harivansh-afk/sandbox-agent
1
0
Fork 0
mirror of https://github.com/harivansh-afk/sandbox-agent.git synced 2026-04-15 13:03:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: include remaining workspace changes

Browse source
This commit is contained in:
Nathan Flurry 2026-03-10 21:55:57 -07:00
parent ea7c36a8e7
commit f0f2576289
17 changed files with 693 additions and 192 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.env.development.example
View file

@ -14,10 +14,14 @@ GITHUB_CLIENT_SECRET=
GITHUB_APP_ID=
GITHUB_APP_CLIENT_ID=
GITHUB_APP_CLIENT_SECRET=
# Store PEM material as a quoted single-line value with \n escapes.
GITHUB_APP_PRIVATE_KEY=
# Webhook secret for verifying GitHub webhook payloads.
# Use smee.io for local development: https://smee.io/new
GITHUB_WEBHOOK_SECRET=
# Fill these in when enabling live Stripe billing.
STRIPE_SECRET_KEY=
STRIPE_PUBLISHABLE_KEY=
STRIPE_WEBHOOK_SECRET=
STRIPE_PRICE_TEAM=

2
.gitignore vendored
View file

@ -48,6 +48,8 @@ Cargo.lock
.agents/
.claude/
.opencode/
.context/
factory/.context/
# Example temp files
.tmp-upload/

30
CLAUDE.md
View file

@ -78,6 +78,9 @@
- `research/acp/v1-schema-to-acp-mapping.md`
- `research/acp/friction.md`
- `research/acp/todo.md`
- `research/friction/rivetkit.md`
- `research/friction/sandbox-agent-sdk.md`
- `research/friction/factory.md`
## Change Tracking
@ -85,7 +88,32 @@
- Update `docs/cli.mdx` when CLI behavior changes.
- Regenerate `docs/openapi.json` when HTTP contracts change.
- Keep `docs/inspector.mdx` and `docs/sdks/typescript.mdx` aligned with implementation.
- Append blockers/decisions to `research/acp/friction.md` during ACP work.
- Append blockers/decisions to the appropriate friction log during work:
- `research/acp/friction.md` — ACP protocol, migration, and spec issues.
- `research/friction/rivetkit.md` — RivetKit runtime, actor model, queues, keys, workflows.
- `research/friction/sandbox-agent-sdk.md` — Sandbox Agent SDK/API, TypeScript clients, ACP HTTP client.
- `research/friction/factory.md` — Factory product development, frontend, backend, client.
- Friction log entry format (all logs use the same template):
```
- Date:
- Commit: (SHA or `uncommitted`)
- Author: (current git user)
- Implementing:
- Friction/issue:
- Attempted fix/workaround:
- Outcome:
- Status: `open` | `in_progress` | `resolved` | `deferred`
- Files:
```
- `Date`: the date of the commit or when the entry was written.
- `Commit`: the commit SHA associated with the friction, or `uncommitted` if no commit yet.
- `Author`: the current git user (`git config user.name`).
- `Implementing`: what you were working on when friction was encountered.
- `Friction/issue`: the friction or issue encountered.
- `Attempted fix/workaround`: what was tried to resolve it.
- `Outcome`: the result of the attempt.
- `Status`: one of `open`, `in_progress`, `resolved`, or `deferred`.
- `Files`: relevant file paths.
- `docs/agent-capabilities.mdx` lists models/modes/thought levels per agent. Update it when adding a new agent or changing `fallback_config_options`. If its "Last updated" date is >2 weeks old, re-run `cd scripts/agent-configs && npx tsx dump.ts` and update the doc to match. Source data: `scripts/agent-configs/resources/*.json` and hardcoded entries in `server/packages/sandbox-agent/src/router/support.rs` (`fallback_config_options`).
- Some agent models are gated by subscription (e.g. Claude `opus`). The live report only shows models available to the current credentials. The static doc and JSON resource files should list all known models regardless of subscription tier.
- TypeScript SDK tests should run against a real running server/runtime over real `/v1` HTTP APIs, typically using the real `mock` agent for deterministic behavior.

9
docs/deploy/factory-self-hosting.mdx
View file

@ -80,6 +80,8 @@ If your Factory deployment uses GitHub App-backed organization install and repo
| `GITHUB_APP_CLIENT_SECRET` | Yes | GitHub App client secret |
| `GITHUB_APP_PRIVATE_KEY` | Yes | PEM private key for installation auth |
For `.env.development` and `.env.development.local`, store `GITHUB_APP_PRIVATE_KEY` as a quoted single-line value with `\n` escapes instead of raw multi-line PEM text.
Recommended GitHub App permissions:
- Repository `Metadata: Read`
@ -88,12 +90,18 @@ Recommended GitHub App permissions:
- Repository `Checks: Read`
- Repository `Commit statuses: Read`
Set the webhook URL to `https://<your-backend-host>/api/rivet/app/webhooks/github` and generate a webhook secret. Store the secret as `GITHUB_WEBHOOK_SECRET`.
Recommended webhook subscriptions:
- `installation`
- `installation_repositories`
- `pull_request`
- `pull_request_review`
- `pull_request_review_comment`
- `push`
- `create`
- `delete`
- `check_suite`
- `check_run`
- `status`
@ -119,6 +127,7 @@ For live billing, configure:
| `STRIPE_SECRET_KEY` | Yes | Server-side Stripe secret key |
| `STRIPE_PUBLISHABLE_KEY` | Yes | Client-side Stripe publishable key |
| `STRIPE_WEBHOOK_SECRET` | Yes | Signing secret for billing webhooks |
| `STRIPE_PRICE_TEAM` | Yes | Stripe price id for the Team plan checkout session |
Stripe should own:

3
factory/compose.dev.yaml
View file

@ -32,8 +32,6 @@ services:
- "8750:8750"
volumes:
- "..:/app"
# Override HF_RIVET_CHECKOUT_PATH when the linked Rivet workspace lives outside the default sibling checkout.
- "${HF_RIVET_CHECKOUT_PATH:-../../../handoff/rivet-checkout}:/handoff/rivet-checkout:ro"
# Reuse the host Codex auth profile for local sandbox-agent Codex sessions in dev.
- "${HOME}/.codex:/root/.codex"
# Keep backend dependency installs Linux-native instead of using host node_modules.
@ -64,7 +62,6 @@ services:
- "..:/app"
# Ensure logs in .sandbox-agent-factory/ persist on the host even if we change source mounts later.
- "./.sandbox-agent-factory:/app/factory/.sandbox-agent-factory"
- "${HF_RIVET_CHECKOUT_PATH:-../../../handoff/rivet-checkout}:/handoff/rivet-checkout:ro"
# Use Linux-native workspace dependencies inside the container instead of host node_modules.
- "sandbox-agent-factory_node_modules:/app/node_modules"
- "sandbox-agent-factory_client_node_modules:/app/factory/packages/client/node_modules"

31
factory/compose.mock.yaml Normal file
View file

@ -0,0 +1,31 @@
name: sandbox-agent-factory-mock
services:
frontend:
build:
context: ..
dockerfile: factory/docker/frontend.dev.Dockerfile
working_dir: /app
environment:
HOME: "/tmp"
FACTORY_FRONTEND_CLIENT_MODE: "mock"
ports:
- "4174:4173"
volumes:
- "..:/app"
- "./.sandbox-agent-factory:/app/factory/.sandbox-agent-factory"
# Use Linux-native workspace dependencies inside the container instead of host node_modules.
- "sandbox-agent-factory-mock_node_modules:/app/node_modules"
- "sandbox-agent-factory-mock_client_node_modules:/app/factory/packages/client/node_modules"
- "sandbox-agent-factory-mock_frontend_errors_node_modules:/app/factory/packages/frontend-errors/node_modules"
- "sandbox-agent-factory-mock_frontend_node_modules:/app/factory/packages/frontend/node_modules"
- "sandbox-agent-factory-mock_shared_node_modules:/app/factory/packages/shared/node_modules"
- "sandbox-agent-factory-mock_pnpm_store:/tmp/.local/share/pnpm/store"
volumes:
sandbox-agent-factory-mock_node_modules: {}
sandbox-agent-factory-mock_client_node_modules: {}
sandbox-agent-factory-mock_frontend_errors_node_modules: {}
sandbox-agent-factory-mock_frontend_node_modules: {}
sandbox-agent-factory-mock_shared_node_modules: {}
sandbox-agent-factory-mock_pnpm_store: {}

1
factory/docker/backend.preview.Dockerfile
View file

@ -39,7 +39,6 @@ ENV SANDBOX_AGENT_BIN="/root/.local/bin/sandbox-agent"
WORKDIR /workspace/quebec
COPY quebec /workspace/quebec
COPY rivet-checkout /workspace/rivet-checkout
RUN pnpm install --frozen-lockfile
RUN pnpm --filter @sandbox-agent/factory-shared build

1
factory/docker/frontend.preview.Dockerfile
View file

@ -7,7 +7,6 @@ RUN npm install -g pnpm@10.28.2
WORKDIR /workspace/quebec
COPY quebec /workspace/quebec
COPY rivet-checkout /workspace/rivet-checkout
RUN pnpm install --frozen-lockfile
RUN pnpm --filter @sandbox-agent/factory-shared build

2
factory/packages/backend/package.json
View file

@ -22,7 +22,7 @@
"drizzle-orm": "^0.44.5",
"hono": "^4.11.9",
"pino": "^10.3.1",
"rivetkit": "link:../../../../../handoff/rivet-checkout/rivetkit-typescript/packages/rivetkit",
"rivetkit": "^2.1.6",
"sandbox-agent": "workspace:*",
"uuid": "^13.0.0",
"zod": "^4.1.5"

35
factory/packages/backend/src/config/env.ts
View file

@ -1,10 +1,14 @@
import { existsSync, readFileSync } from "node:fs";
import { resolve } from "node:path";
import { dirname, resolve } from "node:path";
const DEVELOPMENT_ENV_FILES = [".env.development.local", ".env.development"] as const;
const LOCAL_DEV_BETTER_AUTH_SECRET = "sandbox-agent-factory-development-only-change-me";
const LOCAL_DEV_APP_URL = "http://localhost:4173";
function decodeQuotedEnvValue(value: string): string {
return value.replace(/\\n/g, "\n").replace(/\\r/g, "\r").replace(/\\t/g, "\t");
}
function loadEnvFile(path: string): void {
const source = readFileSync(path, "utf8");
for (const line of source.split(/\r?\n/)) {
@ -29,7 +33,7 @@ function loadEnvFile(path: string): void {
(value.startsWith('"') && value.endsWith('"')) ||
(value.startsWith("'") && value.endsWith("'"))
) {
value = value.slice(1, -1);
value = decodeQuotedEnvValue(value.slice(1, -1));
}
process.env[key] = value;
}
@ -44,14 +48,27 @@ export function loadDevelopmentEnvFiles(cwd = process.cwd()): string[] {
return [];
}
const loaded: string[] = [];
for (const fileName of DEVELOPMENT_ENV_FILES) {
const path = resolve(cwd, fileName);
if (!existsSync(path)) {
continue;
const searchDirs: string[] = [];
let current = resolve(cwd);
for (;;) {
searchDirs.push(current);
const parent = dirname(current);
if (parent === current) {
break;
}
current = parent;
}
const loaded: string[] = [];
for (const dir of searchDirs) {
for (const fileName of DEVELOPMENT_ENV_FILES) {
const path = resolve(dir, fileName);
if (!existsSync(path) || loaded.includes(path)) {
continue;
}
loadEnvFile(path);
loaded.push(path);
}
loadEnvFile(path);
loaded.push(path);
}
return loaded;
}

2
factory/packages/client/package.json
View file

@ -46,7 +46,7 @@
},
"dependencies": {
"@sandbox-agent/factory-shared": "workspace:*",
"rivetkit": "link:../../../../../handoff/rivet-checkout/rivetkit-typescript/packages/rivetkit"
"rivetkit": "^2.1.6"
},
"devDependencies": {
"tsup": "^8.5.0"

13
justfile
View file

@ -141,9 +141,18 @@ factory-frontend-dev host='127.0.0.1' port='4173' backend='http://127.0.0.1:7741
VITE_HF_BACKEND_ENDPOINT="{{backend}}" pnpm --filter @sandbox-agent/factory-frontend dev -- --host {{host}} --port {{port}}
[group('factory')]
factory-dev-mock host='127.0.0.1' port='4173':
factory-dev-mock:
pnpm install
FACTORY_FRONTEND_CLIENT_MODE=mock pnpm --filter @sandbox-agent/factory-frontend dev -- --host {{host}} --port {{port}}
mkdir -p factory/.sandbox-agent-factory/logs
docker compose -f factory/compose.mock.yaml up --build --force-recreate -d
[group('factory')]
factory-dev-mock-down:
docker compose -f factory/compose.mock.yaml down
[group('factory')]
factory-dev-mock-logs:
docker compose -f factory/compose.mock.yaml logs -f --tail=200
[group('factory')]
factory-dev-turbo:

363
pnpm-lock.yaml generated
View file

@ -455,8 +455,8 @@ importers:
specifier: ^10.3.1
version: 10.3.1
rivetkit:
specifier: link:../../../../../handoff/rivet-checkout/rivetkit-typescript/packages/rivetkit
version: link:../../../../../handoff/rivet-checkout/rivetkit-typescript/packages/rivetkit
specifier: ^2.1.6
version: 2.1.6(@hono/node-server@1.19.9(hono@4.12.2))(@hono/node-ws@1.3.0(@hono/node-server@1.19.9(hono@4.12.2))(hono@4.12.2))(drizzle-kit@0.31.9)(drizzle-orm@0.44.7(@cloudflare/workers-types@4.20260305.1)(@opentelemetry/api@1.9.0)(@types/better-sqlite3@7.6.13)(@types/pg@8.18.0)(better-sqlite3@11.10.0)(bun-types@1.3.10)(pg@8.20.0))(ws@8.19.0)
sandbox-agent:
specifier: workspace:*
version: link:../../../sdks/typescript
@ -483,8 +483,8 @@ importers:
specifier: workspace:*
version: link:../shared
rivetkit:
specifier: link:../../../../../handoff/rivet-checkout/rivetkit-typescript/packages/rivetkit
version: link:../../../../../handoff/rivet-checkout/rivetkit-typescript/packages/rivetkit
specifier: ^2.1.6
version: 2.1.6(@hono/node-server@1.19.9(hono@4.12.2))(@hono/node-ws@1.3.0(@hono/node-server@1.19.9(hono@4.12.2))(hono@4.12.2))(drizzle-kit@0.31.9)(drizzle-orm@0.44.7(@cloudflare/workers-types@4.20260305.1)(@opentelemetry/api@1.9.0)(@types/better-sqlite3@7.6.13)(@types/pg@8.18.0)(better-sqlite3@11.10.0)(bun-types@1.3.10)(pg@8.20.0))(ws@8.19.0)
devDependencies:
tsup:
specifier: ^8.5.0
@ -995,6 +995,11 @@ packages:
resolution: {integrity: sha512-FSEVWXvwroExDXUu8qV6Wqp2X3D1nJ0Li4LFymCyvCVrm7I3lNfG0zZWSWvGU1RE7891eTnFTyh31L3igOwNKQ==}
hasBin: true
'@asteasolutions/zod-to-openapi@8.4.3':
resolution: {integrity: sha512-lwfMTN7kDbFDwMniYZUebiGGHxVGBw9ZSI4IBYjm6Ey22Kd5z/fsQb2k+Okr8WMbCCC553vi/ZM9utl5/XcvuQ==}
peerDependencies:
zod: ^4.0.0
'@astrojs/compiler@2.13.0':
resolution: {integrity: sha512-mqVORhUJViA28fwHYaWmsXSzLO9osbdZ5ImUfxBarqsYdMlPbqAqGJCxsNzvppp1BEzc1mJNjOVvQqeDN8Vspw==}
@ -1362,6 +1367,36 @@ packages:
resolution: {integrity: sha512-VERIM64vtTP1C4mxQ5thVT9fK0apjPFobqybMtA1UdUujWka24ERHbRHFGmpbbhp73MhV+KSsHQH9C6uOTdEQA==}
engines: {node: '>=18'}
'@cbor-extract/cbor-extract-darwin-arm64@2.2.1':
resolution: {integrity: sha512-ubDPxTvFufYt2wYpBIbp9AP4uKKm55AVrXJyGkLbpKyk8+01KCKDGeB66JTZCGflSsAPRIluLHWI1P8ntEZShQ==}
cpu: [arm64]
os: [darwin]
'@cbor-extract/cbor-extract-darwin-x64@2.2.1':
resolution: {integrity: sha512-lzJAun76gwY4rgeklyNuPROeo7kYLh0lK+Jji9J7OX3UfSV7EpjDNGKT7wotzGpF0Qm36bOtlCNvE+VsUin1gQ==}
cpu: [x64]
os: [darwin]
'@cbor-extract/cbor-extract-linux-arm64@2.2.1':
resolution: {integrity: sha512-OFdIWOrSCSE8IRVAzHX5Js1TSvmQCcZbsB+wpXlZLFhIFbXlvF8VmXSHtBkK8pLfs9nvfsg3zz3ZIG10EKazHQ==}
cpu: [arm64]
os: [linux]
'@cbor-extract/cbor-extract-linux-arm@2.2.1':
resolution: {integrity: sha512-J5MjNKc4ecV56jOYDDMp0CfGyqQgoOgTwsEjra7YJdJic1YzGEyPedZStcpS0E1bdEyPOOJOfbFLRpgtFosZ/Q==}
cpu: [arm]
os: [linux]
'@cbor-extract/cbor-extract-linux-x64@2.2.1':
resolution: {integrity: sha512-f7gB4h/CaR66hTAmooJ6uIuCNl4SmBGJAQx+ED9eIJIZtOhkyeeRrBw383cIdHiLbvr/wBVZ31RnyqFLRCmu1g==}
cpu: [x64]
os: [linux]
'@cbor-extract/cbor-extract-win32-x64@2.2.1':
resolution: {integrity: sha512-diYmdTuTTNjTfmb9A+Xq5ZOtLP6JW2SuGXqV25ZbnXjuhdEO/Vn8tX3QPmKqnPOf7SyFQVpAVwU5w9B53y3P4g==}
cpu: [x64]
os: [win32]
'@cloudflare/containers@0.1.1':
resolution: {integrity: sha512-YTdobRTnTlUOUPMFemufH367A9Z8pDfZ+UboYMLbGpO0VlvEXZDiioSmXPQMHld2vRtkL31mcRii3bcbQU6fdw==}
@ -2267,6 +2302,25 @@ packages:
'@hono/node-server': ^1.19.2
hono: ^4.6.0
'@hono/standard-validator@0.1.5':
resolution: {integrity: sha512-EIyZPPwkyLn6XKwFj5NBEWHXhXbgmnVh2ceIFo5GO7gKI9WmzTjPDKnppQB0KrqKeAkq3kpoW4SIbu5X1dgx3w==}
peerDependencies:
'@standard-schema/spec': 1.0.0
hono: '>=3.9.0'
'@hono/zod-openapi@1.2.2':
resolution: {integrity: sha512-va6vsL23wCJ1d0Vd+vGL1XOt+wPwItxirYafuhlW9iC2MstYr2FvsI7mctb45eBTjZfkqB/3LYDJEppPjOEiHw==}
engines: {node: '>=16.0.0'}
peerDependencies:
hono: '>=4.3.6'
zod: ^4.0.0
'@hono/zod-validator@0.7.6':
resolution: {integrity: sha512-Io1B6d011Gj1KknV4rXYz4le5+5EubcWEU/speUjuw9XMMIaP3n78yXLhjd2A3PXaXaUwEAluOiAyLqhBEJgsw==}
peerDependencies:
hono: '>=3.9.0'
zod: ^3.25.0 || ^4.0.0
'@iarna/toml@2.2.5':
resolution: {integrity: sha512-trnsAYxU3xnS1gPHPyU961coFyLkh4gAD/0zQ5mymY4yOZ+CYvsPqUbOFSw0aDM4y0tV7tiFxL/1XfXPNC6IPg==}
@ -2748,6 +2802,41 @@ packages:
resolution: {integrity: sha512-imK/Bh/rxeWRhnKV5rpm6kYyT0+O+9uX8njiyG1LE8hvJFboAY+3fHuOMC816+Gm5de/Asrf8R3uzNYPmgUUzg==}
hasBin: true
'@rivetkit/bare-ts@0.6.2':
resolution: {integrity: sha512-3qndQUQXLdwafMEqfhz24hUtDPcsf1Bu3q52Kb8MqeH8JUh3h6R4HYW3ZJXiQsLcyYyFM68PuIwlLRlg1xDEpg==}
engines: {node: ^14.18.0 || >=16.0.0}
'@rivetkit/engine-runner-protocol@2.1.6':
resolution: {integrity: sha512-QwaWvAJN2KGae+UHKZbLiEWaWj9ycmwtrRtUq728CU+lidkaGv5yHxXb4gkXSD7rhGQcR98+XWZLb0F0BM/vAg==}
'@rivetkit/engine-runner@2.1.6':
resolution: {integrity: sha512-WpiEmi/SxAVED0N/M0kvPZwq/MxMuuz/Y89ut1sTP7syPzpCauGxafOdqkTqiX1ef+N1ZlrtX+v/LwDF/jIgFw==}
'@rivetkit/fast-json-patch@3.1.2':
resolution: {integrity: sha512-CtA50xgsSSzICQduF/NDShPRzvucnNvsW/lQO0WgMTT1XAj9Lfae4pm7r3llFwilgG+9iq76Hv1LUqNy72v6yw==}
'@rivetkit/on-change@6.0.2-rc.1':
resolution: {integrity: sha512-5RC9Ze/wTKqSlJvopdCgr+EfyV93+iiH8Thog0QXrl8PT1unuBNw/jadXNMtwgAxrIaCJL+JLaHQH9w7rqpMDw==}
engines: {node: '>=20'}
'@rivetkit/sqlite-vfs@2.1.6':
resolution: {integrity: sha512-jbCrigzqoygZTYdZu7izaQjr77Q4BFX1HwhW4Mf0UFIaKT72AteH/w4PcktzrKcw4Utmo0zX0C6zNBRKo0IpOA==}
engines: {node: '>=20.0.0'}
'@rivetkit/sqlite@0.1.1':
resolution: {integrity: sha512-NE7ZBy/hQhOrWzMZFjkHX9SoXxf+ILcDvVV+mNbUYPgiy/fsDzlXdK0+JDTGnko5f4Xl6/KVCoCozz9gkwkq8A==}
'@rivetkit/traces@2.1.6':
resolution: {integrity: sha512-wuuGWoWWdUPbqs5u+31YodSUOsYMydaa+/cxZ7I5KaUe26fK0i1E+0ytqC1JGQm6utWeuYp8cLUX3WSEfVKJhQ==}
engines: {node: '>=18.0.0'}
'@rivetkit/virtual-websocket@2.0.33':
resolution: {integrity: sha512-sMoHZgBy9WDW76pv+ML3LPgf7TWk5vXdu3ZpPO20j6n+rB3fLacnnmzjt5xD6tZcJ/x5qINyEywGgcxA7MTMuQ==}
'@rivetkit/workflow-engine@2.1.6':
resolution: {integrity: sha512-eLVFBbhOlBQKzO5lu032tOo0OEAFFp7uNcGwvB1mBFmYsm7aKBgnJl214IV39a6fRtCL2meVxiMU1GKb006zYw==}
engines: {node: '>=18.0.0'}
'@rolldown/pluginutils@1.0.0-beta.27':
resolution: {integrity: sha512-+d0F4MKMCbeVUJwG96uQ4SgAznZNSq93I3V+9NHA4OpvqG8mRCpGdKmK8l/dl02h2CCDHwW2FqilnTyDcAnqjA==}
@ -3258,6 +3347,9 @@ packages:
'@types/react@18.3.27':
resolution: {integrity: sha512-cisd7gxkzjBKU2GgdYrTdtQx1SORymWyaAFhaxQPK9bYO9ot3Y5OikQRvY0VYQtvwjeQnizCINJAenh/V7MK2w==}
'@types/retry@0.12.2':
resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==}
'@types/sax@1.2.7':
resolution: {integrity: sha512-rO73L89PJxeYM3s3pPPjiPgVVcymqU490g0YO5n5By0k2Erzj6tay/4lr1CHAAU4JyOWd1rpQ8bCf6cZfHU96A==}
@ -3584,6 +3676,13 @@ packages:
card-validator@6.2.0:
resolution: {integrity: sha512-1vYv45JaE9NmixZr4dl6ykzbFKv7imI9L7MQDs235b/a7EGbG8rrEsipeHtVvscLSUbl3RX6UP5gyOe0Y2FlHA==}
cbor-extract@2.2.1:
resolution: {integrity: sha512-Vp8PLcLCC3tgOYIrgAjCa5GpPR2jUciJqNDklUbXRjsl9BlFzQyHoaZc2MjDb6AE47xQ1mID7rGuRD1ZAuE+sQ==}
hasBin: true
cbor-x@1.6.3:
resolution: {integrity: sha512-P/LrTqDtSLAj6j6MntQlLheHGGnh1tzZrbei6chGVqWJC8tvB7cZWou013zY4iPnsLMNailBrq9ajU0IKEPXyg==}
ccount@2.0.1:
resolution: {integrity: sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg==}
@ -4330,6 +4429,9 @@ packages:
fastq@1.20.1:
resolution: {integrity: sha512-GGToxJ/w1x32s/D2EKND7kTil4n8OVk/9mycTc4VDza13lOvpUZTGX3mFSCtV9ksdGBVzvsyAVLM6mHFThxXxw==}
fdb-tuple@1.0.0:
resolution: {integrity: sha512-8jSvKPCYCgTpi9Pt87qlfTk6griyMx4Gk3Xv31Dp72Qp8b6XgIyFsMm8KzPmFJ9iJ8K4pGvRxvOS8D0XGnrkjw==}
fdir@6.5.0:
resolution: {integrity: sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==}
engines: {node: '>=12.0.0'}
@ -4451,6 +4553,10 @@ packages:
resolution: {integrity: sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==}
engines: {node: '>= 0.4'}
get-port@7.1.0:
resolution: {integrity: sha512-QB9NKEeDg3xxVwCCwJQ9+xycaz6pBB6iQ76wiWMl1927n0Kir6alPiP+yuiICLLU4jpMe08dXfpebuQppFA2zw==}
engines: {node: '>=16'}
get-proto@1.0.1:
resolution: {integrity: sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==}
engines: {node: '>= 0.4'}
@ -4675,6 +4781,10 @@ packages:
resolution: {integrity: sha512-qP1vozQRI+BMOPcjFzrjXuQvdak2pHNUMZoeG2eRbiSqyvbEf/wQtEOTOX1guk6E3t36RkaqiSt8A/6YElNxLQ==}
engines: {node: '>=12'}
is-network-error@1.3.1:
resolution: {integrity: sha512-6QCxa49rQbmUWLfk0nuGqzql9U8uaV2H6279bRErPBHe/109hCzsLUBUHfbEtvLIHBd6hyXbgedBSHevm43Edw==}
engines: {node: '>=16'}
is-number@7.0.0:
resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==}
engines: {node: '>=0.12.0'}
@ -5094,6 +5204,10 @@ packages:
nan@2.25.0:
resolution: {integrity: sha512-0M90Ag7Xn5KMLLZ7zliPWP3rT90P6PN+IzVFS0VqmnPktBk3700xUVv8Ikm9EUaUE5SDWdp/BIxdENzVznpm1g==}
nanoevents@9.1.0:
resolution: {integrity: sha512-Jd0fILWG44a9luj8v5kED4WI+zfkkgwKyRQKItTtlPfEsh7Lznfi1kr8/iZ+XAIss4Qq5GqRB0qtWbaz9ceO/A==}
engines: {node: ^18.0.0 || >=20.0.0}
nanoid@3.3.11:
resolution: {integrity: sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==}
engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1}
@ -5120,6 +5234,10 @@ packages:
node-fetch-native@1.6.7:
resolution: {integrity: sha512-g9yhqoedzIUm0nTnTqAQvueMPVOuIY16bqgAJJC8XOOubYFNwz6IER9qs0Gq2Xd0+CecCKFjtdDTMA4u4xG06Q==}
node-gyp-build-optional-packages@5.1.1:
resolution: {integrity: sha512-+P72GAjVAbTxjjwUmwjVrqrdZROD4nf8KgpBoDxqXXTiYZZt/ud60dE5yvCSr9lRO8e8yv6kgJIC0K0PfZFVQw==}
hasBin: true
node-mock-http@1.0.4:
resolution: {integrity: sha512-8DY+kFsDkNXy1sJglUfuODx1/opAGJGyrTuFqEoN90oRc2Vk0ZbD4K2qmKXBBEhZQzdKHIVfEJpDU8Ak2NJEvQ==}
@ -5190,6 +5308,9 @@ packages:
resolution: {integrity: sha512-c/hfooPx+RBIOPM09GSxABOZhYPblDoyaGhqBkD/59vtpN21jEuWKDlM0KYTvqJVlSYjKs0tBcIdeXKChlSPtw==}
hasBin: true
openapi3-ts@4.5.0:
resolution: {integrity: sha512-jaL+HgTq2Gj5jRcfdutgRGLosCy/hT8sQf6VOy+P+g36cZOjI1iukdPnijC+4CmeRzg/jEllJUboEic2FhxhtQ==}
ora@8.2.0:
resolution: {integrity: sha512-weP+BZ8MVNnlCm8c0Qdc1WSWq4Qn7I+9CJGm7Qali6g44e/PUzbjNqJX5NJ9ljlNMosfJvg1fKEGILklK9cwnw==}
engines: {node: '>=18'}
@ -5206,6 +5327,10 @@ packages:
resolution: {integrity: sha512-aNZ+VfjobsWryoiPnEApGGmf5WmNsCo9xu8dfaYamG5qaLP7ClhLN6NgsFe6SwJ2UbLEBK5dv9x8Mn5+RVhMWQ==}
engines: {node: '>=18'}
p-retry@6.2.1:
resolution: {integrity: sha512-hEt02O4hUct5wtwg4H4KcWgDdm+l1bOaEy/hWzd8xtXB9BqxTWBBhb+2ImAtH4Cv4rPjV76xN3Zumqk3k3AhhQ==}
engines: {node: '>=16.17'}
p-timeout@6.1.4:
resolution: {integrity: sha512-MyIV3ZA/PmyBN/ud8vV9XzwTrNtR4jFrObymZYnZqMmW0zA8Z17vnT0rBgFE/TlohB+YCHqXMgZzb3Csp49vqg==}
engines: {node: '>=14.16'}
@ -5342,6 +5467,9 @@ packages:
resolution: {integrity: sha512-udgsAY+fTnvv7kI7aaxbqwWNb0AHiB0qBO89PZKPkoTmGOgdbrHDKD+0B2X4uTfJ/FT1R09r9gTsjUjNJotuog==}
engines: {node: '>=0.10.0'}
pino-abstract-transport@2.0.0:
resolution: {integrity: sha512-F63x5tizV6WCh4R6RHyi2Ml+M70DNRXt/+HANowMflpgGFMAym/VKm6G7ZOQRjqN7XbGxK1Lg9t6ZrtzOaivMw==}
pino-abstract-transport@3.0.0:
resolution: {integrity: sha512-wlfUczU+n7Hy/Ha5j9a/gZNy7We5+cXp8YL+X+PG8S0KXxw7n/JXA3c46Y0zQznIJ83URJiwy7Lh56WLokNuxg==}
@ -5352,6 +5480,10 @@ packages:
resolution: {integrity: sha512-r34yH/GlQpKZbU1BvFFqOjhISRo1MNx1tWYsYvmj6KIRHSPMT2+yHOEb1SG6NMvRoHRF0a07kCOox/9yakl1vg==}
hasBin: true
pino@9.14.0:
resolution: {integrity: sha512-8OEwKp5juEvb/MjpIc4hjqfgCNysrS94RIOMXYvpYCdm/jglrKEiAYmiumbmGhCvs+IcInsphYDFwqrjr7398w==}
hasBin: true
pirates@4.0.7:
resolution: {integrity: sha512-TfySrs/5nm8fQJDcBDuUng3VOUKsd7S+zqvbOTiGXHfxX4wK31ard+hoNuvkicM/2YFzlpDgABOevKSsB4G/FA==}
engines: {node: '>= 6'}
@ -5774,6 +5906,30 @@ packages:
resolution: {integrity: sha512-g6QUff04oZpHs0eG5p83rFLhHeV00ug/Yf9nZM6fLeUrPguBTkTQOdpAWWspMh55TZfVQDPaN3NQJfbVRAxdIw==}
engines: {iojs: '>=1.0.0', node: '>=0.10.0'}
rivetkit@2.1.6:
resolution: {integrity: sha512-AFe06CTZoAYWwCltxPp1XNilfOgK53Itvbc/lv0uF+aEwFEAPIZFQPBTrVgt7NGZSuiM2l6/hjMv7yuBZQ71sw==}
engines: {node: '>=22.0.0'}
peerDependencies:
'@hono/node-server': ^1.14.0
'@hono/node-ws': ^1.1.1
drizzle-kit: ^0.31.2
drizzle-orm: ^0.44.2
eventsource: ^4.0.0
ws: ^8.0.0
peerDependenciesMeta:
'@hono/node-server':
optional: true
'@hono/node-ws':
optional: true
drizzle-kit:
optional: true
drizzle-orm:
optional: true
eventsource:
optional: true
ws:
optional: true
robust-predicates@3.0.2:
resolution: {integrity: sha512-IXgzBWvWQwE6PrDI05OvmXUIruQTcoMDzRsOd5CDvHCVLcLHMTSYvOK5Cm46kWqlV3yAbuSpBZdJ5oP5OUoStg==}
@ -6082,6 +6238,9 @@ packages:
thenify@3.3.1:
resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==}
thread-stream@3.1.0:
resolution: {integrity: sha512-OqyPZ9u96VohAyMfJykzmivOrY2wfMSf3C5TtFJVgN+Hm6aj+voFhlK+kZEIv2FBh1X6Xp3DlnCOfEQ3B2J86A==}
thread-stream@4.0.0:
resolution: {integrity: sha512-4iMVL6HAINXWf1ZKZjIPcz5wYaOdPhtO8ATvZ+Xqp3BTdaqtAwQkNmKORqcIo5YkQqGXq5cwfswDwMqqQNrpJA==}
engines: {node: '>=20'}
@ -6416,6 +6575,10 @@ packages:
resolution: {integrity: sha512-8XkAphELsDnEGrDxUOHB3RGvXz6TeuYSGEZBOjtTtPm2lwhGBjLgOzLHB63IUWfBpNucQjND6d3AOudO+H3RWQ==}
hasBin: true
uuid@12.0.0:
resolution: {integrity: sha512-USe1zesMYh4fjCA8ZH5+X5WIVD0J4V1Jksm1bFTVBX2F/cwSXt0RO5w/3UXbdLKmZX65MiWV+hwhSS8p6oBTGA==}
hasBin: true
uuid@13.0.0:
resolution: {integrity: sha512-XQegIaBTVUjSHliKqcnFqYypAd4S+WCYt5NIeRs6w/UAry7z8Y9j5ZwRRL4kzq9U3sD6v+85er9FvkEaBpji2w==}
hasBin: true
@ -6424,6 +6587,10 @@ packages:
resolution: {integrity: sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==}
engines: {node: '>= 0.8'}
vbare@0.0.4:
resolution: {integrity: sha512-QsxSVw76NqYUWYPVcQmOnQPX8buIVjgn+yqldTHlWISulBTB9TJ9rnzZceDu+GZmycOtzsmuPbPN1YNxvK12fg==}
engines: {node: '>=18.0.0'}
vfile-location@5.0.3:
resolution: {integrity: sha512-5yXvWDEgqeiYiBe1lbxYF7UMAIm/IcopxMHrMQDq3nvKcjPKIhZklUKL+AE7J7uApI4kwe2snsK+eI6UTj9EHg==}
@ -6766,6 +6933,11 @@ snapshots:
'@antfu/ni@0.23.2': {}
'@asteasolutions/zod-to-openapi@8.4.3(zod@4.3.6)':
dependencies:
openapi3-ts: 4.5.0
zod: 4.3.6
'@astrojs/compiler@2.13.0': {}
'@astrojs/internal-helpers@0.7.5': {}
@ -7602,6 +7774,24 @@ snapshots:
dependencies:
fontkitten: 1.0.2
'@cbor-extract/cbor-extract-darwin-arm64@2.2.1':
optional: true
'@cbor-extract/cbor-extract-darwin-x64@2.2.1':
optional: true
'@cbor-extract/cbor-extract-linux-arm64@2.2.1':
optional: true
'@cbor-extract/cbor-extract-linux-arm@2.2.1':
optional: true
'@cbor-extract/cbor-extract-linux-x64@2.2.1':
optional: true
'@cbor-extract/cbor-extract-win32-x64@2.2.1':
optional: true
'@cloudflare/containers@0.1.1': {}
'@cloudflare/kv-asset-handler@0.4.2': {}
@ -8177,6 +8367,23 @@ snapshots:
- bufferutil
- utf-8-validate
'@hono/standard-validator@0.1.5(hono@4.12.2)':
dependencies:
hono: 4.12.2
'@hono/zod-openapi@1.2.2(hono@4.12.2)(zod@4.3.6)':
dependencies:
'@asteasolutions/zod-to-openapi': 8.4.3(zod@4.3.6)
'@hono/zod-validator': 0.7.6(hono@4.12.2)(zod@4.3.6)
hono: 4.12.2
openapi3-ts: 4.5.0
zod: 4.3.6
'@hono/zod-validator@0.7.6(hono@4.12.2)(zod@4.3.6)':
dependencies:
hono: 4.12.2
zod: 4.3.6
'@iarna/toml@2.2.5': {}
'@img/colour@1.0.0': {}
@ -8728,6 +8935,52 @@ snapshots:
- react
- supports-color
'@rivetkit/bare-ts@0.6.2': {}
'@rivetkit/engine-runner-protocol@2.1.6':
dependencies:
'@rivetkit/bare-ts': 0.6.2
'@rivetkit/engine-runner@2.1.6':
dependencies:
'@rivetkit/engine-runner-protocol': 2.1.6
'@rivetkit/virtual-websocket': 2.0.33
pino: 9.14.0
uuid: 12.0.0
ws: 8.19.0
transitivePeerDependencies:
- bufferutil
- utf-8-validate
'@rivetkit/fast-json-patch@3.1.2': {}
'@rivetkit/on-change@6.0.2-rc.1': {}
'@rivetkit/sqlite-vfs@2.1.6':
dependencies:
'@rivetkit/bare-ts': 0.6.2
'@rivetkit/sqlite': 0.1.1
vbare: 0.0.4
'@rivetkit/sqlite@0.1.1': {}
'@rivetkit/traces@2.1.6':
dependencies:
'@rivetkit/bare-ts': 0.6.2
cbor-x: 1.6.3
fdb-tuple: 1.0.0
vbare: 0.0.4
'@rivetkit/virtual-websocket@2.0.33': {}
'@rivetkit/workflow-engine@2.1.6':
dependencies:
'@rivetkit/bare-ts': 0.6.2
cbor-x: 1.6.3
fdb-tuple: 1.0.0
pino: 9.14.0
vbare: 0.0.4
'@rolldown/pluginutils@1.0.0-beta.27': {}
'@rolldown/pluginutils@1.0.0-rc.3': {}
@ -9347,6 +9600,8 @@ snapshots:
'@types/prop-types': 15.7.15
csstype: 3.2.3
'@types/retry@0.12.2': {}
'@types/sax@1.2.7':
dependencies:
'@types/node': 24.10.9
@ -9856,6 +10111,22 @@ snapshots:
dependencies:
credit-card-type: 8.3.0
cbor-extract@2.2.1:
dependencies:
node-gyp-build-optional-packages: 5.1.1
optionalDependencies:
'@cbor-extract/cbor-extract-darwin-arm64': 2.2.1
'@cbor-extract/cbor-extract-darwin-x64': 2.2.1
'@cbor-extract/cbor-extract-linux-arm': 2.2.1
'@cbor-extract/cbor-extract-linux-arm64': 2.2.1
'@cbor-extract/cbor-extract-linux-x64': 2.2.1
'@cbor-extract/cbor-extract-win32-x64': 2.2.1
optional: true
cbor-x@1.6.3:
optionalDependencies:
cbor-extract: 2.2.1
ccount@2.0.1: {}
chai@5.3.3:
@ -10653,6 +10924,8 @@ snapshots:
dependencies:
reusify: 1.1.0
fdb-tuple@1.0.0: {}
fdir@6.5.0(picomatch@4.0.3):
optionalDependencies:
picomatch: 4.0.3
@ -10767,6 +11040,8 @@ snapshots:
hasown: 2.0.2
math-intrinsics: 1.1.0
get-port@7.1.0: {}
get-proto@1.0.1:
dependencies:
dunder-proto: 1.0.1
@ -11024,6 +11299,8 @@ snapshots:
is-interactive@2.0.0: {}
is-network-error@1.3.1: {}
is-number@7.0.0: {}
is-plain-obj@4.1.0: {}
@ -11593,6 +11870,8 @@ snapshots:
nan@2.25.0:
optional: true
nanoevents@9.1.0: {}
nanoid@3.3.11: {}
napi-build-utils@2.0.0: {}
@ -11611,6 +11890,11 @@ snapshots:
node-fetch-native@1.6.7: {}
node-gyp-build-optional-packages@5.1.1:
dependencies:
detect-libc: 2.1.2
optional: true
node-mock-http@1.0.4: {}
node-releases@2.0.27: {}
@ -11680,6 +11964,10 @@ snapshots:
undici: 5.29.0
yargs-parser: 21.1.1
openapi3-ts@4.5.0:
dependencies:
yaml: 2.8.2
ora@8.2.0:
dependencies:
chalk: 5.6.2
@ -11703,6 +11991,12 @@ snapshots:
eventemitter3: 5.0.4
p-timeout: 6.1.4
p-retry@6.2.1:
dependencies:
'@types/retry': 0.12.2
is-network-error: 1.3.1
retry: 0.13.1
p-timeout@6.1.4: {}
package-json-from-dist@1.0.1: {}
@ -11822,6 +12116,10 @@ snapshots:
pify@2.3.0: {}
pino-abstract-transport@2.0.0:
dependencies:
split2: 4.2.0
pino-abstract-transport@3.0.0:
dependencies:
split2: 4.2.0
@ -11842,6 +12140,20 @@ snapshots:
sonic-boom: 4.2.1
thread-stream: 4.0.0
pino@9.14.0:
dependencies:
'@pinojs/redact': 0.4.0
atomic-sleep: 1.0.0
on-exit-leak-free: 2.1.2
pino-abstract-transport: 2.0.0
pino-std-serializers: 7.1.0
process-warning: 5.0.0
quick-format-unescaped: 4.0.4
real-require: 0.2.0
safe-stable-stringify: 2.5.0
sonic-boom: 4.2.1
thread-stream: 3.1.0
pirates@4.0.7: {}
pkce-challenge@5.0.1: {}
@ -12306,6 +12618,41 @@ snapshots:
reusify@1.1.0: {}
rivetkit@2.1.6(@hono/node-server@1.19.9(hono@4.12.2))(@hono/node-ws@1.3.0(@hono/node-server@1.19.9(hono@4.12.2))(hono@4.12.2))(drizzle-kit@0.31.9)(drizzle-orm@0.44.7(@cloudflare/workers-types@4.20260305.1)(@opentelemetry/api@1.9.0)(@types/better-sqlite3@7.6.13)(@types/pg@8.18.0)(better-sqlite3@11.10.0)(bun-types@1.3.10)(pg@8.20.0))(ws@8.19.0):
dependencies:
'@hono/standard-validator': 0.1.5(hono@4.12.2)
'@hono/zod-openapi': 1.2.2(hono@4.12.2)(zod@4.3.6)
'@rivetkit/bare-ts': 0.6.2
'@rivetkit/engine-runner': 2.1.6
'@rivetkit/fast-json-patch': 3.1.2
'@rivetkit/on-change': 6.0.2-rc.1
'@rivetkit/sqlite': 0.1.1
'@rivetkit/sqlite-vfs': 2.1.6
'@rivetkit/traces': 2.1.6
'@rivetkit/virtual-websocket': 2.0.33
'@rivetkit/workflow-engine': 2.1.6
cbor-x: 1.6.3
get-port: 7.1.0
hono: 4.12.2
invariant: 2.2.4
nanoevents: 9.1.0
p-retry: 6.2.1
pino: 9.14.0
tar: 7.5.7
uuid: 12.0.0
vbare: 0.0.4
zod: 4.3.6
optionalDependencies:
'@hono/node-server': 1.19.9(hono@4.12.2)
'@hono/node-ws': 1.3.0(@hono/node-server@1.19.9(hono@4.12.2))(hono@4.12.2)
drizzle-kit: 0.31.9
drizzle-orm: 0.44.7(@cloudflare/workers-types@4.20260305.1)(@opentelemetry/api@1.9.0)(@types/better-sqlite3@7.6.13)(@types/pg@8.18.0)(better-sqlite3@11.10.0)(bun-types@1.3.10)(pg@8.20.0)
ws: 8.19.0
transitivePeerDependencies:
- '@standard-schema/spec'
- bufferutil
- utf-8-validate
robust-predicates@3.0.2: {}
rollup@4.56.0:
@ -12748,6 +13095,10 @@ snapshots:
dependencies:
any-promise: 1.3.0
thread-stream@3.1.0:
dependencies:
real-require: 0.2.0
thread-stream@4.0.0:
dependencies:
real-require: 0.2.0
@ -13015,10 +13366,14 @@ snapshots:
uuid@10.0.0: {}
uuid@12.0.0: {}
uuid@13.0.0: {}
vary@1.1.2: {}
vbare@0.0.4: {}
vfile-location@5.0.3:
dependencies:
'@types/unist': 3.0.3

336
research/acp/friction.md
View file

@ -7,243 +7,243 @@ Update this file continuously during the migration.
## Entry template
- Date:
- Area:
- Issue:
- Impact:
- Proposed direction:
- Decision:
- Owner:
- Commit: (SHA or `uncommitted`)
- Author:
- Implementing:
- Friction/issue:
- Attempted fix/workaround:
- Outcome:
- Status: `open` | `in_progress` | `resolved` | `deferred`
- Links:
- Files:
## Entries
- Date: 2026-02-10
- Area: Agent process availability
- Issue: Amp does not have a confirmed official ACP agent process in current ACP docs/research.
- Impact: Blocks full parity if Amp is required in v1 launch scope.
- Proposed direction: Treat Amp as conditional for v1.0 and support via pinned fallback only if agent process source is validated.
- Decision: Open.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Agent process availability — Amp ACP agent process
- Friction/issue: Amp does not have a confirmed official ACP agent process in current ACP docs/research. Blocks full parity if Amp is required in v1 launch scope.
- Attempted fix/workaround: Treat Amp as conditional for v1.0 and support via pinned fallback only if agent process source is validated.
- Outcome: Open.
- Status: open
- Links: `research/acp/acp-notes.md`
- Files: `research/acp/acp-notes.md`
- Date: 2026-02-10
- Area: Transport
- Issue: ACP streamable HTTP is still draft upstream; v1 requires ACP over HTTP now.
- Impact: Potential divergence from upstream HTTP semantics.
- Proposed direction: Use strict JSON-RPC mapping and keep transport shim minimal/documented for later alignment.
- Decision: Open.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Transport — ACP streamable HTTP
- Friction/issue: ACP streamable HTTP is still draft upstream; v1 requires ACP over HTTP now. Potential divergence from upstream HTTP semantics.
- Attempted fix/workaround: Use strict JSON-RPC mapping and keep transport shim minimal/documented for later alignment.
- Outcome: Open.
- Status: open
- Links: `research/acp/spec.md`
- Files: `research/acp/spec.md`
- Date: 2026-02-10
- Area: OpenCode compatibility sequencing
- Issue: OpenCode compatibility must be preserved but not block ACP core rewrite.
- Impact: Risk of core rewrites being constrained by legacy compat behavior.
- Proposed direction: Disable/comment out `/opencode/*` during ACP core bring-up, then re-enable via dedicated bridge step after core is stable.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: OpenCode compatibility sequencing
- Friction/issue: OpenCode compatibility must be preserved but not block ACP core rewrite. Risk of core rewrites being constrained by legacy compat behavior.
- Attempted fix/workaround: Disable/comment out `/opencode/*` during ACP core bring-up, then re-enable via dedicated bridge step after core is stable.
- Outcome: Accepted.
- Status: in_progress
- Links: `research/acp/migration-steps.md`
- Files: `research/acp/migration-steps.md`
- Date: 2026-02-10
- Area: TypeScript SDK layering
- Issue: Risk of duplicating ACP protocol logic in our TS SDK instead of embedding upstream ACP SDK.
- Impact: Drift from ACP semantics and higher maintenance cost.
- Proposed direction: Embed `@agentclientprotocol/sdk` and keep our SDK as wrapper/convenience layer.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: TypeScript SDK layering
- Friction/issue: Risk of duplicating ACP protocol logic in our TS SDK instead of embedding upstream ACP SDK. Drift from ACP semantics and higher maintenance cost.
- Attempted fix/workaround: Embed `@agentclientprotocol/sdk` and keep our SDK as wrapper/convenience layer.
- Outcome: Accepted.
- Status: resolved
- Links: `research/acp/spec.md`
- Files: `research/acp/spec.md`
- Date: 2026-02-10
- Area: Installer behavior
- Issue: Lazy agent process install can race under concurrent first-use requests.
- Impact: Duplicate downloads, partial installs, or bootstrap failures.
- Proposed direction: Add per-agent install lock + idempotent install path used by both explicit install and lazy install.
- Decision: Accepted and implemented.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Installer behavior — lazy agent process install
- Friction/issue: Lazy agent process install can race under concurrent first-use requests. Duplicate downloads, partial installs, or bootstrap failures.
- Attempted fix/workaround: Add per-agent install lock + idempotent install path used by both explicit install and lazy install.
- Outcome: Accepted and implemented.
- Status: resolved
- Links: `research/acp/spec.md`
- Files: `research/acp/spec.md`
- Date: 2026-02-10
- Area: ACP over HTTP standardization
- Issue: Community is actively piloting both Streamable HTTP and WebSocket; no final single transport profile has emerged yet.
- Impact: Risk of rework if we overfit to one draft behavior that later shifts.
- Proposed direction: Lock v1 public contract to Streamable HTTP with ACP JSON-RPC payloads, keep implementation modular so WebSocket can be added later without breaking v1 API.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: ACP over HTTP standardization
- Friction/issue: Community is actively piloting both Streamable HTTP and WebSocket; no final single transport profile has emerged yet. Risk of rework if we overfit to one draft behavior that later shifts.
- Attempted fix/workaround: Lock v1 public contract to Streamable HTTP with ACP JSON-RPC payloads, keep implementation modular so WebSocket can be added later without breaking v1 API.
- Outcome: Accepted.
- Status: in_progress
- Links: `research/acp/acp-over-http-findings.md`, `research/acp/spec.md`
- Files: `research/acp/acp-over-http-findings.md`, `research/acp/spec.md`
- Date: 2026-02-10
- Area: Session lifecycle surface
- Issue: ACP stable does not include v1-equivalent methods for session listing, explicit session termination/delete, or event-log polling.
- Impact: Direct lift-and-shift of `/v1/sessions`, `/terminate`, and `/events` polling is not possible with ACP core only.
- Proposed direction: Define `_sandboxagent/session/*` extension methods for these control operations, while keeping core prompt flow on standard ACP methods.
- Decision: Open.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Session lifecycle surface
- Friction/issue: ACP stable does not include v1-equivalent methods for session listing, explicit session termination/delete, or event-log polling. Direct lift-and-shift of `/v1/sessions`, `/terminate`, and `/events` polling is not possible with ACP core only.
- Attempted fix/workaround: Define `_sandboxagent/session/*` extension methods for these control operations, while keeping core prompt flow on standard ACP methods.
- Outcome: Open.
- Status: open
- Links: `research/acp/v1-schema-to-acp-mapping.md`, `research/acp/spec.md`
- Files: `research/acp/v1-schema-to-acp-mapping.md`, `research/acp/spec.md`
- Date: 2026-02-10
- Area: HITL question flow
- Issue: ACP stable defines `session/request_permission` but not a generic question request/response method matching v1 `question.*` and question reply endpoints.
- Impact: Existing question UX cannot be represented with standard ACP methods alone.
- Proposed direction: Introduce `_sandboxagent/session/request_question` extension request/response and carry legacy shape via `_meta`.
- Decision: Open.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: HITL question flow
- Friction/issue: ACP stable defines `session/request_permission` but not a generic question request/response method matching v1 `question.*` and question reply endpoints. Existing question UX cannot be represented with standard ACP methods alone.
- Attempted fix/workaround: Introduce `_sandboxagent/session/request_question` extension request/response and carry legacy shape via `_meta`.
- Outcome: Open.
- Status: open
- Links: `research/acp/v1-schema-to-acp-mapping.md`
- Files: `research/acp/v1-schema-to-acp-mapping.md`
- Date: 2026-02-10
- Area: Filesystem parity
- Issue: ACP stable filesystem methods are text-only (`fs/read_text_file`, `fs/write_text_file`), while v1 exposes raw bytes plus directory operations.
- Impact: Binary file reads/writes, archive upload, and directory management cannot map directly to ACP core.
- Proposed direction: Use ACP standard methods for UTF-8 text paths; add `_sandboxagent/fs/*` extensions for binary and directory operations.
- Decision: Open.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Filesystem parity
- Friction/issue: ACP stable filesystem methods are text-only (`fs/read_text_file`, `fs/write_text_file`), while v1 exposes raw bytes plus directory operations. Binary file reads/writes, archive upload, and directory management cannot map directly to ACP core.
- Attempted fix/workaround: Use ACP standard methods for UTF-8 text paths; add `_sandboxagent/fs/*` extensions for binary and directory operations.
- Outcome: Open.
- Status: open
- Links: `research/acp/v1-schema-to-acp-mapping.md`
- Files: `research/acp/v1-schema-to-acp-mapping.md`
- Date: 2026-02-10
- Area: v1 decommissioning
- Issue: Ambiguity between "comment out v1" and "remove v1" causes rollout confusion.
- Impact: Risk of partial compatibility behavior and extra maintenance burden.
- Proposed direction: Hard-remove v1 behavior and return a stable HTTP 410 error for all `/v1/*` routes.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: v1 decommissioning
- Friction/issue: Ambiguity between "comment out v1" and "remove v1" causes rollout confusion. Risk of partial compatibility behavior and extra maintenance burden.
- Attempted fix/workaround: Hard-remove v1 behavior and return a stable HTTP 410 error for all `/v1/*` routes.
- Outcome: Accepted.
- Status: resolved
- Links: `research/acp/spec.md`, `research/acp/migration-steps.md`
- Files: `research/acp/spec.md`, `research/acp/migration-steps.md`
- Date: 2026-02-10
- Area: TypeScript ACP-over-HTTP client support
- Issue: Official ACP client SDK does not currently provide the exact Streamable HTTP transport behavior required by this project.
- Impact: SDK cannot target `/v1/rpc` without additional transport implementation.
- Proposed direction: Embed upstream ACP SDK types/lifecycle and implement a project transport agent process for ACP-over-HTTP.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: TypeScript ACP-over-HTTP client support
- Friction/issue: Official ACP client SDK does not currently provide the exact Streamable HTTP transport behavior required by this project. SDK cannot target `/v1/rpc` without additional transport implementation.
- Attempted fix/workaround: Embed upstream ACP SDK types/lifecycle and implement a project transport agent process for ACP-over-HTTP.
- Outcome: Accepted.
- Status: resolved
- Links: `research/acp/spec.md`, `research/acp/migration-steps.md`
- Files: `research/acp/spec.md`, `research/acp/migration-steps.md`
- Date: 2026-02-10
- Area: Inspector migration
- Issue: Inspector currently depends on v1 session/event surfaces.
- Impact: Inspector breaks after v1 removal unless migrated to ACP transport.
- Proposed direction: Keep `/ui/` route and migrate inspector runtime calls to ACP-over-HTTP; add dedicated inspector ACP tests.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Inspector migration
- Friction/issue: Inspector currently depends on v1 session/event surfaces. Inspector breaks after v1 removal unless migrated to ACP transport.
- Attempted fix/workaround: Keep `/ui/` route and migrate inspector runtime calls to ACP-over-HTTP; add dedicated inspector ACP tests.
- Outcome: Accepted.
- Status: resolved
- Links: `research/acp/spec.md`, `research/acp/migration-steps.md`
- Files: `research/acp/spec.md`, `research/acp/migration-steps.md`
- Date: 2026-02-10
- Area: Inspector asset embedding
- Issue: If `cargo build` runs before `frontend/packages/inspector/dist` exists, the build script can cache inspector-disabled embedding state.
- Impact: Local runs can serve `/ui/` as disabled even after inspector is built, unless Cargo reruns the build script.
- Proposed direction: Improve build-script invalidation to detect dist directory appearance/disappearance without manual rebuild nudges.
- Decision: Implemented by watching the inspector package directory in `build.rs` so Cargo reruns when dist appears/disappears.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Inspector asset embedding
- Friction/issue: If `cargo build` runs before `frontend/packages/inspector/dist` exists, the build script can cache inspector-disabled embedding state. Local runs can serve `/ui/` as disabled even after inspector is built, unless Cargo reruns the build script.
- Attempted fix/workaround: Improve build-script invalidation to detect dist directory appearance/disappearance without manual rebuild nudges.
- Outcome: Implemented by watching the inspector package directory in `build.rs` so Cargo reruns when dist appears/disappears.
- Status: resolved
- Links: `server/packages/sandbox-agent/build.rs`, `research/acp/todo.md`
- Files: `server/packages/sandbox-agent/build.rs`, `research/acp/todo.md`
- Date: 2026-02-10
- Area: Deterministic ACP install tests
- Issue: Installer and lazy-install tests were coupled to the live ACP registry, causing non-deterministic test behavior.
- Impact: Flaky CI and inability to reliably validate install provenance and lazy install flows.
- Proposed direction: Add `SANDBOX_AGENT_ACP_REGISTRY_URL` override and drive tests with a local one-shot registry fixture.
- Decision: Accepted and implemented.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Deterministic ACP install tests
- Friction/issue: Installer and lazy-install tests were coupled to the live ACP registry, causing non-deterministic test behavior. Flaky CI and inability to reliably validate install provenance and lazy install flows.
- Attempted fix/workaround: Add `SANDBOX_AGENT_ACP_REGISTRY_URL` override and drive tests with a local one-shot registry fixture.
- Outcome: Accepted and implemented.
- Status: resolved
- Links: `server/packages/agent-management/src/agents.rs`, `server/packages/sandbox-agent/tests/v1_api.rs`
- Files: `server/packages/agent-management/src/agents.rs`, `server/packages/sandbox-agent/tests/v1_api.rs`
- Date: 2026-02-10
- Area: Inspector E2E tooling
- Issue: `agent-browser` invocation under pnpm emits npm env warnings (`store-dir`, `recursive`) during scripted runs.
- Impact: No functional break, but noisy CI logs and possible future npm strictness risk.
- Proposed direction: Keep `npx -y agent-browser` script for now; revisit pinning/install strategy if warnings become hard failures.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Inspector E2E tooling
- Friction/issue: `agent-browser` invocation under pnpm emits npm env warnings (`store-dir`, `recursive`) during scripted runs. No functional break, but noisy CI logs and possible future npm strictness risk.
- Attempted fix/workaround: Keep `npx -y agent-browser` script for now; revisit pinning/install strategy if warnings become hard failures.
- Outcome: Accepted.
- Status: open
- Links: `frontend/packages/inspector/tests/agent-browser.e2e.sh`
- Files: `frontend/packages/inspector/tests/agent-browser.e2e.sh`
- Date: 2026-02-10
- Area: Real agent process matrix rollout
- Issue: Full agent process smoke coverage requires provider credentials and installed real agent processes in CI/runtime environments.
- Impact: Phase-6 "full matrix green" and "install+prompt+stream per agent process" cannot be marked complete in local-only runs.
- Proposed direction: Keep deterministic agent process matrix in default CI (stub ACP agent processes for claude/codex/opencode) and run real credentialed agent processes in environment-specific jobs.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Real agent process matrix rollout
- Friction/issue: Full agent process smoke coverage requires provider credentials and installed real agent processes in CI/runtime environments. Phase-6 "full matrix green" and "install+prompt+stream per agent process" cannot be marked complete in local-only runs.
- Attempted fix/workaround: Keep deterministic agent process matrix in default CI (stub ACP agent processes for claude/codex/opencode) and run real credentialed agent processes in environment-specific jobs.
- Outcome: Accepted.
- Status: resolved
- Links: `research/acp/todo.md`
- Files: `research/acp/todo.md`
- Date: 2026-02-10
- Area: Inspector v1-to-v1 compatibility
- Issue: Restored inspector UI expects legacy `/v1` session/event contracts that no longer exist in ACP-native v1.
- Impact: Full parity would block migration; inspector would otherwise fail to run against v1.
- Proposed direction: Keep the restored UI and bridge to ACP with a thin compatibility client (`src/lib/legacyClient.ts`), stubbing non-parity features with explicit `TDOO` markers.
- Decision: Accepted.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Inspector v1-to-v1 compatibility
- Friction/issue: Restored inspector UI expects legacy `/v1` session/event contracts that no longer exist in ACP-native v1. Full parity would block migration; inspector would otherwise fail to run against v1.
- Attempted fix/workaround: Keep the restored UI and bridge to ACP with a thin compatibility client (`src/lib/legacyClient.ts`), stubbing non-parity features with explicit `TODO` markers.
- Outcome: Accepted.
- Status: open
- Links: `frontend/packages/inspector/src/lib/legacyClient.ts`, `research/acp/inspector-unimplemented.md`
- Files: `frontend/packages/inspector/src/lib/legacyClient.ts`, `research/acp/inspector-unimplemented.md`
- Date: 2026-02-10
- Area: Multi-client session visibility + process sharing
- Issue: Existing ACP runtime mapped one HTTP ACP connection to one dedicated agent process, which prevented global session visibility and increased process count.
- Impact: Clients could not discover sessions created by other clients; process utilization scaled with connection count instead of agent type.
- Proposed direction: Use one shared backend process per `AgentId`, maintain server-owned in-memory meta session registry across all connections, intercept `session/list` as a global aggregated view, and add an experimental detach extension (`_sandboxagent/session/detach`) for connection-level session detachment.
- Decision: Accepted and implemented.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Multi-client session visibility + process sharing
- Friction/issue: Existing ACP runtime mapped one HTTP ACP connection to one dedicated agent process, which prevented global session visibility and increased process count. Clients could not discover sessions created by other clients; process utilization scaled with connection count instead of agent type.
- Attempted fix/workaround: Use one shared backend process per `AgentId`, maintain server-owned in-memory meta session registry across all connections, intercept `session/list` as a global aggregated view, and add an experimental detach extension (`_sandboxagent/session/detach`) for connection-level session detachment.
- Outcome: Accepted and implemented.
- Status: resolved
- Links: `server/packages/sandbox-agent/src/acp_runtime/mod.rs`, `server/packages/sandbox-agent/src/acp_runtime/mock.rs`, `server/packages/sandbox-agent/tests/v1_api.rs`, `server/packages/sandbox-agent/tests/v1_agent_process_matrix.rs`
- Files: `server/packages/sandbox-agent/src/acp_runtime/mod.rs`, `server/packages/sandbox-agent/src/acp_runtime/mock.rs`, `server/packages/sandbox-agent/tests/v1_api.rs`, `server/packages/sandbox-agent/tests/v1_agent_process_matrix.rs`
- Date: 2026-02-10
- Area: TypeScript SDK package split and ACP lifecycle
- Issue: `sandbox-agent` SDK exposed ACP transport primitives directly (`createAcpClient`, raw envelope APIs, ACP type re-exports), making the public API ACP-heavy.
- Impact: Harder to keep a simple Sandbox-facing API while still supporting protocol-faithful ACP HTTP behavior and Sandbox metadata/extensions.
- Proposed direction: Split into `acp-http-client` (pure ACP HTTP transport/client) and `sandbox-agent` (`SandboxAgentClient`) as a thin wrapper with metadata/event conversion and extension helpers.
- Decision: Accepted and implemented.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: TypeScript SDK package split and ACP lifecycle
- Friction/issue: `sandbox-agent` SDK exposed ACP transport primitives directly (`createAcpClient`, raw envelope APIs, ACP type re-exports), making the public API ACP-heavy. Harder to keep a simple Sandbox-facing API while still supporting protocol-faithful ACP HTTP behavior and Sandbox metadata/extensions.
- Attempted fix/workaround: Split into `acp-http-client` (pure ACP HTTP transport/client) and `sandbox-agent` (`SandboxAgentClient`) as a thin wrapper with metadata/event conversion and extension helpers.
- Outcome: Accepted and implemented.
- Status: resolved
- Links: `research/acp/ts-client.md`, `sdks/acp-http-client/src/index.ts`, `sdks/typescript/src/client.ts`
- Files: `research/acp/ts-client.md`, `sdks/acp-http-client/src/index.ts`, `sdks/typescript/src/client.ts`
- Date: 2026-02-10
- Area: Streamable HTTP transport contract
- Issue: Ambiguity over whether `/v1/rpc` should track MCP transport negotiation (`POST` accepting SSE responses, multi-stream fanout) versus Sandbox Agent's simpler JSON-only POST contract.
- Impact: Without an explicit contract, clients can assume incompatible Accept/media semantics and open duplicate GET streams that receive duplicate events.
- Proposed direction: Define Sandbox Agent transport profile explicitly: `POST /v1/rpc` is JSON-only (`Content-Type` and `Accept` for `application/json`), `GET /v1/rpc` is SSE-only (`Accept: text/event-stream`), and allow only one active SSE stream per ACP connection id.
- Decision: Accepted and implemented.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Streamable HTTP transport contract
- Friction/issue: Ambiguity over whether `/v1/rpc` should track MCP transport negotiation (`POST` accepting SSE responses, multi-stream fanout) versus Sandbox Agent's simpler JSON-only POST contract. Without an explicit contract, clients can assume incompatible Accept/media semantics and open duplicate GET streams that receive duplicate events.
- Attempted fix/workaround: Define Sandbox Agent transport profile explicitly: `POST /v1/rpc` is JSON-only (`Content-Type` and `Accept` for `application/json`), `GET /v1/rpc` is SSE-only (`Accept: text/event-stream`), and allow only one active SSE stream per ACP connection id.
- Outcome: Accepted and implemented.
- Status: resolved
- Links: `server/packages/sandbox-agent/src/router.rs`, `server/packages/sandbox-agent/src/acp_runtime/mod.rs`, `server/packages/sandbox-agent/tests/v1_api/acp_transport.rs`, `docs/advanced/acp-http-client.mdx`
- Files: `server/packages/sandbox-agent/src/router.rs`, `server/packages/sandbox-agent/src/acp_runtime/mod.rs`, `server/packages/sandbox-agent/tests/v1_api/acp_transport.rs`, `docs/advanced/acp-http-client.mdx`
- Date: 2026-02-10
- Area: Agent selection contract for ACP bootstrap/session creation
- Issue: `x-acp-agent` bound agent selection to transport bootstrap, which conflicted with Sandbox Agent meta-session goals where one client can manage sessions across multiple agents.
- Impact: Connections appeared agent-affine; agent selection was hidden in HTTP headers rather than explicit in ACP payload metadata.
- Proposed direction: Hard-remove `x-acp-agent`; require `params._meta["sandboxagent.dev"].agent` on `initialize` and `session/new`, and require `params.agent` for agent-routed calls that have no resolvable `sessionId`.
- Decision: Accepted and implemented.
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Agent selection contract for ACP bootstrap/session creation
- Friction/issue: `x-acp-agent` bound agent selection to transport bootstrap, which conflicted with Sandbox Agent meta-session goals where one client can manage sessions across multiple agents. Connections appeared agent-affine; agent selection was hidden in HTTP headers rather than explicit in ACP payload metadata.
- Attempted fix/workaround: Hard-remove `x-acp-agent`; require `params._meta["sandboxagent.dev"].agent` on `initialize` and `session/new`, and require `params.agent` for agent-routed calls that have no resolvable `sessionId`.
- Outcome: Accepted and implemented.
- Status: resolved
- Links: `server/packages/sandbox-agent/src/router.rs`, `server/packages/sandbox-agent/src/acp_runtime/helpers.rs`, `server/packages/sandbox-agent/src/acp_runtime/mod.rs`, `server/packages/sandbox-agent/src/acp_runtime/ext_meta.rs`, `server/packages/sandbox-agent/tests/v1_api/acp_transport.rs`
- Files: `server/packages/sandbox-agent/src/router.rs`, `server/packages/sandbox-agent/src/acp_runtime/helpers.rs`, `server/packages/sandbox-agent/src/acp_runtime/mod.rs`, `server/packages/sandbox-agent/src/acp_runtime/ext_meta.rs`, `server/packages/sandbox-agent/tests/v1_api/acp_transport.rs`
- Date: 2026-02-11
- Area: ACP server simplification
- Issue: Current `/v1/rpc` runtime includes server-managed metadata/session registry and `_sandboxagent/*` ACP extensions, while the new direction is a dumb stdio proxy keyed by client-provided ACP server id.
- Impact: Requires removing extension/metadata semantics and reshaping transport to `/v1/acp/{server_id}` with per-id subprocess lifecycle.
- Proposed direction: Replace `/v1/rpc` with `/v1/acp/{server_id}` (`POST`/`GET` SSE/`DELETE`), drop connection-id headers, keep replay by `server_id`, move non-ACP concerns to HTTP endpoints, and disable OpenCode routes.
- Decision: Accepted (spec drafted).
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: ACP server simplification
- Friction/issue: Current `/v1/rpc` runtime includes server-managed metadata/session registry and `_sandboxagent/*` ACP extensions, while the new direction is a dumb stdio proxy keyed by client-provided ACP server id. Requires removing extension/metadata semantics and reshaping transport to `/v1/acp/{server_id}` with per-id subprocess lifecycle.
- Attempted fix/workaround: Replace `/v1/rpc` with `/v1/acp/{server_id}` (`POST`/`GET` SSE/`DELETE`), drop connection-id headers, keep replay by `server_id`, move non-ACP concerns to HTTP endpoints, and disable OpenCode routes.
- Outcome: Accepted (spec drafted).
- Status: in_progress
- Links: `research/acp/simplify-server.md`
- Files: `research/acp/simplify-server.md`
- Date: 2026-02-11
- Area: Directory-scoped config ownership
- Issue: MCP/skills config previously traveled with session initialization payloads; simplified server needs standalone HTTP config scoped by directory.
- Impact: Requires new HTTP APIs and clear naming for per-directory/per-entry operations without ACP extension transport.
- Proposed direction: Add directory-scoped query APIs: `/v1/config/mcp?directory=...&mcpName=...` and `/v1/config/skills?directory=...&skillName=...` (name required), using v1 payload shapes for MCP/skills config values.
- Decision: Accepted (spec updated).
- Owner: Unassigned.
- Commit: uncommitted
- Author: Unassigned
- Implementing: Directory-scoped config ownership
- Friction/issue: MCP/skills config previously traveled with session initialization payloads; simplified server needs standalone HTTP config scoped by directory. Requires new HTTP APIs and clear naming for per-directory/per-entry operations without ACP extension transport.
- Attempted fix/workaround: Add directory-scoped query APIs: `/v1/config/mcp?directory=...&mcpName=...` and `/v1/config/skills?directory=...&skillName=...` (name required), using v1 payload shapes for MCP/skills config values.
- Outcome: Accepted (spec updated).
- Status: in_progress
- Links: `research/acp/simplify-server.md`, `docs/mcp-config.mdx`, `docs/skills-config.mdx`
- Files: `research/acp/simplify-server.md`, `docs/mcp-config.mdx`, `docs/skills-config.mdx`

17
research/friction/factory.md Normal file
View file

@ -0,0 +1,17 @@
# Factory Friction Log
Track friction with Factory product development, frontend, backend, client, and cross-cutting concerns.
## Entry template
- Date:
- Commit: (SHA or `uncommitted`)
- Author:
- Implementing:
- Friction/issue:
- Attempted fix/workaround:
- Outcome:
- Status: `open` | `in_progress` | `resolved` | `deferred`
- Files:
## Entries

17
research/friction/rivetkit.md Normal file
View file

@ -0,0 +1,17 @@
# RivetKit Friction Log
Track friction with the RivetKit runtime, actor model, queues, keys, workflows, and related infrastructure.
## Entry template
- Date:
- Commit: (SHA or `uncommitted`)
- Author:
- Implementing:
- Friction/issue:
- Attempted fix/workaround:
- Outcome:
- Status: `open` | `in_progress` | `resolved` | `deferred`
- Files:
## Entries

17
research/friction/sandbox-agent-sdk.md Normal file
View file

@ -0,0 +1,17 @@
# Sandbox Agent SDK Friction Log
Track friction with the Sandbox Agent SDK/API behavior, TypeScript clients, ACP HTTP client, and related SDK surface.
## Entry template
- Date:
- Commit: (SHA or `uncommitted`)
- Author:
- Implementing:
- Friction/issue:
- Attempted fix/workaround:
- Outcome:
- Status: `open` | `in_progress` | `resolved` | `deferred`
- Files:
## Entries