@hydra-acp/cli 0.1.7 → 0.1.9

package/dist/index.js

@@ -1,6 +1,6 @@
 // src/daemon/server.ts
-import * as fs9 from "fs";
-import * as fsp3 from "fs/promises";
+import * as fs10 from "fs";
+import * as fsp4 from "fs/promises";
 import Fastify from "fastify";
 import websocketPlugin from "@fastify/websocket";
 import pino from "pino";
@@ -43,6 +43,18 @@ var paths = {
   // machine's binaries cleanly separated. `ls agents/` immediately
   // shows which platforms have ever installed anything.
   agentInstallDir: (id, platformKey, version) => path.join(hydraHome(), "agents", platformKey, id, version),
+  // npm install cache for npx-distributed agents. The trailing
+  // node<ABI> segment keys on process.versions.modules so a Node
+  // major bump (different ABI → native modules incompatible) yields
+  // a fresh install rather than failing at require() time.
+  agentNpmInstallDir: (id, platformKey, version) => path.join(
+    hydraHome(),
+    "agents",
+    platformKey,
+    id,
+    version,
+    `node${process.versions.modules}`
+  ),
   sessionsDir: () => path.join(hydraHome(), "sessions"),
   // One directory per session id under sessions/. Co-locates the
   // session record, its transcript, and any future per-session state
@@ -69,7 +81,16 @@ var DaemonConfig = z.object({
   authToken: z.string().min(16),
   logLevel: z.enum(["debug", "info", "warn", "error"]).default("info"),
   tls: TlsConfig.optional(),
-  sessionIdleTimeoutSeconds: z.number().int().nonnegative().default(3600)
+  sessionIdleTimeoutSeconds: z.number().int().nonnegative().default(3600),
+  // Cap on entries kept in a session's on-disk replay log (history.jsonl).
+  // Compaction trims to this many on a periodic basis; reads also slice
+  // to the tail at this length as a defensive measure against older
+  // daemons that may have written unbounded files.
+  sessionHistoryMaxEntries: z.number().int().positive().default(1e3),
+  // Bytes of trailing agent stderr buffered per AgentInstance so the
+  // daemon can include it in the diagnostic message when a spawn fails.
+  // Bump if your agents emit large tracebacks you want surfaced.
+  agentStderrTailBytes: z.number().int().positive().default(4096)
 });
 var RegistryConfig = z.object({
   url: z.string().url().default(REGISTRY_URL_DEFAULT),
@@ -92,7 +113,14 @@ var TuiConfig = z.object({
   // text selection requires shift+drag to bypass mouse reporting. Set
   // false to disable capture — wheel scrollback stops working, but
   // plain click-drag selects text via the terminal emulator.
-  mouse: z.boolean().default(true)
+  mouse: z.boolean().default(true),
+  // Size at which the TUI's session/update debug log (tui.log) rotates
+  // to tui.log.0 and resets. Bounds on-disk use at ~2x this value.
+  logMaxBytes: z.number().int().positive().default(5 * 1024 * 1024),
+  // Width cap on the cwd column in the `sessions list` output and the
+  // TUI picker. Set higher if you keep deeply-nested working directories
+  // and want them visible; the elastic title column shrinks to make room.
+  cwdColumnMaxWidth: z.number().int().positive().default(24)
 });
 var ExtensionName = z.string().min(1).regex(/^[A-Za-z0-9._-]+$/, "extension name must be filename-safe");
 var ExtensionBody = z.object({
@@ -128,9 +156,14 @@ var HydraConfig = z.object({
   tui: TuiConfig.default({
     repaintThrottleMs: 1e3,
     maxScrollbackLines: 1e4,
-    mouse: true
+    mouse: true,
+    logMaxBytes: 5 * 1024 * 1024,
+    cwdColumnMaxWidth: 24
   })
 });
+var HydraConfigReadOnly = HydraConfig.extend({
+  daemon: DaemonConfig.omit({ authToken: true })
+});
 function extensionList(config) {
   return Object.entries(config.extensions).map(([name, body]) => ({
     name,
@@ -472,9 +505,129 @@ async function fileExists(p) {
   }
 }
 
+// src/core/npm-install.ts
+import * as fsp2 from "fs/promises";
+import * as path3 from "path";
+import { spawn as spawn2 } from "child_process";
+var logSink2 = (msg) => {
+  process.stderr.write(msg + "\n");
+};
+function setNpmInstallLogger(log) {
+  logSink2 = log ?? ((msg) => process.stderr.write(msg + "\n"));
+}
+async function ensureNpmPackage(args) {
+  const platformKey = currentPlatformKey();
+  if (!platformKey) {
+    throw new Error(
+      `Agent ${args.agentId}: cannot determine platform key for ${process.platform}/${process.arch}`
+    );
+  }
+  const installDir = paths.agentNpmInstallDir(
+    args.agentId,
+    platformKey,
+    args.version
+  );
+  const binPath = path3.join(installDir, "node_modules", ".bin", args.bin);
+  if (await fileExists2(binPath)) {
+    return binPath;
+  }
+  await installInto({
+    agentId: args.agentId,
+    packageSpec: args.packageSpec,
+    installDir
+  });
+  if (!await fileExists2(binPath)) {
+    throw new Error(
+      `Agent ${args.agentId}: npm install of ${args.packageSpec} did not produce bin ${args.bin} (looked in ${installDir}/node_modules/.bin/)`
+    );
+  }
+  return binPath;
+}
+async function installInto(args) {
+  await fsp2.mkdir(path3.dirname(args.installDir), { recursive: true });
+  const tempDir = await fsp2.mkdtemp(`${args.installDir}.partial-`);
+  try {
+    logSink2(
+      `hydra-acp: installing ${args.packageSpec} for ${args.agentId} into ${tempDir}`
+    );
+    await runNpmInstall({
+      packageSpec: args.packageSpec,
+      cwd: tempDir
+    });
+    try {
+      await fsp2.rename(tempDir, args.installDir);
+    } catch (err) {
+      const e = err;
+      if ((e.code === "EEXIST" || e.code === "ENOTEMPTY") && await fileExists2(args.installDir)) {
+        await fsp2.rm(tempDir, { recursive: true, force: true }).catch(
+          () => void 0
+        );
+        return;
+      }
+      throw err;
+    }
+    logSink2(`hydra-acp: installed ${args.agentId} to ${args.installDir}`);
+  } catch (err) {
+    await fsp2.rm(tempDir, { recursive: true, force: true }).catch(
+      () => void 0
+    );
+    throw err;
+  }
+}
+function runNpmInstall(args) {
+  return new Promise((resolve3, reject) => {
+    const child = spawn2(
+      "npm",
+      ["install", "--no-audit", "--no-fund", "--silent", args.packageSpec],
+      {
+        cwd: args.cwd,
+        stdio: ["ignore", "pipe", "pipe"]
+      }
+    );
+    let stderrTail = "";
+    child.stdout?.on("data", (chunk) => {
+      void chunk;
+    });
+    child.stderr?.setEncoding("utf8");
+    child.stderr?.on("data", (chunk) => {
+      stderrTail = (stderrTail + chunk).slice(-4096);
+    });
+    child.on("error", (err) => {
+      const msg = err.code === "ENOENT" ? `npm not found on PATH (install Node.js / npm, or use a binary-distributed agent)` : err.message;
+      reject(new Error(msg));
+    });
+    child.on("exit", (code, signal) => {
+      if (code === 0) {
+        resolve3();
+        return;
+      }
+      const reason = code !== null ? `exit code ${code}` : `signal ${signal ?? "unknown"}`;
+      const tail = stderrTail.trim();
+      reject(
+        new Error(
+          tail ? `npm install ${args.packageSpec} failed (${reason})
+stderr: ${tail}` : `npm install ${args.packageSpec} failed (${reason})`
+        )
+      );
+    });
+  });
+}
+async function fileExists2(p) {
+  try {
+    await fsp2.access(p);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
 // src/core/registry.ts
 var NpxDistribution = z2.object({
   package: z2.string(),
+  // The bin to invoke after install. Defaults to the package basename
+  // (e.g. "claude-code" for "@anthropic-ai/claude-code"). Required when
+  // the package exposes a bin name that differs from its basename.
+  bin: z2.string().optional(),
   args: z2.array(z2.string()).optional(),
   env: z2.record(z2.string()).optional()
 });
@@ -638,9 +791,23 @@ async function planSpawn(agent, callerArgs = []) {
   if (agent.distribution.npx) {
     const npx = agent.distribution.npx;
     const tail = callerArgs.length > 0 ? callerArgs : npx.args ?? [];
+    if (process.env.HYDRA_ACP_SKIP_NPM_PREFETCH) {
+      return {
+        command: "npx",
+        args: ["-y", npx.package, ...tail],
+        env: npx.env ?? {}
+      };
+    }
+    const bin = npx.bin ?? npxPackageBasename(agent) ?? npx.package;
+    const binPath = await ensureNpmPackage({
+      agentId: agent.id,
+      version: agent.version ?? "current",
+      packageSpec: npx.package,
+      bin
+    });
     return {
-      command: "npx",
-      args: ["-y", npx.package, ...tail],
+      command: binPath,
+      args: tail,
       env: npx.env ?? {}
     };
   }
@@ -675,26 +842,34 @@ async function planSpawn(agent, callerArgs = []) {
   throw new Error(`Agent ${agent.id} has no usable distribution method.`);
 }
 
-// src/core/session-manager.ts
-import * as fs7 from "fs/promises";
-import { customAlphabet as customAlphabet3 } from "nanoid";
-
 // src/core/agent-instance.ts
-import { spawn as spawn2 } from "child_process";
+import { spawn as spawn3 } from "child_process";
 
 // src/acp/types.ts
 import { z as z3 } from "zod";
+var ACP_PROTOCOL_VERSION = 1;
 var JsonRpcErrorCodes = {
   ParseError: -32700,
   InvalidRequest: -32600,
   MethodNotFound: -32601,
   InvalidParams: -32602,
   InternalError: -32603,
+  // -32001…-32003 reserved for RFD #533 attach semantics:
+  //   -32001 Session not found
+  //   -32002 Not authorised to attach
+  //   -32003 Session does not support multi-client attach
+  // We emit -32001 (matching); the other two are reserved for spec
+  // alignment even though we don't currently emit them (we bearer-auth
+  // at WS upgrade time and always support multi-client attach).
   SessionNotFound: -32001,
-  PermissionDenied: -32002,
-  AlreadyAttached: -32003,
+  NotAuthorisedToAttach: -32002,
+  MultiClientNotSupported: -32003,
   AgentNotInstalled: -32005,
-  BundleAlreadyImported: -32010
+  // Hydra-internal codes — outside the RFD's reserved range so they
+  // can't collide with future spec assignments.
+  BundleAlreadyImported: -32010,
+  PermissionDenied: -32011,
+  AlreadyAttached: -32012
 };
 var InitializeParams = z3.object({
   protocolVersion: z3.number().optional(),
@@ -704,7 +879,12 @@ var InitializeParams = z3.object({
     version: z3.string().optional()
   }).optional()
 });
-var HistoryPolicy = z3.enum(["full", "pending_only", "none"]);
+var HistoryPolicy = z3.enum([
+  "full",
+  "pending_only",
+  "none",
+  "after_message"
+]);
 var SessionNewParams = z3.object({
   cwd: z3.string(),
   agentId: z3.string().optional(),
@@ -720,6 +900,18 @@ var SessionResumeHints = z3.object({
 var SessionAttachParams = z3.object({
   sessionId: z3.string(),
   historyPolicy: HistoryPolicy.default("full"),
+  // Required when historyPolicy is "after_message"; ignored otherwise.
+  // The proxy replays history entries strictly after the entry whose
+  // messageId matches this value. If the id isn't found in the buffer,
+  // the response.historyPolicy field surfaces "full" so the caller
+  // knows we fell back. Per RFD #533.
+  afterMessageId: z3.string().optional(),
+  // Caller-assigned opaque id (e.g. a UUID). When provided, the proxy
+  // echoes it in resolvedBy/sentBy and lifecycle events so other
+  // clients can disambiguate multiple instances of the same
+  // clientInfo.name. When omitted, the proxy assigns one and returns
+  // it in the response. Per RFD #533.
+  clientId: z3.string().optional(),
   clientInfo: z3.object({
     name: z3.string(),
     version: z3.string().optional()
@@ -1013,6 +1205,13 @@ var JsonRpcConnection = class _JsonRpcConnection {
     }
     await this.stream.close();
   }
+  // Force-close with an error. Rejects all pending requests and fires
+  // close handlers carrying `err`. Used by transports that detect a
+  // failure (e.g. child process crash, spawn ENOENT) the stream itself
+  // can't surface as a stdout/stdin error.
+  fail(err) {
+    this.handleClose(err);
+  }
   handleIncoming(message) {
     if ("method" in message) {
       if ("id" in message && message.id !== void 0) {
@@ -1105,17 +1304,22 @@ var JsonRpcConnection = class _JsonRpcConnection {
 };
 
 // src/core/agent-instance.ts
+var DEFAULT_STDERR_TAIL_BYTES = 4096;
 var AgentInstance = class _AgentInstance {
   agentId;
   cwd;
   connection;
   child;
   exited = false;
+  killed = false;
+  stderrTail = "";
+  stderrTailBytes;
   exitHandlers = [];
   constructor(opts, child) {
     this.agentId = opts.agentId;
     this.cwd = opts.cwd;
     this.child = child;
+    this.stderrTailBytes = opts.stderrTailBytes ?? DEFAULT_STDERR_TAIL_BYTES;
     if (!child.stdout || !child.stdin) {
       throw new Error("agent subprocess missing stdio");
     }
@@ -1123,22 +1327,36 @@ var AgentInstance = class _AgentInstance {
     this.connection = new JsonRpcConnection(stream);
     child.stderr?.setEncoding("utf8");
     child.stderr?.on("data", (chunk) => {
+      this.stderrTail = (this.stderrTail + chunk).slice(-this.stderrTailBytes);
       process.stderr.write(`[${opts.agentId}] ${chunk}`);
     });
+    child.on("error", (err) => {
+      const msg = this.formatFailure(err.message);
+      this.connection.fail(new Error(msg));
+    });
     child.on("exit", (code, signal) => {
       this.exited = true;
+      if (!this.killed) {
+        const reason = `agent ${opts.agentId} exited before responding (code=${code} signal=${signal})`;
+        this.connection.fail(new Error(this.formatFailure(reason)));
+      }
       for (const handler of this.exitHandlers) {
         handler(code, signal);
       }
     });
   }
+  formatFailure(reason) {
+    const tail = this.stderrTail.trim();
+    return tail ? `${reason}
+stderr: ${tail}` : reason;
+  }
   static spawn(opts) {
     const env = {
       ...process.env,
       ...opts.plan.env,
       ...opts.extraEnv ?? {}
     };
-    const child = spawn2(opts.plan.command, opts.plan.args, {
+    const child = spawn3(opts.plan.command, opts.plan.args, {
       cwd: opts.cwd,
       env,
       stdio: ["pipe", "pipe", "pipe"]
@@ -1155,11 +1373,17 @@ var AgentInstance = class _AgentInstance {
     if (this.exited) {
       return;
     }
+    this.killed = true;
     await this.connection.close().catch(() => void 0);
     this.child.kill(signal);
   }
 };
 
+// src/core/session-manager.ts
+import * as fs8 from "fs/promises";
+import * as os2 from "os";
+import { customAlphabet as customAlphabet3 } from "nanoid";
+
 // src/core/session.ts
 import { customAlphabet } from "nanoid";
 
@@ -1189,8 +1413,10 @@ function hydraCommandsAsAdvertised() {
 var HYDRA_ID_ALPHABET = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 var generateHydraId = customAlphabet(HYDRA_ID_ALPHABET, 16);
 var HYDRA_SESSION_PREFIX = "hydra_session_";
-var MAX_HISTORY_ENTRIES = 1e3;
-var COMPACT_EVERY = 200;
+function generateMessageId() {
+  return `m_${generateHydraId()}`;
+}
+var DEFAULT_HISTORY_MAX_ENTRIES = 1e3;
 var Session = class {
   sessionId;
   cwd;
@@ -1232,11 +1458,13 @@ var Session = class {
   // Bumped by broadcastPromptReceived, cleared by broadcastTurnComplete.
   // Drives the mid-turn elapsed counter delivered to fresh attachers.
   promptStartedAt;
-  // Counts appends since the last compaction. When it hits COMPACT_EVERY
+  // Counts appends since the last compaction. When it hits compactEvery
   // we ask the history store to trim the file to the most recent
-  // MAX_HISTORY_ENTRIES. Keeps file growth bounded without per-append
+  // historyMaxEntries. Keeps file growth bounded without per-append
   // file-size checks.
   appendCount = 0;
+  historyMaxEntries;
+  compactEvery;
   // Permission requests that have been broadcast to one or more
   // clients but have not yet resolved. Replayed to clients that
   // attach mid-flight so a late joiner sees the prompt instead of an
@@ -1293,6 +1521,8 @@ var Session = class {
       this.firstPromptSeeded = true;
     }
     this.historyStore = init.historyStore;
+    this.historyMaxEntries = init.historyMaxEntries ?? DEFAULT_HISTORY_MAX_ENTRIES;
+    this.compactEvery = Math.max(1, Math.floor(this.historyMaxEntries * 0.2));
     this.updatedAt = Date.now();
     this.createdAt = init.createdAt ?? this.updatedAt;
     this.lastRecordedAt = this.updatedAt;
@@ -1360,6 +1590,30 @@ var Session = class {
   get attachedCount() {
     return this.clients.size;
   }
+  // Roster of currently-attached clients, optionally excluding one
+  // clientId. Used by the daemon to populate connectedClients on the
+  // session/attach response (per RFD #533) — the freshly-attaching
+  // client wants to see who else is on the session but not itself in
+  // the list.
+  connectedClients(excludeClientId) {
+    const out = [];
+    for (const client of this.clients.values()) {
+      if (excludeClientId && client.clientId === excludeClientId) {
+        continue;
+      }
+      const entry = {
+        clientId: client.clientId
+      };
+      if (client.clientInfo?.name) {
+        entry.name = client.clientInfo.name;
+      }
+      if (client.clientInfo?.version) {
+        entry.version = client.clientInfo.version;
+      }
+      out.push(entry);
+    }
+    return out;
+  }
   // Wall-clock when the in-flight agent turn began, or undefined when
   // idle. Tracked in-memory by broadcastPromptReceived/broadcastTurnComplete
   // so the daemon can hand a fresh attacher mid-turn the right elapsed
@@ -1391,10 +1645,12 @@ var Session = class {
     };
   }
   // Register a client and (asynchronously) load the replay slice it
-  // should receive. Validation errors throw synchronously so callers
-  // can rely on either the registration being in effect or having
-  // thrown; the disk-load is the only async work.
-  attach(client, historyPolicy) {
+  // should receive. Returns both the slice to replay and the actual
+  // historyPolicy applied (which may differ from the requested one
+  // when after_message falls back to full). Validation errors throw
+  // synchronously so callers can rely on either the registration being
+  // in effect or having thrown; the disk-load is the only async work.
+  attach(client, historyPolicy, opts = {}) {
     if (this.closed) {
       throw withCode(
         new Error("session is closed"),
@@ -1410,9 +1666,20 @@ var Session = class {
     this.clients.set(client.clientId, client);
     this.updatedAt = Date.now();
     if (historyPolicy === "none" || historyPolicy === "pending_only") {
-      return Promise.resolve([]);
+      return Promise.resolve({ entries: [], appliedPolicy: historyPolicy });
     }
-    return this.getHistorySnapshot();
+    return this.loadReplay(historyPolicy, opts);
+  }
+  async loadReplay(historyPolicy, opts) {
+    const all = await this.getHistorySnapshot();
+    if (historyPolicy === "after_message") {
+      const cutoff = opts.afterMessageId ? findMessageIdIndex(all, opts.afterMessageId) : -1;
+      if (cutoff < 0) {
+        return { entries: all, appliedPolicy: "full" };
+      }
+      return { entries: all.slice(cutoff + 1), appliedPolicy: "after_message" };
+    }
+    return { entries: all, appliedPolicy: "full" };
   }
   // Dispatch in-flight permission requests to a freshly-attached
   // client. Called by the daemon's WS handler *after* it finishes
@@ -1424,8 +1691,39 @@ var Session = class {
     }
   }
   detach(clientId) {
-    if (this.clients.delete(clientId)) {
-      this.updatedAt = Date.now();
+    const leaving = this.clients.get(clientId);
+    if (!leaving) {
+      return;
+    }
+    this.clients.delete(clientId);
+    this.updatedAt = Date.now();
+    this.broadcastClientDisconnected(leaving);
+  }
+  // Notify remaining attached clients that a peer just left, per
+  // RFD #533. Fires for both explicit session/detach and ws-close
+  // teardown (acp-ws calls Session.detach() in both paths). The
+  // notification is broadcast (not recorded) — peer presence is
+  // transient, not part of conversation history.
+  broadcastClientDisconnected(client) {
+    const info = {
+      clientId: client.clientId
+    };
+    if (client.clientInfo?.name) {
+      info.name = client.clientInfo.name;
+    }
+    if (client.clientInfo?.version) {
+      info.version = client.clientInfo.version;
+    }
+    const update = {
+      sessionUpdate: "client_disconnected",
+      client: info,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    for (const peer of this.clients.values()) {
+      void peer.connection.notify("session/update", {
+        sessionId: this.sessionId,
+        update
+      }).catch(() => void 0);
     }
   }
   async prompt(clientId, params) {
@@ -1478,6 +1776,7 @@ var Session = class {
         sessionId: this.sessionId,
         update: {
           sessionUpdate: "prompt_received",
+          messageId: generateMessageId(),
           prompt: promptParams.prompt,
           sentBy
         }
@@ -1503,7 +1802,8 @@ var Session = class {
   broadcastTurnComplete(originatorClientId, response) {
     const stopReason = response && typeof response === "object" && "stopReason" in response && typeof response.stopReason === "string" ? response.stopReason : void 0;
     const update = {
-      sessionUpdate: "turn_complete"
+      sessionUpdate: "turn_complete",
+      messageId: generateMessageId()
     };
     if (stopReason !== void 0) {
       update.stopReason = stopReason;
@@ -2120,10 +2420,11 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
   recordAndBroadcast(method, params, excludeClientId) {
     const rewritten = this.rewriteForClient(params);
     const recordable = !isStateUpdate(method, rewritten);
+    const broadcast = recordable ? ensureMessageIdOnUpdate(method, rewritten) : rewritten;
     if (recordable) {
       const entry = {
         method,
-        params: rewritten,
+        params: broadcast,
         recordedAt: Date.now()
       };
       this.lastRecordedAt = entry.recordedAt;
@@ -2131,9 +2432,9 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
       if (this.historyStore) {
         const store = this.historyStore;
         void store.append(this.sessionId, entry).catch(() => void 0);
-        if (this.appendCount >= COMPACT_EVERY) {
+        if (this.appendCount >= this.compactEvery) {
           this.appendCount = 0;
-          void store.compact(this.sessionId, MAX_HISTORY_ENTRIES).catch(
+          void store.compact(this.sessionId, this.historyMaxEntries).catch(
             () => void 0
           );
         }
@@ -2151,7 +2452,7 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
       if (excludeClientId && client.clientId === excludeClientId) {
         continue;
       }
-      void client.connection.notify(method, rewritten).catch(() => void 0);
+      void client.connection.notify(method, broadcast).catch(() => void 0);
     }
   }
   async handlePermissionRequest(params) {
@@ -2163,11 +2464,13 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
       );
     }
     const clientParams = this.rewriteForClient(params);
+    const toolCallId = extractToolCallId(clientParams);
     return new Promise((resolve3, reject) => {
       let settled = false;
       const outbound = [];
       const entry = { addClient: sendTo };
       this.inFlightPermissions.add(entry);
+      const sessionId = this.sessionId;
       const settle = (fn) => {
         if (settled) {
           return;
@@ -2180,22 +2483,25 @@ _(switched from \`${oldAgentId}\` to \`${newAgentId}\`)_
         if (settled) {
           return;
         }
-        const { id, response } = client.connection.requestWithId(
+        const response = client.connection.request(
           "session/request_permission",
           clientParams
         );
-        outbound.push({ client, id });
+        outbound.push({ client });
         void response.then((result) => {
           settle(() => {
+            const update = buildPermissionResolvedUpdate({
+              toolCallId,
+              result,
+              resolver: client
+            });
             for (const o of outbound) {
               if (o.client.clientId === client.clientId) {
                 continue;
               }
-              void o.client.connection.notify("session/permission_resolved", {
-                ...clientParams,
-                requestId: o.id,
-                resolvedBy: client.clientId,
-                result
+              void o.client.connection.notify("session/update", {
+                sessionId,
+                update
               }).catch(() => void 0);
             }
             resolve3(result);
@@ -2308,6 +2614,97 @@ function extractAdvertisedCommands(params) {
   }
   return out;
 }
+function ensureMessageIdOnUpdate(method, params) {
+  if (method !== "session/update" || !params || typeof params !== "object") {
+    return params;
+  }
+  const p = params;
+  if (!p.update || typeof p.update !== "object" || Array.isArray(p.update)) {
+    return params;
+  }
+  const u = p.update;
+  if (typeof u.messageId === "string") {
+    return params;
+  }
+  return {
+    ...params,
+    update: { ...p.update, messageId: generateMessageId() }
+  };
+}
+function findMessageIdIndex(history, target) {
+  for (let i = 0; i < history.length; i++) {
+    const entry = history[i];
+    if (!entry || entry.method !== "session/update") {
+      continue;
+    }
+    const params = entry.params;
+    if (params?.update?.messageId === target) {
+      return i;
+    }
+  }
+  return -1;
+}
+function extractToolCallId(params) {
+  if (!params || typeof params !== "object") {
+    return void 0;
+  }
+  const toolCall = params.toolCall;
+  if (!toolCall || typeof toolCall !== "object") {
+    return void 0;
+  }
+  const id = toolCall.toolCallId;
+  return typeof id === "string" ? id : void 0;
+}
+function buildPermissionResolvedUpdate(args) {
+  const outcome = extractOutcome(args.result);
+  const update = {
+    sessionUpdate: "permission_resolved"
+  };
+  if (args.toolCallId !== void 0) {
+    update.toolCallId = args.toolCallId;
+  }
+  if (outcome) {
+    update.outcome = outcome;
+    if (outcome.kind === "selected" && typeof outcome.optionId === "string") {
+      update.chosenOptionId = outcome.optionId;
+    }
+  }
+  update.resolvedBy = buildResolvedBy(args.resolver);
+  return update;
+}
+function extractOutcome(result) {
+  if (!result || typeof result !== "object") {
+    return void 0;
+  }
+  const raw = result.outcome;
+  if (!raw || typeof raw !== "object") {
+    return void 0;
+  }
+  const kind = raw.kind;
+  if (typeof kind !== "string") {
+    return void 0;
+  }
+  const out = { kind };
+  const optionId = raw.optionId;
+  if (typeof optionId === "string") {
+    out.optionId = optionId;
+  }
+  const reason = raw.reason;
+  if (typeof reason === "string") {
+    out.reason = reason;
+  }
+  return out;
+}
+function buildResolvedBy(client) {
+  const out = { clientId: client.clientId };
+  if (client.clientInfo?.name) {
+    out.name = client.clientInfo.name;
+  }
+  if (client.clientInfo?.version) {
+    out.version = client.clientInfo.version;
+  }
+  return out;
+}
 function extractPromptText(prompt) {
   if (typeof prompt === "string") {
     return prompt;
@@ -2335,7 +2732,7 @@ function firstLine(text, max) {
 
 // src/core/session-store.ts
 import * as fs4 from "fs/promises";
-import * as path3 from "path";
+import * as path4 from "path";
 import { customAlphabet as customAlphabet2 } from "nanoid";
 import { z as z4 } from "zod";
 var HYDRA_ID_ALPHABET2 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
@@ -2507,12 +2904,16 @@ function recordFromMemorySession(args) {
 // src/core/history-store.ts
 import * as fs5 from "fs/promises";
 var SESSION_ID_PATTERN2 = /^[A-Za-z0-9_-]+$/;
-var MAX_ENTRIES = 1e3;
+var DEFAULT_MAX_ENTRIES = 1e3;
 var HistoryStore = class {
   // Serialize writes per session id so appends and rewrites don't
   // interleave JSONL lines on disk. The chain swallows errors so one
   // failed append doesn't poison every subsequent write.
   writeQueues = /* @__PURE__ */ new Map();
+  maxEntries;
+  constructor(options = {}) {
+    this.maxEntries = options.maxEntries ?? DEFAULT_MAX_ENTRIES;
+  }
   async append(sessionId, entry) {
     if (!SESSION_ID_PATTERN2.test(sessionId)) {
       return;
@@ -2614,8 +3015,8 @@ var HistoryStore = class {
         recordedAt: obj.recordedAt
       });
     }
-    if (out.length > MAX_ENTRIES) {
-      return out.slice(-MAX_ENTRIES);
+    if (out.length > this.maxEntries) {
+      return out.slice(-this.maxEntries);
     }
     return out;
   }
@@ -2658,13 +3059,40 @@ var HistoryStore = class {
 
 // src/tui/history.ts
 import { promises as fs6 } from "fs";
-import * as path4 from "path";
+import * as path5 from "path";
 async function saveHistory(file, history) {
-  await fs6.mkdir(path4.dirname(file), { recursive: true });
+  await fs6.mkdir(path5.dirname(file), { recursive: true });
   const lines = history.map((entry) => JSON.stringify(entry));
   await fs6.writeFile(file, lines.length > 0 ? lines.join("\n") + "\n" : "");
 }
 
+// src/core/hydra-version.ts
+import { fileURLToPath } from "url";
+import * as path6 from "path";
+import * as fs7 from "fs";
+function resolveVersion() {
+  try {
+    let dir = path6.dirname(fileURLToPath(import.meta.url));
+    for (let i = 0; i < 8; i += 1) {
+      const candidate = path6.join(dir, "package.json");
+      if (fs7.existsSync(candidate)) {
+        const pkg = JSON.parse(fs7.readFileSync(candidate, "utf8"));
+        if (typeof pkg.version === "string" && pkg.version.length > 0 && (typeof pkg.name !== "string" || pkg.name.includes("hydra-acp"))) {
+          return pkg.version;
+        }
+      }
+      const parent = path6.dirname(dir);
+      if (parent === dir) {
+        break;
+      }
+      dir = parent;
+    }
+  } catch {
+  }
+  return "0.0.0";
+}
+var HYDRA_VERSION = resolveVersion();
+
 // src/core/session-manager.ts
 var HYDRA_ID_ALPHABET3 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 var generateRawSessionId = customAlphabet3(HYDRA_ID_ALPHABET3, 16);
@@ -2673,7 +3101,8 @@ var SessionManager = class {
     this.registry = registry;
     this.spawner = spawner ?? ((opts) => AgentInstance.spawn(opts));
     this.store = store ?? new SessionStore();
-    this.histories = new HistoryStore();
+    this.sessionHistoryMaxEntries = options.sessionHistoryMaxEntries ?? 1e3;
+    this.histories = new HistoryStore({ maxEntries: this.sessionHistoryMaxEntries });
     this.idleTimeoutMs = options.idleTimeoutMs ?? 0;
     this.defaultModels = options.defaultModels ?? {};
   }
@@ -2685,6 +3114,7 @@ var SessionManager = class {
   histories;
   idleTimeoutMs;
   defaultModels;
+  sessionHistoryMaxEntries;
   // Serialize meta.json read-modify-write operations per session id so
   // concurrent snapshot updates (e.g. an agent emitting model + mode
   // back-to-back) don't lose writes via interleaved reads.
@@ -2708,6 +3138,7 @@ var SessionManager = class {
       idleTimeoutMs: this.idleTimeoutMs,
       spawnReplacementAgent: (p) => this.bootstrapAgent({ ...p, mcpServers: [] }),
       historyStore: this.histories,
+      historyMaxEntries: this.sessionHistoryMaxEntries,
       currentModel: fresh.initialModel
     });
     await this.attachManagerHooks(session);
@@ -2759,11 +3190,16 @@ var SessionManager = class {
       cwd: params.cwd,
       plan
     });
-    await agent.connection.request("initialize", {
-      protocolVersion: 1,
-      clientCapabilities: {},
-      clientInfo: { name: "hydra", version: "0.1.0" }
-    });
+    try {
+      await agent.connection.request("initialize", {
+        protocolVersion: ACP_PROTOCOL_VERSION,
+        clientCapabilities: {},
+        clientInfo: { name: "hydra", version: HYDRA_VERSION }
+      });
+    } catch (err) {
+      await agent.kill().catch(() => void 0);
+      throw err;
+    }
     let loadResult;
     try {
       loadResult = await agent.connection.request(
@@ -2775,10 +3211,12 @@ var SessionManager = class {
         }
       );
     } catch (err) {
-      await agent.kill().catch(() => void 0);
-      throw new Error(
-        `agent ${params.agentId} failed to load upstream session ${params.upstreamSessionId}: ${err.message}`
+      process.stderr.write(
+        `session/load failed for upstream ${params.upstreamSessionId} on ${params.agentId} (${err.message}); recovering via import-reseed
+`
       );
+      await agent.kill().catch(() => void 0);
+      return this.doResurrectFromImport(params);
     }
     const session = new Session({
       sessionId: params.hydraSessionId,
@@ -2792,6 +3230,7 @@ var SessionManager = class {
       idleTimeoutMs: this.idleTimeoutMs,
       spawnReplacementAgent: (p) => this.bootstrapAgent({ ...p, mcpServers: [] }),
       historyStore: this.histories,
+      historyMaxEntries: this.sessionHistoryMaxEntries,
       // Prefer what we previously stored from a current_model_update; if
       // we never captured one (e.g. old opencode sessions on disk before
       // this fix), fall back to the model the agent ships in its
@@ -2818,15 +3257,16 @@ var SessionManager = class {
   // so subsequent resurrects of this session use the normal session/load
   // path.
   async doResurrectFromImport(params) {
+    const cwd = await this.resolveImportCwd(params.cwd);
     const fresh = await this.bootstrapAgent({
       agentId: params.agentId,
-      cwd: params.cwd,
+      cwd,
       agentArgs: params.agentArgs,
       mcpServers: []
     });
     const session = new Session({
       sessionId: params.hydraSessionId,
-      cwd: params.cwd,
+      cwd,
       agentId: params.agentId,
       agent: fresh.agent,
       upstreamSessionId: fresh.upstreamSessionId,
@@ -2836,6 +3276,7 @@ var SessionManager = class {
       idleTimeoutMs: this.idleTimeoutMs,
       spawnReplacementAgent: (p) => this.bootstrapAgent({ ...p, mcpServers: [] }),
       historyStore: this.histories,
+      historyMaxEntries: this.sessionHistoryMaxEntries,
       // Prefer the stored value (set by a previous current_model_update);
       // fall back to whatever the agent ships in its session/new response.
       currentModel: params.currentModel ?? fresh.initialModel,
@@ -2849,6 +3290,16 @@ var SessionManager = class {
     void session.seedFromImport().catch(() => void 0);
     return session;
   }
+  async resolveImportCwd(cwd) {
+    try {
+      const stat2 = await fs8.stat(cwd);
+      if (stat2.isDirectory()) {
+        return cwd;
+      }
+    } catch {
+    }
+    return os2.homedir();
+  }
   // Bootstrap a fresh agent process: registry resolve → spawn → initialize
   // → session/new. Shared by create() and the /hydra agent path so both
   // go through the same env / capabilities / error-handling.
@@ -2869,9 +3320,9 @@ var SessionManager = class {
     });
     try {
       await agent.connection.request("initialize", {
-        protocolVersion: 1,
+        protocolVersion: ACP_PROTOCOL_VERSION,
         clientCapabilities: {},
-        clientInfo: { name: "hydra", version: "0.1.0" }
+        clientInfo: { name: "hydra", version: HYDRA_VERSION }
       });
       const newResult = await agent.connection.request(
         "session/new",
@@ -3151,7 +3602,8 @@ var SessionManager = class {
       await this.writeImportedRecord({
         sessionId: existing.sessionId,
         bundle,
-        preservedCreatedAt: existing.createdAt
+        preservedCreatedAt: existing.createdAt,
+        cwd: opts.cwd
       });
       return {
         sessionId: existing.sessionId,
@@ -3160,7 +3612,11 @@ var SessionManager = class {
       };
     }
     const newId = `${HYDRA_SESSION_PREFIX}${generateRawSessionId()}`;
-    await this.writeImportedRecord({ sessionId: newId, bundle });
+    await this.writeImportedRecord({
+      sessionId: newId,
+      bundle,
+      cwd: opts.cwd
+    });
     return {
       sessionId: newId,
       importedFromSessionId: bundle.session.sessionId,
@@ -3190,7 +3646,7 @@ var SessionManager = class {
         upstreamSessionId: "",
         importedFromSessionId: args.bundle.session.sessionId,
         agentId: args.bundle.session.agentId,
-        cwd: args.bundle.session.cwd,
+        cwd: args.cwd ?? args.bundle.session.cwd,
         title: args.bundle.session.title,
         currentModel: args.bundle.session.currentModel,
         currentMode: args.bundle.session.currentMode,
@@ -3383,7 +3839,7 @@ function asString(value) {
 }
 async function loadPromptHistorySafely(sessionId) {
   try {
-    const raw = await fs7.readFile(paths.tuiHistoryFile(sessionId), "utf8");
+    const raw = await fs8.readFile(paths.tuiHistoryFile(sessionId), "utf8");
     const out = [];
     for (const line of raw.split("\n")) {
       if (line.length === 0) {
@@ -3404,7 +3860,7 @@ async function loadPromptHistorySafely(sessionId) {
 }
 async function historyMtimeIso(sessionId) {
   try {
-    const st = await fs7.stat(paths.historyFile(sessionId));
+    const st = await fs8.stat(paths.historyFile(sessionId));
     return new Date(st.mtimeMs).toISOString();
   } catch {
     return void 0;
@@ -3412,10 +3868,10 @@ async function historyMtimeIso(sessionId) {
 }
 
 // src/core/extensions.ts
-import { spawn as spawn3 } from "child_process";
-import * as fs8 from "fs";
-import * as fsp2 from "fs/promises";
-import * as path5 from "path";
+import { spawn as spawn4 } from "child_process";
+import * as fs9 from "fs";
+import * as fsp3 from "fs/promises";
+import * as path7 from "path";
 var RESTART_BASE_MS = 1e3;
 var RESTART_CAP_MS = 6e4;
 var STOP_GRACE_MS = 3e3;
@@ -3436,7 +3892,7 @@ var ExtensionManager = class {
     if (!this.context) {
       throw new Error("ExtensionManager: setContext must be called before start");
     }
-    await fsp2.mkdir(paths.extensionsDir(), { recursive: true });
+    await fsp3.mkdir(paths.extensionsDir(), { recursive: true });
     await this.reapOrphans();
     for (const entry of this.entries.values()) {
       if (!entry.config.enabled) {
@@ -3645,7 +4101,7 @@ var ExtensionManager = class {
   async reapOrphans() {
     let entries;
     try {
-      entries = await fsp2.readdir(paths.extensionsDir());
+      entries = await fsp3.readdir(paths.extensionsDir());
     } catch (err) {
       const e = err;
       if (e.code === "ENOENT") {
@@ -3657,10 +4113,10 @@ var ExtensionManager = class {
       if (!entry.endsWith(".pid")) {
         continue;
       }
-      const pidPath = path5.join(paths.extensionsDir(), entry);
+      const pidPath = path7.join(paths.extensionsDir(), entry);
       let pid;
       try {
-        const raw = await fsp2.readFile(pidPath, "utf8");
+        const raw = await fsp3.readFile(pidPath, "utf8");
         const parsed = Number.parseInt(raw.trim(), 10);
         if (Number.isInteger(parsed) && parsed > 0) {
           pid = parsed;
@@ -3683,7 +4139,7 @@ var ExtensionManager = class {
           }
         }
       }
-      await fsp2.unlink(pidPath).catch(() => void 0);
+      await fsp3.unlink(pidPath).catch(() => void 0);
     }
   }
   spawn(entry, attempt) {
@@ -3696,7 +4152,7 @@ var ExtensionManager = class {
     }
     const ext = entry.config;
     const command = ext.command.length > 0 ? ext.command : [ext.name];
-    const logStream = fs8.createWriteStream(paths.extensionLogFile(ext.name), {
+    const logStream = fs9.createWriteStream(paths.extensionLogFile(ext.name), {
       flags: "a"
     });
     logStream.write(
@@ -3724,7 +4180,7 @@ var ExtensionManager = class {
     const args = [...baseArgs, ...ext.args];
     let child;
     try {
-      child = spawn3(cmd, args, {
+      child = spawn4(cmd, args, {
         env,
         stdio: ["ignore", "pipe", "pipe"],
         detached: false
@@ -3746,7 +4202,7 @@ var ExtensionManager = class {
     }
     if (typeof child.pid === "number") {
       try {
-        fs8.writeFileSync(paths.extensionPidFile(ext.name), `${child.pid}
+        fs9.writeFileSync(paths.extensionPidFile(ext.name), `${child.pid}
 `, {
           encoding: "utf8",
           mode: 384
@@ -3771,7 +4227,7 @@ var ExtensionManager = class {
     });
     child.on("exit", (code, signal) => {
       try {
-        fs8.unlinkSync(paths.extensionPidFile(ext.name));
+        fs9.unlinkSync(paths.extensionPidFile(ext.name));
       } catch {
       }
       logStream.write(
@@ -3880,7 +4336,7 @@ function constantTimeEqual(a, b) {
 }
 
 // src/daemon/routes/sessions.ts
-import * as os2 from "os";
+import * as os3 from "os";
 
 // src/core/bundle.ts
 import { z as z5 } from "zod";
@@ -3950,7 +4406,6 @@ function decodeBundle(raw) {
 }
 
 // src/daemon/routes/sessions.ts
-var HYDRA_VERSION = "0.1.0";
 function registerSessionRoutes(app, manager, defaults) {
   app.get("/v1/sessions", async (request) => {
     const query = request.query;
@@ -4021,12 +4476,12 @@ function registerSessionRoutes(app, manager, defaults) {
       history: exported.history,
       promptHistory: exported.promptHistory.length > 0 ? exported.promptHistory : void 0,
       hydraVersion: HYDRA_VERSION,
-      machine: os2.hostname()
+      machine: os3.hostname()
     });
     const stamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
     reply.header(
       "Content-Disposition",
-      `attachment; filename="hydra-${id}-${stamp}.hydra"`
+      `attachment; filename="${id}-${stamp}.hydra"`
     );
     reply.code(200).send(bundle);
   });
@@ -4036,6 +4491,14 @@ function registerSessionRoutes(app, manager, defaults) {
       reply.code(400).send({ error: "missing bundle" });
       return;
     }
+    let cwdOverride;
+    if (body.cwd !== void 0) {
+      if (typeof body.cwd !== "string" || body.cwd.length === 0) {
+        reply.code(400).send({ error: "cwd must be a non-empty string" });
+        return;
+      }
+      cwdOverride = body.cwd;
+    }
     let bundle;
     try {
       bundle = decodeBundle(body.bundle);
@@ -4048,7 +4511,8 @@ function registerSessionRoutes(app, manager, defaults) {
     }
     try {
       const result = await manager.importBundle(bundle, {
-        replace: body.replace === true
+        replace: body.replace === true,
+        ...cwdOverride !== void 0 ? { cwd: cwdOverride } : {}
       });
       reply.code(201).send(result);
     } catch (err) {
@@ -4359,8 +4823,6 @@ function wsToMessageStream(ws) {
 }
 
 // src/daemon/acp-ws.ts
-var HYDRA_VERSION2 = "0.1.0";
-var HYDRA_PROTOCOL_VERSION = 1;
 function registerAcpWsEndpoint(app, deps) {
   app.get("/acp", { websocket: true }, (socket, request) => {
     const token = tokenFromUpgradeRequest({
@@ -4454,15 +4916,20 @@ function registerAcpWsEndpoint(app, deps) {
         connection,
         session,
         state,
-        params.clientInfo
+        params.clientInfo,
+        params.clientId
+      );
+      const { entries: replay, appliedPolicy } = await session.attach(
+        client,
+        params.historyPolicy,
+        { afterMessageId: params.afterMessageId }
       );
-      const replay = await session.attach(client, params.historyPolicy);
       state.attached.set(session.sessionId, {
         sessionId: session.sessionId,
         clientId: client.clientId
       });
       app.log.info(
-        `session/attach OK sessionId=${session.sessionId} clientId=${client.clientId} attachedCount=${state.attached.size} replayed=${replay.length}`
+        `session/attach OK sessionId=${session.sessionId} clientId=${client.clientId} attachedCount=${state.attached.size} requestedPolicy=${params.historyPolicy} appliedPolicy=${appliedPolicy} replayed=${replay.length}`
       );
       for (const note of replay) {
         await connection.notify(note.method, note.params);
@@ -4470,6 +4937,13 @@ function registerAcpWsEndpoint(app, deps) {
       session.replayPendingPermissions(client);
       return {
         sessionId: session.sessionId,
+        clientId: client.clientId,
+        connectedClients: session.connectedClients(client.clientId),
+        // appliedPolicy surfaces whether after_message fell back to full
+        // (because afterMessageId wasn't found in history) — RFD #533
+        // says the response.historyPolicy should reflect what actually
+        // ran, not what was asked for.
+        historyPolicy: appliedPolicy,
         replayed: replay.length,
         _meta: buildResponseMeta(session)
       };
@@ -4485,7 +4959,7 @@ function registerAcpWsEndpoint(app, deps) {
       const session = deps.manager.get(params.sessionId);
       session?.detach(att.clientId);
       state.attached.delete(params.sessionId);
-      return { detached: true };
+      return { sessionId: params.sessionId, status: "detached" };
     });
     connection.onRequest("session/list", async (raw) => {
       const params = SessionListParams.parse(raw ?? {});
@@ -4558,7 +5032,7 @@ function registerAcpWsEndpoint(app, deps) {
         session = await deps.manager.resurrect(fromDisk);
       }
       const client = bindClientToSession(connection, session, state);
-      const replay = await session.attach(client, "pending_only");
+      const { entries: replay } = await session.attach(client, "pending_only");
       state.attached.set(session.sessionId, {
         sessionId: session.sessionId,
         clientId: client.clientId
@@ -4623,8 +5097,8 @@ function buildResponseMeta(session) {
 }
 function buildInitializeResult() {
   return {
-    protocolVersion: HYDRA_PROTOCOL_VERSION,
-    agentInfo: { name: "hydra", version: HYDRA_VERSION2 },
+    protocolVersion: ACP_PROTOCOL_VERSION,
+    agentInfo: { name: "hydra", version: HYDRA_VERSION },
     agentCapabilities: {
       // hydra is a transparent proxy: prompt blocks and MCP server configs are
       // forwarded to the underlying agent unchanged. We claim the union of
@@ -4652,25 +5126,24 @@ function buildInitializeResult() {
     ]
   };
 }
-function bindClientToSession(connection, session, state, clientInfo) {
+function bindClientToSession(connection, session, state, clientInfo, callerClientId) {
   void state;
   void session;
   return {
-    clientId: `cli_${nanoid2(8)}`,
+    clientId: callerClientId ?? `cli_${nanoid2(8)}`,
     connection,
     clientInfo
   };
 }
 
 // src/daemon/server.ts
-var HYDRA_VERSION3 = "0.1.0";
 async function startDaemon(config) {
   ensureLoopbackOrTls(config);
   const httpsOptions = config.daemon.tls ? {
-    key: await fsp3.readFile(config.daemon.tls.key),
-    cert: await fsp3.readFile(config.daemon.tls.cert)
+    key: await fsp4.readFile(config.daemon.tls.key),
+    cert: await fsp4.readFile(config.daemon.tls.cert)
   } : void 0;
-  await fsp3.mkdir(paths.home(), { recursive: true });
+  await fsp4.mkdir(paths.home(), { recursive: true });
   const { stream: logStream, fileStream } = await buildLogStream(
     config.daemon.logLevel
   );
@@ -4679,12 +5152,18 @@ async function startDaemon(config) {
       level: config.daemon.logLevel,
       stream: logStream
     },
-    https: httpsOptions ?? null
+    https: httpsOptions ?? null,
+    // Session bundles can be large (full history + tool output);
+    // the 1MB Fastify default rejects ordinary imports.
+    bodyLimit: 256 * 1024 * 1024
   });
   await app.register(websocketPlugin);
   setBinaryInstallLogger((msg) => {
     app.log.info(msg);
   });
+  setNpmInstallLogger((msg) => {
+    app.log.info(msg);
+  });
   const auth = bearerAuth({ config });
   app.addHook("onRequest", async (request, reply) => {
     if (request.routeOptions.config?.skipAuth) {
@@ -4696,12 +5175,14 @@ async function startDaemon(config) {
     await auth(request, reply);
   });
   const registry = new Registry(config);
-  const manager = new SessionManager(registry, void 0, void 0, {
+  const spawner = (opts) => AgentInstance.spawn({ ...opts, stderrTailBytes: config.daemon.agentStderrTailBytes });
+  const manager = new SessionManager(registry, spawner, void 0, {
     idleTimeoutMs: config.daemon.sessionIdleTimeoutSeconds * 1e3,
-    defaultModels: config.defaultModels
+    defaultModels: config.defaultModels,
+    sessionHistoryMaxEntries: config.daemon.sessionHistoryMaxEntries
   });
   const extensions = new ExtensionManager(extensionList(config));
-  registerHealthRoutes(app, HYDRA_VERSION3);
+  registerHealthRoutes(app, HYDRA_VERSION);
   registerSessionRoutes(app, manager, {
     agentId: config.defaultAgent,
     cwd: config.defaultCwd
@@ -4720,8 +5201,8 @@ async function startDaemon(config) {
   await app.listen({ host: config.daemon.host, port: config.daemon.port });
   const address = app.server.address();
   const boundPort = address && typeof address === "object" ? address.port : config.daemon.port;
-  await fsp3.mkdir(paths.home(), { recursive: true });
-  await fsp3.writeFile(
+  await fsp4.mkdir(paths.home(), { recursive: true });
+  await fsp4.writeFile(
     paths.pidFile(),
     JSON.stringify({
       pid: process.pid,
@@ -4747,9 +5228,10 @@ async function startDaemon(config) {
     await manager.closeAll();
     await manager.flushMetaWrites();
     setBinaryInstallLogger(null);
+    setNpmInstallLogger(null);
     await app.close();
     try {
-      fs9.unlinkSync(paths.pidFile());
+      fs10.unlinkSync(paths.pidFile());
     } catch {
     }
     try {