* feat(sdk-python): add pypi release workflow
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): build cli before smoke test
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): tighten release conflict handling
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): harden python release workflow
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): tighten stable release guards
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): harden prerelease publish flow
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): reuse release branches on rerun
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): resume incomplete releases
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(release): tighten missing-release checks
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): resume stable release reruns
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): tighten release recovery guards
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* test(sdk-python): cover release version edge cases
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): address release workflow review feedback
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* refactor(sdk-python): address review feedback on release version script
- Remove unreachable `if (type === 'stable')` branch in bumpVersion();
the stable path was dead code since getVersion() throws for all
stable conflicts before calling bumpVersion(). Move nightly conflict
throw to the call site for symmetry.
- Rename getNextPatchBaseVersion → getNextBaseVersion to reflect that
the function can return a prerelease base without incrementing patch.
- Add test for preview+nightly coexistence where nightly base is higher.
🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code)
* fix(sdk-python): address remaining review feedback on release workflow
- Fix failure-issue gate to read github.event.inputs.dry_run directly
instead of steps.vars.outputs.is_dry_run (which is empty when early
steps fail). Add --repo flag for gh issue create when checkout failed.
- Add diagnostic state table to failure-issue body (RELEASE_TAG,
PACKAGE_VERSION, PUBLISH_CHANNEL, RESUME_EXISTING_RELEASE, etc.)
- Fix release-notes error swallow: only silence release not found /
Not Found / HTTP 404, emit :⚠️: for other gh release view errors.
- Improve validateVersion error messages to use human-readable format
keys (X.Y.Z, X.Y.Z-preview.N) matching TS sibling convention.
- Filter fully-yanked versions in getAllVersionsFromPyPI.
- Add console.error log when stable is derived from nightly.
- Add bash regex guard for inputs.version to prevent shell injection.
- Use per-release-type concurrency groups (nightly/preview/stable).
- Add jq null-guard checks for all 6 field extractions.
- Remove misleading --follow-tags from git push (lightweight tags).
🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code)
* fix(sdk-python): rename misleading test description
The test asserts that preview/nightly releases return empty
previousReleaseTag, but the name said "same-channel previous
release tags" which implied non-empty values.
🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code)
* fix(sdk-python): address unresolved review comments on release workflow
- Remove -z check in extract_field() that blocked preview/nightly releases
(previousReleaseTag is legitimately empty for non-stable releases)
- Use static environment.url since step outputs aren't available at job startup
- Use skip-existing for resumed PyPI publish to fill in missing artifacts
- Add AbortSignal.timeout(30s) to PyPI fetch to prevent indefinite hangs
- Add downgrade guard for stable_version_override
- Use GHA :⚠️: annotation instead of console.error for visibility
- Separate yanked/non-yanked version lists so conflict detection includes
yanked versions (PyPI still reserves those slots)
- Filter current release from previousReleaseTag to avoid self-reference on resume
- Add tests for yanked conflict detection, downgrade guard, and resume previousReleaseTag
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): address final review round on release version script
- Fix getNextBaseVersion() first-release skip: use pyproject.toml version
directly when PyPI has no stable versions instead of unconditionally
incrementing
- Fix getNextBaseVersion() off-by-one: change > to >= so equal prerelease
base continues the existing line instead of incrementing patch
- Add :⚠️: annotation when preview auto-bumps due to orphan git
tags (tag exists without PyPI version or GitHub release)
- Add set -euo pipefail to 5 workflow steps missing it: release_branch,
persist_source, Create GitHub release, Delete prerelease branch, Create
issue on failure
- Fix 2 existing tests affected by first-release change, add 4 new tests
🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code)
* fix(sdk-python): use stderr for GHA warning annotations to avoid corrupting JSON stdout
console.log writes to stdout, which gets captured by VERSION_JSON=$(node ...)
in the workflow and corrupts the JSON output for jq. Switch to console.error
so :⚠️: annotations go to stderr (GHA recognizes workflow commands on
both streams). Also add set -euo pipefail to the "Get the version" step for
consistency with other workflow steps.
🤖 Generated with [Qwen Code](https://github.com/QwenLM/qwen-code)
---------
Co-authored-by: jinye.djy <jinye.djy@alibaba-inc.com>
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* docs: scaffold branch for #3247 tool execution unification
Placeholder commit to establish the branch for PR creation.
Actual refactoring will be done in subsequent commits.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* feat(core): add shared permission flow for tool execution unification
This addresses #3247 by consolidating duplicated tool execution behavior
across Interactive, Non-Interactive, and ACP modes behind shared execution
utilities.
- Add permissionFlow.ts: shared L3→L4 permission evaluation logic
- Add permissionFlow.test.ts: comprehensive test coverage (17 tests)
- Export from index.ts for use across all execution modes
Why: Permission handling logic was duplicated in CoreToolScheduler and
Session.runTool(). This shared module ensures consistent behavior across
all modes and provides a single source of truth for future fixes.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* fix(e2e): add bundle step to E2E workflow and fix canUseTool test
- Add 'npm run bundle' to E2E workflow so dist/cli.js exists for SDK tests
- Fix 'should handle control responses when stdin closes before replies' test:
- Use helper.getPath() for absolute file path
- Make prompt explicitly invoke write_file tool
- Remove inputStreamDonePromise timeout that caused false failures
- Add q.endInput() to signal stdin done
- Assert canUseTool was called and file content is updated
* fix(core): wire evaluatePermissionFlow() and address PR review feedback
Address review feedback on PR #3723:
- Wire evaluatePermissionFlow() in coreToolScheduler.ts (both call sites)
- Wire evaluatePermissionFlow() in Session.ts (ACP mode)
- Delete TOOL_EXECUTION_UNIFICATION.md (had literal \n artifacts)
- Add PermissionFlowPermission union type for stronger typing
- Document the 'default' permission state in docstring
- Use needsConfirmation/isPlanModeBlocked/isAutoEditApproved helpers
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
After a stable/patch CLI release, the release branch version bump was
never synced back to main, causing nightly versions to fall behind
stable (e.g. nightly 0.15.3 < stable 0.15.5). Add automated PR
creation and auto-merge steps (matching the existing release-sdk.yml
pattern) so package.json on main stays in sync after each release.
Resolves#3756
The repo disallows merge commits, so `gh pr merge --merge --auto` always
exits 1 — every release run goes red even when publish, tag, and PR
creation all succeed (e.g. v0.1.7 in run 25036315088). Switch to
`--squash` to match the repo's allowed merge methods.
* Codex worktree snapshot: startup-cleanup
Co-authored-by: Codex
* Add Python SDK real smoke test
Adds a repository-only real E2E smoke script for the Python SDK, plus npm and developer documentation entry points.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): address review findings — bugs, type safety, and test coverage
- Fix prepare_spawn_info: JS files now use "node" instead of sys.executable
- Fix protocol.py: correct total=False misuse on 7 TypedDicts (required fields were optional)
- Fix query.py: add _closed guard in _ensure_started, suppress exceptions in close()
- Fix sync_query.py: prevent close() deadlock, add context manager, add timeouts
- Fix transport.py: handle malformed JSON lines, add _closed guard in start()
- Fix validation.py: use uuid.RFC_4122 instead of magic UUID
- Fix __init__.py: export TextBlock, widen query_sync signature
- Remove dead code: ensure_not_aborted, write_json_line, _thread_error
- Add 12 new tests (29 → 41): context managers, JSON skip, closed guards, spawn info, timeouts
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): address wenshao review — session_id, bool validation, debug stderr
- Fix continue_session=True generating a wrong random session_id
- Add _as_optional_bool helper for strict type validation on bool fields
- Default debug stderr to sys.stderr when no custom callback is provided
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): address remaining wenshao review feedback
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* test(cli): harden settings dialog restart prompt test
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): review fixes — UUID compat, stderr fallback, sync cleanup
- Remove UUID version restriction to support v6/v7/v8 (RFC 9562)
- Always write to sys.stderr when stderr callback raises (was silent when debug=False)
- Prevent duplicate _STOP sentinel in SyncQuery.close() via _stop_sent flag
- Add ruff format --check to CI workflow
- Fix smoke_real.py version guard: fail early before imports instead of NameError
- Apply ruff format to existing files
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): remaining review fixes — exit_code attr, guard strictness, sync timeout
- Add exit_code attribute to ProcessExitError for programmatic access
- Strengthen is_control_response/is_control_cancel guards to require
payload fields, preventing misrouting of malformed messages
- Expose control_request_timeout property on Query so SyncQuery uses
the configured timeout instead of a hardcoded 30s default
- Use dataclasses.replace() instead of direct mutation on frozen-style
QueryOptions in query() factory
- Add ResourceWarning in SyncQuery.__del__ when not properly closed
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): add exit_code default and guard __del__ against partial GC
- Give ProcessExitError.exit_code a default value (-1) so user code can
construct the exception with just a message string
- Wrap SyncQuery.__del__ in try/except AttributeError to prevent crashes
when the object is partially garbage-collected
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): review fixes — resource leak, type safety, CI matrix, docs
- Fix SyncQuery.__del__ to call close() on GC instead of only warning
- Replace hasattr duck-type check with isinstance(prompt, AsyncIterable)
- Type-validate permission_mode/auth_type in QueryOptions.from_mapping
- Use TypeGuard return types on all is_sdk_*/is_control_* predicates
- Add 5s margin to sync wrapper timeouts to prevent error type masking
- Expand CI matrix to test Python 3.10, 3.11, 3.12
- Change ProcessExitError.exit_code default from -1 to None
- Add stderr to docs QueryOptions listing
- Update README sync example to use context manager pattern
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): preserve iterator exhaustion state and suppress detached task warning
- Add _exhausted flag to Query.__anext__ and SyncQuery.__next__ so
repeated iteration after end-of-stream raises Stop(Async)Iteration
instead of blocking forever.
- Remove re-raise in _initialize() to prevent asyncio
"Task exception was never retrieved" warning on detached tasks;
the error is already surfaced via _finish_with_error().
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): reject mcp_servers at validation time and add iterator/init tests
- Reject mcp_servers in validate_query_options() with a clear error
instead of advertising MCP support to the CLI and then failing at
runtime when mcp_message arrives.
- Remove dead mcp_servers branch from _initialize().
- Add tests for async/sync iterator exhaustion, detached init task
warning suppression, and mcp_servers validation.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(sdk-python): fix ruff lint errors in new tests
- Use ControlRequestTimeoutError instead of bare Exception (B017)
- Fix import sorting for stdlib vs third-party (I001)
- Break long line to stay within 88-char limit (E501)
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* style(sdk-python): apply ruff format to new tests
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
---------
Co-authored-by: jinye.djy <jinye.djy@alibaba-inc.com>
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* fix(i18n): sync mismatched keys between en.js and zh.js (#3503)
Add 4 keys missing from en.js that are actively used in source code,
add 5 missing Chinese translations to zh.js, integrate check-i18n
into CI to prevent future drift, and skip JSON file write in CI to
avoid dirtying the working tree.
---
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
* ci(stale): enable 28+28 stale/close policy for pull requests
- Fix the repository guard so the workflow actually runs on
QwenLM/qwen-code (it was previously gated to google-gemini/gemini-cli
and never executed in this repo).
- Scope the behavior to pull requests for now; issue policy will be
introduced separately once triage labels are in place.
- Mark a PR stale after 4 weeks without activity, then close it after
another 4 weeks.
- Exempt pinned, security, status/blocked, status/on-hold, and
status/ready-for-merge from auto-close.
- Remove the stale label automatically when activity resumes, and
process the oldest PRs first on each run.
* ci(stale): loosen PR cadence from 28+28 to 35+35
Five weeks + five weeks gives contributors more slack around holidays
and busy periods, and reduces the first-run impact on the existing
backlog. The total window moves from 56 days to 70 days.
* ci(stale): move cron from 01:30 UTC to 00:30 UTC
Shift by one hour so results are ready before the Beijing work day
starts (08:30 local), while still avoiding the top of the hour (the
high-contention window for GitHub-hosted runners) and staying 30
minutes after release.yml at 00:00 UTC.
* ci(stale): drop redundant repo guard and document ops-per-run
- Remove the `github.repository == 'QwenLM/qwen-code'` job guard:
scheduled runs are already disabled on forks by GitHub, and
workflow_dispatch is manually-triggered so the guard adds no safety.
- Add a comment explaining the `operations-per-run: 100` rationale
(rate-limit headroom given the ~150-PR backlog).
- Mark @qwen-code/channel-plugin-example as private in package.json
- Remove publish step from release workflow
- Remove file: to semver rewrite logic in version script
- Use file: reference for @qwen-code/channel-base dependency
This change prevents the example plugin from being published to npm, as it's only intended for internal/development use.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Move non-interactive tests to cli/, interactive tests to interactive/.
Add cron-interactive.test.ts wrapping terminal-capture E2E in vitest.
Update npm scripts and release workflow for new directory layout.
- Bump channel package versions to 0.13.0
- Add publish steps for @qwen-code/channel-base and @qwen-code/channel-plugin-example
- Update version script to convert file: references to semver for published packages
This enables proper npm publishing of channel packages during the release process.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Use printf instead of echo for safer string output
- Remove --notes-start-tag as we use --notes-file for custom release notes
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Fix release-sdk.yml: Use file-based approach with --notes-file instead of
complex inline string interpolation to avoid shell parsing errors with
backticks and special characters
- Fix release.yml: Add --prerelease flag for nightly and preview releases
to properly mark them as pre-releases on GitHub
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add getNextPatchVersion() to calculate next patch version from npm latest
- Fix getNightlyVersion() to use npm latest + 1 patch instead of package.json
- Fix getPreviewVersion() to use npm latest + 1 patch instead of nightly version
- Add version info logging in workflow for dry-run verification
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Remove dist/ directory requirement from workflow (CLI files are in package root)
- Update bundle-cli-from-npm.js to use package root directly instead of package/dist
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Fix SC2086: double quote variables to prevent globbing and word splitting
- Fix yamllint quoted-strings: wrap if conditions with double quotes
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Add 'cli_ref' input parameter to specify CLI version to bundle
- Auto-detect latest stable CLI tag when cli_ref not specified
- Validate that stable SDK releases use tagged CLI versions (not main)
- Record bundled CLI version in SDK dist and release notes
This ensures SDK releases bundle stable, tested CLI code instead of
potentially unstable main branch code.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
Prevents workflow failure when some platform VSIXes are already
published (e.g., darwin-arm64, darwin-x64) during retry runs.
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
When create_preview_release is enabled, allow the workflow_dispatch version input
to control the preview version (and avoid appending a timestamp if a preview id
is already provided) to match user intent.
- Re-enable macOS x64 CI builds using macos-15-intel runner
- Remove generic node-pty dependency in favor of platform-specific @lydell/node-pty-* packages
- Add ripgrep binary pruning for platform-specific builds to reduce VSIX size
- Add Windows workaround to remove npm junction self-references during packaging
- Remove redundant version update from prepare job (only needed before packaging)
- Use npm run release:version to update all package versions consistently
- Add build and bundle step before packaging
- Fix report-failure job by adding --repo flag to gh issue create
- Temporarily disable darwin-x64 build (macos-latest-large) due to billing
- Fix yaml lint errors by properly quoting conditional expressions
- Update package version step to use correct working directory
- Modify test execution to run in the correct directory (packages/vscode-ide-companion)
- Enhance version retrieval logic to use actual package version for preview releases
- Add working directory to all relevant steps for consistency
- Simplify package version update command by removing redundant workspace flag
These changes ensure the release workflow runs correctly and follows
consistent directory structure practices.
