@oh-my-pi/pi-coding-agent 12.7.6 → 12.8.1

package/src/secrets/obfuscator.ts

@@ -0,0 +1,269 @@
+import type { Message, TextContent } from "@oh-my-pi/pi-ai";
+import { compileSecretRegex } from "./regex";
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Types
+// ═══════════════════════════════════════════════════════════════════════════
+
+export interface SecretEntry {
+	type: "plain" | "regex";
+	content: string;
+	mode?: "obfuscate" | "replace";
+	replacement?: string;
+	flags?: string;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Deterministic replacement generation
+// ═══════════════════════════════════════════════════════════════════════════
+
+const REPLACEMENT_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+
+/** Generate a deterministic same-length replacement string from a secret value. */
+function generateDeterministicReplacement(secret: string): string {
+	// Simple hash: use Bun.hash for speed, seed from the secret bytes
+	const hash = BigInt(Bun.hash(secret));
+	const chars: string[] = [];
+	let h = hash;
+	for (let i = 0; i < secret.length; i++) {
+		// Mix the hash for each character position
+		h = h ^ (BigInt(i + 1) * 0x9e3779b97f4a7c15n);
+		const idx = Number((h < 0n ? -h : h) % BigInt(REPLACEMENT_CHARS.length));
+		chars.push(REPLACEMENT_CHARS[idx]);
+	}
+	return chars.join("");
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Placeholder format
+// ═══════════════════════════════════════════════════════════════════════════
+
+const PLACEHOLDER_PREFIX = "<<$env:S";
+const PLACEHOLDER_SUFFIX = ">>";
+
+/** Build an obfuscation placeholder for secret index N, padded to match the secret length. */
+function buildPlaceholder(index: number, secretLength: number): string {
+	// Minimum: <<$env:SN>> = 11 chars for single-digit index
+	const bare = `${PLACEHOLDER_PREFIX}${index}${PLACEHOLDER_SUFFIX}`;
+	if (secretLength <= bare.length) {
+		return bare;
+	}
+	// Pad with '.' between index and >>
+	const paddingNeeded = secretLength - bare.length;
+	const padding = ".".repeat(paddingNeeded);
+	return `${PLACEHOLDER_PREFIX}${index}=${padding}${PLACEHOLDER_SUFFIX}`;
+}
+
+/** Regex to match obfuscation placeholders: <<$env:S<N>=?<padding>?>> */
+const PLACEHOLDER_RE = /<<\$env:S(\d+)(?:=[.]*)?>>(?!>)/g;
+
+// ═══════════════════════════════════════════════════════════════════════════
+// SecretObfuscator
+// ═══════════════════════════════════════════════════════════════════════════
+
+export class SecretObfuscator {
+	/** Plain secrets: secret → index (known at construction) */
+	#plainMappings = new Map<string, number>();
+
+	/** Regex entries (patterns compiled at construction) */
+	#regexEntries: Array<{ regex: RegExp; mode: "obfuscate" | "replace"; replacement?: string }> = [];
+
+	/** All obfuscate-mode mappings: index → { secret, placeholder } */
+	#obfuscateMappings = new Map<number, { secret: string; placeholder: string }>();
+
+	/** Replace-mode plain mappings: secret → replacement */
+	#replaceMappings = new Map<string, string>();
+
+	/** Reverse lookup for deobfuscation: placeholder → secret */
+	#deobfuscateMap = new Map<string, string>();
+
+	/** Next available index for regex match discoveries */
+	#nextIndex: number;
+
+	/** Whether any secrets were configured */
+	#hasAny: boolean;
+
+	constructor(entries: SecretEntry[]) {
+		let index = 0;
+		for (const entry of entries) {
+			const mode = entry.mode ?? "obfuscate";
+
+			if (entry.type === "plain") {
+				if (mode === "obfuscate") {
+					const placeholder = buildPlaceholder(index, entry.content.length);
+					this.#plainMappings.set(entry.content, index);
+					this.#obfuscateMappings.set(index, { secret: entry.content, placeholder });
+					this.#deobfuscateMap.set(placeholder, entry.content);
+					index++;
+				} else {
+					// replace mode
+					const replacement = entry.replacement ?? generateDeterministicReplacement(entry.content);
+					this.#replaceMappings.set(entry.content, replacement);
+				}
+			} else {
+				// regex type — compiled here, matches discovered during obfuscate()
+				try {
+					const regex = compileSecretRegex(entry.content, entry.flags);
+					this.#regexEntries.push({ regex, mode, replacement: entry.replacement });
+				} catch {
+					// Invalid regex — skip silently (validation happens at load time)
+				}
+			}
+		}
+
+		this.#nextIndex = index;
+		this.#hasAny = entries.length > 0;
+	}
+
+	hasSecrets(): boolean {
+		return this.#hasAny;
+	}
+
+	/** Obfuscate all secrets in text. Bidirectional placeholders for obfuscate mode, one-way for replace. */
+	obfuscate(text: string): string {
+		if (!this.#hasAny) return text;
+		let result = text;
+
+		// 1. Process replace-mode plain secrets
+		for (const [secret, replacement] of [...this.#replaceMappings].sort((a, b) => b[0].length - a[0].length)) {
+			result = replaceAll(result, secret, replacement);
+		}
+
+		// 2. Process obfuscate-mode plain secrets
+		for (const [secret, index] of [...this.#plainMappings].sort((a, b) => b[0].length - a[0].length)) {
+			const mapping = this.#obfuscateMappings.get(index)!;
+			result = replaceAll(result, secret, mapping.placeholder);
+		}
+
+		// 3. Process regex entries — discover new matches
+		for (const entry of this.#regexEntries) {
+			entry.regex.lastIndex = 0;
+			const matches = new Set<string>();
+			for (;;) {
+				const match = entry.regex.exec(result);
+				if (match === null) break;
+				if (match[0].length === 0) {
+					entry.regex.lastIndex++;
+					continue;
+				}
+				matches.add(match[0]);
+			}
+
+			for (const matchValue of matches) {
+				if (entry.mode === "replace") {
+					const replacement = entry.replacement ?? generateDeterministicReplacement(matchValue);
+					result = replaceAll(result, matchValue, replacement);
+				} else {
+					// obfuscate mode — get or create stable index
+					let index = this.#findObfuscateIndex(matchValue);
+					if (index === undefined) {
+						index = this.#nextIndex++;
+						const placeholder = buildPlaceholder(index, matchValue.length);
+						this.#obfuscateMappings.set(index, { secret: matchValue, placeholder });
+						this.#deobfuscateMap.set(placeholder, matchValue);
+					}
+					const mapping = this.#obfuscateMappings.get(index)!;
+					result = replaceAll(result, matchValue, mapping.placeholder);
+				}
+			}
+		}
+
+		return result;
+	}
+
+	/** Deobfuscate obfuscate-mode placeholders back to original secrets. Replace-mode is NOT reversed. */
+	deobfuscate(text: string): string {
+		if (!this.#hasAny) return text;
+		return text.replace(PLACEHOLDER_RE, match => {
+			return this.#deobfuscateMap.get(match) ?? match;
+		});
+	}
+
+	/** Deep-walk an object, deobfuscating all string values. */
+	deobfuscateObject<T>(obj: T): T {
+		if (!this.#hasAny) return obj;
+		return deepWalkStrings(obj, s => this.deobfuscate(s));
+	}
+
+	/** Find the obfuscate index for a known secret value. */
+	#findObfuscateIndex(secret: string): number | undefined {
+		// Check plain mappings first
+		const plainIndex = this.#plainMappings.get(secret);
+		if (plainIndex !== undefined) return plainIndex;
+
+		// Check regex-discovered mappings
+		for (const [index, mapping] of this.#obfuscateMappings) {
+			if (mapping.secret === secret) return index;
+		}
+		return undefined;
+	}
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Message obfuscation (outbound to LLM)
+// ═══════════════════════════════════════════════════════════════════════════
+
+/** Obfuscate all text content in LLM messages (for outbound interception). */
+export function obfuscateMessages(obfuscator: SecretObfuscator, messages: Message[]): Message[] {
+	return messages.map(msg => {
+		if (!Array.isArray(msg.content)) return msg;
+
+		let changed = false;
+		const content = msg.content.map(block => {
+			if (block.type === "text") {
+				const obfuscated = obfuscator.obfuscate(block.text);
+				if (obfuscated !== block.text) {
+					changed = true;
+					return { ...block, text: obfuscated } as TextContent;
+				}
+			}
+			return block;
+		});
+
+		return changed ? ({ ...msg, content } as typeof msg) : msg;
+	});
+}
+
+// ═══════════════════════════════════════════════════════════════════════════
+// Helpers
+// ═══════════════════════════════════════════════════════════════════════════
+
+/** Replace all occurrences of `search` in `text` with `replacement`. */
+function replaceAll(text: string, search: string, replacement: string): string {
+	if (search.length === 0) return text;
+	let result = text;
+	let idx = result.indexOf(search);
+	while (idx !== -1) {
+		result = result.slice(0, idx) + replacement + result.slice(idx + search.length);
+		idx = result.indexOf(search, idx + replacement.length);
+	}
+	return result;
+}
+
+/** Deep-walk an object, transforming all string values. */
+function deepWalkStrings<T>(obj: T, transform: (s: string) => string): T {
+	if (typeof obj === "string") {
+		return transform(obj) as unknown as T;
+	}
+	if (Array.isArray(obj)) {
+		let changed = false;
+		const result = obj.map(item => {
+			const transformed = deepWalkStrings(item, transform);
+			if (transformed !== item) changed = true;
+			return transformed;
+		});
+		return (changed ? result : obj) as unknown as T;
+	}
+	if (obj !== null && typeof obj === "object") {
+		let changed = false;
+		const result: Record<string, unknown> = {};
+		for (const key of Object.keys(obj)) {
+			const value = (obj as Record<string, unknown>)[key];
+			const transformed = deepWalkStrings(value, transform);
+			if (transformed !== value) changed = true;
+			result[key] = transformed;
+		}
+		return (changed ? result : obj) as T;
+	}
+	return obj;
+}

package/src/secrets/regex.ts

@@ -0,0 +1,21 @@
+/** Add global flag while preserving user-provided flags. */
+function enforceGlobalFlag(flags: string): string {
+	return flags.includes("g") ? flags : `${flags}g`;
+}
+
+/** Compile a secret regex entry with global scanning enabled by default. */
+export function compileSecretRegex(pattern: string, flags?: string): RegExp {
+	let resolvedPattern = pattern;
+	let resolvedFlags = flags ?? "";
+
+	// Detect regex literal syntax: /pattern/flags
+	const literalMatch = /^\/((?:[^\\/]|\\.)*)\/([ gimsuy]*)$/.exec(pattern);
+	if (literalMatch) {
+		resolvedPattern = literalMatch[1];
+		// Merge flags from literal with explicit flags param (deduplicate)
+		const combined = new Set([...resolvedFlags, ...literalMatch[2]]);
+		resolvedFlags = [...combined].join("");
+	}
+
+	return new RegExp(resolvedPattern, enforceGlobalFlag(resolvedFlags));
+}

package/src/session/agent-session.ts

@@ -78,6 +78,7 @@ import type { PlanModeState } from "../plan-mode/state";
 import planModeActivePrompt from "../prompts/system/plan-mode-active.md" with { type: "text" };
 import planModeReferencePrompt from "../prompts/system/plan-mode-reference.md" with { type: "text" };
 import ttsrInterruptTemplate from "../prompts/system/ttsr-interrupt.md" with { type: "text" };
+import type { SecretObfuscator } from "../secrets/obfuscator";
 import { closeAllConnections } from "../ssh/connection-manager";
 import { unmountAll } from "../ssh/sshfs-mount";
 import { outputMeta } from "../tools/output-meta";
@@ -162,6 +163,8 @@ export interface AgentSessionConfig {
 	ttsrManager?: TtsrManager;
 	/** Force X-Initiator: agent for GitHub Copilot model selections in this session. */
 	forceCopilotAgentInitiator?: boolean;
+	/** Secret obfuscator for deobfuscating streaming edit content */
+	obfuscator?: SecretObfuscator;
 }
 
 /** Options for AgentSession.prompt() */
@@ -348,6 +351,7 @@ export class AgentSession {
 	#streamingEditCheckedLineCounts = new Map<string, number>();
 	#streamingEditFileCache = new Map<string, string>();
 	#promptInFlight = false;
+	#obfuscator: SecretObfuscator | undefined;
 	#promptGeneration = 0;
 	#providerSessionState = new Map<string, ProviderSessionState>();
 
@@ -369,6 +373,7 @@ export class AgentSession {
 		this.#baseSystemPrompt = this.agent.state.systemPrompt;
 		this.#ttsrManager = config.ttsrManager;
 		this.#forceCopilotAgentInitiator = config.forceCopilotAgentInitiator ?? false;
+		this.#obfuscator = config.obfuscator;
 		this.agent.providerSessionState = this.#providerSessionState;
 
 		// Always subscribe to agent events for internal handling
@@ -729,7 +734,10 @@ export class AgentSession {
 		const diffForCheck = diff.endsWith("\n") ? diff : diff.slice(0, lastNewlineIndex + 1);
 		if (diffForCheck.trim().length === 0) return;
 
-		const normalizedDiff = normalizeDiff(diffForCheck.replace(/\r/g, ""));
+		let normalizedDiff = normalizeDiff(diffForCheck.replace(/\r/g, ""));
+		if (!normalizedDiff) return;
+		// Deobfuscate the diff so removed lines match real file content
+		if (this.#obfuscator) normalizedDiff = this.#obfuscator.deobfuscate(normalizedDiff);
 		if (!normalizedDiff) return;
 		const lines = normalizedDiff.split("\n");
 		const hasChangeLine = lines.some(line => line.startsWith("+") || line.startsWith("-"));
@@ -2689,44 +2697,34 @@ Be thorough - include exact file paths, function names, error messages, and tech
 	}
 
 	/**
-	 * Check if compaction is needed and run it.
+	 * Check if compaction or context promotion is needed and run it.
 	 * Called after agent_end and before prompt submission.
 	 *
-	 * Two cases:
-	 * 1. Overflow: LLM returned context overflow error, remove error message from agent state, compact, auto-retry
-	 * 2. Threshold: Context over threshold, compact, NO auto-retry (user continues manually)
+	 * Three cases (in order):
+	 * 1. Overflow + promotion: promote to larger model, retry without compacting
+	 * 2. Overflow + no promotion target: compact, auto-retry on same model
+	 * 3. Threshold: Context over threshold, compact, NO auto-retry (user continues manually)
 	 *
 	 * @param assistantMessage The assistant message to check
 	 * @param skipAbortedCheck If false, include aborted messages (for pre-prompt check). Default: true
 	 */
 	async #checkCompaction(assistantMessage: AssistantMessage, skipAbortedCheck = true): Promise<void> {
-		const compactionSettings = this.settings.getGroup("compaction");
-		if (!compactionSettings.enabled) return;
-
-		const pruneResult = await this.#pruneToolOutputs();
-
 		// Skip if message was aborted (user cancelled) - unless skipAbortedCheck is false
 		if (skipAbortedCheck && assistantMessage.stopReason === "aborted") return;
-
 		const contextWindow = this.model?.contextWindow ?? 0;
-
 		// Skip overflow check if the message came from a different model.
 		// This handles the case where user switched from a smaller-context model (e.g. opus)
 		// to a larger-context model (e.g. codex) - the overflow error from the old model
 		// shouldn't trigger compaction for the new model.
 		const sameModel =
 			this.model && assistantMessage.provider === this.model.provider && assistantMessage.model === this.model.id;
-
-		// Skip overflow check if the error is from before a compaction in the current path.
 		// This handles the case where an error was kept after compaction (in the "kept" region).
 		// The error shouldn't trigger another compaction since we already compacted.
-		// Example: opus fails → switch to codex → compact → switch back to opus → opus error
+		// Example: opus fails \u2192 switch to codex \u2192 compact \u2192 switch back to opus \u2192 opus error
 		// is still in context but shouldn't trigger compaction again.
 		const compactionEntry = getLatestCompactionEntry(this.sessionManager.getBranch());
 		const errorIsFromBeforeCompaction =
 			compactionEntry !== null && assistantMessage.timestamp < new Date(compactionEntry.timestamp).getTime();
-
-		// Case 1: Overflow - LLM returned context overflow error
 		if (sameModel && !errorIsFromBeforeCompaction && isContextOverflow(assistantMessage, contextWindow)) {
 			// Remove the error message from agent state (it IS saved to session for history,
 			// but we don't want it in context for the retry)
@@ -2734,23 +2732,43 @@ Be thorough - include exact file paths, function names, error messages, and tech
 			if (messages.length > 0 && messages[messages.length - 1].role === "assistant") {
 				this.agent.replaceMessages(messages.slice(0, -1));
 			}
-			await this.#runAutoCompaction("overflow", true);
+
+			// Try context promotion first \u2014 switch to a larger model and retry without compacting
+			const promoted = await this.#tryContextPromotion(assistantMessage);
+			if (promoted) {
+				// Retry on the promoted (larger) model without compacting
+				setTimeout(() => {
+					this.agent.continue().catch(() => {});
+				}, 100);
+				return;
+			}
+
+			// No promotion target available \u2014 fall through to compaction
+			const compactionSettings = this.settings.getGroup("compaction");
+			if (compactionSettings.enabled) {
+				await this.#runAutoCompaction("overflow", true);
+			}
 			return;
 		}
+		const compactionSettings = this.settings.getGroup("compaction");
+		if (!compactionSettings.enabled) return;
 
 		// Case 2: Threshold - turn succeeded but context is getting large
 		// Skip if this was an error (non-overflow errors don't have usage data)
 		if (assistantMessage.stopReason === "error") return;
-
+		const pruneResult = await this.#pruneToolOutputs();
 		let contextTokens = calculateContextTokens(assistantMessage.usage);
 		if (pruneResult) {
 			contextTokens = Math.max(0, contextTokens - pruneResult.tokensSaved);
 		}
 		if (shouldCompact(contextTokens, contextWindow, compactionSettings)) {
-			await this.#runAutoCompaction("threshold", false);
+			// Try promotion first — if a larger model is available, switch instead of compacting
+			const promoted = await this.#tryContextPromotion(assistantMessage);
+			if (!promoted) {
+				await this.#runAutoCompaction("threshold", false);
+			}
 		}
 	}
-
 	/**
 	 * Check if agent stopped with incomplete todos and prompt to continue.
 	 */
@@ -2824,10 +2842,109 @@ Be thorough - include exact file paths, function names, error messages, and tech
 		this.agent.continue().catch(() => {});
 	}
 
+	/**
+	 * Attempt context promotion to a larger model.
+	 * Returns true if promotion succeeded (caller should retry without compacting).
+	 */
+	async #tryContextPromotion(assistantMessage: AssistantMessage): Promise<boolean> {
+		const promotionSettings = this.settings.getGroup("contextPromotion");
+		if (!promotionSettings.enabled) return false;
+		const currentModel = this.model;
+		if (!currentModel) return false;
+		if (assistantMessage.provider !== currentModel.provider || assistantMessage.model !== currentModel.id)
+			return false;
+		const contextWindow = currentModel.contextWindow ?? 0;
+		if (contextWindow <= 0) return false;
+		const targetModel = await this.#resolveContextPromotionTarget(currentModel, contextWindow);
+		if (!targetModel) return false;
+
+		try {
+			this.#closeProviderSessionsForModelSwitch(currentModel, targetModel);
+			await this.setModelTemporary(targetModel);
+			logger.debug("Context promotion switched model on overflow", {
+				from: `${currentModel.provider}/${currentModel.id}`,
+				to: `${targetModel.provider}/${targetModel.id}`,
+			});
+			return true;
+		} catch (error) {
+			logger.warn("Context promotion failed", {
+				from: `${currentModel.provider}/${currentModel.id}`,
+				to: `${targetModel.provider}/${targetModel.id}`,
+				error: String(error),
+			});
+			return false;
+		}
+	}
+
+	async #resolveContextPromotionTarget(currentModel: Model, contextWindow: number): Promise<Model | undefined> {
+		const availableModels = this.#modelRegistry.getAvailable();
+		if (availableModels.length === 0) return undefined;
+
+		const candidates: Model[] = [];
+		const seen = new Set<string>();
+		const addCandidate = (candidate: Model | undefined): void => {
+			if (!candidate) return;
+			const key = this.#getModelKey(candidate);
+			if (seen.has(key)) return;
+			seen.add(key);
+			candidates.push(candidate);
+		};
+
+		addCandidate(this.#resolveContextPromotionConfiguredTarget(currentModel, availableModels));
+
+		const sameProviderLarger = [...availableModels]
+			.filter(
+				m => m.provider === currentModel.provider && m.api === currentModel.api && m.contextWindow > contextWindow,
+			)
+			.sort((a, b) => a.contextWindow - b.contextWindow);
+		addCandidate(sameProviderLarger[0]);
+		for (const candidate of candidates) {
+			if (modelsAreEqual(candidate, currentModel)) continue;
+			if (candidate.contextWindow <= contextWindow) continue;
+			const apiKey = await this.#modelRegistry.getApiKey(candidate, this.sessionId);
+			if (!apiKey) continue;
+			return candidate;
+		}
+
+		return undefined;
+	}
+
+	#closeProviderSessionsForModelSwitch(currentModel: Model, nextModel: Model): void {
+		if (currentModel.api !== "openai-codex-responses" && nextModel.api !== "openai-codex-responses") return;
+
+		const providerKey = "openai-codex-responses";
+		const state = this.#providerSessionState.get(providerKey);
+		if (!state) return;
+
+		try {
+			state.close();
+		} catch (error) {
+			logger.warn("Failed to close provider session state during model switch", {
+				providerKey,
+				error: String(error),
+			});
+		}
+
+		this.#providerSessionState.delete(providerKey);
+	}
+
 	#getModelKey(model: Model): string {
 		return `${model.provider}/${model.id}`;
 	}
 
+	#resolveContextPromotionConfiguredTarget(currentModel: Model, availableModels: Model[]): Model | undefined {
+		const configuredTarget = currentModel.contextPromotionTarget?.trim();
+		if (!configuredTarget) return undefined;
+
+		const parsed = parseModelString(configuredTarget);
+		if (parsed) {
+			const explicitModel = availableModels.find(m => m.provider === parsed.provider && m.id === parsed.id);
+			if (explicitModel) return explicitModel;
+		}
+
+		return availableModels.find(m => m.provider === currentModel.provider && m.id === configuredTarget);
+	}
+
 	#resolveRoleModel(role: ModelRole, availableModels: Model[], currentModel: Model | undefined): Model | undefined {
 		const roleModelStr =
 			role === "default"

package/src/session/compaction/branch-summarization.ts

@@ -23,9 +23,9 @@ import {
 	createFileOps,
 	extractFileOpsFromMessage,
 	type FileOperations,
-	formatFileOperations,
 	SUMMARIZATION_SYSTEM_PROMPT,
 	serializeConversation,
+	upsertFileOperations,
 } from "./utils";
 
 // ============================================================================
@@ -305,7 +305,7 @@ export async function generateBranchSummary(
 
 	// Compute file lists and append to summary
 	const { readFiles, modifiedFiles } = computeFileLists(fileOps);
-	summary += formatFileOperations(readFiles, modifiedFiles);
+	summary = upsertFileOperations(summary, readFiles, modifiedFiles);
 
 	return {
 		summary: summary || "No summary generated",

package/src/session/compaction/compaction.ts

@@ -21,9 +21,9 @@ import {
 	createFileOps,
 	extractFileOpsFromMessage,
 	type FileOperations,
-	formatFileOperations,
 	SUMMARIZATION_SYSTEM_PROMPT,
 	serializeConversation,
+	upsertFileOperations,
 } from "./utils";
 
 // ============================================================================
@@ -169,12 +169,19 @@ export function getLastAssistantUsage(entries: SessionEntry[]): Usage | undefine
 	return undefined;
 }
 
+/**
+ * Effective reserve: at least 15% of context window or the configured floor, whichever is larger.
+ */
+export function effectiveReserveTokens(contextWindow: number, settings: CompactionSettings): number {
+	return Math.max(Math.floor(contextWindow * 0.15), settings.reserveTokens);
+}
+
 /**
  * Check if compaction should trigger based on context usage.
  */
 export function shouldCompact(contextTokens: number, contextWindow: number, settings: CompactionSettings): boolean {
 	if (!settings.enabled) return false;
-	return contextTokens > contextWindow - settings.reserveTokens;
+	return contextTokens > contextWindow - effectiveReserveTokens(contextWindow, settings);
 }
 
 // ============================================================================
@@ -802,7 +809,7 @@ export async function compact(
 
 	// Compute file lists and append to summary
 	const { readFiles, modifiedFiles } = computeFileLists(fileOps);
-	summary += formatFileOperations(readFiles, modifiedFiles);
+	summary = upsertFileOperations(summary, readFiles, modifiedFiles);
 
 	if (!firstKeptEntryId) {
 		throw new Error("First kept entry has no ID - session may need migration");

package/src/session/compaction/utils.ts

@@ -71,9 +71,33 @@ export function computeFileLists(fileOps: FileOperations): { readFiles: string[]
 /**
  * Format file operations as XML tags for summary.
  */
+const FILE_OPERATION_SUMMARY_LIMIT = 20;
+
+function truncateFileList(files: string[]): string[] {
+	if (files.length <= FILE_OPERATION_SUMMARY_LIMIT) return files;
+	const omitted = files.length - FILE_OPERATION_SUMMARY_LIMIT;
+	return [...files.slice(0, FILE_OPERATION_SUMMARY_LIMIT), `… (${omitted} more files omitted)`];
+}
+
+function stripFileOperationTags(summary: string): string {
+	const withoutReadFiles = summary.replace(/<read-files>[\s\S]*?<\/read-files>\s*/g, "");
+	const withoutModifiedFiles = withoutReadFiles.replace(/<modified-files>[\s\S]*?<\/modified-files>\s*/g, "");
+	return withoutModifiedFiles.trimEnd();
+}
 export function formatFileOperations(readFiles: string[], modifiedFiles: string[]): string {
 	if (readFiles.length === 0 && modifiedFiles.length === 0) return "";
-	return renderPromptTemplate(fileOperationsTemplate, { readFiles, modifiedFiles });
+	return renderPromptTemplate(fileOperationsTemplate, {
+		readFiles: truncateFileList(readFiles),
+		modifiedFiles: truncateFileList(modifiedFiles),
+	});
+}
+
+export function upsertFileOperations(summary: string, readFiles: string[], modifiedFiles: string[]): string {
+	const baseSummary = stripFileOperationTags(summary);
+	const fileOperations = formatFileOperations(readFiles, modifiedFiles);
+	if (!fileOperations) return baseSummary;
+	if (!baseSummary) return fileOperations;
+	return `${baseSummary}\n\n${fileOperations}`;
 }
 
 // ============================================================================