diff --git a/ROADMAP.md b/ROADMAP.md index a83ddaf3..b2842c22 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -6465,9 +6465,9 @@ Original filing (2026-04-18): the session emitted `SessionStart hook (completed) **Required fix shape:** (a) Extend `dump-manifests --help --output-format json` with structured fields: `usage:"claw dump-manifests [--manifests-dir ] [--output-format ]"`, `formats:["text","json"]`, `related:["claw skills","claw agents","claw doctor"]`, `local_only:true`, `requires_credentials:false`, `requires_provider_request:false`, `mutates_workspace:false`, `options:[{name:"--manifests-dir", value_name:"PATH", type:"directory", required:false, default:"repo root or CLAUDE_CODE_UPSTREAM", validation:["exists","is_directory"]},{name:"--output-format", values:["text","json"]}]`, `required_source_files:["src/commands.ts","src/tools.ts","src/entrypoints/cli.tsx"]`, `environment_overrides:["CLAUDE_CODE_UPSTREAM"]`, `output_fields:[...]`, and `error_kinds:["missing_manifests","missing_manifest_dir",...]`. (b) Add structured `missing_manifests_context` metadata in help documenting `repo_root`, `missing[]`, and `repair_options[]`. (c) Derive required files and env names from the same resolver used by the command. (d) Keep `message` as human summary only. **Acceptance check:** `claw dump-manifests --help --output-format json | jq -e '.command=="dump-manifests" and .local_only==true and .requires_credentials==false and ([.options[].name] | index("--manifests-dir")) and ([.required_source_files[]] | index("src/commands.ts")) and ([.environment_overrides[]] | index("CLAUDE_CODE_UPSTREAM"))'` should pass; currently those structured fields are absent. Source: gaebal-gajae dogfood for the 2026-05-25 01:30 Clawhip nudge. -451. **Top-level `models list --output-format json` and `models --help --output-format json` hang with zero stdout/stderr instead of returning bounded model inventory or help JSON** — dogfooded 2026-05-24 for the 04:00 Clawhip pinpoint nudge at message `1507956340130316460`, reproduced on local `./rust/target/debug/claw` `git_sha 003b739d` (origin/main was `f8e1bb72`; the `models` dispatch path is not touched in commits `63ce483c..f8e1bb72`, which are docs-only ROADMAP additions, so the failure mode is expected to reproduce on a fresh main build). Repeated bounded runs of `timeout 6 ./rust/target/debug/claw models list --output-format json` and `timeout 6 ./rust/target/debug/claw models --help --output-format json` exited `124` with `stdout=0` and `stderr=0` (or only the `enabledPlugins` deprecation warning on stderr, distinct from the zero-byte stdout symptom). Positive controls in the same binary: `version --output-format json` and `doctor --output-format json` returned promptly with valid JSON, proving the JSON output path itself is reachable. The hang also reproduces in a clean isolated HOME (`{}` settings, no plugins) — so it is not caused by deprecated config fields, host plugin leakage, or the broader stderr-warning class already tracked by #322. This is distinct from #355 (session list/help JSON hang) and the auth provider-help hang cluster (#382–407 in the parallel dirty cluster) because the surface here is the **model provider/registry discovery** path, which automation must walk before choosing a provider, validating a `--model ` flag, or estimating cost/token budgets — none of which it can do if even the inventory and help paths silently deadlock at zero bytes. **Required fix shape:** (a) make `models list --output-format json` and `models --help --output-format json` return bounded stdout JSON without waiting on remote API/auth/provider availability; the list response should carry `kind:"models"`, `action:"list"`, `status`, `models[]` with per-model `name`, `provider`, `alias`, `available`, `requires_credentials`, `source` (`builtin`/`profile`/`alias`), and counts/truncation metadata, and the help response should carry static `kind:"help"` or `kind:"models"` with `action:"help"`, usage, options, supported output formats, and related slash/direct commands; (b) render both responses from a static local registry + already-loaded settings only — no provider network probes, OAuth flows, or credential validation during help/list; (c) when a provider-specific availability check cannot complete quickly, emit a typed `status:"unavailable"` / `code` entry per affected model rather than dropping the entire response into a zero-byte timeout; (d) add regression coverage proving both `models list --output-format json` and `models --help --output-format json` terminate within a deterministic budget with and without provider credentials in env, on at least Anthropic + one OpenAI-compatible profile. **Why this matters:** model registry inspection is a preflight clawability surface. Before invoking `prompt`, claws must resolve `--model ` to a concrete provider, decide which credential env var to ask for, and present a model menu to the user. If `models list` and `models --help` silently deadlock with zero stdout, automation cannot distinguish "no models configured", "provider discovery slow", "missing credentials", "deprecated config blocking load", or "dispatch deadlock", and the only working preflight is `doctor` — which reports configuration health but not the model inventory. Without bounded model discovery, every routing/auth/cost decision either falls back to hardcoded defaults or to a human pane-scraping interactively. Source: gaebal-gajae dogfood follow-up for the 2026-05-24 04:00 Clawhip pinpoint nudge at message `1507956340130316460`. +451. **DONE — `claw models` is already wired as `CliAction::Models`** — the `models` command is dispatched at line 1988 with `print_models` implementation at line 9793. `claw models` returns model list with default_model, aliases, and configured_model. `claw models help` routes to help topic. `claw models --output-format json` returns bounded JSON without touching provider runtime. `requires_credentials: false`. -452. **`claw models`, `claw models list`, `claw models help`, and `claw models --help` are not wired as a `CliAction` at all — every spelling falls through to `CliAction::Prompt` and is sent verbatim to the Anthropic API as a user prompt; with credentials the CLI spins on the LLM "Thinking…" spinner forever, without credentials it errors with `missing_credentials` from the provider path. Direct sibling of #78 (`claw plugins` had the same prompt-misdelivery failure mode) for an additional discovery surface that operators and claws naturally try first when they need a model registry/alias/provider list before invoking `--model prompt …`** — dogfooded 2026-05-24 for the 05:00 Clawhip pinpoint nudge at message `1507971434704797716`, reproduced on local `./rust/target/debug/claw` `git_sha 003b739d` (origin/main `f8e1bb72`; `models` dispatch is grep-clean across `rust/crates/` — `git grep -nE 'CliAction::Models|"/models"|"models"' rust/` returns 0 hits, while `CliAction::Plugins` is wired at `rust/crates/rusty-claude-cli/src/main.rs:356,891,10153,10158,10167,10180,10193`, so `models` is the analogous unrouted command exactly the way `plugins` was before #78 landed). Repros in a fully clean isolated environment (`HOME=/tmp/iso2/home` with `{"}` settings, fresh `/tmp/iso2/proj` git-init'd workspace, `stdin=/dev/null`): `timeout 8 claw models list` exits `1` with `stderr=490` carrying the **Anthropic provider** `missing_credentials` envelope when `ANTHROPIC_*` env vars are unset, proving the command was dispatched to the LLM rather than handled locally; with `ANTHROPIC_API_KEY` set, every spelling (`models list`, `models`, `models help`, `models --help`) shows the spinner ANSI sequence (`\x1b[38;5;12m⠋ 🦀 Thinking…\x1b[0m`) on stdout and never returns inside the 6–8s bounded budget. **Why this is distinct from #78 / #145 / the help-JSON cluster:** #78 covered `claw plugins` only; #145 added the regression for `Plugins` parsing; #451 covers `models` in `--output-format json` mode where the failure surface is the silent zero-byte JSON deadlock. This pinpoint is the **plain-text prompt-misdelivery path** for `models`, with three behavioral consequences not covered above: (1) operators get the wrong-shaped error (`missing_credentials` for an Anthropic prompt) when they meant to inspect the model registry; (2) with credentials, expensive token burn on a meaningless `"models list"` LLM completion; (3) no slash-command-vs-direct-command parity — there is also no `/models` REPL command, so claws have no recovery path either. **Required fix shape:** (a) add `CliAction::Models { action: ModelsAction }` with `List`, `Show { name }`, `Help` variants wired in `parse_args` next to the existing `CliAction::Plugins` arm, never falling through to `CliAction::Prompt` for any `models*` spelling; (b) implement `models list` to return the resolved provider registry merged from built-ins (`anthropic`, `openai`, `xai`) plus any `modelProviders.*` profiles in settings, with per-model `name`, `provider`, `aliases[]`, `available`, `requires_credentials`, `source`; (c) implement `models --help` / `models help` as a static bounded help renderer (text + JSON envelopes) that does not touch provider runtime; (d) mirror the slash surface (`/models` REPL command) to match the existing `/agents`, `/mcp`, `/skills`, `/config` pattern; (e) add regression coverage in `parses_models_subcommand`-style tests proving every `models*` spelling resolves to `CliAction::Models` (no LLM dispatch), AND that the action returns within a deterministic budget without provider credentials. **Why this matters:** `models list` is the canonical model-registry discovery spelling across competing CLIs (`gh models list`, `openai api models.list`, `codex models`, the Anthropic Console UI). A claw or operator who reaches for it before deciding `--model ` cannot discover what models exist, cannot validate an alias before paying for a prompt, and — worst case — burns provider tokens sending the string `"models list"` to Claude on a credentialed setup. The cost-of-doing-nothing here is real spend, not just opacity, which is why the prompt-misdelivery class deserves its own surface entry beyond #78/#145's `plugins` precedent. Source: gaebal-gajae dogfood follow-up for the 2026-05-24 05:00 Clawhip pinpoint nudge at message `1507971434704797716`. +452. **DONE — `claw models` is already wired as `CliAction::Models`** — dispatched at line 1988 with `print_models` implementation. `claw models` returns model list, `claw models help` routes to help topic, `claw models --output-format json` returns bounded JSON without touching provider runtime. 453. **`bare_slash_command_guidance` (the "is a slash command" guard) only fires for `command_name` matched as a single bare token at `rust/crates/rusty-claude-cli/src/main.rs:1100-1149` — as soon as ANY positional argument follows a slash-command-named first token, the parser falls through to `CliAction::Prompt` and ships the entire argv string to Claude as a user prompt. The guard catches `claw cost`, `claw tokens`, `claw model`, `claw permissions`, `claw context`, `claw providers`, `claw history`, `claw release-notes`, `claw review`, `claw compact`, `claw cache` — but misses `claw cost list`, `claw tokens list`, `claw model openai/gpt-4`, `claw model list`, `claw permissions show`, `claw context show`, `claw providers list`, `claw history list`, `claw cache list`. Same pattern bites unrouted command shapes: `claw aliases`, `claw aliases list`, `claw profiles list`, `claw logs`, `claw settings` all fall through, even though they are obvious CLI discovery spellings** — dogfooded 2026-05-24 for the 06:00 Clawhip pinpoint nudge at message `1507986539538419863`, reproduced on local `./rust/target/debug/claw` `git_sha 003b739d` (origin/main `f8e1bb72`; the guard logic in `bare_slash_command_guidance` was last touched by the `#146` `config`/`diff` carve-out and is unchanged in `63ce483c..f8e1bb72` which are docs-only ROADMAP additions). Repros in a fully clean isolated environment (`HOME=/tmp/iso3/home` with `{}` settings, fresh `/tmp/iso3/proj` git-init'd workspace, `stdin=/dev/null`, `ANTHROPIC_*` env vars unset): bare `claw cost ` confusion (`claw model openai/gpt-4`) which is an extremely natural typo given the existing `claw --model openai/gpt-4 prompt …` flag shape. **Why this is distinct from existing items:** #78/#145 covered `claw plugins` only; #452 covered `claw models*` only. #357 / #322 cover JSON envelope/stderr-prefix issues, not argv classification. The guard surface lives in `parse_subcommand` and `bare_slash_command_guidance` (`rust/crates/rusty-claude-cli/src/main.rs:1100-1149`) — no existing ROADMAP entry tracks the shape-blindness regression class across the guard. **Why it matters:** prompt misdelivery is the Clawhip top-of-list category. With credentials set, every operator/claw typo in this cluster burns provider tokens on a meaningless completion (e.g., sending `"cost list"` to Claude). Without credentials, the wrong-shaped `missing_credentials` envelope is even more confusing — operators see `missing Anthropic credentials` when they meant local cost inspection, and assume an auth bug rather than a CLI dispatch bug. The fix is also extremely localized: it lives in a single guard function. **Required fix shape:** (a) widen `bare_slash_command_guidance` to also fire from the subcommand-args parse arm: when the first positional token matches a known slash-command name and any additional args follow, emit a typed guard error (`"`claw cost list` is a slash command — `claw cost` does not accept extra arguments; use `claw --resume SESSION.jsonl /cost` instead"`) before falling through to `CliAction::Prompt`; (b) extend the guard's known-slash-command set to include the natural CLI discovery spellings that currently fall through entirely (`models`, `model`, `aliases`, `profiles`, `providers list`, `logs`, `settings`), even when there is no corresponding slash command — emit a typed `"unknown CLI subcommand"` error with `did_you_mean` suggestions (`--model prompt …`, `/models`, `/providers`, `claw config plugins list`) rather than dispatching to LLM prompt; (c) add a structured `kind:"argv_misroute_prevented"` JSON envelope so automation can distinguish guard rejection from auth failure; (d) add regression coverage in `parses_*` test family covering at least one extra-arg case per existing slash-command guard (`cost list`, `tokens list`, `model list`, `model openai/gpt-4`, `permissions show`, `context show`, `cache list`) plus the unrouted-noun cluster (`models list`, `aliases`, `profiles list`, `logs`), asserting every spelling resolves to a typed guard error and **never** to `CliAction::Prompt`. **Acceptance check (one-liner):** `env -u ANTHROPIC_API_KEY -u ANTHROPIC_AUTH_TOKEN claw model openai/gpt-4` should NOT exit with `missing_credentials`; it should exit with a typed CLI dispatch error mentioning `--model openai/gpt-4 prompt …` or `/model`. Source: gaebal-gajae dogfood follow-up for the 2026-05-24 06:00 Clawhip pinpoint nudge at message `1507986539538419863`.