Skip to content

Add Devin as an ACP-based provider#3654

Draft
JoeProAI wants to merge 7 commits into
pingdotgg:mainfrom
JoeProAI:devin-provider
Draft

Add Devin as an ACP-based provider#3654
JoeProAI wants to merge 7 commits into
pingdotgg:mainfrom
JoeProAI:devin-provider

Conversation

@JoeProAI

@JoeProAI JoeProAI commented Jul 2, 2026

Copy link
Copy Markdown

Summary

Adds Devin CLI as a built-in provider, modeled on the existing Grok ACP integration. Devin ships a full ACP server (devin acp), so the integration is standards-only ACP — no private protocol extensions.

  • Contracts: DevinSettings (binaryPath, apiKey, customModels), driver kind, model defaults
  • Server: DevinAcpSupport (spawn + auth), DevinAdapter (sessions/streaming/tool calls/plans/approvals), DevinProvider (health probe + ACP model discovery), DevinDriver registered in BUILT_IN_DRIVERS, DevinTextGeneration
  • Web: provider picker entry, settings card, icon
  • Cross-cutting: AcpSessionRuntime gains an optional authenticateMeta passthrough — Devin's ACP server takes credentials via authenticate _meta (API key) with a PKCE browser-login fallback, and intentionally ignores local CLI credentials

Devin-specific behaviors handled:

  • Status probes never trigger the PKCE browser flow (no API key → ready/unauthenticated, discovery skipped)
  • session/set_model is not implemented by Devin (server-side Adaptive routing) — only called when the agent negotiates model state

Tests

Devin suites mirroring Grok's: DevinAcpSupport.test.ts, DevinProvider.test.ts, DevinAdapter.test.ts (against the shared ACP mock agent), plus devin coverage in the registry tests. vp check and vp run typecheck pass.

Note

I know contributions aren't open yet — this is a draft to have the work reviewable whenever you are. Happy to adjust to any conventions. Tested end-to-end on Windows with real devin acp sessions streaming in the UI.

This integration was written by Devin CLI itself.

Generated with Devin

Note

Add Devin as an ACP-based provider with full session, adapter, and text generation support

  • Introduces the DevinDriver and DevinAdapter as a new built-in provider, wiring ACP session lifecycle (start/stop/interrupt/resume), turn sending with text and image attachments, permission and user-input request handling, and event streaming via PubSub.
  • Adds checkDevinProviderStatus to probe CLI availability via devin --version, detect credentials, and discover available models via ACP startup; surfaces distinct states for missing binary, unauthenticated, and ACP failure.
  • Adds makeDevinTextGeneration to back commit message, PR content, branch name, and thread title generation through Devin ACP with a 180s timeout, streaming accumulation, and JSON schema decoding.
  • Registers Devin in contracts (DEVIN_DRIVER_KIND, DevinSettings), the built-in driver registry, the settings UI (PROVIDER_CLIENT_DEFINITIONS), the provider picker (PROVIDER_OPTIONS with a "new" badge), and the provider icon map.
  • Risk: Devin sessions spawn a child ACP process per session; failures in ACP startup or model discovery surface as provider error states rather than hard startup failures.
📊 Macroscope summarized 39001d2. 15 files reviewed, 0 issues evaluated, 0 issues filtered, 0 comments posted

🗂️ Filtered Issues

No issues evaluated.

joe and others added 5 commits July 2, 2026 01:22
Wires Devin CLI ('devin acp') into the provider stack as a new built-in
driver, modeled on the existing Grok ACP integration:

- DevinSettings contract (binaryPath, apiKey, customModels)
- DevinAcpSupport spawns 'devin acp' and authenticates with the
  windsurf-api-key method, passing the API key through authenticate
  _meta (Devin's ACP server ignores local CLI credentials by design)
- AcpSessionRuntime gains an optional authenticateMeta passthrough
- Devin adapter/provider/driver/text-generation layers
- Web UI: provider option, settings card, and icon

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
…registry tests

The periodic provider status probe must never trigger Devin's PKCE
browser login, so model discovery is skipped (with an unauthenticated
snapshot) until an API key is configured.

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
The picker requires status 'ready', so an unauthenticated-but-installed
Devin CLI now reports ready with auth unauthenticated. Starting a
session triggers Devin's PKCE browser login; API key remains the
recommended path (skips prompts, enables model discovery).

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Devin's ACP server routes models server-side (Adaptive) and does not
implement the unstable session/set_model method; calling it failed
session start. Only attempt a model switch when the agent negotiated
model support, and tolerate Method-not-found as a safety net.

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Mirrors the Grok coverage: ACP support unit tests (spawn input, auth
credential resolution, model-selection skip/fallback semantics),
provider snapshot/status probes, and the full adapter suite against the
shared ACP mock agent (xAI-extension cases dropped; Devin is
standards-only ACP).

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 12c6e789-049e-4684-8834-99666c78112c

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions github-actions Bot added vouch:unvouched PR author is not yet trusted in the VOUCHED list. size:XXL 1,000+ changed lines (additions + deletions). labels Jul 2, 2026
Comment thread apps/server/src/provider/acp/DevinAcpSupport.ts Outdated
...(options.authenticateMeta ? { _meta: options.authenticateMeta } : {}),
} satisfies EffectAcpSchema.AuthenticateRequest;

yield* runLoggedRequest(

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟠 High acp/AcpSessionRuntime.ts:543

The authenticate request payload now includes options.authenticateMeta, which for Devin contains the API key. startOnce() passes this payload through runLoggedRequest("authenticate", authenticatePayload, ...), which logs the full payload on start, success, and failure. Enabling requestLogger writes the secret API key to logs. Consider redacting or omitting the _meta field from the logged payload while still sending it in the actual RPC request.

🤖 Copy this AI Prompt to have your agent fix this:
In file @apps/server/src/provider/acp/AcpSessionRuntime.ts around line 543:

The `authenticate` request payload now includes `options.authenticateMeta`, which for Devin contains the API key. `startOnce()` passes this payload through `runLoggedRequest("authenticate", authenticatePayload, ...)`, which logs the full `payload` on start, success, and failure. Enabling `requestLogger` writes the secret API key to logs. Consider redacting or omitting the `_meta` field from the logged payload while still sending it in the actual RPC request.

),
);
const started = yield* Effect.gen(function* () {
yield* acp.handleRequestPermission((params) =>

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 Medium Layers/DevinAdapter.ts:605

startSession only registers acp.handleRequestPermission(...) and never registers a callback for user-input requests. As a result, when the Devin session sends a structured user-input request, the adapter never records an entry in pendingUserInputs and never emits a user-input.requested runtime event, so the UI is never surfaced the question. A later call to respondToUserInput always fails with Unknown pending user-input request because pendingUserInputs is never populated. Consider registering the corresponding ACP user-input handler (analogous to handleRequestPermission) that creates a Deferred, stores it in pendingUserInputs, and emits the appropriate runtime event.

🤖 Copy this AI Prompt to have your agent fix this:
In file @apps/server/src/provider/Layers/DevinAdapter.ts around line 605:

`startSession` only registers `acp.handleRequestPermission(...)` and never registers a callback for user-input requests. As a result, when the Devin session sends a structured user-input request, the adapter never records an entry in `pendingUserInputs` and never emits a `user-input.requested` runtime event, so the UI is never surfaced the question. A later call to `respondToUserInput` always fails with `Unknown pending user-input request` because `pendingUserInputs` is never populated. Consider registering the corresponding ACP user-input handler (analogous to `handleRequestPermission`) that creates a `Deferred`, stores it in `pendingUserInputs`, and emits the appropriate runtime event.

Review feedback: an omitted environment previously spawned the devin
child with an empty env (losing PATH and WINDSURF_API_KEY). Fall back
to process.env so inherited credentials and binary resolution survive.

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
@JoeProAI

JoeProAI commented Jul 2, 2026

Copy link
Copy Markdown
Author

Good catch — fixed in b89428d. \makeDevinAcpRuntime\ now defaults an omitted \environment\ to \process.env\ before resolving credentials and building the spawn input, so the child keeps PATH and \WINDSURF_API_KEY.

A stale or wrong key previously produced a generic 'ACP startup failed'
error state. Detect credential rejection during model discovery and
report warning/unauthenticated with guidance to clear the key and use
the browser login flow.

Generated with [Devin](https://devin.ai)

Co-Authored-By: Devin <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:XXL 1,000+ changed lines (additions + deletions). vouch:unvouched PR author is not yet trusted in the VOUCHED list.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants