@pugi/cli 0.1.0-alpha.9 → 0.1.0-beta.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +33 -0
- package/THIRD_PARTY_NOTICES.md +40 -0
- package/assets/pugi-mascot.ansi +16 -0
- package/dist/commands/deploy.js +439 -0
- package/dist/core/agents/loader.js +104 -0
- package/dist/core/agents/registry.js +1 -1
- package/dist/core/consensus/anvil-fanout.js +276 -0
- package/dist/core/consensus/diff-capture.js +382 -0
- package/dist/core/consensus/rubric.js +233 -0
- package/dist/core/context/index.js +21 -0
- package/dist/core/context/pugiignore.js +316 -0
- package/dist/core/context/repo-skeleton.js +533 -0
- package/dist/core/context/watcher.js +342 -0
- package/dist/core/context/working-set.js +165 -0
- package/dist/core/edits/dispatch.js +185 -0
- package/dist/core/edits/index.js +15 -0
- package/dist/core/edits/layer-a-apply.js +217 -0
- package/dist/core/edits/layer-b-apply.js +211 -0
- package/dist/core/edits/layer-c-apply.js +160 -0
- package/dist/core/edits/layer-d-ast.js +29 -0
- package/dist/core/edits/marker-parser.js +401 -0
- package/dist/core/edits/security-gate.js +223 -0
- package/dist/core/edits/worktree.js +322 -0
- package/dist/core/engine/native-pugi.js +6 -1
- package/dist/core/engine/prompts.js +8 -0
- package/dist/core/engine/tool-bridge.js +33 -1
- package/dist/core/lsp/client.js +719 -0
- package/dist/core/repl/ask.js +512 -0
- package/dist/core/repl/cancellation.js +98 -0
- package/dist/core/repl/dispatch-fsm.js +220 -0
- package/dist/core/repl/privacy-banner.js +71 -0
- package/dist/core/repl/session.js +1908 -13
- package/dist/core/repl/slash-commands.js +92 -32
- package/dist/core/repl/store/index.js +12 -0
- package/dist/core/repl/store/jsonl-log.js +321 -0
- package/dist/core/repl/store/lockfile.js +155 -0
- package/dist/core/repl/store/session-store.js +792 -0
- package/dist/core/repl/store/types.js +44 -0
- package/dist/core/repl/store/uuid-v7.js +68 -0
- package/dist/core/repl/workspace-context.js +72 -1
- package/dist/core/skills/defaults.js +457 -0
- package/dist/core/skills/loader.js +454 -0
- package/dist/core/skills/sources.js +480 -0
- package/dist/core/skills/trust.js +172 -0
- package/dist/runtime/cli.js +998 -12
- package/dist/runtime/commands/agents.js +385 -0
- package/dist/runtime/commands/config.js +338 -8
- package/dist/runtime/commands/delegate.js +289 -0
- package/dist/runtime/commands/lsp.js +206 -0
- package/dist/runtime/commands/patch.js +128 -0
- package/dist/runtime/commands/review-consensus.js +399 -0
- package/dist/runtime/commands/roster.js +117 -0
- package/dist/runtime/commands/skills.js +401 -0
- package/dist/runtime/commands/worktree.js +177 -0
- package/dist/runtime/plan-decompose.js +531 -0
- package/dist/tools/apply-patch.js +495 -0
- package/dist/tools/file-tools.js +90 -0
- package/dist/tools/lsp-tools.js +189 -0
- package/dist/tools/registry.js +26 -0
- package/dist/tools/web-fetch.js +1 -1
- package/dist/tui/agent-tree-pane.js +9 -0
- package/dist/tui/ask-cli.js +52 -0
- package/dist/tui/ask-modal.js +211 -0
- package/dist/tui/conversation-pane.js +48 -3
- package/dist/tui/input-box.js +48 -5
- package/dist/tui/markdown-render.js +266 -0
- package/dist/tui/repl-render.js +319 -3
- package/dist/tui/repl-splash-mascot.js +130 -0
- package/dist/tui/repl-splash.js +7 -1
- package/dist/tui/repl.js +96 -12
- package/dist/tui/status-bar.js +63 -3
- package/dist/tui/tool-stream-pane.js +91 -0
- package/docs/examples/codegraph.mcp.json +10 -0
- package/package.json +14 -6
|
@@ -0,0 +1,155 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PID lockfile — Sprint α6.4 (PR-PUGI-CLI-SESSION-STORE).
|
|
3
|
+
*
|
|
4
|
+
* Prevents two REPL processes in the same project directory from
|
|
5
|
+
* writing to the same `session.db` concurrently. SQLite's WAL handles
|
|
6
|
+
* that case correctly at the page level, but the JSONL event log lives
|
|
7
|
+
* outside the SQL transaction — concurrent appends from two processes
|
|
8
|
+
* would interleave events. The lockfile is the higher-level mutex.
|
|
9
|
+
*
|
|
10
|
+
* Algorithm:
|
|
11
|
+
*
|
|
12
|
+
* 1. Try `O_CREAT | O_EXCL` open of `<dir>/session.lock`. Write the
|
|
13
|
+
* caller's PID + process start time as the body. If the open
|
|
14
|
+
* succeeds, we hold the lock; return.
|
|
15
|
+
* 2. If `EEXIST`, read the existing PID. Probe with `kill(pid, 0)`
|
|
16
|
+
* (signal 0 = "check liveness, do not deliver"). If the probe
|
|
17
|
+
* returns ESRCH, the holder is dead — unlink the stale lock and
|
|
18
|
+
* retry the exclusive create.
|
|
19
|
+
* 3. If the probe says the PID is alive, throw `SessionLockBusyError`
|
|
20
|
+
* so the caller surfaces a clean message to the operator.
|
|
21
|
+
*
|
|
22
|
+
* Why not `proper-lockfile`: pulling a 14kB dependency for a 60-line
|
|
23
|
+
* PID file is poor cost/benefit. The stale-detection loop is the only
|
|
24
|
+
* tricky part and we test it explicitly. The dependency would also
|
|
25
|
+
* pull `signal-exit` + `retry` transitively, raising the install
|
|
26
|
+
* footprint of the CLI bundle.
|
|
27
|
+
*
|
|
28
|
+
* Brand voice / privacy: the lockfile body is `{"pid":N,"createdAt":"…"}`
|
|
29
|
+
* — operator-readable if they `cat` the file, no secrets. Mode 0600 so
|
|
30
|
+
* other users on the box cannot read which PID is editing the store.
|
|
31
|
+
*/
|
|
32
|
+
import { closeSync, openSync, readFileSync, unlinkSync, writeSync, } from 'node:fs';
|
|
33
|
+
import { SessionLockBusyError } from './types.js';
|
|
34
|
+
/**
|
|
35
|
+
* Take an exclusive lock on `lockPath`. Throws `SessionLockBusyError`
|
|
36
|
+
* if a live process already holds the lock. `kill` is injectable for
|
|
37
|
+
* tests so the stale-detection branch is exercisable without spawning
|
|
38
|
+
* a real child process.
|
|
39
|
+
*/
|
|
40
|
+
export function takeLock(lockPath, options) {
|
|
41
|
+
const kill = options?.kill ?? ((pid, signal) => process.kill(pid, signal));
|
|
42
|
+
const now = options?.now ?? (() => new Date());
|
|
43
|
+
const body = { pid: process.pid, createdAt: now().toISOString() };
|
|
44
|
+
const serialized = JSON.stringify(body);
|
|
45
|
+
// First attempt: exclusive create. Retry once if the existing lock
|
|
46
|
+
// turns out to be stale (dead PID).
|
|
47
|
+
for (let attempt = 0; attempt < 2; attempt += 1) {
|
|
48
|
+
try {
|
|
49
|
+
const fd = openSync(lockPath, 'wx', 0o600);
|
|
50
|
+
try {
|
|
51
|
+
writeSync(fd, serialized);
|
|
52
|
+
}
|
|
53
|
+
finally {
|
|
54
|
+
closeSync(fd);
|
|
55
|
+
}
|
|
56
|
+
return { path: lockPath, release: () => releaseLock(lockPath, process.pid) };
|
|
57
|
+
}
|
|
58
|
+
catch (error) {
|
|
59
|
+
// EEXIST is the only branch that triggers stale-detection. Any
|
|
60
|
+
// other error (EACCES, ENOENT on parent, ENOSPC) propagates so
|
|
61
|
+
// the caller sees the real failure.
|
|
62
|
+
if (!isEexist(error)) {
|
|
63
|
+
throw error;
|
|
64
|
+
}
|
|
65
|
+
const holder = readLockBody(lockPath);
|
|
66
|
+
if (!holder) {
|
|
67
|
+
// Corrupt body — treat as stale and unlink.
|
|
68
|
+
tryUnlink(lockPath);
|
|
69
|
+
continue;
|
|
70
|
+
}
|
|
71
|
+
if (holder.pid === process.pid) {
|
|
72
|
+
// We already hold the lock (reentrant open from same process).
|
|
73
|
+
// Return a handle that is a no-op on release; the original
|
|
74
|
+
// owner's release will unlink.
|
|
75
|
+
return { path: lockPath, release: () => undefined };
|
|
76
|
+
}
|
|
77
|
+
if (isAlive(holder.pid, kill)) {
|
|
78
|
+
throw new SessionLockBusyError(holder.pid, lockPath);
|
|
79
|
+
}
|
|
80
|
+
// Stale lock — unlink and retry the exclusive create.
|
|
81
|
+
tryUnlink(lockPath);
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
// Two retries failed — the lock is contested by another process
|
|
85
|
+
// racing us. Surface as busy rather than spinning.
|
|
86
|
+
const holder = readLockBody(lockPath);
|
|
87
|
+
throw new SessionLockBusyError(holder?.pid ?? 0, lockPath);
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Read a lockfile body. Returns null when the file is missing,
|
|
91
|
+
* unreadable, or malformed. The store never throws from this path —
|
|
92
|
+
* the caller treats null as "stale, unlink and retry".
|
|
93
|
+
*/
|
|
94
|
+
export function readLockBody(lockPath) {
|
|
95
|
+
let raw;
|
|
96
|
+
try {
|
|
97
|
+
raw = readFileSync(lockPath, 'utf8');
|
|
98
|
+
}
|
|
99
|
+
catch {
|
|
100
|
+
return null;
|
|
101
|
+
}
|
|
102
|
+
try {
|
|
103
|
+
const parsed = JSON.parse(raw);
|
|
104
|
+
if (typeof parsed === 'object'
|
|
105
|
+
&& parsed !== null
|
|
106
|
+
&& typeof parsed.pid === 'number'
|
|
107
|
+
&& typeof parsed.createdAt === 'string') {
|
|
108
|
+
return parsed;
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
catch {
|
|
112
|
+
/* fall through */
|
|
113
|
+
}
|
|
114
|
+
return null;
|
|
115
|
+
}
|
|
116
|
+
function isAlive(pid, kill) {
|
|
117
|
+
if (!Number.isFinite(pid) || pid <= 0)
|
|
118
|
+
return false;
|
|
119
|
+
try {
|
|
120
|
+
kill(pid, 0);
|
|
121
|
+
return true;
|
|
122
|
+
}
|
|
123
|
+
catch (error) {
|
|
124
|
+
// ESRCH = no such process. Any other error (EPERM = process exists
|
|
125
|
+
// but we lack permission) means the process IS alive.
|
|
126
|
+
const code = error?.code;
|
|
127
|
+
if (code === 'ESRCH')
|
|
128
|
+
return false;
|
|
129
|
+
return true;
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
function releaseLock(lockPath, expectedPid) {
|
|
133
|
+
const holder = readLockBody(lockPath);
|
|
134
|
+
if (!holder)
|
|
135
|
+
return;
|
|
136
|
+
// Defence-in-depth: only unlink if we still own the lock. A future
|
|
137
|
+
// session may have taken over after our process died and was
|
|
138
|
+
// replaced — better to leave the new owner's file in place than to
|
|
139
|
+
// race-condition delete it.
|
|
140
|
+
if (holder.pid !== expectedPid)
|
|
141
|
+
return;
|
|
142
|
+
tryUnlink(lockPath);
|
|
143
|
+
}
|
|
144
|
+
function tryUnlink(path) {
|
|
145
|
+
try {
|
|
146
|
+
unlinkSync(path);
|
|
147
|
+
}
|
|
148
|
+
catch {
|
|
149
|
+
/* ignore — file may be gone already */
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
function isEexist(error) {
|
|
153
|
+
return error?.code === 'EEXIST';
|
|
154
|
+
}
|
|
155
|
+
//# sourceMappingURL=lockfile.js.map
|