Make workspace-core the default MCP profile

Flip bare pyro mcp serve, create_server(), and Pyro.create_server() to default to workspace-core in 4.0.0 while keeping workspace-full as the explicit advanced opt-in surface. Rewrite the MCP-facing docs and host-specific examples around the bare default command, update package and catalog compatibility to 4.x, and move the public-contract wording from 3.x compatibility guidance to the new stable default. Adjust the server, API, and contract tests so bare server creation now asserts the workspace-core tool set, while explicit workspace-full coverage continues to prove shells, services, snapshots, and disk tools remain available. Validation: uv lock; .venv/bin/pytest --no-cov tests/test_cli.py tests/test_api.py tests/test_server.py tests/test_public_contract.py; UV_CACHE_DIR=.uv-cache make check; UV_CACHE_DIR=.uv-cache make dist-check; real guest-backed smoke for bare Pyro.create_server() plus explicit profile="workspace-full".
2026-03-13 14:14:15 -03:00 · 2026-03-13 14:14:15 -03:00 · c00c699a9f
commit c00c699a9f
parent 68d8e875e0
25 changed files with 170 additions and 121 deletions
--- a/docs/first-run.md
+++ b/docs/first-run.md
@ -22,7 +22,7 @@ Networking: tun=yes ip_forward=yes

 ```bash
 $ uvx --from pyro-mcp pyro env list
-Catalog version: 3.11.0
+Catalog version: 4.0.0
 debian:12 [installed|not installed] Debian 12 environment with Git preinstalled for common agent workflows.
 debian:12-base [installed|not installed] Minimal Debian 12 environment for shell and core Unix tooling.
 debian:12-build [installed|not installed] Debian 12 environment with Git and common build tools preinstalled.
@ -115,12 +115,13 @@ $ uvx --from pyro-mcp pyro workspace shell open WORKSPACE_ID --secret-env API_TO
 $ uvx --from pyro-mcp pyro workspace service start WORKSPACE_ID app --secret-env API_TOKEN --ready-file .ready -- sh -lc 'touch .ready && while true; do sleep 60; done'
 $ uvx --from pyro-mcp pyro workspace create debian:12 --network-policy egress+published-ports
 $ uvx --from pyro-mcp pyro workspace service start WORKSPACE_ID app --ready-http http://127.0.0.1:8080/ --publish 18080:8080 -- ./start-app
-$ uvx --from pyro-mcp pyro mcp serve --profile workspace-core
-$ claude mcp add pyro -- uvx --from pyro-mcp pyro mcp serve --profile workspace-core
-$ codex mcp add pyro -- uvx --from pyro-mcp pyro mcp serve --profile workspace-core
+$ uvx --from pyro-mcp pyro mcp serve
+$ claude mcp add pyro -- uvx --from pyro-mcp pyro mcp serve
+$ codex mcp add pyro -- uvx --from pyro-mcp pyro mcp serve
 ```

-For most chat hosts, `workspace-core` is the recommended first MCP profile.
+For most chat hosts, bare `pyro mcp serve` now starts `workspace-core`, the
+recommended first MCP profile.
 Move to `workspace-full` only when the host truly needs shells, services,
 snapshots, secrets, network policy, or disk tools.

@ -268,7 +269,7 @@ State: started
 Use `--seed-path` when the workspace should start from a host directory or a local
 `.tar` / `.tar.gz` / `.tgz` archive instead of an empty `/workspace`. Use
 `pyro workspace sync push` when you need to import later host-side changes into a started
-workspace. Sync is non-atomic in `3.11.0`; if it fails partway through, prefer `pyro workspace reset`
+workspace. Sync is non-atomic in `4.0.0`; if it fails partway through, prefer `pyro workspace reset`
 to recover from `baseline` or one named snapshot. Use `pyro workspace diff` to compare the current
 `/workspace` tree to its immutable create-time baseline, `pyro workspace snapshot *` to create
 named checkpoints, and `pyro workspace export` to copy one changed file or directory back to the
--- a/docs/install.md
+++ b/docs/install.md
@ -85,7 +85,7 @@ uvx --from pyro-mcp pyro env list
 Expected output:

 ```bash
-Catalog version: 3.11.0
+Catalog version: 4.0.0
 debian:12 [installed|not installed] Debian 12 environment with Git preinstalled for common agent workflows.
 debian:12-base [installed|not installed] Minimal Debian 12 environment for shell and core Unix tooling.
 debian:12-build [installed|not installed] Debian 12 environment with Git and common build tools preinstalled.
@ -231,16 +231,17 @@ After the CLI path works, you can move on to:
 - interactive shells: `pyro workspace shell open WORKSPACE_ID --id-only`
 - long-running services: `pyro workspace service start WORKSPACE_ID app --ready-file .ready -- sh -lc 'touch .ready && while true; do sleep 60; done'`
 - localhost-published ports: `pyro workspace create debian:12 --network-policy egress+published-ports` and `pyro workspace service start WORKSPACE_ID app --ready-http http://127.0.0.1:8080/ --publish 18080:8080 -- ./start-app`
- MCP: `pyro mcp serve --profile workspace-core`
+- MCP: `pyro mcp serve`
 - Python SDK: `from pyro_mcp import Pyro`
 - Demos: `pyro demo` or `pyro demo --network`

 ## Chat Host Quickstart

-For most chat-host integrations, start with `workspace-core`:
+For most chat-host integrations, bare `pyro mcp serve` now starts
+`workspace-core`:

 ```bash
-uvx --from pyro-mcp pyro mcp serve --profile workspace-core
+uvx --from pyro-mcp pyro mcp serve
 ```

 Copy-paste host-specific starts:
@ -253,25 +254,27 @@ Copy-paste host-specific starts:
 Claude Code:

 ```bash
-claude mcp add pyro -- uvx --from pyro-mcp pyro mcp serve --profile workspace-core
+claude mcp add pyro -- uvx --from pyro-mcp pyro mcp serve
 ```

 Codex:

 ```bash
-codex mcp add pyro -- uvx --from pyro-mcp pyro mcp serve --profile workspace-core
+codex mcp add pyro -- uvx --from pyro-mcp pyro mcp serve
 ```

 OpenCode uses the `mcp`/`type: "local"` config shape shown in
 [examples/opencode_mcp_config.json](../examples/opencode_mcp_config.json). If
 `pyro-mcp` is already installed, replace the `uvx --from pyro-mcp pyro`
-command with `pyro` in the same host-specific command or config shape.
+command with `pyro` in the same host-specific command or config shape. Use
+`--profile workspace-full` only when the host truly needs the full advanced
+workspace surface.

 Use profile progression like this:

- `workspace-core`: recommended first profile for normal persistent chat editing
+- `workspace-core`: default and recommended first profile for normal persistent chat editing
 - `vm-run`: one-shot-only integrations
- `workspace-full`: advanced 3.x compatibility surface when the host truly needs shells, services, snapshots, secrets, network policy, or disk tools
+- `workspace-full`: explicit advanced opt-in when the host truly needs shells, services, snapshots, secrets, network policy, or disk tools

 ## Stable Workspace

@ -320,7 +323,7 @@ the identifier programmatically, use `--id-only` for only the identifier or `--j
 workspace payload. Use `--seed-path`
 when the workspace should start from a host directory or a local `.tar` / `.tar.gz` / `.tgz`
 archive. Use `pyro workspace sync push` for later host-side changes to a started workspace. Sync
-is non-atomic in `3.11.0`; if it fails partway through, prefer `pyro workspace reset` to recover
+is non-atomic in `4.0.0`; if it fails partway through, prefer `pyro workspace reset` to recover
 from `baseline` or one named snapshot. Use `pyro workspace diff` to compare the current workspace
 tree to its immutable create-time baseline, `pyro workspace snapshot *` to capture named
 checkpoints, and `pyro workspace export` to copy one changed file or directory back to the host. Use
--- a/docs/integrations.md
+++ b/docs/integrations.md
@ -7,7 +7,7 @@ CLI path in [install.md](install.md) or [first-run.md](first-run.md).

 ## Recommended Default

-Start most chat hosts with `workspace-core`. Use `vm_run` only for one-shot
+Bare `pyro mcp serve` now starts `workspace-core`. Use `vm_run` only for one-shot
 integrations, and promote the chat surface to `workspace-full` only when it
 truly needs shells, services, snapshots, secrets, network policy, or disk
 tools.
@ -21,7 +21,7 @@ That keeps the model-facing contract small:

 Profile progression:

- `workspace-core`: recommended first profile for persistent chat editing
+- `workspace-core`: default and recommended first profile for persistent chat editing
 - `vm-run`: one-shot only
 - `workspace-full`: the full stable workspace surface, including shells, services, snapshots, secrets, network policy, and disk tools

@ -55,12 +55,12 @@ Best when:

 Recommended entrypoint:

- `pyro mcp serve --profile workspace-core`
+- `pyro mcp serve`

 Profile progression:

 - `pyro mcp serve --profile vm-run` for the smallest one-shot surface
- `pyro mcp serve --profile workspace-core` for the normal persistent chat loop
+- `pyro mcp serve` for the normal persistent chat loop
 - `pyro mcp serve --profile workspace-full` only when the model truly needs advanced workspace tools

 Host-specific onramps:
@ -84,7 +84,7 @@ Best when:
 Recommended default:

 - `Pyro.run_in_vm(...)`
- `Pyro.create_server(profile="workspace-core")` for most chat hosts
+- `Pyro.create_server()` for most chat hosts now that `workspace-core` is the default profile
 - `Pyro.create_workspace(name=..., labels=...)` + `Pyro.list_workspaces()` + `Pyro.update_workspace(...)` when repeated workspaces need human-friendly discovery metadata
 - `Pyro.create_workspace(seed_path=...)` + `Pyro.push_workspace_sync(...)` + `Pyro.exec_workspace(...)` when repeated workspace commands are required
 - `Pyro.list_workspace_files(...)` / `Pyro.read_workspace_file(...)` / `Pyro.write_workspace_file(...)` / `Pyro.apply_workspace_patch(...)` when the agent needs model-native file inspection and text edits inside one live workspace
--- a/docs/public-contract.md
+++ b/docs/public-contract.md
@ -129,8 +129,8 @@ Primary facade:

 Supported public entrypoints:

- `create_server(profile="workspace-full")`
- `Pyro.create_server(profile="workspace-full")`
+- `create_server()`
+- `Pyro.create_server()`
 - `Pyro.list_environments()`
 - `Pyro.pull_environment(environment)`
 - `Pyro.inspect_environment(environment)`
@ -180,7 +180,7 @@ Supported public entrypoints:

 Stable public method names:

- `create_server(profile="workspace-full")`
+- `create_server()`
 - `list_environments()`
 - `pull_environment(environment)`
 - `inspect_environment(environment)`
@ -277,9 +277,9 @@ Stable MCP profiles:

 Behavioral defaults:

- `pyro mcp serve` and `create_server()` default to `workspace-full` for 3.x compatibility.
- `workspace-core` is the recommended first profile for most new chat-host integrations.
- `create_server(profile="workspace-core")` and `Pyro.create_server(profile="workspace-core")` are the recommended entrypoints for most new chat-host integrations.
+- `pyro mcp serve`, `create_server()`, and `Pyro.create_server()` default to `workspace-core`.
+- `workspace-core` is the default and recommended first profile for most new chat-host integrations.
+- `create_server(profile="workspace-full")` and `Pyro.create_server(profile="workspace-full")` opt into the full advanced workspace surface explicitly.
 - `workspace-core` narrows `workspace_create` by omitting `network_policy` and `secrets`.
 - `workspace-core` narrows `workspace_exec` by omitting `secret_env`.

--- a/docs/roadmap/llm-chat-ergonomics.md
+++ b/docs/roadmap/llm-chat-ergonomics.md
@ -6,7 +6,7 @@ goal:
 make the core agent-workspace use cases feel trivial from a chat-driven LLM
 interface.

-Current baseline is `3.11.0`:
+Current baseline is `4.0.0`:

 - the stable workspace contract exists across CLI, SDK, and MCP
 - one-shot `pyro run` still exists as the narrow entrypoint
@ -35,10 +35,7 @@ More concretely, the model should not need to:

 The remaining UX friction for a technically strong new user is now narrower:

- the generic MCP guidance is strong, but Codex and OpenCode still ask the user
-  to translate the generic config into host-specific setup steps
- `workspace-core` is clearly the recommended profile, but `pyro mcp serve` and
-  `create_server()` still default to `workspace-full` for `3.x` compatibility
+- no major chat-host ergonomics gaps remain in the current roadmap

 ## Locked Decisions

@ -64,7 +61,7 @@ The remaining UX friction for a technically strong new user is now narrower:
 8. [`3.9.0` Content-Only Reads And Human Output Polish](llm-chat-ergonomics/3.9.0-content-only-reads-and-human-output-polish.md) - Done
 9. [`3.10.0` Use-Case Smoke Trust And Recipe Fidelity](llm-chat-ergonomics/3.10.0-use-case-smoke-trust-and-recipe-fidelity.md) - Done
 10. [`3.11.0` Host-Specific MCP Onramps](llm-chat-ergonomics/3.11.0-host-specific-mcp-onramps.md) - Done
-11. [`4.0.0` Workspace-Core Default Profile](llm-chat-ergonomics/4.0.0-workspace-core-default-profile.md)
+11. [`4.0.0` Workspace-Core Default Profile](llm-chat-ergonomics/4.0.0-workspace-core-default-profile.md) - Done

 Completed so far:

@ -93,13 +90,12 @@ Completed so far:
 - `3.11.0` added exact host-specific MCP onramps for Claude Code, Codex, and OpenCode so new
  chat-host users can copy one known-good setup example instead of translating the generic MCP
  config manually.
+- `4.0.0` flipped the default MCP/server profile to `workspace-core`, so the bare entrypoint now
+  matches the recommended narrow chat-host profile across CLI, SDK, and package-level factories.

 Planned next:

- `4.0.0` flips the default MCP profile from `workspace-full` to
-  `workspace-core` so the no-flag server entrypoint finally matches the
-  recommended docs path, while keeping explicit opt-in access to the full
-  advanced surface.
+- no further chat-ergonomics milestones are currently planned in this roadmap.

 ## Expected Outcome

--- a/docs/roadmap/llm-chat-ergonomics/4.0.0-workspace-core-default-profile.md
+++ b/docs/roadmap/llm-chat-ergonomics/4.0.0-workspace-core-default-profile.md
@ -1,6 +1,6 @@
 # `4.0.0` Workspace-Core Default Profile

-Status: Planned
+Status: Done

 ## Goal