npm - @diologue/local-agent - Versions diffs - 0.2.0 → 0.5.0 - Mend

@diologue/local-agent 0.2.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli.mjs CHANGED Viewed

@@ -167,7 +167,7 @@ import { access as access3, constants as constants2 } from "node:fs/promises";
 import { spawn as spawn2 } from "node:child_process";
 import path4 from "node:path";
 import { fileURLToPath as fileURLToPath2 } from "node:url";
-var __filename2, __dirname2, REPO_ROOT2, DEFAULT_ENGINE_DIR, ENTRY_REL, DEFAULT_STARTUP_TIMEOUT_MS, LISTENING_REGEX, defaultRuntimeCheck, exists3, defaultClientFactory, LocalEngineLocator, truncate;
+var __filename2, __dirname2, REPO_ROOT2, DEFAULT_ENGINE_DIR, ENTRY_REL, DEFAULT_STARTUP_TIMEOUT_MS, LISTENING_REGEX, defaultRuntimeCheck, exists3, isRecord, parseExistingInlineConfig, mergeInlineConfig, buildEngineEnv, defaultClientFactory, LocalEngineLocator, truncate;
 var init_engine_locator_local = __esm({
   "src/adapters/engine-locator-local.ts"() {
     "use strict";
@@ -192,6 +192,37 @@ var init_engine_locator_local = __esm({
         return false;
       }
     };
+    isRecord = (value) => Boolean(value) && typeof value === "object" && !Array.isArray(value);
+    parseExistingInlineConfig = (existing) => {
+      if (!existing) return {};
+      try {
+        const parsed = JSON.parse(existing);
+        return isRecord(parsed) ? parsed : {};
+      } catch {
+        return {};
+      }
+    };
+    mergeInlineConfig = (existing, injected) => {
+      if (!injected) return existing;
+      const base = parseExistingInlineConfig(existing);
+      const baseProvider = isRecord(base.provider) ? base.provider : {};
+      return JSON.stringify({
+        ...base,
+        ...injected,
+        provider: {
+          ...baseProvider,
+          ...injected.provider ?? {}
+        }
+      });
+    };
+    buildEngineEnv = (config) => {
+      const env = { ...process.env };
+      const content = mergeInlineConfig(env.OPENCODE_CONFIG_CONTENT, config);
+      if (content) {
+        env.OPENCODE_CONFIG_CONTENT = content;
+      }
+      return env;
+    };
     defaultClientFactory = async (baseUrl) => {
       const sdk = await import("@opencode-ai/sdk");
       return sdk.createOpencodeClient({ baseUrl });
@@ -281,13 +312,12 @@ var init_engine_locator_local = __esm({
         const child = spawn2(command, args, {
           cwd,
           stdio: ["ignore", "pipe", "pipe"],
-          // Inherit env so the engine sees any LOCAL_AGENT_* / Provider
-          // credentials the parent has, plus inject the shim config via
-          // OPENCODE_CONFIG-style env once V2.5 wires that. (For now the
-          // config flows through createOpencodeServer in the npm path
-          // and is wired post-spawn here — TODO once we cut the npm
-          // SDK entirely, we'll pipe the config in via stdin or args.)
-          env: process.env
+          // Inherit env so the engine sees any LOCAL_AGENT_* / provider
+          // credentials the parent has, then inject the brokered provider as
+          // inline opencode config. Without this, the default local engine path
+          // does not know the diologue/diologue-routed model, so the prompt
+          // fails before edit tools can create files in the selected repo.
+          env: buildEngineEnv(options.config)
         });
         let url;
         try {
@@ -504,6 +534,9 @@ var createCorsMiddleware = (options) => {
         `Content-Type, ${LOCAL_AGENT_TOKEN_HEADER}`
       );
       res.setHeader("Access-Control-Max-Age", "300");
+      if (req.header("access-control-request-private-network") === "true") {
+        res.setHeader("Access-Control-Allow-Private-Network", "true");
+      }
     }
     if (req.method === "OPTIONS") {
       res.status(204).end();
@@ -641,8 +674,56 @@ var getStatusShort = async (cwd) => {
   const out = await runGit(cwd, ["status", "--short", "-uall"]);
   return parseShortStatus(out);
 };
+var runGitAllowingExit = (cwd, args, allowedExitCodes) => new Promise((resolve, reject) => {
+  execFile(
+    "git",
+    args,
+    {
+      cwd,
+      maxBuffer: 16 * 1024 * 1024,
+      env: { ...process.env, GIT_PAGER: "cat", PAGER: "cat" }
+    },
+    (err, stdout, stderr) => {
+      if (!err) {
+        resolve(stdout);
+        return;
+      }
+      const e = err;
+      const exitCode = e.code ?? -1;
+      if (allowedExitCodes.has(exitCode)) {
+        resolve(stdout);
+        return;
+      }
+      reject(new GitCommandError(args, exitCode, stderr));
+    }
+  );
+});
+var getUntrackedFiles = async (cwd) => {
+  const out = await runGit(cwd, [
+    "ls-files",
+    "--others",
+    "--exclude-standard",
+    "-z"
+  ]);
+  return out.split("\0").filter(Boolean);
+};
+var getUntrackedFileDiff = async (cwd, file) => {
+  const diff = await runGitAllowingExit(
+    cwd,
+    ["diff", "--no-index", "--", "/dev/null", file],
+    /* @__PURE__ */ new Set([1])
+  );
+  return diff.replace(/^diff --git a\/dev\/null b\/(.+)$/m, "diff --git a/$1 b/$1").replace(/^--- \/dev\/null$/m, "--- /dev/null");
+};
 var getDiff = async (cwd) => {
-  return runGit(cwd, ["diff", "HEAD"]);
+  const [trackedDiff, untrackedFiles] = await Promise.all([
+    runGit(cwd, ["diff", "HEAD"]),
+    getUntrackedFiles(cwd)
+  ]);
+  const untrackedDiffs = await Promise.all(
+    untrackedFiles.map((file) => getUntrackedFileDiff(cwd, file))
+  );
+  return [trackedDiff, ...untrackedDiffs].filter((part) => part.trim().length > 0).join("\n");
 };
 var runGitWithStdin = async (cwd, args, input) => {
   const { execFile: execFile2 } = await import("node:child_process");
@@ -682,6 +763,20 @@ var canApplyDiff = async (cwd, unified) => {
 var applyDiff = async (cwd, unified) => {
   await runGitWithStdin(cwd, ["apply"], unified);
 };
+var canRevertDiff = async (cwd, unified) => {
+  try {
+    await runGitWithStdin(cwd, ["apply", "--reverse", "--check"], unified);
+    return { ok: true };
+  } catch (err) {
+    if (err instanceof GitCommandError) {
+      return { ok: false, stderr: err.stderr };
+    }
+    throw err;
+  }
+};
+var revertDiff = async (cwd, unified) => {
+  await runGitWithStdin(cwd, ["apply", "--reverse"], unified);
+};
 var parseDiffPaths = (unified) => {
   const paths = [];
   for (const line of unified.split("\n")) {
@@ -761,6 +856,9 @@ var applyPatchSchema = z.object({
   unified: z.string().min(1).max(8 * 1024 * 1024),
   baselineHash: z.string().optional()
 });
+var revertPatchSchema = z.object({
+  unified: z.string().min(1).max(8 * 1024 * 1024)
+});
 var buildRepoStatus = async (resolvedPath) => {
   const [branch, head, dirty] = await Promise.all([
     getBranch(resolvedPath),
@@ -910,6 +1008,40 @@ var createRepoRouter = (state) => {
       throw err;
     }
   });
+  router.post("/revert", async (req, res) => {
+    const repo = requireSelectedRepo(state, res);
+    if (!repo) return;
+    const parsed = revertPatchSchema.safeParse(req.body);
+    if (!parsed.success) {
+      res.status(400).json({ error: "invalid_body", issues: parsed.error.issues });
+      return;
+    }
+    try {
+      const check = await canRevertDiff(repo.path, parsed.data.unified);
+      if (!check.ok) {
+        res.status(409).json({
+          error: "diff_does_not_revert",
+          message: "These changes can't be reverted cleanly. The working tree may have changed since the agent wrote them, or they were already reverted.",
+          stderr: check.stderr
+        });
+        return;
+      }
+      await revertDiff(repo.path, parsed.data.unified);
+      const paths = parseDiffPaths(parsed.data.unified);
+      const body = {
+        ok: true,
+        filesChanged: paths.length,
+        paths
+      };
+      res.json(body);
+    } catch (err) {
+      if (err instanceof GitCommandError) {
+        sendGitError(res, err);
+        return;
+      }
+      throw err;
+    }
+  });
   return router;
 };
@@ -919,6 +1051,9 @@ import { z as z2 } from "zod";
 // src/broker.ts
 import { randomUUID } from "node:crypto";
+var logBroker = (message) => {
+  console.error(`[llm-broker] ${message}`);
+};
 var LlmBroker = class {
   pending = /* @__PURE__ */ new Map();
   emit;
@@ -948,13 +1083,18 @@ var LlmBroker = class {
     return new Promise((resolve, reject) => {
       const timer = setTimeout(() => {
         this.pending.delete(requestId);
+        logBroker(
+          `timeout request=${requestId.slice(0, 8)} pending=${this.pending.size} after=${this.timeoutMs}ms`
+        );
         reject(
           new Error(
             `llm_broker_timeout: no response within ${this.timeoutMs}ms`
           )
         );
       }, this.timeoutMs);
-      timer.unref?.();
+      if (this.timeoutMs >= 1e3) {
+        timer.unref?.();
+      }
       this.pending.set(requestId, { resolve, reject, timer, observer });
       const effectiveProvider = this.overrideProvider ?? payload.provider;
       const effectiveModel = this.overrideModel ?? payload.model;
@@ -971,6 +1111,9 @@ var LlmBroker = class {
         }
       };
       try {
+        logBroker(
+          `emit request=${requestId.slice(0, 8)} provider=${effectiveProvider ?? "(default)"} model=${effectiveModel ?? "(default)"} messages=${payload.messages.length} tools=${payload.tools?.length ?? 0}`
+        );
         this.emit(envelope);
       } catch (err) {
         clearTimeout(timer);
@@ -995,7 +1138,14 @@ var LlmBroker = class {
    *  route (e.g. for providers that don't support streaming). */
   fulfill(requestId, response) {
     const entry = this.pending.get(requestId);
-    if (!entry) return false;
+    if (!entry) {
+      logBroker(`fulfill_miss request=${requestId.slice(0, 8)}`);
+      return false;
+    }
+    const toolNames = (response.toolCalls ?? []).map((tc) => tc.function?.name ?? "?").join(",");
+    logBroker(
+      `fulfill request=${requestId.slice(0, 8)} text=${response.text.length} toolCalls=${response.toolCalls?.length ?? 0}${toolNames ? ` tools=[${toolNames}]` : ""} finish=${response.finishReason ?? "(none)"}`
+    );
     clearTimeout(entry.timer);
     this.pending.delete(requestId);
     if (entry.observer) {
@@ -1024,7 +1174,15 @@ var LlmBroker = class {
    *  invoked; a `complete` chunk also resolves the pending Promise. */
   pushChunk(requestId, chunk) {
     const entry = this.pending.get(requestId);
-    if (!entry) return false;
+    if (!entry) {
+      logBroker(
+        `chunk_miss request=${requestId.slice(0, 8)} type=${chunk.type}`
+      );
+      return false;
+    }
+    logBroker(
+      `chunk request=${requestId.slice(0, 8)} type=${chunk.type}${chunk.type === "text_delta" ? ` chars=${chunk.text.length}` : ""}${chunk.type === "tool_call_delta" ? ` index=${chunk.index} name=${chunk.name ?? "(delta)"} argsDelta=${chunk.argumentsDelta?.length ?? 0}` : ""}`
+    );
     if (entry.observer) {
       try {
         entry.observer(chunk);
@@ -1046,7 +1204,11 @@ var LlmBroker = class {
    *  failure rather than a completion. */
   fail(requestId, message) {
     const entry = this.pending.get(requestId);
-    if (!entry) return false;
+    if (!entry) {
+      logBroker(`fail_miss request=${requestId.slice(0, 8)}`);
+      return false;
+    }
+    logBroker(`fail request=${requestId.slice(0, 8)} message=${message}`);
     clearTimeout(entry.timer);
     this.pending.delete(requestId);
     entry.reject(new Error(message));
@@ -1055,6 +1217,9 @@ var LlmBroker = class {
   /** Reject all in-flight requests. Called when the parent SSE stream
    *  closes so a stranded request doesn't sit forever. */
   close(reason = "broker_closed") {
+    if (this.pending.size > 0) {
+      logBroker(`close reason=${reason} pending=${this.pending.size}`);
+    }
     this.closed = true;
     for (const [, entry] of this.pending.entries()) {
       clearTimeout(entry.timer);
@@ -1101,7 +1266,10 @@ var agentMessageBodySchema = z2.object({
   /** Optional user-chosen routing for this turn. When absent the cloud
    *  picks the default (CODING_AGENT_DEFAULT_PROVIDER/MODEL). */
   preferredProvider: z2.string().min(1).max(100).optional(),
-  preferredModel: z2.string().min(1).max(200).optional()
+  preferredModel: z2.string().min(1).max(200).optional(),
+  /** Tool-gating policy. Absent → "auto" (run everything) so older clients
+   *  keep their current behaviour. */
+  permissionMode: z2.enum(["auto", "confirm"]).optional()
 });
 var writeEvent = (res, event) => {
   res.write(`data: ${JSON.stringify(event)}
@@ -1111,6 +1279,9 @@ var writeEvent = (res, event) => {
 var writeDone = (res) => {
   res.write("data: [DONE]\n\n");
 };
+var logAgentRoute = (message) => {
+  console.error(`[agent-route] ${message}`);
+};
 var createAgentRouter = (deps) => {
   const router = createRouter2();
   router.post("/message", async (req, res) => {
@@ -1124,6 +1295,9 @@ var createAgentRouter = (deps) => {
       res.status(409).json({ error: "no_repo_selected" });
       return;
     }
+    logAgentRoute(
+      `message start session=${parsed.data.sessionId.slice(0, 8)} repo=${repo.path} promptChars=${parsed.data.prompt.length} provider=${parsed.data.preferredProvider ?? "(default)"} model=${parsed.data.preferredModel ?? "(default)"}`
+    );
     res.setHeader("Content-Type", "text/event-stream");
     res.setHeader("Cache-Control", "no-cache, no-transform");
     res.setHeader("Connection", "keep-alive");
@@ -1149,21 +1323,34 @@ var createAgentRouter = (deps) => {
         prompt: parsed.data.prompt,
         history,
         signal: controller.signal,
-        broker: (payload) => broker.request(payload),
+        broker: (payload, observer) => broker.request(payload, observer),
         preferredProvider: parsed.data.preferredProvider,
-        preferredModel: parsed.data.preferredModel
+        preferredModel: parsed.data.preferredModel,
+        permissionMode: parsed.data.permissionMode
       })) {
         if (controller.signal.aborted) {
+          logAgentRoute(
+            `message aborted session=${parsed.data.sessionId.slice(0, 8)}`
+          );
           break;
         }
+        logAgentRoute(
+          `stream event session=${parsed.data.sessionId.slice(0, 8)} type=${event.type}`
+        );
         writeEvent(res, event);
       }
+      logAgentRoute(
+        `message done session=${parsed.data.sessionId.slice(0, 8)}`
+      );
       writeDone(res);
     } catch (err) {
       if (err && typeof err === "object" && "name" in err && err.name === "AbortError") {
         writeDone(res);
       } else {
         const message = err instanceof Error ? err.message : "Adapter stream failed";
+        logAgentRoute(
+          `message error session=${parsed.data.sessionId.slice(0, 8)} error=${message}`
+        );
         writeEvent(res, { type: "error", message });
         writeDone(res);
       }
@@ -1180,7 +1367,10 @@ var llmResponseBodySchema = z2.object({
   text: z2.string(),
   provider: z2.string().min(1),
   model: z2.string().min(1),
-  tokenUsage: z2.object({ input: z2.number().nonnegative(), output: z2.number().nonnegative() }).optional(),
+  tokenUsage: z2.object({
+    input: z2.number().nonnegative(),
+    output: z2.number().nonnegative()
+  }).optional(),
   error: z2.string().optional(),
   toolCalls: z2.array(
     z2.object({
@@ -1307,6 +1497,36 @@ var createLlmChunkRouter = (deps) => {
   });
   return router;
 };
+var permissionDecisionBodySchema = z2.object({
+  sessionId: z2.string().min(1),
+  permissionId: z2.string().min(1),
+  response: z2.enum(["once", "always", "reject"])
+});
+var createPermissionRouter = (deps) => {
+  const router = createRouter2();
+  router.post("/", async (req, res) => {
+    const parsed = permissionDecisionBodySchema.safeParse(req.body);
+    if (!parsed.success) {
+      res.status(400).json({ error: "invalid_body", issues: parsed.error.issues });
+      return;
+    }
+    if (!deps.adapter.replyPermission) {
+      res.status(501).json({ error: "permissions_unsupported" });
+      return;
+    }
+    const matched = await deps.adapter.replyPermission(
+      parsed.data.sessionId,
+      parsed.data.permissionId,
+      parsed.data.response
+    );
+    if (!matched) {
+      res.status(404).json({ error: "no_active_permission" });
+      return;
+    }
+    res.json({ ok: true });
+  });
+  return router;
+};
 // src/routes/llm-shim.ts
 import { Router as createRouter3 } from "express";
@@ -2173,13 +2393,30 @@ var MockOpenCodeAdapter = class {
 };
 // src/adapters/opencode-event-mapper.ts
+var MAX_TOOL_OUTPUT_CHARS = 4e3;
+var truncateOutput = (raw) => {
+  if (!raw) return void 0;
+  if (raw.length <= MAX_TOOL_OUTPUT_CHARS) return raw;
+  const omitted = raw.length - MAX_TOOL_OUTPUT_CHARS;
+  return `${raw.slice(0, MAX_TOOL_OUTPUT_CHARS)}
+\u2026 [${omitted} more characters truncated]`;
+};
 var createMapState = (ourSessionId, openCodeSessionId) => ({
   ourSessionId,
   openCodeSessionId,
   startedTools: /* @__PURE__ */ new Set(),
   endedTools: /* @__PURE__ */ new Set(),
-  announcedPatches: /* @__PURE__ */ new Set()
+  announcedPatches: /* @__PURE__ */ new Set(),
+  announcedPermissions: /* @__PURE__ */ new Set()
 });
+var extractPermissionCommand = (metadata) => {
+  if (!metadata) return void 0;
+  for (const key of ["command", "cmd", "url", "pattern", "filePath"]) {
+    const v = metadata[key];
+    if (typeof v === "string" && v) return v;
+  }
+  return void 0;
+};
 var EMPTY = { events: [], done: false };
 var mapEvent = (item, state) => {
   const sid = item.properties?.sessionID;
@@ -2189,6 +2426,25 @@ var mapEvent = (item, state) => {
   if (item.type === "session.idle" && sid === state.openCodeSessionId) {
     return { events: [{ type: "done" }], done: true };
   }
+  if (item.type === "permission.updated") {
+    const permissionId = item.properties?.id;
+    if (!permissionId || state.announcedPermissions.has(permissionId)) {
+      return EMPTY;
+    }
+    state.announcedPermissions.add(permissionId);
+    return {
+      events: [
+        {
+          type: "permission_request",
+          permissionId,
+          tool: item.properties?.type ?? "tool",
+          title: item.properties?.title,
+          command: extractPermissionCommand(item.properties?.metadata)
+        }
+      ],
+      done: false
+    };
+  }
   if (item.type !== "message.part.updated") {
     return EMPTY;
   }
@@ -2227,7 +2483,10 @@ var mapEvent = (item, state) => {
           type: "tool_call_end",
           toolCallId: callId,
           ok: status === "completed",
-          summary: status === "error" ? part.state?.error ?? "Tool failed" : part.state?.title
+          summary: status === "error" ? part.state?.error ?? "Tool failed" : part.state?.title,
+          output: truncateOutput(
+            status === "error" ? part.state?.error : part.state?.output
+          )
         };
         return { events: [event], done: false };
       }
@@ -2285,6 +2544,12 @@ var createEngineLocator = async (name) => {
 init_engine_locator_npm();
 var DIOLOGUE_PROVIDER_ID = "diologue";
 var DIOLOGUE_MODEL_ID = "diologue-routed";
+var END_OF_TURN_GRACE_MS = 600;
+var PERMISSION_DECISION_TIMEOUT_MS = 18e4;
+var EDIT_DIRECTIVE = "You are an autonomous coding agent operating on a real git repository. Carry out the request by editing files directly with your tools (write / edit / patch / bash) \u2014 do not just describe the change, outline steps, or print code for the user to copy. Read only what you need, make the edits on disk, and finish once the change has actually been written.";
+var logAdapter = (message) => {
+  console.error(`[opencode-adapter] ${message}`);
+};
 var OpenCodeProcessAdapter = class {
   constructor(options = {}) {
     this.options = options;
@@ -2294,6 +2559,9 @@ var OpenCodeProcessAdapter = class {
   /** Maps our sessionId → opencode session id so successive turns within
    *  one coding-agent session reuse the same opencode conversation. */
   sessionMap = /* @__PURE__ */ new Map();
+  /** In-flight turns by our sessionId, so replyPermission() can reach the
+   *  engine client to resolve a paused tool call. */
+  activeTurns = /* @__PURE__ */ new Map();
   async resolveLocator() {
     if (this.options.engineLocator) {
       return this.options.engineLocator;
@@ -2335,7 +2603,19 @@ var OpenCodeProcessAdapter = class {
           }
         }
       },
-      model: `${DIOLOGUE_PROVIDER_ID}/${DIOLOGUE_MODEL_ID}`
+      model: `${DIOLOGUE_PROVIDER_ID}/${DIOLOGUE_MODEL_ID}`,
+      // Permission policy. The ADAPTER is the policy engine, not this config:
+      //   - edit stays "allow" — edits land in the working tree and are
+      //     reversible via the chat's Keep/Revert, so we never prompt on them.
+      //   - bash + webfetch are "ask" so opencode pauses them. In "auto" mode
+      //     the adapter auto-approves instantly (behaves like allow); in
+      //     "confirm" mode it forwards an AgentPermissionRequest to the browser
+      //     and resumes only once the user replies. See streamMessage().
+      permission: {
+        edit: "allow",
+        bash: "ask",
+        webfetch: "ask"
+      }
     };
   }
   async ensureServer() {
@@ -2344,7 +2624,10 @@ var OpenCodeProcessAdapter = class {
     }
     this.serverPromise = (async () => {
       const locator = await this.resolveLocator();
-      return locator.start({ config: this.buildShimConfig() });
+      logAdapter(`starting engine helperBase=${this.resolveHelperBaseUrl()}`);
+      const handle = await locator.start({ config: this.buildShimConfig() });
+      logAdapter(`engine ready url=${handle.url}`);
+      return handle;
     })();
     try {
       return await this.serverPromise;
@@ -2355,7 +2638,13 @@ var OpenCodeProcessAdapter = class {
   }
   async ensureOpencodeSession(handle, ourSessionId, repoPath, title) {
     const existing = this.sessionMap.get(ourSessionId);
-    if (existing) return existing;
+    if (existing) {
+      logAdapter(
+        `reuse opencodeSession=${existing.slice(0, 8)} session=${ourSessionId.slice(0, 8)} repo=${repoPath}`
+      );
+      return existing;
+    }
+    logAdapter(`create session=${ourSessionId.slice(0, 8)} repo=${repoPath}`);
     const created = await handle.client.session.create({
       body: { title },
       query: { directory: repoPath }
@@ -2365,8 +2654,49 @@ var OpenCodeProcessAdapter = class {
       throw new Error("opencode session.create returned no id");
     }
     this.sessionMap.set(ourSessionId, id);
+    logAdapter(
+      `created opencodeSession=${id.slice(0, 8)} session=${ourSessionId.slice(0, 8)}`
+    );
     return id;
   }
+  /** Send a decision for a paused permission to opencode. Best-effort: a
+   *  failure is logged but not thrown — the worst case is the turn hangs
+   *  until the grace/abort path tears it down. */
+  async replyToOpencode(client, openCodeSessionId, repoPath, permissionId, response) {
+    try {
+      await client.postSessionIdPermissionsPermissionId({
+        path: { id: openCodeSessionId, permissionID: permissionId },
+        query: { directory: repoPath },
+        body: { response }
+      });
+      logAdapter(
+        `permission reply id=${permissionId.slice(0, 8)} response=${response}`
+      );
+    } catch (err) {
+      logAdapter(
+        `permission reply FAILED id=${permissionId.slice(0, 8)} response=${response} error=${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+  }
+  /** Apply a browser decision to a paused permission. Invoked by the
+   *  /agent/permission route on a separate HTTP request from the SSE stream. */
+  async replyPermission(sessionId, permissionId, response) {
+    const turn = this.activeTurns.get(sessionId);
+    if (!turn) return false;
+    const timer = turn.pending.get(permissionId);
+    if (timer) {
+      clearTimeout(timer);
+      turn.pending.delete(permissionId);
+    }
+    await this.replyToOpencode(
+      turn.client,
+      turn.openCodeSessionId,
+      turn.repoPath,
+      permissionId,
+      response
+    );
+    return true;
+  }
   async *streamMessage(request) {
     let handle;
     try {
@@ -2401,6 +2731,14 @@ var OpenCodeProcessAdapter = class {
     );
     let sawAnyPatch = false;
     let lastPatchHash = "";
+    const permissionMode = request.permissionMode ?? "auto";
+    const activeTurn = {
+      client: handle.client,
+      openCodeSessionId,
+      repoPath: request.repoPath,
+      pending: /* @__PURE__ */ new Map()
+    };
+    this.activeTurns.set(request.sessionId, activeTurn);
     let activeBrokerHandle = null;
     let streamScopedBroker = null;
     if (request.broker) {
@@ -2410,16 +2748,16 @@ var OpenCodeProcessAdapter = class {
         }
       });
       const realCallback = callback;
-      streamScopedBroker.request = async (payload) => {
-        return realCallback(payload);
+      streamScopedBroker.request = async (payload, observer) => {
+        return realCallback(payload, observer);
       };
       activeBrokerHandle = bindActiveBroker(streamScopedBroker);
-      console.error(
-        `[opencode-adapter] bound active broker token="${activeBrokerHandle.token.slice(0, 12)}\u2026" session=${request.sessionId.slice(0, 8)}`
+      logAdapter(
+        `bound active broker token="${activeBrokerHandle.token.slice(0, 12)}\u2026" session=${request.sessionId.slice(0, 8)}`
       );
     } else {
-      console.error(
-        `[opencode-adapter] WARNING: request.broker is missing for session=${request.sessionId.slice(0, 8)} \u2014 shim will 401`
+      logAdapter(
+        `WARNING request.broker missing session=${request.sessionId.slice(0, 8)}; shim will 401`
       );
     }
     const eventController = new AbortController();
@@ -2436,6 +2774,9 @@ var OpenCodeProcessAdapter = class {
         signal: eventController.signal
       });
       eventStream = res.stream;
+      logAdapter(
+        `subscribed events session=${request.sessionId.slice(0, 8)} opencodeSession=${openCodeSessionId.slice(0, 8)}`
+      );
     } catch (err) {
       yield {
         type: "error",
@@ -2446,7 +2787,11 @@ var OpenCodeProcessAdapter = class {
       return;
     }
     const promptBody = {
-      parts: [{ type: "text", text: request.prompt }]
+      parts: [
+        { type: "text", text: `${EDIT_DIRECTIVE}
+${request.prompt}` }
+      ]
     };
     if (streamScopedBroker && activeBrokerHandle) {
       promptBody.model = {
@@ -2454,22 +2799,91 @@ var OpenCodeProcessAdapter = class {
         modelID: DIOLOGUE_MODEL_ID
       };
     }
+    logAdapter(
+      `prompt start session=${request.sessionId.slice(0, 8)} opencodeSession=${openCodeSessionId.slice(0, 8)} promptChars=${request.prompt.length} provider=${request.preferredProvider ?? "(default)"} model=${request.preferredModel ?? "(default)"}`
+    );
     const promptPromise = handle.client.session.prompt({
       path: { id: openCodeSessionId },
       query: { directory: request.repoPath },
       body: promptBody
+    }).then((value) => {
+      logAdapter(
+        `prompt accepted session=${request.sessionId.slice(0, 8)} opencodeSession=${openCodeSessionId.slice(0, 8)}`
+      );
+      return value;
     }).catch((err) => {
-      return err instanceof Error ? err : new Error(String(err));
+      const error = err instanceof Error ? err : new Error(String(err));
+      logAdapter(
+        `prompt failed session=${request.sessionId.slice(0, 8)} opencodeSession=${openCodeSessionId.slice(0, 8)} error=${error.message}`
+      );
+      return error;
     });
+    let stopConsuming = false;
+    const stopSignal = new Promise((resolve) => {
+      void promptPromise.finally(() => {
+        setTimeout(() => {
+          stopConsuming = true;
+          resolve("stop");
+        }, END_OF_TURN_GRACE_MS);
+      });
+    });
+    let emittedDone = false;
+    const iterator = eventStream[Symbol.asyncIterator]();
     try {
-      for await (const item of eventStream) {
+      while (!stopConsuming) {
         if (request.signal?.aborted) break;
+        const nextP = iterator.next();
+        const next = await Promise.race([
+          nextP,
+          stopSignal.then(() => null)
+        ]);
+        if (next === null) {
+          void nextP.catch(() => void 0);
+          break;
+        }
+        if (next.done) break;
+        const rawItem = next.value;
+        const item = "payload" in rawItem && rawItem.payload ? rawItem.payload : rawItem;
         const mapped = mapEvent(item, mapState);
+        if (mapped.events.length > 0 || mapped.done) {
+          logAdapter(
+            `event ${item.type} mapped=${mapped.events.map((event) => event.type).join(",") || "(none)"} done=${mapped.done} session=${request.sessionId.slice(0, 8)}`
+          );
+        }
         for (const event of mapped.events) {
+          if (event.type === "permission_request") {
+            if (permissionMode === "confirm") {
+              const timer = setTimeout(() => {
+                activeTurn.pending.delete(event.permissionId);
+                void this.replyToOpencode(
+                  handle.client,
+                  openCodeSessionId,
+                  request.repoPath,
+                  event.permissionId,
+                  "reject"
+                );
+                logAdapter(
+                  `permission auto-rejected (timeout) id=${event.permissionId.slice(0, 8)} session=${request.sessionId.slice(0, 8)}`
+                );
+              }, PERMISSION_DECISION_TIMEOUT_MS);
+              activeTurn.pending.set(event.permissionId, timer);
+              yield event;
+            } else {
+              void this.replyToOpencode(
+                handle.client,
+                openCodeSessionId,
+                request.repoPath,
+                event.permissionId,
+                "once"
+              );
+            }
+            continue;
+          }
           if (event.type === "diff_proposed" && mapped.patchToFetch) {
             sawAnyPatch = true;
             lastPatchHash = mapped.patchToFetch.hash;
           }
+          if (event.type === "done") emittedDone = true;
           yield event;
         }
         if (mapped.done) {
@@ -2478,31 +2892,54 @@ var OpenCodeProcessAdapter = class {
       }
     } finally {
       eventController.abort();
+      try {
+        await iterator.return?.();
+      } catch {
+      }
       request.signal?.removeEventListener("abort", stopOnAbort);
+      for (const [permId, timer] of activeTurn.pending) {
+        clearTimeout(timer);
+        void this.replyToOpencode(
+          handle.client,
+          openCodeSessionId,
+          request.repoPath,
+          permId,
+          "reject"
+        );
+      }
+      activeTurn.pending.clear();
+      this.activeTurns.delete(request.sessionId);
       activeBrokerHandle?.release();
       streamScopedBroker?.close("turn_ended");
     }
-    if (sawAnyPatch) {
-      try {
-        const diffRes = await handle.client.session.diff({
-          path: { id: openCodeSessionId },
-          query: { directory: request.repoPath }
-        });
-        const unified = diffRes.data?.unified ?? "";
-        if (unified) {
-          yield {
-            type: "diff_proposed",
-            unified,
-            files: parseUnifiedDiffFiles(unified)
-          };
-        }
-      } catch {
+    try {
+      const diffRes = await handle.client.session.diff({
+        path: { id: openCodeSessionId },
+        query: { directory: request.repoPath }
+      });
+      const unified = diffRes.data?.unified ?? "";
+      if (unified) {
+        yield {
+          type: "diff_proposed",
+          unified,
+          files: parseUnifiedDiffFiles(unified)
+        };
       }
+    } catch (err) {
+      logAdapter(
+        `diff fetch failed session=${request.sessionId.slice(0, 8)} error=${err instanceof Error ? err.message : String(err)}`
+      );
     }
     const promptResult = await promptPromise;
     if (promptResult instanceof Error) {
       yield { type: "error", message: promptResult.message, recoverable: true };
+    } else {
+      logAdapter(`turn complete session=${request.sessionId.slice(0, 8)}`);
+    }
+    if (!emittedDone) {
+      yield { type: "done" };
     }
+    void sawAnyPatch;
     void lastPatchHash;
   }
   async close() {
@@ -2579,6 +3016,7 @@ var createApp = (options) => {
   app.use("/agent", createAgentRouter({ state, adapter, brokerRegistry }));
   app.use("/agent/llm-response", createLlmResponseRouter({ brokerRegistry }));
   app.use("/agent/llm-chunk", createLlmChunkRouter({ brokerRegistry }));
+  app.use("/agent/permission", createPermissionRouter({ adapter }));
   app.use("/llm-shim", createLlmShimRouter());
   app.use((req, res) => {
     res.status(404).json({ error: "not_found", method: req.method, path: req.path });