pi-crew 0.5.2 → 0.5.6

package/src/runtime/child-pi.ts

@@ -8,8 +8,9 @@ import { getPiSpawnCommand } from "./pi-spawn.ts";
 import { DEFAULT_CHILD_PI } from "../config/defaults.ts";
 import { logInternalError } from "../utils/internal-error.ts";
 import { attachPostExitStdioGuard, trySignalChild } from "./post-exit-stdio-guard.ts";
-import { redactJsonLine, SECRET_KEY_PATTERN } from "../utils/redaction.ts";
+import { redactJsonLine, isSecretKey } from "../utils/redaction.ts";
 import { sanitizeEnvSecrets } from "../utils/env-filter.ts";
+import { registerChildProcess, unregisterChildProcess } from "../extension/crew-cleanup.ts";
 
 const POST_EXIT_STDIO_GUARD_MS = DEFAULT_CHILD_PI.postExitStdioGuardMs;
 const FINAL_DRAIN_MS = DEFAULT_CHILD_PI.finalDrainMs;
@@ -117,6 +118,8 @@ export interface ChildPiLifecycleEvent {
 	error?: string;
 	/** Stderr captured at timeout moment (for response_timeout events). */
 	stderr?: string;
+	/** Last N chars of stderr for error context (exit/error events). */
+	stderrExcerpt?: string;
 	/** Timestamp (ISO). */
 	ts: string;
 }
@@ -146,6 +149,16 @@ export interface ChildPiRunInput {
 	parentContext?: string;
 	/** When true, prepend parentContext to the task prompt. */
 	inheritContext?: boolean;
+	/** Pass to pi to mark certain commands as context-excluded. Default: false */
+	excludeContextBash?: boolean;
+	/** pi session ID for session naming (aligns with pi-crew run ID) */
+	sessionId?: string;
+	/** Run ID for cleanup tracking */
+	runId?: string;
+	/** Agent ID for cleanup tracking */
+	agentId?: string;
+	/** Role for tool restrictions (from role-tools.ts) */
+	role?: string;
 }
 
 export interface ChildPiRunResult {
@@ -168,18 +181,24 @@ export function buildChildPiSpawnOptions(cwd: string, env: NodeJS.ProcessEnv): S
 	// Bug #12 fix: essential env vars (PATH, HOME, etc.) are always preserved so child can find npm/node.
 	const filteredEnv = sanitizeEnvSecrets(env, {
 		allowList: [
-			// Model provider API keys (these are safe to pass — they're meant for API calls)
-			"MINIMAX_*",
-			"OPENAI_*",
-			"ANTHROPIC_*",
-			"GOOGLE_*",
-			"AZURE_*",
-			"AWS_*",
-			"ZEU_*",
-			"ZERODEV_*",
-			"*_API_KEY",
-			"*_TOKEN",
-			"*_SECRET",
+			// Model provider API keys (explicit list — do NOT use wildcards)
+			"MINIMAX_API_KEY",
+			"MINIMAX_GROUP_ID",
+			"OPENAI_API_KEY",
+			"OPENAI_ORG_ID",
+			"ANTHROPIC_API_KEY",
+			"GOOGLE_API_KEY",
+			"GOOGLE_GENERATIVE_LANGUAGE_API_KEY",
+			"AZURE_OPENAI_API_KEY",
+			"AZURE_OPENAI_ENDPOINT",
+			"AWS_ACCESS_KEY_ID",
+			"AWS_SECRET_ACCESS_KEY",
+			"AWS_REGION",
+			"ZEU_API_KEY",
+			"ZERODEV_API_KEY",
+			// SECURITY FIX: Removed dangerous wildcards "*_API_KEY", "*_TOKEN", "*_SECRET"
+			// These patterns would leak ALL secrets matching the pattern to child processes.
+			// Only add specific, intended provider keys above.
 			// Essential non-secret vars for child process to function
 			"PATH",
 			"HOME",
@@ -368,23 +387,31 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 	if (depth.blocked) return { exitCode: 1, stdout: "", stderr: `pi-crew depth guard blocked child worker: depth ${depth.depth} >= max ${depth.maxDepth}` };
 	const mock = process.env.PI_TEAMS_MOCK_CHILD_PI;
 	if (mock) {
+		// SECURITY: Log mock mode activation prominently for audit trail
+		console.warn(`[⚠️ PI_CREW_MOCK_MODE] Mock mode active: ${mock} — NOT running real agents!`);
+		// SECURITY FIX: Require PI_CREW_ALLOW_MOCK alongside PI_TEAMS_MOCK_CHILD_PI
+		const allowMock = process.env.PI_CREW_ALLOW_MOCK === "1" || process.env.PI_CREW_ALLOW_MOCK === "true";
+		if (!allowMock) {
+			console.error(`[🚨 PI_CREW_MOCK_MODE] SECURITY: PI_TEAMS_MOCK_CHILD_PI is set but PI_CREW_ALLOW_MOCK is not "1". Ignoring mock request for safety.`);
+			return { exitCode: 1, stdout: "", stderr: "Mock mode requires PI_CREW_ALLOW_MOCK=1 alongside PI_TEAMS_MOCK_CHILD_PI" };
+		}
 		if (mock === "success") {
-			const stdout = `Mock child Pi success for ${input.agent.name}\n`;
+			const stdout = `[MOCK] Success for ${input.agent.name}\n`;
 			observeStdoutChunk(input, stdout);
 			return { exitCode: 0, stdout, stderr: "" };
 		}
 		if (mock === "json-success" || mock === "adaptive-plan") {
 			const text = mock === "adaptive-plan" && effectiveTask.includes("ADAPTIVE_PLAN_JSON_START")
-				? `Adaptive mock plan\nADAPTIVE_PLAN_JSON_START\n${JSON.stringify({ phases: [{ name: "research", tasks: [{ role: "explorer", task: "Explore adaptive target" }, { role: "analyst", task: "Analyze adaptive target" }, { role: "planner", task: "Plan adaptive target" }] }, { name: "build", tasks: [{ role: "executor", task: "Implement adaptive target" }] }, { name: "check", tasks: [{ role: "reviewer", task: "Review adaptive target" }, { role: "test-engineer", task: "Test adaptive target" }, { role: "writer", task: "Summarize adaptive target" }] }] })}\nADAPTIVE_PLAN_JSON_END`
-				: `Mock JSON success for ${input.agent.name}`;
+				? `[MOCK] Adaptive plan\nADAPTIVE_PLAN_JSON_START\n${JSON.stringify({ phases: [{ name: "research", tasks: [{ role: "explorer", task: "Explore adaptive target" }, { role: "analyst", task: "Analyze adaptive target" }, { role: "planner", task: "Plan adaptive target" }] }, { name: "build", tasks: [{ role: "executor", task: "Implement adaptive target" }] }, { name: "check", tasks: [{ role: "reviewer", task: "Review adaptive target" }, { role: "test-engineer", task: "Test adaptive target" }, { role: "writer", task: "Summarize adaptive target" }] }] })}\nADAPTIVE_PLAN_JSON_END`
+				: `[MOCK] JSON success for ${input.agent.name}`;
 			const stdout = `${JSON.stringify({ type: "message", message: { role: "assistant", content: [{ type: "text", text }] } })}\n${JSON.stringify({ type: "message_end", usage: { input: 10, output: 5, cost: 0.001, turns: 1 } })}\n`;
 			observeStdoutChunk(input, stdout);
 			return { exitCode: 0, stdout, stderr: "" };
 		}
-		if (mock === "retryable-failure") return { exitCode: 1, stdout: "", stderr: "rate limit: mock failure" };
-		return { exitCode: 1, stdout: "", stderr: `mock failure: ${mock}` };
+		if (mock === "retryable-failure") return { exitCode: 1, stdout: "", stderr: "[MOCK] rate limit: mock failure" };
+		return { exitCode: 1, stdout: "", stderr: `[MOCK] failure: ${mock}` };
 	}
-	const built = buildPiWorkerArgs({ task: effectiveTask, agent: input.agent, model: input.model, sessionEnabled: true, maxDepth: input.maxDepth, skillPaths: input.skillPaths });
+	const built = buildPiWorkerArgs({ task: effectiveTask, agent: input.agent, model: input.model, sessionEnabled: true, maxDepth: input.maxDepth, skillPaths: input.skillPaths, role: input.role });
 	const spawnSpec = getPiSpawnCommand(built.args);
 	try {
 		return await new Promise<ChildPiRunResult>((resolve) => {
@@ -393,6 +420,10 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				activeChildProcesses.set(child.pid, child);
 				input.onSpawn?.(child.pid);
 				input.onLifecycleEvent?.({ type: "spawned", pid: child.pid, ts: new Date().toISOString() });
+				// Register with cleanup handler for graceful shutdown
+				if (input.runId && input.agentId) {
+					registerChildProcess(child.pid, input.runId, input.agentId);
+				}
 			} else {
 				input.onLifecycleEvent?.({ type: "spawn_error", error: "spawn returned no pid", ts: new Date().toISOString() });
 			}
@@ -414,6 +445,36 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 			let hardKilled = false;
 			const cleanupErrors: string[] = [];
 			let turnCount = 0;
+			// Track in-flight operations for proper rejection on unexpected exit
+			interface PendingOperation {
+				id: string;
+				type: "prompt" | "steer" | "json_event";
+				startedAt: number;
+			}
+			const pendingOperations = new Map<string, PendingOperation>();
+			let operationIdCounter = 0;
+
+			const startOperation = (type: PendingOperation["type"]): string => {
+				const id = `op-${++operationIdCounter}`;
+				pendingOperations.set(id, { id, type, startedAt: Date.now() });
+				return id;
+			};
+
+			const completeOperation = (id: string): void => {
+				pendingOperations.delete(id);
+			};
+
+			const rejectPendingOperations = (error: Error): void => {
+				pendingOperations.forEach((op, id) => {
+					logInternalError(
+						"child-pi.pending-operation-rejected",
+						error,
+						`opId=${id} type=${op.type} elapsed=${Date.now() - op.startedAt}ms`,
+					);
+				});
+				pendingOperations.clear();
+			};
+
 			let softLimitReached = false;
 			const maxTurns = input.maxTurns;
 			const graceTurns = input.graceTurns;
@@ -450,20 +511,27 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				},
 				onJsonEvent: (event) => {
 					restartNoResponseTimer();
-					// Turn-count-based steering: soft limit steer + hard abort after graceTurns
-					if (event && typeof event === "object" && !Array.isArray(event)) {
-						const obj = event as Record<string, unknown>;
-						if (obj.type === "turn_end") {
-							turnCount += 1;
-							if (maxTurns !== undefined && !softLimitReached && turnCount >= maxTurns) {
-								softLimitReached = true;
-								// Inject steer via stdin to tell child to wrap up
-								child.stdin?.write(JSON.stringify({ type: "steer", message: "You have reached your turn limit. Wrap up immediately — provide your final answer now." }) + "\n");
-							} else if (maxTurns !== undefined && softLimitReached && turnCount >= maxTurns + (graceTurns ?? 5)) {
-								// Hard abort — terminate after grace turns
-								try { child.kill(process.platform === "win32" ? undefined : "SIGTERM"); } catch { /* best-effort */ }
+					const eventOpId = startOperation("json_event");
+					try {
+						// Turn-count-based steering: soft limit steer + hard abort after graceTurns
+						if (event && typeof event === "object" && !Array.isArray(event)) {
+							const obj = event as Record<string, unknown>;
+							if (obj.type === "turn_end") {
+								turnCount += 1;
+								if (maxTurns !== undefined && !softLimitReached && turnCount >= maxTurns) {
+									softLimitReached = true;
+									// Inject steer via stdin to tell child to wrap up
+									child.stdin?.write(JSON.stringify({ type: "steer", message: "You have reached your turn limit. Wrap up immediately — provide your final answer now." }) + "\n");
+								} else if (maxTurns !== undefined && softLimitReached && turnCount >= maxTurns + (graceTurns ?? 5)) {
+									// Hard abort — terminate after grace turns
+									try { child.kill(process.platform === "win32" ? undefined : "SIGTERM"); } catch { /* best-effort */ }
+								}
 							}
 						}
+						completeOperation(eventOpId);
+					} catch (err) {
+						completeOperation(eventOpId);
+						throw err;
 					}
 					input.onJsonEvent?.(event);
 					if (!isFinalAssistantEvent(event) || childExited || settled || finalDrainTimer) return;
@@ -587,20 +655,38 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				stderr = appendBoundedTail(stderr, chunk.toString("utf-8"));
 			});
 			child.on("error", (error) => {
+				// Reject pending operations with process error context
+				const processError = new Error(
+					`Child Pi process error: ${error.message}. Stderr: ${stderr.slice(-500) || "(none)"}`,
+				);
+				rejectPendingOperations(processError);
 				try {
-					input.onLifecycleEvent?.({ type: "spawn_error", pid: child.pid, error: error.message, ts: new Date().toISOString() });
+					input.onLifecycleEvent?.({ type: "spawn_error", pid: child.pid, error: processError.message, ts: new Date().toISOString(), stderrExcerpt: stderr.slice(-500) || undefined });
 				} catch (err) {
 					logInternalError("child-pi.on-lifecycle-event", err, `event=error, pid=${child.pid}`);
 				}
-				settle({ exitCode: null, stdout, stderr, error: error.message });
+				settle({ exitCode: null, stdout, stderr, error: processError.message });
 			});
-			child.on("exit", (code) => {
+			child.on("exit", (code, signal) => {
 				if (child.pid) {
 					activeChildProcesses.delete(child.pid);
 					clearHardKillTimer(child.pid);
+					// Unregister from cleanup handler
+					unregisterChildProcess(child.pid);
+				}
+				// Build comprehensive exit error for unexpected exits
+				const isUnexpectedExit = !childExited && !settled && !responseTimeoutHit && !abortRequested;
+				const exitError = isUnexpectedExit
+					? new Error(
+						`Child Pi process exited unexpectedly (code=${code ?? "null"} signal=${signal ?? "null"}). `
+						+ `Stderr: ${stderr.slice(-1000) || "(none)"}`,
+					)
+					: null;
+				if (exitError) {
+					rejectPendingOperations(exitError);
 				}
 				try {
-					input.onLifecycleEvent?.({ type: "exit", pid: child.pid, exitCode: code, ts: new Date().toISOString() });
+					input.onLifecycleEvent?.({ type: "exit", pid: child.pid, exitCode: code, ts: new Date().toISOString(), error: exitError?.message, stderrExcerpt: isUnexpectedExit ? stderr.slice(-1000) || undefined : undefined });
 				} catch (err) {
 					logInternalError("child-pi.on-lifecycle-event", err, `event=exit, pid=${child.pid}`);
 				}
@@ -618,6 +704,8 @@ export async function runChildPi(input: ChildPiRunInput): Promise<ChildPiRunResu
 				if (child.pid) {
 					activeChildProcesses.delete(child.pid);
 					clearHardKillTimer(child.pid);
+					// Unregister from cleanup handler
+					unregisterChildProcess(child.pid);
 				}
 				try {
 					input.onLifecycleEvent?.({ type: "close", pid: child.pid, exitCode, ts: new Date().toISOString() });

package/src/runtime/crash-recovery.ts

@@ -15,6 +15,7 @@ import { activeRunEntries, unregisterActiveRun, readActiveRunRegistry } from "..
 import { resolveRealContainedPath } from "../utils/safe-paths.ts";
 import { projectCrewRoot, userCrewRoot } from "../utils/paths.ts";
 import { terminateLiveAgentsForRun } from "./live-agent-manager.ts";
+import { logInternalError } from "../utils/internal-error.ts";
 
 export interface RecoveryPlan {
 	runId: string;
@@ -159,7 +160,7 @@ export function cancelOrphanedRuns(
 			cancelled.push(manifest.runId);
 			cancelledRun = true;
 		});
-		if (cancelledRun) void terminateLiveAgentsForRun(manifest.runId, "cancelled", appendEvent, loaded.manifest.eventsPath).catch(() => {});
+		if (cancelledRun) void terminateLiveAgentsForRun(manifest.runId, "cancelled", appendEvent, loaded.manifest.eventsPath).catch((error) => logInternalError("crash-recovery.orphan.terminate", error, `runId=${manifest.runId}`));
 	}
 
 	return { cancelled, skipped };
@@ -268,7 +269,7 @@ export function purgeStaleActiveRunIndex(staleThresholdMs = 300_000, now = Date.
 							saveRunTasks(fullLoaded.manifest, repairedTasks);
 							for (const task of repairedTasks) { try { upsertCrewAgent(fullLoaded.manifest, recordFromTask(fullLoaded.manifest, task, "scaffold")); } catch { /* non-critical */ } }
 							updateRunStatus(fullLoaded.manifest, "cancelled", "Orphaned run: worker process dead and no recent activity");
-							void terminateLiveAgentsForRun(fullLoaded.manifest.runId, "cancelled", appendEvent, fullLoaded.manifest.eventsPath).catch(() => {});
+							void terminateLiveAgentsForRun(fullLoaded.manifest.runId, "cancelled", appendEvent, fullLoaded.manifest.eventsPath).catch((error) => logInternalError("crash-recovery.pid-dead.terminate", error, `runId=${fullLoaded.manifest.runId}`));
 						}
 					} catch {
 						// Best-effort manifest cleanup
@@ -299,7 +300,7 @@ export function purgeStaleActiveRunIndex(staleThresholdMs = 300_000, now = Date.
 						saveRunTasks(fullLoaded.manifest, repairedTasks);
 						for (const task of repairedTasks) { try { upsertCrewAgent(fullLoaded.manifest, recordFromTask(fullLoaded.manifest, task, "scaffold")); } catch { /* non-critical */ } }
 						updateRunStatus(fullLoaded.manifest, "cancelled", "Orphaned run: no async worker and no manifest update in over " + Math.round(staleThresholdMs / 60000) + " minutes");
-						void terminateLiveAgentsForRun(fullLoaded.manifest.runId, "cancelled", appendEvent, fullLoaded.manifest.eventsPath).catch(() => {});
+						void terminateLiveAgentsForRun(fullLoaded.manifest.runId, "cancelled", appendEvent, fullLoaded.manifest.eventsPath).catch((error) => logInternalError("crash-recovery.pid-dead.terminate", error, `runId=${fullLoaded.manifest.runId}`));
 					}
 				} catch {
 					// Best-effort
@@ -335,7 +336,7 @@ export function reconcileAllStaleRuns(cwd: string, manifestCache: ManifestCache,
 				for (const task of result.repairedTasks) { try { upsertCrewAgent(fresh.manifest, recordFromTask(fresh.manifest, task, "scaffold")); } catch { /* non-critical */ } }
 			}
 				updateRunStatus(fresh.manifest, "failed", `Stale run reconciled: ${result.detail}`);
-				void terminateLiveAgentsForRun(fresh.manifest.runId, "failed", appendEvent, fresh.manifest.eventsPath).catch(() => {});
+				void terminateLiveAgentsForRun(fresh.manifest.runId, "failed", appendEvent, fresh.manifest.eventsPath).catch((error) => logInternalError("crash-recovery.reconcile.terminate", error, `runId=${fresh.manifest.runId}`));
 				appendEvent(fresh.manifest.eventsPath, { type: "crew.run.reconciled_stale", runId: manifest.runId, message: result.detail, data: { verdict: result.verdict } });
 			}
 			if (result.verdict !== "healthy") {

package/src/runtime/crew-agent-runtime.ts

@@ -7,6 +7,7 @@ export type CrewAgentStatus = "queued" | "running" | "waiting" | "completed" | "
 export interface CrewAgentRecentTool {
 	tool: string;
 	args?: string;
+	startedAt?: string;
 	endedAt: string;
 }
 

package/src/runtime/custom-tools/irc-tool.ts

@@ -44,6 +44,19 @@ const IrcParams = Type.Object({
 
 type IrcParams = Static<typeof IrcParams>;
 
+/**
+ * Output schema for the irc tool's `details` field.
+ * All fields are optional — only present when relevant to the operation.
+ *
+ * Schema:
+ *   op         — Always present. "send" | "list"
+ *   from       — Sender agent ID. Present on all responses.
+ *   to         — Recipient agent ID. Present on send responses.
+ *   delivered  — Array of agent IDs that received the message. Present on send.
+ *   notFound   — Array of agent IDs that were unknown or unavailable. Present on send.
+ *   peers      — Array of { id, status } for list operation.
+ *   error      — Human-readable error description. Present when the operation failed.
+ */
 interface IrcDetails {
 	op: "send" | "list";
 	from?: string;

package/src/runtime/custom-tools/submit-result-tool.ts

@@ -12,6 +12,7 @@
 import { defineTool, type ToolDefinition } from "@earendil-works/pi-coding-agent";
 import { Type, type Static } from "@sinclair/typebox";
 import type { YieldResult } from "../yield-handler.ts";
+import { logInternalError } from "../../utils/internal-error.ts";
 
 const SubmitResultParams = Type.Object({
 	summary: Type.String({ description: "Summary of completed work." }),
@@ -81,8 +82,8 @@ export function createSubmitResultTool(
 			};
 			try {
 				onYield(result);
-			} catch {
-				// Yield handler failure should not prevent tool response
+			} catch (error) {
+				logInternalError("submit-result-tool.yield", error, toolCallId);
 			}
 			return response;
 		},

package/src/runtime/delivery-coordinator.ts

@@ -28,11 +28,10 @@ export class DeliveryCoordinator {
 	private flushing = false;
 	private readonly deps: DeliveryCoordinatorDeps;
 	private ttlTimer: ReturnType<typeof setInterval> | undefined;
+	private timerStarted = false;
 
 	constructor(deps: DeliveryCoordinatorDeps) {
 		this.deps = deps;
-		this.ttlTimer = setInterval(() => this.evictExpired(), 60_000);
-		this.ttlTimer.unref();
 	}
 
 	activate(sessionId: string): void {
@@ -102,9 +101,11 @@ export class DeliveryCoordinator {
 
 	flushQueuedResults(): void {
 		if (!this.active || this.pending.length === 0) return;
-		// H7: Set flushing BEFORE splice to prevent re-entrancy
+		// HIGH-16/ MEDIUM-16: Set flushing BEFORE splice to prevent re-entrancy
 		if (this.flushing) return;
 		this.flushing = true;
+		// Note: this.flushing is now set, so concurrent calls will exit early due to the check above
+		// This serves as a simple lock to prevent race conditions
 		const batch = this.pending.splice(0);
 		try {
 			const retryLater: PendingDelivery[] = [];
@@ -162,6 +163,12 @@ export class DeliveryCoordinator {
 	}
 
 	private enqueue(delivery: PendingDelivery): void {
+		// Lazily start the TTL timer on first enqueue (only if never started)
+		if (!this.timerStarted) {
+			this.timerStarted = true;
+			this.ttlTimer = setInterval(() => this.evictExpired(), 60_000);
+			this.ttlTimer.unref();
+		}
 		this.pending.push({ ...delivery, generation: this.generation });
 	}