On Windows, spawn(..., { detached: true }) prevents pwsh.exe (PowerShell) from
producing any stdout/stderr through pipe streams. This is because detached creates
a new process group which breaks pwsh's console host communication.
bash.exe and other cygwin/msys2 shells are unaffected by detached: true, but
they don't need it either -- on Windows, killProcessTree() already uses
taskkill /F /T /PID which kills the process tree by PID regardless of
whether the process was spawned detached.
The detached flag only matters on Unix, where kill(-pid, SIGKILL) requires a
process group that is only created via detached: true.
Fixes#4012
* fix(coding-agent): report edit access failures correctly closes#3894
- classify edit and edit-preview access errors by errno
- add regressions for missing, permission, and fallback cases
- document the fix in the coding-agent changelog
* chore: get rid of CHANGELOG.md entry
* refactor(coding-agent): apply review suggestions - use single error msg
* refactor(coding-agent): clean up test cases
* fix(typebox): migrate to v1 with extension compat
Replace AJV-based validation with TypeBox-native validation, keep legacy extension imports working (including @sinclair/typebox/compiler), and restore coercion for serialized/plain JSON schemas.
This change closes#3112.
* fix(typebox): use canonical imports and harden coercion
Switch first-party code to canonical typebox imports while retaining legacy extension aliases in the loader.
Remove obsolete runtime codegen guards, expand serialized JSON-schema coercion coverage, and update related tests and fixtures.
Fixes#3112.
---------
Co-authored-by: Mario Zechner <badlogicgames@gmail.com>
- treat tools as a global allowlist across built-in, extension, and SDK tools
- remove process-cwd singleton tool usage from SDK and CLI paths
- add regression coverage for extension tool filtering
closes#3452closes#2835
Some models (Opus 4.6, GLM-5.1) send the edits parameter as a JSON
string instead of a parsed array. This fails AJV validation with
'must be array' and models fall back to sed/python.
Parse stringified edits in prepareEditArguments before validation.
* feat(agent,coding-agent): add per-tool executionMode field to AgentTool and ToolDefinition
Add optional executionMode?: ToolExecutionMode to AgentTool and
ToolDefinition interfaces. Propagate through wrapToolDefinition and
createToolDefinitionFromAgentTool. No behavioral change yet — agent
loop will read this field in a follow-up.
* feat(agent): support per-tool executionMode override for sequential execution
When a tool defines executionMode='sequential', the agent loop
forces sequential execution of all tool calls in that batch,
even if the global config is parallel.
* feat(coding-agent): re-export ToolExecutionMode from @mariozechner/pi-agent-core
Makes the type available to extensions that want to set
executionMode on tool definitions.
* feat(coding-agent): add tic-tac-toe extension example with executionMode: sequential
Demonstrates per-tool executionMode: the agent plays via move/play
tool calls that share a cursor. Without sequential execution, play
can resolve before earlier moves finish, landing on the wrong cell.
The find tool previously collected every .gitignore under the search
path and passed them to fd via --ignore-file. fd treats --ignore-file
entries as a single global ignore source, so rules from a/.gitignore
also filtered files under sibling b/.
Drop the manual collection and pass --no-require-git instead, which
makes fd apply hierarchical .gitignore semantics whether or not a git
repo is present.
closes#3303
fd --glob matches against the basename unless --full-path is set, so
patterns containing '/' (e.g. 'src/**/*.spec.ts') silently returned no
results. When the pattern contains '/', switch fd into --full-path mode
and prepend '**/' unless the pattern already starts with '/', '**/', or
is '**'. Basename patterns keep the default matcher.
closes#3302
Add AgentTool.prepareArguments and ToolDefinition.prepareArguments hook
that runs before schema validation in the agent loop. This lets tools
silently accept legacy argument shapes from resumed old sessions without
polluting the public schema.
The built-in edit tool uses this to fold legacy top-level oldText/newText
into edits[] when resuming sessions that predate the edits-only schema.
- AgentTool/ToolDefinition: typed prepareArguments returning Static<TParameters>
- agent-loop: prepareToolCallArguments() runs before validateToolArguments()
- edit tool: prepareEditArguments folds legacy fields, validateEditInput is strict
- Documented in extensions.md with edit-tool example
Matches ToolResultEvent pattern with typed inputs via discriminated union.
- Export *ToolInput types from tool schemas
- Add *ToolCallEvent interfaces for each built-in tool
- Add isToolCallEventType() guard with overloads for built-ins
Direct narrowing (event.toolName === "bash") doesn't work due to
CustomToolCallEvent.toolName: string overlapping with literals.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixes#1078
- Add tryNFDVariant() to normalize paths to NFD form
- Add tryCurlyQuoteVariant() to convert straight quotes to curly quotes
- Try combined NFD + curly quote variant for French macOS screenshots
- Add comprehensive tests for path-utils
- Add ResourceLoader interface and DefaultResourceLoader implementation
- Add PackageManager for npm/git extension sources with install/remove/update
- Add session.reload() and session.bindExtensions() APIs
- Add /reload command in interactive mode
- Add CLI flags: --skill, --theme, --prompt-template, --no-themes, --no-prompt-templates
- Add pi install/remove/update commands for extension management
- Refactor settings.json to use arrays for skills, prompts, themes
- Remove legacy SkillsSettings source flags and filters
- Update SDK examples and documentation for ResourceLoader pattern
- Add theme registration and loadThemeFromPath for dynamic themes
- Add getShellEnv to include bin dir in PATH for bash commands
When 429/500 errors occur during tool execution, empty assistant messages
with stopReason='error' get persisted. These break the tool_use -> tool_result
chain for Claude/Gemini APIs.
Added centralized filtering in transformMessages to skip assistant messages
with empty content and no tool calls. Provider-level filters remain for
defense-in-depth.
Resolves pi-internal:// paths to the coding-agent package directory,
allowing the model to read internal documentation. Appends a hint
showing the filesystem path and instructing to use it for further reads.
- Validate working directory exists before spawning to provide clear error message
- Add spawn error handler to prevent uncaught exceptions when shell not found or cwd invalid
- Add tests for both error scenarios
Without these fixes, spawn errors (e.g., ENOENT from missing cwd or shell) would
cause uncaught exceptions that crash the entire agent session instead of being
returned as clean tool errors.
Co-authored-by: robinwander <robinwander@users.noreply.github.com>
- Extract diff computation from edit.ts into shared edit-diff.ts
- ToolExecutionComponent computes and caches diff when args are complete
- Diff is visible while permission hooks block, before tool executes