R6 · SDK feature request — babysitter run:halt command
Title
Add babysitter run:halt for sealing divergent runs without hand-crafting journal events
Problem
When a run's SDK state diverges from operational reality (e.g. after the Promise.all collision bug), the only way to seal it cleanly is to:
- Manually delete colliding journal entries
- Hand-craft a
RUN_COMPLETED (or RUN_FAILED) JSON event
- Compute the right next-seq number
- Pick a matching
completionProof hash from run.json
- Write the synthetic event to
journal/000NNN.<ulid>.json
- Run
babysitter run:rebuild-state to refresh the cache
This worked but is fragile (hash/seq must be exact) and there's no audit trail of WHY we sealed.
Suggested command
babysitter run:halt <runDir> [--reason "<text>"] [--final-status completed|failed] [--json]
Behavior:
- Writes a synthetic terminal event with the right seq + ulid
- Computes/copies the completionProof from run.json
- Records the
--reason in a manual_seal_reason field for audit
- Rebuilds the state cache
- Returns the run to a terminal state cleanly
Use case
Operator-driven recovery from SDK state divergence — e.g. after a Promise.all collision (see R2), after a process file refactor that obsoletes pending effects, or after a user-rejected breakpoint that should mark the run failed but auto-iterate keeps trying.
Precedent
This is analogous to git rebase --abort or kubectl delete --force — a deliberate "halt and accept current state" tool. Today the operator has to write the event file by hand.
Reference
Cookbook run 01KT797KHQ6RFVMJ55TPBQ1K26 required this on 2026-06-03 (V2 lane epic seal).
R6 · SDK feature request —
babysitter run:haltcommandTitle
Add babysitter run:halt for sealing divergent runs without hand-crafting journal eventsProblem
When a run's SDK state diverges from operational reality (e.g. after the Promise.all collision bug), the only way to seal it cleanly is to:
RUN_COMPLETED(orRUN_FAILED) JSON eventcompletionProofhash fromrun.jsonjournal/000NNN.<ulid>.jsonbabysitter run:rebuild-stateto refresh the cacheThis worked but is fragile (hash/seq must be exact) and there's no audit trail of WHY we sealed.
Suggested command
Behavior:
--reasonin amanual_seal_reasonfield for auditUse case
Operator-driven recovery from SDK state divergence — e.g. after a
Promise.allcollision (see R2), after a process file refactor that obsoletes pending effects, or after a user-rejected breakpoint that should mark the run failed but auto-iterate keeps trying.Precedent
This is analogous to
git rebase --abortorkubectl delete --force— a deliberate "halt and accept current state" tool. Today the operator has to write the event file by hand.Reference
Cookbook run
01KT797KHQ6RFVMJ55TPBQ1K26required this on 2026-06-03 (V2 lane epic seal).