fix(deps): force prompt=False on the two mid-session lazy-install tool paths

The vision (Pillow) and faster-whisper STT tool paths were the only ensure() call sites that defaulted to prompt=True, so they could fire a blocking input() confirmation mid-session. Every other call site already passes prompt=False. Under the interactive CLI prompt_toolkit owns stdin, so that input() deadlocks the terminal (#40490). The install is already gated by security.allow_lazy_installs, so the prompt was redundant consent anyway. This makes the deadlock-capable input() branch unreachable from any tool-call path.
2026-06-09 08:21:50 +00:00 · 2026-06-06 18:30:51 -07:00 · 2026-06-06 18:30:51 -07:00 · c3d750c1ae
commit c3d750c1ae
parent d47f919ef1
3 changed files with 15 additions and 7 deletions
--- a/tools/lazy_deps.py
+++ b/tools/lazy_deps.py
@ -174,11 +174,11 @@ LAZY_DEPS: dict[str, tuple[str, ...]] = {
        "uvicorn[standard]==0.41.0",
        "starlette==1.0.1",  # CVE-2026-48710 (BadHost) — keep lazy-install in sync with pyproject [web]
    ),
-    # Vision image-resize recovery (Pillow). Soft dependency: vision_tools and
-    # conversation_compression degrade gracefully without it, but the byte AND
-    # pixel-dimension shrink paths no-op when it's absent, so an oversized
-    # image can brick a session on Anthropic's non-retryable 400. Keep in sync
-    # with pyproject [vision].
+    # Vision image-resize recovery (Pillow). Pillow is now a CORE dependency
+    # (pyproject `dependencies`), so this entry is a belt-and-suspenders fallback
+    # for stripped/source-build installs that somehow dropped it. The vision
+    # call site uses prompt=False so it can never raise a blocking input()
+    # prompt mid-session (#40490).
    "tool.vision": ("Pillow==12.2.0",),
 }

--- a/tools/transcription_tools.py
+++ b/tools/transcription_tools.py
@ -214,7 +214,11 @@ def _try_lazy_install_stt() -> bool:
    """
    try:
        from tools.lazy_deps import ensure
-        ensure("stt.faster_whisper")
+        # prompt=False: never raise a blocking input() prompt mid-session.
+        # Under the interactive CLI prompt_toolkit owns stdin, so a bare
+        # input() deadlocks the terminal (#40490). The install is already
+        # gated by security.allow_lazy_installs, so reaching here is opt-in.
+        ensure("stt.faster_whisper", prompt=False)
        # Re-check dynamically after install
        import importlib.util as _iu
        if _iu.find_spec("faster_whisper"):
--- a/tools/vision_tools.py
+++ b/tools/vision_tools.py
@ -422,7 +422,11 @@ def _resize_image_for_vision(image_path: Path, mime_type: Optional[str] = None,
        # the raw bytes and let the caller raise the size error.
        try:
            from tools.lazy_deps import ensure as _ensure_dep
-            _ensure_dep("tool.vision")
+            # prompt=False: never raise a blocking input() prompt mid-session.
+            # Under the interactive CLI prompt_toolkit owns stdin, so a bare
+            # input() deadlocks the terminal (#40490). The install is already
+            # gated by security.allow_lazy_installs, so reaching here is opt-in.
+            _ensure_dep("tool.vision", prompt=False)
            from PIL import Image
            import io as _io
        except Exception: