npm - @victor-software-house/pi-acp - Versions diffs - 0.17.0 → 0.17.1 - Mend

@victor-software-house/pi-acp 0.17.0 → 0.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +17 -2
package/dist/{daemon-CTINLJUp.mjs → daemon-DTmhT4aC.mjs} +30 -11
package/dist/daemon-DTmhT4aC.mjs.map +1 -0
package/dist/index.mjs +1 -1
package/package.json +1 -1
package/dist/daemon-CTINLJUp.mjs.map +0 -1

package/README.md CHANGED Viewed

@@ -62,6 +62,11 @@ Active development. ACP compliance is improving steadily. Development is centere
   - `local` (default) / `overlay` — ACP `params.cwd` used as session cwd; manifest roots compose
   - `none` — pi-acp mints an ephemeral tmpdir under `os.tmpdir()/pi-acp-session-*`, cleaned up at session dispose. For one-shot Q&A sessions that shouldn't pollute any project directory.
 - **ACP-FS `read` delegation** (PRD-002 §FR-6) — When the client advertises `clientCapabilities.fs.readTextFile`, pi-acp routes pi's built-in `read` tool through `connection.fs.readTextFile` instead of local disk. Lets Zed Remote read the actual remote workspace files (the ones the user is editing) while pi runs locally.
+- **ACP terminal delegation** (PRD-002 §FR-6.5) — When the client advertises `clientCapabilities.terminal`, pi-acp overrides pi's built-in `bash` tool with an ACP `createTerminal`-backed implementation. Commands run on the client's machine via `terminal/*` lifecycle, so Zed Remote workflows execute `bash` on the remote workspace where the user actually edits. Pairs with `read` delegation so the full read/bash pair lands consistently remote.
+- **ACP provider config** — `agentCapabilities.providers = {}` advertises `providers/list`, `providers/set`, `providers/disable`. Soft-disable on top of pi's `unregisterProvider`. Per-process; no `models.json` writer.
+- **ACP logout** — `agentCapabilities.auth.logout = {}` advertises `logout`. Clears every provider's credentials from the shared `AuthStorage` in one call.
+- **ACP session delete** — implemented but DISABLED by default (see Limitations). Direct invocation returns `methodNotFound`; capability not advertised. Flip `PiAcpAgent.SESSION_DELETE_ENABLED` to enable.
+- **ACP `extMethod` / `extNotification`** — dispatcher under the `pi-acp/` namespace. Built-ins: `pi-acp/ping`, `pi-acp/runtime-info`.
 ## Resource composition (`.pi-acp.yaml`)
@@ -208,7 +213,7 @@ bun run dev          # run from src
 bun run build        # tsdown -> dist/index.mjs
 bun run typecheck    # tsc --noEmit
 bun run lint         # biome + oxlint
-bun test             # 277 tests
+bun test             # 308 tests
 ```
 Project layout:
@@ -249,7 +254,17 @@ test/
 - **`agent_plan`** -- plan updates not emitted before tool execution. pi has no equivalent planning surface.
 - **ACP filesystem `write` delegation** (`fs/write_text_file`) -- pi writes locally. Not advertised. `fs/read_text_file` IS routed through ACP when the client advertises the capability (see Features → ACP-FS `read` delegation).
-- **ACP terminal delegation** (`terminal/*`) -- pi executes commands locally. Not advertised.
+- **ACP terminal delegation** (`terminal/*`) -- DELEGATED. When the client advertises `clientCapabilities.terminal`, pi-acp overrides pi's built-in `bash` tool with an ACP `createTerminal`-backed implementation so commands run on the client's machine (Zed Remote routes `terminal/*` to the remote workspace). See Features → ACP terminal delegation.
+### ACP optional methods implemented (substrate completion at v0.16.0+)
+- **`providers/list` / `providers/set` / `providers/disable`** -- advertised via `agentCapabilities.providers = {}`. Operates on every live `ModelRegistry`. Soft-disable is layered on top of pi's destructive `unregisterProvider`. Mutations are per-process (no models.json writer in pi).
+- **`logout`** -- advertised via `agentCapabilities.auth.logout = {}`. Clears every provider's credentials from the shared AuthStorage. Sessions stay live; subsequent prompts may surface `auth_required`.
+- **`extMethod` / `extNotification`** -- dispatcher under the `pi-acp/` method-name namespace. Built-in handlers: `pi-acp/ping`, `pi-acp/runtime-info`. Unknown methods → `methodNotFound`.
+### Implemented but DISABLED by default
+- **`session/delete`** -- the implementation (release-from-daemon → `fs.rmSync` → cache purge) is in place, but the capability is NOT advertised in `initialize()` and direct invocations return `methodNotFound`. Gated behind `PiAcpAgent.SESSION_DELETE_ENABLED = false`. Rationale: ACP `session/delete` takes a single sessionId, has no confirmation surface, no trash, no recovery — easy to misfire from a UI button or a mistaken script. Re-enable only after a client-layer confirmation flow exists.
 ### Design decisions

package/dist/{daemon-CTINLJUp.mjs → daemon-DTmhT4aC.mjs} RENAMED Viewed

@@ -2195,7 +2195,7 @@ var SshBackend = class {
 //#endregion
 //#region package.json
 var name = "@victor-software-house/pi-acp";
-var version = "0.17.0";
+var version = "0.17.1";
 //#endregion
 //#region src/acp/agent.ts
 /** Builtin ACP slash commands handled directly by the adapter. */
@@ -2275,7 +2275,7 @@ function truncateSessionTitle(text) {
 	if (oneLine.length <= SESSION_TITLE_MAX) return oneLine;
 	return `${oneLine.slice(0, SESSION_TITLE_MAX - 1)}…`;
 }
-var PiAcpAgent = class {
+var PiAcpAgent = class PiAcpAgent {
 	conn;
 	sessions = new SessionManager$1();
 	/** Cache of sessionId → file path, populated by listSessions and newSession. */
@@ -2299,6 +2299,19 @@ var PiAcpAgent = class {
 	* report `current: null` per ACP spec even after disable.
 	*/
 	disabledProviders = /* @__PURE__ */ new Set();
+	/**
+	* Master toggle for `session/delete` advertisement + method body.
+	*
+	* Disabled by default: the method irreversibly removes a session file
+	* via fs.rmSync, and ACP clients invoke it with a single sessionId arg
+	* — no confirmation surface, no trash. Easy to misfire from a UI or
+	* an extension. Re-enable only when a confirmation flow exists at the
+	* client layer or when the operator opts in via configuration.
+	*
+	* The implementation (release-from-daemon → fs.rmSync → cache purge)
+	* is kept intact so re-enabling is a one-line flip plus a re-advertise.
+	*/
+	static SESSION_DELETE_ENABLED = false;
 	dispose() {
 		if (this.daemonContext !== void 0) {
 			const registry = this.daemonContext.sessionRegistry;
@@ -2567,7 +2580,7 @@ var PiAcpAgent = class {
 					close: {},
 					resume: {},
 					fork: {},
-					delete: {}
+					...PiAcpAgent.SESSION_DELETE_ENABLED ? { delete: {} } : {}
 				},
 				providers: {}
 			}
@@ -2944,21 +2957,27 @@ var PiAcpAgent = class {
 	/**
 	* Deletes a session's on-disk file + releases any live state.
 	*
-	* Pi's SessionManager exposes no `delete()` method (verified against
-	* session-manager.d.ts) — sessions are append-only JSONL files. We
-	* unlink the file directly via `fs.rmSync`. `resolveSessionFile`
-	* sources paths from `PiSessionManager.listAll`, so the unlinked path
-	* is always inside `~/.pi/agent/sessions/...`.
+	* DISABLED by default via `PiAcpAgent.SESSION_DELETE_ENABLED = false`.
+	* The capability is not advertised in initialize() and any direct call
+	* is refused with `methodNotFound`. Rationale: ACP `session/delete`
+	* carries only a sessionId — no confirmation surface, no trash, no
+	* recovery. Easy to misfire from a UI button or a mistaken script,
+	* and the consequence is permanent loss of session history.
+	*
+	* When enabled: Pi's SessionManager exposes no `delete()` method
+	* (verified against session-manager.d.ts) — sessions are append-only
+	* JSONL files. We unlink the file directly via `fs.rmSync`.
+	* `resolveSessionFile` sources paths from `PiSessionManager.listAll`,
+	* so the unlinked path is always inside `~/.pi/agent/sessions/...`.
 	*
 	* Refuses to delete sessions owned by ANOTHER connection in the daemon
 	* registry — security boundary: clients may only delete sessions they
 	* own or sessions that are not currently live. Always releases the
 	* daemon registry entry first so the live piSession is disposed
 	* cleanly before the file disappears.
-	*
-	* Gated by `sessionCapabilities.delete = {}` (advertised in initialize).
 	*/
 	async unstable_deleteSession(params) {
+		if (!PiAcpAgent.SESSION_DELETE_ENABLED) throw RequestError.methodNotFound("session/delete");
 		const sessionFile = await this.resolveSessionFile(params.sessionId);
 		if (sessionFile === null) throw RequestError.invalidParams(`Unknown sessionId: ${params.sessionId}`);
 		const live = this.daemonContext?.sessionRegistry.get(params.sessionId);
@@ -3717,4 +3736,4 @@ async function runDaemon() {
 //#endregion
 export { runDaemon };
-//# sourceMappingURL=daemon-CTINLJUp.mjs.map
+//# sourceMappingURL=daemon-DTmhT4aC.mjs.map