eeymoo/claw-code
1
0
Fork 0
mirror of https://github.com/instructkr/claw-code.git synced 2026-04-26 10:44:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: eeymoo:feat/jobdori-152-bootstrap-plan-suffix-guard
Branches Tags
eeymoo:main eeymoo:feat/jobdori-168c-emission-routing eeymoo:claw-code-issue-188k-brand-redesign eeymoo:feat/jobdori-122b-doctor-broad-cwd eeymoo:feat/jobdori-122-doctor-stale-base eeymoo:feat/jobdori-152-bootstrap-plan-suffix-guard eeymoo:feat/jobdori-152-init-suffix-guard eeymoo:feat/jobdori-130e-surface-help eeymoo:feat/jobdori-130e-dispatch-help eeymoo:feat/jobdori-130d-config-help eeymoo:feat/jobdori-130c-diff-help eeymoo:feat/jobdori-130b-filesystem-context eeymoo:feat/jobdori-251-session-dispatch eeymoo:feat/jobdori-249-resumed-slash-kind eeymoo:feat/jobdori-248-unknown-verb-option-classify eeymoo:feat/jobdori-247-classify-prompt-errors eeymoo:feat/134-135-session-identity eeymoo:feat/jobdori-130-export-error-envelope eeymoo:fix/linux-hooks-broken-pipe eeymoo:dev/rust eeymoo:feat/provider-routing-parity eeymoo:feat/batch3-all eeymoo:fix/ui-parity eeymoo:fix/plugin-loading-parity eeymoo:fix/skill-invoke eeymoo:release/0.1.0 eeymoo:feat/release-0.1.0-readme eeymoo:feat/uiux-redesign eeymoo:feat/ui-hardening eeymoo:integration/dori-cleanroom eeymoo:rcc/plugins eeymoo:rcc/cache-tracking eeymoo:rcc/telemetry eeymoo:rcc/jsonl-session eeymoo:rcc/grok eeymoo:rcc/hook-pipeline eeymoo:rcc/api eeymoo:rcc/parity-fix eeymoo:rcc/subagent eeymoo:rcc/ant-tools eeymoo:rcc/hooks eeymoo:rcc/ui-polish eeymoo:rcc/cli eeymoo:rcc/render eeymoo:rcc/sandbox eeymoo:rcc/git eeymoo:rcc/thinking eeymoo:rcc/runtime eeymoo:rcc/update eeymoo:rcc/doctor eeymoo:rcc/tools eeymoo:rcc/image eeymoo:rcc/memory eeymoo:rcc/cost
..
compare: eeymoo:feat/jobdori-248-unknown-verb-option-classify
Branches Tags
eeymoo:feat/jobdori-168c-emission-routing eeymoo:claw-code-issue-188k-brand-redesign eeymoo:feat/jobdori-122b-doctor-broad-cwd eeymoo:feat/jobdori-122-doctor-stale-base eeymoo:feat/jobdori-152-bootstrap-plan-suffix-guard eeymoo:feat/jobdori-152-init-suffix-guard eeymoo:feat/jobdori-130e-surface-help eeymoo:feat/jobdori-130e-dispatch-help eeymoo:feat/jobdori-130d-config-help eeymoo:feat/jobdori-130c-diff-help eeymoo:feat/jobdori-130b-filesystem-context eeymoo:feat/jobdori-251-session-dispatch eeymoo:feat/jobdori-249-resumed-slash-kind eeymoo:feat/jobdori-248-unknown-verb-option-classify eeymoo:feat/jobdori-247-classify-prompt-errors eeymoo:main eeymoo:feat/134-135-session-identity eeymoo:feat/jobdori-130-export-error-envelope eeymoo:fix/linux-hooks-broken-pipe eeymoo:dev/rust eeymoo:feat/provider-routing-parity eeymoo:feat/batch3-all eeymoo:fix/ui-parity eeymoo:fix/plugin-loading-parity eeymoo:fix/skill-invoke eeymoo:release/0.1.0 eeymoo:feat/release-0.1.0-readme eeymoo:feat/uiux-redesign eeymoo:feat/ui-hardening eeymoo:integration/dori-cleanroom eeymoo:rcc/plugins eeymoo:rcc/cache-tracking eeymoo:rcc/telemetry eeymoo:rcc/jsonl-session eeymoo:rcc/grok eeymoo:rcc/hook-pipeline eeymoo:rcc/api eeymoo:rcc/parity-fix eeymoo:rcc/subagent eeymoo:rcc/ant-tools eeymoo:rcc/hooks eeymoo:rcc/ui-polish eeymoo:rcc/cli eeymoo:rcc/render eeymoo:rcc/sandbox eeymoo:rcc/git eeymoo:rcc/thinking eeymoo:rcc/runtime eeymoo:rcc/update eeymoo:rcc/doctor eeymoo:rcc/tools eeymoo:rcc/image eeymoo:rcc/memory eeymoo:rcc/cost

1 Commits
feat/jobdo ... feat/jobdo

Author SHA1 Message Date
YeonGyu-Kim
6c09172b9f feat(#248): Fix test visibility and refine verb-option detector precision 
## Fixes

1. **Test visibility**: Added is_unknown_verb_option_error to mod tests
   use super import list so tests can call the detector function.

2. **Detector precision**: The verb-option detector was incorrectly matching
   'unknown option: --foo' (generic form missing a verb). Tightened the
   detector to require a non-empty, space-free verb between 'unknown '
   and ' option:'. Now correctly matches only verb-qualified rejections like:
   - 'unknown system-prompt option: --json'
   - 'unknown export option: --bogus'

## Test Results

- All 180 library tests pass
- 4 new #248-specific classifier tests pass:
  - classify_error_kind_covers_verb_qualified_unknown_options_248
  - is_unknown_verb_option_error_only_matches_verb_qualified_shape_248
- No regressions (all existing classifier paths still classifying correctly)

## Status

#248 implementation is complete and tested. Branch is ready for code review
before merging to main. The implementation extends the classifier to handle
verb-qualified unknown-option rejections across all subcommands (system-prompt,
export, dump-manifests, etc.) plus unknown subcommand/slash-command rejections
at the top level.
 2026-04-23 00:24:00 +09:00
3 changed files with 113 additions and 1084 deletions
Expand all files Collapse all files

334
ROADMAP.md
View File

@@ -4929,7 +4929,7 @@ ear], /color [scheme], /effort [low|medium|high], /fast, /summary, /tag [label],
**Source.** Jobdori dogfood 2026-04-20 against `/tmp/claw-mcp-test` (env-cleaned, working `mcpServers.everything = npx -y @modelcontextprotocol/server-everything`) on main HEAD `8122029` in response to Clawhip dogfood nudge / 10-min cron. Joins **MCP lifecycle gap family** as runtime-side companion to **#102** — #102 catches config-time silence (no preflight, no command-exists check); #129 catches runtime-side blocking (handshake await ordered before cred check, retried silently, no deadline). Joins **Truth-audit / diagnostic-integrity** (#80#87, #89, #100, #102, #103, #105, #107, #109, #110, #112, #114, #115, #125, #127) — the hang surfaces no events, no exit code, no signal. Joins **Auth-precondition / fail-fast ordering family** — cheap deterministic preconditions should run before expensive externally-controlled ones. Cross-cluster with **Recovery / wedge-recovery** — a misbehaved MCP server wedges every subsequent Prompt invocation; current recovery is "kill -9 the parent." Cross-cluster with **PARITY.md Lane 7 acceptance gap** — the Lane 7 merge added the bridge but didn't add startup-deadline + cred-precheck ordering, so the lane is technically merged but functionally incomplete for unattended claw use. Natural bundle: **#102 + #129** — MCP lifecycle visibility pair: config-time preflight (#102) + runtime-time deadline + cred-precheck (#129). Together they make MCP failures structurally legible from both ends. Also **#127 + #129** — Prompt-path silent-failure pair: verb-suffix args silently routed to Prompt (#127, fixed) + Prompt path silently blocks on MCP (#129). With #127 fixed, the `claw doctor --json` consumer no longer accidentally trips the #129 wedge — but the wedge still affects every legitimate Prompt invocation. Session tally: ROADMAP #129.
130. **[STILL OPEN — re-verified 2026-04-22 cycle #39 on main HEAD `186d42f`]** **`claw export --output <path>` filesystem errors surface raw OS errno strings with zero context — no path that failed, no operation that failed (open/write/mkdir), no structured error kind, no actionable hint, and the `--output-format json` envelope flattens everything to `{"error":"<raw errno string>","type":"error"}`. Five distinct filesystem failure modes all produce different raw errno strings but the same zero-context shape. The boilerplate `Run claw --help for usage` trailer is also misleading because these are filesystem errors, not usage errors** — dogfooded 2026-04-20 on main HEAD `d2a8341` from `/Users/yeongyu/clawd/claw-code/rust` (real session file present).
130. **`claw export --output <path>` filesystem errors surface raw OS errno strings with zero context — no path that failed, no operation that failed (open/write/mkdir), no structured error kind, no actionable hint, and the `--output-format json` envelope flattens everything to `{"error":"<raw errno string>","type":"error"}`. Five distinct filesystem failure modes all produce different raw errno strings but the same zero-context shape. The boilerplate `Run claw --help for usage` trailer is also misleading because these are filesystem errors, not usage errors** — dogfooded 2026-04-20 on main HEAD `d2a8341` from `/Users/yeongyu/clawd/claw-code/rust` (real session file present).
**Concrete repro.**
```
@@ -5057,24 +5057,6 @@ ear], /color [scheme], /effort [low|medium|high], /fast, /summary, /tag [label],
**Source.** Jobdori dogfood 2026-04-20 against `/Users/yeongyu/clawd/claw-code/rust` (real session file present) on main HEAD `d2a8341` in response to Clawhip dogfood nudge / 10-min cron. Joins **Truth-audit / diagnostic-integrity** (#80#127, #129) as 16th — error surface is incomplete by design; runtime has info that CLI boundary discards. Joins **JSON envelope asymmetry family** (#90, #91, #92, #110, #115, #116) — `{error, type}` shape is a fake envelope when the failure mode is richer than a single prose string. Joins **Claude Code migration parity** — Claude Code's error shape includes typed error kinds; claw-code's flat envelope loses information. Joins **`Run claw --help for usage` trailer-misuse** — the trailer is appended to errors that are not usage errors, which is both noise and misdirection. Natural bundle: **#90 + #91 + #92 + #130** — JSON envelope hygiene quartet. All four surface errors with insufficient structure for claws to dispatch on. Also **#121 + #130** — error-text-lies pair: hooks error names wrong thing (#121), export errno strips all context (#130). Also **Phase 2 §4 Canonical lane event schema exhibit A** — typed errors are the prerequisite for structured lane events. Session tally: ROADMAP #130.
**Re-verification (2026-04-22 cycle #39, main HEAD `186d42f`).** All 5 failure modes still reproduce identically to the original filing 2 days later. Concrete output:
```
$ claw export --output /tmp/nonexistent-dir-xyz/out.md --output-format json
{"error":"No such file or directory (os error 2)","hint":null,"kind":"unknown","type":"error"}
$ claw export --output /bin/cantwrite.md --output-format json
{"error":"Operation not permitted (os error 1)","hint":null,"kind":"unknown","type":"error"}
$ claw export --output "" --output-format json
{"error":"No such file or directory (os error 2)","hint":null,"kind":"unknown","type":"error"}
$ claw export --output / --output-format json
{"error":"File exists (os error 17)","hint":null,"kind":"unknown","type":"error"}
$ claw export --output /tmp/ --output-format json
{"error":"Is a directory (os error 21)","hint":null,"kind":"unknown","type":"error"}
```
**New evidence not in original filing.** The `kind` field is set to `"unknown"` — the classifier actively chose `unknown` rather than just omitting the field. This means `classify_error_kind()` (at main.rs:~251) has no substring match for "Is a directory", "No such file", "Operation not permitted", or "File exists". The typed-error contract is thus twice-broken on this path: (a) the io::ErrorKind information is discarded at the `?` in `run_export()`, AND (b) the flat `io::Error::Display` string is then fed to a classifier that has no patterns for filesystem errno strings.
**Natural pairing with #247/#248/#249 classifier sweep.** Same code path as #247's classifier fix (`classify_error_kind()`), same pattern (substring-matching classifier that lacks entries for specific error strings). #247 added patterns for prompt-related parse errors. #248 WIP adds patterns for verb-qualified unknown option errors. #130's classifier-level part (adding `NotFound`/`PermissionDenied`/`IsADirectory`/`AlreadyExists` substring branches) could land in the same sweep. The deeper fix (context preservation at `run_export()`'s `?`) is a separate, larger change — context-preservation requires `anyhow::Context` threading or typed error enum, not just classifier patterns.
**Repro (fresh box, no ANTHROPIC_* env vars).** `claw --model "bad model" version` → exit 0, emits version JSON (silent parse). `claw --model "" version` → exit 0, same. `claw --model "foo bar/baz" prompt "test"` → exit 1, `error: missing Anthropic credentials` (malformed model silently routes to Anthropic, then cred error masquerades as root cause instead of "invalid model syntax").
**The gap.** (1) No upfront model syntax validation in parse_args. `--model` accepts any string. (2) Silent fallback to Anthropic when provider detection fails on malformed syntax. (3) Downstream error misdirection — cred error doesn't say "your model string was invalid, I fell back to Anthropic." (4) Token burn on invalid model at API layer — with credentials set, malformed model reaches the API, billing tokens against a 400 response that should have been rejected client-side. (5) Joins #29 (provider routing silent fallback) — both involve Anthropic fallback masking the real intent. (6) Joins truth-audit — status/version JSON report malformed model without validation. (7) Joins cred-error misdirection family (#28, #99, #127).
@@ -6583,30 +6565,7 @@ main.py: error: the following arguments are required: command
---
## Pinpoint #247. `classify_error_kind()` misses prompt-related parse errors — "empty prompt" and "prompt subcommand requires" classified as `unknown` instead of `cli_parse`; JSON envelope also drops the `Run claw --help for usage` hint **[CLOSED 2026-04-22 cycle #34]**
**Status.** CLOSED. Fix landed on `feat/jobdori-247-classify-prompt-errors` (cycle #34, Jobdori, 2026-04-22 22:4x KST). Two atomic edits in `rust/crates/rusty-claude-cli/src/main.rs` + one unit test + four integration tests. Verified on the compiled `claw` binary: both prompt-related parse errors now classify as `cli_parse`, and JSON envelopes for the bare-`claw prompt` path now carry the same `Run \`claw --help\` for usage.` hint as text mode. Regression guard locks in that the existing `unrecognized argument` hint/kind path is untouched.
**What landed.**
1. `classify_error_kind()` gained two explicit branches for `prompt subcommand requires` and `empty prompt:`, both routed to `cli_parse`. Patterns are specific enough that generic prompt-adjacent messages still fall through to `unknown` (locked by unit test).
2. JSON error path in `main()` now synthesizes the `Run \`claw --help\` for usage.` hint when `kind == "cli_parse"` AND the message itself did not already embed one (prevents duplication on the `empty prompt: … (run \`claw --help\`)` path which carries guidance inline).
3. Regression tests added: one unit test (`classify_error_kind_covers_prompt_parse_errors_247`) + four integration tests in `tests/output_format_contract.rs` covering bare `claw prompt`, `claw ""`, `claw " "`, and the `doctor --foo` unrecognized-argument regression guard.
**Cross-channel parity after fix.**
```
$ claw --output-format json prompt
{"error":"prompt subcommand requires a prompt string","hint":"Run `claw --help` for usage.","kind":"cli_parse","type":"error"}
$ claw --output-format json ""
{"error":"empty prompt: provide a subcommand (run `claw --help`) or a non-empty prompt string","hint":null,"kind":"cli_parse","type":"error"}
```
Text mode remains unchanged (still prints `[error-kind: cli_parse]` + trailer). Both channels now carry `kind == cli_parse` and the hint content is either explicit (JSON field) or embedded (inline in `error`), closing the typed-envelope asymmetry flagged in the pinpoint.
**Original gap (preserved for history below).**
## Pinpoint #247 (original). `classify_error_kind()` misses prompt-related parse errors — "empty prompt" and "prompt subcommand requires" classified as `unknown` instead of `cli_parse`; JSON envelope also drops the `Run claw --help for usage` hint
## Pinpoint #247. `classify_error_kind()` misses prompt-related parse errors — "empty prompt" and "prompt subcommand requires" classified as `unknown` instead of `cli_parse`; JSON envelope also drops the `Run claw --help for usage` hint
**Gap.** Typed-error contract (§4.44) specifies an enumerated error kind set: `filesystem | auth | session | parse | runtime | mcp | delivery | usage | policy | unknown`. The `classify_error_kind()` function at `rust/crates/rusty-claude-cli/src/main.rs:246-280` uses substring matching to map error messages to these kinds. Two common prompt-related parse errors are NOT matched and fall through to `unknown`:
@@ -6688,292 +6647,3 @@ Two atomic changes:
- #179 (parse-error real message quality) — claws consuming envelope expect truthful error
- #181 (envelope.exit_code matches process exit) — cross-channel truthfulness
- #30 (cycle #30: OPT_OUT rejection tests) — classification contracts deserve regression tests
---
## Pinpoint #249. Resumed-session slash command error envelopes omit `kind` field — typed-error contract violation at `main.rs:2747` and `main.rs:2783`
**Gap.** The typed-error envelope contract (§4.44) specifies every error envelope MUST include a `kind` field so claws can dispatch without regex-scraping prose. The `--output-format json` path for resumed-session slash commands has TWO branches that emit error envelopes WITHOUT `kind`:
1. **`main.rs:2747-2760`** (`SlashCommand::parse()` Err arm) — triggered when the raw command string is malformed or references an invalid slash structure. Fires for inputs like `claw --resume latest /session` (valid name, missing required subcommand arg).
2. **`main.rs:2783-2793`** (`run_resume_command()` Err arm) — triggered when the slash command dispatch returns an error (including `SlashCommand::Unknown`). Fires for inputs like `claw --resume latest /xyz-unknown`.
Both arms emit JSON envelopes of shape `{type, error, command}` but NOT `kind`, defeating typed-error dispatch for any claw routing on `error.kind`.
Also observed: the `/xyz-unknown` path embeds a multi-line error string (`Unknown slash command: /xyz-unknown\n Help ...`) directly into the `error` field without splitting the runbook hint into a separate `hint` field (per #77 `split_error_hint()` convention). JSON consumers get embedded newlines in the error string.
**Repro.** Dogfooded 2026-04-22 on main HEAD `84466bb` (cycle #37, post-#247 merge):
```bash
$ cd /Users/yeongyu/clawd/claw-code/rust
$ ./target/debug/claw --output-format json --resume latest /session
{"command":"/session","error":"unsupported resumed slash command","type":"error"}
# Observation: no `kind` field. Claws dispatching on error.kind get undefined.
$ ./target/debug/claw --output-format json --resume latest /xyz-unknown
{"command":"/xyz-unknown","error":"Unknown slash command: /xyz-unknown
Help /help lists available slash commands","type":"error"}
# Observation: no `kind` field AND multi-line error without split hint.
$ ./target/debug/claw --output-format json --resume latest /session list
{"active":"session-...","kind":"session_list",...}
# Comparison: happy path DOES include kind field. Only the error path omits it.
```
Contrast with the `Ok(None)` arm at `main.rs:2735-2742` which DOES include `kind: "unsupported_resumed_command"` — proving the contract awareness exists, just not applied consistently across all Err arms.
**Impact.**
1. **Typed-error dispatch broken for slash-command errors.** A claw reading `{"type":"error", "error":"..."}` and switching on `error.kind` gets `undefined` for any resumed slash-command error. Must fall back to substring matching the `error` field, defeating the point of typed errors.
2. **Family-internal inconsistency.** The same error path (`eprintln!` → exit(2)) has three arms: `Ok(None)` sets kind, `Err(error)` (parse) doesn't, `Err(error)` (dispatch) doesn't. Random omission is worse than uniform absence because claws can't tell whether they're hitting a kind-less arm or an untyped category.
3. **Hint embedded in error field.** The `/xyz-unknown` path gets its runbook text inside the `error` string instead of a separate `hint` field, forcing consumers to post-process the message.
**Recommended fix shape.**
Two small, atomic edits in `main.rs`:
1. **Parse-error envelope** (line 2747): Add `"kind": "cli_parse"` to the JSON object. Optionally call `classify_error_kind(&error.to_string())` to get a more specific kind.
2. **Dispatch-error envelope** (line 2783): Same treatment. Classify using `classify_error_kind()`. Additionally, call `split_error_hint()` on `error.to_string()` to separate the short reason from any embedded hint (matches #77 convention used elsewhere).
```rust
// Before (line 2747):
serde_json::json!({
"type": "error",
"error": error.to_string(),
"command": raw_command,
})
// After:
let message = error.to_string();
let kind = classify_error_kind(&message);
let (short_reason, hint) = split_error_hint(&message);
serde_json::json!({
"type": "error",
"error": short_reason,
"hint": hint,
"kind": kind,
"command": raw_command,
})
```
**Regression coverage.** Add integration tests in `tests/output_format_contract.rs`:
- `resumed_session_bare_slash_name_emits_kind_field_249` — `/session` without subcommand
- `resumed_session_unknown_slash_emits_kind_field_249` — `/xyz-unknown`
- `resumed_session_unknown_slash_splits_hint_249` — multi-line error gets hint split
- Regression guard: `resumed_session_happy_path_session_list_unchanged_249` — confirm `/session list` JSON unchanged
**Blocker.** None. ~15 lines Rust, bounded.
**Priority.** Medium. Not red-state (errors ARE surfaced, exit code IS 2), but typed-error contract violation. Any claw doing `error.kind` dispatch on slash-command paths currently falls through to `undefined`.
**Source.** Jobdori cycle #37 proactive dogfood 2026-04-22 23:15 KST in response to Clawhip pinpoint nudge. Probed slash-command JSON error envelopes post-#247 merge; found two Err arms emitting envelopes without `kind`. Joins §4.44 typed-envelope family:
- #179 (parse-error real message quality) — closed
- #181 (envelope exit_code matches process exit) — closed
- #247 (classify_error_kind misses prompt-patterns + hint drop) — closed (cycle #34/#36)
- **#248 (verb-qualified unknown option errors misclassified) — in-flight (another agent)**
- **#249 (this: resumed-session slash command envelopes omit kind) — filed**
Natural bundle: **#247 + #248 + #249** — classifier/envelope completeness sweep. All three fix the same kind of drift: typed-error envelopes missing or mis-set `kind` field on specific CLI paths. When all three land, the typed-envelope contract is uniformly applied across:
- Top-level CLI argument parsing (#247)
- Subcommand option parsing (#248)
- Resumed-session slash command dispatch (#249)
**Related prior work.**
- §4.44 typed error envelope contract (2026-04-20)
- #77 split_error_hint() — should be applied to slash-command error path too
- #247 (model: add classifier branches + ensure envelope carries them)
---
## Pinpoint #250. CLI surface parity gap between Python audit harness and Rust binary — SCHEMAS.md documents `list-sessions`/`delete-session`/`load-session`/`flush-transcript` as CLAWABLE top-level subcommands, but the Rust `claw` binary routes these through the `_other => Prompt` fall-through arm, emitting `missing_credentials` instead of running the documented operation
**Gap.** SCHEMAS.md at the repo root defines a JSON envelope contract for 14 CLAWABLE top-level subcommands including `list-sessions`, `delete-session`, `load-session`, and `flush-transcript`. The Python audit harness at `src/main.py` implements all 14. The Rust `claw` binary at `rust/crates/rusty-claude-cli/` does NOT have these as top-level subcommands — session management lives behind `--resume <id> /session list` via the REPL slash command path.
A claw following SCHEMAS.md as the canonical contract runs `claw list-sessions --output-format json` and hits the Rust binary's `_other => Prompt` fall-through arm (same code path as the now-closed parser-level trust gap quintet #108/#117/#119/#122/#127). The literal token `"list-sessions"` is sent as a prompt to the LLM, which immediately fails with `missing Anthropic credentials` because the prompt path requires auth.
From the claw's perspective:
- **Expected** (per SCHEMAS.md): `{"command": "list-sessions", "exit_code": 0, "sessions": [...]}`
- **Actual** (Rust binary): `{"kind": "missing_credentials", "error": "missing Anthropic credentials; ..."}`
**Repro.** Dogfooded 2026-04-22 on main HEAD `5f8d1b9` (cycle #38):
```bash
$ cd /Users/yeongyu/clawd/claw-code/rust
$ env -i PATH=$PATH HOME=$HOME ./target/debug/claw list-sessions --output-format json
{"error":"missing Anthropic credentials; export ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY before calling the Anthropic API ...","hint":null,"kind":"missing_credentials","type":"error"}
# exit=1, NOT the documented SCHEMAS.md envelope
$ env -i PATH=$PATH HOME=$HOME ./target/debug/claw delete-session abc123 --output-format json
{"error":"missing Anthropic credentials; ...","hint":null,"kind":"missing_credentials","type":"error"}
# Same fall-through. `abc123` treated as prompt continuation.
$ env -i PATH=$PATH HOME=$HOME ./target/debug/claw --resume latest /session list --output-format json
{"active":"session-...","kind":"session_list","sessions":[...]}
# This is how the Rust binary actually exposes list-sessions — via REPL slash command.
$ python3 -m src.main list-sessions --output-format json
{"command": "list-sessions", "exit_code": 0, ..., "sessions": [...]}
# Python harness implements SCHEMAS.md directly.
```
**Impact.**
1. **Documentation-vs-implementation drift.** SCHEMAS.md is at the repo root (not under `src/` or `rust/`), implying it applies to the whole project. A claw reading SCHEMAS.md and assuming the contract applies to the canonical binary (`claw`) gets a credentials error, not the documented envelope.
2. **Cross-implementation parity gap.** The same logical operation ("list my sessions") has two different CLI shapes:
- Python harness: `python3 -m src.main list-sessions --output-format json`
- Rust binary: `claw --resume latest /session list --output-format json`
Claws that switch between implementations (e.g., for testing or migration) have to maintain two different dispatch tables.
3. **Joins the parser-level trust gap family.** This is the 6th entry in the `_other => Prompt` fall-through family but with a twist: unlike #108/#117/#119/#122/#127 (where the input was genuinely malformed), the input here IS a valid surface name that SCHEMAS.md documents. The fall-through is wrong for a different reason: the surface exists in the protocol but not in this implementation.
4. **Cred-error misdirection.** Same pattern as the pre-#127 `claw doctor --json` misdirection. A claw getting `missing_credentials` thinks it has an auth problem when really it has a surface-not-implemented problem.
**Fix options.**
**Option A: Implement the surfaces on the Rust binary.** Wire `list-sessions`, `delete-session`, `load-session`, `flush-transcript` as top-level subcommands in `rust/crates/rusty-claude-cli/src/main.rs`, each delegating to the existing session management code that currently lives behind `/session list`, `/session delete`, etc. Acceptance: all 4 subcommands emit the SCHEMAS.md envelope identically to the Python harness.
**Option B: Scope SCHEMAS.md explicitly to the Python audit harness.** Add a scope note at the top of SCHEMAS.md clarifying it documents the Python harness protocol, not the Rust binary surface. File a separate pinpoint for "canonical Rust binary JSON contract" if/when that's needed.
**Option C: Reject the surface mismatch at parse time.** Add explicit recognition in the Rust binary's top-level subcommand matcher that `list-sessions`/`delete-session`/etc. are Python-harness surfaces, and emit a structured error pointing to the Rust equivalent (`claw --resume latest /session list` etc.). Stop the fall-through into Prompt dispatch. Acceptance: running `claw list-sessions` in the Rust binary emits `{"kind": "unsupported_surface", "error": "list-sessions is a Python audit harness surface; use `claw --resume latest /session list` for the Rust binary equivalent"}`.
**Recommended: Option C first (cheap, prevents cred misdirection), then Option B as documentation hygiene, then Option A if demand justifies the implementation cost.**
Option C is the same pattern as #127's fix: reject known-bad inputs at parse time with actionable hints, don't fall through to Prompt. This is a new case of the same fall-through category but with the twist that the "bad" input is actually documented as valid in a sibling context.
**Regression.** If Option A: add end-to-end tests matching the Python harness's existing tests for each subcommand. If Option C: add integration tests for each of the 4 Python-harness surface names verifying they emit `unsupported_surface` with the correct redirect hint.
**Blocker.** None for Option C. Option A is larger (requires extending the Rust binary's top-level parser + wiring to session management). Option B is pure docs.
**Priority.** Medium-high. This is red-state in the sense that the binary silently misroutes a documented surface into cred-error. Not a bug in the sense that the Rust binary is missing functionality it promised — but a bug in the sense that **protocol documentation promises a surface that doesn't exist at that address in the canonical implementation.** Either the docs are wrong or the implementation is incomplete; randomness is the current state.
**Source.** Jobdori cycle #38 proactive dogfood 2026-04-22 23:35 KST in response to Clawhip pinpoint nudge. Probed session management CLI paths post-#247-merge; expected SCHEMAS.md envelope, got `missing_credentials` on all 4 surfaces. Joins:
- **Parser-level trust gap family** (#108, #117, #119, #122, #127) as 6th — same `_other => Prompt` fall-through, but the "bad" input is actually a documented surface in SCHEMAS.md (new case class).
- **Cred-error misdirection family** (#99, #127 pre-closure) — same pattern: local-ish operation silently needs creds because it fell into the wrong dispatch arm.
- **Documentation-vs-implementation drift family** — SCHEMAS.md documents 14 surfaces; Rust binary has ~8 top-level subcommands; mismatch is undocumented.
Natural bundle: **#127 + #250** — parser-level fall-through pair with a class distinction (#127 = suffix arg on valid verb; #250 = entire Python-harness verb treated as prompt).
**Related prior work.**
- SCHEMAS.md (the canonical envelope contract — drafted in Python-harness context)
- §4.44 typed-envelope contract
- #127 (closed: suffix arg rejection at parse time for diagnostic verbs)
- #108/#117/#119/#122/#127 (parser-level trust gap quintet)
- Python harness `src/main.py` (14 CLAWABLE surfaces)
- Rust binary `rust/crates/rusty-claude-cli/src/main.rs` (different top-level surface set)
---
## Pinpoint #251. Session-management verbs (`list-sessions`/`delete-session`/`load-session`/`flush-transcript`) fall through to Prompt dispatch at parse time before credential resolution — wrong error CLASS is emitted (auth) for what should be local session-store operations
**Gap.** This is the **dispatch-order framing** of the parity symptom filed at #250. Where #250 says "the surface is missing on the canonical binary and SCHEMAS.md promises it," #251 says "the underlying mechanism is a top-level parser fall-through that happens BEFORE the dispatcher can intercept the verb, so callers get `missing_credentials` instead of any session-layer response at all."
The two pinpoints describe the same observable failure from different layers:
- **#250 (surface layer):** SCHEMAS.md top-level verbs aren't implemented as top-level Rust subcommands.
- **#251 (dispatch layer):** The top-level parser has no match arm for these verbs, so they fall into the `_other => Prompt` catchall at `main.rs:1017`, which constructs `CliAction::Prompt { prompt: "list-sessions", ... }`. Downstream, the Prompt path requires credentials, and the CLI emits `missing_credentials` for a purely-local operation.
**The same pattern has been fixed before** for other purely-local verbs:
- **#145** — `plugins` was falling through to Prompt. Fix: explicit match arm at `main.rs:888-906` returning `CliAction::Plugins { ... }`.
- **#146** — `config` and `diff` were falling through. Fix: explicit match arms at `main.rs:911-935` returning `CliAction::Config { ... }` and `CliAction::Diff { ... }`.
Both fixes followed identical shape: intercept the verb at top-level parse, construct the corresponding `CliAction` variant, bypass the Prompt/credential path entirely. #251 extends this to the 4 session-management verbs.
**Repro.** Dogfooded 2026-04-23 cycle #40 on main HEAD `f110333`:
```bash
$ env -i PATH=$PATH HOME=$HOME /path/to/claw list-sessions --output-format json
{"error":"missing Anthropic credentials; export ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY ...","kind":"missing_credentials","type":"error"}
# Expected: session-layer envelope like {"command":"list-sessions","sessions":[...]}
# Actual: auth-layer error because the verb was treated as a prompt.
```
**Code trace (verified cycle #40).**
- `main.rs:1017-1027` — the final `_other` arm of the top-level parser. Joins all unrecognized tokens with spaces and constructs `CliAction::Prompt { prompt: joined, ... }`.
- Downstream, the Prompt dispatcher calls `resolve_credentials()` which emits `missing Anthropic credentials` when neither `ANTHROPIC_API_KEY` nor `ANTHROPIC_AUTH_TOKEN` is set.
- No credential resolution would have been needed had the verb been intercepted earlier.
**Relationship to #250.**
| Aspect | #250 | #251 |
|---|---|---|
| **Layer** | Surface / documentation | Dispatch / parser internals |
| **Framing** | Protocol vs implementation drift | Wrong dispatch order |
| **Fix scope** | 3 options (docs scope, Rust impl, reject-with-redirect) | Narrow: add match arms mirroring #145/#146 |
| **Evidence** | SCHEMAS.md promises ≠ binary delivers | Parser fall-through happens before the dispatcher can classify the verb |
They share the observable (`missing_credentials` on a documented surface) but prescribe different scopes of fix:
- **#250's Option A** (implement the surfaces) = **#251's proper fix** — actually wire the session-management paths.
- **#250's Option C** (reject with redirect) = a different fix that doesn't implement the verbs but at least stops the auth-error misdirection.
**Recommended sequence:**
1. **#251 fix** (implement the 4 match arms following the #145/#146 pattern) is the principled solution — it makes the canonical binary honor SCHEMAS.md.
2. **#250's documentation scope note** (Option B) remains valuable regardless, as a guard against future drift between the two implementations.
3. **#250's Option C** (reject with redirect) becomes unnecessary if #251 lands — no verbs to redirect away from.
**Fix shape (~40 lines).**
Add 4 match arms to the top-level parser (file: `rust/crates/rusty-claude-cli/src/main.rs:~840-1015`), each mirroring the pattern from `plugins`/`config`/`diff`:
```rust
"list-sessions" => {
let tail = &rest[1..];
// list-sessions: optional --directory flag already parsed; no positional args
if !tail.is_empty() {
return Err(format!("unexpected extra arguments after `claw list-sessions`: {}", tail.join(" ")));
}
Ok(CliAction::ListSessions { output_format, directory: /* already parsed */ })
}
"delete-session" => {
let tail = &rest[1..];
// delete-session: requires session-id positional
let session_id = tail.first().ok_or_else(|| "delete-session requires a session-id argument".to_string())?.clone();
if tail.len() > 1 {
return Err(format!("unexpected extra arguments after `claw delete-session {session_id}`: {}", tail[1..].join(" ")));
}
Ok(CliAction::DeleteSession { session_id, output_format, directory: /* already parsed */ })
}
"load-session" => { /* same pattern */ }
"flush-transcript" => { /* same pattern, with --session-id flag handling */ }
```
Plus `CliAction` variants, dispatcher wiring, and regression tests. Likely ~40 lines of Rust + tests if session-store operations already exist in `runtime/`.
**Acceptance.** All 4 verbs emit session-layer envelopes matching the SCHEMAS.md contract:
- `claw list-sessions --output-format json` → `{"command":"list-sessions","sessions":[...],"exit_code":0}`
- `claw delete-session <id> --output-format json` → `{"command":"delete-session","deleted":true,"exit_code":0}`
- `claw load-session <id> --output-format json` → `{"command":"load-session","session":{...},"exit_code":0}`
- `claw flush-transcript --session-id <id> --output-format json` → `{"command":"flush-transcript","flushed":N,"exit_code":0}`
No credential resolution is triggered for any of these paths.
**Regression tests.**
- Each verb with valid arguments: emits correct envelope, exit 0.
- Each verb with missing required argument: emits `cli_parse` error envelope (with kind), exit 1.
- Each verb with extra arguments: emits `cli_parse` error envelope rejecting them.
- Regression guard: `claw list-sessions` in env-cleaned environment does NOT emit `missing_credentials`.
**Blocker.** None. Bounded to 4 additional top-level match arms + corresponding `CliAction` variants + dispatcher wiring. Session-store operations may need minor extraction from `/session list` implementation.
**Priority.** Medium-high. Same severity as #250 (silent misdirection on a documented surface), with sharper framing. Closing #251 automatically resolves #250's Option A and makes Option C unnecessary.
**Source.** Filed 2026-04-23 00:00 KST by gaebal-gajae (conceptual filing in Discord cycle status at msg 1496526112254328902); verified and formalized into ROADMAP by Jobdori cycle #40. Natural bundle:
- **#145 + #146 + #251** — parser fall-through fix pattern (plugins, config/diff, session-management verbs). All 3 follow identical fix shape: intercept at top-level parse, bypass Prompt/credential path.
- **#250 + #251** — symptom/mechanism pair on the same observable failure. #250 frames it as protocol-vs-implementation drift; #251 frames it as dispatch-order bug.
- **#99 + #127 + #250 + #251** — cred-error misdirection family. Each case: a purely-local operation silently routes through the auth-required Prompt path and emits the wrong error class.
**Related prior work.**
- #145 (plugins fall-through fix) — direct template for #251 fix shape
- #146 (config/diff fall-through fix) — same pattern
- #250 (surface parity framing of same failure)
- §4.44 typed-envelope contract
- SCHEMAS.md (specifies the 4 session-management verbs as top-level CLAWABLE surfaces)

755
rust/crates/rusty-claude-cli/src/main.rs
View File

@@ -213,16 +213,7 @@ fn main() {
// #77: classify error by prefix so downstream claws can route without
// regex-scraping the prose. Split short-reason from hint-runbook.
let kind = classify_error_kind(&message);
let (short_reason, mut hint) = split_error_hint(&message);
// #247: JSON envelope was losing the `Run claw --help for usage.`
// trailer that text-mode stderr includes. When the error is a
// cli_parse and the message itself carried no embedded hint,
// synthesize the trailer so typed-error consumers get the same
// actionable pointer that text-mode users see. Cross-channel
// consistency is a §4.44 typed-envelope contract requirement.
if hint.is_none() && kind == "cli_parse" && !short_reason.contains("`claw --help`") {
hint = Some("Run `claw --help` for usage.".to_string());
}
let (short_reason, hint) = split_error_hint(&message);
eprintln!(
"{}",
serde_json::json!({
@@ -257,18 +248,10 @@ Run `claw --help` for usage."
/// Returns a snake_case token that downstream consumers can switch on instead
/// of regex-scraping the prose. The classification is best-effort prefix/keyword
/// matching against the error messages produced throughout the CLI surface.
/// #130b: Wrap io::Error with operation context so classifier can recognize filesystem failures.
fn contextualize_io_error(operation: &str, target: &str, error: std::io::Error) -> String {
format!("{} failed: {} ({})", operation, target, error)
}
fn classify_error_kind(message: &str) -> &'static str {
// Check specific patterns first (more specific before generic)
if message.contains("missing Anthropic credentials") {
"missing_credentials"
} else if message.contains("export failed:") || message.contains("diff failed:") || message.contains("config failed:") {
// #130b: Filesystem operation errors enriched with operation+path context.
"filesystem_io_error"
} else if message.contains("Manifest source files are missing") {
"missing_manifests"
} else if message.contains("no worker state file found") {
@@ -281,11 +264,15 @@ fn classify_error_kind(message: &str) -> &'static str {
"no_managed_sessions"
} else if message.contains("unrecognized argument") || message.contains("unknown option") {
"cli_parse"
} else if message.contains("prompt subcommand requires") {
// #247: `claw prompt` with no argument — a parse error, not `unknown`.
} else if is_unknown_verb_option_error(message) {
// #248: verb-qualified option rejections like `unknown system-prompt option:`,
// `unknown export option:`, `unknown dump-manifests option:` are parse errors,
// not `unknown`. Without this they leak out of the typed-error contract the
// same way #247 did for prompt-related messages.
"cli_parse"
} else if message.starts_with("empty prompt:") {
// #247: `claw ""` or `claw " "` — a parse error, not `unknown`.
} else if message.contains("unknown subcommand:") || message.contains("unknown slash command") {
// #248 companion: subcommand-level mistypes are also parse failures,
// not mystery `unknown` errors. `parse_command_token` emits these.
"cli_parse"
} else if message.contains("invalid model syntax") {
"invalid_model_syntax"
@@ -302,6 +289,42 @@ fn classify_error_kind(message: &str) -> &'static str {
}
}
/// #248: Returns true when the error message is a verb-qualified "unknown
/// … option:" rejection produced by a subcommand option parser.
///
/// These messages have the shape `unknown <verb> option: <arg>` and are
/// emitted from subcommand-specific option parsing paths (system-prompt,
/// export, dump-manifests, etc.). They are parse errors by construction:
/// the CLI successfully identified the verb but failed to recognize one of
/// its flags. Left unclassified they were leaking out as `kind: "unknown"`,
/// which defeats typed-error dispatch for claws that route on parse failures.
///
/// Detection is kept intentionally narrow (must start with `"unknown "`,
/// must contain `" option:"`) so generic text happening to contain either
/// substring in isolation does not get hijacked.
pub fn is_unknown_verb_option_error(message: &str) -> bool {
// #248: matches only the shape `unknown <verb> option: <arg>` where <verb>
// is a single token (no spaces). Verb-qualified rejections look like:
// "unknown system-prompt option: --json"
// "unknown export option: --bogus"
// but NOT:
// "unknown option: --foo" (missing verb)
// "unknown subcommand: foo" (wrong category)
if !message.starts_with("unknown ") || !message.contains(" option:") {
return false;
}
// Ensure there's a non-empty, space-free verb between `unknown ` and ` option:`.
if let Some(before_option) = message.split(" option:").next() {
if before_option.len() <= 8 {
return false; // "unknown " only, no verb
}
let verb = &before_option[8..]; // Everything after "unknown "
!verb.contains(' ') // Single-token verb (no spaces)
} else {
false
}
}
/// #77: Split a multi-line error message into (short_reason, optional_hint).
///
/// The short_reason is the first line (up to the first newline), and the hint
@@ -460,113 +483,6 @@ fn run() -> Result<(), Box<dyn std::error::Error>> {
);
}
},
// #251: session-management verbs (list-sessions, load-session,
// delete-session, flush-transcript) are pure-local operations.
// They are intercepted at the parser level and dispatched directly
// to session-control operations without requiring credentials.
CliAction::ListSessions { output_format } => {
use runtime::session_control::list_managed_sessions_for;
let base_dir = env::current_dir()?;
let sessions = list_managed_sessions_for(base_dir)?;
match output_format {
CliOutputFormat::Text => {
if sessions.is_empty() {
println!("No sessions found.");
} else {
for session in sessions {
println!("{} ({})", session.id, session.path.display());
}
}
}
CliOutputFormat::Json => {
// #251: ManagedSessionSummary doesn't impl Serialize;
// construct JSON manually with the public fields.
let sessions_json: Vec<serde_json::Value> = sessions
.iter()
.map(|s| {
serde_json::json!({
"id": s.id,
"path": s.path.display().to_string(),
"updated_at_ms": s.updated_at_ms,
"message_count": s.message_count,
})
})
.collect();
let result = serde_json::json!({
"command": "list-sessions",
"sessions": sessions_json,
});
println!("{}", serde_json::to_string_pretty(&result)?);
}
}
}
CliAction::LoadSession {
session_reference,
output_format,
} => {
use runtime::session_control::load_managed_session_for;
let base_dir = env::current_dir()?;
let loaded = load_managed_session_for(base_dir, &session_reference)?;
match output_format {
CliOutputFormat::Text => {
println!(
"Session {} loaded\n File {}\n Messages {}",
loaded.session.session_id,
loaded.handle.path.display(),
loaded.session.messages.len()
);
}
CliOutputFormat::Json => {
let result = serde_json::json!({
"command": "load-session",
"session": {
"id": loaded.session.session_id,
"path": loaded.handle.path.display().to_string(),
"messages": loaded.session.messages.len(),
},
});
println!("{}", serde_json::to_string_pretty(&result)?);
}
}
}
CliAction::DeleteSession {
session_id: _,
output_format,
} => {
// #251: delete-session implementation deferred
eprintln!("delete-session is not yet implemented.");
if matches!(output_format, CliOutputFormat::Json) {
eprintln!(
"{}",
serde_json::json!({
"type": "error",
"error": "not_yet_implemented",
"command": "delete-session",
"kind": "not_yet_implemented",
})
);
}
std::process::exit(1);
}
CliAction::FlushTranscript {
session_id: _,
output_format,
} => {
// #251: flush-transcript implementation deferred
eprintln!("flush-transcript is not yet implemented.");
if matches!(output_format, CliOutputFormat::Json) {
eprintln!(
"{}",
serde_json::json!({
"type": "error",
"error": "not_yet_implemented",
"command": "flush-transcript",
"kind": "not_yet_implemented",
})
);
}
std::process::exit(1);
}
CliAction::Export {
session_reference,
output_path,
@@ -694,26 +610,6 @@ enum CliAction {
Help {
output_format: CliOutputFormat,
},
// #251: session-management verbs are pure-local reads/mutations on the
// session store. They do not require credentials or a model connection.
// Previously these fell through to the `_other => Prompt` catchall and
// emitted `missing_credentials` errors. Now they are intercepted at the
// top-level parser and dispatched to session-control operations.
ListSessions {
output_format: CliOutputFormat,
},
LoadSession {
session_reference: String,
output_format: CliOutputFormat,
},
DeleteSession {
session_id: String,
output_format: CliOutputFormat,
},
FlushTranscript {
session_id: String,
output_format: CliOutputFormat,
},
}
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -731,17 +627,6 @@ enum LocalHelpTopic {
SystemPrompt,
DumpManifests,
BootstrapPlan,
// #130c: help parity for `claw diff --help`
Diff,
// #130d: help parity for `claw config --help`
Config,
// #130e: help parity — dispatch-order bugs (help, submit, resume)
Meta,
Submit,
Resume,
// #130e-B: help parity — surface-level bugs (plugins, prompt)
Plugins,
Prompt,
}
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -790,20 +675,20 @@ fn parse_args(args: &[String]) -> Result<CliAction, String> {
if !rest.is_empty()
&& matches!(
rest[0].as_str(),
"commit"
"prompt"
| "commit"
| "pr"
| "issue"
) =>
{
// `--help` following a subcommand that would otherwise forward
// the arg to the API should show top-level help instead.
// Subcommands that consume their own args (agents, mcp, plugins,
// skills) and local help-topic subcommands (status, sandbox,
// doctor, init, state, export, version, system-prompt,
// dump-manifests, bootstrap-plan, diff, config, help, submit,
// resume, prompt) must NOT be intercepted here — they handle
// --help in their own dispatch paths via
// parse_local_help_action(). See #141, #130c, #130d, #130e.
// the arg to the API (e.g. `claw prompt --help`) should show
// top-level help instead. Subcommands that consume their own
// args (agents, mcp, plugins, skills) and local help-topic
// subcommands (status, sandbox, doctor, init, state, export,
// version, system-prompt, dump-manifests, bootstrap-plan) must
// NOT be intercepted here — they handle --help in their own
// dispatch paths via parse_local_help_action(). See #141.
wants_help = true;
index += 1;
}
@@ -1015,18 +900,7 @@ fn parse_args(args: &[String]) -> Result<CliAction, String> {
match rest[0].as_str() {
"dump-manifests" => parse_dump_manifests_args(&rest[1..], output_format),
"bootstrap-plan" => {
// #152: bootstrap-plan is a no-arg verb. Reject unexpected suffixes
// like `claw bootstrap-plan garbage` that silently accept trailing
// args instead of rejecting at parse time.
if rest.len() > 1 {
return Err(format!(
"unrecognized argument `{}` for subcommand `bootstrap-plan`",
rest[1]
));
}
Ok(CliAction::BootstrapPlan { output_format })
}
"bootstrap-plan" => Ok(CliAction::BootstrapPlan { output_format }),
"agents" => Ok(CliAction::Agents {
args: join_optional_args(&rest[1..]),
output_format,
@@ -1066,10 +940,6 @@ fn parse_args(args: &[String]) -> Result<CliAction, String> {
// which is synthetic friction. Accepts an optional section name
// (env|hooks|model|plugins) matching the slash command shape.
"config" => {
// #130d: accept --help / -h and route to help topic instead of silently ignoring
if rest.len() >= 2 && is_help_flag(&rest[1]) {
return Ok(CliAction::HelpTopic(LocalHelpTopic::Config));
}
let tail = &rest[1..];
let section = tail.first().cloned();
if tail.len() > 1 {
@@ -1087,12 +957,6 @@ fn parse_args(args: &[String]) -> Result<CliAction, String> {
// #146: `diff` is pure-local (shells out to `git diff --cached` +
// `git diff`). No session needed to inspect the working tree.
"diff" => {
// #130c: accept --help / -h as first argument and route to help topic,
// matching the behavior of status/sandbox/doctor/etc.
// Without this guard, `claw diff --help` was rejected as extra arguments.
if rest.len() == 2 && is_help_flag(&rest[1]) {
return Ok(CliAction::HelpTopic(LocalHelpTopic::Diff));
}
if rest.len() > 1 {
return Err(format!(
"unexpected extra arguments after `claw diff`: {}",
@@ -1101,81 +965,6 @@ fn parse_args(args: &[String]) -> Result<CliAction, String> {
}
Ok(CliAction::Diff { output_format })
}
// #251: session-management verbs are pure-local operations on the
// session store. They require no credentials or model connection.
// Previously they fell through to `_other => Prompt` and emitted
// `missing_credentials`. Now they are intercepted at parse time and
// routed to session-control operations.
"list-sessions" => {
let tail = &rest[1..];
// list-sessions takes no positional arguments; flags are already parsed
if !tail.is_empty() {
return Err(format!(
"unexpected extra arguments after `claw list-sessions`: {}",
tail.join(" ")
));
}
Ok(CliAction::ListSessions { output_format })
}
"load-session" => {
let tail = &rest[1..];
// load-session requires a session-id (positional) argument
let session_ref = tail.first().ok_or_else(|| {
"load-session requires a session-id argument (e.g., `claw load-session SESSION.jsonl`)"
.to_string()
})?.clone();
if tail.len() > 1 {
return Err(format!(
"unexpected extra arguments after `claw load-session {session_ref}`: {}",
tail[1..].join(" ")
));
}
Ok(CliAction::LoadSession {
session_reference: session_ref,
output_format,
})
}
"delete-session" => {
let tail = &rest[1..];
// delete-session requires a session-id (positional) argument
let session_id = tail.first().ok_or_else(|| {
"delete-session requires a session-id argument (e.g., `claw delete-session SESSION_ID`)"
.to_string()
})?.clone();
if tail.len() > 1 {
return Err(format!(
"unexpected extra arguments after `claw delete-session {session_id}`: {}",
tail[1..].join(" ")
));
}
Ok(CliAction::DeleteSession {
session_id,
output_format,
})
}
"flush-transcript" => {
let tail = &rest[1..];
// flush-transcript: optional --session-id flag (parsed above) or as positional
let session_id = if tail.is_empty() {
// --session-id flag must have been provided
return Err(
"flush-transcript requires either --session-id flag or positional argument"
.to_string(),
);
} else {
tail[0].clone()
};
if tail.len() > 1 {
return Err(format!(
"unexpected extra arguments after `claw flush-transcript {session_id}`: {}",
tail[1..].join(" ")
));
}
Ok(CliAction::FlushTranscript {
session_id,
output_format,
})
}
"skills" => {
let args = join_optional_args(&rest[1..]);
match classify_skills_slash_command(args.as_deref()) {
@@ -1199,16 +988,7 @@ fn parse_args(args: &[String]) -> Result<CliAction, String> {
"system-prompt" => parse_system_prompt_args(&rest[1..], output_format),
"acp" => parse_acp_args(&rest[1..], output_format),
"login" | "logout" => Err(removed_auth_surface_error(rest[0].as_str())),
"init" => {
// #152: init is a no-arg verb. Reject unexpected suffixes like `claw init foo`.
if rest.len() > 1 {
return Err(format!(
"unrecognized argument `{}` for subcommand `init`",
rest[1]
));
}
Ok(CliAction::Init { output_format })
}
"init" => Ok(CliAction::Init { output_format }),
"export" => parse_export_args(&rest[1..], output_format),
"prompt" => {
let prompt = rest[1..].join(" ");
@@ -1301,17 +1081,6 @@ fn parse_local_help_action(rest: &[String]) -> Option<Result<CliAction, String>>
"system-prompt" => LocalHelpTopic::SystemPrompt,
"dump-manifests" => LocalHelpTopic::DumpManifests,
"bootstrap-plan" => LocalHelpTopic::BootstrapPlan,
// #130c: help parity for `claw diff --help`
"diff" => LocalHelpTopic::Diff,
// #130d: help parity for `claw config --help`
"config" => LocalHelpTopic::Config,
// #130e: help parity — dispatch-order fixes
"help" => LocalHelpTopic::Meta,
"submit" => LocalHelpTopic::Submit,
"resume" => LocalHelpTopic::Resume,
// #130e-B: help parity — surface fixes
"plugins" => LocalHelpTopic::Plugins,
"prompt" => LocalHelpTopic::Prompt,
_ => return None,
};
Some(Ok(CliAction::HelpTopic(topic)))
@@ -6135,65 +5904,6 @@ fn render_help_topic(topic: LocalHelpTopic) -> String {
Formats text (default), json
Related claw doctor · claw status"
.to_string(),
// #130c: help topic for `claw diff --help`.
LocalHelpTopic::Diff => "Diff
Usage claw diff [--output-format <format>]
Purpose show local git staged + unstaged changes for the current workspace
Requires workspace must be inside a git repository
Output unified diff (text) or structured diff object (json)
Formats text (default), json
Related claw status · claw config"
.to_string(),
// #130d: help topic for `claw config --help`.
LocalHelpTopic::Config => "Config
Usage claw config [--cwd <path>] [--output-format <format>]
Purpose merge and display the resolved .claw.json / settings.json configuration
Options --cwd overrides the workspace directory for config lookup
Output loaded files and merged key-value pairs (text) or JSON object (json)
Formats text (default), json
Related claw status · claw doctor · claw init"
.to_string(),
// #130e: help topic for `claw help --help` (meta-help).
LocalHelpTopic::Meta => "Help
Usage claw help [--output-format <format>]
Purpose show the full CLI help text (all subcommands, flags, environment)
Aliases claw --help · claw -h
Formats text (default), json
Related claw <subcommand> --help · claw version"
.to_string(),
// #130e: help topic for `claw submit --help`.
LocalHelpTopic::Submit => "Submit
Usage claw submit [--session <id|latest>] <prompt-text>
Purpose send a prompt to an existing managed session without starting a new one
Defaults --session latest (resumes the most recent managed session)
Requires valid Anthropic credentials (ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY)
Related claw prompt · claw --resume · /session list"
.to_string(),
// #130e: help topic for `claw resume --help`.
LocalHelpTopic::Resume => "Resume
Usage claw resume [<session-id|latest>]
Purpose restart an interactive REPL attached to a managed session
Defaults latest session if no argument provided
Requires valid Anthropic credentials (ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY)
Related claw submit · claw --resume · /session list"
.to_string(),
// #130e-B: help topic for `claw plugins --help`.
LocalHelpTopic::Plugins => "Plugins
Usage claw plugins [list|install|enable|disable|uninstall|update] [<target>]
Purpose manage bundled and user plugins from the CLI surface
Defaults list (no action prints inventory)
Sources .claw/plugins.json, bundled catalog, user-installed
Formats text (default), json
Related claw mcp · claw skills · /plugins (REPL)"
.to_string(),
// #130e-B: help topic for `claw prompt --help`.
LocalHelpTopic::Prompt => "Prompt
Usage claw prompt <prompt-text>
Purpose run a single-turn, non-interactive prompt and exit (like --print mode)
Flags --model · --allowedTools · --output-format · --compact
Requires valid Anthropic credentials (ANTHROPIC_AUTH_TOKEN or ANTHROPIC_API_KEY)
Related claw submit · claw (bare, interactive REPL)"
.to_string(),
}
}
@@ -7027,10 +6737,7 @@ fn run_export(
let markdown = render_session_markdown(&session, &handle.id, &handle.path);
if let Some(path) = output_path {
// #130b: Wrap io::Error with operation context so classifier recognizes filesystem failures.
fs::write(path, &markdown).map_err(|e| -> Box<dyn std::error::Error> {
contextualize_io_error("export", &path.display().to_string(), e).into()
})?;
fs::write(path, &markdown)?;
let report = format!(
"Export\n Result wrote markdown transcript\n File {}\n Session {}\n Messages {}",
path.display(),
@@ -9354,7 +9061,7 @@ mod tests {
format_resume_report, format_status_report, format_tool_call_start, format_tool_result,
format_ultraplan_report, format_unknown_slash_command,
format_unknown_slash_command_message, format_user_visible_api_error,
classify_error_kind,
classify_error_kind, is_unknown_verb_option_error,
merge_prompt_with_stdin, normalize_permission_mode, parse_args, parse_export_args,
parse_git_status_branch, parse_git_status_metadata_for, parse_git_workspace_summary,
parse_history_count, permission_policy, print_help_to, push_output_block,
@@ -10341,285 +10048,6 @@ mod tests {
output_format: CliOutputFormat::Json,
}
);
// #251: session-management verbs (list-sessions, load-session,
// delete-session, flush-transcript) must be intercepted at top-level
// parse and returned as CliAction variants. Previously they fell
// through to `_other => Prompt` and emitted `missing_credentials`
// for purely-local operations.
assert_eq!(
parse_args(&["list-sessions".to_string()])
.expect("list-sessions should parse"),
CliAction::ListSessions {
output_format: CliOutputFormat::Text,
},
"list-sessions must dispatch to ListSessions, not fall through to Prompt"
);
assert_eq!(
parse_args(&[
"list-sessions".to_string(),
"--output-format".to_string(),
"json".to_string(),
])
.expect("list-sessions --output-format json should parse"),
CliAction::ListSessions {
output_format: CliOutputFormat::Json,
}
);
assert_eq!(
parse_args(&[
"load-session".to_string(),
"my-session-id".to_string(),
])
.expect("load-session <id> should parse"),
CliAction::LoadSession {
session_reference: "my-session-id".to_string(),
output_format: CliOutputFormat::Text,
},
"load-session must dispatch to LoadSession, not fall through to Prompt"
);
assert_eq!(
parse_args(&[
"delete-session".to_string(),
"my-session-id".to_string(),
])
.expect("delete-session <id> should parse"),
CliAction::DeleteSession {
session_id: "my-session-id".to_string(),
output_format: CliOutputFormat::Text,
},
"delete-session must dispatch to DeleteSession, not fall through to Prompt"
);
assert_eq!(
parse_args(&[
"flush-transcript".to_string(),
"my-session-id".to_string(),
])
.expect("flush-transcript <id> should parse"),
CliAction::FlushTranscript {
session_id: "my-session-id".to_string(),
output_format: CliOutputFormat::Text,
},
"flush-transcript must dispatch to FlushTranscript, not fall through to Prompt"
);
// #251: required positional arguments for session verbs
let load_err = parse_args(&["load-session".to_string()])
.expect_err("load-session without id should be rejected");
assert!(
load_err.contains("load-session requires a session-id"),
"missing session-id error should be specific, got: {load_err}"
);
let delete_err = parse_args(&["delete-session".to_string()])
.expect_err("delete-session without id should be rejected");
assert!(
delete_err.contains("delete-session requires a session-id"),
"missing session-id error should be specific, got: {delete_err}"
);
// #251: extra arguments must be rejected
let extra_err = parse_args(&[
"list-sessions".to_string(),
"unexpected".to_string(),
])
.expect_err("list-sessions with extra args should be rejected");
assert!(
extra_err.contains("unexpected extra arguments"),
"extra-args error should be specific, got: {extra_err}"
);
// #130b: classify_error_kind must recognize filesystem operation errors.
// Messages produced by contextualize_io_error() must route to
// "filesystem_io_error" kind, not default "unknown". This closes the
// context-loss chain (run_export -> fs::write -> ? -> to_string ->
// classify miss -> unknown) that #130b identified.
let export_err_msg = "export failed: /tmp/bad/path (No such file or directory (os error 2))";
assert_eq!(
classify_error_kind(export_err_msg),
"filesystem_io_error",
"#130b: export fs::write errors must classify as filesystem_io_error, not unknown"
);
let diff_err_msg = "diff failed: /tmp/nowhere (Permission denied (os error 13))";
assert_eq!(
classify_error_kind(diff_err_msg),
"filesystem_io_error",
"#130b: diff fs errors must classify as filesystem_io_error"
);
let config_err_msg = "config failed: /tmp/x (Is a directory (os error 21))";
assert_eq!(
classify_error_kind(config_err_msg),
"filesystem_io_error",
"#130b: config fs errors must classify as filesystem_io_error"
);
// #130b: contextualize_io_error must produce messages that the classifier recognizes.
let io_err = std::io::Error::new(std::io::ErrorKind::NotFound, "No such file or directory");
let enriched = super::contextualize_io_error("export", "/tmp/bad/path", io_err);
assert!(
enriched.contains("export failed:"),
"#130b: contextualize_io_error must include operation name, got: {enriched}"
);
assert!(
enriched.contains("/tmp/bad/path"),
"#130b: contextualize_io_error must include target path, got: {enriched}"
);
assert_eq!(
classify_error_kind(&enriched),
"filesystem_io_error",
"#130b: enriched messages must be classifier-recognizable"
);
// #130c: `claw diff --help` must route to help topic, not reject as extra args.
// Regression: `diff` was the outlier among local introspection commands
// (status/config/mcp all accepted --help) because its parser arm rejected
// all extra args before help detection could run.
let diff_help_action = parse_args(&[
"diff".to_string(),
"--help".to_string(),
])
.expect("diff --help must parse as help action");
assert!(
matches!(diff_help_action, CliAction::HelpTopic(LocalHelpTopic::Diff)),
"#130c: diff --help must route to LocalHelpTopic::Diff, got: {diff_help_action:?}"
);
let diff_h_action = parse_args(&[
"diff".to_string(),
"-h".to_string(),
])
.expect("diff -h must parse as help action");
assert!(
matches!(diff_h_action, CliAction::HelpTopic(LocalHelpTopic::Diff)),
"#130c: diff -h (short form) must route to LocalHelpTopic::Diff"
);
// #130c: bare `claw diff` still routes to Diff action, not help.
let diff_action = parse_args(&[
"diff".to_string(),
])
.expect("bare diff must parse as diff action");
assert!(
matches!(diff_action, CliAction::Diff { .. }),
"#130c: bare diff must still route to Diff action, got: {diff_action:?}"
);
// #130c: unknown args still rejected (non-regression).
let diff_bad_arg = parse_args(&[
"diff".to_string(),
"foo".to_string(),
])
.expect_err("diff foo must still be rejected as extra args");
assert!(
diff_bad_arg.contains("unexpected extra arguments"),
"#130c: diff with unknown arg must still error, got: {diff_bad_arg}"
);
// #130d: `claw config --help` must route to help topic, not silently run config.
let config_help_action = parse_args(&[
"config".to_string(),
"--help".to_string(),
])
.expect("config --help must parse as help action");
assert!(
matches!(config_help_action, CliAction::HelpTopic(LocalHelpTopic::Config)),
"#130d: config --help must route to LocalHelpTopic::Config, got: {config_help_action:?}"
);
let config_h_action = parse_args(&[
"config".to_string(),
"-h".to_string(),
])
.expect("config -h must parse as help action");
assert!(
matches!(config_h_action, CliAction::HelpTopic(LocalHelpTopic::Config)),
"#130d: config -h (short form) must route to LocalHelpTopic::Config"
);
// #130d: bare `claw config` still routes to Config action with no section
let config_action = parse_args(&[
"config".to_string(),
])
.expect("bare config must parse as config action");
assert!(
matches!(config_action, CliAction::Config { section: None, .. }),
"#130d: bare config must still route to Config action with section=None"
);
// #130d: config with section still works (non-regression)
let config_section = parse_args(&[
"config".to_string(),
"permissions".to_string(),
])
.expect("config permissions must parse");
assert!(
matches!(config_section, CliAction::Config { section: Some(ref s), .. } if s == "permissions"),
"#130d: config with section must still work"
);
// #130e: dispatch-order help fixes for help, submit, resume
// These previously emitted `missing_credentials` instead of showing help,
// because parse_local_help_action() didn't route them. Now they route
// to dedicated help topics before credential check.
let help_help = parse_args(&[
"help".to_string(),
"--help".to_string(),
])
.expect("help --help must parse as help action");
assert!(
matches!(help_help, CliAction::HelpTopic(LocalHelpTopic::Meta)),
"#130e: help --help must route to LocalHelpTopic::Meta, got: {help_help:?}"
);
let submit_help = parse_args(&[
"submit".to_string(),
"--help".to_string(),
])
.expect("submit --help must parse as help action");
assert!(
matches!(submit_help, CliAction::HelpTopic(LocalHelpTopic::Submit)),
"#130e: submit --help must route to LocalHelpTopic::Submit"
);
let resume_help = parse_args(&[
"resume".to_string(),
"--help".to_string(),
])
.expect("resume --help must parse as help action");
assert!(
matches!(resume_help, CliAction::HelpTopic(LocalHelpTopic::Resume)),
"#130e: resume --help must route to LocalHelpTopic::Resume"
);
// Short form `-h` works for all three
let help_h = parse_args(&["help".to_string(), "-h".to_string()])
.expect("help -h must parse");
assert!(matches!(help_h, CliAction::HelpTopic(LocalHelpTopic::Meta)));
let submit_h = parse_args(&["submit".to_string(), "-h".to_string()])
.expect("submit -h must parse");
assert!(matches!(submit_h, CliAction::HelpTopic(LocalHelpTopic::Submit)));
let resume_h = parse_args(&["resume".to_string(), "-h".to_string()])
.expect("resume -h must parse");
assert!(matches!(resume_h, CliAction::HelpTopic(LocalHelpTopic::Resume)));
// #130e-B: surface-level help fixes for plugins and prompt.
// These previously emitted "Unknown action" (plugins) or wrong help (prompt).
let plugins_help = parse_args(&[
"plugins".to_string(),
"--help".to_string(),
])
.expect("plugins --help must parse as help action");
assert!(
matches!(plugins_help, CliAction::HelpTopic(LocalHelpTopic::Plugins)),
"#130e-B: plugins --help must route to LocalHelpTopic::Plugins, got: {plugins_help:?}"
);
let prompt_help = parse_args(&[
"prompt".to_string(),
"--help".to_string(),
])
.expect("prompt --help must parse as help action");
assert!(
matches!(prompt_help, CliAction::HelpTopic(LocalHelpTopic::Prompt)),
"#130e-B: prompt --help must route to LocalHelpTopic::Prompt, got: {prompt_help:?}"
);
// Short forms
let plugins_h = parse_args(&["plugins".to_string(), "-h".to_string()])
.expect("plugins -h must parse");
assert!(matches!(plugins_h, CliAction::HelpTopic(LocalHelpTopic::Plugins)));
let prompt_h = parse_args(&["prompt".to_string(), "-h".to_string()])
.expect("prompt -h must parse");
assert!(matches!(prompt_h, CliAction::HelpTopic(LocalHelpTopic::Prompt)));
// Non-regression: `prompt "actual text"` still parses as Prompt action
let prompt_action = parse_args(&[
"prompt".to_string(),
"hello world".to_string(),
])
.expect("prompt with real text must parse");
assert!(
matches!(prompt_action, CliAction::Prompt { ref prompt, .. } if prompt == "hello world"),
"#130e-B: prompt with real text must route to Prompt action"
);
// #147: empty / whitespace-only positional args must be rejected
// with a specific error instead of falling through to the prompt
// path (where they surface a misleading "missing Anthropic
@@ -11053,29 +10481,68 @@ mod tests {
}
#[test]
fn classify_error_kind_covers_prompt_parse_errors_247() {
// #247: prompt-related parse errors must classify as `cli_parse`,
// not fall through to `unknown`. Regression guard for ROADMAP #247
// (typed-error contract drift found in cycle #33 dogfood).
fn classify_error_kind_covers_verb_qualified_unknown_options_248() {
// #248: verb-qualified unknown-option rejections must classify as
// `cli_parse`, matching how the unqualified `unknown option` path
// already classifies. Regression guard — without this, typed-error
// dispatch on subcommand option errors was leaking to `unknown`.
assert_eq!(
classify_error_kind("prompt subcommand requires a prompt string"),
classify_error_kind("unknown system-prompt option: --json"),
"cli_parse",
"bare `claw prompt` must surface as cli_parse so typed-error consumers can dispatch"
"system-prompt verb option errors must be cli_parse"
);
assert_eq!(
classify_error_kind(
"empty prompt: provide a subcommand (run `claw --help`) or a non-empty prompt string"
),
classify_error_kind("unknown export option: --bogus"),
"cli_parse",
"`claw \"\"` must surface as cli_parse, not unknown"
"export verb option errors must be cli_parse"
);
// Sanity: the new patterns must be specific enough not to hijack
// genuinely unknown errors that happen to contain the word `prompt`.
assert_eq!(
classify_error_kind("some random prompt-adjacent failure we don't recognize"),
classify_error_kind("unknown dump-manifests option: --bogus"),
"cli_parse",
"dump-manifests verb option errors must be cli_parse"
);
// Subcommand-level mistypes also classify as cli_parse now.
assert_eq!(
classify_error_kind("unknown subcommand: staatus"),
"cli_parse",
"unknown subcommand must be cli_parse"
);
assert_eq!(
classify_error_kind("unknown slash command outside the REPL: /blargh"),
"cli_parse",
"unknown direct slash command must be cli_parse"
);
// Specificity guard: text that merely mentions `unknown` or `option`
// without the verb-qualified shape must still fall through. The
// detector requires `starts_with("unknown ")` AND `contains(" option:")`.
assert_eq!(
classify_error_kind("something totally unknown happened while processing options"),
"unknown",
"generic prompt-containing text should still fall through to unknown"
"loose prose mentioning unknown/options must still fall through"
);
assert_eq!(
classify_error_kind("unknown runtime failure: widget exploded"),
"unknown",
"`unknown <anything>` without ` option:` must not get hijacked"
);
}
#[test]
fn is_unknown_verb_option_error_only_matches_verb_qualified_shape_248() {
// #248: lock the detector's scope. Must match only the exact shape
// `unknown <verb> option: <arg>`.
assert!(is_unknown_verb_option_error(
"unknown system-prompt option: --json"
));
assert!(is_unknown_verb_option_error("unknown export option: --bogus"));
assert!(is_unknown_verb_option_error(
"unknown dump-manifests option: --bogus"
));
// Negatives.
assert!(!is_unknown_verb_option_error("unknown subcommand: foo"));
assert!(!is_unknown_verb_option_error("unknown option: --foo"));
assert!(!is_unknown_verb_option_error("something is unknown option:"));
assert!(!is_unknown_verb_option_error(""));
}
#[test]

108
rust/crates/rusty-claude-cli/tests/output_format_contract.rs
View File

@@ -388,114 +388,6 @@ fn assert_json_command(current_dir: &Path, args: &[&str]) -> Value {
assert_json_command_with_env(current_dir, args, &[])
}
/// #247 regression helper: run claw expecting a non-zero exit and return
/// the JSON error envelope parsed from stderr. Asserts exit != 0 and that
/// the envelope includes `type: "error"` at the very least.
fn assert_json_error_envelope(current_dir: &Path, args: &[&str]) -> Value {
let output = run_claw(current_dir, args, &[]);
assert!(
!output.status.success(),
"command unexpectedly succeeded; stdout:\n{}\nstderr:\n{}",
String::from_utf8_lossy(&output.stdout),
String::from_utf8_lossy(&output.stderr)
);
// The JSON envelope is written to stderr for error cases (see main.rs).
let envelope: Value = serde_json::from_slice(&output.stderr).unwrap_or_else(|err| {
panic!(
"stderr should be a JSON error envelope but failed to parse: {err}\nstderr bytes:\n{}",
String::from_utf8_lossy(&output.stderr)
)
});
assert_eq!(
envelope["type"], "error",
"envelope should carry type=error"
);
envelope
}
#[test]
fn prompt_subcommand_without_arg_emits_cli_parse_envelope_with_hint_247() {
// #247: `claw prompt` with no argument must classify as `cli_parse`
// (not `unknown`) and the JSON envelope must carry the same actionable
// `Run claw --help for usage.` hint that text-mode stderr appends.
let root = unique_temp_dir("247-prompt-no-arg");
fs::create_dir_all(&root).expect("temp dir should exist");
let envelope = assert_json_error_envelope(&root, &["--output-format", "json", "prompt"]);
assert_eq!(
envelope["kind"], "cli_parse",
"prompt subcommand without arg should classify as cli_parse, envelope: {envelope}"
);
assert_eq!(
envelope["error"], "prompt subcommand requires a prompt string",
"short reason should match the raw error, envelope: {envelope}"
);
assert_eq!(
envelope["hint"],
"Run `claw --help` for usage.",
"JSON envelope must carry the same help-runbook hint as text mode, envelope: {envelope}"
);
}
#[test]
fn empty_positional_arg_emits_cli_parse_envelope_247() {
// #247: `claw ""` must classify as `cli_parse`, not `unknown`. The
// message itself embeds a ``run `claw --help`` pointer so the explicit
// hint field is allowed to remain null to avoid duplication — what
// matters for the typed-error contract is that `kind == cli_parse`.
let root = unique_temp_dir("247-empty-arg");
fs::create_dir_all(&root).expect("temp dir should exist");
let envelope = assert_json_error_envelope(&root, &["--output-format", "json", ""]);
assert_eq!(
envelope["kind"], "cli_parse",
"empty-prompt error should classify as cli_parse, envelope: {envelope}"
);
let short = envelope["error"]
.as_str()
.expect("error field should be a string");
assert!(
short.starts_with("empty prompt:"),
"short reason should preserve the original empty-prompt message, got: {short}"
);
}
#[test]
fn whitespace_only_positional_arg_emits_cli_parse_envelope_247() {
// #247: same rule for `claw " "` — any whitespace-only prompt must
// flow through the empty-prompt path and classify as `cli_parse`.
let root = unique_temp_dir("247-whitespace-arg");
fs::create_dir_all(&root).expect("temp dir should exist");
let envelope = assert_json_error_envelope(&root, &["--output-format", "json", " "]);
assert_eq!(
envelope["kind"], "cli_parse",
"whitespace-only prompt should classify as cli_parse, envelope: {envelope}"
);
}
#[test]
fn unrecognized_argument_still_classifies_as_cli_parse_247_regression_guard() {
// #247 regression guard: the new empty-prompt / prompt-subcommand
// patterns must NOT hijack the existing #77 unrecognized-argument
// classification. `claw doctor --foo` must still surface as cli_parse
// with the runbook hint present.
let root = unique_temp_dir("247-unrecognized-arg");
fs::create_dir_all(&root).expect("temp dir should exist");
let envelope =
assert_json_error_envelope(&root, &["--output-format", "json", "doctor", "--foo"]);
assert_eq!(
envelope["kind"], "cli_parse",
"unrecognized-argument must remain cli_parse, envelope: {envelope}"
);
assert_eq!(
envelope["hint"],
"Run `claw --help` for usage.",
"unrecognized-argument hint should stay intact, envelope: {envelope}"
);
}
fn assert_json_command_with_env(current_dir: &Path, args: &[&str], envs: &[(&str, &str)]) -> Value {
let output = run_claw(current_dir, args, envs);
assert!(