feat(pty): native terminal support for interactive shells#137
Merged
Conversation
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-137
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-137
|
🚅 Deployed to the secure-exec-pr-137 environment in rivet-frontend
🚅 Deployed to the secure-exec-pr-137 environment in secure-exec
|
Adds real PTY/terminal plumbing so guest shells (brush) run like docker run -it: kernel PTY, sidecar terminal protocol, and WASI crossterm support. Includes the crossterm cursor-position fix (real DSR query instead of a (0,0) stub) so the reedline prompt anchors correctly and Enter no longer clears the screen, plus a C pty_probe fixture for protocol testing.
NathanFlurry
force-pushed
the
shell-pty-native
branch
from
117b6f4 to
1e6f5bf
Compare
railway-app
Bot
temporarily deployed
to
secure-exec / secure-exec-pr-137
railway-app
Bot
temporarily deployed
to
rivet-frontend / secure-exec-pr-137
NathanFlurry
pushed a commit
that referenced
this pull request
Jun 28, 2026
#137 added the 'reedline' feature to cmd-sh for native PTY support, but reedline pulls brush-interactive's tokio block_in_place/Handle::block_on paths, which don't compile or run on single-threaded wasm — breaking the wasm command build (masked until the fd-lock patch fix let the build reach brush). Enable reedline only on native targets; wasm keeps 'minimal' (the pre-#137 wasm-building config).
NathanFlurry
added a commit
that referenced
this pull request
Jun 28, 2026
…g local deps (#139) * fix(ci): stop boundary lint false-positive on fixtures; guard escaping local deps - check-secure-exec-boundary now skips boundary-check *.test.mjs files, which legitimately embed forbidden import specifiers as string fixtures (this was failing main since the registry-test-runtime-boundary test landed). - add check-no-escaping-local-deps: rejects link:/file:/path: deps whose target resolves outside the repo root (catches stray local-dev overrides) while allowing in-repo links and workspace crate paths. - wire both into scripts/ci.sh; add regression tests for each. * style(sidecar): rustfmt execution.rs Pre-existing rustfmt drift on main, previously masked by the boundary-lint failure that aborted ci.sh before cargo fmt ran. * test(sidecar): allowlist host-side diagnostic env/fs reads in architecture guards Pre-existing main failure unmasked once the fmt drift was fixed: the chokepoint lint flagged new host-side V8 diagnostics (AGENTOS_MODULE_TRACE, AGENTOS_SYNCRPC_LAT, PI_SNAPSHOT_BUNDLE_PATH) and the SECURE_EXEC_LOG startup knob. These are host-only, not guest-reachable, so allowlist them with justification per the lint's guidance. * test(execution): make python VFS RPC match exhaustive after delete/rename #138 added Unlink/Rmdir/Rename to PythonVfsRpcMethod but left the rpc-bridge test's match non-exhaustive (E0004), breaking clippy --all-targets. This test's scenario doesn't mutate the FS, so treat those variants as unexpected. * fix(native): regenerate fd-lock WASI patch against vendored 4.0.4 The committed patch was authored against an AsFd-based fd-lock; vendored 4.0.4 uses std::os::unix::io::AsRawFd, so the patch no longer applied and broke the WASM-command vendoring in the publish pipeline. Regenerated against the current source (generic AsOpenFile trait + real unsupported-target RwLock impls). * test(sidecar): allow too_many_arguments on python CLI test helpers clippy --all-targets -D warnings flagged two 8+/7-arg test helpers. * test(execution): service VFS RPCs in python prewarm test #138's runner sets up a kernel-VFS-backed site-packages on boot, emitting VFS RPCs that the prewarm test's .wait() path could not service (PendingVfsRpcRequest). Drive the event loop and reject VFS RPCs so the runner's best-effort setup degrades; the execution still completes. Verified locally. * test(sidecar): align limits frame-cap constant with production default The test hardcoded a 1 MiB SIDECAR_FRAME_CAP, but production validates limits with wire::DEFAULT_MAX_FRAME_BYTES (16 MiB; lib.rs/state.rs). The default fetch body cap tracks that 16 MiB, so the stale 1 MiB test cap made even the default config fail validation. Align the test constant to 16 MiB. * test(sidecar): align python VFS RPC path test with kernel-confinement model normalize_python_vfs_rpc_path roots at / and resolves textual ../. segments, deferring confinement to the kernel/mount layer (openat2 RESOLVE_BENEATH) per the trust model. The test still asserted the old workspace-prefix rejection; update it to expect textual resolution and rename accordingly. Only relative paths are rejected. * fix(native): build sh/brush without reedline on wasm #137 added the 'reedline' feature to cmd-sh for native PTY support, but reedline pulls brush-interactive's tokio block_in_place/Handle::block_on paths, which don't compile or run on single-threaded wasm — breaking the wasm command build (masked until the fd-lock patch fix let the build reach brush). Enable reedline only on native targets; wasm keeps 'minimal' (the pre-#137 wasm-building config). --------- Co-authored-by: NathanFlurry <anthropic2@nathanflurry.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
docker run -itcursor::position()(was a(0,0)stub) so the reedline prompt anchors correctly and Enter no longer clears the screenCursorPositionFiltertotarget_os = "wasi"pty_probefixture for deterministic PTY protocol testing