pi-crew 0.1.51 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (240) hide show
  1. package/CHANGELOG.md +56 -1
  2. package/README.md +176 -781
  3. package/agents/analyst.md +11 -11
  4. package/agents/critic.md +11 -11
  5. package/agents/executor.md +11 -11
  6. package/agents/explorer.md +11 -11
  7. package/agents/planner.md +11 -11
  8. package/agents/reviewer.md +11 -11
  9. package/agents/security-reviewer.md +11 -11
  10. package/agents/test-engineer.md +11 -11
  11. package/agents/verifier.md +70 -11
  12. package/agents/writer.md +11 -11
  13. package/docs/actions-reference.md +595 -0
  14. package/docs/commands-reference.md +347 -0
  15. package/docs/runtime-flow.md +148 -148
  16. package/index.ts +6 -6
  17. package/package.json +99 -99
  18. package/skills/async-worker-recovery/SKILL.md +42 -42
  19. package/skills/context-artifact-hygiene/SKILL.md +52 -52
  20. package/skills/delegation-patterns/SKILL.md +54 -54
  21. package/skills/mailbox-interactive/SKILL.md +40 -40
  22. package/skills/model-routing-context/SKILL.md +39 -39
  23. package/skills/multi-perspective-review/SKILL.md +58 -58
  24. package/skills/observability-reliability/SKILL.md +41 -41
  25. package/skills/orchestration/SKILL.md +157 -157
  26. package/skills/ownership-session-security/SKILL.md +41 -41
  27. package/skills/pi-extension-lifecycle/SKILL.md +39 -39
  28. package/skills/requirements-to-task-packet/SKILL.md +63 -63
  29. package/skills/resource-discovery-config/SKILL.md +41 -41
  30. package/skills/runtime-state-reader/SKILL.md +44 -44
  31. package/skills/secure-agent-orchestration-review/SKILL.md +45 -45
  32. package/skills/state-mutation-locking/SKILL.md +42 -42
  33. package/skills/systematic-debugging/SKILL.md +67 -67
  34. package/skills/ui-render-performance/SKILL.md +39 -39
  35. package/skills/verification-before-done/SKILL.md +57 -57
  36. package/skills/worktree-isolation/SKILL.md +39 -39
  37. package/src/adapters/claude-adapter.ts +25 -0
  38. package/src/adapters/codex-adapter.ts +21 -0
  39. package/src/adapters/cursor-adapter.ts +17 -0
  40. package/src/adapters/export-util.ts +137 -0
  41. package/src/adapters/index.ts +15 -0
  42. package/src/adapters/registry.ts +18 -0
  43. package/src/adapters/types.ts +23 -0
  44. package/src/agents/agent-config.ts +2 -0
  45. package/src/agents/agent-search.ts +98 -98
  46. package/src/agents/discover-agents.ts +2 -1
  47. package/src/config/config.ts +13 -1
  48. package/src/config/drift-detector.ts +211 -0
  49. package/src/config/markers.ts +327 -0
  50. package/src/config/resilient-parser.ts +108 -0
  51. package/src/config/suggestions.ts +74 -0
  52. package/src/extension/cross-extension-rpc.ts +103 -94
  53. package/src/extension/project-init.ts +21 -1
  54. package/src/extension/register.ts +45 -14
  55. package/src/extension/registration/commands.ts +77 -8
  56. package/src/extension/registration/subagent-tools.ts +10 -1
  57. package/src/extension/registration/team-tool.ts +10 -1
  58. package/src/extension/registration/viewers.ts +48 -34
  59. package/src/extension/run-bundle-schema.ts +89 -89
  60. package/src/extension/run-import.ts +25 -1
  61. package/src/extension/run-index.ts +5 -1
  62. package/src/extension/run-maintenance.ts +142 -68
  63. package/src/extension/team-manager-command.ts +10 -1
  64. package/src/extension/team-tool/api.ts +441 -441
  65. package/src/extension/team-tool/doctor.ts +28 -3
  66. package/src/extension/team-tool/handle-settings.ts +195 -188
  67. package/src/extension/team-tool/inspect.ts +41 -41
  68. package/src/extension/team-tool/intent-policy.ts +42 -42
  69. package/src/extension/team-tool/lifecycle-actions.ts +27 -8
  70. package/src/extension/team-tool/plan.ts +19 -19
  71. package/src/extension/team-tool/run.ts +12 -1
  72. package/src/extension/team-tool.ts +332 -322
  73. package/src/i18n.ts +184 -184
  74. package/src/observability/exporters/otlp-exporter.ts +92 -77
  75. package/src/prompt/prompt-runtime.ts +72 -72
  76. package/src/runtime/agent-memory.ts +72 -72
  77. package/src/runtime/agent-observability.ts +114 -114
  78. package/src/runtime/async-marker.ts +26 -26
  79. package/src/runtime/attention-events.ts +28 -28
  80. package/src/runtime/auto-resume.ts +100 -0
  81. package/src/runtime/background-runner.ts +11 -1
  82. package/src/runtime/cancellation-token.ts +89 -89
  83. package/src/runtime/cancellation.ts +61 -61
  84. package/src/runtime/capability-inventory.ts +116 -116
  85. package/src/runtime/child-pi.ts +7 -2
  86. package/src/runtime/compaction-summary.ts +271 -0
  87. package/src/runtime/completion-guard.ts +190 -190
  88. package/src/runtime/crash-recovery.ts +33 -1
  89. package/src/runtime/delta-conflict.ts +360 -0
  90. package/src/runtime/direct-run.ts +35 -35
  91. package/src/runtime/foreground-control.ts +82 -82
  92. package/src/runtime/green-contract.ts +46 -46
  93. package/src/runtime/group-join.ts +106 -106
  94. package/src/runtime/heartbeat-gradient.ts +28 -28
  95. package/src/runtime/heartbeat-watcher.ts +124 -124
  96. package/src/runtime/iteration-hooks.ts +264 -0
  97. package/src/runtime/live-agent-control.ts +88 -88
  98. package/src/runtime/live-control-realtime.ts +36 -36
  99. package/src/runtime/live-extension-bridge.ts +150 -150
  100. package/src/runtime/live-irc.ts +92 -92
  101. package/src/runtime/live-session-health.ts +100 -100
  102. package/src/runtime/loop-gates.ts +129 -0
  103. package/src/runtime/metric-parser.ts +40 -0
  104. package/src/runtime/notebook-helpers.ts +90 -90
  105. package/src/runtime/orphan-sentinel.ts +7 -7
  106. package/src/runtime/parallel-research.ts +44 -44
  107. package/src/runtime/phase-progress.ts +217 -0
  108. package/src/runtime/pi-args.ts +38 -11
  109. package/src/runtime/pi-json-output.ts +111 -111
  110. package/src/runtime/pi-spawn.ts +57 -7
  111. package/src/runtime/policy-engine.ts +79 -79
  112. package/src/runtime/post-checks.ts +122 -0
  113. package/src/runtime/progress-event-coalescer.ts +43 -43
  114. package/src/runtime/prose-compressor.ts +164 -164
  115. package/src/runtime/recovery-recipes.ts +74 -74
  116. package/src/runtime/result-extractor.ts +121 -121
  117. package/src/runtime/role-permission.ts +39 -39
  118. package/src/runtime/sensitive-paths.ts +2 -2
  119. package/src/runtime/session-resources.ts +25 -25
  120. package/src/runtime/session-snapshot.ts +59 -59
  121. package/src/runtime/session-usage.ts +79 -79
  122. package/src/runtime/sidechain-output.ts +29 -29
  123. package/src/runtime/stream-preview.ts +177 -177
  124. package/src/runtime/supervisor-contact.ts +59 -59
  125. package/src/runtime/task-display.ts +38 -38
  126. package/src/runtime/task-graph.ts +207 -0
  127. package/src/runtime/task-quality.ts +207 -0
  128. package/src/runtime/task-runner/capabilities.ts +78 -78
  129. package/src/runtime/task-runner/live-executor.ts +7 -1
  130. package/src/runtime/task-runner/progress.ts +119 -119
  131. package/src/runtime/task-runner/prompt-pipeline.ts +64 -64
  132. package/src/runtime/task-runner/result-utils.ts +14 -14
  133. package/src/runtime/task-runner/run-projection.ts +103 -103
  134. package/src/runtime/task-runner/state-helpers.ts +22 -22
  135. package/src/runtime/team-runner.ts +117 -7
  136. package/src/runtime/worker-heartbeat.ts +21 -21
  137. package/src/runtime/worker-startup.ts +57 -57
  138. package/src/runtime/workflow-state.ts +187 -0
  139. package/src/runtime/workspace-tree.ts +298 -298
  140. package/src/schema/config-schema.ts +11 -0
  141. package/src/schema/validation-types.ts +148 -0
  142. package/src/skills/skill-templates.ts +374 -0
  143. package/src/state/active-run-registry.ts +35 -11
  144. package/src/state/atomic-write.ts +33 -26
  145. package/src/state/contracts.ts +1 -0
  146. package/src/state/event-reconstructor.ts +217 -0
  147. package/src/state/locks.ts +2 -13
  148. package/src/state/mailbox.ts +4 -3
  149. package/src/state/state-store.ts +16 -6
  150. package/src/state/task-claims.ts +44 -44
  151. package/src/state/types.ts +9 -0
  152. package/src/state/usage.ts +29 -29
  153. package/src/subagents/async-entry.ts +1 -1
  154. package/src/subagents/index.ts +3 -3
  155. package/src/subagents/live/control.ts +1 -1
  156. package/src/subagents/live/manager.ts +1 -1
  157. package/src/subagents/live/realtime.ts +1 -1
  158. package/src/subagents/live/session-runtime.ts +1 -1
  159. package/src/subagents/manager.ts +1 -1
  160. package/src/subagents/spawn.ts +1 -1
  161. package/src/teams/team-serializer.ts +38 -38
  162. package/src/types/diff.d.ts +18 -18
  163. package/src/ui/crew-footer.ts +101 -101
  164. package/src/ui/crew-select-list.ts +111 -111
  165. package/src/ui/crew-widget.ts +5 -2
  166. package/src/ui/dashboard-panes/cancellation-pane.ts +42 -42
  167. package/src/ui/dashboard-panes/capability-pane.ts +59 -59
  168. package/src/ui/dashboard-panes/mailbox-pane.ts +35 -35
  169. package/src/ui/dashboard-panes/metrics-pane.ts +34 -34
  170. package/src/ui/dashboard-panes/progress-pane.ts +11 -0
  171. package/src/ui/dynamic-border.ts +25 -25
  172. package/src/ui/layout-primitives.ts +106 -106
  173. package/src/ui/loaders.ts +158 -158
  174. package/src/ui/render-coalescer.ts +51 -51
  175. package/src/ui/render-diff.ts +119 -119
  176. package/src/ui/render-scheduler.ts +143 -143
  177. package/src/ui/run-action-dispatcher.ts +10 -1
  178. package/src/ui/spinner.ts +17 -17
  179. package/src/ui/status-colors.ts +58 -58
  180. package/src/ui/syntax-highlight.ts +116 -116
  181. package/src/ui/transcript-entries.ts +258 -258
  182. package/src/utils/completion-dedupe.ts +63 -63
  183. package/src/utils/frontmatter.ts +68 -68
  184. package/src/utils/git.ts +262 -262
  185. package/src/utils/ids.ts +17 -17
  186. package/src/utils/incremental-reader.ts +104 -104
  187. package/src/utils/names.ts +27 -27
  188. package/src/utils/redaction.ts +44 -44
  189. package/src/utils/safe-paths.ts +47 -47
  190. package/src/utils/scan-cache.ts +136 -136
  191. package/src/utils/sleep.ts +40 -26
  192. package/src/utils/task-name-generator.ts +337 -337
  193. package/src/workflows/validate-workflow.ts +40 -40
  194. package/src/worktree/branch-freshness.ts +45 -45
  195. package/teams/default.team.md +12 -12
  196. package/teams/fast-fix.team.md +11 -11
  197. package/teams/implementation.team.md +18 -18
  198. package/teams/parallel-research.team.md +14 -14
  199. package/teams/research.team.md +11 -11
  200. package/teams/review.team.md +12 -12
  201. package/workflows/default.workflow.md +30 -29
  202. package/workflows/fast-fix.workflow.md +23 -22
  203. package/workflows/implementation.workflow.md +43 -43
  204. package/workflows/parallel-research.workflow.md +46 -46
  205. package/workflows/research.workflow.md +22 -22
  206. package/workflows/review.workflow.md +30 -30
  207. package/docs/refactor-tasks-phase3.md +0 -394
  208. package/docs/refactor-tasks-phase4.md +0 -564
  209. package/docs/refactor-tasks-phase5.md +0 -402
  210. package/docs/refactor-tasks-phase6.md +0 -662
  211. package/docs/refactor-tasks.md +0 -1484
  212. package/docs/research/AGENT-EXECUTION-ARCHITECTURE.md +0 -261
  213. package/docs/research/AGENT-LIFECYCLE-COMPARISON.md +0 -111
  214. package/docs/research/AUDIT_OH_MY_PI.md +0 -261
  215. package/docs/research/AUDIT_PI_CREW.md +0 -457
  216. package/docs/research/CAVEMAN-DEEP-RESEARCH.md +0 -281
  217. package/docs/research/COMPARISON_OH_MY_PI_VS_PI_CREW.md +0 -264
  218. package/docs/research/DEEP-RESEARCH-PI-POWERBAR.md +0 -343
  219. package/docs/research/DEEP_RESEARCH_SUBAGENT_ARCHITECTURE.md +0 -480
  220. package/docs/research/GAP_CLOSURE_IMPLEMENTATION_PLAN.md +0 -354
  221. package/docs/research/IMPLEMENTATION_PLAN.md +0 -385
  222. package/docs/research/LIVE-SESSION-PRODUCTION-READY-PLAN.md +0 -502
  223. package/docs/research/OH-MY-PI-DEEP-RESEARCH-v14.7.6.md +0 -266
  224. package/docs/research/REMAINING-GAPS-PLAN.md +0 -363
  225. package/docs/research/SESSION-SUMMARY-2026-05-08.md +0 -146
  226. package/docs/research/UI-RESPONSIVENESS-AUDIT.md +0 -173
  227. package/docs/research-awesome-agent-skills-distillation.md +0 -100
  228. package/docs/research-extension-examples.md +0 -297
  229. package/docs/research-extension-system.md +0 -324
  230. package/docs/research-oh-my-pi-distillation.md +0 -369
  231. package/docs/research-optimization-plan.md +0 -548
  232. package/docs/research-phase10-distillation.md +0 -199
  233. package/docs/research-phase11-distillation.md +0 -201
  234. package/docs/research-phase8-operator-experience-plan.md +0 -819
  235. package/docs/research-phase9-observability-reliability-plan.md +0 -1190
  236. package/docs/research-pi-coding-agent.md +0 -357
  237. package/docs/research-source-pi-crew-reference.md +0 -174
  238. package/docs/research-ui-optimization-plan.md +0 -480
  239. package/docs/source-runtime-refactor-map.md +0 -107
  240. package/src/utils/atomic-write.ts +0 -33
@@ -0,0 +1,217 @@
1
+ /**
2
+ * Phase progress calculator for pi-crew runs.
3
+ *
4
+ * Groups tasks by their adaptive phase metadata and computes per-phase
5
+ * and overall progress metrics including estimated remaining time.
6
+ */
7
+ import type { TeamTaskState } from "../state/types.ts";
8
+
9
+ // ---------------------------------------------------------------------------
10
+ // Types
11
+ // ---------------------------------------------------------------------------
12
+
13
+ export interface PhaseInfo {
14
+ /** Phase name, e.g. "explore", "plan", "execute", "verify" */
15
+ phase: string;
16
+ /** 0-based index among all phases */
17
+ index: number;
18
+ /** Total tasks in this phase */
19
+ total: number;
20
+ /** Completed tasks */
21
+ completed: number;
22
+ /** Failed tasks */
23
+ failed: number;
24
+ /** Currently running tasks */
25
+ running: number;
26
+ /** Still queued (not started) */
27
+ queued: number;
28
+ /** (completed + failed) / total * 100, rounded to 1 decimal */
29
+ percentage: number;
30
+ }
31
+
32
+ export interface RunProgress {
33
+ /** Breakdown per phase, in phase order */
34
+ phases: PhaseInfo[];
35
+ /** Overall (completed + failed) / total * 100 */
36
+ overallPercentage: number;
37
+ /** Phase that currently has running or queued tasks, or null */
38
+ currentPhase: string | null;
39
+ /** Estimated remaining ms based on avg task duration × remaining tasks */
40
+ estimatedRemainingMs: number;
41
+ /** Total task count */
42
+ totalTasks: number;
43
+ /** Completed task count */
44
+ completedTasks: number;
45
+ }
46
+
47
+ // ---------------------------------------------------------------------------
48
+ // Helpers
49
+ // ---------------------------------------------------------------------------
50
+
51
+ const TERMINAL_STATUSES = new Set(["completed", "failed", "cancelled", "skipped"]);
52
+
53
+ /**
54
+ * Extract the phase label for a task.
55
+ *
56
+ * Priority:
57
+ * 1. `task.adaptive.phase` (set by adaptive planner)
58
+ * 2. Infer from stepId prefix: `adaptive-<phaseIndex>-...` → use the numeric phase index
59
+ * 3. Fallback: `"default"`
60
+ */
61
+ function extractPhase(task: TeamTaskState): string {
62
+ if (task.adaptive?.phase) return task.adaptive.phase;
63
+ if (task.stepId?.startsWith("adaptive-")) {
64
+ const parts = task.stepId.split("-");
65
+ // adaptive-<phaseIndex>-<taskIndex>-<role> → parts[1] is the phase index
66
+ if (parts.length >= 3 && parts[1]) return parts[1];
67
+ }
68
+ return "default";
69
+ }
70
+
71
+ /**
72
+ * Compute task duration in ms from startedAt → finishedAt.
73
+ * Returns undefined if timestamps are missing or invalid.
74
+ */
75
+ function taskDurationMs(task: TeamTaskState): number | undefined {
76
+ if (!task.startedAt || !task.finishedAt) return undefined;
77
+ const start = new Date(task.startedAt).getTime();
78
+ const end = new Date(task.finishedAt).getTime();
79
+ const duration = end - start;
80
+ return Number.isFinite(duration) && duration > 0 ? duration : undefined;
81
+ }
82
+
83
+ // ---------------------------------------------------------------------------
84
+ // Main export
85
+ // ---------------------------------------------------------------------------
86
+
87
+ /**
88
+ * Compute phase-aware progress for a set of tasks.
89
+ *
90
+ * Groups tasks by phase, calculates per-phase and overall percentages,
91
+ * and estimates remaining time from the average duration of completed tasks.
92
+ */
93
+ export function computePhaseProgress(tasks: TeamTaskState[]): RunProgress {
94
+ if (tasks.length === 0) {
95
+ return {
96
+ phases: [],
97
+ overallPercentage: 0,
98
+ currentPhase: null,
99
+ estimatedRemainingMs: 0,
100
+ totalTasks: 0,
101
+ completedTasks: 0,
102
+ };
103
+ }
104
+
105
+ // Preserve insertion order of first-seen phase
106
+ const phaseOrder: string[] = [];
107
+ const phaseGroups = new Map<string, TeamTaskState[]>();
108
+
109
+ for (const task of tasks) {
110
+ const phase = extractPhase(task);
111
+ if (!phaseGroups.has(phase)) {
112
+ phaseGroups.set(phase, []);
113
+ phaseOrder.push(phase);
114
+ }
115
+ phaseGroups.get(phase)!.push(task);
116
+ }
117
+
118
+ let totalCompleted = 0;
119
+ let totalTerminal = 0;
120
+ let totalDurationSum = 0;
121
+ let totalDurationCount = 0;
122
+ let currentPhase: string | null = null;
123
+
124
+ const phases: PhaseInfo[] = phaseOrder.map((phase, index) => {
125
+ const group = phaseGroups.get(phase)!;
126
+ let completed = 0;
127
+ let failed = 0;
128
+ let running = 0;
129
+ let queued = 0;
130
+ let hasRunningOrQueued = false;
131
+
132
+ for (const task of group) {
133
+ const status = task.status;
134
+ if (status === "completed") {
135
+ completed++;
136
+ totalCompleted++;
137
+ totalTerminal++;
138
+ const dur = taskDurationMs(task);
139
+ if (dur !== undefined) {
140
+ totalDurationSum += dur;
141
+ totalDurationCount++;
142
+ }
143
+ } else if (status === "failed") {
144
+ failed++;
145
+ totalTerminal++;
146
+ const dur = taskDurationMs(task);
147
+ if (dur !== undefined) {
148
+ totalDurationSum += dur;
149
+ totalDurationCount++;
150
+ }
151
+ } else if (status === "running" || status === "waiting") {
152
+ running++;
153
+ hasRunningOrQueued = true;
154
+ } else if (status === "queued") {
155
+ queued++;
156
+ hasRunningOrQueued = true;
157
+ }
158
+ // cancelled, skipped → counted in total but not completed/failed
159
+ }
160
+
161
+ if (hasRunningOrQueued && currentPhase === null) {
162
+ currentPhase = phase;
163
+ }
164
+
165
+ const terminal = completed + failed;
166
+ const percentage = group.length > 0 ? Math.round((terminal / group.length) * 1000) / 10 : 0;
167
+
168
+ return {
169
+ phase,
170
+ index,
171
+ total: group.length,
172
+ completed,
173
+ failed,
174
+ running,
175
+ queued,
176
+ percentage,
177
+ };
178
+ });
179
+
180
+ const overallPercentage = tasks.length > 0 ? Math.round((totalTerminal / tasks.length) * 1000) / 10 : 0;
181
+
182
+ // Estimate remaining time: avg duration × remaining non-terminal tasks
183
+ const remainingTasks = tasks.length - totalTerminal;
184
+ let estimatedRemainingMs = 0;
185
+ if (totalDurationCount > 0 && remainingTasks > 0) {
186
+ const avgDuration = totalDurationSum / totalDurationCount;
187
+ estimatedRemainingMs = Math.round(avgDuration * remainingTasks);
188
+ }
189
+
190
+ return {
191
+ phases,
192
+ overallPercentage,
193
+ currentPhase,
194
+ estimatedRemainingMs,
195
+ totalTasks: tasks.length,
196
+ completedTasks: totalCompleted,
197
+ };
198
+ }
199
+
200
+ /**
201
+ * Format a human-readable phase progress line.
202
+ *
203
+ * Example: "Phase 2/4 execute: 60.0% (3/5)"
204
+ * Returns empty string when there are no phases.
205
+ */
206
+ export function formatPhaseProgressLine(runProgress: RunProgress): string {
207
+ if (runProgress.phases.length === 0) return "";
208
+ const current = runProgress.currentPhase;
209
+ if (!current) {
210
+ // All done — show summary
211
+ return `All ${runProgress.phases.length} phases done: ${runProgress.overallPercentage}% (${runProgress.completedTasks}/${runProgress.totalTasks})`;
212
+ }
213
+ const currentPhaseInfo = runProgress.phases.find((p) => p.phase === current);
214
+ if (!currentPhaseInfo) return `${runProgress.overallPercentage}% done`;
215
+ const done = currentPhaseInfo.completed + currentPhaseInfo.failed;
216
+ return `Phase ${currentPhaseInfo.index + 1}/${runProgress.phases.length} ${current}: ${currentPhaseInfo.percentage}% (${done}/${currentPhaseInfo.total})`;
217
+ }
@@ -57,6 +57,33 @@ export function checkCrewDepth(inputMaxDepth?: number, env: NodeJS.ProcessEnv =
57
57
  return { depth, maxDepth, blocked: depth >= maxDepth };
58
58
  }
59
59
 
60
+ /**
61
+ * Create a safe temp directory with symlink protection.
62
+ * 1. mkdtempSync to create the directory
63
+ * 2. lstatSync to verify it is not a symlink (TOCTOU safety)
64
+ * 3. realpathSync to resolve the canonical path
65
+ */
66
+ function createSafeTempDir(base: string, prefix: string): string {
67
+ if (!fs.existsSync(base)) fs.mkdirSync(base, { recursive: true });
68
+ // Verify base dir is not a symlink (TOCTOU safety)
69
+ const baseStat = fs.lstatSync(base);
70
+ if (baseStat.isSymbolicLink()) throw new Error("Refusing to create temp dir in symlinked base: " + base);
71
+ // Resolve base to canonical path before joining
72
+ const resolvedBase = fs.realpathSync(base);
73
+ const rawTempDir = fs.mkdtempSync(path.join(resolvedBase, prefix));
74
+ try {
75
+ const stat = fs.lstatSync(rawTempDir);
76
+ if (stat.isSymbolicLink()) throw new Error("temp dir is a symlink");
77
+ } catch (e) {
78
+ if (e instanceof Error && e.message.includes("symlink")) {
79
+ fs.rmSync(rawTempDir, { recursive: true, force: true });
80
+ throw new Error("Refusing to use symlinked temp directory.");
81
+ }
82
+ throw e;
83
+ }
84
+ return fs.realpathSync(rawTempDir);
85
+ }
86
+
60
87
  export function buildPiWorkerArgs(input: BuildPiWorkerArgsInput): BuildPiWorkerArgsResult {
61
88
  const args = ["--mode", "json", "-p"];
62
89
  if (input.sessionEnabled === false) args.push("--no-session");
@@ -83,23 +110,23 @@ export function buildPiWorkerArgs(input: BuildPiWorkerArgsInput): BuildPiWorkerA
83
110
 
84
111
  let tempDir: string | undefined;
85
112
  if (input.agent.systemPrompt) {
86
- tempDir = fs.mkdtempSync(path.join(os.tmpdir(), `pi-crew-${process.pid}-`));
87
- // Verify temp dir is not a symlink (TOCTOU safety)
88
- try {
89
- const stat = fs.lstatSync(tempDir);
90
- if (stat.isSymbolicLink()) throw new Error("temp dir is a symlink");
91
- } catch {
92
- fs.rmSync(tempDir, { recursive: true, force: true });
93
- tempDir = undefined;
94
- throw new Error("Refusing to use symlinked temp directory.");
95
- }
113
+ // On Windows, prefer a subdirectory within the user's profile over system temp
114
+ const tmpBase = process.platform === "win32" && os.homedir()
115
+ ? path.join(os.homedir(), ".pi-crew", "tmp")
116
+ : os.tmpdir();
117
+ tempDir = createSafeTempDir(tmpBase, `pi-crew-${process.pid}-`);
96
118
  const promptPath = path.join(tempDir, `${input.agent.name.replace(/[^\w.-]/g, "_")}.md`);
97
119
  fs.writeFileSync(promptPath, input.agent.systemPrompt, { mode: 0o600 });
98
120
  args.push(input.agent.systemPromptMode === "append" ? "--append-system-prompt" : "--system-prompt", promptPath);
99
121
  }
100
122
 
101
123
  if (input.task.length > TASK_ARG_LIMIT) {
102
- if (!tempDir) tempDir = fs.mkdtempSync(path.join(os.tmpdir(), `pi-crew-${process.pid}-`));
124
+ if (!tempDir) {
125
+ const tmpBase = process.platform === "win32" && os.homedir()
126
+ ? path.join(os.homedir(), ".pi-crew", "tmp")
127
+ : os.tmpdir();
128
+ tempDir = createSafeTempDir(tmpBase, `pi-crew-${process.pid}-`);
129
+ }
103
130
  const taskPath = path.join(tempDir, "task.md");
104
131
  fs.writeFileSync(taskPath, input.task, { mode: 0o600 });
105
132
  args.push(`@${taskPath}`);
@@ -1,111 +1,111 @@
1
- export interface ParsedPiUsage {
2
- input?: number;
3
- output?: number;
4
- cacheRead?: number;
5
- cacheWrite?: number;
6
- cost?: number;
7
- turns?: number;
8
- }
9
-
10
- export interface ParsedPiJsonOutput {
11
- jsonEvents: number;
12
- textEvents: string[];
13
- finalText?: string;
14
- usage?: ParsedPiUsage;
15
- }
16
-
17
- function asRecord(value: unknown): Record<string, unknown> | undefined {
18
- return value && typeof value === "object" && !Array.isArray(value) ? value as Record<string, unknown> : undefined;
19
- }
20
-
21
- function numberField(obj: Record<string, unknown>, keys: string[]): number | undefined {
22
- for (const key of keys) {
23
- const value = obj[key];
24
- if (typeof value === "number" && Number.isFinite(value)) return value;
25
- }
26
- return undefined;
27
- }
28
-
29
- function mergeUsage(target: ParsedPiUsage, source: ParsedPiUsage): ParsedPiUsage {
30
- return {
31
- input: source.input ?? target.input,
32
- output: source.output ?? target.output,
33
- cacheRead: source.cacheRead ?? target.cacheRead,
34
- cacheWrite: source.cacheWrite ?? target.cacheWrite,
35
- cost: source.cost ?? target.cost,
36
- turns: source.turns ?? target.turns,
37
- };
38
- }
39
-
40
- function extractUsage(value: unknown): ParsedPiUsage | undefined {
41
- const obj = asRecord(value);
42
- if (!obj) return undefined;
43
- const direct: ParsedPiUsage = {
44
- input: numberField(obj, ["input", "inputTokens", "input_tokens"]),
45
- output: numberField(obj, ["output", "outputTokens", "output_tokens"]),
46
- cacheRead: numberField(obj, ["cacheRead", "cache_read", "cacheReadTokens", "cache_read_tokens"]),
47
- cacheWrite: numberField(obj, ["cacheWrite", "cache_write", "cacheWriteTokens", "cache_write_tokens"]),
48
- cost: numberField(obj, ["cost", "costUsd", "cost_usd"]),
49
- turns: numberField(obj, ["turns", "turnCount", "turn_count"]),
50
- };
51
- if (Object.values(direct).some((entry) => entry !== undefined)) return direct;
52
- for (const key of ["usage", "tokenUsage", "tokens", "stats"]) {
53
- const nested = extractUsage(obj[key]);
54
- if (nested) return nested;
55
- }
56
- return undefined;
57
- }
58
-
59
- function textFromContent(content: unknown): string[] {
60
- if (typeof content === "string") return [content];
61
- if (!Array.isArray(content)) return [];
62
- const text: string[] = [];
63
- for (const part of content) {
64
- const obj = asRecord(part);
65
- if (!obj) continue;
66
- if (obj.type === "text" && typeof obj.text === "string") text.push(obj.text);
67
- else if (typeof obj.content === "string") text.push(obj.content);
68
- }
69
- return text;
70
- }
71
-
72
- function extractText(value: unknown): string[] {
73
- const obj = asRecord(value);
74
- if (!obj) return [];
75
- const message = asRecord(obj.message);
76
- if (message?.role !== undefined && message.role !== "assistant") return [];
77
- const text: string[] = [];
78
- if (typeof obj.text === "string") text.push(obj.text);
79
- if (typeof obj.output === "string") text.push(obj.output);
80
- if (typeof obj.finalOutput === "string") text.push(obj.finalOutput);
81
- if (typeof obj.final_output === "string") text.push(obj.final_output);
82
- if (!message) text.push(...textFromContent(obj.content));
83
- if (message) text.push(...textFromContent(message.content));
84
- return text.filter((entry) => entry.trim().length > 0);
85
- }
86
-
87
- export function parsePiJsonOutput(stdout: string): ParsedPiJsonOutput {
88
- let jsonEvents = 0;
89
- const textEvents: string[] = [];
90
- let usage: ParsedPiUsage | undefined;
91
- for (const line of stdout.split("\n")) {
92
- const trimmed = line.trim();
93
- if (!trimmed) continue;
94
- let event: unknown;
95
- try {
96
- event = JSON.parse(trimmed) as unknown;
97
- } catch {
98
- continue;
99
- }
100
- jsonEvents++;
101
- textEvents.push(...extractText(event));
102
- const eventUsage = extractUsage(event);
103
- if (eventUsage) usage = mergeUsage(usage ?? {}, eventUsage);
104
- }
105
- return {
106
- jsonEvents,
107
- textEvents,
108
- finalText: textEvents.length > 0 ? textEvents[textEvents.length - 1] : undefined,
109
- usage,
110
- };
111
- }
1
+ export interface ParsedPiUsage {
2
+ input?: number;
3
+ output?: number;
4
+ cacheRead?: number;
5
+ cacheWrite?: number;
6
+ cost?: number;
7
+ turns?: number;
8
+ }
9
+
10
+ export interface ParsedPiJsonOutput {
11
+ jsonEvents: number;
12
+ textEvents: string[];
13
+ finalText?: string;
14
+ usage?: ParsedPiUsage;
15
+ }
16
+
17
+ function asRecord(value: unknown): Record<string, unknown> | undefined {
18
+ return value && typeof value === "object" && !Array.isArray(value) ? value as Record<string, unknown> : undefined;
19
+ }
20
+
21
+ function numberField(obj: Record<string, unknown>, keys: string[]): number | undefined {
22
+ for (const key of keys) {
23
+ const value = obj[key];
24
+ if (typeof value === "number" && Number.isFinite(value)) return value;
25
+ }
26
+ return undefined;
27
+ }
28
+
29
+ function mergeUsage(target: ParsedPiUsage, source: ParsedPiUsage): ParsedPiUsage {
30
+ return {
31
+ input: source.input ?? target.input,
32
+ output: source.output ?? target.output,
33
+ cacheRead: source.cacheRead ?? target.cacheRead,
34
+ cacheWrite: source.cacheWrite ?? target.cacheWrite,
35
+ cost: source.cost ?? target.cost,
36
+ turns: source.turns ?? target.turns,
37
+ };
38
+ }
39
+
40
+ function extractUsage(value: unknown): ParsedPiUsage | undefined {
41
+ const obj = asRecord(value);
42
+ if (!obj) return undefined;
43
+ const direct: ParsedPiUsage = {
44
+ input: numberField(obj, ["input", "inputTokens", "input_tokens"]),
45
+ output: numberField(obj, ["output", "outputTokens", "output_tokens"]),
46
+ cacheRead: numberField(obj, ["cacheRead", "cache_read", "cacheReadTokens", "cache_read_tokens"]),
47
+ cacheWrite: numberField(obj, ["cacheWrite", "cache_write", "cacheWriteTokens", "cache_write_tokens"]),
48
+ cost: numberField(obj, ["cost", "costUsd", "cost_usd"]),
49
+ turns: numberField(obj, ["turns", "turnCount", "turn_count"]),
50
+ };
51
+ if (Object.values(direct).some((entry) => entry !== undefined)) return direct;
52
+ for (const key of ["usage", "tokenUsage", "tokens", "stats"]) {
53
+ const nested = extractUsage(obj[key]);
54
+ if (nested) return nested;
55
+ }
56
+ return undefined;
57
+ }
58
+
59
+ function textFromContent(content: unknown): string[] {
60
+ if (typeof content === "string") return [content];
61
+ if (!Array.isArray(content)) return [];
62
+ const text: string[] = [];
63
+ for (const part of content) {
64
+ const obj = asRecord(part);
65
+ if (!obj) continue;
66
+ if (obj.type === "text" && typeof obj.text === "string") text.push(obj.text);
67
+ else if (typeof obj.content === "string") text.push(obj.content);
68
+ }
69
+ return text;
70
+ }
71
+
72
+ function extractText(value: unknown): string[] {
73
+ const obj = asRecord(value);
74
+ if (!obj) return [];
75
+ const message = asRecord(obj.message);
76
+ if (message?.role !== undefined && message.role !== "assistant") return [];
77
+ const text: string[] = [];
78
+ if (typeof obj.text === "string") text.push(obj.text);
79
+ if (typeof obj.output === "string") text.push(obj.output);
80
+ if (typeof obj.finalOutput === "string") text.push(obj.finalOutput);
81
+ if (typeof obj.final_output === "string") text.push(obj.final_output);
82
+ if (!message) text.push(...textFromContent(obj.content));
83
+ if (message) text.push(...textFromContent(message.content));
84
+ return text.filter((entry) => entry.trim().length > 0);
85
+ }
86
+
87
+ export function parsePiJsonOutput(stdout: string): ParsedPiJsonOutput {
88
+ let jsonEvents = 0;
89
+ const textEvents: string[] = [];
90
+ let usage: ParsedPiUsage | undefined;
91
+ for (const line of stdout.split("\n")) {
92
+ const trimmed = line.trim();
93
+ if (!trimmed) continue;
94
+ let event: unknown;
95
+ try {
96
+ event = JSON.parse(trimmed) as unknown;
97
+ } catch {
98
+ continue;
99
+ }
100
+ jsonEvents++;
101
+ textEvents.push(...extractText(event));
102
+ const eventUsage = extractUsage(event);
103
+ if (eventUsage) usage = mergeUsage(usage ?? {}, eventUsage);
104
+ }
105
+ return {
106
+ jsonEvents,
107
+ textEvents,
108
+ finalText: textEvents.length > 0 ? textEvents[textEvents.length - 1] : undefined,
109
+ usage,
110
+ };
111
+ }
@@ -1,4 +1,5 @@
1
1
  import * as fs from "node:fs";
2
+ import * as os from "node:os";
2
3
  import { fileURLToPath } from "node:url";
3
4
  import * as path from "node:path";
4
5
 
@@ -11,6 +12,48 @@ function isRunnableNodeScript(filePath: string): boolean {
11
12
  return fs.existsSync(filePath) && /\.(?:mjs|cjs|js)$/i.test(filePath);
12
13
  }
13
14
 
15
+ /**
16
+ * Check that a resolved path is within known safe prefixes.
17
+ * Allowed prefixes: npm global bin (APPDATA/npm), project node_modules/.bin,
18
+ * or the current process's execPath directory.
19
+ */
20
+ function isWithinAllowedPrefixes(resolvedPath: string): boolean {
21
+ const normalized = path.resolve(resolvedPath).toLowerCase();
22
+
23
+ const allowedPrefixes: string[] = [];
24
+
25
+ // Current process execPath directory (e.g. node installation)
26
+ try {
27
+ const execDir = path.dirname(fs.realpathSync.native(process.execPath));
28
+ allowedPrefixes.push(execDir.toLowerCase());
29
+ } catch { /* ignore */ }
30
+
31
+ // npm global bin via APPDATA
32
+ if (process.env.APPDATA) {
33
+ allowedPrefixes.push(path.join(process.env.APPDATA, "npm").toLowerCase());
34
+ }
35
+
36
+ // Project-local node_modules/.bin
37
+ try {
38
+ const projectBin = path.resolve("node_modules", ".bin");
39
+ allowedPrefixes.push(projectBin.toLowerCase());
40
+ } catch { /* ignore */ }
41
+
42
+ // User home npm-global
43
+ try {
44
+ const homeNpm = path.join(os.homedir(), ".npm-global", "bin");
45
+ allowedPrefixes.push(homeNpm.toLowerCase());
46
+ } catch { /* ignore */ }
47
+
48
+ // User home .local/bin
49
+ try {
50
+ const homeLocal = path.join(os.homedir(), ".local", "bin");
51
+ allowedPrefixes.push(homeLocal.toLowerCase());
52
+ } catch { /* ignore */ }
53
+
54
+ return allowedPrefixes.some((prefix) => normalized.startsWith(prefix));
55
+ }
56
+
14
57
  function resolvePiPackageRoot(): string | undefined {
15
58
  try {
16
59
  const entry = process.argv[1];
@@ -61,9 +104,6 @@ function findPiPackageJsonFrom(startDir: string): string | undefined {
61
104
  }
62
105
 
63
106
  function resolvePiCliScript(): string | undefined {
64
- const explicit = process.env.PI_TEAMS_PI_BIN?.trim();
65
- if (explicit && isRunnableNodeScript(explicit)) return explicit;
66
-
67
107
  const argv1 = process.argv[1];
68
108
  if (argv1) {
69
109
  const argvPath = path.isAbsolute(argv1) ? argv1 : path.resolve(argv1);
@@ -87,14 +127,24 @@ function resolvePiCliScript(): string | undefined {
87
127
 
88
128
  function validateExplicitBin(explicit: string): string | undefined {
89
129
  const resolved = path.resolve(explicit);
90
- // Reject paths outside the project or user directories
91
- if (resolved.includes("..")) return undefined;
92
130
  if (!fs.existsSync(resolved)) return undefined;
131
+ // Reject paths outside allowed safe prefixes
132
+ if (!isWithinAllowedPrefixes(resolved)) {
133
+ throw new Error(
134
+ `PI_TEAMS_PI_BIN path '${resolved}' is outside allowed prefixes. ` +
135
+ `Allowed: npm global bin, project node_modules/.bin, APPDATA/npm, or process execPath directory.`,
136
+ );
137
+ }
93
138
  // Reject if symlink points outside expected directories
94
139
  try {
95
140
  const real = fs.realpathSync(resolved);
96
- if (real.includes("..")) return undefined;
97
- } catch {
141
+ if (!isWithinAllowedPrefixes(real)) {
142
+ throw new Error(
143
+ `PI_TEAMS_PI_BIN symlink target '${real}' is outside allowed prefixes.`,
144
+ );
145
+ }
146
+ } catch (e) {
147
+ if (e instanceof Error && e.message.includes("allowed prefixes")) throw e;
98
148
  return undefined;
99
149
  }
100
150
  return resolved;