@oh-my-pi/pi-coding-agent 15.5.6 → 15.5.8

package/CHANGELOG.md

@@ -2,6 +2,70 @@
 
 ## [Unreleased]
 
+## [15.5.8] - 2026-05-28
+
+### Breaking Changes
+
+- Changed hashline edit parsing to require wrapped hunk headers such as `@@ A..B @@` (including `@@ BOF @@` and `@@ EOF @@`), with empty `@@ A..B @@` blocks deleting the anchored range and legacy inline payload forms treated as malformed
+
+### Added
+
+- Added `vault.enabled` setting (Tools → Obsidian Vault, default `false`) gating the `vault://` internal URL. When disabled, `VaultProtocolHandler.resolve` / `write`, `resolveVaultUrlToPath`, and `hasObsidian()` all refuse — the latter hides the `vault://` entry from the system prompt's Handlebars `{{#if hasObsidian}}` block. Tests can opt in via `vi.spyOn(vaultProtocol, "isVaultEnabled").mockReturnValue(true)`.
+
+- Added support for `vault://` URLs in path resolution utilities, including plan mode and internal selector parsing so `read` and edit paths can target Obsidian vault files directly
+- Added `vault://` internal URLs for editable Obsidian vault files, with filesystem-backed read/write/listing and CLI-backed vault index operations.
+- Added strict-mode indicators to `omp auth-gateway check` output by appending `[strict]` to strict-mode text headers and adding a top-level `strict` field in `--json` output
+- `omp auth-gateway check --strict` exercises each broker-supplied credential against its provider's chat-completion endpoint (cheapest bundled chat model per provider, with 15s/attempt timeout and up to 4 catalog fall-throughs on "model not found / invalid model" errors). Surfaces failures where the usage endpoint reports 200 but the chat endpoint 401s the same bearer (revoked OAuth scope, mislabeled provider row, …). Output gains a `[chat: ok|FAIL|skip]` column in text mode and a `completion` field on each credential in `--json` mode; the chat-failed count contributes to the non-zero exit code.
+
+### Changed
+
+- Changed hashline apply behavior to preserve duplicated boundary and context lines in replacement and insert payloads instead of auto-absorbing or dropping them
+- Updated hashline syntax: replaced `↑`/`↓` payload sigils with `^` repeat syntax and `|` literal rows for clearer edit semantics
+- Changed hashline delete syntax from bare `A:` or `A-B:` to explicit `A-B:-` inline delete marker
+- Modified hashline anchor syntax to require explicit range notation `A-B:` instead of shorthand `A:` for single-line operations
+- Updated hashline description in settings to clarify pure insert context behavior without arrow notation
+
+### Removed
+
+- Removed the `edit.hashlineAutoDropPureInsertDuplicates` setting
+- Removed the `edit.hashlineAutoDropPureInsertDuplicates` setting from configuration and execution paths
+- Removed the `edit.hashlineAutoDropPureInsertDuplicates` setting
+- Removed the `edit.hashlineAutoDropPureInsertDuplicates` setting from configuration and execution paths
+
+### Fixed
+
+- Fixed agent yielding silently on `response.incomplete` (OpenAI Responses / Codex `stopReason: "length"`). The agent now treats output-side incompletion as a recovery case: drops the truncated/reasoning-only assistant turn, attempts context promotion to a larger model, and falls back to compaction or handoff. `AutoCompactionStartEvent.reason` and the custom-tool `auto_compaction_start.trigger` discriminator gain an `"incomplete"` value. The handoff strategy is honored for `"incomplete"` (unlike `"overflow"`, where the input is broken and handoff would hit the same wall).
+- Fixed `eval` tool to resize large displayed images and append dimension notes to text output
+- Fixed `write` tool to strip malformed or loose hashline section headers before writing file content
+- Fixed `eval` tool image rendering to resize displayed images before returning them and append image-dimension notes to text output
+- Fixed `write` tool output sanitation to strip malformed or loose hashline section headers before writing file content
+- Fixed `omp auth-broker serve` crashing at startup with `logger.setTransports is not a function` — switched the call site to `import { setTransports } from "@oh-my-pi/pi-utils/logger"`, bypassing the `logger` namespace re-export that some Bun versions failed to expose at runtime
+- Fixed `omp auth-gateway` returning `502 upstream_error` and refusing to rotate credentials when a provider responded with a non-401 usage-limit error (Codex `usage_limit_reached`, Anthropic `usage_limit_reached`, Google `resource_exhausted`). `classifyGatewayError` now reuses `pi-ai`'s central `isUsageLimitError` heuristic and reports those failures as `429 rate_limit_error`. `streamSimple`'s pre-emit retry hook fires on usage-limit phrasing in addition to HTTP 401; the gateway's refresh callback branches on the error type and calls `AuthStorage.markUsageLimitReached(provider, sessionId, { retryAfterMs })` — temporarily blocking just the exhausted credential and surfacing the next sibling — instead of `invalidateCredentialMatching`, which would have suspect/deleted the row. The same branching is wired into the coding-agent `streamFn` callback so subscription multi-account rotation works the same on both surfaces.
+- Fixed `extractRetryHint` not recognising Codex's `Try again in ~N min.` / `… hour` / `… hours` phrasing, which left the gateway and TUI without a server-suggested retry window when an upstream account hit its usage cap. The shared `try again in` pattern now accepts `min`, `minutes`, `mins`, `h`, `hr`, `hour`, `hours` units in addition to `ms` / `s` / `sec`, and tolerates a leading `~` and embedded whitespace.
+- Fixed the auth-gateway threading `sessionId: undefined` into `AuthStorage.getApiKey`, which left `#sessionLastCredential` empty and made `markUsageLimitReached` a no-op for gateway-mediated requests. Both `/v1/chat/completions`-style endpoints and the `/v1/pi/stream` fast path now derive a stable `sessionId` from the client's `prompt_cache_key` (or the existing model+system+tools+first-message hash when absent) and reuse the same identity for credential-stickiness and prefix-cache routing.
+- Fixed `eval` tool to resize large displayed images and append dimension notes to text output
+- Fixed `write` tool to strip malformed or loose hashline section headers before writing file content
+- Fixed `eval` tool image rendering to resize displayed images before returning them and append image-dimension notes to text output
+- Fixed `write` tool output sanitation to strip malformed or loose hashline section headers before writing file content
+- Fixed `omp auth-broker serve` crashing at startup with `logger.setTransports is not a function` — switched the call site to `import { setTransports } from "@oh-my-pi/pi-utils/logger"`, bypassing the `logger` namespace re-export that some Bun versions failed to expose at runtime
+- Fixed user shortcut Python execution to namespace session IDs like eval, so both paths share one kernel
+
+### Security
+
+- Secured `vault://` reads and writes by validating URL paths and blocking traversal, absolute paths, and symlink escapes outside the selected vault root
+
+## [15.5.7] - 2026-05-27
+### Added
+- `providers.openrouterVariant` setting (Settings → Providers → "OpenRouter Routing") to default OpenRouter requests to a routing-variant suffix (`:nitro`, `:floor`, `:online`, `:exacto`). Selectors that already name a variant (e.g. `openrouter/anthropic/claude-haiku:nitro`) keep precedence.
+
+- `generate_image` supports xAI Grok Imagine via `providers.image=xai`. Supports `grok-imagine-image` (default) and `grok-imagine-image-quality` at aspect ratios `1:1`, `16:9`, `9:16`, `4:3`, `3:4`, `3:2`, `2:3`. Uses the xAI Grok OAuth credential when available, otherwise `XAI_API_KEY`.
+- New `tts` tool synthesises speech via xAI Grok Voice behind the disabled-by-default `tts.enabled` setting. Built-in voices `ara`, `eve` (default), `leo`, `rex`, `sal`; custom voice IDs also accepted. Output codec inferred from the `output_path` suffix (`.wav` → `wav`, else `mp3`). Up to 15,000 characters per request.
+
+### Fixed
+
+- Fixed plan-mode re-entry after approval reopening a fresh `local://PLAN.md` instead of the approved titled plan artifact, which could duplicate plan content and fail approval on an existing destination.
+- Fixed `read` URL reader mode aborting after a stalled Jina request instead of falling back to trafilatura/lynx/native: Jina (and Parallel extract) now have their own per-attempt sub-budget capped at 10s, the catch handler honours only real user cancellation, and the in-process native renderer is always attempted on already-loaded HTML ([#1449](https://github.com/can1357/oh-my-pi/issues/1449))
+
 ## [15.5.6] - 2026-05-27
 ### Added
 
@@ -57,6 +121,10 @@
 
 - Fixed `omp` startup and `/changelog` reading the host project's `CHANGELOG.md` as omp's — `getPackageDir()` no longer falls back to the user's `cwd` when no owning `package.json` is locatable, preventing spurious `lastChangelogVersion` writes ([#1423](https://github.com/can1357/oh-my-pi/issues/1423))
 
+### Fixed
+
+- Fixed hashline session-chain replay silently overwriting in-session edits when the model re-targeted a previously rewritten line with a stale file hash; replay now refuses unless every edit's anchor line content matches between the snapshot and the current file ([#1422](https://github.com/can1357/oh-my-pi/pull/1422))
+
 ## [15.5.3] - 2026-05-27
 ### Breaking Changes
 
@@ -66,6 +134,10 @@
 
 - Warned when legacy inline `LINE:TEXT` lines are accepted as payload continuations only when inside a pending multi-line `A-B:` replacement
 
+### Fixed
+
+- Fixed runtime model registry refresh and cache loading so providers with authoritative dynamic catalogs, including Synthetic, do not re-add deprecated bundled model IDs after discovery ([#1417](https://github.com/can1357/oh-my-pi/issues/1417)).
+
 ## [15.5.2] - 2026-05-26
 ### Breaking Changes
 

package/dist/types/cli/auth-gateway-cli.d.ts

@@ -11,6 +11,14 @@ export interface AuthGatewayCommandArgs {
          * to wire token-paste plumbing into every local client.
          */
         noAuth?: boolean;
+        /**
+         * Strict mode for `check` — additionally exercise every credential
+         * against its provider's chat-completion endpoint. The usage probe (run
+         * unconditionally) can pass while the chat endpoint still 401s the same
+         * bearer, so strict mode is the definitive "is this credential
+         * actually usable" signal. Slower and consumes a tiny amount of quota.
+         */
+        strict?: boolean;
     };
 }
 declare const ACTIONS: readonly AuthGatewayAction[];

package/dist/types/commands/auth-gateway.d.ts

@@ -26,6 +26,9 @@ export default class AuthGateway extends Command {
         "no-auth": import("@oh-my-pi/pi-utils/cli").FlagDescriptor<"boolean"> & {
             description: string;
         };
+        strict: import("@oh-my-pi/pi-utils/cli").FlagDescriptor<"boolean"> & {
+            description: string;
+        };
     };
     static examples: string[];
     run(): Promise<void>;

package/dist/types/config/settings-schema.d.ts

@@ -1918,15 +1918,6 @@ export declare const SETTINGS_SCHEMA: {
             readonly description: "Abort streaming edit tool calls when patch preview fails";
         };
     };
-    readonly "edit.hashlineAutoDropPureInsertDuplicates": {
-        readonly type: "boolean";
-        readonly default: false;
-        readonly ui: {
-            readonly tab: "editing";
-            readonly label: "Hashline Duplicate Insert Drop";
-            readonly description: "Drop payload lines that duplicate adjacent file context \u2014 2+-line context echoes on `\u2191`/`\u2193` inserts, and a single boundary line at either edge of an `A-B:` replacement";
-        };
-    };
     readonly "edit.blockAutoGenerated": {
         readonly type: "boolean";
         readonly default: true;
@@ -1951,7 +1942,7 @@ export declare const SETTINGS_SCHEMA: {
         readonly ui: {
             readonly tab: "editing";
             readonly label: "Hash Lines";
-            readonly description: "Include file-hash headers and line numbers in read output for hashline edit mode (\u00B6PATH#hash plus LINE:content)";
+            readonly description: "Include snapshot-tag headers and line numbers in read output for hashline edit mode (\u00B6PATH#tag plus LINE:content)";
         };
     };
     readonly "read.defaultLimit": {
@@ -2393,6 +2384,15 @@ export declare const SETTINGS_SCHEMA: {
             readonly description: "Enable the calculator tool for basic calculations";
         };
     };
+    readonly "tts.enabled": {
+        readonly type: "boolean";
+        readonly default: false;
+        readonly ui: {
+            readonly tab: "tools";
+            readonly label: "Text-to-Speech";
+            readonly description: "Enable the tts tool for xAI Grok Voice speech synthesis";
+        };
+    };
     readonly "recipe.enabled": {
         readonly type: "boolean";
         readonly default: true;
@@ -2429,6 +2429,15 @@ export declare const SETTINGS_SCHEMA: {
             readonly description: "Allow the read tool to fetch and process URLs";
         };
     };
+    readonly "vault.enabled": {
+        readonly type: "boolean";
+        readonly default: false;
+        readonly ui: {
+            readonly tab: "tools";
+            readonly label: "Obsidian Vault";
+            readonly description: "Enable the vault:// internal URL for reading and editing Obsidian vault content via the Obsidian CLI. When disabled, vault:// resolution is refused and the vault:// entry is omitted from the system prompt.";
+        };
+    };
     readonly "github.enabled": {
         readonly type: "boolean";
         readonly default: false;
@@ -3118,7 +3127,7 @@ export declare const SETTINGS_SCHEMA: {
     };
     readonly "providers.image": {
         readonly type: "enum";
-        readonly values: readonly ["auto", "openai", "gemini", "openrouter"];
+        readonly values: readonly ["auto", "openai", "antigravity", "xai", "gemini", "openrouter"];
         readonly default: "auto";
         readonly ui: {
             readonly tab: "providers";
@@ -3127,11 +3136,19 @@ export declare const SETTINGS_SCHEMA: {
             readonly options: readonly [{
                 readonly value: "auto";
                 readonly label: "Auto";
-                readonly description: "Priority: GPT model image tool > Antigravity > OpenRouter > Gemini";
+                readonly description: "Priority: GPT model image tool > Antigravity > xAI > OpenRouter > Gemini";
             }, {
                 readonly value: "openai";
                 readonly label: "OpenAI";
                 readonly description: "Uses the active GPT Responses/Codex model";
+            }, {
+                readonly value: "antigravity";
+                readonly label: "Antigravity";
+                readonly description: "Requires google-antigravity OAuth";
+            }, {
+                readonly value: "xai";
+                readonly label: "xAI Grok Imagine";
+                readonly description: "Requires xAI Grok OAuth or XAI_API_KEY";
             }, {
                 readonly value: "gemini";
                 readonly label: "Gemini";
@@ -3185,6 +3202,37 @@ export declare const SETTINGS_SCHEMA: {
             }];
         };
     };
+    readonly "providers.openrouterVariant": {
+        readonly type: "enum";
+        readonly values: readonly ["default", "nitro", "floor", "online", "exacto"];
+        readonly default: "default";
+        readonly ui: {
+            readonly tab: "providers";
+            readonly label: "OpenRouter Routing";
+            readonly description: "Default routing-variant suffix appended to OpenRouter model IDs (overridden when the selector already names a variant)";
+            readonly options: readonly [{
+                readonly value: "default";
+                readonly label: "Default";
+                readonly description: "No suffix; use OpenRouter's default routing";
+            }, {
+                readonly value: "nitro";
+                readonly label: ":nitro";
+                readonly description: "Prioritize throughput / lowest latency";
+            }, {
+                readonly value: "floor";
+                readonly label: ":floor";
+                readonly description: "Prioritize cheapest available provider";
+            }, {
+                readonly value: "online";
+                readonly label: ":online";
+                readonly description: "Enable OpenRouter's web-search plugin";
+            }, {
+                readonly value: "exacto";
+                readonly label: ":exacto";
+                readonly description: "Cherry-picked high-quality providers (only defined for select models)";
+            }];
+        };
+    };
     readonly "providers.parallelFetch": {
         readonly type: "boolean";
         readonly default: true;

package/dist/types/edit/file-snapshot-store.d.ts

@@ -2,17 +2,20 @@
  * Session-bound file snapshot store.
  *
  * Used by `read` and `search` to record exactly what the model saw, and by
- * the hashline patcher to recover from stale section hashes (file changed
- * externally between read and edit, or a prior in-session edit advanced
- * the hash). The store is the {@link InMemorySnapshotStore} implementation
+ * the hashline patcher to verify or recover from stale section tags (file
+ * changed externally between read and edit, or a prior in-session edit
+ * advanced the tag). The store is the {@link InMemorySnapshotStore}
  * from `@oh-my-pi/hashline`; the only coding-agent-specific concern here
- * is wiring it onto the per-session {@link ToolSession} object.
+ * is wiring it onto the per-session owner object.
  */
 import { InMemorySnapshotStore } from "@oh-my-pi/hashline";
-import type { ToolSession } from "../tools";
+interface FileSnapshotStoreOwner {
+    fileSnapshotStore?: InMemorySnapshotStore;
+}
 /**
  * Look up (or lazily create) the file snapshot store attached to a session.
  * Storage lives on `session.fileSnapshotStore` so it ages out exactly with
  * the session itself.
  */
-export declare function getFileSnapshotStore(session: ToolSession): InMemorySnapshotStore;
+export declare function getFileSnapshotStore(session: FileSnapshotStoreOwner): InMemorySnapshotStore;
+export {};

package/dist/types/edit/hashline/diff.d.ts

@@ -5,13 +5,12 @@
  * pair to {@link generateDiffString} so the renderer can show the diff
  * while the tool call is still streaming.
  *
- * Validation is intentionally light: only the section file hash is checked
+ * Validation is intentionally light: only the section snapshot tag is checked
  * (so the preview goes red when anchors are stale), no plan-mode guards
  * and no auto-generated-file refusal — those belong on the write path.
  */
-import { type PatchSection } from "@oh-my-pi/hashline";
+import { type PatchSection, type SnapshotStore } from "@oh-my-pi/hashline";
 export interface HashlineDiffOptions {
-    autoDropPureInsertDuplicates?: boolean;
     /**
      * Use the streaming-tolerant applier ({@link PatchSection.applyPartialTo})
      * so trailing in-flight ops do not throw or emit phantom edits. Streaming
@@ -19,7 +18,7 @@ export interface HashlineDiffOptions {
      */
     streaming?: boolean;
 }
-export declare function computeHashlineSectionDiff(section: PatchSection, cwd: string, options?: HashlineDiffOptions): Promise<{
+export declare function computeHashlineSectionDiff(section: PatchSection, cwd: string, snapshots: SnapshotStore, options?: HashlineDiffOptions): Promise<{
     diff: string;
     firstChangedLine: number | undefined;
 } | {
@@ -27,7 +26,7 @@ export declare function computeHashlineSectionDiff(section: PatchSection, cwd: s
 }>;
 export declare function computeHashlineDiff(input: {
     input: string;
-}, cwd: string, options?: HashlineDiffOptions): Promise<{
+}, cwd: string, snapshots: SnapshotStore, options?: HashlineDiffOptions): Promise<{
     diff: string;
     firstChangedLine: number | undefined;
 } | {

package/dist/types/edit/streaming.d.ts

@@ -12,6 +12,7 @@
  * The shared renderer / `ToolExecutionComponent` consult the strategy via
  * the injected `editMode` rather than probing argument shape.
  */
+import { type SnapshotStore } from "@oh-my-pi/hashline";
 import type { Theme } from "../modes/theme/theme";
 import { type EditMode, resolveEditMode } from "../utils/edit-mode";
 export interface PerFileDiffPreview {
@@ -23,9 +24,9 @@ export interface PerFileDiffPreview {
 export interface StreamingDiffContext {
     cwd: string;
     signal: AbortSignal;
+    snapshots: SnapshotStore;
     fuzzyThreshold?: number;
     allowFuzzy?: boolean;
-    hashlineAutoDropPureInsertDuplicates?: boolean;
     /**
      * True while the tool's arguments are still streaming in. Strategies that
      * accept free-form text input (apply_patch, hashline) trim the trailing

package/dist/types/eval/py/index.d.ts

@@ -1,5 +1,6 @@
 import type { ToolSession } from "../../tools";
 import type { ExecutorBackendExecOptions, ExecutorBackendResult } from "../backend";
+export declare function namespaceSessionId(sessionId: string): string;
 declare const _default: {
     id: "python";
     label: string;

package/dist/types/extensibility/custom-tools/types.d.ts

@@ -85,7 +85,7 @@ export type CustomToolSessionEvent = {
     previousSessionFile: string | undefined;
 } | {
     reason: "auto_compaction_start";
-    trigger: "threshold" | "overflow" | "idle";
+    trigger: "threshold" | "overflow" | "idle" | "incomplete";
     action: "context-full" | "handoff";
 } | {
     reason: "auto_compaction_end";

package/dist/types/extensibility/shared-events.d.ts

@@ -159,7 +159,7 @@ export interface TurnEndEvent {
 /** Fired when auto-compaction starts */
 export interface AutoCompactionStartEvent {
     type: "auto_compaction_start";
-    reason: "threshold" | "overflow" | "idle";
+    reason: "threshold" | "overflow" | "idle" | "incomplete";
     action: "context-full" | "handoff";
 }
 /** Fired when auto-compaction ends */

package/dist/types/internal-urls/index.d.ts

@@ -20,3 +20,4 @@ export * from "./router";
 export * from "./rule-protocol";
 export * from "./skill-protocol";
 export type * from "./types";
+export * from "./vault-protocol";

package/dist/types/internal-urls/vault-protocol.d.ts

@@ -0,0 +1,93 @@
+import type { InternalResource, InternalUrl, ProtocolHandler, ResolveContext, WriteContext } from "./types";
+type ContentType = InternalResource["contentType"];
+type VaultParamValue = string | true;
+type VaultParams = Record<string, VaultParamValue>;
+type FileOp = "outline" | "backlinks" | "links" | "tags" | "properties" | "tasks" | "wordcount" | "history" | "base";
+type VaultOp = "search" | "daily" | "daily-path" | "tags" | "tag" | "tasks" | "orphans" | "unresolved" | "deadends" | "bases" | "bookmarks" | "recents" | "templates" | "aliases" | "properties" | "property";
+export interface VaultReference {
+    vault: string | null;
+    active: boolean;
+    forwardVault: boolean;
+    display: string;
+}
+export type ParsedVaultUrl = {
+    kind: "list-vaults";
+    url: string;
+    params: VaultParams;
+} | {
+    kind: "vault-info";
+    url: string;
+    ref: VaultReference;
+    params: VaultParams;
+} | {
+    kind: "fs-dir";
+    url: string;
+    ref: VaultReference;
+    relativePath: string;
+    params: VaultParams;
+} | {
+    kind: "fs-file";
+    url: string;
+    ref: VaultReference;
+    relativePath: string;
+    params: VaultParams;
+} | {
+    kind: "file-op";
+    url: string;
+    ref: VaultReference;
+    relativePath: string;
+    op: FileOp;
+    params: VaultParams;
+} | {
+    kind: "vault-op";
+    url: string;
+    ref: VaultReference;
+    op: VaultOp;
+    params: VaultParams;
+};
+export interface ObsidianSpawnResult {
+    stdout: string;
+    stderr: string;
+    exitCode: number;
+}
+export interface VaultProtocolHandlerOptions {
+    spawnObsidian?: typeof spawnObsidian;
+    resolveObsidianBinary?: () => string | null;
+}
+interface CliInvocation {
+    args: string[];
+    contentType: ContentType;
+    opLabel: string;
+}
+export declare function parseVaultUrl(input: string | InternalUrl): ParsedVaultUrl;
+export declare function spawnObsidian(bin: string, args: string[], signal?: AbortSignal, timeoutMs?: number): Promise<ObsidianSpawnResult>;
+export declare function resolveObsidianBinary(): string | null;
+/**
+ * Whether the `vault://` protocol is enabled in the active settings profile.
+ *
+ * Reads `vault.enabled` from the global settings singleton. Falls back to the
+ * schema default when settings are not yet initialized (e.g. during isolated
+ * unit tests that exercise the handler before the host calls `Settings.init`).
+ */
+export declare function isVaultEnabled(): boolean;
+export declare function hasObsidian(): boolean;
+export declare class VaultDisabledError extends Error {
+    constructor();
+}
+export declare function resolveVaultUrlToPath(input: string | InternalUrl): string;
+export declare function buildObsidianCliInvocation(parsed: Extract<ParsedVaultUrl, {
+    kind: "file-op" | "vault-op";
+}>): CliInvocation;
+export declare class VaultProtocolHandler implements ProtocolHandler {
+    #private;
+    readonly scheme = "vault";
+    readonly immutable = false;
+    constructor(options?: VaultProtocolHandlerOptions);
+    static resetForTests(): void;
+    static setObsidianBinaryForTests(value: string | null | undefined): void;
+    static setVaultDirectoryForTests(entries: ReadonlyMap<string, string> | Record<string, string> | undefined): void;
+    static setActiveVaultPathForTests(vaultPath: string | undefined): void;
+    resolve(url: InternalUrl, context?: ResolveContext): Promise<InternalResource>;
+    write(url: InternalUrl, content: string, context?: WriteContext): Promise<void>;
+}
+export {};

package/dist/types/lib/xai-http.d.ts

@@ -0,0 +1,40 @@
+import type { ModelRegistry } from "../config/model-registry";
+interface XAICredentials {
+    provider: "xai-oauth" | "xai";
+    apiKey: string;
+    baseURL: string;
+}
+export declare function ohMyPiXAIUserAgent(): string;
+/**
+ * Resolve xAI credentials for HTTP tool calls.
+ *
+ * Credential priority:
+ *   1. xai-oauth — only when a *dedicated* xai-oauth source exists. Composed
+ *      of two checks against the registry layer:
+ *        a. `authStorage.hasNonEnvCredential("xai-oauth")` covers stored
+ *           credentials (OAuth or api_key), runtime overrides (CLI
+ *           `--api-key` for xai-oauth), config overrides (models.yml
+ *           `providers.xai-oauth.apiKey`), and fallback resolvers.
+ *        b. `$env.XAI_OAUTH_TOKEN` covers the xai-oauth-specific env var.
+ *      `XAI_API_KEY` is intentionally NOT a signal here, even though the
+ *      env-fallback map (`stream.ts: "xai-oauth"`) lets xai-oauth borrow it
+ *      as a back-compat convenience: the borrow lets API-key-only setups
+ *      satisfy the xai-oauth branch and then resolve baseUrl under
+ *      xai-oauth instead of xai, silently bypassing `providers.xai.baseUrl`
+ *      overrides for image/TTS traffic. The gate routes the borrow case to
+ *      step 2 while preserving every dedicated xai-oauth path.
+ *   2. xai (plain API key). Delegates to ModelRegistry.getApiKeyForProvider
+ *      which runs AuthStorage.getApiKey's full cascade: runtime override →
+ *      models.yml config override → stored api_key credential → OAuth
+ *      resolution → XAI_API_KEY env var → custom fallback resolver.
+ *
+ * baseURL: see `resolveXAIBaseURL` above. Resolved AFTER the credential
+ * decision so the scoped (provider, id) lookup is unambiguous. `modelId`
+ * is optional; probes / tool-availability checks pass `undefined` and fall
+ * through to env/default.
+ *
+ * Returns null when neither credential is available. Caller is responsible
+ * for surfacing an actionable error message in that case.
+ */
+export declare function resolveXAIHttpCredentials(modelRegistry: ModelRegistry, modelId?: string): Promise<XAICredentials | null>;
+export {};

package/dist/types/mcp/transports/http.d.ts

@@ -1,4 +1,13 @@
 import type { MCPHttpServerConfig, MCPRequestOptions, MCPSseServerConfig, MCPTransport } from "../../mcp/types";
+/**
+ * Best-effort startup deadline for the optional Streamable HTTP GET SSE listener.
+ *
+ * Returns `0` (disabled) when the operator has explicitly disabled MCP client-side
+ * timeouts via `timeout: 0` or `OMP_MCP_TIMEOUT_MS=0`, mirroring the rest of the
+ * MCP timeout surface. Otherwise caps the wait at one second and scales below
+ * short request timeouts so connect-time never exceeds the request budget.
+ */
+export declare function resolveSSEConnectTimeoutMs(configTimeout?: number): number;
 /**
  * HTTP transport for MCP servers.
  * Uses POST for requests, supports SSE responses.

package/dist/types/modes/components/tool-execution.d.ts

@@ -1,10 +1,11 @@
+import type { SnapshotStore } from "@oh-my-pi/hashline";
 import type { AgentTool } from "@oh-my-pi/pi-agent-core";
 import { Container, type TUI } from "@oh-my-pi/pi-tui";
 export interface ToolExecutionOptions {
+    snapshots?: SnapshotStore;
     showImages?: boolean;
     editFuzzyThreshold?: number;
     editAllowFuzzy?: boolean;
-    hashlineAutoDropPureInsertDuplicates?: boolean;
 }
 export interface ToolExecutionHandle {
     updateArgs(args: any, toolCallId?: string): void;

package/dist/types/session/agent-session.d.ts

@@ -12,6 +12,7 @@
  *
  * Modes use this class and add their own I/O layer on top.
  */
+import type { InMemorySnapshotStore } from "@oh-my-pi/hashline";
 import { type Agent, type AgentEvent, type AgentMessage, type AgentState, type AgentTool, ThinkingLevel } from "@oh-my-pi/pi-agent-core";
 import { type CompactionResult } from "@oh-my-pi/pi-agent-core/compaction";
 import type { AssistantMessage, Effort, ImageContent, Message, MessageAttribution, Model, ProviderSessionState, ServiceTier, SimpleStreamOptions, TextContent, ToolChoice, UsageReport } from "@oh-my-pi/pi-ai";
@@ -48,7 +49,7 @@ import { YieldQueue } from "./yield-queue";
 /** Session-specific events that extend the core AgentEvent */
 export type AgentSessionEvent = AgentEvent | {
     type: "auto_compaction_start";
-    reason: "threshold" | "overflow" | "idle";
+    reason: "threshold" | "overflow" | "idle" | "incomplete";
     action: "context-full" | "handoff";
 } | {
     type: "auto_compaction_end";
@@ -267,6 +268,7 @@ export declare class AgentSession {
     readonly sessionManager: SessionManager;
     readonly settings: Settings;
     readonly yieldQueue: YieldQueue;
+    fileSnapshotStore?: InMemorySnapshotStore;
     readonly configWarnings: string[];
     readonly rawSseDebugBuffer: RawSseDebugBuffer;
     constructor(config: AgentSessionConfig);
@@ -454,6 +456,7 @@ export declare class AgentSession {
     get goalRuntime(): GoalRuntime;
     markPlanReferenceSent(): void;
     setPlanReferencePath(path: string): void;
+    getPlanReferencePath(): string;
     get clientBridge(): ClientBridge | undefined;
     setClientBridge(bridge: ClientBridge | undefined): void;
     getCheckpointState(): CheckpointState | undefined;

package/dist/types/tools/fetch.d.ts

@@ -1,8 +1,10 @@
 import type { AgentToolResult } from "@oh-my-pi/pi-agent-core";
 import { type Component } from "@oh-my-pi/pi-tui";
+import type { Settings } from "../config/settings";
 import type { RenderResultOptions } from "../extensibility/custom-tools/types";
 import { type Theme } from "../modes/theme/theme";
 import type { ToolSession } from "../sdk";
+import type { AgentStorage } from "../session/agent-storage";
 import { type OutputMeta } from "./output-meta";
 import { type LineRange } from "./path-utils";
 export declare function isReadableUrlPath(value: string): boolean;
@@ -15,6 +17,20 @@ export interface ParsedReadUrlTarget {
     ranges?: readonly LineRange[];
 }
 export declare function parseReadUrlTarget(readPath: string): ParsedReadUrlTarget | null;
+/**
+ * Render HTML to markdown using Parallel, jina, trafilatura, lynx, then the
+ * in-process native converter. The overall `timeout` budget bounds the call,
+ * but remote reader requests are additionally capped at `REMOTE_READER_MAX_MS`
+ * so that a hung remote endpoint cannot prevent local fallbacks from running.
+ * Only a real `userSignal` cancellation aborts the chain — remote per-attempt
+ * timeouts and the overall reader-mode timeout still allow later renderers
+ * (especially the purely-local native converter) to be tried.
+ */
+export declare function renderHtmlToText(url: string, html: string, timeout: number, settings: Settings, userSignal: AbortSignal | undefined, storage: AgentStorage | null): Promise<{
+    content: string;
+    ok: boolean;
+    method: string;
+}>;
 interface FetchImagePayload {
     data: string;
     mimeType: string;

package/dist/types/tools/image-gen.d.ts

@@ -2,7 +2,8 @@ import { type Model } from "@oh-my-pi/pi-ai";
 import * as z from "zod/v4";
 import { type ModelRegistry } from "../config/model-registry";
 import type { CustomTool } from "../extensibility/custom-tools/types";
-type ImageProvider = "antigravity" | "gemini" | "openai" | "openai-codex" | "openrouter";
+export type ImageProvider = "antigravity" | "gemini" | "openai" | "openai-codex" | "openrouter" | "xai";
+export type ImageProviderPreference = Exclude<ImageProvider, "openai-codex"> | "auto";
 declare const responseModalitySchema: z.ZodEnum<{
     IMAGE: "IMAGE";
     TEXT: "TEXT";
@@ -19,6 +20,8 @@ export declare const imageGenSchema: z.ZodObject<{
     aspect_ratio: z.ZodOptional<z.ZodEnum<{
         "16:9": "16:9";
         "1:1": "1:1";
+        "2:3": "2:3";
+        "3:2": "3:2";
         "3:4": "3:4";
         "4:3": "4:3";
         "9:16": "9:16";
@@ -70,8 +73,9 @@ interface InlineImageData {
     data: string;
     mimeType: string;
 }
+export declare function isImageProviderPreference(value: unknown): value is ImageProviderPreference;
 /** Set the preferred image provider from settings */
-export declare function setPreferredImageProvider(provider: ImageProvider | "auto"): void;
+export declare function setPreferredImageProvider(provider: ImageProviderPreference): void;
 export declare const imageGenTool: CustomTool<typeof imageGenSchema, ImageGenToolDetails>;
 export declare function getImageGenTools(modelRegistry?: ModelRegistry, activeModel?: Model): Promise<Array<CustomTool<typeof imageGenSchema, ImageGenToolDetails>>>;
 export declare function getImageGenToolsWithRegistry(modelRegistry: ModelRegistry, activeModel?: Model): Promise<Array<CustomTool<typeof imageGenSchema, ImageGenToolDetails>>>;

package/dist/types/tools/index.d.ts

@@ -54,6 +54,7 @@ export * from "./search";
 export * from "./search-tool-bm25";
 export * from "./ssh";
 export * from "./todo-write";
+export * from "./tts";
 export * from "./write";
 export * from "./yield";
 /** Tool type (AgentTool from pi-ai) */

package/dist/types/tools/match-line-format.d.ts

@@ -3,8 +3,8 @@
  *
  * Matched lines are prefixed with `*`; context lines are prefixed with a single
  * space so line numbers align in column. In hashline mode the line uses the
- * editable `LINE:content` shape under a file-hash header; in plain mode it keeps
- * the legacy `LINE|content` display-only shape. Line numbers are never padded.
+ * editable `LINE:content` shape under a snapshot-tag header; in plain mode it
+ * keeps the legacy `LINE|content` display-only shape. Line numbers are never padded.
  */
 export declare function formatMatchLine(lineNumber: number, line: string, isMatch: boolean, options: {
     useHashLines: boolean;