FE-841: Pi agent foundations β in-process SDK, toolchain profiles#194
Conversation
PR SummaryHigh Risk Overview Toolchain profiles are data-driven in Docs ( Reviewed by Cursor Bugbot for commit a565a73. Bugbot is set up for automated code reviews on this repo. Configure here. |
Dependency ReviewThe following issues were found:
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
kostandinang
force-pushed
the
ka/fe-841-pi-sdk-embed
branch
from
1b4e94a to
3e1665d
Compare
This stack of pull requests is managed by Graphite. Learn more about stacking. |
β¦endency
Replace the spawn('pi', β¦) subprocess in pi-actions.ts with an in-process
createAgentSession over @earendil-works/pi-coding-agent (pinned 0.79.1), so a
fresh checkout no longer needs an external pi binary on $PATH β only
ANTHROPIC_API_KEY.
- buildSessionOptions maps the old CLI flags to SDK config: tools allowlist,
model-registry lookup, system-prompt override, in-memory session + empty
resource overrides (no context files).
- Auth fed from brunch's own ANTHROPIC_API_KEY (no pi login / ~/.pi/auth.json);
one reused per-process agent dir, no per-call temp leak.
- Output captured off text_delta events (never brunch's stdout, keeps the cook
SSE stream clean); cooperative timeout + 10MB output cap.
- Read-only evaluator scoping (I126-K) preserved via the SDK tools allowlist;
injectable SessionFactory keeps the drive loop offline-testable.
- Drops the `which pi` prereq from the cook guide (npx pi for the interim helper).
- Override transitive hono to 4.12.25 (patches the moderate advisories the
dependency-review gate flags).
- PI_REAL_LLM-gated smoke proves a real in-process run with no pi on $PATH.
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
kostandinang
force-pushed
the
ka/fe-841-pi-sdk-embed
branch
from
a6b27a5 to
81e0833
Compare
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
β¦ard queue Co-authored-by: Claude <noreply@anthropic.com>
β¦t/deno profiles Profiles are now data literals (path templates + argv template + conventions prose) compiled into the unchanged Toolchain interface β adding a runtime is one data entry. Registry invariants pinned enumerably across all profiles. Co-authored-by: Claude <noreply@anthropic.com>
β¦d into plan.yaml brunch plan gains --profile=<id> (validated via parseProfileId); the emitter resolves the chain once and stamps the id on both the authored and fallback plans, so cook always reads the profile the emitter used. resolveToolchain now throws UnknownProfileError on a typo'd id instead of silently running bun; absent stays lenient for hand-authored fixtures. Co-authored-by: Claude <noreply@anthropic.com>
architectPlan's schema gains an optional profile enum (registry ids, null when the spec is silent); the emitter chain becomes flag β« spec profile β« architect-classified β« bun. A hallucinated profile fails the schema parse and rides the existing deterministic fallback. D160-K intact β classification reads projected spec prose only. Queue exhausted: CARDS.md retired; PLAN frontier marked branch-complete. Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
kostandinang
changed the title
pi-coding-agent 0.79.1 pinned undici 8.3.0, which trips three advisories flagged by the dependency-review check (GHSA-38rv-x7px-6hhq, GHSA-vmh5-mc38-953g, GHSA-pr7r-676h-xcf6). 0.79.8 is the first patch release that depends on the fixed undici 8.5.0. A root override can't reach the SDK's exact-pinned nested undici, so bump the SDK itself.
Detect SDK-level assistant failures after prompt resolution so cook does not advance past a failed in-process agent run. Co-authored-by: Cursor <cursoragent@cursor.com>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
β Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 29dd141. Configure here.
Co-authored-by: Cursor <cursoragent@cursor.com>
2 participants
Stack Context
This is the foundation layer of the cook/brunch-serve stack. It establishes how the cook agent runs β embedded rather than shelled out β and how it targets a repo's test runner, so the brownfield-delivery and operational-hardening PRs above it can build on a stable agent runtime.
Consolidates two frontier items (FE-841, FE-843) into one PR.
What?
Embed pi as an in-process SDK (FE-841). Replace the external
piCLI dependency with an in-process SDK session β per-session cwd/tools, env-fed auth, no external install. Hardened with session guards, tightened timeouts and output caps, cleaned-up late setup timeouts, and pinned SDK patch levels (node floor + nested vulnerable patches).Data-driven toolchain profiles (FE-843). A profile registry (
node-vitest,node-test,node-jest,deno, β¦) replacing hardcoded toolchain assumptions. The architect classifies the profile from spec prose; selection precedence is flag β« spec β« bun, persisted intoplan.yaml. Inherited profile names are rejected.Why?
The cook agent previously depended on an external
piCLI and assumed a single toolchain. Neither is portable for autonomous brownfield delivery from a spec. Embedding the SDK removes an install-time dependency and gives per-session control; the data-driven profile registry lets the architect target the repo's real test runner instead of a hardcoded one.