FE-614: Support disabling SDCPN extensions

[kube]

🌟 What is the purpose of this PR?

Allow Petrinaut document handles to declare which SDCPN extensions and global parameters are unavailable, so hosts such as CatCollab can embed Petrinaut around a bare Petri net without exposing HASH-specific extensions.

This introduces handle-level capabilities for read-only mode and extension availability, then adapts core mutation paths, runtime data paths, and the editor UI to respect those capabilities.

🔗 Related links

• FE-614: Provide prop to turn on/off SDCPN extensions (internal)

🔍 What does this change?

• Adds PetrinautHandleCapabilities with readonly and disabledExtensions metadata.
• Defines supported extension keys: colors, stochasticity, dynamics, and parameters.
• Resolves effective instance capabilities from both host config and handle metadata.
• Ensures dynamics is resolved as disabled whenever colors is disabled.
• Exposes active extension settings through Petrinaut core and React context.
• Makes JSON handles no-op direct changes when handle-level read-only mode is enabled.
• Sanitizes mutations and paste commands so disabled extension/global parameter data is not introduced or retained.
• Hides token type, differential equation, and global parameter navigation when unavailable.
• Hides place color, dynamics, visualizer, transition result, stochastic, and parameter controls when unavailable.
• Treats simulation scenarios and timelines as untyped when colors are disabled.
• Ignores global parameter defaults and scenario overrides in simulation/experiment runtime paths when parameters are disabled.
• Adds Petrinaut/ExtensionsDisabled Storybook coverage for a bare Petri net with SDCPN extensions and global parameters disabled.
• Adds focused tests for read-only capabilities, extension sanitization, color/dynamics normalization, parameter disabling, and paste behavior.
• Adds ANALYSIS.md in @hashintel/petrinaut describing touchpoints, tradeoffs, and follow-ups.

Pre-Merge Checklist 🚀

🚢 Has this modified a publishable library?

This PR:

• modifies an npm-publishable library and I have added a changeset file(s)

📜 Does this require a change to the docs?

The changes in this PR:

• are in a state where docs changes are not yet required but will be
  • this is tracked in: FE-614

🕸️ Does this require a change to the Turbo Graph?

The changes in this PR:

• do not affect the execution graph

⚠️ Known issues

• This does not implement CatCollabPetriNetHandle; it only adds the capability surface and UI/core behavior it can use later.
• AI assistant tool schemas and prompts are not yet filtered by active extensions; core mutations still sanitize disabled extension data.

🐾 Next steps

• Implement CatCollabPetriNetHandle once CatCollab's source model and edit semantics are finalized.
• Decide whether additional Petri-net features should become capability flags for a stricter bare-net mode.
• Consider more specific read-only reasons in the UI for handle-level read-only mode.

🛡 What tests cover this?

• yarn lint:eslint in libs/@hashintel/petrinaut-core
• yarn lint:tsc in libs/@hashintel/petrinaut-core
• yarn test:unit --run in libs/@hashintel/petrinaut-core
• turbo run lint:tsc --filter='@hashintel/petrinaut'
• turbo run lint:eslint --filter='@hashintel/petrinaut'
• turbo run test:unit --filter='@hashintel/petrinaut' -- --run
• yarn lint:markdownlint libs/@hashintel/petrinaut/ANALYSIS.md .changeset/petrinaut-sdcpn-capabilities.md
• git diff --check

❓ How to test this?

1. Open Storybook and load Petrinaut/ExtensionsDisabled.
2. Confirm token type, differential equation, global parameter, dynamics, visualizer, transition result, and stochastic controls are hidden.
3. Create or use a Petrinaut handle with capabilities.disabledExtensions set to ['colors'] and confirm instance.extensions.dynamics resolves to false.
4. Create or use a Petrinaut handle with capabilities.disabledExtensions set to ['parameters'] and confirm global parameter UI and simulation defaults are unavailable.
5. Paste or mutate SDCPN data containing disabled extension fields and confirm the stored definition is sanitized.
6. Set capabilities.readonly and confirm edit mutations are ignored and the editor reports read-only state.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
hash	Ready	Preview, Comment	May 27, 2026 12:15am
petrinaut	Ready	Preview, Comment	May 27, 2026 12:15am

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
hashdotdesign-tokens	Ignored	Preview	May 27, 2026 12:15am

[cursor]

PR Summary

Medium Risk
Broad changes to mutation, paste, and simulation paths plus UI gating; behavior is capability-driven with tests, but hosts must understand sanitization and the colors→dynamics dependency.

Overview
Adds handle-level capabilities so Petrinaut hosts can embed a bare Petri net without HASH SDCPN extensions. Document handles may set readonly and disabledExtensions (colors, stochasticity, dynamics, parameters); omitting the list keeps today’s defaults.

Core: Resolves effective extensions on the instance (host readonly OR handle readonly; dynamics is forced off when colors is disabled). Mutations and clipboard paste sanitize the SDCPN so disabled data cannot be created or kept (e.g. stochastic → predicate, cleared kernels/types/equations/parameters). JSON handles ignore change() when handle-readonly.

UI: React context exposes extensions; sidebar, search, properties, firing-time, canvas, simulation settings/timeline, and experiments hide or neutralize color/dynamics/stochastic/parameter surfaces when unavailable.

Includes tests, Petrinaut/ExtensionsDisabled Storybook, ANALYSIS.md, and patch changesets for @hashintel/petrinaut / petrinaut-core.

^{Reviewed by Cursor Bugbot for commit 7194bc7. Bugbot is set up for automated code reviews on this repo. Configure here.}

[augmentcode]

🤖 Augment PR Summary

Summary: Adds handle-level capability metadata so Petrinaut can run against “bare” Petri nets (e.g. CatCollab embeds) without exposing HASH SDCPN extensions.

Changes:

• Introduced PetrinautHandleCapabilities (readonly, disabledExtensions) and extension keys (colors, stochasticity, dynamics).
• Added core extension utilities to resolve capabilities, determine selection availability, and sanitize/strip disabled extension data.
• Derived effective instance readonly + extensions from handle capabilities (and host readonly) and exposed them on the instance/context.
• Updated mutation and paste paths to no-op or sanitize so disabled extension data can’t be introduced/retained.
• Made JSON doc handles ignore change() when handle-level read-only is enabled.
• Updated React/UI surfaces to hide token-type, dynamics, visualizer, transition-result, and stochastic controls when unavailable.
• Adjusted simulation timeline/scenario views to treat places as untyped when colors are disabled.
• Added focused unit tests for read-only behavior, mutation sanitization, and paste sanitization.
• Added libs/@hashintel/petrinaut/ANALYSIS.md documenting touchpoints and follow-ups, plus a changeset.

_{🤖 Was this summary useful? React with 👍 or 👎}

[augmentcode]

Review completed. 2 suggestions posted.

Comment augment review to trigger a new review at any time.

[augmentcode]

libs/@hashintel/petrinaut/src/ui/views/Editor/panels/LeftSideBar/subviews/types-list.tsx:84 — When the button is disabled due to !extensions.colors, the tooltip uses UI_MESSAGES.READ_ONLY_MODE ("Editing is disabled"), which can mislead since the editor may still be writable. Consider using a capability-specific message for the extension-unavailable state (also applies to .../differential-equations-list.tsx:42).

Severity: low

Other Locations

• libs/@hashintel/petrinaut/src/ui/views/Editor/panels/LeftSideBar/subviews/differential-equations-list.tsx:42

_{🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.}

[augmentcode]

libs/@hashintel/petrinaut-core/src/extensions.ts:54 — resolvePetrinautHandleCapabilities() can return { colors: false, dynamics: true }, but elsewhere dynamics is treated as effectively gated by extensions.colors && extensions.dynamics. That mismatch could confuse consumers treating extensions as the effective availability surface; consider normalizing extensions.dynamics (or exposing a derived canUseDynamics) to reflect the effective behavior.

Severity: medium

_{🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.}

[cursor]

Handle change skips extension sanitization

Medium Severity

The change method in createJsonDocHandle only respects readonly capabilities. It doesn't account for disabledExtensions, allowing direct edits to introduce or retain extension-specific data (e.g., types, equations) that should otherwise be unavailable or stripped.

 

^{Reviewed by Cursor Bugbot for commit 0ac1966. Configure here.}

[cursor]

No sanitize on instance create

High Severity

The createPetrinaut function's definition store exposes the document without sanitizing data for disabled extensions. This allows initial or loaded SDCPNs to retain types, stochastic transitions, or dynamics, causing inconsistencies between UI capabilities and the underlying data until a mutation eventually applies stripDisabledExtensionData.

 

^{Reviewed by Cursor Bugbot for commit 0ac1966. Configure here.}

[cursor]

Strip ignores scenario initial state

Medium Severity

stripDisabledExtensionData clears types, differential equations, and place or transition extension fields, but leaves scenarios (and their initialState payloads) untouched. After the first guarded mutation with colors disabled, the net can have no types while scenarios still describe colored token matrices for places, producing an inconsistent SDCPN for simulation and scenario UI.

 

^{Reviewed by Cursor Bugbot for commit 0ac1966. Configure here.}

[cursor]

Undo restores stripped extensions

Medium Severity

stripDisabledExtensionData runs in the same handle.change transaction as the user’s edit. Undo applies inverse patches for the whole transaction, so extension data removed during sanitization can reappear in the stored document after undo even though capabilities still disable those extensions.

 

^{Reviewed by Cursor Bugbot for commit 0ac1966. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 3 potential issues.

There are 7 total unresolved issues (including 4 from previous reviews).

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 7194bc7. Configure here.}

[cursor]

Simulation ignores disabled extensions

High Severity

When SDCPN extensions are disabled, the SimulationProvider only sanitizes global parameters before passing the definition to the simulation engine. Other disabled extensions, such as colors, stochasticity, dynamics, and token types, are not removed. This can cause the simulation to use data from disabled features, leading to behavior that doesn't align with the UI.

 

^{Reviewed by Cursor Bugbot for commit 7194bc7. Configure here.}

[cursor]

Auto layout skips extension strip

Medium Severity

The applyAutoLayout command uses a direct mutate call and doesn't invoke stripDisabledExtensionData. This can leave data from disabled extensions in the document, unlike other mutation paths (like clipboard paste) that now correctly remove it.

 

^{Reviewed by Cursor Bugbot for commit 7194bc7. Configure here.}

[cursor]

Undo restores disabled extension data

Medium Severity

History undo and redo replay Immer patches without re-applying extension sanitization. Stepping back to an earlier checkpoint can restore token types, stochastic transitions, parameters, and other fields that guarded mutations had stripped for the current capability set.

 

^{Reviewed by Cursor Bugbot for commit 7194bc7. Configure here.}