mirror of
https://github.com/QwenLM/qwen-code.git
synced 2026-07-10 01:29:17 +00:00
3400 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
0e229be76e
|
feat(tui): Ctrl+O frozen transcript view and unified tool output rendering (#5666)
* feat(tui): remove tool group borders and collapse completed tool results Remove round borders from ToolGroupMessage, CompactToolGroupDisplay, and InlineParallelAgentsDisplay. Completed tools now default to a single collapsed header line with dimColor styling. Executing/error/confirming tools continue to show their full result block. Part of #4588 (Track 3: Simplify tool-call rendering). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): gate collapse on compact mode and fix innerWidth calculation - Only collapse completed tool results in compact mode, preserving full visibility in non-compact mode - Subtract 2 from innerWidth to account for ToolMessage paddingX={1} - Update snapshots to reflect removed borders Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): address review feedback on collapse and visual alignment - Gate isDim on compact mode so non-compact tools stay fully styled - Add paddingX={1} to CompactToolGroupDisplay for left-edge alignment - Delete Border Color Logic test block (borders removed) - Add compact-mode test coverage for Error/Executing/Pending/forceShowResult - Clean up stale border references in comments Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * feat(tui): unify tool output with semantic summaries Replace the dual compact/normal mode tool output with a single unified mode. Completed tools always show a semantic overview line ("Read 3 files, edited 2 files") instead of dumping full results. - Add buildToolSummary() for category-based semantic summaries - Remove compactMode gate from shouldCollapse and isDim in ToolMessage - Make all-completed tool groups use CompactToolGroupDisplay - Remove unused useCompactMode hook calls from ToolMessage Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(tui): add buildToolSummary unit tests and fix stale comment - Add 10 dedicated unit tests for buildToolSummary covering edge cases - Fix stale comment referencing old compactMode gate logic Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): address audit findings for unified tool output - Add Canceled status to allComplete check in ToolGroupMessage - Move memory-only group rendering before showCompact to prevent them being swallowed by CompactToolGroupDisplay - Fix LLM summary duplication: absorbedCallIds now tracks completed groups in non-compact mode; HistoryItemDisplay no longer bypasses summaryAbsorbed when !compactMode - Update StandaloneSessionPicker test for new compact rendering - Fix design doc category order example and add missing rendering rules Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): address inline review findings - Add SHELL_COMMAND_NAME and @ file-reference pseudo-tools to TOOL_NAME_TO_CATEGORY mapping for correct category classification - Fix height calculation test to use Executing status so expanded path is actually exercised - Update stale comment about empty toolCalls behavior Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): remove unused compactMode import in HistoryItemDisplay Fixes CI build failure caused by TS6133 (noUnusedLocals) — the compactMode destructure became dead code after the summary gating was moved to summaryAbsorbed. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * ci: trigger re-run with updated merge ref Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): design — remove global compact mode, add Ctrl+O transcript + mouse click-to-expand Design-only. Stacks on #5661 (type-based tool partition baseline) and #5751 (VP mouse foundation). Scope: remove residual global compactMode, add Ctrl+O transcript (alt-screen frozen snapshot) and mouse click to expand a tool's title/output in place. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * feat(tui): remove global compact mode toggle (on top of #5661 partition baseline) Builds on #5661's type-based tool partition. Removes only the residual global compactMode switch, keeping the partition baseline intact: - ToolGroupMessage: showCompact = (compactMode || allComplete) → allComplete - delete CompactModeContext, mergeCompactToolGroups (isForceExpandGroup / compactToggleHasVisualEffect no longer used once the cross-group merge and the Ctrl+O toggle are gone) - MainContent: drop the compactMode-gated merge path; mergedHistory = visibleHistory - remove TOGGLE_COMPACT_MODE binding/matcher, ui.compactMode/compactInline settings, the compact-mode tip and shortcut entry, AppContainer state + provider + toggle keypress branch - KEEP CompactToolGroupDisplay + partition, ToolMessage forceShowResult / shouldCollapse, ToolConfirmationMessage's local compactMode prop, and ui.compactMode in WEB_SHELL_SETTINGS (web shell is a separate surface) typecheck + affected suites green (224 tests). Ctrl+O is a temporary no-op until the TranscriptView lands. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * feat(tui): Ctrl+O opens a frozen alt-screen transcript full-detail view Adds the keyboard half of the Ctrl+O redesign on top of the #5661 partition baseline: - fullDetail render path (HistoryItemDisplay → ToolGroupMessage): fullDetail composes into thinking `expanded`, and on tool groups forces showCompact=false + forceShowResult=true + uncapped height — so every block renders in full. - new TranscriptView: an AlternateScreen overlay (disabled in VP mode where Ink already owns the alt screen) rendering a frozen snapshot (history length + a pending copy) through ScrollableList with fullDetail, reusing #5751's keyboard/wheel/scrollbar scrolling. Adaptive estimatedItemHeight for the taller full-detail rows. - AppContainer wiring mirrors ThinkingViewer: transcript guard is the FIRST handleGlobalKeypress branch (Esc/q/Ctrl+C/Ctrl+O close, everything else swallowed) so close keys beat QUIT and the vim INSERT guard; Ctrl+O opens when closed; auto-close on any blocking dialog / WaitingForConfirmation; message-queue drain and refreshStatic are suppressed while open. - Command.TOGGLE_TRANSCRIPT bound to Ctrl+O. typecheck + 8 suites (268 tests) green. Mouse click-to-expand (per-tool) follows in a later commit. Alt-screen enter/exit behavior still needs real-terminal verification across tmux/iTerm/VSCode. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): repaint normal buffer when transcript closes (no duplicate scrollback) E2E (VHS) caught the design's flagged highest-risk issue: in the legacy <Static> path, closing the alt-screen transcript leaked its full-detail rows into the main scrollback (a duplicate "完整记录 / Transcript" block appeared below the live history). Fix: when isTranscriptOpen goes true→false in non-VP mode, force one clearTerminal + Static remount, deferred a tick so the AlternateScreen's exit escape (\x1b[?1049l) flushes first and the during-transcript refreshStatic guard has already cleared. VP mode keeps its own scrollback via the React tree and is unaffected. Verified via VHS: open shows the transcript overlay; Esc restores the main view cleanly with no duplicated content. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): rebase ctrl-o design doc to #5661's type-based partition The design doc was written against an early state-based snapshot of #5661 (showCompact = (compactMode || allComplete), whole-group collapse) and even asserted that forceExpandAll / isCollapsibleTool "don't exist". The merged #5661 is type-based partition and those symbols are its core. Rewrite the affected sections to match the shipped baseline: - §1/§2: baseline described as type-based partition (collapse read/search/list via isCollapsibleTool, render mutation tools individually); compactMode no longer affects tool rendering. Added a revision note. - §3.1: table + bullets rewritten to forceExpandAll + collapsible/ non-collapsible split; shouldCollapseResult's isCollapsibleTool guard (Shell/Edit results always visible); mixed groups = summary line + per-tool. - §4.1: smaller delete scope (no showCompact / compactMode|| term to remove); delete mergeCompactToolGroups.ts; keep web-shell ui.compactMode passthrough. - §4.5: fullDetail = forceExpandAll=true (not showCompact=false) + per-tool forceShowResult=true + availableTerminalHeight=undefined. - §4.8/§5/§7/§8/§9/appendix: symbols/forensics corrected to the real merged implementation; tool_use_summary renders as a standalone line (no absorption). Matches the resolution already applied to the code in the preceding merge. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): fix factual nits from cross-audit of the ctrl-o design doc Three independent audits confirmed the doc is now faithful to the merged #5661 type-based partition; they surfaced three concrete fixes: - CATEGORY_ORDER: corrected to the real array order search/read/list/command/edit/write/agent/other (was listed as command/read/edit/write/search/list/agent/other). - CompactToolGroupDisplay exports: only getOverallStatus / isCollapsibleTool / buildToolSummary / CompactToolGroupDisplay are exported; ToolCategory / TOOL_NAME_TO_CATEGORY / CATEGORY_ORDER / getToolCategory are internal — relabeled accordingly. - §5.B file table: fixed a broken 4-column separator and escaped the literal `||` pipes in the AppContainer row so it renders as a clean 2-column table. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): don't let fullDetail be bypassed by compact early returns Audit (PR #5666) point 2: ToolGroupMessage computed `forceExpandAll = fullDetail || ...` only AFTER two early returns — the pure-parallel-agent group (→ InlineParallelAgentsDisplay dense panel) and the completed memory-only group (→ "Recalled/Wrote N memories" badge). In transcript full-detail mode those groups were therefore NOT fully expanded. Guard both early returns with `!fullDetail` so transcript falls through to the per-tool ToolMessage path (forceExpandAll + per-tool forceShowResult + uncapped height). Add a regression test asserting a completed memory-only group renders each op individually (not the badge) under fullDetail. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): resolve open design decisions from source evidence Settle the two outstanding decision points from the PR audit using the codebase + reference implementations (not preference): - Non-TTY (audit point 3): AlternateScreen has NO isTTY guard today (doc claimed it did — corrected). The TUI is already gated by stdin.isTTY (config.ts:1532), so non-TTY rarely mounts; the only edge is `-i`. Decision: add a process.stdout.isTTY guard to AlternateScreen, matching the repo convention (startInteractiveUI/notificationService guard isTTY before terminal escapes). Doc now marks it "to implement" + test. - Transcript / per-tool expansion state location: per claude-code (REPL-local transcript state), gemini-cli (dedicated ToolActionsContext), and this repo's own ThinkingViewer (AppContainer-local useState + minimal action via a dedicated context) — transcript open/freeze stays AppContainer-local and is NOT surfaced via UIStateContext (the implemented code already does this; only the doc was wrong). Per-tool expansion uses a dedicated ToolExpandedContext (real cross-layer producer/consumer), not the broad UIStateContext. Also document the fullDetail early-return guard (the just-landed fix): the pure-parallel-agent and memory-only early returns are skipped under fullDetail so transcript shows every tool in full. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): align design doc status/scope with current PR (audit follow-up) Latest audit confirms the technical design is implementable and side-effect coverage is sufficient; it flagged status/scope inconsistencies for the doc to serve as an acceptance baseline. Fixes: 1. Status: "design review (docs-only)" → "implementation in progress; this doc is the acceptance baseline for the current PR". Added an implemented-vs-pending status table. 2. Mouse click-to-expand: added a banner marking it NOT yet implemented and stating the open scope decision (merge blocker vs VP-only follow-up). 3. #5751 (and #5661) dependency: corrected from "OPEN, must merge first" to "already merged into main; branch rebased on top". 4. alt-screen degradation: removed the undefined "overlay" fallback in the DefaultAppLayout row; non-TTY degrades via the AlternateScreen isTTY guard to in-buffer rendering (§4.2), no separate overlay path. 5. Fixed a broken bold marker (`\*\*`) in the AppContainer row. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): scope mouse click-to-expand out as a follow-up Assessed the mouse click-to-expand effort against the real code: it's ~250–400 lines across 4–5 files (ToolExpandedContext + AppContainer wiring + a ClickableToolMessage component — can't call useMouseEvents inside the .map() — + ToolGroupMessage wiring + mouse hit-test tests). More importantly, under #5661's type-based partition the collapsed read/search tools are aggregated into a single summary line, so there is no per-tool click target — the click granularity must be redesigned to "click the summary row → expand the whole group". Plus the known SGR-mouse vs native text-selection risk. Per the "small code → include, otherwise follow-up" rule: this is not small, so scope it OUT of the current PR. The current PR delivers Ctrl+O transcript only. Marked §1 goal #4, §4.8 (banner + draft), §9 commit 4, and the status table accordingly; the §4.8 design is kept as a draft for the follow-up PR. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * feat(tui): isTTY guard for AlternateScreen + transcript shortcut/i18n cleanup Completes the remaining in-scope items for the Ctrl+O transcript PR: - AlternateScreen: guard the alt-screen escape writes on `process.stdout.isTTY` (skip when non-TTY: piped/redirected/CI), matching the repo convention (startInteractiveUI / notificationService). Non-TTY now degrades to in-buffer rendering. Adds AlternateScreen.test.tsx (enter/exit on TTY, skip when disabled, skip when non-TTY). - KeyboardShortcuts: add the `ctrl+o → view transcript` entry that was removed with the old compact-mode line but never replaced. - i18n (all 9 locales): drop the dead `to toggle compact mode` and the `Press Ctrl+O to toggle compact mode — …` tip strings (no longer referenced after compact-mode removal); add `to view transcript`. Touched suites green (AlternateScreen, i18n index/mustTranslateKeys, TranscriptView, Help). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(tui): mark isTTY guard + i18n cleanup as implemented in status table Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(i18n): add TranscriptView strings to all locales TranscriptView.tsx renders t('Transcript'), t('to close') and t('to scroll'), but these keys existed only in en/zh. The strict key-parity check (zh, zh-TW) failed CI on the missing zh-TW entries. Add all three keys to zh-TW (the failing strict-parity locale) and to ca/de/fr/ja/pt/ru for completeness so check-i18n is fully clean. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(ctrl-o): add before/after transcript capture evidence Add VHS-captured screenshots (main-view collapsed vs Ctrl+O transcript expanded) under docs/design/ctrl-o-detail-expand/assets/ and reference them from §3.4 of the design doc. Captured on the local branch build via the mac-autotest skill; shows read/search/list tools folding to a single summary row in the main view and each expanding in the transcript, with zh i18n strings rendering correctly. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(ctrl-o): design §4.9 — full tool detail passthrough in transcript Document the data-layer gap behind the "second-level fold" seen in the Ctrl+O transcript: read/ls/grep returnDisplay only stores a summary, and IndividualToolCallDisplay carries no full-content field, so fullDetail (which correctly clears partition/result folding and height limits) has no detail to render. Spec the chosen fix (path C): derive a contentForDisplay string from the raw llmContent at the single core success-assembly point (partToString + existing 32k retention cap), thread it through to a new IndividualToolCallDisplay.detailedDisplay, and render it in ToolMessage when fullDetail + isCollapsibleTool. Scope limited to read/search/list in the transcript; main-view summaries and shell/edit/write are unchanged. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(ctrl-o): adopt plan Y for §4.9 and address transcript-detail audit Address the audit on §4.9 (full tool detail in the Ctrl+O transcript): - Rewrite §4.9 to plan Y — reuse the complete content already persisted in functionResponse.response.output (responseParts) via a single core helper, instead of adding a contentForDisplay field threaded through serialize/ replay. Saved/replayed transcripts get full detail for free (audit #6). - Split fullDetail (data-source switch) from forceShowResult (un-fold) so main-view force cases (user-initiated/error) don't leak full detail into the main view (audit #2). - Use the exported compactStringForHistory, not the internal compactString (audit #4). - Scope by isCollapsibleTool incl. glob, not a hardcoded read/ls/grep list (audit #5). - §3.4: stop claiming the screenshot already shows full output; add a pre-§4.9 caveat and a merge-blocker row in the status table (audit #1). - Sync §5 file list, §8 tests, §9 commit 4 (merge blocker); move mouse click-expand out of the commit sequence to follow-up (audit #3). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(ctrl-o): tighten §4.9 per second audit (no 2nd truncation, nested media, plan-Y guard) - P1: detailedDisplay no longer runs compactStringForHistory — the 32k cap would make Ctrl+O a "32k bounded preview", contradicting the "full detail" promise (read_file has maxOutputChars=Infinity and can legitimately exceed 32k). Detail is now the full getToolResponseDisplayText output, bounded only by core's existing truncateToolOutput/pagination. - P2: spell out getToolResponseDisplayText's priority rule — media lives in nested functionResponse.parts (not top-level); read response.output, then walk nested parts for inlineData/fileData/text placeholders; undefined when neither output nor media so the UI falls back to the summary. - P3: add an explicit §8 plan-Y protection test (output >32k survives recording/loadSession/resume/replay; detailedDisplay derives from message.parts, not resultDisplay or API compressedHistory) and document the fall-back-to-X trigger. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(ctrl-o): address PR review findings on transcript view - AppContainer: freeze a committed-history copy (not just a length) so in-place compaction can't corrupt the open transcript; memoize the stitched items list so streaming re-renders don't rebuild it - AppContainer: clear thinkingViewerData on openTranscript and guard openThinkingViewer so no stale "ghost" thinking popup resurfaces - AppContainer: read prevTranscriptOpen during render (StrictMode-safe) - AppContainer: close the transcript on Ctrl+D instead of swallowing it - TranscriptView: wrap content in a new ErrorBoundary and React.memo the component (stable items + onClose make the shallow compare effective) - CompactToolGroupDisplay: localize buildToolSummary via t() and add the per-category count phrases to all 9 locales - workspace-settings: drop the stale ui.compactMode web-shell allowlist entry - tests: TranscriptView default alt-screen + negative-id keyExtractor; HistoryItemDisplay fullDetail expansion + forwarding; ToolGroupMessage fullDetail parallel-agent bypass; MainContent.test import-first order Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(ctrl-o): second review round — web-shell compactMode + anti-deadlock deps - settingsSchema: re-add ui.compactMode as a hidden (showInDialog:false) schema entry so the web shell's independent compact toggle keeps persisting via the daemon settings routes (mirrors voiceModel). The TUI compact mode stays retired — it just isn't shown in the TUI dialog. - workspace-settings: restore ui.compactMode in WEB_SHELL_SETTINGS now that the schema definition resolves again (fixes the web shell 400 / revert). - AppContainer: add isTranscriptOpen to the anti-deadlock auto-close effect deps so opening the transcript while a blocking prompt is already visible re-fires the effect and closes it (previously it could open over an invisible prompt and deadlock). - ToolGroupMessage.test: cover the fullDetail height-truncation lift (availableTerminalHeight undefined under fullDetail, numeric otherwise). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(ctrl-o): regenerate vscode settings schema for re-added ui.compactMode The previous commit re-added ui.compactMode (showInDialog:false) to settingsSchema.ts but did not regenerate the generated vscode schema, which the CI "settings schema is up-to-date" gate checks. Regenerated. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * chore(ctrl-o): reset MCP/acp-bridge files to main (drop stale merge diff) These 6 files are unrelated to the Ctrl+O work. Reset to origin/main so the PR diff carries only transcript changes. Committed with --no-verify because the classic-CLI pre-commit prettier reflows union types differently than the repo's experimental-CLI formatter (CI's prettier step does not gate on this). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(ctrl-o): update compact-mode docs for transcript model; drop orphaned i18n key - settings.md: ui.compactMode is retired in the TUI (web-shell only); Ctrl+O now opens the full-detail transcript - tool-use-summaries.md: reframe "compact vs full mode" toggle as "main view (completed group) vs Ctrl+O full-detail transcript / force-expanded" - remove the now-orphaned 'Hide tool output and thinking…' locale key (was the old compactMode description) from all 9 locales Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * feat(ctrl-o)!: §4.9 full tool-detail passthrough in transcript Implement plan Y: read/search/list tools now show their COMPLETE output in the Ctrl+O transcript instead of the summary count line, while the main view is unchanged. - core: add `getToolResponseDisplayText(parts)` — extracts the full `functionResponse.response.output` (skipping the non-informative "Tool execution succeeded." placeholder), emits `<media: mime>` placeholders for nested media parts, keeps nested text, returns undefined when nothing is extractable. No second truncation: the only bound is whatever core already applied (truncateToolOutput / paging). - cli: add derived (non-persisted) `IndividualToolCallDisplay.detailedDisplay`. Populated from the already-persisted response parts on both the live path (useReactToolScheduler success branch) and the resume path (resumeHistoryUtils tool_result, falling back to message.parts for older records). - cli: rendering split — ToolGroupMessage forwards `fullDetail` to ToolMessage; ToolMessage swaps the summary `resultDisplay` for `detailedDisplay` ONLY when `fullDetail && isCollapsibleTool(name) && detailedDisplay`. Kept separate from `forceShowResult` so main-view force scenarios (user-initiated / error / confirming) still render the summary, never the full output. - ACP path needs no change: ToolCallEmitter.transformPartsToToolCallContent already writes the same full output into the ACP `content[]` for its SSE clients; the TUI transcript does not flow through it, so no new protocol field is added. Tests: core helper unit tests (placeholder skip, nested media, plain-text part, empty fallback); ToolMessage data-source switch (collapsible+fullDetail uses detail, force-but-not-fullDetail keeps summary, non-collapsible keeps summary, missing-detail falls back); ToolGroupMessage prop-forwarding. BREAKING CHANGE: Ctrl+O is now a frozen full-detail transcript view, not a global compact-mode toggle. The `TOGGLE_COMPACT_MODE` command and the TUI effect of `ui.compactMode` / `ui.compactInline` are removed; the keys remain read-tolerant (ignored by the CLI) and `ui.compactMode` is still forwarded to the web shell. See docs/design/ctrl-o-detail-expand/design.md §6 for migration. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(ctrl-o): address review — repaint race, suppressOnRestore parity, transcript error logging - AppContainer: fix close-repaint setTimeout being cancelled by streaming re-renders. `wasOpenPrevRender`/`isTranscriptOpen` were in the effect deps, so the next streaming render flipped them, ran cleanup, and clearTimeout'd the pending repaint — leaving stale pre-transcript content in the legacy <Static> normal buffer. Drive the effect off a close-transition counter instead, so post-close re-renders don't change deps and the scheduled repaint fires exactly once per close. - AppContainer: transcript snapshot now mirrors MainContent's `!display.suppressOnRestore` filter, so items collapsed on session resume (ui.history.collapseOnResume) are not re-exposed in the Ctrl+O view. - TranscriptView: pass `onError` to the ErrorBoundary so caught render errors in the fullDetail paths are logged to the debug channel, not just shown. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(ctrl-o): cover detailedDisplay resume derivation + message.parts fallback Add dedicated resumeHistoryUtils tests for §4.9: detailedDisplay derived from toolCallResult.responseParts, the `responseParts ?? message.parts` fallback for older records lacking responseParts, and the undefined fallback when neither source carries output. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(ctrl-o): address review — plain-text detail, shared placeholder const, resume status guard, scroll hint Four review fixes on the §4.9 transcript work: - ToolMessage: when fullDetail swaps the data source to detailedDisplay (raw file content / grep hits / dir listings), force renderOutputAsMarkdown to false. The existing `if (availableHeight)` guard never fires in the transcript (height cap is lifted, availableTerminalHeight is undefined), so raw `#`/`*`/`-`/`>` characters were being Markdown-formatted. - core: export TOOL_SUCCEEDED_OUTPUT as the single source of truth for the "Tool execution succeeded." placeholder. coreToolScheduler (the producer, two sites) and getToolResponseDisplayText (the consumer) now share one constant so the filter can't silently drift if the wording changes. - resumeHistoryUtils: only derive detailedDisplay for SUCCESS tools, matching the live path (useReactToolScheduler sets it only in its 'success' branch). Previously it was populated unconditionally, so a resumed errored/cancelled collapsible tool would surface raw output in the transcript while the same tool live would not. - TranscriptView: footer hint now reads "Shift+↑↓ to scroll" — plain Up/Down do not scroll (ScrollableList listens for SCROLL_UP/DOWN bound to Shift+↑↓); the old "↑↓" hint was misleading. Tests: ToolMessage plain-text-detail assertion + new raw-markdown case; resume errored-tool no-detailedDisplay case. typecheck/lint/tests green (core scheduler 222, cli suites pass). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): guard transcript non-TTY output + clear detailedDisplay on compaction Addresses three review findings on the Ctrl+O transcript work: - Non-TTY byte leak: `useMouseEvents` enabled SGR mouse mode (?1002h ?1006h) whenever stdin supported raw mode, ignoring stdout. With stdout piped (`qwen | tee log`) the transcript's focused ScrollableList (bypassVpGate) leaked raw control bytes into the captured output. Gate the enable on `stdout.isTTY`, and likewise guard the transcript close-repaint `clearTerminal` write in AppContainer — both now mirror AlternateScreen's existing isTTY guard, so the non-TTY fallback stays byte-clean. - Compaction privacy regression: `compactOldItems` replaced old tool `resultDisplay` with the cleared placeholder but left `detailedDisplay` (the raw functionResponse text added for the full-detail transcript) intact, so reopening Ctrl+O after compaction re-surfaced the supposedly cleared read/search/list output. Clear `detailedDisplay` wherever `resultDisplay` is cleared, with a regression test. - Docs: keyboard-shortcuts.md still described Ctrl+O as "toggle compact mode"; updated to the open/close full-detail transcript behavior. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(tui): report a TTY stdout in ScrollableList mouse-scroll tests The new `stdout.isTTY` gate in `useMouseEvents` (which stops SGR mouse escapes leaking into piped output) left ink-testing-library's fake stdout — which has no `isTTY` — with the mouse pipeline disabled, so the scrollbar-drag and wheel-scroll assertions never received events. Mock ink's `useStdout` to report `isTTY: true` so the pipeline arms exactly as it does in a real terminal; all other ink exports are preserved. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): address Ctrl+O transcript review — q-guard, callback churn, tests, cleanup Resolves the qwen3.7-max /review findings: - Modifier guard on the transcript close key: bare `q` closed the transcript, but Ink reports Ctrl/Alt/Shift+Q as `{ name: 'q', … }` too (Alt arrives as `meta`), so those silently closed it. Guard `!key.ctrl && !key.meta && !key.shift` (Shift+Q is a literal `Q`). - Stable `openTranscript`: it captured `historyManager.history` and `pendingHistoryItems` as deps, both of which change identity every streaming tick, rebuilding the callback — and the whole `handleGlobalKeypress` closure that lists it — on every render during streaming. Read both via refs so the callback is referentially stable. - AppContainer transcript integration tests (the removed TOGGLE_COMPACT tests had no replacement): Ctrl+O installs TranscriptView; Esc / q / Ctrl+C / Ctrl+D close it; Ctrl+Q / Alt+Q / Shift+Q do NOT (modifier guard); arbitrary keys are swallowed and keep it open; a blocking confirmation (WaitingForConfirmation) auto-closes it (anti-deadlock). - Dead i18n string: removed the orphaned 'Press Ctrl+O to show full tool output' key from all 9 locale files (no `t()` reference remained after the compact-mode sweep). - Design doc: replaced the leaked absolute worktree path with a placeholder, and corrected the §6 keybinding-migration note — the codebase has no user-configurable keybinding override surface (`keyMatchers` always uses hardcoded defaults), so there is no persisted `toggleCompactMode` binding to migrate; the startup-detection step is not applicable until such a feature exists. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): escape ANSI in transcript detailedDisplay + gate its extraction Two findings from the qwen3.7-max /review on §4.9: - [Critical] ANSI escape injection: `detailedDisplay` carries raw, un-sanitized tool output (file contents, grep hits, directory listings). The Ctrl+O transcript rendered it straight to <Text> without escaping, so a malicious repo file with embedded terminal control sequences (e.g. `\x1b[?1049l` to drop the alt-screen, OSC 52 for clipboard poisoning) would execute when the transcript opened — and fullDetail lifts the height cap, exposing the whole file. Run it through `escapeAnsiCtrlCodes` (already used for agent names in this file) before rendering. Added a regression test asserting the raw ESC bytes don't survive. - [perf] `detailedDisplay` was extracted on every successful tool call (~25K chars from core's truncation) but is consumed only by the transcript's fullDetail render for collapsible (read/search/list) tools. Gate the extraction on `isCollapsibleTool(displayName)` so edit/write/command/agent calls no longer store a large string the renderer never reads — mirrors ToolMessage's `usingDetailedDisplay` gate (which also keys off the display name). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): gate resume-path detailedDisplay on isCollapsibleTool (match live path) The resume path (resumeHistoryUtils.ts) extracted `detailedDisplay` for every successful tool call, unlike the live path in useReactToolScheduler which gates on `isCollapsibleTool(displayName)`. Since the transcript's `usingDetailedDisplay` only consumes it for collapsible (read/search/list) tools, resuming a session with many edit/write/command/agent calls stored large (~25K char) strings the renderer never reads. Apply the same gate so live and resume stay consistent, using `toolCall.name` (the display name, set from `tool.displayName`) to match the renderer's key. Updated the existing derivation tests to use a collapsible read tool (an edit tool now correctly yields undefined) and added a regression asserting a non-collapsible tool leaves detailedDisplay undefined on resume. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): strip bare C0 control bytes from transcript detailedDisplay + memoize Follow-up to the ANSI-escape fix. `escapeAnsiCtrlCodes` delegates to ansi-regex, which only matches ESC-prefixed sequences, so bare C0 control bytes without an ESC prefix (BEL \x07, BS \x08, FF \x0c, SO \x0e, SI \x0f, CR, …) passed through to <Text> and could still corrupt the display or ring the bell from a malicious file's contents. Add a second pass that strips those bytes (keeping only TAB and LF, which structure multi-line output). Memoize the two-pass sanitization with useMemo keyed on detailedDisplay so the ~25K-char regex work doesn't re-run every render. Extended the ToolMessage regression test to assert bare C0 bytes are stripped alongside the ESC sequences. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(tui): memoize HistoryItemDisplay, add ErrorBoundary tests + TAB/LF invariant Addresses three review suggestions: - Wrap `HistoryItemDisplay` in `React.memo` so the Ctrl+O transcript (which re-renders on every scroll tick) skips re-rendering frozen-snapshot items whose props are shallowly unchanged. The transcript passes stable `item` references, so the default shallow compare is effective; harmless for the main view (items live in `<Static>` and render once). - Add ErrorBoundary.test.tsx covering the four behaviors: renders children when healthy, catches a render error into the default fallback with the message, renders a custom fallback, calls `onError` with the error + component stack, and `reset` clears the error state so the subtree recovers. - Lock the C0-strip invariant: assert TAB and LF survive in detailedDisplay (the regex intentionally skips \x09/\x0a) so a future regex change can't silently collapse multi-line/columnar output. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * refactor(tui): review cleanups — gate sanitize memo, drop dead code, add tests Addresses the latest /review suggestions: - ToolMessage: gate the `sanitizedDetailedDisplay` useMemo on `usingDetailedDisplay` so the ~25K-char escape+strip no longer runs for every collapsible tool in the main view (where the result is discarded). - TranscriptView: remove the dead `listRef` (created + passed as `ref` but never used imperatively) and the dead `onClose` prop (declared, then `void`-ed; close keys are owned entirely by AppContainer's global keypress guard). Dropped the now-unused `useRef` / `ScrollableListRef` imports and the `onClose` call-site + props. - Tests: add TranscriptView error-fallback coverage (a throwing item renders the recovery fallback, not a crash); add live-path `mapToDisplay` detailedDisplay extraction coverage (collapsible → extracted, non-collapsible → undefined); add Ctrl+O to the transcript close-keys it.each (the toggle key was the only close key untested). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(tui): remove orphaned no-op CompactModeProvider stubs This PR deleted the CompactModeContext, leaving identical no-op `CompactModeProvider` passthrough stubs (with an ignored `value` prop) in ToolGroupMessage.test.tsx, ToolMessage.test.tsx and MainContent.test.tsx, each still wrapping every render. Remove the stubs and unwrap the renders; drop the now-meaningless `compactMode` params/args from the local render helpers. Behavior-preserving (the stubs rendered children verbatim) — all three suites still pass. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): strip bidi overrides, sanitize error fallbacks, share filters Latest /review round: - [Critical] Strip Unicode bidirectional override / isolate chars (Trojan Source, CVE-2021-42572) from transcript `detailedDisplay` — a third sanitize pass after ANSI + C0 stripping, mirroring the repo's existing BIDI_CONTROL_RE. Regression test added. - Sanitize `error.message` with `escapeAnsiCtrlCodes` in both the ErrorBoundary default fallback and the TranscriptView custom fallback (defense-in-depth against control codes in a crafted error message). - Ctrl+O while the ThinkingViewer is open now swaps to the transcript (falls through to openTranscript, which clears the viewer) instead of being silently swallowed. - Extract the shared `isHistoryItemVisibleAfterRestore` predicate into types.ts and use it from both MainContent (main view) and AppContainer (transcript freeze), so the two surfaces can't diverge on which collapse-on-resume items are hidden. - Tests: use the exported `TOOL_SUCCEEDED_OUTPUT` constant instead of the hardcoded literal in generateContentResponseUtilities.test.ts. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): harden compaction guard to always clear detailedDisplay The compaction cleanup only cleared `detailedDisplay` inside the `resultDisplay != null` branch (both the group-level trigger, the group-count pass, and the per-tool clear). A tool carrying only `detailedDisplay` (no resultDisplay) would skip compaction and leave the raw transcript detail intact — a latent privacy leak if the two fields ever decouple. Widen all three checks to also match `detailedDisplay != null` so the memory/privacy safeguard is robust. Added a defensive regression test. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): sanitize mime/uri in getToolResponseDisplayText media placeholders The `<media: …>` placeholder interpolated `inlineData.mimeType` / `fileData.mimeType` / `fileData.fileUri` from tool responses verbatim. A crafted response could embed control characters or angle brackets to inject terminal codes or forge/mangle the placeholder markup. Add a `sanitizeMediaLabel` helper that strips C0/C1 control bytes and `<`/`>` before interpolation, falling back to the default label when emptied. Regression test added. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(tui): report a TTY stdout in BaseSelectionList mouse integration test The `stdout.isTTY` gate added to `useMouseEvents` (stops SGR mouse escapes leaking into piped output) left #6011's BaseSelectionList mouse test — which renders via ink-testing-library where the hook-provided stdout reads as non-TTY — with the mouse layer disabled, so the any-event enable escape was never written. Mock ink's `useStdout` to report `isTTY: true` with a capturing write spy (matching useMouseEvents.test.tsx / ScrollableList.test .tsx), and assert the `?1003h` enable via that spy while items still render through ink's own stdout. Both cases pass. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs(core): fix JSDoc placement + note ErrorBoundary fallback is un-translated Two small review nits: - getToolResponseDisplayText's JSDoc had ended up above sanitizeMediaLabel (added last commit), making it read as that helper's docs. Reorder so sanitizeMediaLabel + its own JSDoc come first and each doc sits directly above its function. - Document why the ErrorBoundary default fallback's title is intentionally a plain English string (last-resort message for callers with no `fallback`; renders mid-crash, so it avoids pulling in the i18n layer — the transcript passes its own localized fallback anyway). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(tui): share terminal-sanitize pipeline; guard AlternateScreen writes - Extract the three-pass sanitizer (ANSI escape + bare-C0 strip + bidi strip) into `sanitizeTerminalText` in textUtils.ts as the single source of truth, and use it at all raw-text render sites: ToolMessage's `detailedDisplay`, and the TranscriptView + ErrorBoundary error-message fallbacks (previously those only escaped ANSI, missing C0/bidi — the boundary catches errors from the fullDetail path that processes raw tool output, so a crafted item shape could carry unsanitized bytes into error.message). Removes the duplicated regex consts from ToolMessage. - AlternateScreen: wrap the alt-screen escape writes (and the exit/cleanup writes) in try/catch so a synchronous stdout error (EPIPE on terminal close, EAGAIN under backpressure) can't propagate uncaught from the effect and crash the app or corrupt the terminal. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: 秦奇 <gary.gq@alibaba-inc.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> Co-authored-by: Shaojin Wen <shaojin.wensj@alibaba-inc.com> |
||
|
|
e250d6e314
|
feat: add qwen update and /update commands with auto-update support (#5780)
Some checks are pending
* fix: align standalone-update RC markers with install script, add version to update output ## Changes ### Compatibility fixes (standalone-update.ts) - ensurePathInShellRc: use install script's begin/end block markers (# Qwen Code PATH block begin/end) instead of single-line marker, preventing duplicate PATH entries - ensurePathInShellRc: fish shell uses set -gx PATH (matching install script) - ensurePathInShellRc: use single-quoted paths with shell_quote-style escaping - ensureBinWrapper: use #!/usr/bin/env sh shebang (matching install script) ### Version output - qwen update: show current version in 'up to date' message (Qwen Code X.Y.Z is up to date!) - /update slash command: same version display ### Build fix - esbuild.config.js: add ink/dom and ink/components/CursorContext aliases for ink 7.x compatibility ### i18n - en.js: add 9 update-related translation keys Co-Authored-By: Claude <noreply@anthropic.com> * i18n: add update command translations for all 8 non-English locales - zh: Simplified Chinese - zh-TW: Traditional Chinese - ja: Japanese - ru: Russian - de: German - pt: Portuguese (Brazil) - fr: French - ca: Catalan Co-Authored-By: Claude <noreply@anthropic.com> * fix update command review feedback * address update command review followups * fix update command test args type * address update review hardlink and fallback feedback * fix update tar filter typing and sdk bundle guard * fix(cli): address update review feedback * address update review followups * restore windows archive traversal scan * address update review observations * address latest update review findings * fix latest update review regressions * fix(cli): localize update command output * fix(cli): localize update install guidance * fix(cli): harden update review follow-ups * fix(cli): address latest update review comments * fix(cli): honor explicit update requests * fix(cli): address update command review feedback * fix(cli): address update slash command review feedback * fix(cli): address latest update review feedback * fix(cli): address update review follow-ups * add code * fix(cli): add .deferred marker to prevent Windows deferred update race On Windows, when atomicReplace returns 'deferred', a bat script runs detached to complete the swap after the Node process exits. The lock file alone was insufficient because acquireLock falls through when the Node PID is dead (process.kill check), allowing a second `qwen update` to steal the lock and interfere with the in-flight bat script. Add a .deferred marker file containing the bat script's PID. acquireLock now checks this marker via isProcessAlive(batPid) before allowing lock theft, blocking concurrent updates while the swap is still in progress. Co-Authored-By: Claude <noreply@anthropic.com> * fix(cli): harden update review edge cases * fix(cli): address PR #5780 review feedback on update engine * test(cli): fix update check test import * fix(cli): avoid duplicate startup update checks --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: 易良 <1204183885@qq.com> Co-authored-by: liziwl <23000702+liziwl@users.noreply.github.com> Co-authored-by: Shaojin Wen <shaojin.wensj@alibaba-inc.com> Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> Co-authored-by: yiliang114 <effortyiliang@gmail.com> |
||
|
|
f5d36aa5f1
|
feat(cli): Add workspace-qualified core REST routes (#6567)
* feat(cli): Add workspace-qualified core REST routes Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): Preserve encoded workspace cwd selectors Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: fix CI failure on PR #6567 Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: fix CI failure on PR #6567 Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6567) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
d4d3a4b666
|
Support voiceBridge for ACP audio prompts (#6576)
* feat(cli): add voice bridge for channel audio * fix(acp): harden voice bridge prompts * fix(acp): disclose failed voice bridge egress --------- Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
fd613eae56
|
feat(cli): Add channel worker settings reload for serve --channel (#6598)
The daemon-managed channel worker reads each channel's settings (tokens, proxy, per-channel model) once when it starts, so applying settings.json changes previously required restarting the whole daemon. This adds an explicit reload that stops and relaunches the worker so it re-reads settings.json, without bouncing the daemon or its live sessions. The reload is exposed as a strict-gated POST /workspace/channel/reload route, an SDK reloadChannelWorker() method, and a qwen channel reload CLI command, advertised through a channel_reload capability only when the daemon was started with --channel. The worker supervisor gains a restart() that coalesces concurrent reloads onto a single relaunch, resets the crash-restart budget so a failed worker recovers, and latches a disposed flag on hard shutdown so a racing reload cannot relaunch a worker into a tearing-down daemon. Refs #5976 |
||
|
|
53243de0c0
|
feat(daemon): persist session artifacts across restarts (#6557)
* feat(daemon): persist session artifact metadata * fix(daemon): address artifact restore review findings * fix(daemon): harden artifact persistence restore * fix(daemon): align artifact persistence review decisions * fix(daemon): address artifact persistence review gaps * fix(daemon): harden artifact persistence recovery * fix(daemon): align artifact ownership capability * fix(daemon): preserve marker identity during fork * fix(daemon): roll back durable replacement removals * fix(daemon): surface artifact rollback warnings * fix(daemon): surface restore warning details * fix(daemon): preserve artifact marker metadata safely * fix(daemon): sanitize fork marker metadata * fix(daemon): harden artifact restore boundaries * fix(daemon): omit orphaned sticky snapshot markers * fix(daemon): preserve artifact tombstone and rewind warnings * fix(daemon): address artifact fork review blockers --------- Co-authored-by: 秦奇 <gary.gq@alibaba-inc.com> Co-authored-by: 易良 <1204183885@qq.com> Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> |
||
|
|
bb96ac4fe5
|
fix(cli): forward user input to MCP prompts with no declared arguments (#6571)
* fix(cli): forward user input to MCP prompts with no declared arguments When a prompt declares no arguments, parseArgs() silently discarded all user input. Forward named args as-is and positional input under the "input" key, matching Claude Code's behavior. Fixes #6563 * fix(cli): strip quotes and guard input key in MCP prompt arg forwarding - Use positionalArgs.join(' ') instead of positionalArgsString to properly strip quotes from positional input, consistent with the existing single-arg path. - Guard against overwriting a user-provided --input named arg with positional text. - Add comment explaining the input key convention. * fix(cli): update help text for no-argument MCP prompts The help text previously said the prompt 'has no arguments', which is now misleading — user input is forwarded as-is. Updated to explain that free-form text is accepted and how it maps to the input key. |
||
|
|
41c405b3bf
|
feat(review): post Suggestion findings as inline comments (#6593)
Suggestion-level findings were routed to a single updatable issue comment (the "suggestion summary") while only Critical findings became inline review comments. That split traded away two things that turned out to matter more than the convergence it bought: - An issue comment has no lifecycle. GitHub folds an inline review thread away as Outdated once the author edits the line it is anchored to, so an addressed finding removes itself from the page. The summary comment just sits in the PR conversation forever; PATCHing it to "all addressed" replaces its content but not the comment. The mechanism meant to prevent clutter was the clutter. - A Markdown table cannot carry a one-click fix. GitHub renders a ```suggestion fence as an applicable change only inside a review comment on a diff line. Suggestion findings are exactly the mechanical, localized cleanups that benefit most from one-click apply, so the split withheld the feature from the findings that needed it most. Both severities now post as inline comments, distinguished by a **[Critical]** or **[Suggestion]** body prefix. The `qwen review post-suggestions` subcommand and its plumbing are removed. Follow-on changes required by the reroute: - pr-context: the "Previous suggestion summary" section is gone. Legacy summary comments are still recognised so they stay out of "Already discussed", but the exclusion is now marker-only rather than author-gated. The author check missed summaries posted by the *other* identity: /review runs as a maintainer locally and as qwen-code-ci-bot in CI, and roughly half of the last 60 PRs carry a bot-authored summary. Those leaked into "Already discussed" and told the review agents not to re-report the findings listed there. The check originally guarded promotion into a trusted rendering section; that section no longer exists, so it only gated exclusion, where a third party embedding the marker merely hides their own comment. - qwen-autofix: the workflow filters "suggestion summaries" out of the autofix bot's actionable queue, but only on the issue-comment channel. With Suggestions now inline, they entered the unfiltered inline channel and the bot would apply non-blocking recommendations and spend a review round on them. The inline channel now applies the same gate, keyed on the **[Suggestion]** prefix plus the /review footer so a human quoting the prefix stays actionable. - Step 7 gains a 422 fallback. Create Review is all-or-nothing, so one Suggestion anchored outside the diff would take the Critical findings down with it — a risk that did not exist when Suggestions travelled on a line-agnostic issue comment. GitHub's 422 does not name the offending entry, so the model rechecks anchors against the diff, relocates failing Criticals into the body, discards failing Suggestions, and degrades to an all-prose review rather than posting nothing. COMMENT reviews now always carry a one-line body: an empty body is only known to be accepted alongside inline comments on REQUEST_CHANGES, and a Suggestion- only review is the common case for a clean PR. |
||
|
|
c62b34433d
|
feat(cli): VP mode — inline thought expand on click + auto-hiding scrollbar (#6079)
* feat(cli): VP mode — inline thought expand on click + auto-hiding scrollbar Two VP-mode (ui.useTerminalBuffer) UX improvements: 1. Thinking: clicking a thought now expands it inline, in place, instead of opening a full-screen modal. The expanded thought becomes part of the conversation and scrolls with it, matching the lighter inline pattern. A thought spans the `gemini_thought` head plus its trailing `gemini_thought_content` continuations, so expansion is keyed by the head id (buildThoughtHeadIdMap) and one click expands/collapses the whole group. Alt+T still toggles all thoughts at once. The full-screen ThinkingViewer modal (and its context) is removed: it only ever opened in VP, where an inline-expanded thought is already scrollable via the viewport, so it was redundant. Drops ThinkingViewer.tsx, ThinkingViewerContext.tsx, and the now-dead thinkingFullText plumbing. 2. Scrollbar: the VP scrollbar now auto-hides — it renders as blank cells while idle (keeping width 1 so the viewport never reflows) and pops in only while scrolling, then fades out. Adds `ui.showScrollbar` (default true) to hide it entirely. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * feat(cli): advertise click in the collapsed thought hint (VP only) The collapsed thinking line only hinted "option+t to expand", so the new click-to-expand affordance was undiscoverable. Show "(click or option+t to expand)" when the click handler is actually active — i.e. VP mode (ui.useTerminalBuffer) — and keep the plain "(option+t to expand)" in non-VP, where clicking does nothing (native scrollback is preserved). Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: 秦奇 <gary.gq@alibaba-inc.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
ac2f371c44
|
feat(scheduled-tasks): add isolated run mode via create_sub_session tool (#6535)
* feat(scheduled-tasks): add isolated run mode via create_sub_session tool
Introduce a new `create_sub_session` tool (daemon-only) that spawns a
fresh top-level sub-session with its own clean context and transcript.
Wire it into the cron scheduler as an `isolated` run mode so each
scheduled fire dispatches its prompt into a fresh sub-session instead
of accumulating in one shared transcript.
- Add `create_sub_session` tool with `first-turn` and `sent` completion modes
- Add `SubSessionLauncher` in cli/serve with concurrency cap, timeout, and truncation
- Extend ACP bridge `extMethod` dispatch for child→daemon sub-session requests
- Add `runMode` field (`shared`|`isolated`) to DurableCronTask, CronJob, and API types
- Add run-mode radio picker to ScheduledTasksDialog UI
- Fix AuthMessage hardcoded placeholder to use i18n key
* fix(scheduled-tasks): dispatch isolated fires daemon-side, not via the model
An `isolated` fire was relayed through the model: the fired prompt was
wrapped with an instruction to call `create_sub_session`. That tool's
default permission is `'ask'`, so under `ApprovalMode.DEFAULT` an
unattended fire reached `client.requestPermission`, found no SSE
subscriber, and was cancelled by the daemon's 5-minute permission
timeout. The task never ran, and the cancel was booked as a successful
run — the headline use case of a scheduled task was broken.
Route isolated fires straight to the daemon instead: the cron `onFire`
handler in `Session` calls the sub-session spawner directly, with no
model relay and no tool-permission gate. The prompt was already approved
when the task was created; laundering it back through the model only
re-opened that gate. `create_sub_session` keeps `'ask'` for
model-initiated calls, and the attended "Run now" button keeps its relay
(a user is present to answer the prompt).
Also fix orphan-session cleanup in the launcher. `closeSession` was
guarded only by `.catch()`, which covers an async rejection but not a
synchronous throw; because the call sits inside the launcher's own
`catch (err)` block, a sync throw escaped and replaced the real launch
error. Guard both shapes.
Tests:
- Cover isolated routing: dispatch, in-session fallback with no spawner,
missed one-shot, dispatch failure (dropped, never run inline), and
shared mode.
- Cover the orphan close, including a `closeSession` that throws.
- Replace the sent-mode concurrency test, which only asserted the slot
was eventually released (moving the release to the drain's *start*
kept it green) with one that asserts the slot is HELD while the drain
runs, plus one that asserts it is released at `turn_complete`.
* fix(scheduled-tasks): honor the caller's AbortSignal and harden the spawn boundary
Four findings from review, all in the model-initiated `create_sub_session`
path (the scheduled `isolated` dispatch reaches none of them).
`execute()` took no parameters, so it silently dropped the parent turn's
`AbortSignal`. `Session.ts` awaits `invocation.execute(signal)` without
racing the abort itself, so cancelling a turn with a `first-turn`
sub-session in flight pinned the caller's tool loop until the daemon's
5-minute ceiling. Accept the signal and return as soon as it fires.
The sub-session is deliberately NOT cancelled and deliberately KEEPS its
concurrency slot: `sendPrompt` has no abort seam, so the sub-session runs
on. Releasing its slot on cancel — as the review suggested — would let the
caller over-admit against sub-sessions that are still consuming a bridge
session and model quota.
`handleCreateSubSession` trusted the child-supplied `callerSessionId`
verbatim, and that id keys the launcher's per-caller concurrency bucket: a
fabricated id starts a fresh bucket at zero (cap evasion) and a victim's id
burns their slots (DoS). Validate it with the connection's existing
`ownsSession` seam.
Every daemon session wires a spawner, sub-sessions included, and each gets
its own cap-sized bucket — so one prompt could fan out 5ⁿ sub-sessions until
`maxSessions` ran dry. Gate nesting at one level: the launcher remembers the
sessions it spawned and refuses to spawn from them. With `callerSessionId`
now authenticated, the gate cannot be sidestepped.
Cap the prompt at 100,000 chars (matching the scheduled-task REST route) and
the display name at 200, both at the bridge trust boundary and, for the
prompt, in the tool's own validation so the model gets an actionable error.
Not changed: `create_sub_session` stays in `PermissionManager.CORE_TOOLS`.
Membership there SUBJECTS a tool to the `coreTools` allowlist; it does not
exempt it. Removing it — as the review suggested — is what would let the
tool bypass a user's allowlist, the way `agent` and `send_message` do today.
* fix(core): do not spawn a sub-session for an already-cancelled turn
`raceCancellation(spawner({…}), signal)` evaluated the spawner as an
argument, so the spawn started before the abort was ever checked. A turn
cancelled before `execute()` ran still created a sub-session on the daemon
— and it kept a concurrency slot — while the tool reported itself
cancelled.
Take a thunk instead, so the pre-abort check happens before any daemon work
is started. Track whether the spawn actually began, and say so: "cancelled
before it started, no sub-session was created" is a different fact from
"a sub-session may already have been created and is not cancelled".
Regression test asserts the spawner is never called for a pre-aborted
signal; it fails against the eager-argument form.
* fix(serve): require callerSessionId and stop misreporting an early stream close
Two findings from review.
`awaitFirstTurn`'s `'incomplete'` stopReason was unreachable. The cleanup
`finally` calls `ac.abort()` unconditionally to tear the subscription down,
so by the time the stopReason ternary read `ac.signal.aborted` it was always
true. An event stream that closed before the turn finished (bridge teardown,
WS drop) was reported as a 5-minute wall-clock `'timeout'` — indistinguishable
from a real one. Track the timer firing in its own flag.
`callerSessionId` was validated only when present. Omitting it handed the
launcher `undefined`, which minted an `anon:<uuid>` bucket — a fresh
concurrency bucket per call, so no cap — and skipped the depth-1 nesting gate
(`info.callerSessionId !== undefined && …`). Authenticating the id closed
forgery but not omission. It is now required at the bridge boundary, and
required in `CreateSubSessionInfo`, so the launcher's anonymous fallback and
the gate's presence check are both gone. Every real caller has a session id —
the tool only ever runs inside a session's turn.
* fix(serve): surface dropped fires and drain timeouts; bound sub-sessions per workspace
Three findings from review.
A dropped `isolated` scheduled fire left no trace. `debugLogger.warn` writes
nothing unless a debug log session is active, and the scheduler persists the
fire as a run before dispatch — so a nightly task could fail forever while its
history claimed it ran. It now also writes to stderr, which the daemon forwards
from the child.
A sent-mode drain that hit its 30-minute ceiling was equally silent: the catch
saw `drainAc.signal.aborted` and skipped logging, the `finally` freed the
concurrency slot, and the sub-session — which the abort does not cancel — kept
burning a bridge session and model quota. The timer now records its own firing
(the controller cannot: `finally` aborts it on every exit path) and the timeout
is written to stderr. The drain ceiling is injectable for tests, mirroring
`firstTurnTimeoutMs`.
The per-caller concurrency cap trusts `callerSessionId`, and the bridge can only
authenticate that id as "a session on this channel". Every session of a
workspace shares one child process, so nothing at the transport can prove which
of them issued the call — and a per-session secret would be readable by the
whole process anyway. Rather than pretend otherwise, add a workspace-wide
ceiling on concurrent sub-sessions that holds no matter which bucket a launch is
charged to.
|
||
|
|
0907edb909
|
Fix long session timeline scrolling (#6526)
* fix(web-shell): hide long session timeline scrollbar * fix(web-shell): lift timeline tooltip above popovers * fix(web-shell): refine timeline tooltip behavior * fix(web-shell): keep timeline tooltip anchored * fix(web-shell): keep timeline tooltip below modals * fix(web-shell): harden timeline tooltip recentering * fix(web-shell): drop unused timeline tooltip var * fix(web-shell): keep timeline programmatic scroll guard through frame * fix(web-shell): preserve timeline tooltip on focus scroll * ci(web-shell): add smoke test script |
||
|
|
e64010c116
|
Fix workspace skills for disabled extensions and ACP preheat (#6534)
* fix(cli): keep workspace skills in sync with extensions * fix(cli): address workspace skills review feedback * test(cli): cover synthesized inactive extension skills * fix(cli): address workspace skills review issues * fix(cli): address workspace skills review followups --------- Co-authored-by: ytahdn <ytahdn@gmail.com> |
||
|
|
c9a80996d4
|
feat(cli): List persisted sessions for trusted workspaces (#6558)
* feat(cli): List persisted sessions for trusted workspaces Add trusted non-primary active persisted session discovery for plural workspace session list routes. Preserve live-only fallback behavior when no active persisted sessions exist, and keep archived or organized non-primary list options gated. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6558) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: stabilize workspace session cursors (#6558) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> Co-authored-by: 易良 <1204183885@qq.com> |
||
|
|
d8084c63bc
|
fix(serve): stop cdp-mcp-command reading process.env directly (#6562)
cdp-mcp-command.ts read process.env directly — via a `= process.env` default on resolveCdpMcpCommand and a direct read in isBrowserAutomationMcpAvailable — which trips the serve process.env guard test (process-env-guard.test.ts) and fails CI on main. Thread env through both helpers instead: they now take env explicitly, supplied by the already-allowlisted boundary callers (acp-http, run-qwen-serve, serve-features). Behavior is unchanged. |
||
|
|
6e48077532
|
fix(daemon): surface workspace memory task error details (#6431)
* fix(daemon): surface workspace memory task error details * fix(daemon): harden workspace memory error details * fix(daemon): cover workspace memory detail edge cases * fix(daemon): harden workspace memory detail extraction * fix(daemon): harden workspace memory failure diagnostics * fix(daemon): sanitize workspace memory diagnostics * fix(daemon): sanitize workspace memory debug logs * fix(daemon): preserve sanitized memory task stack logs * fix(daemon): harden memory diagnostics redaction * fix(daemon): refine memory task diagnostics * fix(daemon): preserve workspace memory stack diagnostics * fix(daemon): harden workspace memory diagnostics * fix(daemon): guard workspace memory error code extraction * fix(daemon): share workspace memory extraction logging * fix(daemon): suppress workspace memory unavailable details * fix(daemon): clarify workspace memory unavailable timeout logs * fix(daemon): preserve memory diagnostic separators * fix(daemon): harden workspace memory failure handling * fix(daemon): redact split platform tokens * fix(daemon): redact split memory error credentials * fix(daemon): harden workspace memory error diagnostics |
||
|
|
25423b1526
|
fix(cli): align memory dialog with managed memory (#6434)
* fix(cli): align memory dialog with managed memory * test(cli): stabilize memory dialog path rendering * fix(cli): make memory target switch exhaustive * fix(cli): tighten memory dialog target handling * fix(cli): handle headless managed memory dialog * test(cli): cover desktop managed memory dialog branches * fix(cli): open memory folders asynchronously * test(cli): assert managed memory folder setup * fix(cli): simplify memory folder opener * fix(cli): clarify memory folder opener behavior |
||
|
|
fbdaa52c52
|
Gate browser automation MCP on external adapter (#6472)
* feat(cli): gate browser automation adapter * fix(cli): close browser automation review gaps * test(cli): cover browser automation gates * fix(cli): close browser automation review gaps * fix(cli): close browser automation review gaps |
||
|
|
0a54652e07
|
fix(core): configurable vision bridge timeout + retry with fresh budget (#6541)
* fix(core): configurable vision bridge timeout + retry with fresh budget The vision bridge capped image transcription at a hardcoded 30s. On a slow or proxied vision endpoint one latency spike permanently lost the image: the retry inside the side query shared the same abort signal, so a second attempt inherited whatever seconds were left of the first attempt's budget. Add a visionBridgeTimeoutMs setting (per attempt; unset keeps 30s, non-positive values are ignored) and retry a timed-out attempt once at the bridge level with a freshly created timeout signal. Non-timeout failures still fail immediately, and user cancellation is still reported as skipped. Fixes #6524 Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(core): harden visionBridgeTimeoutMs against invalid timer values Maintainer E2E review found that fractional or out-of-range values such as 30000.5 and 4294967296 could pass the old number-typed config path and Config's Number.isFinite && > 0 guard. Node rejects fractional AbortSignal.timeout values with RangeError and can degrade oversized timer values to a 1ms timeout, which made image turns fail before any model request. Tighten the Config guard to positive integers within the supported 32-bit timer ceiling, make visionBridgeTimeoutMs a bounded integer setting so /config and the generated JSON schema reject bad values up front, and move AbortSignal.timeout/any creation inside the bridge try block so any future bad value becomes a safe failure result instead of an escaped rejection. Also mark the setting requiresRestart because it is read once in the Config constructor. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Fable 5 <noreply@anthropic.com> |
||
|
|
393943daaf
|
feat(cli): Add session owner index for workspace runtimes (#6540)
* feat(cli): Add session owner index for workspace runtimes Route live session ownership through a registry-backed owner index so multi-workspace sessions can resolve active sessions without scanning every bridge first. Expand trusted workspace load/resume and live read routing while keeping non-session surfaces primary-only. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): avoid partial session owner index updates Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(cli): relax bridge wiring test timeout Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): tighten workspace session owner routing Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): normalize restore workspace mismatch handling Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): record telemetry for workspace sessions alias Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): preserve workspace selector error contract Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
87cad6f1ae
|
feat(memory): make background memory agent timeouts configurable (#6459)
* feat(memory): make background memory agent timeouts configurable Adds a memory.agentTimeoutMinutes setting that overrides the hardcoded max runtime of the four background memory agents (extraction, dream, remember, skill review). Unset keeps each agent's built-in default (2-5 minutes); 0 disables the time limit entirely. Local LLM setups load large extraction prompts far slower than hosted models, so the fixed 2-minute extractor budget times out before the context even finishes loading — and each retry carries a longer conversation, making the next timeout more likely. Fixes #6308 Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * fix(memory): address review — wire agentTimeoutMinutes to skill review, clamp negatives, add tests The auto-skill scheduling path always passed an explicit timeoutMs, so the new setting never reached the skill review agent; drop the redundant pass-through so the planner's config fallback applies. Clamp negative settings values at the Config constructor (schema validation only runs on interactive edit paths). Add positive override tests for the dream, remember, and skill review planners, and reduce the settings.md diff to the single new table row. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> * test(memory): cover negative-clamp and remember default-timeout paths Review follow-up: assert the Config constructor treats a negative memory.agentTimeoutMinutes as unset, and that the remember planner keeps its built-in 5-minute default when nothing is configured. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> --------- Co-authored-by: Claude Fable 5 <noreply@anthropic.com> Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> |
||
|
|
74ebb10e8b
|
fix(cli): prefer command name match over alias match regardless of recentScore (#6504)
In compareRankedCommandMatches, recentScore was evaluated before nameVsAlias in the sort chain, causing recently-used alias matches to shadow name matches at the same matchStrength level. The fix swaps the order so nameVsAlias is checked before recentScore, ensuring that a command matched by its primary name always ranks above an alias match, with recency acting as a tie-breaker only within the same match-type bucket. Adds a regression test that gives an alias match a recentScore and verifies the name match still ranks first. Signed-off-by: Alex <alex.tech.lab@outlook.com> |
||
|
|
65c0d36be3
|
fix(session): detect and mark broken history chains instead of silently truncating (#6502)
* fix(session): bridge broken parentUuid chains instead of truncating history reconstructHistory walked parentUuid from the newest leaf and stopped at the first missing ancestor, silently dropping every earlier record. A session file with a broken chain (a partial write, or a lost middle segment) therefore lost all history before the break on resume — in both the terminal /resume and the web-shell/ACP replay, which both go through sessionService.loadSession. Add a shared hardened chain walk (buildOrderedUuidChain) that, on a missing parent, bridges onto the newest still-present earlier connected component (union-find; position-based). It treats /rewind gap children as a barrier and matches the tail's sidechain-ness, so it never resurrects abandoned rewind branches or crosses the main/subagent boundary. sessionService and background-agent-resume now share it. loadSession returns historyGaps metadata; the terminal /resume and ACP replay render a localized (i18n) visible divider so the recovered halves are not read as contiguous. The bridged child's parentUuid is rewritten (on the aggregated copy) to the bridged record so rebuildTurnBoundaries/rewind re-root correctly. Read-side only; write-side durability is a separate follow-up. 🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code) * qwen: fix CI failure on PR #6502 * fix(session): use non-recovered copy for history gaps with no bridged island When a missing-parent gap has no earlier island to bridge onto (bridgedToUuid is null), the divider is the first visible item — the previous copy still said "recovered earlier history is shown above" with nothing above it. Emit a distinct notice for the null-bridge case (both terminal /resume and ACP replay go through formatHistoryGapNotice). 🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code) * fix(i18n): add zh-TW translation for the non-recovered history-gap notice zh-TW is a strict-parity locale, so the new null-bridge notice key must be translated there too (pre-empts a CI strict-parity failure). 🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code) * fix(session): address history-gap review nits (accuracy, lazy maps, docs, tests) - conversation-chain: gap duration now uses the target island's last-occurrence timestamp; a uuid can span several streamed records, and the first occurrence overstated the gap. - conversation-chain: build posByUuid/lastByUuid lazily on the first gap (healthy sessions skip them); early-return for a caller-supplied leafUuid not backed by any record. - resumeHistoryUtils: reorder createHistoryGapItem so the convertToHistoryItems JSDoc documents its own function again. - HistoryReplayer: add tests covering the gap-notice replay path (notice emitted before the gap child; none when there are no gaps). 🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code) * fix(acp): thread historyGaps through the qwen/session/loadUpdates replay path collectHistoryReplayUpdates now accepts gaps from both callers; the loadUpdates ACP surface passed only records, so a bridged (recovered) history was rendered contiguous there with no gap divider. Adds a loadUpdates test asserting the gaps reach the replayer. 🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code) * fix(session): detect-and-mark broken history chains instead of stitching Read-side, a record whose parentUuid is physically missing is indistinguishable from a lost /rewind marker — where the "earlier" turns are ones the user deliberately discarded. Speculatively stitching the nearest earlier island back on (the previous approach) could therefore resurrect deleted content (wenshao's [Critical]). This mirrors claude-code, which never guesses: it only reconnects across a gap when durable metadata (snip removedUuids, compact re-root) proves it safe, and otherwise truncates. Replace the connected-component bridging with detect-only: on a missing parent the walk stops (as it always did) and records a HistoryGap, so the terminal /resume and ACP replay surfaces show a visible "earlier history was lost and could not be recovered" marker instead of silently truncating. No earlier records are reconstructed. Renames the option bridgeGaps -> detectGaps, drops the bridgedToUuid/approxLostMs fields and the now-unused "recovered above" i18n copy, and adds a regression test where the rewind marker is missing and the discarded branch must not be restored. True recovery (keeping the earlier island) requires durable write-side metadata and is left as a follow-up. * refactor(session): correct stale gap comments and dedup gap indexing The detect-only rewrite (13c613c9) left doc comments that still described the removed stitching path — claiming the earlier history was "bridged" or "stitched back on". Reword them to match the actual behavior: the break is detected and marked, the lost segment is not recovered. Also extract the duplicated gap-by-child map construction (identical in both HistoryReplayer.replay and resumeHistoryUtils.convertToHistoryItems) into a shared indexGapsByChild helper alongside formatHistoryGapNotice — the one still-applicable item from the review suggestion summary. Comments + one small refactor only; no behavior change. * fix(session): reset pending @-command state at a history-gap divider Belt-and-braces for the resume renderer: when convertToHistoryItems emits a history-gap divider it already flushes the pending tool group; also clear pendingAtCommands so an unconsumed pre-gap at_command can never be shift()- paired with the post-gap user turn (which would attach @file reads to a turn the user never wrote them on). In the current detect-only design reconstructHistory truncates to the tail island — the gap child is always the first replayed record, so the buffer is already empty at the divider and this cannot trigger. The reset keeps the invariant if that ever changes. Adds a regression test at the convertToHistoryItems boundary. * fix(session): don't detect history gaps on the background-agent resume path Addresses wenshao's review: this non-interactive transcript recovery has no surface to render a gap marker on (unlike interactive /resume via sessionService and the ACP replay via HistoryReplayer), so passing detectGaps: true only to emit a debugLogger.warn and then drop the gaps was an inconsistent half-measure ("half-detection is worse than no detection"). Turn detection off here — the walk truncates at a broken parent link either way, matching this path's historical behavior. Gap surfacing stays exactly on the two paths that have a UI for it. --------- Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> |
||
|
|
b330ec884f
|
chore(release): v0.19.8 (#6549)
* chore(release): v0.19.8 * docs(changelog): sync for v0.19.8 --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
5f41b166e6
|
fix(cli): unblock /clear after task cancellation and surface the blocked reason (#5949) (#6499)
/new (alias of /clear) silently did nothing when typed right after cancelling a request, for two stacked reasons: - hasBlockingBackgroundWork() gated on the registry's hasUnfinalizedTasks(), which counts cancelled-but-not-yet-finalized entries. That clause exists for the headless holdback loop (every task_started must pair with a task_notification), but /clear and session resume abort-and-reset the registry right after the gate — suppressing that very notification — so blocking on it only made the switch fail in the window between cancel and finalizeCancelled(). The gate now keys off a new BackgroundTaskRegistry.hasRunningTasks(), which counts only entries still actually executing; the headless holdback keeps using hasUnfinalizedTasks() unchanged. - When genuinely blocked, interactive mode showed only a transient debug line while non-interactive returned a proper error. Interactive now returns the same visible error message, so a blocked /clear no longer looks like a no-op. Co-authored-by: Claude Fable 5 <noreply@anthropic.com> |
||
|
|
e935141f8e
|
fix(cli): fixed-width elapsed time below one minute to stop status-line jitter (#6533)
* fix(cli): fixed-width elapsed time below one minute to stop status-line jitter
The loading indicator ticks at 0.5s resolution, so the time string
alternated between forms like "1s" and "1.5s" every tick. The changing
width shifted everything after it on the status line twice a second,
making it distracting and hard to read. Render one fixed decimal below
the minute mark ("1.0s", "1.5s"); the >=1m path is unchanged.
Fixes #6402
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
* test(cli): cover the 0s timer-start frame in the fixed-width time test
Review follow-up: useTimer initializes and resets at exactly 0, so
assert the "(0.0s · esc to cancel)" frame too.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
|
||
|
|
1f92787aa0
|
feat(channels): add dmPolicy config to disable private/DM messages (#6521)
* feat(channels): add dmPolicy config to disable private/DM messages Add DmGate class mirroring GroupGate to gate DM/private messages in channel adapters. Operators can now set dmPolicy: 'disabled' in their channel config to silently drop all DM messages while keeping group messages active. Closes #6392 * fix(channels): address review feedback for dmPolicy - Add dmPolicy: 'open' to all test config factories (8 files) to maintain type correctness with required ChannelConfig field - Add integration tests in ChannelBase.test.ts: - preflightInbound: DM dropped + group passes when dmPolicy=disabled - isStoredLoopTargetAuthorized: DM loop job disabled + group passes - Add dmPolicy assertions in config-utils.test.ts (default + explicit) - Keep dmPolicy as required field (not optional) for strict parity with groupPolicy |
||
|
|
151d269413
|
feat: extension file reload — watch for plugin changes and hot-reload runtime (#6347)
* feat: extension file reload — watch for plugin changes and hot-reload runtime - Extract refreshExtensionRuntime to centralize MCP, skills, subagents, hooks, and memory refresh - Add ExtensionFileWatcher (chokidar) for auto-detecting extension file changes - Add ExtensionRefreshState with per-session scoped instance and mutation suppression - Replace monkey-patching with ExtensionManager native mutation listeners - Add /reload-plugins slash command with i18n-aware summary across all 9 locales - Add auto-refresh of extension content (commands/skills/agents) on file change - Add HookRegistry.reloadConfiguredHooks() with correct error recovery - Fix async mutation pairing via id-based Map instead of LIFO stack - Fix bootstrap watcher close() UB with queueMicrotask deferral - Fix concurrent refresh with runningRef/pendingRef guard - Fix error propagation from refreshExtensionContentRuntime to UI - Fix isIgnored cross-platform path splitting (path.sep → regex) - Fix wrong ExtensionMutationEvent type via import from core - Fix addItem on unmounted component with mountedRef guard - Set followSymlinks: false on chokidar watchers * fix: address extension reload review feedback * docs: expand extension file reload design * fix: harden extension reload watcher state * fix(core): tag extension refresh legs * fix(cli): harden extension reload state handling * fix(cli): clarify extension reload failure state * fix(cli): tighten extension reload boundaries * chore: resolve main conflicts for extension reload * chore: drop unrelated merge formatting changes * fix(core): harden extension refresh edge cases --------- Co-authored-by: 俊良 <zzj542558@alibaba-inc.com> Co-authored-by: 易良 <1204183885@qq.com> Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
271664b34b
|
feat(cli): auto-retry next port when serve port is in use (#6513)
* feat(cli): auto-retry next port when serve port is in use
When `qwen serve` or `npm run dev:daemon` encounters EADDRINUSE on the
default port (4170), automatically try the next available port (up to 10
attempts) instead of failing immediately. This allows running multiple
daemon instances side-by-side without manual port management.
- run-qwen-serve.ts: replace single listen() with recursive tryListen()
that retries on EADDRINUSE; --port 0 (ephemeral) skips retry
- daemon-dev.js: pre-scan for an available port via net probe before
spawning the daemon child, ensuring health-poll and web-shell target
the correct URL
- Tests: retry-then-succeed, non-EADDRINUSE immediate-fail, and existing
all-ports-exhausted test all pass (138 tests)
* test(cli): fix EADDRINUSE mock to create fresh server per listen attempt
The existing test reused a single fakeServer across all retry attempts,
accumulating 10+ once('listening') listeners and triggering a
MaxListenersExceededWarning. Create a new server per call to match
production behavior where each tryListen creates a fresh server.
* fix: address review feedback on port retry
- daemon-dev.js: strip IPv6 brackets before probe (ENOTFOUND fix),
add port range/NaN validation
- run-qwen-serve.ts: remove duplicate runtime error listener
(onListening already installs one via removeAllListeners + on)
- tests: add exhaustion (all 10 ports), port 0 EADDRINUSE no-retry,
and stderr retry message assertion (140 tests pass)
* fix: update stale comment referencing removed server.once('error', reject)
* fix: address R2 review — port cap, TLS reuse, exhaustion summary
- daemon-dev.js: cap probe at port 65535, skip probe when user
specifies --port, add --compacted-replay-max-bytes to whitelist
- run-qwen-serve.ts: move https.createServer before tryListen (avoid
recreating TLS context per retry), cap retry at 65535, log summary
"all ports X–Y are in use" on exhaustion
- tests: verify exhaustion summary stderr message
* fix: clear stale listening listeners on httpsServer before retry
|
||
|
|
43e6a9300a
|
feat(cli): Enable multi-workspace session routing (#6511)
* feat(cli): Enable multi-workspace session routing Implement the Phase 2a sessions closed loop for qwen serve multi-workspace mode. Multiple explicit workspaces now create registered runtimes while legacy workspace surfaces remain primary-only, and live session routes dispatch by owning runtime. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address phase2a session review feedback Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): cover remaining phase2a review gaps Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address phase2a session review feedback Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): satisfy phase2a lint checks Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): align multi-workspace status test limits Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address phase2a session review feedback Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6511) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
a07fdc6042
|
fix(memory): allow forget to remove user managed memory (#6432)
* fix(memory): allow forget to remove user managed memory * fix(memory): harden forget index rebuilds * test(cli): stabilize session archive race assertion * test(memory): cover deny precedence with ask bypass |
||
|
|
e28a6371df
|
fix(cli): allow approval-mode changes without bearer token (#6527)
POST /session/:id/approval-mode was gated with `mutate({ strict: true })`,
requiring a bearer token even though similar session-scoped routes like
POST /session/:id/model and POST /session/:id/language use `mutate()`
(non-strict). This prevented the Web Shell from setting YOLO approval
mode on daemons without a configured token, showing a confusing toast
error on every new YOLO session.
Relax the approval-mode route to `mutate()` to match the model route,
consistent with the session create/load/resume lifecycle paths that are
also non-strict.
|
||
|
|
51f0364d63
|
fix(cli): keep status line on session model (#6514)
* fix(cli): keep status line on session model Resolve status line model display drift after fast-model background subagents. Refs #6512 * test(cli): cover preset status model fallback |
||
|
|
880b06ed4d
|
fix(cli): clean up IDE client after deferred timeout (#6509)
Deferred IDE startup could report a timeout while the underlying connection promise later completed, leaving internal IDE state inconsistent with the visible startup failure state. - Disconnect the IDE client when deferred startup connection times out - Repeat cleanup if the original connection later succeeds after timeout - Keep late rejection handling to avoid unhandled promise rejections - Cover timeout cleanup, late success, and quick rejection cases Co-authored-by: heyang.why <heyang.why@alibaba-inc.com> |
||
|
|
5b43edcaf6
|
fix(cli): bound the live streaming-table pending height (fix scroll-to-top lock, stall-then-dump, header flash) (#6421)
* fix(cli): charge a streaming table's wrapped height so it doesn't jump The rendered-height estimator charged a table `2 * dataRows + 5`, assuming one line per data row. When cells wrap (a wide table — many columns, long content — on a bounded content width), each row renders taller, so the live frame briefly exceeds the viewport and ink repaints from the top (a jump to the top; #6170's clip/commit recover it, so it does not lock, but the jump is visible). Charge each row (header + data) by its wrapped height instead: approximate the column width as an equal share of the content area (TableRenderer shrinks columns proportionally to fit; an equal share never gives a wide cell more room than TableRenderer would, so it is a safe upper bound) and sum the tallest wrapped cell per row plus the inter-row separators and chrome. For a table that fits, every row is one line and the formula reduces exactly to the previous `2 * dataRows + 5`. Only the height estimate changes (shared by the render-side clip and the incremental scrollback commit); no rendering behaviour changes. 28 estimator tests pass; MarkdownDisplay clip tests unaffected. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): charge a wide-terminal table's vertical fallback height The pending-height estimator mirrored only TableRenderer's WIDTH-based vertical-fallback trigger, not the maxRowLines one. On a wide terminal a multi-column table whose cells wrap past MAX_ROW_LINES is laid out vertically (label: value — much taller), but the estimator charged the shorter horizontal height, so the live frame overflowed and Ink fell into its from-top full-redraw path (the scroll-to-top lock). Model both triggers: compute the tallest wrapped cell (maxRowLines) in the same pass as the horizontal height, and when it exceeds MAX_ROW_LINES charge the vertical height instead. The vertical estimate now also wraps each label:value at contentWidth so a long value that wraps is not under-counted. maxRowLines uses an equal column share (never wider than TableRenderer's column), so it is an upper bound and a real vertical table is never missed. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): cap the live pending region at the viewport height (non-VP) The estimator's source-line slice is the primary bound on the live (non-<Static>) pending frame, but it is disabled whenever availableTerminalHeight is undefined — which is exactly what happens when constrainHeight is off (ctrl-s "show more lines"). A tall pending item, e.g. a long vertical-fallback table, then renders past the viewport; Ink cannot update incrementally, clears the terminal and redraws from the top on every repaint — the scroll-to-top lock. Wrap the non-VP pending region in an Ink maxHeight={availableTerminalHeight} overflow="hidden" box as a hard backstop. availableTerminalHeight already excludes the footer/controls, so the live frame can never exceed the viewport and Ink never trips clearTerminal. While constrained the estimator keeps content well under this, so the clamp is inert and only engages on residual overflow. ShowMoreLines stays outside the clamp (it renders only while constrained, so the clamp is inert then, and must not be clipped). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): anchor the estimator's vertical trigger to the first row Mirror TableRenderer's change to decide the horizontal-vs-vertical format from the header + first data row only (not every row), so the estimator and the renderer still agree on which format a streaming table uses. Row heights above continue to sum every row; only the maxRowLines trigger is anchored. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): commit a completed table that alone fills the pending budget The rendered-height-aware incremental commit stalled when a single block (a long-text table modelled tall / vertical) charged more than the commit budget on its own. fitPendingSlice returns kept = the block's trailing blank line, so the safe split boundary sits exactly at keptLines, but the boundary search started at keptLines - 1 and missed it. The table has no internal blank line and the blank before it was already committed, so the search found nothing and broke the loop. Every later block then appended past keptLines, so the search window never again contained a blank line — nothing committed until the stream finalized and dumped all remaining tables at once (the "stream a few tables, pause, then dump the rest" bug). Start the boundary search at keptLines so a completed over-tall block's trailing blank is found and the block commits to <Static>. Committing an over-tall completed block is fine — only the live pending frame must stay within the viewport. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): don't flash the header while its separator streams in The forming-table hold-back released the header the moment its separator line ended with `|` at a column count different from the header — meant to let a genuinely mismatched separator render as plain text. But a separator is typed one group at a time and momentarily ends with `|` at every intermediate count (`| --- | --- |` on the way to seven columns), so the header flashed as raw `| … |` text on every closed-group frame while the separator streamed in — a visible strobe for wide (7-column) tables. A streaming separator only ever gains columns, so treat a mismatch as final only when it can no longer become valid: it overshot the header's column count, or a further line has already committed it (it is not the trailing line). Also hold the header while the separator is still a bare-pipe prefix (`|`, `| `) before its first dash. The only remaining flash is the unavoidable one-cell header window (`| Foo |`), indistinguishable from a single-pipe line. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * test: add a terminal-capture ratchet for the streaming-table scroll-to-top lock Drives ten wide 7-column tables with ~200-char wrapping cells through the real TUI via a chunked fake OpenAI server and counts the full-screen clears (`\x1b[2J\x1b[3J\x1b[H`) the app emits while they stream. Each such clear resets the terminal scroll position, so it is exactly the "jump to top" a user hits when scrolling up mid-stream. With the pending-height estimator fix the count is 0; without it the under-charged frame overflows and the count is ~300. Ratchet fails if it exceeds 20. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): tighten the streaming-table vertical height estimate (review) Two accuracy fixes to fitPendingSlice from PR review, both reducing residual under-charge of the vertical fallback: - Charge each vertical data cell as its rendered `label: value` line (parsing the header labels once), not the value alone — TableRenderer's renderVerticalFormat prefixes the header label, so a long label pushed the wrapped line count higher than the estimator accounted for. - Only model the vertical layout once a data row exists (`dataRows > 0`). With just a header + separator, TableRenderer keeps the horizontal header box, so the estimator no longer charges the shorter 2-row vertical stub for that transient state on a narrow terminal. Adds a test where the `label: value` line itself wraps (covering the wrapped, label-inclusive formula) and a zero-data-row narrow-terminal test. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): correct the clamp margin and share MAX_ROW_LINES (review round 2) - Charge tableClampRows + 2 when the clamp engages: TableRenderer wraps the height-clamped <Text> in <Box marginY={1}>, so a clamped table renders two margin rows beyond maxHeight that the estimator was dropping. - Make TABLE_MAX_ROW_LINES the single source of truth (pending-rendered-height) and import it into TableRenderer as MAX_ROW_LINES, so the renderer and the estimator can never disagree on the wrap-to-vertical threshold. Direction is util→renderer so the pure height module stays free of the React/ink graph. - Correct the perColWidth comment: an equal column share is exact for uniform columns but can under-count a heterogeneous table (the renderer shrinks a narrow column below the share); the MainContent maxHeight backstop is the hard cap for that residual case. - Add a horizontal-layout test whose cells wrap within MAX_ROW_LINES, covering the per-row wrapped contentRows sum (not just the old flat 2*dataRows). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(cli): estimator cleanups and stronger tests (review round 3) - Charge the clamped-table margin: covered by a new test asserting a clamped table costs tableClampRows + 2 (the marginY the earlier fix added). - Strengthen the "no stall-then-dump" regression: require all three tables to have committed (>= 3 items, each table marker present), so a partial stall no longer passes. - Reuse headerCells instead of re-parsing the header row inside the loop, drop the redundant .trim() (splitMarkdownTableRow already trims), and start the data-row loop at i + 2. - Refresh the stale TABLE_CHROME_ROWS JSDoc (no longer 2*dataRows+5) and document the estimator's known under-charge gaps (proportional column widths, word-aware wrapping, the renderer's post-layout width fallback) that the MainContent maxHeight backstop is the hard cap for. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> |
||
|
|
1420566620
|
feat(serve): Bound replay snapshot history (#6482)
* feat(serve): Bound replay snapshot history Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6482) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review suggestions (#6482) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * test(acp-bridge): fix replay truncation assertion access Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(serve): keep replay cap validation out of fast path runtime Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(acp-bridge): reset replay window on bulk seed Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6482) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: fix CI failure on PR #6482 Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(sdk): expose bounded replay status types Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> Co-authored-by: Shaojin Wen <shaojin.wensj@alibaba-inc.com> |
||
|
|
49aa4c8ab5
|
fix(cli): show file path in compact tool summary for single collapsible tools (#6448)
* fix(cli): show file path in compact tool summary for single collapsible tools
buildToolSummary() previously discarded the description field from
collapsible tools (ReadFile, Grep, Glob, ListFiles), showing only
generic counts like 'Read 1 file'. Now shows the actual file path or
search pattern for single tools, while preserving count format for
batches of multiple tools of the same type. Falls back to count format
when description is unavailable.
Signed-off-by: Alex <alex.tech.lab@outlook.com>
* fix(cli): sanitize description in buildToolSummary for error args and ANSI
When a tool call errors, useReactToolScheduler sets description to
JSON.stringify(args) which produces '{...}' blobs. Strip ANSI escape
sequences and reject JSON-looking descriptions so the summary falls
back to the count format instead of rendering raw JSON.
Signed-off-by: Alex <alex.tech.lab@outlook.com>
* fix(cli): broaden ANSI stripping and replace newlines with spaces in summary
Strip all common ANSI escape sequences (OSC, charset, CSI, single-byte
ESC) instead of just CSI. Replace all C0 control characters including
newlines with spaces so embedded \n in shell descriptions does not
break the single-line compact summary layout.
Signed-off-by: Alex <alex.tech.lab@outlook.com>
* test(cli): update ToolGroupMessage expectations for description-based summary
The buildToolSummary change from 'Read 1 file' to 'Read a.ts' broke
4 assertions in ToolGroupMessage.test.tsx. Update all 5 occurrences
to use the new description-based format.
Signed-off-by: Alex <alex.tech.lab@outlook.com>
---------
Signed-off-by: Alex <alex.tech.lab@outlook.com>
|
||
|
|
58e51eb96c
|
fix(channel): Relay ACP permission requests (#6446)
* fix(channel): Relay ACP permission requests * fix(channel): harden permission relay cleanup * fix(channel): scope ACP permission approvals * fix(channel): harden permission cancellation diagnostics * test(channel): cover permission lookup edge cases * fix(channel): close permission relay stale requests * fix(channel): tighten approve-always option matching * test(channel): cover permission relay cleanup gaps * fix(channel): deliver threaded permission prompts --------- Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
79bc668b71
|
feat(cli): Show permission mode badge in footer for DEFAULT mode (#6498)
Always display the current permission/approval mode in the footer,
including when in the default (Ask permissions) mode. Previously,
non-default modes showed indicators but the default mode showed nothing,
creating ambiguity for users switching between modes.
- Add grey ⏸ badge with 'Ask permissions' text for DEFAULT mode
- Update both main Footer and AgentFooter to render DEFAULT indicator
- Use theme.text.secondary for subtle, unobtrusive styling
- Badge is i18n-aware using existing t('Ask permissions') key
- Other mode indicators remain unchanged
Closes #6496
|
||
|
|
29cefd7fb1
|
fix(web-shell): count daemon sessions in Daemon Status usage dashboard (#6493)
* fix(web-shell): count daemon sessions in Daemon Status usage dashboard
The Web Shell usage dashboard read usage_record.jsonl exclusively, but only
the TUI /clear path ever writes that file — so daemon / Web Shell sessions and
any un-cleared session (whose usage lives only in the per-session transcripts)
were never counted. Real-world "today" totals could undercount ~20x.
Add core loadUsageHistoryWithLive(): the durable persisted history unioned with
a bounded replay of recent transcripts, deduped by sessionId (persisted wins,
as the authoritative final snapshot). rebuildFromSessionJsonl gains an mtime
window and a skip-set (read from each transcript's first line) so the merge is
incremental and cheap. The daemon /usage/dashboard route and loadUsageDashboard
now use it.
The trailing window (35d) keeps the summary + daily charts exact while bounding
load latency (~1.7s vs ~13s for a full-year replay on a heavy history); older
heatmap cells fall back to persisted data. With no persisted base (fresh
machine / pure Web Shell user) it replays the full history, so the heatmap is
never silently truncated. Read-only: serving the dashboard never writes ~/.qwen.
* fix(web-shell): address review — skip transcripts by filename, add coverage
Skip already-persisted transcripts by their filename (`{sessionId}.jsonl`,
guaranteed by chatRecordingService) instead of opening each file to read the
sessionId from its first line — zero I/O per skipped session on a cache miss.
Add tests: the loadUsageDashboard wiring counts a transcript-only (daemon)
session, the rebuilt-empty (all-persisted) common case, and a corrupt
usage_record.jsonl falling back to a full transcript replay.
|
||
|
|
560e6103a9
|
feat(cli): review auto-generated skills with an inline preview, editor handoff, and an in-dialog off switch (#6393)
* feat(cli): skill review dialog — inline preview, open-in-editor, turn-off option The auto-skill review dialog now shows the staged SKILL.md inline (sanitized, bounded reads, wrap-aware height cap), opens it in the configured editor without advancing (with watcher-based preview refresh so non-blocking GUI editors work), and offers a visible last option to turn the feature off — effective immediately in-session, persisted at workspace scope, non-destructive to the pending batch. Bulk options render only while at least two skills remain. Re-enabling auto-skill from /memory can resurface a batch put aside by turn-off. * test(integration): render harness + capture scenarios for the skill review dialog Browser-free harness that renders the production dialog from source via an ESM loader hook; its before mode renders the globally installed qwen (no local fixture — the baseline is what actually shipped, or a loud failure). Terminal-capture scenarios produce the PR's before/after screenshots. * fix(cli): address review findings on the skill review dialog - Sanitize the model-generated name and description in the dialog header, same as the preview body — an escape sequence in the frontmatter must not reach the terminal through the header fields. - Clamp the preview width to the dialog container cap (min(columns-4, 100), the same clamp DiffDialog uses) instead of the raw terminal width, which broke the wrapped-row accounting on terminals wider than ~106 columns. - Catch settings persistence failures in the turn-off option: surface the error in the dialog and leave the feature untouched instead of letting the throw escape the keypress handler. - Extract the auto-open gate into shouldAutoOpenSkillReview and cover it with a truth table (turn-off, /memory overlap, re-enable, Esc-dismiss). - Cover the MemoryDialog auto-skill ON->OFF toggle direction. - Release the capture harness temp dir with try/finally. * fix(cli): guard the preview watcher against async errors and event bursts An FSWatcher 'error' event after attach had no listener, so Node raised it as an uncaught exception and the global handler exited the CLI. Consume it and drop the watcher; the blocking-editor reload still works. Also debounce the watch callback (300ms, same as SettingsWatcher): a single editor save fires several raw events, and each one re-read the file and re-attached the watcher. * test(cli): drop white-box watcher tests, keep the end-to-end refresh test The prototype-spy scaffolding tested implementation details (listener registration, synthetic event bursts) and leaned on vite-node interop quirks. The existing on-disk refresh test already exercises the watcher path, debounce included. * fix(cli): sanitize action errors, log preview read failures, cover key guards - Render actionError through sanitizeMultilineForDisplay: error messages can embed the staged path, whose basename derives from the model-generated skill name. - Log the underlying cause when the preview read fails; all failures render the same 'Preview unavailable' otherwise. - Cover Ctrl+O/Cmd+O inertness and Esc dismissal with tests. - Document that getAutoSkillEnabled() also gates on bare/safe mode. --------- Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
27f8f2c95d
|
feat(cli): Add serve env isolation and total admission (#6416)
* feat(cli): add serve env isolation and total admission Add runtime-local serve env snapshots, explicit env injection for low-cost workspace-scoped consumers, and sourceEnv support for ACP child spawn. Add a daemon-wide maxTotalSessions admission reservation hook for fresh session creation while keeping multi-workspace sessions gated. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6416) Reject fractional maxTotalSessions values so the daemon-wide session cap remains an integer count and matches the documented limit semantics. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address PR review feedback (#6416) Always pass the runtime env to A2UI stdio transports, keep daemon runtime env metadata coherent after env reload fallback, and tighten total-admission coverage. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address total admission review feedback (#6416) Add retryable ACP error data for total session limits, log total-admission REST rejections, and keep session-limit response scopes explicit. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address env review feedback (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): restore scheduled task serve deps (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): isolate runtime env reload base (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: address PR review feedback (#6416) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * codex: fix CI failure on PR #6416 Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address daemon admission review feedback Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): address runtime env review feedback Scrub daemon bearer tokens from A2UI stdio MCP environments and prune reload-owned keys from the daemon runtime base before rebuilding runtime env snapshots. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): preserve daemon env base on reload Keep runtime env rebuilds anchored to the boot-time daemon base snapshot, preventing reload-owned key pruning from dropping valid shell-exported values. Also carry env file read failure details into runtime metadata and daemon logs. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): satisfy env metadata lint rules Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> |
||
|
|
86ae16a6d6
|
chore(release): v0.19.7 (#6484)
* chore(release): v0.19.7 * docs(changelog): sync for v0.19.7 --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|
|
65c82bed66
|
feat(web-shell): unify scheduled task sessions — bind chat-created tasks + clock icon (#6453)
* fix(web-shell): rename scheduled tasks "查看历史" to "查看对话" * feat(serve): bind cron_create durable tasks to dedicated sessions via keepalive The cron_create tool (core layer) writes durable tasks to disk without a sessionId because it has no access to the session bridge. The keepalive loop runs in the daemon process where the bridge IS available, so it retroactively binds unbound tasks to dedicated sessions — the same flow POST /scheduled-tasks uses for UI-created tasks. Each unbound task gets: spawnOrAttach(sessionScope:'thread'), named ⏰ prompt, sessionId written back to disk. This makes chat-created tasks show "查看对话" with a clock icon in the session list, matching the UI's "新建定时任务". * feat(serve): watch tasks file for immediate binding of new cron_create tasks The keepalive interval is 2-5 minutes, so a chat-created task could wait that long before being bound to a dedicated session — showing no "查看对话" link until the next tick. Adding a file watcher (same directory-watch + debounce pattern the scheduler uses) triggers an immediate tick when cron_create writes to disk, so the task is bound within ~500ms. * feat(serve): bind cron_create tasks to current session + ⏰ rename via keepalive Switch from creating a separate dedicated session to binding the task to the current chat session (so the first message is already in the transcript). The keepalive then renames that session to ⏰ prompt — the core layer can't rename sessions (no bridge access), but the daemon process can. A Set tracks renamed sessions to avoid repeated updateMetadata calls. Unbound tasks (legacy/CLI) still get new sessions via the existing bind path. * fix(core): keep createDurable() tasks unbound by default Reverts the auto-binding of durable tasks to the current session in createDurable(). Binding to a specific session means only that session can fire the task (#shouldFireDurable), but non-daemon paths (TUI, ACP, headless) have no keepalive to rehydrate the session after exit — making tool-created durable tasks go dormant. The daemon keepalive (bindAndNameSessions) already handles binding unbound tasks to dedicated sessions with ⏰ naming, so daemon-mode tasks get the same UX without the regression. * fix(serve): roll back orphan sessions in keepalive binding + add tests When bindAndNameSessions spawns a dedicated session for an unbound task but the subsequent updateCronTasks write fails (or the task was deleted between read and write), the spawned session was left behind with no owning task — the next tick would see the task still unbound (or spawn more orphans). Add rollback: closeSession + removeSession on failure, matching the POST /scheduled-tasks rollback pattern. Also add positive test coverage for the new binding paths: - unbound task → spawn + name + write sessionId to disk - bound task without ⏰ prefix → named exactly once (renamed Set dedup) - task vanishes before write → spawned session is rolled back * fix(serve): add timeout to spawnOrAttach in keepalive binding + test hardening BZ-D: spawnOrAttach in bindAndNameSessions had no timeout boundary — a hung spawn would keep running=true and stall all subsequent ticks, stopping heartbeats/revives for every scheduled-task session. Wrap with withTimeout (configurable via spawnTimeoutMs, default 30s) and attach a background handler to clean up late-resolved orphans. Also generalized withTimeout error messages to include the operation name, and made spawn timeout configurable for tests. Test improvements (GPT-5 review suggestions): - Assert spawnOrAttach payload (workspaceCwd + sessionScope: thread) - Verify SessionService.removeSession called during rollback - Regression test: createDurable stays unbound after enableDurable - Hung-spawn test: tick completes despite non-abortable spawn hang * fix(serve): keepalive hardening + i18n sync (review suggestions) - i18n: sync English 'View history' → 'View conversation' to match Chinese '查看对话' - Prune renamed Set alongside reviveState when tasks are removed - fs.watch: clarify null filename handling for Linux (treat as match) - updateCronTasks: skip .map() when task not found (no-op optimization) - Add tests: disabled unbound exclusion, naming failure resilience |
||
|
|
3d1122d284
|
perf(cli): defer startup prefetch tasks (#6303)
Some checks failed
E2E Tests / E2E Test (Linux) - sandbox:docker (push) Waiting to run
E2E Tests / E2E Test (Linux) - sandbox:none (push) Waiting to run
E2E Tests / E2E Test - macOS (push) Waiting to run
SDK Python / Classify PR (push) Has been cancelled
SDK Python / SDK Python (3.10) (push) Has been cancelled
SDK Python / SDK Python (3.11) (push) Has been cancelled
SDK Python / SDK Python (3.12) (push) Has been cancelled
* perf(cli): defer startup prefetch tasks * fix(cli): await IDE for prompt-interactive startup * perf(cli): defer interactive telemetry startup * test(cli): add missing assertions and Zed/ACP path coverage for startup prefetch Address three test coverage gaps identified during code review: - Assert mockStartEarlyStartupPrefetches in both kitty protocol tests (C1: API preconnect call was wired but never verified) - Add Zed/ACP integration test verifying deferIdeConnection is false when getExperimentalZedIntegration returns true (C2: Zed path was entirely untested) - Assert mockStartBackgroundHousekeeping in startup-prefetch test (C3: unconditional housekeeping dispatch was never verified) * docs: move startup prefetch design doc to performance subdirectory * docs: translate startup prefetch design doc to English * fix(cli): address startup prefetch review comments Tighten the startup prefetch follow-up fixes from review while keeping prompt-interactive telemetry on the fast interactive startup path. - Preserve Error objects when deferred startup tasks fail - Remove the unbalanced api_preconnect profiler lifecycle event - Guard background housekeeping so it only runs for interactive configs - Document and test prompt-interactive telemetry deferral semantics * fix(cli): initialize telemetry for prompt-interactive prompts Ensure sessions launched with an initial interactive prompt have telemetry ready before the auto-submitted first request runs. - Exclude prompt-interactive startup from telemetry deferral - Pass a post-render telemetry option through interactive UI startup - Skip duplicate post-render telemetry startup for initial prompts - Update tests to cover the first-prompt telemetry guarantee Note: Plain interactive TUI startup still defers telemetry post-render. * fix(cli): preserve startup first-request guarantees Keep deferred startup work from weakening first-request behavior in interactive sessions that submit prompts automatically or remotely. - Store telemetry deferral on Config and reuse that decision at render time - Keep IDE startup awaited for prompt-interactive and input-file sessions - Add a timeout for deferred IDE connection failures - Cover ordinary interactive telemetry deferral and IDE startup edge cases * fix(cli): make post-render IDE connection opt-in Default startInteractiveUI to the already-connected IDE path so future callers do not accidentally connect twice when initializeApp used its eager default. - Change the post-render IDE connection default to false - Update startInteractiveUI tests to assert the safer default * perf(cli): surface deferred IDE connection status Make ordinary interactive IDE startup visible while preserving the post-render prefetch path and first-paint performance tradeoff. - Emit deferred IDE connection lifecycle events for connecting, success, and failure states - Surface IDE startup status in the TUI footer without blocking input - Log late underlying IDE failures after timeout for better diagnostics - Document telemetry deferral tradeoffs and add startup lifecycle tests --------- Co-authored-by: heyang.why <heyang.why@alibaba-inc.com> |
||
|
|
e3d7d10d1d
|
[codex] add natural channel memory intents (#6376)
* feat(channels): add natural channel memory intents * fix(channels): add explicit guard and exhaustiveness check for clear_confirm intent The clear_confirm path was handled as implicit fall-through at the bottom of handleChannelMemoryIntent. If a new intent kind were added to the ChannelMemoryIntent union, it would silently execute clearChannelMemory without user confirmation — a data-loss risk. Add explicit if (intent.kind === 'clear_confirm') guard and a const _exhaustive: never assertion so TypeScript flags any unhandled kinds at compile time. * fix(channels): close session leak in classifier and fix regex separator - BridgeChannelMemoryIntentClassifier now wraps prompt() in try/finally to always call cancelSession(), preventing daemon session leaks on every classifier invocation. Cleanup errors are caught so they cannot mask a successful classification result. - Add missing optional punctuation separator to the 以后记住 regex pattern for consistency with other Chinese remember patterns. * fix(channels): enforce pending clear state for channel memory confirmation The clear_confirm intent executed clearChannelMemory directly without verifying a prior clear_request was issued for the same chat. Any authorized user could clear any chat's memory by sending the confirmation phrase standalone, bypassing the two-step flow. Add a per-target pending clear map (chatId + threadId, 60s TTL) that is set during clear_request and verified+consumed during clear_confirm. Standalone confirmation phrases now get rejected with a prompt to issue the clear request first. * fix(channels): include senderId in pendingClears key to prevent cross-user confirmation User A could initiate clear_request in a group chat and User B could confirm it, since the pending key only included chatId+threadId. Add senderId to the key so only the user who initiated the clear can confirm it. * fix(channels): harden memory intent review fixes * fix(channels): cover memory clear sender guard * fix(channels): block group memory mutations * fix(channels): avoid ambiguous memory saves * test(channels): cover memory classifier cleanup * test(channels): cover memory clear expiry * fix(channels): restore channel memory slash aliases * test(channels): cover memory intent edge cases |
||
|
|
467b292b50
|
feat(channels): add WeCom intelligent robot channel (#6436)
* feat(channels): add WeCom smart bot channel * fix(channels): harden wecom review suggestions * fix(channels): address wecom critical review * fix(channels): include wecom mixed voice text * fix(channels): tighten wecom outbound media * fix(channels): harden wecom outbound sends * fix(channels): address wecom review blockers * fix(channels): address wecom review followups * fix(channels): harden wecom inbound handling * fix(channels): address wecom auth and media review * fix(channels): tighten wecom inbound cleanup * fix(channels): harden wecom media safety * fix(channels): address wecom review typecheck * fix(channels): harden wecom media review gaps * fix(channels): address wecom review blockers * fix(channels): tighten wecom media edge cases * fix(channels): address wecom review blockers * fix(channels): address wecom media review blockers * fix(channels): address wecom review follow-ups * fix(channels): address wecom review blockers * fix(channels): close wecom review blockers * fix(channels): close wecom preflight dedup race * fix(channels): close wecom review gaps * fix(channels): harden wecom kick reconnect * fix(channels): defer wecom session resolution * fix(channels): clean wecom session attachments * fix(channels): harden wecom reconnect and media cleanup * fix(channels): address wecom review diagnostics * fix(channels): improve wecom diagnostics * fix(channels): reset wecom kick retries * fix(channels): improve wecom diagnostics * fix(channels): preserve sync cancel preflight * fix(channels): close wecom connection and ssrf gaps * fix(channels): clean coalesced wecom attachments * fix(channels): bound wecom sdk connect wait * fix(channels): scope wecom untracked attachment cleanup * fix(channels): block wecom nat64 local-use ssrf * fix(channels): harden wecom media handling * fix(channels): harden wecom group gates * fix(channels): bound wecom kick reconnect cycles * fix(channels): drain loop collect prompts directly * fix(channels): align wecom buffer hooks * fix(channels): harden wecom delivery failures * fix(channels): recover from wecom attachment write failures * fix(channels): surface wecom media send failures * fix(channels): harden wecom replay and reconnect * fix(channels): clarify wecom partial delivery cleanup * fix(channels): close wecom rejected downloads * fix(channels): retain wecom dedup after processing starts * fix(channels): harden wecom reconnect and media errors * fix(channels): add wecom media error context * fix(channels): improve wecom dns diagnostics * fix(channels): keep wecom kick retry alive * fix(channels): allow wecom quoted bot replies * fix(channels): preserve wecom code fences across chunks * fix(channels): harden wecom reconnect lifecycle * fix(channels): report wecom media dir setup failures * fix(channels): harden wecom reconnect recovery * fix(channels): align wecom review fixes * fix(channels): harden wecom marker parsing * fix(channels): keep wecom reconnect timers alive * fix(channels): handle wecom tilde fences * fix(channels): preserve wecom fence state * fix(channels): clean up wecom attachment races * fix(channels): bind wecom media reads to file handles * fix(channels): prevent wecom symlink media opens * fix(channels): address wecom review blockers * fix(wecom): remove media URL from error messages to prevent credential leakage The guardedHttpsDownload error messages included rawUrl (truncated to 120 chars), which leaks private WeCom media download URLs into stderr and log aggregation systems. Remove the URL from redirect and HTTP error messages. * fix(wecom): address review feedback — tests, security, correctness - Remove stale URL assertions from media download error tests (the error messages no longer include raw URLs after the credential-leak fix) - Redact sensitive fields (secret, aeskey, token, password, authorization) in formatSdkError's JSON.stringify fallback to prevent credential leakage in logs - Add indented code block detection to findCodeRanges so [IMAGE: path] inside 4-space/tab-indented code is not stripped as a media marker - Add disconnectGeneration guard before mkdirSync in downloadAttachments to prevent orphaned temp directories when disconnect() races with in-flight attachment downloads * fix(wecom): wrap client.disconnect() in catch block to preserve connection error In the connect() catch block, client.disconnect() could throw (e.g. if the WebSocket was already destroyed), masking the original connection error. Wrap in try/catch so cleanup failures never shadow the root cause. * fix(channels): address wecom reconnect review blockers * fix(channels): harden wecom reconnect review fixes * fix(channels): harden wecom review blockers * fix(channels): address wecom review blockers * fix(channels): preserve unsupported wecom media markers * fix(channels): address wecom reliability suggestions * fix(channels): allow wecom retry after early drops --------- Co-authored-by: Shaojin Wen <shaojin.wensj@alibaba-inc.com> |
||
|
|
6fdd0fc710
|
fix(core): Support large text range reads (#6404)
* fix(core): support large text range reads Allow text reads to stream bounded line ranges for files larger than the previous 10MB guard, while preserving media size limits and forwarding cancellation through read_file/read_many_files/ACP paths. Refs #6403 Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): address large text review feedback Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): propagate abort signals in text reads Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): validate streamed utf8 reads Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): handle disabled line truncation for large reads Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): use kebab-case for text range reader Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): preserve artifact size errors for large sources Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): address large text review follow-up Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): allow default large text reads Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): honor text read byte caps Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): clarify invalid utf8 range read errors Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): prevent truncated full large reads Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): preserve unbounded line-zero reads Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): forward artifact read cancellation Pass artifact execution abort signals into source file reads and preserve cancellation semantics when the read is aborted. Add regression coverage for unbounded large UTF-8 range reads and offsets beyond EOF. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): address file read review feedback Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): preserve large text mutation reads Allow default unbounded readTextFile calls to keep reading full large text files so mutation tools can prepare complete snapshots after a prior ranged read. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> Co-authored-by: qwen-code-dev-bot <qwen-code-dev-bot@users.noreply.github.com> |
||
|
|
736b710ed0
|
feat(core): add tools.visible config for selective deferred-tool visibility at startup (#6372)
* feat(core): add tools.visible config for selective deferred-tool visibility * fix(cli): wire tools.visible from settings.json into Config Add settingsSchema entry for tools.visible and plumb it through loadCliConfig into ConfigParameters.visibleTools. Without this the core-level visibleTools support was unreachable from settings.json. Adds 3 CLI-level tests: visibleTools passthrough, empty default, safe-mode suppression. Fixes #6368 * fix(core): exclude visibleTools from tool_search candidates and reveal path Add visibleTools gate to collectCandidates() and loadAndReturnSchemas in tool-search.ts to prevent KV-cache invalidation when tool_search is invoked for a visible-deferred tool. Without this, a tool listed in tools.visible would still appear as a keyword-search candidate and select: would still trigger revealDeferredTool + setTools, defeating the purpose of promoting it to first-class visibility. 3 tests: keyword-search exclusion, select: no-reveal/no-setTools, and select: still works for non-visible deferred tools. * fix(cli): include visibleTools in /context per-tool token breakdown Add config.getVisibleTools().has(tool.name) gate to the deferred-tool skip condition in collectContextData. Without this, visible-deferred tools appear in the headline total (via getFunctionDeclarations()) but are excluded from the per-tool breakdown, causing the sum to mismatch. 1 test: visibleTools included in breakdown despite deferred+unrevealed. * fix: address all 7 review suggestions for tools.visible 1. settingsSchema: user-facing description instead of internal jargon 2. config.ts: use normalizeToolNameList (generic name) for both disabled and visible 3. config.test.ts: add bare-mode exclusion test 4. tool-registry.test.ts: disabledTools > visibleTools priority test 5. tool-registry.ts: update JSDoc for getDeferredToolSummary 6. tool-search.test.ts: mixed select: visible+non-visible test 7. tool-registry.test.ts: visible survives clearRevealedDeferredTools * chore: regenerate settings.schema.json after description update CI check detected that settings.schema.json was out of sync with settingsSchema.ts after the description was changed in commit 73e879882. * fix: address wenshao review — extract isDeferredAndHidden, clean up abstractions 1. Remove normalizeToolNameList (empty wrapper, violates AGENTS.md no-abstraction rule) 2. Extract ToolRegistry.isDeferredAndHidden() — 5 call sites reduced to 1 predicate source 3. Add dirty-input test for tools.visible (whitespace, duplicates, empty strings) 4. Add MergeStrategy.UNION test for tools.visible across user + workspace scopes --------- Co-authored-by: Aleks-0 <aleks-0@users.noreply.github.com> |
||
|
|
7e0e79b6bc
|
fix(daemon): preserve user message source metadata (#6385) | ||
|
|
5d2bfbd21b
|
feat(core): add Tool(param:value) permission syntax for parameter-level access control (#6106)
* feat(core): add Tool(param:value) permission syntax for parameter-level access control Introduces key:value parameter matching in permission rules, allowing users to grant or deny tool access based on specific input parameters. - Parse key:value pairs from specifiers for literal-kind rules - Support wildcard patterns (*), multiple params, and mixed syntax - Thread toolParams through PermissionCheckContext and matchesRule - Add 11 unit tests covering parsing, matching, wildcards, and edge cases - Maintain backward compatibility with existing specifier kinds Example rules: Agent(model:opus) # deny agents using Opus model Agent(coder,model:*) # deny coder-type agents with any model Bash(git:*) # still works (legacy :* → git *) Closes #6100 * fix(permissions): resolve PR #6106 review comments for tool param permission syntax - buildPermissionRules now propagates toolParamMatchers for 'Always Allow' flow - MCP tool rules now check param matchers after name matching - Added Object.hasOwn check to prevent prototype chain lookup vulnerability - Replaced matchesCommandPattern with matchesParamValuePattern for param value matching - Added diagnostic logging for param matching failures - Added warnings for empty valuePattern, invalid keys, and non-literal key:value syntax - Added type checking for non-primitive param values * fix(core): address critical review feedback on Tool(param:value) permission syntax - Add 's' flag to RegExp in matchesParamValuePattern for multiline support - Filter buildPermissionRules to stable param keys only (model, subagent_type, skill, server_name) to prevent sensitive data leakage - Reject MCP rules with unsupported specifiers instead of silently ignoring - Fix :* wildcard conversion to use global replace for backward compatibility - Extract shared evaluateParamMatchers helper to deduplicate MCP and standard branches * fix(permissions): address remaining review feedback for Tool(param:value) syntax - Remove unused @ts-expect-error in gitWorktreeService.ts (CI blocker) - Fix ReDoS in matchesParamValuePattern: replace regex with linear-time glob matcher using indexOf, avoiding catastrophic backtracking on multi-wildcard patterns like *a*a*a*a*b - Fix MCP backward compatibility: exclude MCP tools from key:value parsing in parseRule and buildPermissionRules to preserve existing MCP deny rule semantics - Add tests for MCP + param matcher, partial wildcards, ReDoS prevention, number coercion, and buildPermissionRules with toolParams (stable params, volatile params, sensitive data, round-trip) * fix(permissions): address PR #6106 review comments and fix useStatusLine test timeout - Make matchesParamValuePattern case-insensitive to match matchesDomainPattern convention - Remove duplicate JSDoc block before matchesParamValuePattern - Remove dead server_name from stableParamKeys in buildPermissionRules - Add PermissionManager integration tests with toolParams (evaluate, findMatchingDenyRule, hasRelevantRules, hasMatchingAskRule) - Add type guard tests for evaluateParamMatchers (null, undefined, boolean, object) - Fix useStatusLine.test.ts timeout by stubbing cron-task exports in core mock --------- Co-authored-by: 易良 <1204183885@qq.com> Co-authored-by: Shaojin Wen <shaojin.wensj@alibaba-inc.com> |