* feat(core): add run_in_background support for Agent tool
Enable sub-agents to run asynchronously via `run_in_background: true`
parameter. Background agents execute independently from the parent,
which receives an immediate launch confirmation and continues working.
A notification is injected into the parent conversation when the
background agent completes.
Key changes:
- BackgroundTaskRegistry tracks lifecycle of background agents
- Agent tool gains async execution path with fire-and-forget semantics
- Background agents use YOLO approval mode to prevent deadlock
- Independent AbortControllers survive parent ESC cancellation
- CLI bridges notifications via useMessageQueue for between-turn delivery
- State race guards prevent complete/fail after cancellation
- Session cleanup aborts all running background agents
* feat(background): improve notification formatting and UI handling
- Add prefix/separator protocol to distinguish background notifications from user input
- Show concise summary in UI while sending full details to LLM
- Add 'notification' history item type with specialized display
- Add 'background' agent status for background-running agents
- Prevent notifications from polluting prompt history (up-arrow)
- Truncate long descriptions in display text
This improves the UX for background agents by showing cleaner, more concise
notifications while preserving full context for the LLM.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(background): reject run_in_background in non-interactive mode
Headless mode skips AppContainer, so the notification callback is never
registered and background agent results would be silently dropped. Return
an error prompting the model to retry without run_in_background.
* refactor(background): replace prefix/separator protocol with typed notification queue
Replace the stringly-typed \x00__BG_NOTIFY__\x00 prefix/separator
encoding with a typed notification path using SendMessageType.Notification.
- Add SendMessageType.Notification to the enum
- Change BackgroundNotificationCallback to emit (displayText, modelText)
- Move notification queue from AppContainer into useGeminiStream (mirrors
the cron queue pattern): register on registry, queue structured items,
drain on idle via submitQuery
- prepareQueryForGemini short-circuits for Notification type (skips slash
commands, shell mode, @-commands, prompt history logging)
- Remove BACKGROUND_NOTIFICATION_PREFIX/SEPARATOR constants
* refactor(background): move abortAll to Config.shutdown
Background agent cleanup belongs in Config.shutdown() alongside other
resource teardown (skillManager, toolRegistry, arenaRuntime), not in
AppContainer's registerCleanup. This also ensures headless mode gets
cleanup for free.
* fix(background): persist notification items for session resume
Background agent notifications were missing after session resume because
they were never recorded in the chat history. The model text was absent
from the API history and the display item was lost.
- Add recordNotification() to ChatRecordingService — stores as user-role
message with subtype 'notification' and displayText payload
- Thread notificationDisplayText through submitQuery → sendMessageStream
- Restore as HistoryItemNotification in resumeHistoryUtils
* fix(background): replace YOLO with deny-by-default for background agents
Background agents were using YOLO approval mode which auto-approves all
tool calls — too permissive. Replace with shouldAvoidPermissionPrompts
which auto-denies tool calls that need interactive approval, matching
claw-code's approach.
The permission flow for background agents is now:
1. L3/L4 permission rules (allow/deny) — same as foreground
2. Approval mode overrides (AUTO_EDIT for edits) — same as foreground
3. PermissionRequest hooks — can override the denial
4. Auto-deny — if no hook decided, deny because prompts are unavailable
* fix(background): add missing getBackgroundTaskRegistry mock in useGeminiStream tests
* refactor(core): move fork subagent params from execute() to construction time
Identity-shaping fork inputs (parent history, generationConfig, tool decls,
env-skip flag) were threaded through `AgentHeadless.execute()`'s options bag
and re-passed by the SubagentStop hook retry loop. They belong on the agent's
construction-time configs, not its per-invocation options.
- PromptConfig gains `renderedSystemPrompt` (verbatim, bypasses templating
and userMemory injection) and drops the `systemPrompt`/`initialMessages`
XOR so fork can carry both. createChat skips env bootstrap when
`initialMessages` is non-empty.
- AgentHeadless.execute() shrinks to (context, signal?). Fork dispatch in
agent.ts builds synthetic PromptConfig/ModelConfig/ToolConfig from the
parent's cache-safe params and calls AgentHeadless.create directly
(bypassing SubagentManager). Parent's tool decls flow through verbatim
including the `agent` tool itself for cache parity.
- Recursive-fork prevention switches from fork-side tool stripping to a
runtime guard. The previous `isInForkChild(history)` helper was dead
code (it scanned the main GeminiClient's history, not the fork child's
chat). Replaced with `isInForkExecution()` backed by AsyncLocalStorage:
the fork's background execution runs inside `runInForkContext`, and the
ALS frame propagates through the standard async chain into nested
AgentTool.execute() calls where the guard fires.
* refactor(core): move agent tool files into dedicated tools/agent/ directory
Move agent.ts, agent.test.ts, and fork-subagent.ts under
tools/agent/ and update all import paths accordingly.
* refactor(core): remove dead temp and top_p fields from ModelConfig
These fields were never populated from subagent frontmatter and served
no purpose in the fork path either. The ModelConfig interface retains
only the actively-used model field.
* refactor(core): read parent generation config directly instead of getCacheSafeParams
Fork subagent now reads system instruction and tool declarations from
the live GeminiChat via getGenerationConfig() instead of the global
getCacheSafeParams() snapshot. This removes the cross-module coupling
between the agent tool and the followup infrastructure.
* fix(core): prevent duplicate tool declarations when toolConfig has only inline decls
prepareTools() treated asStrings.length === 0 as "add all registry tools",
which is correct when no tools are specified at all, but wrong when the
caller provides only inline FunctionDeclaration[] (no string names). The
fork path passes parent tool declarations as inline decls for cache parity,
so prepareTools was adding the full registry set on top — duplicating every
non-excluded tool.
Add onlyInlineDecls.length === 0 to the condition so that pure-inline
toolConfigs bypass the registry entirely.
* feat(core): support agent-level `background: true` in frontmatter
Subagent definitions can now declare `background: true` in their YAML
frontmatter to always run as background tasks. This is OR'd with the
`run_in_background` tool parameter — useful for monitors, watchers, and
proactive agents so the LLM doesn't need to remember to set the flag.
* fix(core): address background subagent lifecycle gaps
- Inherit bgConfig from agentConfig so the resolved approval mode is
preserved for background agents (foreground would run AUTO_EDIT but
background fell back to DEFAULT, which combined with shouldAvoid-
PermissionPrompts would auto-deny every permission request).
- Honor SubagentStop blocking decisions in background runs by looping
on hook output up to 5 iterations, matching runSubagentWithHooks.
- Check terminate mode before reporting completion; non-GOAL modes
(ERROR, MAX_TURNS, TIMEOUT) are now reported as failures instead of
emitting a success notification for an incomplete run.
- Exclude SendMessageType.Notification from the UserPromptSubmit hook
guard so background completion messages are not rewritten or blocked
as if they were user input.
* feat(cli): headless support and SDK task events for background agents (#3379)
* feat(cli): unify notification queue for cron and background agents
Migrate cron from its own queue (cronQueueRef / cronQueue) to the shared
notification queue used by background agents. Both producers now push the
same item shape { displayText, modelText, sendMessageType } and a single
drain effect / helper processes them in FIFO order.
Cron fires render as HistoryItemNotification (● prefix) instead of
HistoryItemUser (> prefix), with a "Cron: <prompt>" display label.
Records use subtype 'cron' for clean resume and analytics separation.
Lift the non-interactive rejection for background agents. Register a
notification callback in nonInteractiveCli.ts with a terminal hold-back
phase (100ms poll) that keeps the process alive until all background
agents complete and their notifications are processed.
* feat(cli): emit SDK task events for background subagents
Emit `task_started` when a background agent registers and
`task_notification` when it completes, fails, or is cancelled, so
headless/SDK consumers can track lifecycle without parsing display
text. Model-facing text is now structured XML with status, summary,
truncated result, and usage stats. Completion stats (tokens, tool
uses, duration) are captured from the subagent and included in both
the SDK payload and the model XML.
* fix: address codex review issues for background subagents
- Background subagents now inherit the resolved approval mode from
agentConfig instead of the raw session config, so a subagent with
`approvalMode: auto-edit` (or execution in a trusted folder) keeps
that override when it runs asynchronously.
- Non-interactive cron drains are single-flight: concurrent cron fires
now await the same in-flight drain, and the cron-done check gates
on it, preventing the final result from being emitted while a cron
turn is still streaming.
- Background forks go through createForkSubagent so they retain the
parent's rendered system prompt and inherited history instead of
degrading to a plain FORK_AGENT.
* fix(cli): restore cancellation, approval, and error paths in queued drain
- Hold-back loop now reacts to SIGINT/SIGTERM: when the main abort
signal fires it calls registry.abortAll() so background agents with
their own AbortControllers stop promptly instead of pinning the
process open.
- Queued-turn tool execution forwards the stream-json approval update
callback (onToolCallsUpdate) so permission-gated tools inside a
background-notification follow-up emit can_use_tool requests.
- Queued-turn stream loop mirrors the main loop's text-mode handling
of GeminiEventType.Error, writing to stderr and throwing so provider
errors produce a non-zero exit code instead of silently succeeding.
- Interactive cron prompts go through the normal slash/@-command/shell
preprocessing again; only Notification messages skip that path.
* fix(cli): skip duplicate user-message item for cron prompts
Cron prompts already render as a `● Cron: …` notification via the queue
drain, so adding them again as a `USER` history item produced a
duplicate `> …` line.
* fix(cli): honor SIGINT/SIGTERM during cron scheduler wait
The non-interactive cron phase awaits a Promise that resolves only when
scheduler.size reaches 0 and no drain is in flight. Recurring cron jobs
never drop the scheduler size to 0 on their own, so the previous abort
handling (added to the hold-back loop) was unreachable — the process
hung indefinitely after SIGINT/SIGTERM. Attach an abort listener inside
the promise so abort stops the scheduler and resolves immediately,
allowing the hold-back loop to run and the process to exit cleanly.
* feat(core): propagate tool-use id through background agent notifications
Plumb the scheduler's callId into AgentToolInvocation via an optional
setCallId hook on the invocation, detected structurally in
buildInvocation. The agent tool forwards it as toolUseId on the
BackgroundTaskRegistry entry so completion notifications can carry a
<tool-use-id> tag and SDK task_started / task_notification events can
emit tool_use_id — letting consumers correlate background completions
back to the original Agent tool-use that spawned them.
* fix(cli): drain single-flight race kept task_notification from emitting
drainLocalQueue wrapped its body in an async IIFE and cleared the
promise reference via finally. When the queue is empty the IIFE has
no awaits, so its finally runs synchronously as part of the RHS of
the assignment `drainPromise = (async () => {...})()` — clearing
drainPromise BEFORE the outer assignment overwrites it with the
resolved promise. The reference then stayed stuck on that fulfilled
promise forever, so later calls short-circuited through
`if (drainPromise) return drainPromise` and never processed
queued notifications.
Symptom: in headless `--output-format json` (and `stream-json`),
task_started emitted but task_notification never did, even after
the background agent completed. The process sat in the hold-back
loop until SIGTERM.
Fix: move the null-clearing out of the async body into an outer
`.finally()` on the returned promise. `.finally()` runs as a
microtask after the current synchronous block, so it clears the
latest drainPromise reference instead of the pre-assignment null.
* fix(cli): append newline to text-mode emitResult so zsh PROMPT_SP doesn't erase the line
Headless text mode wrote `resultMessage.result` without a trailing newline.
In a TTY, zsh themes that use PROMPT_SP (powerlevel10k, agnoster, …) detect
the missing `\n` and emit `\r\033[K` before drawing the next prompt, which
wipes the final line off the screen. Pipe-captured output was unaffected,
so the bug only surfaced for interactive shell users — most visibly in the
background-agent flow where the drain-loop's final assistant message is
the *only* stdout write in text mode.
Append `\n` to both the success (stdout) and error (stderr) writes.
* docs(skill): tighten worked-example blurb in structured-debugging
Mirror the simplified blurb from .claude/skills/structured-debugging/SKILL.md
(knowledge repo). Drops the round-by-round narrative; keeps the contradiction
+ two lessons.
* docs(skill): mirror SKILL.md improvements (reframing failure mode, generalized path, value-logging guidance)
Mirror of knowledge repo commit 38eb28d into the qwen-code .qwen/skills
copy.
* docs(skill): mirror worked example into .qwen/skills/structured-debugging/
Mirrors knowledge/.claude/skills/structured-debugging/examples/
headless-bg-agent-empty-stdout.md so the .qwen copy of the skill links
resolve.
* docs(skill): mirror generalized side-note path guidance
* fix(cli): harden headless cron and background-agent failure paths
Three regressions surfaced by Codex review of feat/background-subagent:
- Cron drain rejections were dropped by a bare `void`, so a failing
queued turn left the outer Promise unresolved and hung the run. Route
drain failures through the Promise's reject so they propagate to the
outer catch.
- The background-agent registry entry was inserted before
`createForkSubagent()` / `createAgentHeadless()` was awaited. Failed
init returned an error from the tool call but left a phantom `running`
entry, and the headless hold-back loop (`registry.getRunning()`) waited
forever. Register only after init succeeds.
- SIGINT/SIGTERM during the hold-back phase aborted background tasks,
then fell through to `emitResult({ isError: false })`, so a cancelled
`qwen -p ...` exited 0 with the prior assistant text. Route through
`handleCancellationError()` so cancellation exits non-zero, matching
the main turn loop.
* test(cli): update stdout/stderr assertions for trailing newline
`feadf052f` appended `\n` to text-mode `emitResult` output, but the
nonInteractiveCli tests still asserted the pre-change strings. Update
the 11 affected assertions to expect the trailing newline.
* fix: address review comments on background-agent notifications
Four additional issues from the PR review that the prior regression-fix
commit didn't cover:
- Escape XML metacharacters when interpolating `description`, `result`,
`error`, `agentId`, `toolUseId`, and `status` into the task-notification
envelope. Subagent output (which itself may carry untrusted tool output,
fetched HTML, or another agent's notification) could contain
`</result>` or `</task-notification>` and forge sibling tags the parent
model would treat as trusted metadata. Truncate result text *before*
escaping so the truncation never slices through an entity like `&`.
- Emit the terminal notification from `cancel()` and `abortAll()`. The
fire-and-forget `complete()`/`fail()` from the subagent task is guarded
by `status !== 'running'` and was no-op'd after cancellation, so SDK
consumers saw `task_started` with no matching `task_notification`,
breaking the contract this PR establishes. Updated two race-guard
tests that asserted the old behavior.
- Call `adapter.finalizeAssistantMessage()` before the abort-triggered
early return inside `drainOneItem`'s stream loop. Without it,
`startAssistantMessage()` had already been called, so stream-json mode
left `message_start` unpaired.
- Enforce `config.getMaxSessionTurns()` in `drainOneItem` for symmetry
with the main turn loop. Cron fires and notification replies otherwise
bypass the budget cap in headless runs.
* fix: address codex review comments for background subagents
- Wrap background fork execute() in runInForkContext so the
recursive-fork guard (AsyncLocalStorage-based) fires when a
background fork's child model calls `agent` again. Previously only
the foreground fork path was wrapped, so background forks could
spawn nested implicit forks.
- Emit queued terminal task_notifications on SIGINT/SIGTERM before
handleCancellationError exits. abortAll() enqueues cancellation
notifications via the registry callback, but the process was
exiting before the drain loop had a chance to flush them — leaving
stream-json consumers that already saw task_started without a
matching terminal task_notification. Extracted the SDK-emit block
into a shared emitNotificationToSdk helper reused by the normal
drain and the cancellation flush.
- Skip notification/cron subtypes in ACP HistoryReplayer. These
records are persisted as type: 'user' so the model's chat history
keeps them for continuity, but they were never user input —
replaying them leaked raw <task-notification> XML (and cron
prompts) back into the ACP session as if the user typed them.
* test(cli): sync JsonOutputAdapter text-mode assertions with trailing newline
Commit 0da1182b7 appended a newline to text-mode emitResult output
(zsh PROMPT_SP fix) and updated the nonInteractiveCli tests, but
four assertions in JsonOutputAdapter.test.ts were missed. Update
them to expect the trailing newline so CI passes.
* refactor: simplify background subagent plumbing
- Extract the SubagentStop hook blocking-decision loop into a
runSubagentStopHookLoop helper so the foreground and background
paths no longer duplicate the iteration/abort/log scaffolding.
- Unify BackgroundTaskRegistry.abortAll to delegate to cancel,
removing copy-pasted abort/notification bookkeeping.
- Drop the unused findByName and BackgroundAgentEntry.name field.
- In nonInteractiveCli drain, hoist inputFormat and
toolCallUpdateCallback out of the inner tool loop, and drop the
unreachable try/catch around the readonly registry.
- Trim boilerplate doc/narration comments while keeping load-bearing
WHY comments.
* fix: address codex review comments for background subagents
- Use tool callId (or short random suffix) instead of Date.now() for
background agentIds; avoids registry collisions when parallel
same-type agents launch in the same millisecond.
- Reset loopDetector and lastPromptId for Notification turns so a
prior turn's loop count doesn't trip LoopDetected on the
notification response.
- Replay notification/cron displayText in ACP HistoryReplayer so
the assistant reply has an antecedent in resumed transcripts.
---------
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* feat(auth): discontinue Qwen OAuth free tier (2026-04-15 cutoff)
The Qwen OAuth free tier has reached its end-of-life date. This updates
all client-side messaging, blocks new OAuth signups, and guides existing
users to alternative providers.
* fix(test): add getModelsConfig mock and update QWEN_OAUTH test expectations
- Add getModelsConfig() to Config mocks in gemini.test.tsx (3 failures)
- Update validateNonInterActiveAuth test to expect exit for QWEN_OAUTH
since validateAuthMethod now returns an error for discontinued free tier
* docs: update quota exceeded alternatives to OpenRouter and Fireworks
- Update README.md news section to recommend OpenRouter and Fireworks
as primary alternatives, with ModelStudio as third option
- Update retry.ts quota error message to include OpenRouter and
Fireworks URLs for users whose OAuth quota has been exhausted
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(test): update retry test assertions to match new quota error message
* docs: update free tier quota to 100 req/day with sunset notice and alternatives
Update all references to reflect the Qwen OAuth free tier policy change:
- 1,000 → 100 requests/day across code, i18n, and docs
- Add 2026-04-15 sunset date everywhere
- Guide users to OpenRouter, Fireworks AI, or ModelStudio in docs
- Remove CHANGELOG.md
---------
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Co-authored-by: tanzhenxin <tanzhenxing1987@gmail.com>
* chore: remove outdated pr-review skill
The .qwen/skills/pr-review skill is outdated and no longer needed.
Also removes the dangling reference from terminal-capture skill.
* chore: add token-stats script to e2e-testing skill
* fix(test): remove flaky AskUserQuestionDialog Submit tab test
The "shows Submit tab for multiple questions" test fails on macOS CI
due to terminal width truncation causing "Submit answers" to render
as just "Submit".
- Add test-engineer agent for bug reproduction and verification
- Add /qc:bugfix command for structured bugfix workflow
- Add e2e-testing skill covering headless/interactive modes, MCP testing
- Add structured-debugging skill for hypothesis-driven debugging
- Simplify AGENTS.md to focus on essential commands and conventions
- Add terminal-capture scenario for bugfix workflow testing
- Add .qwen folder to ESLint ignore list
Known limitations: The /qc:bugfix workflow and e2e-testing skill
are experimental and may be unstable or consume significant tokens.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Update create-pr.md to explicitly use GH_TOKEN when provided
- Ensures PR creation works with user-provided tokens via environment variable
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Remove project-level qwen-settings-config skill and its references/
- Create bundled qc-helper skill at packages/core/src/skills/bundled/
that references docs/users/ for answering usage/config questions
- Update copy_bundle_assets.js to copy docs/users/ into dist/bundled/qc-helper/docs/
- Update dev.js to create symlink for dev mode docs access
- Add bundled docs directory verification in prepare-package.js
- Revert doc-update skills (docs-audit-and-refresh, docs-update-from-diff)
to main branch versions
Add a new section to the PR template encouraging contributors to attach
visual demos of their changes. This helps reviewers understand changes
quickly and prioritizes reviews. Also update CONTRIBUTING.md with
guidelines for different types of changes (bug fixes, features, refactors).
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Add four new custom commands for Qwen Code CLI:
- code-review: Review pull requests with detailed analysis
- commit: Generate commit messages and push changes
- create-issue: Draft and submit GitHub issues
- create-pr: Create well-structured pull requests
These commands provide structured workflows for common GitHub operations.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Add ability to capture multiple screenshots at intervals during
long-running terminal output (e.g., progress bars). Optionally
generates animated GIFs from captured frames using ffmpeg.
Features:
- Streaming capture at configurable intervals
- Early stop when output stabilizes (3 consecutive unchanged frames)
- Duplicate frame skipping
- Animated GIF generation via ffmpeg concat demuxer
- Auto-cleanup of output directory before each run
- Configurable delay before starting captures
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
