npm - @oh-my-pi/pi-coding-agent - Versions diffs - 15.4.2 → 15.5.0 - Mend

@oh-my-pi/pi-coding-agent 15.4.2 → 15.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (133) hide show

package/CHANGELOG.md +80 -4
package/dist/types/cli/args.d.ts +2 -0
package/dist/types/cli/auth-broker-cli.d.ts +1 -1
package/dist/types/commands/launch.d.ts +8 -0
package/dist/types/config/settings-schema.d.ts +42 -1
package/dist/types/edit/index.d.ts +2 -0
package/dist/types/extensibility/custom-tools/types.d.ts +8 -2
package/dist/types/extensibility/hooks/types.d.ts +4 -0
package/dist/types/lsp/index.d.ts +9 -1
package/dist/types/mcp/client.d.ts +2 -1
package/dist/types/mcp/oauth-discovery.d.ts +4 -3
package/dist/types/mcp/timeout.d.ts +9 -0
package/dist/types/mcp/types.d.ts +1 -1
package/dist/types/sdk.d.ts +2 -0
package/dist/types/session/streaming-output.d.ts +1 -1
package/dist/types/task/index.d.ts +2 -0
package/dist/types/task/types.d.ts +4 -0
package/dist/types/tools/approval.d.ts +46 -0
package/dist/types/tools/ask.d.ts +1 -0
package/dist/types/tools/ast-edit.d.ts +2 -0
package/dist/types/tools/ast-grep.d.ts +1 -0
package/dist/types/tools/bash.d.ts +11 -1
package/dist/types/tools/browser.d.ts +2 -0
package/dist/types/tools/calculator.d.ts +1 -0
package/dist/types/tools/checkpoint.d.ts +2 -0
package/dist/types/tools/debug.d.ts +9 -1
package/dist/types/tools/eval.d.ts +2 -0
package/dist/types/tools/find.d.ts +10 -0
package/dist/types/tools/gh.d.ts +2 -1
package/dist/types/tools/hindsight-recall.d.ts +1 -0
package/dist/types/tools/hindsight-reflect.d.ts +1 -0
package/dist/types/tools/hindsight-retain.d.ts +1 -0
package/dist/types/tools/inspect-image.d.ts +1 -0
package/dist/types/tools/irc.d.ts +1 -0
package/dist/types/tools/job.d.ts +1 -0
package/dist/types/tools/read.d.ts +1 -0
package/dist/types/tools/recipe/index.d.ts +1 -0
package/dist/types/tools/render-mermaid.d.ts +1 -0
package/dist/types/tools/resolve.d.ts +1 -0
package/dist/types/tools/search-tool-bm25.d.ts +1 -0
package/dist/types/tools/search.d.ts +1 -0
package/dist/types/tools/ssh.d.ts +2 -0
package/dist/types/tools/todo-write.d.ts +1 -0
package/dist/types/tools/write.d.ts +2 -0
package/dist/types/tools/yield.d.ts +1 -0
package/dist/types/web/search/index.d.ts +1 -0
package/package.json +7 -7
package/src/cli/args.ts +14 -0
package/src/cli/auth-broker-cli.ts +171 -22
package/src/commands/auth-broker.ts +3 -0
package/src/commands/launch.ts +16 -0
package/src/config/mcp-schema.json +2 -2
package/src/config/model-registry.ts +49 -5
package/src/config/settings-schema.ts +59 -1
package/src/config/settings.ts +2 -1
package/src/dap/session.ts +35 -2
package/src/discovery/builtin.ts +2 -2
package/src/discovery/mcp-json.ts +1 -1
package/src/edit/index.ts +26 -0
package/src/edit/modes/patch.ts +1 -1
package/src/edit/streaming.ts +12 -2
package/src/exec/bash-executor.ts +6 -2
package/src/extensibility/custom-commands/bundled/review/index.ts +18 -14
package/src/extensibility/custom-tools/types.ts +16 -2
package/src/extensibility/extensions/wrapper.ts +36 -1
package/src/extensibility/hooks/types.ts +8 -1
package/src/hashline/apply.ts +47 -2
package/src/internal-urls/docs-index.generated.ts +8 -7
package/src/lsp/edits.ts +82 -29
package/src/lsp/index.ts +38 -1
package/src/lsp/utils.ts +1 -1
package/src/main.ts +6 -0
package/src/mcp/client.ts +8 -6
package/src/mcp/oauth-discovery.ts +120 -32
package/src/mcp/oauth-flow.ts +34 -6
package/src/mcp/timeout.ts +59 -0
package/src/mcp/transports/http.ts +42 -44
package/src/mcp/transports/stdio.ts +8 -5
package/src/mcp/types.ts +1 -1
package/src/modes/components/hook-editor.ts +11 -3
package/src/modes/components/mcp-add-wizard.ts +6 -2
package/src/modes/components/model-selector.ts +33 -11
package/src/modes/controllers/command-controller.ts +6 -4
package/src/modes/controllers/mcp-command-controller.ts +8 -4
package/src/prompts/review-custom-request.md +22 -0
package/src/prompts/review-headless-request.md +16 -0
package/src/prompts/review-request.md +2 -3
package/src/prompts/system/project-prompt.md +4 -0
package/src/prompts/tools/debug.md +1 -0
package/src/prompts/tools/find.md +4 -2
package/src/prompts/tools/hashline.md +1 -0
package/src/sdk.ts +47 -73
package/src/session/agent-session.ts +93 -27
package/src/session/streaming-output.ts +1 -1
package/src/slash-commands/helpers/usage-report.ts +3 -1
package/src/task/executor.ts +11 -0
package/src/task/index.ts +19 -0
package/src/task/render.ts +12 -2
package/src/task/types.ts +4 -0
package/src/tools/approval.ts +185 -0
package/src/tools/ask.ts +1 -0
package/src/tools/ast-edit.ts +25 -1
package/src/tools/ast-grep.ts +1 -0
package/src/tools/bash.ts +69 -1
package/src/tools/browser/tab-supervisor.ts +1 -1
package/src/tools/browser.ts +15 -0
package/src/tools/calculator.ts +1 -0
package/src/tools/checkpoint.ts +2 -0
package/src/tools/debug.ts +38 -0
package/src/tools/eval.ts +15 -0
package/src/tools/find.ts +17 -8
package/src/tools/gh.ts +28 -5
package/src/tools/hindsight-recall.ts +1 -0
package/src/tools/hindsight-reflect.ts +1 -0
package/src/tools/hindsight-retain.ts +1 -0
package/src/tools/image-gen.ts +1 -0
package/src/tools/inspect-image.ts +1 -0
package/src/tools/irc.ts +1 -0
package/src/tools/job.ts +1 -0
package/src/tools/path-utils.ts +14 -1
package/src/tools/read.ts +1 -0
package/src/tools/recipe/index.ts +1 -0
package/src/tools/render-mermaid.ts +1 -0
package/src/tools/report-tool-issue.ts +1 -0
package/src/tools/resolve.ts +1 -0
package/src/tools/review.ts +1 -0
package/src/tools/search-tool-bm25.ts +1 -0
package/src/tools/search.ts +1 -0
package/src/tools/ssh.ts +8 -0
package/src/tools/todo-write.ts +1 -0
package/src/tools/write.ts +12 -1
package/src/tools/yield.ts +1 -0
package/src/web/search/index.ts +2 -0

package/dist/types/tools/debug.d.ts CHANGED Viewed

@@ -1,10 +1,16 @@
-import type { AgentTool, AgentToolContext, AgentToolResult, AgentToolUpdateCallback, RenderResultOptions } from "@oh-my-pi/pi-agent-core";
+import type { AgentTool, AgentToolContext, AgentToolResult, AgentToolUpdateCallback, RenderResultOptions, ToolApprovalDecision } from "@oh-my-pi/pi-agent-core";
 import { type Component } from "@oh-my-pi/pi-tui";
 import * as z from "zod/v4";
 import { type DapBreakpointRecord, type DapContinueOutcome, type DapDataBreakpointInfoResponse, type DapDataBreakpointRecord, type DapDisassembledInstruction, type DapEvaluateResponse, type DapFunctionBreakpointRecord, type DapInstructionBreakpointRecord, type DapModule, type DapScope, type DapSessionSummary, type DapSource, type DapStackFrame, type DapThread, type DapVariable } from "../dap";
 import type { Theme } from "../modes/theme/theme";
 import type { ToolSession } from ".";
 import type { OutputMeta } from "./output-meta";
+/**
+ * DAP debug actions that only read program state (no mutation, no execution).
+ * Execution-side actions (`launch`, `attach`, `continue`, `step_*`, `pause`,
+ * `evaluate`, breakpoint mutations, memory writes) are exec-tier.
+ */
+export declare const DEBUG_READONLY_ACTIONS: ReadonlySet<string>;
 declare const debugSchema: z.ZodObject<{
     action: z.ZodEnum<{
         attach: "attach";
@@ -125,6 +131,8 @@ export declare const debugToolRenderer: {
 export declare class DebugTool implements AgentTool<typeof debugSchema, DebugToolDetails> {
     private readonly session;
     readonly name = "debug";
+    readonly approval: (args: unknown) => ToolApprovalDecision;
+    readonly formatApprovalDetails: (args: unknown) => string[];
     readonly label = "Debug";
     readonly summary = "Debug a running process with DAP (debugger adapter protocol)";
     readonly description: string;

package/dist/types/tools/eval.d.ts CHANGED Viewed

@@ -54,6 +54,8 @@ export declare class EvalTool implements AgentTool<typeof evalSchema> {
     #private;
     private readonly session;
     readonly name = "eval";
+    readonly approval: "exec";
+    readonly formatApprovalDetails: (args: unknown) => string[];
     readonly summary = "Execute Python or JavaScript code in an in-process eval backend";
     readonly loadMode = "discoverable";
     readonly label = "Eval";

package/dist/types/tools/find.d.ts CHANGED Viewed

@@ -14,6 +14,15 @@ declare const findSchema: z.ZodObject<{
     timeout: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
 }, z.core.$strict>;
 export type FindToolInput = z.infer<typeof findSchema>;
+/**
+ * Reject comma-separated path lists packed into a single array element
+ * (`["a.py,b.py"]`). The schema is array-of-string; agents that pass a
+ * single comma-joined element get silent no-matches otherwise.
+ *
+ * Commas inside brace expansion (`{a,b}`) are legitimate glob syntax and
+ * must pass through.
+ */
+export declare function validateFindPathInputs(paths: readonly string[]): void;
 export interface FindToolDetails {
     truncation?: TruncationResult;
     resultLimitReached?: number;
@@ -60,6 +69,7 @@ export declare class FindTool implements AgentTool<typeof findSchema, FindToolDe
     #private;
     private readonly session;
     readonly name = "find";
+    readonly approval: "read";
     readonly summary = "Find files and directories matching a glob pattern";
     readonly loadMode = "discoverable";
     readonly label = "Find";

package/dist/types/tools/gh.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import type { AgentTool, AgentToolContext, AgentToolResult, AgentToolUpdateCallback } from "@oh-my-pi/pi-agent-core";
+import type { AgentTool, AgentToolContext, AgentToolResult, AgentToolUpdateCallback, ToolApprovalDecision } from "@oh-my-pi/pi-agent-core";
 import * as z from "zod/v4";
 import type { Settings } from "../config/settings";
 import type { ToolSession } from ".";
@@ -230,6 +230,7 @@ export declare function resolveDefaultRepoMemoized(cwd: string, signal?: AbortSi
 export declare class GithubTool implements AgentTool<typeof githubSchema, GhToolDetails> {
     private readonly session;
     readonly name = "github";
+    readonly approval: (args: unknown) => ToolApprovalDecision;
     readonly summary = "Interact with GitHub issues, pull requests, and repositories";
     readonly loadMode = "discoverable";
     readonly label = "GitHub";

package/dist/types/tools/hindsight-recall.d.ts CHANGED Viewed

@@ -8,6 +8,7 @@ export type HindsightRecallParams = z.infer<typeof hindsightRecallSchema>;
 export declare class HindsightRecallTool implements AgentTool<typeof hindsightRecallSchema> {
     private readonly session;
     readonly name = "recall";
+    readonly approval: "read";
     readonly label = "Recall";
     readonly description: string;
     readonly parameters: z.ZodObject<{

package/dist/types/tools/hindsight-reflect.d.ts CHANGED Viewed

@@ -9,6 +9,7 @@ export type HindsightReflectParams = z.infer<typeof hindsightReflectSchema>;
 export declare class HindsightReflectTool implements AgentTool<typeof hindsightReflectSchema> {
     private readonly session;
     readonly name = "reflect";
+    readonly approval: "read";
     readonly label = "Reflect";
     readonly description: string;
     readonly parameters: z.ZodObject<{

package/dist/types/tools/hindsight-retain.d.ts CHANGED Viewed

@@ -11,6 +11,7 @@ export type HindsightRetainParams = z.infer<typeof hindsightRetainSchema>;
 export declare class HindsightRetainTool implements AgentTool<typeof hindsightRetainSchema> {
     private readonly session;
     readonly name = "retain";
+    readonly approval: "read";
     readonly label = "Retain";
     readonly description: string;
     readonly parameters: z.ZodObject<{

package/dist/types/tools/inspect-image.d.ts CHANGED Viewed

@@ -16,6 +16,7 @@ export declare class InspectImageTool implements AgentTool<typeof inspectImageSc
     private readonly session;
     private readonly completeImageRequest;
     readonly name = "inspect_image";
+    readonly approval: "read";
     readonly label = "InspectImage";
     readonly loadMode = "discoverable";
     readonly summary = "Describe or analyze an image file";

package/dist/types/tools/irc.d.ts CHANGED Viewed

@@ -58,6 +58,7 @@ export declare class IrcTool implements AgentTool<typeof ircSchema, IrcDetails>
     #private;
     private readonly session;
     readonly name = "irc";
+    readonly approval: "read";
     readonly label = "IRC";
     readonly summary = "Send and receive messages between agents over IRC-like channels";
     readonly description: string;

package/dist/types/tools/job.d.ts CHANGED Viewed

@@ -31,6 +31,7 @@ export declare class JobTool implements AgentTool<typeof jobSchema, JobToolDetai
     #private;
     private readonly session;
     readonly name = "job";
+    readonly approval: "read";
     readonly label = "Job";
     readonly summary = "Manage long-running background jobs (async bash/python)";
     readonly description: string;

package/dist/types/tools/read.d.ts CHANGED Viewed

@@ -51,6 +51,7 @@ export declare class ReadTool implements AgentTool<typeof readSchema, ReadToolDe
     #private;
     private readonly session;
     readonly name = "read";
+    readonly approval: "read";
     readonly label = "Read";
     readonly loadMode = "essential";
     readonly description: string;

package/dist/types/tools/recipe/index.d.ts CHANGED Viewed

@@ -23,6 +23,7 @@ export declare class RecipeTool implements AgentTool<typeof recipeSchema, BashTo
     #private;
     readonly name = "recipe";
     readonly label = "Run";
+    readonly approval: "exec";
     readonly description: string;
     readonly parameters: z.ZodObject<{
         op: z.ZodString;

package/dist/types/tools/render-mermaid.d.ts CHANGED Viewed

@@ -17,6 +17,7 @@ export interface RenderMermaidToolDetails {
 export declare class RenderMermaidTool implements AgentTool<typeof renderMermaidSchema, RenderMermaidToolDetails> {
     private readonly session;
     readonly name = "render_mermaid";
+    readonly approval: "read";
     readonly label = "RenderMermaid";
     readonly summary = "Render a Mermaid diagram to an image";
     readonly description: string;

package/dist/types/tools/resolve.d.ts CHANGED Viewed

@@ -58,6 +58,7 @@ export declare function runResolveInvocation(params: ResolveParams, options: {
 export declare class ResolveTool implements AgentTool<typeof resolveSchema, ResolveToolDetails> {
     private readonly session;
     readonly name = "resolve";
+    readonly approval: "read";
     readonly label = "Resolve";
     readonly hidden = true;
     readonly description: string;

package/dist/types/tools/search-tool-bm25.d.ts CHANGED Viewed

@@ -37,6 +37,7 @@ export declare function renderSearchToolBm25Description(discoverableTools?: Disc
 export declare class SearchToolBm25Tool implements AgentTool<typeof searchToolBm25Schema, SearchToolBm25Details> {
     private readonly session;
     readonly name = "search_tool_bm25";
+    readonly approval: "read";
     readonly label = "SearchTools";
     readonly loadMode = "essential";
     get description(): string;

package/dist/types/tools/search.d.ts CHANGED Viewed

@@ -56,6 +56,7 @@ type SearchParams = z.infer<typeof searchSchema>;
 export declare class SearchTool implements AgentTool<typeof searchSchema, SearchToolDetails> {
     private readonly session;
     readonly name = "search";
+    readonly approval: "read";
     readonly label = "Search";
     readonly loadMode = "discoverable";
     readonly summary = "Search file contents using ripgrep (fast text search)";

package/dist/types/tools/ssh.d.ts CHANGED Viewed

@@ -23,6 +23,8 @@ export declare class SshTool implements AgentTool<typeof sshSchema, SSHToolDetai
     private readonly hostsByName;
     readonly description: string;
     readonly name = "ssh";
+    readonly approval: "exec";
+    readonly formatApprovalDetails: (args: unknown) => string[];
     readonly summary = "Execute a command on a remote host over SSH";
     readonly loadMode = "discoverable";
     readonly label = "SSH";

package/dist/types/tools/todo-write.d.ts CHANGED Viewed

@@ -64,6 +64,7 @@ export declare function markdownToPhases(md: string): {
 export declare class TodoWriteTool implements AgentTool<typeof todoWriteSchema, TodoWriteToolDetails> {
     private readonly session;
     readonly name = "todo_write";
+    readonly approval: "read";
     readonly label = "Todo Write";
     readonly summary = "Write a structured todo list to track progress within a session";
     readonly description: string;

package/dist/types/tools/write.d.ts CHANGED Viewed

@@ -26,6 +26,8 @@ export declare class WriteTool implements AgentTool<typeof writeSchema, WriteToo
     #private;
     private readonly session;
     readonly name = "write";
+    readonly approval: (args: unknown) => "read" | "write";
+    readonly formatApprovalDetails: (args: unknown) => string[];
     readonly label = "Write";
     readonly description: string;
     readonly parameters: z.ZodObject<{

package/dist/types/tools/yield.d.ts CHANGED Viewed

@@ -14,6 +14,7 @@ export interface YieldDetails {
 export declare class YieldTool implements AgentTool<TSchema, YieldDetails> {
     #private;
     readonly name = "yield";
+    readonly approval: "read";
     readonly label = "Submit Result";
     readonly description: string;
     readonly parameters: TSchema;

package/dist/types/web/search/index.d.ts CHANGED Viewed

@@ -55,6 +55,7 @@ export declare function runSearchQuery(params: SearchQueryParams, options?: {
 export declare class WebSearchTool implements AgentTool<typeof webSearchSchema, SearchRenderDetails> {
     #private;
     readonly name = "web_search";
+    readonly approval: "read";
     readonly label = "Web Search";
     readonly description: string;
     readonly parameters: z.ZodObject<{

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
 	"type": "module",
 	"name": "@oh-my-pi/pi-coding-agent",
-	"version": "15.4.2",
+	"version": "15.5.0",
 	"description": "Coding agent CLI with read, bash, edit, write tools and session management",
 	"homepage": "https://omp.sh",
 	"author": "Can Boluk",
@@ -47,12 +47,12 @@
 		"@agentclientprotocol/sdk": "0.21.0",
 		"@babel/parser": "^7.29.3",
 		"@mozilla/readability": "^0.6.0",
-		"@oh-my-pi/omp-stats": "15.4.2",
-		"@oh-my-pi/pi-agent-core": "15.4.2",
-		"@oh-my-pi/pi-ai": "15.4.2",
-		"@oh-my-pi/pi-natives": "15.4.2",
-		"@oh-my-pi/pi-tui": "15.4.2",
-		"@oh-my-pi/pi-utils": "15.4.2",
+		"@oh-my-pi/omp-stats": "15.5.0",
+		"@oh-my-pi/pi-agent-core": "15.5.0",
+		"@oh-my-pi/pi-ai": "15.5.0",
+		"@oh-my-pi/pi-natives": "15.5.0",
+		"@oh-my-pi/pi-tui": "15.5.0",
+		"@oh-my-pi/pi-utils": "15.5.0",
 		"@puppeteer/browsers": "^2.13.0",
 		"@types/turndown": "5.0.6",
 		"@xterm/headless": "^6.0.0",

package/src/cli/args.ts CHANGED Viewed

@@ -46,6 +46,8 @@ export interface Args {
 	noRules?: boolean;
 	listModels?: string | true;
 	noTitle?: boolean;
+	autoApprove?: boolean;
+	approvalMode?: "always-ask" | "write" | "yolo";
 	messages: string[];
 	fileArgs: string[];
 	/** Unknown flags (potentially extension flags) - map of flag name to value */
@@ -172,6 +174,18 @@ export function parseArgs(args: string[], extensionFlags?: Map<string, { type: "
 			result.noRules = true;
 		} else if (arg === "--no-title") {
 			result.noTitle = true;
+		} else if (arg === "--auto-approve" || arg === "--yolo") {
+			result.autoApprove = true;
+		} else if (arg === "--approval-mode" && i + 1 < args.length) {
+			const mode = args[++i];
+			if (mode === "always-ask" || mode === "write" || mode === "yolo") {
+				result.approvalMode = mode;
+			} else {
+				logger.warn("Invalid value passed to --approval-mode", {
+					value: mode,
+					validValues: ["always-ask", "write", "yolo"],
+				});
+			}
 		} else if (arg === "--skills" && i + 1 < args.length) {
 			// Comma-separated glob patterns for skill filtering
 			result.skills = args[++i].split(",").map(s => s.trim());

package/src/cli/auth-broker-cli.ts CHANGED Viewed

@@ -17,6 +17,7 @@ import * as crypto from "node:crypto";
 import * as fs from "node:fs/promises";
 import * as os from "node:os";
 import * as path from "node:path";
+import * as readline from "node:readline";
 import {
 	AuthBrokerClient,
 	type AuthCredential,
@@ -28,6 +29,7 @@ import {
 	listProvidersWithEnvKey,
 	type OAuthCredential,
 	type OAuthProvider,
+	type OAuthProviderInfo,
 	SqliteAuthCredentialStore,
 	startAuthBroker,
 } from "@oh-my-pi/pi-ai";
@@ -36,7 +38,7 @@ import { $ } from "bun";
 import chalk from "chalk";
 import { resolveAuthBrokerConfig } from "../session/auth-broker-config";
-export type AuthBrokerAction = "serve" | "token" | "login" | "logout" | "status" | "import" | "migrate";
+export type AuthBrokerAction = "serve" | "token" | "login" | "logout" | "status" | "import" | "migrate" | "list";
 export interface AuthBrokerCommandArgs {
 	action: AuthBrokerAction;
@@ -60,7 +62,16 @@ export interface AuthBrokerCommandArgs {
 	};
 }
-const ACTIONS: readonly AuthBrokerAction[] = ["serve", "token", "login", "logout", "import", "migrate", "status"];
+const ACTIONS: readonly AuthBrokerAction[] = [
+	"serve",
+	"token",
+	"login",
+	"logout",
+	"import",
+	"migrate",
+	"status",
+	"list",
+];
 /** Callback ports baked from the per-provider OAuth flow modules. */
 const CALLBACK_PORTS: Record<string, number> = {
@@ -168,13 +179,23 @@ async function runToken(flags: AuthBrokerCommandArgs["flags"]): Promise<void> {
 }
 async function runLogin(flags: AuthBrokerCommandArgs["flags"]): Promise<void> {
-	const providerArg = flags.provider;
+	const providers = getOAuthProviders();
+	let providerArg = flags.provider;
 	if (!providerArg) {
-		throw new Error("Usage: omp auth-broker login <provider> [--via=user@host]");
+		if (flags.via) {
+			throw new Error(
+				"Usage: omp auth-broker login <provider> --via=user@host (provider required for remote login)",
+			);
+		}
+		providerArg = await pickProviderInteractively(providers);
 	}
-	const oauthProviders = new Set<string>(getOAuthProviders().map(p => p.id));
-	if (!oauthProviders.has(providerArg)) {
-		throw new Error(`Unknown OAuth provider '${providerArg}'. Known: ${[...oauthProviders].sort().join(", ")}`);
+	if (!providers.some(p => p.id === providerArg)) {
+		throw new Error(
+			`Unknown OAuth provider '${providerArg}'. Known: ${providers
+				.map(p => p.id)
+				.sort()
+				.join(", ")}`,
+		);
 	}
 	if (flags.via) {
 		await runRemoteLogin(providerArg, flags.via, flags.dryRun ?? false);
@@ -184,18 +205,107 @@ async function runLogin(flags: AuthBrokerCommandArgs["flags"]): Promise<void> {
 }
 async function runLocalLogin(provider: OAuthProvider): Promise<void> {
-	// Spawn the pi-ai CLI in-process — it handles the per-provider OAuth dance
-	// and persists into the same SQLite store the broker uses.
-	const piAiCli = Bun.fileURLToPath(import.meta.resolve("@oh-my-pi/pi-ai/cli"));
-	const proc = Bun.spawn({
-		cmd: [process.execPath, piAiCli, "login", provider],
-		stdin: "inherit",
-		stdout: "inherit",
-		stderr: "inherit",
+	// Drive the per-provider OAuth dance in-process. Persists into the same
+	// SQLite store the broker uses.
+	const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+	const ask = (msg: string) => promptLine(rl, `${msg} `);
+	const store = await SqliteAuthCredentialStore.open(getAgentDbPath());
+	const storage = new AuthStorage(store);
+	await storage.reload();
+	try {
+		await storage.login(provider, {
+			onAuth({ url, instructions }) {
+				process.stdout.write(`\nOpen this URL in your browser:\n${url}\n`);
+				if (instructions) process.stdout.write(`${instructions}\n`);
+				process.stdout.write("\n");
+			},
+			onProgress(message) {
+				process.stdout.write(`${message}\n`);
+			},
+			onPrompt(p) {
+				return ask(`${p.message}${p.placeholder ? ` (${p.placeholder})` : ""}:`);
+			},
+		});
+		process.stdout.write(`\nCredentials saved to ${getAgentDbPath()}\n`);
+	} finally {
+		store.close();
+		rl.close();
+	}
+}
+/**
+ * Interactive `readline` prompt that cleanly tears down on Ctrl-C / Escape so
+ * cancelling a half-finished login flow doesn't leave the terminal in raw mode.
+ */
+function promptLine(rl: readline.Interface, question: string): Promise<string> {
+	const { promise, resolve, reject } = Promise.withResolvers<string>();
+	const input = process.stdin as NodeJS.ReadStream;
+	const supportsRawMode = input.isTTY && typeof input.setRawMode === "function";
+	const wasRaw = supportsRawMode ? input.isRaw : false;
+	let settled = false;
+	const cleanup = () => {
+		rl.off("SIGINT", onSigint);
+		if (supportsRawMode) {
+			input.off("keypress", onKeypress);
+			input.setRawMode?.(wasRaw);
+		}
+	};
+	const finish = (result: () => void) => {
+		if (settled) return;
+		settled = true;
+		cleanup();
+		result();
+	};
+	const cancel = () => {
+		finish(() => reject(new Error("Login cancelled")));
+	};
+	const onSigint = () => {
+		cancel();
+	};
+	const onKeypress = (_str: string, key: readline.Key) => {
+		if (key.name === "escape" || (key.ctrl && key.name === "c")) {
+			cancel();
+			rl.close();
+		}
+	};
+	if (supportsRawMode) {
+		readline.emitKeypressEvents(input, rl);
+		input.setRawMode(true);
+		input.on("keypress", onKeypress);
+	}
+	rl.once("SIGINT", onSigint);
+	rl.question(question, answer => {
+		finish(() => resolve(answer));
 	});
-	const exitCode = await proc.exited;
-	if (exitCode !== 0) {
-		throw new Error(`pi-ai login exited with code ${exitCode}`);
+	return promise;
+}
+async function pickProviderInteractively(providers: readonly OAuthProviderInfo[]): Promise<string> {
+	if (providers.length === 0) {
+		throw new Error("No OAuth providers registered");
+	}
+	const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+	try {
+		process.stdout.write("Select a provider:\n\n");
+		for (let i = 0; i < providers.length; i++) {
+			process.stdout.write(`  ${i + 1}. ${providers[i].name}\n`);
+		}
+		process.stdout.write("\n");
+		const choice = await promptLine(rl, `Enter number (1-${providers.length}): `);
+		const index = Number.parseInt(choice, 10) - 1;
+		if (Number.isNaN(index) || index < 0 || index >= providers.length) {
+			throw new Error(`Invalid selection: ${choice}`);
+		}
+		return providers[index].id;
+	} finally {
+		rl.close();
 	}
 }
@@ -235,12 +345,17 @@ async function runRemoteLogin(provider: string, via: string, dryRun: boolean): P
 }
 async function runLogout(flags: AuthBrokerCommandArgs["flags"]): Promise<void> {
-	const providerArg = flags.provider;
-	if (!providerArg) {
-		throw new Error("Usage: omp auth-broker logout <provider>");
-	}
+	let providerArg = flags.provider;
 	const store = await SqliteAuthCredentialStore.open(getAgentDbPath());
 	try {
+		if (!providerArg) {
+			const stored = store.listProviders();
+			if (stored.length === 0) {
+				process.stdout.write("No credentials stored.\n");
+				return;
+			}
+			providerArg = await pickStoredProviderInteractively(stored);
+		}
 		store.deleteAuthCredentialsForProvider(providerArg, "logged out by user");
 		process.stdout.write(`Logged out of ${providerArg}\n`);
 	} finally {
@@ -248,6 +363,37 @@ async function runLogout(flags: AuthBrokerCommandArgs["flags"]): Promise<void> {
 	}
 }
+async function pickStoredProviderInteractively(providers: string[]): Promise<string> {
+	const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+	try {
+		process.stdout.write("Select a provider to logout:\n\n");
+		for (let i = 0; i < providers.length; i++) {
+			process.stdout.write(`  ${i + 1}. ${providers[i]}\n`);
+		}
+		process.stdout.write("\n");
+		const choice = await promptLine(rl, `Enter number (1-${providers.length}): `);
+		const index = Number.parseInt(choice, 10) - 1;
+		if (Number.isNaN(index) || index < 0 || index >= providers.length) {
+			throw new Error(`Invalid selection: ${choice}`);
+		}
+		return providers[index];
+	} finally {
+		rl.close();
+	}
+}
+async function runList(flags: AuthBrokerCommandArgs["flags"]): Promise<void> {
+	const providers = getOAuthProviders();
+	if (flags.json) {
+		process.stdout.write(`${JSON.stringify(providers.map(p => ({ id: p.id, name: p.name })))}\n`);
+		return;
+	}
+	process.stdout.write("Available providers:\n\n");
+	for (const p of providers) {
+		process.stdout.write(`  ${p.id.padEnd(20)} ${p.name}\n`);
+	}
+}
 // ─── CLIProxyAPI import ─────────────────────────────────────────────────
 /**
@@ -732,6 +878,9 @@ export async function runAuthBrokerCommand(cmd: AuthBrokerCommandArgs): Promise<
 		case "status":
 			await runStatus(cmd.flags);
 			return;
+		case "list":
+			await runList(cmd.flags);
+			return;
 		default: {
 			// Exhaustive check.
 			const _exhaustive: never = cmd.action;

package/src/commands/auth-broker.ts CHANGED Viewed

@@ -56,8 +56,11 @@ export default class AuthBroker extends Command {
 		"# Boot on a non-default port\n  omp auth-broker serve --bind=127.0.0.1:9000",
 		"# Print the bearer token\n  omp auth-broker token",
 		"# Rotate the bearer token\n  omp auth-broker token --regenerate",
+		"# List supported OAuth providers\n  omp auth-broker list",
 		"# Local login (run on the broker host)\n  omp auth-broker login anthropic",
+		"# Interactive provider selection\n  omp auth-broker login",
 		"# Remote login over SSH tunnel\n  omp auth-broker login anthropic --via=user@broker",
+		"# Log out of a provider (interactive without provider arg)\n  omp auth-broker logout anthropic",
 		"# Import a CLIProxyAPI auth dump\n  omp auth-broker import ~/.cliproxy/auth",
 		"# Import a single CLIProxyAPI JSON, overriding the provider mapping\n  omp auth-broker import ~/.cliproxy/auth/claude-foo.json --provider anthropic",
 		"# Preview a migration from local store + env vars to the configured broker\n  omp auth-broker migrate --from-local --include-env --dry-run",

package/src/commands/launch.ts CHANGED Viewed

@@ -120,6 +120,22 @@ export default class Index extends Command {
 		"no-title": Flags.boolean({
 			description: "Disable title auto-generation",
 		}),
+		// `--auto-approve` / `--yolo`: declared here so oclif's auto-generated `--help` lists it.
+		// Runtime parsing happens in `cli/args.ts parseArgs` (line 176 in that file) — `runRootCommand`
+		// consumes the manual-parser output, not these oclif flag values. If you rename or remove
+		// either form, update both call sites in lockstep.
+		"auto-approve": Flags.boolean({
+			aliases: ["yolo"],
+			description: "Auto-approve all tool calls (skip approval prompts)",
+		}),
+		// `--approval-mode`: declared here so oclif's auto-generated `--help` lists it; runtime parsing
+		// happens in `cli/args.ts parseArgs`. The value is applied via `Settings.override("tools.approvalMode", …)`
+		// in `main.ts` after the `Settings` instance is constructed, so every `settings.get("tools.approvalMode")`
+		// site (wrapper, `/settings` UI) observes the same value.
+		"approval-mode": Flags.string({
+			options: ["always-ask", "write", "yolo"],
+			description: "Override tools.approvalMode for this session (always-ask|write|yolo)",
+		}),
 	};
 	static examples = [

package/src/config/mcp-schema.json CHANGED Viewed

@@ -98,8 +98,8 @@
         },
         "timeout": {
           "type": "number",
-          "exclusiveMinimum": 0,
-          "description": "Connection timeout in milliseconds."
+          "minimum": 0,
+          "description": "MCP request timeout in milliseconds. Set to 0 to disable client-side MCP timeouts."
         },
         "auth": {
           "$ref": "#/$defs/authConfig"