@google/gemini-cli-a2a-server 0.38.0-preview.0 → 0.39.0-nightly.20260409.615e07834

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -86309,7 +86309,7 @@ var require_gaxios2 = __commonJS({
86309
86309
  var retry_js_1 = require_retry4();
86310
86310
  var stream_1 = __require("stream");
86311
86311
  var interceptor_js_1 = require_interceptor2();
86312
- var randomUUID14 = async () => globalThis.crypto?.randomUUID() || (await import("crypto")).randomUUID();
86312
+ var randomUUID13 = async () => globalThis.crypto?.randomUUID() || (await import("crypto")).randomUUID();
86313
86313
  var HTTP_STATUS_NO_CONTENT = 204;
86314
86314
  var Gaxios = class {
86315
86315
  agentCache = /* @__PURE__ */ new Map();
@@ -86582,7 +86582,7 @@ var require_gaxios2 = __commonJS({
86582
86582
  */
86583
86583
  ["Blob", "File", "FormData"].includes(opts.data?.constructor?.name || "");
86584
86584
  if (opts.multipart?.length) {
86585
- const boundary = await randomUUID14();
86585
+ const boundary = await randomUUID13();
86586
86586
  preparedHeaders.set("content-type", `multipart/related; boundary=${boundary}`);
86587
86587
  opts.body = stream_1.Readable.from(this.getMultipartRequest(opts.multipart, boundary));
86588
86588
  } else if (shouldDirectlyPassData) {
@@ -112259,7 +112259,7 @@ var init_types2 = __esm({
112259
112259
  InProcessCheckerType2["ALLOWED_PATH"] = "allowed-path";
112260
112260
  InProcessCheckerType2["CONSECA"] = "conseca";
112261
112261
  })(InProcessCheckerType || (InProcessCheckerType = {}));
112262
- PRIORITY_SUBAGENT_TOOL = 1.05;
112262
+ PRIORITY_SUBAGENT_TOOL = 1.03;
112263
112263
  ALWAYS_ALLOW_PRIORITY_FRACTION = 950;
112264
112264
  ALWAYS_ALLOW_PRIORITY_OFFSET = ALWAYS_ALLOW_PRIORITY_FRACTION / 1e3;
112265
112265
  PRIORITY_YOLO_ALLOW_ALL = 998;
@@ -114104,9 +114104,9 @@ var init_storage = __esm({
114104
114104
  projectIdentifier;
114105
114105
  initPromise;
114106
114106
  customPlansDir;
114107
- constructor(targetDir, sessionId2) {
114107
+ constructor(targetDir, sessionId) {
114108
114108
  this.targetDir = targetDir;
114109
- this.sessionId = sessionId2;
114109
+ this.sessionId = sessionId;
114110
114110
  }
114111
114111
  setCustomPlansDir(dir) {
114112
114112
  this.customPlansDir = dir;
@@ -119546,13 +119546,13 @@ ${head}
119546
119546
 
119547
119547
  ${tail}`;
119548
119548
  }
119549
- async function saveTruncatedToolOutput(content, toolName, id, projectTempDir, sessionId2) {
119549
+ async function saveTruncatedToolOutput(content, toolName, id, projectTempDir, sessionId) {
119550
119550
  const safeToolName = sanitizeFilenamePart(toolName).toLowerCase();
119551
119551
  const safeId = sanitizeFilenamePart(id.toString()).toLowerCase();
119552
119552
  const fileName = safeId.startsWith(safeToolName) ? `${safeId}.txt` : `${safeToolName}_${safeId}.txt`;
119553
119553
  let toolOutputDir = path9.join(projectTempDir, TOOL_OUTPUTS_DIR);
119554
- if (sessionId2) {
119555
- const safeSessionId = sanitizeFilenamePart(sessionId2);
119554
+ if (sessionId) {
119555
+ const safeSessionId = sanitizeFilenamePart(sessionId);
119556
119556
  toolOutputDir = path9.join(toolOutputDir, `session-${safeSessionId}`);
119557
119557
  }
119558
119558
  const outputFile = path9.join(toolOutputDir, fileName);
@@ -120054,88 +120054,94 @@ async function* execStreaming(command, args2, options) {
120054
120054
  cwd: options?.cwd?.toString() ?? process.cwd(),
120055
120055
  env: options?.env ?? process.env
120056
120056
  });
120057
- const { program: finalCommand, args: finalArgs, env: finalEnv } = prepared;
120058
- const child = spawn(finalCommand, finalArgs, {
120059
- ...options,
120060
- env: finalEnv,
120061
- // ensure we don't open a window on windows if possible/relevant
120062
- windowsHide: true
120063
- });
120064
- const rl = readline.createInterface({
120065
- input: child.stdout,
120066
- terminal: false
120067
- });
120068
- const errorChunks = [];
120069
- let stderrTotalBytes = 0;
120070
- const MAX_STDERR_BYTES = 20 * 1024;
120071
- child.stderr.on("data", (chunk2) => {
120072
- if (stderrTotalBytes < MAX_STDERR_BYTES) {
120073
- errorChunks.push(chunk2);
120074
- stderrTotalBytes += chunk2.length;
120075
- }
120076
- });
120077
- let error2 = null;
120078
- child.on("error", (err2) => {
120079
- error2 = err2;
120080
- });
120081
- const onAbort = () => {
120082
- if (!child.killed)
120083
- child.kill();
120084
- };
120085
- if (options?.signal?.aborted) {
120086
- onAbort();
120087
- } else {
120088
- options?.signal?.addEventListener("abort", onAbort);
120089
- }
120090
- let finished8 = false;
120091
120057
  try {
120092
- for await (const line of rl) {
120093
- if (options?.signal?.aborted)
120094
- break;
120095
- yield line;
120096
- }
120097
- finished8 = true;
120098
- } finally {
120099
- rl.close();
120100
- options?.signal?.removeEventListener("abort", onAbort);
120101
- let killedByGenerator = false;
120102
- if (!finished8 && child.exitCode === null && !child.killed) {
120103
- try {
120104
- child.kill();
120105
- } catch {
120058
+ const { program: finalCommand, args: finalArgs, env: finalEnv } = prepared;
120059
+ const child = spawn(finalCommand, finalArgs, {
120060
+ ...options,
120061
+ env: finalEnv,
120062
+ // ensure we don't open a window on windows if possible/relevant
120063
+ windowsHide: true
120064
+ });
120065
+ const rl = readline.createInterface({
120066
+ input: child.stdout,
120067
+ terminal: false
120068
+ });
120069
+ const errorChunks = [];
120070
+ let stderrTotalBytes = 0;
120071
+ const MAX_STDERR_BYTES = 20 * 1024;
120072
+ child.stderr.on("data", (chunk2) => {
120073
+ if (stderrTotalBytes < MAX_STDERR_BYTES) {
120074
+ errorChunks.push(chunk2);
120075
+ stderrTotalBytes += chunk2.length;
120106
120076
  }
120107
- killedByGenerator = true;
120077
+ });
120078
+ let error2 = null;
120079
+ child.on("error", (err2) => {
120080
+ error2 = err2;
120081
+ });
120082
+ const onAbort = () => {
120083
+ if (!child.killed)
120084
+ child.kill();
120085
+ };
120086
+ if (options?.signal?.aborted) {
120087
+ onAbort();
120088
+ } else {
120089
+ options?.signal?.addEventListener("abort", onAbort);
120108
120090
  }
120109
- await new Promise((resolve24, reject) => {
120110
- if (error2) {
120111
- reject(error2);
120112
- return;
120091
+ let finished8 = false;
120092
+ try {
120093
+ for await (const line of rl) {
120094
+ if (options?.signal?.aborted)
120095
+ break;
120096
+ yield line;
120113
120097
  }
120114
- function checkExit(code) {
120115
- if (options?.signal?.aborted || killedByGenerator) {
120116
- resolve24();
120098
+ finished8 = true;
120099
+ } finally {
120100
+ rl.close();
120101
+ options?.signal?.removeEventListener("abort", onAbort);
120102
+ let killedByGenerator = false;
120103
+ if (!finished8 && child.exitCode === null && !child.killed) {
120104
+ try {
120105
+ child.kill();
120106
+ } catch {
120107
+ }
120108
+ killedByGenerator = true;
120109
+ }
120110
+ await new Promise((resolve24, reject) => {
120111
+ if (error2) {
120112
+ reject(error2);
120117
120113
  return;
120118
120114
  }
120119
- const allowed = options?.allowedExitCodes ?? [0];
120120
- if (code !== null && allowed.includes(code)) {
120121
- resolve24();
120122
- } else {
120123
- if (error2)
120124
- reject(error2);
120125
- else {
120126
- const stderr = Buffer.concat(errorChunks).toString("utf8");
120127
- const truncatedMsg = stderrTotalBytes >= MAX_STDERR_BYTES ? "...[truncated]" : "";
120128
- reject(new Error(`Process exited with code ${code}: ${stderr}${truncatedMsg}`));
120115
+ function checkExit(code) {
120116
+ if (options?.signal?.aborted || killedByGenerator) {
120117
+ resolve24();
120118
+ return;
120119
+ }
120120
+ const allowed = options?.allowedExitCodes ?? [0];
120121
+ if (code !== null && allowed.includes(code)) {
120122
+ resolve24();
120123
+ } else {
120124
+ if (error2)
120125
+ reject(error2);
120126
+ else {
120127
+ const stderr = Buffer.concat(errorChunks).toString("utf8");
120128
+ const truncatedMsg = stderrTotalBytes >= MAX_STDERR_BYTES ? "...[truncated]" : "";
120129
+ reject(new Error(`Process exited with code ${code}: ${stderr}${truncatedMsg}`));
120130
+ }
120129
120131
  }
120130
120132
  }
120131
- }
120132
- if (child.exitCode !== null) {
120133
- checkExit(child.exitCode);
120134
- } else {
120135
- child.on("close", (code) => checkExit(code));
120136
- child.on("error", (err2) => reject(err2));
120137
- }
120138
- });
120133
+ if (child.exitCode !== null) {
120134
+ checkExit(child.exitCode);
120135
+ } else {
120136
+ child.on("close", (code) => checkExit(code));
120137
+ child.on("error", (err2) => {
120138
+ reject(err2);
120139
+ });
120140
+ }
120141
+ });
120142
+ }
120143
+ } finally {
120144
+ prepared.cleanup?.();
120139
120145
  }
120140
120146
  }
120141
120147
  var import_shell_quote, SHELL_TOOL_NAMES, bashLanguage, treeSitterInitialization, treeSitterInitializationError, ShellParserInitializationError, POWERSHELL_COMMAND_ENV, PARSE_TIMEOUT_MICROS, POWERSHELL_PARSER_SCRIPT, REDIRECTION_NAMES, isWindows, spawnAsync;
@@ -120218,31 +120224,35 @@ foreach ($commandAst in $commandAsts) {
120218
120224
  env: options?.env ?? process.env
120219
120225
  });
120220
120226
  const { program: finalCommand, args: finalArgs, env: finalEnv } = prepared;
120221
- return new Promise((resolve24, reject) => {
120222
- const child = spawn(finalCommand, finalArgs, {
120223
- ...options,
120224
- env: finalEnv
120225
- });
120226
- let stdout = "";
120227
- let stderr = "";
120228
- child.stdout.on("data", (data) => {
120229
- stdout += data.toString();
120230
- });
120231
- child.stderr.on("data", (data) => {
120232
- stderr += data.toString();
120233
- });
120234
- child.on("close", (code) => {
120235
- if (code === 0) {
120236
- resolve24({ stdout, stderr });
120237
- } else {
120238
- reject(new Error(`Command failed with exit code ${code}:
120227
+ try {
120228
+ return await new Promise((resolve24, reject) => {
120229
+ const child = spawn(finalCommand, finalArgs, {
120230
+ ...options,
120231
+ env: finalEnv
120232
+ });
120233
+ let stdout = "";
120234
+ let stderr = "";
120235
+ child.stdout.on("data", (data) => {
120236
+ stdout += data.toString();
120237
+ });
120238
+ child.stderr.on("data", (data) => {
120239
+ stderr += data.toString();
120240
+ });
120241
+ child.on("close", (code) => {
120242
+ if (code === 0) {
120243
+ resolve24({ stdout, stderr });
120244
+ } else {
120245
+ reject(new Error(`Command failed with exit code ${code}:
120239
120246
  ${stderr}`));
120240
- }
120241
- });
120242
- child.on("error", (err2) => {
120243
- reject(err2);
120247
+ }
120248
+ });
120249
+ child.on("error", (err2) => {
120250
+ reject(err2);
120251
+ });
120244
120252
  });
120245
- });
120253
+ } finally {
120254
+ prepared.cleanup?.();
120255
+ }
120246
120256
  };
120247
120257
  }
120248
120258
  });
@@ -123316,7 +123326,7 @@ var init_LinuxSandboxManager = __esm({
123316
123326
  const { command: finalCommand, args: finalArgs } = handleReadWriteCommands(req, mergedAdditional, this.options.workspace, req.policy?.allowedPaths);
123317
123327
  const sanitizationConfig = getSecureSanitizationConfig(req.policy?.sanitizationConfig);
123318
123328
  const sanitizedEnv = sanitizeEnvironment(req.env, sanitizationConfig);
123319
- const { allowed: allowedPaths, forbidden: forbiddenPaths } = await resolveSandboxPaths(this.options, req);
123329
+ const resolvedPaths = await resolveSandboxPaths(this.options, req, mergedAdditional);
123320
123330
  for (const file of GOVERNANCE_FILES) {
123321
123331
  const filePath = join5(this.options.workspace, file.path);
123322
123332
  touch(filePath, file.isDirectory);
@@ -123325,8 +123335,8 @@ var init_LinuxSandboxManager = __esm({
123325
123335
  workspace: this.options.workspace,
123326
123336
  workspaceWrite,
123327
123337
  networkAccess,
123328
- allowedPaths,
123329
- forbiddenPaths,
123338
+ allowedPaths: resolvedPaths.policyAllowed,
123339
+ forbiddenPaths: resolvedPaths.forbidden,
123330
123340
  additionalPermissions: mergedAdditional,
123331
123341
  includeDirectories: this.options.includeDirectories || [],
123332
123342
  maskFilePath: this.getMaskFilePath(),
@@ -123566,56 +123576,21 @@ function escapeSchemeString(str2) {
123566
123576
  }
123567
123577
  function buildSeatbeltProfile(options) {
123568
123578
  let profile = BASE_SEATBELT_PROFILE + "\n";
123569
- const workspacePath = tryRealpath(options.workspace);
123570
- profile += `(allow file-read* (subpath "${escapeSchemeString(options.workspace)}"))
123579
+ const { resolvedPaths, networkAccess, workspaceWrite } = options;
123580
+ profile += `(allow file-read* (subpath "${escapeSchemeString(resolvedPaths.workspace.original)}"))
123571
123581
  `;
123572
- profile += `(allow file-read* (subpath "${escapeSchemeString(workspacePath)}"))
123582
+ profile += `(allow file-read* (subpath "${escapeSchemeString(resolvedPaths.workspace.resolved)}"))
123573
123583
  `;
123574
- if (options.workspaceWrite) {
123575
- profile += `(allow file-write* (subpath "${escapeSchemeString(options.workspace)}"))
123584
+ if (workspaceWrite) {
123585
+ profile += `(allow file-write* (subpath "${escapeSchemeString(resolvedPaths.workspace.original)}"))
123576
123586
  `;
123577
- profile += `(allow file-write* (subpath "${escapeSchemeString(workspacePath)}"))
123587
+ profile += `(allow file-write* (subpath "${escapeSchemeString(resolvedPaths.workspace.resolved)}"))
123578
123588
  `;
123579
123589
  }
123580
123590
  const tmpPath = tryRealpath(os8.tmpdir());
123581
123591
  profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(tmpPath)}"))
123582
123592
  `;
123583
- for (let i4 = 0; i4 < GOVERNANCE_FILES.length; i4++) {
123584
- const governanceFile = path14.join(workspacePath, GOVERNANCE_FILES[i4].path);
123585
- const realGovernanceFile = tryRealpath(governanceFile);
123586
- let isDirectory = GOVERNANCE_FILES[i4].isDirectory;
123587
- try {
123588
- if (fs18.existsSync(realGovernanceFile)) {
123589
- isDirectory = fs18.lstatSync(realGovernanceFile).isDirectory();
123590
- }
123591
- } catch {
123592
- }
123593
- const ruleType = isDirectory ? "subpath" : "literal";
123594
- profile += `(deny file-write* (${ruleType} "${escapeSchemeString(governanceFile)}"))
123595
- `;
123596
- if (realGovernanceFile !== governanceFile) {
123597
- profile += `(deny file-write* (${ruleType} "${escapeSchemeString(realGovernanceFile)}"))
123598
- `;
123599
- }
123600
- }
123601
- const searchPaths = [options.workspace, ...options.allowedPaths];
123602
- for (const basePath of searchPaths) {
123603
- const resolvedBase = tryRealpath(basePath);
123604
- for (const secret of SECRET_FILES) {
123605
- let regexPattern;
123606
- const escapedBase = escapeRegex(resolvedBase);
123607
- if (secret.pattern.endsWith("*")) {
123608
- const basePattern = secret.pattern.slice(0, -1).replace(/\./g, "\\\\.");
123609
- regexPattern = `^${escapedBase}/(.*/)?${basePattern}[^/]+$`;
123610
- } else {
123611
- const basePattern = secret.pattern.replace(/\./g, "\\\\.");
123612
- regexPattern = `^${escapedBase}/(.*/)?${basePattern}$`;
123613
- }
123614
- profile += `(deny file-read* file-write* (regex #"${regexPattern}"))
123615
- `;
123616
- }
123617
- }
123618
- const { worktreeGitDir, mainGitDir } = resolveGitWorktreePaths(workspacePath);
123593
+ const { worktreeGitDir, mainGitDir } = resolveGitWorktreePaths(resolvedPaths.workspace.resolved);
123619
123594
  if (worktreeGitDir) {
123620
123595
  profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(worktreeGitDir)}"))
123621
123596
  `;
@@ -123647,56 +123622,91 @@ function buildSeatbeltProfile(options) {
123647
123622
  }
123648
123623
  }
123649
123624
  }
123650
- const allowedPaths = options.allowedPaths;
123625
+ const allowedPaths = [
123626
+ ...resolvedPaths.policyAllowed,
123627
+ ...resolvedPaths.globalIncludes
123628
+ ];
123651
123629
  for (let i4 = 0; i4 < allowedPaths.length; i4++) {
123652
- const allowedPath = tryRealpath(allowedPaths[i4]);
123630
+ const allowedPath = allowedPaths[i4];
123653
123631
  profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(allowedPath)}"))
123654
123632
  `;
123655
123633
  }
123656
- if (options.additionalPermissions?.fileSystem) {
123657
- const { read: read2, write: write2 } = options.additionalPermissions.fileSystem;
123658
- if (read2) {
123659
- for (let i4 = 0; i4 < read2.length; i4++) {
123660
- const resolved = tryRealpath(read2[i4]);
123661
- let isFile2 = false;
123662
- try {
123663
- isFile2 = fs18.statSync(resolved).isFile();
123664
- } catch {
123665
- }
123666
- if (isFile2) {
123667
- profile += `(allow file-read* (literal "${escapeSchemeString(resolved)}"))
123634
+ for (let i4 = 0; i4 < resolvedPaths.policyRead.length; i4++) {
123635
+ const resolved = resolvedPaths.policyRead[i4];
123636
+ let isFile2 = false;
123637
+ try {
123638
+ isFile2 = fs18.statSync(resolved).isFile();
123639
+ } catch {
123640
+ }
123641
+ if (isFile2) {
123642
+ profile += `(allow file-read* (literal "${escapeSchemeString(resolved)}"))
123668
123643
  `;
123669
- } else {
123670
- profile += `(allow file-read* (subpath "${escapeSchemeString(resolved)}"))
123644
+ } else {
123645
+ profile += `(allow file-read* (subpath "${escapeSchemeString(resolved)}"))
123671
123646
  `;
123672
- }
123647
+ }
123648
+ }
123649
+ for (let i4 = 0; i4 < resolvedPaths.policyWrite.length; i4++) {
123650
+ const resolved = resolvedPaths.policyWrite[i4];
123651
+ let isFile2 = false;
123652
+ try {
123653
+ isFile2 = fs18.statSync(resolved).isFile();
123654
+ } catch {
123655
+ }
123656
+ if (isFile2) {
123657
+ profile += `(allow file-read* file-write* (literal "${escapeSchemeString(resolved)}"))
123658
+ `;
123659
+ } else {
123660
+ profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(resolved)}"))
123661
+ `;
123662
+ }
123663
+ }
123664
+ for (let i4 = 0; i4 < GOVERNANCE_FILES.length; i4++) {
123665
+ const governanceFile = path14.join(resolvedPaths.workspace.resolved, GOVERNANCE_FILES[i4].path);
123666
+ const realGovernanceFile = tryRealpath(governanceFile);
123667
+ let isDirectory = GOVERNANCE_FILES[i4].isDirectory;
123668
+ try {
123669
+ if (fs18.existsSync(realGovernanceFile)) {
123670
+ isDirectory = fs18.lstatSync(realGovernanceFile).isDirectory();
123673
123671
  }
123672
+ } catch {
123674
123673
  }
123675
- if (write2) {
123676
- for (let i4 = 0; i4 < write2.length; i4++) {
123677
- const resolved = tryRealpath(write2[i4]);
123678
- let isFile2 = false;
123679
- try {
123680
- isFile2 = fs18.statSync(resolved).isFile();
123681
- } catch {
123682
- }
123683
- if (isFile2) {
123684
- profile += `(allow file-read* file-write* (literal "${escapeSchemeString(resolved)}"))
123674
+ const ruleType = isDirectory ? "subpath" : "literal";
123675
+ profile += `(deny file-write* (${ruleType} "${escapeSchemeString(governanceFile)}"))
123685
123676
  `;
123686
- } else {
123687
- profile += `(allow file-read* file-write* (subpath "${escapeSchemeString(resolved)}"))
123677
+ if (realGovernanceFile !== governanceFile) {
123678
+ profile += `(deny file-write* (${ruleType} "${escapeSchemeString(realGovernanceFile)}"))
123688
123679
  `;
123689
- }
123680
+ }
123681
+ }
123682
+ const searchPaths = [
123683
+ resolvedPaths.workspace.resolved,
123684
+ resolvedPaths.workspace.original,
123685
+ ...resolvedPaths.policyAllowed,
123686
+ ...resolvedPaths.globalIncludes
123687
+ ];
123688
+ for (const basePath of searchPaths) {
123689
+ for (const secret of SECRET_FILES) {
123690
+ let regexPattern;
123691
+ const escapedBase = escapeRegex(basePath);
123692
+ if (secret.pattern.endsWith("*")) {
123693
+ const basePattern = secret.pattern.slice(0, -1).replace(/\./g, "\\\\.");
123694
+ regexPattern = `^${escapedBase}/(.*/)?${basePattern}[^/]+$`;
123695
+ } else {
123696
+ const basePattern = secret.pattern.replace(/\./g, "\\\\.");
123697
+ regexPattern = `^${escapedBase}/(.*/)?${basePattern}$`;
123690
123698
  }
123699
+ profile += `(deny file-read* file-write* (regex #"${regexPattern}"))
123700
+ `;
123691
123701
  }
123692
123702
  }
123693
- const forbiddenPaths = options.forbiddenPaths;
123703
+ const forbiddenPaths = resolvedPaths.forbidden;
123694
123704
  for (let i4 = 0; i4 < forbiddenPaths.length; i4++) {
123695
- const forbiddenPath = tryRealpath(forbiddenPaths[i4]);
123705
+ const forbiddenPath = forbiddenPaths[i4];
123696
123706
  profile += `(deny file-read* file-write* (subpath "${escapeSchemeString(forbiddenPath)}"))
123697
123707
  `;
123698
123708
  }
123699
- if (options.networkAccess || options.additionalPermissions?.network) {
123709
+ if (networkAccess) {
123700
123710
  profile += NETWORK_SEATBELT_PROFILE;
123701
123711
  }
123702
123712
  return profile;
@@ -123783,7 +123793,6 @@ var init_MacOsSandboxManager = __esm({
123783
123793
  const isYolo = this.options.modeConfig?.yolo ?? false;
123784
123794
  const workspaceWrite = !isReadonlyMode || isApproved || isYolo;
123785
123795
  const defaultNetwork = this.options.modeConfig?.network || req.policy?.networkAccess || isYolo;
123786
- const { allowed: allowedPaths, forbidden: forbiddenPaths } = await resolveSandboxPaths(this.options, req);
123787
123796
  const commandName = await getCommandName2(currentReq);
123788
123797
  const persistentPermissions = allowOverrides ? this.options.policyManager?.getCommandPermissions(commandName) : void 0;
123789
123798
  const mergedAdditional = {
@@ -123799,17 +123808,15 @@ var init_MacOsSandboxManager = __esm({
123799
123808
  },
123800
123809
  network: defaultNetwork || persistentPermissions?.network || req.policy?.additionalPermissions?.network || false
123801
123810
  };
123802
- const { command: finalCommand, args: finalArgs } = handleReadWriteCommands(req, mergedAdditional, this.options.workspace, req.policy?.allowedPaths);
123811
+ const { command: finalCommand, args: finalArgs } = handleReadWriteCommands(req, mergedAdditional, this.options.workspace, [
123812
+ ...req.policy?.allowedPaths || [],
123813
+ ...this.options.includeDirectories || []
123814
+ ]);
123815
+ const resolvedPaths = await resolveSandboxPaths(this.options, req, mergedAdditional);
123803
123816
  const sandboxArgs = buildSeatbeltProfile({
123804
- workspace: this.options.workspace,
123805
- allowedPaths: [
123806
- ...allowedPaths,
123807
- ...this.options.includeDirectories || []
123808
- ],
123809
- forbiddenPaths,
123817
+ resolvedPaths,
123810
123818
  networkAccess: mergedAdditional.network,
123811
- workspaceWrite,
123812
- additionalPermissions: mergedAdditional
123819
+ workspaceWrite
123813
123820
  });
123814
123821
  const tempFile = this.writeProfileToTempFile(sandboxArgs);
123815
123822
  return {
@@ -123897,7 +123904,7 @@ import fs20 from "node:fs";
123897
123904
  import path16 from "node:path";
123898
123905
  import os10 from "node:os";
123899
123906
  import { fileURLToPath as fileURLToPath2 } from "node:url";
123900
- var __filename2, __dirname2, LOW_INTEGRITY_SID, WindowsSandboxManager;
123907
+ var __filename2, __dirname2, LOW_INTEGRITY_SID, DIRECTORY_FLAGS, WindowsSandboxManager;
123901
123908
  var init_WindowsSandboxManager = __esm({
123902
123909
  "packages/core/dist/src/sandbox/windows/WindowsSandboxManager.js"() {
123903
123910
  "use strict";
@@ -123914,6 +123921,7 @@ var init_WindowsSandboxManager = __esm({
123914
123921
  __filename2 = fileURLToPath2(import.meta.url);
123915
123922
  __dirname2 = path16.dirname(__filename2);
123916
123923
  LOW_INTEGRITY_SID = "*S-1-16-4096";
123924
+ DIRECTORY_FLAGS = "(OI)(CI)";
123917
123925
  WindowsSandboxManager = class _WindowsSandboxManager {
123918
123926
  options;
123919
123927
  static HELPER_EXE = "GeminiSandbox.exe";
@@ -124050,47 +124058,43 @@ var init_WindowsSandboxManager = __esm({
124050
124058
  }
124051
124059
  const defaultNetwork = this.options.modeConfig?.network ?? req.policy?.networkAccess ?? false;
124052
124060
  const networkAccess = defaultNetwork || mergedAdditional.network;
124053
- const { allowed: allowedPaths, forbidden: forbiddenPaths } = await resolveSandboxPaths(this.options, req);
124061
+ const resolvedPaths = await resolveSandboxPaths(this.options, req, mergedAdditional);
124054
124062
  const writableRoots = [];
124055
124063
  const isApproved = allowOverrides ? await isStrictlyApproved(command, args2, this.options.modeConfig?.approvedTools) : false;
124056
124064
  if (!isReadonlyMode || isApproved) {
124057
- await this.grantLowIntegrityAccess(this.options.workspace);
124058
- writableRoots.push(this.options.workspace);
124065
+ await this.grantLowIntegrityAccess(resolvedPaths.workspace.resolved);
124066
+ writableRoots.push(resolvedPaths.workspace.resolved);
124059
124067
  }
124060
- const includeDirs = sanitizePaths(this.options.includeDirectories);
124061
- for (const includeDir of includeDirs) {
124068
+ for (const includeDir of resolvedPaths.globalIncludes) {
124062
124069
  await this.grantLowIntegrityAccess(includeDir);
124063
124070
  writableRoots.push(includeDir);
124064
124071
  }
124065
- for (const allowedPath of allowedPaths) {
124066
- const resolved = resolveToRealPath(allowedPath);
124072
+ for (const allowedPath of resolvedPaths.policyAllowed) {
124067
124073
  try {
124068
- await fs20.promises.access(resolved, fs20.constants.F_OK);
124074
+ await fs20.promises.access(allowedPath, fs20.constants.F_OK);
124069
124075
  } catch {
124070
- throw new Error(`Sandbox request rejected: Allowed path does not exist: ${resolved}. On Windows, granular sandbox access can only be granted to existing paths to avoid broad parent directory permissions.`);
124076
+ throw new Error(`Sandbox request rejected: Allowed path does not exist: ${allowedPath}. On Windows, granular sandbox access can only be granted to existing paths to avoid broad parent directory permissions.`);
124071
124077
  }
124072
- await this.grantLowIntegrityAccess(resolved);
124073
- writableRoots.push(resolved);
124078
+ await this.grantLowIntegrityAccess(allowedPath);
124079
+ writableRoots.push(allowedPath);
124074
124080
  }
124075
- const additionalWritePaths = sanitizePaths(mergedAdditional.fileSystem?.write);
124076
- for (const writePath of additionalWritePaths) {
124077
- const resolved = resolveToRealPath(writePath);
124081
+ for (const writePath of resolvedPaths.policyWrite) {
124078
124082
  try {
124079
- await fs20.promises.access(resolved, fs20.constants.F_OK);
124080
- await this.grantLowIntegrityAccess(resolved);
124083
+ await fs20.promises.access(writePath, fs20.constants.F_OK);
124084
+ await this.grantLowIntegrityAccess(writePath);
124081
124085
  continue;
124082
124086
  } catch {
124083
- const isInherited = writableRoots.some((root) => isSubpath(root, resolved));
124087
+ const isInherited = writableRoots.some((root) => isSubpath(root, writePath));
124084
124088
  if (!isInherited) {
124085
- throw new Error(`Sandbox request rejected: Additional write path does not exist and its parent directory is not allowed: ${resolved}. On Windows, granular sandbox access can only be granted to existing paths to avoid broad parent directory permissions.`);
124089
+ throw new Error(`Sandbox request rejected: Additional write path does not exist and its parent directory is not allowed: ${writePath}. On Windows, granular sandbox access can only be granted to existing paths to avoid broad parent directory permissions.`);
124086
124090
  }
124087
124091
  }
124088
124092
  }
124089
124093
  const secretsToBlock = [];
124090
124094
  const searchDirs = /* @__PURE__ */ new Set([
124091
- this.options.workspace,
124092
- ...allowedPaths,
124093
- ...includeDirs
124095
+ resolvedPaths.workspace.resolved,
124096
+ ...resolvedPaths.policyAllowed,
124097
+ ...resolvedPaths.globalIncludes
124094
124098
  ]);
124095
124099
  for (const dir of searchDirs) {
124096
124100
  try {
@@ -124107,7 +124111,7 @@ var init_WindowsSandboxManager = __esm({
124107
124111
  debugLogger.log(`WindowsSandboxManager: Failed to find secret files in ${dir}`, e3);
124108
124112
  }
124109
124113
  }
124110
- for (const forbiddenPath of forbiddenPaths) {
124114
+ for (const forbiddenPath of resolvedPaths.forbidden) {
124111
124115
  try {
124112
124116
  await this.denyLowIntegrityAccess(forbiddenPath);
124113
124117
  } catch (e3) {
@@ -124115,10 +124119,10 @@ var init_WindowsSandboxManager = __esm({
124115
124119
  }
124116
124120
  }
124117
124121
  for (const file of GOVERNANCE_FILES) {
124118
- const filePath = path16.join(this.options.workspace, file.path);
124122
+ const filePath = path16.join(resolvedPaths.workspace.resolved, file.path);
124119
124123
  this.touch(filePath, file.isDirectory);
124120
124124
  }
124121
- const allForbidden = Array.from(/* @__PURE__ */ new Set([...secretsToBlock, ...forbiddenPaths]));
124125
+ const allForbidden = Array.from(/* @__PURE__ */ new Set([...secretsToBlock, ...resolvedPaths.forbidden]));
124122
124126
  const tempDir = fs20.mkdtempSync(path16.join(os10.tmpdir(), "gemini-cli-forbidden-"));
124123
124127
  const manifestPath = path16.join(tempDir, "manifest.txt");
124124
124128
  fs20.writeFileSync(manifestPath, allForbidden.join("\n"));
@@ -124164,12 +124168,15 @@ var init_WindowsSandboxManager = __esm({
124164
124168
  return;
124165
124169
  }
124166
124170
  try {
124171
+ const stats = await fs20.promises.stat(resolvedPath);
124172
+ const isDirectory = stats.isDirectory();
124173
+ const flags2 = isDirectory ? DIRECTORY_FLAGS : "";
124167
124174
  await spawnAsync("icacls", [
124168
124175
  resolvedPath,
124169
124176
  "/grant",
124170
- `${LOW_INTEGRITY_SID}:(OI)(CI)(M)`,
124177
+ `${LOW_INTEGRITY_SID}:${flags2}(M)`,
124171
124178
  "/setintegritylevel",
124172
- "(OI)(CI)Low"
124179
+ `${flags2}Low`
124173
124180
  ]);
124174
124181
  this.allowedCache.add(resolvedPath);
124175
124182
  } catch (e3) {
@@ -124190,20 +124197,22 @@ var init_WindowsSandboxManager = __esm({
124190
124197
  if (this.isSystemDirectory(resolvedPath)) {
124191
124198
  return;
124192
124199
  }
124193
- const DENY_ALL_INHERIT = "(OI)(CI)(F)";
124200
+ let isDirectory = false;
124194
124201
  try {
124195
- await fs20.promises.stat(resolvedPath);
124202
+ const stats = await fs20.promises.stat(resolvedPath);
124203
+ isDirectory = stats.isDirectory();
124196
124204
  } catch (e3) {
124197
124205
  if (isNodeError(e3) && e3.code === "ENOENT") {
124198
124206
  return;
124199
124207
  }
124200
124208
  throw e3;
124201
124209
  }
124210
+ const flags2 = isDirectory ? DIRECTORY_FLAGS : "";
124202
124211
  try {
124203
124212
  await spawnAsync("icacls", [
124204
124213
  resolvedPath,
124205
124214
  "/deny",
124206
- `${LOW_INTEGRITY_SID}:${DENY_ALL_INHERIT}`
124215
+ `${LOW_INTEGRITY_SID}:${flags2}(F)`
124207
124216
  ]);
124208
124217
  this.deniedCache.add(resolvedPath);
124209
124218
  } catch (e3) {
@@ -124307,18 +124316,42 @@ async function findSecretFiles(baseDir, maxDepth = 1) {
124307
124316
  await walk(baseDir, 1);
124308
124317
  return secrets;
124309
124318
  }
124310
- async function resolveSandboxPaths(options, req) {
124311
- const forbidden = sanitizePaths(await options.forbiddenPaths?.());
124312
- const allowed = sanitizePaths(req.policy?.allowedPaths);
124313
- const workspaceIdentity = getPathIdentity(options.workspace);
124319
+ async function resolveSandboxPaths(options, req, overridePermissions) {
124320
+ const expand3 = (paths) => {
124321
+ if (!paths || paths.length === 0)
124322
+ return [];
124323
+ const expanded = paths.flatMap((p2) => {
124324
+ try {
124325
+ const resolved = resolveToRealPath(p2);
124326
+ return resolved === p2 ? [p2] : [p2, resolved];
124327
+ } catch {
124328
+ return [p2];
124329
+ }
124330
+ });
124331
+ return sanitizePaths(expanded);
124332
+ };
124333
+ const forbidden = expand3(await options.forbiddenPaths?.());
124334
+ const globalIncludes = expand3(options.includeDirectories);
124335
+ const policyAllowed = expand3(req.policy?.allowedPaths);
124336
+ const policyRead = expand3(overridePermissions?.fileSystem?.read);
124337
+ const policyWrite = expand3(overridePermissions?.fileSystem?.write);
124338
+ const resolvedWorkspace = resolveToRealPath(options.workspace);
124339
+ const workspaceIdentities = new Set([options.workspace, resolvedWorkspace].map(getPathIdentity));
124314
124340
  const forbiddenIdentities = new Set(forbidden.map(getPathIdentity));
124315
- const filteredAllowed = allowed.filter((p2) => {
124341
+ const filter3 = (paths) => paths.filter((p2) => {
124316
124342
  const identity3 = getPathIdentity(p2);
124317
- return identity3 !== workspaceIdentity && !forbiddenIdentities.has(identity3);
124343
+ return !workspaceIdentities.has(identity3) && !forbiddenIdentities.has(identity3);
124318
124344
  });
124319
124345
  return {
124320
- allowed: filteredAllowed,
124321
- forbidden
124346
+ workspace: {
124347
+ original: options.workspace,
124348
+ resolved: resolvedWorkspace
124349
+ },
124350
+ forbidden,
124351
+ globalIncludes: filter3(globalIncludes),
124352
+ policyAllowed: filter3(policyAllowed),
124353
+ policyRead: filter3(policyRead),
124354
+ policyWrite: filter3(policyWrite)
124322
124355
  };
124323
124356
  }
124324
124357
  function sanitizePaths(paths) {
@@ -124353,6 +124386,7 @@ var init_sandboxManager = __esm({
124353
124386
  init_commandSafety2();
124354
124387
  init_errors2();
124355
124388
  init_environmentSanitization();
124389
+ init_paths();
124356
124390
  init_sandboxManagerFactory();
124357
124391
  GOVERNANCE_FILES = [
124358
124392
  { path: ".gitignore", isDirectory: false },
@@ -208731,8 +208765,8 @@ var GIT_COMMIT_INFO, CLI_VERSION;
208731
208765
  var init_git_commit = __esm({
208732
208766
  "packages/core/dist/src/generated/git-commit.js"() {
208733
208767
  "use strict";
208734
- GIT_COMMIT_INFO = "e77b22e63";
208735
- CLI_VERSION = "0.38.0-preview.0";
208768
+ GIT_COMMIT_INFO = "615e07834";
208769
+ CLI_VERSION = "0.39.0-nightly.20260409.615e07834";
208736
208770
  }
208737
208771
  });
208738
208772
 
@@ -279029,19 +279063,19 @@ var init_thoughtUtils = __esm({
279029
279063
  // packages/core/dist/src/utils/sessionOperations.js
279030
279064
  import * as fs34 from "node:fs/promises";
279031
279065
  import path26 from "node:path";
279032
- function validateAndSanitizeSessionId(sessionId2) {
279033
- if (!sessionId2 || sessionId2 === "." || sessionId2 === "..") {
279034
- throw new Error(`Invalid sessionId: ${sessionId2}`);
279066
+ function validateAndSanitizeSessionId(sessionId) {
279067
+ if (!sessionId || sessionId === "." || sessionId === "..") {
279068
+ throw new Error(`Invalid sessionId: ${sessionId}`);
279035
279069
  }
279036
- const sanitized = sanitizeFilenamePart(sessionId2);
279070
+ const sanitized = sanitizeFilenamePart(sessionId);
279037
279071
  if (!sanitized) {
279038
- throw new Error(`Invalid sessionId after sanitization: ${sessionId2}`);
279072
+ throw new Error(`Invalid sessionId after sanitization: ${sessionId}`);
279039
279073
  }
279040
279074
  return sanitized;
279041
279075
  }
279042
- async function deleteSessionArtifactsAsync(sessionId2, tempDir) {
279076
+ async function deleteSessionArtifactsAsync(sessionId, tempDir) {
279043
279077
  try {
279044
- const safeSessionId = validateAndSanitizeSessionId(sessionId2);
279078
+ const safeSessionId = validateAndSanitizeSessionId(sessionId);
279045
279079
  const logsDir = path26.join(tempDir, LOGS_DIR);
279046
279080
  const logPath = path26.join(logsDir, `session-${safeSessionId}.jsonl`);
279047
279081
  await fs34.unlink(logPath).catch((err2) => {
@@ -279060,7 +279094,7 @@ async function deleteSessionArtifactsAsync(sessionId2, tempDir) {
279060
279094
  throw err2;
279061
279095
  });
279062
279096
  } catch (error2) {
279063
- debugLogger.error(`Error deleting session artifacts for ${sessionId2}:`, error2);
279097
+ debugLogger.error(`Error deleting session artifacts for ${sessionId}:`, error2);
279064
279098
  }
279065
279099
  }
279066
279100
  async function deleteSubagentSessionDirAndArtifactsAsync(parentSessionId, chatsDir, tempDir) {
@@ -280550,16 +280584,6 @@ var init_activity_monitor = __esm({
280550
280584
  }
280551
280585
  });
280552
280586
 
280553
- // packages/core/dist/src/utils/session.js
280554
- import { randomUUID as randomUUID7 } from "node:crypto";
280555
- var sessionId;
280556
- var init_session = __esm({
280557
- "packages/core/dist/src/utils/session.js"() {
280558
- "use strict";
280559
- sessionId = randomUUID7();
280560
- }
280561
- });
280562
-
280563
280587
  // packages/core/dist/src/telemetry/trace.js
280564
280588
  function truncateForTelemetry(value, maxLength = 1e4) {
280565
280589
  if (typeof value === "string") {
@@ -280578,7 +280602,7 @@ function isAsyncIterable(value) {
280578
280602
  return typeof value === "object" && value !== null && Symbol.asyncIterator in value;
280579
280603
  }
280580
280604
  async function runInDevTraceSpan(opts, fn2) {
280581
- const { operation, logPrompts, ...restOfSpanOpts } = opts;
280605
+ const { operation, logPrompts, sessionId, ...restOfSpanOpts } = opts;
280582
280606
  const tracer = trace.getTracer(TRACER_NAME, TRACER_VERSION);
280583
280607
  return tracer.startActiveSpan(operation, restOfSpanOpts, async (span) => {
280584
280608
  const meta = {
@@ -280677,7 +280701,6 @@ var init_trace3 = __esm({
280677
280701
  init_esm2();
280678
280702
  init_safeJsonStringify();
280679
280703
  init_constants2();
280680
- init_session();
280681
280704
  init_textUtils();
280682
280705
  TRACER_NAME = "gemini-cli";
280683
280706
  TRACER_VERSION = "v1";
@@ -281713,12 +281736,12 @@ function fromCountTokenResponse(res) {
281713
281736
  totalTokens: res.totalTokens ?? 0
281714
281737
  };
281715
281738
  }
281716
- function toGenerateContentRequest(req, userPromptId, project, sessionId2, enabledCreditTypes) {
281739
+ function toGenerateContentRequest(req, userPromptId, project, sessionId, enabledCreditTypes) {
281717
281740
  return {
281718
281741
  model: req.model,
281719
281742
  project,
281720
281743
  user_prompt_id: userPromptId,
281721
- request: toVertexGenerateContentRequest(req, sessionId2),
281744
+ request: toVertexGenerateContentRequest(req, sessionId),
281722
281745
  enabled_credit_types: enabledCreditTypes
281723
281746
  };
281724
281747
  }
@@ -281737,7 +281760,7 @@ function fromGenerateContentResponse(res) {
281737
281760
  out2.modelVersion = inres.modelVersion;
281738
281761
  return out2;
281739
281762
  }
281740
- function toVertexGenerateContentRequest(req, sessionId2) {
281763
+ function toVertexGenerateContentRequest(req, sessionId) {
281741
281764
  return {
281742
281765
  contents: toContents(req.contents),
281743
281766
  systemInstruction: maybeToContent(req.config?.systemInstruction),
@@ -281747,7 +281770,7 @@ function toVertexGenerateContentRequest(req, sessionId2) {
281747
281770
  labels: req.config?.labels,
281748
281771
  safetySettings: req.config?.safetySettings,
281749
281772
  generationConfig: toVertexGenerationConfig(req.config),
281750
- session_id: sessionId2
281773
+ session_id: sessionId
281751
281774
  };
281752
281775
  }
281753
281776
  function toContents(contents) {
@@ -289655,21 +289678,21 @@ var init_protocol = __esm({
289655
289678
  * the error appropriately (e.g., by failing the task, logging, etc.). The Protocol layer
289656
289679
  * simply propagates the error.
289657
289680
  */
289658
- async _enqueueTaskMessage(taskId, message, sessionId2) {
289681
+ async _enqueueTaskMessage(taskId, message, sessionId) {
289659
289682
  if (!this._taskStore || !this._taskMessageQueue) {
289660
289683
  throw new Error("Cannot enqueue task message: taskStore and taskMessageQueue are not configured");
289661
289684
  }
289662
289685
  const maxQueueSize = this._options?.maxTaskQueueSize;
289663
- await this._taskMessageQueue.enqueue(taskId, message, sessionId2, maxQueueSize);
289686
+ await this._taskMessageQueue.enqueue(taskId, message, sessionId, maxQueueSize);
289664
289687
  }
289665
289688
  /**
289666
289689
  * Clears the message queue for a task and rejects any pending request resolvers.
289667
289690
  * @param taskId The task ID whose queue should be cleared
289668
289691
  * @param sessionId Optional session ID for binding the operation to a specific session
289669
289692
  */
289670
- async _clearTaskQueue(taskId, sessionId2) {
289693
+ async _clearTaskQueue(taskId, sessionId) {
289671
289694
  if (this._taskMessageQueue) {
289672
- const messages = await this._taskMessageQueue.dequeueAll(taskId, sessionId2);
289695
+ const messages = await this._taskMessageQueue.dequeueAll(taskId, sessionId);
289673
289696
  for (const message of messages) {
289674
289697
  if (message.type === "request" && isJSONRPCRequest(message.message)) {
289675
289698
  const requestId = message.message.id;
@@ -289712,7 +289735,7 @@ var init_protocol = __esm({
289712
289735
  }, { once: true });
289713
289736
  });
289714
289737
  }
289715
- requestTaskStore(request, sessionId2) {
289738
+ requestTaskStore(request, sessionId) {
289716
289739
  const taskStore = this._taskStore;
289717
289740
  if (!taskStore) {
289718
289741
  throw new Error("No task store configured");
@@ -289725,18 +289748,18 @@ var init_protocol = __esm({
289725
289748
  return await taskStore.createTask(taskParams, request.id, {
289726
289749
  method: request.method,
289727
289750
  params: request.params
289728
- }, sessionId2);
289751
+ }, sessionId);
289729
289752
  },
289730
289753
  getTask: async (taskId) => {
289731
- const task = await taskStore.getTask(taskId, sessionId2);
289754
+ const task = await taskStore.getTask(taskId, sessionId);
289732
289755
  if (!task) {
289733
289756
  throw new McpError(ErrorCode.InvalidParams, "Failed to retrieve task: Task not found");
289734
289757
  }
289735
289758
  return task;
289736
289759
  },
289737
289760
  storeTaskResult: async (taskId, status2, result2) => {
289738
- await taskStore.storeTaskResult(taskId, status2, result2, sessionId2);
289739
- const task = await taskStore.getTask(taskId, sessionId2);
289761
+ await taskStore.storeTaskResult(taskId, status2, result2, sessionId);
289762
+ const task = await taskStore.getTask(taskId, sessionId);
289740
289763
  if (task) {
289741
289764
  const notification = TaskStatusNotificationSchema.parse({
289742
289765
  method: "notifications/tasks/status",
@@ -289749,18 +289772,18 @@ var init_protocol = __esm({
289749
289772
  }
289750
289773
  },
289751
289774
  getTaskResult: (taskId) => {
289752
- return taskStore.getTaskResult(taskId, sessionId2);
289775
+ return taskStore.getTaskResult(taskId, sessionId);
289753
289776
  },
289754
289777
  updateTaskStatus: async (taskId, status2, statusMessage) => {
289755
- const task = await taskStore.getTask(taskId, sessionId2);
289778
+ const task = await taskStore.getTask(taskId, sessionId);
289756
289779
  if (!task) {
289757
289780
  throw new McpError(ErrorCode.InvalidParams, `Task "${taskId}" not found - it may have been cleaned up`);
289758
289781
  }
289759
289782
  if (isTerminal(task.status)) {
289760
289783
  throw new McpError(ErrorCode.InvalidParams, `Cannot update task "${taskId}" from terminal status "${task.status}" to "${status2}". Terminal states (completed, failed, cancelled) cannot transition to other states.`);
289761
289784
  }
289762
- await taskStore.updateTaskStatus(taskId, status2, statusMessage, sessionId2);
289763
- const updatedTask = await taskStore.getTask(taskId, sessionId2);
289785
+ await taskStore.updateTaskStatus(taskId, status2, statusMessage, sessionId);
289786
+ const updatedTask = await taskStore.getTask(taskId, sessionId);
289764
289787
  if (updatedTask) {
289765
289788
  const notification = TaskStatusNotificationSchema.parse({
289766
289789
  method: "notifications/tasks/status",
@@ -289773,7 +289796,7 @@ var init_protocol = __esm({
289773
289796
  }
289774
289797
  },
289775
289798
  listTasks: (cursor) => {
289776
- return taskStore.listTasks(cursor, sessionId2);
289799
+ return taskStore.listTasks(cursor, sessionId);
289777
289800
  }
289778
289801
  };
289779
289802
  }
@@ -297528,9 +297551,9 @@ var init_streamableHttp = __esm({
297528
297551
  signal: this._abortController?.signal
297529
297552
  };
297530
297553
  const response = await (this._fetch ?? fetch)(this._url, init3);
297531
- const sessionId2 = response.headers.get("mcp-session-id");
297532
- if (sessionId2) {
297533
- this._sessionId = sessionId2;
297554
+ const sessionId = response.headers.get("mcp-session-id");
297555
+ if (sessionId) {
297556
+ this._sessionId = sessionId;
297534
297557
  }
297535
297558
  if (!response.ok) {
297536
297559
  const text = await response.text().catch(() => null);
@@ -331876,7 +331899,7 @@ function getVersion() {
331876
331899
  }
331877
331900
  versionPromise = (async () => {
331878
331901
  const pkgJson = await getPackageJson(__dirname4);
331879
- return "0.38.0-preview.0";
331902
+ return "0.39.0-nightly.20260409.615e07834";
331880
331903
  })();
331881
331904
  return versionPromise;
331882
331905
  }
@@ -331973,11 +331996,11 @@ var init_server = __esm({
331973
331996
  userTierName;
331974
331997
  paidTier;
331975
331998
  config;
331976
- constructor(client, projectId, httpOptions = {}, sessionId2, userTier, userTierName, paidTier, config3) {
331999
+ constructor(client, projectId, httpOptions = {}, sessionId, userTier, userTierName, paidTier, config3) {
331977
332000
  this.client = client;
331978
332001
  this.projectId = projectId;
331979
332002
  this.httpOptions = httpOptions;
331980
- this.sessionId = sessionId2;
332003
+ this.sessionId = sessionId;
331981
332004
  this.userTier = userTier;
331982
332005
  this.userTierName = userTierName;
331983
332006
  this.paidTier = paidTier;
@@ -332812,6 +332835,7 @@ var init_loggingContentGenerator = __esm({
332812
332835
  return runInDevTraceSpan({
332813
332836
  operation: GeminiCliOperation.LLMCall,
332814
332837
  logPrompts: this.config.getTelemetryLogPromptsEnabled(),
332838
+ sessionId: this.config.getSessionId(),
332815
332839
  attributes: {
332816
332840
  [GEN_AI_REQUEST_MODEL]: req.model,
332817
332841
  [GEN_AI_PROMPT_NAME]: userPromptId,
@@ -332852,6 +332876,7 @@ var init_loggingContentGenerator = __esm({
332852
332876
  return runInDevTraceSpan({
332853
332877
  operation: GeminiCliOperation.LLMCall,
332854
332878
  logPrompts: this.config.getTelemetryLogPromptsEnabled(),
332879
+ sessionId: this.config.getSessionId(),
332855
332880
  attributes: {
332856
332881
  [GEN_AI_REQUEST_MODEL]: req.model,
332857
332882
  [GEN_AI_PROMPT_NAME]: userPromptId,
@@ -332919,6 +332944,7 @@ var init_loggingContentGenerator = __esm({
332919
332944
  return runInDevTraceSpan({
332920
332945
  operation: GeminiCliOperation.LLMCall,
332921
332946
  logPrompts: this.config.getTelemetryLogPromptsEnabled(),
332947
+ sessionId: this.config.getSessionId(),
332922
332948
  attributes: {
332923
332949
  [GEN_AI_REQUEST_MODEL]: req.model
332924
332950
  }
@@ -332934,11 +332960,11 @@ var init_loggingContentGenerator = __esm({
332934
332960
  });
332935
332961
 
332936
332962
  // packages/core/dist/src/code_assist/codeAssist.js
332937
- async function createCodeAssistContentGenerator(httpOptions, authType, config3, sessionId2) {
332963
+ async function createCodeAssistContentGenerator(httpOptions, authType, config3, sessionId) {
332938
332964
  if (authType === AuthType2.LOGIN_WITH_GOOGLE || authType === AuthType2.COMPUTE_ADC) {
332939
332965
  const authClient = await getOauthClient(authType, config3);
332940
332966
  const userData = await setupUser(authClient, config3, httpOptions);
332941
- return new CodeAssistServer(authClient, userData.projectId, httpOptions, sessionId2, userData.userTier, userData.userTierName, userData.paidTier, config3);
332967
+ return new CodeAssistServer(authClient, userData.projectId, httpOptions, sessionId, userData.userTier, userData.userTierName, userData.paidTier, config3);
332942
332968
  }
332943
332969
  throw new Error(`Unsupported authType: ${authType}`);
332944
332970
  }
@@ -333224,7 +333250,7 @@ async function createContentGeneratorConfig(config3, authType, apiKey, baseUrl,
333224
333250
  }
333225
333251
  return contentGeneratorConfig;
333226
333252
  }
333227
- async function createContentGenerator(config3, gcConfig, sessionId2) {
333253
+ async function createContentGenerator(config3, gcConfig, sessionId) {
333228
333254
  const generator = await (async () => {
333229
333255
  if (gcConfig.fakeResponses) {
333230
333256
  const fakeGenerator = await FakeContentGenerator.fromFile(gcConfig.fakeResponses);
@@ -333268,7 +333294,7 @@ async function createContentGenerator(config3, gcConfig, sessionId2) {
333268
333294
  }
333269
333295
  if (config3.authType === AuthType2.LOGIN_WITH_GOOGLE || config3.authType === AuthType2.COMPUTE_ADC) {
333270
333296
  const httpOptions = { headers: baseHeaders };
333271
- return new LoggingContentGenerator(await createCodeAssistContentGenerator(httpOptions, config3.authType, gcConfig, sessionId2), gcConfig);
333297
+ return new LoggingContentGenerator(await createCodeAssistContentGenerator(httpOptions, config3.authType, gcConfig, sessionId), gcConfig);
333272
333298
  }
333273
333299
  if (config3.authType === AuthType2.USE_GEMINI || config3.authType === AuthType2.USE_VERTEX_AI || config3.authType === AuthType2.GATEWAY) {
333274
333300
  let headers = { ...baseHeaders };
@@ -333493,6 +333519,7 @@ var init_tool_registry = __esm({
333493
333519
  let finalCommand = callCommand;
333494
333520
  let finalArgs = args2;
333495
333521
  let finalEnv = process.env;
333522
+ let cleanupFunc;
333496
333523
  const sandboxManager = this.config.sandboxManager;
333497
333524
  if (sandboxManager) {
333498
333525
  const prepared = await sandboxManager.prepareCommand({
@@ -333504,47 +333531,52 @@ var init_tool_registry = __esm({
333504
333531
  finalCommand = prepared.program;
333505
333532
  finalArgs = prepared.args;
333506
333533
  finalEnv = prepared.env;
333534
+ cleanupFunc = prepared.cleanup;
333507
333535
  }
333508
- const child = spawn4(finalCommand, finalArgs, {
333509
- env: finalEnv
333510
- });
333511
- child.stdin.write(JSON.stringify(this.params));
333512
- child.stdin.end();
333513
333536
  let stdout = "";
333514
333537
  let stderr = "";
333515
333538
  let error2 = null;
333516
333539
  let code = null;
333517
333540
  let signal = null;
333518
- await new Promise((resolve24) => {
333519
- const onStdout = (data) => {
333520
- stdout += data?.toString();
333521
- };
333522
- const onStderr = (data) => {
333523
- stderr += data?.toString();
333524
- };
333525
- const onError2 = (err2) => {
333526
- error2 = err2;
333527
- };
333528
- const onClose = (_code, _signal2) => {
333529
- code = _code;
333530
- signal = _signal2;
333531
- cleanup();
333532
- resolve24();
333533
- };
333534
- const cleanup = () => {
333535
- child.stdout.removeListener("data", onStdout);
333536
- child.stderr.removeListener("data", onStderr);
333537
- child.removeListener("error", onError2);
333538
- child.removeListener("close", onClose);
333539
- if (child.connected) {
333540
- child.disconnect();
333541
- }
333542
- };
333543
- child.stdout.on("data", onStdout);
333544
- child.stderr.on("data", onStderr);
333545
- child.on("error", onError2);
333546
- child.on("close", onClose);
333547
- });
333541
+ try {
333542
+ const child = spawn4(finalCommand, finalArgs, {
333543
+ env: finalEnv
333544
+ });
333545
+ child.stdin.write(JSON.stringify(this.params));
333546
+ child.stdin.end();
333547
+ await new Promise((resolve24) => {
333548
+ const onStdout = (data) => {
333549
+ stdout += data?.toString();
333550
+ };
333551
+ const onStderr = (data) => {
333552
+ stderr += data?.toString();
333553
+ };
333554
+ const onError2 = (err2) => {
333555
+ error2 = err2;
333556
+ };
333557
+ const onClose = (_code, _signal2) => {
333558
+ code = _code;
333559
+ signal = _signal2;
333560
+ cleanup();
333561
+ resolve24();
333562
+ };
333563
+ const cleanup = () => {
333564
+ child.stdout.removeListener("data", onStdout);
333565
+ child.stderr.removeListener("data", onStderr);
333566
+ child.removeListener("error", onError2);
333567
+ child.removeListener("close", onClose);
333568
+ if (child.connected) {
333569
+ child.disconnect();
333570
+ }
333571
+ };
333572
+ child.stdout.on("data", onStdout);
333573
+ child.stderr.on("data", onStderr);
333574
+ child.on("error", onError2);
333575
+ child.on("close", onClose);
333576
+ });
333577
+ } finally {
333578
+ cleanupFunc?.();
333579
+ }
333548
333580
  if (error2 || code !== 0 || signal || stderr) {
333549
333581
  const llmContent = [
333550
333582
  `Stdout: ${stdout || "(empty)"}`,
@@ -333732,6 +333764,7 @@ Signal: Signal number or \`(none)\` if no signal was received.
333732
333764
  let finalCommand = firstPart;
333733
333765
  let finalArgs = cmdParts.slice(1).filter((p2) => typeof p2 === "string");
333734
333766
  let finalEnv = process.env;
333767
+ let cleanupFunc;
333735
333768
  const sandboxManager = this.config.sandboxManager;
333736
333769
  if (sandboxManager) {
333737
333770
  const prepared = await sandboxManager.prepareCommand({
@@ -333743,87 +333776,94 @@ Signal: Signal number or \`(none)\` if no signal was received.
333743
333776
  finalCommand = prepared.program;
333744
333777
  finalArgs = prepared.args;
333745
333778
  finalEnv = prepared.env;
333779
+ cleanupFunc = prepared.cleanup;
333746
333780
  }
333747
- const proc2 = spawn4(finalCommand, finalArgs, {
333748
- env: finalEnv
333749
- });
333750
- let stdout = "";
333751
- const stdoutDecoder = new StringDecoder("utf8");
333752
- let stderr = "";
333753
- const stderrDecoder = new StringDecoder("utf8");
333754
- let sizeLimitExceeded = false;
333755
- const MAX_STDOUT_SIZE = 10 * 1024 * 1024;
333756
- const MAX_STDERR_SIZE = 10 * 1024 * 1024;
333757
- let stdoutByteLength = 0;
333758
- let stderrByteLength = 0;
333759
- proc2.stdout.on("data", (data) => {
333760
- if (sizeLimitExceeded)
333761
- return;
333762
- if (stdoutByteLength + data.length > MAX_STDOUT_SIZE) {
333763
- sizeLimitExceeded = true;
333764
- proc2.kill();
333765
- return;
333766
- }
333767
- stdoutByteLength += data.length;
333768
- stdout += stdoutDecoder.write(data);
333769
- });
333770
- proc2.stderr.on("data", (data) => {
333771
- if (sizeLimitExceeded)
333772
- return;
333773
- if (stderrByteLength + data.length > MAX_STDERR_SIZE) {
333774
- sizeLimitExceeded = true;
333775
- proc2.kill();
333776
- return;
333777
- }
333778
- stderrByteLength += data.length;
333779
- stderr += stderrDecoder.write(data);
333780
- });
333781
- await new Promise((resolve24, reject) => {
333782
- proc2.on("error", reject);
333783
- proc2.on("close", (code) => {
333784
- stdout += stdoutDecoder.end();
333785
- stderr += stderrDecoder.end();
333786
- if (sizeLimitExceeded) {
333787
- return reject(new Error(`Tool discovery command output exceeded size limit of ${MAX_STDOUT_SIZE} bytes.`));
333788
- }
333789
- if (code !== 0) {
333790
- coreEvents.emitFeedback("error", `Tool discovery command failed with code ${code}.`, stderr);
333791
- return reject(new Error(`Tool discovery command failed with exit code ${code}`));
333781
+ try {
333782
+ const proc2 = spawn4(finalCommand, finalArgs, {
333783
+ env: finalEnv
333784
+ });
333785
+ let stdout = "";
333786
+ const stdoutDecoder = new StringDecoder("utf8");
333787
+ let stderr = "";
333788
+ const stderrDecoder = new StringDecoder("utf8");
333789
+ let sizeLimitExceeded = false;
333790
+ const MAX_STDOUT_SIZE = 10 * 1024 * 1024;
333791
+ const MAX_STDERR_SIZE = 10 * 1024 * 1024;
333792
+ let stdoutByteLength = 0;
333793
+ let stderrByteLength = 0;
333794
+ proc2.stdout.on("data", (data) => {
333795
+ if (sizeLimitExceeded)
333796
+ return;
333797
+ if (stdoutByteLength + data.length > MAX_STDOUT_SIZE) {
333798
+ sizeLimitExceeded = true;
333799
+ proc2.kill();
333800
+ return;
333792
333801
  }
333793
- resolve24();
333802
+ stdoutByteLength += data.length;
333803
+ stdout += stdoutDecoder.write(data);
333794
333804
  });
333795
- });
333796
- const functions = [];
333797
- const discoveredItems = JSON.parse(stdout.trim());
333798
- if (!discoveredItems || !Array.isArray(discoveredItems)) {
333799
- throw new Error("Tool discovery command did not return a JSON array of tools.");
333800
- }
333801
- for (const tool of discoveredItems) {
333802
- if (tool && typeof tool === "object") {
333803
- if (Array.isArray(tool["function_declarations"])) {
333804
- functions.push(...tool["function_declarations"]);
333805
- } else if (Array.isArray(tool["functionDeclarations"])) {
333806
- functions.push(...tool["functionDeclarations"]);
333807
- } else if (tool["name"]) {
333808
- functions.push(tool);
333805
+ proc2.stderr.on("data", (data) => {
333806
+ if (sizeLimitExceeded)
333807
+ return;
333808
+ if (stderrByteLength + data.length > MAX_STDERR_SIZE) {
333809
+ sizeLimitExceeded = true;
333810
+ proc2.kill();
333811
+ return;
333809
333812
  }
333813
+ stderrByteLength += data.length;
333814
+ stderr += stderrDecoder.write(data);
333815
+ });
333816
+ await new Promise((resolve24, reject) => {
333817
+ proc2.on("error", (err2) => {
333818
+ reject(err2);
333819
+ });
333820
+ proc2.on("close", (code) => {
333821
+ stdout += stdoutDecoder.end();
333822
+ stderr += stderrDecoder.end();
333823
+ if (sizeLimitExceeded) {
333824
+ return reject(new Error(`Tool discovery command output exceeded size limit of ${MAX_STDOUT_SIZE} bytes.`));
333825
+ }
333826
+ if (code !== 0) {
333827
+ coreEvents.emitFeedback("error", `Tool discovery command failed with code ${code}.`, stderr);
333828
+ return reject(new Error(`Tool discovery command failed with exit code ${code}`));
333829
+ }
333830
+ resolve24();
333831
+ });
333832
+ });
333833
+ const functions = [];
333834
+ const discoveredItems = JSON.parse(stdout.trim());
333835
+ if (!discoveredItems || !Array.isArray(discoveredItems)) {
333836
+ throw new Error("Tool discovery command did not return a JSON array of tools.");
333810
333837
  }
333811
- }
333812
- for (const func2 of functions) {
333813
- if (!func2.name) {
333814
- debugLogger.warn("Discovered a tool with no name. Skipping.");
333815
- continue;
333838
+ for (const tool of discoveredItems) {
333839
+ if (tool && typeof tool === "object") {
333840
+ if (Array.isArray(tool["function_declarations"])) {
333841
+ functions.push(...tool["function_declarations"]);
333842
+ } else if (Array.isArray(tool["functionDeclarations"])) {
333843
+ functions.push(...tool["functionDeclarations"]);
333844
+ } else if (tool["name"]) {
333845
+ functions.push(tool);
333846
+ }
333847
+ }
333816
333848
  }
333817
- const parameters = func2.parametersJsonSchema && typeof func2.parametersJsonSchema === "object" && !Array.isArray(func2.parametersJsonSchema) ? func2.parametersJsonSchema : {};
333818
- this.registerTool(new DiscoveredTool(
333819
- this.config,
333820
- func2.name,
333821
- DISCOVERED_TOOL_PREFIX + func2.name,
333822
- func2.description ?? "",
333823
- // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
333824
- parameters,
333825
- this.messageBus
333826
- ));
333849
+ for (const func2 of functions) {
333850
+ if (!func2.name) {
333851
+ debugLogger.warn("Discovered a tool with no name. Skipping.");
333852
+ continue;
333853
+ }
333854
+ const parameters = func2.parametersJsonSchema && typeof func2.parametersJsonSchema === "object" && !Array.isArray(func2.parametersJsonSchema) ? func2.parametersJsonSchema : {};
333855
+ this.registerTool(new DiscoveredTool(
333856
+ this.config,
333857
+ func2.name,
333858
+ DISCOVERED_TOOL_PREFIX + func2.name,
333859
+ func2.description ?? "",
333860
+ // eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
333861
+ parameters,
333862
+ this.messageBus
333863
+ ));
333864
+ }
333865
+ } finally {
333866
+ cleanupFunc?.();
333827
333867
  }
333828
333868
  } catch (e3) {
333829
333869
  debugLogger.error(`Tool discovery command "${discoveryCmd}" failed:`, e3);
@@ -334199,7 +334239,7 @@ ${directoryContent}`;
334199
334239
  if (jitContext) {
334200
334240
  resultMessage = appendJitContext(resultMessage, jitContext);
334201
334241
  }
334202
- let displayMessage = `Listed ${entries2.length} item(s).`;
334242
+ let displayMessage = `Found ${entries2.length} item(s).`;
334203
334243
  if (ignoredCount > 0) {
334204
334244
  displayMessage += ` (${ignoredCount} ignored)`;
334205
334245
  }
@@ -342642,6 +342682,7 @@ var init_grep = __esm({
342642
342682
  let finalCommand = checkCommand;
342643
342683
  let finalArgs = checkArgs;
342644
342684
  let finalEnv = process.env;
342685
+ let cleanup;
342645
342686
  if (sandboxManager) {
342646
342687
  try {
342647
342688
  const prepared = await sandboxManager.prepareCommand({
@@ -342653,22 +342694,29 @@ var init_grep = __esm({
342653
342694
  finalCommand = prepared.program;
342654
342695
  finalArgs = prepared.args;
342655
342696
  finalEnv = prepared.env;
342697
+ cleanup = prepared.cleanup;
342656
342698
  } catch (err2) {
342657
342699
  debugLogger.debug(`[GrepTool] Sandbox preparation failed for '${command}':`, err2);
342658
342700
  }
342659
342701
  }
342660
- return await new Promise((resolve24) => {
342661
- const child = spawn5(finalCommand, finalArgs, {
342662
- stdio: "ignore",
342663
- shell: true,
342664
- env: finalEnv
342665
- });
342666
- child.on("close", (code) => resolve24(code === 0));
342667
- child.on("error", (err2) => {
342668
- debugLogger.debug(`[GrepTool] Failed to start process for '${command}':`, err2.message);
342669
- resolve24(false);
342702
+ try {
342703
+ return await new Promise((resolve24) => {
342704
+ const child = spawn5(finalCommand, finalArgs, {
342705
+ stdio: "ignore",
342706
+ shell: true,
342707
+ env: finalEnv
342708
+ });
342709
+ child.on("close", (code) => {
342710
+ resolve24(code === 0);
342711
+ });
342712
+ child.on("error", (err2) => {
342713
+ debugLogger.debug(`[GrepTool] Failed to start process for '${command}':`, err2.message);
342714
+ resolve24(false);
342715
+ });
342670
342716
  });
342671
- });
342717
+ } finally {
342718
+ cleanup?.();
342719
+ }
342672
342720
  } catch {
342673
342721
  return false;
342674
342722
  }
@@ -372787,6 +372835,7 @@ ${truncated}`;
372787
372835
  };
372788
372836
  }
372789
372837
  static async childProcessFallback(commandToExecute, cwd, onOutputEvent, abortSignal, shellExecutionConfig, isInteractive) {
372838
+ let cmdCleanup;
372790
372839
  try {
372791
372840
  let cleanup2 = function() {
372792
372841
  exited = true;
@@ -372827,7 +372876,9 @@ ${truncated}`;
372827
372876
  };
372828
372877
  var cleanup = cleanup2;
372829
372878
  const isWindows2 = os31.platform() === "win32";
372830
- const { program: finalExecutable, args: finalArgs, env: finalEnv, cwd: finalCwd, cleanup: cmdCleanup } = await this.prepareExecution(commandToExecute, cwd, shellExecutionConfig, isInteractive);
372879
+ const prepared = await this.prepareExecution(commandToExecute, cwd, shellExecutionConfig, isInteractive);
372880
+ cmdCleanup = prepared.cleanup;
372881
+ const { program: finalExecutable, args: finalArgs, env: finalEnv, cwd: finalCwd } = prepared;
372831
372882
  const child = cpSpawn(finalExecutable, finalArgs, {
372832
372883
  cwd: finalCwd,
372833
372884
  stdio: ["ignore", "pipe", "pipe"],
@@ -372982,8 +373033,8 @@ ${truncated}`;
372982
373033
  exitCode,
372983
373034
  signal: exitSignal
372984
373035
  };
372985
- const sessionId2 = shellExecutionConfig.sessionId ?? "default";
372986
- const history = _ShellExecutionService.backgroundProcessHistory.get(sessionId2);
373036
+ const sessionId = shellExecutionConfig.sessionId ?? "default";
373037
+ const history = _ShellExecutionService.backgroundProcessHistory.get(sessionId);
372987
373038
  const historyItem = history?.get(pid);
372988
373039
  if (historyItem) {
372989
373040
  historyItem.status = "exited";
@@ -373022,6 +373073,7 @@ ${truncated}`;
373022
373073
  return { pid: child.pid, result: result2 };
373023
373074
  } catch (e3) {
373024
373075
  const error2 = e3;
373076
+ cmdCleanup?.();
373025
373077
  return {
373026
373078
  pid: void 0,
373027
373079
  result: Promise.resolve({
@@ -373042,10 +373094,13 @@ ${truncated}`;
373042
373094
  throw new Error("PTY implementation not found");
373043
373095
  }
373044
373096
  let spawnedPty;
373097
+ let cmdCleanup;
373045
373098
  try {
373046
373099
  const cols = shellExecutionConfig.terminalWidth ?? 80;
373047
373100
  const rows = shellExecutionConfig.terminalHeight ?? 30;
373048
- const { program: finalExecutable, args: finalArgs, env: finalEnv, cwd: finalCwd, cleanup: cmdCleanup } = await this.prepareExecution(commandToExecute, cwd, shellExecutionConfig, true);
373101
+ const prepared = await this.prepareExecution(commandToExecute, cwd, shellExecutionConfig, true);
373102
+ cmdCleanup = prepared.cleanup;
373103
+ const { program: finalExecutable, args: finalArgs, env: finalEnv, cwd: finalCwd } = prepared;
373049
373104
  const ptyProcess = ptyInfo.module.spawn(finalExecutable, finalArgs, {
373050
373105
  cwd: finalCwd,
373051
373106
  name: "xterm-256color",
@@ -373267,8 +373322,8 @@ ${truncated}`;
373267
373322
  exitCode,
373268
373323
  signal: signal ?? null
373269
373324
  };
373270
- const sessionId2 = shellExecutionConfig.sessionId ?? "default";
373271
- const history = _ShellExecutionService.backgroundProcessHistory.get(sessionId2);
373325
+ const sessionId = shellExecutionConfig.sessionId ?? "default";
373326
+ const history = _ShellExecutionService.backgroundProcessHistory.get(sessionId);
373272
373327
  const historyItem = history?.get(ptyPid);
373273
373328
  if (historyItem) {
373274
373329
  historyItem.status = "exited";
@@ -373328,6 +373383,7 @@ ${truncated}`;
373328
373383
  return { pid: ptyPid, result: result2 };
373329
373384
  } catch (e3) {
373330
373385
  const error2 = e3;
373386
+ cmdCleanup?.();
373331
373387
  if (spawnedPty) {
373332
373388
  try {
373333
373389
  spawnedPty.destroy?.();
@@ -373397,10 +373453,10 @@ ${truncated}`;
373397
373453
  *
373398
373454
  * @param pid The process ID of the target PTY.
373399
373455
  */
373400
- static background(pid, sessionId2, command) {
373456
+ static background(pid, sessionId, command) {
373401
373457
  const activePty = this.activePtys.get(pid);
373402
373458
  const activeChild = this.activeChildProcesses.get(pid);
373403
- const resolvedSessionId = sessionId2 ?? activePty?.sessionId ?? activeChild?.sessionId;
373459
+ const resolvedSessionId = sessionId ?? activePty?.sessionId ?? activeChild?.sessionId;
373404
373460
  const resolvedCommand = command ?? activePty?.command ?? activeChild?.command ?? "unknown command";
373405
373461
  if (!resolvedSessionId) {
373406
373462
  throw new Error("Session ID is required for background operations");
@@ -373504,11 +373560,11 @@ ${truncated}`;
373504
373560
  }
373505
373561
  }
373506
373562
  }
373507
- static listBackgroundProcesses(sessionId2) {
373508
- if (!sessionId2) {
373563
+ static listBackgroundProcesses(sessionId) {
373564
+ if (!sessionId) {
373509
373565
  throw new Error("Session ID is required");
373510
373566
  }
373511
- const history = this.backgroundProcessHistory.get(sessionId2);
373567
+ const history = this.backgroundProcessHistory.get(sessionId);
373512
373568
  if (!history)
373513
373569
  return [];
373514
373570
  return Array.from(history.entries()).map(([pid, info2]) => ({
@@ -373666,7 +373722,7 @@ import fs55 from "node:fs";
373666
373722
  import path64 from "node:path";
373667
373723
  import os33 from "node:os";
373668
373724
  import crypto20 from "node:crypto";
373669
- var OUTPUT_UPDATE_INTERVAL_MS, BACKGROUND_DELAY_MS, ShellToolInvocation, ShellTool;
373725
+ var OUTPUT_UPDATE_INTERVAL_MS, BACKGROUND_DELAY_MS, SHOW_NL_DESCRIPTION_THRESHOLD, ShellToolInvocation, ShellTool;
373670
373726
  var init_shell2 = __esm({
373671
373727
  "packages/core/dist/src/tools/shell.js"() {
373672
373728
  "use strict";
@@ -373687,6 +373743,7 @@ var init_shell2 = __esm({
373687
373743
  init_proactivePermissions();
373688
373744
  OUTPUT_UPDATE_INTERVAL_MS = 1e3;
373689
373745
  BACKGROUND_DELAY_MS = 200;
373746
+ SHOW_NL_DESCRIPTION_THRESHOLD = 150;
373690
373747
  ShellToolInvocation = class extends BaseToolInvocation {
373691
373748
  context;
373692
373749
  proactivePermissionsConfirmed;
@@ -373734,7 +373791,9 @@ ${trimmed2}
373734
373791
  return details;
373735
373792
  }
373736
373793
  getDescription() {
373737
- return this.params.description?.trim() ? this.params.description : this.params.command;
373794
+ const descStr = this.params.description?.trim();
373795
+ const commandStr = this.params.command;
373796
+ return Array.from(commandStr).length <= SHOW_NL_DESCRIPTION_THRESHOLD || !descStr ? commandStr : descStr;
373738
373797
  }
373739
373798
  simplifyPaths(paths) {
373740
373799
  if (paths.size === 0)
@@ -374048,10 +374107,10 @@ ${trimmed2}
374048
374107
  }).catch(() => {
374049
374108
  completed = true;
374050
374109
  });
374051
- const sessionId2 = this.context.config?.getSessionId?.() ?? "default";
374110
+ const sessionId = this.context.config?.getSessionId?.() ?? "default";
374052
374111
  const delay4 = this.params.delay_ms ?? BACKGROUND_DELAY_MS;
374053
374112
  setTimeout(() => {
374054
- ShellExecutionService.background(pid, sessionId2, strippedCommand);
374113
+ ShellExecutionService.background(pid, sessionId, strippedCommand);
374055
374114
  }, delay4);
374056
374115
  await new Promise((resolve24) => setTimeout(resolve24, delay4));
374057
374116
  if (!completed) {
@@ -385641,9 +385700,9 @@ var init_toolOutputMaskingService = __esm({
385641
385700
  const newHistory = [...history];
385642
385701
  let actualTokensSaved = 0;
385643
385702
  let toolOutputsDir = path69.join(config3.storage.getProjectTempDir(), TOOL_OUTPUTS_DIR3);
385644
- const sessionId2 = config3.getSessionId();
385645
- if (sessionId2) {
385646
- const safeSessionId = sanitizeFilenamePart(sessionId2);
385703
+ const sessionId = config3.getSessionId();
385704
+ if (sessionId) {
385705
+ const safeSessionId = sanitizeFilenamePart(sessionId);
385647
385706
  toolOutputsDir = path69.join(toolOutputsDir, `session-${safeSessionId}`);
385648
385707
  }
385649
385708
  await fsPromises11.mkdir(toolOutputsDir, { recursive: true });
@@ -391388,35 +391447,39 @@ var init_sandboxedFileSystemService = __esm({
391388
391447
  allowedPaths: [safePath]
391389
391448
  }
391390
391449
  });
391391
- return new Promise((resolve24, reject) => {
391392
- const child = spawn8(prepared.program, prepared.args, {
391393
- cwd: this.cwd,
391394
- env: prepared.env
391395
- });
391396
- let output = "";
391397
- let error2 = "";
391398
- child.stdout?.on("data", (data) => {
391399
- output += data.toString();
391400
- });
391401
- child.stderr?.on("data", (data) => {
391402
- error2 += data.toString();
391403
- });
391404
- child.on("close", (code) => {
391405
- if (code === 0) {
391406
- resolve24(output);
391407
- } else {
391408
- const isEnoent = error2.toLowerCase().includes("no such file or directory") || error2.toLowerCase().includes("enoent") || error2.toLowerCase().includes("could not find file") || error2.toLowerCase().includes("could not find a part of the path");
391409
- const err2 = new Error(`Sandbox Error: read_file failed for '${filePath}'. Exit code ${code}. ${error2 ? "Details: " + error2 : ""}`);
391410
- if (isEnoent) {
391411
- Object.assign(err2, { code: "ENOENT" });
391450
+ try {
391451
+ return await new Promise((resolve24, reject) => {
391452
+ const child = spawn8(prepared.program, prepared.args, {
391453
+ cwd: this.cwd,
391454
+ env: prepared.env
391455
+ });
391456
+ let output = "";
391457
+ let error2 = "";
391458
+ child.stdout?.on("data", (data) => {
391459
+ output += data.toString();
391460
+ });
391461
+ child.stderr?.on("data", (data) => {
391462
+ error2 += data.toString();
391463
+ });
391464
+ child.on("close", (code) => {
391465
+ if (code === 0) {
391466
+ resolve24(output);
391467
+ } else {
391468
+ const isEnoent = error2.toLowerCase().includes("no such file or directory") || error2.toLowerCase().includes("enoent") || error2.toLowerCase().includes("could not find file") || error2.toLowerCase().includes("could not find a part of the path");
391469
+ const err2 = new Error(`Sandbox Error: read_file failed for '${filePath}'. Exit code ${code}. ${error2 ? "Details: " + error2 : ""}`);
391470
+ if (isEnoent) {
391471
+ Object.assign(err2, { code: "ENOENT" });
391472
+ }
391473
+ reject(err2);
391412
391474
  }
391413
- reject(err2);
391414
- }
391415
- });
391416
- child.on("error", (err2) => {
391417
- reject(new Error(`Sandbox Error: Failed to spawn read_file for '${filePath}': ${err2.message}`));
391475
+ });
391476
+ child.on("error", (err2) => {
391477
+ reject(new Error(`Sandbox Error: Failed to spawn read_file for '${filePath}': ${err2.message}`));
391478
+ });
391418
391479
  });
391419
- });
391480
+ } finally {
391481
+ prepared.cleanup?.();
391482
+ }
391420
391483
  }
391421
391484
  async writeTextFile(filePath, content) {
391422
391485
  const safePath = this.sanitizeAndValidatePath(filePath);
@@ -391434,34 +391497,38 @@ var init_sandboxedFileSystemService = __esm({
391434
391497
  }
391435
391498
  }
391436
391499
  });
391437
- return new Promise((resolve24, reject) => {
391438
- const child = spawn8(prepared.program, prepared.args, {
391439
- cwd: this.cwd,
391440
- env: prepared.env
391441
- });
391442
- child.stdin?.on("error", (err2) => {
391443
- if (isNodeError(err2) && err2.code === "EPIPE") {
391444
- return;
391445
- }
391446
- debugLogger.error(`Sandbox Error: stdin error for '${filePath}': ${err2 instanceof Error ? err2.message : String(err2)}`);
391447
- });
391448
- child.stdin?.write(content);
391449
- child.stdin?.end();
391450
- let error2 = "";
391451
- child.stderr?.on("data", (data) => {
391452
- error2 += data.toString();
391453
- });
391454
- child.on("close", (code) => {
391455
- if (code === 0) {
391456
- resolve24();
391457
- } else {
391458
- reject(new Error(`Sandbox Error: write_file failed for '${filePath}'. Exit code ${code}. ${error2 ? "Details: " + error2 : ""}`));
391459
- }
391460
- });
391461
- child.on("error", (err2) => {
391462
- reject(new Error(`Sandbox Error: Failed to spawn write_file for '${filePath}': ${err2.message}`));
391500
+ try {
391501
+ return await new Promise((resolve24, reject) => {
391502
+ const child = spawn8(prepared.program, prepared.args, {
391503
+ cwd: this.cwd,
391504
+ env: prepared.env
391505
+ });
391506
+ child.stdin?.on("error", (err2) => {
391507
+ if (isNodeError(err2) && err2.code === "EPIPE") {
391508
+ return;
391509
+ }
391510
+ debugLogger.error(`Sandbox Error: stdin error for '${filePath}': ${err2 instanceof Error ? err2.message : String(err2)}`);
391511
+ });
391512
+ child.stdin?.write(content);
391513
+ child.stdin?.end();
391514
+ let error2 = "";
391515
+ child.stderr?.on("data", (data) => {
391516
+ error2 += data.toString();
391517
+ });
391518
+ child.on("close", (code) => {
391519
+ if (code === 0) {
391520
+ resolve24();
391521
+ } else {
391522
+ reject(new Error(`Sandbox Error: write_file failed for '${filePath}'. Exit code ${code}. ${error2 ? "Details: " + error2 : ""}`));
391523
+ }
391524
+ });
391525
+ child.on("error", (err2) => {
391526
+ reject(new Error(`Sandbox Error: Failed to spawn write_file for '${filePath}': ${err2.message}`));
391527
+ });
391463
391528
  });
391464
- });
391529
+ } finally {
391530
+ prepared.cleanup?.();
391531
+ }
391465
391532
  }
391466
391533
  };
391467
391534
  }
@@ -395263,7 +395330,7 @@ var init_scoped_config = __esm({
395263
395330
  });
395264
395331
 
395265
395332
  // packages/core/dist/src/confirmation-bus/message-bus.js
395266
- import { randomUUID as randomUUID8 } from "node:crypto";
395333
+ import { randomUUID as randomUUID7 } from "node:crypto";
395267
395334
  import { EventEmitter as EventEmitter10 } from "node:events";
395268
395335
  var MessageBus;
395269
395336
  var init_message_bus = __esm({
@@ -395382,7 +395449,7 @@ var init_message_bus = __esm({
395382
395449
  * The correlation ID is generated internally and added to the request
395383
395450
  */
395384
395451
  async request(request, responseType, timeoutMs = 6e4) {
395385
- const correlationId = randomUUID8();
395452
+ const correlationId = randomUUID7();
395386
395453
  return new Promise((resolve24, reject) => {
395387
395454
  const timeoutId = setTimeout(() => {
395388
395455
  cleanup();
@@ -407243,7 +407310,7 @@ var init_state_manager = __esm({
407243
407310
 
407244
407311
  // packages/core/dist/src/scheduler/confirmation.js
407245
407312
  import { on as on7 } from "node:events";
407246
- import { randomUUID as randomUUID9 } from "node:crypto";
407313
+ import { randomUUID as randomUUID8 } from "node:crypto";
407247
407314
  async function awaitConfirmation(messageBus, correlationId, signal) {
407248
407315
  if (signal.aborted) {
407249
407316
  throw new Error("Operation cancelled");
@@ -407289,7 +407356,7 @@ async function resolveConfirmation(toolCall, signal, deps) {
407289
407356
  details.systemMessage = deps.systemMessage;
407290
407357
  }
407291
407358
  await notifyHooks(deps, details);
407292
- const correlationId = randomUUID9();
407359
+ const correlationId = randomUUID8();
407293
407360
  const serializableDetails = details;
407294
407361
  lastDetails = serializableDetails;
407295
407362
  const ideConfirmation = "ideConfirmation" in details ? details.ideConfirmation : void 0;
@@ -407938,6 +408005,7 @@ var init_tool_executor = __esm({
407938
408005
  return runInDevTraceSpan({
407939
408006
  operation: GeminiCliOperation.ToolCall,
407940
408007
  logPrompts: this.config.getTelemetryLogPromptsEnabled(),
408008
+ sessionId: this.config.getSessionId(),
407941
408009
  attributes: {
407942
408010
  [GEN_AI_TOOL_NAME]: toolName,
407943
408011
  [GEN_AI_TOOL_CALL_ID]: callId,
@@ -408328,7 +408396,8 @@ var init_scheduler2 = __esm({
408328
408396
  async schedule(request, signal) {
408329
408397
  return runInDevTraceSpan({
408330
408398
  operation: GeminiCliOperation.ScheduleToolCalls,
408331
- logPrompts: this.context.config.getTelemetryLogPromptsEnabled()
408399
+ logPrompts: this.context.config.getTelemetryLogPromptsEnabled(),
408400
+ sessionId: this.context.config.getSessionId()
408332
408401
  }, async ({ metadata: spanMetadata }) => {
408333
408402
  const requests = Array.isArray(request) ? request : [request];
408334
408403
  spanMetadata.input = requests;
@@ -410055,7 +410124,7 @@ var init_agent_sanitization_utils = __esm({
410055
410124
  });
410056
410125
 
410057
410126
  // packages/core/dist/src/agents/local-invocation.js
410058
- import { randomUUID as randomUUID10 } from "node:crypto";
410127
+ import { randomUUID as randomUUID9 } from "node:crypto";
410059
410128
  var INPUT_PREVIEW_MAX_LENGTH, DESCRIPTION_MAX_LENGTH, LocalSubagentInvocation;
410060
410129
  var init_local_invocation = __esm({
410061
410130
  "packages/core/dist/src/agents/local-invocation.js"() {
@@ -410130,7 +410199,7 @@ var init_local_invocation = __esm({
410130
410199
  lastItem.content = sanitizeThoughtContent(text);
410131
410200
  } else {
410132
410201
  recentActivity.push({
410133
- id: randomUUID10(),
410202
+ id: randomUUID9(),
410134
410203
  type: "thought",
410135
410204
  content: sanitizeThoughtContent(text),
410136
410205
  status: "running"
@@ -410149,7 +410218,7 @@ var init_local_invocation = __esm({
410149
410218
  const description = activity.data["description"] ? sanitizeErrorMessage(String(activity.data["description"])) : void 0;
410150
410219
  const args2 = JSON.stringify(sanitizeToolArgs(activity.data["args"]));
410151
410220
  recentActivity.push({
410152
- id: randomUUID10(),
410221
+ id: randomUUID9(),
410153
410222
  type: "tool_call",
410154
410223
  content: name3,
410155
410224
  displayName,
@@ -410203,7 +410272,7 @@ var init_local_invocation = __esm({
410203
410272
  }
410204
410273
  }
410205
410274
  recentActivity.push({
410206
- id: randomUUID10(),
410275
+ id: randomUUID9(),
410207
410276
  type: "thought",
410208
410277
  content: isCancellation || isRejection ? sanitizedError : `Error: ${sanitizedError}`,
410209
410278
  status: isCancellation || isRejection ? "cancelled" : "error"
@@ -410272,7 +410341,7 @@ ${output.result}`;
410272
410341
  const lastActivity = recentActivity[recentActivity.length - 1];
410273
410342
  if (!lastActivity || lastActivity.status !== "error") {
410274
410343
  recentActivity.push({
410275
- id: randomUUID10(),
410344
+ id: randomUUID9(),
410276
410345
  type: "thought",
410277
410346
  content: `Error: ${errorMessage}`,
410278
410347
  status: "error"
@@ -412221,7 +412290,7 @@ var init_browserAgentFactory = __esm({
412221
412290
  });
412222
412291
 
412223
412292
  // packages/core/dist/src/agents/browser/browserAgentInvocation.js
412224
- import { randomUUID as randomUUID11 } from "node:crypto";
412293
+ import { randomUUID as randomUUID10 } from "node:crypto";
412225
412294
  var INPUT_PREVIEW_MAX_LENGTH2, DESCRIPTION_MAX_LENGTH2, MAX_RECENT_ACTIVITY, BrowserAgentInvocation;
412226
412295
  var init_browserAgentInvocation = __esm({
412227
412296
  "packages/core/dist/src/agents/browser/browserAgentInvocation.js"() {
@@ -412289,7 +412358,7 @@ var init_browserAgentInvocation = __esm({
412289
412358
  const printOutput = updateOutput ? (msg) => {
412290
412359
  const sanitizedMsg = sanitizeThoughtContent(msg);
412291
412360
  recentActivity.push({
412292
- id: randomUUID11(),
412361
+ id: randomUUID10(),
412293
412362
  type: "thought",
412294
412363
  content: sanitizedMsg,
412295
412364
  status: "completed"
@@ -412321,7 +412390,7 @@ var init_browserAgentInvocation = __esm({
412321
412390
  lastItem.content = sanitizeThoughtContent(text);
412322
412391
  } else {
412323
412392
  recentActivity.push({
412324
- id: randomUUID11(),
412393
+ id: randomUUID10(),
412325
412394
  type: "thought",
412326
412395
  content: sanitizeThoughtContent(text),
412327
412396
  status: "running"
@@ -412335,7 +412404,7 @@ var init_browserAgentInvocation = __esm({
412335
412404
  const displayName = activity.data["displayName"] ? sanitizeErrorMessage(String(activity.data["displayName"])) : void 0;
412336
412405
  const description = activity.data["description"] ? sanitizeErrorMessage(String(activity.data["description"])) : void 0;
412337
412406
  const args2 = JSON.stringify(sanitizeToolArgs(activity.data["args"]));
412338
- const callId = activity.data["callId"] ? String(activity.data["callId"]) : randomUUID11();
412407
+ const callId = activity.data["callId"] ? String(activity.data["callId"]) : randomUUID10();
412339
412408
  recentActivity.push({
412340
412409
  id: callId,
412341
412410
  type: "tool_call",
@@ -412384,7 +412453,7 @@ var init_browserAgentInvocation = __esm({
412384
412453
  }
412385
412454
  const sanitizedError = sanitizeErrorMessage(error2);
412386
412455
  recentActivity.push({
412387
- id: randomUUID11(),
412456
+ id: randomUUID10(),
412388
412457
  type: "thought",
412389
412458
  content: isCancellation ? sanitizedError : `Error: ${sanitizedError}`,
412390
412459
  status: newStatus
@@ -412673,6 +412742,7 @@ var init_subagent_tool = __esm({
412673
412742
  return runInDevTraceSpan({
412674
412743
  operation: GeminiCliOperation.AgentCall,
412675
412744
  logPrompts: this.context.config.getTelemetryLogPromptsEnabled(),
412745
+ sessionId: this.context.config.getSessionId(),
412676
412746
  attributes: {
412677
412747
  [GEN_AI_AGENT_NAME]: this.definition.name,
412678
412748
  [GEN_AI_AGENT_DESCRIPTION]: this.definition.description
@@ -415853,7 +415923,7 @@ var init_envExpansion = __esm({
415853
415923
  // packages/core/dist/src/tools/mcp-client.js
415854
415924
  import { basename as basename10 } from "node:path";
415855
415925
  import { pathToFileURL } from "node:url";
415856
- import { randomUUID as randomUUID12 } from "node:crypto";
415926
+ import { randomUUID as randomUUID11 } from "node:crypto";
415857
415927
  function updateMCPServerStatus(serverName, status2) {
415858
415928
  serverStatuses.set(serverName, status2);
415859
415929
  for (const listener of statusChangeListeners) {
@@ -416937,7 +417007,7 @@ var init_mcp_client = __esm({
416937
417007
  throw new Error("McpCallableTool only supports single function call");
416938
417008
  }
416939
417009
  const call = functionCalls[0];
416940
- const progressToken = randomUUID12();
417010
+ const progressToken = randomUUID11();
416941
417011
  const context2 = getToolCallContext();
416942
417012
  if (context2 && this.progressReporter) {
416943
417013
  this.progressReporter.registerProgressToken(progressToken, context2.callId);
@@ -435958,11 +436028,11 @@ var init_rng3 = __esm({
435958
436028
  });
435959
436029
 
435960
436030
  // packages/core/node_modules/uuid/dist-node/native.js
435961
- import { randomUUID as randomUUID13 } from "node:crypto";
436031
+ import { randomUUID as randomUUID12 } from "node:crypto";
435962
436032
  var native_default4;
435963
436033
  var init_native3 = __esm({
435964
436034
  "packages/core/node_modules/uuid/dist-node/native.js"() {
435965
- native_default4 = { randomUUID: randomUUID13 };
436035
+ native_default4 = { randomUUID: randomUUID12 };
435966
436036
  }
435967
436037
  });
435968
436038
 
@@ -437112,8 +437182,8 @@ var init_config4 = __esm({
437112
437182
  getClientName() {
437113
437183
  return this.clientName;
437114
437184
  }
437115
- setSessionId(sessionId2) {
437116
- this._sessionId = sessionId2;
437185
+ setSessionId(sessionId) {
437186
+ this._sessionId = sessionId;
437117
437187
  }
437118
437188
  setTerminalBackground(terminalBackground) {
437119
437189
  this.terminalBackground = terminalBackground;
@@ -439684,6 +439754,45 @@ var init_init2 = __esm({
439684
439754
  }
439685
439755
  });
439686
439756
 
439757
+ // packages/core/dist/src/agents/skill-extraction-agent.js
439758
+ var SkillExtractionSchema;
439759
+ var init_skill_extraction_agent = __esm({
439760
+ "packages/core/dist/src/agents/skill-extraction-agent.js"() {
439761
+ "use strict";
439762
+ init_zod();
439763
+ init_tool_names();
439764
+ init_models();
439765
+ SkillExtractionSchema = external_exports.object({
439766
+ response: external_exports.string().describe("A summary of the skills extracted or updated.")
439767
+ });
439768
+ }
439769
+ });
439770
+
439771
+ // packages/core/dist/src/services/memoryService.js
439772
+ var LOCK_STALE_MS, MIN_IDLE_MS;
439773
+ var init_memoryService = __esm({
439774
+ "packages/core/dist/src/services/memoryService.js"() {
439775
+ "use strict";
439776
+ init_chatRecordingService();
439777
+ init_debugLogger();
439778
+ init_events();
439779
+ init_errors2();
439780
+ init_skillLoader();
439781
+ init_local_executor();
439782
+ init_skill_extraction_agent();
439783
+ init_registry();
439784
+ init_executionLifecycleService();
439785
+ init_prompt_registry();
439786
+ init_resource_registry();
439787
+ init_policy_engine();
439788
+ init_types2();
439789
+ init_message_bus();
439790
+ init_storage();
439791
+ LOCK_STALE_MS = 35 * 60 * 1e3;
439792
+ MIN_IDLE_MS = 3 * 60 * 60 * 1e3;
439793
+ }
439794
+ });
439795
+
439687
439796
  // packages/core/dist/src/commands/memory.js
439688
439797
  function showMemory(config3) {
439689
439798
  const memoryContent = flattenMemory(config3.getUserMemory());
@@ -439763,7 +439872,10 @@ ${filePaths.join("\n")}`;
439763
439872
  var init_memory2 = __esm({
439764
439873
  "packages/core/dist/src/commands/memory.js"() {
439765
439874
  "use strict";
439875
+ init_storage();
439766
439876
  init_memory();
439877
+ init_skillLoader();
439878
+ init_memoryService();
439767
439879
  init_memoryDiscovery();
439768
439880
  }
439769
439881
  });
@@ -442368,44 +442480,6 @@ var init_sessionSummaryUtils = __esm({
442368
442480
  }
442369
442481
  });
442370
442482
 
442371
- // packages/core/dist/src/agents/skill-extraction-agent.js
442372
- var SkillExtractionSchema;
442373
- var init_skill_extraction_agent = __esm({
442374
- "packages/core/dist/src/agents/skill-extraction-agent.js"() {
442375
- "use strict";
442376
- init_zod();
442377
- init_tool_names();
442378
- init_models();
442379
- SkillExtractionSchema = external_exports.object({
442380
- response: external_exports.string().describe("A summary of the skills extracted or updated.")
442381
- });
442382
- }
442383
- });
442384
-
442385
- // packages/core/dist/src/services/memoryService.js
442386
- var LOCK_STALE_MS, MIN_IDLE_MS;
442387
- var init_memoryService = __esm({
442388
- "packages/core/dist/src/services/memoryService.js"() {
442389
- "use strict";
442390
- init_chatRecordingService();
442391
- init_debugLogger();
442392
- init_errors2();
442393
- init_skillLoader();
442394
- init_local_executor();
442395
- init_skill_extraction_agent();
442396
- init_registry();
442397
- init_executionLifecycleService();
442398
- init_prompt_registry();
442399
- init_resource_registry();
442400
- init_policy_engine();
442401
- init_types2();
442402
- init_message_bus();
442403
- init_storage();
442404
- LOCK_STALE_MS = 35 * 60 * 1e3;
442405
- MIN_IDLE_MS = 3 * 60 * 60 * 1e3;
442406
- }
442407
- });
442408
-
442409
442483
  // packages/core/dist/src/ide/ide-installer.js
442410
442484
  var init_ide_installer = __esm({
442411
442485
  "packages/core/dist/src/ide/ide-installer.js"() {
@@ -442487,6 +442561,13 @@ ${REFERENCE_CONTENT_END}`;
442487
442561
  }
442488
442562
  });
442489
442563
 
442564
+ // packages/core/dist/src/utils/session.js
442565
+ var init_session = __esm({
442566
+ "packages/core/dist/src/utils/session.js"() {
442567
+ "use strict";
442568
+ }
442569
+ });
442570
+
442490
442571
  // packages/core/dist/src/utils/compatibility.js
442491
442572
  var WarningPriority;
442492
442573
  var init_compatibility = __esm({