@pugi/cli 0.1.0-beta.93 → 0.1.0-beta.95

package/dist/runtime/stream-renderer.js

@@ -0,0 +1,195 @@
+/**
+ * Streaming event renderer (Trust Sprint item 5).
+ *
+ * Subscribes to the engine adapter's `streamEmitter` and writes
+ * human-readable progress lines to stderr while the dispatch is in
+ * flight. Solves Codex dogfood 2026-06-04 finding: `pugi
+ * code/fix/build/plan` were silent until the full dispatch
+ * completed, which produced an empty terminal for 20-30s and made
+ * customers think the CLI had hung.
+ *
+ * Design constraints:
+ *
+ *   1. STDERR ONLY. The CLI's machine-readable contract is "JSON on
+ *      stdout, prose on stderr". Streaming on stdout would break the
+ *      JSON envelope for `pugi code --json`.
+ *
+ *   2. No engine modifications. We attach a listener to the existing
+ *      `streamEmitter` that the engine already emits to (used by the
+ *      headless mode). The engine adapter file is owned by the other
+ *      agent on PUGI-VERIFY-GATE and intentionally NOT touched here.
+ *
+ *   3. TTY-only by default. CI / pipes / JSON consumers get a clean
+ *      stream. Explicit `--stream` overrides to force progress lines
+ *      on; `--no-stream` overrides off.
+ *
+ *   4. Compact. One line per tool call (start) and one line per
+ *      finish. Text deltas are aggregated to a single "thinking..."
+ *      pulse so we don't paint the terminal with token-level noise.
+ */
+/**
+ * Decide whether to enable the streaming renderer.
+ *
+ *   - explicit=true  → ON regardless of TTY.
+ *   - explicit=false → OFF regardless of TTY.
+ *   - explicit=null  → ON when stderr is a TTY, OFF otherwise.
+ *
+ * Centralised so the CLI dispatcher and tests share one rule.
+ */
+export function shouldStream(opts) {
+    if (opts.explicit === true)
+        return true;
+    if (opts.explicit === false)
+        return false;
+    return opts.isTty;
+}
+/**
+ * Attach a stderr-based event renderer to the engine emitter.
+ *
+ * Returns a handle whose `enabled` field is true when the renderer
+ * actually attached. When disabled (non-TTY or explicit-off) the
+ * returned handle is a no-op so callers don't need to branch.
+ */
+export function attachStreamRenderer(emitter, opts) {
+    const enabled = shouldStream({ isTty: opts.isTty, explicit: opts.explicit });
+    if (!enabled) {
+        return { enabled: false, detach: () => { } };
+    }
+    const write = opts.write ?? ((line) => process.stderr.write(line));
+    // Aggregate text deltas so we don't paint a line per token. We
+    // print one "thinking..." pulse every ~500ms while text is
+    // streaming so the operator sees the loop is alive without a wall
+    // of partial sentences.
+    let pendingTextChars = 0;
+    let lastTextPulseAt = 0;
+    // Aggregate thinking deltas the same way. Separate budget so a
+    // chatty reasoning trace doesn't blow out the visible-text counter.
+    let pendingThinkingChars = 0;
+    let lastThinkingPulseAt = 0;
+    // Cache the running tool calls so the "end" line can report a
+    // duration without forcing the producer to round-trip the start
+    // timestamp through the discriminated union.
+    const toolStartedAt = new Map();
+    const handler = (event) => {
+        switch (event.type) {
+            case 'status': {
+                // Only surface the high-signal status frames. Turn-boundary
+                // frames are noise for a live operator; the tool-level lines
+                // already tell them what's happening. Dispatch start /
+                // budget / abort frames are worth one line each.
+                const msg = event.message;
+                if (msg.startsWith('dispatch_start') ||
+                    msg.startsWith('budget') ||
+                    msg.startsWith('aborted') ||
+                    msg.startsWith('cancelled')) {
+                    write(`pugi: ${msg}\n`);
+                }
+                return;
+            }
+            case 'tool.start': {
+                toolStartedAt.set(event.callId, Date.now());
+                const argsBrief = briefArgs(event.arguments);
+                write(`pugi: tool ${event.name}(${argsBrief}) running\n`);
+                return;
+            }
+            case 'tool.end': {
+                const startedAt = toolStartedAt.get(event.callId);
+                toolStartedAt.delete(event.callId);
+                const ms = startedAt ? Date.now() - startedAt : null;
+                const glyph = event.ok ? 'ok' : 'fail';
+                const summary = (event.summary ?? '').slice(0, 80).replace(/\s+/g, ' ').trim();
+                const tail = ms !== null ? ` (${ms}ms)` : '';
+                write(`pugi: tool ${glyph}${tail}${summary ? `: ${summary}` : ''}\n`);
+                return;
+            }
+            case 'tool.delta': {
+                // Most bash tools emit a single delta with the entire stdout
+                // tail. We surface the first non-empty chunk only, capped to
+                // a single line, so the operator gets a peek without
+                // flooding.
+                const chunk = (event.chunk ?? '').replace(/\s+/g, ' ').trim();
+                if (chunk.length === 0)
+                    return;
+                const oneLine = chunk.slice(0, 80);
+                write(`pugi:   stdout: ${oneLine}\n`);
+                return;
+            }
+            case 'text.delta': {
+                pendingTextChars += (event.chunk ?? '').length;
+                const now = Date.now();
+                if (now - lastTextPulseAt >= 500 && pendingTextChars >= 40) {
+                    lastTextPulseAt = now;
+                    pendingTextChars = 0;
+                    write(`pugi: writing reply...\n`);
+                }
+                return;
+            }
+            case 'thinking.start':
+                write(`pugi: thinking...\n`);
+                lastThinkingPulseAt = Date.now();
+                return;
+            case 'thinking.delta': {
+                pendingThinkingChars += (event.chunk ?? '').length;
+                const now = Date.now();
+                if (now - lastThinkingPulseAt >= 1500 && pendingThinkingChars >= 80) {
+                    lastThinkingPulseAt = now;
+                    pendingThinkingChars = 0;
+                    write(`pugi: still thinking...\n`);
+                }
+                return;
+            }
+            case 'thinking.end':
+                // Quiet — text.delta will pick up the visible answer next.
+                return;
+            default:
+                return;
+        }
+    };
+    emitter.on('event', handler);
+    return {
+        enabled: true,
+        detach: () => {
+            emitter.off('event', handler);
+        },
+    };
+}
+/**
+ * Render a tool's JSON-serialised arguments to a single-line brief.
+ * Keep this very cheap — runs on every tool.start event.
+ */
+function briefArgs(serialised) {
+    if (!serialised || serialised === '{}')
+        return '';
+    try {
+        const parsed = JSON.parse(serialised);
+        // Prioritise the most signal-bearing field name for known tools.
+        const path = pickStringField(parsed, ['path', 'file', 'file_path', 'target', 'cwd']);
+        if (path)
+            return path.slice(0, 60);
+        const command = pickStringField(parsed, ['command', 'cmd', 'query', 'pattern']);
+        if (command)
+            return command.slice(0, 60);
+        // Fallback — surface the first scalar field so we surface
+        // something rather than an empty string.
+        for (const [, value] of Object.entries(parsed)) {
+            if (typeof value === 'string')
+                return value.slice(0, 60);
+            if (typeof value === 'number' || typeof value === 'boolean') {
+                return String(value);
+            }
+        }
+        return '';
+    }
+    catch {
+        return serialised.slice(0, 60);
+    }
+}
+function pickStringField(obj, keys) {
+    for (const key of keys) {
+        const value = obj[key];
+        if (typeof value === 'string' && value.length > 0)
+            return value;
+    }
+    return null;
+}
+//# sourceMappingURL=stream-renderer.js.map

package/dist/runtime/version.js

@@ -44,7 +44,7 @@ export function sanitizeSemver(raw) {
  * during import). When bumping the CLI version BOTH literals must be
  * updated; the release smoke-test (`pack:smoke`) verifies they agree.
  */
-export const PUGI_CLI_VERSION = sanitizeSemver('0.1.0-beta.93');
+export const PUGI_CLI_VERSION = sanitizeSemver('0.1.0-beta.95');
 /**
  * Outbound: the CLI's installed semver. Read at request time by
  * `version-interceptor.ts` and injected on every `fetch` call.

package/dist/tui/agent-tree.js

@@ -33,6 +33,12 @@ function statusGlyph(status) {
         // anti-pattern (memory feedback_no_fake_dispatch_promises).
         case 'replied':
             return '→';
+        // `unverified` (PUGI-538c-FU-OUTCOME) — files landed on disk but
+        // the verify-gate did not certify the run (no test command in
+        // the workspace). Tilde glyph reads as "approximately done"
+        // without claiming the verified-shipped guarantee.
+        case 'unverified':
+            return '~';
         case 'blocked':
             return '✗';
         case 'failed':
@@ -50,6 +56,11 @@ function statusColor(status) {
         // Dim/grey-ish — succeeded technically but no work was shipped.
         case 'replied':
             return 'gray';
+        // Yellow — work landed but the verify-gate could not certify it.
+        // Same hue as `blocked` because both are "advisory, not green";
+        // the glyph distinguishes them (`~` vs `✗`).
+        case 'unverified':
+            return 'yellow';
         case 'blocked':
             return 'yellow';
         case 'failed':

package/dist/tui/ask-user-question-chips.js

@@ -76,7 +76,7 @@ export const ASK_CHIPS_PREVIEW_CHAR_CAP = 5000;
  * `preview` field. The renderer uses this gate to switch к side-by-side
  * layout (vertical option list + preview pane). When false, the legacy
  * horizontal chip layout is preserved (zero regression for callers
- * shipping previewless payloads — PR #851 contract intact).
+ * shipping previewless payloads —  contract intact).
  */
 export function hasAnyPreview(questions) {
     return questions.some((q) => q.options.some((opt) => typeof opt.preview === 'string' && opt.preview.length > 0));

package/dist/tui/multi-file-diff-approval.js

@@ -192,7 +192,7 @@ function buildResult(entries, verdicts, cancelled) {
     };
 }
 export function MultiFileDiffApproval(props) {
-    // FIX (PR #876 triple-review): the previous `useMemo(() => props.entries,
+    // FIX ( triple-review): the previous `useMemo(() => props.entries,
     // [props.entries])` was a no-op — it returned the same reference it
     // depended on, so the memo never produced a stable identity gain. We
     // reference `props.entries` directly now; downstream useEffect /
@@ -202,7 +202,7 @@ export function MultiFileDiffApproval(props) {
     const [cursor, setCursor] = useState(0);
     const [verdicts, setVerdicts] = useState(() => entries.map(() => 'pending'));
     const [scrollOffset, setScrollOffset] = useState(0);
-    // FIX (PR #876 triple-review, P1): the lazy useState initialiser
+    // FIX ( triple-review, P1): the lazy useState initialiser
     // captures `entries.length` ONCE at mount. If the caller swaps in
     // a different entries array (length mismatch), the verdicts vector
     // would drift — `setVerdictAt` could index out of range or
@@ -222,7 +222,7 @@ export function MultiFileDiffApproval(props) {
             return Math.min(c, entries.length - 1);
         });
     }, [entries.length, entries]);
-    // FIX (PR #876 triple-review, P1): `commit()` is called from inside
+    // FIX ( triple-review, P1): `commit()` is called from inside
     // the useInput closure, which captures the `verdicts` value at the
     // render time the closure was created. With rapid keypresses (e.g.
     // `a` then Enter on the same React tick), React has scheduled the

package/dist/tui/repl-render.js

@@ -27,9 +27,11 @@ import { ThemeProvider } from '../core/theme/context.js';
 import { resolveTheme } from '../core/theme/state.js';
 import { ReplSession, } from '../core/repl/session.js';
 import { resolveWorkspaceContext } from '../core/repl/workspace-context.js';
+import { createEngineBridge } from '../core/repl/engine-bridge.js';
 import { SqliteSessionStore } from '../core/repl/store/index.js';
 import { slugForCwd } from '../core/repl/history.js';
 import { loadSettings } from '../core/settings.js';
+import { buildRuntimeConfig } from '@pugi/sdk';
 import { WorkingSet, buildRepoSkeleton, loadPugiIgnore, PugiWatcher, } from '../core/context/index.js';
 /**
  * Mount the REPL and resolve when the user exits via Ctrl+C × 2 or
@@ -136,12 +138,52 @@ export async function renderRepl(options) {
         cwd: process.cwd(),
         env: process.env,
     });
+    // PUGI-538c () -- wire the production engine bridge so
+    // `<pugi-tool-route>` envelopes emitted by Pugi's coordinator
+    // actually drive a local `NativePugiEngineAdapter` run instead of
+    // surfacing "Engine bridge not configured" on the system line. The
+    // factory closure resolves `cwd` per invocation so an operator who
+    // `cd`-ed mid-session writes files into the new directory (matches
+    // `pugi code` direct-path behaviour).
+    //
+    // The bridge runtime config reuses the REPL transport credentials so
+    // a single token authenticates both the coordinator brief (via
+    // admin-api /api/pugi/sessions) AND the bridged engine call (via
+    // /api/pugi/engine). No new credential surface, no double login.
+    //
+    // Fail-safe construction: `buildRuntimeConfig` validates apiUrl via
+    // `z.string().url()` and throws on a malformed value. We must not
+    // crash REPL launch on that path -- every other bootstrap step in
+    // this file (auto-init, openLocalStore, bootstrapContext, watcher)
+    // is fail-safe. On construction failure we surface a one-line stderr
+    // diagnostic under PUGI_DEBUG=1 and pass `engineBridge: undefined`
+    // so the REPL launches; the operator sees the legacy "Engine bridge
+    // not configured" system line on the first routed brief, which is
+    // the same UX as a pre-PUGI-538c CLI build.
+    let engineBridge;
+    try {
+        engineBridge = createEngineBridge({
+            config: buildRuntimeConfig({
+                apiUrl: options.apiUrl,
+                apiKey: options.apiKey,
+            }),
+            cwd: () => process.cwd(),
+        });
+    }
+    catch (err) {
+        if (process.env.PUGI_DEBUG === '1') {
+            const msg = err instanceof Error ? err.message : String(err);
+            process.stderr.write(`[pugi-debug] engine bridge bootstrap failed: ${msg}\n`);
+        }
+        engineBridge = undefined;
+    }
     const session = new ReplSession({
         apiUrl: options.apiUrl,
         apiKey: options.apiKey,
         workspaceLabel: options.workspaceLabel,
         cliVersion: options.cliVersion,
         transport,
+        ...(engineBridge !== undefined ? { engineBridge } : {}),
         workspace,
         cyberZoo,
         store,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pugi/cli",
-  "version": "0.1.0-beta.93",
+  "version": "0.1.0-beta.95",
   "description": "Pugi CLI - terminal-native software execution system",
   "homepage": "https://pugi.io",
   "repository": {
@@ -63,7 +63,7 @@
     "which": "^6.0.0",
     "zod": "^3.23.0",
     "@pugi/personas": "0.1.2",
-    "@pugi/sdk": "0.1.0-beta.93"
+    "@pugi/sdk": "0.1.0-beta.95"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",