@leo000001/opencode-quota-sidebar 1.0.2 → 1.0.3

package/dist/persistence.d.ts

@@ -0,0 +1,13 @@
+export declare function createPersistenceScheduler<TState>(deps: {
+    statePath: string;
+    state: TState;
+    saveState: (statePath: string, state: TState, options: {
+        dirtyDateKeys: string[];
+    }) => Promise<void>;
+}): {
+    markDirty: (dateKey: string | undefined) => void;
+    scheduleSave: () => void;
+    flushSave: () => Promise<void>;
+    persist: () => Promise<void>;
+    getDirtyCount: () => number;
+};

package/dist/persistence.js

@@ -0,0 +1,63 @@
+import { debug, swallow } from './helpers.js';
+export function createPersistenceScheduler(deps) {
+    const dirtyDateKeys = new Set();
+    let stateDirty = false;
+    let saveTimer;
+    let saveInFlight = Promise.resolve();
+    /**
+     * Capture and delete specific dirty keys instead of clearing the whole set.
+     * Keys added between capture and write completion are preserved.
+     */
+    const persist = () => {
+        const dirty = Array.from(dirtyDateKeys);
+        if (dirty.length === 0 && !stateDirty)
+            return saveInFlight;
+        for (const key of dirty)
+            dirtyDateKeys.delete(key);
+        stateDirty = false;
+        const write = saveInFlight
+            .catch(swallow('persistState:wait'))
+            .then(() => deps.saveState(deps.statePath, deps.state, { dirtyDateKeys: dirty }))
+            .catch((error) => {
+            for (const key of dirty)
+                dirtyDateKeys.add(key);
+            stateDirty = true;
+            debug(`persistState failed: ${String(error)}`);
+            throw error;
+        });
+        saveInFlight = write;
+        return write;
+    };
+    const scheduleSave = () => {
+        stateDirty = true;
+        if (saveTimer)
+            clearTimeout(saveTimer);
+        saveTimer = setTimeout(() => {
+            saveTimer = undefined;
+            void persist().catch(swallow('persistState:save'));
+        }, 200);
+    };
+    const flushSave = async () => {
+        if (saveTimer) {
+            clearTimeout(saveTimer);
+            saveTimer = undefined;
+        }
+        if (dirtyDateKeys.size > 0 || stateDirty) {
+            await persist();
+            return;
+        }
+        await saveInFlight;
+    };
+    const markDirty = (dateKey) => {
+        if (!dateKey)
+            return;
+        dirtyDateKeys.add(dateKey);
+    };
+    return {
+        markDirty,
+        scheduleSave,
+        flushSave,
+        persist,
+        getDirtyCount: () => dirtyDateKeys.size,
+    };
+}

package/dist/providers/core/openai.js

@@ -66,12 +66,13 @@ async function fetchOpenAIQuota(ctx) {
                             1000;
                 if (ctx.updateAuth && ctx.auth.refresh && ctx.auth.expires) {
                     try {
-                        await ctx.updateAuth('openai', {
+                        await ctx.updateAuth(ctx.providerID, {
                             type: 'oauth',
                             access: ctx.auth.access,
                             refresh: ctx.auth.refresh,
                             expires: ctx.auth.expires,
                             accountId: ctx.auth.accountId,
+                            enterpriseUrl: ctx.auth.enterpriseUrl,
                         });
                         debug('openai oauth token refreshed and persisted');
                     }

package/dist/quota.js

@@ -47,7 +47,19 @@ export function createQuotaRuntime() {
         const adapter = resolveQuotaAdapter(providerID, providerOptions);
         const normalizedProviderID = normalizeProviderID(providerID);
         const baseURL = sanitizeBaseURL(providerOptions?.baseURL);
-        const keyBase = adapter?.id || normalizedProviderID;
+        let keyBase = adapter?.id || normalizedProviderID;
+        // Some adapters normalize multiple provider IDs into one canonical ID.
+        // Preserve the original providerID in the cache key to avoid collisions
+        // when different auth entries are used (e.g. Copilot enterprise variants).
+        if (adapter?.id && normalizedProviderID !== providerID) {
+            keyBase = `${adapter.id}:${providerID}`;
+        }
+        // RightCode variants intentionally keep provider-specific labels (RC-openai,
+        // RC-foo). Preserve that identity in cache keys so snapshots don't collide.
+        if (adapter?.id === 'rightcode' &&
+            normalizedProviderID.startsWith('rightcode-')) {
+            keyBase = normalizedProviderID;
+        }
         return baseURL ? `${keyBase}@${baseURL}` : keyBase;
     };
     const fetchQuotaSnapshot = async (providerID, authMap, config, updateAuth, providerOptions) => {
@@ -82,17 +94,15 @@ export function createQuotaRuntime() {
         fetchQuotaSnapshot,
     };
 }
-function withRuntime(fn) {
-    return fn(createQuotaRuntime());
-}
+const defaultRuntime = createQuotaRuntime();
 export function normalizeProviderID(providerID) {
-    return withRuntime((runtime) => runtime.normalizeProviderID(providerID));
+    return defaultRuntime.normalizeProviderID(providerID);
 }
 export function resolveQuotaAdapter(providerID, providerOptions) {
-    return withRuntime((runtime) => runtime.resolveQuotaAdapter(providerID, providerOptions));
+    return defaultRuntime.resolveQuotaAdapter(providerID, providerOptions);
 }
 export function quotaCacheKey(providerID, providerOptions) {
-    return withRuntime((runtime) => runtime.quotaCacheKey(providerID, providerOptions));
+    return defaultRuntime.quotaCacheKey(providerID, providerOptions);
 }
 export async function loadAuthMap(authPath) {
     const parsed = await fs
@@ -112,5 +122,5 @@ export async function loadAuthMap(authPath) {
     }, {});
 }
 export async function fetchQuotaSnapshot(providerID, authMap, config, updateAuth, providerOptions) {
-    return withRuntime((runtime) => runtime.fetchQuotaSnapshot(providerID, authMap, config, updateAuth, providerOptions));
+    return defaultRuntime.fetchQuotaSnapshot(providerID, authMap, config, updateAuth, providerOptions);
 }

package/dist/quota_service.d.ts

@@ -0,0 +1,23 @@
+import type { PluginInput } from '@opencode-ai/plugin';
+import type { QuotaSidebarConfig, QuotaSidebarState, QuotaSnapshot } from './types.js';
+import type { AuthValue } from './providers/types.js';
+export declare function createQuotaService(deps: {
+    quotaRuntime: {
+        normalizeProviderID: (providerID: string) => string;
+        resolveQuotaAdapter: (providerID: string, providerOptions?: Record<string, unknown>) => {
+            id: string;
+        } | undefined;
+        quotaCacheKey: (providerID: string, providerOptions?: Record<string, unknown>) => string;
+        fetchQuotaSnapshot: (providerID: string, authMap: Record<string, AuthValue>, config: QuotaSidebarConfig, updateAuth?: (providerID: string, next: unknown) => Promise<void>, providerOptions?: Record<string, unknown>) => Promise<QuotaSnapshot | undefined>;
+    };
+    config: QuotaSidebarConfig;
+    state: QuotaSidebarState;
+    authPath: string;
+    client: PluginInput['client'];
+    directory: string;
+    scheduleSave: () => void;
+}): {
+    getQuotaSnapshots: (providerIDs: string[], options?: {
+        allowDefault?: boolean;
+    }) => Promise<QuotaSnapshot[]>;
+};

package/dist/quota_service.js

@@ -0,0 +1,188 @@
+import { TtlValueCache } from './cache.js';
+import { swallow } from './helpers.js';
+import { listDefaultQuotaProviderIDs, loadAuthMap, quotaSort } from './quota.js';
+export function createQuotaService(deps) {
+    const authCache = new TtlValueCache();
+    const providerOptionsCache = new TtlValueCache();
+    const inFlight = new Map();
+    const getAuthMap = async () => {
+        const cached = authCache.get();
+        if (cached)
+            return cached;
+        const value = await loadAuthMap(deps.authPath);
+        return authCache.set(value, 30_000);
+    };
+    const getProviderOptionsMap = async () => {
+        const cached = providerOptionsCache.get();
+        if (cached)
+            return cached;
+        const configClient = deps.client;
+        if (!configClient.config?.providers) {
+            return providerOptionsCache.set({}, 30_000);
+        }
+        const response = await configClient.config
+            .providers({
+            query: { directory: deps.directory },
+            throwOnError: true,
+        })
+            .catch(swallow('getProviderOptionsMap'));
+        const data = response &&
+            typeof response === 'object' &&
+            'data' in response &&
+            response.data &&
+            typeof response.data === 'object' &&
+            'providers' in response.data
+            ? response.data.providers
+            : undefined;
+        const map = Array.isArray(data)
+            ? data.reduce((acc, item) => {
+                if (!item || typeof item !== 'object')
+                    return acc;
+                const record = item;
+                const id = record.id;
+                const options = record.options;
+                if (typeof id !== 'string')
+                    return acc;
+                if (!options ||
+                    typeof options !== 'object' ||
+                    Array.isArray(options)) {
+                    acc[id] = {};
+                    return acc;
+                }
+                acc[id] = options;
+                return acc;
+            }, {})
+            : {};
+        return providerOptionsCache.set(map, 30_000);
+    };
+    const isValidQuotaCache = (snapshot) => {
+        // Guard against stale RightCode cache entries from pre-daily format.
+        if (snapshot.adapterID !== 'rightcode' || snapshot.status !== 'ok')
+            return true;
+        if (!snapshot.windows || snapshot.windows.length === 0)
+            return true;
+        const primary = snapshot.windows[0];
+        if (!primary.label.startsWith('Daily $'))
+            return false;
+        if (primary.showPercent !== false)
+            return false;
+        return true;
+    };
+    const getQuotaSnapshots = async (providerIDs, options) => {
+        const allowDefault = options?.allowDefault === true;
+        const [authMap, providerOptionsMap] = await Promise.all([
+            getAuthMap(),
+            getProviderOptionsMap(),
+        ]);
+        const optionsForProvider = (providerID) => {
+            return (providerOptionsMap[providerID] ||
+                providerOptionsMap[deps.quotaRuntime.normalizeProviderID(providerID)]);
+        };
+        const directCandidates = providerIDs.map((providerID) => ({
+            providerID,
+            providerOptions: optionsForProvider(providerID),
+        }));
+        const defaultCandidates = allowDefault
+            ? [
+                ...Object.keys(providerOptionsMap).map((providerID) => ({
+                    providerID,
+                    providerOptions: providerOptionsMap[providerID],
+                })),
+                ...listDefaultQuotaProviderIDs().map((providerID) => ({
+                    providerID,
+                    providerOptions: optionsForProvider(providerID),
+                })),
+            ]
+            : [];
+        const rawCandidates = directCandidates.length
+            ? directCandidates
+            : defaultCandidates;
+        const matchedCandidates = rawCandidates.filter((candidate) => Boolean(deps.quotaRuntime.resolveQuotaAdapter(candidate.providerID, candidate.providerOptions)));
+        const dedupedCandidates = Array.from(matchedCandidates
+            .reduce((acc, candidate) => {
+            const key = deps.quotaRuntime.quotaCacheKey(candidate.providerID, candidate.providerOptions);
+            if (!acc.has(key))
+                acc.set(key, candidate);
+            return acc;
+        }, new Map())
+            .values());
+        function authScopeFor(providerID, providerOptions) {
+            const adapter = deps.quotaRuntime.resolveQuotaAdapter(providerID, providerOptions);
+            const normalized = deps.quotaRuntime.normalizeProviderID(providerID);
+            const adapterID = adapter?.id;
+            const candidates = [];
+            const push = (value) => {
+                if (!value)
+                    return;
+                if (!candidates.includes(value))
+                    candidates.push(value);
+            };
+            push(providerID);
+            push(normalized);
+            push(adapterID);
+            if (adapterID === 'github-copilot')
+                push('github-copilot-enterprise');
+            for (const key of candidates) {
+                const auth = authMap[key];
+                if (!auth)
+                    continue;
+                if (key === 'openai' &&
+                    auth.type === 'oauth' &&
+                    typeof auth.accountId === 'string' &&
+                    auth.accountId) {
+                    return `${key}@${auth.accountId}`;
+                }
+                return key;
+            }
+            return 'none';
+        }
+        let cacheChanged = false;
+        const fetchSnapshot = (providerID, providerOptions) => {
+            const baseKey = deps.quotaRuntime.quotaCacheKey(providerID, providerOptions);
+            const cacheKey = `${baseKey}#${authScopeFor(providerID, providerOptions)}`;
+            const cached = deps.state.quotaCache[cacheKey];
+            if (cached &&
+                Date.now() - cached.checkedAt <= deps.config.quota.refreshMs) {
+                if (isValidQuotaCache(cached))
+                    return Promise.resolve(cached);
+                delete deps.state.quotaCache[cacheKey];
+                cacheChanged = true;
+            }
+            const existing = inFlight.get(cacheKey);
+            if (existing)
+                return existing;
+            const promise = deps.quotaRuntime
+                .fetchQuotaSnapshot(providerID, authMap, deps.config, async (id, next) => {
+                await deps.client.auth
+                    .set({
+                    path: { id },
+                    query: { directory: deps.directory },
+                    body: next,
+                    throwOnError: true,
+                })
+                    .catch(swallow('getQuotaSnapshots:authSet'));
+            }, providerOptions)
+                .then((latest) => {
+                if (!latest)
+                    return undefined;
+                deps.state.quotaCache[cacheKey] = latest;
+                cacheChanged = true;
+                return latest;
+            })
+                .finally(() => {
+                if (inFlight.get(cacheKey) === promise) {
+                    inFlight.delete(cacheKey);
+                }
+            });
+            inFlight.set(cacheKey, promise);
+            return promise;
+        };
+        const fetched = await Promise.all(dedupedCandidates.map(({ providerID, providerOptions }) => fetchSnapshot(providerID, providerOptions)));
+        const snapshots = fetched.filter((value) => Boolean(value));
+        snapshots.sort(quotaSort);
+        if (cacheChanged)
+            deps.scheduleSave();
+        return snapshots;
+    };
+    return { getQuotaSnapshots };
+}

package/dist/storage.d.ts

@@ -30,3 +30,5 @@ export declare function scanSessionsByCreatedRange(statePath: string, startAt: n
     dateKey: string;
     state: SessionState;
 }[]>;
+/** Best-effort: remove a session entry from its day chunk (if present). */
+export declare function deleteSessionFromDayChunk(statePath: string, sessionID: string, dateKey: string): Promise<boolean>;

package/dist/storage.js

@@ -1,6 +1,6 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
-import { asBoolean, asNumber, debug, isRecord, swallow } from './helpers.js';
+import { asBoolean, asNumber, debug, isRecord, mapConcurrent, swallow, } from './helpers.js';
 import { discoverChunks, readDayChunk, safeWriteFile, writeDayChunk, } from './storage_chunks.js';
 import { dateKeyFromTimestamp, dateKeysInRange, dateStartFromKey, isDateKey, normalizeTimestampMs, } from './storage_dates.js';
 import { parseQuotaCache } from './storage_parse.js';
@@ -13,6 +13,10 @@ export const defaultConfig = {
         width: 36,
         showCost: true,
         showQuota: true,
+        includeChildren: true,
+        childrenMaxDepth: 6,
+        childrenMaxSessions: 128,
+        childrenConcurrency: 5,
     },
     quota: {
         refreshMs: 5 * 60 * 1000,
@@ -64,6 +68,10 @@ export async function loadConfig(paths) {
             width: Math.max(20, Math.min(60, asNumber(sidebar.width, defaultConfig.sidebar.width))),
             showCost: asBoolean(sidebar.showCost, defaultConfig.sidebar.showCost),
             showQuota: asBoolean(sidebar.showQuota, defaultConfig.sidebar.showQuota),
+            includeChildren: asBoolean(sidebar.includeChildren, defaultConfig.sidebar.includeChildren),
+            childrenMaxDepth: Math.max(1, Math.min(32, Math.floor(asNumber(sidebar.childrenMaxDepth, defaultConfig.sidebar.childrenMaxDepth)))),
+            childrenMaxSessions: Math.max(0, Math.min(2000, Math.floor(asNumber(sidebar.childrenMaxSessions, defaultConfig.sidebar.childrenMaxSessions)))),
+            childrenConcurrency: Math.max(1, Math.min(10, Math.floor(asNumber(sidebar.childrenConcurrency, defaultConfig.sidebar.childrenConcurrency)))),
         },
         quota: {
             refreshMs: Math.max(30_000, asNumber(quota.refreshMs, defaultConfig.quota.refreshMs)),
@@ -93,6 +101,7 @@ async function loadVersion2State(raw, statePath) {
     const titleEnabled = asBoolean(raw.titleEnabled, true);
     const quotaCache = parseQuotaCache(raw.quotaCache);
     const rootPath = chunkRootPathFromStateFile(statePath);
+    const hasSessionDateMap = Object.prototype.hasOwnProperty.call(raw, 'sessionDateMap');
     const sessionDateMapRaw = isRecord(raw.sessionDateMap)
         ? raw.sessionDateMap
         : {};
@@ -104,17 +113,25 @@ async function loadVersion2State(raw, statePath) {
         acc[sessionID] = value;
         return acc;
     }, {});
+    const hadRawSessionDateMapEntries = isRecord(raw.sessionDateMap) && Object.keys(raw.sessionDateMap).length > 0;
     const explicitDateKeys = Array.from(new Set(Object.values(sessionDateMap)));
-    const discoveredDateKeys = explicitDateKeys.length
-        ? []
-        : await discoverChunks(rootPath);
+    // Only discover chunks when sessionDateMap is missing from state.
+    // If sessionDateMap exists (even empty), treat it as authoritative so we
+    // don't repeatedly load and evict historical sessions from disk.
+    const discoveredDateKeys = (!hasSessionDateMap && explicitDateKeys.length === 0) ||
+        (hasSessionDateMap &&
+            hadRawSessionDateMapEntries &&
+            explicitDateKeys.length === 0)
+        ? await discoverChunks(rootPath)
+        : [];
     const dateKeys = explicitDateKeys.length
         ? explicitDateKeys
         : discoveredDateKeys;
-    const chunks = await Promise.all(dateKeys.map(async (dateKey) => {
+    const LOAD_CHUNKS_CONCURRENCY = 5;
+    const chunks = await mapConcurrent(dateKeys, LOAD_CHUNKS_CONCURRENCY, async (dateKey) => {
         const sessions = await readDayChunk(rootPath, dateKey);
         return [dateKey, sessions];
-    }));
+    });
     const sessions = {};
     for (const [dateKey, chunkSessions] of chunks) {
         for (const [sessionID, session] of Object.entries(chunkSessions)) {
@@ -175,8 +192,9 @@ export async function saveState(statePath, state, options) {
                 ? session.createdAt
                 : Date.now();
             session.createdAt = normalizedCreatedAt;
-            const dateKey = state.sessionDateMap[sessionID] ||
-                dateKeyFromTimestamp(normalizedCreatedAt);
+            const dateKey = isDateKey(state.sessionDateMap[sessionID])
+                ? state.sessionDateMap[sessionID]
+                : dateKeyFromTimestamp(normalizedCreatedAt);
             state.sessionDateMap[sessionID] = dateKey;
             // M11: skip sessions not in dirty set
             if (!writeAll && dirtySet && !dirtySet.has(dateKey))
@@ -187,7 +205,28 @@ export async function saveState(statePath, state, options) {
         }
     }
     await fs.mkdir(path.dirname(statePath), { recursive: true });
-    await fs.mkdir(rootPath, { recursive: true });
+    if (!skipChunks) {
+        const keysToWrite = writeAll
+            ? Object.keys(sessionsByDate)
+            : Array.from(dirtySet ?? []);
+        await Promise.all(keysToWrite
+            .map((dateKey) => {
+            if (!Object.prototype.hasOwnProperty.call(sessionsByDate, dateKey)) {
+                return undefined;
+            }
+            return (async () => {
+                const memorySessions = sessionsByDate[dateKey] || {};
+                const next = writeAll
+                    ? memorySessions
+                    : {
+                        ...(await readDayChunk(rootPath, dateKey)),
+                        ...memorySessions,
+                    };
+                await writeDayChunk(rootPath, dateKey, next);
+            })();
+        })
+            .filter((promise) => Boolean(promise)));
+    }
     // M4: atomic state file write
     await safeWriteFile(statePath, `${JSON.stringify({
         version: 2,
@@ -195,19 +234,6 @@ export async function saveState(statePath, state, options) {
         sessionDateMap: state.sessionDateMap,
         quotaCache: state.quotaCache,
     }, null, 2)}\n`);
-    if (skipChunks)
-        return;
-    const keysToWrite = writeAll
-        ? Object.keys(sessionsByDate)
-        : Array.from(dirtySet ?? []);
-    await Promise.all(keysToWrite
-        .map((dateKey) => {
-        const sessions = sessionsByDate[dateKey];
-        if (!sessions)
-            return undefined;
-        return writeDayChunk(rootPath, dateKey, sessions);
-    })
-        .filter((promise) => Boolean(promise)));
 }
 // ─── Eviction (M2) ──────────────────────────────────────────────────────────
 /**
@@ -264,14 +290,15 @@ export async function scanSessionsByCreatedRange(statePath, startAt, endAt = Dat
         : new Set();
     const diskDateKeys = dateKeys.filter((dk) => !memoryDateKeys.has(dk));
     if (diskDateKeys.length > 0) {
-        const chunkEntries = await Promise.all(diskDateKeys.map(async (dateKey) => {
+        const RANGE_SCAN_CONCURRENCY = 5;
+        const chunkEntries = await mapConcurrent(diskDateKeys, RANGE_SCAN_CONCURRENCY, async (dateKey) => {
             const sessions = await readDayChunk(rootPath, dateKey);
             return Object.entries(sessions).map(([sessionID, state]) => ({
                 sessionID,
                 dateKey,
                 state,
             }));
-        }));
+        });
         for (const entry of chunkEntries.flat()) {
             if (seenSessionIDs.has(entry.sessionID))
                 continue;
@@ -286,3 +313,14 @@ export async function scanSessionsByCreatedRange(statePath, startAt, endAt = Dat
     }
     return results;
 }
+/** Best-effort: remove a session entry from its day chunk (if present). */
+export async function deleteSessionFromDayChunk(statePath, sessionID, dateKey) {
+    const rootPath = chunkRootPathFromStateFile(statePath);
+    const sessions = await readDayChunk(rootPath, dateKey);
+    if (!Object.prototype.hasOwnProperty.call(sessions, sessionID))
+        return false;
+    const next = { ...sessions };
+    delete next[sessionID];
+    await writeDayChunk(rootPath, dateKey, next);
+    return true;
+}

package/dist/storage_chunks.js

@@ -5,6 +5,39 @@ import { debug, isRecord, swallow } from './helpers.js';
 import { isDateKey } from './storage_dates.js';
 import { parseSessionState } from './storage_parse.js';
 import { chunkFilePath } from './storage_paths.js';
+async function mkdirpNoSymlink(rootPath, dirPath) {
+    const rel = path.relative(rootPath, dirPath);
+    if (!rel || rel === '.')
+        return;
+    if (rel.startsWith('..') || path.isAbsolute(rel)) {
+        throw new Error(`refusing to mkdir outside root: ${dirPath}`);
+    }
+    let current = rootPath;
+    const parts = rel.split(path.sep).filter(Boolean);
+    for (const part of parts) {
+        current = path.join(current, part);
+        const stat = await fs.lstat(current).catch(() => undefined);
+        if (stat) {
+            if (stat.isSymbolicLink()) {
+                throw new Error(`refusing to write through symlink dir: ${current}`);
+            }
+            if (!stat.isDirectory()) {
+                throw new Error(`expected directory at ${current}`);
+            }
+            continue;
+        }
+        await fs.mkdir(current).catch((error) => {
+            const code = error.code;
+            if (code === 'EEXIST')
+                return;
+            throw error;
+        });
+        const created = await fs.lstat(current).catch(() => undefined);
+        if (!created || created.isSymbolicLink() || !created.isDirectory()) {
+            throw new Error(`unsafe directory created at ${current}`);
+        }
+    }
+}
 /** P2: Simple LRU cache for loaded chunks. */
 class ChunkCache {
     cache = new Map();
@@ -41,10 +74,17 @@ class ChunkCache {
 }
 const chunkCache = new ChunkCache();
 export async function readDayChunk(rootPath, dateKey) {
+    if (!isDateKey(dateKey))
+        return {};
     const cached = chunkCache.get(dateKey);
     if (cached)
         return cached;
     const filePath = chunkFilePath(rootPath, dateKey);
+    const stat = await fs.lstat(filePath).catch(() => undefined);
+    if (stat?.isSymbolicLink()) {
+        debug(`refusing to read symlink chunk: ${filePath}`);
+        return {};
+    }
     const parsed = await fs
         .readFile(filePath, 'utf8')
         .then((value) => JSON.parse(value))
@@ -76,6 +116,12 @@ export async function safeWriteFile(filePath, content) {
         debug(message);
         throw new Error(message);
     }
+    const dirStat = await fs.lstat(path.dirname(filePath)).catch(() => undefined);
+    if (dirStat?.isSymbolicLink()) {
+        const message = `refusing to write through symlink dir: ${path.dirname(filePath)}`;
+        debug(message);
+        throw new Error(message);
+    }
     // M4: atomic write via temp + rename
     const dir = path.dirname(filePath);
     const name = path.basename(filePath);
@@ -109,8 +155,25 @@ export async function safeWriteFile(filePath, content) {
         : new Error(`safeWriteFile failed for ${filePath}`);
 }
 export async function writeDayChunk(rootPath, dateKey, sessions) {
+    if (!isDateKey(dateKey)) {
+        throw new Error(`invalid dateKey: ${dateKey}`);
+    }
     const filePath = chunkFilePath(rootPath, dateKey);
-    await fs.mkdir(path.dirname(filePath), { recursive: true });
+    const rootStat = await fs.lstat(rootPath).catch(() => undefined);
+    if (rootStat?.isSymbolicLink()) {
+        throw new Error(`refusing to write through symlink dir: ${rootPath}`);
+    }
+    if (rootStat && !rootStat.isDirectory()) {
+        throw new Error(`expected directory at ${rootPath}`);
+    }
+    await fs.mkdir(rootPath, { recursive: true });
+    const createdRoot = await fs.lstat(rootPath).catch(() => undefined);
+    if (!createdRoot ||
+        createdRoot.isSymbolicLink() ||
+        !createdRoot.isDirectory()) {
+        throw new Error(`unsafe chunk root at ${rootPath}`);
+    }
+    await mkdirpNoSymlink(rootPath, path.dirname(filePath));
     const chunk = {
         version: 1,
         dateKey,
@@ -126,11 +189,21 @@ export async function discoverChunks(rootPath) {
         if (!/^\d{4}$/.test(year))
             continue;
         const yearPath = path.join(rootPath, year);
+        const yearStat = await fs.lstat(yearPath).catch(() => undefined);
+        if (!yearStat || yearStat.isSymbolicLink() || !yearStat.isDirectory()) {
+            continue;
+        }
         const months = await fs.readdir(yearPath).catch(() => []);
         for (const month of months) {
             if (!/^\d{2}$/.test(month))
                 continue;
             const monthPath = path.join(yearPath, month);
+            const monthStat = await fs.lstat(monthPath).catch(() => undefined);
+            if (!monthStat ||
+                monthStat.isSymbolicLink() ||
+                !monthStat.isDirectory()) {
+                continue;
+            }
             const days = await fs.readdir(monthPath).catch(() => []);
             for (const dayFile of days) {
                 const match = dayFile.match(/^(\d{2})\.json$/);

package/dist/storage_parse.js

@@ -55,9 +55,16 @@ function parseCachedUsage(value) {
 function parseCursor(value) {
     if (!isRecord(value))
         return undefined;
+    const idsRaw = value.lastMessageIdsAtTime;
+    const lastMessageIdsAtTime = Array.isArray(idsRaw)
+        ? idsRaw.filter((item) => typeof item === 'string' && !!item)
+        : undefined;
     return {
         lastMessageId: typeof value.lastMessageId === 'string' ? value.lastMessageId : undefined,
         lastMessageTime: asNumber(value.lastMessageTime),
+        lastMessageIdsAtTime: lastMessageIdsAtTime && lastMessageIdsAtTime.length
+            ? Array.from(new Set(lastMessageIdsAtTime)).sort()
+            : undefined,
     };
 }
 export function parseSessionState(value) {
@@ -72,6 +79,7 @@ export function parseSessionState(value) {
     return {
         ...title,
         createdAt,
+        parentID: typeof value.parentID === 'string' ? value.parentID : undefined,
         usage: parseCachedUsage(value.usage),
         cursor: parseCursor(value.cursor),
     };

package/dist/storage_paths.d.ts

@@ -6,6 +6,7 @@
  * This applies on all platforms including Windows and macOS.
  *
  * S4 fix: renamed env var from OPENCODE_TEST_HOME to OPENCODE_QUOTA_DATA_HOME.
+ * OPENCODE_QUOTA_DATA_HOME overrides the full data directory path.
  */
 export declare function resolveOpencodeDataDir(): string;
 export declare function stateFilePath(dataDir: string): string;