pi-crew 0.1.49 → 0.2.0

package/src/runtime/result-extractor.ts

@@ -1,121 +1,121 @@
-/**
- * Structured Result Extractor — attempts to extract structured data from worker output.
- * Tries multiple extraction strategies before falling back to raw text.
- */
-export interface ExtractedResult {
-	/** Whether structured data was successfully extracted */
-	structured: boolean;
-	/** Parsed structured data (if structured=true) */
-	data: unknown;
-	/** Raw text output (always available) */
-	rawText: string;
-	/** Error message if extraction was attempted but failed */
-	error?: string;
-}
-
-/**
- * Extract structured result from raw worker output text.
- * Tries strategies in order: direct JSON, fenced JSON, key-value markers.
- */
-export function extractStructuredResult(raw: string, _schema?: Record<string, unknown>): ExtractedResult {
-	const trimmed = raw.trim();
-	if (!trimmed) {
-		return { structured: false, data: null, rawText: raw };
-	}
-
-	// Strategy 1: Direct JSON parse (entire output is JSON)
-	const directResult = tryDirectJson(trimmed);
-	if (directResult !== undefined) {
-		return { structured: true, data: directResult, rawText: raw };
-	}
-
-	// Strategy 2: Extract from ```json ... ``` fence
-	const fencedResult = tryFencedJson(trimmed);
-	if (fencedResult !== undefined) {
-		return { structured: true, data: fencedResult, rawText: raw };
-	}
-
-	// Strategy 3: Extract from markers like "RESULT:" or "OUTPUT:"
-	const markerResult = tryMarkerExtraction(trimmed);
-	if (markerResult !== undefined) {
-		return { structured: true, data: markerResult, rawText: raw };
-	}
-
-	return { structured: false, data: null, rawText: raw };
-}
-
-function tryDirectJson(text: string): unknown | undefined {
-	if (!text.startsWith("{") && !text.startsWith("[")) return undefined;
-	try {
-		return JSON.parse(text);
-	} catch {
-		return undefined;
-	}
-}
-
-function tryFencedJson(text: string): unknown | undefined {
-	const match = text.match(/```json\s*\n([\s\S]*?)\n\s*```/);
-	if (!match?.[1]) return undefined;
-	try {
-		return JSON.parse(match[1].trim());
-	} catch {
-		return undefined;
-	}
-}
-
-function tryMarkerExtraction(text: string): unknown | undefined {
-	// Try to find JSON after common markers
-	const markers = ["RESULT:", "OUTPUT:", "ANSWER:", "### Result\n", "## Output\n"];
-	for (const marker of markers) {
-		const idx = text.indexOf(marker);
-		if (idx === -1) continue;
-		const after = text.slice(idx + marker.length).trim();
-		// Try JSON parse on text after marker
-		if (after.startsWith("{") || after.startsWith("[")) {
-			try {
-				return JSON.parse(after);
-			} catch {
-				// Try to find just the JSON object/array
-				const jsonEnd = findMatchingBracket(after);
-				if (jsonEnd > 0) {
-					try {
-						return JSON.parse(after.slice(0, jsonEnd));
-					} catch {
-						continue;
-					}
-				}
-			}
-		}
-	}
-	return undefined;
-}
-
-function findMatchingBracket(text: string): number {
-	const openChar = text[0];
-	const closeChar = openChar === "{" ? "}" : "]";
-	let depth = 0;
-	let inString = false;
-	let escape = false;
-	for (let i = 0; i < text.length; i++) {
-		const ch = text[i];
-		if (escape) {
-			escape = false;
-			continue;
-		}
-		if (ch === "\\") {
-			escape = true;
-			continue;
-		}
-		if (ch === '"') {
-			inString = !inString;
-			continue;
-		}
-		if (inString) continue;
-		if (ch === openChar) depth++;
-		if (ch === closeChar) {
-			depth--;
-			if (depth === 0) return i + 1;
-		}
-	}
-	return -1;
-}
+/**
+ * Structured Result Extractor — attempts to extract structured data from worker output.
+ * Tries multiple extraction strategies before falling back to raw text.
+ */
+export interface ExtractedResult {
+	/** Whether structured data was successfully extracted */
+	structured: boolean;
+	/** Parsed structured data (if structured=true) */
+	data: unknown;
+	/** Raw text output (always available) */
+	rawText: string;
+	/** Error message if extraction was attempted but failed */
+	error?: string;
+}
+
+/**
+ * Extract structured result from raw worker output text.
+ * Tries strategies in order: direct JSON, fenced JSON, key-value markers.
+ */
+export function extractStructuredResult(raw: string, _schema?: Record<string, unknown>): ExtractedResult {
+	const trimmed = raw.trim();
+	if (!trimmed) {
+		return { structured: false, data: null, rawText: raw };
+	}
+
+	// Strategy 1: Direct JSON parse (entire output is JSON)
+	const directResult = tryDirectJson(trimmed);
+	if (directResult !== undefined) {
+		return { structured: true, data: directResult, rawText: raw };
+	}
+
+	// Strategy 2: Extract from ```json ... ``` fence
+	const fencedResult = tryFencedJson(trimmed);
+	if (fencedResult !== undefined) {
+		return { structured: true, data: fencedResult, rawText: raw };
+	}
+
+	// Strategy 3: Extract from markers like "RESULT:" or "OUTPUT:"
+	const markerResult = tryMarkerExtraction(trimmed);
+	if (markerResult !== undefined) {
+		return { structured: true, data: markerResult, rawText: raw };
+	}
+
+	return { structured: false, data: null, rawText: raw };
+}
+
+function tryDirectJson(text: string): unknown | undefined {
+	if (!text.startsWith("{") && !text.startsWith("[")) return undefined;
+	try {
+		return JSON.parse(text);
+	} catch {
+		return undefined;
+	}
+}
+
+function tryFencedJson(text: string): unknown | undefined {
+	const match = text.match(/```json\s*\n([\s\S]*?)\n\s*```/);
+	if (!match?.[1]) return undefined;
+	try {
+		return JSON.parse(match[1].trim());
+	} catch {
+		return undefined;
+	}
+}
+
+function tryMarkerExtraction(text: string): unknown | undefined {
+	// Try to find JSON after common markers
+	const markers = ["RESULT:", "OUTPUT:", "ANSWER:", "### Result\n", "## Output\n"];
+	for (const marker of markers) {
+		const idx = text.indexOf(marker);
+		if (idx === -1) continue;
+		const after = text.slice(idx + marker.length).trim();
+		// Try JSON parse on text after marker
+		if (after.startsWith("{") || after.startsWith("[")) {
+			try {
+				return JSON.parse(after);
+			} catch {
+				// Try to find just the JSON object/array
+				const jsonEnd = findMatchingBracket(after);
+				if (jsonEnd > 0) {
+					try {
+						return JSON.parse(after.slice(0, jsonEnd));
+					} catch {
+						continue;
+					}
+				}
+			}
+		}
+	}
+	return undefined;
+}
+
+function findMatchingBracket(text: string): number {
+	const openChar = text[0];
+	const closeChar = openChar === "{" ? "}" : "]";
+	let depth = 0;
+	let inString = false;
+	let escape = false;
+	for (let i = 0; i < text.length; i++) {
+		const ch = text[i];
+		if (escape) {
+			escape = false;
+			continue;
+		}
+		if (ch === "\\") {
+			escape = true;
+			continue;
+		}
+		if (ch === '"') {
+			inString = !inString;
+			continue;
+		}
+		if (inString) continue;
+		if (ch === openChar) depth++;
+		if (ch === closeChar) {
+			depth--;
+			if (depth === 0) return i + 1;
+		}
+	}
+	return -1;
+}

package/src/runtime/role-permission.ts

@@ -1,39 +1,39 @@
-export type RolePermissionMode = "read_only" | "workspace_write" | "danger_full_access" | "explicit_confirm";
-
-const READ_ONLY_ROLES = new Set(["explorer", "reviewer", "security-reviewer", "verifier", "analyst", "critic", "planner", "writer"]);
-const WRITE_ROLES = new Set(["executor", "test-engineer"]);
-const READ_ONLY_COMMANDS = new Set(["cat", "head", "tail", "less", "more", "wc", "ls", "find", "grep", "rg", "awk", "sed", "echo", "printf", "which", "where", "whoami", "pwd", "env", "printenv", "date", "df", "du", "uname", "file", "stat", "diff", "sort", "uniq", "tr", "cut", "paste", "test", "true", "false", "type", "readlink", "realpath", "basename", "dirname", "sha256sum", "md5sum", "xxd", "hexdump", "od", "strings", "tree", "jq", "git", "gh"]);
-
-export interface PermissionCheckResult {
-	allowed: boolean;
-	mode: RolePermissionMode;
-	reason?: string;
-}
-
-export function permissionForRole(role: string): RolePermissionMode {
-	if (READ_ONLY_ROLES.has(role)) return "read_only";
-	if (WRITE_ROLES.has(role)) return "workspace_write";
-	return "workspace_write";
-}
-
-export function isReadOnlyCommand(command: string): boolean {
-	const first = command.trim().split(/\s+/)[0]?.split(/[\\/]/).pop() ?? "";
-	return READ_ONLY_COMMANDS.has(first) && !/\s(-i|--in-place)\b|\s>{1,2}\s|\brm\b|\bmv\b|\bcp\b|\b(?:npm|pnpm|yarn|bun)\s+(install|add|ci|remove)\b|\bgit\s+(commit|push|merge|rebase|reset|checkout|clean)\b/.test(command);
-}
-
-export function checkRolePermission(role: string, command: string): PermissionCheckResult {
-	const mode = permissionForRole(role);
-	if (mode === "read_only" && !isReadOnlyCommand(command)) return { allowed: false, mode, reason: `Role '${role}' is read-only and command may modify state.` };
-	return { allowed: true, mode };
-}
-
-export function currentCrewRole(env: NodeJS.ProcessEnv = process.env): string | undefined {
-	return env.PI_CREW_ROLE?.trim() || env.PI_TEAMS_ROLE?.trim() || undefined;
-}
-
-export function checkSubagentSpawnPermission(role: string | undefined): PermissionCheckResult {
-	if (!role) return { allowed: true, mode: "workspace_write" };
-	const mode = permissionForRole(role);
-	if (mode === "read_only") return { allowed: false, mode, reason: `Role '${role}' is read-only and cannot spawn additional subagents.` };
-	return { allowed: true, mode };
-}
+export type RolePermissionMode = "read_only" | "workspace_write" | "danger_full_access" | "explicit_confirm";
+
+const READ_ONLY_ROLES = new Set(["explorer", "reviewer", "security-reviewer", "verifier", "analyst", "critic", "planner", "writer"]);
+const WRITE_ROLES = new Set(["executor", "test-engineer"]);
+const READ_ONLY_COMMANDS = new Set(["cat", "head", "tail", "less", "more", "wc", "ls", "find", "grep", "rg", "awk", "sed", "echo", "printf", "which", "where", "whoami", "pwd", "env", "printenv", "date", "df", "du", "uname", "file", "stat", "diff", "sort", "uniq", "tr", "cut", "paste", "test", "true", "false", "type", "readlink", "realpath", "basename", "dirname", "sha256sum", "md5sum", "xxd", "hexdump", "od", "strings", "tree", "jq", "git", "gh"]);
+
+export interface PermissionCheckResult {
+	allowed: boolean;
+	mode: RolePermissionMode;
+	reason?: string;
+}
+
+export function permissionForRole(role: string): RolePermissionMode {
+	if (READ_ONLY_ROLES.has(role)) return "read_only";
+	if (WRITE_ROLES.has(role)) return "workspace_write";
+	return "workspace_write";
+}
+
+export function isReadOnlyCommand(command: string): boolean {
+	const first = command.trim().split(/\s+/)[0]?.split(/[\\/]/).pop() ?? "";
+	return READ_ONLY_COMMANDS.has(first) && !/\s(-i|--in-place)\b|\s>{1,2}\s|\brm\b|\bmv\b|\bcp\b|\b(?:npm|pnpm|yarn|bun)\s+(install|add|ci|remove)\b|\bgit\s+(commit|push|merge|rebase|reset|checkout|clean)\b/.test(command);
+}
+
+export function checkRolePermission(role: string, command: string): PermissionCheckResult {
+	const mode = permissionForRole(role);
+	if (mode === "read_only" && !isReadOnlyCommand(command)) return { allowed: false, mode, reason: `Role '${role}' is read-only and command may modify state.` };
+	return { allowed: true, mode };
+}
+
+export function currentCrewRole(env: NodeJS.ProcessEnv = process.env): string | undefined {
+	return env.PI_CREW_ROLE?.trim() || env.PI_TEAMS_ROLE?.trim() || undefined;
+}
+
+export function checkSubagentSpawnPermission(role: string | undefined): PermissionCheckResult {
+	if (!role) return { allowed: true, mode: "workspace_write" };
+	const mode = permissionForRole(role);
+	if (mode === "read_only") return { allowed: false, mode, reason: `Role '${role}' is read-only and cannot spawn additional subagents.` };
+	return { allowed: true, mode };
+}

package/src/runtime/sensitive-paths.ts

@@ -12,10 +12,10 @@ import * as path from "node:path";
 
 /** Basenames that almost certainly hold secrets or PII */
 const SENSITIVE_BASENAMES = /\.(?:env|pem|key|p12|pfx|crt|cer|jks|keystore|asc|gpg)(?:\..+)?$/i;
-const SENSITIVE_EXACT = /^(?:\.env|\.netrc|\.npmrc|\.pypirc|credentials|secrets?|passwords?|id_(?:rsa|dsa|ecdsa|ed25519)(?:\.pub)?|authorized_keys|known_hosts)$/i;
+const SENSITIVE_EXACT = /^(?:\.env|\.netrc|\.npmrc|\.pypirc|credentials|secrets?|passwords?|id_(?:rsa|dsa|ecdsa|ed25519)(?:\.pub)?|authorized_keys|known_hosts|jwt\.json|session\.cookie|\.token)$/i;
 
 /** Path components that indicate sensitive directories */
-const SENSITIVE_DIRS = new Set([".ssh", ".aws", ".gnupg", ".kube", ".docker", ".config/gcloud"]);
+const SENSITIVE_DIRS = new Set([".ssh", ".aws", ".gnupg", ".kube", ".docker", ".config/gcloud", ".config/gh"]);
 
 /** Name tokens that suggest sensitive content */
 const SENSITIVE_TOKENS = ["secret", "credential", "password", "passwd", "apikey", "accesskey", "token", "privatekey"];
@@ -50,7 +50,7 @@ export function isSensitivePath(filePath: string): boolean {
 	// any token matches. For substring matching in the normalized form,
 	// we require the token to end at a segment boundary or string end.
 	// This matches 'secret', 'secrets' but NOT 'secretary'.
-	const words = lower.split(/[_\-\s.]+/).filter(Boolean);
+	const words = lower.split(/[_\-\s.\W]+/).filter(Boolean);
 	const normalized = lower.replace(/[_\-\s.]/g, "");
 	for (const token of SENSITIVE_TOKENS) {
 		// Check individual words — exact match or token is prefix and word is <= token+2 chars

package/src/runtime/session-resources.ts

@@ -1,25 +1,25 @@
-import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
-import { logInternalError } from "../utils/internal-error.ts";
-
-/**
- * Try to register a cleanup function with Pi's session resource cleanup API (v0.72+).
- * Falls back to returning undefined if the API is not available.
- *
- * The returned function (if defined) can be called to unregister the cleanup.
- */
-export function tryRegisterSessionCleanup(pi: ExtensionAPI, cleanup: () => void): (() => void) | undefined {
-	const api = pi as unknown as Record<string, unknown>;
-	const registerFn = api["registerSessionResourceCleanup"];
-	if (typeof registerFn === "function") {
-		try {
-			const unregister = (registerFn as (fn: () => void) => (() => void) | void)(cleanup);
-			if (typeof unregister === "function") return unregister;
-			// API returned void — cleanup is registered but cannot be unregistered
-			return undefined;
-		} catch (error) {
-			logInternalError("session-resources.register", error);
-			return undefined;
-		}
-	}
-	return undefined;
-}
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+import { logInternalError } from "../utils/internal-error.ts";
+
+/**
+ * Try to register a cleanup function with Pi's session resource cleanup API (v0.72+).
+ * Falls back to returning undefined if the API is not available.
+ *
+ * The returned function (if defined) can be called to unregister the cleanup.
+ */
+export function tryRegisterSessionCleanup(pi: ExtensionAPI, cleanup: () => void): (() => void) | undefined {
+	const api = pi as unknown as Record<string, unknown>;
+	const registerFn = api["registerSessionResourceCleanup"];
+	if (typeof registerFn === "function") {
+		try {
+			const unregister = (registerFn as (fn: () => void) => (() => void) | void)(cleanup);
+			if (typeof unregister === "function") return unregister;
+			// API returned void — cleanup is registered but cannot be unregistered
+			return undefined;
+		} catch (error) {
+			logInternalError("session-resources.register", error);
+			return undefined;
+		}
+	}
+	return undefined;
+}

package/src/runtime/session-snapshot.ts

@@ -1,59 +1,59 @@
-import type { TeamRunManifest, TeamTaskState } from "../state/types.ts";
-
-/**
- * Creates a lightweight snapshot of task state for event emission.
- * Prevents mutation-during-callback issues by copying relevant fields.
- */
-export function snapshotTaskState(task: TeamTaskState): Readonly<TeamTaskState> {
-	return {
-		...task,
-		dependsOn: [...task.dependsOn],
-		usage: task.usage ? { ...task.usage } : undefined,
-		agentProgress: task.agentProgress ? { ...task.agentProgress } : undefined,
-		heartbeat: task.heartbeat ? { ...task.heartbeat } : undefined,
-		modelAttempts: task.modelAttempts?.map((a) => ({ ...a })),
-		modelRouting: task.modelRouting ? { ...task.modelRouting } : undefined,
-		claim: task.claim ? { ...task.claim } : undefined,
-		checkpoint: task.checkpoint ? { ...task.checkpoint } : undefined,
-		attempts: task.attempts?.map((a) => ({ ...a })),
-		worktree: task.worktree ? { ...task.worktree } : undefined,
-	};
-}
-
-/**
- * Session state snapshot for persistence before session switches.
- * Captures the minimal set of data needed to resume operations.
- */
-export interface SessionStateSnapshot {
-	/** ISO timestamp of the snapshot */
-	capturedAt: string;
-	/** Active run IDs at time of snapshot */
-	activeRunIds: string[];
-	/** Number of pending deliveries */
-	pendingDeliveryCount: number;
-	/** Session generation counter */
-	sessionGeneration: number;
-	/** Summary of active tasks by status */
-	taskSummary: Record<string, number>;
-}
-
-/**
- * Create a session state snapshot for pre-switch persistence.
- */
-export function createSessionSnapshot(
-	activeRuns: TeamRunManifest[],
-	pendingDeliveryCount: number,
-	sessionGeneration: number,
-): SessionStateSnapshot {
-	const taskSummary: Record<string, number> = {};
-	for (const run of activeRuns) {
-		taskSummary[run.status] = (taskSummary[run.status] ?? 0) + 1;
-	}
-	return {
-		capturedAt: new Date().toISOString(),
-		activeRunIds: activeRuns.map((r) => r.runId),
-		pendingDeliveryCount,
-		sessionGeneration,
-		taskSummary,
-	};
-}
+import type { TeamRunManifest, TeamTaskState } from "../state/types.ts";
+
+/**
+ * Creates a lightweight snapshot of task state for event emission.
+ * Prevents mutation-during-callback issues by copying relevant fields.
+ */
+export function snapshotTaskState(task: TeamTaskState): Readonly<TeamTaskState> {
+	return {
+		...task,
+		dependsOn: [...task.dependsOn],
+		usage: task.usage ? { ...task.usage } : undefined,
+		agentProgress: task.agentProgress ? { ...task.agentProgress } : undefined,
+		heartbeat: task.heartbeat ? { ...task.heartbeat } : undefined,
+		modelAttempts: task.modelAttempts?.map((a) => ({ ...a })),
+		modelRouting: task.modelRouting ? { ...task.modelRouting } : undefined,
+		claim: task.claim ? { ...task.claim } : undefined,
+		checkpoint: task.checkpoint ? { ...task.checkpoint } : undefined,
+		attempts: task.attempts?.map((a) => ({ ...a })),
+		worktree: task.worktree ? { ...task.worktree } : undefined,
+	};
+}
+
+/**
+ * Session state snapshot for persistence before session switches.
+ * Captures the minimal set of data needed to resume operations.
+ */
+export interface SessionStateSnapshot {
+	/** ISO timestamp of the snapshot */
+	capturedAt: string;
+	/** Active run IDs at time of snapshot */
+	activeRunIds: string[];
+	/** Number of pending deliveries */
+	pendingDeliveryCount: number;
+	/** Session generation counter */
+	sessionGeneration: number;
+	/** Summary of active tasks by status */
+	taskSummary: Record<string, number>;
+}
+
+/**
+ * Create a session state snapshot for pre-switch persistence.
+ */
+export function createSessionSnapshot(
+	activeRuns: TeamRunManifest[],
+	pendingDeliveryCount: number,
+	sessionGeneration: number,
+): SessionStateSnapshot {
+	const taskSummary: Record<string, number> = {};
+	for (const run of activeRuns) {
+		taskSummary[run.status] = (taskSummary[run.status] ?? 0) + 1;
+	}
+	return {
+		capturedAt: new Date().toISOString(),
+		activeRunIds: activeRuns.map((r) => r.runId),
+		pendingDeliveryCount,
+		sessionGeneration,
+		taskSummary,
+	};
+}