if stop_val.as_array().is_some_and(|a| !a.is_empty()) {
object.insert("stop_sequences".to_string(), stop_val); object.insert("stop_sequences".to_string(), stop_val);
} }
} }
@@ -1180,7 +1154,7 @@ mod tests {
} }
#[test] #[test]
fn auth_source_from_saved_oauth_when_env_absent() { fn auth_source_from_env_or_saved_ignores_saved_oauth_when_env_absent() {
let _guard = env_lock(); let _guard = env_lock();
let config_home = temp_config_home(); let config_home = temp_config_home();
std::env::set_var("CLAW_CONFIG_HOME", &config_home); std::env::set_var("CLAW_CONFIG_HOME", &config_home);
@@ -1194,8 +1168,8 @@ mod tests {
}) })
.expect("save oauth credentials"); .expect("save oauth credentials");
let auth = AuthSource::from_env_or_saved().expect("saved auth"); let error = AuthSource::from_env_or_saved().expect_err("saved oauth should be ignored");
assert_eq!(auth.bearer_token(), Some("saved-access-token")); assert!(error.to_string().contains("ANTHROPIC_API_KEY"));
clear_oauth_credentials().expect("clear credentials"); clear_oauth_credentials().expect("clear credentials");
std::env::remove_var("CLAW_CONFIG_HOME"); std::env::remove_var("CLAW_CONFIG_HOME");
@@ -1251,7 +1225,7 @@ mod tests {
} }
#[test] #[test]
fn resolve_startup_auth_source_uses_saved_oauth_without_loading_config() { fn resolve_startup_auth_source_ignores_saved_oauth_without_loading_config() {
let _guard = env_lock(); let _guard = env_lock();
let config_home = temp_config_home(); let config_home = temp_config_home();
std::env::set_var("CLAW_CONFIG_HOME", &config_home); std::env::set_var("CLAW_CONFIG_HOME", &config_home);
@@ -1265,41 +1239,9 @@ mod tests {
}) })
.expect("save oauth credentials"); .expect("save oauth credentials");
let auth = resolve_startup_auth_source(|| panic!("config should not be loaded")) let error = resolve_startup_auth_source(|| panic!("config should not be loaded"))
.expect("startup auth"); .expect_err("saved oauth should be ignored");
assert_eq!(auth.bearer_token(), Some("saved-access-token")); assert!(error.to_string().contains("ANTHROPIC_API_KEY"));
clear_oauth_credentials().expect("clear credentials");
std::env::remove_var("CLAW_CONFIG_HOME");
cleanup_temp_config_home(&config_home);
}
#[test]
fn resolve_startup_auth_source_errors_when_refreshable_token_lacks_config() {
let _guard = env_lock();
let config_home = temp_config_home();
std::env::set_var("CLAW_CONFIG_HOME", &config_home);
std::env::remove_var("ANTHROPIC_AUTH_TOKEN");
std::env::remove_var("ANTHROPIC_API_KEY");
save_oauth_credentials(&runtime::OAuthTokenSet {
access_token: "expired-access-token".to_string(),
refresh_token: Some("refresh-token".to_string()),
expires_at: Some(1),
scopes: vec!["scope:a".to_string()],
})
.expect("save expired oauth credentials");
let error =
resolve_startup_auth_source(|| Ok(None)).expect_err("missing config should error");
assert!(
matches!(error, crate::error::ApiError::Auth(message) if message.contains("runtime OAuth config is missing"))
);
let stored = runtime::load_oauth_credentials()
.expect("load stored credentials")
.expect("stored token set");
assert_eq!(stored.access_token, "expired-access-token");
assert_eq!(stored.refresh_token.as_deref(), Some("refresh-token"));
clear_oauth_credentials().expect("clear credentials"); clear_oauth_credentials().expect("clear credentials");
std::env::remove_var("CLAW_CONFIG_HOME"); std::env::remove_var("CLAW_CONFIG_HOME");
@@ -1620,6 +1562,7 @@ mod tests {
request_id: Some("req_varleg_001".to_string()), request_id: Some("req_varleg_001".to_string()),
body: String::new(), body: String::new(),
retryable: false, retryable: false,
suggested_action: None,
}; };
// when // when
@@ -1660,6 +1603,7 @@ mod tests {
request_id: None, request_id: None,
body: String::new(), body: String::new(),
retryable: true, retryable: true,
suggested_action: None,
}; };
// when // when
@@ -1688,6 +1632,7 @@ mod tests {
request_id: None, request_id: None,
body: String::new(), body: String::new(),
retryable: false, retryable: false,
suggested_action: None,
}; };
// when // when
@@ -1715,6 +1660,7 @@ mod tests {
request_id: None, request_id: None,
body: String::new(), body: String::new(),
retryable: false, retryable: false,
suggested_action: None,
}; };
// when // when
@@ -1739,6 +1685,7 @@ mod tests {
request_id: None, request_id: None,
body: String::new(), body: String::new(),
retryable: false, retryable: false,
suggested_action: None,
}; };
// when // when

172
rust/crates/api/src/providers/mod.rs
View File

@@ -122,6 +122,15 @@ const MODEL_REGISTRY: &[(&str, ProviderMetadata)] = &[
default_base_url: openai_compat::DEFAULT_XAI_BASE_URL, default_base_url: openai_compat::DEFAULT_XAI_BASE_URL,
}, },
), ),
(
"kimi",
ProviderMetadata {
provider: ProviderKind::OpenAi,
auth_env: "DASHSCOPE_API_KEY",
base_url_env: "DASHSCOPE_BASE_URL",
default_base_url: openai_compat::DEFAULT_DASHSCOPE_BASE_URL,
},
),
]; ];
#[must_use] #[must_use]
@@ -144,7 +153,10 @@ pub fn resolve_model_alias(model: &str) -> String {
"grok-2" => "grok-2", "grok-2" => "grok-2",
_ => trimmed, _ => trimmed,
}, },
ProviderKind::OpenAi => trimmed, ProviderKind::OpenAi => match *alias {
"kimi" => "kimi-k2.5",
_ => trimmed,
},
}) })
}) })
.map_or_else(|| trimmed.to_string(), ToOwned::to_owned) .map_or_else(|| trimmed.to_string(), ToOwned::to_owned)
@@ -194,6 +206,16 @@ pub fn metadata_for_model(model: &str) -> Option<ProviderMetadata> {
default_base_url: openai_compat::DEFAULT_DASHSCOPE_BASE_URL, default_base_url: openai_compat::DEFAULT_DASHSCOPE_BASE_URL,
}); });
} }
// Kimi models (kimi-k2.5, kimi-k1.5, etc.) via DashScope compatible-mode.
// Routes kimi/* and kimi-* model names to DashScope endpoint.
if canonical.starts_with("kimi/") || canonical.starts_with("kimi-") {
return Some(ProviderMetadata {
provider: ProviderKind::OpenAi,
auth_env: "DASHSCOPE_API_KEY",
base_url_env: "DASHSCOPE_BASE_URL",
default_base_url: openai_compat::DEFAULT_DASHSCOPE_BASE_URL,
});
}
None None
} }
@@ -202,6 +224,15 @@ pub fn detect_provider_kind(model: &str) -> ProviderKind {
if let Some(metadata) = metadata_for_model(model) { if let Some(metadata) = metadata_for_model(model) {
return metadata.provider; return metadata.provider;
} }
// When OPENAI_BASE_URL is set, the user explicitly configured an
// OpenAI-compatible endpoint. Prefer it over the Anthropic fallback
// even when the model name has no recognized prefix — this is the
// common case for local providers (Ollama, LM Studio, vLLM, etc.)
// where model names like "qwen2.5-coder:7b" don't match any prefix.
if std::env::var_os("OPENAI_BASE_URL").is_some() && openai_compat::has_api_key("OPENAI_API_KEY")
{
return ProviderKind::OpenAi;
}
if anthropic::has_auth_from_env_or_saved().unwrap_or(false) { if anthropic::has_auth_from_env_or_saved().unwrap_or(false) {
return ProviderKind::Anthropic; return ProviderKind::Anthropic;
} }
@@ -211,6 +242,11 @@ pub fn detect_provider_kind(model: &str) -> ProviderKind {
if openai_compat::has_api_key("XAI_API_KEY") { if openai_compat::has_api_key("XAI_API_KEY") {
return ProviderKind::Xai; return ProviderKind::Xai;
} }
// Last resort: if OPENAI_BASE_URL is set without OPENAI_API_KEY (some
// local providers like Ollama don't require auth), still route there.
if std::env::var_os("OPENAI_BASE_URL").is_some() {
return ProviderKind::OpenAi;
}
ProviderKind::Anthropic ProviderKind::Anthropic
} }
@@ -253,6 +289,12 @@ pub fn model_token_limit(model: &str) -> Option<ModelTokenLimit> {
max_output_tokens: 64_000, max_output_tokens: 64_000,
context_window_tokens: 131_072, context_window_tokens: 131_072,
}), }),
// Kimi models via DashScope (Moonshot AI)
// Source: https://platform.moonshot.cn/docs/intro
"kimi-k2.5" | "kimi-k1.5" => Some(ModelTokenLimit {
max_output_tokens: 16_384,
context_window_tokens: 256_000,
}),
_ => None, _ => None,
} }
} }
@@ -494,9 +536,10 @@ mod tests {
// ANTHROPIC_API_KEY was set because metadata_for_model returned None // ANTHROPIC_API_KEY was set because metadata_for_model returned None
// and detect_provider_kind fell through to auth-sniffer order. // and detect_provider_kind fell through to auth-sniffer order.
// The model prefix must win over env-var presence. // The model prefix must win over env-var presence.
let kind = super::metadata_for_model("openai/gpt-4.1-mini") let kind = super::metadata_for_model("openai/gpt-4.1-mini").map_or_else(
.map(|m| m.provider) || detect_provider_kind("openai/gpt-4.1-mini"),
.unwrap_or_else(|| detect_provider_kind("openai/gpt-4.1-mini")); |m| m.provider,
);
assert_eq!( assert_eq!(
kind, kind,
ProviderKind::OpenAi, ProviderKind::OpenAi,
@@ -505,8 +548,7 @@ mod tests {
// Also cover bare gpt- prefix // Also cover bare gpt- prefix
let kind2 = super::metadata_for_model("gpt-4o") let kind2 = super::metadata_for_model("gpt-4o")
.map(|m| m.provider) .map_or_else(|| detect_provider_kind("gpt-4o"), |m| m.provider);
.unwrap_or_else(|| detect_provider_kind("gpt-4o"));
assert_eq!(kind2, ProviderKind::OpenAi); assert_eq!(kind2, ProviderKind::OpenAi);
} }
@@ -540,6 +582,34 @@ mod tests {
); );
} }
#[test]
fn kimi_prefix_routes_to_dashscope() {
// Kimi models via DashScope (kimi-k2.5, kimi-k1.5, etc.)
let meta = super::metadata_for_model("kimi-k2.5")
.expect("kimi-k2.5 must resolve to DashScope metadata");
assert_eq!(meta.auth_env, "DASHSCOPE_API_KEY");
assert_eq!(meta.base_url_env, "DASHSCOPE_BASE_URL");
assert!(meta.default_base_url.contains("dashscope.aliyuncs.com"));
assert_eq!(meta.provider, ProviderKind::OpenAi);
// With provider prefix
let meta2 = super::metadata_for_model("kimi/kimi-k2.5")
.expect("kimi/kimi-k2.5 must resolve to DashScope metadata");
assert_eq!(meta2.auth_env, "DASHSCOPE_API_KEY");
assert_eq!(meta2.provider, ProviderKind::OpenAi);
// Different kimi variants
let meta3 = super::metadata_for_model("kimi-k1.5")
.expect("kimi-k1.5 must resolve to DashScope metadata");
assert_eq!(meta3.auth_env, "DASHSCOPE_API_KEY");
}
#[test]
fn kimi_alias_resolves_to_kimi_k2_5() {
assert_eq!(super::resolve_model_alias("kimi"), "kimi-k2.5");
assert_eq!(super::resolve_model_alias("KIMI"), "kimi-k2.5"); // case insensitive
}
#[test] #[test]
fn keeps_existing_max_token_heuristic() { fn keeps_existing_max_token_heuristic() {
assert_eq!(max_tokens_for_model("opus"), 32_000); assert_eq!(max_tokens_for_model("opus"), 32_000);
@@ -680,6 +750,69 @@ mod tests {
.expect("models without context metadata should skip the guarded preflight"); .expect("models without context metadata should skip the guarded preflight");
} }
#[test]
fn returns_context_window_metadata_for_kimi_models() {
// kimi-k2.5
let k25_limit = model_token_limit("kimi-k2.5")
.expect("kimi-k2.5 should have token limit metadata");
assert_eq!(k25_limit.max_output_tokens, 16_384);
assert_eq!(k25_limit.context_window_tokens, 256_000);
// kimi-k1.5
let k15_limit = model_token_limit("kimi-k1.5")
.expect("kimi-k1.5 should have token limit metadata");
assert_eq!(k15_limit.max_output_tokens, 16_384);
assert_eq!(k15_limit.context_window_tokens, 256_000);
}
#[test]
fn kimi_alias_resolves_to_kimi_k25_token_limits() {
// The "kimi" alias resolves to "kimi-k2.5" via resolve_model_alias()
let alias_limit = model_token_limit("kimi")
.expect("kimi alias should resolve to kimi-k2.5 limits");
let direct_limit = model_token_limit("kimi-k2.5")
.expect("kimi-k2.5 should have limits");
assert_eq!(alias_limit.max_output_tokens, direct_limit.max_output_tokens);
assert_eq!(
alias_limit.context_window_tokens,
direct_limit.context_window_tokens
);
}
#[test]
fn preflight_blocks_oversized_requests_for_kimi_models() {
let request = MessageRequest {
model: "kimi-k2.5".to_string(),
max_tokens: 16_384,
messages: vec![InputMessage {
role: "user".to_string(),
content: vec![InputContentBlock::Text {
text: "x".repeat(1_000_000), // Large input to exceed context window
}],
}],
system: Some("Keep the answer short.".to_string()),
tools: None,
tool_choice: None,
stream: true,
..Default::default()
};
let error = preflight_message_request(&request)
.expect_err("oversized request should be rejected for kimi models");
match error {
ApiError::ContextWindowExceeded {
model,
context_window_tokens,
..
} => {
assert_eq!(model, "kimi-k2.5");
assert_eq!(context_window_tokens, 256_000);
}
other => panic!("expected context-window preflight failure, got {other:?}"),
}
}
#[test] #[test]
fn parse_dotenv_extracts_keys_handles_comments_quotes_and_export_prefix() { fn parse_dotenv_extracts_keys_handles_comments_quotes_and_export_prefix() {
// given // given
@@ -981,4 +1114,31 @@ NO_EQUALS_LINE
"empty env var should not trigger the hint sniffer, got {hint:?}" "empty env var should not trigger the hint sniffer, got {hint:?}"
); );
} }
#[test]
fn openai_base_url_overrides_anthropic_fallback_for_unknown_model() {
// given — user has OPENAI_BASE_URL + OPENAI_API_KEY but no Anthropic
// creds, and a model name with no recognized prefix.
let _lock = env_lock();
let _base_url = EnvVarGuard::set("OPENAI_BASE_URL", Some("http://127.0.0.1:11434/v1"));
let _api_key = EnvVarGuard::set("OPENAI_API_KEY", Some("dummy"));
let _anthropic_key = EnvVarGuard::set("ANTHROPIC_API_KEY", None);
let _anthropic_token = EnvVarGuard::set("ANTHROPIC_AUTH_TOKEN", None);
// when
let provider = detect_provider_kind("qwen2.5-coder:7b");
// then — should route to OpenAI, not Anthropic
assert_eq!(
provider,
ProviderKind::OpenAi,
"OPENAI_BASE_URL should win over Anthropic fallback for unknown models"
);
}
// NOTE: a "OPENAI_BASE_URL without OPENAI_API_KEY" test is omitted
// because workspace-parallel test binaries can race on process env
// (env_lock only protects within a single binary). The detection logic
// is covered: OPENAI_BASE_URL alone routes to OpenAi as a last-resort
// fallback in detect_provider_kind().
} }

936
rust/crates/api/src/providers/openai_compat.rs
View File

File diff suppressed because it is too large Load Diff

5
rust/crates/api/src/types.rs
View File

@@ -26,6 +26,11 @@ pub struct MessageRequest {
pub presence_penalty: Option<f64>, pub presence_penalty: Option<f64>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
pub stop: Option<Vec<String>>, pub stop: Option<Vec<String>>,
/// Reasoning effort level for OpenAI-compatible reasoning models (e.g. `o4-mini`).
/// Accepted values: `"low"`, `"medium"`, `"high"`. Omitted when `None`.
/// Silently ignored by backends that do not support it.
#[serde(skip_serializing_if = "Option::is_none")]
pub reasoning_effort: Option<String>,
} }
impl MessageRequest { impl MessageRequest {

487
rust/crates/commands/src/lib.rs
View File

@@ -4,7 +4,7 @@ use std::fmt;
use std::fs; use std::fs;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use plugins::{PluginError, PluginManager, PluginSummary}; use plugins::{PluginError, PluginLoadFailure, PluginManager, PluginSummary};
use runtime::{ use runtime::{
compact_session, CompactionConfig, ConfigLoader, ConfigSource, McpOAuthConfig, McpServerConfig, compact_session, CompactionConfig, ConfigLoader, ConfigSource, McpOAuthConfig, McpServerConfig,
ScopedMcpServerConfig, Session, ScopedMcpServerConfig, Session,
@@ -257,20 +257,6 @@ const SLASH_COMMAND_SPECS: &[SlashCommandSpec] = &[
argument_hint: None, argument_hint: None,
resume_supported: true, resume_supported: true,
}, },
SlashCommandSpec {
name: "login",
aliases: &[],
summary: "Log in to the service",
argument_hint: None,
resume_supported: false,
},
SlashCommandSpec {
name: "logout",
aliases: &[],
summary: "Log out of the current session",
argument_hint: None,
resume_supported: false,
},
SlashCommandSpec { SlashCommandSpec {
name: "plan", name: "plan",
aliases: &[], aliases: &[],
@@ -1221,6 +1207,83 @@ impl SlashCommand {
pub fn parse(input: &str) -> Result<Option<Self>, SlashCommandParseError> { pub fn parse(input: &str) -> Result<Option<Self>, SlashCommandParseError> {
validate_slash_command_input(input) validate_slash_command_input(input)
} }
/// Returns the canonical slash-command name (e.g. `"/branch"`) for use in
/// error messages and logging. Derived from the spec table so it always
/// matches what the user would have typed.
#[must_use]
pub fn slash_name(&self) -> &'static str {
match self {
Self::Help => "/help",
Self::Clear { .. } => "/clear",
Self::Compact { .. } => "/compact",
Self::Cost => "/cost",
Self::Doctor => "/doctor",
Self::Config { .. } => "/config",
Self::Memory { .. } => "/memory",
Self::History { .. } => "/history",
Self::Diff => "/diff",
Self::Status => "/status",
Self::Stats => "/stats",
Self::Version => "/version",
Self::Commit { .. } => "/commit",
Self::Pr { .. } => "/pr",
Self::Issue { .. } => "/issue",
Self::Init => "/init",
Self::Bughunter { .. } => "/bughunter",
Self::Ultraplan { .. } => "/ultraplan",
Self::Teleport { .. } => "/teleport",
Self::DebugToolCall { .. } => "/debug-tool-call",
Self::Resume { .. } => "/resume",
Self::Model { .. } => "/model",
Self::Permissions { .. } => "/permissions",
Self::Session { .. } => "/session",
Self::Plugins { .. } => "/plugins",
Self::Login => "/login",
Self::Logout => "/logout",
Self::Vim => "/vim",
Self::Upgrade => "/upgrade",
Self::Share => "/share",
Self::Feedback => "/feedback",
Self::Files => "/files",
Self::Fast => "/fast",
Self::Exit => "/exit",
Self::Summary => "/summary",
Self::Desktop => "/desktop",
Self::Brief => "/brief",
Self::Advisor => "/advisor",
Self::Stickers => "/stickers",
Self::Insights => "/insights",
Self::Thinkback => "/thinkback",
Self::ReleaseNotes => "/release-notes",
Self::SecurityReview => "/security-review",
Self::Keybindings => "/keybindings",
Self::PrivacySettings => "/privacy-settings",
Self::Plan { .. } => "/plan",
Self::Review { .. } => "/review",
Self::Tasks { .. } => "/tasks",
Self::Theme { .. } => "/theme",
Self::Voice { .. } => "/voice",
Self::Usage { .. } => "/usage",
Self::Rename { .. } => "/rename",
Self::Copy { .. } => "/copy",
Self::Hooks { .. } => "/hooks",
Self::Context { .. } => "/context",
Self::Color { .. } => "/color",
Self::Effort { .. } => "/effort",
Self::Branch { .. } => "/branch",
Self::Rewind { .. } => "/rewind",
Self::Ide { .. } => "/ide",
Self::Tag { .. } => "/tag",
Self::OutputStyle { .. } => "/output-style",
Self::AddDir { .. } => "/add-dir",
Self::Sandbox => "/sandbox",
Self::Mcp { .. } => "/mcp",
Self::Export { .. } => "/export",
#[allow(unreachable_patterns)]
_ => "/unknown",
}
}
} }
#[allow(clippy::too_many_lines)] #[allow(clippy::too_many_lines)]
@@ -1320,17 +1383,16 @@ pub fn validate_slash_command_input(
"skills" | "skill" => SlashCommand::Skills { "skills" | "skill" => SlashCommand::Skills {
args: parse_skills_args(remainder.as_deref())?, args: parse_skills_args(remainder.as_deref())?,
}, },
"doctor" => { "doctor" | "providers" => {
validate_no_args(command, &args)?; validate_no_args(command, &args)?;
SlashCommand::Doctor SlashCommand::Doctor
} }
"login" => { "login" | "logout" => {
validate_no_args(command, &args)?; return Err(command_error(
SlashCommand::Login "This auth flow was removed. Set ANTHROPIC_API_KEY or ANTHROPIC_AUTH_TOKEN instead.",
} command,
"logout" => { "",
validate_no_args(command, &args)?; ));
SlashCommand::Logout
} }
"vim" => { "vim" => {
validate_no_args(command, &args)?; validate_no_args(command, &args)?;
@@ -1340,7 +1402,7 @@ pub fn validate_slash_command_input(
validate_no_args(command, &args)?; validate_no_args(command, &args)?;
SlashCommand::Upgrade SlashCommand::Upgrade
} }
"stats" => { "stats" | "tokens" | "cache" => {
validate_no_args(command, &args)?; validate_no_args(command, &args)?;
SlashCommand::Stats SlashCommand::Stats
} }
@@ -1815,20 +1877,12 @@ pub fn resume_supported_slash_commands() -> Vec<&'static SlashCommandSpec> {
fn slash_command_category(name: &str) -> &'static str { fn slash_command_category(name: &str) -> &'static str {
match name { match name {
"help" | "status" | "cost" | "resume" | "session" | "version" | "login" | "logout" "help" | "status" | "cost" | "resume" | "session" | "version" | "usage" | "stats"
| "usage" | "stats" | "rename" | "clear" | "compact" | "history" | "tokens" | "cache" | "rename" | "clear" | "compact" | "history" | "tokens" | "cache" | "exit" | "summary"
| "exit" | "summary" | "tag" | "thinkback" | "copy" | "share" | "feedback" | "rewind" | "tag" | "thinkback" | "copy" | "share" | "feedback" | "rewind" | "pin" | "unpin"
| "pin" | "unpin" | "bookmarks" | "context" | "files" | "focus" | "unfocus" | "retry" | "bookmarks" | "context" | "files" | "focus" | "unfocus" | "retry" | "stop" | "undo" => {
| "stop" | "undo" => "Session", "Session"
"diff" | "commit" | "pr" | "issue" | "branch" | "blame" | "log" | "git" | "stash" }
| "init" | "export" | "plan" | "review" | "security-review" | "bughunter" | "ultraplan"
| "teleport" | "refactor" | "fix" | "autofix" | "explain" | "docs" | "perf" | "search"
| "references" | "definition" | "hover" | "symbols" | "map" | "web" | "image"
| "screenshot" | "paste" | "listen" | "speak" | "test" | "lint" | "build" | "run"
| "format" | "parallel" | "multi" | "macro" | "alias" | "templates" | "migrate"
| "benchmark" | "cron" | "agent" | "subagent" | "agents" | "skills" | "team" | "plugin"
| "mcp" | "hooks" | "tasks" | "advisor" | "insights" | "release-notes" | "chat"
| "approve" | "deny" | "allowed-tools" | "add-dir" => "Tools",
"model" | "permissions" | "config" | "memory" | "theme" | "vim" | "voice" | "color" "model" | "permissions" | "config" | "memory" | "theme" | "vim" | "voice" | "color"
| "effort" | "fast" | "brief" | "output-style" | "keybindings" | "privacy-settings" | "effort" | "fast" | "brief" | "output-style" | "keybindings" | "privacy-settings"
| "stickers" | "language" | "profile" | "max-tokens" | "temperature" | "system-prompt" | "stickers" | "language" | "profile" | "max-tokens" | "temperature" | "system-prompt"
@@ -1938,6 +1992,42 @@ pub fn suggest_slash_commands(input: &str, limit: usize) -> Vec<String> {
} }
#[must_use] #[must_use]
/// Render the slash-command help section, optionally excluding stub commands
/// (commands that are registered in the spec list but not yet implemented).
/// Pass an empty slice to include all commands.
pub fn render_slash_command_help_filtered(exclude: &[&str]) -> String {
let mut lines = vec![
"Slash commands".to_string(),
" Start here /status, /diff, /agents, /skills, /commit".to_string(),
" [resume] also works with --resume SESSION.jsonl".to_string(),
String::new(),
];
let categories = ["Session", "Tools", "Config", "Debug"];
for category in categories {
lines.push(category.to_string());
for spec in slash_command_specs()
.iter()
.filter(|spec| slash_command_category(spec.name) == category)
.filter(|spec| !exclude.contains(&spec.name))
{
lines.push(format_slash_command_help_line(spec));
}
lines.push(String::new());
}
lines
.into_iter()
.rev()
.skip_while(String::is_empty)
.collect::<Vec<_>>()
.into_iter()
.rev()
.collect::<Vec<_>>()
.join("\n")
}
pub fn render_slash_command_help() -> String { pub fn render_slash_command_help() -> String {
let mut lines = vec![ let mut lines = vec![
"Slash commands".to_string(), "Slash commands".to_string(),
@@ -2096,10 +2186,15 @@ pub fn handle_plugins_slash_command(
manager: &mut PluginManager, manager: &mut PluginManager,
) -> Result<PluginsCommandResult, PluginError> { ) -> Result<PluginsCommandResult, PluginError> {
match action { match action {
None | Some("list") => Ok(PluginsCommandResult { None | Some("list") => {
message: render_plugins_report(&manager.list_installed_plugins()?), let report = manager.installed_plugin_registry_report()?;
reload_runtime: false, let plugins = report.summaries();
}), let failures = report.failures();
Ok(PluginsCommandResult {
message: render_plugins_report_with_failures(&plugins, failures),
reload_runtime: false,
})
}
Some("install") => { Some("install") => {
let Some(target) = target else { let Some(target) = target else {
return Ok(PluginsCommandResult { return Ok(PluginsCommandResult {
@@ -2358,7 +2453,8 @@ pub fn resolve_skill_invocation(
.map(|s| s.name.clone()) .map(|s| s.name.clone())
.collect(); .collect();
if !names.is_empty() { if !names.is_empty() {
message.push_str(&format!("\n Available skills: {}", names.join(", "))); message.push_str("\n Available skills: ");
message.push_str(&names.join(", "));
} }
} }
message.push_str("\n Usage: /skills [list|install <path>|help|<skill> [args]]"); message.push_str("\n Usage: /skills [list|install <path>|help|<skill> [args]]");
@@ -2458,11 +2554,22 @@ fn render_mcp_report_for(
match normalize_optional_args(args) { match normalize_optional_args(args) {
None | Some("list") => { None | Some("list") => {
let runtime_config = loader.load()?; // #144: degrade gracefully on config parse failure (same contract
Ok(render_mcp_summary_report( // as #143 for `status`). Text mode prepends a "Config load error"
cwd, // block before the MCP list; the list falls back to empty.
runtime_config.mcp().servers(), match loader.load() {
)) Ok(runtime_config) => Ok(render_mcp_summary_report(
cwd,
runtime_config.mcp().servers(),
)),
Err(err) => {
let empty = std::collections::BTreeMap::new();
Ok(format!(
"Config load error\n Status fail\n Summary runtime config failed to load; reporting partial MCP view\n Details {err}\n Hint `claw doctor` classifies config parse errors; fix the listed field and rerun\n\n{}",
render_mcp_summary_report(cwd, &empty)
))
}
}
} }
Some(args) if is_help_arg(args) => Ok(render_mcp_usage(None)), Some(args) if is_help_arg(args) => Ok(render_mcp_usage(None)),
Some("show") => Ok(render_mcp_usage(Some("show"))), Some("show") => Ok(render_mcp_usage(Some("show"))),
@@ -2475,12 +2582,19 @@ fn render_mcp_report_for(
if parts.next().is_some() { if parts.next().is_some() {
return Ok(render_mcp_usage(Some(args))); return Ok(render_mcp_usage(Some(args)));
} }
let runtime_config = loader.load()?; // #144: same degradation for `mcp show`; if config won't parse,
Ok(render_mcp_server_report( // the specific server lookup can't succeed, so report the parse
cwd, // error with context.
server_name, match loader.load() {
runtime_config.mcp().get(server_name), Ok(runtime_config) => Ok(render_mcp_server_report(
)) cwd,
server_name,
runtime_config.mcp().get(server_name),
)),
Err(err) => Ok(format!(
"Config load error\n Status fail\n Summary runtime config failed to load; cannot resolve `{server_name}`\n Details {err}\n Hint `claw doctor` classifies config parse errors; fix the listed field and rerun"
)),
}
} }
Some(args) => Ok(render_mcp_usage(Some(args))), Some(args) => Ok(render_mcp_usage(Some(args))),
} }
@@ -2503,11 +2617,35 @@ fn render_mcp_report_json_for(
match normalize_optional_args(args) { match normalize_optional_args(args) {
None | Some("list") => { None | Some("list") => {
let runtime_config = loader.load()?; // #144: match #143's degraded envelope contract. On config parse
Ok(render_mcp_summary_report_json( // failure, emit top-level `status: "degraded"` with
cwd, // `config_load_error`, empty servers[], and exit 0. On clean
runtime_config.mcp().servers(), // runs, the existing serializer adds `status: "ok"` below.
)) match loader.load() {
Ok(runtime_config) => {
let mut value = render_mcp_summary_report_json(
cwd,
runtime_config.mcp().servers(),
);
if let Some(map) = value.as_object_mut() {
map.insert("status".to_string(), Value::String("ok".to_string()));
map.insert("config_load_error".to_string(), Value::Null);
}
Ok(value)
}
Err(err) => {
let empty = std::collections::BTreeMap::new();
let mut value = render_mcp_summary_report_json(cwd, &empty);
if let Some(map) = value.as_object_mut() {
map.insert("status".to_string(), Value::String("degraded".to_string()));
map.insert(
"config_load_error".to_string(),
Value::String(err.to_string()),
);
}
Ok(value)
}
}
} }
Some(args) if is_help_arg(args) => Ok(render_mcp_usage_json(None)), Some(args) if is_help_arg(args) => Ok(render_mcp_usage_json(None)),
Some("show") => Ok(render_mcp_usage_json(Some("show"))), Some("show") => Ok(render_mcp_usage_json(Some("show"))),
@@ -2520,12 +2658,29 @@ fn render_mcp_report_json_for(
if parts.next().is_some() { if parts.next().is_some() {
return Ok(render_mcp_usage_json(Some(args))); return Ok(render_mcp_usage_json(Some(args)));
} }
let runtime_config = loader.load()?; // #144: same degradation pattern for show action.
Ok(render_mcp_server_report_json( match loader.load() {
cwd, Ok(runtime_config) => {
server_name, let mut value = render_mcp_server_report_json(
runtime_config.mcp().get(server_name), cwd,
)) server_name,
runtime_config.mcp().get(server_name),
);
if let Some(map) = value.as_object_mut() {
map.insert("status".to_string(), Value::String("ok".to_string()));
map.insert("config_load_error".to_string(), Value::Null);
}
Ok(value)
}
Err(err) => Ok(serde_json::json!({
"kind": "mcp",
"action": "show",
"server": server_name,
"status": "degraded",
"config_load_error": err.to_string(),
"working_directory": cwd.display().to_string(),
})),
}
} }
Some(args) => Ok(render_mcp_usage_json(Some(args))), Some(args) => Ok(render_mcp_usage_json(Some(args))),
} }
@@ -2553,6 +2708,48 @@ pub fn render_plugins_report(plugins: &[PluginSummary]) -> String {
lines.join("\n") lines.join("\n")
} }
#[must_use]
pub fn render_plugins_report_with_failures(
plugins: &[PluginSummary],
failures: &[PluginLoadFailure],
) -> String {
let mut lines = vec!["Plugins".to_string()];
// Show successfully loaded plugins
if plugins.is_empty() {
lines.push(" No plugins installed.".to_string());
} else {
for plugin in plugins {
let enabled = if plugin.enabled {
"enabled"
} else {
"disabled"
};
lines.push(format!(
" {name:<20} v{version:<10} {enabled}",
name = plugin.metadata.name,
version = plugin.metadata.version,
));
}
}
// Show warnings for broken plugins
if !failures.is_empty() {
lines.push(String::new());
lines.push("Warnings:".to_string());
for failure in failures {
lines.push(format!(
" ⚠️ Failed to load {} plugin from `{}`",
failure.kind,
failure.plugin_root.display()
));
lines.push(format!(" Error: {}", failure.error()));
}
}
lines.join("\n")
}
fn render_plugin_install_report(plugin_id: &str, plugin: Option<&PluginSummary>) -> String { fn render_plugin_install_report(plugin_id: &str, plugin: Option<&PluginSummary>) -> String {
let name = plugin.map_or(plugin_id, |plugin| plugin.metadata.name.as_str()); let name = plugin.map_or(plugin_id, |plugin| plugin.metadata.name.as_str());
let version = plugin.map_or("unknown", |plugin| plugin.metadata.version.as_str()); let version = plugin.map_or("unknown", |plugin| plugin.metadata.version.as_str());
@@ -3983,12 +4180,15 @@ mod tests {
handle_plugins_slash_command, handle_skills_slash_command_json, handle_slash_command, handle_plugins_slash_command, handle_skills_slash_command_json, handle_slash_command,
load_agents_from_roots, load_skills_from_roots, render_agents_report, load_agents_from_roots, load_skills_from_roots, render_agents_report,
render_agents_report_json, render_mcp_report_json_for, render_plugins_report, render_agents_report_json, render_mcp_report_json_for, render_plugins_report,
render_skills_report, render_slash_command_help, render_slash_command_help_detail, render_plugins_report_with_failures, render_skills_report, render_slash_command_help,
resolve_skill_path, resume_supported_slash_commands, slash_command_specs, render_slash_command_help_detail, resolve_skill_path, resume_supported_slash_commands,
suggest_slash_commands, validate_slash_command_input, DefinitionSource, SkillOrigin, slash_command_specs, suggest_slash_commands, validate_slash_command_input,
SkillRoot, SkillSlashDispatch, SlashCommand, DefinitionSource, SkillOrigin, SkillRoot, SkillSlashDispatch, SlashCommand,
};
use plugins::{
PluginError, PluginKind, PluginLoadFailure, PluginManager, PluginManagerConfig,
PluginMetadata, PluginSummary,
}; };
use plugins::{PluginKind, PluginManager, PluginManagerConfig, PluginMetadata, PluginSummary};
use runtime::{ use runtime::{
CompactionConfig, ConfigLoader, ContentBlock, ConversationMessage, MessageRole, Session, CompactionConfig, ConfigLoader, ContentBlock, ConversationMessage, MessageRole, Session,
}; };
@@ -4011,6 +4211,24 @@ mod tests {
LOCK.get_or_init(|| Mutex::new(())) LOCK.get_or_init(|| Mutex::new(()))
} }
fn env_guard() -> std::sync::MutexGuard<'static, ()> {
env_lock()
.lock()
.unwrap_or_else(std::sync::PoisonError::into_inner)
}
#[test]
fn env_guard_recovers_after_poisoning() {
let poisoned = std::thread::spawn(|| {
let _guard = env_guard();
panic!("poison env lock");
})
.join();
assert!(poisoned.is_err(), "poisoning thread should panic");
let _guard = env_guard();
}
fn restore_env_var(key: &str, original: Option<OsString>) { fn restore_env_var(key: &str, original: Option<OsString>) {
match original { match original {
Some(value) => std::env::set_var(key, value), Some(value) => std::env::set_var(key, value),
@@ -4437,6 +4655,14 @@ mod tests {
assert!(action_error.contains(" Usage /mcp [list|show <server>|help]")); assert!(action_error.contains(" Usage /mcp [list|show <server>|help]"));
} }
#[test]
fn removed_login_and_logout_commands_report_env_auth_guidance() {
let login_error = parse_error_message("/login");
assert!(login_error.contains("ANTHROPIC_API_KEY"));
let logout_error = parse_error_message("/logout");
assert!(logout_error.contains("ANTHROPIC_AUTH_TOKEN"));
}
#[test] #[test]
fn renders_help_from_shared_specs() { fn renders_help_from_shared_specs() {
let help = render_slash_command_help(); let help = render_slash_command_help();
@@ -4478,7 +4704,9 @@ mod tests {
assert!(help.contains("/agents [list|help]")); assert!(help.contains("/agents [list|help]"));
assert!(help.contains("/skills [list|install <path>|help|<skill> [args]]")); assert!(help.contains("/skills [list|install <path>|help|<skill> [args]]"));
assert!(help.contains("aliases: /skill")); assert!(help.contains("aliases: /skill"));
assert_eq!(slash_command_specs().len(), 141); assert!(!help.contains("/login"));
assert!(!help.contains("/logout"));
assert_eq!(slash_command_specs().len(), 139);
assert!(resume_supported_slash_commands().len() >= 39); assert!(resume_supported_slash_commands().len() >= 39);
} }
@@ -4609,7 +4837,14 @@ mod tests {
) )
.expect("slash command should be handled"); .expect("slash command should be handled");
assert!(result.message.contains("Compacted 2 messages")); // With the tool-use/tool-result boundary guard the compaction may
// preserve one extra message, so 1 or 2 messages may be removed.
assert!(
result.message.contains("Compacted 1 messages")
|| result.message.contains("Compacted 2 messages"),
"unexpected compaction message: {}",
result.message
);
assert_eq!(result.session.messages[0].role, MessageRole::System); assert_eq!(result.session.messages[0].role, MessageRole::System);
} }
@@ -4729,6 +4964,36 @@ mod tests {
assert!(rendered.contains("disabled")); assert!(rendered.contains("disabled"));
} }
#[test]
fn renders_plugins_report_with_broken_plugin_warnings() {
let rendered = render_plugins_report_with_failures(
&[PluginSummary {
metadata: PluginMetadata {
id: "demo@external".to_string(),
name: "demo".to_string(),
version: "1.2.3".to_string(),
description: "demo plugin".to_string(),
kind: PluginKind::External,
source: "demo".to_string(),
default_enabled: false,
root: None,
},
enabled: true,
}],
&[PluginLoadFailure::new(
PathBuf::from("/tmp/broken-plugin"),
PluginKind::External,
"broken".to_string(),
PluginError::InvalidManifest("hook path `hooks/pre.sh` does not exist".to_string()),
)],
);
assert!(rendered.contains("Warnings:"));
assert!(rendered.contains("Failed to load external plugin"));
assert!(rendered.contains("/tmp/broken-plugin"));
assert!(rendered.contains("does not exist"));
}
#[test] #[test]
fn lists_agents_from_project_and_user_roots() { fn lists_agents_from_project_and_user_roots() {
let workspace = temp_dir("agents-workspace"); let workspace = temp_dir("agents-workspace");
@@ -5026,7 +5291,7 @@ mod tests {
#[test] #[test]
fn discovers_omc_skills_from_project_and_user_compatibility_roots() { fn discovers_omc_skills_from_project_and_user_compatibility_roots() {
let _guard = env_lock().lock().expect("env lock"); let _guard = env_guard();
let workspace = temp_dir("skills-omc-workspace"); let workspace = temp_dir("skills-omc-workspace");
let user_home = temp_dir("skills-omc-home"); let user_home = temp_dir("skills-omc-home");
let claude_config_dir = temp_dir("skills-omc-claude-config"); let claude_config_dir = temp_dir("skills-omc-claude-config");
@@ -5273,6 +5538,82 @@ mod tests {
let _ = fs::remove_dir_all(config_home); let _ = fs::remove_dir_all(config_home);
} }
#[test]
fn mcp_degrades_gracefully_on_malformed_mcp_config_144() {
// #144: mirror of #143's partial-success contract for `claw mcp`.
// Previously `mcp` hard-failed on any config parse error, hiding
// well-formed servers and forcing claws to fall back to `doctor`.
// Now `mcp` emits a degraded envelope instead: exit 0, status:
// "degraded", config_load_error populated, servers[] empty.
let _guard = env_guard();
let workspace = temp_dir("mcp-degrades-144");
let config_home = temp_dir("mcp-degrades-144-cfg");
fs::create_dir_all(workspace.join(".claw")).expect("create workspace .claw dir");
fs::create_dir_all(&config_home).expect("create config home");
// One valid server + one malformed entry missing `command`.
fs::write(
workspace.join(".claw.json"),
r#"{
"mcpServers": {
"everything": {"command": "npx", "args": ["-y", "@modelcontextprotocol/server-everything"]},
"missing-command": {"args": ["arg-only-no-command"]}
}
}
"#,
)
.expect("write malformed .claw.json");
let loader = ConfigLoader::new(&workspace, &config_home);
// list action: must return Ok (not Err) with degraded envelope.
let list = render_mcp_report_json_for(&loader, &workspace, None)
.expect("mcp list should not hard-fail on config parse errors (#144)");
assert_eq!(list["kind"], "mcp");
assert_eq!(list["action"], "list");
assert_eq!(
list["status"].as_str(),
Some("degraded"),
"top-level status should be 'degraded': {list}"
);
let err = list["config_load_error"]
.as_str()
.expect("config_load_error must be a string on degraded runs");
assert!(
err.contains("mcpServers.missing-command"),
"config_load_error should name the malformed field path: {err}"
);
assert_eq!(list["configured_servers"], 0);
assert!(list["servers"].as_array().unwrap().is_empty());
// show action: should also degrade (not hard-fail).
let show = render_mcp_report_json_for(&loader, &workspace, Some("show everything"))
.expect("mcp show should not hard-fail on config parse errors (#144)");
assert_eq!(show["kind"], "mcp");
assert_eq!(show["action"], "show");
assert_eq!(
show["status"].as_str(),
Some("degraded"),
"show action should also report status: 'degraded': {show}"
);
assert!(show["config_load_error"].is_string());
// Clean path: status: "ok", config_load_error: null.
let clean_ws = temp_dir("mcp-degrades-144-clean");
fs::create_dir_all(&clean_ws).expect("clean ws");
let clean_loader = ConfigLoader::new(&clean_ws, &config_home);
let clean_list = render_mcp_report_json_for(&clean_loader, &clean_ws, None)
.expect("clean mcp list should succeed");
assert_eq!(
clean_list["status"].as_str(),
Some("ok"),
"clean run should report status: 'ok'"
);
assert!(clean_list["config_load_error"].is_null());
let _ = fs::remove_dir_all(workspace);
let _ = fs::remove_dir_all(config_home);
let _ = fs::remove_dir_all(clean_ws);
}
#[test] #[test]
fn parses_quoted_skill_frontmatter_values() { fn parses_quoted_skill_frontmatter_values() {
let contents = "---\nname: \"hud\"\ndescription: 'Quoted description'\n---\n"; let contents = "---\nname: \"hud\"\ndescription: 'Quoted description'\n---\n";

6
rust/crates/compat-harness/src/lib.rs
View File

@@ -18,6 +18,12 @@ impl UpstreamPaths {
} }
} }
/// Returns the repository root path.
#[must_use]
pub fn repo_root(&self) -> &Path {
&self.repo_root
}
#[must_use] #[must_use]
pub fn from_workspace_dir(workspace_dir: impl AsRef<Path>) -> Self { pub fn from_workspace_dir(workspace_dir: impl AsRef<Path>) -> Self {
let workspace_dir = workspace_dir let workspace_dir = workspace_dir

200
rust/crates/plugins/src/lib.rs
View File

@@ -1,10 +1,13 @@
mod hooks; mod hooks;
#[cfg(test)]
pub mod test_isolation;
use std::collections::{BTreeMap, BTreeSet}; use std::collections::{BTreeMap, BTreeSet};
use std::fmt::{Display, Formatter}; use std::fmt::{Display, Formatter};
use std::fs; use std::fs;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use std::process::{Command, Stdio}; use std::process::{Command, Stdio};
use std::sync::atomic::{AtomicU64, Ordering};
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
@@ -2160,7 +2163,13 @@ fn materialize_source(
match source { match source {
PluginInstallSource::LocalPath { path } => Ok(path.clone()), PluginInstallSource::LocalPath { path } => Ok(path.clone()),
PluginInstallSource::GitUrl { url } => { PluginInstallSource::GitUrl { url } => {
let destination = temp_root.join(format!("plugin-{}", unix_time_ms())); static MATERIALIZE_COUNTER: AtomicU64 = AtomicU64::new(0);
let unique = MATERIALIZE_COUNTER.fetch_add(1, Ordering::Relaxed);
let nanos = SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_nanos();
let destination = temp_root.join(format!("plugin-{nanos}-{unique}"));
let output = Command::new("git") let output = Command::new("git")
.arg("clone") .arg("clone")
.arg("--depth") .arg("--depth")
@@ -2273,10 +2282,24 @@ fn ensure_object<'a>(root: &'a mut Map<String, Value>, key: &str) -> &'a mut Map
.expect("object should exist") .expect("object should exist")
} }
/// Environment variable lock for test isolation.
/// Guards against concurrent modification of `CLAW_CONFIG_HOME`.
#[cfg(test)]
fn env_lock() -> &'static std::sync::Mutex<()> {
static ENV_LOCK: std::sync::Mutex<()> = std::sync::Mutex::new(());
&ENV_LOCK
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
fn env_guard() -> std::sync::MutexGuard<'static, ()> {
env_lock()
.lock()
.unwrap_or_else(std::sync::PoisonError::into_inner)
}
fn temp_dir(label: &str) -> PathBuf { fn temp_dir(label: &str) -> PathBuf {
let nanos = std::time::SystemTime::now() let nanos = std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH) .duration_since(std::time::UNIX_EPOCH)
@@ -2285,6 +2308,18 @@ mod tests {
std::env::temp_dir().join(format!("plugins-{label}-{nanos}")) std::env::temp_dir().join(format!("plugins-{label}-{nanos}"))
} }
#[test]
fn env_guard_recovers_after_poisoning() {
let poisoned = std::thread::spawn(|| {
let _guard = env_guard();
panic!("poison env lock");
})
.join();
assert!(poisoned.is_err(), "poisoning thread should panic");
let _guard = env_guard();
}
fn write_file(path: &Path, contents: &str) { fn write_file(path: &Path, contents: &str) {
if let Some(parent) = path.parent() { if let Some(parent) = path.parent() {
fs::create_dir_all(parent).expect("parent dir"); fs::create_dir_all(parent).expect("parent dir");
@@ -2468,6 +2503,7 @@ mod tests {
#[test] #[test]
fn load_plugin_from_directory_validates_required_fields() { fn load_plugin_from_directory_validates_required_fields() {
let _guard = env_guard();
let root = temp_dir("manifest-required"); let root = temp_dir("manifest-required");
write_file( write_file(
root.join(MANIFEST_FILE_NAME).as_path(), root.join(MANIFEST_FILE_NAME).as_path(),
@@ -2482,6 +2518,7 @@ mod tests {
#[test] #[test]
fn load_plugin_from_directory_reads_root_manifest_and_validates_entries() { fn load_plugin_from_directory_reads_root_manifest_and_validates_entries() {
let _guard = env_guard();
let root = temp_dir("manifest-root"); let root = temp_dir("manifest-root");
write_loader_plugin(&root); write_loader_plugin(&root);
@@ -2511,6 +2548,7 @@ mod tests {
#[test] #[test]
fn load_plugin_from_directory_supports_packaged_manifest_path() { fn load_plugin_from_directory_supports_packaged_manifest_path() {
let _guard = env_guard();
let root = temp_dir("manifest-packaged"); let root = temp_dir("manifest-packaged");
write_external_plugin(&root, "packaged-demo", "1.0.0"); write_external_plugin(&root, "packaged-demo", "1.0.0");
@@ -2524,6 +2562,7 @@ mod tests {
#[test] #[test]
fn load_plugin_from_directory_defaults_optional_fields() { fn load_plugin_from_directory_defaults_optional_fields() {
let _guard = env_guard();
let root = temp_dir("manifest-defaults"); let root = temp_dir("manifest-defaults");
write_file( write_file(
root.join(MANIFEST_FILE_NAME).as_path(), root.join(MANIFEST_FILE_NAME).as_path(),
@@ -2545,6 +2584,7 @@ mod tests {
#[test] #[test]
fn load_plugin_from_directory_rejects_duplicate_permissions_and_commands() { fn load_plugin_from_directory_rejects_duplicate_permissions_and_commands() {
let _guard = env_guard();
let root = temp_dir("manifest-duplicates"); let root = temp_dir("manifest-duplicates");
write_file( write_file(
root.join("commands").join("sync.sh").as_path(), root.join("commands").join("sync.sh").as_path(),
@@ -2840,6 +2880,7 @@ mod tests {
#[test] #[test]
fn discovers_builtin_and_bundled_plugins() { fn discovers_builtin_and_bundled_plugins() {
let _guard = env_guard();
let manager = PluginManager::new(PluginManagerConfig::new(temp_dir("discover"))); let manager = PluginManager::new(PluginManagerConfig::new(temp_dir("discover")));
let plugins = manager.list_plugins().expect("plugins should list"); let plugins = manager.list_plugins().expect("plugins should list");
assert!(plugins assert!(plugins
@@ -2852,6 +2893,7 @@ mod tests {
#[test] #[test]
fn installs_enables_updates_and_uninstalls_external_plugins() { fn installs_enables_updates_and_uninstalls_external_plugins() {
let _guard = env_guard();
let config_home = temp_dir("home"); let config_home = temp_dir("home");
let source_root = temp_dir("source"); let source_root = temp_dir("source");
write_external_plugin(&source_root, "demo", "1.0.0"); write_external_plugin(&source_root, "demo", "1.0.0");
@@ -2900,6 +2942,7 @@ mod tests {
#[test] #[test]
fn auto_installs_bundled_plugins_into_the_registry() { fn auto_installs_bundled_plugins_into_the_registry() {
let _guard = env_guard();
let config_home = temp_dir("bundled-home"); let config_home = temp_dir("bundled-home");
let bundled_root = temp_dir("bundled-root"); let bundled_root = temp_dir("bundled-root");
write_bundled_plugin(&bundled_root.join("starter"), "starter", "0.1.0", false); write_bundled_plugin(&bundled_root.join("starter"), "starter", "0.1.0", false);
@@ -2931,6 +2974,7 @@ mod tests {
#[test] #[test]
fn default_bundled_root_loads_repo_bundles_as_installed_plugins() { fn default_bundled_root_loads_repo_bundles_as_installed_plugins() {
let _guard = env_guard();
let config_home = temp_dir("default-bundled-home"); let config_home = temp_dir("default-bundled-home");
let manager = PluginManager::new(PluginManagerConfig::new(&config_home)); let manager = PluginManager::new(PluginManagerConfig::new(&config_home));
@@ -2949,6 +2993,7 @@ mod tests {
#[test] #[test]
fn bundled_sync_prunes_removed_bundled_registry_entries() { fn bundled_sync_prunes_removed_bundled_registry_entries() {
let _guard = env_guard();
let config_home = temp_dir("bundled-prune-home"); let config_home = temp_dir("bundled-prune-home");
let bundled_root = temp_dir("bundled-prune-root"); let bundled_root = temp_dir("bundled-prune-root");
let stale_install_path = config_home let stale_install_path = config_home
@@ -3012,6 +3057,7 @@ mod tests {
#[test] #[test]
fn installed_plugin_discovery_keeps_registry_entries_outside_install_root() { fn installed_plugin_discovery_keeps_registry_entries_outside_install_root() {
let _guard = env_guard();
let config_home = temp_dir("registry-fallback-home"); let config_home = temp_dir("registry-fallback-home");
let bundled_root = temp_dir("registry-fallback-bundled"); let bundled_root = temp_dir("registry-fallback-bundled");
let install_root = config_home.join("plugins").join("installed"); let install_root = config_home.join("plugins").join("installed");
@@ -3066,6 +3112,7 @@ mod tests {
#[test] #[test]
fn installed_plugin_discovery_prunes_stale_registry_entries() { fn installed_plugin_discovery_prunes_stale_registry_entries() {
let _guard = env_guard();
let config_home = temp_dir("registry-prune-home"); let config_home = temp_dir("registry-prune-home");
let bundled_root = temp_dir("registry-prune-bundled"); let bundled_root = temp_dir("registry-prune-bundled");
let install_root = config_home.join("plugins").join("installed"); let install_root = config_home.join("plugins").join("installed");
@@ -3111,6 +3158,7 @@ mod tests {
#[test] #[test]
fn persists_bundled_plugin_enable_state_across_reloads() { fn persists_bundled_plugin_enable_state_across_reloads() {
let _guard = env_guard();
let config_home = temp_dir("bundled-state-home"); let config_home = temp_dir("bundled-state-home");
let bundled_root = temp_dir("bundled-state-root"); let bundled_root = temp_dir("bundled-state-root");
write_bundled_plugin(&bundled_root.join("starter"), "starter", "0.1.0", false); write_bundled_plugin(&bundled_root.join("starter"), "starter", "0.1.0", false);
@@ -3144,6 +3192,7 @@ mod tests {
#[test] #[test]
fn persists_bundled_plugin_disable_state_across_reloads() { fn persists_bundled_plugin_disable_state_across_reloads() {
let _guard = env_guard();
let config_home = temp_dir("bundled-disabled-home"); let config_home = temp_dir("bundled-disabled-home");
let bundled_root = temp_dir("bundled-disabled-root"); let bundled_root = temp_dir("bundled-disabled-root");
write_bundled_plugin(&bundled_root.join("starter"), "starter", "0.1.0", true); write_bundled_plugin(&bundled_root.join("starter"), "starter", "0.1.0", true);
@@ -3177,6 +3226,7 @@ mod tests {
#[test] #[test]
fn validates_plugin_source_before_install() { fn validates_plugin_source_before_install() {
let _guard = env_guard();
let config_home = temp_dir("validate-home"); let config_home = temp_dir("validate-home");
let source_root = temp_dir("validate-source"); let source_root = temp_dir("validate-source");
write_external_plugin(&source_root, "validator", "1.0.0"); write_external_plugin(&source_root, "validator", "1.0.0");
@@ -3191,6 +3241,7 @@ mod tests {
#[test] #[test]
fn plugin_registry_tracks_enabled_state_and_lookup() { fn plugin_registry_tracks_enabled_state_and_lookup() {
let _guard = env_guard();
let config_home = temp_dir("registry-home"); let config_home = temp_dir("registry-home");
let source_root = temp_dir("registry-source"); let source_root = temp_dir("registry-source");
write_external_plugin(&source_root, "registry-demo", "1.0.0"); write_external_plugin(&source_root, "registry-demo", "1.0.0");
@@ -3218,6 +3269,7 @@ mod tests {
#[test] #[test]
fn plugin_registry_report_collects_load_failures_without_dropping_valid_plugins() { fn plugin_registry_report_collects_load_failures_without_dropping_valid_plugins() {
let _guard = env_guard();
// given // given
let config_home = temp_dir("report-home"); let config_home = temp_dir("report-home");
let external_root = temp_dir("report-external"); let external_root = temp_dir("report-external");
@@ -3262,6 +3314,7 @@ mod tests {
#[test] #[test]
fn installed_plugin_registry_report_collects_load_failures_from_install_root() { fn installed_plugin_registry_report_collects_load_failures_from_install_root() {
let _guard = env_guard();
// given // given
let config_home = temp_dir("installed-report-home"); let config_home = temp_dir("installed-report-home");
let bundled_root = temp_dir("installed-report-bundled"); let bundled_root = temp_dir("installed-report-bundled");
@@ -3292,6 +3345,7 @@ mod tests {
#[test] #[test]
fn rejects_plugin_sources_with_missing_hook_paths() { fn rejects_plugin_sources_with_missing_hook_paths() {
let _guard = env_guard();
// given // given
let config_home = temp_dir("broken-home"); let config_home = temp_dir("broken-home");
let source_root = temp_dir("broken-source"); let source_root = temp_dir("broken-source");
@@ -3319,6 +3373,7 @@ mod tests {
#[test] #[test]
fn rejects_plugin_sources_with_missing_failure_hook_paths() { fn rejects_plugin_sources_with_missing_failure_hook_paths() {
let _guard = env_guard();
// given // given
let config_home = temp_dir("broken-failure-home"); let config_home = temp_dir("broken-failure-home");
let source_root = temp_dir("broken-failure-source"); let source_root = temp_dir("broken-failure-source");
@@ -3346,6 +3401,7 @@ mod tests {
#[test] #[test]
fn plugin_registry_runs_initialize_and_shutdown_for_enabled_plugins() { fn plugin_registry_runs_initialize_and_shutdown_for_enabled_plugins() {
let _guard = env_guard();
let config_home = temp_dir("lifecycle-home"); let config_home = temp_dir("lifecycle-home");
let source_root = temp_dir("lifecycle-source"); let source_root = temp_dir("lifecycle-source");
let _ = write_lifecycle_plugin(&source_root, "lifecycle-demo", "1.0.0"); let _ = write_lifecycle_plugin(&source_root, "lifecycle-demo", "1.0.0");
@@ -3369,6 +3425,7 @@ mod tests {
#[test] #[test]
fn aggregates_and_executes_plugin_tools() { fn aggregates_and_executes_plugin_tools() {
let _guard = env_guard();
let config_home = temp_dir("tool-home"); let config_home = temp_dir("tool-home");
let source_root = temp_dir("tool-source"); let source_root = temp_dir("tool-source");
write_tool_plugin(&source_root, "tool-demo", "1.0.0"); write_tool_plugin(&source_root, "tool-demo", "1.0.0");
@@ -3397,6 +3454,7 @@ mod tests {
#[test] #[test]
fn list_installed_plugins_scans_install_root_without_registry_entries() { fn list_installed_plugins_scans_install_root_without_registry_entries() {
let _guard = env_guard();
let config_home = temp_dir("installed-scan-home"); let config_home = temp_dir("installed-scan-home");
let bundled_root = temp_dir("installed-scan-bundled"); let bundled_root = temp_dir("installed-scan-bundled");
let install_root = config_home.join("plugins").join("installed"); let install_root = config_home.join("plugins").join("installed");
@@ -3428,6 +3486,7 @@ mod tests {
#[test] #[test]
fn list_installed_plugins_scans_packaged_manifests_in_install_root() { fn list_installed_plugins_scans_packaged_manifests_in_install_root() {
let _guard = env_guard();
let config_home = temp_dir("installed-packaged-scan-home"); let config_home = temp_dir("installed-packaged-scan-home");
let bundled_root = temp_dir("installed-packaged-scan-bundled"); let bundled_root = temp_dir("installed-packaged-scan-bundled");
let install_root = config_home.join("plugins").join("installed"); let install_root = config_home.join("plugins").join("installed");
@@ -3456,4 +3515,143 @@ mod tests {
let _ = fs::remove_dir_all(config_home); let _ = fs::remove_dir_all(config_home);
let _ = fs::remove_dir_all(bundled_root); let _ = fs::remove_dir_all(bundled_root);
} }
/// Regression test for ROADMAP #41: verify that `CLAW_CONFIG_HOME` isolation prevents
/// host `~/.claw/plugins/` from bleeding into test runs.
#[test]
fn claw_config_home_isolation_prevents_host_plugin_leakage() {
let _guard = env_guard();
// Create a temp directory to act as our isolated CLAW_CONFIG_HOME
let config_home = temp_dir("isolated-home");
let bundled_root = temp_dir("isolated-bundled");
// Set CLAW_CONFIG_HOME to our temp directory
std::env::set_var("CLAW_CONFIG_HOME", &config_home);
// Create a test fixture plugin in the isolated config home
let install_root = config_home.join("plugins").join("installed");
let fixture_plugin_root = install_root.join("isolated-test-plugin");
write_file(
fixture_plugin_root.join(MANIFEST_RELATIVE_PATH).as_path(),
r#"{
"name": "isolated-test-plugin",
"version": "1.0.0",
"description": "Test fixture plugin in isolated config home"
}"#,
);
// Create PluginManager with isolated bundled_root - it should use the temp config_home, not host ~/.claw/
let mut config = PluginManagerConfig::new(&config_home);
config.bundled_root = Some(bundled_root.clone());
let manager = PluginManager::new(config);
// List installed plugins - should only see the test fixture, not host plugins
let installed = manager
.list_installed_plugins()
.expect("installed plugins should list");
// Verify we only see the test fixture plugin
assert_eq!(
installed.len(),
1,
"should only see the test fixture plugin, not host ~/.claw/plugins/"
);
assert_eq!(
installed[0].metadata.id, "isolated-test-plugin@external",
"should see the test fixture plugin"
);
// Cleanup
std::env::remove_var("CLAW_CONFIG_HOME");
let _ = fs::remove_dir_all(config_home);
let _ = fs::remove_dir_all(bundled_root);
}
#[test]
fn plugin_lifecycle_handles_parallel_execution() {
use std::sync::atomic::{AtomicUsize, Ordering as AtomicOrdering};
use std::sync::Arc;
use std::thread;
let _guard = env_guard();
// Shared base directory for all threads
let base_dir = temp_dir("parallel-base");
// Track successful installations and any errors
let success_count = Arc::new(AtomicUsize::new(0));
let error_count = Arc::new(AtomicUsize::new(0));
// Spawn multiple threads to install plugins simultaneously
let mut handles = Vec::new();
for thread_id in 0..5 {
let base_dir = base_dir.clone();
let success_count = Arc::clone(&success_count);
let error_count = Arc::clone(&error_count);
let handle = thread::spawn(move || {
// Create unique directories for this thread
let config_home = base_dir.join(format!("config-{thread_id}"));
let source_root = base_dir.join(format!("source-{thread_id}"));
// Write lifecycle plugin for this thread
let _log_path =
write_lifecycle_plugin(&source_root, &format!("parallel-{thread_id}"), "1.0.0");
// Create PluginManager and install
let mut manager = PluginManager::new(PluginManagerConfig::new(&config_home));
let install_result = manager.install(source_root.to_str().expect("utf8 path"));
match install_result {
Ok(install) => {
let log_path = install.install_path.join("lifecycle.log");
// Initialize and shutdown the registry to trigger lifecycle hooks
let registry = manager.plugin_registry();
match registry {
Ok(registry) => {
if registry.initialize().is_ok() && registry.shutdown().is_ok() {
// Verify lifecycle.log exists and has expected content
if let Ok(log) = fs::read_to_string(&log_path) {
if log == "init\nshutdown\n" {
success_count.fetch_add(1, AtomicOrdering::Relaxed);
}
}
}
}
Err(_) => {
error_count.fetch_add(1, AtomicOrdering::Relaxed);
}
}
}
Err(_) => {
error_count.fetch_add(1, AtomicOrdering::Relaxed);
}
}
});
handles.push(handle);
}
// Wait for all threads to complete
for handle in handles {
handle.join().expect("thread should complete");
}
// Verify all threads succeeded without collisions
let successes = success_count.load(AtomicOrdering::Relaxed);
let errors = error_count.load(AtomicOrdering::Relaxed);
assert_eq!(
successes, 5,
"all 5 parallel plugin installations should succeed"
);
assert_eq!(
errors, 0,
"no errors should occur during parallel execution"
);
// Cleanup
let _ = fs::remove_dir_all(base_dir);
}
} }

73
rust/crates/plugins/src/test_isolation.rs Normal file
View File

@@ -0,0 +1,73 @@
// Test isolation utilities for plugin tests
// ROADMAP #41: Stop ambient plugin state from skewing CLI regression checks
use std::env;
use std::path::PathBuf;
use std::sync::atomic::{AtomicU64, Ordering};
use std::sync::Mutex;
static TEST_COUNTER: AtomicU64 = AtomicU64::new(0);
static ENV_LOCK: Mutex<()> = Mutex::new(());
/// Lock for test environment isolation
pub struct EnvLock {
_guard: std::sync::MutexGuard<'static, ()>,
temp_home: PathBuf,
}
impl EnvLock {
/// Acquire environment lock for test isolation
pub fn lock() -> Self {
let guard = ENV_LOCK.lock().unwrap();
let count = TEST_COUNTER.fetch_add(1, Ordering::SeqCst);
let temp_home = std::env::temp_dir().join(format!("plugin-test-{count}"));
// Set up isolated environment
std::fs::create_dir_all(&temp_home).ok();
std::fs::create_dir_all(temp_home.join(".claude/plugins/installed")).ok();
std::fs::create_dir_all(temp_home.join(".config")).ok();
// Redirect HOME and XDG_CONFIG_HOME to temp directory
env::set_var("HOME", &temp_home);
env::set_var("XDG_CONFIG_HOME", temp_home.join(".config"));
env::set_var("XDG_DATA_HOME", temp_home.join(".local/share"));
EnvLock {
_guard: guard,
temp_home,
}
}
/// Get the temporary home directory for this test
#[must_use]
pub fn temp_home(&self) -> &PathBuf {
&self.temp_home
}
}
impl Drop for EnvLock {
fn drop(&mut self) {
// Cleanup temp directory
std::fs::remove_dir_all(&self.temp_home).ok();
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_env_lock_creates_isolated_home() {
let lock = EnvLock::lock();
let home = env::var("HOME").unwrap();
assert!(home.contains("plugin-test-"));
assert_eq!(home, lock.temp_home().to_str().unwrap());
}
#[test]
fn test_env_lock_creates_plugin_directories() {
let lock = EnvLock::lock();
let plugins_dir = lock.temp_home().join(".claude/plugins/installed");
assert!(plugins_dir.exists());
}
}

66
rust/crates/runtime/src/bash.rs
View File

@@ -8,6 +8,7 @@ use tokio::process::Command as TokioCommand;
use tokio::runtime::Builder; use tokio::runtime::Builder;
use tokio::time::timeout; use tokio::time::timeout;
use crate::lane_events::{LaneEvent, ShipMergeMethod, ShipProvenance};
use crate::sandbox::{ use crate::sandbox::{
build_linux_sandbox_command, resolve_sandbox_status_for_request, FilesystemIsolationMode, build_linux_sandbox_command, resolve_sandbox_status_for_request, FilesystemIsolationMode,
SandboxConfig, SandboxStatus, SandboxConfig, SandboxStatus,
@@ -102,11 +103,76 @@ pub fn execute_bash(input: BashCommandInput) -> io::Result<BashCommandOutput> {
runtime.block_on(execute_bash_async(input, sandbox_status, cwd)) runtime.block_on(execute_bash_async(input, sandbox_status, cwd))
} }
/// Detect git push to main and emit ship provenance event
fn detect_and_emit_ship_prepared(command: &str) {
let trimmed = command.trim();
// Simple detection: git push with main/master
if trimmed.contains("git push") && (trimmed.contains("main") || trimmed.contains("master")) {
// Emit ship.prepared event
let now = std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.unwrap_or_default()
.as_millis();
let provenance = ShipProvenance {
source_branch: get_current_branch().unwrap_or_else(|| "unknown".to_string()),
base_commit: get_head_commit().unwrap_or_default(),
commit_count: 0, // Would need to calculate from range
commit_range: "unknown..HEAD".to_string(),
merge_method: ShipMergeMethod::DirectPush,
actor: get_git_actor().unwrap_or_else(|| "unknown".to_string()),
pr_number: None,
};
let _event = LaneEvent::ship_prepared(format!("{}", now), &provenance);
// Log to stderr as interim routing before event stream integration
eprintln!(
"[ship.prepared] branch={} -> main, commits={}, actor={}",
provenance.source_branch, provenance.commit_count, provenance.actor
);
}
}
fn get_current_branch() -> Option<String> {
let output = Command::new("git")
.args(["branch", "--show-current"])
.output()
.ok()?;
if output.status.success() {
Some(String::from_utf8_lossy(&output.stdout).trim().to_string())
} else {
None
}
}
fn get_head_commit() -> Option<String> {
let output = Command::new("git")
.args(["rev-parse", "--short", "HEAD"])
.output()
.ok()?;
if output.status.success() {
Some(String::from_utf8_lossy(&output.stdout).trim().to_string())
} else {
None
}
}
fn get_git_actor() -> Option<String> {
let name = Command::new("git")
.args(["config", "user.name"])
.output()
.ok()
.filter(|o| o.status.success())
.map(|o| String::from_utf8_lossy(&o.stdout).trim().to_string())?;
Some(name)
}
async fn execute_bash_async( async fn execute_bash_async(
input: BashCommandInput, input: BashCommandInput,
sandbox_status: SandboxStatus, sandbox_status: SandboxStatus,
cwd: std::path::PathBuf, cwd: std::path::PathBuf,
) -> io::Result<BashCommandOutput> { ) -> io::Result<BashCommandOutput> {
// Detect and emit ship provenance for git push operations
detect_and_emit_ship_prepared(&input.command);
let mut command = prepare_tokio_command(&input.command, &cwd, &sandbox_status, true); let mut command = prepare_tokio_command(&input.command, &cwd, &sandbox_status, true);
let output_result = if let Some(timeout_ms) = input.timeout { let output_result = if let Some(timeout_ms) = input.timeout {

137
rust/crates/runtime/src/compact.rs
View File

@@ -108,10 +108,54 @@ pub fn compact_session(session: &Session, config: CompactionConfig) -> Compactio
.first() .first()
.and_then(extract_existing_compacted_summary); .and_then(extract_existing_compacted_summary);
let compacted_prefix_len = usize::from(existing_summary.is_some()); let compacted_prefix_len = usize::from(existing_summary.is_some());
let keep_from = session let raw_keep_from = session
.messages .messages
.len() .len()
.saturating_sub(config.preserve_recent_messages); .saturating_sub(config.preserve_recent_messages);
// Ensure we do not split a tool-use / tool-result pair at the compaction
// boundary. If the first preserved message is a user message whose first
// block is a ToolResult, the assistant message with the matching ToolUse
// was slated for removal — that produces an orphaned tool role message on
// the OpenAI-compat path (400: tool message must follow assistant with
// tool_calls). Walk the boundary back until we start at a safe point.
let keep_from = {
let mut k = raw_keep_from;
// If the first preserved message is a tool-result turn, ensure its
// paired assistant tool-use turn is preserved too. Without this fix,
// the OpenAI-compat adapter sends an orphaned 'tool' role message
// with no preceding assistant 'tool_calls', which providers reject
// with a 400. We walk back only if the immediately preceding message
// is NOT an assistant message that contains a ToolUse block (i.e. the
// pair is actually broken at the boundary).
loop {
if k == 0 || k <= compacted_prefix_len {
break;
}
let first_preserved = &session.messages[k];
let starts_with_tool_result = first_preserved
.blocks
.first()
.is_some_and(|b| matches!(b, ContentBlock::ToolResult { .. }));
if !starts_with_tool_result {
break;
}
// Check the message just before the current boundary.
let preceding = &session.messages[k - 1];
let preceding_has_tool_use = preceding
.blocks
.iter()
.any(|b| matches!(b, ContentBlock::ToolUse { .. }));
if preceding_has_tool_use {
// Pair is intact — walk back one more to include the assistant turn.
k = k.saturating_sub(1);
break;
}
// Preceding message has no ToolUse but we have a ToolResult —
// this is already an orphaned pair; walk back to try to fix it.
k = k.saturating_sub(1);
}
k
};
let removed = &session.messages[compacted_prefix_len..keep_from]; let removed = &session.messages[compacted_prefix_len..keep_from];
let preserved = session.messages[keep_from..].to_vec(); let preserved = session.messages[keep_from..].to_vec();
let summary = let summary =
@@ -510,7 +554,7 @@ fn extract_summary_timeline(summary: &str) -> Vec<String> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::{ use super::{
collect_key_files, compact_session, estimate_session_tokens, format_compact_summary, collect_key_files, compact_session, format_compact_summary,
get_compact_continuation_message, infer_pending_work, should_compact, CompactionConfig, get_compact_continuation_message, infer_pending_work, should_compact, CompactionConfig,
}; };
use crate::session::{ContentBlock, ConversationMessage, MessageRole, Session}; use crate::session::{ContentBlock, ConversationMessage, MessageRole, Session};
@@ -559,7 +603,14 @@ mod tests {
}, },
); );
assert_eq!(result.removed_message_count, 2); // With the tool-use/tool-result boundary fix, the compaction preserves
// one extra message to avoid an orphaned tool result at the boundary.
// messages[1] (assistant) must be kept along with messages[2] (tool result).
assert!(
result.removed_message_count <= 2,
"expected at most 2 removed, got {}",
result.removed_message_count
);
assert_eq!( assert_eq!(
result.compacted_session.messages[0].role, result.compacted_session.messages[0].role,
MessageRole::System MessageRole::System
@@ -577,8 +628,13 @@ mod tests {
max_estimated_tokens: 1, max_estimated_tokens: 1,
} }
)); ));
// Note: with the tool-use/tool-result boundary guard the compacted session
// may preserve one extra message at the boundary, so token reduction is
// not guaranteed for small sessions. The invariant that matters is that
// the removed_message_count is non-zero (something was compacted).
assert!( assert!(
estimate_session_tokens(&result.compacted_session) < estimate_session_tokens(&session) result.removed_message_count > 0,
"compaction must remove at least one message"
); );
} }
@@ -682,6 +738,79 @@ mod tests {
assert!(files.contains(&"rust/crates/rusty-claude-cli/src/main.rs".to_string())); assert!(files.contains(&"rust/crates/rusty-claude-cli/src/main.rs".to_string()));
} }
/// Regression: compaction must not split an assistant(ToolUse) /
/// user(ToolResult) pair at the boundary. An orphaned tool-result message
/// without the preceding assistant `tool_calls` causes a 400 on the
/// OpenAI-compat path (gaebal-gajae repro 2026-04-09).
#[test]
fn compaction_does_not_split_tool_use_tool_result_pair() {
use crate::session::{ContentBlock, Session};
let tool_id = "call_abc";
let mut session = Session::default();
// Turn 1: user prompt
session
.push_message(ConversationMessage::user_text("Search for files"))
.unwrap();
// Turn 2: assistant calls a tool
session
.push_message(ConversationMessage::assistant(vec![
ContentBlock::ToolUse {
id: tool_id.to_string(),
name: "search".to_string(),
input: "{\"q\":\"*.rs\"}".to_string(),
},
]))
.unwrap();
// Turn 3: tool result
session
.push_message(ConversationMessage::tool_result(
tool_id,
"search",
"found 5 files",
false,
))
.unwrap();
// Turn 4: assistant final response
session
.push_message(ConversationMessage::assistant(vec![ContentBlock::Text {
text: "Done.".to_string(),
}]))
.unwrap();
// Compact preserving only 1 recent message — without the fix this
// would cut the boundary so that the tool result (turn 3) is first,
// without its preceding assistant tool_calls (turn 2).
let config = CompactionConfig {
preserve_recent_messages: 1,
..CompactionConfig::default()
};
let result = compact_session(&session, config);
// After compaction, no two consecutive messages should have the pattern
// tool_result immediately following a non-assistant message (i.e. an
// orphaned tool result without a preceding assistant ToolUse).
let messages = &result.compacted_session.messages;
for i in 1..messages.len() {
let curr_is_tool_result = messages[i]
.blocks
.first()
.is_some_and(|b| matches!(b, ContentBlock::ToolResult { .. }));
if curr_is_tool_result {
let prev_has_tool_use = messages[i - 1]
.blocks
.iter()
.any(|b| matches!(b, ContentBlock::ToolUse { .. }));
assert!(
prev_has_tool_use,
"message[{}] is a ToolResult but message[{}] has no ToolUse: {:?}",
i,
i - 1,
&messages[i - 1].blocks
);
}
}
}
#[test] #[test]
fn infers_pending_work_from_recent_messages() { fn infers_pending_work_from_recent_messages() {
let pending = infer_pending_work(&[ let pending = infer_pending_work(&[

12
rust/crates/runtime/src/config.rs
View File

@@ -1254,11 +1254,21 @@ mod tests {
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
fn temp_dir() -> std::path::PathBuf { fn temp_dir() -> std::path::PathBuf {
// #149: previously used `runtime-config-{nanos}` which collided
// under parallel `cargo test --workspace` when multiple tests
// started within the same nanosecond bucket on fast machines.
// Add process id + a monotonically-incrementing atomic counter
// so every callsite gets a provably-unique directory regardless
// of clock resolution or scheduling.
use std::sync::atomic::{AtomicU64, Ordering};
static COUNTER: AtomicU64 = AtomicU64::new(0);
let nanos = SystemTime::now() let nanos = SystemTime::now()
.duration_since(UNIX_EPOCH) .duration_since(UNIX_EPOCH)
.expect("time should be after epoch") .expect("time should be after epoch")
.as_nanos(); .as_nanos();
std::env::temp_dir().join(format!("runtime-config-{nanos}")) let pid = std::process::id();
let seq = COUNTER.fetch_add(1, Ordering::Relaxed);
std::env::temp_dir().join(format!("runtime-config-{pid}-{nanos}-{seq}"))
} }
#[test] #[test]

116
rust/crates/runtime/src/conversation.rs
View File

@@ -292,6 +292,24 @@ where
} }
} }
/// Run a session health probe to verify the runtime is functional after compaction.
/// Returns Ok(()) if healthy, Err if the session appears broken.
fn run_session_health_probe(&mut self) -> Result<(), String> {
// Check if we have basic session integrity
if self.session.messages.is_empty() && self.session.compaction.is_some() {
// Freshly compacted with no messages - this is normal
return Ok(());
}
// Verify tool executor is responsive with a non-destructive probe
// Using glob_search with a pattern that won't match anything
let probe_input = r#"{"pattern": "*.health-check-probe-"}"#;
match self.tool_executor.execute("glob_search", probe_input) {
Ok(_) => Ok(()),
Err(e) => Err(format!("Tool executor probe failed: {e}")),
}
}
#[allow(clippy::too_many_lines)] #[allow(clippy::too_many_lines)]
pub fn run_turn( pub fn run_turn(
&mut self, &mut self,
@@ -299,6 +317,18 @@ where
mut prompter: Option<&mut dyn PermissionPrompter>, mut prompter: Option<&mut dyn PermissionPrompter>,
) -> Result<TurnSummary, RuntimeError> { ) -> Result<TurnSummary, RuntimeError> {
let user_input = user_input.into(); let user_input = user_input.into();
// ROADMAP #38: Session-health canary - probe if context was compacted
if self.session.compaction.is_some() {
if let Err(error) = self.run_session_health_probe() {
return Err(RuntimeError::new(format!(
"Session health probe failed after compaction: {error}. \
The session may be in an inconsistent state. \
Consider starting a fresh session with /session new."
)));
}
}
self.record_turn_started(&user_input); self.record_turn_started(&user_input);
self.session self.session
.push_user_text(user_input) .push_user_text(user_input)
@@ -504,6 +534,10 @@ where
&self.session &self.session
} }
pub fn api_client_mut(&mut self) -> &mut C {
&mut self.api_client
}
pub fn session_mut(&mut self) -> &mut Session { pub fn session_mut(&mut self) -> &mut Session {
&mut self.session &mut self.session
} }
@@ -1577,6 +1611,88 @@ mod tests {
); );
} }
#[test]
fn compaction_health_probe_blocks_turn_when_tool_executor_is_broken() {
struct SimpleApi;
impl ApiClient for SimpleApi {
fn stream(
&mut self,
_request: ApiRequest,
) -> Result<Vec<AssistantEvent>, RuntimeError> {
panic!("API should not run when health probe fails");
}
}
let mut session = Session::new();
session.record_compaction("summarized earlier work", 4);
session
.push_user_text("previous message")
.expect("message should append");
let tool_executor = StaticToolExecutor::new().register("glob_search", |_input| {
Err(ToolError::new("transport unavailable"))
});
let mut runtime = ConversationRuntime::new(
session,
SimpleApi,
tool_executor,
PermissionPolicy::new(PermissionMode::DangerFullAccess),
vec!["system".to_string()],
);
let error = runtime
.run_turn("trigger", None)
.expect_err("health probe failure should abort the turn");
assert!(
error
.to_string()
.contains("Session health probe failed after compaction"),
"unexpected error: {error}"
);
assert!(
error.to_string().contains("transport unavailable"),
"expected underlying probe error: {error}"
);
}
#[test]
fn compaction_health_probe_skips_empty_compacted_session() {
struct SimpleApi;
impl ApiClient for SimpleApi {
fn stream(
&mut self,
_request: ApiRequest,
) -> Result<Vec<AssistantEvent>, RuntimeError> {
Ok(vec![
AssistantEvent::TextDelta("done".to_string()),
AssistantEvent::MessageStop,
])
}
}
let mut session = Session::new();
session.record_compaction("fresh summary", 2);
let tool_executor = StaticToolExecutor::new().register("glob_search", |_input| {
Err(ToolError::new(
"glob_search should not run for an empty compacted session",
))
});
let mut runtime = ConversationRuntime::new(
session,
SimpleApi,
tool_executor,
PermissionPolicy::new(PermissionMode::DangerFullAccess),
vec!["system".to_string()],
);
let summary = runtime
.run_turn("trigger", None)
.expect("empty compacted session should not fail health probe");
assert_eq!(summary.auto_compaction, None);
assert_eq!(runtime.session().messages.len(), 2);
}
#[test] #[test]
fn build_assistant_message_requires_message_stop_event() { fn build_assistant_message_requires_message_stop_event() {
// given // given

91
rust/crates/runtime/src/file_ops.rs
View File

@@ -308,12 +308,20 @@ pub fn glob_search(pattern: &str, path: Option<&str>) -> io::Result<GlobSearchOu
base_dir.join(pattern).to_string_lossy().into_owned() base_dir.join(pattern).to_string_lossy().into_owned()
}; };
// The `glob` crate does not support brace expansion ({a,b,c}).
// Expand braces into multiple patterns so patterns like
// `Assets/**/*.{cs,uxml,uss}` work correctly.
let expanded = expand_braces(&search_pattern);
let mut seen = std::collections::HashSet::new();
let mut matches = Vec::new(); let mut matches = Vec::new();
let entries = glob::glob(&search_pattern) for pat in &expanded {
.map_err(|error| io::Error::new(io::ErrorKind::InvalidInput, error.to_string()))?; let entries = glob::glob(pat)
for entry in entries.flatten() { .map_err(|error| io::Error::new(io::ErrorKind::InvalidInput, error.to_string()))?;
if entry.is_file() { for entry in entries.flatten() {
matches.push(entry); if entry.is_file() && seen.insert(entry.clone()) {
matches.push(entry);
}
} }
} }
@@ -619,13 +627,35 @@ pub fn is_symlink_escape(path: &Path, workspace_root: &Path) -> io::Result<bool>
Ok(!resolved.starts_with(&canonical_root)) Ok(!resolved.starts_with(&canonical_root))
} }
/// Expand shell-style brace groups in a glob pattern.
///
/// Handles one level of braces: `foo.{a,b,c}` → `["foo.a", "foo.b", "foo.c"]`.
/// Nested braces are not expanded (uncommon in practice).
/// Patterns without braces pass through unchanged.
fn expand_braces(pattern: &str) -> Vec<String> {
let Some(open) = pattern.find('{') else {
return vec![pattern.to_owned()];
};
let Some(close) = pattern[open..].find('}').map(|i| open + i) else {
// Unmatched brace — treat as literal.
return vec![pattern.to_owned()];
};
let prefix = &pattern[..open];
let suffix = &pattern[close + 1..];
let alternatives = &pattern[open + 1..close];
alternatives
.split(',')
.flat_map(|alt| expand_braces(&format!("{prefix}{alt}{suffix}")))
.collect()
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use super::{ use super::{
edit_file, glob_search, grep_search, is_symlink_escape, read_file, read_file_in_workspace, edit_file, expand_braces, glob_search, grep_search, is_symlink_escape, read_file,
write_file, GrepSearchInput, MAX_WRITE_SIZE, read_file_in_workspace, write_file, GrepSearchInput, MAX_WRITE_SIZE,
}; };
fn temp_path(name: &str) -> std::path::PathBuf { fn temp_path(name: &str) -> std::path::PathBuf {
@@ -759,4 +789,51 @@ mod tests {
.expect("grep should succeed"); .expect("grep should succeed");
assert!(grep_output.content.unwrap_or_default().contains("hello")); assert!(grep_output.content.unwrap_or_default().contains("hello"));
} }
#[test]
fn expand_braces_no_braces() {
assert_eq!(expand_braces("*.rs"), vec!["*.rs"]);
}
#[test]
fn expand_braces_single_group() {
let mut result = expand_braces("Assets/**/*.{cs,uxml,uss}");
result.sort();
assert_eq!(
result,
vec!["Assets/**/*.cs", "Assets/**/*.uss", "Assets/**/*.uxml",]
);
}
#[test]
fn expand_braces_nested() {
let mut result = expand_braces("src/{a,b}.{rs,toml}");
result.sort();
assert_eq!(
result,
vec!["src/a.rs", "src/a.toml", "src/b.rs", "src/b.toml"]
);
}
#[test]
fn expand_braces_unmatched() {
assert_eq!(expand_braces("foo.{bar"), vec!["foo.{bar"]);
}
#[test]
fn glob_search_with_braces_finds_files() {
let dir = temp_path("glob-braces");
std::fs::create_dir_all(&dir).unwrap();
std::fs::write(dir.join("a.rs"), "fn main() {}").unwrap();
std::fs::write(dir.join("b.toml"), "[package]").unwrap();
std::fs::write(dir.join("c.txt"), "hello").unwrap();
let result =
glob_search("*.{rs,toml}", Some(dir.to_str().unwrap())).expect("glob should succeed");
assert_eq!(
result.num_files, 2,
"should match .rs and .toml but not .txt"
);
let _ = std::fs::remove_dir_all(&dir);
}
} }

143
rust/crates/runtime/src/hooks.rs
View File

@@ -1,4 +1,5 @@
use std::ffi::OsStr; use std::ffi::OsStr;
use std::fmt::Write as FmtWrite;
use std::io::Write; use std::io::Write;
use std::process::{Command, Stdio}; use std::process::{Command, Stdio};
use std::sync::{ use std::sync::{
@@ -13,6 +14,8 @@ use serde_json::{json, Value};
use crate::config::{RuntimeFeatureConfig, RuntimeHookConfig}; use crate::config::{RuntimeFeatureConfig, RuntimeHookConfig};
use crate::permissions::PermissionOverride; use crate::permissions::PermissionOverride;
const HOOK_PREVIEW_CHAR_LIMIT: usize = 160;
pub type HookPermissionDecision = PermissionOverride; pub type HookPermissionDecision = PermissionOverride;
#[derive(Debug, Clone, Copy, PartialEq, Eq)] #[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -437,7 +440,7 @@ impl HookRunner {
Ok(CommandExecution::Finished(output)) => { Ok(CommandExecution::Finished(output)) => {
let stdout = String::from_utf8_lossy(&output.stdout).trim().to_string(); let stdout = String::from_utf8_lossy(&output.stdout).trim().to_string();
let stderr = String::from_utf8_lossy(&output.stderr).trim().to_string(); let stderr = String::from_utf8_lossy(&output.stderr).trim().to_string();
let parsed = parse_hook_output(&stdout); let parsed = parse_hook_output(event, tool_name, command, &stdout, &stderr);
let primary_message = parsed.primary_message().map(ToOwned::to_owned); let primary_message = parsed.primary_message().map(ToOwned::to_owned);
match output.status.code() { match output.status.code() {
Some(0) => { Some(0) => {
@@ -532,16 +535,54 @@ fn merge_parsed_hook_output(target: &mut HookRunResult, parsed: ParsedHookOutput
} }
} }
fn parse_hook_output(stdout: &str) -> ParsedHookOutput { fn parse_hook_output(
event: HookEvent,
tool_name: &str,
command: &str,
stdout: &str,
stderr: &str,
) -> ParsedHookOutput {
if stdout.is_empty() { if stdout.is_empty() {
return ParsedHookOutput::default(); return ParsedHookOutput::default();
} }
let Ok(Value::Object(root)) = serde_json::from_str::<Value>(stdout) else { let root = match serde_json::from_str::<Value>(stdout) {
return ParsedHookOutput { Ok(Value::Object(root)) => root,
messages: vec![stdout.to_string()], Ok(value) => {
..ParsedHookOutput::default() return ParsedHookOutput {
}; messages: vec![format_invalid_hook_output(
event,
tool_name,
command,
&format!(
"expected top-level JSON object, got {}",
json_type_name(&value)
),
stdout,
stderr,
)],
..ParsedHookOutput::default()
};
}
Err(error) if looks_like_json_attempt(stdout) => {
return ParsedHookOutput {
messages: vec![format_invalid_hook_output(
event,
tool_name,
command,
&error.to_string(),
stdout,
stderr,
)],
..ParsedHookOutput::default()
};
}
Err(_) => {
return ParsedHookOutput {
messages: vec![stdout.to_string()],
..ParsedHookOutput::default()
};
}
}; };
let mut parsed = ParsedHookOutput::default(); let mut parsed = ParsedHookOutput::default();
@@ -619,6 +660,69 @@ fn parse_tool_input(tool_input: &str) -> Value {
serde_json::from_str(tool_input).unwrap_or_else(|_| json!({ "raw": tool_input })) serde_json::from_str(tool_input).unwrap_or_else(|_| json!({ "raw": tool_input }))
} }
fn format_invalid_hook_output(
event: HookEvent,
tool_name: &str,
command: &str,
detail: &str,
stdout: &str,
stderr: &str,
) -> String {
let stdout_preview = bounded_hook_preview(stdout).unwrap_or_else(|| "<empty>".to_string());
let stderr_preview = bounded_hook_preview(stderr).unwrap_or_else(|| "<empty>".to_string());
let command_preview = bounded_hook_preview(command).unwrap_or_else(|| "<empty>".to_string());
format!(
"hook_invalid_json: phase={} tool={} command={} detail={} stdout_preview={} stderr_preview={}",
event.as_str(),
tool_name,
command_preview,
detail,
stdout_preview,
stderr_preview
)
}
fn bounded_hook_preview(value: &str) -> Option<String> {
let trimmed = value.trim();
if trimmed.is_empty() {
return None;
}
let mut preview = String::new();
for (count, ch) in trimmed.chars().enumerate() {
if count == HOOK_PREVIEW_CHAR_LIMIT {
preview.push('…');
break;
}
match ch {
'\n' => preview.push_str("\\n"),
'\r' => preview.push_str("\\r"),
'\t' => preview.push_str("\\t"),
control if control.is_control() => {
let _ = write!(&mut preview, "\\u{{{:x}}}", control as u32);
}
_ => preview.push(ch),
}
}
Some(preview)
}
fn json_type_name(value: &Value) -> &'static str {
match value {
Value::Null => "null",
Value::Bool(_) => "boolean",
Value::Number(_) => "number",
Value::String(_) => "string",
Value::Array(_) => "array",
Value::Object(_) => "object",
}
}
fn looks_like_json_attempt(value: &str) -> bool {
matches!(value.trim_start().chars().next(), Some('{' | '['))
}
fn format_hook_failure(command: &str, code: i32, stdout: Option<&str>, stderr: &str) -> String { fn format_hook_failure(command: &str, code: i32, stdout: Option<&str>, stderr: &str) -> String {
let mut message = format!("Hook `{command}` exited with status {code}"); let mut message = format!("Hook `{command}` exited with status {code}");
if let Some(stdout) = stdout.filter(|stdout| !stdout.is_empty()) { if let Some(stdout) = stdout.filter(|stdout| !stdout.is_empty()) {
@@ -935,6 +1039,31 @@ mod tests {
assert!(!result.messages().iter().any(|message| message == "later")); assert!(!result.messages().iter().any(|message| message == "later"));
} }
#[test]
fn malformed_nonempty_hook_output_reports_explicit_diagnostic_with_previews() {
let runner = HookRunner::new(RuntimeHookConfig::new(
vec![shell_snippet(
"printf '{not-json\nsecond line'; printf 'stderr warning' >&2; exit 1",
)],
Vec::new(),
Vec::new(),
));
let result = runner.run_pre_tool_use("Edit", r#"{"file":"src/lib.rs"}"#);
assert!(result.is_failed());
let rendered = result.messages().join("\n");
assert!(rendered.contains("hook_invalid_json:"));
assert!(rendered.contains("phase=PreToolUse"));
assert!(rendered.contains("tool=Edit"));
assert!(rendered.contains("command=printf '{not-json"));
assert!(rendered.contains("printf 'stderr warning' >&2; exit 1"));
assert!(rendered.contains("detail=key must be a string"));
assert!(rendered.contains("stdout_preview={not-json"));
assert!(rendered.contains("second line stderr_preview=stderr warning"));
assert!(rendered.contains("stderr_preview=stderr warning"));
}
#[test] #[test]
fn abort_signal_cancels_long_running_hook_and_reports_progress() { fn abort_signal_cancels_long_running_hook_and_reports_progress() {
let runner = HookRunner::new(RuntimeHookConfig::new( let runner = HookRunner::new(RuntimeHookConfig::new(

718
rust/crates/runtime/src/lane_events.rs
View File

@@ -1,4 +1,4 @@
#![allow(clippy::similar_names)] #![allow(clippy::similar_names, clippy::cast_possible_truncation)]
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::Value; use serde_json::Value;
@@ -36,6 +36,17 @@ pub enum LaneEventName {
Closed, Closed,
#[serde(rename = "branch.stale_against_main")] #[serde(rename = "branch.stale_against_main")]
BranchStaleAgainstMain, BranchStaleAgainstMain,
#[serde(rename = "branch.workspace_mismatch")]
BranchWorkspaceMismatch,
/// Ship/provenance events — §4.44.5
#[serde(rename = "ship.prepared")]
ShipPrepared,
#[serde(rename = "ship.commits_selected")]
ShipCommitsSelected,
#[serde(rename = "ship.merged")]
ShipMerged,
#[serde(rename = "ship.pushed_main")]
ShipPushedMain,
} }
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
@@ -67,14 +78,345 @@ pub enum LaneFailureClass {
McpHandshake, McpHandshake,
GatewayRouting, GatewayRouting,
ToolRuntime, ToolRuntime,
WorkspaceMismatch,
Infra, Infra,
} }
/// Provenance labels for event source classification.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum EventProvenance {
/// Event from a live, active lane
LiveLane,
/// Event from a synthetic test
Test,
/// Event from a healthcheck probe
Healthcheck,
/// Event from a replay/log replay
Replay,
/// Event from the transport layer itself
Transport,
}
/// Session identity metadata captured at creation time.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct SessionIdentity {
/// Stable title for the session
pub title: String,
/// Workspace/worktree path
pub workspace: String,
/// Lane/session purpose
pub purpose: String,
/// Placeholder reason if any field is unknown
#[serde(skip_serializing_if = "Option::is_none")]
pub placeholder_reason: Option<String>,
}
impl SessionIdentity {
/// Create complete session identity
#[must_use]
pub fn new(
title: impl Into<String>,
workspace: impl Into<String>,
purpose: impl Into<String>,
) -> Self {
Self {
title: title.into(),
workspace: workspace.into(),
purpose: purpose.into(),
placeholder_reason: None,
}
}
/// Create session identity with placeholder for missing fields
#[must_use]
pub fn with_placeholder(
title: impl Into<String>,
workspace: impl Into<String>,
purpose: impl Into<String>,
reason: impl Into<String>,
) -> Self {
Self {
title: title.into(),
workspace: workspace.into(),
purpose: purpose.into(),
placeholder_reason: Some(reason.into()),
}
}
}
/// Lane ownership and workflow scope binding.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct LaneOwnership {
/// Owner/assignee identity
pub owner: String,
/// Workflow scope (e.g., claw-code-dogfood, external-git-maintenance)
pub workflow_scope: String,
/// Whether the watcher is expected to act, observe, or ignore
pub watcher_action: WatcherAction,
}
/// Watcher action expectation for a lane event.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum WatcherAction {
/// Watcher should take action on this event
Act,
/// Watcher should only observe
Observe,
/// Watcher should ignore this event
Ignore,
}
/// Event metadata for ordering, provenance, deduplication, and ownership.
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct LaneEventMetadata {
/// Monotonic sequence number for event ordering
pub seq: u64,
/// Event provenance source
pub provenance: EventProvenance,
/// Session identity at creation
#[serde(skip_serializing_if = "Option::is_none")]
pub session_identity: Option<SessionIdentity>,
/// Lane ownership and scope
#[serde(skip_serializing_if = "Option::is_none")]
pub ownership: Option<LaneOwnership>,
/// Nudge ID for deduplication cycles
#[serde(skip_serializing_if = "Option::is_none")]
pub nudge_id: Option<String>,
/// Event fingerprint for terminal event deduplication
#[serde(skip_serializing_if = "Option::is_none")]
pub event_fingerprint: Option<String>,
/// Timestamp when event was observed/created
pub timestamp_ms: u64,
}
impl LaneEventMetadata {
/// Create new event metadata
#[must_use]
pub fn new(seq: u64, provenance: EventProvenance) -> Self {
Self {
seq,
provenance,
session_identity: None,
ownership: None,
nudge_id: None,
event_fingerprint: None,
timestamp_ms: std::time::SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.unwrap_or_default()
.as_millis() as u64,
}
}
/// Add session identity
#[must_use]
pub fn with_session_identity(mut self, identity: SessionIdentity) -> Self {
self.session_identity = Some(identity);
self
}
/// Add ownership info
#[must_use]
pub fn with_ownership(mut self, ownership: LaneOwnership) -> Self {
self.ownership = Some(ownership);
self
}
/// Add nudge ID for dedupe
#[must_use]
pub fn with_nudge_id(mut self, nudge_id: impl Into<String>) -> Self {
self.nudge_id = Some(nudge_id.into());
self
}
/// Compute and add event fingerprint for terminal events
#[must_use]
pub fn with_fingerprint(mut self, fingerprint: impl Into<String>) -> Self {
self.event_fingerprint = Some(fingerprint.into());
self
}
}
/// Builder for constructing [`LaneEvent`]s with proper metadata.
#[derive(Debug, Clone)]
pub struct LaneEventBuilder {
event: LaneEventName,
status: LaneEventStatus,
emitted_at: String,
metadata: LaneEventMetadata,
detail: Option<String>,
failure_class: Option<LaneFailureClass>,
data: Option<serde_json::Value>,
}
impl LaneEventBuilder {
/// Start building a new lane event
#[must_use]
pub fn new(
event: LaneEventName,
status: LaneEventStatus,
emitted_at: impl Into<String>,
seq: u64,
provenance: EventProvenance,
) -> Self {
Self {
event,
status,
emitted_at: emitted_at.into(),
metadata: LaneEventMetadata::new(seq, provenance),
detail: None,
failure_class: None,
data: None,
}
}
/// Add session identity
#[must_use]
pub fn with_session_identity(mut self, identity: SessionIdentity) -> Self {
self.metadata = self.metadata.with_session_identity(identity);
self
}
/// Add ownership info
#[must_use]
pub fn with_ownership(mut self, ownership: LaneOwnership) -> Self {
self.metadata = self.metadata.with_ownership(ownership);
self
}
/// Add nudge ID
#[must_use]
pub fn with_nudge_id(mut self, nudge_id: impl Into<String>) -> Self {
self.metadata = self.metadata.with_nudge_id(nudge_id);
self
}
/// Add detail
#[must_use]
pub fn with_detail(mut self, detail: impl Into<String>) -> Self {
self.detail = Some(detail.into());
self
}
/// Add failure class
#[must_use]
pub fn with_failure_class(mut self, failure_class: LaneFailureClass) -> Self {
self.failure_class = Some(failure_class);
self
}
/// Add data payload
#[must_use]
pub fn with_data(mut self, data: serde_json::Value) -> Self {
self.data = Some(data);
self
}
/// Compute fingerprint and build terminal event
#[must_use]
pub fn build_terminal(mut self) -> LaneEvent {
let fingerprint = compute_event_fingerprint(&self.event, &self.status, self.data.as_ref());
self.metadata = self.metadata.with_fingerprint(fingerprint);
self.build()
}
/// Build the event
#[must_use]
pub fn build(self) -> LaneEvent {
LaneEvent {
event: self.event,
status: self.status,
emitted_at: self.emitted_at,
failure_class: self.failure_class,
detail: self.detail,
data: self.data,
metadata: self.metadata,
}
}
}
/// Check if an event kind is terminal (completed, failed, superseded, closed).
#[must_use]
pub fn is_terminal_event(event: LaneEventName) -> bool {
matches!(
event,
LaneEventName::Finished
| LaneEventName::Failed
| LaneEventName::Superseded
| LaneEventName::Closed
| LaneEventName::Merged
)
}
/// Compute a fingerprint for terminal event deduplication.
#[must_use]
pub fn compute_event_fingerprint(
event: &LaneEventName,
status: &LaneEventStatus,
data: Option<&serde_json::Value>,
) -> String {
use std::collections::hash_map::DefaultHasher;
use std::hash::{Hash, Hasher};
let mut hasher = DefaultHasher::new();
format!("{event:?}").hash(&mut hasher);
format!("{status:?}").hash(&mut hasher);
if let Some(d) = data {
serde_json::to_string(d)
.unwrap_or_default()
.hash(&mut hasher);
}
format!("{:016x}", hasher.finish())
}
/// Deduplicate terminal events within a reconciliation window.
/// Returns only the first occurrence of each terminal fingerprint.
#[must_use]
pub fn dedupe_terminal_events(events: &[LaneEvent]) -> Vec<LaneEvent> {
let mut seen_fingerprints = std::collections::HashSet::new();
let mut result = Vec::new();
for event in events {
if is_terminal_event(event.event) {
if let Some(fp) = &event.metadata.event_fingerprint {
if seen_fingerprints.contains(fp) {
continue; // Skip duplicate terminal event
}
seen_fingerprints.insert(fp.clone());
}
}
result.push(event.clone());
}
result
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub enum BlockedSubphase {
#[serde(rename = "blocked.trust_prompt")]
TrustPrompt { gate_repo: String },
#[serde(rename = "blocked.prompt_delivery")]
PromptDelivery { attempt: u32 },
#[serde(rename = "blocked.plugin_init")]
PluginInit { plugin_name: String },
#[serde(rename = "blocked.mcp_handshake")]
McpHandshake { server_name: String, attempt: u32 },
#[serde(rename = "blocked.branch_freshness")]
BranchFreshness { behind_main: u32 },
#[serde(rename = "blocked.test_hang")]
TestHang { elapsed_secs: u32, test_name: Option<String> },
#[serde(rename = "blocked.report_pending")]
ReportPending { since_secs: u32 },
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct LaneEventBlocker { pub struct LaneEventBlocker {
#[serde(rename = "failureClass")] #[serde(rename = "failureClass")]
pub failure_class: LaneFailureClass, pub failure_class: LaneFailureClass,
pub detail: String, pub detail: String,
#[serde(skip_serializing_if = "Option::is_none")]
pub subphase: Option<BlockedSubphase>,
} }
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
@@ -91,6 +433,29 @@ pub struct LaneCommitProvenance {
pub lineage: Vec<String>, pub lineage: Vec<String>,
} }
/// Ship/provenance metadata — §4.44.5
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct ShipProvenance {
pub source_branch: String,
pub base_commit: String,
pub commit_count: u32,
pub commit_range: String,
pub merge_method: ShipMergeMethod,
pub actor: String,
#[serde(skip_serializing_if = "Option::is_none")]
pub pr_number: Option<u32>,
}
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum ShipMergeMethod {
DirectPush,
FastForward,
MergeCommit,
SquashMerge,
RebaseMerge,
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct LaneEvent { pub struct LaneEvent {
pub event: LaneEventName, pub event: LaneEventName,
@@ -103,9 +468,13 @@ pub struct LaneEvent {
pub detail: Option<String>, pub detail: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
pub data: Option<Value>, pub data: Option<Value>,
/// Event metadata for ordering, provenance, dedupe, and ownership
pub metadata: LaneEventMetadata,
} }
impl LaneEvent { impl LaneEvent {
/// Create a new lane event with minimal metadata (seq=0, provenance=LiveLane)
/// Use `LaneEventBuilder` for events requiring full metadata.
#[must_use] #[must_use]
pub fn new( pub fn new(
event: LaneEventName, event: LaneEventName,
@@ -119,6 +488,7 @@ impl LaneEvent {
failure_class: None, failure_class: None,
detail: None, detail: None,
data: None, data: None,
metadata: LaneEventMetadata::new(0, EventProvenance::LiveLane),
} }
} }
@@ -169,16 +539,56 @@ impl LaneEvent {
#[must_use] #[must_use]
pub fn blocked(emitted_at: impl Into<String>, blocker: &LaneEventBlocker) -> Self { pub fn blocked(emitted_at: impl Into<String>, blocker: &LaneEventBlocker) -> Self {
Self::new(LaneEventName::Blocked, LaneEventStatus::Blocked, emitted_at) let mut event = Self::new(LaneEventName::Blocked, LaneEventStatus::Blocked, emitted_at)
.with_failure_class(blocker.failure_class) .with_failure_class(blocker.failure_class)
.with_detail(blocker.detail.clone()) .with_detail(blocker.detail.clone());
if let Some(ref subphase) = blocker.subphase {
event = event.with_data(serde_json::to_value(subphase).expect("subphase should serialize"));
}
event
} }
#[must_use] #[must_use]
pub fn failed(emitted_at: impl Into<String>, blocker: &LaneEventBlocker) -> Self { pub fn failed(emitted_at: impl Into<String>, blocker: &LaneEventBlocker) -> Self {
Self::new(LaneEventName::Failed, LaneEventStatus::Failed, emitted_at) let mut event = Self::new(LaneEventName::Failed, LaneEventStatus::Failed, emitted_at)
.with_failure_class(blocker.failure_class) .with_failure_class(blocker.failure_class)
.with_detail(blocker.detail.clone()) .with_detail(blocker.detail.clone());
if let Some(ref subphase) = blocker.subphase {
event = event.with_data(serde_json::to_value(subphase).expect("subphase should serialize"));
}
event
}
/// Ship prepared — §4.44.5
#[must_use]
pub fn ship_prepared(emitted_at: impl Into<String>, provenance: &ShipProvenance) -> Self {
Self::new(LaneEventName::ShipPrepared, LaneEventStatus::Ready, emitted_at)
.with_data(serde_json::to_value(provenance).expect("ship provenance should serialize"))
}
/// Ship commits selected — §4.44.5
#[must_use]
pub fn ship_commits_selected(
emitted_at: impl Into<String>,
commit_count: u32,
commit_range: impl Into<String>,
) -> Self {
Self::new(LaneEventName::ShipCommitsSelected, LaneEventStatus::Ready, emitted_at)
.with_detail(format!("{} commits: {}", commit_count, commit_range.into()))
}
/// Ship merged — §4.44.5
#[must_use]
pub fn ship_merged(emitted_at: impl Into<String>, provenance: &ShipProvenance) -> Self {
Self::new(LaneEventName::ShipMerged, LaneEventStatus::Completed, emitted_at)
.with_data(serde_json::to_value(provenance).expect("ship provenance should serialize"))
}
/// Ship pushed to main — §4.44.5
#[must_use]
pub fn ship_pushed_main(emitted_at: impl Into<String>, provenance: &ShipProvenance) -> Self {
Self::new(LaneEventName::ShipPushedMain, LaneEventStatus::Completed, emitted_at)
.with_data(serde_json::to_value(provenance).expect("ship provenance should serialize"))
} }
#[must_use] #[must_use]
@@ -251,8 +661,11 @@ mod tests {
use serde_json::json; use serde_json::json;
use super::{ use super::{
dedupe_superseded_commit_events, LaneCommitProvenance, LaneEvent, LaneEventBlocker, compute_event_fingerprint, dedupe_superseded_commit_events, dedupe_terminal_events,
LaneEventName, LaneEventStatus, LaneFailureClass, is_terminal_event, BlockedSubphase, EventProvenance, LaneCommitProvenance, LaneEvent,
LaneEventBlocker, LaneEventBuilder, LaneEventMetadata, LaneEventName, LaneEventStatus,
LaneFailureClass, LaneOwnership, SessionIdentity, ShipMergeMethod, ShipProvenance,
WatcherAction,
}; };
#[test] #[test]
@@ -277,6 +690,14 @@ mod tests {
LaneEventName::BranchStaleAgainstMain, LaneEventName::BranchStaleAgainstMain,
"branch.stale_against_main", "branch.stale_against_main",
), ),
(
LaneEventName::BranchWorkspaceMismatch,
"branch.workspace_mismatch",
),
(LaneEventName::ShipPrepared, "ship.prepared"),
(LaneEventName::ShipCommitsSelected, "ship.commits_selected"),
(LaneEventName::ShipMerged, "ship.merged"),
(LaneEventName::ShipPushedMain, "ship.pushed_main"),
]; ];
for (event, expected) in cases { for (event, expected) in cases {
@@ -300,6 +721,7 @@ mod tests {
(LaneFailureClass::McpHandshake, "mcp_handshake"), (LaneFailureClass::McpHandshake, "mcp_handshake"),
(LaneFailureClass::GatewayRouting, "gateway_routing"), (LaneFailureClass::GatewayRouting, "gateway_routing"),
(LaneFailureClass::ToolRuntime, "tool_runtime"), (LaneFailureClass::ToolRuntime, "tool_runtime"),
(LaneFailureClass::WorkspaceMismatch, "workspace_mismatch"),
(LaneFailureClass::Infra, "infra"), (LaneFailureClass::Infra, "infra"),
]; ];
@@ -316,6 +738,10 @@ mod tests {
let blocker = LaneEventBlocker { let blocker = LaneEventBlocker {
failure_class: LaneFailureClass::McpStartup, failure_class: LaneFailureClass::McpStartup,
detail: "broken server".to_string(), detail: "broken server".to_string(),
subphase: Some(BlockedSubphase::McpHandshake {
server_name: "test-server".to_string(),
attempt: 1,
}),
}; };
let blocked = LaneEvent::blocked("2026-04-04T00:00:00Z", &blocker); let blocked = LaneEvent::blocked("2026-04-04T00:00:00Z", &blocker);
@@ -329,6 +755,66 @@ mod tests {
assert_eq!(failed.detail.as_deref(), Some("broken server")); assert_eq!(failed.detail.as_deref(), Some("broken server"));
} }
#[test]
fn workspace_mismatch_failure_class_round_trips_in_branch_event_payloads() {
let mismatch = LaneEvent::new(
LaneEventName::BranchWorkspaceMismatch,
LaneEventStatus::Blocked,
"2026-04-04T00:00:02Z",
)
.with_failure_class(LaneFailureClass::WorkspaceMismatch)
.with_detail("session belongs to /tmp/repo-a but current workspace is /tmp/repo-b")
.with_data(json!({
"expectedWorkspaceRoot": "/tmp/repo-a",
"actualWorkspaceRoot": "/tmp/repo-b",
"sessionId": "sess-123",
}));
let mismatch_json = serde_json::to_value(&mismatch).expect("lane event should serialize");
assert_eq!(mismatch_json["event"], "branch.workspace_mismatch");
assert_eq!(mismatch_json["failureClass"], "workspace_mismatch");
assert_eq!(
mismatch_json["data"]["expectedWorkspaceRoot"],
"/tmp/repo-a"
);
let round_trip: LaneEvent =
serde_json::from_value(mismatch_json).expect("lane event should deserialize");
assert_eq!(round_trip.event, LaneEventName::BranchWorkspaceMismatch);
assert_eq!(
round_trip.failure_class,
Some(LaneFailureClass::WorkspaceMismatch)
);
}
#[test]
fn ship_provenance_events_serialize_to_expected_wire_values() {
let provenance = ShipProvenance {
source_branch: "feature/provenance".to_string(),
base_commit: "dd73962".to_string(),
commit_count: 6,
commit_range: "dd73962..c956f78".to_string(),
merge_method: ShipMergeMethod::DirectPush,
actor: "Jobdori".to_string(),
pr_number: None,
};
let prepared = LaneEvent::ship_prepared("2026-04-20T14:30:00Z", &provenance);
let prepared_json = serde_json::to_value(&prepared).expect("ship event should serialize");
assert_eq!(prepared_json["event"], "ship.prepared");
assert_eq!(prepared_json["data"]["commit_count"], 6);
assert_eq!(prepared_json["data"]["source_branch"], "feature/provenance");
let pushed = LaneEvent::ship_pushed_main("2026-04-20T14:35:00Z", &provenance);
let pushed_json = serde_json::to_value(&pushed).expect("ship event should serialize");
assert_eq!(pushed_json["event"], "ship.pushed_main");
assert_eq!(pushed_json["data"]["merge_method"], "direct_push");
let round_trip: LaneEvent =
serde_json::from_value(pushed_json).expect("ship event should deserialize");
assert_eq!(round_trip.event, LaneEventName::ShipPushedMain);
}
#[test] #[test]
fn commit_events_can_carry_worktree_and_supersession_metadata() { fn commit_events_can_carry_worktree_and_supersession_metadata() {
let event = LaneEvent::commit_created( let event = LaneEvent::commit_created(
@@ -380,4 +866,222 @@ mod tests {
assert_eq!(retained.len(), 1); assert_eq!(retained.len(), 1);
assert_eq!(retained[0].detail.as_deref(), Some("new")); assert_eq!(retained[0].detail.as_deref(), Some("new"));
} }
#[test]
fn lane_event_metadata_includes_monotonic_sequence() {
let meta1 = LaneEventMetadata::new(0, EventProvenance::LiveLane);
let meta2 = LaneEventMetadata::new(1, EventProvenance::LiveLane);
let meta3 = LaneEventMetadata::new(2, EventProvenance::Test);
assert_eq!(meta1.seq, 0);
assert_eq!(meta2.seq, 1);
assert_eq!(meta3.seq, 2);
assert!(meta1.timestamp_ms <= meta2.timestamp_ms);
}
#[test]
fn event_provenance_round_trips_through_serialization() {
let cases = [
(EventProvenance::LiveLane, "live_lane"),
(EventProvenance::Test, "test"),
(EventProvenance::Healthcheck, "healthcheck"),
(EventProvenance::Replay, "replay"),
(EventProvenance::Transport, "transport"),
];
for (provenance, expected) in cases {
let json = serde_json::to_value(provenance).expect("should serialize");
assert_eq!(json, serde_json::json!(expected));
let round_trip: EventProvenance =
serde_json::from_value(json).expect("should deserialize");
assert_eq!(round_trip, provenance);
}
}
#[test]
fn session_identity_is_complete_at_creation() {
let identity = SessionIdentity::new("my-lane", "/tmp/repo", "implement feature X");
assert_eq!(identity.title, "my-lane");
assert_eq!(identity.workspace, "/tmp/repo");
assert_eq!(identity.purpose, "implement feature X");
assert!(identity.placeholder_reason.is_none());
// Test with placeholder
let with_placeholder = SessionIdentity::with_placeholder(
"untitled",
"/tmp/unknown",
"unknown",
"session created before title was known",
);
assert_eq!(
with_placeholder.placeholder_reason,
Some("session created before title was known".to_string())
);
}
#[test]
fn lane_ownership_binding_includes_workflow_scope() {
let ownership = LaneOwnership {
owner: "claw-1".to_string(),
workflow_scope: "claw-code-dogfood".to_string(),
watcher_action: WatcherAction::Act,
};
assert_eq!(ownership.owner, "claw-1");
assert_eq!(ownership.workflow_scope, "claw-code-dogfood");
assert_eq!(ownership.watcher_action, WatcherAction::Act);
}
#[test]
fn watcher_action_round_trips_through_serialization() {
let cases = [
(WatcherAction::Act, "act"),
(WatcherAction::Observe, "observe"),
(WatcherAction::Ignore, "ignore"),
];
for (action, expected) in cases {
let json = serde_json::to_value(action).expect("should serialize");
assert_eq!(json, serde_json::json!(expected));
let round_trip: WatcherAction =
serde_json::from_value(json).expect("should deserialize");
assert_eq!(round_trip, action);
}
}
#[test]
fn is_terminal_event_detects_terminal_states() {
assert!(is_terminal_event(LaneEventName::Finished));
assert!(is_terminal_event(LaneEventName::Failed));
assert!(is_terminal_event(LaneEventName::Superseded));
assert!(is_terminal_event(LaneEventName::Closed));
assert!(is_terminal_event(LaneEventName::Merged));
assert!(!is_terminal_event(LaneEventName::Started));
assert!(!is_terminal_event(LaneEventName::Ready));
assert!(!is_terminal_event(LaneEventName::Blocked));
}
#[test]
fn compute_event_fingerprint_is_deterministic() {
let fp1 = compute_event_fingerprint(
&LaneEventName::Finished,
&LaneEventStatus::Completed,
Some(&json!({"commit": "abc123"})),
);
let fp2 = compute_event_fingerprint(
&LaneEventName::Finished,
&LaneEventStatus::Completed,
Some(&json!({"commit": "abc123"})),
);
assert_eq!(fp1, fp2, "same inputs should produce same fingerprint");
assert!(!fp1.is_empty());
assert_eq!(fp1.len(), 16, "fingerprint should be 16 hex chars");
}
#[test]
fn compute_event_fingerprint_differs_for_different_inputs() {
let fp1 =
compute_event_fingerprint(&LaneEventName::Finished, &LaneEventStatus::Completed, None);
let fp2 = compute_event_fingerprint(&LaneEventName::Failed, &LaneEventStatus::Failed, None);
let fp3 = compute_event_fingerprint(
&LaneEventName::Finished,
&LaneEventStatus::Completed,
Some(&json!({"commit": "abc123"})),
);
assert_ne!(fp1, fp2, "different event/status should differ");
assert_ne!(fp1, fp3, "different data should differ");
}
#[test]
fn dedupe_terminal_events_suppresses_duplicates() {
let event1 = LaneEventBuilder::new(
LaneEventName::Finished,
LaneEventStatus::Completed,
"2026-04-04T00:00:00Z",
0,
EventProvenance::LiveLane,
)
.build_terminal();
let event2 = LaneEventBuilder::new(
LaneEventName::Started,
LaneEventStatus::Running,
"2026-04-04T00:00:01Z",
1,
EventProvenance::LiveLane,
)
.build();
let event3 = LaneEventBuilder::new(
LaneEventName::Finished,
LaneEventStatus::Completed,
"2026-04-04T00:00:02Z",
2,
EventProvenance::LiveLane,
)
.build_terminal(); // Same fingerprint as event1
let deduped = dedupe_terminal_events(&[event1.clone(), event2.clone(), event3.clone()]);
assert_eq!(deduped.len(), 2, "should have 2 events after dedupe");
assert_eq!(deduped[0].event, LaneEventName::Finished);
assert_eq!(deduped[1].event, LaneEventName::Started);
// event3 should be suppressed as duplicate of event1
}
#[test]
fn lane_event_builder_constructs_event_with_metadata() {
let event = LaneEventBuilder::new(
LaneEventName::Started,
LaneEventStatus::Running,
"2026-04-04T00:00:00Z",
42,
EventProvenance::Test,
)
.with_session_identity(SessionIdentity::new("test-lane", "/tmp", "test"))
.with_ownership(LaneOwnership {
owner: "bot-1".to_string(),
workflow_scope: "test-suite".to_string(),
watcher_action: WatcherAction::Observe,
})
.with_nudge_id("nudge-123")
.with_detail("starting test run")
.build();
assert_eq!(event.event, LaneEventName::Started);
assert_eq!(event.metadata.seq, 42);
assert_eq!(event.metadata.provenance, EventProvenance::Test);
assert_eq!(
event.metadata.session_identity.as_ref().unwrap().title,
"test-lane"
);
assert_eq!(event.metadata.ownership.as_ref().unwrap().owner, "bot-1");
assert_eq!(event.metadata.nudge_id, Some("nudge-123".to_string()));
assert_eq!(event.detail, Some("starting test run".to_string()));
}
#[test]
fn lane_event_metadata_round_trips_through_serialization() {
let meta = LaneEventMetadata::new(5, EventProvenance::Healthcheck)
.with_session_identity(SessionIdentity::new("lane-1", "/tmp", "purpose"))
.with_nudge_id("nudge-abc");
let json = serde_json::to_value(&meta).expect("should serialize");
assert_eq!(json["seq"], 5);
assert_eq!(json["provenance"], "healthcheck");
assert_eq!(json["nudge_id"], "nudge-abc");
assert!(json["timestamp_ms"].as_u64().is_some());
let round_trip: LaneEventMetadata =
serde_json::from_value(json).expect("should deserialize");
assert_eq!(round_trip.seq, 5);
assert_eq!(round_trip.provenance, EventProvenance::Healthcheck);
assert_eq!(round_trip.nudge_id, Some("nudge-abc".to_string()));
}
} }

7
rust/crates/runtime/src/lib.rs
View File

@@ -83,8 +83,11 @@ pub use hooks::{
HookAbortSignal, HookEvent, HookProgressEvent, HookProgressReporter, HookRunResult, HookRunner, HookAbortSignal, HookEvent, HookProgressEvent, HookProgressReporter, HookRunResult, HookRunner,
}; };
pub use lane_events::{ pub use lane_events::{
dedupe_superseded_commit_events, LaneCommitProvenance, LaneEvent, LaneEventBlocker, compute_event_fingerprint, dedupe_superseded_commit_events, dedupe_terminal_events,
LaneEventName, LaneEventStatus, LaneFailureClass, is_terminal_event, BlockedSubphase, EventProvenance, LaneCommitProvenance, LaneEvent,
LaneEventBlocker, LaneEventBuilder, LaneEventMetadata, LaneEventName, LaneEventStatus,
LaneFailureClass, LaneOwnership, SessionIdentity, ShipMergeMethod, ShipProvenance,
WatcherAction,
}; };
pub use mcp::{ pub use mcp::{
mcp_server_signature, mcp_tool_name, mcp_tool_prefix, normalize_name_for_mcp, mcp_server_signature, mcp_tool_name, mcp_tool_prefix, normalize_name_for_mcp,

9
rust/crates/runtime/src/oauth.rs
View File

@@ -335,7 +335,14 @@ fn credentials_home_dir() -> io::Result<PathBuf> {
return Ok(PathBuf::from(path)); return Ok(PathBuf::from(path));
} }
let home = std::env::var_os("HOME") let home = std::env::var_os("HOME")
.ok_or_else(|| io::Error::new(io::ErrorKind::NotFound, "HOME is not set"))?; .or_else(|| std::env::var_os("USERPROFILE"))
.ok_or_else(|| {
io::Error::new(
io::ErrorKind::NotFound,
"HOME is not set (on Windows, set USERPROFILE or HOME, \
or use CLAW_CONFIG_HOME to point directly at the config directory)",
)
})?;
Ok(PathBuf::from(home).join(".claw")) Ok(PathBuf::from(home).join(".claw"))
} }

34
rust/crates/runtime/src/permission_enforcer.rs
View File

@@ -65,6 +65,40 @@ impl PermissionEnforcer {
matches!(self.check(tool_name, input), EnforcementResult::Allowed) matches!(self.check(tool_name, input), EnforcementResult::Allowed)
} }
/// Check permission with an explicitly provided required mode.
/// Used when the required mode is determined dynamically (e.g., bash command classification).
pub fn check_with_required_mode(
&self,
tool_name: &str,
input: &str,
required_mode: PermissionMode,
) -> EnforcementResult {
// When the active mode is Prompt, defer to the caller's interactive
// prompt flow rather than hard-denying.
if self.policy.active_mode() == PermissionMode::Prompt {
return EnforcementResult::Allowed;
}
let active_mode = self.policy.active_mode();
// Check if active mode meets the dynamically determined required mode
if active_mode >= required_mode {
return EnforcementResult::Allowed;
}
// Permission denied - active mode is insufficient
EnforcementResult::Denied {
tool: tool_name.to_owned(),
active_mode: active_mode.as_str().to_owned(),
required_mode: required_mode.as_str().to_owned(),
reason: format!(
"'{tool_name}' with input '{input}' requires '{}' permission, but current mode is '{}'",
required_mode.as_str(),
active_mode.as_str()
),
}
}
#[must_use] #[must_use]
pub fn active_mode(&self) -> PermissionMode { pub fn active_mode(&self) -> PermissionMode {
self.policy.active_mode() self.policy.active_mode()

4
rust/crates/runtime/src/recovery_recipes.rs
View File

@@ -48,7 +48,9 @@ impl FailureScenario {
WorkerFailureKind::TrustGate => Self::TrustPromptUnresolved, WorkerFailureKind::TrustGate => Self::TrustPromptUnresolved,
WorkerFailureKind::PromptDelivery => Self::PromptMisdelivery, WorkerFailureKind::PromptDelivery => Self::PromptMisdelivery,
WorkerFailureKind::Protocol => Self::McpHandshakeFailure, WorkerFailureKind::Protocol => Self::McpHandshakeFailure,
WorkerFailureKind::Provider => Self::ProviderFailure, WorkerFailureKind::Provider | WorkerFailureKind::StartupNoEvidence => {
Self::ProviderFailure
}
} }
} }
} }

73
rust/crates/runtime/src/session.rs
View File

@@ -13,6 +13,7 @@ const SESSION_VERSION: u32 = 1;
const ROTATE_AFTER_BYTES: u64 = 256 * 1024; const ROTATE_AFTER_BYTES: u64 = 256 * 1024;
const MAX_ROTATED_FILES: usize = 3; const MAX_ROTATED_FILES: usize = 3;
static SESSION_ID_COUNTER: AtomicU64 = AtomicU64::new(0); static SESSION_ID_COUNTER: AtomicU64 = AtomicU64::new(0);
static LAST_TIMESTAMP_MS: AtomicU64 = AtomicU64::new(0);
/// Speaker role associated with a persisted conversation message. /// Speaker role associated with a persisted conversation message.
#[derive(Debug, Clone, Copy, PartialEq, Eq)] #[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -96,6 +97,11 @@ pub struct Session {
pub fork: Option<SessionFork>, pub fork: Option<SessionFork>,
pub workspace_root: Option<PathBuf>, pub workspace_root: Option<PathBuf>,
pub prompt_history: Vec<SessionPromptEntry>, pub prompt_history: Vec<SessionPromptEntry>,
/// The model used in this session, persisted so resumed sessions can
/// report which model was originally used.
/// Timestamp of last successful health check (ROADMAP #38)
pub last_health_check_ms: Option<u64>,
pub model: Option<String>,
persistence: Option<SessionPersistence>, persistence: Option<SessionPersistence>,
} }
@@ -110,6 +116,7 @@ impl PartialEq for Session {
&& self.fork == other.fork && self.fork == other.fork
&& self.workspace_root == other.workspace_root && self.workspace_root == other.workspace_root
&& self.prompt_history == other.prompt_history && self.prompt_history == other.prompt_history
&& self.last_health_check_ms == other.last_health_check_ms
} }
} }
@@ -161,6 +168,8 @@ impl Session {
fork: None, fork: None,
workspace_root: None, workspace_root: None,
prompt_history: Vec::new(), prompt_history: Vec::new(),
last_health_check_ms: None,
model: None,
persistence: None, persistence: None,
} }
} }
@@ -263,6 +272,8 @@ impl Session {
}), }),
workspace_root: self.workspace_root.clone(), workspace_root: self.workspace_root.clone(),
prompt_history: self.prompt_history.clone(), prompt_history: self.prompt_history.clone(),
last_health_check_ms: self.last_health_check_ms,
model: self.model.clone(),
persistence: None, persistence: None,
} }
} }
@@ -371,6 +382,10 @@ impl Session {
.collect() .collect()
}) })
.unwrap_or_default(); .unwrap_or_default();
let model = object
.get("model")
.and_then(JsonValue::as_str)
.map(String::from);
Ok(Self { Ok(Self {
version, version,
session_id, session_id,
@@ -381,6 +396,8 @@ impl Session {
fork, fork,
workspace_root, workspace_root,
prompt_history, prompt_history,
last_health_check_ms: None,
model,
persistence: None, persistence: None,
}) })
} }
@@ -394,6 +411,7 @@ impl Session {
let mut compaction = None; let mut compaction = None;
let mut fork = None; let mut fork = None;
let mut workspace_root = None; let mut workspace_root = None;
let mut model = None;
let mut prompt_history = Vec::new(); let mut prompt_history = Vec::new();
for (line_number, raw_line) in contents.lines().enumerate() { for (line_number, raw_line) in contents.lines().enumerate() {
@@ -433,6 +451,10 @@ impl Session {
.get("workspace_root") .get("workspace_root")
.and_then(JsonValue::as_str) .and_then(JsonValue::as_str)
.map(PathBuf::from); .map(PathBuf::from);
model = object
.get("model")
.and_then(JsonValue::as_str)
.map(String::from);
} }
"message" => { "message" => {
let message_value = object.get("message").ok_or_else(|| { let message_value = object.get("message").ok_or_else(|| {
@@ -475,6 +497,8 @@ impl Session {
fork, fork,
workspace_root, workspace_root,
prompt_history, prompt_history,
last_health_check_ms: None,
model,
persistence: None, persistence: None,
}) })
} }
@@ -580,6 +604,9 @@ impl Session {
JsonValue::String(workspace_root_to_string(workspace_root)?), JsonValue::String(workspace_root_to_string(workspace_root)?),
); );
} }
if let Some(model) = &self.model {
object.insert("model".to_string(), JsonValue::String(model.clone()));
}
Ok(JsonValue::Object(object)) Ok(JsonValue::Object(object))
} }
@@ -1004,10 +1031,27 @@ fn normalize_optional_string(value: Option<String>) -> Option<String> {
} }
fn current_time_millis() -> u64 { fn current_time_millis() -> u64 {
SystemTime::now() let wall_clock = SystemTime::now()
.duration_since(UNIX_EPOCH) .duration_since(UNIX_EPOCH)
.map(|duration| u64::try_from(duration.as_millis()).unwrap_or(u64::MAX)) .map(|duration| u64::try_from(duration.as_millis()).unwrap_or(u64::MAX))
.unwrap_or_default() .unwrap_or_default();
let mut candidate = wall_clock;
loop {
let previous = LAST_TIMESTAMP_MS.load(Ordering::Relaxed);
if candidate <= previous {
candidate = previous.saturating_add(1);
}
match LAST_TIMESTAMP_MS.compare_exchange(
previous,
candidate,
Ordering::SeqCst,
Ordering::SeqCst,
) {
Ok(_) => return candidate,
Err(actual) => candidate = actual.saturating_add(1),
}
}
} }
fn generate_session_id() -> String { fn generate_session_id() -> String {
@@ -1099,8 +1143,8 @@ fn cleanup_rotated_logs(path: &Path) -> Result<(), SessionError> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::{ use super::{
cleanup_rotated_logs, rotate_session_file_if_needed, ContentBlock, ConversationMessage, cleanup_rotated_logs, current_time_millis, rotate_session_file_if_needed, ContentBlock,
MessageRole, Session, SessionFork, ConversationMessage, MessageRole, Session, SessionFork,
}; };
use crate::json::JsonValue; use crate::json::JsonValue;
use crate::usage::TokenUsage; use crate::usage::TokenUsage;
@@ -1108,6 +1152,16 @@ mod tests {
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
#[test]
fn session_timestamps_are_monotonic_under_tight_loops() {
let first = current_time_millis();
let second = current_time_millis();
let third = current_time_millis();
assert!(first < second);
assert!(second < third);
}
#[test] #[test]
fn persists_and_restores_session_jsonl() { fn persists_and_restores_session_jsonl() {
let mut session = Session::new(); let mut session = Session::new();
@@ -1441,12 +1495,8 @@ mod tests {
/// Called by external consumers (e.g. clawhip) to enumerate sessions for a CWD. /// Called by external consumers (e.g. clawhip) to enumerate sessions for a CWD.
#[allow(dead_code)] #[allow(dead_code)]
pub fn workspace_sessions_dir(cwd: &std::path::Path) -> Result<std::path::PathBuf, SessionError> { pub fn workspace_sessions_dir(cwd: &std::path::Path) -> Result<std::path::PathBuf, SessionError> {
let store = crate::session_control::SessionStore::from_cwd(cwd).map_err(|e| { let store = crate::session_control::SessionStore::from_cwd(cwd)
SessionError::Io(std::io::Error::new( .map_err(|e| SessionError::Io(std::io::Error::other(e.to_string())))?;
std::io::ErrorKind::Other,
e.to_string(),
))
})?;
Ok(store.sessions_dir().to_path_buf()) Ok(store.sessions_dir().to_path_buf())
} }
@@ -1463,8 +1513,7 @@ mod workspace_sessions_dir_tests {
let result = workspace_sessions_dir(&tmp); let result = workspace_sessions_dir(&tmp);
assert!( assert!(
result.is_ok(), result.is_ok(),
"workspace_sessions_dir should succeed for a valid CWD, got: {:?}", "workspace_sessions_dir should succeed for a valid CWD, got: {result:?}"
result
); );
let dir = result.unwrap(); let dir = result.unwrap();
// The returned path should be non-empty and end with a hash component // The returned path should be non-empty and end with a hash component

575
rust/crates/runtime/src/session_control.rs
View File

@@ -31,14 +31,19 @@ impl SessionStore {
/// The on-disk layout becomes `<cwd>/.claw/sessions/<workspace_hash>/`. /// The on-disk layout becomes `<cwd>/.claw/sessions/<workspace_hash>/`.
pub fn from_cwd(cwd: impl AsRef<Path>) -> Result<Self, SessionControlError> { pub fn from_cwd(cwd: impl AsRef<Path>) -> Result<Self, SessionControlError> {
let cwd = cwd.as_ref(); let cwd = cwd.as_ref();
let sessions_root = cwd // #151: canonicalize so equivalent paths (symlinks, relative vs
// absolute, /tmp vs /private/tmp on macOS) produce the same
// workspace_fingerprint. Falls back to the raw path if canonicalize
// fails (e.g. the directory doesn't exist yet).
let canonical_cwd = fs::canonicalize(cwd).unwrap_or_else(|_| cwd.to_path_buf());
let sessions_root = canonical_cwd
.join(".claw") .join(".claw")
.join("sessions") .join("sessions")
.join(workspace_fingerprint(cwd)); .join(workspace_fingerprint(&canonical_cwd));
fs::create_dir_all(&sessions_root)?; fs::create_dir_all(&sessions_root)?;
Ok(Self { Ok(Self {
sessions_root, sessions_root,
workspace_root: cwd.to_path_buf(), workspace_root: canonical_cwd,
}) })
} }
@@ -51,14 +56,18 @@ impl SessionStore {
workspace_root: impl AsRef<Path>, workspace_root: impl AsRef<Path>,
) -> Result<Self, SessionControlError> { ) -> Result<Self, SessionControlError> {
let workspace_root = workspace_root.as_ref(); let workspace_root = workspace_root.as_ref();
// #151: canonicalize workspace_root for consistent fingerprinting
// across equivalent path representations.
let canonical_workspace = fs::canonicalize(workspace_root)
.unwrap_or_else(|_| workspace_root.to_path_buf());
let sessions_root = data_dir let sessions_root = data_dir
.as_ref() .as_ref()
.join("sessions") .join("sessions")
.join(workspace_fingerprint(workspace_root)); .join(workspace_fingerprint(&canonical_workspace));
fs::create_dir_all(&sessions_root)?; fs::create_dir_all(&sessions_root)?;
Ok(Self { Ok(Self {
sessions_root, sessions_root,
workspace_root: workspace_root.to_path_buf(), workspace_root: canonical_workspace,
}) })
} }
@@ -74,6 +83,7 @@ impl SessionStore {
&self.workspace_root &self.workspace_root
} }
#[must_use]
pub fn create_handle(&self, session_id: &str) -> SessionHandle { pub fn create_handle(&self, session_id: &str) -> SessionHandle {
let id = session_id.to_string(); let id = session_id.to_string();
let path = self let path = self
@@ -102,7 +112,7 @@ impl SessionStore {
candidate candidate
} else if looks_like_path { } else if looks_like_path {
return Err(SessionControlError::Format( return Err(SessionControlError::Format(
format_missing_session_reference(reference), format_missing_session_reference(reference, &self.sessions_root),
)); ));
} else { } else {
self.resolve_managed_path(reference)? self.resolve_managed_path(reference)?
@@ -121,75 +131,29 @@ impl SessionStore {
return Ok(path); return Ok(path);
} }
} }
if let Some(legacy_root) = self.legacy_sessions_root() {
for extension in [PRIMARY_SESSION_EXTENSION, LEGACY_SESSION_EXTENSION] {
let path = legacy_root.join(format!("{session_id}.{extension}"));
if !path.exists() {
continue;
}
let session = Session::load_from_path(&path)?;
self.validate_loaded_session(&path, &session)?;
return Ok(path);
}
}
Err(SessionControlError::Format( Err(SessionControlError::Format(
format_missing_session_reference(session_id), format_missing_session_reference(session_id, &self.sessions_root),
)) ))
} }
pub fn list_sessions(&self) -> Result<Vec<ManagedSessionSummary>, SessionControlError> { pub fn list_sessions(&self) -> Result<Vec<ManagedSessionSummary>, SessionControlError> {
let mut sessions = Vec::new(); let mut sessions = Vec::new();
let read_result = fs::read_dir(&self.sessions_root); self.collect_sessions_from_dir(&self.sessions_root, &mut sessions)?;
let entries = match read_result { if let Some(legacy_root) = self.legacy_sessions_root() {
Ok(entries) => entries, self.collect_sessions_from_dir(&legacy_root, &mut sessions)?;
Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(sessions),
Err(err) => return Err(err.into()),
};
for entry in entries {
let entry = entry?;
let path = entry.path();
if !is_managed_session_file(&path) {
continue;
}
let metadata = entry.metadata()?;
let modified_epoch_millis = metadata
.modified()
.ok()
.and_then(|time| time.duration_since(UNIX_EPOCH).ok())
.map(|duration| duration.as_millis())
.unwrap_or_default();
let (id, message_count, parent_session_id, branch_name) =
match Session::load_from_path(&path) {
Ok(session) => {
let parent_session_id = session
.fork
.as_ref()
.map(|fork| fork.parent_session_id.clone());
let branch_name = session
.fork
.as_ref()
.and_then(|fork| fork.branch_name.clone());
(
session.session_id,
session.messages.len(),
parent_session_id,
branch_name,
)
}
Err(_) => (
path.file_stem()
.and_then(|value| value.to_str())
.unwrap_or("unknown")
.to_string(),
0,
None,
None,
),
};
sessions.push(ManagedSessionSummary {
id,
path,
modified_epoch_millis,
message_count,
parent_session_id,
branch_name,
});
} }
sessions.sort_by(|left, right| { sort_managed_sessions(&mut sessions);
right
.modified_epoch_millis
.cmp(&left.modified_epoch_millis)
.then_with(|| right.id.cmp(&left.id))
});
Ok(sessions) Ok(sessions)
} }
@@ -197,7 +161,7 @@ impl SessionStore {
self.list_sessions()? self.list_sessions()?
.into_iter() .into_iter()
.next() .next()
.ok_or_else(|| SessionControlError::Format(format_no_managed_sessions())) .ok_or_else(|| SessionControlError::Format(format_no_managed_sessions(&self.sessions_root)))
} }
pub fn load_session( pub fn load_session(
@@ -206,6 +170,7 @@ impl SessionStore {
) -> Result<LoadedManagedSession, SessionControlError> { ) -> Result<LoadedManagedSession, SessionControlError> {
let handle = self.resolve_reference(reference)?; let handle = self.resolve_reference(reference)?;
let session = Session::load_from_path(&handle.path)?; let session = Session::load_from_path(&handle.path)?;
self.validate_loaded_session(&handle.path, &session)?;
Ok(LoadedManagedSession { Ok(LoadedManagedSession {
handle: SessionHandle { handle: SessionHandle {
id: session.session_id.clone(), id: session.session_id.clone(),
@@ -221,7 +186,9 @@ impl SessionStore {
branch_name: Option<String>, branch_name: Option<String>,
) -> Result<ForkedManagedSession, SessionControlError> { ) -> Result<ForkedManagedSession, SessionControlError> {
let parent_session_id = session.session_id.clone(); let parent_session_id = session.session_id.clone();
let forked = session.fork(branch_name); let forked = session
.fork(branch_name)
.with_workspace_root(self.workspace_root.clone());
let handle = self.create_handle(&forked.session_id); let handle = self.create_handle(&forked.session_id);
let branch_name = forked let branch_name = forked
.fork .fork
@@ -236,6 +203,98 @@ impl SessionStore {
branch_name, branch_name,
}) })
} }
fn legacy_sessions_root(&self) -> Option<PathBuf> {
self.sessions_root
.parent()
.filter(|parent| parent.file_name().is_some_and(|name| name == "sessions"))
.map(Path::to_path_buf)
}
fn validate_loaded_session(
&self,
session_path: &Path,
session: &Session,
) -> Result<(), SessionControlError> {
let Some(actual) = session.workspace_root() else {
if path_is_within_workspace(session_path, &self.workspace_root) {
return Ok(());
}
return Err(SessionControlError::Format(
format_legacy_session_missing_workspace_root(session_path, &self.workspace_root),
));
};
if workspace_roots_match(actual, &self.workspace_root) {
return Ok(());
}
Err(SessionControlError::WorkspaceMismatch {
expected: self.workspace_root.clone(),
actual: actual.to_path_buf(),
})
}
fn collect_sessions_from_dir(
&self,
directory: &Path,
sessions: &mut Vec<ManagedSessionSummary>,
) -> Result<(), SessionControlError> {
let entries = match fs::read_dir(directory) {
Ok(entries) => entries,
Err(err) if err.kind() == std::io::ErrorKind::NotFound => return Ok(()),
Err(err) => return Err(err.into()),
};
for entry in entries {
let entry = entry?;
let path = entry.path();
if !is_managed_session_file(&path) {
continue;
}
let metadata = entry.metadata()?;
let modified_epoch_millis = metadata
.modified()
.ok()
.and_then(|time| time.duration_since(UNIX_EPOCH).ok())
.map(|duration| duration.as_millis())
.unwrap_or_default();
let summary = match Session::load_from_path(&path) {
Ok(session) => {
if self.validate_loaded_session(&path, &session).is_err() {
continue;
}
ManagedSessionSummary {
id: session.session_id,
path,
updated_at_ms: session.updated_at_ms,
modified_epoch_millis,
message_count: session.messages.len(),
parent_session_id: session
.fork
.as_ref()
.map(|fork| fork.parent_session_id.clone()),
branch_name: session
.fork
.as_ref()
.and_then(|fork| fork.branch_name.clone()),
}
}
Err(_) => ManagedSessionSummary {
id: path
.file_stem()
.and_then(|value| value.to_str())
.unwrap_or("unknown")
.to_string(),
path,
updated_at_ms: 0,
modified_epoch_millis,
message_count: 0,
parent_session_id: None,
branch_name: None,
},
};
sessions.push(summary);
}
Ok(())
}
} }
/// Stable hex fingerprint of a workspace path. /// Stable hex fingerprint of a workspace path.
@@ -269,12 +328,23 @@ pub struct SessionHandle {
pub struct ManagedSessionSummary { pub struct ManagedSessionSummary {
pub id: String, pub id: String,
pub path: PathBuf, pub path: PathBuf,
pub updated_at_ms: u64,
pub modified_epoch_millis: u128, pub modified_epoch_millis: u128,
pub message_count: usize, pub message_count: usize,
pub parent_session_id: Option<String>, pub parent_session_id: Option<String>,
pub branch_name: Option<String>, pub branch_name: Option<String>,
} }
fn sort_managed_sessions(sessions: &mut [ManagedSessionSummary]) {
sessions.sort_by(|left, right| {
right
.updated_at_ms
.cmp(&left.updated_at_ms)
.then_with(|| right.modified_epoch_millis.cmp(&left.modified_epoch_millis))
.then_with(|| right.id.cmp(&left.id))
});
}
#[derive(Debug, Clone, PartialEq, Eq)] #[derive(Debug, Clone, PartialEq, Eq)]
pub struct LoadedManagedSession { pub struct LoadedManagedSession {
pub handle: SessionHandle, pub handle: SessionHandle,
@@ -294,6 +364,7 @@ pub enum SessionControlError {
Io(std::io::Error), Io(std::io::Error),
Session(SessionError), Session(SessionError),
Format(String), Format(String),
WorkspaceMismatch { expected: PathBuf, actual: PathBuf },
} }
impl Display for SessionControlError { impl Display for SessionControlError {
@@ -302,6 +373,12 @@ impl Display for SessionControlError {
Self::Io(error) => write!(f, "{error}"), Self::Io(error) => write!(f, "{error}"),
Self::Session(error) => write!(f, "{error}"), Self::Session(error) => write!(f, "{error}"),
Self::Format(error) => write!(f, "{error}"), Self::Format(error) => write!(f, "{error}"),
Self::WorkspaceMismatch { expected, actual } => write!(
f,
"session workspace mismatch: expected {}, found {}",
expected.display(),
actual.display()
),
} }
} }
} }
@@ -327,9 +404,8 @@ pub fn sessions_dir() -> Result<PathBuf, SessionControlError> {
pub fn managed_sessions_dir_for( pub fn managed_sessions_dir_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
) -> Result<PathBuf, SessionControlError> { ) -> Result<PathBuf, SessionControlError> {
let path = base_dir.as_ref().join(".claw").join("sessions"); let store = SessionStore::from_cwd(base_dir)?;
fs::create_dir_all(&path)?; Ok(store.sessions_dir().to_path_buf())
Ok(path)
} }
pub fn create_managed_session_handle( pub fn create_managed_session_handle(
@@ -342,10 +418,8 @@ pub fn create_managed_session_handle_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
session_id: &str, session_id: &str,
) -> Result<SessionHandle, SessionControlError> { ) -> Result<SessionHandle, SessionControlError> {
let id = session_id.to_string(); let store = SessionStore::from_cwd(base_dir)?;
let path = Ok(store.create_handle(session_id))
managed_sessions_dir_for(base_dir)?.join(format!("{id}.{PRIMARY_SESSION_EXTENSION}"));
Ok(SessionHandle { id, path })
} }
pub fn resolve_session_reference(reference: &str) -> Result<SessionHandle, SessionControlError> { pub fn resolve_session_reference(reference: &str) -> Result<SessionHandle, SessionControlError> {
@@ -356,36 +430,8 @@ pub fn resolve_session_reference_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
reference: &str, reference: &str,
) -> Result<SessionHandle, SessionControlError> { ) -> Result<SessionHandle, SessionControlError> {
let base_dir = base_dir.as_ref(); let store = SessionStore::from_cwd(base_dir)?;
if is_session_reference_alias(reference) { store.resolve_reference(reference)
let latest = latest_managed_session_for(base_dir)?;
return Ok(SessionHandle {
id: latest.id,
path: latest.path,
});
}
let direct = PathBuf::from(reference);
let candidate = if direct.is_absolute() {
direct.clone()
} else {
base_dir.join(&direct)
};
let looks_like_path = direct.extension().is_some() || direct.components().count() > 1;
let path = if candidate.exists() {
candidate
} else if looks_like_path {
return Err(SessionControlError::Format(
format_missing_session_reference(reference),
));
} else {
resolve_managed_session_path_for(base_dir, reference)?
};
Ok(SessionHandle {
id: session_id_from_path(&path).unwrap_or_else(|| reference.to_string()),
path,
})
} }
pub fn resolve_managed_session_path(session_id: &str) -> Result<PathBuf, SessionControlError> { pub fn resolve_managed_session_path(session_id: &str) -> Result<PathBuf, SessionControlError> {
@@ -396,16 +442,8 @@ pub fn resolve_managed_session_path_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
session_id: &str, session_id: &str,
) -> Result<PathBuf, SessionControlError> { ) -> Result<PathBuf, SessionControlError> {
let directory = managed_sessions_dir_for(base_dir)?; let store = SessionStore::from_cwd(base_dir)?;
for extension in [PRIMARY_SESSION_EXTENSION, LEGACY_SESSION_EXTENSION] { store.resolve_managed_path(session_id)
let path = directory.join(format!("{session_id}.{extension}"));
if path.exists() {
return Ok(path);
}
}
Err(SessionControlError::Format(
format_missing_session_reference(session_id),
))
} }
#[must_use] #[must_use]
@@ -424,64 +462,8 @@ pub fn list_managed_sessions() -> Result<Vec<ManagedSessionSummary>, SessionCont
pub fn list_managed_sessions_for( pub fn list_managed_sessions_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
) -> Result<Vec<ManagedSessionSummary>, SessionControlError> { ) -> Result<Vec<ManagedSessionSummary>, SessionControlError> {
let mut sessions = Vec::new(); let store = SessionStore::from_cwd(base_dir)?;
for entry in fs::read_dir(managed_sessions_dir_for(base_dir)?)? { store.list_sessions()
let entry = entry?;
let path = entry.path();
if !is_managed_session_file(&path) {
continue;
}
let metadata = entry.metadata()?;
let modified_epoch_millis = metadata
.modified()
.ok()
.and_then(|time| time.duration_since(UNIX_EPOCH).ok())
.map(|duration| duration.as_millis())
.unwrap_or_default();
let (id, message_count, parent_session_id, branch_name) =
match Session::load_from_path(&path) {
Ok(session) => {
let parent_session_id = session
.fork
.as_ref()
.map(|fork| fork.parent_session_id.clone());
let branch_name = session
.fork
.as_ref()
.and_then(|fork| fork.branch_name.clone());
(
session.session_id,
session.messages.len(),
parent_session_id,
branch_name,
)
}
Err(_) => (
path.file_stem()
.and_then(|value| value.to_str())
.unwrap_or("unknown")
.to_string(),
0,
None,
None,
),
};
sessions.push(ManagedSessionSummary {
id,
path,
modified_epoch_millis,
message_count,
parent_session_id,
branch_name,
});
}
sessions.sort_by(|left, right| {
right
.modified_epoch_millis
.cmp(&left.modified_epoch_millis)
.then_with(|| right.id.cmp(&left.id))
});
Ok(sessions)
} }
pub fn latest_managed_session() -> Result<ManagedSessionSummary, SessionControlError> { pub fn latest_managed_session() -> Result<ManagedSessionSummary, SessionControlError> {
@@ -491,10 +473,8 @@ pub fn latest_managed_session() -> Result<ManagedSessionSummary, SessionControlE
pub fn latest_managed_session_for( pub fn latest_managed_session_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
) -> Result<ManagedSessionSummary, SessionControlError> { ) -> Result<ManagedSessionSummary, SessionControlError> {
list_managed_sessions_for(base_dir)? let store = SessionStore::from_cwd(base_dir)?;
.into_iter() store.latest_session()
.next()
.ok_or_else(|| SessionControlError::Format(format_no_managed_sessions()))
} }
pub fn load_managed_session(reference: &str) -> Result<LoadedManagedSession, SessionControlError> { pub fn load_managed_session(reference: &str) -> Result<LoadedManagedSession, SessionControlError> {
@@ -505,15 +485,8 @@ pub fn load_managed_session_for(
base_dir: impl AsRef<Path>, base_dir: impl AsRef<Path>,
reference: &str, reference: &str,
) -> Result<LoadedManagedSession, SessionControlError> { ) -> Result<LoadedManagedSession, SessionControlError> {
let handle = resolve_session_reference_for(base_dir, reference)?; let store = SessionStore::from_cwd(base_dir)?;
let session = Session::load_from_path(&handle.path)?; store.load_session(reference)
Ok(LoadedManagedSession {
handle: SessionHandle {
id: session.session_id.clone(),
path: handle.path,
},
session,
})
} }
pub fn fork_managed_session( pub fn fork_managed_session(
@@ -528,21 +501,8 @@ pub fn fork_managed_session_for(
session: &Session, session: &Session,
branch_name: Option<String>, branch_name: Option<String>,
) -> Result<ForkedManagedSession, SessionControlError> { ) -> Result<ForkedManagedSession, SessionControlError> {
let parent_session_id = session.session_id.clone(); let store = SessionStore::from_cwd(base_dir)?;
let forked = session.fork(branch_name); store.fork_session(session, branch_name)
let handle = create_managed_session_handle_for(base_dir, &forked.session_id)?;
let branch_name = forked
.fork
.as_ref()
.and_then(|fork| fork.branch_name.clone());
let forked = forked.with_persistence_path(handle.path.clone());
forked.save_to_path(&handle.path)?;
Ok(ForkedManagedSession {
parent_session_id,
handle,
session: forked,
branch_name,
})
} }
#[must_use] #[must_use]
@@ -562,24 +522,58 @@ fn session_id_from_path(path: &Path) -> Option<String> {
.map(ToOwned::to_owned) .map(ToOwned::to_owned)
} }
fn format_missing_session_reference(reference: &str) -> String { fn format_missing_session_reference(reference: &str, sessions_root: &Path) -> String {
// #80: show the actual workspace-fingerprint directory instead of lying about .claw/sessions/
let fingerprint_dir = sessions_root
.file_name()
.and_then(|f| f.to_str())
.unwrap_or("<unknown>");
format!( format!(
"session not found: {reference}\nHint: managed sessions live in .claw/sessions/. Try `{LATEST_SESSION_REFERENCE}` for the most recent session or `/session list` in the REPL." "session not found: {reference}\nHint: managed sessions live in .claw/sessions/{fingerprint_dir}/ (workspace-specific partition).\nTry `{LATEST_SESSION_REFERENCE}` for the most recent session or `/session list` in the REPL."
) )
} }
fn format_no_managed_sessions() -> String { fn format_no_managed_sessions(sessions_root: &Path) -> String {
// #80: show the actual workspace-fingerprint directory instead of lying about .claw/sessions/
let fingerprint_dir = sessions_root
.file_name()
.and_then(|f| f.to_str())
.unwrap_or("<unknown>");
format!( format!(
"no managed sessions found in .claw/sessions/\nStart `claw` to create a session, then rerun with `--resume {LATEST_SESSION_REFERENCE}`." "no managed sessions found in .claw/sessions/{fingerprint_dir}/\nStart `claw` to create a session, then rerun with `--resume {LATEST_SESSION_REFERENCE}`.\nNote: claw partitions sessions per workspace fingerprint; sessions from other CWDs are invisible."
) )
} }
fn format_legacy_session_missing_workspace_root(
session_path: &Path,
workspace_root: &Path,
) -> String {
format!(
"legacy session is missing workspace binding: {}\nOpen it from its original workspace or re-save it from {}.",
session_path.display(),
workspace_root.display()
)
}
fn workspace_roots_match(left: &Path, right: &Path) -> bool {
canonicalize_for_compare(left) == canonicalize_for_compare(right)
}
fn canonicalize_for_compare(path: &Path) -> PathBuf {
fs::canonicalize(path).unwrap_or_else(|_| path.to_path_buf())
}
fn path_is_within_workspace(path: &Path, workspace_root: &Path) -> bool {
canonicalize_for_compare(path).starts_with(canonicalize_for_compare(workspace_root))
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::{ use super::{
create_managed_session_handle_for, fork_managed_session_for, is_session_reference_alias, create_managed_session_handle_for, fork_managed_session_for, is_session_reference_alias,
list_managed_sessions_for, load_managed_session_for, resolve_session_reference_for, list_managed_sessions_for, load_managed_session_for, resolve_session_reference_for,
workspace_fingerprint, ManagedSessionSummary, SessionStore, LATEST_SESSION_REFERENCE, workspace_fingerprint, ManagedSessionSummary, SessionControlError, SessionStore,
LATEST_SESSION_REFERENCE,
}; };
use crate::session::Session; use crate::session::Session;
use std::fs; use std::fs;
@@ -595,7 +589,7 @@ mod tests {
} }
fn persist_session(root: &Path, text: &str) -> Session { fn persist_session(root: &Path, text: &str) -> Session {
let mut session = Session::new(); let mut session = Session::new().with_workspace_root(root.to_path_buf());
session session
.push_user_text(text) .push_user_text(text)
.expect("session message should save"); .expect("session message should save");
@@ -631,6 +625,35 @@ mod tests {
.expect("session summary should exist") .expect("session summary should exist")
} }
#[test]
fn latest_session_prefers_semantic_updated_at_over_file_mtime() {
let mut sessions = vec![
ManagedSessionSummary {
id: "older-file-newer-session".to_string(),
path: PathBuf::from("/tmp/older"),
updated_at_ms: 200,
modified_epoch_millis: 100,
message_count: 2,
parent_session_id: None,
branch_name: None,
},
ManagedSessionSummary {
id: "newer-file-older-session".to_string(),
path: PathBuf::from("/tmp/newer"),
updated_at_ms: 100,
modified_epoch_millis: 200,
message_count: 1,
parent_session_id: None,
branch_name: None,
},
];
crate::session_control::sort_managed_sessions(&mut sessions);
assert_eq!(sessions[0].id, "older-file-newer-session");
assert_eq!(sessions[1].id, "newer-file-older-session");
}
#[test] #[test]
fn creates_and_lists_managed_sessions() { fn creates_and_lists_managed_sessions() {
// given // given
@@ -708,7 +731,7 @@ mod tests {
// ------------------------------------------------------------------ // ------------------------------------------------------------------
fn persist_session_via_store(store: &SessionStore, text: &str) -> Session { fn persist_session_via_store(store: &SessionStore, text: &str) -> Session {
let mut session = Session::new(); let mut session = Session::new().with_workspace_root(store.workspace_root().to_path_buf());
session session
.push_user_text(text) .push_user_text(text)
.expect("session message should save"); .expect("session message should save");
@@ -740,6 +763,40 @@ mod tests {
assert_eq!(fp_a1.len(), 16, "fingerprint must be a 16-char hex string"); assert_eq!(fp_a1.len(), 16, "fingerprint must be a 16-char hex string");
} }
/// #151 regression: equivalent paths (e.g. `/tmp/foo` vs `/private/tmp/foo`
/// on macOS where `/tmp` is a symlink to `/private/tmp`) must resolve to
/// the same session store. Previously they diverged because
/// `workspace_fingerprint()` hashed the raw path string. Now
/// `SessionStore::from_cwd()` canonicalizes first.
#[test]
fn session_store_from_cwd_canonicalizes_equivalent_paths() {
let base = temp_dir();
let real_dir = base.join("real-workspace");
fs::create_dir_all(&real_dir).expect("real workspace should exist");
// Build two stores via different but equivalent path representations:
// the raw path and the canonicalized path.
let raw_path = real_dir.clone();
let canonical_path = fs::canonicalize(&real_dir).expect("canonicalize ok");
let store_from_raw =
SessionStore::from_cwd(&raw_path).expect("store from raw should build");
let store_from_canonical =
SessionStore::from_cwd(&canonical_path).expect("store from canonical should build");
assert_eq!(
store_from_raw.sessions_dir(),
store_from_canonical.sessions_dir(),
"equivalent paths must produce the same sessions dir (raw={} canonical={})",
raw_path.display(),
canonical_path.display()
);
if base.exists() {
fs::remove_dir_all(base).expect("cleanup ok");
}
}
#[test] #[test]
fn session_store_from_cwd_isolates_sessions_by_workspace() { fn session_store_from_cwd_isolates_sessions_by_workspace() {
// given // given
@@ -820,6 +877,104 @@ mod tests {
fs::remove_dir_all(base).expect("temp dir should clean up"); fs::remove_dir_all(base).expect("temp dir should clean up");
} }
#[test]
fn session_store_rejects_legacy_session_from_other_workspace() {
// given
let base = temp_dir();
let workspace_a = base.join("repo-alpha");
let workspace_b = base.join("repo-beta");
fs::create_dir_all(&workspace_a).expect("workspace a should exist");
fs::create_dir_all(&workspace_b).expect("workspace b should exist");
// #151: canonicalize so test expectations match the store's canonical
// workspace_root. Without this, the test builds sessions with a raw
// path but the store resolves to the canonical form.
let workspace_a = fs::canonicalize(&workspace_a).unwrap_or(workspace_a);
let workspace_b = fs::canonicalize(&workspace_b).unwrap_or(workspace_b);
let store_b = SessionStore::from_cwd(&workspace_b).expect("store b should build");
let legacy_root = workspace_b.join(".claw").join("sessions");
fs::create_dir_all(&legacy_root).expect("legacy root should exist");
let legacy_path = legacy_root.join("legacy-cross.jsonl");
let session = Session::new()
.with_workspace_root(workspace_a.clone())
.with_persistence_path(legacy_path.clone());
session
.save_to_path(&legacy_path)
.expect("legacy session should persist");
// when
let err = store_b
.load_session("legacy-cross")
.expect_err("workspace mismatch should be rejected");
// then
match err {
SessionControlError::WorkspaceMismatch { expected, actual } => {
assert_eq!(expected, workspace_b);
assert_eq!(actual, workspace_a);
}
other => panic!("expected workspace mismatch, got {other:?}"),
}
fs::remove_dir_all(base).expect("temp dir should clean up");
}
#[test]
fn session_store_loads_safe_legacy_session_from_same_workspace() {
// given
let base = temp_dir();
fs::create_dir_all(&base).expect("base dir should exist");
// #151: canonicalize for path-representation consistency with store.
let base = fs::canonicalize(&base).unwrap_or(base);
let store = SessionStore::from_cwd(&base).expect("store should build");
let legacy_root = base.join(".claw").join("sessions");
let legacy_path = legacy_root.join("legacy-safe.jsonl");
fs::create_dir_all(&legacy_root).expect("legacy root should exist");
let session = Session::new()
.with_workspace_root(base.clone())
.with_persistence_path(legacy_path.clone());
session
.save_to_path(&legacy_path)
.expect("legacy session should persist");
// when
let loaded = store
.load_session("legacy-safe")
.expect("same-workspace legacy session should load");
// then
assert_eq!(loaded.handle.id, session.session_id);
assert_eq!(loaded.handle.path, legacy_path);
assert_eq!(loaded.session.workspace_root(), Some(base.as_path()));
fs::remove_dir_all(base).expect("temp dir should clean up");
}
#[test]
fn session_store_loads_unbound_legacy_session_from_same_workspace() {
// given
let base = temp_dir();
fs::create_dir_all(&base).expect("base dir should exist");
// #151: canonicalize for path-representation consistency with store.
let base = fs::canonicalize(&base).unwrap_or(base);
let store = SessionStore::from_cwd(&base).expect("store should build");
let legacy_root = base.join(".claw").join("sessions");
let legacy_path = legacy_root.join("legacy-unbound.json");
fs::create_dir_all(&legacy_root).expect("legacy root should exist");
let session = Session::new().with_persistence_path(legacy_path.clone());
session
.save_to_path(&legacy_path)
.expect("legacy session should persist");
// when
let loaded = store
.load_session("legacy-unbound")
.expect("same-workspace legacy session without workspace binding should load");
// then
assert_eq!(loaded.handle.path, legacy_path);
assert_eq!(loaded.session.workspace_root(), None);
fs::remove_dir_all(base).expect("temp dir should clean up");
}
#[test] #[test]
fn session_store_latest_and_resolve_reference() { fn session_store_latest_and_resolve_reference() {
// given // given

69
rust/crates/runtime/src/task_packet.rs
View File

@@ -1,11 +1,42 @@
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use std::fmt::{Display, Formatter}; use std::fmt::{Display, Formatter};
/// Task scope resolution for defining the granularity of work.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum TaskScope {
/// Work across the entire workspace
Workspace,
/// Work within a specific module/crate
Module,
/// Work on a single file
SingleFile,
/// Custom scope defined by the user
Custom,
}
impl std::fmt::Display for TaskScope {
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
match self {
Self::Workspace => write!(f, "workspace"),
Self::Module => write!(f, "module"),
Self::SingleFile => write!(f, "single-file"),
Self::Custom => write!(f, "custom"),
}
}
}
#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
pub struct TaskPacket { pub struct TaskPacket {
pub objective: String, pub objective: String,
pub scope: String, pub scope: TaskScope,
/// Optional scope path when scope is `Module`, `SingleFile`, or `Custom`
#[serde(skip_serializing_if = "Option::is_none")]
pub scope_path: Option<String>,
pub repo: String, pub repo: String,
/// Worktree path for the task
#[serde(skip_serializing_if = "Option::is_none")]
pub worktree: Option<String>,
pub branch_policy: String, pub branch_policy: String,
pub acceptance_tests: Vec<String>, pub acceptance_tests: Vec<String>,
pub commit_policy: String, pub commit_policy: String,
@@ -57,7 +88,6 @@ pub fn validate_packet(packet: TaskPacket) -> Result<ValidatedPacket, TaskPacket
let mut errors = Vec::new(); let mut errors = Vec::new();
validate_required("objective", &packet.objective, &mut errors); validate_required("objective", &packet.objective, &mut errors);
validate_required("scope", &packet.scope, &mut errors);
validate_required("repo", &packet.repo, &mut errors); validate_required("repo", &packet.repo, &mut errors);
validate_required("branch_policy", &packet.branch_policy, &mut errors); validate_required("branch_policy", &packet.branch_policy, &mut errors);
validate_required("commit_policy", &packet.commit_policy, &mut errors); validate_required("commit_policy", &packet.commit_policy, &mut errors);
@@ -68,6 +98,9 @@ pub fn validate_packet(packet: TaskPacket) -> Result<ValidatedPacket, TaskPacket
); );
validate_required("escalation_policy", &packet.escalation_policy, &mut errors); validate_required("escalation_policy", &packet.escalation_policy, &mut errors);
// Validate scope-specific requirements
validate_scope_requirements(&packet, &mut errors);
for (index, test) in packet.acceptance_tests.iter().enumerate() { for (index, test) in packet.acceptance_tests.iter().enumerate() {
if test.trim().is_empty() { if test.trim().is_empty() {
errors.push(format!( errors.push(format!(
@@ -83,6 +116,26 @@ pub fn validate_packet(packet: TaskPacket) -> Result<ValidatedPacket, TaskPacket
} }
} }
fn validate_scope_requirements(packet: &TaskPacket, errors: &mut Vec<String>) {
// Scope path is required for Module, SingleFile, and Custom scopes
let needs_scope_path = matches!(
packet.scope,
TaskScope::Module | TaskScope::SingleFile | TaskScope::Custom
);
if needs_scope_path
&& packet
.scope_path
.as_ref()
.is_none_or(|p| p.trim().is_empty())
{
errors.push(format!(
"scope_path is required for scope '{}'",
packet.scope
));
}
}
fn validate_required(field: &str, value: &str, errors: &mut Vec<String>) { fn validate_required(field: &str, value: &str, errors: &mut Vec<String>) {
if value.trim().is_empty() { if value.trim().is_empty() {
errors.push(format!("{field} must not be empty")); errors.push(format!("{field} must not be empty"));
@@ -96,8 +149,10 @@ mod tests {
fn sample_packet() -> TaskPacket { fn sample_packet() -> TaskPacket {
TaskPacket { TaskPacket {
objective: "Implement typed task packet format".to_string(), objective: "Implement typed task packet format".to_string(),
scope: "runtime/task system".to_string(), scope: TaskScope::Module,
scope_path: Some("runtime/task system".to_string()),
repo: "claw-code-parity".to_string(), repo: "claw-code-parity".to_string(),
worktree: Some("/tmp/wt-1".to_string()),
branch_policy: "origin/main only".to_string(), branch_policy: "origin/main only".to_string(),
acceptance_tests: vec![ acceptance_tests: vec![
"cargo build --workspace".to_string(), "cargo build --workspace".to_string(),
@@ -119,9 +174,12 @@ mod tests {
#[test] #[test]
fn invalid_packet_accumulates_errors() { fn invalid_packet_accumulates_errors() {
use super::TaskScope;
let packet = TaskPacket { let packet = TaskPacket {
objective: " ".to_string(), objective: " ".to_string(),
scope: String::new(), scope: TaskScope::Workspace,
scope_path: None,
worktree: None,
repo: String::new(), repo: String::new(),
branch_policy: "\t".to_string(), branch_policy: "\t".to_string(),
acceptance_tests: vec!["ok".to_string(), " ".to_string()], acceptance_tests: vec!["ok".to_string(), " ".to_string()],
@@ -136,9 +194,6 @@ mod tests {
assert!(error assert!(error
.errors() .errors()
.contains(&"objective must not be empty".to_string())); .contains(&"objective must not be empty".to_string()));
assert!(error
.errors()
.contains(&"scope must not be empty".to_string()));
assert!(error assert!(error
.errors() .errors()
.contains(&"repo must not be empty".to_string())); .contains(&"repo must not be empty".to_string()));

16
rust/crates/runtime/src/task_registry.rs
View File

@@ -85,11 +85,12 @@ impl TaskRegistry {
packet: TaskPacket, packet: TaskPacket,
) -> Result<Task, TaskPacketValidationError> { ) -> Result<Task, TaskPacketValidationError> {
let packet = validate_packet(packet)?.into_inner(); let packet = validate_packet(packet)?.into_inner();
Ok(self.create_task( // Use scope_path as description if available, otherwise use scope as string
packet.objective.clone(), let description = packet
Some(packet.scope.clone()), .scope_path
Some(packet), .clone()
)) .or_else(|| Some(packet.scope.to_string()));
Ok(self.create_task(packet.objective.clone(), description, Some(packet)))
} }
fn create_task( fn create_task(
@@ -249,10 +250,13 @@ mod tests {
#[test] #[test]
fn creates_task_from_packet() { fn creates_task_from_packet() {
use crate::task_packet::TaskScope;
let registry = TaskRegistry::new(); let registry = TaskRegistry::new();
let packet = TaskPacket { let packet = TaskPacket {
objective: "Ship task packet support".to_string(), objective: "Ship task packet support".to_string(),
scope: "runtime/task system".to_string(), scope: TaskScope::Module,
scope_path: Some("runtime/task system".to_string()),
worktree: Some("/tmp/wt-task".to_string()),
repo: "claw-code-parity".to_string(), repo: "claw-code-parity".to_string(),
branch_policy: "origin/main only".to_string(), branch_policy: "origin/main only".to_string(),
acceptance_tests: vec!["cargo test --workspace".to_string()], acceptance_tests: vec!["cargo test --workspace".to_string()],

574
rust/crates/runtime/src/worker_boot.rs
View File

@@ -56,6 +56,7 @@ pub enum WorkerFailureKind {
PromptDelivery, PromptDelivery,
Protocol, Protocol,
Provider, Provider,
StartupNoEvidence,
} }
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)] #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
@@ -78,6 +79,7 @@ pub enum WorkerEventKind {
Restarted, Restarted,
Finished, Finished,
Failed, Failed,
StartupNoEvidence,
} }
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)] #[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
@@ -92,9 +94,50 @@ pub enum WorkerTrustResolution {
pub enum WorkerPromptTarget { pub enum WorkerPromptTarget {
Shell, Shell,
WrongTarget, WrongTarget,
WrongTask,
Unknown, Unknown,
} }
/// Classification of startup failure when no evidence is available.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
#[serde(rename_all = "snake_case")]
pub enum StartupFailureClassification {
/// Trust prompt is required but not detected/resolved
TrustRequired,
/// Prompt was delivered to wrong target (shell misdelivery)
PromptMisdelivery,
/// Prompt was sent but acceptance timed out
PromptAcceptanceTimeout,
/// Transport layer is dead/unresponsive
TransportDead,
/// Worker process crashed during startup
WorkerCrashed,
/// Cannot determine specific cause
Unknown,
}
/// Evidence bundle collected when worker startup times out without clear evidence.
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
pub struct StartupEvidenceBundle {
/// Last known worker lifecycle state before timeout
pub last_lifecycle_state: WorkerStatus,
/// The pane/command that was being executed
pub pane_command: String,
/// Timestamp when prompt was sent (if any), unix epoch seconds
#[serde(skip_serializing_if = "Option::is_none")]
pub prompt_sent_at: Option<u64>,
/// Whether prompt acceptance was detected
pub prompt_acceptance_state: bool,
/// Result of trust prompt detection at timeout
pub trust_prompt_detected: bool,
/// Transport health summary (true = healthy/responsive)
pub transport_healthy: bool,
/// MCP health summary (true = all servers healthy)
pub mcp_healthy: bool,
/// Seconds since worker creation
pub elapsed_seconds: u64,
}
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)] #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
#[serde(tag = "type", rename_all = "snake_case")] #[serde(tag = "type", rename_all = "snake_case")]
pub enum WorkerEventPayload { pub enum WorkerEventPayload {
@@ -108,8 +151,26 @@ pub enum WorkerEventPayload {
observed_target: WorkerPromptTarget, observed_target: WorkerPromptTarget,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
observed_cwd: Option<String>, observed_cwd: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
observed_prompt_preview: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
task_receipt: Option<WorkerTaskReceipt>,
recovery_armed: bool, recovery_armed: bool,
}, },
StartupNoEvidence {
evidence: StartupEvidenceBundle,
classification: StartupFailureClassification,
},
}
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
pub struct WorkerTaskReceipt {
pub repo: String,
pub task_kind: String,
pub source_surface: String,
#[serde(default, skip_serializing_if = "Vec::is_empty")]
pub expected_artifacts: Vec<String>,
pub objective_preview: String,
} }
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)] #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
@@ -134,6 +195,7 @@ pub struct Worker {
pub prompt_delivery_attempts: u32, pub prompt_delivery_attempts: u32,
pub prompt_in_flight: bool, pub prompt_in_flight: bool,
pub last_prompt: Option<String>, pub last_prompt: Option<String>,
pub expected_receipt: Option<WorkerTaskReceipt>,
pub replay_prompt: Option<String>, pub replay_prompt: Option<String>,
pub last_error: Option<WorkerFailure>, pub last_error: Option<WorkerFailure>,
pub created_at: u64, pub created_at: u64,
@@ -182,6 +244,7 @@ impl WorkerRegistry {
prompt_delivery_attempts: 0, prompt_delivery_attempts: 0,
prompt_in_flight: false, prompt_in_flight: false,
last_prompt: None, last_prompt: None,
expected_receipt: None,
replay_prompt: None, replay_prompt: None,
last_error: None, last_error: None,
created_at: ts, created_at: ts,
@@ -257,6 +320,7 @@ impl WorkerRegistry {
&lowered, &lowered,
worker.last_prompt.as_deref(), worker.last_prompt.as_deref(),
&worker.cwd, &worker.cwd,
worker.expected_receipt.as_ref(),
) )
}) })
.flatten() .flatten()
@@ -272,6 +336,10 @@ impl WorkerRegistry {
"worker prompt landed in the wrong target instead of {}: {}", "worker prompt landed in the wrong target instead of {}: {}",
worker.cwd, prompt_preview worker.cwd, prompt_preview
), ),
WorkerPromptTarget::WrongTask => format!(
"worker prompt receipt mismatched the expected task context for {}: {}",
worker.cwd, prompt_preview
),
WorkerPromptTarget::Unknown => format!( WorkerPromptTarget::Unknown => format!(
"worker prompt delivery failed before reaching coding agent: {prompt_preview}" "worker prompt delivery failed before reaching coding agent: {prompt_preview}"
), ),
@@ -291,6 +359,8 @@ impl WorkerRegistry {
prompt_preview: prompt_preview.clone(), prompt_preview: prompt_preview.clone(),
observed_target: observation.target, observed_target: observation.target,
observed_cwd: observation.observed_cwd.clone(), observed_cwd: observation.observed_cwd.clone(),
observed_prompt_preview: observation.observed_prompt_preview.clone(),
task_receipt: worker.expected_receipt.clone(),
recovery_armed: false, recovery_armed: false,
}), }),
); );
@@ -306,6 +376,8 @@ impl WorkerRegistry {
prompt_preview, prompt_preview,
observed_target: observation.target, observed_target: observation.target,
observed_cwd: observation.observed_cwd, observed_cwd: observation.observed_cwd,
observed_prompt_preview: observation.observed_prompt_preview,
task_receipt: worker.expected_receipt.clone(),
recovery_armed: true, recovery_armed: true,
}), }),
); );
@@ -374,7 +446,12 @@ impl WorkerRegistry {
Ok(worker.clone()) Ok(worker.clone())
} }
pub fn send_prompt(&self, worker_id: &str, prompt: Option<&str>) -> Result<Worker, String> { pub fn send_prompt(
&self,
worker_id: &str,
prompt: Option<&str>,
task_receipt: Option<WorkerTaskReceipt>,
) -> Result<Worker, String> {
let mut inner = self.inner.lock().expect("worker registry lock poisoned"); let mut inner = self.inner.lock().expect("worker registry lock poisoned");
let worker = inner let worker = inner
.workers .workers
@@ -398,6 +475,7 @@ impl WorkerRegistry {
worker.prompt_delivery_attempts += 1; worker.prompt_delivery_attempts += 1;
worker.prompt_in_flight = true; worker.prompt_in_flight = true;
worker.last_prompt = Some(next_prompt.clone()); worker.last_prompt = Some(next_prompt.clone());
worker.expected_receipt = task_receipt;
worker.replay_prompt = None; worker.replay_prompt = None;
worker.last_error = None; worker.last_error = None;
worker.status = WorkerStatus::Running; worker.status = WorkerStatus::Running;
@@ -528,6 +606,117 @@ impl WorkerRegistry {
Ok(worker.clone()) Ok(worker.clone())
} }
/// Handle startup timeout by emitting typed `worker.startup_no_evidence` event with evidence bundle.
/// Classifier attempts to down-rank the vague bucket into a specific failure classification.
pub fn observe_startup_timeout(
&self,
worker_id: &str,
pane_command: &str,
transport_healthy: bool,
mcp_healthy: bool,
) -> Result<Worker, String> {
let mut inner = self.inner.lock().expect("worker registry lock poisoned");
let worker = inner
.workers
.get_mut(worker_id)
.ok_or_else(|| format!("worker not found: {worker_id}"))?;
let now = now_secs();
let elapsed = now.saturating_sub(worker.created_at);
// Build evidence bundle
let evidence = StartupEvidenceBundle {
last_lifecycle_state: worker.status,
pane_command: pane_command.to_string(),
prompt_sent_at: if worker.prompt_delivery_attempts > 0 {
Some(worker.updated_at)
} else {
None
},
prompt_acceptance_state: worker.status == WorkerStatus::Running
&& !worker.prompt_in_flight,
trust_prompt_detected: worker
.events
.iter()
.any(|e| e.kind == WorkerEventKind::TrustRequired),
transport_healthy,
mcp_healthy,
elapsed_seconds: elapsed,
};
// Classify the failure
let classification = classify_startup_failure(&evidence);
// Emit failure with evidence
worker.last_error = Some(WorkerFailure {
kind: WorkerFailureKind::StartupNoEvidence,
message: format!(
"worker startup stalled after {elapsed}s — classified as {classification:?}"
),
created_at: now,
});
worker.status = WorkerStatus::Failed;
worker.prompt_in_flight = false;
push_event(
worker,
WorkerEventKind::StartupNoEvidence,
WorkerStatus::Failed,
Some(format!(
"startup timeout with evidence: last_state={:?}, trust_detected={}, prompt_accepted={}",
evidence.last_lifecycle_state,
evidence.trust_prompt_detected,
evidence.prompt_acceptance_state
)),
Some(WorkerEventPayload::StartupNoEvidence {
evidence,
classification,
}),
);
Ok(worker.clone())
}
}
/// Classify startup failure based on evidence bundle.
/// Attempts to down-rank the vague `startup-no-evidence` bucket into a specific failure class.
fn classify_startup_failure(evidence: &StartupEvidenceBundle) -> StartupFailureClassification {
// Check for transport death first
if !evidence.transport_healthy {
return StartupFailureClassification::TransportDead;
}
// Check for trust prompt that wasn't resolved
if evidence.trust_prompt_detected
&& evidence.last_lifecycle_state == WorkerStatus::TrustRequired
{
return StartupFailureClassification::TrustRequired;
}
// Check for prompt acceptance timeout
if evidence.prompt_sent_at.is_some()
&& !evidence.prompt_acceptance_state
&& evidence.last_lifecycle_state == WorkerStatus::Running
{
return StartupFailureClassification::PromptAcceptanceTimeout;
}
// Check for misdelivery when prompt was sent but not accepted
if evidence.prompt_sent_at.is_some()
&& !evidence.prompt_acceptance_state
&& evidence.elapsed_seconds > 30
{
return StartupFailureClassification::PromptMisdelivery;
}
// If MCP is unhealthy but transport is fine, worker may have crashed
if !evidence.mcp_healthy && evidence.transport_healthy {
return StartupFailureClassification::WorkerCrashed;
}
// Default to unknown if no stronger classification exists
StartupFailureClassification::Unknown
} }
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)] #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
@@ -548,6 +737,7 @@ fn prompt_misdelivery_is_relevant(worker: &Worker) -> bool {
struct PromptDeliveryObservation { struct PromptDeliveryObservation {
target: WorkerPromptTarget, target: WorkerPromptTarget,
observed_cwd: Option<String>, observed_cwd: Option<String>,
observed_prompt_preview: Option<String>,
} }
fn push_event( fn push_event(
@@ -575,28 +765,28 @@ fn push_event(
/// Write current worker state to `.claw/worker-state.json` under the worker's cwd. /// Write current worker state to `.claw/worker-state.json` under the worker's cwd.
/// This is the file-based observability surface: external observers (clawhip, orchestrators) /// This is the file-based observability surface: external observers (clawhip, orchestrators)
/// poll this file instead of requiring an HTTP route on the opencode binary. /// poll this file instead of requiring an HTTP route on the opencode binary.
#[derive(serde::Serialize)]
struct StateSnapshot<'a> {
worker_id: &'a str,
status: WorkerStatus,
is_ready: bool,
trust_gate_cleared: bool,
prompt_in_flight: bool,
last_event: Option<&'a WorkerEvent>,
updated_at: u64,
/// Seconds since last state transition. Clawhip uses this to detect
/// stalled workers without computing epoch deltas.
seconds_since_update: u64,
}
fn emit_state_file(worker: &Worker) { fn emit_state_file(worker: &Worker) {
let state_dir = std::path::Path::new(&worker.cwd).join(".claw"); let state_dir = std::path::Path::new(&worker.cwd).join(".claw");
if let Err(_) = std::fs::create_dir_all(&state_dir) { if std::fs::create_dir_all(&state_dir).is_err() {
return; return;
} }
let state_path = state_dir.join("worker-state.json"); let state_path = state_dir.join("worker-state.json");
let tmp_path = state_dir.join("worker-state.json.tmp"); let tmp_path = state_dir.join("worker-state.json.tmp");
#[derive(serde::Serialize)]
struct StateSnapshot<'a> {
worker_id: &'a str,
status: WorkerStatus,
is_ready: bool,
trust_gate_cleared: bool,
prompt_in_flight: bool,
last_event: Option<&'a WorkerEvent>,
updated_at: u64,
/// Seconds since last state transition. Clawhip uses this to detect
/// stalled workers without computing epoch deltas.
seconds_since_update: u64,
}
let now = now_secs(); let now = now_secs();
let snapshot = StateSnapshot { let snapshot = StateSnapshot {
worker_id: &worker.worker_id, worker_id: &worker.worker_id,
@@ -699,6 +889,7 @@ fn detect_prompt_misdelivery(
lowered: &str, lowered: &str,
prompt: Option<&str>, prompt: Option<&str>,
expected_cwd: &str, expected_cwd: &str,
expected_receipt: Option<&WorkerTaskReceipt>,
) -> Option<PromptDeliveryObservation> { ) -> Option<PromptDeliveryObservation> {
let Some(prompt) = prompt else { let Some(prompt) = prompt else {
return None; return None;
@@ -713,12 +904,30 @@ fn detect_prompt_misdelivery(
return None; return None;
} }
let prompt_visible = lowered.contains(&prompt_snippet); let prompt_visible = lowered.contains(&prompt_snippet);
let observed_prompt_preview = detect_prompt_echo(screen_text);
if let Some(receipt) = expected_receipt {
let receipt_visible = task_receipt_visible(lowered, receipt);
let mismatched_prompt_visible = observed_prompt_preview
.as_deref()
.map(str::to_ascii_lowercase)
.is_some_and(|preview| !preview.contains(&prompt_snippet));
if (prompt_visible || mismatched_prompt_visible) && !receipt_visible {
return Some(PromptDeliveryObservation {
target: WorkerPromptTarget::WrongTask,
observed_cwd: detect_observed_shell_cwd(screen_text),
observed_prompt_preview,
});
}
}
if let Some(observed_cwd) = detect_observed_shell_cwd(screen_text) { if let Some(observed_cwd) = detect_observed_shell_cwd(screen_text) {
if prompt_visible && !cwd_matches_observed_target(expected_cwd, &observed_cwd) { if prompt_visible && !cwd_matches_observed_target(expected_cwd, &observed_cwd) {
return Some(PromptDeliveryObservation { return Some(PromptDeliveryObservation {
target: WorkerPromptTarget::WrongTarget, target: WorkerPromptTarget::WrongTarget,
observed_cwd: Some(observed_cwd), observed_cwd: Some(observed_cwd),
observed_prompt_preview,
}); });
} }
} }
@@ -736,6 +945,7 @@ fn detect_prompt_misdelivery(
(shell_error && prompt_visible).then_some(PromptDeliveryObservation { (shell_error && prompt_visible).then_some(PromptDeliveryObservation {
target: WorkerPromptTarget::Shell, target: WorkerPromptTarget::Shell,
observed_cwd: None, observed_cwd: None,
observed_prompt_preview,
}) })
} }
@@ -748,10 +958,38 @@ fn prompt_preview(prompt: &str) -> String {
format!("{}", preview.trim_end()) format!("{}", preview.trim_end())
} }
fn detect_prompt_echo(screen_text: &str) -> Option<String> {
screen_text.lines().find_map(|line| {
line.trim_start()
.strip_prefix('')
.map(str::trim)
.filter(|value| !value.is_empty())
.map(str::to_string)
})
}
fn task_receipt_visible(lowered_screen_text: &str, receipt: &WorkerTaskReceipt) -> bool {
let expected_tokens = [
receipt.repo.to_ascii_lowercase(),
receipt.task_kind.to_ascii_lowercase(),
receipt.source_surface.to_ascii_lowercase(),
receipt.objective_preview.to_ascii_lowercase(),
];
expected_tokens
.iter()
.all(|token| lowered_screen_text.contains(token))
&& receipt
.expected_artifacts
.iter()
.all(|artifact| lowered_screen_text.contains(&artifact.to_ascii_lowercase()))
}
fn prompt_misdelivery_detail(observation: &PromptDeliveryObservation) -> &'static str { fn prompt_misdelivery_detail(observation: &PromptDeliveryObservation) -> &'static str {
match observation.target { match observation.target {
WorkerPromptTarget::Shell => "shell misdelivery detected", WorkerPromptTarget::Shell => "shell misdelivery detected",
WorkerPromptTarget::WrongTarget => "prompt landed in wrong target", WorkerPromptTarget::WrongTarget => "prompt landed in wrong target",
WorkerPromptTarget::WrongTask => "prompt receipt mismatched expected task context",
WorkerPromptTarget::Unknown => "prompt delivery failure detected", WorkerPromptTarget::Unknown => "prompt delivery failure detected",
} }
} }
@@ -865,7 +1103,7 @@ mod tests {
WorkerFailureKind::TrustGate WorkerFailureKind::TrustGate
); );
let send_before_resolve = registry.send_prompt(&worker.worker_id, Some("ship it")); let send_before_resolve = registry.send_prompt(&worker.worker_id, Some("ship it"), None);
assert!(send_before_resolve assert!(send_before_resolve
.expect_err("prompt delivery should be gated") .expect_err("prompt delivery should be gated")
.contains("not ready for prompt delivery")); .contains("not ready for prompt delivery"));
@@ -905,7 +1143,7 @@ mod tests {
.expect("ready observe should succeed"); .expect("ready observe should succeed");
let running = registry let running = registry
.send_prompt(&worker.worker_id, Some("Implement worker handshake")) .send_prompt(&worker.worker_id, Some("Implement worker handshake"), None)
.expect("prompt send should succeed"); .expect("prompt send should succeed");
assert_eq!(running.status, WorkerStatus::Running); assert_eq!(running.status, WorkerStatus::Running);
assert_eq!(running.prompt_delivery_attempts, 1); assert_eq!(running.prompt_delivery_attempts, 1);
@@ -941,6 +1179,8 @@ mod tests {
prompt_preview: "Implement worker handshake".to_string(), prompt_preview: "Implement worker handshake".to_string(),
observed_target: WorkerPromptTarget::Shell, observed_target: WorkerPromptTarget::Shell,
observed_cwd: None, observed_cwd: None,
observed_prompt_preview: None,
task_receipt: None,
recovery_armed: false, recovery_armed: false,
}) })
); );
@@ -956,12 +1196,14 @@ mod tests {
prompt_preview: "Implement worker handshake".to_string(), prompt_preview: "Implement worker handshake".to_string(),
observed_target: WorkerPromptTarget::Shell, observed_target: WorkerPromptTarget::Shell,
observed_cwd: None, observed_cwd: None,
observed_prompt_preview: None,
task_receipt: None,
recovery_armed: true, recovery_armed: true,
}) })
); );
let replayed = registry let replayed = registry
.send_prompt(&worker.worker_id, None) .send_prompt(&worker.worker_id, None, None)
.expect("replay send should succeed"); .expect("replay send should succeed");
assert_eq!(replayed.status, WorkerStatus::Running); assert_eq!(replayed.status, WorkerStatus::Running);
assert!(replayed.replay_prompt.is_none()); assert!(replayed.replay_prompt.is_none());
@@ -976,7 +1218,11 @@ mod tests {
.observe(&worker.worker_id, "Ready for input\n>") .observe(&worker.worker_id, "Ready for input\n>")
.expect("ready observe should succeed"); .expect("ready observe should succeed");
registry registry
.send_prompt(&worker.worker_id, Some("Run the worker bootstrap tests")) .send_prompt(
&worker.worker_id,
Some("Run the worker bootstrap tests"),
None,
)
.expect("prompt send should succeed"); .expect("prompt send should succeed");
let recovered = registry let recovered = registry
@@ -1007,6 +1253,8 @@ mod tests {
prompt_preview: "Run the worker bootstrap tests".to_string(), prompt_preview: "Run the worker bootstrap tests".to_string(),
observed_target: WorkerPromptTarget::WrongTarget, observed_target: WorkerPromptTarget::WrongTarget,
observed_cwd: Some("/tmp/repo-target-b".to_string()), observed_cwd: Some("/tmp/repo-target-b".to_string()),
observed_prompt_preview: None,
task_receipt: None,
recovery_armed: false, recovery_armed: false,
}) })
); );
@@ -1049,6 +1297,75 @@ mod tests {
assert!(ready.last_error.is_none()); assert!(ready.last_error.is_none());
} }
#[test]
fn wrong_task_receipt_mismatch_is_detected_before_execution_continues() {
let registry = WorkerRegistry::new();
let worker = registry.create("/tmp/repo-task", &[], true);
registry
.observe(&worker.worker_id, "Ready for input\n>")
.expect("ready observe should succeed");
registry
.send_prompt(
&worker.worker_id,
Some("Implement worker handshake"),
Some(WorkerTaskReceipt {
repo: "claw-code".to_string(),
task_kind: "repo_code".to_string(),
source_surface: "omx_team".to_string(),
expected_artifacts: vec!["patch".to_string(), "tests".to_string()],
objective_preview: "Implement worker handshake".to_string(),
}),
)
.expect("prompt send should succeed");
let recovered = registry
.observe(
&worker.worker_id,
" Explain this KakaoTalk screenshot for a friend\nI can help analyze the screenshot…",
)
.expect("mismatch observe should succeed");
assert_eq!(recovered.status, WorkerStatus::ReadyForPrompt);
assert_eq!(
recovered
.last_error
.expect("mismatch error should exist")
.kind,
WorkerFailureKind::PromptDelivery
);
let mismatch = recovered
.events
.iter()
.find(|event| event.kind == WorkerEventKind::PromptMisdelivery)
.expect("wrong-task event should exist");
assert_eq!(mismatch.status, WorkerStatus::Failed);
assert_eq!(
mismatch.payload,
Some(WorkerEventPayload::PromptDelivery {
prompt_preview: "Implement worker handshake".to_string(),
observed_target: WorkerPromptTarget::WrongTask,
observed_cwd: None,
observed_prompt_preview: Some(
"Explain this KakaoTalk screenshot for a friend".to_string()
),
task_receipt: Some(WorkerTaskReceipt {
repo: "claw-code".to_string(),
task_kind: "repo_code".to_string(),
source_surface: "omx_team".to_string(),
expected_artifacts: vec!["patch".to_string(), "tests".to_string()],
objective_preview: "Implement worker handshake".to_string(),
}),
recovery_armed: false,
})
);
let replay = recovered
.events
.iter()
.find(|event| event.kind == WorkerEventKind::PromptReplayArmed)
.expect("replay event should exist");
assert_eq!(replay.status, WorkerStatus::ReadyForPrompt);
}
#[test] #[test]
fn restart_and_terminate_reset_or_finish_worker() { fn restart_and_terminate_reset_or_finish_worker() {
let registry = WorkerRegistry::new(); let registry = WorkerRegistry::new();
@@ -1057,7 +1374,7 @@ mod tests {
.observe(&worker.worker_id, "Ready for input\n>") .observe(&worker.worker_id, "Ready for input\n>")
.expect("ready observe should succeed"); .expect("ready observe should succeed");
registry registry
.send_prompt(&worker.worker_id, Some("Run tests")) .send_prompt(&worker.worker_id, Some("Run tests"), None)
.expect("prompt send should succeed"); .expect("prompt send should succeed");
let restarted = registry let restarted = registry
@@ -1086,7 +1403,7 @@ mod tests {
.observe(&worker.worker_id, "Ready for input\n>") .observe(&worker.worker_id, "Ready for input\n>")
.expect("ready observe should succeed"); .expect("ready observe should succeed");
registry registry
.send_prompt(&worker.worker_id, Some("Run tests")) .send_prompt(&worker.worker_id, Some("Run tests"), None)
.expect("prompt send should succeed"); .expect("prompt send should succeed");
let failed = registry let failed = registry
@@ -1163,7 +1480,7 @@ mod tests {
.observe(&worker.worker_id, "Ready for input\n>") .observe(&worker.worker_id, "Ready for input\n>")
.expect("ready observe should succeed"); .expect("ready observe should succeed");
registry registry
.send_prompt(&worker.worker_id, Some("Run tests")) .send_prompt(&worker.worker_id, Some("Run tests"), None)
.expect("prompt send should succeed"); .expect("prompt send should succeed");
let finished = registry let finished = registry
@@ -1177,4 +1494,215 @@ mod tests {
.iter() .iter()
.any(|event| event.kind == WorkerEventKind::Finished)); .any(|event| event.kind == WorkerEventKind::Finished));
} }
#[test]
fn startup_timeout_emits_evidence_bundle_with_classification() {
let registry = WorkerRegistry::new();
let worker = registry.create("/tmp/repo-timeout", &[], true);
// Simulate startup timeout with transport dead
let timed_out = registry
.observe_startup_timeout(&worker.worker_id, "cargo test", false, true)
.expect("startup timeout observe should succeed");
assert_eq!(timed_out.status, WorkerStatus::Failed);
let error = timed_out
.last_error
.expect("startup timeout error should exist");
assert_eq!(error.kind, WorkerFailureKind::StartupNoEvidence);
// Check for "TransportDead" (the Debug representation of the enum variant)
assert!(
error.message.contains("TransportDead"),
"expected TransportDead in: {}",
error.message
);
let event = timed_out
.events
.iter()
.find(|e| e.kind == WorkerEventKind::StartupNoEvidence)
.expect("startup no evidence event should exist");
match event.payload.as_ref() {
Some(WorkerEventPayload::StartupNoEvidence {
evidence,
classification,
}) => {
assert_eq!(
evidence.last_lifecycle_state,
WorkerStatus::Spawning,
"last state should be spawning"
);
assert_eq!(evidence.pane_command, "cargo test");
assert!(!evidence.transport_healthy);
assert!(evidence.mcp_healthy);
assert_eq!(*classification, StartupFailureClassification::TransportDead);
}
_ => panic!(
"expected StartupNoEvidence payload, got {:?}",
event.payload
),
}
}
#[test]
fn startup_timeout_classifies_trust_required_when_prompt_blocked() {
let registry = WorkerRegistry::new();
let worker = registry.create("/tmp/repo-trust", &[], false);
// Simulate trust prompt detected but not resolved
registry
.observe(
&worker.worker_id,
"Do you trust the files in this folder?\n1. Yes, proceed\n2. No",
)
.expect("trust observe should succeed");
// Now simulate startup timeout
let timed_out = registry
.observe_startup_timeout(&worker.worker_id, "claw prompt", true, true)
.expect("startup timeout observe should succeed");
let event = timed_out
.events
.iter()
.find(|e| e.kind == WorkerEventKind::StartupNoEvidence)
.expect("startup no evidence event should exist");
match event.payload.as_ref() {
Some(WorkerEventPayload::StartupNoEvidence { classification, .. }) => {
assert_eq!(
*classification,
StartupFailureClassification::TrustRequired,
"should classify as trust_required when trust prompt detected"
);
}
_ => panic!("expected StartupNoEvidence payload"),
}
}
#[test]
fn startup_timeout_classifies_prompt_acceptance_timeout() {
let registry = WorkerRegistry::new();
let worker = registry.create("/tmp/repo-accept", &[], true);
// Get worker to ReadyForPrompt
registry
.observe(&worker.worker_id, "Ready for your input\n>")
.expect("ready observe should succeed");
// Send prompt but don't get acceptance
registry
.send_prompt(&worker.worker_id, Some("Run tests"), None)
.expect("prompt send should succeed");
// Simulate startup timeout while prompt is still in flight
let timed_out = registry
.observe_startup_timeout(&worker.worker_id, "claw prompt", true, true)
.expect("startup timeout observe should succeed");
let event = timed_out
.events
.iter()
.find(|e| e.kind == WorkerEventKind::StartupNoEvidence)
.expect("startup no evidence event should exist");
match event.payload.as_ref() {
Some(WorkerEventPayload::StartupNoEvidence {
evidence,
classification,
}) => {
assert!(
evidence.prompt_sent_at.is_some(),
"should have prompt_sent_at"
);
assert!(!evidence.prompt_acceptance_state, "prompt not yet accepted");
assert_eq!(
*classification,
StartupFailureClassification::PromptAcceptanceTimeout
);
}
_ => panic!("expected StartupNoEvidence payload"),
}
}
#[test]
fn startup_evidence_bundle_serializes_correctly() {
let bundle = StartupEvidenceBundle {
last_lifecycle_state: WorkerStatus::Running,
pane_command: "test command".to_string(),
prompt_sent_at: Some(1_234_567_890),
prompt_acceptance_state: false,
trust_prompt_detected: true,
transport_healthy: true,
mcp_healthy: false,
elapsed_seconds: 60,
};
let json = serde_json::to_string(&bundle).expect("should serialize");
assert!(json.contains("\"last_lifecycle_state\""));
assert!(json.contains("\"pane_command\""));
assert!(json.contains("\"prompt_sent_at\":1234567890"));
assert!(json.contains("\"trust_prompt_detected\":true"));
assert!(json.contains("\"transport_healthy\":true"));
assert!(json.contains("\"mcp_healthy\":false"));
let deserialized: StartupEvidenceBundle =
serde_json::from_str(&json).expect("should deserialize");
assert_eq!(deserialized.last_lifecycle_state, WorkerStatus::Running);
assert_eq!(deserialized.prompt_sent_at, Some(1_234_567_890));
}
#[test]
fn classify_startup_failure_detects_transport_dead() {
let evidence = StartupEvidenceBundle {
last_lifecycle_state: WorkerStatus::Spawning,
pane_command: "test".to_string(),
prompt_sent_at: None,
prompt_acceptance_state: false,
trust_prompt_detected: false,
transport_healthy: false,
mcp_healthy: true,
elapsed_seconds: 30,
};
let classification = classify_startup_failure(&evidence);
assert_eq!(classification, StartupFailureClassification::TransportDead);
}
#[test]
fn classify_startup_failure_defaults_to_unknown() {
let evidence = StartupEvidenceBundle {
last_lifecycle_state: WorkerStatus::Spawning,
pane_command: "test".to_string(),
prompt_sent_at: None,
prompt_acceptance_state: false,
trust_prompt_detected: false,
transport_healthy: true,
mcp_healthy: true,
elapsed_seconds: 10,
};
let classification = classify_startup_failure(&evidence);
assert_eq!(classification, StartupFailureClassification::Unknown);
}
#[test]
fn classify_startup_failure_detects_worker_crashed() {
// Worker crashed scenario: transport healthy but MCP unhealthy
// Don't have prompt in flight (no prompt_sent_at) to avoid matching PromptAcceptanceTimeout
let evidence = StartupEvidenceBundle {
last_lifecycle_state: WorkerStatus::Spawning,
pane_command: "test".to_string(),
prompt_sent_at: None, // No prompt sent yet
prompt_acceptance_state: false,
trust_prompt_detected: false,
transport_healthy: true,
mcp_healthy: false, // MCP unhealthy but transport healthy suggests crash
elapsed_seconds: 45,
};
let classification = classify_startup_failure(&evidence);
assert_eq!(classification, StartupFailureClassification::WorkerCrashed);
}
} }

2
rust/crates/runtime/tests/integration_tests.rs
View File

@@ -304,7 +304,7 @@ fn worker_provider_failure_flows_through_recovery_to_policy() {
.observe(&worker.worker_id, "Ready for your input\n>") .observe(&worker.worker_id, "Ready for your input\n>")
.expect("ready observe should succeed"); .expect("ready observe should succeed");
registry registry
.send_prompt(&worker.worker_id, Some("Run analysis")) .send_prompt(&worker.worker_id, Some("Run analysis"), None)
.expect("prompt send should succeed"); .expect("prompt send should succeed");
// Session completes with provider failure (finish="unknown", tokens=0) // Session completes with provider failure (finish="unknown", tokens=0)

10
rust/crates/rusty-claude-cli/build.rs
View File

@@ -14,14 +14,13 @@ fn main() {
None None
} }
}) })
.map(|s| s.trim().to_string()) .map_or_else(|| "unknown".to_string(), |s| s.trim().to_string());
.unwrap_or_else(|| "unknown".to_string());
println!("cargo:rustc-env=GIT_SHA={}", git_sha); println!("cargo:rustc-env=GIT_SHA={git_sha}");
// TARGET is always set by Cargo during build // TARGET is always set by Cargo during build
let target = env::var("TARGET").unwrap_or_else(|_| "unknown".to_string()); let target = env::var("TARGET").unwrap_or_else(|_| "unknown".to_string());
println!("cargo:rustc-env=TARGET={}", target); println!("cargo:rustc-env=TARGET={target}");
// Build date from SOURCE_DATE_EPOCH (reproducible builds) or current UTC date. // Build date from SOURCE_DATE_EPOCH (reproducible builds) or current UTC date.
// Intentionally ignoring time component to keep output deterministic within a day. // Intentionally ignoring time component to keep output deterministic within a day.
@@ -48,8 +47,7 @@ fn main() {
None None
} }
}) })
.map(|s| s.trim().to_string()) .map_or_else(|| "unknown".to_string(), |s| s.trim().to_string())
.unwrap_or_else(|| "unknown".to_string())
}); });
println!("cargo:rustc-env=BUILD_DATE={build_date}"); println!("cargo:rustc-env=BUILD_DATE={build_date}");

105
rust/crates/rusty-claude-cli/src/init.rs
View File

@@ -9,7 +9,7 @@ const STARTER_CLAW_JSON: &str = concat!(
"}\n", "}\n",
); );
const GITIGNORE_COMMENT: &str = "# Claw Code local artifacts"; const GITIGNORE_COMMENT: &str = "# Claw Code local artifacts";
const GITIGNORE_ENTRIES: [&str; 2] = [".claw/settings.local.json", ".claw/sessions/"]; const GITIGNORE_ENTRIES: [&str; 3] = [".claw/settings.local.json", ".claw/sessions/", ".clawhip/"];
#[derive(Debug, Clone, Copy, PartialEq, Eq)] #[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub(crate) enum InitStatus { pub(crate) enum InitStatus {
@@ -27,6 +27,18 @@ impl InitStatus {
Self::Skipped => "skipped (already exists)", Self::Skipped => "skipped (already exists)",
} }
} }
/// Machine-stable identifier for structured output (#142).
/// Unlike `label()`, this never changes wording: claws can switch on
/// these values without brittle substring matching.
#[must_use]
pub(crate) fn json_tag(self) -> &'static str {
match self {
Self::Created => "created",
Self::Updated => "updated",
Self::Skipped => "skipped",
}
}
} }
#[derive(Debug, Clone, PartialEq, Eq)] #[derive(Debug, Clone, PartialEq, Eq)]
@@ -58,6 +70,36 @@ impl InitReport {
lines.push(" Next step Review and tailor the generated guidance".to_string()); lines.push(" Next step Review and tailor the generated guidance".to_string());
lines.join("\n") lines.join("\n")
} }
/// Summary constant that claws can embed in JSON output without having
/// to read it out of the human-formatted `message` string (#142).
pub(crate) const NEXT_STEP: &'static str = "Review and tailor the generated guidance";
/// Artifact names that ended in the given status. Used to build the
/// structured `created[]`/`updated[]`/`skipped[]` arrays for #142.
#[must_use]
pub(crate) fn artifacts_with_status(&self, status: InitStatus) -> Vec<String> {
self.artifacts
.iter()
.filter(|artifact| artifact.status == status)
.map(|artifact| artifact.name.to_string())
.collect()
}
/// Structured artifact list for JSON output (#142). Each entry carries
/// `name` and machine-stable `status` tag.
#[must_use]
pub(crate) fn artifact_json_entries(&self) -> Vec<serde_json::Value> {
self.artifacts
.iter()
.map(|artifact| {
serde_json::json!({
"name": artifact.name,
"status": artifact.status.json_tag(),
})
})
.collect()
}
} }
#[derive(Debug, Clone, Default, PartialEq, Eq)] #[derive(Debug, Clone, Default, PartialEq, Eq)]
@@ -333,7 +375,7 @@ fn framework_notes(detection: &RepoDetection) -> Vec<String> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::{initialize_repo, render_init_claude_md}; use super::{initialize_repo, render_init_claude_md, InitStatus};
use std::fs; use std::fs;
use std::path::Path; use std::path::Path;
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
@@ -375,6 +417,7 @@ mod tests {
let gitignore = fs::read_to_string(root.join(".gitignore")).expect("read gitignore"); let gitignore = fs::read_to_string(root.join(".gitignore")).expect("read gitignore");
assert!(gitignore.contains(".claw/settings.local.json")); assert!(gitignore.contains(".claw/settings.local.json"));
assert!(gitignore.contains(".claw/sessions/")); assert!(gitignore.contains(".claw/sessions/"));
assert!(gitignore.contains(".clawhip/"));
let claude_md = fs::read_to_string(root.join("CLAUDE.md")).expect("read claude md"); let claude_md = fs::read_to_string(root.join("CLAUDE.md")).expect("read claude md");
assert!(claude_md.contains("Languages: Rust.")); assert!(claude_md.contains("Languages: Rust."));
assert!(claude_md.contains("cargo clippy --workspace --all-targets -- -D warnings")); assert!(claude_md.contains("cargo clippy --workspace --all-targets -- -D warnings"));
@@ -407,6 +450,64 @@ mod tests {
let gitignore = fs::read_to_string(root.join(".gitignore")).expect("read gitignore"); let gitignore = fs::read_to_string(root.join(".gitignore")).expect("read gitignore");
assert_eq!(gitignore.matches(".claw/settings.local.json").count(), 1); assert_eq!(gitignore.matches(".claw/settings.local.json").count(), 1);
assert_eq!(gitignore.matches(".claw/sessions/").count(), 1); assert_eq!(gitignore.matches(".claw/sessions/").count(), 1);
assert_eq!(gitignore.matches(".clawhip/").count(), 1);
fs::remove_dir_all(root).expect("cleanup temp dir");
}
#[test]
fn artifacts_with_status_partitions_fresh_and_idempotent_runs() {
// #142: the structured JSON output needs to be able to partition
// artifacts into created/updated/skipped without substring matching
// the human-formatted `message` string.
let root = temp_dir();
fs::create_dir_all(&root).expect("create root");
let fresh = initialize_repo(&root).expect("fresh init should succeed");
let created_names = fresh.artifacts_with_status(InitStatus::Created);
assert_eq!(
created_names,
vec![
".claw/".to_string(),
".claw.json".to_string(),
".gitignore".to_string(),
"CLAUDE.md".to_string(),
],
"fresh init should place all four artifacts in created[]"
);
assert!(
fresh.artifacts_with_status(InitStatus::Skipped).is_empty(),
"fresh init should have no skipped artifacts"
);
let second = initialize_repo(&root).expect("second init should succeed");
let skipped_names = second.artifacts_with_status(InitStatus::Skipped);
assert_eq!(
skipped_names,
vec![
".claw/".to_string(),
".claw.json".to_string(),
".gitignore".to_string(),
"CLAUDE.md".to_string(),
],
"idempotent init should place all four artifacts in skipped[]"
);
assert!(
second.artifacts_with_status(InitStatus::Created).is_empty(),
"idempotent init should have no created artifacts"
);
// artifact_json_entries() uses the machine-stable `json_tag()` which
// never changes wording (unlike `label()` which says "skipped (already exists)").
let entries = second.artifact_json_entries();
assert_eq!(entries.len(), 4);
for entry in &entries {
let status = entry.get("status").and_then(|v| v.as_str()).unwrap();
assert_eq!(
status, "skipped",
"machine status tag should be the bare word 'skipped', not label()'s 'skipped (already exists)'"
);
}
fs::remove_dir_all(root).expect("cleanup temp dir"); fs::remove_dir_all(root).expect("cleanup temp dir");
} }

3591
rust/crates/rusty-claude-cli/src/main.rs
View File

File diff suppressed because it is too large Load Diff

8
rust/crates/rusty-claude-cli/src/render.rs
View File

@@ -639,10 +639,16 @@ fn apply_code_block_background(line: &str) -> String {
/// fence markers of equal or greater length are wrapped with a longer fence. /// fence markers of equal or greater length are wrapped with a longer fence.
/// ///
/// LLMs frequently emit triple-backtick code blocks that contain triple-backtick /// LLMs frequently emit triple-backtick code blocks that contain triple-backtick
/// examples. CommonMark (and pulldown-cmark) treats the inner marker as the /// examples. `CommonMark` (and pulldown-cmark) treats the inner marker as the
/// closing fence, breaking the render. This function detects the situation and /// closing fence, breaking the render. This function detects the situation and
/// upgrades the outer fence to use enough backticks (or tildes) that the inner /// upgrades the outer fence to use enough backticks (or tildes) that the inner
/// markers become ordinary content. /// markers become ordinary content.
#[allow(
clippy::too_many_lines,
clippy::items_after_statements,
clippy::manual_repeat_n,
clippy::manual_str_repeat
)]
fn normalize_nested_fences(markdown: &str) -> String { fn normalize_nested_fences(markdown: &str) -> String {
// A fence line is either "labeled" (has an info string ⇒ always an opener) // A fence line is either "labeled" (has an info string ⇒ always an opener)
// or "bare" (no info string ⇒ could be opener or closer). // or "bare" (no info string ⇒ could be opener or closer).

2
rust/crates/rusty-claude-cli/tests/cli_flags_and_config_defaults.rs
View File

@@ -266,7 +266,7 @@ fn command_in(cwd: &Path) -> Command {
fn write_session(root: &Path, label: &str) -> PathBuf { fn write_session(root: &Path, label: &str) -> PathBuf {
let session_path = root.join(format!("{label}.jsonl")); let session_path = root.join(format!("{label}.jsonl"));
let mut session = Session::new(); let mut session = Session::new().with_workspace_root(root.to_path_buf());
session session
.push_user_text(format!("session fixture for {label}")) .push_user_text(format!("session fixture for {label}"))
.expect("session write should succeed"); .expect("session write should succeed");

55
rust/crates/rusty-claude-cli/tests/compact_output.rs
View File

@@ -5,6 +5,7 @@ use std::sync::atomic::{AtomicU64, Ordering};
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use mock_anthropic_service::{MockAnthropicService, SCENARIO_PREFIX}; use mock_anthropic_service::{MockAnthropicService, SCENARIO_PREFIX};
use serde_json::Value;
static TEMP_COUNTER: AtomicU64 = AtomicU64::new(0); static TEMP_COUNTER: AtomicU64 = AtomicU64::new(0);
@@ -125,6 +126,60 @@ fn compact_flag_streaming_text_only_emits_final_message_text() {
fs::remove_dir_all(&workspace).expect("workspace cleanup should succeed"); fs::remove_dir_all(&workspace).expect("workspace cleanup should succeed");
} }
#[test]
fn compact_flag_with_json_output_emits_structured_json() {
let runtime = tokio::runtime::Runtime::new().expect("tokio runtime should build");
let server = runtime
.block_on(MockAnthropicService::spawn())
.expect("mock service should start");
let base_url = server.base_url();
let workspace = unique_temp_dir("compact-json");
let config_home = workspace.join("config-home");
let home = workspace.join("home");
fs::create_dir_all(&workspace).expect("workspace should exist");
fs::create_dir_all(&config_home).expect("config home should exist");
fs::create_dir_all(&home).expect("home should exist");
let prompt = format!("{SCENARIO_PREFIX}streaming_text");
let output = run_claw(
&workspace,
&config_home,
&home,
&base_url,
&[
"--model",
"sonnet",
"--permission-mode",
"read-only",
"--output-format",
"json",
"--compact",
&prompt,
],
);
assert!(
output.status.success(),
"compact json run should succeed
stdout:
{}
stderr:
{}",
String::from_utf8_lossy(&output.stdout),
String::from_utf8_lossy(&output.stderr),
);
let stdout = String::from_utf8(output.stdout).expect("stdout should be utf8");
let parsed: Value = serde_json::from_str(&stdout).expect("compact json stdout should parse");
assert_eq!(parsed["message"], "Mock streaming says hello from the parity harness.");
assert_eq!(parsed["compact"], true);
assert_eq!(parsed["model"], "claude-sonnet-4-6");
assert!(parsed["usage"].is_object());
fs::remove_dir_all(&workspace).expect("workspace cleanup should succeed");
}
fn run_claw( fn run_claw(
cwd: &std::path::Path, cwd: &std::path::Path,
config_home: &std::path::Path, config_home: &std::path::Path,

97
rust/crates/rusty-claude-cli/tests/output_format_contract.rs
View File

@@ -4,6 +4,7 @@ use std::process::{Command, Output};
use std::sync::atomic::{AtomicU64, Ordering}; use std::sync::atomic::{AtomicU64, Ordering};
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use runtime::Session;
use serde_json::Value; use serde_json::Value;
static TEMP_COUNTER: AtomicU64 = AtomicU64::new(0); static TEMP_COUNTER: AtomicU64 = AtomicU64::new(0);
@@ -45,6 +46,24 @@ fn status_and_sandbox_emit_json_when_requested() {
assert!(sandbox["filesystem_mode"].as_str().is_some()); assert!(sandbox["filesystem_mode"].as_str().is_some());
} }
#[test]
fn acp_guidance_emits_json_when_requested() {
let root = unique_temp_dir("acp-json");
fs::create_dir_all(&root).expect("temp dir should exist");
let acp = assert_json_command(&root, &["--output-format", "json", "acp"]);
assert_eq!(acp["kind"], "acp");
assert_eq!(acp["status"], "discoverability_only");
assert_eq!(acp["supported"], false);
assert_eq!(acp["serve_alias_only"], true);
assert_eq!(acp["discoverability_tracking"], "ROADMAP #64a");
assert_eq!(acp["tracking"], "ROADMAP #76");
assert!(acp["message"]
.as_str()
.expect("acp message")
.contains("discoverability alias"));
}
#[test] #[test]
fn inventory_commands_emit_structured_json_when_requested() { fn inventory_commands_emit_structured_json_when_requested() {
let root = unique_temp_dir("inventory-json"); let root = unique_temp_dir("inventory-json");
@@ -173,13 +192,15 @@ fn dump_manifests_and_init_emit_json_when_requested() {
fs::create_dir_all(&root).expect("temp dir should exist"); fs::create_dir_all(&root).expect("temp dir should exist");
let upstream = write_upstream_fixture(&root); let upstream = write_upstream_fixture(&root);
let manifests = assert_json_command_with_env( let manifests = assert_json_command(
&root, &root,
&["--output-format", "json", "dump-manifests"], &[
&[( "--output-format",
"CLAUDE_CODE_UPSTREAM", "json",
"dump-manifests",
"--manifests-dir",
upstream.to_str().expect("utf8 upstream"), upstream.to_str().expect("utf8 upstream"),
)], ],
); );
assert_eq!(manifests["kind"], "dump-manifests"); assert_eq!(manifests["kind"], "dump-manifests");
assert_eq!(manifests["commands"], 1); assert_eq!(manifests["commands"], 1);
@@ -206,7 +227,7 @@ fn doctor_and_resume_status_emit_json_when_requested() {
assert!(summary["failures"].as_u64().is_some()); assert!(summary["failures"].as_u64().is_some());
let checks = doctor["checks"].as_array().expect("doctor checks"); let checks = doctor["checks"].as_array().expect("doctor checks");
assert_eq!(checks.len(), 5); assert_eq!(checks.len(), 6);
let check_names = checks let check_names = checks
.iter() .iter()
.map(|check| { .map(|check| {
@@ -218,7 +239,27 @@ fn doctor_and_resume_status_emit_json_when_requested() {
.collect::<Vec<_>>(); .collect::<Vec<_>>();
assert_eq!( assert_eq!(
check_names, check_names,
vec!["auth", "config", "workspace", "sandbox", "system"] vec![
"auth",
"config",
"install source",
"workspace",
"sandbox",
"system"
]
);
let install_source = checks
.iter()
.find(|check| check["name"] == "install source")
.expect("install source check");
assert_eq!(
install_source["official_repo"],
"https://github.com/ultraworkers/claw-code"
);
assert_eq!(
install_source["deprecated_install"],
"cargo install claw-code"
); );
let workspace = checks let workspace = checks
@@ -236,12 +277,7 @@ fn doctor_and_resume_status_emit_json_when_requested() {
assert!(sandbox["enabled"].is_boolean()); assert!(sandbox["enabled"].is_boolean());
assert!(sandbox["fallback_reason"].is_null() || sandbox["fallback_reason"].is_string()); assert!(sandbox["fallback_reason"].is_null() || sandbox["fallback_reason"].is_string());
let session_path = root.join("session.jsonl"); let session_path = write_session_fixture(&root, "resume-json", Some("hello"));
fs::write(
&session_path,
"{\"type\":\"session_meta\",\"version\":3,\"session_id\":\"resume-json\",\"created_at_ms\":0,\"updated_at_ms\":0}\n{\"type\":\"message\",\"message\":{\"role\":\"user\",\"blocks\":[{\"type\":\"text\",\"text\":\"hello\"}]}}\n",
)
.expect("session should write");
let resumed = assert_json_command( let resumed = assert_json_command(
&root, &root,
&[ &[
@@ -253,7 +289,8 @@ fn doctor_and_resume_status_emit_json_when_requested() {
], ],
); );
assert_eq!(resumed["kind"], "status"); assert_eq!(resumed["kind"], "status");
assert_eq!(resumed["model"], "restored-session"); // model is null in resume mode (not known without --model flag)
assert!(resumed["model"].is_null());
assert_eq!(resumed["usage"]["messages"], 1); assert_eq!(resumed["usage"]["messages"], 1);
assert!(resumed["workspace"]["cwd"].as_str().is_some()); assert!(resumed["workspace"]["cwd"].as_str().is_some());
assert!(resumed["sandbox"]["filesystem_mode"].as_str().is_some()); assert!(resumed["sandbox"]["filesystem_mode"].as_str().is_some());
@@ -267,12 +304,7 @@ fn resumed_inventory_commands_emit_structured_json_when_requested() {
fs::create_dir_all(&config_home).expect("config home should exist"); fs::create_dir_all(&config_home).expect("config home should exist");
fs::create_dir_all(&home).expect("home should exist"); fs::create_dir_all(&home).expect("home should exist");
let session_path = root.join("session.jsonl"); let session_path = write_session_fixture(&root, "resume-inventory-json", Some("inventory"));
fs::write(
&session_path,
"{\"type\":\"session_meta\",\"version\":3,\"session_id\":\"resume-inventory-json\",\"created_at_ms\":0,\"updated_at_ms\":0}\n{\"type\":\"message\",\"message\":{\"role\":\"user\",\"blocks\":[{\"type\":\"text\",\"text\":\"inventory\"}]}}\n",
)
.expect("session should write");
let mcp = assert_json_command_with_env( let mcp = assert_json_command_with_env(
&root, &root,
@@ -323,12 +355,7 @@ fn resumed_version_and_init_emit_structured_json_when_requested() {
let root = unique_temp_dir("resume-version-init-json"); let root = unique_temp_dir("resume-version-init-json");
fs::create_dir_all(&root).expect("temp dir should exist"); fs::create_dir_all(&root).expect("temp dir should exist");
let session_path = root.join("session.jsonl"); let session_path = write_session_fixture(&root, "resume-version-init-json", None);
fs::write(
&session_path,
"{\"type\":\"session_meta\",\"version\":3,\"session_id\":\"resume-version-init-json\",\"created_at_ms\":0,\"updated_at_ms\":0}\n",
)
.expect("session should write");
let version = assert_json_command( let version = assert_json_command(
&root, &root,
@@ -404,6 +431,24 @@ fn write_upstream_fixture(root: &Path) -> PathBuf {
upstream upstream
} }
fn write_session_fixture(root: &Path, session_id: &str, user_text: Option<&str>) -> PathBuf {
let session_path = root.join("session.jsonl");
let mut session = Session::new()
.with_workspace_root(root.to_path_buf())
.with_persistence_path(session_path.clone());
session.session_id = session_id.to_string();
if let Some(text) = user_text {
session
.push_user_text(text)
.expect("session fixture message should persist");
} else {
session
.save_to_path(&session_path)
.expect("session fixture should persist");
}
session_path
}
fn write_agent(root: &Path, name: &str, description: &str, model: &str, reasoning: &str) { fn write_agent(root: &Path, name: &str, description: &str, model: &str, reasoning: &str) {
fs::create_dir_all(root).expect("agent root should exist"); fs::create_dir_all(root).expect("agent root should exist");
fs::write( fs::write(

239
rust/crates/rusty-claude-cli/tests/resume_slash_commands.rs
View File

@@ -20,7 +20,7 @@ fn resumed_binary_accepts_slash_commands_with_arguments() {
let session_path = temp_dir.join("session.jsonl"); let session_path = temp_dir.join("session.jsonl");
let export_path = temp_dir.join("notes.txt"); let export_path = temp_dir.join("notes.txt");
let mut session = Session::new(); let mut session = workspace_session(&temp_dir);
session session
.push_user_text("ship the slash command harness") .push_user_text("ship the slash command harness")
.expect("session write should succeed"); .expect("session write should succeed");
@@ -122,7 +122,7 @@ fn resumed_config_command_loads_settings_files_end_to_end() {
fs::create_dir_all(&config_home).expect("config home should exist"); fs::create_dir_all(&config_home).expect("config home should exist");
let session_path = project_dir.join("session.jsonl"); let session_path = project_dir.join("session.jsonl");
Session::new() workspace_session(&project_dir)
.with_persistence_path(&session_path) .with_persistence_path(&session_path)
.save_to_path(&session_path) .save_to_path(&session_path)
.expect("session should persist"); .expect("session should persist");
@@ -180,13 +180,13 @@ fn resume_latest_restores_the_most_recent_managed_session() {
// given // given
let temp_dir = unique_temp_dir("resume-latest"); let temp_dir = unique_temp_dir("resume-latest");
let project_dir = temp_dir.join("project"); let project_dir = temp_dir.join("project");
let sessions_dir = project_dir.join(".claw").join("sessions"); fs::create_dir_all(&project_dir).expect("project dir should exist");
fs::create_dir_all(&sessions_dir).expect("sessions dir should exist"); let project_dir = fs::canonicalize(&project_dir).unwrap_or(project_dir);
let store = runtime::SessionStore::from_cwd(&project_dir).expect("session store should build");
let older_path = store.create_handle("session-older").path;
let newer_path = store.create_handle("session-newer").path;
let older_path = sessions_dir.join("session-older.jsonl"); let mut older = workspace_session(&project_dir).with_persistence_path(&older_path);
let newer_path = sessions_dir.join("session-newer.jsonl");
let mut older = Session::new().with_persistence_path(&older_path);
older older
.push_user_text("older session") .push_user_text("older session")
.expect("older session write should succeed"); .expect("older session write should succeed");
@@ -194,7 +194,7 @@ fn resume_latest_restores_the_most_recent_managed_session() {
.save_to_path(&older_path) .save_to_path(&older_path)
.expect("older session should persist"); .expect("older session should persist");
let mut newer = Session::new().with_persistence_path(&newer_path); let mut newer = workspace_session(&project_dir).with_persistence_path(&newer_path);
newer newer
.push_user_text("newer session") .push_user_text("newer session")
.expect("newer session write should succeed"); .expect("newer session write should succeed");
@@ -229,7 +229,7 @@ fn resumed_status_command_emits_structured_json_when_requested() {
fs::create_dir_all(&temp_dir).expect("temp dir should exist"); fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl"); let session_path = temp_dir.join("session.jsonl");
let mut session = Session::new(); let mut session = workspace_session(&temp_dir);
session session
.push_user_text("resume status json fixture") .push_user_text("resume status json fixture")
.expect("session write should succeed"); .expect("session write should succeed");
@@ -261,7 +261,8 @@ fn resumed_status_command_emits_structured_json_when_requested() {
let parsed: Value = let parsed: Value =
serde_json::from_str(stdout.trim()).expect("resume status output should be json"); serde_json::from_str(stdout.trim()).expect("resume status output should be json");
assert_eq!(parsed["kind"], "status"); assert_eq!(parsed["kind"], "status");
assert_eq!(parsed["model"], "restored-session"); // model is null in resume mode (not known without --model flag)
assert!(parsed["model"].is_null());
assert_eq!(parsed["permission_mode"], "danger-full-access"); assert_eq!(parsed["permission_mode"], "danger-full-access");
assert_eq!(parsed["usage"]["messages"], 1); assert_eq!(parsed["usage"]["messages"], 1);
assert!(parsed["usage"]["turns"].is_number()); assert!(parsed["usage"]["turns"].is_number());
@@ -275,6 +276,47 @@ fn resumed_status_command_emits_structured_json_when_requested() {
assert!(parsed["sandbox"]["filesystem_mode"].as_str().is_some()); assert!(parsed["sandbox"]["filesystem_mode"].as_str().is_some());
} }
#[test]
fn resumed_status_surfaces_persisted_model() {
// given — create a session with model already set
let temp_dir = unique_temp_dir("resume-status-model");
fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl");
let mut session = workspace_session(&temp_dir);
session.model = Some("claude-sonnet-4-6".to_string());
session
.push_user_text("model persistence fixture")
.expect("write ok");
session.save_to_path(&session_path).expect("persist ok");
// when
let output = run_claw(
&temp_dir,
&[
"--output-format",
"json",
"--resume",
session_path.to_str().expect("utf8 path"),
"/status",
],
);
// then
assert!(
output.status.success(),
"stderr:\n{}",
String::from_utf8_lossy(&output.stderr)
);
let stdout = String::from_utf8(output.stdout).expect("utf8");
let parsed: Value = serde_json::from_str(stdout.trim()).expect("should be json");
assert_eq!(parsed["kind"], "status");
assert_eq!(
parsed["model"], "claude-sonnet-4-6",
"model should round-trip through session metadata"
);
}
#[test] #[test]
fn resumed_sandbox_command_emits_structured_json_when_requested() { fn resumed_sandbox_command_emits_structured_json_when_requested() {
// given // given
@@ -282,7 +324,7 @@ fn resumed_sandbox_command_emits_structured_json_when_requested() {
fs::create_dir_all(&temp_dir).expect("temp dir should exist"); fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl"); let session_path = temp_dir.join("session.jsonl");
Session::new() workspace_session(&temp_dir)
.save_to_path(&session_path) .save_to_path(&session_path)
.expect("session should persist"); .expect("session should persist");
@@ -318,10 +360,183 @@ fn resumed_sandbox_command_emits_structured_json_when_requested() {
assert!(parsed["markers"].is_array()); assert!(parsed["markers"].is_array());
} }
#[test]
fn resumed_version_command_emits_structured_json() {
let temp_dir = unique_temp_dir("resume-version-json");
fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl");
workspace_session(&temp_dir)
.save_to_path(&session_path)
.expect("session should persist");
let output = run_claw(
&temp_dir,
&[
"--output-format",
"json",
"--resume",
session_path.to_str().expect("utf8 path"),
"/version",
],
);
assert!(
output.status.success(),
"stderr:\n{}",
String::from_utf8_lossy(&output.stderr)
);
let stdout = String::from_utf8(output.stdout).expect("utf8");
let parsed: Value = serde_json::from_str(stdout.trim()).expect("should be json");
assert_eq!(parsed["kind"], "version");
assert!(parsed["version"].as_str().is_some());
assert!(parsed["git_sha"].as_str().is_some());
assert!(parsed["target"].as_str().is_some());
}
#[test]
fn resumed_export_command_emits_structured_json() {
let temp_dir = unique_temp_dir("resume-export-json");
fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl");
let mut session = workspace_session(&temp_dir);
session
.push_user_text("export json fixture")
.expect("write ok");
session.save_to_path(&session_path).expect("persist ok");
let output = run_claw(
&temp_dir,
&[
"--output-format",
"json",
"--resume",
session_path.to_str().expect("utf8 path"),
"/export",
],
);
assert!(
output.status.success(),
"stderr:\n{}",
String::from_utf8_lossy(&output.stderr)
);
let stdout = String::from_utf8(output.stdout).expect("utf8");
let parsed: Value = serde_json::from_str(stdout.trim()).expect("should be json");
assert_eq!(parsed["kind"], "export");
assert!(parsed["file"].as_str().is_some());
assert_eq!(parsed["message_count"], 1);
}
#[test]
fn resumed_help_command_emits_structured_json() {
let temp_dir = unique_temp_dir("resume-help-json");
fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl");
workspace_session(&temp_dir)
.save_to_path(&session_path)
.expect("persist ok");
let output = run_claw(
&temp_dir,
&[
"--output-format",
"json",
"--resume",
session_path.to_str().expect("utf8 path"),
"/help",
],
);
assert!(
output.status.success(),
"stderr:\n{}",
String::from_utf8_lossy(&output.stderr)
);
let stdout = String::from_utf8(output.stdout).expect("utf8");
let parsed: Value = serde_json::from_str(stdout.trim()).expect("should be json");
assert_eq!(parsed["kind"], "help");
assert!(parsed["text"].as_str().is_some());
let text = parsed["text"].as_str().unwrap();
assert!(text.contains("/status"), "help text should list /status");
}
#[test]
fn resumed_no_command_emits_restored_json() {
let temp_dir = unique_temp_dir("resume-no-cmd-json");
fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl");
let mut session = workspace_session(&temp_dir);
session
.push_user_text("restored json fixture")
.expect("write ok");
session.save_to_path(&session_path).expect("persist ok");
let output = run_claw(
&temp_dir,
&[
"--output-format",
"json",
"--resume",
session_path.to_str().expect("utf8 path"),
],
);
assert!(
output.status.success(),
"stderr:\n{}",
String::from_utf8_lossy(&output.stderr)
);
let stdout = String::from_utf8(output.stdout).expect("utf8");
let parsed: Value = serde_json::from_str(stdout.trim()).expect("should be json");
assert_eq!(parsed["kind"], "restored");
assert!(parsed["session_id"].as_str().is_some());
assert!(parsed["path"].as_str().is_some());
assert_eq!(parsed["message_count"], 1);
}
#[test]
fn resumed_stub_command_emits_not_implemented_json() {
let temp_dir = unique_temp_dir("resume-stub-json");
fs::create_dir_all(&temp_dir).expect("temp dir should exist");
let session_path = temp_dir.join("session.jsonl");
workspace_session(&temp_dir)
.save_to_path(&session_path)
.expect("persist ok");
let output = run_claw(
&temp_dir,
&[
"--output-format",
"json",
"--resume",
session_path.to_str().expect("utf8 path"),
"/allowed-tools",
],
);
// Stub commands exit with code 2
assert!(!output.status.success());
let stderr = String::from_utf8(output.stderr).expect("utf8");
let parsed: Value = serde_json::from_str(stderr.trim()).expect("should be json");
assert_eq!(parsed["type"], "error");
assert!(
parsed["error"]
.as_str()
.unwrap()
.contains("not yet implemented"),
"error should say not yet implemented: {:?}",
parsed["error"]
);
}
fn run_claw(current_dir: &Path, args: &[&str]) -> Output { fn run_claw(current_dir: &Path, args: &[&str]) -> Output {
run_claw_with_env(current_dir, args, &[]) run_claw_with_env(current_dir, args, &[])
} }
fn workspace_session(root: &Path) -> Session {
Session::new().with_workspace_root(root.to_path_buf())
}
fn run_claw_with_env(current_dir: &Path, args: &[&str], envs: &[(&str, &str)]) -> Output { fn run_claw_with_env(current_dir: &Path, args: &[&str], envs: &[(&str, &str)]) -> Output {
let mut command = Command::new(env!("CARGO_BIN_EXE_claw")); let mut command = Command::new(env!("CARGO_BIN_EXE_claw"));
command.current_dir(current_dir).args(args); command.current_dir(current_dir).args(args);

1164
rust/crates/tools/src/lib.rs
View File

File diff suppressed because it is too large Load Diff