phi-core 0.10.0

Simple, effective agent loop with tool execution and event streaming
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277

use super::model::*;
use std::path::{Path, PathBuf};
use std::time::Duration;

/// Total budget for waiting on an exclusive advisory lock before giving up with
/// [`SessionError::Locked`]. 5 s is enough to ride out brief contention from a
/// peer writer while still failing fast on stuck locks.
const LOCK_RETRY_BUDGET: Duration = Duration::from_secs(5);
/// Interval between exclusive-lock retry attempts during the budget window.
const LOCK_RETRY_INTERVAL: Duration = Duration::from_millis(50);

/// Save a session to `{dir}/{session_id}.json`, creating `dir` if necessary.
///
/// Returns the path the file was written to.
///
/// This is the legacy sync entry point retained for backward compatibility. New code
/// should prefer [`SessionStore`] + [`FileSystemSessionStore`] which adds advisory
/// file locking and atomic rename semantics so concurrent writers cannot corrupt the
/// session file.
pub fn save_session(session: &Session, dir: &Path) -> Result<PathBuf, SessionError> {
    std::fs::create_dir_all(dir)?;
    let path = dir.join(format!("{}.json", session.session_id));
    let file = std::fs::File::create(&path)?;
    serde_json::to_writer_pretty(file, session)?;
    Ok(path)
}

/// Load a session from `{dir}/{session_id}.json`.
pub fn load_session(session_id: &str, dir: &Path) -> Result<Session, SessionError> {
    let path = dir.join(format!("{}.json", session_id));
    if !path.exists() {
        return Err(SessionError::NotFound {
            session_id: session_id.to_string(),
        });
    }
    let file = std::fs::File::open(path)?;
    let session: Session = serde_json::from_reader(file)?;
    Ok(session)
}

/// List all session IDs in `dir`, sorted by file modification time (newest first).
pub fn list_session_ids(dir: &Path) -> Result<Vec<String>, SessionError> {
    if !dir.exists() {
        return Ok(Vec::new());
    }
    let mut entries: Vec<(std::time::SystemTime, String)> = std::fs::read_dir(dir)?
        .filter_map(|e| e.ok())
        .filter(|e| {
            e.path()
                .extension()
                .and_then(|x| x.to_str())
                .map(|x| x == "json")
                .unwrap_or(false)
        })
        .filter_map(|e| {
            let stem = e
                .path()
                .file_stem()
                .and_then(|s| s.to_str())
                .map(|s| s.to_string())?;
            let mtime = e.metadata().ok()?.modified().ok()?;
            Some((mtime, stem))
        })
        .collect();
    entries.sort_by_key(|e| std::cmp::Reverse(e.0)); // newest first
    Ok(entries.into_iter().map(|(_, id)| id).collect())
}

/// Load all sessions in `dir` that belong to `agent_id`.
pub fn load_sessions_for_agent(agent_id: &str, dir: &Path) -> Result<Vec<Session>, SessionError> {
    let ids = list_session_ids(dir)?;
    let mut sessions = Vec::new();
    for id in ids {
        match load_session(&id, dir) {
            Ok(s) if s.agent_id == agent_id => sessions.push(s),
            Ok(_) => {}
            Err(SessionError::NotFound { .. }) => {}
            Err(e) => return Err(e),
        }
    }
    Ok(sessions)
}

/// Delete `{dir}/{session_id}.json`.
pub fn delete_session(session_id: &str, dir: &Path) -> Result<(), SessionError> {
    let path = dir.join(format!("{}.json", session_id));
    if !path.exists() {
        return Err(SessionError::NotFound {
            session_id: session_id.to_string(),
        });
    }
    std::fs::remove_file(path)?;
    Ok(())
}

// ---------------------------------------------------------------------------
// SessionStore — async, concurrency-safe persistence
// ---------------------------------------------------------------------------

/// Async pluggable persistence backend for sessions.
///
/// Implementors are free to back this with the filesystem, an object store, a database,
/// etc. The default in-tree implementation is [`FileSystemSessionStore`] which guards
/// every write with an exclusive advisory lock + atomic rename so concurrent processes
/// cannot corrupt session files.
///
/// `list_for_agent` carries a default implementation in terms of the other methods,
/// so most implementors only need to provide the four required methods.
#[async_trait::async_trait]
pub trait SessionStore: Send + Sync {
    /// Persist a session, replacing any existing record with the same `session_id`.
    async fn save(&self, session: &Session) -> Result<(), SessionError>;

    /// Load a session by id. Returns `SessionError::NotFound` if absent.
    async fn load(&self, session_id: &str) -> Result<Session, SessionError>;

    /// List all session ids known to this store.
    async fn list_ids(&self) -> Result<Vec<String>, SessionError>;

    /// Delete a session by id. Returns `SessionError::NotFound` if absent.
    async fn delete(&self, session_id: &str) -> Result<(), SessionError>;

    /// Load every session belonging to `agent_id`. Default impl iterates `list_ids` +
    /// `load`; override for stores that can serve this from an index.
    async fn list_for_agent(&self, agent_id: &str) -> Result<Vec<Session>, SessionError> {
        let mut sessions = Vec::new();
        for id in self.list_ids().await? {
            match self.load(&id).await {
                Ok(s) if s.agent_id == agent_id => sessions.push(s),
                Ok(_) => {}
                Err(SessionError::NotFound { .. }) => {}
                Err(e) => return Err(e),
            }
        }
        Ok(sessions)
    }
}

/// Filesystem-backed [`SessionStore`] with advisory locking and atomic writes.
///
/// Writes go through a tmp file in the same directory followed by `std::fs::rename`,
/// which is atomic on POSIX. An exclusive advisory lock on a `.lock` sidecar serialises
/// writers; readers are unsynchronised because the atomic rename guarantees a complete
/// file is always visible. On contention, `save()` retries for up to
/// `LOCK_RETRY_BUDGET` (5 s) before returning `SessionError::Locked`.
pub struct FileSystemSessionStore {
    dir: PathBuf,
}

impl FileSystemSessionStore {
    /// Construct a store rooted at `dir`. The directory is created lazily on first save.
    pub fn new(dir: impl Into<PathBuf>) -> Self {
        Self { dir: dir.into() }
    }

    /// Return the storage root directory.
    pub fn dir(&self) -> &Path {
        &self.dir
    }
}

/// Map a `tokio::task::JoinError` into a `SessionError::Task` while preserving the message.
fn map_join_err(e: tokio::task::JoinError) -> SessionError {
    SessionError::Task(e.to_string())
}

#[async_trait::async_trait]
impl SessionStore for FileSystemSessionStore {
    async fn save(&self, session: &Session) -> Result<(), SessionError> {
        let dir = self.dir.clone();
        let session = session.clone();
        tokio::task::spawn_blocking(move || save_with_lock(&dir, &session))
            .await
            .map_err(map_join_err)?
    }

    async fn load(&self, session_id: &str) -> Result<Session, SessionError> {
        let dir = self.dir.clone();
        let id = session_id.to_string();
        tokio::task::spawn_blocking(move || load_session(&id, &dir))
            .await
            .map_err(map_join_err)?
    }

    async fn list_ids(&self) -> Result<Vec<String>, SessionError> {
        let dir = self.dir.clone();
        tokio::task::spawn_blocking(move || list_session_ids(&dir))
            .await
            .map_err(map_join_err)?
    }

    async fn delete(&self, session_id: &str) -> Result<(), SessionError> {
        let dir = self.dir.clone();
        let id = session_id.to_string();
        tokio::task::spawn_blocking(move || delete_session(&id, &dir))
            .await
            .map_err(map_join_err)?
    }
}

/// Internal: perform a concurrency-safe save inside a blocking thread.
///
/// 1. Create the directory if missing.
/// 2. Open / create the `.lock` sidecar and acquire an exclusive advisory lock
///    (retrying within `LOCK_RETRY_BUDGET`).
/// 3. Write JSON to `{dir}/{id}.json.tmp.{pid}.{nonce}`, fsync.
/// 4. Atomically rename onto the final `{dir}/{id}.json`.
/// 5. Release the lock by dropping the file handle.
fn save_with_lock(dir: &Path, session: &Session) -> Result<(), SessionError> {
    use fs2::FileExt;
    use std::time::Instant;

    std::fs::create_dir_all(dir)?;
    let session_id = &session.session_id;
    let final_path = dir.join(format!("{}.json", session_id));
    let lock_path = dir.join(format!("{}.json.lock", session_id));

    // Open (or create) the lock sidecar. Truncation is irrelevant — we only use the
    // file descriptor as the lock target.
    let lock_file = std::fs::OpenOptions::new()
        .read(true)
        .write(true)
        .create(true)
        .truncate(false)
        .open(&lock_path)?;

    // Acquire exclusive lock with bounded retry. On Windows + POSIX, fs2 uses the
    // platform-native primitive (LockFileEx / fcntl) so this is cross-platform.
    let start = Instant::now();
    loop {
        match lock_file.try_lock_exclusive() {
            Ok(()) => break,
            Err(_) if start.elapsed() < LOCK_RETRY_BUDGET => {
                std::thread::sleep(LOCK_RETRY_INTERVAL);
            }
            Err(_) => {
                return Err(SessionError::Locked {
                    session_id: session_id.clone(),
                });
            }
        }
    }

    // Atomic write: tmp → rename. The tmp name carries pid + nanos to avoid collision
    // between concurrent processes that might share a directory.
    let nonce = std::time::SystemTime::now()
        .duration_since(std::time::UNIX_EPOCH)
        .map(|d| d.as_nanos())
        .unwrap_or(0);
    let tmp_path = dir.join(format!(
        "{}.json.tmp.{}.{}",
        session_id,
        std::process::id(),
        nonce
    ));

    {
        let tmp_file = std::fs::File::create(&tmp_path)?;
        serde_json::to_writer_pretty(&tmp_file, session)?;
        // fsync to make the bytes durable before the rename, so a crash here cannot
        // leave a half-written file behind a fresh rename.
        tmp_file.sync_all()?;
    }

    if let Err(e) = std::fs::rename(&tmp_path, &final_path) {
        // Clean up the tmp file on rename failure; the lock will be released by drop.
        let _ = std::fs::remove_file(&tmp_path);
        return Err(SessionError::Io(e));
    }

    // Releasing the lock happens when `lock_file` goes out of scope (drop closes the fd
    // which releases the OS-level advisory lock). The lock sidecar file is left behind
    // intentionally — recreating it on every save would defeat the lock semantics under
    // contention (a concurrent writer might recreate-and-lock between drop and unlink).
    drop(lock_file);
    Ok(())
}