vrr/qwen-code
2
0
Fork 0
mirror of https://github.com/QwenLM/qwen-code.git synced 2026-05-18 23:42:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
qwen-code/docs/users/configuration/settings.md
tanzhenxin 78ad595581
feat(core): support QWEN_HOME env var to customize config directory (#2953) 
* feat(core): support QWEN_CONFIG_DIR env var to customize config directory

Allow users to override the default ~/.qwen config directory location
via the QWEN_CONFIG_DIR environment variable. This enables users on dev
machines with external disk mounts or custom home directory layouts to
persist config at a location of their choosing.

Changes:
- Add QWEN_CONFIG_DIR check to Storage.getGlobalQwenDir() (absolute and
  relative path support)
- Eliminate 11 redundant '.qwen' constant definitions across packages
- Replace 16+ direct os.homedir() + '.qwen' path constructions with
  Storage.getGlobalQwenDir() calls
- Inline env var checks for packages that cannot import from core
  (channels, vscode-ide-companion, standalone scripts)
- Add unit tests for the new env var behavior
- Project-level .qwen/ directories are NOT affected

Closes #2951

* fix(core): use path.resolve/join in QWEN_CONFIG_DIR tests for Windows compat

Hardcoded Unix paths like '/tmp/custom-qwen/settings.json' fail on
Windows where path APIs produce backslash separators. Use path.resolve()
for inputs and path.join() for assertions so the tests pass cross-platform.

* test(cli): remove flaky 'should keep restart prompt when switching scopes' test

Timing-sensitive UI test that fails intermittently on Windows CI due to
async ANSI output not settling within the wait window.

* feat(core): route remaining hardcoded ~/.qwen/ paths through Storage.getGlobalQwenDir()

Update channel status, memory command, extension storage, skills
discovery, and memory discovery to use Storage.getGlobalQwenDir()
instead of hardcoded os.homedir()/.qwen paths, ensuring QWEN_CONFIG_DIR
env var is respected throughout the codebase.

* fix(tests): mock os.homedir before makeFakeConfig for Storage.getGlobalQwenDir

Storage.getGlobalQwenDir() is now called during Config construction,
which requires os.homedir() to be mocked before makeFakeConfig() is
called. Also mock Storage.getGlobalQwenDir in memoryCommand tests
since it uses a cross-package import that vi.spyOn doesn't intercept.

* fix(core): respect QWEN_CONFIG_DIR for .env discovery and install source

findEnvFile() walk-up would find legacy ~/.qwen/.env before checking
QWEN_CONFIG_DIR/.env when the workspace was under $HOME. Skip the
legacy path when a custom config dir is set so the fallback picks up
the correct file.

Also add a legacy fallback in readSourceInfo() since the installer
always writes source.json to ~/.qwen/ regardless of QWEN_CONFIG_DIR.

* refactor(core): rename QWEN_CONFIG_DIR to QWEN_HOME and fix runtime path resolution

Rename the env var before it ships (zero existing users) to match the
convention of CARGO_HOME, GRADLE_USER_HOME, etc. — "HOME" means "root of
all tool state", not just config.

Key changes:
- Rename QWEN_CONFIG_DIR → QWEN_HOME across all packages and scripts
- Add shared path utils in vscode-ide-companion and channels/base to
  eliminate scattered inline env var resolution
- Fix runtime path mismatch: IDE lock files and session paths in the
  vscode extension now route through getRuntimeBaseDir() (checking
  QWEN_RUNTIME_DIR first), matching core Storage behavior
- Fix telemetry_utils.js otel path to check QWEN_RUNTIME_DIR for tmp/
- Add E2E integration tests for QWEN_HOME scenarios

* fix(core): address critical review issues for QWEN_HOME support

Pass resolved QWEN_HOME as a dedicated QWEN_DIR sandbox parameter so
macOS Seatbelt profiles allow writes to custom config directories.
Fix hookRunner treating signal-killed hooks as success by using ?? -1
instead of || 0. Add QWEN_HOME and QWEN_RUNTIME_DIR to the env vars
documentation table.

* fix(sandbox): whitelist QWEN_RUNTIME_DIR in macOS Seatbelt profiles

When QWEN_RUNTIME_DIR is set separately from QWEN_HOME, the sandbox
was blocking writes to the runtime directory (debug logs, chat history,
IDE locks, sessions). Pass RUNTIME_DIR as a sandbox parameter and add
the corresponding subpath rule to all six .sb profiles.

* fix(core): add tilde expansion to QWEN_HOME and align satellite path helpers

- Extract resolvePath() from resolveRuntimeBaseDir() so QWEN_HOME gets
  the same ~/tilde expansion that QWEN_RUNTIME_DIR already had.
- Port resolvePath() to vscode-ide-companion and channels/base mirrors,
  fixing tilde handling in getRuntimeBaseDir() for the IDE companion.
- Add missing os.tmpdir() fallback in channels/base getGlobalQwenDir().
- Add unit tests for tilde expansion in QWEN_HOME.
- Clarify prompts.ts comment that system.md default is global, not
  project-level.

* fix(core): add tilde expansion to scripts and fix extension cache QWEN_HOME support

Add resolvePath() helper to standalone JS scripts (sandbox_command.js,
telemetry.js, telemetry_utils.js) so QWEN_HOME=~/custom expands
consistently with core Storage.resolvePath().

Fix ExtensionManager.refreshCache() to use ExtensionStorage.getUserExtensionsDir()
instead of hardcoded os.homedir(), so extensions installed under a custom
QWEN_HOME are discoverable.

* test: remove flaky InputPrompt tab-suggestion test on Windows

* test: remove flaky tests that fail intermittently on Windows

Removes 'does not accept the prompt suggestion on shift+tab' from
InputPrompt.test.tsx and 'should keep restart prompt when switching
scopes' from SettingsDialog.test.tsx. Both have been observed to fail
intermittently on the Windows CI workers; the underlying behaviors are
covered by adjacent assertions and end-to-end tests.

* revert(core): keep system.md path project-local under .qwen/

The QWEN_HOME refactor incorrectly routed the QWEN_SYSTEM_MD default path
through Storage.getGlobalQwenDir() (i.e. ~/.qwen/system.md or
$QWEN_HOME/system.md). The original semantics — inherited from the
upstream Gemini-CLI sync — are project-local: <cwd>/.qwen/system.md.

System-prompt customization is intentionally per-project so that each
repository can ship its own override without global side effects. Users
who want a global override can still set QWEN_SYSTEM_MD to an absolute
path. This revert keeps that behavior intact while leaving the rest of
the QWEN_HOME plumbing (settings, credentials, extensions, skills, memory)
unchanged.

* refactor(core): unify QWEN_CONFIG_DIR into the canonical QWEN_DIR

Three definitions of the literal '.qwen' string existed across the
codebase:

- QWEN_DIR in config/storage.ts (canonical, used by the Storage class)
- QWEN_CONFIG_DIR in memory/const.ts
- QWEN_CONFIG_DIR in tools/memory-config.ts (a near-clone of the above)

The QWEN_CONFIG_DIR name also collided with a former env-var name (now
renamed to QWEN_HOME on this branch), making it ambiguous whether call
sites referred to a configurable env var or a hardcoded directory name.

Drop the duplicates and route the only call sites (prompts.ts and its
test) through QWEN_DIR from config/storage.ts. The mock factory in
config.test.ts is updated to no longer expose the removed export.

* fix(integration-tests): use 'extensions list' to trigger settings migration

Tests 2b and 3a in cli/qwen-config-dir.test.ts relied on running
\`qwen --help\` to invoke loadSettings() (and thus the V1→V3 settings
migration). That worked when loadSettings() ran before parseArguments()
in the CLI startup sequence. Main has since flipped the order:
parseArguments() runs first, and yargs intercepts --help and exits the
process before loadSettings() is reached, so migration never runs and
the tests' migration probe always reads back V1.

Switch to \`qwen extensions list\` instead. It is a yargs subcommand that
runs through main() to loadSettings() without requiring an API key, so
migration runs as expected. Update the inline comments to document why
--help cannot be used and why this command works.

* fix(memory): route auto-memory base dir through Storage.getGlobalQwenDir()

The auto-memory subsystem (introduced on main in #3087) computed its base
directory by hardcoding path.join(os.homedir(), QWEN_DIR). That bypassed
QWEN_HOME entirely, so global auto-memory artifacts always landed in
~/.qwen/projects/... regardless of the user's configured QWEN_HOME path.

Route the default through Storage.getGlobalQwenDir() so QWEN_HOME is
honored. The QWEN_CODE_MEMORY_BASE_DIR test override stays as the
highest-priority short-circuit.

Discovered while running the QWEN_HOME e2e test plan against the merged
branch — Group B test B3 (memory tool writes to QWEN_HOME) was the only
failing scenario across A/B/C/D groups.

* fix(cli): treat custom QWEN_HOME .env as user-level

When QWEN_HOME points to a directory whose path does not contain
`.qwen` (e.g., `/tmp/qwen-home`), the global `.env` was misclassified
as a project-level env file. As a result, default-excluded variables
such as `DEBUG` and `DEBUG_MODE` were silently dropped even though
they came from the user-level config directory.

The classification now reuses the same user-level path set computed
by `findEnvFile`, so any `.env` inside the resolved global Qwen
directory (or directly under `~/`) is recognized as user-level.

Also drop the misleading "does not expand `~`" note from the
QWEN_HOME documentation — `Storage.getGlobalQwenDir` does expand
leading tildes via `Storage.resolvePath`.

* fix(cli): drop legacy .qwen substring check from env-file classification

The user-level env-file detection now keys solely off the precomputed
user-level path set, which already covers ~/.env and ${QWEN_HOME}/.env.
The legacy substring fallback misclassified <repo>/.qwen/.env as
user-level, so excludedEnvVars no longer applied to it.

* fix(core): align plain-text hook output with documented exit-code semantics

Per docs/users/features/hooks.md, only exit code 2 is a blocking error;
all other non-zero exit codes are non-blocking and execution should
continue. The plain-text branch in convertPlainTextToHookOutput
previously denied on every non-zero, non-1 exit code (3, 127, signal
fallbacks), contradicting the documented behavior.

Collapse all non-blocking non-zero codes to EXIT_CODE_NON_BLOCKING_ERROR
before passing into the converter so they take the warning path
consistently.

* chore: trigger CI

* fix(cli): pass QWEN_HOME and QWEN_RUNTIME_DIR into docker/podman sandbox

The container CLI previously had no awareness of the host's QWEN_HOME or
QWEN_RUNTIME_DIR values. The global qwen dir worked only because the
mount target happens to match the default fallback inside the sandbox,
and the runtime base dir was lost entirely when it diverged from the
global qwen dir.

* fix(cli): canonicalize sandbox QWEN/RUNTIME paths and pin IDE lock dir

Two reviewer-flagged issues from PR #2953:

* macOS Seatbelt was passed `path.resolve` for `QWEN_DIR`/`RUNTIME_DIR`
  while neighbouring directories used `fs.realpathSync`. With a symlinked
  `QWEN_HOME` or `QWEN_RUNTIME_DIR`, sandbox-exec would compare against
  the canonical kernel path and deny writes. Create the dirs (so
  `realpathSync` can succeed on first run) then canonicalize them like
  the surrounding entries.

* The VS Code companion wrote IDE lock files via the runtime base dir
  while the CLI side resolves the runtime dir from settings too. That
  divergence silently desynced lock-file discovery whenever a user set
  `advanced.runtimeOutputDir` without `QWEN_RUNTIME_DIR`. Anchor both
  sides to `getGlobalQwenDir()` since the companion process can only
  see env vars, not CLI settings.

* fix(cli): finish QWEN_HOME plumbing across env, memory, rules, sandbox

Codex review surfaced four user-visible spots where QWEN_HOME wasn't
threaded through:

* `findEnvFile` walked through the user home dir before consulting the
  QWEN_HOME fallback, so `~/.env` shadowed `<QWEN_HOME>/.env` and
  reversed the qwen-specific precedence the default `~/.qwen/.env` path
  enjoys. Add a home-dir-step check that prefers the custom Qwen dir
  when set.

* `MemoryDialog` displayed and edited `~/.qwen/QWEN.md` regardless of
  QWEN_HOME. Memory discovery already routes through Storage, so user
  edits via the dialog were silently ignored at runtime. Route the
  dialog through `Storage.getGlobalQwenDir()` to match.

* `loadRules` looked up global rules at `~/.qwen/rules/`, ignoring
  QWEN_HOME entirely. Use the global Qwen dir like the rest of the
  config surfaces.

* The Docker/Podman sandbox path called `mkdirSync(userSettingsDir)`
  without `recursive`. Pre-PR the dir was always `~/.qwen` and the
  parent existed; with a nested QWEN_HOME like `/tmp/qwen/config` the
  first run threw ENOENT before the mount could be added.

* fix(cli): block project .env from redirecting QWEN_HOME and QWEN_RUNTIME_DIR

A project `.env` could set QWEN_HOME after settings were already loaded
from the real home, splitting global state: settings.json read from
~/.qwen but later writes (installation_id, OAuth credentials, MCP tokens)
landed in the project-controlled directory. The user-configurable
excludedEnvVars list isn't the right place for this — it's a correctness
boundary, not a preference — so always exclude these two vars from
project .env files. User-level .env files (~/.qwen/.env) are unaffected.

* fix(cli): keep workspace .qwen/.env unfiltered and pre-resolve user QWEN_HOME

The env-file classification conflated two concerns: which paths may
override global state vars, and which paths are exempt from the
user-configurable excludedEnvVars filter. Splitting them lets a
workspace `<repo>/.qwen/.env` carry DEBUG/DEBUG_MODE per the documented
contract while still being blocked from redirecting QWEN_HOME or
QWEN_RUNTIME_DIR.

A QWEN_HOME set in `~/.qwen/.env` or `~/.env` would also previously
arrive too late: USER_SETTINGS_PATH was captured at module load and
loadSettings migrated `~/.qwen/settings.json` before loadEnvironment
applied the override, leaving credentials, MCP tokens, and
installation_id pointed at the new directory while settings stayed at
the legacy one. A pre-pass now reads those user-level files for the
two storage-controlling vars before any user settings are loaded, and
the user settings path is re-resolved locally so all global state lands
in one place.

* fix(cli): make user-settings paths lazy to pick up bootstrapped QWEN_HOME

USER_SETTINGS_PATH/USER_SETTINGS_DIR in settings.ts and the duplicate
USER_SETTINGS_DIR in trustedFolders.ts were top-level consts evaluated
at module load — before preResolveHomeEnvOverrides() reads QWEN_HOME
from ~/.env or ~/.qwen/.env. Callers (sandbox launcher, trusted-folders
reader) saw the legacy ~/.qwen path while the main CLI had moved to the
custom home, splitting state.

Convert all three to lazy getter functions and add a regression test
that pokes process.env.QWEN_HOME after import and asserts each getter
reflects it — any future top-level capture turns the test red.

Mirror the same ~/.env / ~/.qwen/.env bootstrap into
scripts/sandbox_command.js, which previously only read process.env
directly and could disagree with the main CLI on the sandbox setting.

Addresses review threads #3159793469, #3177804507, and item #2 of the
2026-05-06 review summary.

* fix(cli): address qwen home review follow-ups

* test(cli): normalize path in QWEN_HOME freshness assertion for Windows

`getUserSettingsDir()` returns `path.dirname(...)`, which on Windows uses
backslash separators. The bare string comparison failed on Windows runners
("\tmp\qwen-lazy-test" vs "/tmp/qwen-lazy-test"). Wrap the expected value
in `path.normalize()` to match the OS-native separator, mirroring the two
sibling assertions that already use `path.join()`.

* fix(cli): close storage-routing leaks via settings.env and project sandbox .env

settings.env (merged) was being applied to process.env without filtering, so
a workspace settings.json could redirect global state by setting
env.QWEN_HOME or env.QWEN_RUNTIME_DIR after the home-scoped .env bootstrap
ran. Apply PROJECT_ENV_HARDCODED_EXCLUSIONS to the settings.env path too.

scripts/sandbox_command.js's project-walk fallback called dotenv.config() to
find QWEN_SANDBOX, which injected every parsed key — including QWEN_HOME /
QWEN_RUNTIME_DIR the main CLI hard-blocks. Replace with a manual parse that
copies only QWEN_SANDBOX.

Add a startup migration warning when QWEN_HOME points to a directory with
no settings.json while ~/.qwen/settings.json exists, so users notice that
their existing OAuth tokens / settings / memory aren't auto-migrated.

* test: cover QWEN_HOME / QWEN_RUNTIME_DIR in duplicated path helpers

Adds targeted unit tests for the two TypeScript mirrors of
Storage.getGlobalQwenDir() / getRuntimeBaseDir() that live outside
packages/core to avoid cross-package imports. Covers default, absolute,
relative, ~/x, ~\x, and bare ~ inputs, plus the runtime/home priority
chain in the IDE companion.

* fix: bootstrap QWEN_HOME before yargs handlers and in VS Code companion

Two storage-routing leaks surfaced by Codex review of feat/qwen-config-dir:

- channel status/stop call readServiceInfo() inside yargs handlers that
  process.exit before loadSettings() runs, so QWEN_HOME defined only in
  ~/.qwen/.env or ~/.env never resolved for them. The same race exists
  for the duplicate-instance check at the top of channel start. Hoist
  preResolveHomeEnvOverrides() to the top of main() so all subcommand
  handlers see the bootstrapped env vars.

- The VS Code companion's getGlobalQwenDir / getRuntimeBaseDir read
  process.env directly, missing the same .env pre-pass. If a user only
  configures QWEN_HOME via ~/.qwen/.env, the CLI looks under the
  redirected dir while the companion writes IDE lock files under
  ~/.qwen, breaking IDE discovery. Mirror the CLI pre-pass in the
  companion (lazy, idempotent) without importing from core.

* fix(config): preserve credentials in legacy ~/.qwen/.env when QWEN_HOME redirects

When QWEN_HOME is bootstrapped from `~/.qwen/.env`, the home-dir env walk
previously skipped that file and never read `<QWEN_HOME>/.env` from the
companion. This stranded non-routing credentials (e.g. OPENAI_API_KEY)
left in `~/.qwen/.env` and let the companion write IDE lock files into a
different runtime dir than the CLI was reading from.

- CLI: fall back to `~/.qwen/.env` after `<QWEN_HOME>/.env` at both the
  home-dir step and the post-walk fallback in findEnvFile, and treat the
  legacy path as user-level for trust and exclusion semantics.
- Companion: after the initial candidate pass discovers QWEN_HOME, also
  read `<QWEN_HOME>/.env` so QWEN_RUNTIME_DIR sourced from there matches
  what the CLI's findEnvFile would pick.

* refactor(cli): simplify QWEN_HOME plumbing — dedupe helpers, latch, comments

- replace local isSameOrChildPath with core's isSubpath in sandbox.ts
- latch preResolveHomeEnvOverrides so it runs once per process
- pass userLevelPaths from loadEnvironment into findEnvFile (no recompute)
- collapse findEnvFile's home-dir branch and post-loop fallback into one
  shared candidate list (drops duplicate existsSync calls)
- factor extensionManager's user-extensions loop into a private helper
- use QWEN_DIR constant instead of '.qwen' literal in skill-manager
- trim narrative / PR-history comments across changed files

* fix(cli): align QWEN_HOME .env bootstrap across CLI, sandbox, telemetry

Telemetry scripts previously read process.env.QWEN_HOME directly, so a
QWEN_HOME set only in ~/.env or ~/.qwen/.env left telemetry writing to
~/.qwen while the CLI routed elsewhere. Extract the bootstrap into
scripts/lib/qwen-home-bootstrap.js and have sandbox_command.js,
telemetry.js, and telemetry_utils.js share it.

Also add a third-pass <new QWEN_HOME>/.env read in
preResolveHomeEnvOverrides so the CLI and VS Code companion agree on
QWEN_RUNTIME_DIR when it is configured under the new home dir.

* test(integration-tests): update QWEN_HOME assertions for v4 schema

Settings schema was bumped to v4 on main (gitCoAuthor migration). The
qwen-config-dir tests still asserted post-migration $version === 3, so
they failed after the merge. Bump the assertions to 4 and the seed in
3a to match, and point a comment at SETTINGS_VERSION so the next bump
is easy to find.
2026-05-09 15:51:52 +08:00

150 KiB
Raw Blame History

Qwen Code Configuration

Tip

Authentication / API keys: Authentication (API Key, Alibaba Cloud Coding Plan) and auth-related environment variables (like OPENAI_API_KEY) are documented in Authentication.

Note

Note on New Configuration Format: The format of the settings.json file has been updated to a new, more organized structure. The old format will be migrated automatically. Qwen Code offers several ways to configure its behavior, including environment variables, command-line arguments, and settings files. This document outlines the different configuration methods and available settings.

Configuration layers

Configuration is applied in the following order of precedence (lower numbers are overridden by higher numbers):

Level Configuration Source Description
1 Default values Hardcoded defaults within the application
2 System defaults file System-wide default settings that can be overridden by other settings files
3 User settings file Global settings for the current user
4 Project settings file Project-specific settings
5 System settings file System-wide settings that override all other settings files
6 Environment variables System-wide or session-specific variables, potentially loaded from .env files
7 Command-line arguments Values passed when launching the CLI

Settings files

Qwen Code uses JSON settings files for persistent configuration. There are four locations for these files:

File Type Location Scope
System defaults file Linux: /etc/qwen-code/system-defaults.json
Windows: C:\ProgramData\qwen-code\system-defaults.json
macOS: /Library/Application Support/QwenCode/system-defaults.json
The path can be overridden using the QWEN_CODE_SYSTEM_DEFAULTS_PATH environment variable.		 Provides a base layer of system-wide default settings. These settings have the lowest precedence and are intended to be overridden by user, project, or system override settings.
User settings file ~/.qwen/settings.json (where ~ is your home directory). Applies to all Qwen Code sessions for the current user.
Project settings file .qwen/settings.json within your project's root directory. Applies only when running Qwen Code from that specific project. Project settings override user settings.
System settings file Linux /etc/qwen-code/settings.json
Windows: C:\ProgramData\qwen-code\settings.json
macOS: /Library/Application Support/QwenCode/settings.json
The path can be overridden using the QWEN_CODE_SYSTEM_SETTINGS_PATH environment variable.		 Applies to all Qwen Code sessions on the system, for all users. System settings override user and project settings. May be useful for system administrators at enterprises to have controls over users' Qwen Code setups.

Note

Note on environment variables in settings: String values within your settings.json files can reference environment variables using either $VAR_NAME or ${VAR_NAME} syntax. These variables will be automatically resolved when the settings are loaded. For example, if you have an environment variable MY_API_TOKEN, you could use it in settings.json like this: "apiKey": "$MY_API_TOKEN".

The .qwen directory in your project

In addition to a project settings file, a project's .qwen directory can contain other project-specific files related to Qwen Code's operation, such as:

Configuration migration

Qwen Code automatically migrates legacy configuration settings to the new format. Old settings files are backed up before migration. The following settings have been renamed from negative (disable*) to positive (enable*) naming:

Old Setting New Setting Notes
disableAutoUpdate + disableUpdateNag general.enableAutoUpdate Consolidated into a single setting
disableLoadingPhrases ui.accessibility.enableLoadingPhrases
disableFuzzySearch context.fileFiltering.enableFuzzySearch
disableCacheControl model.generationConfig.enableCacheControl

Note

Boolean value inversion: When migrating, boolean values are inverted (e.g., disableAutoUpdate: true becomes enableAutoUpdate: false).

Consolidation policy for disableAutoUpdate and disableUpdateNag

When both legacy settings are present with different values, the migration follows this policy: if either disableAutoUpdate or disableUpdateNag is true, then enableAutoUpdate becomes false:

disableAutoUpdate disableUpdateNag Migrated enableAutoUpdate
false false true
false true false
true false false
true true false

Available settings in settings.json

Settings are organized into categories. Most settings should be placed within their corresponding top-level category object in your settings.json file. A few compatibility settings, such as proxy, are top-level keys.

top-level

Setting Type Description Default
proxy string Proxy URL for CLI HTTP requests. Precedence is --proxy > proxy in settings.json > HTTPS_PROXY / https_proxy / HTTP_PROXY / http_proxy environment variables. undefined

general

Setting Type Description Default
general.preferredEditor string The preferred editor to open files in. undefined
general.vimMode boolean Enable Vim keybindings. false
general.enableAutoUpdate boolean Enable automatic update checks and installations on startup. true
general.showSessionRecap boolean Auto-show a one-line "where you left off" recap when returning to the terminal after being away. Off by default. Use /recap to trigger manually regardless of this setting. false
general.sessionRecapAwayThresholdMinutes number Minutes the terminal must be blurred before an auto-recap fires on focus-in. Only used when showSessionRecap is enabled. 5
general.gitCoAuthor.commit boolean Add a Co-authored-by trailer to git commit messages AND attach a per-file AI-attribution git note (refs/notes/ai-attribution) for commits made through Qwen Code. Disabling skips both. true
general.gitCoAuthor.pr boolean Append a Qwen Code attribution line to pull request descriptions when running gh pr create. true
general.checkpointing.enabled boolean Enable session checkpointing for recovery. false
general.defaultFileEncoding string Default encoding for new files. Use "utf-8" (default) for UTF-8 without BOM, or "utf-8-bom" for UTF-8 with BOM. Only change this if your project specifically requires BOM. "utf-8"

output

Setting Type Description Default Possible Values
output.format string The format of the CLI output. "text" "text", "json"

ui

Setting Type Description Default
ui.theme string The color theme for the UI. See Themes for available options. undefined
ui.customThemes object Custom theme definitions. {}
ui.statusLine object Custom status line configuration. A shell command whose output is shown in the footer's left section. See Status Line. undefined
ui.hideWindowTitle boolean Hide the window title bar. false
ui.hideTips boolean Hide all tips (startup and post-response) in the UI. See Contextual Tips. false
ui.hideBanner boolean Hide the startup ASCII logo and info panel. Tips and chat input still render unless ui.hideTips is also set. false
ui.customBannerTitle string Replace the default >_ Qwen Code title in the banner info panel. The (vX.Y.Z) version suffix is always appended; auth, model, and path lines are not affected. Sanitized; capped at 80 characters. ""
ui.customBannerSubtitle string Optional subtitle line rendered between the banner title and the auth/model line, in place of the blank spacer row. Sanitized; capped at 160 characters. Empty (default) keeps the original blank spacer. ""
ui.customAsciiArt string | object Replace the QWEN ASCII logo in the banner. Accepts an inline string (used for both width tiers), { "path": "./brand.txt" } (relative paths resolve against the owning settings file's directory; read once at startup with O_NOFOLLOW on POSIX, capped at 64 KB), or { "small": ..., "large": ... } for width-aware selection. Sanitized; capped at 200 lines × 200 columns per tier. undefined
ui.hideFooter boolean Hide the footer from the UI. false
ui.showMemoryUsage boolean Display memory usage information in the UI. false
ui.showLineNumbers boolean Show line numbers in code blocks in the CLI output. true
ui.renderMode string Default Markdown display mode. Use "render" for rich visual previews or "raw" to show source-oriented Markdown by default. Toggle during a session with Alt/Option+M; on macOS the terminal must send Option as Meta. See Markdown Rendering. "render"
ui.showCitations boolean Show citations for generated text in the chat. true
ui.compactMode boolean Hide tool output and thinking for a cleaner view. Toggle with Ctrl+O during a session or via the Settings dialog. Tool approval prompts are never hidden, even in compact mode. The setting persists across sessions. false
ui.shellOutputMaxLines number Max number of shell output lines shown inline. Set to 0 to disable the cap and show full output. Hidden lines are surfaced via the +N lines indicator. Errors, !-prefix user-initiated commands, confirming tools, and focused embedded shells always show full output. 5
enableWelcomeBack boolean Show welcome back dialog when returning to a project with conversation history. When enabled, Qwen Code will automatically detect if you're returning to a project with a previously generated project summary (.qwen/PROJECT_SUMMARY.md) and show a dialog allowing you to continue your previous conversation or start fresh. If you choose Start new chat session, that choice is remembered for the current project until the project summary changes. This feature integrates with the /summary command and quit confirmation dialog. true
ui.accessibility.enableLoadingPhrases boolean Enable loading phrases (disable for accessibility). true
ui.accessibility.screenReader boolean Enables screen reader mode, which adjusts the TUI for better compatibility with screen readers. false
ui.customWittyPhrases array of strings A list of custom phrases to display during loading states. When provided, the CLI will cycle through these phrases instead of the default ones. []
ui.enableFollowupSuggestions boolean Enable followup suggestions that predict what you want to type next after the model responds. Suggestions appear as ghost text and can be accepted with Tab, Enter, or Right Arrow. true
ui.enableCacheSharing boolean Use cache-aware forked queries for suggestion generation. Reduces cost on providers that support prefix caching (experimental). true
ui.enableSpeculation boolean Speculatively execute accepted suggestions before submission. Results appear instantly when you accept (experimental). false
experimental.emitToolUseSummaries boolean Generate short LLM-based labels summarizing each tool-call batch. See Tool-Use Summaries. Requires fastModel to be configured; silently skipped otherwise. Can be overridden per-session with QWEN_CODE_EMIT_TOOL_USE_SUMMARIES=0 or =1. true

ide

Setting Type Description Default
ide.enabled boolean Enable IDE integration mode. false
ide.hasSeenNudge boolean Whether the user has seen the IDE integration nudge. false

privacy

Setting Type Description Default
privacy.usageStatisticsEnabled boolean Enable collection of usage statistics. true

model

Setting Type Description Default
model.name string The Qwen model to use for conversations. undefined
model.maxSessionTurns number Maximum number of user/model/tool turns to keep in a session. -1 means unlimited. -1
model.generationConfig object Advanced overrides passed to the underlying content generator. Supports request controls such as timeout, maxRetries, enableCacheControl, splitToolMedia (set true for strict OpenAI-compatible servers like LM Studio that reject non-text content on role: "tool" messages — splits media into a follow-up user message), contextWindowSize (override model's context window size), modalities (override auto-detected input modalities), customHeaders (custom HTTP headers for API requests), extra_body (additional body parameters for OpenAI-compatible API requests only), and reasoning ({ effort: 'low' | 'medium' | 'high' | 'max', budget_tokens?: number } to control thinking intensity, or false to disable; 'max' is a DeepSeek extension — see Reasoning / thinking configuration for per-provider behavior. Note: when samplingParams is set on an OpenAI-compatible provider, the pipeline ships those keys verbatim and the separate top-level reasoning field is dropped — put reasoning_effort inside samplingParams (or extra_body) instead in that case), along with fine-tuning knobs under samplingParams (for example temperature, top_p, max_tokens). Leave unset to rely on provider defaults. undefined
model.chatCompression.contextPercentageThreshold number Sets the threshold for chat history compression as a percentage of the model's total token limit. This is a value between 0 and 1 that applies to both automatic compression and the manual /compress command. For example, a value of 0.6 will trigger compression when the chat history exceeds 60% of the token limit. Use 0 to disable compression entirely. 0.7
model.skipNextSpeakerCheck boolean Skip the next speaker check. false
model.skipLoopDetection boolean Disables loop detection checks. Loop detection prevents infinite loops in AI responses but can generate false positives that interrupt legitimate workflows. Enable this option if you experience frequent false positive loop detection interruptions. false
model.skipStartupContext boolean Skips sending the startup workspace context (environment summary and acknowledgement) at the beginning of each session. Enable this if you prefer to provide context manually or want to save tokens on startup. false
model.enableOpenAILogging boolean Enables logging of OpenAI API calls for debugging and analysis. When enabled, API requests and responses are logged to JSON files. false
model.openAILoggingDir string Custom directory path for OpenAI API logs. If not specified, defaults to logs/openai in the current working directory. Supports absolute paths, relative paths (resolved from current working directory), and ~ expansion (home directory). undefined

Example model.generationConfig:

{
  "model": {
    "generationConfig": {
      "timeout": 60000,
      "contextWindowSize": 128000,
      "modalities": {
        "image": true
      },
      "enableCacheControl": true,
      "customHeaders": {
        "X-Client-Request-ID": "req-123"
      },
      "extra_body": {
        "enable_thinking": true
      },
      "samplingParams": {
        "temperature": 0.2,
        "top_p": 0.8,
        "max_tokens": 1024
      }
    }
  }
}

max_tokens (adaptive output tokens):

When samplingParams.max_tokens is not set, Qwen Code uses an adaptive output token strategy to optimize GPU resource usage:

  1. Requests start with a default limit of 8K output tokens
  2. If the response is truncated (the model hits the limit), Qwen Code automatically retries with 64K tokens
  3. The partial output is discarded and replaced with the full response from the retry

This is transparent to users — you may briefly see a retry indicator if escalation occurs. Since 99% of responses are under 5K tokens, the retry happens rarely (<1% of requests).

To override this behavior, either set samplingParams.max_tokens in your settings or use the QWEN_CODE_MAX_OUTPUT_TOKENS environment variable.

contextWindowSize:

Overrides the default context window size for the selected model. Qwen Code determines the context window using built-in defaults based on model name matching, with a constant fallback value. Use this setting when a provider's effective context limit differs from Qwen Code's default. This value defines the model's assumed maximum context capacity, not a per-request token limit.

When the selected model is defined in modelProviders, set contextWindowSize in that provider entry's generationConfig instead of the top-level model.generationConfig. Provider model entries are sealed, so top-level generation settings do not fill missing provider fields.

modalities:

Overrides the auto-detected input modalities for the selected model. Qwen Code automatically detects supported modalities (image, PDF, audio, video) based on model name pattern matching. Use this setting when the auto-detection is incorrect — for example, to enable pdf for a model that supports it but isn't recognized. Format: { "image": true, "pdf": true, "audio": true, "video": true }. Omit a key or set it to false for unsupported types.

customHeaders:

Allows you to add custom HTTP headers to all API requests. This is useful for request tracing, monitoring, API gateway routing, or when different models require different headers. For provider models, define customHeaders in modelProviders[].generationConfig.customHeaders. For runtime models without a matching provider entry, define it in model.generationConfig.customHeaders. No merging occurs between the two levels.

The extra_body field allows you to add custom parameters to the request body sent to the API. This is useful for provider-specific options that are not covered by the standard configuration fields. Note: This field is only supported for OpenAI-compatible providers (openai, qwen-oauth). It is ignored for Anthropic and Gemini providers. For provider models, define extra_body in modelProviders[].generationConfig.extra_body. For runtime models without a matching provider entry, define it in model.generationConfig.extra_body.

model.openAILoggingDir examples:

  • "~/qwen-logs" - Logs to ~/qwen-logs directory
  • "./custom-logs" - Logs to ./custom-logs relative to current directory
  • "/tmp/openai-logs" - Logs to absolute path /tmp/openai-logs

fastModel

Setting Type Description Default
fastModel string Model used for generating prompt suggestions and speculative execution. Leave empty to use the main model. A smaller/faster model (e.g., qwen3-coder-flash) reduces latency and cost. Can also be set via /model --fast. ""

context

Setting Type Description Default
context.fileName string or array of strings The name of the context file(s). undefined
context.importFormat string The format to use when importing memory. undefined
context.includeDirectories array Additional directories to include in the workspace context. Specifies an array of additional absolute or relative paths to include in the workspace context. Missing directories will be skipped with a warning by default. Paths can use ~ to refer to the user's home directory. This setting can be combined with the --include-directories command-line flag. []
context.loadFromIncludeDirectories boolean Controls the behavior of the /memory refresh command. If set to true, QWEN.md files should be loaded from all directories that are added. If set to false, QWEN.md should only be loaded from the current directory. false
context.fileFiltering.respectGitIgnore boolean Respect .gitignore files when searching. true
context.fileFiltering.respectQwenIgnore boolean Respect .qwenignore files when searching. true
context.fileFiltering.enableRecursiveFileSearch boolean Whether to enable searching recursively for filenames under the current tree when completing @ prefixes in the prompt. true
context.fileFiltering.enableFuzzySearch boolean When true, enables fuzzy search capabilities when searching for files. Set to false to improve performance on projects with a large number of files. true
context.clearContextOnIdle.toolResultsThresholdMinutes number Minutes of inactivity before clearing old tool result content. Use -1 to disable. 60
context.clearContextOnIdle.toolResultsNumToKeep number Number of most-recent compactable tool results to preserve when clearing. Floor at 1. 5

Troubleshooting File Search Performance

If you are experiencing performance issues with file searching (e.g., with @ completions), especially in projects with a very large number of files, here are a few things you can try in order of recommendation:

  1. Use .qwenignore: Create a .qwenignore file in your project root to exclude directories that contain a large number of files that you don't need to reference (e.g., build artifacts, logs, node_modules). Reducing the total number of files crawled is the most effective way to improve performance.
  2. Disable Fuzzy Search: If ignoring files is not enough, you can disable fuzzy search by setting enableFuzzySearch to false in your settings.json file. This will use a simpler, non-fuzzy matching algorithm, which can be faster.
  3. Disable Recursive File Search: As a last resort, you can disable recursive file search entirely by setting enableRecursiveFileSearch to false. This will be the fastest option as it avoids a recursive crawl of your project. However, it means you will need to type the full path to files when using @ completions.

tools

Setting Type Description Default Notes
tools.sandbox boolean or string Sandbox execution environment (can be a boolean or a path string). undefined
tools.sandboxImage string Sandbox image URI used by Docker/Podman when --sandbox-image and QWEN_SANDBOX_IMAGE are not set. undefined
tools.shell.enableInteractiveShell boolean Use node-pty for an interactive shell experience. Fallback to child_process still applies. false
tools.core array of strings Deprecated. Will be removed in next version. Use permissions.allow + permissions.deny instead. Restricts built-in tools to an allowlist. All tools not in the list are disabled. undefined
tools.exclude array of strings Deprecated. Use permissions.deny instead. Tool names to exclude from discovery. Automatically migrated to the permissions format on first load. undefined
tools.allowed array of strings Deprecated. Use permissions.allow instead. Tool names that bypass the confirmation dialog. Automatically migrated to the permissions format on first load. undefined
tools.approvalMode string Sets the default approval mode for tool usage. default Possible values: plan (analyze only, do not modify files or execute commands), default (require approval before file edits or shell commands run), auto-edit (automatically approve file edits), yolo (automatically approve all tool calls)
tools.discoveryCommand string Command to run for tool discovery. undefined
tools.callCommand string Defines a custom shell command for calling a specific tool that was discovered using tools.discoveryCommand. The shell command must meet the following criteria: It must take function name (exactly as in function declaration) as first command line argument. It must read function arguments as JSON on stdin, analogous to functionCall.args. It must return function output as JSON on stdout, analogous to functionResponse.response.content. undefined
tools.useRipgrep boolean Use ripgrep for file content search instead of the fallback implementation. Provides faster search performance. true
tools.useBuiltinRipgrep boolean Use the bundled ripgrep binary. When set to false, the system-level rg command will be used instead. This setting is only effective when tools.useRipgrep is true. true
tools.truncateToolOutputThreshold number Truncate tool output if it is larger than this many characters. Applies to Shell, Grep, Glob, ReadFile and ReadManyFiles tools. 25000 Requires restart: Yes
tools.truncateToolOutputLines number Maximum lines or entries kept when truncating tool output. Applies to Shell, Grep, Glob, ReadFile and ReadManyFiles tools. 1000 Requires restart: Yes

Note

Migrating from tools.core / tools.exclude / tools.allowed: These legacy settings are deprecated and automatically migrated to the new permissions format on first load. Prefer configuring permissions.allow / permissions.deny directly. Use /permissions to manage rules interactively.

memory

Setting Type Description Default
memory.enableManagedAutoMemory boolean Enable background extraction of memories from conversations. true
memory.enableManagedAutoDream boolean Enable automatic consolidation (deduplication and cleanup) of collected memories. false

See Memory for details on how auto-memory works and how to use the /memory, /remember, and /dream commands.

permissions

The permissions system provides fine-grained control over which tools can run, which require confirmation, and which are blocked.

Decision priority (highest first): deny > ask > allow > (default/interactive mode)

The first matching rule wins. Rules use the format "ToolName" or "ToolName(specifier)".

Setting Type Description Default
permissions.allow array of strings Rules for auto-approved tool calls (no confirmation needed). Merged across all scopes (user + project + system). undefined
permissions.ask array of strings Rules for tool calls that always require user confirmation. Takes priority over allow. undefined
permissions.deny array of strings Rules for blocked tool calls. Highest priority — overrides both allow and ask. undefined

Tool name aliases (any of these work in rules):

Alias Canonical tool Notes
Bash, Shell run_shell_command
Read, ReadFile read_file Meta-category — see below
Edit, EditFile edit Meta-category — see below
Write, WriteFile write_file
Grep, SearchFiles grep_search
Glob, FindFiles glob
ListFiles list_directory
WebFetch web_fetch
Agent task
Skill skill

Meta-categories:

Some rule names automatically cover multiple tools:

Rule name Tools covered
Read read_file, grep_search, glob, list_directory
Edit edit, write_file

Important

Read(/path/**) matches all four read tools (file read, grep, glob, and directory listing). To restrict only file reading, use ReadFile(/path/**) or read_file(/path/**).

Rule syntax examples:

Rule Meaning
"Bash" All shell commands
"Bash(git *)" Shell commands starting with git (word boundary: NOT gitk)
"Bash(git push *)" Shell commands like git push origin main
"Bash(npm run *)" Any npm run script
"Read" All file read operations (read, grep, glob, list)
"Read(./secrets/**)" Read any file under ./secrets/ recursively
"Edit(/src/**/*.ts)" Edit TypeScript files under project root /src/
"WebFetch(api.example.com)" Fetch from api.example.com and all its subdomains
"mcp__puppeteer" All tools from the puppeteer MCP server

Path pattern prefixes:

Prefix Meaning Example
// Absolute path from filesystem root //etc/passwd
~/ Relative to home directory ~/Documents/*.pdf
/ Relative to project root /src/**/*.ts
./ Relative to current working directory ./secrets/**
(none) Same as ./ secrets/**

Shell command bypass prevention:

Permission rules for Read, Edit, and WebFetch are also enforced when the agent runs equivalent shell commands. For example, if Read(./.env) is in deny, the agent cannot bypass it via cat .env in a shell command. Supported shell commands include cat, grep, curl, wget, cp, mv, rm, chmod, and many more. Unknown/safe commands (e.g. git) are unaffected by file/network rules.

Migrating from legacy settings:

Legacy setting Equivalent permissions rule Notes
tools.allowed permissions.allow Auto-migrated on first load
tools.exclude permissions.deny Auto-migrated on first load
tools.core permissions.allow (allowlist) Auto-migrated; unlisted tools are disabled at registry level

Example configuration:

{
  "permissions": {
    "allow": ["Bash(git *)", "Bash(npm run *)", "Read(//Users/alice/code/**)"],
    "ask": ["Bash(git push *)", "Edit"],
    "deny": ["Bash(rm -rf *)", "Read(.env)", "WebFetch(malicious.com)"]
  }
}

Tip

Use /permissions in the interactive CLI to view, add, and remove rules without editing settings.json directly.

slashCommands

Controls which slash commands are available in the CLI. Useful for locking down the command surface in multi-tenant or enterprise deployments.

Setting Type Description Default
slashCommands.disabled array of strings Slash command names to hide and refuse to execute. Matched case-insensitively against the final command name (for extension commands this is the disambiguated form, e.g. myext.deploy). Merged as a union across scopes, so workspace settings can add to but not remove entries defined in user or system settings. undefined

The same denylist can also be provided via the --disabled-slash-commands CLI flag (comma-separated or repeated) and the QWEN_DISABLED_SLASH_COMMANDS environment variable; values from all three sources are unioned together.

Example — lock down built-ins for a sandboxed deployment:

{
  "slashCommands": {
    "disabled": ["auth", "mcp", "extensions", "ide", "quit"]
  }
}

With these values in a system-level settings.json (/etc/qwen-code/settings.json or QWEN_CODE_SYSTEM_SETTINGS_PATH), users cannot shrink the denylist from their own scope, and the disabled commands will not appear in autocomplete or execute when typed.

Note

This setting only gates slash commands (e.g. /auth, /mcp). It does not affect tool permissions — see permissions.deny for that. It also does not intercept keyboard shortcuts such as Ctrl+C or Esc.

mcp

Setting Type Description Default
mcp.serverCommand string Command to start an MCP server. undefined
mcp.allowed array of strings An allowlist of MCP servers to allow. Allows you to specify a list of MCP server names that should be made available to the model. This can be used to restrict the set of MCP servers to connect to. Note that this will be ignored if --allowed-mcp-server-names is set. undefined
mcp.excluded array of strings A denylist of MCP servers to exclude. A server listed in both mcp.excluded and mcp.allowed is excluded. Note that this will be ignored if --allowed-mcp-server-names is set. undefined

Note

Security Note for MCP servers: These settings use simple string matching on MCP server names, which can be modified. If you're a system administrator looking to prevent users from bypassing this, consider configuring the mcpServers at the system settings level such that the user will not be able to configure any MCP servers of their own. This should not be used as an airtight security mechanism.

lsp

Warning

Experimental Feature: LSP support is currently experimental and disabled by default. Enable it using the --experimental-lsp command line flag.

Language Server Protocol (LSP) provides code intelligence features like go-to-definition, find references, and diagnostics.

LSP server configuration is done through .lsp.json files in your project root directory, not through settings.json. See the LSP documentation for configuration details and examples.

security

Setting Type Description Default
security.folderTrust.enabled boolean Setting to track whether Folder trust is enabled. false
security.auth.selectedType string The currently selected authentication type. undefined
security.auth.enforcedType string The required auth type (useful for enterprises). undefined
security.auth.useExternal boolean Whether to use an external authentication flow. undefined

advanced

Setting Type Description Default
advanced.autoConfigureMemory boolean Automatically configure Node.js memory limits. false
advanced.dnsResolutionOrder string The DNS resolution order. undefined
advanced.excludedEnvVars array of strings Environment variables to exclude from project context. Specifies environment variables that should be excluded from being loaded from project .env files. This prevents project-specific environment variables (like DEBUG=true) from interfering with the CLI behavior. Variables from .qwen/.env files are never excluded. ["DEBUG","DEBUG_MODE"]
advanced.bugCommand object Configuration for the bug report command. Overrides the default URL for the /bug command. Properties: urlTemplate (string): A URL that can contain {title} and {info} placeholders. Example: "bugCommand": { "urlTemplate": "https://bug.example.com/new?title={title}&info={info}" } undefined

mcpServers

Configures connections to one or more Model-Context Protocol (MCP) servers for discovering and using custom tools. Qwen Code attempts to connect to each configured MCP server to discover available tools. If multiple MCP servers expose a tool with the same name, the tool names will be prefixed with the server alias you defined in the configuration (e.g., serverAlias__actualToolName) to avoid conflicts. Note that the system might strip certain schema properties from MCP tool definitions for compatibility. At least one of command, url, or httpUrl must be provided. If multiple are specified, the order of precedence is httpUrl, then url, then command.

Property Type Description Optional
mcpServers.<SERVER_NAME>.command string The command to execute to start the MCP server via standard I/O. Yes
mcpServers.<SERVER_NAME>.args array of strings Arguments to pass to the command. Yes
mcpServers.<SERVER_NAME>.env object Environment variables to set for the server process. Yes
mcpServers.<SERVER_NAME>.cwd string The working directory in which to start the server. Yes
mcpServers.<SERVER_NAME>.url string The URL of an MCP server that uses Server-Sent Events (SSE) for communication. Yes
mcpServers.<SERVER_NAME>.httpUrl string The URL of an MCP server that uses streamable HTTP for communication. Yes
mcpServers.<SERVER_NAME>.headers object A map of HTTP headers to send with requests to url or httpUrl. Yes
mcpServers.<SERVER_NAME>.timeout number Timeout in milliseconds for requests to this MCP server. Yes
mcpServers.<SERVER_NAME>.trust boolean Trust this server and bypass all tool call confirmations. Yes
mcpServers.<SERVER_NAME>.description string A brief description of the server, which may be used for display purposes. Yes
mcpServers.<SERVER_NAME>.includeTools array of strings List of tool names to include from this MCP server. When specified, only the tools listed here will be available from this server (allowlist behavior). If not specified, all tools from the server are enabled by default. Yes
mcpServers.<SERVER_NAME>.excludeTools array of strings List of tool names to exclude from this MCP server. Tools listed here will not be available to the model, even if they are exposed by the server. Note: excludeTools takes precedence over includeTools - if a tool is in both lists, it will be excluded. Yes

telemetry

Configures logging and metrics collection for Qwen Code. For more information, see telemetry.

Setting Type Description Default
telemetry.enabled boolean Whether or not telemetry is enabled.
telemetry.target string The destination for collected telemetry. Supported values are local and gcp.
telemetry.otlpEndpoint string The endpoint for the OTLP Exporter.
telemetry.otlpProtocol string The protocol for the OTLP Exporter (grpc or http).
telemetry.logPrompts boolean Whether or not to include the content of user prompts in the logs.
telemetry.includeSensitiveSpanAttributes boolean Whether to include prompt, function_args, and response_text in spans created by the log-to-span bridge. Only controls bridge spans; OTel logs and other telemetry sinks may still receive response_text. false
telemetry.outfile string The file to write telemetry to when target is local.
telemetry.useCollector boolean Whether to use an external OTLP collector.

Example settings.json

Here is an example of a settings.json file with the nested structure, new as of v0.3.0:

{
  "proxy": "http://localhost:7890",
  "general": {
    "vimMode": true,
    "preferredEditor": "code"
  },
  "ui": {
    "theme": "GitHub",
    "hideTips": false,
    "customWittyPhrases": [
      "You forget a thousand things every day. Make sure this is one of 'em",
      "Connecting to AGI"
    ]
  },
  "tools": {
    "approvalMode": "yolo",
    "sandbox": "docker",
    "sandboxImage": "ghcr.io/qwenlm/qwen-code:0.14.1",
    "discoveryCommand": "bin/get_tools",
    "callCommand": "bin/call_tool",
    "exclude": ["write_file"]
  },
  "mcpServers": {
    "mainServer": {
      "command": "bin/mcp_server.py"
    },
    "anotherServer": {
      "command": "node",
      "args": ["mcp_server.js", "--verbose"]
    }
  },
  "telemetry": {
    "enabled": true,
    "target": "local",
    "otlpEndpoint": "http://localhost:4317",
    "logPrompts": true,
    "includeSensitiveSpanAttributes": false
  },
  "privacy": {
    "usageStatisticsEnabled": true
  },
  "model": {
    "name": "qwen3-coder-plus",
    "maxSessionTurns": 10,
    "enableOpenAILogging": false,
    "openAILoggingDir": "~/qwen-logs",
  },
  "context": {
    "fileName": ["CONTEXT.md", "QWEN.md"],
    "includeDirectories": ["path/to/dir1", "~/path/to/dir2", "../path/to/dir3"],
    "loadFromIncludeDirectories": true,
    "fileFiltering": {
      "respectGitIgnore": false
    }
  },
  "advanced": {
    "excludedEnvVars": ["DEBUG", "DEBUG_MODE", "NODE_ENV"]
  }
}

Shell History

The CLI keeps a history of shell commands you run. To avoid conflicts between different projects, this history is stored in a project-specific directory within your user's home folder.

  • Location: ~/.qwen/tmp/<project_hash>/shell_history
    • <project_hash> is a unique identifier generated from your project's root path.
    • The history is stored in a file named shell_history.

Environment Variables & .env Files

Environment variables are a common way to configure applications, especially for sensitive information (like tokens) or for settings that might change between environments.

Qwen Code can automatically load environment variables from .env files. For authentication-related variables (like OPENAI_*) and the recommended .qwen/.env approach, see Authentication.

Tip

Environment Variable Exclusion: Some environment variables (like DEBUG and DEBUG_MODE) are automatically excluded from project .env files by default to prevent interference with the CLI behavior. Variables from .qwen/.env files are never excluded. You can customize this behavior using the advanced.excludedEnvVarssetting in your settings.json file.

Environment Variables Table

Variable Description Notes
QWEN_HOME Customizes the global configuration directory (default: ~/.qwen). Accepts an absolute or relative path (relative paths are resolved from the current working directory). Leading ~ is expanded to the user's home directory. Stores credentials, settings, memory, skills, and other global state. When set, project-level .qwen/ directories are unaffected. An empty string is treated as unset.
QWEN_RUNTIME_DIR Overrides the runtime output directory (conversations, logs, todos). When unset, defaults to the QWEN_HOME directory. Use this to separate ephemeral runtime data from persistent config. Useful when QWEN_HOME is on a shared/slow filesystem.
QWEN_TELEMETRY_ENABLED Set to true or 1 to enable telemetry. Any other value is treated as disabling it. Overrides the telemetry.enabled setting.
QWEN_TELEMETRY_TARGET Sets the telemetry target (local or gcp). Overrides the telemetry.target setting.
QWEN_TELEMETRY_OTLP_ENDPOINT Sets the OTLP endpoint for telemetry. Overrides the telemetry.otlpEndpoint setting.
QWEN_TELEMETRY_OTLP_PROTOCOL Sets the OTLP protocol (grpc or http). Overrides the telemetry.otlpProtocol setting.
QWEN_TELEMETRY_LOG_PROMPTS Set to true or 1 to enable or disable logging of user prompts. Any other value is treated as disabling it. Overrides the telemetry.logPrompts setting.
QWEN_TELEMETRY_INCLUDE_SENSITIVE_SPAN_ATTRIBUTES Set to true or 1 to include prompt, function_args, and response_text in spans created by the log-to-span bridge. Any other value disables it. Overrides the telemetry.includeSensitiveSpanAttributes setting. Only controls bridge spans; OTel logs and other telemetry sinks may still receive response_text.
QWEN_TELEMETRY_OUTFILE Sets the file path to write telemetry to when the target is local. Overrides the telemetry.outfile setting.
QWEN_TELEMETRY_USE_COLLECTOR Set to true or 1 to enable or disable using an external OTLP collector. Any other value is treated as disabling it. Overrides the telemetry.useCollector setting.
QWEN_SANDBOX Alternative to the sandbox setting in settings.json. Accepts true, false, docker, podman, or a custom command string.
QWEN_SANDBOX_IMAGE Overrides sandbox image selection for Docker/Podman. Takes precedence over tools.sandboxImage.
SEATBELT_PROFILE (macOS specific) Switches the Seatbelt (sandbox-exec) profile on macOS. permissive-open: (Default) Restricts writes to the project folder (and a few other folders, see packages/cli/src/utils/sandbox-macos-permissive-open.sb) but allows other operations. strict: Uses a strict profile that declines operations by default. <profile_name>: Uses a custom profile. To define a custom profile, create a file named sandbox-macos-<profile_name>.sb in your project's .qwen/ directory (e.g., my-project/.qwen/sandbox-macos-custom.sb).
DEBUG or DEBUG_MODE (often used by underlying libraries or the CLI itself) Set to true or 1 to enable verbose debug logging, which can be helpful for troubleshooting. Note: These variables are automatically excluded from project .env files by default to prevent interference with the CLI behavior. Use .qwen/.env files if you need to set these for Qwen Code specifically.
NO_COLOR Set to any value to disable all color output in the CLI.
CLI_TITLE Set to a string to customize the title of the CLI.
CODE_ASSIST_ENDPOINT Specifies the endpoint for the code assist server. This is useful for development and testing.
QWEN_CODE_MAX_OUTPUT_TOKENS Overrides the default maximum output tokens per response. When not set, Qwen Code uses an adaptive strategy: starts with 8K tokens and automatically retries with 64K if the response is truncated. Set this to a specific value (e.g., 16000) to use a fixed limit instead. Takes precedence over the capped default (8K) but is overridden by samplingParams.max_tokens in settings. Disables automatic escalation when set. Example: export QWEN_CODE_MAX_OUTPUT_TOKENS=16000
QWEN_CODE_UNATTENDED_RETRY Set to true or 1 to enable persistent retry mode. When enabled, transient API capacity errors (HTTP 429 Rate Limit and 529 Overloaded) are retried indefinitely with exponential backoff (capped at 5 minutes per retry) and heartbeat keepalives every 30 seconds on stderr. Designed for CI/CD pipelines and background automation where long-running tasks should survive temporary API outages. Must be set explicitly — CI=true alone does not activate this mode. See Headless Mode for details. Example: export QWEN_CODE_UNATTENDED_RETRY=1
QWEN_CODE_PROFILE_STARTUP Set to 1 to enable startup performance profiling. Writes a JSON timing report to ~/.qwen/startup-perf/ with per-phase durations. Only active inside the sandbox child process. Zero overhead when not set. Example: export QWEN_CODE_PROFILE_STARTUP=1

When both user-level .env files define the same variable, the Qwen-specific file wins: <QWEN_HOME>/.env (or ~/.qwen/.env when QWEN_HOME is unset) is loaded before ~/.env, and existing environment values are not overwritten.

Command-Line Arguments

Arguments passed directly when running the CLI can override other configurations for that specific session.

For sandbox image selection, precedence is: --sandbox-image > QWEN_SANDBOX_IMAGE > tools.sandboxImage > built-in default image.

Command-Line Arguments Table

Argument Alias Description Possible Values Notes
--model -m Specifies the Qwen model to use for this session. Model name Example: npm start -- --model qwen3-coder-plus
--prompt -p Used to pass a prompt directly to the command. This invokes Qwen Code in a non-interactive mode. Your prompt text For scripting examples, use the --output-format json flag to get structured output.
--prompt-interactive -i Starts an interactive session with the provided prompt as the initial input. Your prompt text The prompt is processed within the interactive session, not before it. Cannot be used when piping input from stdin. Example: qwen -i "explain this code"
--system-prompt Overrides the built-in main session system prompt for this run. Your prompt text Loaded context files such as QWEN.md are still appended after this override. Can be combined with --append-system-prompt.
--append-system-prompt Appends extra instructions to the main session system prompt for this run. Your prompt text Applied after the built-in prompt and loaded context files. Can be combined with --system-prompt. See Headless Mode for examples.
--output-format -o Specifies the format of the CLI output for non-interactive mode. text, json, stream-json text: (Default) The standard human-readable output. json: A machine-readable JSON output emitted at the end of execution. stream-json: Streaming JSON messages emitted as they occur during execution. For structured output and scripting, use the --output-format json or --output-format stream-json flag. See Headless Mode for detailed information.
--input-format Specifies the format consumed from standard input. text, stream-json text: (Default) Standard text input from stdin or command-line arguments. stream-json: JSON message protocol via stdin for bidirectional communication. Requirement: --input-format stream-json requires --output-format stream-json to be set. When using stream-json, stdin is reserved for protocol messages. See Headless Mode for detailed information.
--include-partial-messages Include partial assistant messages when using stream-json output format. When enabled, emits stream events (message_start, content_block_delta, etc.) as they occur during streaming. Default: false. Requirement: Requires --output-format stream-json to be set. See Headless Mode for detailed information about stream events.
--sandbox -s Enables sandbox mode for this session.
--sandbox-image Sets the sandbox image URI.
--debug -d Enables debug mode for this session, providing more verbose output.
--all-files -a If set, recursively includes all files within the current directory as context for the prompt.
--help -h Displays help information about command-line arguments.
--show-memory-usage Displays the current memory usage.
--yolo Enables YOLO mode, which automatically approves all tool calls.
--approval-mode Sets the approval mode for tool calls. plan, default, auto-edit, yolo Supported modes: plan: Analyze only—do not modify files or execute commands. default: Require approval for file edits or shell commands (default behavior). auto-edit: Automatically approve edit tools (edit, write_file) while prompting for others. yolo: Automatically approve all tool calls (equivalent to --yolo). Cannot be used together with --yolo. Use --approval-mode=yolo instead of --yolo for the new unified approach. Example: qwen --approval-mode auto-edit
See more about Approval Mode.
--allowed-tools A comma-separated list of tool names that will bypass the confirmation dialog. Tool names Example: qwen --allowed-tools "Shell(git status)"
--disabled-slash-commands Slash command names to hide/disable (comma-separated or repeated). Unioned with the slashCommands.disabled setting and the QWEN_DISABLED_SLASH_COMMANDS environment variable. Matched case-insensitively against the final command name. Command names Example: qwen --disabled-slash-commands "auth,mcp,extensions"
--telemetry Enables telemetry.
--telemetry-target Sets the telemetry target. See telemetry for more information.
--telemetry-otlp-endpoint Sets the OTLP endpoint for telemetry. See telemetry for more information.
--telemetry-otlp-protocol Sets the OTLP protocol for telemetry (grpc or http). Defaults to grpc. See telemetry for more information.
--telemetry-log-prompts Enables logging of prompts for telemetry. See telemetry for more information.
--checkpointing Enables checkpointing.
--acp Enables ACP mode (Agent Client Protocol). Useful for IDE/editor integrations like Zed. Stable. Replaces the deprecated --experimental-acp flag.
--experimental-lsp Enables experimental LSP (Language Server Protocol) feature for code intelligence (go-to-definition, find references, diagnostics, etc.). Experimental. Requires language servers to be installed.
--extensions -e Specifies a list of extensions to use for the session. Extension names If not provided, all available extensions are used. Use the special term qwen -e none to disable all extensions. Example: qwen -e my-extension -e my-other-extension
--list-extensions -l Lists all available extensions and exits.
--proxy Sets the proxy for the CLI. Proxy URL Example: --proxy http://localhost:7890.
--include-directories Includes additional directories in the workspace for multi-directory support. Directory paths Can be specified multiple times or as comma-separated values. 5 directories can be added at maximum. Example: --include-directories /path/to/project1,/path/to/project2 or --include-directories /path/to/project1 --include-directories /path/to/project2
--screen-reader Enables screen reader mode, which adjusts the TUI for better compatibility with screen readers.
--version Displays the version of the CLI.
--openai-logging Enables logging of OpenAI API calls for debugging and analysis. This flag overrides the enableOpenAILogging setting in settings.json.
--openai-logging-dir Sets a custom directory path for OpenAI API logs. Directory path This flag overrides the openAILoggingDir setting in settings.json. Supports absolute paths, relative paths, and ~ expansion. Example: qwen --openai-logging-dir "~/qwen-logs" --openai-logging

Context Files (Hierarchical Instructional Context)

While not strictly configuration for the CLI's behavior, context files (defaulting to QWEN.md but configurable via the context.fileName setting) are crucial for configuring the instructional context (also referred to as "memory"). This powerful feature allows you to give project-specific instructions, coding style guides, or any relevant background information to the AI, making its responses more tailored and accurate to your needs. The CLI includes UI elements, such as an indicator in the footer showing the number of loaded context files, to keep you informed about the active context.

  • Purpose: These Markdown files contain instructions, guidelines, or context that you want the Qwen model to be aware of during your interactions. The system is designed to manage this instructional context hierarchically.

Example Context File Content (e.g. QWEN.md)

Here's a conceptual example of what a context file at the root of a TypeScript project might contain:

# Project: My Awesome TypeScript Library

## General Instructions:
- When generating new TypeScript code, please follow the existing coding style.
- Ensure all new functions and classes have JSDoc comments.
- Prefer functional programming paradigms where appropriate.
- All code should be compatible with TypeScript 5.0 and Node.js 20+.

## Coding Style:
- Use 2 spaces for indentation.
- Interface names should be prefixed with `I` (e.g., `IUserService`).
- Private class members should be prefixed with an underscore (`_`).
- Always use strict equality (`===` and `!==`).

## Specific Component: `src/api/client.ts`
- This file handles all outbound API requests.
- When adding new API call functions, ensure they include robust error handling and logging.
- Use the existing `fetchWithRetry` utility for all GET requests.

## Regarding Dependencies:
- Avoid introducing new external dependencies unless absolutely necessary.
- If a new dependency is required, please state the reason.

This example demonstrates how you can provide general project context, specific coding conventions, and even notes about particular files or components. The more relevant and precise your context files are, the better the AI can assist you. Project-specific context files are highly encouraged to establish conventions and context.

  • Hierarchical Loading and Precedence: The CLI implements a hierarchical memory system by loading context files (e.g., QWEN.md) from several locations. Content from files lower in this list (more specific) typically overrides or supplements content from files higher up (more general). The exact concatenation order and final context can be inspected using the /memory show command. The typical loading order is:
    1. Global Context File:
      • Location: ~/.qwen/<configured-context-filename> (e.g., ~/.qwen/QWEN.md in your user home directory).
      • Scope: Provides default instructions for all your projects.
    2. Project Root & Ancestors Context Files:
      • Location: The CLI searches for the configured context file in the current working directory and then in each parent directory up to either the project root (identified by a .git folder) or your home directory.
      • Scope: Provides context relevant to the entire project or a significant portion of it.
  • Concatenation & UI Indication: The contents of all found context files are concatenated (with separators indicating their origin and path) and provided as part of the system prompt. The CLI footer displays the count of loaded context files, giving you a quick visual cue about the active instructional context.
  • Importing Content: You can modularize your context files by importing other Markdown files using the @path/to/file.md syntax. For more details, see the Memory Import Processor documentation.
  • Commands for Memory Management:
    • Use /memory refresh to force a re-scan and reload of all context files from all configured locations. This updates the AI's instructional context.
    • Use /memory show to display the combined instructional context currently loaded, allowing you to verify the hierarchy and content being used by the AI.
    • See the Commands documentation for full details on the /memory command and its sub-commands (show and refresh).

By understanding and utilizing these configuration layers and the hierarchical nature of context files, you can effectively manage the AI's memory and tailor Qwen Code's responses to your specific needs and projects.

Sandbox

Qwen Code can execute potentially unsafe operations (like shell commands and file modifications) within a sandboxed environment to protect your system.

Sandbox is disabled by default, but you can enable it in a few ways:

  • Using --sandbox or -s flag.
  • Setting QWEN_SANDBOX environment variable.
  • Sandbox is enabled when using --yolo or --approval-mode=yolo by default.

By default, it uses a pre-built qwen-code-sandbox Docker image.

For project-specific sandboxing needs, you can create a custom Dockerfile at .qwen/sandbox.Dockerfile in your project's root directory. This Dockerfile can be based on the base sandbox image:

FROM qwen-code-sandbox
# Add your custom dependencies or configurations here
# For example:
# RUN apt-get update && apt-get install -y some-package
# COPY ./my-config /app/my-config

When .qwen/sandbox.Dockerfile exists, you can use BUILD_SANDBOX environment variable when running Qwen Code to automatically build the custom sandbox image:

BUILD_SANDBOX=1 qwen -s

Usage Statistics

To help us improve Qwen Code, we collect anonymized usage statistics. This data helps us understand how the CLI is used, identify common issues, and prioritize new features.

What we collect:

  • Tool Calls: We log the names of the tools that are called, whether they succeed or fail, and how long they take to execute. We do not collect the arguments passed to the tools or any data returned by them.
  • API Requests: We log the model used for each request, the duration of the request, and whether it was successful. We do not collect the content of the prompts or responses.
  • Session Information: We collect information about the configuration of the CLI, such as the enabled tools and the approval mode.

What we DON'T collect:

  • Personally Identifiable Information (PII): We do not collect any personal information, such as your name, email address, or API keys.
  • Prompt and Response Content: We do not log the content of your prompts or the responses from the model.
  • File Content: We do not log the content of any files that are read or written by the CLI.

How to opt out:

You can opt out of usage statistics collection at any time by setting the usageStatisticsEnabled property to false under the privacy category in your settings.json file:

{
  "privacy": {
    "usageStatisticsEnabled": false
  }
}

Note

When usage statistics are enabled, events are sent to an Alibaba Cloud RUM collection endpoint.