npm - @gotgenes/pi-permission-system - Versions diffs - 5.9.0 → 5.10.0 - Mend

@gotgenes/pi-permission-system 5.9.0 → 5.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/CHANGELOG.md +15 -0
package/package.json +1 -1
package/src/handlers/before-agent-start.ts +19 -32
package/src/handlers/input.ts +5 -5
package/src/handlers/lifecycle.ts +17 -33
package/src/handlers/tool-call.ts +11 -18
package/src/handlers/types.ts +11 -38
package/src/index.ts +14 -17
package/src/permission-session.ts +252 -0
package/src/runtime.ts +5 -30
package/src/skill-prompt-sanitizer.ts +15 -4
package/tests/handlers/before-agent-start.test.ts +79 -110
package/tests/handlers/input-events.test.ts +19 -31
package/tests/handlers/input.test.ts +41 -73
package/tests/handlers/lifecycle.test.ts +61 -179
package/tests/handlers/tool-call-events.test.ts +66 -92
package/tests/handlers/tool-call.test.ts +40 -61
package/tests/permission-session.test.ts +546 -0
package/tests/runtime.test.ts +2 -77

package/tests/handlers/input-events.test.ts CHANGED Viewed

@@ -8,7 +8,8 @@ import { handleInput } from "../../src/handlers/input";
 import type { HandlerDeps } from "../../src/handlers/types";
 import type { PermissionDecisionEvent } from "../../src/permission-events";
 import { PERMISSIONS_DECISION_CHANNEL } from "../../src/permission-events";
-import type { SessionState } from "../../src/runtime";
+import type { PermissionSession } from "../../src/permission-session";
+import type { PermissionState } from "../../src/types";
 // ── helpers ────────────────────────────────────────────────────────────────
@@ -38,28 +39,24 @@ function makeCtx(overrides: Partial<ExtensionContext> = {}): ExtensionContext {
   } as unknown as ExtensionContext;
 }
-function makeSession(state: "allow" | "deny" | "ask" = "allow"): SessionState {
+function makeSession(
+  state: "allow" | "deny" | "ask" = "allow",
+): PermissionSession {
   return {
-    runtimeContext: null,
-    permissionManager: {
-      checkPermission: vi.fn().mockReturnValue({
-        state,
-        toolName: "skill",
-        source: "skill",
-        origin: "global",
-        matchedPattern: "*",
-      }),
-    } as unknown as SessionState["permissionManager"],
-    activeSkillEntries: [],
-    lastKnownActiveAgentName: null,
-    lastActiveToolsCacheKey: null,
-    lastPromptStateCacheKey: null,
-    sessionRules: {
-      approve: vi.fn(),
-      getRuleset: vi.fn().mockReturnValue([]),
-      clear: vi.fn(),
-    } as unknown as SessionState["sessionRules"],
-  };
+    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
+    activate: vi.fn(),
+    resolveAgentName: vi.fn().mockReturnValue(null),
+    checkPermission: vi.fn().mockReturnValue({
+      state,
+      toolName: "skill",
+      source: "skill",
+      origin: "global",
+      matchedPattern: "*",
+    }),
+    getToolPermission: vi.fn().mockReturnValue("allow" as PermissionState),
+    getSessionRuleset: vi.fn().mockReturnValue([]),
+    approveSessionRule: vi.fn(),
+  } as unknown as PermissionSession;
 }
 function makeDeps(
@@ -68,20 +65,12 @@ function makeDeps(
 ): HandlerDeps {
   return {
     session: makeSession(state),
-    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
-    piInfrastructureDirs: ["/test/agent"],
-    getPiInfrastructureReadPaths: vi.fn().mockReturnValue([]),
     events: makeEvents(),
-    createPermissionManagerForCwd: vi.fn(),
-    refreshExtensionConfig: vi.fn(),
-    logResolvedConfigPaths: vi.fn(),
-    resolveAgentName: vi.fn().mockReturnValue(null),
     canRequestPermissionConfirmation: vi.fn().mockReturnValue(true),
     promptPermission: vi
       .fn()
       .mockResolvedValue({ approved: true, state: "approved" }),
     createPermissionRequestId: vi.fn().mockReturnValue("req-id"),
-    forwarding: { start: vi.fn(), stop: vi.fn() },
     stopPermissionRpcHandlers: vi.fn(),
     getAllTools: vi.fn().mockReturnValue([]),
     setActiveTools: vi.fn(),
@@ -191,7 +180,6 @@ describe("handleInput decision events — skill gate", () => {
   it("emits allow with auto_approved when promptPermission returns autoApproved:true", async () => {
     const deps = makeDeps("ask", {
-      // Simulate what PermissionPrompter returns in yolo mode
       promptPermission: vi.fn().mockResolvedValue({
         approved: true,
         state: "approved",

package/tests/handlers/input.test.ts CHANGED Viewed

@@ -6,8 +6,8 @@ import {
   handleInput,
 } from "../../src/handlers/input";
 import type { HandlerDeps } from "../../src/handlers/types";
-import type { SessionState } from "../../src/runtime";
-import type { SkillPromptEntry } from "../../src/skill-prompt-sanitizer";
+import type { PermissionSession } from "../../src/permission-session";
+import type { PermissionState } from "../../src/types";
 // ── helpers ────────────────────────────────────────────────────────────────
@@ -34,42 +34,30 @@ function makeInputEvent(text: string) {
   return { text };
 }
-function makeSession(overrides: Partial<SessionState> = {}): SessionState {
+function makeSession(
+  overrides: Partial<Record<keyof PermissionSession, unknown>> = {},
+): PermissionSession {
   return {
-    runtimeContext: null,
-    permissionManager: {
-      checkPermission: vi.fn().mockReturnValue({ state: "allow" }),
-    } as unknown as SessionState["permissionManager"],
-    activeSkillEntries: [] as SkillPromptEntry[],
-    lastKnownActiveAgentName: null,
-    lastActiveToolsCacheKey: null,
-    lastPromptStateCacheKey: null,
-    sessionRules: {
-      approve: vi.fn(),
-      getRuleset: vi.fn().mockReturnValue([]),
-      clear: vi.fn(),
-    } as unknown as SessionState["sessionRules"],
+    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
+    activate: vi.fn(),
+    resolveAgentName: vi.fn().mockReturnValue(null),
+    checkPermission: vi.fn().mockReturnValue({ state: "allow" }),
+    getToolPermission: vi.fn().mockReturnValue("allow" as PermissionState),
+    getSessionRuleset: vi.fn().mockReturnValue([]),
+    approveSessionRule: vi.fn(),
     ...overrides,
-  };
+  } as unknown as PermissionSession;
 }
 function makeDeps(overrides: Partial<HandlerDeps> = {}): HandlerDeps {
   return {
     session: makeSession(),
-    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
-    piInfrastructureDirs: ["/test/agent", "/test/agent/git"],
-    getPiInfrastructureReadPaths: vi.fn().mockReturnValue([]),
-    createPermissionManagerForCwd: vi.fn(),
-    refreshExtensionConfig: vi.fn(),
-    logResolvedConfigPaths: vi.fn(),
-    resolveAgentName: vi.fn().mockReturnValue(null),
+    events: { emit: vi.fn(), on: vi.fn().mockReturnValue(() => undefined) },
     canRequestPermissionConfirmation: vi.fn().mockReturnValue(true),
     promptPermission: vi
       .fn()
       .mockResolvedValue({ approved: true, state: "approved" }),
     createPermissionRequestId: vi.fn().mockReturnValue("req-id"),
-    events: { emit: vi.fn(), on: vi.fn().mockReturnValue(() => undefined) },
-    forwarding: { start: vi.fn(), stop: vi.fn() },
     stopPermissionRpcHandlers: vi.fn(),
     getAllTools: vi.fn().mockReturnValue([]),
     setActiveTools: vi.fn(),
@@ -114,18 +102,11 @@ describe("extractSkillNameFromInput", () => {
 // ── handleInput ───────────────────────────────────────────────────────────
 describe("handleInput", () => {
-  it("sets runtime context", async () => {
+  it("activates session with ctx", async () => {
     const ctx = makeCtx();
     const deps = makeDeps();
     await handleInput(deps, makeInputEvent("hello"), ctx);
-    expect(deps.session.runtimeContext).toBe(ctx);
-  });
-  it("starts forwarded permission polling", async () => {
-    const ctx = makeCtx();
-    const deps = makeDeps();
-    await handleInput(deps, makeInputEvent("hello"), ctx);
-    expect(deps.forwarding.start).toHaveBeenCalledWith(ctx);
+    expect(deps.session.activate).toHaveBeenCalledWith(ctx);
   });
   it("returns continue for non-skill input", async () => {
@@ -141,14 +122,11 @@ describe("handleInput", () => {
   it("does not check permissions for non-skill input", async () => {
     const deps = makeDeps();
     await handleInput(deps, makeInputEvent("just a message"), makeCtx());
-    expect(
-      deps.session.permissionManager.checkPermission,
-    ).not.toHaveBeenCalled();
+    expect(deps.session.checkPermission).not.toHaveBeenCalled();
   });
   it("returns continue when skill is allowed", async () => {
     const deps = makeDeps();
-    // default makeRuntime() has checkPermission → { state: "allow" }
     const result = await handleInput(
       deps,
       makeInputEvent("/skill:librarian"),
@@ -158,14 +136,10 @@ describe("handleInput", () => {
   });
   it("returns handled when skill is denied", async () => {
-    const pm = {
+    const session = makeSession({
       checkPermission: vi.fn().mockReturnValue({ state: "deny" }),
-    };
-    const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
     });
+    const deps = makeDeps({ session });
     const result = await handleInput(
       deps,
       makeInputEvent("/skill:librarian"),
@@ -176,14 +150,10 @@ describe("handleInput", () => {
   it("shows a warning notification when skill is denied and UI is available", async () => {
     const ctx = makeCtx({ hasUI: true });
-    const pm = {
+    const session = makeSession({
       checkPermission: vi.fn().mockReturnValue({ state: "deny" }),
-    };
-    const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
     });
+    const deps = makeDeps({ session });
     await handleInput(deps, makeInputEvent("/skill:librarian"), ctx);
     expect(ctx.ui.notify).toHaveBeenCalledWith(
       expect.stringContaining("librarian"),
@@ -193,22 +163,20 @@ describe("handleInput", () => {
   it("does not show a warning notification when skill is denied and UI is absent", async () => {
     const ctx = makeCtx({ hasUI: false });
-    const pm = { checkPermission: vi.fn().mockReturnValue({ state: "deny" }) };
-    const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
+    const session = makeSession({
+      checkPermission: vi.fn().mockReturnValue({ state: "deny" }),
     });
+    const deps = makeDeps({ session });
     await handleInput(deps, makeInputEvent("/skill:librarian"), ctx);
     expect(ctx.ui.notify).not.toHaveBeenCalled();
   });
   it("returns handled when skill requires approval but no UI is available", async () => {
-    const pm = { checkPermission: vi.fn().mockReturnValue({ state: "ask" }) };
+    const session = makeSession({
+      checkPermission: vi.fn().mockReturnValue({ state: "ask" }),
+    });
     const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
+      session,
       canRequestPermissionConfirmation: vi.fn().mockReturnValue(false),
     });
     const result = await handleInput(
@@ -220,11 +188,11 @@ describe("handleInput", () => {
   });
   it("prompts and returns continue when skill ask is approved", async () => {
-    const pm = { checkPermission: vi.fn().mockReturnValue({ state: "ask" }) };
+    const session = makeSession({
+      checkPermission: vi.fn().mockReturnValue({ state: "ask" }),
+    });
     const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
+      session,
       canRequestPermissionConfirmation: vi.fn().mockReturnValue(true),
       promptPermission: vi
         .fn()
@@ -240,11 +208,11 @@ describe("handleInput", () => {
   });
   it("returns handled when skill ask is denied by user", async () => {
-    const pm = { checkPermission: vi.fn().mockReturnValue({ state: "ask" }) };
+    const session = makeSession({
+      checkPermission: vi.fn().mockReturnValue({ state: "ask" }),
+    });
     const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
+      session,
       canRequestPermissionConfirmation: vi.fn().mockReturnValue(true),
       promptPermission: vi
         .fn()
@@ -259,12 +227,12 @@ describe("handleInput", () => {
   });
   it("passes agentName in the prompt permission request", async () => {
-    const pm = { checkPermission: vi.fn().mockReturnValue({ state: "ask" }) };
-    const deps = makeDeps({
-      session: makeSession({
-        permissionManager: pm as unknown as SessionState["permissionManager"],
-      }),
+    const session = makeSession({
+      checkPermission: vi.fn().mockReturnValue({ state: "ask" }),
       resolveAgentName: vi.fn().mockReturnValue("code-agent"),
+    });
+    const deps = makeDeps({
+      session,
       canRequestPermissionConfirmation: vi.fn().mockReturnValue(true),
       promptPermission: vi
         .fn()

package/tests/handlers/lifecycle.test.ts CHANGED Viewed

@@ -6,24 +6,9 @@ import {
   handleSessionStart,
 } from "../../src/handlers/lifecycle";
 import type { HandlerDeps } from "../../src/handlers/types";
-import type { PermissionManager } from "../../src/permission-manager";
-import type { SessionState } from "../../src/runtime";
-import type { SessionRules } from "../../src/session-rules";
-import type { SkillPromptEntry } from "../../src/skill-prompt-sanitizer";
+import type { PermissionSession } from "../../src/permission-session";
-// ── active-agent stub ──────────────────────────────────────────────────────
-const { mockGetActiveAgentName } = vi.hoisted(() => ({
-  mockGetActiveAgentName: vi.fn<(ctx: ExtensionContext) => string | null>(),
-}));
-vi.mock("../../src/active-agent", () => ({
-  getActiveAgentName: mockGetActiveAgentName,
-  getActiveAgentNameFromSystemPrompt: vi.fn().mockReturnValue(null),
-}));
-// ── PERMISSION_SYSTEM_STATUS_KEY stub ──────────────────────────────────────
-// status.ts is re-exported through the handler; the key value doesn't matter
-// for these tests.
+// ── status stub ────────────────────────────────────────────────────────────
 vi.mock("../../src/status", () => ({
   PERMISSION_SYSTEM_STATUS_KEY: "permission-system",
   syncPermissionSystemStatus: vi.fn(),
@@ -51,54 +36,32 @@ function makeCtx(overrides: Partial<ExtensionContext> = {}): ExtensionContext {
   } as unknown as ExtensionContext;
 }
-function makePermissionManager(
-  issues: string[] = [],
-): Pick<PermissionManager, "getConfigIssues"> {
-  return {
-    getConfigIssues: vi.fn().mockReturnValue(issues),
-  };
-}
-function makeSessionRules(): SessionRules {
-  return {
-    approve: vi.fn(),
-    getRuleset: vi.fn().mockReturnValue([]),
-    clear: vi.fn(),
-  } as unknown as SessionRules;
-}
-function makeSession(overrides: Partial<SessionState> = {}): SessionState {
+function makeSession(
+  overrides: Partial<Record<keyof PermissionSession, unknown>> = {},
+): PermissionSession {
   return {
-    runtimeContext: null,
-    permissionManager: makePermissionManager() as unknown as PermissionManager,
-    activeSkillEntries: [] as SkillPromptEntry[],
-    lastKnownActiveAgentName: null,
-    lastActiveToolsCacheKey: null,
-    lastPromptStateCacheKey: null,
-    sessionRules: makeSessionRules(),
+    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
+    refreshConfig: vi.fn(),
+    resetForNewSession: vi.fn(),
+    logResolvedConfigPaths: vi.fn(),
+    resolveAgentName: vi.fn().mockReturnValue(null),
+    getConfigIssues: vi.fn().mockReturnValue([]),
+    reload: vi.fn(),
+    getRuntimeContext: vi.fn().mockReturnValue(null),
+    shutdown: vi.fn(),
     ...overrides,
-  };
+  } as unknown as PermissionSession;
 }
 function makeDeps(overrides: Partial<HandlerDeps> = {}): HandlerDeps {
   return {
     session: makeSession(),
-    logger: { debug: vi.fn(), review: vi.fn(), warn: vi.fn() },
-    piInfrastructureDirs: ["/test/agent", "/test/agent/git"],
-    getPiInfrastructureReadPaths: vi.fn().mockReturnValue([]),
-    createPermissionManagerForCwd: vi
-      .fn()
-      .mockReturnValue(makePermissionManager()),
-    refreshExtensionConfig: vi.fn(),
-    logResolvedConfigPaths: vi.fn(),
-    resolveAgentName: vi.fn().mockReturnValue(null),
+    events: { emit: vi.fn(), on: vi.fn().mockReturnValue(() => undefined) },
     canRequestPermissionConfirmation: vi.fn().mockReturnValue(false),
     promptPermission: vi
       .fn()
       .mockResolvedValue({ approved: true, state: "approved" }),
     createPermissionRequestId: vi.fn().mockReturnValue("test-id"),
-    events: { emit: vi.fn(), on: vi.fn().mockReturnValue(() => undefined) },
-    forwarding: { start: vi.fn(), stop: vi.fn() },
     stopPermissionRpcHandlers: vi.fn(),
     getAllTools: vi.fn().mockReturnValue([]),
     setActiveTools: vi.fn(),
@@ -109,98 +72,54 @@ function makeDeps(overrides: Partial<HandlerDeps> = {}): HandlerDeps {
 // ── handleSessionStart ─────────────────────────────────────────────────────
 describe("handleSessionStart", () => {
-  beforeEach(() => {
-    mockGetActiveAgentName.mockReset();
-    mockGetActiveAgentName.mockReturnValue(null);
-  });
-  it("sets the runtime context", async () => {
-    const ctx = makeCtx();
-    const deps = makeDeps();
-    await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.session.runtimeContext).toBe(ctx);
-  });
-  it("refreshes extension config with ctx", async () => {
-    const ctx = makeCtx();
-    const deps = makeDeps();
-    await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.refreshExtensionConfig).toHaveBeenCalledWith(ctx);
-  });
-  it("creates a new permission manager for ctx.cwd and stores it", async () => {
-    const ctx = makeCtx({ cwd: "/my/project" });
-    const newPm = makePermissionManager();
-    const deps = makeDeps({
-      createPermissionManagerForCwd: vi.fn().mockReturnValue(newPm),
-    });
-    await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.createPermissionManagerForCwd).toHaveBeenCalledWith(
-      "/my/project",
-    );
-    expect(deps.session.permissionManager).toBe(newPm);
-  });
-  it("clears the before_agent_start cache", async () => {
-    const ctx = makeCtx();
-    const deps = makeDeps();
-    await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.session.activeSkillEntries).toEqual([]);
-    expect(deps.session.lastActiveToolsCacheKey).toBeNull();
-    expect(deps.session.lastPromptStateCacheKey).toBeNull();
-  });
-  it("sets lastKnownActiveAgentName from getActiveAgentName", async () => {
-    mockGetActiveAgentName.mockReturnValue("my-agent");
+  it("refreshes config with ctx", async () => {
     const ctx = makeCtx();
     const deps = makeDeps();
     await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.session.lastKnownActiveAgentName).toBe("my-agent");
+    expect(deps.session.refreshConfig).toHaveBeenCalledWith(ctx);
   });
-  it("sets lastKnownActiveAgentName to null when no agent is active", async () => {
-    mockGetActiveAgentName.mockReturnValue(null);
+  it("calls resetForNewSession with ctx", async () => {
     const ctx = makeCtx();
     const deps = makeDeps();
     await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.session.lastKnownActiveAgentName).toBeNull();
+    expect(deps.session.resetForNewSession).toHaveBeenCalledWith(ctx);
   });
-  it("starts forwarded permission polling", async () => {
-    const ctx = makeCtx();
+  it("logs resolved config paths", async () => {
     const deps = makeDeps();
-    await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.forwarding.start).toHaveBeenCalledWith(ctx);
+    await handleSessionStart(deps, { reason: "startup" }, makeCtx());
+    expect(deps.session.logResolvedConfigPaths).toHaveBeenCalledOnce();
   });
-  it("logs resolved config paths", async () => {
+  it("resolves agent name from ctx", async () => {
     const ctx = makeCtx();
     const deps = makeDeps();
     await handleSessionStart(deps, { reason: "startup" }, ctx);
-    expect(deps.logResolvedConfigPaths).toHaveBeenCalledOnce();
+    expect(deps.session.resolveAgentName).toHaveBeenCalledWith(ctx);
   });
   it("notifies each policy issue", async () => {
-    const pm = makePermissionManager(["issue A", "issue B"]);
-    const deps = makeDeps({
-      createPermissionManagerForCwd: vi.fn().mockReturnValue(pm),
+    const session = makeSession({
+      getConfigIssues: vi.fn().mockReturnValue(["issue A", "issue B"]),
     });
+    const deps = makeDeps({ session });
     await handleSessionStart(deps, { reason: "startup" }, makeCtx());
-    expect(deps.logger.warn).toHaveBeenCalledWith("issue A");
-    expect(deps.logger.warn).toHaveBeenCalledWith("issue B");
+    expect(session.logger.warn).toHaveBeenCalledWith("issue A");
+    expect(session.logger.warn).toHaveBeenCalledWith("issue B");
   });
-  it("does not call notifyWarning when there are no policy issues", async () => {
+  it("does not warn when there are no policy issues", async () => {
     const deps = makeDeps();
     await handleSessionStart(deps, { reason: "startup" }, makeCtx());
-    expect(deps.logger.warn).not.toHaveBeenCalled();
+    expect(deps.session.logger.warn).not.toHaveBeenCalled();
   });
   it("writes lifecycle.reload debug log when reason is reload", async () => {
     const ctx = makeCtx({ cwd: "/proj" });
     const deps = makeDeps();
     await handleSessionStart(deps, { reason: "reload" }, ctx);
-    expect(deps.logger.debug).toHaveBeenCalledWith("lifecycle.reload", {
+    expect(deps.session.logger.debug).toHaveBeenCalledWith("lifecycle.reload", {
       triggeredBy: "session_start",
       reason: "reload",
       cwd: "/proj",
@@ -210,7 +129,18 @@ describe("handleSessionStart", () => {
   it("does not write lifecycle.reload debug log for non-reload reasons", async () => {
     const deps = makeDeps();
     await handleSessionStart(deps, { reason: "startup" }, makeCtx());
-    expect(deps.logger.debug).not.toHaveBeenCalled();
+    expect(deps.session.logger.debug).not.toHaveBeenCalled();
+  });
+  it("calls refreshConfig before resetForNewSession", async () => {
+    const callOrder: string[] = [];
+    const session = makeSession({
+      refreshConfig: vi.fn(() => callOrder.push("refreshConfig")),
+      resetForNewSession: vi.fn(() => callOrder.push("resetForNewSession")),
+    });
+    const deps = makeDeps({ session });
+    await handleSessionStart(deps, { reason: "startup" }, makeCtx());
+    expect(callOrder).toEqual(["refreshConfig", "resetForNewSession"]);
   });
 });
@@ -220,43 +150,23 @@ describe("handleResourcesDiscover", () => {
   it("does nothing when reason is not reload", async () => {
     const deps = makeDeps();
     await handleResourcesDiscover(deps, { reason: "startup" });
-    expect(deps.createPermissionManagerForCwd).not.toHaveBeenCalled();
-    expect(deps.logger.debug).not.toHaveBeenCalled();
-  });
-  it("creates and stores a new PM using runtimeContext.cwd on reload", async () => {
-    const ctx = makeCtx({ cwd: "/runtime/cwd" });
-    const newPm = makePermissionManager();
-    const deps = makeDeps({
-      session: makeSession({ runtimeContext: ctx }),
-      createPermissionManagerForCwd: vi.fn().mockReturnValue(newPm),
-    });
-    await handleResourcesDiscover(deps, { reason: "reload" });
-    expect(deps.createPermissionManagerForCwd).toHaveBeenCalledWith(
-      "/runtime/cwd",
-    );
-    expect(deps.session.permissionManager).toBe(newPm);
+    expect(deps.session.reload).not.toHaveBeenCalled();
   });
-  it("uses undefined cwd when runtimeContext is null on reload", async () => {
+  it("calls reload on the session on reload", async () => {
     const deps = makeDeps();
     await handleResourcesDiscover(deps, { reason: "reload" });
-    expect(deps.createPermissionManagerForCwd).toHaveBeenCalledWith(undefined);
-  });
-  it("clears the before_agent_start cache on reload", async () => {
-    const deps = makeDeps();
-    await handleResourcesDiscover(deps, { reason: "reload" });
-    expect(deps.session.activeSkillEntries).toEqual([]);
-    expect(deps.session.lastActiveToolsCacheKey).toBeNull();
-    expect(deps.session.lastPromptStateCacheKey).toBeNull();
+    expect(deps.session.reload).toHaveBeenCalledOnce();
   });
   it("writes lifecycle.reload debug log on reload", async () => {
     const ctx = makeCtx({ cwd: "/proj" });
-    const deps = makeDeps({ session: makeSession({ runtimeContext: ctx }) });
+    const session = makeSession({
+      getRuntimeContext: vi.fn().mockReturnValue(ctx),
+    });
+    const deps = makeDeps({ session });
     await handleResourcesDiscover(deps, { reason: "reload" });
-    expect(deps.logger.debug).toHaveBeenCalledWith("lifecycle.reload", {
+    expect(session.logger.debug).toHaveBeenCalledWith("lifecycle.reload", {
       triggeredBy: "resources_discover",
       reason: "reload",
       cwd: "/proj",
@@ -266,7 +176,7 @@ describe("handleResourcesDiscover", () => {
   it("logs cwd as null when runtimeContext is null on reload", async () => {
     const deps = makeDeps();
     await handleResourcesDiscover(deps, { reason: "reload" });
-    expect(deps.logger.debug).toHaveBeenCalledWith("lifecycle.reload", {
+    expect(deps.session.logger.debug).toHaveBeenCalledWith("lifecycle.reload", {
       triggeredBy: "resources_discover",
       reason: "reload",
       cwd: null,
@@ -277,11 +187,12 @@ describe("handleResourcesDiscover", () => {
 // ── handleSessionShutdown ──────────────────────────────────────────────────
 describe("handleSessionShutdown", () => {
-  it("clears the UI status when a runtime context is present", async () => {
+  it("clears UI status when runtime context is present", async () => {
     const ctx = makeCtx();
-    const deps = makeDeps({
-      session: makeSession({ runtimeContext: ctx }),
+    const session = makeSession({
+      getRuntimeContext: vi.fn().mockReturnValue(ctx),
     });
+    const deps = makeDeps({ session });
     await handleSessionShutdown(deps);
     expect(ctx.ui.setStatus).toHaveBeenCalledWith(
       "permission-system",
@@ -294,44 +205,15 @@ describe("handleSessionShutdown", () => {
     await expect(handleSessionShutdown(deps)).resolves.not.toThrow();
   });
-  it("sets runtime context to null", async () => {
-    const ctx = makeCtx();
-    const deps = makeDeps({ session: makeSession({ runtimeContext: ctx }) });
-    await handleSessionShutdown(deps);
-    expect(deps.session.runtimeContext).toBeNull();
-  });
-  it("clears the before_agent_start cache", async () => {
+  it("calls shutdown on the session", async () => {
     const deps = makeDeps();
     await handleSessionShutdown(deps);
-    expect(deps.session.activeSkillEntries).toEqual([]);
-    expect(deps.session.lastActiveToolsCacheKey).toBeNull();
-    expect(deps.session.lastPromptStateCacheKey).toBeNull();
+    expect(deps.session.shutdown).toHaveBeenCalledOnce();
   });
-  it("clears the session rules", async () => {
-    const deps = makeDeps();
-    await handleSessionShutdown(deps);
-    expect(deps.session.sessionRules.clear).toHaveBeenCalledOnce();
-  });
-  it("stops forwarded permission polling", async () => {
-    const deps = makeDeps();
-    await handleSessionShutdown(deps);
-    expect(deps.forwarding.stop).toHaveBeenCalledOnce();
-  });
-  it("calls stopPermissionRpcHandlers on shutdown", async () => {
+  it("calls stopPermissionRpcHandlers", async () => {
     const deps = makeDeps();
     await handleSessionShutdown(deps);
     expect(deps.stopPermissionRpcHandlers).toHaveBeenCalledOnce();
   });
-  it("does not reset lastKnownActiveAgentName", async () => {
-    const deps = makeDeps({
-      session: makeSession({ lastKnownActiveAgentName: "remembered" }),
-    });
-    await handleSessionShutdown(deps);
-    expect(deps.session.lastKnownActiveAgentName).toBe("remembered");
-  });
 });