v1.57.8.0 feat: browse js/eval --out render-to-file (canonical Chromium for offline rendering)#1929
Merged
Merged
Conversation
Add --out <file> / --raw to js and eval so an evaluate result is written straight to disk (base64 data URLs auto-decoded to bytes, charset-validated before decode, parent dirs created) instead of serialized back through the CLI. --out is modeled as a per-invocation WRITE: it requires write scope, is never dispatchable over the pair-agent tunnel (canDispatchOverTunnel now consults args), and counts as a mutation for watch-mode and tab-ownership. Shared parseOutArgs/hasOutArg/resultToString helpers keep the handler and the gate in sync. Tests cover the parser, render-to-file paths, and tunnel guards.
Document the blessed offline-render path (headless, no proxy/Xvfb): visual output via screenshot --selector, bytes a function returns via js --out. Add the puppeteer->browse cheatsheet row, a "don't bundle your own Chromium" note (browse skill + CONTRIBUTING), and the --out/--raw command descriptions. Regenerate browse/SKILL.md, SKILL.md, and gstack/llms.txt from the templates.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…v1.59.1.0) The js and eval reference rows in BROWSER.md drifted: every other reference surface (SKILL.md, gstack/llms.txt, browse/SKILL.md) already shows the new [--out <file>] [--raw] flags from v1.59.1.0, but the complete browser reference still showed the pre-feature signatures. Add the flags plus the WRITE-capability / no-tunnel note so the reference matches what shipped. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Merging to
After your PR is submitted to the merge queue, this comment will be automatically updated with its status. If the PR fails, failure details will also be posted here |
E2E Evals: ✅ PASS17/17 tests passed | $1.72 total cost | 12 parallel runners
12x ubicloud-standard-8 (Docker: pre-baked toolchain + deps) | wall clock ≈ slowest suite |
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes #1906. Makes
browsethe single canonical Chromium per box, including offline local-render workloads, so skills stop bundling their own puppeteer + a second drifting Chromium.Render-to-file (
b6f03e53)js "<expr>" --out <file>andeval script.js --out <file>write the evaluate result to disk instead of returning it. Adata:*;base64,...result is decoded to raw bytes (case-insensitive header parse, split on first comma, base64-charset validated before decode — malformed errors loudly, no corrupt file);--rawforces a literal write. Parent dirs are created. Only a short... result written: <path> (<N> bytes)status crosses the command channel.--outis modeled as a per-invocation WRITE capability: requireswritescope, never dispatchable over the pair-agent tunnel (canDispatchOverTunnelnow consults args), and counts as a mutation for watch-mode and tab-ownership.js/evalstay read commands for dispatch; only the security gates treat--outas a write. SharedparseOutArgs/hasOutArg/resultToStringhelpers keep the handler and the gate in sync.Docs (
6a8c8190,830f6b6e)screenshot --selector(no bytes over CDP), bytes a function returns viajs --out. Puppeteer→browse cheatsheet row, "don't bundle your own Chromium" note (browse skill + CONTRIBUTING), and the--out/--rawreference rows across SKILL.md / llms.txt / BROWSER.md.Test Coverage
All new code paths covered. Added:
parseOutArgs/hasOutArgunit tests (--out/--out=,--raw, repeats, missing value, ordering,--outputlookalike),--outrender-to-file integration (large string not truncated, data-URL→PNG decode,--rawliteral, malformed-base64 error, outside-safe-dir reject, mkdir parents, eval parity, byte-for-byte null/undefined), and tunnel-gate guards proving--outis never tunnel-dispatchable. Targeted suites: commands.test.ts + tunnel-gate-unit.test.ts = 277 pass / 0 fail. Full free suite: green (exit 0).Pre-Landing Review
No issues found. Pass 1 (critical): no SQL; no new LLM trust-boundary egress (
--outreturns a short status; file bytes written server-side);validateOutputPathruns beforemkdirso an out-of-safe-dir path is rejected before any write. Security gate verified:--outblocked over tunnel, requires write scope, gated in watch/tab. Adversarial angles (uppercase--OUT,---prefixed value, data-URL path escape, symlink) all closed.Design Review
No frontend files changed — design review skipped.
Adversarial Review
Clean. The render-to-file path and the write-capability gate were challenged during planning (codex) and at pre-landing; no surviving findings.
TODOS
No TODOS.md items completed by this change. Advisory follow-up (not in this PR): migrate downstream local-render skills off bundled puppeteer onto
browse.Documentation
/document-releaseaudited all docs against the v1.57.8.0 browse render-to-file change.Doc diff preview
BROWSER.md: updated thejsandevalreference rows to show the new[--out <file>] [--raw]flags and the WRITE-capability / no-tunnel note, matching SKILL.md, gstack/llms.txt, and browse/SKILL.md.The feature's own commits already updated browse/SKILL.md(.tmpl), gstack/llms.txt, SKILL.md, and CONTRIBUTING.md. The CHANGELOG entry for v1.57.8.0 was left intact. VERSION is at 1.57.8.0.
Documentation Debt
js/eval --outand offline render mode have reference + how-to coverage in browse/SKILL.md but no standalone tutorial (low priority — browse/SKILL.md §14 has a worked example).🤖 Generated with Claude Code