@oh-my-pi/pi-coding-agent 15.4.3 → 15.5.1

package/src/mcp/transports/http.ts

@@ -16,6 +16,7 @@ import type {
 	MCPTransport,
 } from "../../mcp/types";
 import { toJsonRpcError } from "../../mcp/types";
+import { createMCPTimeout, getNeverAbortSignal, resolveMCPTimeoutMs } from "../timeout";
 
 /**
  * HTTP transport for MCP servers.
@@ -180,23 +181,18 @@ export class HttpTransport implements MCPTransport {
 			headers["Mcp-Session-Id"] = this.#sessionId;
 		}
 
-		// Create AbortController for timeout
-		const timeout = this.config.timeout ?? 30000;
-		const abortController = new AbortController();
-		const timeoutId = setTimeout(() => abortController.abort(), timeout);
-		const operationSignal = options?.signal
-			? AbortSignal.any([options.signal, abortController.signal])
-			: abortController.signal;
+		const timeout = resolveMCPTimeoutMs(this.config.timeout);
+		const operation = createMCPTimeout(timeout, options?.signal);
 
 		try {
 			const response = await fetch(this.config.url, {
 				method: "POST",
 				headers,
 				body: JSON.stringify(body),
-				signal: operationSignal,
+				signal: operation.signal,
 			});
 
-			clearTimeout(timeoutId);
+			operation.clear();
 
 			// Check for session ID in response
 			const newSessionId = response.headers.get("Mcp-Session-Id");
@@ -234,11 +230,8 @@ export class HttpTransport implements MCPTransport {
 
 			return result.result as T;
 		} catch (error) {
-			clearTimeout(timeoutId);
-			if (error instanceof Error && error.name === "AbortError") {
-				if (options?.signal?.aborted) {
-					throw error;
-				}
+			operation.clear();
+			if (operation.isTimeoutAbort(error)) {
 				throw new Error(`Request timeout after ${timeout}ms`);
 			}
 			throw error;
@@ -250,12 +243,9 @@ export class HttpTransport implements MCPTransport {
 			throw new Error("No response body");
 		}
 
-		const timeout = this.config.timeout ?? 30000;
-		const abortController = new AbortController();
-		const timeoutId = setTimeout(() => abortController.abort(), timeout);
-		const operationSignal = options?.signal
-			? AbortSignal.any([options.signal, abortController.signal])
-			: abortController.signal;
+		const timeout = resolveMCPTimeoutMs(this.config.timeout);
+		const operation = createMCPTimeout(timeout, options?.signal);
+		const signal = operation.signal ?? getNeverAbortSignal();
 
 		const { promise, resolve, reject } = Promise.withResolvers<T>();
 		let captured = false;
@@ -268,7 +258,7 @@ export class HttpTransport implements MCPTransport {
 		// controller", so we must not exit the loop early.
 		const drain = async (): Promise<void> => {
 			try {
-				for await (const raw of readSseJson<JsonRpcMessage | JsonRpcMessage[]>(response.body!, operationSignal)) {
+				for await (const raw of readSseJson<JsonRpcMessage | JsonRpcMessage[]>(response.body!, signal)) {
 					const messages = Array.isArray(raw) ? raw : [raw];
 					for (const message of messages) {
 						if (
@@ -278,7 +268,7 @@ export class HttpTransport implements MCPTransport {
 							("result" in message || "error" in message)
 						) {
 							captured = true;
-							clearTimeout(timeoutId);
+							operation.clear();
 							if (message.error) {
 								reject(new Error(`MCP error ${message.error.code}: ${message.error.message}`));
 							} else {
@@ -295,17 +285,13 @@ export class HttpTransport implements MCPTransport {
 				}
 			} catch (error) {
 				if (captured) return;
-				if (error instanceof Error && error.name === "AbortError") {
-					if (options?.signal?.aborted) {
-						reject(error);
-					} else {
-						reject(new Error(`SSE response timeout after ${timeout}ms`));
-					}
+				if (operation.isTimeoutAbort(error)) {
+					reject(new Error(`SSE response timeout after ${timeout}ms`));
 				} else {
 					reject(error as Error);
 				}
 			} finally {
-				clearTimeout(timeoutId);
+				operation.clear();
 			}
 		};
 
@@ -340,13 +326,16 @@ export class HttpTransport implements MCPTransport {
 		if (this.#sessionId) {
 			headers["Mcp-Session-Id"] = this.#sessionId;
 		}
+		const timeout = resolveMCPTimeoutMs(this.config.timeout);
+		let operation = createMCPTimeout(timeout);
 		try {
 			const resp = await fetch(this.config.url, {
 				method: "POST",
 				headers,
 				body: JSON.stringify(body),
-				signal: AbortSignal.timeout(this.config.timeout ?? 30000),
+				signal: operation.signal,
 			});
+			operation.clear();
 			// Retry once on auth failure if onAuthError is wired
 			if (this.onAuthError && (resp.status === 401 || resp.status === 403)) {
 				await resp.body?.cancel();
@@ -355,18 +344,21 @@ export class HttpTransport implements MCPTransport {
 					this.config.headers ??= {};
 					Object.assign(this.config.headers, newHeaders);
 					Object.assign(headers, newHeaders);
+					operation = createMCPTimeout(timeout);
 					const retry = await fetch(this.config.url, {
 						method: "POST",
 						headers,
 						body: JSON.stringify(body),
-						signal: AbortSignal.timeout(this.config.timeout ?? 30000),
+						signal: operation.signal,
 					});
+					operation.clear();
 					await retry.body?.cancel();
 					return;
 				}
 			}
 			await resp.body?.cancel();
 		} catch {
+			operation.clear();
 			// Best-effort response delivery — server may have disconnected
 		}
 	}
@@ -392,20 +384,18 @@ export class HttpTransport implements MCPTransport {
 			headers["Mcp-Session-Id"] = this.#sessionId;
 		}
 
-		// Create AbortController for timeout
-		const timeout = this.config.timeout ?? 30000;
-		const abortController = new AbortController();
-		const timeoutId = setTimeout(() => abortController.abort(), timeout);
+		const timeout = resolveMCPTimeoutMs(this.config.timeout);
+		const operation = createMCPTimeout(timeout);
 
 		try {
 			const response = await fetch(this.config.url, {
 				method: "POST",
 				headers,
 				body: JSON.stringify(body),
-				signal: abortController.signal,
+				signal: operation.signal,
 			});
 
-			clearTimeout(timeoutId);
+			operation.clear();
 
 			// 202 Accepted is success for notifications
 			if (!response.ok && response.status !== 202) {
@@ -417,15 +407,20 @@ export class HttpTransport implements MCPTransport {
 			// on the notification response (MCP Streamable HTTP spec). Read them.
 			const contentType = response.headers.get("Content-Type") ?? "";
 			if (contentType.includes("text/event-stream") && response.body) {
-				// Use the SSE connection's signal if available, otherwise read until stream ends
-				const signal = this.#sseConnection?.signal ?? AbortSignal.timeout(this.config.timeout ?? 30000);
-				void this.#readSSEStream(response.body, signal);
+				// Use the SSE connection's signal if available; otherwise keep the existing finite read timeout.
+				if (this.#sseConnection) {
+					void this.#readSSEStream(response.body, this.#sseConnection.signal);
+				} else {
+					const readOperation = createMCPTimeout(timeout);
+					const signal = readOperation.signal ?? getNeverAbortSignal();
+					void this.#readSSEStream(response.body, signal).finally(() => readOperation.clear());
+				}
 			} else {
 				await response.body?.cancel();
 			}
 		} catch (error) {
-			clearTimeout(timeoutId);
-			if (error instanceof Error && error.name === "AbortError") {
+			operation.clear();
+			if (operation.isTimeoutAbort(error)) {
 				throw new Error(`Notify timeout after ${timeout}ms`);
 			}
 			throw error;
@@ -444,8 +439,9 @@ export class HttpTransport implements MCPTransport {
 
 		// Send session termination if we have a session
 		if (this.#sessionId) {
+			const timeout = resolveMCPTimeoutMs(this.config.timeout);
+			const operation = createMCPTimeout(timeout);
 			try {
-				const timeout = this.config.timeout ?? 30000;
 				const headers: Record<string, string> = {
 					...this.config.headers,
 					"Mcp-Session-Id": this.#sessionId,
@@ -454,9 +450,11 @@ export class HttpTransport implements MCPTransport {
 				await fetch(this.config.url, {
 					method: "DELETE",
 					headers,
-					signal: AbortSignal.timeout(timeout),
+					signal: operation.signal,
 				});
+				operation.clear();
 			} catch {
+				operation.clear();
 				// Ignore termination errors
 			}
 			this.#sessionId = null;

package/src/mcp/transports/stdio.ts

@@ -17,6 +17,7 @@ import type {
 	MCPTransport,
 } from "../../mcp/types";
 import { toJsonRpcError } from "../../mcp/types";
+import { isMCPTimeoutEnabled, resolveMCPTimeoutMs } from "../timeout";
 
 /**
  * Stdio transport for MCP servers.
@@ -208,7 +209,7 @@ export class StdioTransport implements MCPTransport {
 			params: params ?? {},
 		};
 
-		const timeout = this.config.timeout ?? 30000;
+		const timeout = resolveMCPTimeoutMs(this.config.timeout);
 		const signal = options?.signal;
 
 		if (signal?.aborted) {
@@ -254,10 +255,12 @@ export class StdioTransport implements MCPTransport {
 			},
 		});
 
-		timer = setTimeout(() => {
-			cleanup();
-			reject(new Error(`Request timeout after ${timeout}ms`));
-		}, timeout);
+		if (isMCPTimeoutEnabled(timeout)) {
+			timer = setTimeout(() => {
+				cleanup();
+				reject(new Error(`Request timeout after ${timeout}ms`));
+			}, timeout);
+		}
 
 		const message = `${JSON.stringify(request)}\n`;
 		try {

package/src/mcp/types.ts

@@ -61,7 +61,7 @@ export interface MCPAuthConfig {
 interface MCPServerConfigBase {
 	/** Whether this server is enabled (default: true) */
 	enabled?: boolean;
-	/** Connection timeout in milliseconds (default: 30000) */
+	/** MCP request timeout in milliseconds (default: 30000, 0 to disable) */
 	timeout?: number;
 	/** Authentication configuration (optional) */
 	auth?: MCPAuthConfig;

package/src/modes/components/hook-editor.ts

@@ -17,6 +17,10 @@ export interface HookEditorOptions {
 	promptStyle?: boolean;
 }
 
+function isCtrlEnterSubmit(keyData: string): boolean {
+	return matchesKey(keyData, "ctrl+enter") || (keyData.charCodeAt(0) === 10 && keyData.length > 1);
+}
+
 export class HookEditorComponent extends Container {
 	#editor: Editor;
 	#onSubmitCallback: (value: string) => void;
@@ -78,6 +82,10 @@ export class HookEditorComponent extends Container {
 		}
 	}
 
+	#submitCurrentText(): void {
+		this.#onSubmitCallback(this.#editor.getExpandedText());
+	}
+
 	/** Prompt-style: raw Enter submits; Editor owns newline-producing sequences. */
 	#handlePromptStyleInput(keyData: string): void {
 		// Prompt-style keeps Escape as an explicit cancel key and also honors app.interrupt remaps.
@@ -94,7 +102,7 @@ export class HookEditorComponent extends Container {
 
 		// Submit on any plain Enter encoding, including terminals that report unmodified Enter as LF.
 		if (matchesKey(keyData, "enter") || matchesKey(keyData, "return")) {
-			this.#onSubmitCallback(this.#editor.getText());
+			this.#submitCurrentText();
 			return;
 		}
 
@@ -105,8 +113,8 @@ export class HookEditorComponent extends Container {
 	/** Hook-style: Enter=newline, Ctrl+Enter=submit (original behavior) */
 	#handleHookStyleInput(keyData: string): void {
 		// Ctrl+Enter to submit. Use key matching so lock-key and keypad Enter variants work.
-		if (matchesKey(keyData, "ctrl+enter")) {
-			this.#onSubmitCallback(this.#editor.getText());
+		if (isCtrlEnterSubmit(keyData)) {
+			this.#submitCurrentText();
 			return;
 		}
 

package/src/modes/components/mcp-add-wizard.ts

@@ -965,14 +965,18 @@ export class MCPAddWizard extends Container {
 			}, 1000);
 		} catch (error) {
 			// Connection failed - check if it's an auth error
-			const authResult = analyzeAuthError(error as Error);
+			const authResult = analyzeAuthError(error as Error, this.#state.url);
 
 			if (authResult.requiresAuth) {
 				// Prefer OAuth first: use error metadata, then well-known discovery fallback.
 				let oauth = authResult.authType === "oauth" ? (authResult.oauth ?? null) : null;
 				if (!oauth && this.#state.transport !== "stdio" && this.#state.url) {
 					try {
-						oauth = await discoverOAuthEndpoints(this.#state.url, authResult.authServerUrl);
+						oauth = await discoverOAuthEndpoints(
+							this.#state.url,
+							authResult.authServerUrl,
+							authResult.resourceMetadataUrl,
+						);
 					} catch {
 						// Ignore discovery failures and fallback to manual auth.
 					}

package/src/modes/components/model-selector.ts

@@ -277,7 +277,12 @@ export class ModelSelectorComponent extends Container {
 		}
 	}
 
-	#sortModels(models: ModelItem[]): void {
+	/**
+	 * @param skipRoleRank When a search query is narrowing the list, role assignments
+	 *   should NOT promote a weakly-matching default model above a perfect text
+	 *   match — defer to MRU/version instead so user affinity drives the order.
+	 */
+	#sortModels(models: ModelItem[], { skipRoleRank = false }: { skipRoleRank?: boolean } = {}): void {
 		// Sort: tagged models (default/smol/slow/plan) first, then MRU, then alphabetical
 		const mruOrder = this.#settings.getStorage()?.getModelUsageOrder() ?? [];
 		const mruIndex = new Map(mruOrder.map((key, i) => [key, i]));
@@ -291,9 +296,11 @@ export class ModelSelectorComponent extends Container {
 			const aKey = a.selector;
 			const bKey = b.selector;
 
-			const aRank = modelRank(a);
-			const bRank = modelRank(b);
-			if (aRank !== bRank) return aRank - bRank;
+			if (!skipRoleRank) {
+				const aRank = modelRank(a);
+				const bRank = modelRank(b);
+				if (aRank !== bRank) return aRank - bRank;
+			}
 
 			// Then MRU order (models in mruIndex come before those not in it)
 			const aMru = mruIndex.get(aKey) ?? Number.MAX_SAFE_INTEGER;
@@ -340,16 +347,18 @@ export class ModelSelectorComponent extends Container {
 		});
 	}
 
-	#sortCanonicalModels(models: CanonicalModelItem[]): void {
+	#sortCanonicalModels(models: CanonicalModelItem[], { skipRoleRank = false }: { skipRoleRank?: boolean } = {}): void {
 		const mruOrder = this.#settings.getStorage()?.getModelUsageOrder() ?? [];
 		const mruIndex = new Map(mruOrder.map((key, i) => [key, i]));
 
 		const modelRank = (item: CanonicalModelItem) => computeModelRank(item.model, this.#roles);
 
 		models.sort((a, b) => {
-			const aRank = modelRank(a);
-			const bRank = modelRank(b);
-			if (aRank !== bRank) return aRank - bRank;
+			if (!skipRoleRank) {
+				const aRank = modelRank(a);
+				const bRank = modelRank(b);
+				if (aRank !== bRank) return aRank - bRank;
+			}
 
 			const aMru = mruIndex.get(`${a.model.provider}/${a.model.id}`) ?? Number.MAX_SAFE_INTEGER;
 			const bMru = mruIndex.get(`${b.model.provider}/${b.model.id}`) ?? Number.MAX_SAFE_INTEGER;
@@ -558,12 +567,25 @@ export class ModelSelectorComponent extends Container {
 						: alphaFiltered.length > 0
 							? alphaFiltered
 							: baseCanonicalModels;
+				// Fuzzy provides the candidate set, but `${provider}/${id}` scoring
+				// is biased by provider-prefix length (e.g. `openai/X` beats
+				// `openai-codex/X` purely because the prefix is shorter). Re-sort by
+				// affinity — MRU then version — so the user's actually-used model
+				// wins. Role rank is skipped: when narrowing by query, a weakly
+				// matching default model should not be promoted above a stronger
+				// non-default match.
 				const fuzzyMatches = fuzzyFilter(fuzzySource, query, ({ searchText }) => searchText);
-				this.#sortCanonicalModels(fuzzyMatches);
+				this.#sortCanonicalModels(fuzzyMatches, { skipRoleRank: true });
 				this.#filteredCanonicalModels = fuzzyMatches;
 			} else {
-				const fuzzyMatches = fuzzyFilter(baseModels, query, ({ id, provider }) => `${id} ${provider}`);
-				this.#sortModels(fuzzyMatches);
+				// Match against the displayed "provider/id" string so the user can
+				// type what they see: bare names (`mimo`, `kimi`), provider prefixes
+				// (`openrouter`), or scoped queries (`openrouter/mimo`) all flow
+				// through the same fuzzy matcher. The score is biased by provider-
+				// prefix length, so re-sort by MRU/version afterwards; skip role
+				// rank so a weakly matching default doesn't trump a stronger match.
+				const fuzzyMatches = fuzzyFilter(baseModels, query, ({ id, provider }) => `${provider}/${id}`);
+				this.#sortModels(fuzzyMatches, { skipRoleRank: true });
 				this.#filteredModels = fuzzyMatches;
 			}
 		} else {

package/src/modes/controllers/command-controller.ts

@@ -1368,10 +1368,12 @@ function formatUnlimitedReportLabel(report: UsageReport, index: number): string
 }
 
 function formatResetShort(limit: UsageLimit, nowMs: number): string | undefined {
-	if (limit.window?.resetsAt !== undefined) {
-		return formatDuration(limit.window.resetsAt - nowMs);
-	}
-	return undefined;
+	const resetsAt = limit.window?.resetsAt;
+	if (resetsAt === undefined) return undefined;
+	// Codex returns the prior window's reset_at until a new request opens a fresh window —
+	// rendering a negative delta is meaningless, so drop the suffix in that case.
+	if (resetsAt <= nowMs) return undefined;
+	return formatDuration(resetsAt - nowMs);
 }
 
 function formatAccountHeaderRow(

package/src/modes/controllers/mcp-command-controller.ts

@@ -401,12 +401,16 @@ export class MCPCommandController {
 						);
 						return;
 					}
-					const authResult = analyzeAuthError(error as Error);
+					const authResult = analyzeAuthError(error as Error, finalConfig.url);
 					if (authResult.requiresAuth) {
 						let oauth = authResult.authType === "oauth" ? (authResult.oauth ?? null) : null;
 						if (!oauth && finalConfig.url) {
 							try {
-								oauth = await discoverOAuthEndpoints(finalConfig.url, authResult.authServerUrl);
+								oauth = await discoverOAuthEndpoints(
+									finalConfig.url,
+									authResult.authServerUrl,
+									authResult.resourceMetadataUrl,
+								);
 							} catch {
 								// Ignore discovery error and handle below.
 							}
@@ -742,11 +746,11 @@ export class MCPCommandController {
 		}
 
 		// Analyze the connection error to extract OAuth endpoints
-		const authResult = analyzeAuthError(connectionError!);
+		const authResult = analyzeAuthError(connectionError!, "url" in config ? config.url : undefined);
 		let oauth = authResult.authType === "oauth" ? (authResult.oauth ?? null) : null;
 
 		if (!oauth && (config.type === "http" || config.type === "sse") && config.url) {
-			oauth = await discoverOAuthEndpoints(config.url, authResult.authServerUrl);
+			oauth = await discoverOAuthEndpoints(config.url, authResult.authServerUrl, authResult.resourceMetadataUrl);
 		}
 
 		if (!oauth) {

package/src/prompts/review-custom-request.md

@@ -0,0 +1,22 @@
+## Code Review Request
+
+### Mode
+
+Custom review instructions
+
+### Distribution Guidelines
+
+Use the `task` tool with `agent: "reviewer"` and a `tasks` array.
+Create exactly **1 reviewer task**. Its assignment must include the custom instructions below.
+
+### Reviewer Instructions
+
+Reviewer MUST:
+1. Follow the custom instructions below
+2. Read the referenced files or workspace context needed to evaluate them
+3. Call `report_finding` per issue
+4. Call `yield` with verdict when done
+
+### Custom Instructions
+
+{{instructions}}

package/src/prompts/review-headless-request.md

@@ -0,0 +1,16 @@
+## Code Review Request
+
+### Mode
+
+Headless review request
+
+### Distribution Guidelines
+
+Use the `task` tool with `agent: "reviewer"` and a `tasks` array.
+Create exactly **1 reviewer task** for recent code changes.
+
+{{#if focus}}
+### Focus
+
+{{focus}}
+{{/if}}

package/src/prompts/review-request.md

@@ -23,14 +23,13 @@ _No files to review._
 
 ### Distribution Guidelines
 
-{{#when agentCount "==" 1}}Use **1 reviewer agent**.{{else}}Spawn **{{agentCount}} reviewer agents** in parallel.{{/when}}
+Use the `task` tool with `agent: "reviewer"` and a `tasks` array.
+{{#when agentCount "==" 1}}Create exactly **1 reviewer task**.{{else}}Spawn **{{agentCount}} reviewer agents** in parallel.{{/when}}
 {{#if multiAgent}}
 Group files by locality, e.g.:
 - Same directory/module → same agent
 - Related functionality → same agent
 - Tests with their implementation files → same agent
-
-You MUST use Task tool with `agent: "reviewer"` and `tasks` array.
 {{/if}}
 
 ### Reviewer Instructions

package/src/prompts/system/project-prompt.md

@@ -22,6 +22,10 @@ MUST read before making changes within:
 </dir-context>
 {{/if}}
 
+{{#ifAny contextFiles.length agentsMdSearch.files.length}}
+The context files above are loaded automatically. You NEVER `search`/`find` for `AGENTS.md`, `CLAUDE.md`, `.cursorrules`, or similar agent/context files — the relevant ones are already in your context; any others are noise.
+{{/ifAny}}
+
 {{#if workspaceTree.rendered}}
 <workspace-tree>
 Working directory layout (sorted by mtime, recent first; depth ≤ 3):

package/src/prompts/tools/debug.md

@@ -17,6 +17,7 @@ Use for launching or attaching debuggers, setting breakpoints, stepping through
 - Some adapters require a launched session to receive `configurationDone` before the target actually runs; if the tool says configuration is pending, set breakpoints and then call `continue`.
 - Adapter availability depends on local binaries. Common built-ins: `gdb`, `lldb-dap`, `python -m debugpy.adapter`, `dlv dap`.
 - `program` must be an executable file or debug target, not a directory or interpreter name that resolves to a workspace directory.
+- Python debugging requires `debugpy`; install with `pip install debugpy` if the adapter is unavailable.
 </caution>
 
 <examples>

package/src/prompts/tools/find.md

@@ -1,4 +1,4 @@
-Finds files using fast pattern matching that works with any codebase size.
+Finds files and directories using fast pattern matching that works with any codebase size.
 
 <instruction>
 - `paths` is required and accepts an array of globs, files, or directories
@@ -10,7 +10,7 @@ Finds files using fast pattern matching that works with any codebase size.
 </instruction>
 
 <output>
-Matching file paths sorted by modification time (most recent first). Truncated at 1000 entries or 50KB (configurable via `limit`).
+Matching file and directory paths sorted by modification time (most recent first). Directories are suffixed with `/`. Truncated at 1000 entries or 50KB (configurable via `limit`).
 </output>
 
 <examples>
@@ -20,6 +20,8 @@ Matching file paths sorted by modification time (most recent first). Truncated a
 `{"paths": ["src/**/*.ts", "test/**/*.ts"]}`
 # Find gitignored files like .env
 `{"paths": [".env*"], "gitignore": false}`
+# Find directories matching a name (returns both files and dirs; directories are suffixed with `/`)
+`{"paths": ["**/tests"]}`
 # Long-running search on a slow volume
 `{"paths": ["/Volumes/Storage/**/*.py"], "timeout": 30}`
 </examples>