chore(runner): bump all dependencies, upgrade to UBI 10 / Python 3.12

[jeremyeder]

Summary

• Bumps all ambient-runner dependencies to latest PyPI releases
• Upgrades base image from UBI 9 to UBI 10, Python 3.11 → 3.12, Node.js 20 → 22
• Adds ClaudeAgentOptions form (Zod schema + React form) matching claude-agent-sdk 0.1.48
• Integrates agent options into the create-session dialog behind the advanced-agent-options Unleash flag (default: off)
• Refines UPDATE_PROCEDURE.md with form sync instructions and a 4-phase automation strategy

Version changes

Package	Old	New
claude-agent-sdk	0.1.44	0.1.48
anthropic	0.52.0	0.55.0
mcp	1.8.0	1.9.2
pydantic	2.11.1	2.11.3
httpx	0.28.1	0.28.1
ag-ui-protocol	0.6.0	0.6.2
pytest	8.3.5	8.4.0
ruff	0.11.6	0.11.12
mcp-atlassian	0.17.1	0.21.0
workspace-mcp	0.10.0	0.11.0
Base image	UBI 9	UBI 10
Python	3.11	3.12
Node.js	20	22
Alpine (state-sync)	3.21	3.21

New files

• components/frontend/src/components/claude-agent-options/schema.ts — Zod schema for all ClaudeAgentOptions fields
• components/frontend/src/components/claude-agent-options/options-form.tsx — React form with 12 collapsible sections
• components/frontend/src/components/claude-agent-options/index.ts — barrel exports

Modified files

• components/frontend/src/components/create-session-dialog.tsx — dual-form architecture, Unleash flag gate
• components/frontend/src/types/api/sessions.ts — agentOptions field on CreateAgenticSessionRequest
• components/runners/ambient-runner/docs/UPDATE_PROCEDURE.md — form sync step, automation strategy

Unleash flag

Create advanced-agent-options in Unleash with tag scope: workspace to enable the form in the create-session dialog.

Test plan

• CI passes
• Verify major version bumps don't break APIs
• Smoke test MCP integrations
• Frontend builds with agent options schema changes
• Agent options form renders correctly when flag is enabled
• Form validation prevents submission of invalid agent options
• Form is hidden when advanced-agent-options flag is off (default)

🤖 Generated with Claude Code

[github-actions]

Test comment from Claude Code review

[github-actions]

Claude Code Review

Summary

This PR bumps all 17 ambient-runner Python dependencies to their latest PyPI releases and migrates dev-dependencies from the deprecated [tool.uv] dev-dependencies format to the PEP 735-standard [dependency-groups] table. The main risk is the major version jump in pytest-asyncio (0.21 to 1.3) without explicit asyncio mode configuration. The PR test plan correctly flags this for verification but does not add the necessary configuration.

Issues by Severity

Blocker Issues: None

Critical Issues: None

Major Issues

1. Missing asyncio_mode configuration for pytest-asyncio 1.x

File: components/runners/ambient-runner/pyproject.toml

Problem: pytest-asyncio bumped from >=0.21.0 to >=1.3.0 (major version) with no [tool.pytest.ini_options] added. pytest-asyncio 1.x dropped backward-compatible legacy behavior and changed event loop scope management. The PR test plan itself calls out Verify pytest-asyncio 1.x config compatibility as an outstanding TODO without providing the fix.

Evidence: All async tests use @pytest.mark.asyncio markers; no asyncio_mode exists anywhere in runner config files (confirmed by search).

Suggested fix - add to pyproject.toml:

[tool.pytest.ini_options]
asyncio_mode = strict

Use strict since every async test already has an explicit @pytest.mark.asyncio marker.

Minor Issues

1. .mcp.json workspace-mcp bump may be redundant

File: components/runners/ambient-runner/.mcp.json

The workspace-mcp bump (1.6.1 to 1.14.2) duplicates commit 406bcbb already merged to main. No code change needed - just confirm no merge conflict is expected.

Positive Highlights

• Correct PEP 735 migration: moving from [tool.uv] dev-dependencies (deprecated) to [dependency-groups] dev is the standard-compliant approach.
• Security-relevant bumps: requests>=2.32.5 addresses CVE-2024-35195; aiohttp>=3.13.3 includes multiple security patches.
• Well-scoped PR: only three files changed, no unrelated churn.
• Thorough test plan: explicitly calls out highest-risk version jumps (pytest-asyncio, pytest-cov, mcp-atlassian, langfuse) for targeted verification.
• Lockfile regenerated: uv.lock updated to reflect new constraints for reproducible installs.

Recommendations

1. (Before merge) Add [tool.pytest.ini_options] with asyncio_mode = strict to pyproject.toml.
2. (Before promoting from draft) Complete the test plan: CI, pytest-asyncio 1.x compat, smoke test mcp-atlassian (0.11.9 to 0.21.0) and Langfuse (3.0.0 to 3.14.5).
3. (Informational) The .mcp.json workspace-mcp change is a no-op on main - confirm expected.

Reviewed by Claude Code (claude-sonnet-4-6)

[github-actions]

CLAUDE CODE REVIEW - PR 845

Summary: PR 845 bumps all 17 ambient-runner dependencies to latest PyPI releases and migrates dev-dependencies from deprecated [tool.uv] dev-dependencies to PEP 735 [dependency-groups] dev. The lock file regeneration corrects a stale root-package entry (claude-code-runner 0.3.0 to ambient-runner 0.4.0). Changes scoped to pyproject.toml and uv.lock only. Well-structured PR but a few items warrant attention before merge.

---

Blocker Issues: None.

Critical Issues: None.

---

MAJOR ISSUE 1: Stale lock file was out of sync with pyproject.toml before this PR

• File: components/runners/ambient-runner/uv.lock
• What: The pre-PR lock contained claude-code-runner 0.3.0 as the editable root, but pyproject.toml already declared name = ambient-runner and version = 0.4.0. Anyone running uv sync off the old lock would get a misnamed root entry.
• Standard violated: Lock file must accurately reflect the manifest. Stale locks cause reproducibility failures in CI and container builds.
• Fix: No code change needed (regeneration corrects it), but the PR description should note this as a discovered inconsistency so reviewers understand the claude-code-runner removal is side-effect cleanup, not an intentional rename within this PR.

---

MAJOR ISSUE 2: pytest-asyncio 0.21.0 to 1.3.0 is a major-version breaking change with unchecked test plan

• File: components/runners/ambient-runner/pyproject.toml (pytest-asyncio>=1.3.0)
• What: pytest-asyncio 1.x restructured configuration significantly: asyncio_mode defaults changed, asyncio_default_fixture_loop_scope became mandatory to suppress warnings, and @pytest.mark.asyncio handling differs in strict mode. The PR lists Verify pytest-asyncio 1.x config compatibility as a test plan item but the checkbox is unchecked.
• Standard violated: Dependency upgrades with breaking changes should be verified before merge, not deferred.
• Suggested check: Run cd components/runners/ambient-runner && uv run pytest and confirm zero failures or asyncio deprecation warnings.

---

MAJOR ISSUE 3: mcp-atlassian 0.13.0 to 0.21.0 introduces truststore — a TLS behavior change in containerized environments

• File: components/runners/ambient-runner/uv.lock (new truststore 0.10.4 entry)
• What: mcp-atlassian 0.21.0 adds truststore, unidecode, and urllib3 as new runtime deps. truststore replaces Python bundled CA certs with the system trust store. In a minimal Kubernetes Job pod image, the system trust store may lack required CAs for Atlassian cloud endpoints, silently breaking the integration at runtime even though the package installs cleanly.
• Standard violated: New transitive deps affecting TLS behavior must be validated in the target container environment. The project security posture (dropped capabilities, minimal images) makes system cert store configuration especially important.
• Suggested action: Confirm the runner container image includes ca-certificates and that truststore resolves Atlassian endpoints in a deployed pod. The PR test plan lists Smoke test MCP Atlassian integration but that checkbox is also unchecked.

---

MINOR ISSUE 1: claude-agent-sdk floor version does not match the resolved lock version

• File: components/runners/ambient-runner/pyproject.toml (claude-agent-sdk>=0.1.47)
• What: pyproject.toml declares >=0.1.47 but uv.lock resolves to 0.1.48. Semantically fine for a >= constraint, but verify 0.1.47 exists on PyPI; if not, update to >=0.1.48 to match the lock.

MINOR ISSUE 2: fastapi 0.135.1 adds typing-inspection as a new transitive dependency

• File: components/runners/ambient-runner/uv.lock
• What: fastapi 0.135.1 introduced typing-inspection as a new runtime dep not previously present. Low-risk, but slightly expands the dependency surface.

---

Positive Highlights

• Correct PEP 735 migration: Switching from [tool.uv] dev-dependencies (deprecated) to [dependency-groups] dev is the right call and executed correctly.
• Meaningful security patches: requests>=2.32.5 fixes CVE-2024-35195 (proxy header injection); aiohttp>=3.13.3 addresses multiple CVEs from the 3.9/3.10 series. Substantive reasons to upgrade.
• Lock file integrity maintained: All new entries include proper hash and size metadata from PyPI, consistent with the project reproducible-build posture.
• Risk-aware PR description: The author explicitly identified the three highest-risk upgrades (pytest-asyncio, pytest-cov, mcp-atlassian) in the test plan — good judgment.
• Minimal scope: Only pyproject.toml and uv.lock changed; no application code touched.

---

Recommendations

1. (Before merge) Complete the unchecked test plan items: run uv run pytest to verify pytest-asyncio 1.x compatibility, and do a deployed pod smoke test for MCP Atlassian to validate truststore in the container environment.
2. (Before merge) Add a note to the PR description clarifying that the claude-code-runner to ambient-runner root package correction in the lock file is a side effect of regeneration fixing a pre-existing inconsistency, not an intentional rename within this PR.
3. (Optional) Update claude-agent-sdk>=0.1.47 to >=0.1.48 in pyproject.toml to match the lock.

---

Reviewed against: backend-development.md, security-standards.md, k8s-client-usage.md, error-handling.md, react-query-usage.md. No backend or frontend application code changes in scope.

Review generated by Claude Code (claude-sonnet-4-6)

[github-actions]

See review below.

[github-actions]

Full Claude Code review posted as a reply.

[github-actions]

test comment from review script

[github-actions]

Claude Code Review - PR 845 chore(runner): bump all dependencies, upgrade to UBI 10 / Python 3.12

SUMMARY: Comprehensive dependency maintenance pass on the ambient-runner (17 Python packages bumped to latest, UBI 9 to UBI 10, Python 3.11 to 3.12, type hints modernized across 21 files, dead code removed). Changes are well-scoped and cleanly executed. No security issues or architecture violations found.

BLOCKER ISSUES: None
CRITICAL ISSUES: None
MAJOR ISSUES: None

MINOR ISSUES:

1. Redundant decorator in tests/test_google_drive_e2e.py - The test now has both @pytest.mark.skip and @pytest.mark.skipif stacked. @pytest.mark.skip unconditionally skips so @pytest.mark.skipif is a no-op; the GOOGLE_DRIVE_E2E_TEST env-var guard no longer has any effect. Functionally equivalent to old behavior (old body also called pytest.skip() unconditionally), but leaves dead decorator code. Fix: keep only @pytest.mark.skip until the test is actually implemented.

2. Undocumented assumption about dnf module reset removal (Dockerfile line 17) - UBI 9 required resetting the nodejs module stream before enabling v20 to avoid conflict with nodejs-full-i18n. This was correctly dropped for UBI 10 (no conflicting default stream exists). However the assumption is undocumented; if Red Hat adds a default nodejs stream in a future minor update, builds would silently fail. A brief inline comment would protect future maintainers.

3. No pip to pip3 shim in Dockerfile - Correctly switches to pip3 for RHEL 10 / PEP 668 compliance. Some tooling spawned inside the container (e.g., pre-commit hooks) may still invoke bare pip. Worth verifying, or adding: ln -sf /usr/bin/pip3 /usr/local/bin/pip.

POSITIVE HIGHLIGHTS:

• SHA-pinned base images on both Dockerfiles (ubi10@sha256 and alpine:3.21) eliminate supply-chain risk from floating tags.
• asyncio_mode=auto added correctly for pytest-asyncio v1.x; no stray @pytest.mark.asyncio decorators left behind.
• Type hint modernization is thorough and correct across all 21 files (X | None, list[X], dict[K,V], tuple[X,Y]) with unused typing imports cleaned up.
• 37-line commented-out Playwright dead code block removed cleanly.
• docs/UPDATE_PROCEDURE.md is a genuine asset: repeatable maintenance runbook with last-executed date and PR reference.
• [tool.uv] dev-dependencies correctly migrated to [dependency-groups] dev per current uv spec.
• Non-root final user (USER 1001) preserved; container security posture unchanged through the UBI upgrade.

RECOMMENDATIONS:

1. (Minor) Remove the redundant @pytest.mark.skipif from test_google_drive_tool_invocation.
2. (Minor) Add a Dockerfile comment explaining why dnf module reset was dropped.
3. (Minor) Verify pip is resolvable inside the running container, or add a symlink.

Review generated by Claude Code using repository security standards and architectural conventions.

[github-actions]

Claude Code Review

Summary

PR 845 covers: dependency bumps (ambient-runner Python deps to latest, UBI 9 to 10, Python 3.11 to 3.12, Node 20 to 22); a new ClaudeAgentOptions Zod schema and React form (1,087 lines) matching claude-agent-sdk 0.1.48; integration behind the advanced-agent-options Unleash flag (default: off); and Python type-hint modernisation across ~15 files.

The dependency bumps and type-hint cleanup are clean. Two frontend issues are worth addressing before this ships.

---

Blocker Issues: None.

Critical Issues: None.

---

Major Issue 1 — options-form.tsx is 1,087 lines (5x the 200-line component limit)

• File: components/frontend/src/components/claude-agent-options/options-form.tsx
• Standard: frontend-development.md — Components under 200 lines
• Problem: The file bundles the top-level AgentOptionsFields export plus 10 private sub-components (Section, KeyValueEditor, StringListEditor, SystemPromptField, ThinkingField, SandboxField, McpServersEditor, HooksEditor, AgentsEditor, PluginsEditor, OutputFormatField). This makes future SDK-sync diffs hard to review.
• **Suggested fix: Split each sub-component into its own file under a _components/ sub-directory alongside the barrel export.

---

Major Issue 2 — agentOptions typed on the frontend with no corresponding backend change

• File: components/frontend/src/types/api/sessions.ts line 158
• Standard: Architecture — the session flow (User → Backend Creates CR → Operator Spawns Job) requires the backend to relay options to the runner.
• Problem: CreateAgenticSessionRequest.agentOptions is now part of the TypeScript API contract, but no Go change exists in components/backend/ to unmarshal the field, validate it, or write it into the AgenticSession CR spec. Go encoding/json silently discards unknown fields, so every submission will silently drop the user configuration unless the handler explicitly handles it.
• Suggested fix: Include the backend handler change in this PR (preferred), or add a code comment documenting which follow-up PR will add backend support and why the flag-off state keeps it safe in the interim.

---

Minor Issue 3 — Raw <label> HTML elements mixed with the imported Shadcn <Label>

• File: options-form.tsx lines ~475, ~849, ~921, ~925, ~1029
• Standard: frontend-development.md — Shadcn UI components only
• Problem: The file imports Label from @/components/ui/label but uses bare <label className="..."> in several sub-editors (SandboxField, McpServersEditor, AgentsEditor). The inconsistency is noticeable given <Label> is used correctly elsewhere in the same file.
• **Suggested fix: Replace bare <label> with <Label> throughout.

---

Minor Issue 4 — Array index used as key prop in all list editors

• File: options-form.tsx — KeyValueEditor ~line 152, StringListEditor ~line 203, HooksEditor ~line 978, PluginsEditor ~line 1047
• Problem: key={i} causes React to reuse DOM nodes incorrectly when items are deleted from the middle of a list. For KeyValueEditor this can produce stale input values after a deletion.
• Suggested fix: For key-value maps use the key string itself (key={k}). For ordered lists, attach a stable ID on addItem() and store { id, value } pairs internally.

---

Positive Highlights

• Thorough Zod schema with discriminated unions (thinkingConfigSchema, mcpServerFormConfigSchema, systemPromptSchema) that closely mirror the SDK types. Omitting non-serialisable callback fields is the right call.
• Feature-flag gate defaults off — useFlag("advanced-agent-options") ?? false ensures nothing user-facing changes until the flag is enabled in Unleash.
• Dual-form architecture: a separate useForm<ClaudeAgentOptionsForm> with its own trigger() + getValues() cleanly validates and merges agent options without forcing two large schemas together.
• Python type-hint modernisation (Optional[X] to X | None, List[X] to list[X], Dict to dict) applied uniformly across 15+ runner files.
• Dockerfile improvements: removing commented-out Playwright scaffolding, adding npm cache clean --force, and stripping python3-devel post-install all reduce final image size.
• type used consistently over interface throughout all new TypeScript code. No any types introduced.

---

Recommendations

1. (Before merge) Split options-form.tsx into per-section files under _components/ — mechanical split, makes future SDK-sync diffs much more readable.
2. (Before merge or immediately after) Add the Go handler for agentOptions, or add a TODO comment linking to the follow-up issue so the silent-drop risk is explicitly acknowledged.
3. (Follow-up) Replace bare <label> with Shadcn <Label> for consistency.
4. (Follow-up) Swap index keys for stable IDs in list editors to prevent stale-input bugs on mid-list deletions.

[jeremyeder]

Session Summary

What was done

1. Bumped all ambient-runner deps to latest PyPI versions (claude-agent-sdk 0.1.48, anthropic 0.55.0, mcp 1.9.2, etc.)
2. Upgraded base images — UBI 9→10, Python 3.11→3.12, Node.js 20→22
3. Created claude-agent-options/ — Zod schema + React form (12 collapsible sections) matching SDK 0.1.48 types
4. Integrated into create-session-dialog behind advanced-agent-options Unleash flag (default off)
5. Added agentOptions to CreateAgenticSessionRequest type
6. Refined UPDATE_PROCEDURE.md — form sync steps, 4-phase automation strategy (Skill → Scheduled Sessions → Subagents → CI)
7. Ran code review (amber.review) and fixed all findings (form context mismatch, validation bypass, type imports)
8. Pre-commit hooks all pass

Key decisions

• Dual-form architecture avoids merging schemas with the existing session form
• model/fallback_model excluded from agent options (already in main form's model selector)
• Unleash flags tagged scope: workspace auto-appear in workspace admin — no frontend registration needed
• McpFormServer uses manual wider type (not z.infer) for cross-field editor access

[github-actions]

test

[github-actions]

Claude Code Review

Summary

This PR bundles three changes: UBI9 to UBI10 / Python 3.11 to 3.12 / Node 20 to 22 runtime upgrades, dependency bumps across the ambient-runner, and a new ClaudeAgentOptions form (12 collapsible sections, Zod schema, Unleash flag gate). The infrastructure upgrades are clean. The frontend form work is architecturally sound and well-guarded behind a feature flag, but has a few correctness bugs and one guideline violation worth fixing before merge.

Issues by Severity

BLOCKERS: None. CRITICAL: None.

MAJOR ISSUES

1. options-form.tsx exceeds the 200-line component limit (482 lines)

File: components/frontend/src/components/claude-agent-options/options-form.tsx

Problem: Single AgentOptionsFields render function at 482 lines. The frontend guidelines require components under 200 lines (frontend-development.md pre-commit checklist). The prior commit cbddef9 already split sub-components out, but the orchestrating form is still well over the limit.

Fix: Split the 12 sections into individual section components (CoreSection, ToolsSection, McpSection, SandboxSection, etc.) under _components/. The existing Section wrapper makes this a clean refactor.

2. KeyValueEditor: silent key collision when user clicks Add multiple times

File: components/frontend/src/components/claude-agent-options/_components/key-value-editor.tsx:191

Problem: addEntry always inserts with an empty string key. Clicking Add twice without changing the first key silently overwrites the first entry -- items are lost with no warning. Current code: const addEntry = () => onChange({ ...value, empty-string-key: empty-string-value });

Fix: Use a unique placeholder key driven by a useRef counter -- the same pattern already used in StringListEditor.

3. AgentsEditor: key collision after remove-then-add cycle

File: components/frontend/src/components/claude-agent-options/_components/agents-editor.tsx:52

Problem: New agents are keyed agent-(entries.length + 1). If a user adds agent-1 and agent-2 (length=2), removes agent-1 (length=1), then adds again, the key becomes agent-2 -- silently overwriting the existing agent-2.

Fix: Use a useRef counter (like PluginsEditor does) and find the next unused agent-N key instead of deriving from entries.length.

MINOR ISSUES

4. Unsafe type cast in McpServersEditor silences a null/string mismatch

File: components/frontend/src/components/claude-agent-options/_components/mcp-servers-editor.tsx (env and headers onChange callbacks)

Problem: KeyValueEditor onChange returns Record<string, string | null> but the cast to Record<string, string> discards null. A user who clears a value sends null silently cast away, which could produce an invalid MCP server config.

Fix: Filter null entries via Object.entries(e).filter(([, v]) => v !== null) before spreading into updateServer.

5. SandboxField: update helper typed as Record<string, unknown> bypasses type safety

File: components/frontend/src/components/claude-agent-options/_components/sandbox-field.tsx:481

Problem: The update function accepts patch: Record<string, unknown> and merges blindly into field value, bypassing the sandboxSettingsSchema shape at the TypeScript level. Zod catches issues at submit, but errors are hidden earlier.

Fix: Type patch as Partial<z.infer>.

6. agentOptionsForm.getValues() skips Zod output defaults

File: components/frontend/src/components/create-session-dialog.tsx:162

Problem: getValues() returns raw z.input form state, not z.output after .default() transforms. Fields with .default([]) or .default({}) may arrive as undefined in the payload rather than their defaults. Low-risk today since the backend drops the field (per the TODO comment). When backend support lands, use claudeAgentOptionsSchema.parse(agentOptionsForm.getValues()) to get the fully-defaulted output.

7. Unnecessary export on McpFormServer type

File: components/frontend/src/components/claude-agent-options/_components/mcp-servers-editor.tsx:268

Problem: McpFormServer is exported but appears to only be used internally within the claude-agent-options feature folder. Remove export unless there are other consumers.

Positive Highlights

• Zero any types throughout. All new TypeScript uses z.infer<>, Record<string, unknown>, or explicit union types -- fully compliant with the zero-any rule.
• Shadcn UI used exclusively. Every interactive element (Button, Input, Label, Textarea, Select, Switch, Checkbox, Collapsible) comes from @/components/ui/*.
• Feature flag gating is correct. The advanced-agent-options Unleash flag defaults to off, making the unimplemented backend path completely safe. TODO comments in type definitions are clear and actionable.
• Zod schema is comprehensive. URL validation on MCP server configs, integer bounds on budget_tokens and max_buffer_size, discriminated unions for ThinkingConfig and mcpServerFormConfigSchema -- exactly what the standards require at system boundaries.
• useRef-based stable key tracking in StringListEditor, PluginsEditor, and HooksEditor is idiomatic React and avoids remount jank on item removal.
• Python 3.12 type annotation modernization (X | None over Optional[X], built-in generics) is clean and correct.
• Dockerfile image pinned to digest -- good supply-chain hygiene for the UBI10 base.
• Commented-out Playwright dead code removed -- keeps the Dockerfile readable.

Recommendations

1. Fix key collision bugs (issues 2 and 3) before merge -- these cause silent data loss that is hard to reproduce and diagnose.
2. Break up options-form.tsx (issue 1) -- clearest guideline violation; the Section-based architecture already makes the split mechanical.
3. Address the type cast in MCP servers (issue 4) -- null env values can produce invalid server config at submit time.
4. Defer issues 5-7 to a follow-up -- low-risk while the flag is off.

🤖 Reviewed with Claude Code

[github-actions]

test

[github-actions]

Claude Code Review

Summary

PR 845 combines three distinct things: (1) a Python/Node/base-image upgrade with type-hint modernization across the runner, (2) a net-new ClaudeAgentOptions form backed by a comprehensive Zod schema, and (3) integration of that form into the create-session dialog behind an Unleash flag. The runner changes are clean and low-risk. The frontend work follows project patterns well (Shadcn UI, type over interface, colocated components, no any types) but contains one confirmed data-loss bug in KeyValueEditor and two other issues worth fixing before the flag is enabled.

---

Blocker Issues: None

---

Critical Issues

1. KeyValueEditor — adding multiple entries produces only one entry

File: components/frontend/src/components/claude-agent-options/_components/key-value-editor.tsx, line 191

Every new entry is keyed with an empty string. Because value is Record, calling addEntry twice overwrites the first entry — the second call is a no-op. The user sees two rows appear (via local refs) but the actual record holds only one entry. MCP server env, extra_args, and custom headers are silently truncated.

Fix: generate a unique placeholder key per call, same as the agent/server name pattern used in other editors in the same PR (e.g. agent-1, server-1).

---

Major Issues

1. Unsafe casts in McpServersEditor

File: components/frontend/src/components/claude-agent-options/_components/mcp-servers-editor.tsx, lines 325 and 333

KeyValueEditor types its value as Record<string, string|null>. The two cast sites (env and headers) discard null safety. A null value serialised to JSON becomes the string null or is silently omitted — neither is correct for MCP server config. Fix: filter null values via Object.fromEntries with a type-guard before assigning to env/headers.

2. agentOptions field is silently dropped by the backend

Files: components/frontend/src/types/agentic-session.ts line 1678, types/api/sessions.ts line 1693

The existing TODO comments acknowledge: Go encoding/json silently drops it. Safe while the flag defaults to off. Every submission from an enabled flag sends data that is immediately discarded with no error. Acceptable only while the flag stays off, but the tech debt needs explicit tracking. Recommendation: add a GitHub issue link in the TODO comment, and confirm the flag default-off state is enforced at the Unleash level (not just in code).

3. permission_prompt_tool_name in schema has no form field

File: components/frontend/src/components/claude-agent-options/schema.ts, line 1526

This field appears in claudeAgentOptionsSchema but is not rendered anywhere in the form. It will always be undefined. Either add a form field in the Advanced section, or remove it from the schema with a comment explaining the exclusion (as done for non-serialisable fields in UPDATE_PROCEDURE.md).

---

Minor Issues

1. options-form.tsx is 482 lines, exceeding the 200-line component guideline in frontend-development.md. Consider grouping sections into sub-components (CoreSection, SessionSection, EnvironmentSection).

2. dnf module reset removed before Node.js 22 install. File: components/runners/ambient-runner/Dockerfile, line 1744. The previous Dockerfile ran dnf module reset -y nodejs before the enable step. The new version omits the reset. Adding it back is defensive correctness in case the base image ships a default nodejs stream.

3. workspace-mcp bumped from 1.6.1 to 1.14.2 (8 minor versions) but the test plan only mentions MCP integrations generically. The Google Workspace/Drive path should be exercised explicitly before merge.

---

Positive Highlights

• Comprehensive Zod schema: schema.ts covers all SDK types with discriminated unions for MCP server transport, thinking config, and system prompt variants. Using z.input as the form type is exactly right for default-bearing schemas.
• Python type-hint modernisation is consistent and complete — every touched file correctly replaces Optional/List/Dict with the Python 3.10+ union syntax across the entire runner codebase.
• Feature flag gating via useFlag is the right pattern; the form is hidden and validation is skipped when the flag is off.
• The Section collapsible component using Shadcn Collapsible is clean and reusable. Defaulting all sections except Agent Options to closed is good UX for a form of this density.
• Stable key strategy with useRef counters in StringListEditor, PluginsEditor, and HooksEditor correctly avoids React key collisions on array reorder/delete.
• UPDATE_PROCEDURE.md is a genuinely useful operational document. The automation phasing (Claude Code skill to scheduled sessions to subagents to CI) aligns directly with the platform's own agentic capabilities.

---

Recommendations

1. Fix the KeyValueEditor empty-key bug before enabling the flag — this silently corrupts MCP server env-vars and extra_args.
2. Fix the null-to-string casts in McpServersEditor.
3. Resolve or document the permission_prompt_tool_name omission.
4. Track the backend TODO with a linked issue; confirm the flag stays off in Unleash until the backend handler lands.
5. Add dnf module reset defensively to the Node.js install step.

Reviewed by Claude Code (amber.review)

[github-actions]

Claude Code Review

Summary

This PR bundles three distinct changes: a runtime dependency + base-image upgrade (UBI 9 to UBI 10, Python 3.11 to 3.12), a large new ClaudeAgentOptions form behind an Unleash feature flag, and Python modernisation. The dependency upgrades are straightforward. The feature-flag gate is the right call for incomplete work. The main concerns are a single oversized component, a half-wired backend field, and a type-duplication issue.

---

Blocker Issues: None.

Critical Issues: None.

---

Major Issues

M1 — options-form.tsx exceeds the 200-line limit by 2.4x

File: components/frontend/src/components/claude-agent-options/options-form.tsx (482 lines)

Frontend standards require components under 200 lines (.claude/context/frontend-development.md pre-commit checklist). AgentOptionsFields at 482 lines is more than double the limit. Each Section block is already extracted as its own sub-component; the form orchestrator should follow the same pattern, trimmed to ~100 lines that wire the 12 Section blocks together and delegate all field rendering to those sub-components.

M2 — agentOptions field is sent to the backend but not consumed (silent data loss)

Files: components/frontend/src/types/agentic-session.ts:199, components/frontend/src/types/api/sessions.ts:133

Both files carry a TODO acknowledging that the backend Go handler does not yet unmarshal or persist agentOptions. Users who enable the advanced-agent-options flag will see their settings silently dropped on every session create. The feature flag keeps users safe for now, but this should either (a) include the backend CR spec update and handler wiring in this PR, or (b) be tracked as a concrete follow-up issue so the work does not slip.

M3 — Duplicate CreateAgenticSessionRequest type definition

Files: components/frontend/src/types/agentic-session.ts:196, components/frontend/src/types/api/sessions.ts:130

Both files define CreateAgenticSessionRequest (including the newly added agentOptions field) and both were updated in this PR. Extending both simultaneously is the right moment to consolidate. A future divergence will cause silent request-shape mismatches. Suggested fix: re-export one from the other, or pick a single canonical location.

---

Minor Issues

m4 — OutputFormatField local state does not sync on external form reset

File: components/frontend/src/components/claude-agent-options/_components/output-format-field.tsx:24

rawJson is initialised from value once at mount via useState. When agentOptionsForm.reset() is called on dialog close, field.value changes but rawJson does not, leaving stale JSON visible when the dialog reopens next time. Fix: add a useEffect keyed on value to sync rawJson.

m5 — MCP server name key can collide after delete-then-add

File: components/frontend/src/components/claude-agent-options/_components/mcp-servers-editor.tsx:33

addServer uses server-(entries.length+1) as the key. With [server-1, server-2], deleting server-1 then clicking Add produces key server-2, silently overwriting the existing entry. Fix: use a useRef counter or Date.now() instead of entries.length.

m6 — workspace-mcp version jump (1.6.1 to 1.14.2) should be verified

Files: .mcp.json line 20 (1.6.1 to 1.14.2), pyproject.toml (>=0.10.0 to >=0.11.0). An 8 minor-version jump in the pinned reference — the changelog should be reviewed for breaking changes to the drive tool interface before merging, as this underpins the Google Drive integration.

---

Positive Highlights

• Feature flag gate is well-implemented: useFlag("advanced-agent-options") ?? false guards all new form code, new functionality is safely off by default, and agentOptionsForm.reset() is correctly called on dialog close.
• Excellent Zod schema design: claudeAgentOptionsSchema uses discriminated unions for MCP server types (stdio/sse/http) and thinking config (adaptive/enabled/disabled), closely matching the SDK type shapes.
• Zero any types in all new TypeScript: every new type uses proper Zod-inferred types, unknown, or named types; McpFormServer and ClaudeAgentOptionsForm are correctly typed with type (not interface).
• Shadcn UI components used exclusively: Button, Input, Textarea, Select, Switch, Checkbox, Label — no custom primitives.
• Form validation before data extraction: agentOptionsForm.trigger() is called before agentOptionsForm.getValues(), ensuring Zod validation runs even though getValues() bypasses the resolver.
• Dockerfile cleanup is excellent: removes 39 lines of commented-out Playwright scaffolding, consolidates DNF layers, adds npm cache clean, removes python3-devel post-install, correctly uses --break-system-packages for RHEL 10.
• Python modernisation is clean: Optional[X] to X | None and Dict[str, X] to dict[str, X] across all runner modules, correct for Python 3.12.

---

Recommendations

1. Prioritize backend wiring (M2): land it in this PR or open a tracked issue before the flag is enabled.
2. Split options-form.tsx (M1): extract each Section block into its own component file to stay under 200 lines.
3. Consolidate the duplicate type (M3): single canonical location for CreateAgenticSessionRequest.
4. Fix OutputFormatField stale state (m4): useEffect keyed on value to sync rawJson on reset.
5. Fix MCP server key generation (m5): useRef counter instead of entries.length.
6. Verify workspace-mcp 1.6.1 to 1.14.2 changelog (m6): large jump for the Google Drive integration.

Reviewed by Claude Code

[github-actions]

test

[github-actions]

test comment from review bot

[github-actions]

Claude Code Review

Summary

This PR delivers a well-scoped dependency maintenance release: bumping all Python runner dependencies to latest, upgrading the base image from UBI 9 to UBI 10 (Python 3.11 to 3.12, Node.js 20 to 22), modernizing Python type annotations to 3.10+ built-in style, and adding a new ClaudeAgentOptions form gated safely behind an Unleash feature flag. Security posture and architectural conventions are respected throughout. No blockers or critical issues found.

---

Blocker Issues: None

Critical Issues: None

---

Major Issue 1 — Agent options validation errors invisible when sections are collapsed

File: components/frontend/src/components/create-session-dialog.tsx (lines ~140-148)

agentOptionsForm.trigger() blocks submission on invalid fields, but Collapsible sections do not auto-expand on failure. Only the first section has defaultOpen; the rest start closed. A user who enters an invalid value in a collapsed section is silently blocked with no visible feedback.

Violates: frontend-development.md — 'Loading and error states handled.'

Suggested fix: Propagate a hasErrors prop to each Section and expand it when truthy, or render a summary error alert above the collapsible listing which sections have errors.

---

Major Issue 2 — Test assertion weakened without explanation

File: components/runners/ambient-runner/tests/test_e2e_api.py (line ~402)

The assertion assert "ghost-thread" in data["detail"] was removed, leaving only assert "detail" in data. The removed line verified that the interrupted thread ID appeared in the error message. Without it the test passes even for a completely wrong error response. A comment explaining why it was dropped would prevent this from reading as a regression.

Violates: error-handling.md — 'Errors logged with context'; Testing axis — 'Adequate coverage.'

---

Minor Issues

1. pip3 install --break-system-packages is used in the Dockerfile (~lines 19, 31) without a comment. UBI 10 requires this due to PEP 668 — a one-liner explaining this would prevent future churn.

2. KeyValueEditor.addEntry spreads into a Record with an empty-string key, silently overwriting any prior empty-string key when Add is pressed multiple times (_components/key-value-editor.tsx line ~26).

3. HooksEditor uses a dual-useRef pattern (nextId + idsMap) for stable list keys that is harder to follow than a simple counter stored alongside the data (_components/hooks-editor.tsx lines ~17-27).

4. CreateAgenticSessionRequest is defined in both types/agentic-session.ts and types/api/sessions.ts, both needing agentOptions added. Pre-existing duplication worth a follow-up consolidation.

---

Positive Highlights

• Python type annotation modernization is clean and comprehensive. Replacing Optional[X], Dict, List, Tuple imports with built-in PEP 604/585 equivalents across 15+ files is done consistently and correctly throughout.

• Unleash feature flag gate is correctly implemented. The advanced-agent-options flag defaults to off; agentOptions is only attached to the request when active; the form is completely hidden otherwise. The frontend never exposes the incomplete backend integration to users.

• Zod schema mirrors the SDK types faithfully. Discriminated unions (mcpServerFormConfigSchema, thinkingConfigSchema), enums (permissionModeSchema, effortSchema), and nested objects match claude-agent-sdk 0.1.48 types. Validation constraints (.min(), .url(), .int()) are applied throughout.

• All new UI uses Shadcn exclusively. Button, Input, Label, Textarea, Select, Switch, Checkbox — no custom primitives. Zero-tolerance policy respected.

• TODO comments on the backend gap are honest and actionable. Both type files document that agentOptions is silently dropped by Go today and reference the flag as the safety net.

• Base image pinned by SHA digest. Ensures reproducible builds after the major image upgrade.

---

Recommendations

1. (Before merge) Add error-state expansion to Section components so validation failures in collapsed sections are visible to users.
2. (Before merge) Restore or document the removed interrupt error assertion in test_e2e_api.py.
3. (Follow-up) Add a Dockerfile comment explaining --break-system-packages is required by PEP 668 on UBI 10.
4. (Follow-up) Fix KeyValueEditor.addEntry to avoid empty-key collisions.
5. (Follow-up) Consolidate the two CreateAgenticSessionRequest type definitions into a single shared location.

---

Reviewed by Claude Code (claude-sonnet-4-6)

[jeremyeder]

brings runner components up to date and adds all possible claude sdk options into an advanced agent options section on the new session modal.

[jeremyeder]

@Gkrumbach07 this is really nice - some options we might want to turn off. the CLI flags and using the claude code binary inside a session. that defeats the purpose of any controls

[cgwalters]

Randomly picking this pull request for some procedural feedback. IMO it's rather silly to go from having AI generate code (and hopefully pre-review it locally) to posting a PR to have the same model using the same rules re-review it again and post a gigantic markdown doc as a single comment.

A big immediate win here would be to change your review workflow to use the Github API which allows associating comments with particular lines (as other tools do like Gemini Code Review, Rabbit etc.).

I have this "skill" over here https://github.com/bootc-dev/agent-skills/tree/main/perform-forge-review which gives agents enough information to do this.

---

But even then, I kind of doubt any human reads all of the review here - it's just too much.

Personally the workflow I want to get to is where humans do review, assisted by AI. And in this case literally it could just boil down to a human seeing the automated review, they do some quick sanity checking and click approve on their own.

They can add as much or as little context into the PR as they want.

[ambient-code]

Review Queue — Blockers Found

Check	Status	Detail
CI	FAIL	---
Merge conflicts	FAIL	---
Review comments	FAIL	---
Jira hygiene	FAIL	---
Fork PR	FAIL	---
Staleness	FAIL	---

Action needed: Author needs to resolve merge conflicts

This comment is auto-generated by the Review Queue workflow and will be updated when the PR changes.