fix(kiro): run kiro-cli through a PTY so usage loads (fixes #1619)

[sf-jin-ku]

Summary

Kiro usage fails with "Kiro CLI timed out." on kiro-cli 2.8.1, even though the same commands return in seconds from a terminal. Fixes #1619.

Root cause: kiro-cli (an Amazon Q Developer CLI fork) performs terminal setup on startup and emits no output at all when launched without a controlling terminal. The probe ran whoami, chat --no-interactive /usage, and chat --no-interactive /context over plain pipes (SpawnedProcessGroup). In a GUI process there is no TTY, so every command blocks producing zero bytes and the probe hits its 20s deadline.

This is purely a TTY-presence problem — independent of PATH/HOME/env. Reproduced via posix_spawn with a minimal environment; the binary only produces output when a controlling terminal is present.

Fix: route every kiro-cli invocation through TTYCommandRunner (PTY), exactly like the Codex (/status) and Claude status probes already do. The existing parser handles the PTY output unchanged.

Why #1619 was still broken after #1627

#1627 only made /usage return independently of the slow optional whoami account probe, on the theory that the account probe was blocking the fetch. As its author noted on the PR, it could not be validated because that machine had no kiro-cli installed. The real cause is that all kiro-cli commands (including whoami and /usage themselves) emit nothing over a bare pipe — so the timeout persisted on 2.8.1 on main.

Changes

• KiroStatusProbe: add runViaPTY(...) and point ensureLoggedIn / runUsageCommand / fetchContextUsage at it; map TTYCommandRunner errors to the existing KiroStatusProbeError cases.
• Remove the now-unused isUsageOutputComplete helper.
• The pipe-based runCommand / SpawnedProcessGroup are left untouched (still covered by their own run command* tests). They are now production-unused and can be removed in a separate cleanup PR.
• KiroStatusProbeTests: the fetch ... inherited pipes open test asserted pipe-holder cleanup that the PTY runner does not perform (and does not need — real kiro-cli cleans up under the PTY). Reframed it as "returns promptly when usage helper spawns a detached child"; the pipe-holder-kill capability is still directly covered by run command kills a pipe holder that escapes the process group.

Verification

Commands run:

• swift test --filter KiroStatusProbeTests — 40 passed
• make check — 0 violations, 0 serious (1180 files)
• Live KiroStatusProbe().fetch() (real kiro-cli 2.8.1): returns in ~3-4s with full data, 0 residual processes across repeated runs.
• Built and relaunched the packaged app (no TTY): the widget snapshot updated with real Kiro usage (usedPercent: 100, resetsAt: 2026-07-01) instead of the timeout error.

🤖 Generated with Claude Code

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 24, 2026, 3:46 PM ET / 19:46 UTC.

Summary
The PR reroutes Kiro whoami, /usage, and /context through TTYCommandRunner, rejects markerless whoami output, and adjusts one Kiro process test.

Reproducibility: yes. from source and contributor live proof. Current main uses pipe-backed Kiro whoami, /usage, and /context, while the PR body reports real kiro-cli 2.8.1 only emits output with a controlling terminal; I did not run live provider probes because AGENTS.md says not to without explicit request.

Review metrics: 2 noteworthy metrics.

• Changed files: 2 modified. The diff is tightly scoped to the Kiro probe and its focused test.
• Kiro invocations moved: 3 production calls. whoami, /usage, and /context all move from pipe-backed process launch to PTY transport, which is the merge-relevant behavior change.

Root-cause cluster
Relationship: fixed_by_candidate
Canonical: #1619
Summary: This PR is a candidate fix for the linked Kiro 2.8.1 no-TTY timeout report; the earlier merged account-probe PR only partially overlaps.

Members:

• canonical: Kiro provider times out with kiro-cli 2.8.1, while /usage returns in 4s #1619 - The PR uses closing syntax for the Kiro timeout report and changes the same provider CLI invocation path.
• partial_overlap: Fix Kiro usage when account probe times out #1627 - The merged PR addressed account-probe timeout behavior but did not move Kiro CLI invocations from pipes to PTY.

Proposal only: this assessment does not dispatch repair, suppress jobs, mutate sibling items, close, or merge anything.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none.

Risk before merge

• [P1] TTYCommandRunner returns captured text but not child exit status, so non-login Kiro failures that emit text may no longer preserve the previous exact nonzero-exit cliFailed classification after merge.

Maintainer options:

1. Accept PTY transport semantics (recommended)
   Merge the PR with the understood Kiro error-classification drift because it provides live proof for the user-facing no-TTY timeout fix.
2. Preserve exit status before merge
   Ask for TTYCommandRunner or the Kiro wrapper to expose termination status and add focused nonzero-exit coverage if exact CLI failure reporting is required.

Next step before merge

• [P2] Maintainer review should decide whether to accept the PTY transport semantics; there is no narrow automated repair required for this PR.

Security
Cleared: No concrete security or supply-chain concern was found; the diff only changes local Kiro CLI invocation and focused tests.

Review details

Best possible solution:

Merge the focused PTY transport fix if maintainers accept the small Kiro failure-classification tradeoff, and handle exact exit-status preservation later if support diagnostics need it.

Do we have a high-confidence way to reproduce the issue?

Yes from source and contributor live proof. Current main uses pipe-backed Kiro whoami, /usage, and /context, while the PR body reports real kiro-cli 2.8.1 only emits output with a controlling terminal; I did not run live provider probes because AGENTS.md says not to without explicit request.

Is this the best way to solve the issue?

Likely yes. Reusing the existing PTY runner is the narrowest maintainable fix for a terminal-presence bug; preserving exact nonzero exit-status classification is a diagnostic refinement rather than a clear blocker.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against ada3660e9d61.

Label changes

Label justifications:

• P2: This is a normal-priority provider bug fix with limited blast radius to Kiro usage loading.
• merge-risk: 🚨 auth-provider: The diff changes Kiro CLI account and usage invocation behavior, which can affect provider auth and failure classification after merge.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (live_output): The PR body includes after-fix live Kiro 2.8.1 fetch evidence and packaged-app no-TTY verification, so no contributor proof action is needed.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-fix live Kiro 2.8.1 fetch evidence and packaged-app no-TTY verification, so no contributor proof action is needed.

Evidence reviewed

What I checked:

• Repository policy read: Full target AGENTS.md was read; its Kiro/provider guidance affected the review by preferring focused CLI tests and avoiding live provider probes without explicit request. (AGENTS.md:1, ada3660e9d61)
• Current main still uses pipe-backed Kiro commands: Current main invokes Kiro whoami, /usage, and /context through runCommand, the pipe-backed path implicated by the PR body. (Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift:348, ada3660e9d61)
• PR head moves Kiro commands to PTY: At the PR head, ensureLoggedIn, runUsageCommand, and fetchContextUsage call runViaPTY, and the follow-up commit rejects whoami output with no account markers. (Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift:348, 5ff0a0fb4d96)
• PTY runner semantics inspected: TTYCommandRunner.Result exposes captured text only, while run owns timeout, idle, PTY setup, and process cleanup; this supports the remaining exit-status classification risk. (Sources/CodexBarCore/Host/PTY/TTYCommandRunner.swift:214, ada3660e9d61)
• Related issue and prior PR checked: The linked timeout report gives exact Kiro 2.8.1 timings, and the earlier merged account-probe PR only partially overlaps because it did not move Kiro CLI invocations from pipes to PTY.
• History and ownership sampled: GitHub commit history for the Kiro probe shows recent work by Yuxin-Qiao, steipete, kiranmagic7, and the original Kiro provider addition by Nathan Eror. (Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift:348)

Likely related people:

• steipete: Recent Kiro helper-process cleanup and current-main blame/history touch the same Kiro process and timeout surface. (role: recent area contributor; confidence: high; commits: 3286934b8be3, f380287041b8; files: Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift, Tests/CodexBarTests/KiroStatusProbeTests.swift)
• Yuxin-Qiao: Authored the merged account-probe timeout work that modified the same Kiro probe and tests shortly before this PR. (role: recent area contributor; confidence: high; commits: 8009f70b60ac; files: Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift, Tests/CodexBarTests/KiroStatusProbeTests.swift)
• kiranmagic7: Recent history shows prior Kiro pipe-hang and process-cleanup work in the same files and failure family. (role: adjacent Kiro process contributor; confidence: medium; commits: 209b6c857fad; files: Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift, Tests/CodexBarTests/KiroStatusProbeTests.swift)
• Nathan Eror: The Kiro provider and initial CLI usage tracking surface appear to originate in this commit history. (role: introduced behavior; confidence: medium; commits: bbda93528714; files: Sources/CodexBarCore/Providers/Kiro/KiroStatusProbe.swift)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4ac29c3751

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".