@oh-my-pi/pi-coding-agent 16.1.2 → 16.1.4

package/src/commands/token.ts

@@ -7,6 +7,7 @@ import { Args, Command, Flags } from "@oh-my-pi/pi-utils/cli";
 import chalk from "chalk";
 import { isAuthenticated, ModelRegistry } from "../config/model-registry";
 import { discoverAuthStorage } from "../sdk";
+import { getAvailableAuthMethods } from "../web/search/providers/perplexity-auth";
 
 export default class Token extends Command {
 	static description = "Get the API key or OAuth token for a provider";
@@ -41,49 +42,67 @@ export default class Token extends Command {
 		const provider = providerName.toLowerCase();
 
 		const authStorage = await discoverAuthStorage();
-		const modelRegistry = new ModelRegistry(authStorage);
+		try {
+			const modelRegistry = new ModelRegistry(authStorage);
 
-		// Resolve the API key / token
-		const apiKey = await modelRegistry.getApiKeyForProvider(provider, undefined, {
-			forceRefresh: flags["force-refresh"],
-		});
+			// Resolve the API key / token
+			let apiKey: string | undefined;
 
-		if (!isAuthenticated(apiKey)) {
-			// Find all active/configured providers
-			const activeProviders = new Set<string>();
-			for (const p of PROVIDER_REGISTRY) {
-				if (authStorage.hasAuth(p.id)) {
-					activeProviders.add(p.id);
+			if (provider === "perplexity") {
+				const methods = await getAvailableAuthMethods(authStorage, undefined, {
+					forceRefresh: flags["force-refresh"],
+				});
+				const printable = methods.find(m => m.type === "oauth" || m.type === "api_key");
+				if (printable) {
+					apiKey = printable.type === "oauth" ? printable.access.accessToken : printable.apiKey;
 				}
 			}
-			const all = authStorage.getAll();
-			for (const p in all) {
-				if (authStorage.hasAuth(p)) {
-					activeProviders.add(p);
-				}
+
+			if (!apiKey) {
+				apiKey = await modelRegistry.getApiKeyForProvider(provider, undefined, {
+					forceRefresh: flags["force-refresh"],
+				});
 			}
 
-			const msg = `No active credential found for provider "${providerName}".`;
-			process.stderr.write(`${chalk.red(msg)}\n`);
-			if (activeProviders.size > 0) {
-				process.stderr.write(`Configured providers: ${Array.from(activeProviders).sort().join(", ")}\n`);
+			if (!isAuthenticated(apiKey)) {
+				// Find all active/configured providers
+				const activeProviders = new Set<string>();
+				for (const p of PROVIDER_REGISTRY) {
+					if (authStorage.hasAuth(p.id)) {
+						activeProviders.add(p.id);
+					}
+				}
+				const all = authStorage.getAll();
+				for (const p in all) {
+					if (authStorage.hasAuth(p)) {
+						activeProviders.add(p);
+					}
+				}
+
+				const msg = `No active credential found for provider "${providerName}".`;
+				process.stderr.write(`${chalk.red(msg)}\n`);
+				if (activeProviders.size > 0) {
+					process.stderr.write(`Configured providers: ${Array.from(activeProviders).sort().join(", ")}\n`);
+				}
+				process.exitCode = 1;
+				return;
 			}
-			process.exitCode = 1;
-			return;
-		}
 
-		if (!flags.raw) {
-			try {
-				const parsed = JSON.parse(apiKey);
-				if (parsed && typeof parsed === "object" && typeof parsed.token === "string") {
-					process.stdout.write(`${parsed.token}\n`);
-					return;
+			if (!flags.raw) {
+				try {
+					const parsed = JSON.parse(apiKey);
+					if (parsed && typeof parsed === "object" && typeof parsed.token === "string") {
+						process.stdout.write(`${parsed.token}\n`);
+						return;
+					}
+				} catch {
+					// Not a JSON string, print as-is
 				}
-			} catch {
-				// Not a JSON string, print as-is
 			}
-		}
 
-		process.stdout.write(`${apiKey}\n`);
+			process.stdout.write(`${apiKey}\n`);
+		} finally {
+			authStorage.close();
+		}
 	}
 }

package/src/config/append-only-context-mode.ts

@@ -8,10 +8,55 @@ export interface AppendOnlyContextModel {
 	compatConfig?: object;
 }
 
+/**
+ * Local model servers (Ollama, LM Studio, llama.cpp, vLLM, sglang, …) all
+ * rely on llama.cpp-style prefix KV-cache reuse: identical leading tokens
+ * skip re-prefill on the next request. Append-only mode is the only way to
+ * guarantee byte-stable bytes across turns, since the live system prompt,
+ * tool catalogue, and message log all flow through fresh allocations every
+ * step (see `agent-loop.ts` `streamAssistantResponse` fallback path).
+ */
+const LOCAL_INFERENCE_PROVIDERS = new Set(["ollama", "ollama-cloud", "lm-studio", "llama.cpp"]);
+
+/** True when `baseUrl` resolves to a loopback or RFC1918 host — covers
+ * llama.cpp/vLLM/sglang servers registered under a user-defined provider id
+ * via `models.yaml`. Built-in local provider ids (`ollama`, `lm-studio`,
+ * `llama.cpp`) are already handled by `LOCAL_INFERENCE_PROVIDERS`.
+ * Substring match on the parsed hostname only; ports, paths, and unparseable
+ * URLs return false.
+ */
+function hasLocalLoopbackBaseUrl(baseUrl: string | undefined): boolean {
+	if (!baseUrl) return false;
+	let hostname: string;
+	try {
+		hostname = new URL(baseUrl).hostname.toLowerCase();
+	} catch {
+		return false;
+	}
+	if (
+		hostname === "localhost" ||
+		hostname === "127.0.0.1" ||
+		hostname === "0.0.0.0" ||
+		hostname === "::1" ||
+		hostname === "[::1]"
+	) {
+		return true;
+	}
+	// RFC1918 private IPv4 ranges.
+	if (/^10\./.test(hostname)) return true;
+	if (/^192\.168\./.test(hostname)) return true;
+	if (/^172\.(1[6-9]|2[0-9]|3[01])\./.test(hostname)) return true;
+	// Common ".local" mDNS hostnames used for home-LAN llama.cpp boxes.
+	if (hostname.endsWith(".local")) return true;
+	return false;
+}
+
 function shouldAutoEnableAppendOnlyContext(model: AppendOnlyContextModel | null | undefined): boolean {
 	if (!model) return false;
 	if (model.provider === "deepseek") return true;
+	if (LOCAL_INFERENCE_PROVIDERS.has(model.provider)) return true;
 	if (hostMatchesUrl(model.baseUrl, "xiaomi")) return true;
+	if (hasLocalLoopbackBaseUrl(model.baseUrl)) return true;
 	return !!model.compatConfig && "supportsStore" in model.compatConfig && model.compatConfig.supportsStore === true;
 }
 

package/src/config/model-discovery.ts

@@ -275,6 +275,7 @@ export async function discoverOllamaModels(
 			baseUrl: `${endpoint}/v1`,
 			reasoning: metadata?.reasoning ?? false,
 			input: metadata?.input ?? ["text"],
+			imageInputDecoder: "stb",
 			cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
 			contextWindow: metadata?.contextWindow ?? 128000,
 			maxTokens: Math.min(metadata?.contextWindow ?? Number.POSITIVE_INFINITY, DISCOVERY_DEFAULT_MAX_TOKENS),
@@ -352,6 +353,7 @@ export async function discoverLlamaCppModels(
 				baseUrl,
 				reasoning: false,
 				input: serverMetadata?.input ?? ["text"],
+				imageInputDecoder: "stb",
 				cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
 				contextWindow: serverMetadata?.contextWindow ?? 128000,
 				maxTokens: Math.min(
@@ -424,6 +426,7 @@ export async function discoverOpenAIModelsList(
 				baseUrl,
 				reasoning: false,
 				input: nativeMetadataForModel?.input ?? ["text"],
+				...(providerConfig.discovery.type === "lm-studio" ? { imageInputDecoder: "stb" as const } : {}),
 				cost: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 },
 				contextWindow,
 				maxTokens: Math.min(contextWindow, discoveryDefaultMaxTokens(providerConfig.api)),

package/src/config/model-registry.ts

@@ -900,6 +900,7 @@ export class ModelRegistry {
 				...replacementModel,
 				contextWindow: replacementModel.contextWindow ?? existing.contextWindow,
 				maxTokens: replacementModel.maxTokens ?? existing.maxTokens,
+				omitMaxOutputTokens: replacementModel.omitMaxOutputTokens ?? existing.omitMaxOutputTokens,
 				...(supportsTools !== undefined ? { supportsTools } : {}),
 			};
 		});
@@ -1023,12 +1024,21 @@ export class ModelRegistry {
 	}
 
 	#normalizeDiscoverableModels(providerConfig: DiscoveryProviderConfig, models: Model<Api>[]): Model<Api>[] {
+		const withDecoderMetadata =
+			providerConfig.discovery.type === "ollama" ||
+			providerConfig.discovery.type === "llama.cpp" ||
+			providerConfig.discovery.type === "lm-studio"
+				? models.map(model =>
+						buildModel({ ...model, imageInputDecoder: "stb", compat: model.compatConfig } as ModelSpec<Api>),
+					)
+				: models;
+
 		if (providerConfig.provider !== "ollama" || providerConfig.api !== "openai-responses") {
-			return models;
+			return withDecoderMetadata;
 		}
 
 		const contextLengthOverride = getOllamaContextLengthOverride();
-		return models.map(model => {
+		return withDecoderMetadata.map(model => {
 			const normalized =
 				model.api === "openai-completions"
 					? buildModel({
@@ -1269,7 +1279,12 @@ export class ModelRegistry {
 					models: cached?.models.map(model => model.id) ?? [],
 				});
 				this.#lastDiscoveryWarnings.delete(providerConfig.provider);
-				return cached ? cached.models.map(model => buildModel(model)) : [];
+				return cached
+					? this.#normalizeDiscoverableModels(
+							providerConfig,
+							cached.models.map(model => buildModel(model)),
+						)
+					: [];
 			}
 		}
 
@@ -1569,6 +1584,9 @@ export class ModelRegistry {
 	}
 	#applyHardcodedModelPolicies(models: Model<Api>[]): Model<Api>[] {
 		return models.map(model => {
+			if (model.provider === "ollama-cloud" && model.omitMaxOutputTokens !== true) {
+				model = applyModelOverride(model, { omitMaxOutputTokens: true });
+			}
 			if (model.id !== "gpt-5.4" || model.provider === "github-copilot") {
 				return model;
 			}

package/src/config/model-resolver.ts

@@ -556,6 +556,27 @@ function isAlias(id: string): boolean {
 	return !datePattern.test(id);
 }
 
+function includeSyntheticAllowedModels(available: Model<Api>[], allowedModels: Iterable<Model<Api>>): Model<Api>[] {
+	const allowedByKey = new Map<string, Model<Api>>();
+	for (const model of allowedModels) {
+		const key = formatModelString(model);
+		if (!allowedByKey.has(key)) {
+			allowedByKey.set(key, model);
+		}
+	}
+	if (allowedByKey.size === 0) return [];
+
+	const result: Model<Api>[] = [];
+	for (const model of available) {
+		if (allowedByKey.delete(formatModelString(model))) {
+			result.push(model);
+		}
+	}
+
+	result.push(...allowedByKey.values());
+	return result;
+}
+
 /**
  * Find an exact explicit provider/model match.
  * Bare model ids are handled separately so canonical ids can coalesce variants.
@@ -1335,9 +1356,9 @@ export async function resolveModelScope(
  * the result to models matching those patterns.
  *
  * Returns the unfiltered available list when `enabledModels` is empty.
- * Returns an empty list when `enabledModels` is configured but no available
- * model matches any pattern — callers MUST treat this as "no usable model"
- * rather than falling back to the global default (see issue #1022).
+ * Returns an empty list when `enabledModels` is configured but no model matches
+ * any pattern — callers MUST treat this as "no usable model" rather than
+ * falling back to the global default (see issue #1022).
  */
 export async function resolveAllowedModels(
 	modelRegistry: Pick<ModelRegistry, "getAvailable" | "getCanonicalVariants">,
@@ -1353,8 +1374,10 @@ export async function resolveAllowedModels(
 	if (scoped.length === 0) {
 		return [];
 	}
-	const allowed = new Set(scoped.map(entry => `${entry.model.provider}/${entry.model.id}`));
-	return available.filter(model => allowed.has(`${model.provider}/${model.id}`));
+	return includeSyntheticAllowedModels(
+		available,
+		scoped.map(entry => entry.model),
+	);
 }
 
 /**
@@ -1382,9 +1405,9 @@ export function filterAvailableModelsByEnabledPatterns(
 	if (patterns.length === 0) return available;
 
 	const context = buildPreferenceContext(available, undefined);
-	const allowed = new Set<string>();
+	const allowedModels: Model<Api>[] = [];
 	const addAllowed = (model: Model<Api>) => {
-		allowed.add(`${model.provider}/${model.id}`);
+		allowedModels.push(model);
 	};
 
 	for (const pattern of patterns) {
@@ -1409,7 +1432,7 @@ export function filterAvailableModelsByEnabledPatterns(
 		}
 	}
 
-	return allowed.size === 0 ? [] : available.filter(model => allowed.has(`${model.provider}/${model.id}`));
+	return includeSyntheticAllowedModels(available, allowedModels);
 }
 
 export interface ResolveCliModelResult {

package/src/discovery/builtin-rules/ts-no-return-type.md

@@ -39,7 +39,6 @@ import type { LoadedConfig } from "./config";
 
 ## Exceptions
 
-- Timer handles: `ReturnType<typeof setTimeout>` / `setInterval`.
 - Generic type utilities where the function is a type parameter.
 
 Concrete function? Export a concrete type.

package/src/extensibility/plugins/manager.ts

@@ -248,11 +248,29 @@ export class PluginManager {
 	}
 
 	async #rollbackFailedInstall(
-		actualName: string,
+		actualName: string | undefined,
 		packageJsonBefore: string,
+		bunLockBefore: string | null,
 		snapshot: PluginPackageSnapshot | null,
 	): Promise<void> {
 		await Bun.write(getPluginsPackageJson(), packageJsonBefore);
+
+		// Restore (or remove) bun's lockfile. Without this, a `bun install` +
+		// `bun update` pair that successfully rewrote `bun.lock` would leave the
+		// rejected commit pinned even when validation rolls everything else back.
+		const bunLockPath = path.join(getPluginsDir(), "bun.lock");
+		if (bunLockBefore === null) {
+			await fs.promises.rm(bunLockPath, { force: true });
+		} else {
+			await Bun.write(bunLockPath, bunLockBefore);
+		}
+
+		// `actualName` may be undefined when the install failed before the dep
+		// key was resolved — package.json + bun.lock restoration above is the
+		// complete rollback in that case.
+		if (!actualName) {
+			return;
+		}
 		const packagePath = path.join(getPluginsNodeModules(), actualName);
 		await fs.promises.rm(packagePath, { recursive: true, force: true });
 		if (!snapshot) {
@@ -343,6 +361,19 @@ export class PluginManager {
 		}
 		const pkgJsonPath = getPluginsPackageJson();
 		const packageJsonBefore = await Bun.file(pkgJsonPath).text();
+		// Snapshot bun's lockfile so the rollback path can restore the pin. Every
+		// step below — `bun install`, `bun update`, feature/extension validation,
+		// runtime-config save — must either complete entirely or leave the
+		// lockfile pointing at its pre-install state. Absent before install means
+		// "remove on rollback".
+		const bunLockPath = path.join(getPluginsDir(), "bun.lock");
+		let bunLockBefore: string | null;
+		try {
+			bunLockBefore = await Bun.file(bunLockPath).text();
+		} catch (err) {
+			if (!isEnoent(err)) throw err;
+			bunLockBefore = null;
+		}
 		const depsBefore = await this.#readDeps(pkgJsonPath);
 		const packageInstallSpec = gitSource ? gitInstallSpec(spec.packageName, gitSource) : spec.packageName;
 		const existingActualName = gitSource
@@ -350,24 +381,26 @@ export class PluginManager {
 			: extractPackageName(spec.packageName);
 		const packageSnapshot = await this.#snapshotInstalledPackage(existingActualName);
 
+		// `actualName` is hoisted so the rollback handler can clean up the right
+		// node_modules entry even if a step between `bun install` and the final
+		// validation throws.
+		let actualName: string | undefined;
 		try {
-			// Run npm install
-			const proc = Bun.spawn(["bun", "install", packageInstallSpec], {
+			// Step 1: write the spec into plugins/package.json + node_modules.
+			const installProc = Bun.spawn(["bun", "install", packageInstallSpec], {
 				cwd: getPluginsDir(),
 				stdin: "ignore",
 				stdout: "pipe",
 				stderr: "pipe",
 				windowsHide: true,
 			});
-
-			const exitCode = await proc.exited;
-			if (exitCode !== 0) {
-				const stderr = await new Response(proc.stderr).text();
-				throw new Error(`npm install failed: ${stderr}`);
+			const installExit = await installProc.exited;
+			if (installExit !== 0) {
+				const stderr = await new Response(installProc.stderr).text();
+				throw new Error(`bun install failed: ${stderr}`);
 			}
 			// Resolve actual package name. npm specs encode the name (strip version);
 			// git specs do not, so diff plugins/package.json deps to find the new entry.
-			let actualName: string;
 			if (gitSource) {
 				const depsAfter = await this.#readDeps(pkgJsonPath);
 				let resolved: string | undefined;
@@ -393,8 +426,32 @@ export class PluginManager {
 			} else {
 				actualName = extractPackageName(spec.packageName);
 			}
-			const pkgPath = path.join(getPluginsNodeModules(), actualName, "package.json");
 
+			// Step 2: refresh the git lockfile pin when re-installing an existing
+			// git plugin. `bun install <spec>` is a no-op when the spec matches the
+			// lockfile entry — it never re-resolves the remote ref — so re-running
+			// `omp plugin install github:owner/repo` would silently keep the user on
+			// the original resolved commit even after upstream moved (#3063).
+			// `bun update <name>` re-resolves the ref against the remote and
+			// rewrites the pin; SHA-pinned refs stay put because the commit can't
+			// move. First-time installs skip this — the initial `bun install` already
+			// fetched HEAD. Rollback is handled by the outer catch.
+			if (gitSource && existingActualName) {
+				const updateProc = Bun.spawn(["bun", "update", actualName], {
+					cwd: getPluginsDir(),
+					stdin: "ignore",
+					stdout: "pipe",
+					stderr: "pipe",
+					windowsHide: true,
+				});
+				const updateExit = await updateProc.exited;
+				if (updateExit !== 0) {
+					const stderr = await new Response(updateProc.stderr).text();
+					throw new Error(`bun update ${actualName} failed: ${stderr}`);
+				}
+			}
+
+			const pkgPath = path.join(getPluginsNodeModules(), actualName, "package.json");
 			let pkg: { name: string; version: string; omp?: PluginManifest; pi?: PluginManifest };
 			try {
 				pkg = await Bun.file(pkgPath).json();
@@ -441,18 +498,7 @@ export class PluginManager {
 				enabled: true,
 			};
 
-			try {
-				await this.#validateInstalledExtensions(installedPlugin);
-			} catch (err) {
-				try {
-					await this.#rollbackFailedInstall(actualName, packageJsonBefore, packageSnapshot);
-				} catch (rollbackErr) {
-					const message = err instanceof Error ? err.message : String(err);
-					const rollbackMessage = rollbackErr instanceof Error ? rollbackErr.message : String(rollbackErr);
-					throw new Error(`${message}\nRollback failed: ${rollbackMessage}`);
-				}
-				throw err;
-			}
+			await this.#validateInstalledExtensions(installedPlugin);
 
 			// Update runtime config
 			const config = await this.#ensureConfigLoaded();
@@ -464,6 +510,20 @@ export class PluginManager {
 			await this.#saveRuntimeConfig();
 
 			return installedPlugin;
+		} catch (err) {
+			try {
+				await this.#rollbackFailedInstall(
+					actualName ?? existingActualName,
+					packageJsonBefore,
+					bunLockBefore,
+					packageSnapshot,
+				);
+			} catch (rollbackErr) {
+				const message = err instanceof Error ? err.message : String(err);
+				const rollbackMessage = rollbackErr instanceof Error ? rollbackErr.message : String(rollbackErr);
+				throw new Error(`${message}\nRollback failed: ${rollbackMessage}`);
+			}
+			throw err;
 		} finally {
 			await this.#cleanupSnapshot(packageSnapshot);
 		}

package/src/lsp/client.ts

@@ -482,6 +482,30 @@ async function handleServerRequest(client: LspClient, message: LspJsonRpcRequest
 		await sendResponse(client, message.id, null, message.method);
 		return;
 	}
+	if (message.method === "window/showMessageRequest") {
+		// Headless: no UI to surface the prompt. Spec says null = "no action selected".
+		await sendResponse(client, message.id, null, message.method);
+		return;
+	}
+	if (message.method === "window/showDocument") {
+		// Headless: nothing to display. Spec result is `{ success: boolean }`.
+		await sendResponse(client, message.id, { success: false }, message.method);
+		return;
+	}
+	if (
+		message.method === "workspace/semanticTokens/refresh" ||
+		message.method === "workspace/inlayHint/refresh" ||
+		message.method === "workspace/codeLens/refresh" ||
+		message.method === "workspace/codeAction/refresh" ||
+		message.method === "workspace/inlineValue/refresh" ||
+		message.method === "workspace/foldingRange/refresh" ||
+		message.method === "workspace/diagnostic/refresh"
+	) {
+		// Void acknowledgement per spec; servers that stall waiting for a reply
+		// (same failure mode as the dynamic-registration hang in #3029) move on.
+		await sendResponse(client, message.id, null, message.method);
+		return;
+	}
 	await sendResponse(client, message.id, null, message.method, {
 		code: -32601,
 		message: `Method not found: ${message.method}`,

package/src/mnemopi/backend.ts

@@ -120,6 +120,14 @@ export const mnemopiBackend: MemoryBackend = {
 		const config = previous?.config ?? (session ? loadMnemopiConfig(session.settings, agentDir) : undefined);
 		if (!config) return;
 		await loadMnemopiCore();
+		// Close the cached default Mnemopi instance so its SQLite handle doesn't
+		// keep the DB files locked on Windows when removeDbFiles tries to delete.
+		// Use the core module (already awaited via loadMnemopiCore above):
+		// requireMnemopi() throws "module not loaded" when clear() runs before the
+		// fire-and-forget start() has awaited loadMnemopi() (autolearn disabled, or
+		// taskDepth > 0). resetMemoryForTests is re-exported identically from core.
+		requireMnemopiCore().resetMemoryForTests();
+		await Bun.sleep(0);
 		await removeDbFiles(getMnemopiScopedDbPaths(config));
 	},
 
@@ -557,10 +565,48 @@ export function getMnemopiDbDirForTests(session: AgentSession): string | undefin
 	return state ? path.dirname(state.config.dbPath) : undefined;
 }
 
+/**
+ * Best-effort removal of a SQLite DB file and its WAL/SHM sidecars.
+ *
+ * Windows keeps `-wal`/`-shm` busy briefly after the DB handle closes, so a
+ * single `rm` races with EBUSY/EPERM. Retry a handful of times before giving
+ * up; `force: true` already makes "missing" a non-error.
+ */
 async function removeDbFiles(dbPaths: readonly string[]): Promise<void> {
 	for (const dbPath of dbPaths) {
-		await rm(dbPath, { force: true });
-		await rm(`${dbPath}-wal`, { force: true });
-		await rm(`${dbPath}-shm`, { force: true });
+		for (const suffix of ["", "-wal", "-shm"]) {
+			await removeWithRetries(`${dbPath}${suffix}`).catch(error => {
+				// `force: true` already makes ENOENT a non-error; anything else
+				// after the full retry window means the DB is genuinely locked and
+				// the user's "Memory cleared" message would be misleading. Log so
+				// the failure is diagnosable without blocking the clear flow.
+				const code = typeof error === "object" && error !== null && "code" in error ? error.code : undefined;
+				if (code !== "ENOENT") {
+					logger.warn("Mnemopi: failed to remove DB file after retries", { path: `${dbPath}${suffix}`, code });
+				}
+			});
+		}
+	}
+}
+
+const kRemoveRetries = 40;
+const kRemoveRetryDelayMs = 25;
+const kRetryableRemoveErrorCodes = new Set(["EBUSY", "EPERM", "ENOTEMPTY"]);
+
+async function removeWithRetries(target: string): Promise<void> {
+	for (let attempt = 0; ; attempt++) {
+		try {
+			await rm(target, { force: true });
+			return;
+		} catch (err) {
+			const retryable =
+				typeof err === "object" &&
+				err !== null &&
+				"code" in err &&
+				typeof err.code === "string" &&
+				kRetryableRemoveErrorCodes.has(err.code);
+			if (!retryable || attempt >= kRemoveRetries) throw err;
+			await Bun.sleep(kRemoveRetryDelayMs);
+		}
 	}
 }