@hienlh/ppm 0.9.0-beta.2 → 0.9.0-beta.4

package/src/providers/cursor-cli/cursor-history.ts

@@ -0,0 +1,207 @@
+import { createHash } from "node:crypto";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { existsSync, readdirSync } from "node:fs";
+import type { ChatMessage, SessionInfo } from "../provider.interface.ts";
+
+const DEFAULT_CHATS_DIR = join(homedir(), ".cursor", "chats");
+
+/**
+ * List all Cursor sessions found in ~/.cursor/chats/.
+ * Scans directory structure: {cwdHash}/{sessionId}/store.db
+ * Reads meta table for session name and createdAt.
+ * @param chatsDir — override for testing (defaults to ~/.cursor/chats)
+ */
+export async function listCursorSessions(providerId: string, chatsDir?: string): Promise<SessionInfo[]> {
+  const dir = chatsDir ?? DEFAULT_CHATS_DIR;
+  if (!existsSync(dir)) return [];
+  const { Database } = await import("bun:sqlite");
+  const sessions: SessionInfo[] = [];
+
+  try {
+    for (const cwdHash of readdirSync(dir)) {
+      const cwdDir = join(dir, cwdHash);
+      try {
+        for (const sessionId of readdirSync(cwdDir)) {
+          const dbPath = join(cwdDir, sessionId, "store.db");
+          if (!existsSync(dbPath)) continue;
+
+          let title = `Cursor ${sessionId.slice(0, 8)}`;
+          let createdAt = new Date().toISOString();
+
+          // Read meta table for name + createdAt (value is hex-encoded JSON)
+          try {
+            const db = new Database(dbPath, { readonly: true });
+            const row = db.query("SELECT value FROM meta LIMIT 1").get() as { value: string | Buffer } | null;
+            db.close();
+            if (row?.value) {
+              const hex = typeof row.value === "string" ? row.value : Buffer.from(row.value).toString("utf-8");
+              const json = Buffer.from(hex, "hex").toString("utf-8");
+              const meta = JSON.parse(json);
+              if (meta.name) title = meta.name.split("\n")[0].slice(0, 80);
+              if (meta.createdAt) createdAt = new Date(meta.createdAt).toISOString();
+            }
+          } catch { /* use defaults */ }
+
+          sessions.push({ id: sessionId, providerId, title, createdAt });
+        }
+      } catch { /* skip unreadable dir */ }
+    }
+  } catch { /* skip if chats dir unreadable */ }
+
+  return sessions.sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+}
+
+/**
+ * Load chat history from Cursor's SQLite DAG storage.
+ * Path: ~/.cursor/chats/{MD5(cwd)}/{sessionId}/store.db
+ * Falls back to scanning all cwdHash dirs if projectPath doesn't match.
+ */
+export async function loadCursorHistory(
+  sessionId: string,
+  projectPath?: string,
+  chatsDir?: string,
+): Promise<ChatMessage[]> {
+  const baseDir = chatsDir ?? DEFAULT_CHATS_DIR;
+  let dbPath: string | null = null;
+
+  // Try direct path first (fast path when projectPath is known)
+  if (projectPath) {
+    const cwdHash = createHash("md5").update(projectPath).digest("hex");
+    const candidate = join(baseDir, cwdHash, sessionId, "store.db");
+    if (existsSync(candidate)) dbPath = candidate;
+  }
+
+  // Fallback: scan all cwdHash dirs for this sessionId
+  if (!dbPath && existsSync(baseDir)) {
+    try {
+      for (const cwdHash of readdirSync(baseDir)) {
+        const candidate = join(baseDir, cwdHash, sessionId, "store.db");
+        if (existsSync(candidate)) { dbPath = candidate; break; }
+      }
+    } catch { /* skip */ }
+  }
+
+  if (!dbPath) return [];
+
+  try {
+    // Use Bun's native SQLite
+    const { Database } = await import("bun:sqlite");
+    const db = new Database(dbPath, { readonly: true });
+
+    const blobs = db
+      .query("SELECT rowid, id, data FROM blobs ORDER BY rowid")
+      .all() as Array<{ rowid: number; id: string; data: Buffer }>;
+    db.close();
+
+    return parseDagBlobs(blobs, sessionId);
+  } catch (err) {
+    console.warn(`[cursor-history] Failed to load session ${sessionId}:`, err);
+    return [];
+  }
+}
+
+/** Parse DAG blobs into ordered ChatMessages */
+function parseDagBlobs(
+  blobs: Array<{ rowid: number; id: string; data: Buffer }>,
+  _sessionId: string,
+): ChatMessage[] {
+  const messages: ChatMessage[] = [];
+
+  for (const blob of blobs) {
+    try {
+      const text = extractTextContent(blob.data);
+      if (!text) continue;
+
+      // Try to parse as JSON
+      try {
+        const parsed = JSON.parse(text);
+
+        // Format: { role: "...", content: "..." | [...] } — structured message
+        // Skip system prompts — they're huge and not useful for history
+        if (parsed.role === "system") continue;
+        if (parsed.role && parsed.content) {
+          let content: string;
+          if (typeof parsed.content === "string") {
+            content = parsed.content;
+          } else if (Array.isArray(parsed.content)) {
+            // Content parts: [{ type: "text", text: "..." }, ...]
+            content = parsed.content
+              .filter((p: any) => p.type === "text" && p.text)
+              .map((p: any) => p.text)
+              .join("\n") || JSON.stringify(parsed.content);
+          } else {
+            content = JSON.stringify(parsed.content);
+          }
+          // Filter out Cursor's injected <user_info> system context messages
+          if (parsed.role === "user" && /^<user_info>\s/i.test(content.trimStart())) continue;
+          // Strip Cursor's <user_query> wrapper from user messages
+          if (parsed.role === "user") {
+            const match = content.match(/<user_query>\s*([\s\S]*?)\s*<\/user_query>/);
+            if (match?.[1]) content = match[1];
+          }
+          messages.push({
+            id: blob.id,
+            role: parsed.role,
+            content,
+            timestamp: new Date().toISOString(),
+          });
+          continue;
+        }
+
+        // Format: [{ type: "text", text: "..." }] — content parts array
+        if (Array.isArray(parsed)) {
+          const textParts = parsed
+            .filter((p: any) => p.type === "text" && p.text)
+            .map((p: any) => p.text)
+            .join("\n");
+          if (textParts) {
+            messages.push({
+              id: blob.id,
+              role: messages.length % 2 === 0 ? "user" : "assistant",
+              content: textParts,
+              timestamp: new Date().toISOString(),
+            });
+            continue;
+          }
+        }
+      } catch { /* not JSON */ }
+    } catch { /* skip corrupt blob */ }
+  }
+
+  return messages;
+}
+
+/**
+ * Extract readable text from a DAG blob.
+ * Handles 2 known formats:
+ * 1. UTF-8 JSON string starting with { or [ (role/content messages)
+ * 2. JSON array (content parts like [{type:"text",text:"..."}])
+ * Skips binary DAG metadata blobs (parent refs, headers).
+ */
+function extractTextContent(data: Buffer | Uint8Array): string | null {
+  if (!data || data.length === 0) return null;
+
+  const buf = Buffer.from(data);
+
+  // Quick binary check: if first byte is not printable ASCII, it's a DAG metadata blob
+  const firstByte = buf[0];
+  if (firstByte !== undefined && firstByte < 0x20 && firstByte !== 0x0a && firstByte !== 0x0d && firstByte !== 0x09) {
+    return null;
+  }
+
+  const text = buf.toString("utf-8");
+
+  // Only accept clean JSON starting with { or [
+  if (text.startsWith("{") || text.startsWith("[")) {
+    // Validate it's actually parseable JSON
+    try {
+      JSON.parse(text);
+      return text;
+    } catch {
+      return null;
+    }
+  }
+
+  return null;
+}

package/src/providers/cursor-cli/cursor-provider.ts

@@ -0,0 +1,146 @@
+import { CliProvider } from "../cli-provider-base.ts";
+import { mapCursorEvent } from "./cursor-event-mapper.ts";
+import { listCursorSessions, loadCursorHistory } from "./cursor-history.ts";
+import type { ChatEvent, ChatMessage, SessionInfo, ModelOption } from "../provider.interface.ts";
+import type { ChildProcess } from "node:child_process";
+
+const TRUST_PATTERNS = [
+  /workspace trust required/i,
+  /do you trust the contents/i,
+  /pass --trust/i,
+];
+
+/**
+ * Cursor CLI provider — spawns `cursor-agent` with NDJSON streaming.
+ * Extends CliProvider with Cursor-specific event mapping, arg building,
+ * workspace trust auto-retry, and SQLite DAG history.
+ */
+export class CursorCliProvider extends CliProvider {
+  readonly id = "cursor";
+  readonly name = "Cursor";
+  readonly cliCommand = "cursor-agent";
+
+  async isAvailable(): Promise<boolean> {
+    try {
+      const cmd = process.platform === "win32" ? "where" : "which";
+      const proc = Bun.spawn([cmd, "cursor-agent"], { stdout: "pipe", stderr: "pipe" });
+      await proc.exited;
+      return proc.exitCode === 0;
+    } catch {
+      return false;
+    }
+  }
+
+  buildArgs(params: {
+    sessionId?: string;
+    message: string;
+    model?: string;
+    permissionMode?: string;
+    isResume: boolean;
+  }): string[] {
+    const args: string[] = [];
+
+    if (params.sessionId && params.isResume) {
+      args.push(`--resume=${params.sessionId}`);
+    }
+
+    args.push("-p", params.message);
+
+    if (!params.isResume && params.model) {
+      args.push("--model", params.model);
+    }
+
+    args.push("--output-format", "stream-json");
+
+    // Permission mode → CLI flags
+    const mode = params.permissionMode || "default";
+    if (mode === "bypassPermissions") {
+      args.push("-f");
+    }
+
+    return args;
+  }
+
+  mapEvent(raw: unknown, sessionId: string): ChatEvent[] {
+    return mapCursorEvent(raw, sessionId);
+  }
+
+  extractSessionId(raw: unknown): string | null {
+    const obj = raw as Record<string, unknown>;
+    if (obj?.type === "system" && obj?.subtype === "init") {
+      return (obj.session_id as string) || null;
+    }
+    return null;
+  }
+
+  // Override listSessions to include Cursor's native history
+  override async listSessions(): Promise<SessionInfo[]> {
+    const inMemory = await super.listSessions();
+    try {
+      const native = await listCursorSessions(this.id);
+      // Merge: in-memory first, then native (deduplicated)
+      const seen = new Set(inMemory.map((s) => s.id));
+      const merged = [...inMemory];
+      for (const s of native) {
+        if (!seen.has(s.id)) merged.push(s);
+      }
+      return merged;
+    } catch {
+      return inMemory;
+    }
+  }
+
+  // Optional: load history from SQLite
+  async getMessages(sessionId: string): Promise<ChatMessage[]> {
+    const meta = this.sessions.get(sessionId);
+    return loadCursorHistory(sessionId, meta?.projectPath);
+  }
+
+  /** Cached models list with TTL from `cursor-agent --list-models` */
+  private modelsCache: { models: ModelOption[]; expiry: number } | null = null;
+  private static CACHE_TTL = 5 * 60 * 1000; // 5 min
+
+  async listModels(): Promise<ModelOption[]> {
+    if (this.modelsCache && Date.now() < this.modelsCache.expiry) {
+      return this.modelsCache.models;
+    }
+    try {
+      const proc = Bun.spawn(["cursor-agent", "--list-models"], {
+        stdout: "pipe",
+        stderr: "pipe",
+      });
+      const timeout = setTimeout(() => proc.kill(), 10_000);
+      const text = await new Response(proc.stdout).text();
+      clearTimeout(timeout);
+      await proc.exited;
+      const models: ModelOption[] = [];
+      for (const line of text.split("\n")) {
+        // Format: "model-id - Model Label" or "model-id - Model Label  (current, default)"
+        const match = line.match(/^(\S+)\s+-\s+(.+?)(?:\s+\(.*\))?$/);
+        if (match?.[1] && match[2]) {
+          models.push({ value: match[1], label: match[2].trim() });
+        }
+      }
+      if (models.length > 0) {
+        this.modelsCache = { models, expiry: Date.now() + CursorCliProvider.CACHE_TTL };
+      }
+      return models;
+    } catch {
+      return [];
+    }
+  }
+
+  // Workspace trust detection: log warning so user knows to re-run with --trust
+  protected override spawnProcess(args: string[], cwd: string): ChildProcess {
+    const proc = super.spawnProcess(args, cwd);
+
+    proc.stderr?.on("data", (data: Buffer) => {
+      const text = data.toString();
+      if (TRUST_PATTERNS.some((p) => p.test(text))) {
+        console.warn("[cursor] Workspace trust prompt detected. Re-run with bypassPermissions mode or add --trust flag.");
+      }
+    });
+
+    return proc;
+  }
+}

package/src/providers/mock-provider.ts

@@ -167,7 +167,7 @@ export class MockProvider implements AIProvider {
     }
   }
 
-  getMessages(sessionId: string): ChatMessage[] {
+  async getMessages(sessionId: string): Promise<ChatMessage[]> {
     return this.messageHistory.get(sessionId) ?? [];
   }
 }

package/src/providers/provider.interface.ts

@@ -8,4 +8,5 @@ export type {
   ToolApprovalHandler,
   UsageInfo,
   SendMessageOpts,
+  ModelOption,
 } from "../types/chat.ts";

package/src/providers/registry.ts

@@ -19,11 +19,17 @@ class ProviderRegistry {
     return this.providers.get(id);
   }
 
+  /** List providers visible to users (excludes internal-only providers like mock) */
   list(): ProviderInfo[] {
-    return Array.from(this.providers.values()).map((p) => ({
-      id: p.id,
-      name: p.name,
-    }));
+    return Array.from(this.providers.values())
+      .filter((p) => p.id !== "mock")
+      .map((p) => ({ id: p.id, name: p.name }));
+  }
+
+  /** List all registered providers including internal ones (for ChatService aggregation) */
+  listAll(): ProviderInfo[] {
+    return Array.from(this.providers.values())
+      .map((p) => ({ id: p.id, name: p.name }));
   }
 
   /** Get the default provider based on config's default_provider */
@@ -40,5 +46,38 @@ class ProviderRegistry {
 
 /** Singleton registry */
 export const providerRegistry = new ProviderRegistry();
+
+// SDK providers registered synchronously (no binary check needed)
 providerRegistry.register(new ClaudeAgentSdkProvider());
 providerRegistry.register(new MockProvider()); // testing only
+
+/**
+ * Bootstrap CLI providers asynchronously.
+ * Checks isAvailable() before registering — call at server startup.
+ */
+export async function bootstrapProviders(): Promise<void> {
+  try {
+    const { CursorCliProvider } = await import("./cursor-cli/cursor-provider.ts");
+    const cursor = new CursorCliProvider();
+    if (await cursor.isAvailable()) {
+      providerRegistry.register(cursor);
+      // Ensure config has an entry for cursor so settings UI shows it
+      const ai = configService.get("ai");
+      if (!ai.providers["cursor"]) {
+        configService.set("ai", {
+          ...ai,
+          providers: {
+            ...ai.providers,
+            cursor: { type: "cli", cli_command: "cursor-agent", permission_mode: "bypassPermissions" },
+          },
+        });
+        configService.save();
+      }
+      console.log("[registry] Cursor provider registered (cursor-agent found)");
+    } else {
+      console.log("[registry] Cursor provider skipped (cursor-agent not found)");
+    }
+  } catch (e) {
+    console.warn("[registry] Failed to load Cursor provider:", (e as Error).message);
+  }
+}

package/src/server/index.ts

@@ -14,6 +14,7 @@ import { databaseRoutes } from "./routes/database.ts";
 import { fsBrowseRoutes } from "./routes/fs-browse.ts";
 import { accountsRoutes } from "./routes/accounts.ts";
 import { proxyRoutes } from "./routes/proxy.ts";
+import { browserPreviewRoutes } from "./routes/browser-preview.ts";
 import { initAdapters } from "../services/database/init-adapters.ts";
 import { terminalWebSocket } from "./ws/terminal.ts";
 import { chatWebSocket } from "./ws/chat.ts";
@@ -126,6 +127,9 @@ app.route("/proxy", proxyRoutes);
 app.use("/api/*", authMiddleware);
 app.get("/api/auth/check", (c) => c.json(ok(true)));
 
+// Browser preview reverse proxy — proxies to localhost:<port> for iframe embedding
+app.route("/api/preview", browserPreviewRoutes);
+
 // Filesystem operations (browse, list, read, write) — consolidated in fs-browse route
 app.route("/api/fs", fsBrowseRoutes);
 
@@ -166,6 +170,10 @@ export async function startServer(options: {
   // Setup log file (both foreground and daemon modes)
   await setupLogFile();
 
+  // Bootstrap CLI providers (checks binary availability)
+  const { bootstrapProviders } = await import("../providers/registry.ts");
+  await bootstrapProviders();
+
   // Check if port is already in use before starting.
   // Skip in hot-reload mode — Bun.serve() replaces the previous server on the same port,
   // but a net.createServer() probe would see it as "in use" and exit prematurely.

package/src/server/routes/browser-preview.ts

@@ -0,0 +1,89 @@
+import { Hono } from "hono";
+
+/**
+ * Browser preview reverse proxy — forwards requests to localhost:<port>.
+ * Mounted at /api/preview/:port/* so the frontend iframe can load
+ * any localhost dev server through PPM's own origin (avoiding CORS/framing issues).
+ */
+export const browserPreviewRoutes = new Hono();
+
+/** Only allow proxying to localhost ports (security: prevent SSRF) */
+function isValidPort(port: string): boolean {
+  const n = parseInt(port, 10);
+  return !isNaN(n) && n >= 1 && n <= 65535;
+}
+
+browserPreviewRoutes.all("/:port{[0-9]+}/*", async (c) => {
+  const port = c.req.param("port");
+  if (!isValidPort(port)) {
+    return c.text("Invalid port", 400);
+  }
+
+  // Build target URL — strip the /api/preview/:port prefix
+  const url = new URL(c.req.url);
+  const prefix = `/api/preview/${port}`;
+  const targetPath = url.pathname.slice(prefix.length) || "/";
+  const targetUrl = `http://localhost:${port}${targetPath}${url.search}`;
+
+  try {
+    // Forward the request with original method, headers, and body
+    const headers = new Headers(c.req.raw.headers);
+    // Remove host header so target server sees localhost
+    headers.delete("host");
+
+    const resp = await fetch(targetUrl, {
+      method: c.req.method,
+      headers,
+      body: ["GET", "HEAD"].includes(c.req.method) ? undefined : c.req.raw.body,
+      redirect: "manual",
+    });
+
+    // Clone response headers, remove framing restrictions so iframe works
+    const respHeaders = new Headers(resp.headers);
+    respHeaders.delete("x-frame-options");
+    respHeaders.delete("content-security-policy");
+
+    return new Response(resp.body, {
+      status: resp.status,
+      statusText: resp.statusText,
+      headers: respHeaders,
+    });
+  } catch {
+    return c.text(`Cannot connect to localhost:${port}`, 502);
+  }
+});
+
+// Handle root path (no trailing slash)
+browserPreviewRoutes.all("/:port{[0-9]+}", async (c) => {
+  const port = c.req.param("port");
+  if (!isValidPort(port)) {
+    return c.text("Invalid port", 400);
+  }
+
+  const url = new URL(c.req.url);
+  const targetUrl = `http://localhost:${port}/${url.search}`;
+
+  try {
+    const headers = new Headers(c.req.raw.headers);
+    headers.delete("host");
+
+    const resp = await fetch(targetUrl, {
+      method: c.req.method,
+      headers,
+      body: ["GET", "HEAD"].includes(c.req.method) ? undefined : c.req.raw.body,
+      redirect: "manual",
+    });
+
+    const respHeaders = new Headers(resp.headers);
+    respHeaders.delete("x-frame-options");
+    respHeaders.delete("content-security-policy");
+
+    return new Response(resp.body, {
+      status: resp.status,
+      statusText: resp.statusText,
+      headers: respHeaders,
+    });
+  } catch {
+    return c.text(`Cannot connect to localhost:${port}`, 502);
+  }
+});

package/src/server/routes/chat.ts

@@ -57,6 +57,19 @@ chatRoutes.get("/providers", (c) => {
   }
 });
 
+/** GET /chat/providers/:providerId/models — list available models for a provider */
+chatRoutes.get("/providers/:providerId/models", async (c) => {
+  try {
+    const providerId = c.req.param("providerId");
+    const provider = providerRegistry.get(providerId);
+    if (!provider) return c.json(err(`Provider "${providerId}" not found`), 404);
+    const models = await provider.listModels?.() ?? [];
+    return c.json(ok(models));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
 /** GET /chat/sessions — list chat sessions filtered by project from context */
 chatRoutes.get("/sessions", async (c) => {
   try {
@@ -146,9 +159,7 @@ chatRoutes.post("/sessions/:id/fork", async (c) => {
     });
     // Store fork source so WS handler knows to use forkSession on first message
     const provider = providerRegistry.get(providerId);
-    if (provider && "setForkSource" in provider) {
-      (provider as any).setForkSource(session.id, sourceId);
-    }
+    provider?.setForkSource?.(session.id, sourceId);
     return c.json(ok({ ...session, forkedFrom: sourceId }), 201);
   } catch (e) {
     return c.json(err((e as Error).message), 500);

package/src/server/routes/settings.ts

@@ -11,6 +11,7 @@ import {
 } from "../../types/config.ts";
 import { ok, err } from "../../types/api.ts";
 import { proxyService } from "../../services/proxy.service.ts";
+import { providerRegistry } from "../../providers/registry.ts";
 
 export const settingsRoutes = new Hono();
 
@@ -155,6 +156,19 @@ settingsRoutes.put("/ai", async (c) => {
   }
 });
 
+/** GET /settings/ai/providers/:id/models — list models for a provider (global, no project context needed) */
+settingsRoutes.get("/ai/providers/:id/models", async (c) => {
+  try {
+    const id = c.req.param("id");
+    const provider = providerRegistry.get(id);
+    if (!provider) return c.json(err(`Provider "${id}" not found`), 404);
+    const models = await provider.listModels?.() ?? [];
+    return c.json(ok(models));
+  } catch (e) {
+    return c.json(err((e as Error).message), 500);
+  }
+});
+
 // ── Keybindings ──────────────────────────────────────────────────────
 
 const KEYBINDINGS_KEY = "keybindings";

package/src/server/ws/chat.ts

@@ -135,7 +135,8 @@ function startCleanupTimer(sessionId: string): void {
  * Standalone streaming loop — decoupled from WS message handler.
  * Runs independently so WS close does NOT kill the Claude query.
  */
-async function runStreamLoop(sessionId: string, providerId: string, content: string, permissionMode?: string): Promise<void> {
+async function runStreamLoop(initialSessionId: string, providerId: string, content: string, permissionMode?: string): Promise<void> {
+  let sessionId = initialSessionId;
   const entry = activeSessions.get(sessionId);
   if (!entry) {
     console.error(`[chat] session=${sessionId} runStreamLoop: no entry — aborting`);
@@ -198,6 +199,23 @@ async function runStreamLoop(sessionId: string, providerId: string, content: str
       const ev = event as any;
       const evType = ev.type ?? "unknown";
 
+      // Session ID migrated: CLI provider assigned a different ID than PPM generated.
+      // Migrate activeSessions key so all subsequent events use the real ID.
+      if (evType === "session_migrated") {
+        const { oldSessionId, newSessionId } = ev;
+        const migrated = activeSessions.get(oldSessionId);
+        if (migrated) {
+          activeSessions.delete(oldSessionId);
+          activeSessions.set(newSessionId, migrated);
+          sessionId = newSessionId; // update local ref for subsequent setPhase/broadcast calls
+          // Notify frontend to update its sessionId state
+          broadcast(newSessionId, { type: "session_migrated", oldSessionId, newSessionId });
+          console.log(`[chat] session migrated: ${oldSessionId} → ${newSessionId}`);
+          logSessionEvent(newSessionId, "INFO", `Session ID migrated from ${oldSessionId}`);
+        }
+        continue;
+      }
+
       // System events (hook_started, init, etc.) → transition connecting → thinking
       // These indicate SDK has connected and is processing, but no content yet.
       if (evType === "system") {
@@ -479,17 +497,17 @@ export const chatWebSocket = {
 
       // Resume session in provider (can be slow on first call — sdkListSessions)
       const provider = providerRegistry.get(providerId);
-      if (provider && "resumeSession" in provider) {
+      if (provider) {
         const t0 = Date.now();
-        await (provider as any).resumeSession(sessionId);
+        await provider.resumeSession(sessionId);
         const elapsed = Date.now() - t0;
         if (elapsed > 500) {
           console.warn(`[chat] session=${sessionId} resumeSession took ${elapsed}ms`);
           logSessionEvent(sessionId, "PERF", `resumeSession took ${elapsed}ms`);
         }
       }
-      if (entry.projectPath && provider && "ensureProjectPath" in provider) {
-        (provider as any).ensureProjectPath(sessionId, entry.projectPath);
+      if (entry.projectPath && provider?.ensureProjectPath) {
+        provider.ensureProjectPath(sessionId, entry.projectPath);
       }
 
       // Abort-and-replace: if already streaming, abort current query and wait for cleanup
@@ -518,9 +536,7 @@ export const chatWebSocket = {
       });
     } else if (parsed.type === "cancel") {
       const provider = providerRegistry.get(providerId);
-      if (provider && "abortQuery" in provider && typeof (provider as any).abortQuery === "function") {
-        (provider as any).abortQuery(sessionId);
-      }
+      provider?.abortQuery?.(sessionId);
     } else if (parsed.type === "approval_response") {
       const provider = providerRegistry.get(providerId);
       if (provider && typeof provider.resolveApproval === "function") {