feat(code-mode): drop Lab action support

[jmagar]

Summary

• Removes lab::<service>.<action> ID support from Code Mode so code_search, code_schema, and code_execute operate on proxied upstream MCP tools only.
• Rejects lab:: IDs with a structured unknown_tool error and points agents to tool_execute for Lab actions.
• Drops Lab-action search/schema/execute plumbing, expose_builtin_services, and the Code Mode Lab-action authorization path while keeping upstream JSON Schema TypeScript bindings.
• Updates MCP/CLI descriptions and parser/tests for the upstream-only surface.

Bead: lab-elme3.1

Test plan

• cargo test -p labby --all-features code_mode -- --nocapture
• cargo test -p labby --all-features mcp::server -- --nocapture
• cargo test -p labby --all-features --test code_mode_runner -- --nocapture
• cargo check --manifest-path crates/lab/Cargo.toml --all-features
• cargo fmt --all -- --check
• cargo clippy --workspace --all-features -- -D warnings
• cargo test -p labby --lib --all-features -- --test-threads=1
• cargo test --workspace --all-features -- --test-threads=1
• Live Docker smoke: deployed labby 0.17.4, verified /health and /ready, confirmed code_search returns upstream ids only, confirmed code_schema id=lab::radarr.movie.search returns unknown_tool guidance, and ran code_execute 12-readonly plus chained fanout smokes successfully.

---

Summary by cubic

Drops Lab action IDs from Code Mode and removes code_schema. Code Mode now supports only upstream tools via code_search (JS-sandbox catalog filtering) and code_execute; any lab:: ID returns unknown_tool with a hint to use tool_execute.

• Refactors

  • Removed Lab-action code paths and lab:: ID parsing; only upstream::server::tool is supported.
  • Removed code_schema; docs and CLI help updated for code_search + code_execute only.
  • code_search runs constrained JS over an inlined catalog; 256KB soft cap and 512KB hard cap with stable pruning.
  • Added CodeModeConfig caps (max_response_bytes, max_response_tokens) and response envelope trimming.
  • New errors code_mode_timeout and code_mode_fuel_exhausted map to HTTP 504.
  • Optional code_mode_wasm via javy + wasmtime; added scripts/refresh-javy-plugin.sh.
  • Simplified surface to Mcp { allow_destructive_actions }; refreshed MCP descriptions.
  • Build/CI: Rust 1.92 MSRV, Docker installs libclang-dev for Code Mode builds, lighter release image, cargo-deny/license updates, test fixes.

• Migration

  • Use tool_execute for Lab actions instead of lab:: Code Mode IDs.
    • Example: tool_execute(name="radarr", arguments={action:"movie.search", params:{query:"Matrix"}}).
  • Use code_search to filter the upstream catalog, then pass returned upstream::server::tool IDs to code_execute. Remove any code_schema calls.

^{Written for commit ac5a374. Summary will update on new commits. Review in cubic}

Summary by CodeRabbit

• Breaking Changes

  • Code Mode now exclusively supports upstream MCP tools. Lab action requests will be rejected with an error directing users to use MCP tool execution instead.

• Documentation

  • Added implementation plan documenting the transition to upstream-only Code Mode support.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR completes the removal of Lab-action support from Code Mode, making it upstream-only. Tool ID parsing now rejects lab::... with unknown_tool errors, the broker's search and schema methods support only upstream tools, execution dispatch is simplified, and MCP/CLI integration points are adjusted. An implementation plan documents the task sequence.

Changes

Code Mode Lab-Action Removal

Layer / File(s)	Summary
Tool ID parsing rejection and error handling crates/lab/src/dispatch/gateway/code_mode.rs	CodeModeToolId::parse rejects lab::... IDs with unknown_tool error carrying LAB_ACTION_UNKNOWN_TOOL_HINT. CodeModeToolRef enum drops the LabAction variant. Error handler helper added for consistent rejection messaging.
CodeModeBroker search/schema refactoring crates/lab/src/dispatch/gateway/code_mode.rs	CodeModeSurface::Mcp removes expose_builtin_services field. search() depends only on gateway_manager and returns upstream candidates or empty list. schema() requires a configured gateway manager and routes only UpstreamTool schemas. Helper method signature updated to accept manager explicitly.
Execution dispatch and helper cleanup crates/lab/src/dispatch/gateway/code_mode.rs	call_tool_id simplified to dispatch only UpstreamTool calls. Lab-action dispatch logic removed. Deleted helpers for gateway visibility, action allowlisting, control parameter injection, and lab action input-schema generation. CodeModeSearchCandidate::lab_action constructor removed.
Test coverage for upstream-only behavior crates/lab/src/dispatch/gateway/code_mode.rs	New unit test asserts CodeModeToolId::parse rejects lab::... with unknown_tool. Async tests verify schema() rejects lab IDs, search() excludes lab candidates, and call_tool_id() rejects lab execution with unknown_tool. Test imports updated.
MCP server tool metadata updates crates/lab/src/mcp/server.rs	code_search, code_schema, and code_execute tool descriptions updated to reflect upstream-only support. Discovery targets proxied upstream MCP tools; schema resolution is for upstream tool IDs; confirm field is reserved/compatibility-only.
CLI gateway integration adjustments crates/lab/src/cli/gateway.rs	Imports updated. discover_upstreams logic simplified by removing built-in schema suppression. code_mode_schema_is_builtin helper removed. gateway list human formatting streamlined with simplified sort key and status text. CLI parser acceptance tests updated for upstream-only tool IDs and callTool payloads.

Implementation Plan Documentation

Layer / File(s)	Summary
Code Mode v2 drop lab-actions plan docs/superpowers/plans/2026-05-25-code-mode-v2-drop-lab-actions.md	Complete implementation plan from objectives through release verification, including task breakdown (audit, test-driven removal, schema/execute refactoring, field removal, tool descriptions, test updates, verification greps, release build, and PR checklist) with acceptance criteria self-review mapping.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• jmagar/lab#71: Directly related as it introduces Code Mode contract changes to crates/lab/src/dispatch/gateway/code_mode.rs that this PR refactors to drop lab-action support.
• jmagar/lab#72: Coordinated changes to Code Mode broker/CLI wiring in the same files, with this PR further tightening to upstream-only.

Poem

🐰 Lab actions fade into the upstream light,
Code Mode now speaks only MCP, pure and bright,
Broker and CLI bend to simplify,
Tests guard the schema as lab IDs die,
One tool to rule them all—upstream's delight! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 69.23% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The pull request title 'feat(code-mode): drop Lab action support' clearly and concisely summarizes the main change: removing Lab action support from Code Mode.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch code-mode-v2-drop-lab-actions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@crates/lab/src/dispatch/gateway/code_mode.rs`:
- Around line 1160-1180: The test code_search_returns_only_upstream_candidates
currently constructs CodeModeBroker with None so search short-circuits; update
the test to create and seed a real GatewayManager/pool and pass it into
CodeModeBroker::new instead of None (or otherwise ensure the broker is wired to
an upstream manager), call broker.search(...) as before, assert results is
non-empty, and add an assertion that at least one candidate.id
starts_with("upstream::") (while keeping the existing assertion that no id
starts_with("lab::")). Use the existing symbols CodeModeBroker::new,
broker.search, and the test function
code_search_returns_only_upstream_candidates to locate where to inject the
manager/pool setup.

In `@docs/superpowers/plans/2026-05-25-code-mode-v2-drop-lab-actions.md`:
- Line 19: The table row is broken by unescaped pipe characters in the inline
command text referencing CLI subcommands (gateway code search|schema|exec);
update the cell in the markdown so the pipes are escaped (e.g., replace | with
\|) or wrap the entire command text in a code span/backticks without raw |
characters, ensuring the reference to crates/lab/src/cli/gateway.rs and the CLI
subcommands (gateway code search, schema, exec) remains intact and the table
renders correctly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e0349e2d-3675-4444-9afe-1c9c5f9a851a

📥 Commits

Reviewing files that changed from the base of the PR and between d25a8af and 398e49b.

📒 Files selected for processing (5)

• crates/lab/src/cli/gateway.rs
• crates/lab/src/dispatch/gateway/code_mode.rs
• crates/lab/src/main.rs
• crates/lab/src/mcp/server.rs
• docs/superpowers/plans/2026-05-25-code-mode-v2-drop-lab-actions.md

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Exercise the upstream search path in this regression test.

Lines 1161-1172 construct CodeModeBroker with None, so search() exits with Ok(Vec::new()) before any candidate filtering runs. This will stay green even if lab:: results leak back in once a GatewayManager is configured. Seed a manager/pool here and assert at least one returned id is upstream::....

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/lab/src/dispatch/gateway/code_mode.rs` around lines 1160 - 1180, The
test code_search_returns_only_upstream_candidates currently constructs
CodeModeBroker with None so search short-circuits; update the test to create and
seed a real GatewayManager/pool and pass it into CodeModeBroker::new instead of
None (or otherwise ensure the broker is wired to an upstream manager), call
broker.search(...) as before, assert results is non-empty, and add an assertion
that at least one candidate.id starts_with("upstream::") (while keeping the
existing assertion that no id starts_with("lab::")). Use the existing symbols
CodeModeBroker::new, broker.search, and the test function
code_search_returns_only_upstream_candidates to locate where to inject the
manager/pool setup.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Fix broken table row caused by unescaped pipe characters.

The inline command text includes | separators, which creates extra table cells and breaks rendering. Escape the pipes or wrap the whole cell content in backticks without raw | characters.

🧰 Tools

🪛 markdownlint-cli2 (0.22.1)

[warning] 19-19: Table column count
Expected: 3; Actual: 5; Too many cells, extra data will be missing

(MD056, table-column-count)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/superpowers/plans/2026-05-25-code-mode-v2-drop-lab-actions.md` at line
19, The table row is broken by unescaped pipe characters in the inline command
text referencing CLI subcommands (gateway code search|schema|exec); update the
cell in the markdown so the pipes are escaped (e.g., replace | with \|) or wrap
the entire command text in a code span/backticks without raw | characters,
ensuring the reference to crates/lab/src/cli/gateway.rs and the CLI subcommands
(gateway code search, schema, exec) remains intact and the table renders
correctly.