pub fn run_bounded_command(
template: &str,
keys: &BTreeMap<String, String>,
timeout: Duration,
stdin: Option<&[u8]>,
) -> Result<BoundedOutput, RuntimeError>Expand description
Run an arbitrary bounded command template (not a named [session.*]
role) to completion under timeout, optionally feeding stdin. Shares the
same kill-on-timeout guarantee as AgentRuntime::run_bounded
(REQ-HAZARD-SUBPROCESS-TIMEOUT) — a hung child is killed, never an indefinite
block.
This is the primitive the history subsystem (spt-live, M2b) runs its
fetcher / normalize_command strings through: those are adapter command
lines that live outside the role set, so ManifestRuntime::run_bounded
(which looks a role up in the manifest) does not apply. stdin feeds a
normalize_command the raw transcript on its standard input; it is written
on a thread so a child that reads slowly never deadlocks the poll.