thaloco/pyro-mcp
1
Fork 0
Code Pull requests Releases Packages Activity Actions
pyro-mcp/docs/roadmap/llm-chat-ergonomics/3.2.0-model-native-workspace-file-ops.md
Thales Maciel ab02ae46c7 Add model-native workspace file operations 
Remove shell-escaped file mutation from the stable workspace flow by adding explicit file and patch tools across the CLI, SDK, and MCP surfaces.

This adds workspace file list/read/write plus unified text patch application, backed by new guest and manager file primitives that stay scoped to started workspaces and /workspace only. Patch application is preflighted on the host, file writes stay text-only and bounded, and the existing diff/export/reset semantics remain intact.

The milestone also updates the 3.2.0 roadmap, public contract, docs, examples, and versioning, and includes focused coverage for the new helper module and dispatch paths.

Validation:
- uv lock
- UV_CACHE_DIR=.uv-cache make check
- UV_CACHE_DIR=.uv-cache make dist-check
- real guest-backed smoke for workspace file read, patch apply, exec, export, and delete
2026-03-12 22:03:25 -03:00

2.1 KiB
Raw Permalink Blame History

3.2.0 Model-Native Workspace File Ops

Status: Done

Goal

Remove shell quoting and hidden host-temp-file choreography from normal chat-driven workspace editing loops.

Public API Changes

Planned additions:

  • pyro workspace file list WORKSPACE_ID [PATH] [--recursive]
  • pyro workspace file read WORKSPACE_ID PATH [--max-bytes N]
  • pyro workspace file write WORKSPACE_ID PATH --text TEXT
  • pyro workspace patch apply WORKSPACE_ID --patch TEXT
  • matching Python SDK methods:
    • list_workspace_files
    • read_workspace_file
    • write_workspace_file
    • apply_workspace_patch
  • matching MCP tools:
    • workspace_file_list
    • workspace_file_read
    • workspace_file_write
    • workspace_patch_apply

Implementation Boundaries

  • scope all operations strictly under /workspace
  • keep these tools text-first and bounded in size
  • make patch application explicit and deterministic
  • keep workspace export as the host-out path for copying results back
  • keep shell and exec available for process-oriented work, not as the only way to mutate files

Non-Goals

  • no arbitrary host filesystem access
  • no generic SFTP or file-manager product identity
  • no replacement of shell or exec for process lifecycle work
  • no hidden auto-merge behavior for conflicting patches

Acceptance Scenarios

  • an agent reads a file, applies a patch, reruns tests, and exports the result without shell-escaped editing tricks
  • an agent inspects a repo tree and targeted files inside one workspace without relying on host-side temp paths
  • a repro-plus-fix loop is practical from MCP alone, not only from a custom host wrapper

Required Repo Updates

  • public contract updates across CLI, SDK, and MCP
  • docs and examples that show model-native file editing instead of shell-heavy file writes
  • at least one real smoke scenario centered on a repro-plus-fix loop

Outcome

  • shipped workspace file list|read|write and workspace patch apply across CLI, SDK, and MCP
  • kept the surface scoped to started workspaces and /workspace
  • updated docs, help text, examples, and smoke coverage around model-native editing flows