pi-crew 0.1.38 → 0.1.39

package/CHANGELOG.md

@@ -2,6 +2,14 @@
 
 ## Unreleased
 
+## 0.1.39
+
+### Fixed
+
+- Made CI test execution deterministic across Node 22/macOS/Linux/Windows by running Node test files sequentially to avoid cross-file environment races.
+- Fixed live-agent durable control symlink-file rejection to return an API error instead of throwing from the tool handler.
+- Tightened symlink artifact security assertions so tests check leaked file contents rather than safe metadata paths.
+
 ## 0.1.38
 
 ### Added

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pi-crew",
-  "version": "0.1.38",
+  "version": "0.1.39",
   "description": "Pi extension for coordinated AI teams, workflows, worktrees, and async task orchestration",
   "author": "baphuongna",
   "license": "MIT",
@@ -47,8 +47,8 @@
     "ci": "npm run typecheck && npm test && npm pack --dry-run",
     "typecheck": "tsc --noEmit && node --experimental-strip-types -e \"await import('./index.ts'); console.log('strip-types import ok')\"",
     "test": "npm run test:unit && npm run test:integration",
-    "test:unit": "node --experimental-strip-types --test --test-timeout=30000 test/unit/*.test.ts",
-    "test:integration": "node --experimental-strip-types --test --test-timeout=120000 test/integration/*.test.ts",
+    "test:unit": "node --experimental-strip-types --test --test-concurrency=1 --test-timeout=30000 test/unit/*.test.ts",
+    "test:integration": "node --experimental-strip-types --test --test-concurrency=1 --test-timeout=120000 test/integration/*.test.ts",
     "smoke:pi": "pi install ."
   },
   "exports": {

package/src/extension/import-index.ts

@@ -22,7 +22,7 @@ function readEntry(root: string, scope: "project" | "user", runId: string): Impo
 	let summaryPath: string;
 	try {
 		const entryRoot = resolveRealContainedPath(root, runId);
-		bundlePath = resolveRealContainedPath(root, path.join(entryRoot, "run-export.json"));
+		bundlePath = resolveRealContainedPath(root, path.join(runId, "run-export.json"));
 		summaryPath = path.join(entryRoot, "README.md");
 	} catch {
 		return undefined;

package/src/extension/team-tool/api.ts

@@ -133,8 +133,11 @@ export async function handleApi(params: TeamToolParamsValue, ctx: TeamContext):
 		const agent = agentId ? agents.find((item) => item.id === agentId || item.taskId === agentId) : agents[0];
 		if (!agent) return result("API read-agent-transcript requires config.agentId matching an agent id or task id, or at least one agent in the run.", { action: "api", status: "error", runId: loaded.manifest.runId }, true);
 		const artifactTranscriptPath = safeContainedPath(loaded.manifest.artifactsRoot, agent.transcriptPath);
-		const transcriptPath = artifactTranscriptPath ?? agentOutputPath(loaded.manifest, agent.taskId);
-		const text = artifactTranscriptPath ? safeReadContainedFile(loaded.manifest.artifactsRoot, artifactTranscriptPath) ?? "" : safeReadContainedFile(loaded.manifest.stateRoot, transcriptPath) ?? "";
+		const fallbackPath = agentOutputPath(loaded.manifest, agent.taskId);
+		const artifactText = artifactTranscriptPath ? safeReadContainedFile(loaded.manifest.artifactsRoot, artifactTranscriptPath) ?? "" : "";
+		const fallbackText = artifactText ? "" : safeReadContainedFile(loaded.manifest.stateRoot, fallbackPath) ?? "";
+		const transcriptPath = artifactText ? artifactTranscriptPath : fallbackPath;
+		const text = artifactText || fallbackText;
 		return result(text || `(no transcript at ${transcriptPath})`, { action: "api", status: "ok", runId: loaded.manifest.runId, artifactsRoot: loaded.manifest.artifactsRoot });
 	}
 	if (operation === "read-agent-output") {
@@ -191,11 +194,16 @@ export async function handleApi(params: TeamToolParamsValue, ctx: TeamContext):
 			const task = loaded.tasks.find((item) => item.id === agent.taskId);
 			if (!task) return result(`API ${operation} agent '${agentId}' does not match a run task.`, { action: "api", status: "error", runId: loaded.manifest.runId }, true);
 			if (operation === "resume-agent" && !prompt) return result("API resume-agent requires config.prompt or config.message.", { action: "api", status: "error", runId: loaded.manifest.runId }, true);
-			const request = appendLiveAgentControlRequest(loaded.manifest, { taskId: task.id, agentId: agent.id, operation: operation === "resume-agent" ? "resume" : operation === "steer-agent" ? "steer" : "stop", message: operation === "resume-agent" ? prompt : message });
-			publishLiveControlRealtime(request);
-			ctx.events?.emit?.("pi-crew:live-control", liveControlRealtimeMessage(request));
-			appendEvent(loaded.manifest.eventsPath, { type: "agent.control.queued", runId: loaded.manifest.runId, taskId: agent.taskId, message: `Queued ${request.operation} control request for live agent.`, data: { request, realtime: true } });
-			return result(JSON.stringify({ queued: true, request }, null, 2), { action: "api", status: "ok", runId: loaded.manifest.runId, artifactsRoot: loaded.manifest.artifactsRoot });
+			try {
+				const request = appendLiveAgentControlRequest(loaded.manifest, { taskId: task.id, agentId: agent.id, operation: operation === "resume-agent" ? "resume" : operation === "steer-agent" ? "steer" : "stop", message: operation === "resume-agent" ? prompt : message });
+				publishLiveControlRealtime(request);
+				ctx.events?.emit?.("pi-crew:live-control", liveControlRealtimeMessage(request));
+				appendEvent(loaded.manifest.eventsPath, { type: "agent.control.queued", runId: loaded.manifest.runId, taskId: agent.taskId, message: `Queued ${request.operation} control request for live agent.`, data: { request, realtime: true } });
+				return result(JSON.stringify({ queued: true, request }, null, 2), { action: "api", status: "ok", runId: loaded.manifest.runId, artifactsRoot: loaded.manifest.artifactsRoot });
+			} catch (queueError) {
+				const message = queueError instanceof Error ? queueError.message : String(queueError);
+				return result(message, { action: "api", status: "error", runId: loaded.manifest.runId }, true);
+			}
 		}
 	}
 	if (operation === "read-mailbox") {

package/src/extension/team-tool/doctor.ts

@@ -107,8 +107,8 @@ export function buildTeamDoctorReport(input: TeamDoctorReportInput): TeamDoctorR
 			const userWritable = checkWritableDir(userCrewRoot());
 			const projectWritable = checkWritableDir(projectCrewRoot(input.cwd));
 			return [
-				{ label: "user state", ok: userWritable.ok, detail: userWritable.detail },
-				{ label: "project state", ok: projectWritable.ok, detail: projectWritable.detail },
+				{ label: "user state", ok: userWritable.ok || userWritable.detail.endsWith(": missing"), detail: userWritable.detail },
+				{ label: "project state", ok: projectWritable.ok || projectWritable.detail.endsWith(": missing"), detail: projectWritable.detail },
 				{ label: "project state root", ok: true, detail: path.join(projectCrewRoot(input.cwd), DEFAULT_PATHS.state.runsSubdir) },
 				{ label: "artifacts root", ok: true, detail: path.join(projectCrewRoot(input.cwd), DEFAULT_PATHS.state.artifactsSubdir) },
 			];

package/src/runtime/manifest-cache.ts

@@ -58,13 +58,22 @@ function parseManifest(filePath: string): TeamRunManifest | undefined {
 	}
 }
 
+function sameFilesystemPath(left: string, right: string): boolean {
+	if (path.resolve(left) === path.resolve(right)) return true;
+	try {
+		return fs.realpathSync.native(left) === fs.realpathSync.native(right);
+	} catch {
+		return false;
+	}
+}
+
 function validateManifestForRoot(root: string, runId: string, manifest: TeamRunManifest): boolean {
 	try {
 		if (!isSafePathId(runId)) return false;
 		const stateRoot = resolveContainedRelativePath(root, runId, "runId");
 		const crewRoot = path.dirname(path.dirname(root));
 		const artifactsRoot = resolveContainedRelativePath(path.join(crewRoot, DEFAULT_PATHS.state.artifactsSubdir), runId, "runId");
-		if (manifest.runId !== runId || manifest.stateRoot !== stateRoot || manifest.tasksPath !== path.join(stateRoot, DEFAULT_PATHS.state.tasksFile) || manifest.eventsPath !== path.join(stateRoot, DEFAULT_PATHS.state.eventsFile) || manifest.artifactsRoot !== artifactsRoot) return false;
+		if (manifest.runId !== runId || !sameFilesystemPath(manifest.stateRoot, stateRoot) || !sameFilesystemPath(manifest.tasksPath, path.join(stateRoot, DEFAULT_PATHS.state.tasksFile)) || !sameFilesystemPath(manifest.eventsPath, path.join(stateRoot, DEFAULT_PATHS.state.eventsFile)) || !sameFilesystemPath(manifest.artifactsRoot, artifactsRoot)) return false;
 		if (fs.existsSync(artifactsRoot)) {
 			if (fs.lstatSync(artifactsRoot).isSymbolicLink()) return false;
 			resolveRealContainedPath(path.dirname(artifactsRoot), path.basename(artifactsRoot));

package/src/utils/paths.ts

@@ -29,14 +29,15 @@ export function findRepoRoot(cwd: string): string | undefined {
 	let current = path.resolve(cwd);
 	const root = path.parse(current).root;
 	const home = path.resolve(os.homedir());
+	const tempRoot = path.resolve(os.tmpdir());
 	while (current !== root) {
-		if (current === home) return undefined;
+		if (current === home || current === tempRoot) return undefined;
 		if (hasProjectMarker(current)) return current;
 		const parent = path.dirname(current);
 		if (parent === current) break;
 		current = parent;
 	}
-	if (current === home) return undefined;
+	if (current === home || current === tempRoot) return undefined;
 	if (hasProjectMarker(root)) return root;
 	return undefined;
 }