npm - @linzumi/cli - Versions diffs - 0.0.33-beta → 0.0.34-beta - Mend

@linzumi/cli 0.0.33-beta → 0.0.34-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 // src/index.ts
 import { randomUUID as randomUUID3 } from "node:crypto";
 import { existsSync as existsSync10, readFileSync as readFileSync9, realpathSync as realpathSync5 } from "node:fs";
-import { homedir as homedir8 } from "node:os";
+import { homedir as homedir9 } from "node:os";
 import { resolve as resolve8 } from "node:path";
 import { fileURLToPath as fileURLToPath3 } from "node:url";
@@ -9,7 +9,7 @@ import { fileURLToPath as fileURLToPath3 } from "node:url";
 import { spawn as spawn6 } from "node:child_process";
 import { randomUUID as randomUUID2 } from "node:crypto";
 import { hostname as hostname2 } from "node:os";
-import { join as join5 } from "node:path";
+import { join as join6 } from "node:path";
 // src/channelSessionSupport.ts
 import { spawnSync } from "node:child_process";
@@ -1872,7 +1872,11 @@ async function resolvePendingPortForwardRequest(args, state, payloadContext, con
   }
   state.approvedForwardPorts.add(request.port);
   state.approvedForwardTargets.set(request.port, approvedTargetFromRequest(request));
-  const capabilities = args.options.onForwardPortApproved?.(request.port);
+  const capabilities = args.options.onForwardPortApproved?.(request.port, {
+    kandanThreadId: state.kandanThreadId ?? null,
+    codexThreadId: state.codexThreadId ?? null,
+    channelSlug: args.options.channelSession.channelSlug ?? null
+  });
   await publishForwardPortResolvedEvent(args, request, capabilities);
   await publishMessageStateForPortForwardResult(args, state, request, "processed");
   await publishPortForwardReadyMessage(args, state, payloadContext, request);
@@ -3959,6 +3963,179 @@ async function pushOptional(kandan, topic, event, payload, log) {
 // src/codexAppServer.ts
 import { spawn } from "node:child_process";
 import { createServer } from "node:net";
+// src/runnerLogger.ts
+import { appendFileSync, openSync } from "node:fs";
+import { createWriteStream } from "node:fs";
+import { homedir } from "node:os";
+import { dirname, join as join2 } from "node:path";
+import { mkdirSync } from "node:fs";
+var sensitiveMarker = "<SENSITIVE_DATA>";
+var sensitiveQueryParams = new Set([
+  "access_token",
+  "authorization",
+  "code",
+  "cookie",
+  "kandan_preview_ticket",
+  "refresh_token",
+  "token"
+]);
+var sensitiveArgFlags = new Set([
+  "--access-token",
+  "--api-key",
+  "--authorization",
+  "--cookie",
+  "--oauth-code",
+  "--password",
+  "--refresh-token",
+  "--secret",
+  "--token"
+]);
+function createRunnerLogger(logFile, consoleReporter) {
+  mkdirSync(dirname(logFile), { recursive: true });
+  const fd = openSync(logFile, "a");
+  const stream = createWriteStream("", { fd, flags: "a", autoClose: true });
+  const logger = (event, payload) => {
+    const redacted = redactForCliLog(payload);
+    stream.write(`${JSON.stringify({ ts: new Date().toISOString(), event, ...redacted })}
+`, "utf8");
+    consoleReporter?.(event, redacted);
+  };
+  Object.defineProperty(logger, "close", {
+    value: () => closeStream(stream)
+  });
+  return logger;
+}
+function writeCliAuditEvent(event, payload, options = {}) {
+  const logFile = options.logFile ?? defaultCliAuditLogFile();
+  try {
+    mkdirSync(dirname(logFile), { recursive: true });
+    appendFileSync(logFile, `${JSON.stringify({
+      ts: new Date().toISOString(),
+      event,
+      ...options.sessionId === undefined ? {} : { sessionId: options.sessionId },
+      ...redactForCliLog(payload)
+    })}
+`, "utf8");
+  } catch (_error) {
+    return;
+  }
+}
+function defaultCliAuditLogFile() {
+  const override = process.env.LINZUMI_CLI_AUDIT_LOG?.trim();
+  return override === undefined || override === "" ? join2(homedir(), ".linzumi", "logs", "command-events.jsonl") : override;
+}
+function redactForCliLog(value) {
+  return redactValue(value, undefined);
+}
+function redactValue(value, key) {
+  if (sensitiveKey(key)) {
+    return sensitiveMarker;
+  }
+  if (typeof value === "string") {
+    return redactString(value);
+  }
+  if (Array.isArray(value)) {
+    return key === "args" ? redactArgs(value) : value.map((item) => redactValue(item, undefined));
+  }
+  if (value !== null && typeof value === "object") {
+    return redactObject(value);
+  }
+  return value;
+}
+function redactObject(value) {
+  const headerName = typeof value.name === "string" ? value.name.toLowerCase() : undefined;
+  const shouldRedactHeaderValue = headerName === "authorization" || headerName === "cookie" || headerName === "set-cookie";
+  return Object.fromEntries(Object.entries(value).map(([key, entry]) => [
+    key,
+    shouldRedactHeaderValue && key === "value" ? sensitiveMarker : redactValue(entry, key)
+  ]));
+}
+function redactArgs(args) {
+  let redactNext = false;
+  return args.map((arg) => {
+    if (typeof arg !== "string") {
+      redactNext = false;
+      return redactValue(arg, undefined);
+    }
+    if (redactNext) {
+      redactNext = false;
+      return sensitiveMarker;
+    }
+    const [flag, value] = splitArgAssignment(arg);
+    if (sensitiveArgFlags.has(flag)) {
+      if (value === undefined) {
+        redactNext = true;
+        return arg;
+      }
+      return `${flag}=${sensitiveMarker}`;
+    }
+    return redactString(arg);
+  });
+}
+function splitArgAssignment(value) {
+  const index = value.indexOf("=");
+  return index === -1 ? [value, undefined] : [value.slice(0, index), value.slice(index + 1)];
+}
+function sensitiveKey(key) {
+  if (key === undefined) {
+    return false;
+  }
+  return /^(authorization|cookie|set-cookie|password)$/i.test(key) || /(^|[_-])(access[_-]?token|api[_-]?key|auth[_-]?token|oauth[_-]?code|refresh[_-]?token|secret|token)$/i.test(key);
+}
+function redactString(value) {
+  const withRedactedQuery = redactUrlQuery(value);
+  return withRedactedQuery.replace(/\beyJ[A-Za-z0-9_-]*\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\b/g, sensitiveMarker);
+}
+function redactUrlQuery(value) {
+  let parsed;
+  try {
+    parsed = new URL(value);
+  } catch (_error) {
+    return redactRelativeUrlQuery(value);
+  }
+  for (const name of [...parsed.searchParams.keys()]) {
+    if (sensitiveQueryParams.has(name.toLowerCase())) {
+      parsed.searchParams.set(name, sensitiveMarker);
+    }
+  }
+  return parsed.toString();
+}
+function redactRelativeUrlQuery(value) {
+  const queryStart = value.indexOf("?");
+  const hashStart = value.indexOf("#");
+  if (queryStart === -1 || hashStart !== -1 && hashStart < queryStart) {
+    return value;
+  }
+  const path = value.slice(0, queryStart);
+  const query = hashStart === -1 ? value.slice(queryStart + 1) : value.slice(queryStart + 1, hashStart);
+  const hash = hashStart === -1 ? "" : value.slice(hashStart);
+  const searchParams = new URLSearchParams(query);
+  let redacted = false;
+  for (const name of [...searchParams.keys()]) {
+    if (sensitiveQueryParams.has(name.toLowerCase())) {
+      searchParams.set(name, sensitiveMarker);
+      redacted = true;
+    }
+  }
+  switch (redacted) {
+    case true:
+      return `${path}?${searchParams.toString()}${hash}`;
+    case false:
+      return value;
+  }
+}
+function closeStream(stream) {
+  if (stream.closed || stream.destroyed) {
+    return Promise.resolve();
+  }
+  return new Promise((resolve2, reject) => {
+    stream.once("error", reject);
+    stream.end(resolve2);
+  });
+}
+// src/codexAppServer.ts
 async function chooseLoopbackPort() {
   return new Promise((resolve2, reject) => {
     const server = createServer();
@@ -3984,12 +4161,35 @@ async function chooseLoopbackPort() {
 async function startCodexAppServer(codexBin, cwd, options = {}) {
   const port = await chooseLoopbackPort();
   const url = `ws://127.0.0.1:${port}`;
-  const child = spawn(codexBin, codexAppServerArgs(url, options), {
+  const args = codexAppServerArgs(url, options);
+  writeCliAuditEvent("process.spawn", {
+    command: codexBin,
+    args,
+    cwd,
+    purpose: "codex.app_server"
+  });
+  const child = spawn(codexBin, args, {
     cwd,
     env: process.env,
     stdio: ["ignore", "inherit", "inherit"]
   });
-  child.once("exit", (code) => {
+  writeCliAuditEvent("process.spawned", {
+    command: codexBin,
+    args,
+    cwd,
+    pid: child.pid,
+    purpose: "codex.app_server"
+  });
+  child.once("exit", (code, signal) => {
+    writeCliAuditEvent("process.exit", {
+      command: codexBin,
+      args,
+      cwd,
+      pid: child.pid,
+      code,
+      signal,
+      purpose: "codex.app_server"
+    });
     if (code !== 0) {
       process.stderr.write(`codex app-server exited with code ${code ?? "signal"}
 `);
@@ -4218,21 +4418,21 @@ function readyzUrlForWebsocket(websocketUrl) {
 // src/codexProjectTrust.ts
 import {
   existsSync,
-  mkdirSync,
+  mkdirSync as mkdirSync2,
   readFileSync,
   realpathSync,
   writeFileSync
 } from "node:fs";
-import { homedir } from "node:os";
-import { join as join2, resolve as resolve2 } from "node:path";
+import { homedir as homedir2 } from "node:os";
+import { join as join3, resolve as resolve2 } from "node:path";
 function ensureCodexProjectTrusted(projectPath, options = {}) {
   const trustedPath = realpathSync(resolve2(projectPath));
-  const configHome = options.configHome ?? process.env.CODEX_HOME ?? join2(homedir(), ".codex");
-  const configPath = join2(configHome, "config.toml");
+  const configHome = options.configHome ?? process.env.CODEX_HOME ?? join3(homedir2(), ".codex");
+  const configPath = join3(configHome, "config.toml");
   const currentConfig = existsSync(configPath) ? readFileSync(configPath, "utf8") : "";
   const nextConfig = codexConfigWithTrustedProject(currentConfig, trustedPath);
   if (nextConfig !== currentConfig) {
-    mkdirSync(configHome, { recursive: true });
+    mkdirSync2(configHome, { recursive: true });
     writeFileSync(configPath, nextConfig);
   }
   return trustedPath;
@@ -4279,7 +4479,7 @@ function trimTrailingNewlines(value) {
 // src/localCapabilities.ts
 import { realpathSync as realpathSync2 } from "node:fs";
-import { homedir as homedir2 } from "node:os";
+import { homedir as homedir3 } from "node:os";
 import { isAbsolute as isAbsolute2, relative as relative2, resolve as resolve3 } from "node:path";
 function parseAllowedCwdList(value) {
   if (value === undefined) {
@@ -4319,10 +4519,10 @@ function assertConfiguredAllowedCwds(paths) {
 }
 function expandUserPath(pathValue) {
   if (pathValue === "~") {
-    return homedir2();
+    return homedir3();
   }
   if (pathValue.startsWith("~/")) {
-    return resolve3(homedir2(), pathValue.slice(2));
+    return resolve3(homedir3(), pathValue.slice(2));
   }
   return pathValue;
 }
@@ -4368,6 +4568,7 @@ async function handleForwardHttpRequest(control, allowedPorts) {
     const request = {
       method: control.method,
       headers: requestHeaders(control.headers),
+      redirect: "manual",
       ...bodyDecision.body === undefined ? {} : { body: bodyDecision.body }
     };
     const response = await fetchWithHttpsFallback(control.port, control.path, control.queryString, request);
@@ -4642,13 +4843,13 @@ import { spawn as spawn2 } from "node:child_process";
 import {
   cpSync,
   existsSync as existsSync2,
-  mkdirSync as mkdirSync2,
+  mkdirSync as mkdirSync3,
   mkdtempSync,
   realpathSync as realpathSync3,
   writeFileSync as writeFileSync2
 } from "node:fs";
 import { tmpdir } from "node:os";
-import { basename as basename3, delimiter, dirname, join as join3 } from "node:path";
+import { basename as basename3, delimiter, dirname as dirname2, join as join4 } from "node:path";
 function isStartLocalEditorControl(control) {
   return control.type === "start_local_editor";
 }
@@ -4728,7 +4929,7 @@ async function startLocalEditor(control, options) {
       reason: launchResult.reason
     };
   }
-  const collaborationResult = await startCollaborationSidecar(collaboration, profileResult, options.editorRuntime);
+  const collaborationResult = await startCollaborationSidecar(collaboration, profileResult, options.editorRuntime, options.runnerId);
   if (!collaborationResult.ok) {
     return {
       ok: false,
@@ -4736,11 +4937,35 @@ async function startLocalEditor(control, options) {
       reason: "code_server_spawn_failed"
     };
   }
+  writeCliAuditEvent("process.spawn", {
+    command: launchResult.command,
+    args: launchResult.args,
+    cwd: cwdDecision.cwd,
+    purpose: "local_editor.code_server"
+  }, { sessionId: options.runnerId });
   const child = spawn2(launchResult.command, [...launchResult.args], {
     cwd: cwdDecision.cwd,
-    env: codeServerEnv(process.env, profileResult.userDataDir, collaborationResult.collaboration),
+    env: codeServerEnv(process.env, cwdDecision.cwd, profileResult.userDataDir, collaborationResult.collaboration),
     stdio: ["ignore", "inherit", "inherit"]
   });
+  writeCliAuditEvent("process.spawned", {
+    command: launchResult.command,
+    args: launchResult.args,
+    cwd: cwdDecision.cwd,
+    pid: child.pid,
+    purpose: "local_editor.code_server"
+  }, { sessionId: options.runnerId });
+  child.once("exit", (code, signal) => {
+    writeCliAuditEvent("process.exit", {
+      command: launchResult.command,
+      args: launchResult.args,
+      cwd: cwdDecision.cwd,
+      pid: child.pid,
+      code,
+      signal,
+      purpose: "local_editor.code_server"
+    }, { sessionId: options.runnerId });
+  });
   const exited = waitForCodeServerExit(child);
   const spawnResult = await waitForCodeServerSpawn(child);
   if (spawnResult === "failed") {
@@ -4811,17 +5036,17 @@ function codeServerArgs(port, cwd, userDataDir, extensionsDir) {
 }
 function prepareCodeServerProfile(collaboration, editorRuntime) {
   try {
-    const userDataDir = mkdtempSync(join3(tmpdir(), "kandan-local-editor-"));
-    const extensionsDir = join3(userDataDir, "extensions");
-    const collaborationServerDir = join3(userDataDir, "collaboration-server");
-    const userSettingsDir = join3(userDataDir, "User");
-    mkdirSync2(userSettingsDir, { recursive: true });
-    mkdirSync2(extensionsDir, { recursive: true });
-    mkdirSync2(collaborationServerDir, { recursive: true });
+    const userDataDir = mkdtempSync(join4(tmpdir(), "kandan-local-editor-"));
+    const extensionsDir = join4(userDataDir, "extensions");
+    const collaborationServerDir = join4(userDataDir, "collaboration-server");
+    const userSettingsDir = join4(userDataDir, "User");
+    mkdirSync3(userSettingsDir, { recursive: true });
+    mkdirSync3(extensionsDir, { recursive: true });
+    mkdirSync3(collaborationServerDir, { recursive: true });
     if (editorRuntime !== undefined) {
-      installDirectory(editorRuntime.assets.documentStateExtensionDir, join3(extensionsDir, "kandan.document-state-telemetry"));
+      installDirectory(editorRuntime.assets.documentStateExtensionDir, join4(extensionsDir, "kandan.document-state-telemetry"));
     }
-    writeFileSync2(join3(userSettingsDir, "settings.json"), JSON.stringify(codeServerSettings(collaboration), null, 2));
+    writeFileSync2(join4(userSettingsDir, "settings.json"), JSON.stringify(codeServerSettings(collaboration), null, 2));
     return { ok: true, userDataDir, extensionsDir, collaborationServerDir };
   } catch (_error) {
     return { ok: false, reason: "code_server_spawn_failed" };
@@ -4887,13 +5112,16 @@ function prepareLinuxCodeServerLaunch(options) {
     "/tmp",
     "--setenv",
     "HOME",
-    options.userDataDir,
+    options.cwd,
+    "--setenv",
+    "PWD",
+    options.cwd,
     "--setenv",
     "XDG_DATA_HOME",
-    join3(options.userDataDir, "data"),
+    join4(options.userDataDir, "data"),
     "--setenv",
     "XDG_CONFIG_HOME",
-    join3(options.userDataDir, "config"),
+    join4(options.userDataDir, "config"),
     ...readOnlyRoots.flatMap((path) => ["--ro-bind-try", path, path]),
     "--bind",
     options.cwd,
@@ -4966,12 +5194,12 @@ function resolveCodeServerExecutable(command, envPath) {
     if (directory.trim() === "") {
       continue;
     }
-    const candidate = join3(directory, command);
+    const candidate = join4(directory, command);
     if (!existsSync2(candidate)) {
       continue;
     }
     const realpath = realpathSync3(candidate);
-    return { ok: true, command: realpath, directory: dirname(realpath) };
+    return { ok: true, command: realpath, directory: dirname2(realpath) };
   }
   return { ok: false };
 }
@@ -4980,10 +5208,10 @@ function hasPathSeparator(path) {
 }
 function safeRealpathDir(path) {
   try {
-    const directory = dirname(realpathSync3(path));
+    const directory = dirname2(realpathSync3(path));
     return directory === "/" ? undefined : directory;
   } catch (_error) {
-    const directory = dirname(path);
+    const directory = dirname2(path);
     return directory === "." || directory === "/" ? undefined : directory;
   }
 }
@@ -5033,7 +5261,7 @@ function codeServerSettings(collaboration) {
     "workbench.welcomePage.walkthroughs.openOnInstall": false
   };
 }
-async function startCollaborationSidecar(collaboration, profile, editorRuntime) {
+async function startCollaborationSidecar(collaboration, profile, editorRuntime, runnerId) {
   if (collaboration === undefined) {
     return { ok: true, ready: Promise.resolve("ready") };
   }
@@ -5042,13 +5270,22 @@ async function startCollaborationSidecar(collaboration, profile, editorRuntime)
       installLocalTarball(editorRuntime.assets.collaborationExtensionTarball, profile.extensionsDir),
       installLocalTarball(editorRuntime.assets.collaborationServerTarball, profile.collaborationServerDir)
     ]);
-    const child = spawn2(nodeRuntimeExecutable(), [
-      join3(profile.collaborationServerDir, "open-collaboration-server", "bundle", "app.js"),
+    const command = nodeRuntimeExecutable();
+    const args = [
+      join4(profile.collaborationServerDir, "open-collaboration-server", "bundle", "app.js"),
       "--hostname",
       "127.0.0.1",
       "--port",
       String(collaboration.serverPort)
-    ], {
+    ];
+    writeCliAuditEvent("process.spawn", {
+      command,
+      args,
+      purpose: "local_editor.collaboration_sidecar",
+      editorSessionId: collaboration.editorSessionId,
+      runtimeSessionId: collaboration.runtimeSessionId
+    }, { sessionId: runnerId });
+    const child = spawn2(command, args, {
       env: {
         ...process.env,
         OCT_ACTIVATE_SIMPLE_LOGIN: "true",
@@ -5056,6 +5293,26 @@ async function startCollaborationSidecar(collaboration, profile, editorRuntime)
       },
       stdio: ["ignore", "inherit", "inherit"]
     });
+    writeCliAuditEvent("process.spawned", {
+      command,
+      args,
+      pid: child.pid,
+      purpose: "local_editor.collaboration_sidecar",
+      editorSessionId: collaboration.editorSessionId,
+      runtimeSessionId: collaboration.runtimeSessionId
+    }, { sessionId: runnerId });
+    child.once("exit", (code, signal) => {
+      writeCliAuditEvent("process.exit", {
+        command,
+        args,
+        pid: child.pid,
+        code,
+        signal,
+        purpose: "local_editor.collaboration_sidecar",
+        editorSessionId: collaboration.editorSessionId,
+        runtimeSessionId: collaboration.runtimeSessionId
+      }, { sessionId: runnerId });
+    });
     const exited = waitForCodeServerExit(child);
     const spawnResult = await waitForCodeServerSpawn(child);
     if (spawnResult === "failed") {
@@ -5089,21 +5346,22 @@ function nodeRuntimeExecutable(env = process.env, execPath = process.execPath) {
   return basename3(execPath).toLowerCase().includes("bun") ? "node" : execPath;
 }
 async function installLocalTarball(archivePath, destinationDir) {
-  mkdirSync2(destinationDir, { recursive: true });
+  mkdirSync3(destinationDir, { recursive: true });
   await runProcess("tar", ["-xzf", archivePath, "-C", destinationDir]);
 }
 function installDirectory(sourceDir, destinationDir) {
-  mkdirSync2(dirname(destinationDir), { recursive: true });
+  mkdirSync3(dirname2(destinationDir), { recursive: true });
   cpSync(sourceDir, destinationDir, { recursive: true });
 }
-function codeServerEnv(env, userDataDir, collaboration) {
+function codeServerEnv(env, cwd, userDataDir, collaboration) {
   const { PORT: _port, ...hostEnv } = env;
   const base = {
     ...hostEnv,
-    HOME: userDataDir,
-    XDG_CACHE_HOME: join3(userDataDir, "xdg-cache"),
-    XDG_CONFIG_HOME: join3(userDataDir, "xdg-config"),
-    XDG_DATA_HOME: join3(userDataDir, "xdg-data")
+    HOME: cwd,
+    PWD: cwd,
+    XDG_CACHE_HOME: join4(userDataDir, "xdg-cache"),
+    XDG_CONFIG_HOME: join4(userDataDir, "xdg-config"),
+    XDG_DATA_HOME: join4(userDataDir, "xdg-data")
   };
   if (collaboration === undefined) {
     return base;
@@ -5137,11 +5395,30 @@ function sameCollaboration(running, requested) {
 }
 function runProcess(command, args) {
   return new Promise((resolve4, reject) => {
+    writeCliAuditEvent("process.spawn", {
+      command,
+      args,
+      purpose: "local_editor.install_process"
+    });
     const child = spawn2(command, [...args], {
       stdio: ["ignore", "ignore", "inherit"]
     });
+    writeCliAuditEvent("process.spawned", {
+      command,
+      args,
+      pid: child.pid,
+      purpose: "local_editor.install_process"
+    });
     child.once("error", reject);
-    child.once("exit", (code) => {
+    child.once("exit", (code, signal) => {
+      writeCliAuditEvent("process.exit", {
+        command,
+        args,
+        pid: child.pid,
+        code,
+        signal,
+        purpose: "local_editor.install_process"
+      });
       if (code === 0) {
         resolve4();
       } else {
@@ -5293,17 +5570,17 @@ import { spawn as spawn4 } from "node:child_process";
 import { createHash as createHash2 } from "node:crypto";
 import {
   createReadStream,
-  createWriteStream,
+  createWriteStream as createWriteStream2,
   existsSync as existsSync3,
-  mkdirSync as mkdirSync3,
+  mkdirSync as mkdirSync4,
   mkdtempSync as mkdtempSync2,
   readFileSync as readFileSync2,
   renameSync,
   rmSync,
   writeFileSync as writeFileSync3
 } from "node:fs";
-import { homedir as homedir3 } from "node:os";
-import { dirname as dirname2, join as join4, resolve as resolve4 } from "node:path";
+import { homedir as homedir4 } from "node:os";
+import { dirname as dirname3, join as join5, resolve as resolve4 } from "node:path";
 import { Readable } from "node:stream";
 import { pipeline } from "node:stream/promises";
@@ -5490,8 +5767,8 @@ function startCallbackServer(args) {
         if (error !== null && error.trim() !== "") {
           rejectCallback?.(new Error(`local runner OAuth failed: ${error}`));
           writeOauthResult(response, {
-            title: "Linzumi CLI was not authorized",
-            body: "You denied the request. You can close this tab and rerun linzumi start when you are ready.",
+            title: "Not authorized",
+            body: "You denied the request. Close this tab and rerun the bootstrap command when you're ready.",
             status: 403
           });
           return;
@@ -5499,22 +5776,22 @@ function startCallbackServer(args) {
         if (code === null || state === null || code.trim() === "" || state.trim() === "") {
           writeOauthResult(response, {
             title: "Authorization callback was incomplete",
-            body: "Kandan did not send the local runner authorization code. Return to your terminal and try again.",
+            body: "We didn't receive the authorization code. Return to your terminal and try again.",
             status: 400
           });
           return;
         }
         resolveCallback?.({ code, state });
         writeOauthResult(response, {
-          title: "Linzumi CLI is connected",
-          body: "You can close this tab and return to the terminal. Kandan will finish starting the local runner.",
+          title: "Connected",
+          body: "You can close this tab. Your terminal will finish the setup.",
           status: 200
         });
       } catch (error) {
         rejectCallback?.(error);
         writeOauthResult(response, {
           title: "Authorization callback failed",
-          body: "Return to your terminal and rerun linzumi start.",
+          body: "Return to your terminal and rerun the bootstrap command.",
           status: 500
         });
       }
@@ -5578,7 +5855,18 @@ function openBrowser(url) {
   const command = process.platform === "darwin" ? "open" : process.platform === "win32" ? "cmd" : "xdg-open";
   const args = process.platform === "win32" ? ["/c", "start", "", url] : [url];
   return new Promise((resolve4) => {
+    writeCliAuditEvent("process.spawn", {
+      command,
+      args,
+      purpose: "oauth.open_browser"
+    });
     const child = spawn3(command, args, { stdio: "ignore", detached: true });
+    writeCliAuditEvent("process.spawned", {
+      command,
+      args,
+      pid: child.pid,
+      purpose: "oauth.open_browser"
+    });
     child.on("error", () => resolve4());
     child.on("spawn", () => {
       child.unref();
@@ -5765,8 +6053,8 @@ function normalizeRuntimeAssets(value) {
 }
 function installedRuntime(cacheRoot, manifest) {
   const runtimeRoot = runtimeInstallRoot(cacheRoot, manifest);
-  const manifestPath = join4(runtimeRoot, manifest.manifestPath);
-  const codeServerBin = join4(runtimeRoot, manifest.codeServerBinPath);
+  const manifestPath = join5(runtimeRoot, manifest.manifestPath);
+  const codeServerBin = join5(runtimeRoot, manifest.codeServerBinPath);
   const assets = verifiedRuntimeAssetPaths(runtimeRoot, manifest);
   if (!existsSync3(manifestPath) || !existsSync3(codeServerBin) || assets === undefined) {
     return { ok: false };
@@ -5790,10 +6078,10 @@ function installedRuntime(cacheRoot, manifest) {
   return { ok: false };
 }
 async function installRuntime(args) {
-  mkdirSync3(args.cacheRoot, { recursive: true });
-  const tempRoot = mkdtempSync2(join4(args.cacheRoot, ".install-"));
-  const archivePath = join4(tempRoot, "runtime.tar.gz");
-  const extractRoot = join4(tempRoot, "runtime");
+  mkdirSync4(args.cacheRoot, { recursive: true });
+  const tempRoot = mkdtempSync2(join5(args.cacheRoot, ".install-"));
+  const archivePath = join5(tempRoot, "runtime.tar.gz");
+  const extractRoot = join5(tempRoot, "runtime");
   try {
     const downloaded = await downloadArchive({
       kandanUrl: args.kandanUrl,
@@ -5805,7 +6093,7 @@ async function installRuntime(args) {
     if (!downloaded.ok) {
       return downloaded;
     }
-    mkdirSync3(extractRoot, { recursive: true });
+    mkdirSync4(extractRoot, { recursive: true });
     if (!await args.extractArchive(archivePath, extractRoot)) {
       return { ok: false, reason: "archive_extract_failed" };
     }
@@ -5818,13 +6106,13 @@ async function installRuntime(args) {
     if (!assetsInstalled) {
       return { ok: false, reason: "install_failed" };
     }
-    const manifestPath = join4(extractRoot, args.manifest.manifestPath);
-    const codeServerBin = join4(extractRoot, args.manifest.codeServerBinPath);
+    const manifestPath = join5(extractRoot, args.manifest.manifestPath);
+    const codeServerBin = join5(extractRoot, args.manifest.codeServerBinPath);
     const assets = verifiedRuntimeAssetPaths(extractRoot, args.manifest);
     if (!existsSync3(codeServerBin) || assets === undefined) {
       return { ok: false, reason: "invalid_archive" };
     }
-    mkdirSync3(dirname2(manifestPath), { recursive: true });
+    mkdirSync4(dirname3(manifestPath), { recursive: true });
     writeFileSync3(manifestPath, JSON.stringify({
       version: args.manifest.version,
       platform: args.manifest.platform,
@@ -5836,18 +6124,18 @@ async function installRuntime(args) {
     }, null, 2));
     const targetRoot = runtimeInstallRoot(args.cacheRoot, args.manifest);
     rmSync(targetRoot, { recursive: true, force: true });
-    mkdirSync3(dirname2(targetRoot), { recursive: true });
+    mkdirSync4(dirname3(targetRoot), { recursive: true });
     renameSync(extractRoot, targetRoot);
     return {
       ok: true,
       runtime: {
         mode: "server_managed",
         root: targetRoot,
-        codeServerBin: join4(targetRoot, args.manifest.codeServerBinPath),
+        codeServerBin: join5(targetRoot, args.manifest.codeServerBinPath),
         assets: {
-          collaborationExtensionTarball: join4(targetRoot, "kandan", "editor_extensions", "typefox.open-collaboration-tools.tar.gz"),
-          collaborationServerTarball: join4(targetRoot, "kandan", "editor_servers", "open-collaboration-server.tar.gz"),
-          documentStateExtensionDir: join4(targetRoot, "kandan", "editor_extensions", "kandan.document-state-telemetry")
+          collaborationExtensionTarball: join5(targetRoot, "kandan", "editor_extensions", "typefox.open-collaboration-tools.tar.gz"),
+          collaborationServerTarball: join5(targetRoot, "kandan", "editor_servers", "open-collaboration-server.tar.gz"),
+          documentStateExtensionDir: join5(targetRoot, "kandan", "editor_extensions", "kandan.document-state-telemetry")
         }
       }
     };
@@ -5859,7 +6147,7 @@ async function installRuntime(args) {
 }
 async function materializeRuntimeAssets(args) {
   for (const asset of args.manifest.assets) {
-    const targetPath = join4(args.runtimeRoot, asset.path);
+    const targetPath = join5(args.runtimeRoot, asset.path);
     try {
       const bytes = await runtimeAssetBytes({
         kandanUrl: args.kandanUrl,
@@ -5869,7 +6157,7 @@ async function materializeRuntimeAssets(args) {
       if (bytes === undefined) {
         continue;
       }
-      mkdirSync3(dirname2(targetPath), { recursive: true });
+      mkdirSync4(dirname3(targetPath), { recursive: true });
       writeFileSync3(targetPath, bytes);
     } catch (_error) {
       return false;
@@ -5900,7 +6188,7 @@ async function downloadArchive(args) {
   if (response.status !== 200 || response.body === null) {
     return { ok: false, reason: "download_failed" };
   }
-  await pipeline(Readable.fromWeb(response.body), createWriteStream(args.archivePath));
+  await pipeline(Readable.fromWeb(response.body), createWriteStream2(args.archivePath));
   const sha256 = await fileSha256(args.archivePath);
   if (sha256 !== args.manifest.archiveSha256) {
     return { ok: false, reason: "checksum_mismatch" };
@@ -5912,11 +6200,34 @@ function sameOrigin(left, right) {
 }
 function extractTarGz(archivePath, destination) {
   return new Promise((resolveExtract) => {
-    const child = spawn4("tar", ["-xzf", archivePath, "-C", destination], {
+    const command = "tar";
+    const args = ["-xzf", archivePath, "-C", destination];
+    writeCliAuditEvent("process.spawn", {
+      command,
+      args,
+      purpose: "editor_runtime.extract"
+    });
+    const child = spawn4(command, args, {
       stdio: ["ignore", "ignore", "ignore"]
     });
+    writeCliAuditEvent("process.spawned", {
+      command,
+      args,
+      pid: child.pid,
+      purpose: "editor_runtime.extract"
+    });
     child.on("error", () => resolveExtract(false));
-    child.on("exit", (code) => resolveExtract(code === 0));
+    child.on("exit", (code, signal) => {
+      writeCliAuditEvent("process.exit", {
+        command,
+        args,
+        pid: child.pid,
+        code,
+        signal,
+        purpose: "editor_runtime.extract"
+      });
+      resolveExtract(code === 0);
+    });
   });
 }
 function fileSha256(path) {
@@ -5932,14 +6243,14 @@ function runtimeInstallRoot(cacheRoot, manifest) {
   return resolve4(cacheRoot, manifest.platform, manifest.archiveSha256);
 }
 function verifiedRuntimeAssetPaths(runtimeRoot, manifest) {
-  const collaborationExtensionTarball = join4(runtimeRoot, "kandan", "editor_extensions", "typefox.open-collaboration-tools.tar.gz");
-  const collaborationServerTarball = join4(runtimeRoot, "kandan", "editor_servers", "open-collaboration-server.tar.gz");
-  const documentStateExtensionDir = join4(runtimeRoot, "kandan", "editor_extensions", "kandan.document-state-telemetry");
+  const collaborationExtensionTarball = join5(runtimeRoot, "kandan", "editor_extensions", "typefox.open-collaboration-tools.tar.gz");
+  const collaborationServerTarball = join5(runtimeRoot, "kandan", "editor_servers", "open-collaboration-server.tar.gz");
+  const documentStateExtensionDir = join5(runtimeRoot, "kandan", "editor_extensions", "kandan.document-state-telemetry");
   const codeServerRoot = codeServerRuntimeRoot(manifest.codeServerBinPath);
   const requiredPaths = [
     manifest.codeServerBinPath,
-    join4(codeServerRoot, "lib", "vscode", "node_modules", "vsda", "rust", "web", "vsda.js"),
-    join4(codeServerRoot, "lib", "vscode", "node_modules", "vsda", "rust", "web", "vsda_bg.wasm"),
+    join5(codeServerRoot, "lib", "vscode", "node_modules", "vsda", "rust", "web", "vsda.js"),
+    join5(codeServerRoot, "lib", "vscode", "node_modules", "vsda", "rust", "web", "vsda_bg.wasm"),
     "kandan/editor_extensions/typefox.open-collaboration-tools.tar.gz",
     "kandan/editor_servers/open-collaboration-server.tar.gz",
     "kandan/editor_extensions/kandan.document-state-telemetry/package.json",
@@ -5951,7 +6262,7 @@ function verifiedRuntimeAssetPaths(runtimeRoot, manifest) {
     if (expectedSha256 === undefined && relativePath !== manifest.codeServerBinPath) {
       return;
     }
-    const absolutePath = join4(runtimeRoot, relativePath);
+    const absolutePath = join5(runtimeRoot, relativePath);
     if (!existsSync3(absolutePath)) {
       return;
     }
@@ -5970,7 +6281,7 @@ function verifiedRuntimeAssetPaths(runtimeRoot, manifest) {
 }
 function codeServerRuntimeRoot(codeServerBinPath) {
   const normalized = codeServerBinPath.replaceAll("\\", "/");
-  return normalized === "bin/code-server" ? "." : normalized.endsWith("/bin/code-server") ? normalized.slice(0, -"/bin/code-server".length) || "." : dirname2(normalized);
+  return normalized === "bin/code-server" ? "." : normalized.endsWith("/bin/code-server") ? normalized.slice(0, -"/bin/code-server".length) || "." : dirname3(normalized);
 }
 function manifestAssetChecksums(assets) {
   const checksums = new Map;
@@ -5983,7 +6294,7 @@ function fileSha256Sync(path) {
   return createHash2("sha256").update(readFileSync2(path)).digest("hex");
 }
 function defaultEditorRuntimeCacheRoot() {
-  return join4(homedir3(), ".linzumi", "editor-runtimes");
+  return join5(homedir4(), ".linzumi", "editor-runtimes");
 }
 function nonEmptyString(value) {
   return typeof value === "string" && value.trim() !== "" ? value.trim() : undefined;
@@ -5996,10 +6307,24 @@ function sha256String(value) {
 // src/dependencyStatus.ts
 function probeTool(command, cwd) {
   return new Promise((resolve5) => {
-    const child = spawn5(command, ["--version"], {
+    const args = ["--version"];
+    writeCliAuditEvent("process.spawn", {
+      command,
+      args,
+      cwd,
+      purpose: "dependency_probe"
+    });
+    const child = spawn5(command, args, {
       cwd,
       stdio: ["ignore", "pipe", "pipe"]
     });
+    writeCliAuditEvent("process.spawned", {
+      command,
+      args,
+      cwd,
+      pid: child.pid,
+      purpose: "dependency_probe"
+    });
     let stdout = "";
     let stderr = "";
     let resolved = false;
@@ -6013,6 +6338,15 @@ function probeTool(command, cwd) {
     };
     const timeout = setTimeout(() => {
       child.kill("SIGKILL");
+      writeCliAuditEvent("process.exit", {
+        command,
+        args,
+        cwd,
+        pid: child.pid,
+        code: null,
+        signal: "SIGKILL",
+        purpose: "dependency_probe"
+      });
       finish({ command, available: false });
     }, 1000);
     child.stdout?.on("data", (chunk) => {
@@ -6022,9 +6356,28 @@ function probeTool(command, cwd) {
       stderr += chunk.toString();
     });
     child.on("error", () => {
+      writeCliAuditEvent("process.exit", {
+        command,
+        args,
+        cwd,
+        pid: child.pid,
+        code: null,
+        signal: null,
+        error: "spawn_failed",
+        purpose: "dependency_probe"
+      });
       finish({ command, available: false });
     });
-    child.on("exit", (code) => {
+    child.on("exit", (code, signal) => {
+      writeCliAuditEvent("process.exit", {
+        command,
+        args,
+        cwd,
+        pid: child.pid,
+        code,
+        signal,
+        purpose: "dependency_probe"
+      });
       if (code !== 0) {
         finish({ command, available: false });
         return;
@@ -6073,7 +6426,7 @@ function codeServerDependencyStatus(args) {
 }
 function assertStartDependencies(status) {
   if (!status.bun.available) {
-    throw new Error("Node.js is not available. Install Node.js 20+, then rerun linzumi start.");
+    throw new Error("Node.js is not available. Install Node.js 20+, then rerun the bootstrap command.");
   }
   if (!status.codex.available) {
     throw new Error(`Codex is not available at ${status.codex.command}. Install Codex or pass --codex-bin <path>.`);
@@ -6337,35 +6690,6 @@ function waitForOpen2(websocket) {
   });
 }
-// src/runnerLogger.ts
-import { openSync } from "node:fs";
-import { createWriteStream as createWriteStream2 } from "node:fs";
-import { dirname as dirname3 } from "node:path";
-import { mkdirSync as mkdirSync4 } from "node:fs";
-function createRunnerLogger(logFile, consoleReporter) {
-  mkdirSync4(dirname3(logFile), { recursive: true });
-  const fd = openSync(logFile, "a");
-  const stream = createWriteStream2("", { fd, flags: "a", autoClose: true });
-  const logger = (event, payload) => {
-    stream.write(`${JSON.stringify({ ts: new Date().toISOString(), event, ...payload })}
-`, "utf8");
-    consoleReporter?.(event, payload);
-  };
-  Object.defineProperty(logger, "close", {
-    value: () => closeStream(stream)
-  });
-  return logger;
-}
-function closeStream(stream) {
-  if (stream.closed || stream.destroyed) {
-    return Promise.resolve();
-  }
-  return new Promise((resolve5, reject) => {
-    stream.once("error", reject);
-    stream.end(resolve5);
-  });
-}
 // src/runnerConsoleReporter.ts
 function reportRunnerConsoleEvent(event, payload) {
   const line = formatRunnerConsoleEvent(event, payload);
@@ -6487,6 +6811,26 @@ async function openLocalCodexRunner(options, log, cleanup, close) {
   const allowedForwardPorts = options.allowedForwardPorts ?? [];
   const liveForwardPorts = new Set(allowedForwardPorts);
   const managedForwardPorts = new Set;
+  const forwardPortAttributions = new Map;
+  const setForwardPortAttribution = (port, attribution) => {
+    forwardPortAttributions.set(port, {
+      kandanThreadId: attribution.kandanThreadId ?? null,
+      codexThreadId: attribution.codexThreadId ?? null,
+      channelSlug: attribution.channelSlug ?? null
+    });
+  };
+  const clearForwardPortAttribution = (port) => {
+    forwardPortAttributions.delete(port);
+  };
+  const buildForwardPortAttributionPayload = () => Array.from(liveForwardPorts).sort((left, right) => left - right).map((port) => {
+    const attribution = forwardPortAttributions.get(port);
+    return {
+      port,
+      kandanThreadId: attribution?.kandanThreadId ?? null,
+      codexThreadId: attribution?.codexThreadId ?? null,
+      channelSlug: attribution?.channelSlug ?? null
+    };
+  });
   const allowedCwds = { value: [...options.allowedCwds] };
   const localEditorState = {
     value: { status: "disabled" }
@@ -6506,6 +6850,7 @@ async function openLocalCodexRunner(options, log, cleanup, close) {
     allowedCwdSuggestions: allowedCwdSuggestions(options.cwd, allowedCwds.value),
     portForwarding: liveForwardPorts.size > 0,
     allowedPorts: Array.from(liveForwardPorts).sort((left, right) => left - right),
+    forwardedPortAttributions: buildForwardPortAttributionPayload(),
     toolStatus: options.dependencyStatus === undefined ? null : dependencyStatusPayload(options.dependencyStatus),
     editorRuntime: options.dependencyStatus?.editorRuntime === undefined ? null : dependencyStatusPayload(options.dependencyStatus).editorRuntime,
     ...localEditorCapabilities(options.editorRuntime, allowedCwds.value, localEditorState.value)
@@ -6613,12 +6958,14 @@ async function openLocalCodexRunner(options, log, cleanup, close) {
       enablePortForwardWatch: true,
       initialForwardPorts: allowedForwardPorts,
       suppressedForwardPorts: () => Array.from(managedForwardPorts),
-      onForwardPortApproved: (port) => {
+      onForwardPortApproved: (port, attribution) => {
         liveForwardPorts.add(port);
+        setForwardPortAttribution(port, attribution);
         return capabilitiesPayload();
       },
       onForwardPortRevoked: (port) => {
         liveForwardPorts.delete(port);
+        clearForwardPortAttribution(port);
         return capabilitiesPayload();
       },
       channelSession: options.channelSession
@@ -6660,12 +7007,14 @@ async function openLocalCodexRunner(options, log, cleanup, close) {
         enablePortForwardWatch: true,
         initialForwardPorts: allowedForwardPorts,
         suppressedForwardPorts: () => Array.from(managedForwardPorts),
-        onForwardPortApproved: (port) => {
+        onForwardPortApproved: (port, attribution) => {
           liveForwardPorts.add(port);
+          setForwardPortAttribution(port, attribution);
           return capabilitiesPayload();
         },
         onForwardPortRevoked: (port) => {
           liveForwardPorts.delete(port);
+          clearForwardPortAttribution(port);
           return capabilitiesPayload();
         },
         channelSession: {
@@ -6761,7 +7110,17 @@ async function openLocalCodexRunner(options, log, cleanup, close) {
       return;
     }
     if (isForwardHttpRequestControl(control)) {
-      handleForwardHttpRequest(control, Array.from(liveForwardPorts)).then((response) => kandan.push(topic, "forward:http_response", response)).catch((error) => kandan.push(topic, "forward:http_response", {
+      handleForwardHttpRequest(control, Array.from(liveForwardPorts)).then((response) => {
+        log("kandan.forward_response", {
+          requestId: control.requestId,
+          port: control.port,
+          path: control.path,
+          status: response.status,
+          ok: response.ok,
+          location: forwardedHeaderValue(response.headers, "location")
+        });
+        return kandan.push(topic, "forward:http_response", response);
+      }).catch((error) => kandan.push(topic, "forward:http_response", {
         requestId: control.requestId,
         ok: false,
         error: error instanceof Error ? error.message : String(error)
@@ -6928,7 +7287,7 @@ function normalizedWorkDescription(value) {
   return normalized === undefined || normalized === "" ? undefined : normalized;
 }
 function makeRunnerLogger(options) {
-  return createRunnerLogger(options.logFile ?? join5(options.cwd, ".linzumi-runner.log"), options.launchTui ? undefined : reportRunnerConsoleEvent);
+  return createRunnerLogger(options.logFile ?? join6(options.cwd, ".linzumi-runner.log"), options.launchTui ? undefined : reportRunnerConsoleEvent);
 }
 function installCleanupHandlers(close) {
   const closeAndExit = () => {
@@ -6953,11 +7312,44 @@ function installCleanupHandlers(close) {
   };
 }
 function launchCodexTui(codexBin, codexUrl, cwd, codexThreadId, session, fast) {
-  return spawn6(codexBin, codexTuiArgs(codexUrl, codexThreadId, session, fast), {
+  const args = codexTuiArgs(codexUrl, codexThreadId, session, fast);
+  writeCliAuditEvent("process.spawn", {
+    command: codexBin,
+    args,
+    cwd,
+    purpose: "codex.tui"
+  });
+  const child = spawn6(codexBin, args, {
     cwd,
     env: process.env,
     stdio: "inherit"
   });
+  writeCliAuditEvent("process.spawned", {
+    command: codexBin,
+    args,
+    cwd,
+    pid: child.pid,
+    purpose: "codex.tui"
+  });
+  child.once("exit", (code, signal) => {
+    writeCliAuditEvent("process.exit", {
+      command: codexBin,
+      args,
+      cwd,
+      pid: child.pid,
+      code,
+      signal,
+      purpose: "codex.tui"
+    });
+  });
+  return child;
+}
+function forwardedHeaderValue(headers, name) {
+  if (!Array.isArray(headers)) {
+    return;
+  }
+  const header = headers.find((value) => isJsonObject(value) && typeof value.name === "string" && value.name.toLowerCase() === name.toLowerCase() && typeof value.value === "string");
+  return isJsonObject(header) && typeof header.value === "string" ? header.value : undefined;
 }
 function codexTuiArgs(codexUrl, codexThreadId, session, fast) {
   const overrides = codexTuiConfigArgs(session, fast);
@@ -7206,11 +7598,11 @@ function allowedCwdSuggestions(cwd, allowedCwds) {
 // src/authCache.ts
 import { existsSync as existsSync4, mkdirSync as mkdirSync5, readFileSync as readFileSync3, writeFileSync as writeFileSync4 } from "node:fs";
-import { homedir as homedir4 } from "node:os";
-import { dirname as dirname4, join as join6 } from "node:path";
+import { homedir as homedir5 } from "node:os";
+import { dirname as dirname4, join as join7 } from "node:path";
 function defaultAuthFilePath() {
-  const base = process.env.KANDAN_HOME ?? join6(homedir4(), ".kandan");
-  return join6(base, "auth.json");
+  const base = process.env.KANDAN_HOME ?? join7(homedir5(), ".kandan");
+  return join7(base, "auth.json");
 }
 function readCachedLocalRunnerToken(kandanUrl, authFilePath = defaultAuthFilePath()) {
   if (!existsSync4(authFilePath)) {
@@ -7345,11 +7737,11 @@ async function acquireAndCacheToken(args) {
 // src/localConfig.ts
 import { existsSync as existsSync5, mkdirSync as mkdirSync6, readFileSync as readFileSync4, realpathSync as realpathSync4, writeFileSync as writeFileSync5 } from "node:fs";
-import { homedir as homedir5 } from "node:os";
+import { homedir as homedir6 } from "node:os";
 import { dirname as dirname5, resolve as resolve5 } from "node:path";
 function localConfigPath(env = process.env) {
   const override = env.LINZUMI_CONFIG_FILE;
-  return override !== undefined && override.trim() !== "" ? resolve5(expandUserPath(override)) : resolve5(homedir5(), ".linzumi", "config.json");
+  return override !== undefined && override.trim() !== "" ? resolve5(expandUserPath(override)) : resolve5(homedir6(), ".linzumi", "config.json");
 }
 function readLocalConfig(path = localConfigPath()) {
   if (!existsSync5(path)) {
@@ -7410,6 +7802,10 @@ function realpathOrResolved(pathValue) {
   }
 }
+// src/defaultUrls.ts
+var defaultLinzumiHttpUrl = "https://serve.linzumi.com";
+var defaultLinzumiWebSocketUrl = "wss://serve.linzumi.com";
 // src/kandanTls.ts
 import { existsSync as existsSync6, readFileSync as readFileSync5 } from "node:fs";
 import { Agent } from "undici";
@@ -7455,9 +7851,8 @@ function trustedWebSocketFactory(trust, WebSocketImpl = WsWebSocket) {
 // src/agentBootstrap.ts
 import { existsSync as existsSync7, mkdirSync as mkdirSync7, readFileSync as readFileSync6, writeFileSync as writeFileSync6 } from "node:fs";
-import { dirname as dirname6, join as join7 } from "node:path";
-import { homedir as homedir6 } from "node:os";
-var defaultApiUrl = "https://serve.linzumi.com";
+import { dirname as dirname6, join as join8 } from "node:path";
+import { homedir as homedir7 } from "node:os";
 async function runAgentCliCommand(args, deps = {
   fetchImpl: fetch,
   stdout: process.stdout,
@@ -7475,6 +7870,12 @@ async function runAgentCliCommand(args, deps = {
     case "claim":
       await runClaim(command, deps);
       return;
+    case "loginLinkIssue":
+      await runLoginLinkIssue(command, deps);
+      return;
+    case "loginLinkClaim":
+      await runLoginLinkClaim(command, deps);
+      return;
     case "threadNew":
       await runThreadNew(command, deps);
       return;
@@ -7529,6 +7930,28 @@ function parseAgentCommand(args) {
         tokenFile: agentTokenFile(parsed.flags)
       };
     }
+    case "login-link": {
+      const [subcommand, ...subcommandArgs] = rest;
+      const parsed = parseAgentArgs(subcommandArgs);
+      switch (subcommand) {
+        case "issue":
+          return {
+            kind: "loginLinkIssue",
+            apiUrl: agentApiUrl(parsed.flags),
+            email: requiredFlag(parsed.flags, "email"),
+            workspaceId: requiredFlag(parsed.flags, "workspace")
+          };
+        case "claim":
+          return {
+            kind: "loginLinkClaim",
+            apiUrl: agentApiUrl(parsed.flags),
+            pendingId: requiredFlag(parsed.flags, "pending"),
+            code: requiredFlag(parsed.flags, "code")
+          };
+        default:
+          throw new Error("linzumi login-link supports: issue, claim");
+      }
+    }
     case "thread": {
       const [subcommand, ...subcommandArgs] = rest;
       if (subcommand !== "new") {
@@ -7791,6 +8214,7 @@ async function runClaim(command, deps) {
 `);
   deps.stdout.write(`login_url: ${tokenFile.loginUrl}
 `);
+  writeHumanLoginUrlWarning(deps);
   deps.stdout.write(`channel_url: ${tokenFile.channelUrl}
 `);
   deps.stdout.write(`support_channel_id: ${tokenFile.supportChannelId}
@@ -7798,6 +8222,37 @@ async function runClaim(command, deps) {
   deps.stdout.write(`support_channel_url: ${tokenFile.supportChannelUrl}
 `);
 }
+async function runLoginLinkIssue(command, deps) {
+  const response = await postJson(command.apiUrl, "/agent/login-link/issue", {
+    email: command.email,
+    workspace_id: command.workspaceId
+  }, undefined, deps.fetchImpl);
+  const pendingId = requiredString(response, "pending_id");
+  const expiresInSeconds = numberValue2(response.expires_in_seconds) ?? 600;
+  const codeFormatHint = stringValue(response.code_format_hint) ?? "XXXX-XXXX";
+  deps.stdout.write(`pending_id: ${pendingId}
+`);
+  deps.stdout.write(`Code emailed to ${command.email} (format ${codeFormatHint}, expires in ${Math.ceil(expiresInSeconds / 60)}m)
+`);
+}
+async function runLoginLinkClaim(command, deps) {
+  const response = await postJson(command.apiUrl, "/agent/login-link/claim", {
+    pending_id: command.pendingId,
+    code: command.code
+  }, undefined, deps.fetchImpl);
+  deps.stdout.write(`workspace_id: ${requiredString(response, "workspace_id")}
+`);
+  const workspaceName = stringValue(response.workspace_name);
+  if (workspaceName !== undefined) {
+    deps.stdout.write(`workspace_name: ${workspaceName}
+`);
+  }
+  deps.stdout.write(`login_url: ${requiredString(response, "login_url")}
+`);
+  writeHumanLoginUrlWarning(deps);
+  deps.stdout.write(`channel_url: ${requiredString(response, "channel_url")}
+`);
+}
 async function runThreadNew(command, deps) {
   const tokenFile = readTokenFile(command.tokenFile, deps.readTextFile);
   const response = await postJson(command.apiUrl, "/agent/threads", {
@@ -7988,13 +8443,13 @@ function numberValue2(value) {
   return typeof value === "number" && Number.isFinite(value) ? value : undefined;
 }
 function agentApiUrl(flags) {
-  return flags.get("api-url") ?? defaultApiUrl;
+  return flags.get("api-url") ?? defaultLinzumiHttpUrl;
 }
 function agentTokenFile(flags) {
   return flags.get("agent-token-file") ?? defaultAgentTokenFilePath();
 }
 function defaultAgentTokenFilePath() {
-  return join7(homedir6(), ".linzumi", "agent-token.json");
+  return join8(homedir7(), ".linzumi", "agent-token.json");
 }
 function normalizedApiUrl(apiUrl) {
   return apiUrl.endsWith("/") ? apiUrl : `${apiUrl}/`;
@@ -8045,12 +8500,20 @@ function writeTokenFile(path, tokenFile, writeTextFile2) {
   writeTextFile2(path, `${JSON.stringify(tokenFile, null, 2)}
 `);
 }
+function writeHumanLoginUrlWarning(deps) {
+  deps.stdout.write(`This is a one-time human login link. Do not open it from automation.
+`);
+  deps.stdout.write(`Give it directly to the human who will use the workspace.
+`);
+}
 function agentHelpText() {
   return `Linzumi agent bootstrap
 Usage:
   linzumi signup --email <email> --agent-name <name> [--workspace-name <name>] [--api-url <url>]
   linzumi claim --pending <pending_id> --code <XXXX-XXXX> [--api-url <url>]
+  linzumi login-link issue --email <email> --workspace <workspace_id> [--api-url <url>]
+  linzumi login-link claim --pending <pending_id> --code <XXXX-XXXX> [--api-url <url>]
   linzumi thread new <title> --message <message> [--api-url <url>]
   linzumi channel post <channel_id> <message> [--api-url <url>]
   linzumi post <thread_id> <message> [--kind progress|question]
@@ -8061,10 +8524,14 @@ Usage:
   linzumi editor open <thread_id> --runner <runner_id> --cwd <path>
 Options:
-  --api-url <url>             Agent API origin, default ${defaultApiUrl}
+  --api-url <url>             Agent API origin, default ${defaultLinzumiHttpUrl}
   --agent-token-file <path>   Token cache path, default ~/.linzumi/agent-token.json
   --workspace-name <name>     Human-readable workspace name requested during signup
+Human login:
+  Human browser login recovery; prints one-time links for the human only.
+  Do not open login_url from Codex, CLI automation, or an unconfirmed browser profile.
 Launch target:
   zero-to-hello-world-pr+editor in under 3 minutes.
 `;
@@ -8072,7 +8539,7 @@ Launch target:
 // src/helloLinzumiProject.ts
 import { existsSync as existsSync8, mkdirSync as mkdirSync8, readFileSync as readFileSync7, rmSync as rmSync2, writeFileSync as writeFileSync7 } from "node:fs";
-import { dirname as dirname7, join as join8, resolve as resolve6 } from "node:path";
+import { dirname as dirname7, join as join9, resolve as resolve6 } from "node:path";
 import { fileURLToPath } from "node:url";
 var defaultHelloLinzumiProjectDir = "/tmp/hello_linzumi";
 var defaultHelloLinzumiProjectName = "hello_linzumi";
@@ -8081,7 +8548,7 @@ var defaultHelloLinzumiPort = 8787;
 var defaultHelloLinzumiHost = "0.0.0.0";
 var markerFile = ".linzumi-demo-project";
 var moduleDir = dirname7(fileURLToPath(import.meta.url));
-var linzumiLogoSvg = readFileSync7(join8(moduleDir, "assets", "linzumi-logo.svg"), "utf8");
+var linzumiLogoSvg = readFileSync7(join9(moduleDir, "assets", "linzumi-logo.svg"), "utf8");
 function createHelloLinzumiProject(input = {}) {
   const options = typeof input === "string" ? { rootPath: input } : input;
   const root = resolveHelloProjectRoot(options);
@@ -8089,9 +8556,9 @@ function createHelloLinzumiProject(input = {}) {
   const host = normalizeHost(options.host);
   assertTcpPort(port);
   assertWritableDemoRoot(root, options.reset === true);
-  mkdirSync8(join8(root, "src"), { recursive: true });
+  mkdirSync8(join9(root, "src"), { recursive: true });
   for (const file of demoFiles({ root, port, host })) {
-    writeFileSync7(join8(root, file.path), file.content, "utf8");
+    writeFileSync7(join9(root, file.path), file.content, "utf8");
   }
   return {
     root,
@@ -8135,7 +8602,7 @@ function assertWritableDemoRoot(root, reset) {
   if (!existsSync8(root)) {
     return;
   }
-  const markerPath = join8(root, markerFile);
+  const markerPath = join9(root, markerFile);
   const isDemoRoot = existsSync8(markerPath) && readFileSync7(markerPath, "utf8").trim() === "hello-linzumi";
   if (isDemoRoot && reset) {
     rmSync2(root, { recursive: true, force: true });
@@ -8643,19 +9110,19 @@ import {
   watch,
   writeFileSync as writeFileSync8
 } from "node:fs";
-import { homedir as homedir7 } from "node:os";
-import { dirname as dirname8, join as join9, resolve as resolve7 } from "node:path";
+import { homedir as homedir8 } from "node:os";
+import { dirname as dirname8, join as join10, resolve as resolve7 } from "node:path";
 import { execFileSync, spawn as spawn7 } from "node:child_process";
 import { fileURLToPath as fileURLToPath2 } from "node:url";
 var connectedMarker = "Runner connected:";
 function commanderStatusDir() {
-  return join9(homedir7(), ".linzumi", "commanders");
+  return join10(homedir8(), ".linzumi", "commanders");
 }
 function commanderStatusFile(runnerId, statusDir = commanderStatusDir()) {
-  return join9(statusDir, `${safeRunnerId(runnerId)}.json`);
+  return join10(statusDir, `${safeRunnerId(runnerId)}.json`);
 }
 function defaultCommanderLogFile(runnerId, statusDir = commanderStatusDir()) {
-  return join9(statusDir, `${safeRunnerId(runnerId)}.log`);
+  return join10(statusDir, `${safeRunnerId(runnerId)}.log`);
 }
 function startCommanderDaemon(options) {
   const statusDir = options.statusDir ?? commanderStatusDir();
@@ -8677,11 +9144,24 @@ function startCommanderDaemon(options) {
   mkdirSync9(dirname8(logFile), { recursive: true });
   const out = openSync2(logFile, "a");
   const err = openSync2(logFile, "a");
+  writeCliAuditEvent("process.spawn", {
+    command: nodeBin,
+    args: command,
+    cwd: options.cwd,
+    purpose: "commander_daemon.start"
+  }, { sessionId: options.runnerId });
   const child = (options.spawnImpl ?? spawn7)(nodeBin, command, {
     detached: true,
     stdio: ["ignore", out, err],
     env: process.env
   });
+  writeCliAuditEvent("process.spawned", {
+    command: nodeBin,
+    args: command,
+    cwd: options.cwd,
+    pid: child.pid,
+    purpose: "commander_daemon.start"
+  }, { sessionId: options.runnerId });
   closeSync(out);
   closeSync(err);
   child.unref();
@@ -8805,10 +9285,22 @@ function processMatchesRecord(record, processIdentityReader) {
 }
 function readProcessIdentity(pid) {
   try {
-    const output = execFileSync("ps", ["-p", String(pid), "-o", "lstart=", "-o", "command="], {
+    const command = "ps";
+    const args = ["-p", String(pid), "-o", "lstart=", "-o", "command="];
+    writeCliAuditEvent("process.exec_file", {
+      command,
+      args,
+      purpose: "commander_daemon.process_identity"
+    });
+    const output = execFileSync(command, args, {
       encoding: "utf8",
       stdio: ["ignore", "pipe", "ignore"]
     }).trim();
+    writeCliAuditEvent("process.exec_file_completed", {
+      command,
+      args,
+      purpose: "commander_daemon.process_identity"
+    });
     if (output === "") {
       return;
     }
@@ -8923,7 +9415,7 @@ async function main(args) {
       process.stdout.write(connectGuideText());
       return;
     case "version":
-      process.stdout.write(`linzumi 0.0.33-beta
+      process.stdout.write(`linzumi 0.0.34-beta
 `);
       return;
     case "auth":
@@ -8994,6 +9486,7 @@ function parseCommand(args) {
       return { command: "commanderDaemon", args: ["stop", ...rest] };
     case "signup":
     case "claim":
+    case "login-link":
     case "thread":
     case "channel":
     case "post":
@@ -9199,7 +9692,7 @@ async function parseStartRunnerArgs(args, deps = {
     process.exit(0);
   }
   rejectStartTargetingFlags(values);
-  const kandanUrl = stringValue3(values, "kandan-url") ?? "wss://serve.linzumi.com";
+  const kandanUrl = stringValue3(values, "kandan-url") ?? defaultLinzumiWebSocketUrl;
   const requestedCwd = resolveUserPath(cwdArg ?? process.cwd());
   const cwd = assertConfiguredAllowedCwds([requestedCwd])[0] ?? requestedCwd;
   const explicitAllowedCwds = values.has("allowed-cwd") ? assertConfiguredAllowedCwds(parseAllowedCwdList(stringValue3(values, "allowed-cwd"))) : [];
@@ -9436,7 +9929,7 @@ async function parseRunnerArgs(args, deps = {
     process.exit(0);
   }
   if (values.get("version") === true) {
-    process.stdout.write(`linzumi 0.0.33-beta
+    process.stdout.write(`linzumi 0.0.34-beta
 `);
     process.exit(0);
   }
@@ -9581,10 +10074,10 @@ function rejectStartTargetingFlags(values) {
 }
 function resolveUserPath(pathValue) {
   if (pathValue === "~") {
-    return homedir8();
+    return homedir9();
   }
   if (pathValue.startsWith("~/")) {
-    return resolve8(homedir8(), pathValue.slice(2));
+    return resolve8(homedir9(), pathValue.slice(2));
   }
   return resolve8(pathValue);
 }
@@ -9679,6 +10172,8 @@ Usage:
   linzumi
   linzumi signup --email <email> --agent-name <name> [--workspace-name <name>]
   linzumi claim --pending <pending_id> --code <XXXX-XXXX>
+  linzumi login-link issue --email <email> --workspace <workspace_id>
+  linzumi login-link claim --pending <pending_id> --code <XXXX-XXXX>
   linzumi thread new <title> --message <message>
   linzumi post <thread_id> <message>
   linzumi inbox <thread_id> --since-last
@@ -9694,7 +10189,7 @@ Usage:
   linzumi auth --kandan-url <ws-url> [--workspace <slug> --channel <slug>]
 Required:
-  --kandan-url <ws-url>       Linzumi backend URL, default wss://serve.linzumi.com
+  --kandan-url <ws-url>       Linzumi backend URL, default ${defaultLinzumiWebSocketUrl}
   --token <jwt>               Optional override token. Otherwise ~/.linzumi/auth.json is validated or OAuth opens.
   --auth-file <path>          Auth cache path, default ~/.linzumi/auth.json
   --oauth-callback-host <ip>  Callback host reachable by your browser
@@ -9831,7 +10326,7 @@ What it does:
   previews, and the browser VS Code editor.
 Options:
-  --kandan-url <ws-url>       Linzumi backend URL, default wss://serve.linzumi.com
+  --kandan-url <ws-url>       Linzumi backend URL, default ${defaultLinzumiWebSocketUrl}
   --token <jwt>               Optional scoped local-runner token override
   --auth-file <path>          Auth cache path, default ~/.linzumi/auth.json
   --oauth-callback-host <ip>  Callback host reachable by your browser