Follow-ups from code review + FastMCP alignment (Phase 2)

[tony]

Summary

29 commits on 2026-04-follow-ups, addressed in two waves:

• Phase 1 (commits 1–12) — original code-review follow-ups: caller identity, observability, pane-tools split, doctest scoping, safety docs, plus four small follow-up cleanups.
• Phase 2 (commits 13–29) — FastMCP-alignment work derived from a multi-model brainstorm-and-refine analysis. Each commit is one coherent change; quality gate (ruff, mypy, pytest --reruns 0, just build-docs) ran green before each commit landed. Test count grew from 186 → 276 (+90 regression-guard tests).

Quality gate

$ uv run ruff check . --fix --show-fixes
$ uv run ruff format .
$ uv run mypy
$ uv run py.test --reruns 0 -vvv
$ just build-docs

--reruns 0 (overriding the project default of 2) was the standard for the entire 29-commit series, so flakes are surfaced not masked. The one timing-sensitive test that surfaced (test_wait_for_content_change_timeout) was stabilized in commit 13 with an active settle loop before any new feature work landed.

Phase 1 — original review follow-ups

#	Commit	Change
1	fix(caller-identity)	Parse TMUX env var; self-kill guards now compare the caller's socket path to the target server
2	refactor(imports)	Hoisted 16 inline from fastmcp.exceptions import ToolError to module level
3	feat(observability)	AuditMiddleware — one structured record per tool call, with redacted digests for keys / text / value
4	refactor(pane)	Split 1315-line pane_tools.py into a pane_tools/ package (io, wait, search, copy_mode, layout, lifecycle, pipe, meta). Backwards-compatible re-exports
5	docs(agents)	Scoped doctest policy to pure helpers; tmux-touching tools exempt
6	test(doctest)	Removed -p no:doctest, added --doctest-modules, seeded doctests on _redact_digest and _summarize_args
7	docs(safety)	Footguns section for pipe_pane / set_environment / send_keys; documented the audit log; docstring warnings surface via sphinx_autodoc_fastmcp
8	test(middleware)	Use real MiddlewareContext + CallToolRequestParams
9	style	Apply ruff format and drop dead mypy override
10	refactor(pane_tools[io])	Hoist subprocess and tempfile imports
11	refactor(pane_tools[wait])	Hoist time and retry_until imports
12	docs(_utils)	Align _caller_is_on_server docstring with code

Phase 2 — FastMCP alignment

Driven by a multi-model brainstorm session (Claude × 3 / Gemini × 3 / GPT × 3, three refinement passes) that audited libtmux-mcp against FastMCP, libtmux, and tmux. The session produced a 17-commit plan with explicit priority tiers (P1–P3) and four "deliberately not recommended" items.

Quality gate precursor

13. test(pane_tools[wait]): stabilize test_wait_for_content_change_timeout under --reruns=0
    Active 3-streak settle loop replaces a fixed sleep so zsh async hooks (vcs_info, git prompt) don't trip the no-change assertion. Lets the rest of the series run under the strict gate without flake masking.

PR group A — Preconditions (correctness fixes)

14. mcp(fix[_utils,annotations]): ANNOTATIONS_SHELL for open-world shell tools
    send_keys, paste_text, pipe_pane were sharing ANNOTATIONS_CREATE which set openWorldHint=False. Lying to MCP clients. Fix is a new preset, not a global flip — same shared dict is also used by create_session/create_window/split_window/swap_pane/enter_copy_mode, none of which are open-world.

15. mcp(docs[server,instructions]): surface display_message, snapshot_pane, wait_for_* in _BASE_INSTRUCTIONS
    The most token-efficient read tools were never named in the agent-facing instructions, so agents defaulted to capture_pane retry loops.

16. mcp(fix[pane_tools/io]): bound capture_pane with max_lines and in-band tail-preserving truncation
    Default max_lines=500. Prefix "[... truncated K lines ...]\n" when trimmed. max_lines=None opts out for callers that genuinely need full scrollback. Tail-preserving because the active prompt lives at the bottom.

17. mcp(fix[pane_tools/meta,models]): bound snapshot_pane with max_lines and typed content_truncated fields
    Same semantics as docs: restore prompt admonition styling and rebuild copy buttons after gp-sphinx SPA swap #16 but surfaced via two new PaneSnapshot fields (content_truncated: bool, content_truncated_lines: int) rather than an in-band header — PaneSnapshot is already a Pydantic model so the typed channel is the cleaner shape.

18. mcp(fix[pane_tools/search,models]): paginate search_panes via SearchPanesResult wrapper
    Breaking change: list[PaneContentMatch] → SearchPanesResult with matches, truncated, truncated_panes, total_panes_matched, offset, limit. Per-pane cap on matched_lines plus pane-level pagination so truncation doesn't mean permanent blindness to later matches.

PR group B — Context + wait-for

19. mcp(refactor[_utils]): add handle_tool_errors_async for Context-using tools
    Prerequisite for #20. Sync handle_tool_errors is unchanged; async variant funnels through the same exception-to-ToolError mapping table.

20. mcp(feat[pane_tools/wait]): Context.report_progress in wait_for_text and wait_for_content_change
    Both wait tools converted to async def with a ctx: Context | None parameter. Replaces retry_until with an explicit asyncio loop that emits progress on every tick. No elicit — FastMCP 3.1 has no first-class elicitation capability check (capabilities.sampling is the wrong predicate; it would hang headless CI agents).

21. mcp(feat[wait_for_tools]): tmux wait-for channel tools with bounded timeout
    New wait_for_channel(channel, timeout=30.0) and signal_channel(channel). subprocess.run(timeout=…) is mandatory — tmux wait-for blocks indefinitely at the OS level. Tool docstring teaches the safe status=$?; tmux wait-for -S done; exit $status composition pattern so a crashed shell command doesn't pay the full timeout penalty.

PR group C — Structured outputs + resources

22. mcp(test[tools]): regression-guard read-heavy tools against str-return drift
    Audit found get_pane_info / get_server_info / list_* / snapshot_pane already return Pydantic models. New regression tests pin that so a future refactor can't silently drop the MCP outputSchema by flattening one back to str.

23. mcp(refactor[resources/hierarchy]): declare mime_type on all hierarchy resources
    Five JSON resources get mime_type="application/json"; get_pane_content gets mime_type="text/plain". (FastMCP requires resources to return str | bytes | list[ResourceContent], so the json.dumps payload stays — but clients now see the correct MIME tag.)

PR group D — New tool families

24. mcp(feat[buffer_tools]): agent-namespaced paste buffers with UUID nonce
    load_buffer / paste_buffer / show_buffer / delete_buffer. Every call allocates libtmux_mcp_<uuid4hex>_<logical> so concurrent agents (or parallel tool calls) cannot collide on the server-global buffer namespace. list_buffers is intentionally NOT exposed — OS clipboard sync into tmux buffers makes a generic enumeration a privacy footgun. _SENSITIVE_ARG_NAMES extended for content.

25. mcp(feat[hook_tools]): read-only show_hook and show_hooks
    Wraps libtmux's HooksMixin.show_hook/show_hooks with a HookListResult model that flattens scalar / dict / SparseArray shapes. Write-hooks (set_hook/unset_hook) are deferred indefinitely — FastMCP lifespan teardown does not run on kill -9/OOM/C-extension fault, so any soft cleanup registry would leak agent-installed shell hooks into the user's persistent tmux server. The module docstring documents this and names three future paths.

26. mcp(feat[prompts]): narrow prompts module with PromptsAsTools fallback
    Four prompts (run_and_wait, diagnose_failing_pane, build_dev_workspace, interrupt_gracefully) — the canonical recipes from docs/topics/prompting.md, encoded as protocol-level prompts. LIBTMUX_MCP_PROMPTS_AS_TOOLS=1 env-gates the PromptsAsTools transform for tool-only clients.

PR group E — Middleware + lifespan

27. mcp(feat[middleware]): TailPreservingResponseLimitingMiddleware subclass
    FastMCP's stock ResponseLimitingMiddleware truncates the tail of oversized responses, which destroys the active shell prompt for terminal scrollback. Subclassed to drop the head and prefix the same [... truncated K bytes ...]\n header the per-tool caps use. max_size=50_000 (strictly above per-tool caps so it's a backstop, not a primary cap), scoped to capture_pane / search_panes / snapshot_pane.

28. mcp(feat[middleware,server]): add TimingMiddleware and ErrorHandlingMiddleware
    Stack order pinned by test: Timing → TailPreservingResponseLimiting → ErrorHandling(transform_errors=True) → Safety → Audit. ErrorHandlingMiddleware(transform_errors=True) maps ResourceError from resources/hierarchy.py to MCP code -32002.

29. mcp(feat[server,_utils]): FastMCP lifespan with tmux presence check and cache cleanup
    shutil.which("tmux") probe at startup converts a missing-tmux failure from a confusing post-handshake TmuxCommandNotFound into a clean cold-start RuntimeError. Clears _server_cache on graceful shutdown (SIGTERM/SIGINT only — by design, not relied on for any invariant that must survive hard crashes; see commit 25's docstring).

Deliberately NOT in this PR

Each was considered in the brainstorm and explicitly rejected with reasoning documented in the relevant module's docstring:

• Write-hooks (set_hook/unset_hook). Three future paths documented in hook_tools.py module docstring; none in scope here.
• Control mode (tmux -C event bridge). Per-byte %output events across all panes would firehose Python's asyncio loop and starve MCP protocol handlers. If pursued later, must start from refresh-client -B per-subscription with bounded queue + per-pane rate limit, not blanket attach.
• ctx.elicit for destructive-tool confirmation. No reliable client-capability check exists in FastMCP 3.1; capabilities.sampling is the wrong predicate (it describes server→client LLM requests, not human UI). Tier gate + self-kill guards remain the hard boundary.
• Generic list_buffers. OS clipboard sync makes it a privacy footgun.
• ResponseCachingMiddleware, RateLimitingMiddleware, ctx.sample, HTTP transport, MCPB bundling. Architectural mis-fits; rejected in the brainstorm.

Diff size

40 files changed, 4870 insertions(+), 1438 deletions(-)
276 tests pass under --reruns 0

Test plan

• uv run ruff check . — clean
• uv run ruff format --check . — clean
• uv run mypy — clean
• uv run py.test --reruns 0 -vvv — 276/276 pass
• just build-docs — succeeded
• Each Phase-2 commit independently passes the same 5-step gate (verified by enforcing it before every commit landed)
• Manual: start the server with tmux temporarily renamed on PATH; confirm clean cold-start RuntimeError from the lifespan probe
• Manual: mcp__libtmux__capture_pane against a >50 KB scrollback pane with max_lines=None; confirm TailPreservingResponseLimitingMiddleware truncates the head, preserves the tail, prefixes the header
• Manual: mcp__libtmux__search_panes with offset/limit pagination across multiple matching panes
• Manual: wait_for_channel + signal_channel end-to-end in a real tmux session
• Manual: LIBTMUX_MCP_PROMPTS_AS_TOOLS=1 and confirm prompts appear in the tool list
• Manual: trigger a resource error (invalid session name on get_session); confirm MCP error code -32002 from ErrorHandlingMiddleware

Notes for reviewers

• Phase 1 review remains unchanged; the original Summary section above (now folded into the table) covers commits 1–7 and the four follow-up cleanups (8–12).
• Phase 2 was driven by a written plan at /home/d/.claude/plans/memoized-pondering-sparkle.md (local artifact, not committed). Each commit body cites the brainstorm finding it acts on.
• Natural cut points if the PR needs to be split for review: A (commits 13–18), B (19–21), C (22–23), D (24–26), E (27–29). Every commit independently passes the quality gate, so reverts inside any group are clean.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 88.77551% with 99 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.18%. Comparing base (65e9ad4) to head (8c76b87).

Files with missing lines	Patch %	Lines
src/libtmux_mcp/_utils.py	84.34%	11 Missing and 7 partials ⚠️
src/libtmux_mcp/tools/server_tools.py	75.38%	15 Missing and 1 partial ⚠️
src/libtmux_mcp/tools/hook_tools.py	81.35%	8 Missing and 3 partials ⚠️
src/libtmux_mcp/tools/wait_for_tools.py	72.50%	11 Missing ⚠️
src/libtmux_mcp/tools/buffer_tools.py	89.01%	8 Missing and 2 partials ⚠️
src/libtmux_mcp/tools/pane_tools/io.py	86.20%	7 Missing and 1 partial ⚠️
src/libtmux_mcp/tools/pane_tools/layout.py	85.71%	4 Missing and 4 partials ⚠️
src/libtmux_mcp/middleware.py	90.47%	3 Missing and 3 partials ⚠️
src/libtmux_mcp/tools/pane_tools/lifecycle.py	86.36%	2 Missing and 1 partial ⚠️
src/libtmux_mcp/server.py	92.59%	2 Missing ⚠️
... and 3 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #15      +/-   ##
==========================================
+ Coverage   82.90%   86.18%   +3.27%     
==========================================
  Files          17       30      +13     
  Lines         983     1513     +530     
  Branches      110      182      +72     
==========================================
+ Hits          815     1304     +489     
- Misses        122      155      +33     
- Partials       46       54       +8     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[tony]

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

🤖 Generated with Claude Code

_{- If this code review was useful, please react with 👍. Otherwise, react with 👎.}