718 commits

Author	SHA1	Message	Date
顾盼	aeeb2976d6	feat(web-search): remove built-in web_search tool, replace with MCP-based approach (#3502) ... * feat(web-search): add GLM (ZhipuAI) web search provider - Add GlmProvider class implementing BaseWebSearchProvider using the ZhipuAI Web Search API (https://open.bigmodel.cn/api/paas/v4/web_search) - Support multiple search engines: search_std, search_pro, search_pro_sogou, search_pro_quark - Support optional config: maxResults, searchIntent, searchRecencyFilter, contentSize, searchDomainFilter - Truncate query to 70 characters per API limit - Register 'glm' in the provider discriminated union (types.ts) and createProvider() switch (index.ts) - Add GlmProviderConfig to settingsSchema, ConfigParams, and Config class - Add --glm-api-key CLI flag and GLM_API_KEY env var support in webSearch.ts - Forward GLM_API_KEY in sandbox environment - Update provider priority list: Tavily > Google > GLM > DashScope - Add 17 unit tests for GlmProvider and 4 integration tests in index.test.ts - Update docs/developers/tools/web-search.md with GLM configuration, env vars, CLI args, pricing, and corrected DashScope billing info - Fix stale OAuth/free-tier references in web-search.md Closes #3496 * docs(web-search): fix DashScope note and add GLM server-side limitations * fix(web-search): make DashScope provider work with standard API key, remove qwen-oauth dependency - DashScopeProvider.isAvailable() now checks config.apiKey instead of authType - Remove OAuth credential file reading and resource_url requirement - Use standard DashScope endpoint: dashscope.aliyuncs.com/api/v1/indices/plugin/web_search - Read DASHSCOPE_API_KEY env var and --dashscope-api-key CLI flag - Forward DASHSCOPE_API_KEY into sandbox environment - Update integration test to detect DASHSCOPE_API_KEY - Update docs to reflect new API key based configuration * feat(web-search): remove built-in web search tool The web_search tool and all related provider implementations are removed. Web search functionality will be provided via MCP integrations instead, which is the direction the broader agent ecosystem is moving. Removed: - packages/core/src/tools/web-search/ (entire directory) - packages/cli/src/config/webSearch.ts - integration-tests/cli/web_search.test.ts - ToolNames.WEB_SEARCH, ToolErrorCode.WEB_SEARCH_FAILED - webSearch config in ConfigParams, Config class, settingsSchema - CLI options: --tavily-api-key, --google-api-key, --google-search-engine-id, --glm-api-key, --dashscope-api-key, --web-search-default - Sandbox env forwarding for TAVILY/GLM/DASHSCOPE/GOOGLE search keys - web_search from rule-parser, permission-manager, speculation gate, microcompact tool set, and builtin-agents tool list * fix: remove websearch reference * docs: remove websearch tool * docs: add break change guide * fix review	2026-04-24 11:29:02 +08:00
Shaojin Wen	d36f12c4c4	feat(session): auto-title sessions via fast model, add /rename --auto (#3540) ... * feat(session): auto-title sessions via fast model, add /rename --auto The /rename work in #3093 generates kebab-case titles only when the user explicitly runs `/rename` with no args; until they do, the session picker shows the first user prompt (often truncated or misleading). This change adds a sentence-case auto-title that fires once per session after the first assistant turn, using the configured fast model. New service: `packages/core/src/services/sessionTitle.ts` — `tryGenerateSessionTitle(config, signal)` returns a discriminated outcome (`{ok: true, title, modelUsed}` | `{ok: false, reason}`) so callers can either handle failures generically or map reasons to actionable messages. Prompt shape: 3-7 words, sentence case, good/bad examples including a CJK row, JSON schema enforced via `baseLlmClient.generateJson`. `maxAttempts: 1` — titles are cosmetic metadata and shouldn't fight rate limits. Trigger point: `ChatRecordingService.maybeTriggerAutoTitle` runs after `recordAssistantTurn`. Fire-and-forget promise, guarded by: - `currentCustomTitle` — don't overwrite any existing title. - `autoTitleController` doubles as in-flight flag; a second turn while the first is still pending is a no-op. - `autoTitleAttempts` cap of 3 — the first assistant turn may be a pure tool-call with no user-visible text; retry for a handful of turns until a title lands. Cap bounds total waste. - `!config.isInteractive()` — headless CLI (`qwen -p`, CI) never auto- titles; spending fast-model tokens on a one-shot session is waste. - `autoTitleDisabledByEnv()` — `QWEN_DISABLE_AUTO_TITLE=1` opt-out. - `config.getFastModel()` falsy — skip entirely rather than falling back to the main model; auto-titling on main-model tokens is too expensive to be silent. Persistence: `CustomTitleRecordPayload` grows a `titleSource: 'auto' | 'manual'` field. Absent on pre-change records (treated as `undefined` → manual, safe default so a user's pre-upgrade `/rename` is never silently reclassified). `SessionPicker` renders `titleSource === 'auto'` titles in dim (secondary) color; manual stays full contrast. On resume, the persisted source is rehydrated into `currentTitleSource` — without this, finalize's re-append would rewrite an auto title as manual on every resume cycle. Cross-process manual-rename guard: when two CLI tabs target the same JSONL, in-memory state can diverge. Before writing an auto record, the IIFE re-reads the file via `sessionService.getSessionTitleInfo`. If a `/rename` from another process landed as manual, bail and sync local state — never clobber a deliberately-chosen manual title with a model guess. Cost is one 64KB tail read per successful generation. `finalize()` aborts the in-flight controller before re-appending the title record. Session switch / shutdown doesn't have to wait on a slow fast-model call. New user-facing command: `/rename --auto` regenerates via the same generator — explicit user trigger, overwrites whatever's there (manual or auto) because the user asked. Errors route through `autoFailureMessage(reason)` so `empty_history`, `model_error`, `aborted`, etc. each get actionable guidance rather than a generic "could not generate". `/rename -- --literal-name` is the sentinel for titles that start with `--`; unknown `--flag` tokens error with a hint pointing at the sentinel. Existing `/rename <name>` and bare `/rename` (kebab-case via existing path) are unchanged, except the kebab path now prefers fast model when available and runs its output through `stripTerminalControlSequences` (same ANSI/OSC-8 hardening as the sentence-case path). New shared util: `packages/core/src/utils/terminalSafe.ts` — `stripTerminalControlSequences(s)` strips OSC (\x1b]...\x07|\x1b\\), CSI (\x1b[...[a-zA-Z]), SS2/SS3 leaders, and C0/C1/DEL as a backstop. A model-returned `\x1b[2J` or OSC-8 hyperlink escape would otherwise execute on every SessionPicker render; both sentence-case and kebab paths now route titles through the helper before they reach the JSONL or the UI. Tail-read extractor: `extractLastJsonStringFields(text, primaryKey, otherKeys, lineContains)` reads multiple fields from the same matching line in a single pass. Two separate tail scans could return a mismatched pair (primary from a newer record, secondary from an older one with only the primary set); the new helper guarantees the pair is atomic. Validates a proper closing quote on the primary value so a crash-truncated trailing record can't win the latest-match race. `readLastJsonStringFieldsSync` is its file-reading wrapper — same tail-window fast path and full-file fallback as the single-field version, plus a `MAX_FULL_SCAN_BYTES = 64MB` cap so a corrupt multi-GB session file can't freeze the picker. Session reads now open with `O_NOFOLLOW` (falls back to plain RDONLY on Windows where the constant isn't exposed) — defense in depth against a symlink planted in `~/.qwen/projects/<proj>/chats/`. Character handling: `flattenToTail` on the LLM prompt drops a dangling low surrogate after `slice(-1000)` — otherwise a CJK supplementary char or emoji cut mid-pair produces invalid UTF-16 that some providers 400. `sanitizeTitle` applies the same surrogate scrub after max-length trim, and strips paired CJK brackets (`「」 『』 【】 〈〉 《》`) as whole units so a `【Draft】 Fix login` doesn't leave a dangling `】` after leading-char strip. `lineContains` in the title reader is tightened from the loose substring `'custom_title'` to `'"subtype":"custom_title"'` so user text containing the literal `custom_title` can't shadow a real record. Tests: 46 new unit tests across - `sessionTitle.test.ts` (22): success/all-failure-reasons, tool-call filter, tail-slice, surrogate scrub, ANSI/OSC-8 strip, CJK brackets. - `chatRecordingService.autoTitle.test.ts` (15): trigger/skip matrix, in-flight guard, abort propagation on finalize, manual/auto/legacy resume symmetry, cross-process race, env opt-out, retry-after- transient. - `sessionStorageUtils.test.ts` (13): single-pass extractor, straddle boundary, truncated trailing record, lineContains, multi-field atom. - `renameCommand.test.ts` (8): `--auto` success, all reasons, sentinel, unknown-flag hint, positional rejection, manual/SessionService fallbacks. * docs(session): design doc for auto session titles Matches the session-recap design doc shape (Overview / Triggers / Architecture / Prompt Design / History Filtering / Persistence / Concurrency / Configuration / Observability / Out of Scope) and adds a Security Hardening section unique to the title path — titles render directly in the picker and persist in user-readable JSONL, so LLM-returned control sequences are an attack surface the recap path doesn't have. Captures decisions a code-only reader has to reverse-engineer: - Why `maxAttempts: 1` (best-effort cosmetic metadata; no retry loop). - Why `autoTitleAttempts` cap is 3 (first turn can be pure tool-call). - Why the auto trigger does NOT fall back to the main model but session-recap does (auto-title fires on every turn; silently charging main-model tokens is a bill surprise). - Why `titleSource: undefined` stays unwritten on legacy records (no rewrite risks silently reclassifying user intent). - Why the cross-process re-read sits between the LLM await and the append (manual wins at both in-process and on-disk layers). - Why `finalize()`'s abort tolerates a controller swap (in-flight identity check). - Why JSON-schema function calling instead of tag extraction (avoid reasoning preamble bleed; cross-provider reliability). Placed at docs/design/session-title/ alongside session-recap, compact-mode, fork-subagent, and other per-feature design docs. No sidebar index update required — the design folder is unindexed. * test(rename): pin model choice in bare /rename kebab path Addresses reviewer feedback: the bare `/rename` model selection (`config.getFastModel() ?? config.getModel()`) had no test pinning it either way. Previous tests mocked `getHistory: []`, which exits the function before the model is ever chosen, so a silent regression to either direction (always-main or always-fast) would pass CI. Two explicit cases now: - fastModel set → `generateContent` called with `model: 'qwen-turbo'`. - fastModel unset → `generateContent` called with `model: 'main-model'`. The tests intentionally mock a non-empty history so the kebab path reaches the generateContent call site instead of bailing on empty input.	2026-04-23 20:37:05 +08:00
顾盼	2710bdec0d	feat(cli): Phase 2 — slash command multi-mode expansion, ACP fixes, and UX improvements (#3377) ... * refactor(cli): replace slash command whitelist with capability-based filtering (Phase 1) ## Summary Replace the hardcoded ALLOWED_BUILTIN_COMMANDS_NON_INTERACTIVE whitelist with a unified, capability-based command metadata model. This is Phase 1 of the slash command architecture refactor described in docs/design/slash-command/. ## Key changes ### New types (types.ts) - Add ExecutionMode ('interactive' | 'non_interactive' | 'acp') - Add CommandSource ('builtin-command' | 'bundled-skill' | 'skill-dir-command' | 'plugin-command' | 'mcp-prompt') - Add CommandType ('prompt' | 'local' | 'local-jsx') - Extend SlashCommand interface with: source, sourceLabel, commandType, supportedModes, userInvocable, modelInvocable, argumentHint, whenToUse, examples (all optional, backward-compatible) ### New module (commandUtils.ts + commandUtils.test.ts) - getEffectiveSupportedModes(): 3-priority inference (explicit supportedModes > commandType > CommandKind fallback) - filterCommandsForMode(): replaces filterCommandsForNonInteractive() - 18 unit tests ### Whitelist removal (nonInteractiveCliCommands.ts) - Remove ALLOWED_BUILTIN_COMMANDS_NON_INTERACTIVE constant - Remove filterCommandsForNonInteractive() function - Replace with CommandService.getCommandsForMode(mode) ### CommandService enhancements (CommandService.ts) - Add getCommandsForMode(mode: ExecutionMode): filters by mode, excludes hidden - Add getModelInvocableCommands(): reserved for Phase 3 model tool-call use ### Built-in command annotations (41 files) Annotate every built-in command with commandType: - commandType='local' + supportedModes all-modes: btw, bug, compress, context, init, summary (replaces the 6-command whitelist) - commandType='local' interactive-only: export, memory, plan, insight - commandType='local-jsx' interactive-only: all remaining ~31 commands ### Loader metadata injection (4 files) Each loader stamps source/sourceLabel/commandType/modelInvocable on every command it emits: - BuiltinCommandLoader: source='builtin-command', modelInvocable=false - BundledSkillLoader: source='bundled-skill', commandType='prompt', modelInvocable=true - command-factory (FileCommandLoader): source per extension/user origin, commandType='prompt', modelInvocable=!extensionName - McpPromptLoader: source='mcp-prompt', commandType='prompt', modelInvocable=true ### Bug fix MCP_PROMPT commands were incorrectly excluded from non-interactive/ACP modes by the old whitelist logic. commandType='prompt' now correctly allows them in all modes. ### Session.ts / nonInteractiveHelpers.ts - ACP session calls getAvailableCommands with explicit 'acp' mode - Remove allowedBuiltinCommandNames parameter from buildSystemMessage() — capability filtering is now self-contained in CommandService * fix test ci * feat(cli): Phase 2 slash command expansion + ACP fixes + UX improvements Phase 2.1 - Command mode expansion: - Extend 13 built-in commands to support non_interactive/acp modes - A class: export, plan, statusline - supportedModes only - A+ class: language, copy, restore - add non-interactive branches - A' class: model, approvalMode - handle dialog paths in non-interactive - B class: about, stats, insight, docs, clear - full non-interactive branches - context: format output as readable Markdown instead of raw JSON - export: use HTML as default format when no subcommand given Phase 2.2 - SkillTool integration: - SkillTool now consumes CommandService.getModelInvocableCommands() Phase 2.3 - Mid-input slash ghost text: - Replace mid-input dropdown completion with inline ghost text - Match Claude Code behavior: gray dimmed completion hint in input box - Tab accepts the ghost text completion - Add findMidInputSlashCommand() and getBestSlashCommandMatch() utilities ACP session bug fixes: - Fix executionMode undefined in interactive mode (slashCommandProcessor) - Fix slash command output not visible in Zed (use emitAgentMessage) - Fix newline rendering in Zed (Markdown hard line-break) - Fix history replay merging consecutive user messages (recordSlashCommand) - Fix /clear not clearing model context (dynamic chat reference) * feat: inline complete only for modelInvocable * fix memory command * fix: pass 'non_interactive' mode explicitly to getAvailableCommands - Fix critical bug in nonInteractiveHelpers.ts: loadSlashCommandNames was calling getAvailableCommands without specifying mode, causing it to default to 'acp' instead of 'non_interactive'. Commands with supportedModes that include 'non_interactive' but not 'acp' would be silently excluded. - Apply the same fix in systemController.ts for the same reason. - Update test mock to delegate filtering to production filterCommandsForMode() instead of duplicating the logic inline, preventing divergence. Fixes review comments by wenshao and tanzhenxin on PR #3283. * fix: resolve TypeScript type error in nonInteractiveHelpers.test.ts * fix test ci * fix mcp prompt in skill manager * revert pr#3345 * fix test ci * feat(cli): adapt /insight for non_interactive mode with message return - non_interactive: run generateStaticInsight() synchronously with no-op progress callback, return { type: 'message' } with output path - acp: keep existing stream_messages path with progress streaming - interactive: unchanged Add tests for non_interactive success and error paths. Update phase2-technical-design.md and roadmap.md to reflect the three-way mode split and clarify that MCP prompts do not need modelInvocable (they are called via native MCP tool call mechanism). * fix(cli): ghost text only shown when cursor is at end of slash token Use strict equality (!==) instead of > in findMidInputSlashCommand so that ghost text is only computed and Tab-accepted when the cursor sits exactly at the trailing edge of the partial command token. Previously, with the cursor inside an already-typed token (e.g. /re|view), the ghost text suffix would still be shown and pressing Tab would insert it at the cursor position, producing a duplicated tail. Using strict equality makes ghost text disappear as soon as the cursor moves inside the token. Add unit tests for findMidInputSlashCommand covering cursor-at-end, cursor-inside-token, cursor-past-token, start-of-line, and no-space-before-slash cases. * fix(cli): support /model <model-id> in non-interactive and ACP modes Previously, /model <model-id> (without --fast) fell through to the non-interactive branch that only returned the current model info and incorrectly told users to use --fast. Now: - /model <model-id> → sets the main model via settings + config.setModel() - /model → shows current model with correct usage hint - /model --fast <id> → unchanged (sets fast model) Fixes the inconsistency flagged in PR review: the help text said to use '/model <model-id>' but the command returned a dialog action which is unsupported in non-interactive mode. * fix(cli): declare supportedModes on doctorCommand to enable non-interactive and ACP The command's action already had non-interactive handling (returns a JSON message with check results), but without supportedModes declared the BUILT_IN fallback restricted it to interactive-only so it was never registered in non_interactive or acp sessions. * feat(skills): add SkillCommandLoader for user/project/extension skills as slash commands - New SkillCommandLoader loads user, project, and extension level SKILL.md files as slash commands (previously only bundled skills were slash-invocable) - Extension skills follow plugin-command rules: modelInvocable only when description or whenToUse is present - User/project skills are always modelInvocable (matching bundled behavior) - skill-manager now injects extensionName when loading extension-level skills - Add when_to_use and disable-model-invocation frontmatter support to SKILL.md and .md command files (SkillConfig, markdown-command-parser, command-factory, BundledSkillLoader, FileCommandLoader) - SkillTool filters out skills with disableModelInvocation and includes whenToUse in the skill description shown to the model - 16 unit tests for SkillCommandLoader covering all cases * docs: update phase2 design doc to reflect final decisions on plan/statusline/copy/restore These four commands are intentionally kept as interactive-only by design: - /plan and /statusline: tightly coupled with interactive multi-turn UI - /copy and /restore: clipboard and snapshot restore are inherently interactive Update design doc classification table, section 4.2, 4.3, 5.2, 5.3, file change summary, test requirements, behavior analysis table, and implementation batch descriptions to reflect this decision. * feat(cli): re-implement slashCommands.disabled denylist based on current refactored code Adapts the feature originally introduced in pr#3445 to the current CommandService / Phase-2 refactored code. Sources (merged, de-duplicated, case-insensitive): - settings key slashCommands.disabled (string[], UNION merge) - --disabled-slash-commands CLI flag (comma-separated or repeated) - QWEN_DISABLED_SLASH_COMMANDS environment variable Enforcement points: - CommandService.create() accepts optional disabledNames: ReadonlySet<string> and removes matching commands post-rename, so disabled commands never appear in autocomplete, mid-input ghost text, or model-invocable commands list. - slashCommandProcessor (interactive TUI) passes the denylist to CommandService.create so disabled commands are absent from dropdown/ghost text. - nonInteractiveCliCommands.handleSlashCommand() keeps allCommands unfiltered to distinguish disabled vs unknown; disabled commands return unsupported with a "disabled by the current configuration" reason (not no_command). - getAvailableCommands() (ACP) passes the denylist to CommandService.create. Config plumbing: - core/Config: ConfigParameters.disabledSlashCommands + getDisabledSlashCommands() - cli/config: CliArgs.disabledSlashCommands + yargs option + loadCliConfig merge - settingsSchema: slashCommands.disabled (MergeStrategy.UNION) - settings.schema.json: regenerated Tests: 28 pass (CommandService x4, nonInteractiveCliCommands x3 new cases) * feat(cli): complete slashCommands.disabled coverage from pr#3445 Fill in the three items that were missing from the initial re-implementation: - packages/cli/src/config/settings.test.ts: add UNION-merge test for slashCommands.disabled across user and workspace scopes - packages/cli/src/nonInteractiveCli.test.ts: add getDisabledSlashCommands mock to the shared mockConfig fixture - docs/users/configuration/settings.md: add slashCommands section (table + example + note) and --disabled-slash-commands row in the CLI args table * fix(cli): match disabled slash commands by alias as well as primary name The denylist previously only checked cmd.name (the primary/canonical name), so disabling a command by its alias (e.g. 'about' for the 'status' command) had no effect. Fix both CommandService.create() and the isDisabled() helper in nonInteractiveCliCommands.ts to also check altNames. Also improve the user-facing error message to show the token the user actually typed (e.g. /about) instead of always showing the primary name (/status).	2026-04-22 19:12:44 +08:00
Shaojin Wen	d71f2fab70	feat(cli): cap inline shell output with configurable line limit (#3508) ... * feat(cli): cap inline shell output with configurable line limit Long-running shell commands (npm install, find /, build logs) currently fill the viewport with the full visible PTY buffer (up to availableHeight, ~24 lines on a typical terminal). The output dominates the screen and pushes prior context off the top. This caps inline ANSI shell output to a small window (default 5 lines, matching Claude Code's ShellProgressMessage). The hidden line count is already surfaced via the existing `+N lines` indicator in `ShellStatsBar`, so users still know how much was elided. The cap applies only when nothing in the existing escape-hatch set is true: - `forceShowResult` (errors, !-prefix user-initiated commands, tools awaiting confirmation, agents pending confirmation) - `isThisShellFocused` (ctrl+f focus on a running embedded PTY shell) - `ui.shellOutputMaxLines = 0` (user opt-out) Also adds a new `ui.shellOutputMaxLines` setting (default 5) so users can adjust or disable the cap. The SettingsDialog renders it automatically via the existing `type: 'number'` schema path. Notes on scope: - Only the `'ansi'` display branch is capped. `'string'`, `'diff'`, `'todo'`, `'plan'`, `'task'` renderers are untouched. - `AnsiOutputDisplay` is only produced by shell tools (`shell.ts`, `shellCommandProcessor.ts`), so other tool outputs are unaffected. - The `+N lines` count is bounded by the headless xterm buffer height (~30 rows) — a pre-existing limitation of the buffer-based stats, not introduced here. Tests: - 4 new ToolMessage tests cover cap default, forceShowResult bypass, settings disable (cap=0), and custom cap value. - The existing `MockAnsiOutputText` / `MockShellStatsBar` mocks were extended to print `availableTerminalHeight` / `displayHeight` so the cap behavior is asserted at the prop level. * fix(cli): apply shell output cap to completed string display too Initial PR caught only the streaming ANSI branch. AI shell tools emit the final completed result through `shell.ts:returnDisplayMessage = result.output`, which is a plain string. That string went through `StringResultRenderer` with the unmodified `availableHeight`, so the cap was effectively bypassed for the steady-state display the user actually sees most of the time. Verified manually in tmux: a `seq 1 30` invocation by the AI now collapses to "first 26 lines hidden ... 27 28 29 30" instead of listing all 30 rows. `!`-prefix `seq 1 30` still expands fully via the existing `isUserInitiated → forceShowResult` bypass. Changes: - Detect shell tool by name (matches existing `SHELL_COMMAND_NAME` / `SHELL_NAME` checks already used in this file) - Rename `ansiAvailableHeight` → `shellCapHeight` since it now governs the string branch as well - Pass `shellCapHeight` to `StringResultRenderer`; the value falls back to `availableHeight` for non-shell tools so other tools' string output is unaffected - Two new tests: shell completed string is capped; non-shell string is not - Two existing tests updated to use `name="Shell"` so they actually exercise the cap path (would previously have passed by accident since the original code didn't check tool name) Also picks up the auto-regenerated VSCode IDE companion settings schema entry for `ui.shellOutputMaxLines`. * fix(cli): symmetrize ANSI/string row counts and clamp shell cap input Addresses two non-blocking review observations on #3508. Off-by-one between paths: MaxSizedBox reserves one row for its overflow banner when content exceeds maxHeight (visibleContentHeight = max - 1). The ANSI path pre-slices to N in AnsiOutputText so MaxSizedBox sees exactly N rows and renders all N — plus the separate ShellStatsBar line. The string path passes the raw cap and lets MaxSizedBox handle overflow, so it shows N-1 content rows + the banner. Result with cap=5: ANSI showed 5+stats, string showed 4+banner. Pass shellCapHeight + 1 to StringResultRenderer when capping so both paths render N visible content rows. Verified in tmux: the completed Shell tool box now reports `... first 25 lines hidden ...` followed by lines 26-30 (was 26 + lines 27-30). Setting validation: Schema accepts any number; the dialog only rejects NaN. Negatives silently disabled the cap (only 0 is documented as off) and fractional values produced fractional slice counts. Added Math.max(0, Math.floor(value || 0)) at the use site so: - negatives → 0 → cap disabled (matches the documented opt-out) - fractions → floor → whole-row cap - non-numeric (raw settings.json edits) → 0 → cap disabled Schema-level minimum/integer constraints aren't supported by the current settings infrastructure (no other number setting uses them either), so the guard lives at the use site. Tests: - Updated string-cap test to assert lines 26-30 visible (catches the +1 fix; was lines 27-30 before) - New parameterized test covers -1, 1.5, and a non-numeric value	2026-04-22 14:37:13 +08:00
Reid	d1c8dff4d2	feat(arena): add comparison summary for agent results (#3394) ... Adds a summary view that runs after Arena agents finish, so users can compare model outputs without opening each agent's conversation first. Summary surface: - Agent status overview - Files changed in common vs. unique to one agent - Per-agent approach summary generated through that agent's own provider - Token / runtime / line-change / file-count metrics Selection dialog now supports: - p — toggle preview for the highlighted agent - d — toggle detailed diff - Enter — select winner - x — discard all results - Esc — cancel Approach summary generation: - Each agent's summary is generated through that agent's own content generator, keeping mixed-provider Arena sessions within their respective auth boundaries - 20s timeout + AbortController per agent, bounded prompt inputs (finalText 2K, transcript 6K, diff 6K) - Falls back to a deterministic "Changed N files ..." summary when no per-agent generator is available or on error Diff summary now handles binary, rename-only, and mode-only diffs; the previous heuristic required textual +/- hunks and would have dropped those. Resolves #2559	2026-04-22 05:31:19 +08:00
zhangxy-zju	ebe364d0b8	feat(retry): add persistent retry mode for unattended CI/CD environments (#3080) ... * feat(retry): add persistent retry mode for unattended CI/CD environments When running in CI/CD pipelines or background daemon mode, transient API capacity errors (429/529) should not terminate long-running tasks after a fixed number of retries. This adds an environment-aware persistent retry mode that retries indefinitely for transient errors, with exponential backoff capped at 5 minutes and heartbeat keepalives every 30 seconds to prevent CI runner timeouts. * docs: add persistent retry mode documentation Add environment variable entries (QWEN_CODE_UNATTENDED_RETRY, QWEN_CODE_BG) to the settings reference, and a new "Persistent Retry Mode" section to the headless mode docs covering activation, behavior, and CI/CD usage examples. * refactor(retry): simplify to single explicit env var QWEN_CODE_UNATTENDED_RETRY Remove QWEN_CODE_BG and CI=true as activation triggers for persistent retry. Having multiple env vars with identical behavior adds confusion, and silently activating infinite retry on CI=true is dangerous — a regular CI test hitting a 429 would hang forever instead of failing fast. * fix(retry): address PR review feedback - Forward caller's abortSignal into retryWithBackoff in both baseLlmClient.ts and geminiChat.ts so persistent waits remain cancellable (wenshao) - Re-apply maxBackoff and capMs after jitter so delays strictly respect stated caps (Copilot) - Respect shouldRetryOnError in persistent mode so callers can force fast-fail even for transient 429/529 errors (Copilot) - Guard sleepWithHeartbeat against infinite loop when heartbeat interval is <= 0 via Math.max(1, ...) (Copilot) - Normalize isEnvTruthy with trim/toLowerCase for robust env var parsing across CI conventions (Copilot) * test(retry): add missing UT for shouldRetryOnError override and heartbeat zero-interval guard * fix(retry): do not cap Retry-After delays at maxBackoff Server-specified Retry-After values should only be limited by the absolute cap (capMs/6h), not the exponential backoff cap (maxBackoff/5min). Jitter is also skipped for Retry-After since the server already specified the exact wait time. * refactor(retry): align isUnattendedMode with project env parsing convention Replace custom isEnvTruthy (trim + toLowerCase) with strict matching (val === 'true' || val === '1') to match parseBooleanEnvFlag used elsewhere in the codebase. Prevents inconsistent behavior where 'TRUE' or ' 1 ' would activate persistent retry here but not in telemetry or other env-driven features. * test(retry): add Retry-After handling tests for persistent mode Cover three key behaviors: - Retry-After is NOT capped at maxBackoff (only at capMs) - Retry-After IS capped at persistentCapMs absolute limit - Retry-After delays have no jitter applied * fix(test): add isUnattendedMode to retry.js mock in baseLlmClient tests The existing vi.mock for retry.js only exported retryWithBackoff. After adding isUnattendedMode to the retry module, baseLlmClient.ts imports it, causing all 10 generateJson tests to fail with 'No "isUnattendedMode" export is defined on the mock'. * fix(retry): wire persistent retry mode into client.ts generateContent Forward persistentMode and abortSignal to retryWithBackoff() in GeminiClient.generateContent(), matching the existing wiring in baseLlmClient.ts and geminiChat.ts.	2026-04-21 22:08:11 +08:00
Shaojin Wen	519e5aa1de	fix(core): recover from truncated tool calls via multi-turn continuation (#3313) ... * fix(core): recover from truncated tool calls via multi-turn continuation (#3049) When large tool calls (e.g., WriteFile with big HTML) exceed the output token limit, the model's response gets truncated and required parameters like file_path are missing. Previously this surfaced as a confusing "params must have required property" error. Three-layer defense: 1. Escalate to model's actual output limit (not fixed 64K). Models with 128K output (Claude Opus, GPT-5) now use their full capacity. 2. Multi-turn recovery: if the escalated response is still truncated, keep the partial response in history and inject a recovery message ("Resume directly — pick up mid-thought") so the model continues from where it left off. Up to 3 recovery attempts before falling back to the tool scheduler's guidance. 3. Stronger truncation guidance as fallback: "you MUST split" instead of "consider splitting". Also fixes: - Clear toolCallRequests on RETRY to prevent duplicate tool execution - Add isContinuation flag to RETRY events so the UI preserves text buffers during recovery (continuation) but resets them during escalation (fresh restart) - Catch errors during recovery to prevent dangling history entries * docs: update adaptive output token escalation design for recovery mechanism Update the design doc to reflect: - Escalation now targets model's actual output limit (64K floor) - Multi-turn recovery loop after escalation (up to 3 attempts) - isContinuation flag on RETRY events - Recovery error handling (pop dangling message, break) - Updated constants table and model-specific escalation limits - New design decision: why multi-turn recovery over progressive escalation * fix: remove competitor reference from code comment * fix: address review feedback on recovery mechanism Three correctness fixes from @tanzhenxin's review: 1. Partial text lost during continuation (useGeminiStream.ts): On continuation RETRY, setPendingHistoryItem(null) cleared the pending gemini item. The next Content event then saw a null pending item, created a fresh one, and reset geminiMessageBuffer = eventValue — discarding the preserved partial text. Now the pending item AND buffers are kept on continuation, so the continuation appends. 2. Recovery on truncated tool-call turns (geminiChat.ts): When the truncated turn already contains a complete functionCall, appending a user recovery message produces model(functionCall) → user(text) with no intervening functionResponse — an invalid API sequence. Now recovery skips turns with functionCall parts and defers to the tool scheduler's layer-3 fallback. 3. Recovery errors swallowed after partial chunks (geminiChat.ts): If a recovery attempt yielded chunks then failed, the catch block broke without emitting any terminal signal, leaving the UI with partial text and no Finished event. Now emits a synthetic finishReason=STOP chunk in the catch so the UI gets a proper terminal signal. * test: add coverage for output token recovery loop Four targeted tests for the recovery mechanism introduced in the truncated-tool-call-recovery PR: 1. Recovery loop fires when escalated response is also truncated: initial MAX_TOKENS → escalation MAX_TOKENS → recovery STOP. Verifies two RETRY events (one escalation, one continuation) and three API calls. 2. Recovery is skipped when truncated turn contains a functionCall: prevents the invalid model(functionCall) → user(text) sequence. Verifies no continuation RETRY and history ends with the functionCall intact. 3. Recovery attempts are capped at MAX_OUTPUT_RECOVERY_ATTEMPTS (3): persistent MAX_TOKENS triggers exactly 5 API calls (1 initial + 1 escalation + 3 recovery). 4. Recovery catch block emits synthetic STOP chunk and pops dangling user message: when a recovery attempt fails (empty stream → InvalidStreamError), the UI gets a terminal signal and history ends on the model turn, not a dangling user recovery message. * test: cover cross-iteration functionCall detection in recovery loop Existing tests cover the functionCall guard when both initial and escalated responses have functionCall. This adds a test for the cross-iteration case: iter 1 returns text (recovery proceeds), iter 2 returns functionCall (recovery must break before iter 3). Verifies: - API called exactly 4 times (1 initial + 1 escalation + 2 recovery) - History ends with the functionCall model turn, not a dangling user recovery message - Iter 3's user recovery message is never pushed (guard fires at top of loop before recoveryCount increment) * fix(core): cast synthetic STOP chunk via unknown for TS2352 The object literal {candidates, content, parts} doesn't structurally overlap enough with GenerateContentResponse for TypeScript's strict narrow cast. Casting through 'unknown' is required per TS2352. Build error from CI: src/core/geminiChat.ts(651,24): error TS2352: Conversion of type '...' to type 'GenerateContentResponse' may be a mistake because neither type sufficiently overlaps with the other. If this was intentional, convert the expression to 'unknown' first. * test(core): tighten recovery history integrity assertions Strengthen the "pop dangling recovery message" test to catch any future regression that leaves consecutive same-role entries or an empty last-model placeholder in history — conditions providers reject on the next turn. * fix(core): coalesce recovery pairs to avoid leaking control prompt Previously every output-token recovery iteration left a (user, model) pair in durable history where the user turn was the internal OUTPUT_RECOVERY_MESSAGE control prompt. That prompt was then visible to every later turn, biasing responses and polluting compression, replay, and export. Track successful recovery iterations and, after the recovery loop, fold each completed pair back into the preceding model turn via a new `coalesceRecoveryPairs` helper. Failed iterations already pop their user turn in the catch block, so they need no coalescing. Adds a targeted test that runs escalation + two successful recovery iterations + a clean STOP, and asserts the merged history has exactly one user turn and one model turn, no trace of the control prompt text, and content ordered as B (escalation) + C + D.	2026-04-21 17:04:24 +08:00
Shaojin Wen	afbb5e71db	fix(cli): rework session recap rendering and add blur threshold setting (#3482) ... * feat(cli): make recap away-threshold configurable The 5-minute blur threshold was hard-coded. Confirmed from Claude Code's own binary (v2.1.113) that 5 minutes is their default as well (and that they shift to 60 minutes when 1h prompt-cache is active) — so the default stays, but expose it as `general.sessionRecapAway ThresholdMinutes` for users who briefly alt-tab often and don't want recaps piling up, or who want to lower it for testing. Non-positive / unset values fall back to the 5-minute default, so dropping the key has the same behavior as before. * fix(core): align recap prompt with Claude Code (1-2 sentences, ≤40 words) The earlier "exactly one sentence, 80-char cap" was an over-correction to a single in-the-moment ask. Going back to it: the natural shape of "current task + next action" is two clauses, and forcing them into a single sentence either crams them with a semicolon or drops the next action entirely on complex sessions. Adopt Claude Code's prompt verbatim (extracted from the v2.1.113 binary): "under 40 words, 1-2 plain sentences, no markdown. Lead with the overall goal and current task, then the one next action. Skip root-cause narrative, fix internals, secondary to-dos, and em-dash tangents." Add a Chinese-budget note (~80 chars) and keep the <recap>...</recap> wrapping that protects against reasoning-model preambles leaking into the UI. The sticky banner already re-measures controls height when the recap toggles, so a 2-line render lays out cleanly. Sweep "one-line" out of user-facing copy (settings description, slash-command description, feature docs, design doc) so the documentation matches the new shape. * fix(cli): restore "one-line" in user-facing recap copy Verified from the Claude Code v2.1.113 binary that the slash-command description IS literally "Generate a one-line session recap now" even though the underlying prompt allows 1-2 sentences. Claude Code is deliberately setting a tighter user expectation than the prompt guarantees, which keeps the surface feel "glanceable". Mirror that asymmetry: keep the prompt at 1-2 sentences (the previous commit) for behavioral parity, but put "one-line" back in the user- visible copy (slash-command description, settings description, user docs). Internal design doc keeps the accurate "1-2 sentence" wording. * fix(cli): render recap inline in history to match Claude Code Earlier I read the user's complaint that the recap "scrolled away" as "the recap should be sticky above the input box," and built a sticky banner accordingly. Disassembly of the Claude Code v2.1.113 binary shows the actual behavior is the opposite: their away_summary is a plain `type:"system", subtype:"away_summary"` message dispatched through the standard message renderer (no Static, no anchor, no flexbox pinning) — it scrolls with the conversation like every other system message. Tear out the sticky-banner machinery so recap matches that: - Recap is back in the `HistoryItemWithoutId` union and `addItem`'d into history (both from `/recap` and from auto-trigger), so it serializes into session saves and behaves like every other history item — no special clear paths, no resume-wrapper, no layout-effect re-measure dance. - `useAwaySummary` takes `addItem` again instead of a setter callback. - `AwayRecapMessage` renders the way Claude Code does: a 2-column gutter with `※`, then bold "recap: " and italic content, all in dim color. Drop the prior `StatusMessage`-shaped layout that fused prefix and label into "※ recap:". - Remove the AppContainer plumbing, the slashCommandProcessor state, the UIStateContext fields, the DefaultAppLayout / ScreenReader placement blocks, the test-utils mocks, and the noninteractive stub. Restore `useResumeCommand.handleResume` to a void return since callers no longer need the success boolean. Sweep the design doc so the architecture diagram, files table, and hook deps reflect the inline-history flow. * fix(cli): dedupe back-to-back auto-recaps with no new user turns between Two consecutive blur cycles, each over the threshold but with no new user activity in between, would each fire their own auto-recap and add two near-duplicate entries to history (same task, slightly different wording from temperature-driven LLM variance). Reported case: leaving the terminal twice while a /review of one PR was still on screen produced two recaps both about that same review. Add a `shouldFireRecap` gate before kicking off the LLM call: - Need at least 3 user messages in history total (don't fire on a near-empty session). - If a previous away_recap is already in history, need at least 2 new user messages since that one before another can fire. Same shape as Claude Code's `Ic1` gate (`Sc1=3`, `Rc1=2`). Read history through a ref so this isn't in the effect's deps and the effect doesn't re-run on every message. * fix(cli): type useResumeCommand.handleResume as Promise<void> Per gemini review on #3482: the interface declared this as `() => void` but the implementation is `async` and returns `Promise<void>`. The mismatch silently lost the chainable promise — tests had to launder it through `as unknown as Promise<void> | undefined` just to await. Tighten the interface to `Promise<void>` and drop the cast in the "closes the dialog immediately" test. * fix(cli): persist auto-fired recap to chat recording so /resume keeps it Per yiliang114 review on #3482: the manual `/recap` path persists across `/resume` because the slash-command processor records every output history item via `chatRecorder.recordSlashCommand({ phase: 'result', outputHistoryItems })`, but the auto path called `addItem` directly and bypassed that recorder. The result was an asymmetry where users who triggered recap manually saw it after `/resume`, while users whose recap fired automatically lost it. Mirror the manual recording from useAwaySummary's `.then` callback — record only the `result` phase (not invocation, since we don't want a fake `> /recap` user line replayed) with the away-recap item as the single output. Wrapped in try/catch because recap is best-effort and must never surface a failure to the user. Add useAwaySummary.test.ts covering: - the recording path is taken on a successful auto-trigger - the dedup gate (`shouldFireRecap`) suppresses the LLM call entirely, including the recording, when no new user turns happened since the last recap * fix(cli): cast recap item via spread to satisfy strict tsc --build CI's `tsc --build` (stricter than local `tsc --noEmit`) rejected the direct `item as Record<string, unknown>` cast: HistoryItemAwayRecap's literal `type: 'away_recap'` field doesn't overlap with `unknown`, TS2352. Use the `{ ...item } as Record<string, unknown>` spread pattern that the rest of the codebase (arenaCommand, slashCommandProcessor's serializer) already uses for the same SlashCommandRecordPayload field.	2026-04-21 14:39:13 +08:00
Shaojin Wen	52c7a3d0ed	fix(cli): pin /recap above input and align defaults with fastModel (#3478) ... * fix(cli): pin /recap above input box and align defaults with fastModel The recap rendered as a regular history item, so as soon as the model streamed a new reply the "where you left off" reminder scrolled out of view. Move it to a sticky banner anchored just above the Composer (matching how btwItem is rendered) so it stays visible across turns. While reworking the surface, also: - Replace the chevron prefix with `※ recap:` so it reads as a labeled recap line instead of a generic dim message. - Mirror the placement in ScreenReaderAppLayout so screen-reader users see it in the same logical position. - Drop HistoryItemAwayRecap from the HistoryItemWithoutId union — it is no longer addItem-able, and leaving it in invited silent no-op bugs where addItem(awayRecap) would compile but render nothing. - Clear the banner on /clear, /reset, /new and on /resume into a different session, so a recap from a previous context doesn't bleed into a freshly started one. - Re-measure the controls box when the banner appears or disappears (its height changes by a couple of lines) so the main content area recomputes availableTerminalHeight and stays laid out correctly. Auto-trigger now defaults to "on iff fastModel is configured" rather than unconditionally on. Running an ambient background recap on the main coding model is too costly and slow to be a sane default; tying it to fastModel means the feature is silently opt-in for users who have set up a cheap fast model. An explicit `general.showSessionRecap` override still wins either way, and `/recap` itself is unaffected. Sharpen the slash-command description to match the new behavior. * fix(core): silence AbortSignal listener-leak warning in OpenAI pipeline Every chat.completions.create call wires up an abort listener on the incoming AbortSignal, and several layers — retryWithBackoff, the LoggingContentGenerator wrapper, the SDK's own internal stream/fetch plumbing — register their own listeners against the same signal. Five retry attempts plus those layers comfortably exceed Node's default 10-listener cap and produce a MaxListenersExceededWarning. With features that share or compose signals (e.g., recap + followup speculation firing on the same response cycle), even a higher cap gets blown past. The signals here are per-request and short-lived, so the accumulation is structural rather than a real memory leak — they get GC'd as soon as the request settles. setMaxListeners(0, signal) at the SDK boundary disables the warning for these specific signals only, without masking any genuine leak elsewhere in the process. Idempotent and confined to the one place where retry-bound API calls cross into the SDK. * fix(core): tighten recap to a single sentence within 80 chars The 1-3 sentence budget reliably wrapped onto two lines in the sticky banner above the input box, which made it visually heavy for what is supposed to be a glanceable reminder. Constrain the prompt to exactly one sentence with a hard 80-char cap, and merge the "high-level task + next step" rule into a single sentence instead of two adjacent ones. Also sweep the docs (settings, commands, design) so the user-facing copy and the internal design notes match the new format. * fix(cli): apply review feedback for recap PR Two issues from review: - The schema description for `general.showSessionRecap` still said "1-3 sentence summary" while the prompt, docs, and slash-command copy already say "one-line". Aligns the text in settingsSchema.ts and the regenerated VSCode JSON schema. - The /resume wrapper cleared the sticky recap synchronously, before the inner handler had a chance to discover that no session data was available. On a no-op resume the user would still lose the current recap. Make `useResumeCommand.handleResume` return Promise<boolean> reporting whether a session actually loaded, and only clear the recap on a confirmed switch. * fix(cli): default showSessionRecap to false and drop fastModel heuristic The earlier "enabled iff fastModel is configured" default made it hard for users to answer the simple question "is auto-recap on for me right now?" — the answer depended on a setting from a different category, and setting/unsetting fastModel silently changed recap behavior. Revert to a plain boolean with a conservative off-by-default: - Auto-trigger fires only when the user explicitly sets `general.showSessionRecap: true`. - Manual `/recap` keeps working regardless (that's a user-initiated call, not an ambient one). - Users never get ambient LLM calls billed to their main coding model without having opted in. Aligns settings.md, design doc, and the regenerated JSON schema.	2026-04-20 23:58:19 +08:00
Shaojin Wen	c74d7678cb	Revert "feat(core): add dynamic swarm worker tool (#3433)" (#3468) ... This reverts commit f7ebc372f1.	2026-04-20 16:40:14 +08:00
顾盼	a82d766727	refactor(cli): replace slash command whitelist with capability-based filtering (Phase 1) (#3283) ... * refactor(cli): replace slash command whitelist with capability-based filtering (Phase 1) ## Summary Replace the hardcoded ALLOWED_BUILTIN_COMMANDS_NON_INTERACTIVE whitelist with a unified, capability-based command metadata model. This is Phase 1 of the slash command architecture refactor described in docs/design/slash-command/. ## Key changes ### New types (types.ts) - Add ExecutionMode ('interactive' | 'non_interactive' | 'acp') - Add CommandSource ('builtin-command' | 'bundled-skill' | 'skill-dir-command' | 'plugin-command' | 'mcp-prompt') - Add CommandType ('prompt' | 'local' | 'local-jsx') - Extend SlashCommand interface with: source, sourceLabel, commandType, supportedModes, userInvocable, modelInvocable, argumentHint, whenToUse, examples (all optional, backward-compatible) ### New module (commandUtils.ts + commandUtils.test.ts) - getEffectiveSupportedModes(): 3-priority inference (explicit supportedModes > commandType > CommandKind fallback) - filterCommandsForMode(): replaces filterCommandsForNonInteractive() - 18 unit tests ### Whitelist removal (nonInteractiveCliCommands.ts) - Remove ALLOWED_BUILTIN_COMMANDS_NON_INTERACTIVE constant - Remove filterCommandsForNonInteractive() function - Replace with CommandService.getCommandsForMode(mode) ### CommandService enhancements (CommandService.ts) - Add getCommandsForMode(mode: ExecutionMode): filters by mode, excludes hidden - Add getModelInvocableCommands(): reserved for Phase 3 model tool-call use ### Built-in command annotations (41 files) Annotate every built-in command with commandType: - commandType='local' + supportedModes all-modes: btw, bug, compress, context, init, summary (replaces the 6-command whitelist) - commandType='local' interactive-only: export, memory, plan, insight - commandType='local-jsx' interactive-only: all remaining ~31 commands ### Loader metadata injection (4 files) Each loader stamps source/sourceLabel/commandType/modelInvocable on every command it emits: - BuiltinCommandLoader: source='builtin-command', modelInvocable=false - BundledSkillLoader: source='bundled-skill', commandType='prompt', modelInvocable=true - command-factory (FileCommandLoader): source per extension/user origin, commandType='prompt', modelInvocable=!extensionName - McpPromptLoader: source='mcp-prompt', commandType='prompt', modelInvocable=true ### Bug fix MCP_PROMPT commands were incorrectly excluded from non-interactive/ACP modes by the old whitelist logic. commandType='prompt' now correctly allows them in all modes. ### Session.ts / nonInteractiveHelpers.ts - ACP session calls getAvailableCommands with explicit 'acp' mode - Remove allowedBuiltinCommandNames parameter from buildSystemMessage() — capability filtering is now self-contained in CommandService * fix test ci * fix memory command * fix: pass 'non_interactive' mode explicitly to getAvailableCommands - Fix critical bug in nonInteractiveHelpers.ts: loadSlashCommandNames was calling getAvailableCommands without specifying mode, causing it to default to 'acp' instead of 'non_interactive'. Commands with supportedModes that include 'non_interactive' but not 'acp' would be silently excluded. - Apply the same fix in systemController.ts for the same reason. - Update test mock to delegate filtering to production filterCommandsForMode() instead of duplicating the logic inline, preventing divergence. Fixes review comments by wenshao and tanzhenxin on PR #3283. * fix: resolve TypeScript type error in nonInteractiveHelpers.test.ts * fix test ci	2026-04-20 14:34:43 +08:00
Edenman	6c999fe29f	feat(cli): add OAuth configuration flags to mcp add (#3442) ... * feat(cli): Add OAuth redirect URI support to command - Add --oauth-redirect-uri, --oauth-client-id, --oauth-client-secret, --oauth-authorization-url, --oauth-token-url, and --oauth-scopes flags to the command - Enable configuration of custom OAuth redirect URIs for remote/cloud server deployments (fixes hardcoded localhost issue) - Document auth.redirectUri in both developer and user-facing MCP docs - Add comprehensive tests for OAuth configuration via CLI - Update documentation with examples and guidance for remote deployments Fixes #3336 Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * refactor(cli): harden OAuth flag handling in mcp add - Reject combining --oauth-* flags with --transport stdio to surface the mistake instead of silently persisting an unused oauth config - Rebuild OAuth config via single spread expression; drop the prior mutate-then-check pattern and the post-hoc enabled assignment - Trim each scope token after comma split so "read, write" no longer stores leading/trailing whitespace - Cover both new behaviors with tests; add missing --oauth-client-secret row and stdio-incompatibility note to the user MCP docs * test(cli): use explicit Vitest/Yargs type imports in mcp add tests Switch from namespace-style 'vi.Mock' and 'yargs.Argv' references to explicit 'Mock' and 'Argv' imports, and replace the narrow '(code?: number) => never' cast on the process.exit mock with 'typeof process.exit' so it tracks the current Node signature. --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-20 14:12:17 +08:00
ihubanov	0b8b3da836	feat(cli): add slashCommands.disabled setting to gate slash commands (#3445) ... * feat(cli): add slashCommands.disabled setting to gate slash commands Introduces a first-class way for operators to hide and refuse to execute specific slash commands. Useful for multi-tenant / enterprise / sandboxed deployments where different users should see different command subsets. The denylist is sourced from three unioned inputs: * `slashCommands.disabled` settings key (string[], UNION merge), so workspace scopes can only add to a denylist set at user or system scope, never shrink it — matching the shape already used by `permissions.deny`. * `--disabled-slash-commands` CLI flag (comma-separated or repeated). * `QWEN_DISABLED_SLASH_COMMANDS` environment variable. Matching is case-insensitive against the final (post-rename) command name, so extension commands are addressable by their disambiguated form (e.g. `firebase.deploy`). Disabled commands are removed from `CommandService`'s output, so they disappear from autocomplete and produce the standard unknown-command path in both interactive TUI and non-interactive (`--prompt`) modes. The scope of this change is slash commands only: it does not affect tool permissions (still `permissions.deny`) or keyboard shortcuts. * chore(cli): regenerate settings.schema.json for slashCommands.disabled Regenerates the companion JSON schema consumed by the VS Code extension after adding the `slashCommands.disabled` entry to the TS schema in the previous commit. Required by the "Check settings schema is up-to-date" CI lint step. * fix(cli): route disabled slash commands to unsupported, not no_command handleSlashCommand was passing the disabled denylist straight into CommandService.create, so disabled commands disappeared from `allCommands` too. The fallback existence check that distinguishes "known but not allowed in non-interactive mode" from "truly unknown" then failed, and disabled commands like `/help` fell through to `no_command` — causing the caller to forward them to the model as plain prompt text. Keep `allCommands` unfiltered and apply the denylist only when constructing the executable set and when producing the unsupported response. A disabled command now returns `unsupported` with a "disabled by the current configuration" reason and never reaches the model. Added three regression tests covering the primary case, case-insensitive match, and the preserved no_command path for genuinely unknown input.	2026-04-20 11:06:26 +08:00
Shaojin Wen	60a6dfc14c	feat(cli): add session recap with /recap and auto-show on return (#3434) ... * feat(cli): add session recap with /recap and auto-show on return Users often open an old session days later and need to scroll through pages to remember where they left off. This change adds a short "where did I leave off" recap — a 1-3 sentence summary generated by the fast model — so they can resume without re-reading the history. Two triggers: - /recap: manual slash command. - Auto: when the terminal has been blurred for 5+ minutes and gets focused again (uses the existing DECSET 1004 focus protocol via useFocus). Gated on streamingState === Idle so it never interrupts an active turn. Only fires once per blur cycle. The recap is rendered in dim color with a chevron prefix, visually distinct from assistant replies. A new `general.showSessionRecap` setting controls the auto-trigger (default on). /recap works independent of the setting. Implementation notes: - generateSessionRecap uses fastModel (falls back to main model), tools: [], maxOutputTokens: 300, and a tight system prompt. It strips tool calls / responses from history before sending — tool responses can hold 10K+ tokens of file content that drown the recap in irrelevant detail. The 30-message window respects turn boundaries (slice never starts on a dangling model/tool response). - Output is wrapped in <recap>...</recap> tags; the extractor returns empty (skips render) if the tag is missing, preventing model reasoning from leaking into the UI. - All failures are silent (return null) and logged via a scoped debugLogger; recap is best-effort and must never break main flow. - /recap refuses to run while a turn is pending. * fix(cli): abort in-flight recap when showSessionRecap is disabled If the user disables showSessionRecap while an auto-recap LLM call is already in flight, the previous code returned early without aborting. The pending .then would still pass its idle/abort guards and append the recap, producing an unwanted message after the user has opted out. Abort the controller and clear it eagerly so the resolved promise no longer adds to history. * fix(cli): gate /recap and auto-recap on streaming idle state Two related issues from review: 1. /recap was only refusing when ui.pendingItem was set, but a normal model reply runs with streamingState === Responding and a null pendingItem. Invoking /recap mid-stream would generate a recap from a partial conversation and insert it between the user prompt and the assistant reply. 2. useAwaySummary cleared blurredAtRef before checking isIdle, so if focus returned during a still-streaming turn (after a >5min blur) the recap was permanently dropped — there was no later retry when the turn became idle, because isIdle was not in the effect deps. Fixes: - Expose isIdleRef on CommandContext.ui (mirrors btwAbortControllerRef pattern). Plumb it from AppContainer through useSlashCommandProcessor. - recapCommand now refuses when isIdleRef.current is false OR pendingItem is non-null. - useAwaySummary preserves blurredAtRef on the !isIdle bail and adds isIdle to the effect deps, so the trigger re-evaluates when the current turn finishes. - Brief blurs (< AWAY_THRESHOLD_MS) still reset blurredAtRef. Also seeds isIdleRef in nonInteractiveUi and mockCommandContext so the new field has a sensible default outside the interactive UI. * docs: document /recap command, showSessionRecap setting, and design - User docs: add /recap to the Session and Project Management table in features/commands.md and a dedicated subsection covering manual use, the auto-trigger, the dim-color rendering, and the fast-model tip. - User docs: add general.showSessionRecap row to the configuration settings reference. - Design doc: docs/design/session-recap/session-recap-design.md covers motivation, the two trigger paths, the per-file architecture, prompt design with the <recap> tag and three-tier extractor, history filtering rationale (functionResponse can be 10K+ tokens), the useAwaySummary state machine, the isIdleRef gating for /recap, model selection, observability, and out-of-scope items. * fix(core): exclude thought parts from session recap context filterToDialog kept any non-empty text part, but @google/genai's Part type also marks model reasoning with part.thought / part.thoughtSignature. That hidden chain-of-thought was being fed to the recap LLM and could get summarized as if it were user-visible dialogue. Drop parts where either flag is set. Update the design doc's History 过滤 section to call this out alongside the existing tool-call/response rationale. * docs(session-recap): correct debug-logging guidance, fill in state machine, sharpen UX wording Audit of the session recap docs against the implementation found three issues worth fixing: - Design doc claimed debug logs were enabled via a QWEN_CODE_DEBUG_LOGGING env var. That var does not exist; debug logs are written to ~/.qwen/debug/<sessionId>.txt by default, gated by QWEN_DEBUG_LOG_FILE. Replace with the accurate path + opt-out behavior, and tell the reader to grep for the [SESSION_RECAP] tag. - Design doc's useAwaySummary state machine table was missing the isFocused && blurredAtRef === null path (taken on first render and right after a brief-blur reset). Add the row. - User doc's "Refuses to run ... failures are silent" line conflated the inline-error refusal with silent generation failures, and "(when the conversation is idle)" used internal jargon. Split the two cases and spell out what "idle" means, including the wait-then-fire behavior when focus returns mid-turn. * docs(session-recap): correctly describe /recap vs auto-trigger failure modes The previous wording said "Generation/network failures are silent — the recap simply does not appear", but recapCommand returns a user-facing info message ("Not enough conversation context for a recap yet.") in exactly that path, and also returns inline messages for the config-not-loaded and busy-turn guards. Only the auto-trigger path is truly silent (it just skips addItem when generateSessionRecap returns null). Split the two paths in the doc so the manual command's "always responds with something" behavior is distinguished from the auto-trigger's no-op-on-failure behavior. * docs(session-recap): align prompt-rules section with the actual prompt Two doc-vs-code mismatches in the design doc's "System Prompt" section, caught with the same lens as yiliang114's failure-mode review: - The bullet list claimed RECAP_SYSTEM_PROMPT forbids "推测用户意图" and "用 'you' 称呼用户". Those rules existed in an early draft but were dropped when the <recap> tag rules were added; the current prompt has no such restrictions. Replace with the actual rules and add a "与 RECAP_SYSTEM_PROMPT 一一对应" marker so future edits stay in sync. - The doc said systemInstruction "覆盖" the main agent prompt. True for the agent prompt portion, but GeminiClient.generateContent internally calls getCustomSystemPrompt which appends user memory (QWEN.md / 自动 memory) as a suffix. Spell that out — the final system prompt is recap prompt + user memory, which is actually useful project context for the recap. * docs(session-recap): translate design doc to English The repo convention for docs/design is English (7 of 8 existing files; auto-memory/memory-system.md is the only Chinese one). The first version of this design doc followed the auto-memory example, which turned out to be the wrong sample. Translate to English while preserving the existing structure, the state-machine table, the prompt-vs-doc 1:1 alignment, the QWEN_DEBUG_LOG_FILE description, and the failure-mode notes added in prior commits. * fix(cli): drop empty info return from /recap interactive success path The interactive success path inserts the away_recap history item directly via ui.addItem and then returned `{type: 'message', messageType: 'info', content: ''}`. The slash-command processor's 'message' case unconditionally calls addMessage, which adds another HistoryItemInfo with empty text. The empty info renders as nothing (StatusMessage early-returns null), but it still bloats the in-memory history list and shows up in /export and saved sessions. Return void on the interactive success path and on the abort path so the processor's `if (result)` check skips the message-handler branch entirely. Widen the action's return type to `void | SlashCommandActionReturn` to match (same shape as btwCommand).	2026-04-19 21:38:48 +08:00
gin-lsl	a02c115445	feat(tools): add Markdown for Agents support to WebFetch tool (#2734) ... Closes #2025	2026-04-19 17:23:09 +08:00
Reid	f7ebc372f1	feat(core): add dynamic swarm worker tool (#3433) ... * feat(core): add dynamic swarm worker tool Add a swarm tool for ad-hoc parallel worker execution with bounded concurrency, wait-all and first-success modes, per-worker failure isolation, and aggregated results. Register the tool in core, prevent nested worker recursion, and document the new workflow. * fix(core): harden swarm worker execution Prevent swarm calls from bypassing the outer scheduler concurrency budget. Disallow interactive question prompts in swarm workers by default, and avoid incomplete Markdown table escaping by using an HTML entity for pipe characters. Add focused tests for the scheduler behavior, worker tool restrictions, and result formatting.	2026-04-19 14:46:59 +08:00
Shaojin Wen	4bf5bf22de	feat(cli): support refreshInterval in statusLine for periodic refresh (#3383) ... * feat(cli): support refreshInterval in statusLine for periodic refresh The statusLine (#3311) re-runs only when Agent state changes (token count, model, git branch, etc.). Commands that display *external* data — a clock, rate-limit counters, CI build status — have no Agent event to hook into and go stale between messages. Add an optional `ui.statusLine.refreshInterval` field (seconds, minimum 1) that schedules a setInterval alongside the existing event-driven updates. Overlap with state-change debounce is safe: `doUpdate` kills any in-flight child and bumps the generation counter, so only the most recent output reaches the footer. Validation lives in `getStatusLineConfig`: - Must be `number`, `Number.isFinite(...)`, `>= 1` - Anything else is silently dropped (no interval scheduled) No changes to the default behavior — configs without `refreshInterval` behave exactly as before. * fix(cli): yield periodic statusLine tick when previous exec is in flight Review feedback on #3383: with `refreshInterval: 1` and a command whose real exec time exceeds 1s, each tick was unconditionally calling `doUpdate()` — which kills the in-flight child and bumps the generation counter — so the prior exec's callback was always discarded as stale. `setOutput` was never reached and the statusline stayed empty until `refreshInterval` was removed or the command became faster. Guard the interval callback with an `activeChildRef` check so a pending exec is allowed to finish. State-change triggers (model switch, token count, branch, etc.) still go through `scheduleUpdate` → `doUpdate` directly and legitimately preempt stale children; only the periodic tick yields. The existing 5s exec timeout is still the hard ceiling. Also drop the redundant `'refreshInterval' in raw` check — the `typeof raw.refreshInterval === 'number'` guard already excludes missing / undefined values. Tests: - Add regression test `'skips periodic ticks while a previous exec is still running'` — three ticks during one unfinished exec trigger zero new spawns; the next tick after callback completion does spawn. - Update two existing tests to resolve the mount exec before expecting subsequent ticks (the old tests implicitly relied on the starvation behavior being tolerated). * test(cli): assert user-visible lines state in starvation regression Self-review insight: the existing `skips periodic ticks while a previous exec is still running` test only counted `exec` calls — it confirmed the guard prevents redundant spawns, but would have silently passed even if the eventual callback was still being discarded as stale (which is the actual user-visible symptom of the starvation bug). Add `expect(result.current.lines).toEqual(['done'])` after resolving the mount's pending callback. Without the guard, generationRef would have bumped 3 times during the yielded ticks, the callback's captured gen would fail the stale check, `setOutput` would never fire, and `lines` would stay empty — now caught explicitly. * perf(cli): dedupe statusLine output to skip unchanged Footer re-renders Review feedback on #3383 (narrow terminal stacking): when `refreshInterval` fires at 1s and the command output is unchanged, the mount-and-setOutput cycle still allocates a new array and triggers a Footer re-render. Under certain narrow-terminal conditions, Ink's erase-line accounting mis-counts wrapped rows and stale content accumulates on screen. The Footer-layout root cause is in #3311's narrow-mode flex setup and Ink's truncate semantics, which is out of scope for this PR. But we can cut the re-render surface here by preserving the `lines` array reference when the command produces identical output — a strict Pareto improvement for any caller (clock-style statuslines with second-precision still re-render; rate-limit / branch / CI-status style statuslines that change infrequently stop triggering work every tick). Tests: - `preserves the same lines array reference when output is unchanged` asserts referential equality after a re-exec with identical stdout. - `produces a new reference when output changes` guards against over-eager dedup that would miss legitimate updates. * fix(cli): stabilize Footer rendering in narrow terminals Narrow-terminal E2E feedback on #3383: with `refreshInterval` at 1s, empty lines were accumulating above the input prompt each tick. Root cause is in the Footer flex layout — originally from #3311 — where Ink miscounts logical rows vs the physical rows the terminal actually uses. Two adjustments, both idiomatic (used elsewhere in the repo already): 1. Left column — `minWidth={0}`. Without this, Yoga's `min-width: auto` default keeps the Box at its natural content width, so a statusline wider than the terminal doesn't engage `<Text wrap="truncate">`; the text renders at content-width and the terminal wraps it physically. `minWidth={0}` lets the column shrink so the text child can truncate at container width. 2. Right section — `flexWrap="wrap"`. With multiple indicators (sandbox label, debug badge, dream, context-usage) the row can exceed a narrow terminal's width. Without `flexWrap` Ink lays them out in a single logical row, but the terminal physically wraps to two — Ink's erase sequence (`\e[2K\e[1A…` per logical row) then clears one row while two exist, and the extra row ghosts every re-render. With `wrap` Ink tracks the second row explicitly and erases correctly. Together these make the Footer's row count match between Ink's logical view and the terminal's physical view, so frequent re-renders (as `refreshInterval` enables) stop accumulating ghost rows. Needs verification in a real narrow TTY — from this environment I can reason about the flex semantics and confirm both props are supported by Ink's Box, but actually observing ghost-row elimination requires process.stdout.columns on a real terminal. * Revert "fix(cli): stabilize Footer rendering in narrow terminals" This reverts commit 9758cda85f. Reason: I could not reproduce BZ-D's reported ghost-row stacking in tmux (40x25, 2-line statusline + real exec + Static history + refreshInterval: 1) over 14+ ticks. Both `minWidth={0}` and `flexWrap="wrap"` are legitimate defensive idioms, but without a failing repro I can't verify they address the reported bug, and I shouldn't ship a speculative layout change as "the fix". Keeping the output-dedup commit (e1d321186) — that one is a strict improvement regardless of the underlying Ink behavior. Will request BZ-D's specific terminal setup and reopen with a verified fix (or confirm the issue is specific to a particular emulator, not flex/Ink).	2026-04-19 11:12:16 +08:00
易良	cd1be1c524	feat(vscode-ide-companion): add agent execution tool display (#2590) ... Preserve structured agent rawOutput through the VSCode session pipeline. Render dedicated agent execution cards from shared webui components.	2026-04-18 23:39:26 +08:00
Viktor Szépe	a1d1e5e276	Fix typo in class name (#2189)	2026-04-18 11:59:36 +08:00
ChiGao	9e26424aa7	feat(cli): add dual-output sidecar mode for TUI (#3352) ... * feat(cli): add dual-output sidecar mode for TUI Adds an optional **dual-output** mode for the interactive TUI: while Qwen Code keeps rendering normally on stdout, it concurrently emits a structured JSON event stream on a second channel (--json-fd / --json-file) and optionally watches a JSONL command file (--input-file) for prompts and tool-permission responses written by an external program. This unlocks programmatic embedding of the TUI from IDE extensions, web frontends, CI agents, or automation scripts without forcing them to give up the rich interactive UI in favor of --output-format=stream-json. ## Design The TUI already has a battle-tested JSON event emitter (`StreamJsonOutputAdapter`). This change makes that adapter pluggable on its output stream and wires a small `DualOutputBridge` that forwards TUI events to a second instance of the adapter writing to fd / file. For tool approvals, when a tool enters awaiting_approval the bridge emits `control_request` (subtype `can_use_tool`); whichever side resolves first (TUI's native UI or `confirmation_response` via --input-file) wins, and a `control_response` is mirrored back so all observers stay in sync. `session_start` is announced once when the bridge is constructed so consumers can correlate the channel with a session before any other event arrives. ## CLI surface - `--json-fd <n>` — write JSON events to fd n (n >= 3; provided via spawn stdio). - `--json-file <path>` — write JSON events to a file / FIFO / /dev/fd/N. - `--input-file <path>` — watch this file for JSONL commands. `--json-fd` and `--json-file` are mutually exclusive. fds 0/1/2 are rejected to prevent corrupting the TUI. ## Wire protocol Output: existing stream-json schema with `includePartialMessages` always enabled, plus: - `system` / `subtype: session_start` — emitted once on bridge construction. - `control_request` / `subtype: can_use_tool` — pending tool approval. - `control_response` — final approval outcome (mirrors TUI-native or external resolution). Input (--input-file): {"type":"submit","text":"What does this function do?"} {"type":"confirmation_response","request_id":"...","allowed":true} `submit` is queued and retried when the TUI returns to idle. `confirmation_response` is dispatched immediately — a pending tool call is blocking and the response cannot wait behind earlier submits. See `docs/users/features/dual-output.md` for the full schema, latency notes, failure modes, and a spawn example. ## What changes when the flags are absent Nothing. The bridge and watcher are constructed only when the relevant flags are set; otherwise the React Context providers carry `null` and every callsite short-circuits. No overhead, no behavioral change for existing users. ## Failure handling - Bad fd / unopenable path → warning on stderr, dual output stays disabled, TUI launches normally. - Consumer disconnect (EPIPE) → bridge silently disables itself, TUI keeps running. - Any exception inside the adapter → caught, logged, bridge disabled. The TUI is never crashed by a dual-output failure. ## Files New: - packages/cli/src/dualOutput/{DualOutputBridge,DualOutputContext,index}.{ts,tsx} - packages/cli/src/remoteInput/{RemoteInputWatcher,RemoteInputContext,index}.{ts,tsx} - packages/cli/src/nonInteractive/io/index.ts - docs/users/features/dual-output.md Modified: - packages/core/src/config/config.ts — 3 new ConfigParameters fields + getters - packages/cli/src/config/config.ts — yargs options + mutex validation - packages/cli/src/gemini.tsx — instantiate bridge / watcher in startInteractiveUI, wrap with Context Providers, register cleanup - packages/cli/src/ui/AppContainer.tsx — connect RemoteInput to submitQuery, bridge tool confirmations - packages/cli/src/ui/hooks/useGeminiStream.ts — call dualOutput?.processEvent(...) at five existing event points - packages/cli/src/nonInteractive/io/{Base,Stream}JsonOutputAdapter.ts — StreamJsonOutputAdapter accepts an injected output stream; base adapter exposes emitPermissionRequest / emitControlResponse through a new emitControlMessageImpl hook (default no-op in batch mode). ## Tests - packages/cli/src/dualOutput/DualOutputBridge.test.ts — fd validation, auto session_start, control-event routing, post-shutdown safety. - packages/cli/src/remoteInput/RemoteInputWatcher.test.ts — submit forwarding, immediate confirmation dispatch, busy/idle retry, malformed-line tolerance, shutdown. - packages/cli/src/nonInteractive/io/StreamJsonOutputAdapter.dualOutput.test.ts — custom outputStream injection and new emitPermissionRequest / emitControlResponse paths. tsc --noEmit -p packages/cli/tsconfig.json is clean. vitest run src/nonInteractive src/dualOutput src/remoteInput → 297 passed, 1 skipped, 11 files. * feat(cli): dual-output capability handshake, session_end, control_error, settings.json Incremental improvements on top of the initial dual-output PR based on reviewer feedback. All extensions are additive; older consumers that ignore unknown fields keep working. ## Capability handshake in session_start `session_start.data` now carries three new fields so consumers can feature-detect without sniffing the stream: - `protocol_version` (integer, currently 1) — bumped on any protocol change consumers might care about. - `version` (string) — the Qwen Code CLI version, threaded in from `gemini.tsx`. - `supported_events` (string[]) — the event kinds this bridge version is known to emit, exported as `SUPPORTED_EVENTS` from the module. ## session_end on bridge shutdown DualOutputBridge.shutdown() now emits a final `system` / `session_end` event carrying `session_id` before closing the stream. Gives consumers a definitive termination signal rather than requiring them to infer it from EPIPE. Idempotent — calling shutdown twice emits exactly one session_end. ## control_error emission path `ControlErrorResponse` (already defined in types.ts) now has a first- class emission path: `BaseJsonOutputAdapter.emitControlError(requestId, message)` → `control_response` with `subtype: 'error'`. Wired into AppContainer's remote-input confirmation handler so that a `confirmation_response` referencing an unknown / already-resolved request_id produces a structured error reply instead of silently dropping, letting consumers retry or surface the error. ## settings.json support New `dualOutput` top-level settings block with `jsonFile` and `inputFile` properties. `--json-fd` has no settings equivalent (fd passing is a spawn-time concern). CLI flag wins over settings when both are present, so scripted one-off runs still work unchanged. `requiresRestart: true` since the bridge is constructed once at startup. ## Documentation `docs/users/features/dual-output.md` gains three major sections: - **Use cases** — concrete integration scenarios (terminal+chat dual sync, IDE extensions, web frontends, CI observers, multi-agent orchestration, session replay, observability, QA). - **Why two output flags?** — detailed rationale for coexisting `--json-fd` and `--json-file`, including the PTY constraint (`node-pty` / `bun-pty` expose no stdio array, and `forkpty(3)` / `login_tty` actively close fds >= 3 before exec). - **Comparison with Claude Code's stream-json** — schema-parity matrix, transport-topology differences, permission-control-plane behavioral notes, and a "room to improve" section as a design horizon. - **Runnable demos** — seven copy-paste POCs: event observer, remote submit, permission bridge, Node embedder with capability feature-detection, session_end handling, failure drills. - **Settings-based configuration** — example settings.json snippet and precedence rules. ## Tests - DualOutputBridge.test.ts: new cases for capability handshake shape, session_end on shutdown, shutdown idempotency, and emitControlError. - StreamJsonOutputAdapter.dualOutput.test.ts: new case for emitControlError at the adapter level. 302 passed, 1 skipped, 11 files. tsc --noEmit -p packages/cli is clean. * docs(dual-output): shrink Claude Code comparison to one honest sentence After actually reading the Claude Code source (src/cli/structuredIO.ts, src/bridge/*, src/utils/messages/systemInit.ts), the previous "Comparison with Claude Code's stream-json" section was overstated: - Claude Code has no equivalent of TUI + sidecar running simultaneously. Its stream-json only works with --print (non-interactive); the bridge in src/bridge/* is Anthropic's own remote worker protocol, not a local embedding surface. - CC uses `system/init` (not `session_start`) and has no session_end in the wire protocol, so the schema-parity table contained false ticks. - Framing this PR as "parity with Claude Code" is therefore inaccurate; it's filling a gap Claude Code does not address. Replace the whole multi-section comparison (schema matrix, transport table, permission notes, borrow list, roadmap) with a single sentence stating the accurate relation: same event format in spirit, different topology — CC's is non-interactive only. * fix(cli): address review feedback on dual-output sidecar mode - Fix control_response mirror: external-initiated confirmations now emit control_response via the same mirror useEffect as TUI-native resolutions, making the emission path symmetric for all observers. - Fix ENOENT: --json-file with a non-existent path now falls back to createWriteStream (auto-creates the file) instead of throwing. - Fix race: add reading guard to RemoteInputWatcher.readNewLines() preventing duplicate command processing on rapid appends. - Refactor confirmationHandler to use refs (pendingToolCallsRef, dualOutputRef) and register once (deps: [remoteInput]) to eliminate teardown/re-registration churn. - Add debug logging to shutdown bare catch for ops correlation. - Add ENOENT fallback test case for DualOutputBridge. - Regenerate settings.schema.json for dualOutput section. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): make RemoteInputWatcher poll interval configurable for CI reliability RemoteInputWatcher.test.ts was timing out in CI (5s default) because fs.watchFile's 500ms poll interval is unreliable under load. Fix: - Accept optional `pollIntervalMs` in constructor (default 500ms). - Tests use 100ms poll interval for faster feedback. - Increase per-test timeout to 15s and waitFor timeout to 10s. - Increase "TUI busy" wait from 800ms to 1500ms for CI headroom. Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(cli): eliminate fs.watchFile timing dependency in RemoteInputWatcher tests Tests were flaky across all CI platforms (macOS/ubuntu/windows) because fs.watchFile polling (even at 100ms) is unreliable under CI load. Fix: expose checkForNewInput() as a public method that directly triggers file reading and returns a Promise. Tests now call it synchronously after writing to the input file — no polling, no timeouts, deterministic. Also fixes: - Windows ENOTEMPTY: add delay in afterEach before rmSync - Add active check in readNewLines to respect shutdown state - readNewLines now returns Promise<void> for awaitable reads Generated with AI Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> --------- Co-authored-by: 秦奇 <gary.gq@alibaba-inc.com> Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-18 02:14:53 +08:00
joeytoday	89167618d8	docs: update authentication methods to reflect OAuth discontinuation (#3325) ... * docs: update authentication methods to reflect OAuth discontinuation Remove deprecated Qwen OAuth references and update documentation to direct users to valid authentication methods (API Key, Coding Plan, or Local Inference) following the OAuth free tier discontinuation on 2026-04-15. Closes #3316 * docs: fix quickstart auth description to match actual /auth UI The /auth command shows three options: Alibaba Cloud Coding Plan, API Key, and Qwen OAuth (discontinued). Updated quickstart.md to accurately reflect this UI instead of splitting into Option A/B/C. Also updated settings.md, commands.md, and troubleshooting.md with minor OAuth-related cleanups. * docs: update .qwen workspace description in quickstart Remove reference to 'Qwen account' since OAuth is discontinued. The .qwen directory is created by Qwen Code itself for storing credentials, configuration, and session data. * docs: fix warning block formatting in quickstart - Add missing '>' continuation for the OAuth discontinuation warning block Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs: update README Qwen3.6-Plus description - Remove mention of running Qwen3.6-Plus locally via Ollama/vLLM - Keep only the Alibaba Cloud ModelStudio API key option Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * docs: address review feedback - remove Local Inference from auth, add dual-region links - Local Inference removed from auth method lists, kept as separate 'Local Model Setup' section with detailed Ollama/vLLM config examples - All links now provide dual-region URLs (Beijing + intl) - .qwen workspace note restored to original meaning (cost tracking) - Device auth flow error kept scoped to legacy OAuth - API setup guide links updated with confirmed intl URL --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-17 15:34:18 +08:00
Shaojin Wen	b004450d7f	feat(cli): support multi-line status line output (#3311) ... * feat(cli): support multi-line status line output (#3211) Remove the single-line hard limit (.split('\n')[0]) from the status line hook so user scripts can output multiple rows. Footer renders each line as a separate <Text wrap="truncate"> element, preserving per-line horizontal truncation. Ink's virtual DOM handles re-rendering without manual ANSI cursor management. * feat(cli): cap status line output at 3 lines Prevent runaway scripts from flooding the footer — lines beyond the third are silently discarded. * docs: mention 3-line cap in status line docs and agent prompt * fix(cli): cap status line at 2 lines to keep footer within 3 rows Footer has a fixed bottom row (hint/mode indicator), so status line gets at most 2 lines to keep the total footer height at 3 rows max. * test(cli): improve useStatusLine coverage to 100% lines Add tests for: per-model metrics payload, contextWindowSize/version/ model fallbacks, config removal with pending debounce, command change cancelling pending debounce. * docs: update status line ASCII diagram for multi-line layouts Also fix TS error in test (null → null as never for mock return). * refactor(cli): return string[] from useStatusLine, filter empty lines Address review feedback: - Hook returns `lines: string[]` instead of `text: string | null`, eliminating the join/split round-trip with Footer. - Filter empty lines before slicing so leading blanks don't eat real content (e.g. "\n\nreal content" no longer yields ["", ""]). - Export MAX_STATUS_LINES with comment explaining the 3-row constraint. - Use `status-line-${i}` as React key for clarity. * test(cli): add Footer multi-line rendering, \r\n, and pure-newline tests Address remaining review feedback: - Footer test: mock useStatusLine, verify multi-line rendering and hint suppression. - useStatusLine test: add \r\n line ending and pure-newline edge case. * fix(cli): align right footer indicators to top When the status line has multiple rows, the left column becomes taller than the right section. The outer Box defaults to `alignItems: stretch` which caused the indicators to visually center; add `alignItems="flex-start"` on the right Box so they stay anchored to the top row. Reported via e2e test in #3311.	2026-04-17 12:44:30 +08:00
Richard Luo	30c5eeaf20	docs: fix Windows install command to work in both CMD and PowerShell (#3252)	2026-04-17 10:36:23 +08:00
顾盼	9e2f63a1ca	feat(memory): managed auto-memory and auto-dream system (#3087) ... * docs: add auto-memory implementation log * feat(core): add managed auto-memory storage scaffold * feat(core): load managed auto-memory index * feat(core): add managed auto-memory recall * feat(core): add managed auto-memory extraction * feat(cli): add managed auto-memory dream commands * feat(core): add auxiliary side-query foundation * feat(memory): add model-driven recall selection * feat(memory): add model-driven extraction planner * feat(core): add background task runtime foundation * feat(memory): schedule auto dream in background * feat(core): add background agent runner foundation * feat(memory): add extraction agent planner * feat(core): add dream agent planner * feat(core): rebuild managed memory index * feat(memory): add governance status commands * feat(memory): add managed forget flow * feat(core): harden background agent planning * feat(memory): complete managed parity closure * test(memory): add managed lifecycle integration coverage * feat: same to cc * feat(memory-ui): add memory saved notification and memory count badge Feature 3 - Memory Saved Notification: - Add HistoryItemMemorySaved type to types.ts - Create MemorySavedMessage component for rendering '● Saved/Updated N memories' - In useGeminiStream: detect in-turn memory writes via mapToDisplay's memoryWriteCount field and emit 'memory_saved' history item after turn - In client.ts: capture background dream/extract promises and expose via consumePendingMemoryTaskPromises(); useGeminiStream listens post-turn and emits 'Updated N memories' notification for background tasks Feature 4 - Memory Count Badge: - Add isMemoryOp field to IndividualToolCallDisplay - Add memoryWriteCount/memoryReadCount to HistoryItemToolGroup - Add detectMemoryOp() in useReactToolScheduler using isAutoMemPath - ToolGroupMessage renders '● Recalled N memories, Wrote N memories' badge at the top of tool groups that touch memory files Fix: process.env bracket-access in paths.ts (noPropertyAccessFromIndexSignature) Fix: MemoryDialog.test.tsx mock useSettings to satisfy SettingsProvider requirement * fix(memory-ui): auto-approve memory writes, collapse memory tool groups, fix MEMORY.md path Problem 1 - Auto-approve memory file operations: - write-file.ts: getDefaultPermission() checks isAutoMemPath; returns 'allow' for managed auto-memory files, 'ask' for all other files - edit.ts: same pattern Problem 2 - Feature 4 UX: collapse memory-only tool groups: - ToolGroupMessage: detect when all tool calls have isMemoryOp set (pure memory group) and all are complete; render compact '● Recalled/Wrote N memories (ctrl+o to expand)' instead of individual tool call rows - ctrl+o toggles expand/collapse when isFocused and group is memory-only - Mixed groups (memory + other tools) keep badge-at-top behaviour - Expanded state shows individual tool calls with '● Memory operations (ctrl+o to collapse)' header Problem 3 - MEMORY.md path mismatch: - prompt.ts: Step 2 now references full absolute path ${memoryDir}/MEMORY.md so the model writes to the correct location inside the memory directory, not to the parent project directory Fix tests: - write-file.test.ts: add getProjectRoot to mockConfigInternal - prompt.test.ts: update assertion to match full-path section header * fix(memory-ui): fix duplicate notification, broken ctrl+o, and Edit tool detection - Remove duplicate 'Saved N memories' notification: the tool group badge already shows 'Wrote N memories'; the separate HistoryItemMemorySaved addItem after onComplete was double-counting. Keep only the background-task path (consumePendingMemoryTaskPromises). - Remove ctrl+o expand: Ink's Static area freezes items on first render and cannot respond to user input. useInput/useState(isExpanded) in a Static item is a no-op. Removed the dead code; memory-only groups now always render as the compact summary (no fake interactive hint). - Fix Edit tool detection: detectMemoryOp was checking for 'edit_file' but the real tool name constant is 'edit'. Also removed non-existent 'create_file' (write_file covers all writes). Now editing MEMORY.md is correctly identified as a memory write op, collapses to 'Wrote N memories', and is auto-approved. * fix(dream): run /dream as a visible submit_prompt turn, not a silent background agent The previous implementation ran an AgentHeadless background agent that could take 5+ minutes with zero UI feedback — user saw a blank screen for the entire duration and then at most one line of text. Fix: /dream now returns submit_prompt with the consolidation task prompt so it runs as a regular AI conversation turn. Tool calls (read_file, write_file, edit, grep_search, list_directory, glob) are immediately visible as collapsed tool groups as the model works through the memory files — identical UX to Claude Code. Also export buildConsolidationTaskPrompt from dreamAgentPlanner so dreamCommand can reuse the same detailed consolidation prompt that was already written. * fix(memory): auto-allow ls/glob/grep on memory base directory Add getMemoryBaseDir() to getDefaultPermission() allow list in ls.ts, glob.ts, and grep.ts — mirrors the existing pattern in read-file.ts. Without this, ListFiles/Glob/Grep on ~/.qwen/* would trigger an approval dialog, blocking /dream at its very first step. * fix(background): prevent permission prompt hangs in background agents Match Claude Code's headless-agent intent: background memory agents must never block on interactive permission prompts. Wrap background runtime config so getApprovalMode() returns YOLO, ensuring any ask decision is auto-approved instead of hanging forever. Add regression test covering the wrapped approval mode. * fix(memory): run auto extract through forked agent Make managed auto-memory extraction follow the Claude Code architecture: background extraction now uses a forked agent to read/write memory files directly, instead of planning patches and applying them with a separate filesystem pipeline. Keep the old patch/model path only as fallback if the forked agent fails. Add regression tests covering the new execution path and tool whitelist. * refactor(memory): remove legacy extract fallback pipeline Delete the old patch/model/heuristic extraction path entirely. Managed auto-memory extract now runs only through the forked-agent execution flow, with no planner/apply fallback stages remaining. Also remove obsolete exports/tests and update scheduler/integration coverage to use the forked-agent-only architecture. * refactor(memory): move auxiliary files out of memory/ directory meta.json, extract-cursor.json, and consolidation.lock are internal bookkeeping files, not user-visible memories. Move them one level up to the project state dir (parent of memory/) so that the memory/ directory contains only MEMORY.md and topic files, matching the clean layout of the upstream reference implementation. Add getAutoMemoryProjectStateDir() helper in paths.ts and update the three path accessors + store.test.ts path assertions accordingly. * fix(memory): record lastDreamAt after manual /dream run The /dream command submits a prompt to the main agent (submit_prompt), which writes memory files directly. Because it bypasses dreamScheduler, meta.json was never updated and /memory always showed 'never'. Fix by: - Exporting writeDreamManualRunToMetadata() from dream.ts - Adding optional onComplete callback to SubmitPromptActionReturn and SubmitPromptResult (types.ts / commands/types.ts) - Propagating onComplete through slashCommandProcessor.ts - Firing onComplete after turn completion in useGeminiStream.ts - Providing the callback in dreamCommand.ts to write lastDreamAt * fix(memory): remove scope params from /remember in managed auto-memory mode --global/--project are legacy save_memory tool concepts. In managed auto-memory mode the forked agent decides the appropriate type (user/feedback/project/reference) based on the content of the fact. Also improve the prompt wording to explicitly ask the agent to choose the correct type, reducing the tendency to default to 'project'. * feat(ui): show '✦ dreaming' indicator in footer during background dream Subscribe to getManagedAutoMemoryDreamTaskRegistry() in Footer via a useDreamRunning() hook. While any dream task for the current project is pending or running, display '✦ dreaming' in the right section of the footer bar, between Debug Mode and context usage. * refactor(memory): align dream/extract infrastructure with Claude Code patterns Five improvements based on Claude Code parity audit: 1. Memoize getAutoMemoryRoot (paths.ts) - Add _autoMemoryRootCache Map, keyed by projectRoot - findCanonicalGitRoot() walks the filesystem per call; memoize avoids repeated git-tree traversal on hot-path schedulers/scanners - Expose clearAutoMemoryRootCache() for test teardown 2. Lock file stores PID + isProcessRunning reclaim (dreamScheduler.ts) - acquireDreamLock() writes process.pid to the lock file body - lockExists() reads PID and calls process.kill(pid, 0); dead/missing PID reclaims the lock immediately instead of waiting 2h - Stale threshold reduced to 1h (PID-reuse guard, same as CC) 3. Session scan throttle (dreamScheduler.ts) - Add SESSION_SCAN_INTERVAL_MS = 10min (same as CC) - Add lastSessionScanAt Map<projectRoot, number> to ManagedAutoMemoryDreamRuntime - When time-gate passes but session-gate doesn't, throttle prevents re-scanning the filesystem on every user turn 4. mtime-based session counting (dreamScheduler.ts) - Replace fragile recentSessionIdsSinceDream Set in meta.json with filesystem mtime scan (listSessionsTouchedSince) - Mirrors Claude Code's listSessionsTouchedSince: reads session JSONL files from Storage.getProjectDir()/chats/, filters by mtime > lastDreamAt - Immune to meta.json corruption/loss; no per-turn metadata write - ManagedAutoMemoryDreamRuntime accepts injectable SessionScannerFn for clean unit testing without real session files 5. Extraction mutual exclusion extended to write_file/edit (extractScheduler.ts) - historySliceUsesMemoryTool() now checks write_file/edit/replace/create_file tool calls whose file_path is within isAutoMemPath() - Previously only detected save_memory; missed direct file writes by the main agent, causing redundant background extraction * docs(memory): add user-facing memory docs, i18n for all locales, simplify /forget - Add docs/users/features/memory.md: comprehensive user-facing guide covering QWEN.md instructions, auto-memory behaviour, all memory commands, and troubleshooting; replaces the placeholder auto-memory.md - Update docs/users/features/_meta.ts: rename entry auto-memory → memory - Update docs/users/features/commands.md: add /init, /remember, /forget, /dream rows; fix /memory description; remove /init duplicate - Update docs/users/configuration/settings.md: add memory.* settings section (enableManagedAutoMemory, enableManagedAutoDream) between tools and permissions - Remove /forget --apply flag: preview-then-apply flow replaced with direct deletion; update forgetCommand.ts, en.js, zh.js accordingly - Add all auto-memory i18n keys to de, ja, pt, ru locales (18 keys each): Open auto-memory folder, Auto-memory/Auto-dream status lines, never/on/off, ✦ dreaming, /forget and /remember usage strings, all managed-memory messages - Remove dead save_memory branch from extractScheduler.partWritesToMemory() - Add ✦ dreaming indicator to Footer.tsx with i18n; fix Footer.test.tsx mocks - Refactor MemoryDialog.tsx auto-dream status line to use i18n - Remove save_memory tool (memoryTool.ts/test); clean up webui references - Add extractionPlanner.ts, const.ts and associated tests - Delete stale docs/users/configuration/memory.md and docs/developers/tools/memory.md (content superseded) * refactor(memory): remove all Claude Code references from comments and test names * test(memory): remove empty placeholder test files that cause vitest to fail * fix eslint * fix test in windows * fix test * fix(memory): address critical review findings from PR #3087 - fix(read-file): narrow auto-allow from getMemoryBaseDir() (~/.qwen) to isAutoMemPath(projectRoot) to prevent exposing settings.json / OAuth credentials without user approval (wenshao review) - fix(forget): per-entry deletion instead of whole-file unlink - assign stable per-entry IDs (relativePath:index for multi-entry files) so the model can target individual entries without removing siblings - rewrite file keeping unmatched entries; only unlink when file becomes empty (wenshao review) - fix(entries): round-trip correctness for multi-entry new-format bodies - parseAutoMemoryEntries: plain-text line closes current entry and opens a new one (was silently ignored when current was already set) - renderAutoMemoryBody: emit blank line between adjacent entries so the parser can detect entry boundaries on re-read (wenshao review) - fix(entries): resolve two CodeQL polynomial-regex alerts - indentedMatch: \s{2,}(?:[-*]\s+)? → [\t ]{2,}(?:[-*][\t ]+)? - topLevelMatch: :\s*(.+)$ → :[ \t]*(\S.*)$ (github-advanced-security review) - fix(scan.test): use forward-slash literal for relativePath expectation since listMarkdownFiles() normalises all separators to '/' on all platforms including Windows * fix(memory): replace isAutoMemPath startsWith with path.relative() Using path.relative() instead of string startsWith() is more robust across platforms — it correctly handles Windows path-separator differences and avoids potential edge cases where a path prefix match could succeed on non-separator boundaries. Addresses github-actions review item 3 (PR #3087). * feat(telemetry): add auto-memory telemetry instrumentation Add OpenTelemetry logs + metrics for the five auto-memory lifecycle events: extract, dream, recall, forget, and remember. Telemetry layer (packages/core/src/telemetry/): - constants.ts: 5 new event-name constants (qwen-code.memory.{extract,dream,recall,forget,remember}) - types.ts: 5 new event classes with typed constructor params (MemoryExtractEvent, MemoryDreamEvent, MemoryRecallEvent, MemoryForgetEvent, MemoryRememberEvent) - metrics.ts: 8 new OTel instruments (5 Counters + 3 Histograms) with recordMemoryXxx() helpers; registered inside initializeMetrics() - loggers.ts: logMemoryExtract/Dream/Recall/Forget/Remember() — each emits a structured log record and calls its recordXxx() counterpart - index.ts: re-exports all new symbols Instrumentation call-sites: - extractScheduler.ts ManagedAutoMemoryExtractRuntime.runTask(): emits extract event with trigger=auto, completed/failed status, patches_count, touched_topics, and wall-clock duration - dream.ts runManagedAutoMemoryDream(): emits dream event with trigger=auto, updated/noop status, deduped_entries, touched_topics, and duration; covers both agent-planner and mechanical fallback paths - recall.ts resolveRelevantAutoMemoryPromptForQuery(): emits recall event with strategy, docs_scanned/selected, and duration; covers model, heuristic, and none paths - forget.ts forgetManagedAutoMemoryEntries(): emits forget event with removed_entries_count, touched_topics, and selection_strategy (model/heuristic/none) - rememberCommand.ts action(): emits remember event with topic=managed|legacy at command invocation time (before agent decides the actual memory type) * refactor(telemetry): remove memory forget/remember telemetry events Remove EVENT_MEMORY_FORGET and EVENT_MEMORY_REMEMBER along with all associated infrastructure that is no longer needed: - constants.ts: remove EVENT_MEMORY_FORGET, EVENT_MEMORY_REMEMBER - types.ts: remove MemoryForgetEvent, MemoryRememberEvent classes - metrics.ts: remove MEMORY_FORGET_COUNT, MEMORY_REMEMBER_COUNT constants, memoryForgetCounter, memoryRememberCounter module vars, their initialization in initializeMetrics(), and recordMemoryForgetMetrics(), recordMemoryRememberMetrics() functions - loggers.ts: remove logMemoryForget(), logMemoryRemember() functions and their imports - index.ts: remove all re-exports for the above symbols - memory/forget.ts: remove logMemoryForget call-site and import - cli/rememberCommand.ts: remove logMemoryRemember call-sites and import * change default value * fix forked agent * refactor(background): unify fork primitives into runForkedAgent + cleanup - Merge runForkedQuery into runForkedAgent via TypeScript overloads: with cacheSafeParams → GeminiChat single-turn path (ForkedQueryResult) without cacheSafeParams → AgentHeadless multi-turn path (ForkedAgentResult) - Delete forkedQuery.ts; move its test to background/forkedAgent.cache.test.ts - Remove forkedQuery export from followup/index.ts - Migrate all callers (suggestionGenerator, speculation, btwCommand, client) to import from background/forkedAgent - Add getFastModel() / setFastModel() to Config; expose in CLI config init and ModelDialog / modelCommand - Remove resolveFastModel() from AppContainer — now delegated to config.getFastModel() - Strip Claude Code references from code comments * fix(memory): address wenshao's critical review findings - dream.ts: writeDreamManualRunToMetadata now persists lastDreamSessionId and resets recentSessionIdsSinceDream, preventing auto-dream from firing again in the same session after a manual /dream - config.ts: gate managed auto-memory injection on getManagedAutoMemoryEnabled(); when disabled, previously saved memories are no longer injected into new sessions - rememberCommand.ts: remove legacy save_memory branch (tool was removed); fall back to submit_prompt directing agent to write to QWEN.md instead - BuiltinCommandLoader.ts: only register /dream and /forget when managed auto-memory is enabled, matching the feature's runtime availability - forget.ts: return early in forgetManagedAutoMemoryMatches when matches is empty, avoiding unnecessary directory scaffolding as a side effect * fix test * fix ci test * feat(memory): align extract/dream agents to Claude Code patterns - fix(client): move saveCacheSafeParams before early-return paths so extract agents always have cache params available (fixes extract never triggering in skipNextSpeakerCheck mode) - feat(extract): add read-only shell tool + memory-scoped write permissions; create inline createMemoryScopedAgentConfig() with PermissionManager wrapper (isToolEnabled + evaluate) that allows only read-only shell commands and write/edit within the auto-memory dir - feat(extract): align prompt to Claude Code patterns — manifest block listing existing files, parallel read-then-write strategy, two-step save (memory file then index) - feat(dream): remove mechanical fallback; runManagedAutoMemoryDream is now agent-only and throws without config - feat(dream): align prompt to Claude Code 4-phase structure (Orient/Gather/Consolidate/Prune+Index); add narrow transcript grep, relative→absolute date conversion, stale index pruning, index size cap - fix(permissions): add isToolEnabled() to MemoryScopedPermissionManager to prevent TypeError crash in CoreToolScheduler._schedule - test: update dreamScheduler tests to mock dream.js; replace removed mechanical-dedup test with scheduler infrastructure verification * move doc to design * refactor(memory): unify extract+dream background task management into MemoryBackgroundTaskHub - Add memoryTaskHub.ts: single BackgroundTaskRegistry + BackgroundTaskDrainer shared by all memory background tasks; exposes listExtractTasks() / listDreamTasks() typed query helpers and a unified drain() method - extractScheduler: ManagedAutoMemoryExtractRuntime accepts hub via constructor (defaults to defaultMemoryTaskHub); test factory gets isolated fresh hub - dreamScheduler: same pattern — sessionScanner + hub injection; BackgroundTask- Scheduler initialized from injected hub; test factory gets isolated hub - status.ts: replace two separate getRegistry() calls with defaultMemoryTaskHub typed query methods - Footer.tsx (useDreamRunning): subscribe to shared registry, filter by DREAM_TASK_TYPE so extract tasks do not trigger the dream spinner - index.ts: re-export memoryTaskHub.ts so defaultMemoryTaskHub/DREAM_TASK_TYPE/ EXTRACT_TASK_TYPE are available as top-level package exports * refactor(background): introduce general-purpose BackgroundTaskHub Replace memory-specific MemoryBackgroundTaskHub with a domain-agnostic BackgroundTaskHub in the background/ layer. Any future background task runtime (3rd, 4th, …) plugs in by accepting a hub via constructor injection — no new infrastructure required. Changes: - Add background/taskHub.ts: BackgroundTaskHub (registry + drainer + createScheduler() + listByType(taskType, projectRoot?)) and the globalBackgroundTaskHub singleton. Zero knowledge of any task type. - Delete memory/memoryTaskHub.ts: its narrow listExtractTasks / listDreamTasks helpers are replaced by the generic listByType() call. - Move EXTRACT_TASK_TYPE to extractScheduler.ts (owned by the runtime that defines it); replace 3 hardcoded string literals with the const. - Move DREAM_TASK_TYPE to dreamScheduler.ts; use hub.createScheduler() instead of manually wiring new BackgroundTaskScheduler(reg, drain). - status.ts: globalBackgroundTaskHub.listByType(EXTRACT_TASK_TYPE, ...) - Footer.tsx: globalBackgroundTaskHub.registry (shared, filtered by type) - index.ts: export background/taskHub.js; drop memory/memoryTaskHub.js * test(background): add BackgroundTaskHub unit tests and hub isolation checks - background/taskHub.test.ts (11 tests): - createScheduler(): tasks registered via scheduler appear in hub registry; multiple calls return distinct scheduler instances - listByType(): filters by taskType, filters by projectRoot, returns [] for unknown types, two types co-exist in registry but stay separated - drain(): resolves false on timeout, resolves true when tasks complete, resolves true immediately when no tasks in flight - isolation: tasks in hubA do not appear in hubB - globalBackgroundTaskHub: is a BackgroundTaskHub instance with registry/drainer - extractScheduler.test.ts (+1 test): - factory-created runtimes have isolated registries; tasks in runtimeA are invisible to runtimeB; all tasks carry EXTRACT_TASK_TYPE - dreamScheduler.test.ts (+1 test): - factory-created runtimes have isolated registries; tasks in runtimeA are invisible to runtimeB; all tasks carry DREAM_TASK_TYPE * refactor(memory): consolidate all memory state into MemoryManager Replace BackgroundTaskRegistry/Drainer/Scheduler/Hub helper classes and module-level globals with a single MemoryManager class owned by Config. ## Changes ### New - packages/core/src/memory/manager.ts — MemoryManager with: - scheduleExtract / scheduleDream (inline queuing + deduplication logic) - recall / forget / selectForgetCandidates / forgetMatches - getStatus / drain / appendToUserMemory - subscribe(listener) compatible with useSyncExternalStore - storeWith() atomic record registration (no double-notify) - Distinct skippedReason 'scan_throttled' vs 'min_sessions' for dream - packages/core/src/utils/forkedAgent.ts — pure cache util (moved from background/) - packages/core/src/utils/sideQuery.ts — pure util (moved from auxiliary/) ### Deleted - background/taskRegistry, taskDrainer, taskScheduler, taskHub and all tests - background/forkedAgent (moved to utils/) - auxiliary/sideQuery (moved to utils/) - memory/extractScheduler, dreamScheduler, state and all tests ### Modified - config/config.ts — Config owns MemoryManager instance; getMemoryManager() - core/client.ts — all memory ops via config.getMemoryManager() - core/client.test.ts — mock MemoryManager instead of individual modules - memory/status.ts — accepts MemoryManager param, drops globalBackgroundTaskHub - index.ts — memory exports reduced from 14 modules to 5 (manager/types/paths/store/const) - cli/commands/dreamCommand.ts — via config.getMemoryManager() - cli/commands/forgetCommand.ts — via config.getMemoryManager() - cli/components/Footer.tsx — useSyncExternalStore replacing setInterval polling - cli/components/Footer.test.tsx — add getMemoryManager mock	2026-04-16 20:05:45 +08:00
Reid	07475026f6	fix(cli): remember "Start new chat session" until summary changes (#3308) ... * fix(cli): remember "Start new chat session" until summary changes Persist a project-scoped Welcome Back restart choice keyed to the current PROJECT_SUMMARY fingerprint. This suppresses the Welcome Back dialog after choosing "Start new chat session", while still showing it again after the project summary is updated. * fix conflict	2026-04-16 13:54:14 +08:00
DennisYu07	b5115e731e	feat(hooks): Add HTTP Hook, Function Hook and Async Hook support (#2827) ... * add http/async/function type * fix url error * resolve comment * align cc non blocking error * fix hookRunner for async * fix(hooks): update hook type validation to support http and function types - Change validated hook types from ['command', 'plugin'] to ['command', 'http', 'function'] - Add validation for HTTP hooks requiring url field - Add validation for function hooks requiring callback field - Add comprehensive test coverage for all hook type validations Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(hooks): align SSRF protection with Claude Code behavior - Allow 127.0.0.0/8 (loopback) for local dev hooks - Allow localhost hostname for local dev hooks - Allow ::1 (IPv6 loopback) for local dev hooks - Add 100.64.0.0/10 (CGNAT) to blocked ranges (RFC 6598) - Update tests to match Claude Code's ssrfGuard.ts behavior This fixes HTTP hooks failing to connect to local dev servers. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * refactor(hooks): align HTTP hook security with Claude Code behavior - Add CRLF/NUL sanitization for env var interpolation (header injection) - Implement combined abort signal (external signal + timeout) - Upgrade SSRF protection to DNS-level with ssrfGuard - Allow loopback (127.0.0.0/8, ::1) for local dev hooks - Block CGNAT (100.64.0.0/10) and IPv6 private ranges - Increase default HTTP hook timeout to 10 minutes - Fix VS Code hooks schema to support http type - Add url, headers, allowedEnvVars, async, once, statusMessage, shell fields - Note: "function" type is SDK-only (callback cannot be serialized to JSON) * feat(hooks): enhance Function Hook with messages, skillRoot, shell, and matcher support - Add MessagesProvider for automatic conversation history passing to function hooks - Add FunctionHookContext with messages, toolUseID, and signal - Add skillRoot support for skill-scoped session hooks - Add shell parameter support for command hooks (bash/powershell) - Add regex matcher support for hook pattern matching - Add statusMessage to CommandHookConfig - Change default function hook timeout from 60s to 5s - Add comprehensive unit tests for all new features Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * add session hook for skill * fix function hook parsing * refactor ui for http hook/async hook/function hook * update doc and add integration test * change telemetryn type and refactor SSRF * fix project level bug --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-16 10:10:33 +08:00
ChiGao	70396d1276	feat: optimize compact mode UX — shortcuts, settings sync, and safety (#3100) ... * feat: optimize compact mode UX — shortcuts, settings sync, and safety improvements - Add Ctrl+O to keyboard shortcuts list (?) and /help command - Sync compact mode toggle from Settings dialog with CompactModeContext - Protect tool approval prompts from being hidden in compact mode (MainContent forces live rendering during WaitingForConfirmation) - Remove snapshot freezing on toggle — treat as persistent preference, not temporary peek (differs from Claude Code's session-scoped model) - Add compact mode tip to startup Tips rotation for non-intrusive discovery - Remove compact mode indicator from footer to reduce UI clutter - Add competitive analysis design doc (EN + ZH) comparing with Claude Code - Update user docs (settings.md) and i18n translations (en/zh/ru/pt) Relates to #3047, #2767, #2770 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * refactor: remove frozenSnapshot dead code and Chinese design doc - Remove frozenSnapshot state, useEffect, and all related logic from AppContainer, MainContent, CompactModeContext, and test files - Simplify MainContent to always render live pendingHistoryItems - Delete compact-mode-design-zh.md (redundant Chinese translation) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address PR review feedback for compact mode optimization - Add refreshStatic() call after setCompactMode in SettingsDialog so already-rendered Static history updates immediately - Fix outdated column split comment in KeyboardShortcuts (5+4+4) - Update design doc: remove all frozenSnapshot references, renumber optimization recommendations, fix file reference descriptions - Add missing i18n keys for de.js and ja.js locales - Add test for SettingsDialog compact mode sync with CompactModeContext Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: prevent subagent confirmation from being hidden in compact mode hasConfirmingTool only checks ToolCallStatus.Confirming, but subagent approvals arrive via resultDisplay.pendingConfirmation while the tool status remains Executing. Add hasSubagentPendingConfirmation to the showCompact guard so tool groups with pending subagent confirmations are always force-expanded. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: force show subagent confirmation result in compact mode The previous fix (47ee03c) correctly force-expanded the tool group wrapper when a subagent had pending confirmation, but each inner ToolMessage still hid its resultDisplay due to compactMode check, which hid the AgentExecutionDisplay containing the inline confirmation UI. Add isAgentWithPendingConfirmation to forceShowResult conditions so the inner AgentExecutionDisplay is rendered even in compact mode. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * feat(compact-mode): merge consecutive tool groups across hidden items In compact mode, sequential tool calls across multiple LLM turns each produced a separate bordered box, defeating the "compact" intent. The model typically emits a `gemini_thought` between consecutive tool calls, which is hidden in compact mode — so visually the boxes look adjacent, but in `history` they are separated by hidden items. This commit adds render-time merging of consecutive tool_group history items, where "consecutive" allows hidden-in-compact items (`gemini_thought`, `gemini_thought_content`) between them. Key pieces: - New `mergeCompactToolGroups` utility that merges adjacent mergeable tool_groups, skipping hidden items between them. Force-expand conditions (Confirming/Error tools, subagent pending confirmation, user-initiated, focused embedded shell) preserve group boundaries so authorization prompts, errors, and shell focus stay visible. - `MainContent.tsx` applies the merger only when `compactMode === true` (verbose mode is unchanged) and calls `refreshStatic()` when a merge consolidates items, because Ink's `<Static>` is append-only and cannot replace already-committed terminal content. - `CompactToolGroupDisplay.tsx` shows a `× N` count when a merged group contains more than one tool, matching the existing single-turn multi-tool display style. - 19 unit tests covering empty/single/multiple groups, hidden-item skipping (the 8-tool real-world scenario), force-expand boundaries, mixed tool types, and complex sequences. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: 秦奇 <gary.gq@alibaba-inc.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-16 09:29:24 +08:00
DennisYu07	08d3d6eb6f	feat(acp): add complete hooks support for ACP integration (#3248) ... * complete hooks for acp * resolve comment * reslove test * resolve comment for SessionEnd/SessionStart/PostToolUseFailure/PostToolUse	2026-04-16 09:28:26 +08:00
tanzhenxin	f6271c61b6	feat(auth): discontinue Qwen OAuth free tier (2026-04-15 cutoff) (#3291) ... * feat(auth): discontinue Qwen OAuth free tier (2026-04-15 cutoff) The Qwen OAuth free tier has reached its end-of-life date. This updates all client-side messaging, blocks new OAuth signups, and guides existing users to alternative providers. * fix(test): add getModelsConfig mock and update QWEN_OAUTH test expectations - Add getModelsConfig() to Config mocks in gemini.test.tsx (3 failures) - Update validateNonInterActiveAuth test to expect exit for QWEN_OAUTH since validateAuthMethod now returns an error for discontinued free tier	2026-04-15 22:30:20 +08:00
Shaojin Wen	83b394e423	feat(core): implement fork subagent for context sharing (#2936) ... * feat(core): implement fork subagent for context sharing - Make subagent_type optional in AgentTool - Add forkSubagent.ts to build identical tool result prefixes - Run fork processes in the background to preserve UX * fix(core): fix test failures related to root execution and optional subagent_type - Skip pathReader and edit tool permission tests when running as root - Fix agent.test.ts to correctly mock execute call with extraHistory - Remove unused imports in forkSubagent.ts * fix(core): fix fork subagent bugs and add CacheSafeParams integration Bug fixes: - Fix AgentParams.subagent_type type: string -> string? (match schema) - Fix undefined agentType passed to hook system (fallback to subagentConfig.name) - Fix hook continuation missing extraHistory parameter - Fix functionResponse missing id field (match coreToolScheduler pattern) - Fix consecutive user messages in Gemini API (ensure history ends with model) - Fix duplicate task_prompt when directive already in extraHistory - Fix FORK_AGENT.systemPrompt empty string causing createChat to throw - Fix redundant dynamic import of forkSubagent.js (merge into single import) - Fix non-fork agent returning empty string on execution failure - Fix misleading fork child rule referencing non-existent system prompt config - Fix functionResponse.response key from {result:} to {output:} for consistency CacheSafeParams integration: - Retrieve parent's generationConfig via getCacheSafeParams() for cache sharing - Add generationConfigOverride to CreateChatOptions and AgentHeadless.execute() - Add toolsOverride to AgentHeadless.execute() for parent tool declarations - Fork API requests now share byte-identical prefix with parent (DashScope cache hits) - Graceful degradation when CacheSafeParams unavailable (first turn) Docs: - Add Fork Subagent section to sub-agents.md user manual - Add fork-subagent-design.md design document * fix(core): apply subagent tool exclusion to forked agents Fork children were inheriting parent's cached tool declarations directly, bypassing prepareTools() filtering and gaining access to AgentTool and cron tools. Extract EXCLUDED_TOOLS_FOR_SUBAGENTS as a shared constant and apply it to forkToolsOverride. * fix(core): skip env history whenever extraHistory is provided Previously gated on generationConfigOverride, which meant the no-cache fallback path (CacheSafeParams unavailable) still ran getInitialChatHistory and duplicated env bootstrap messages already present in the parent's history. Gate on extraHistory instead so both fork paths skip env init. * fix(core): use explicit skipEnvHistory flag for fork env handling The previous fix gated env-init skipping on the presence of extraHistory, but agent-interactive (arena) also passes extraHistory — its chatHistory is env-stripped by stripStartupContext() and DOES need fresh env init for the child's working directory. Skipping env there broke the interactive path. Replace the implicit gate with an explicit skipEnvHistory option that only fork sets (when extraHistory is present, since fork's history comes from getHistory(true) and already contains env). * fix(core): defend skipEnvHistory gate against empty extraHistory Edge case: when the parent's rawHistory ends with a user message and has length 1, extraHistory becomes []. The previous gate (extraHistory !== undefined) would set skipEnvHistory: true, leaving the fork with neither env bootstrap nor parent history. Check length > 0 so empty arrays fall through to the normal env-init path. * fix(core): apply skipEnvHistory to stop-hook retry execute The second subagent.execute() call in the SubagentStop retry loop was missing skipEnvHistory, so on retry the fork's env context would be duplicated — same bug as the initial tanzhenxin report, just on a less common code path.	2026-04-14 14:27:38 +08:00
jinye	7103c905f7	feat(cli): add startup performance profiler (#3232) ... feat(cli): add startup performance profiler (#3219) Add a lightweight startup profiler activated via QWEN_CODE_PROFILE_STARTUP=1. When enabled, collects performance.now() timestamps at 7 key phases in main() and writes a JSON report to ~/.qwen/startup-perf/. Also records process.uptime() at T0 to capture module loading time not covered by checkpoint-based measurement. Key design decisions: - Only profiles inside sandbox child process to avoid duplicate reports - initStartupProfiler() is idempotent (resets state on each call) - Filename uses report.sessionId for consistency with JSON content - Zero overhead when disabled (single env var check) Initial measurement: module loading ~1342ms (94%), main() ~85ms (6%), confirming barrel exports and eager dependency loading as primary optimization targets for #3011. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-14 14:14:42 +08:00
Shaojin Wen	1486e85385	feat(cli/sdk): expose /context usage data in non-interactive mode and SDK API (#2916) ... * feat(cli): implement non-interactive /context output and diagnostic - Extract collectContextData() from contextCommand.ts for shared usage. - Register /context in ALLOWED_BUILTIN_COMMANDS_NON_INTERACTIVE. - Extend SDK control protocol with GET_CONTEXT_USAGE request. - Implement handleGetContextUsage in SystemController for programmatic token queries. - Expose getContextUsage() method in the TypeScript SDK Query interface. * fix: address review feedback and fix critical bugs in context usage feature - Add missing `get_context_usage` route in ControlDispatcher (SDK calls would throw) - Fix `executionMode` defaulting: use `?? 'interactive'` to match other commands - Validate dynamic import of `collectContextData` before invoking - Preserve original error message in handleGetContextUsage catch block - Add ControlDispatcher test for get_context_usage routing - Add JSDoc comment for context command in non-interactive allowlist Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: re-check abort signal after async operations in handleGetContextUsage Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs: add getContextUsage() to SDK TypeScript documentation Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs: clarify getContextUsage showDetails is a display hint, not a data filter Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: make showDetails affect response shape, add getContextUsage test - When showDetails is false, return empty detail arrays instead of full data so /context and /context detail produce different payloads - Add unit test for Query.getContextUsage() covering request payload and response handling * fix: strip UI type from SDK response, sync Java SDK protocol - Remove leaked `type: 'context_usage'` from control response payload - Add GET_CONTEXT_USAGE to Java SDK protocol mirror (enum, interface, union type) --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-14 03:28:32 +08:00
pomelo	e90abf4c35	docs: update quota exceeded alternatives to OpenRouter and Fireworks (#3217) ... * docs: update quota exceeded alternatives to OpenRouter and Fireworks - Update README.md news section to recommend OpenRouter and Fireworks as primary alternatives, with ModelStudio as third option - Update retry.ts quota error message to include OpenRouter and Fireworks URLs for users whose OAuth quota has been exhausted Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(test): update retry test assertions to match new quota error message * docs: update free tier quota to 100 req/day with sunset notice and alternatives Update all references to reflect the Qwen OAuth free tier policy change: - 1,000 → 100 requests/day across code, i18n, and docs - Add 2026-04-15 sunset date everywhere - Guide users to OpenRouter, Fireworks AI, or ModelStudio in docs - Remove CHANGELOG.md --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> Co-authored-by: tanzhenxin <tanzhenxing1987@gmail.com>	2026-04-13 21:45:38 +08:00
tanzhenxin	4daf7f9353	feat(core): add microcompaction for idle context cleanup (#3006) ... * feat(core): add microcompaction for idle context cleanup Clear old tool result content from chat history when the user returns after an idle period (default 60 min). Replaces functionResponse output with a sentinel string for compactable tools (read_file, shell, grep, glob, web_fetch, web_search, edit, write_file), keeping the N most recent results intact (default 5). Runs before full compression so it can shed tokens cheaply without an API call. - Time-based trigger reuses lastApiCompletionTimestamp from thinking cleanup - Per-part counting so keepRecent applies to individual tool results even when batched in parallel - Preserves tool error responses (only clears successful outputs) - Configurable via settings.json (context.microcompaction) with env var overrides for E2E testing - Enabled by default * refactor(config): unify idle cleanup settings under clearContextOnIdle Consolidate thinking block cleanup and tool results microcompaction config into a single `context.clearContextOnIdle` settings group: { "context": { "clearContextOnIdle": { "thinkingThresholdMinutes": 5, "toolResultsThresholdMinutes": 60, "toolResultsNumToKeep": 5 } } } - Use -1 on either threshold to disable that cleanup (no enabled bool) - Remove separate `microcompaction` and `gapThresholdMinutes` settings - Thinking cleanup: 5 min default (unchanged) - Tool results cleanup: 60 min default - Preserve tool error responses (only clear successful outputs) * feat(vscode-ide-companion): add clearContextOnIdle settings configuration - Add gapThresholdMinutes settings for thinking blocks, tool results, and retention count - Remove deprecated gapThresholdMinutes from root settings level This reorganizes the context clearing settings into a dedicated clearContextOnIdle object with configurable thresholds for thinking blocks and tool results. Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com> * fix(core): restrict microcompaction to user-initiated messages only Move microcompactHistory() inside the UserQuery/Cron guard so model latency during tool-call loops doesn't count as user idle time. * docs: update settings docs for clearContextOnIdle config rename Replace stale `context.gapThresholdMinutes` entry with the new `context.clearContextOnIdle.*` settings group introduced in the microcompaction feature. * fix(core): address review comments on microcompaction PR - Guard against NaN in toolResultsNumToKeep with Number.isFinite() - Report effective keepRecent (after Math.max) in meta, not raw config - Fix comment to mention cron messages alongside user messages --------- Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-13 18:51:35 +08:00
tanzhenxin	8d74a0cf0a	feat(subagents): add disallowedTools field to agent definitions (#3064) ... * feat(subagents): add disallowedTools field to agent definitions Add a `disallowedTools` blocklist to agent frontmatter, letting agents specify tools they should not have access to. Supports exact tool names, MCP server-level patterns (e.g., `mcp__slack`), and display name aliases. Applied as a post-filter in AgentCore.prepareTools() after the existing `tools` allowlist. Persisted through serialize/parse roundtrips. * docs: document disallowedTools and MCP tool behavior for subagents Add Tool Configuration section to sub-agents docs explaining: - tools allowlist and disallowedTools blocklist - How MCP tools follow the same allowlist/blocklist rules - MCP server-level patterns in disallowedTools * fix(subagents): validate disallowedTools in SubagentValidator Reuse the existing validateTools() method to validate disallowedTools entries at config validation time, catching non-string and empty entries before they reach runtime. * test: remove flaky BaseSelectionList scroll test on Windows	2026-04-13 18:24:02 +08:00
tanzhenxin	0026777828	feat(subagents): propagate approval mode to sub-agents (#3066) ... * feat(subagents): propagate approval mode to sub-agents Replace hardcoded PermissionMode.Default with resolution logic: - Permissive parent modes (yolo, auto-edit) always win - Plan-mode parents keep sub-agents in plan mode - Agent definitions can declare approvalMode in frontmatter - Default fallback is auto-edit in trusted folders - Untrusted folders block privileged mode escalation Also maps Claude permission aliases (acceptEdits, bypassPermissions, dontAsk) to qwen-code approval modes in the converter. * fix(subagents): correct dontAsk mapping and add approval mode resolution tests Map Claude's `dontAsk` to `default` instead of `auto-edit` — `dontAsk` denies prompts (restrictive) so `default` is a closer semantic match. Add 9 unit tests covering the full `resolveSubagentApprovalMode` decision matrix: permissive parent override, agent-declared modes, trusted/untrusted folder blocking, and plan-mode fallback. * test: remove flaky InputPrompt tab-suggestion test on Windows	2026-04-13 17:50:26 +08:00
Shaojin Wen	b3bc42931e	feat: add contextual tips system with post-response context awareness (#2904) ... * feat: add contextual tips system with post-response context awareness Add a context-aware tips system that proactively shows helpful tips based on session state. Post-response tips warn when context usage exceeds 80% or 95%, suggesting /compress. Startup tips rotate across sessions via LRU scheduling with cross-session persistence (~/.qwen/tip_history.json). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: use value import for runtime values in useContextualTips Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address PR review feedback - Use lastSessionTimestamp instead of totalShown for cross-session LRU - Move getTipHistory singleton from Tips.tsx to services/tips/index.ts - Defer TipHistory.load() when hideTips is true (no side effects) - Use os.tmpdir() in tests for cross-platform portability - Add proper translations for de/ja/pt/ru locale files - Accept TipHistory | null in useContextualTips Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address Copilot review feedback - Validate tips field type in TipHistory.load() to handle corrupted JSON - Split approval-mode tip into platform-specific variants using ctx.platform - Add afterEach cleanup for temp files in all test suites - Guard useContextualTips against null tipHistory Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: import shared DEFAULT_TOKEN_LIMIT, harden tipHistory, set file permissions - Import DEFAULT_TOKEN_LIMIT from @qwen-code/qwen-code-core instead of hardcoding 1_048_576 in tipRegistry.ts and useContextualTips.ts - Add normalizeEntry() to defensively handle corrupted tip history entries - Write tip_history.json with mode 0o600 for privacy on multi-user systems Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: remove unused compressionThreshold from TipContext compressionThreshold was defined in TipContext but never used by any tip's isRelevant check. Remove it to avoid misleading consumers into thinking tips respect the user's compression settings. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: sanitize sessionCount and getLastShown against corrupted tip history - Validate sessionCount is finite and non-negative in TipHistory.load() - Use normalizeEntry() in getLastShown() for corrupted lastSessionTimestamp Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs: add contextual tips user documentation Add docs/users/features/tips.md covering startup tips, post-response context warnings, tip history persistence, and the hideTips setting. Update settings.md description and register the new page in _meta.ts. --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-13 17:40:27 +08:00
DennisYu07	dddb56d885	feat: add stopFailure and postCompact (#2825)	2026-04-13 12:54:44 +08:00
jinye	1557d93043	feat(cli): support tools.sandboxImage in settings (#3146) ... Co-authored-by: jinye.djy <jinye.djy@alibaba-inc.com>	2026-04-13 09:43:34 +08:00
pomelo	cf81ac47ff	Merge pull request #3042 from YuchenLiang00/fix/context-command-detail-missing ... fix(cli): add 'detail' subcommand to /context command	2026-04-10 12:12:07 +08:00
Shaojin Wen	5482044e59	fix: improve /model --fast description clarity and prevent accidental activation (#3077) ... Replace vague "background tasks" with specific "prompt suggestions and speculative execution" in the --fast flag description across all i18n locales, docs, and VS Code schema. Update example model name from qwen3.5-flash to qwen3-coder-flash. Also fix completion logic to require a non-empty partial arg before suggesting --fast, preventing Tab+Enter from accidentally entering fast model mode. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-10 12:09:46 +08:00
Shaojin Wen	746f67f436	refactor: rename verboseMode to compactMode for better UX clarity (#3075) ... The "Compact Mode" label is more intuitive than "Verbose Mode" for users, as it directly describes the default compact view experience. This change inverts the boolean semantics (compactMode=false means show full output) and exposes the setting in the /settings dialog (showInDialog: true). - Rename ui.verboseMode → ui.compactMode with inverted default (false) - Rename VerboseModeContext → CompactModeContext (file and exports) - Rename TOGGLE_VERBOSE_MODE → TOGGLE_COMPACT_MODE in key bindings - Update all consumer components with inverted logic - Update i18n keys across 6 locales (verbose → compact) - Update VS Code settings schema - Add ui.compactMode documentation to settings.md - Fix Ctrl+O description in keyboard-shortcuts.md	2026-04-10 11:55:50 +08:00
Edenman	4d2d4432d5	Merge pull request #2923 from QwenLM/feature/status-line-customization ... feat(ui): add customizable status line with /statusline command	2026-04-09 19:23:08 +08:00
YuchenLiang00	84f80201c7	fix(cli): add 'detail' subcommand to /context command ... The /context command was missing the subcommand autocomplete feature that other commands like /stats have. Now users can type '/context ' and see 'detail' as a suggestion in the dropdown. - Added 'detail' subCommand to contextCommand with its own description - Subcommand delegates to main action with 'detail' arg - Added missing translation key for full description in zh.js - Updated commands.md documentation Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>	2026-04-09 11:00:04 +08:00
wenshao	6de5c9e530	Merge remote-tracking branch 'origin/main' into feat/review-skill-improvements	2026-04-09 08:52:01 +08:00
Shaojin Wen	f208801b0e	fix(followup): prevent tool call UI leak and Enter accept buffer race (#2872) ... * fix(core): prevent followup suggestion input/output from appearing in tool call UI The follow-up suggestion generation was leaking into the conversation UI through three channels: 1. The forked query included tools in its generation config, allowing the model to produce function calls during suggestion generation. Fixed by setting `tools: []` in runForkedQuery's per-request config (kept in createForkedChat for speculation which needs tools). 2. logApiResponse and logApiError recorded suggestion API events to the chatRecordingService, causing them to appear in session JSONL files and the WebUI. Fixed by adding isInternalPromptId() guard that skips chatRecordingService for 'prompt_suggestion' and 'forked_query' IDs. uiTelemetryService.addEvent() is preserved so /stats still tracks suggestion token usage. 3. LoggingContentGenerator logged suggestion requests/responses to the OpenAI logger and telemetry pipeline. Fixed by skipping logApiRequest, buildOpenAIRequestForLogging, and logOpenAIInteraction for internal prompt IDs. _logApiResponse is preserved (for /stats) but its chatRecordingService path is filtered by fix #2. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * refactor: deduplicate isInternalPromptId into shared export from loggers.ts Address review feedback: extract isInternalPromptId() to a single exported function in telemetry/loggers.ts and import it in LoggingContentGenerator, eliminating the duplicate private method. Also update loggingContentGenerator.test.ts mock to use importOriginal so the real isInternalPromptId is available during tests. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * refactor: extract isInternalPromptId to shared utils, add tests Address maintainer review feedback: 1. Move isInternalPromptId() to packages/core/src/utils/internalPromptIds.ts using a ReadonlySet for the ID registry. Adding new internal prompt IDs only requires changing one file. loggers.ts re-exports for compatibility, loggingContentGenerator.ts imports directly from utils. 2. Extract `tools: []` magic value to a frozen NO_TOOLS constant in forkedQuery.ts. 3. Add unit tests for isInternalPromptId: prompt_suggestion → true, forked_query → true, user_query → false, empty string → false. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address Copilot review — docs, stream optimization, tests 1. Update forkedQuery.ts module docs to reflect that runForkedQuery overrides tools: [] at the per-request level while createForkedChat retains the full generationConfig for speculation callers. 2. Propagate isInternal into loggingStreamWrapper to skip response collection and consolidation for internal prompts, avoiding unnecessary CPU/memory overhead. 3. Add logApiResponse chatRecordingService filter tests: verify prompt_suggestion/forked_query skip recording while normal IDs still record. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: deep-freeze NO_TOOLS, add internal prompt guard tests Address Copilot review round 3: 1. Deep-freeze NO_TOOLS.tools array to prevent shared mutable state across forked query calls. 2. Add LoggingContentGenerator tests verifying that internal prompt IDs (prompt_suggestion, forked_query) skip logApiRequest and OpenAI interaction logging while preserving logApiResponse. 3. Add logApiError chatRecordingService filter tests matching the existing logApiResponse coverage. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs: reconcile createForkedChat JSDoc with module header Clarify that createForkedChat retains the full generationConfig (including tools) for speculation callers, while runForkedQuery strips tools at the per-request level via NO_TOOLS. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: build errors and Copilot round 4 feedback 1. Fix NO_TOOLS type: Object.freeze produces readonly array incompatible with ToolUnion[]. Use Readonly<Pick<>> instead; spread in requestConfig already creates a fresh mutable copy per call. 2. Fix test missing required 'model' field in ContentGeneratorConfig. 3. Track firstResponseId/firstModelVersion in loggingStreamWrapper so _logApiResponse/_logApiError have accurate values even when full response collection is skipped for internal prompts. 4. Strengthen OpenAI logger test assertion: assert OpenAILogger was constructed (not guarded by if), then assert logInteraction was not called. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: remove dead Object.keys check, add streaming internal prompt test 1. Simplify runForkedQuery: requestConfig always has tools:[] from NO_TOOLS spread, so the Object.keys().length > 0 ternary is dead code. Pass requestConfig directly. 2. Add generateContentStream test for internal prompt IDs to match the existing generateContent coverage, ensuring the streaming wrapper also skips logApiRequest and OpenAI interaction logging. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: prevent Enter accept from re-inserting suggestion into buffer When accepting a followup suggestion via Enter, accept() queued buffer.insert(suggestion) in a microtask that executed after handleSubmitAndClear had already cleared the buffer, leaving the suggestion text stuck in the input. Add skipOnAccept option to accept() so the Enter path bypasses the onAccept callback. Also add runForkedQuery unit tests verifying tools: [] is passed in per-request config. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix(core): add speculation to internal IDs, fix logToolCall filtering, improve suggestion prompt - Add 'speculation' to INTERNAL_PROMPT_IDS so speculation API traffic and tool calls are hidden from chat recordings and tool call UI - Add isInternalPromptId check to logToolCall() for consistency with logApiError/logApiResponse - Improve SUGGESTION_PROMPT: prioritize assistant's last few lines and extract actionable text from explicit tips (e.g. "Tip: type X") - Fix garbled unicode in prompt text - Update design docs and user docs to reflect changes - Add test coverage for all new behavior * fix(core): deep-freeze NO_TOOLS, add speculation to loggingContentGenerator tests - Object.freeze NO_TOOLS and its tools array to prevent runtime mutation - Add 'speculation' to loggingContentGenerator internal prompt ID tests for consistency with loggers.test.ts and internalPromptIds.ts * fix(core): fix NO_TOOLS Object.freeze type error Use `as const` with type assertion to satisfy TypeScript while keeping runtime immutability via Object.freeze. * refactor(core): remove unused isInternalPromptId re-export from loggers.ts All consumers import directly from utils/internalPromptIds.js. The re-export was dead code with no importers. --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-09 00:07:03 +08:00
wenshao	3364cf880f	Merge remote-tracking branch 'origin/main' into feat/review-skill-improvements	2026-04-08 23:09:01 +08:00
wenshao	bcd0b5efe6	docs: update status line documentation to reflect inline footer layout ... - Update architecture diagram to show status line in footer left section instead of separate row below - Document 1-row (default mode) and 2-row (non-default mode) layouts - Note suppressHint behavior and truncation - Update settings reference description	2026-04-08 21:07:07 +08:00
wenshao	a1c33cdb5e	refactor(status-line): remove padding config ... The status line is now inlined in the footer's left section, so horizontal padding is no longer applicable. Remove padding from StatusLineConfig, settings schema, JSON schema, and docs.	2026-04-08 20:24:33 +08:00
wenshao	0be4d32cb0	Merge remote-tracking branch 'origin/main' into feature/status-line-customization	2026-04-08 18:50:10 +08:00