@openacp/cli 2026.401.2 → 2026.401.3

package/dist/cli.js

@@ -7493,6 +7493,7 @@ function resolveInstanceRoot(opts) {
   if (opts.global) return path21.join(os10.homedir(), ".openacp");
   const localRoot = path21.join(cwd, ".openacp");
   if (fs17.existsSync(localRoot)) return localRoot;
+  if (process.env.OPENACP_INSTANCE_ROOT) return process.env.OPENACP_INSTANCE_ROOT;
   return null;
 }
 function getGlobalRoot() {
@@ -10060,33 +10061,53 @@ var init_formatting = __esm({
   }
 });
 
+// src/core/utils/bypass-detection.ts
+function isPermissionBypass(value) {
+  const lower = value.toLowerCase();
+  return BYPASS_KEYWORDS.some((kw) => lower.includes(kw));
+}
+var BYPASS_KEYWORDS;
+var init_bypass_detection = __esm({
+  "src/core/utils/bypass-detection.ts"() {
+    "use strict";
+    BYPASS_KEYWORDS = ["bypass", "dangerous", "skip", "dontask", "dont_ask", "auto_accept"];
+  }
+});
+
 // src/plugins/telegram/commands/admin.ts
 import { InlineKeyboard } from "grammy";
+function isBypassActive(session) {
+  const modeOpt = session.getConfigByCategory("mode");
+  return modeOpt?.type === "select" && isPermissionBypass(String(modeOpt.currentValue)) || !!session.clientOverrides.bypassPermissions;
+}
 function setupDangerousModeCallbacks(bot, core) {
   bot.callbackQuery(/^d:/, async (ctx) => {
     const sessionId = ctx.callbackQuery.data.slice(2);
     const session = core.sessionManager.getSession(sessionId);
     if (session) {
-      const newDangerousMode2 = !session.clientOverrides.bypassPermissions;
-      session.clientOverrides.bypassPermissions = newDangerousMode2;
-      log14.info(
-        { sessionId, dangerousMode: newDangerousMode2 },
-        "Bypass permissions toggled via button"
-      );
-      core.sessionManager.patchRecord(sessionId, { clientOverrides: session.clientOverrides }).catch(() => {
-      });
-      const toastText2 = newDangerousMode2 ? "\u2620\uFE0F Bypass enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass disabled \u2014 approvals required";
+      const wantOn = !isBypassActive(session);
+      const toastText2 = wantOn ? "\u2620\uFE0F Bypass Permissions enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass Permissions disabled \u2014 approvals required";
       try {
         await ctx.answerCallbackQuery({ text: toastText2 });
       } catch {
       }
+      const registry = core.lifecycleManager?.serviceRegistry?.get("command-registry");
+      if (registry) {
+        await registry.execute(wantOn ? "/bypass on" : "/bypass off", {
+          raw: wantOn ? "on" : "off",
+          sessionId,
+          channelId: "telegram",
+          userId: String(ctx.from?.id ?? ""),
+          reply: async () => {
+          }
+        }).catch(() => {
+        });
+      }
+      log14.info({ sessionId, wantOn }, "Bypass permissions toggled via button");
       try {
-        await ctx.editMessageReplyMarkup({
-          reply_markup: buildSessionControlKeyboard(
-            sessionId,
-            newDangerousMode2,
-            session.voiceMode === "on"
-          )
+        await ctx.editMessageText(buildSessionStatusText(session), {
+          parse_mode: "HTML",
+          reply_markup: buildSessionControlKeyboard(sessionId, isBypassActive(session), session.voiceMode === "on")
         });
       } catch {
       }
@@ -10109,7 +10130,7 @@ function setupDangerousModeCallbacks(bot, core) {
       { sessionId, dangerousMode: newDangerousMode },
       "Bypass permissions toggled via button (store-only, session not in memory)"
     );
-    const toastText = newDangerousMode ? "\u2620\uFE0F Bypass enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass disabled \u2014 approvals required";
+    const toastText = newDangerousMode ? "\u2620\uFE0F Bypass Permissions enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass Permissions disabled \u2014 approvals required";
     try {
       await ctx.answerCallbackQuery({ text: toastText });
     } catch {
@@ -10169,7 +10190,7 @@ async function handleEnableDangerous(ctx, core) {
     });
   }
   await ctx.reply(
-    `\u2620\uFE0F <b>Bypass enabled</b>
+    `\u2620\uFE0F <b>Bypass Permissions enabled</b>
 
 All permission requests will be auto-approved \u2014 the agent can run any action without asking.
 
@@ -10220,19 +10241,42 @@ async function handleDisableDangerous(ctx, core) {
     });
   }
   await ctx.reply(
-    "\u{1F510} <b>Bypass disabled</b>\n\nYou will be asked to approve risky actions.",
+    "\u{1F510} <b>Bypass Permissions disabled</b>\n\nYou will be asked to approve risky actions.",
     { parse_mode: "HTML" }
   );
 }
 function buildSessionControlKeyboard(sessionId, dangerousMode, voiceMode) {
   return new InlineKeyboard().text(
-    dangerousMode ? "\u{1F510} Disable Bypass" : "\u2620\uFE0F Enable Bypass",
+    dangerousMode ? "\u{1F510} Disable Bypass Permissions" : "\u2620\uFE0F Enable Bypass Permissions",
     `d:${sessionId}`
   ).row().text(
     voiceMode ? "\u{1F50A} Text to Speech" : "\u{1F507} Text to Speech",
     `v:${sessionId}`
   );
 }
+function buildSessionStatusText(session, heading = "\u2705 New chat (same agent &amp; workspace)") {
+  const lines = [heading];
+  lines.push(`<b>Agent:</b> ${escapeHtml4(session.agentName)}`);
+  lines.push(`<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>`);
+  const modelOpt = session.getConfigByCategory("model");
+  if (modelOpt && modelOpt.type === "select") {
+    const choice = modelOpt.options.flatMap((o) => "group" in o ? o.options : [o]).find((c3) => c3.value === modelOpt.currentValue);
+    lines.push(`<b>Model:</b> ${escapeHtml4(choice?.name ?? modelOpt.currentValue)}`);
+  }
+  const thoughtOpt = session.getConfigByCategory("thought_level");
+  if (thoughtOpt && thoughtOpt.type === "select") {
+    const choice = thoughtOpt.options.flatMap((o) => "group" in o ? o.options : [o]).find((c3) => c3.value === thoughtOpt.currentValue);
+    lines.push(`<b>Thinking:</b> ${escapeHtml4(choice?.name ?? thoughtOpt.currentValue)}`);
+  }
+  const modeOpt = session.getConfigByCategory("mode");
+  if (isBypassActive(session)) {
+    lines.push(`<b>Mode:</b> \u2620\uFE0F Bypass Permissions enabled`);
+  } else if (modeOpt && modeOpt.type === "select") {
+    const choice = modeOpt.options.flatMap((o) => "group" in o ? o.options : [o]).find((c3) => c3.value === modeOpt.currentValue);
+    lines.push(`<b>Mode:</b> ${escapeHtml4(choice?.name ?? modeOpt.currentValue)}`);
+  }
+  return lines.join("\n");
+}
 function setupTTSCallbacks(bot, core) {
   bot.callbackQuery(/^v:/, async (ctx) => {
     const sessionId = ctx.callbackQuery.data.slice(2);
@@ -10263,12 +10307,14 @@ function setupTTSCallbacks(bot, core) {
     } catch {
     }
     try {
-      await ctx.editMessageReplyMarkup({
-        reply_markup: buildSessionControlKeyboard(
-          sessionId,
-          session.clientOverrides.bypassPermissions ?? false,
-          newMode === "on"
-        )
+      const keyboard = buildSessionControlKeyboard(
+        sessionId,
+        isBypassActive(session),
+        newMode === "on"
+      );
+      await ctx.editMessageText(buildSessionStatusText(session), {
+        parse_mode: "HTML",
+        reply_markup: keyboard
       });
     } catch {
     }
@@ -10476,6 +10522,7 @@ var log14, OUTPUT_MODE_LABELS;
 var init_admin = __esm({
   "src/plugins/telegram/commands/admin.ts"() {
     "use strict";
+    init_bypass_detection();
     init_formatting();
     init_log();
     log14 = createChildLogger({ module: "telegram-cmd-admin" });
@@ -10499,14 +10546,14 @@ function cleanupPending(userId) {
 function botFromCtx(ctx) {
   return { api: ctx.api };
 }
-async function handleNew(ctx, core, chatId, assistant) {
+async function handleNew(ctx, core, chatId, assistant, onControlMessage) {
   const rawMatch = ctx.match;
   const matchStr = typeof rawMatch === "string" ? rawMatch : "";
   const args2 = matchStr.split(" ").filter(Boolean);
   const agentName = args2[0];
   const workspace = args2[1];
   if (agentName && workspace) {
-    await createSessionDirect(ctx, core, chatId, agentName, workspace);
+    await createSessionDirect(ctx, core, chatId, agentName, workspace, onControlMessage);
     return;
   }
   const currentThreadId = ctx.message?.message_thread_id;
@@ -10584,7 +10631,7 @@ async function startConfirmStep(ctx, chatId, userId, agentName, workspace) {
     timer: setTimeout(() => pendingNewSessions.delete(userId), PENDING_TIMEOUT_MS)
   });
 }
-async function createSessionDirect(ctx, core, chatId, agentName, workspace) {
+async function createSessionDirect(ctx, core, chatId, agentName, workspace, onControlMessage) {
   log15.info({ userId: ctx.from?.id, agentName, workspace }, "New session command (direct)");
   let threadId;
   try {
@@ -10602,19 +10649,19 @@ async function createSessionDirect(ctx, core, chatId, agentName, workspace) {
       await ctx.api.editForumTopic(chatId, threadId, { name: finalName });
     } catch {
     }
-    await ctx.api.sendMessage(
+    const controlMsg = await ctx.api.sendMessage(
       chatId,
-      `\u2705 <b>Session started</b>
-<b>Agent:</b> ${escapeHtml4(session.agentName)}
-<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>
-
-This is your coding session \u2014 chat here to work with the agent.`,
+      buildSessionStatusText(session, `\u2705 <b>Session started</b>`),
       {
         message_thread_id: threadId,
         parse_mode: "HTML",
         reply_markup: buildSessionControlKeyboard(session.id, false, false)
       }
     );
+    onControlMessage?.(session.id, controlMsg.message_id);
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { topicId: threadId }
+    });
     return threadId ?? null;
   } catch (err) {
     log15.error({ err }, "Session creation failed");
@@ -10629,7 +10676,7 @@ This is your coding session \u2014 chat here to work with the agent.`,
     return null;
   }
 }
-async function handleNewChat(ctx, core, chatId) {
+async function handleNewChat(ctx, core, chatId, onControlMessage) {
   const threadId = ctx.message?.message_thread_id;
   if (!threadId) {
     await ctx.reply(
@@ -10684,17 +10731,19 @@ async function handleNewChat(ctx, core, chatId) {
     await core.sessionManager.patchRecord(session.id, { platform: {
       topicId: newThreadId
     } });
-    await ctx.api.sendMessage(
+    const controlMsg = await ctx.api.sendMessage(
       chatId,
-      `\u2705 New chat (same agent &amp; workspace)
-<b>Agent:</b> ${escapeHtml4(session.agentName)}
-<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>`,
+      buildSessionStatusText(session, `\u2705 New chat (same agent &amp; workspace)`),
       {
         message_thread_id: newThreadId,
         parse_mode: "HTML",
         reply_markup: buildSessionControlKeyboard(session.id, false, false)
       }
     );
+    onControlMessage?.(session.id, controlMsg.message_id);
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { topicId: newThreadId }
+    });
   } catch (err) {
     if (newThreadId) {
       try {
@@ -12184,7 +12233,7 @@ Choose the repo that has Entire checkpoints enabled:`;
     timer: setTimeout(() => pendingResumes.delete(userId), PENDING_TIMEOUT_MS2)
   });
 }
-async function executeResume(ctx, core, chatId, query, repoPath) {
+async function executeResume(ctx, core, chatId, query, repoPath, onControlMessage) {
   const provider = await core.contextManager.getProvider(repoPath);
   if (!provider) {
     await ctx.reply(
@@ -12242,22 +12291,23 @@ Repo: <code>${escapeHtml4(repoPath)}</code>`,
         { parse_mode: "HTML" }
       );
     }
-    await ctx.api.sendMessage(
-      chatId,
-      `\u2705 <b>Session resumed with context</b>
-<b>Agent:</b> ${escapeHtml4(session.agentName)}
-<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>
+    const resumeHeading = `\u2705 <b>Session resumed with context</b>
 <b>Sessions loaded:</b> ${sessionCount}
 <b>Mode:</b> ${escapeHtml4(mode)}
-<b>~Tokens:</b> ${tokens.toLocaleString()}
-
-Context is ready \u2014 chat here to continue working with the agent.`,
+<b>~Tokens:</b> ${tokens.toLocaleString()}`;
+    const controlMsg = await ctx.api.sendMessage(
+      chatId,
+      buildSessionStatusText(session, resumeHeading),
       {
         message_thread_id: threadId,
         parse_mode: "HTML",
         reply_markup: buildSessionControlKeyboard(session.id, false, false)
       }
     );
+    onControlMessage?.(session.id, controlMsg.message_id);
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { topicId: threadId }
+    });
   } catch (err) {
     log17.error({ err }, "Resume session creation failed");
     if (threadId) {
@@ -12270,7 +12320,7 @@ Context is ready \u2014 chat here to continue working with the agent.`,
     await ctx.reply(`\u274C ${escapeHtml4(message)}`, { parse_mode: "HTML" });
   }
 }
-async function handleResume(ctx, core, chatId, assistant) {
+async function handleResume(ctx, core, chatId, assistant, onControlMessage) {
   const rawMatch = ctx.match;
   const matchStr = typeof rawMatch === "string" ? rawMatch : "";
   const parsed = parseResumeArgs(matchStr);
@@ -12295,7 +12345,7 @@ Usage examples:
   if (!userId) return;
   await showWorkspacePicker(ctx, core, chatId, userId, query);
 }
-async function handlePendingResumeInput(ctx, core, chatId, assistantTopicId) {
+async function handlePendingResumeInput(ctx, core, chatId, assistantTopicId, onControlMessage) {
   const userId = ctx.from?.id;
   if (!userId) return false;
   const pending = pendingResumes.get(userId);
@@ -12315,10 +12365,10 @@ async function handlePendingResumeInput(ctx, core, chatId, assistantTopicId) {
   }
   const resolved = core.configManager.resolveWorkspace(workspace);
   cleanupPending2(userId);
-  await executeResume(ctx, core, chatId, pending.query, resolved);
+  await executeResume(ctx, core, chatId, pending.query, resolved, onControlMessage);
   return true;
 }
-function setupResumeCallbacks(bot, core, chatId) {
+function setupResumeCallbacks(bot, core, chatId, onControlMessage) {
   bot.callbackQuery(/^m:resume:/, async (ctx) => {
     const data = ctx.callbackQuery.data;
     const userId = ctx.from?.id;
@@ -12337,7 +12387,7 @@ function setupResumeCallbacks(bot, core, chatId) {
         await ctx.api.editMessageText(chatId, pending.messageId, `\u23F3 Using <code>${escapeHtml4(resolved)}</code>...`, { parse_mode: "HTML" });
       } catch {
       }
-      await executeResume(ctx, core, chatId, pending.query, resolved);
+      await executeResume(ctx, core, chatId, pending.query, resolved, onControlMessage);
       return;
     }
     if (data === "m:resume:ws:custom") {
@@ -12368,7 +12418,7 @@ Or just the folder name (will use workspace baseDir)`,
         await ctx.api.editMessageText(chatId, pending.messageId, `\u23F3 Using <code>${escapeHtml4(resolved)}</code>...`, { parse_mode: "HTML" });
       } catch {
       }
-      await executeResume(ctx, core, chatId, pending.query, resolved);
+      await executeResume(ctx, core, chatId, pending.query, resolved, onControlMessage);
       return;
     }
   });
@@ -13719,8 +13769,9 @@ var init_switch = __esm({
 
 // src/plugins/telegram/commands/index.ts
 function setupCommands(bot, core, chatId, assistant) {
-  bot.command("new", (ctx) => handleNew(ctx, core, chatId, assistant));
-  bot.command("newchat", (ctx) => handleNewChat(ctx, core, chatId));
+  const onControlMessage = assistant?.setControlMessage;
+  bot.command("new", (ctx) => handleNew(ctx, core, chatId, assistant, onControlMessage));
+  bot.command("newchat", (ctx) => handleNewChat(ctx, core, chatId, onControlMessage));
   bot.command("cancel", (ctx) => handleCancel(ctx, core, assistant));
   bot.command("status", (ctx) => handleStatus(ctx, core));
   bot.command("sessions", (ctx) => handleTopics(ctx, core));
@@ -13741,12 +13792,12 @@ function setupCommands(bot, core, chatId, assistant) {
   bot.command("text_to_speech", (ctx) => handleTTS(ctx, core));
   bot.command("verbosity", (ctx) => handleVerbosity(ctx, core));
   bot.command("outputmode", (ctx) => handleOutputMode(ctx, core));
-  bot.command("resume", (ctx) => handleResume(ctx, core, chatId, assistant));
+  bot.command("resume", (ctx) => handleResume(ctx, core, chatId, assistant, onControlMessage));
   bot.command("switch", (ctx) => handleSwitch(ctx, core));
 }
-function setupAllCallbacks(bot, core, chatId, systemTopicIds, getAssistantSession) {
+function setupAllCallbacks(bot, core, chatId, systemTopicIds, getAssistantSession, onControlMessage) {
   setupNewSessionCallbacks(bot, core, chatId);
-  setupResumeCallbacks(bot, core, chatId);
+  setupResumeCallbacks(bot, core, chatId, onControlMessage);
   setupSessionCallbacks(bot, core, chatId, systemTopicIds);
   setupSettingsCallbacks(bot, core, getAssistantSession ?? (() => void 0));
   setupDoctorCallbacks(bot);
@@ -16344,6 +16395,7 @@ var init_adapter2 = __esm({
     init_log();
     init_topics2();
     init_commands3();
+    init_admin();
     init_permissions();
     init_assistant();
     init_formatting();
@@ -16388,6 +16440,29 @@ var init_adapter2 = __esm({
       callbackCounter = 0;
       /** Pending skill commands queued when session.threadId was not yet set */
       _pendingSkillCommands = /* @__PURE__ */ new Map();
+      /** Control message IDs per session (for updating status text/buttons) */
+      controlMsgIds = /* @__PURE__ */ new Map();
+      /** Store control message ID in memory + persist to session record */
+      storeControlMsgId(sessionId, msgId) {
+        this.storeControlMsgId(sessionId, msgId);
+        this.core.sessionManager.patchRecord(sessionId, {
+          platform: { controlMsgId: msgId }
+        }).catch(() => {
+        });
+      }
+      /** Get control message ID (from Map, with fallback to session record) */
+      getControlMsgId(sessionId) {
+        let msgId = this.controlMsgIds.get(sessionId);
+        if (!msgId) {
+          const record = this.core.sessionManager.getSessionRecord(sessionId);
+          const platform2 = record?.platform;
+          if (platform2?.controlMsgId) {
+            msgId = platform2.controlMsgId;
+            this.storeControlMsgId(sessionId, msgId);
+          }
+        }
+        return msgId;
+      }
       getThreadId(sessionId) {
         const threadId = this._sessionThreadIds.get(sessionId);
         if (threadId === void 0) {
@@ -16594,7 +16669,26 @@ var init_adapter2 = __esm({
             });
             await ctx.answerCallbackQuery();
             if (response.type !== "silent") {
-              await this.renderCommandResponse(response, chatId, topicId);
+              if (response.type === "menu") {
+                const keyboard = response.options.map((opt) => [
+                  {
+                    text: `${opt.label}${opt.hint ? ` \u2014 ${opt.hint}` : ""}`,
+                    callback_data: this.toCallbackData(opt.command)
+                  }
+                ]);
+                try {
+                  await ctx.editMessageText(response.title, {
+                    reply_markup: { inline_keyboard: keyboard }
+                  });
+                } catch {
+                }
+              } else if (response.type === "text" || response.type === "error") {
+                const text6 = response.type === "text" ? response.text : `\u274C ${response.message}`;
+                try {
+                  await ctx.editMessageText(text6, { parse_mode: "Markdown" });
+                } catch {
+                }
+              }
             }
           } catch {
             await ctx.answerCallbackQuery({ text: "Command failed" });
@@ -16624,6 +16718,9 @@ var init_adapter2 = __esm({
               topicId: this.assistantTopicId,
               enqueuePrompt: (p2) => this.assistantSession.enqueuePrompt(p2)
             };
+          },
+          (sessionId, msgId) => {
+            this.storeControlMsgId(sessionId, msgId);
           }
         );
         setupCommands(
@@ -16633,6 +16730,9 @@ var init_adapter2 = __esm({
           {
             topicId: this.assistantTopicId,
             getSession: () => this.assistantSession,
+            setControlMessage: (sessionId, msgId) => {
+              this.storeControlMsgId(sessionId, msgId);
+            },
             respawn: async () => {
               if (this.assistantSession) {
                 await this.assistantSession.destroy();
@@ -16696,6 +16796,10 @@ var init_adapter2 = __esm({
             }
           );
         });
+        this.core.eventBus.on("session:configChanged", ({ sessionId }) => {
+          this.updateControlMessage(sessionId).catch(() => {
+          });
+        });
         this.setupRoutes();
         this.bot.start({
           allowed_updates: ["message", "callback_query"],
@@ -16900,7 +17004,10 @@ ${lines.join("\n")}`;
             ctx,
             this.core,
             this.telegramConfig.chatId,
-            this.assistantTopicId
+            this.assistantTopicId,
+            (sessionId2, msgId) => {
+              this.storeControlMsgId(sessionId2, msgId);
+            }
           )) {
             return;
           }
@@ -17279,6 +17386,41 @@ Task completed.
           );
         }
       }
+      async handleConfigUpdate(sessionId, _content) {
+        await this.updateControlMessage(sessionId);
+      }
+      /**
+       * Edit the pinned control message to reflect current session state
+       * (model, thought level, mode, bypass status).
+       */
+      async updateControlMessage(sessionId) {
+        const session = this.core.sessionManager.getSession(sessionId);
+        if (!session) return;
+        const controlMsgId = this.getControlMsgId(sessionId);
+        if (!controlMsgId) return;
+        const threadId = Number(session.threadId);
+        if (!threadId || isNaN(threadId)) return;
+        const text6 = buildSessionStatusText(session);
+        const keyboard = buildSessionControlKeyboard(
+          sessionId,
+          isBypassActive(session),
+          session.voiceMode === "on"
+        );
+        try {
+          await this.bot.api.editMessageText(
+            this.telegramConfig.chatId,
+            controlMsgId,
+            text6,
+            { parse_mode: "HTML" }
+          );
+          await this.bot.api.editMessageReplyMarkup(
+            this.telegramConfig.chatId,
+            controlMsgId,
+            { reply_markup: keyboard }
+          );
+        } catch {
+        }
+      }
       async handleError(sessionId, content) {
         this.getTracer(sessionId)?.log("telegram", { action: "handle:error", sessionId, text: content.text });
         const threadId = this.getThreadId(sessionId);
@@ -20016,19 +20158,6 @@ var init_session_manager = __esm({
   }
 });
 
-// src/core/utils/bypass-detection.ts
-function isPermissionBypass(value) {
-  const lower = value.toLowerCase();
-  return BYPASS_KEYWORDS.some((kw) => lower.includes(kw));
-}
-var BYPASS_KEYWORDS;
-var init_bypass_detection = __esm({
-  "src/core/utils/bypass-detection.ts"() {
-    "use strict";
-    BYPASS_KEYWORDS = ["bypass", "dangerous", "skip", "dontask", "dont_ask", "auto_accept"];
-  }
-});
-
 // src/core/sessions/session-bridge.ts
 var log29, SessionBridge;
 var init_session_bridge = __esm({
@@ -23773,6 +23902,7 @@ function registerCategoryCommand(registry, core, category, commandName) {
         if (response.configOptions) {
           session.configOptions = response.configOptions;
         }
+        core.eventBus.emit("session:configChanged", { sessionId: session.id });
         return { type: "text", text: labels.successMsg(match.name, configOption.name) };
       } catch (err) {
         const msg = err instanceof Error ? err.message : String(err);
@@ -23839,9 +23969,10 @@ function registerDangerousCommand(registry, core) {
           if (response.configOptions) {
             session.configOptions = response.configOptions;
           }
+          core.eventBus.emit("session:configChanged", { sessionId: session.id });
           return {
             type: "text",
-            text: wantOn ? "\u2620\uFE0F **Bypass enabled** \u2014 all permission requests will be auto-approved. The agent can run any action without asking." : "\u{1F510} **Bypass disabled** \u2014 you will be asked to approve risky actions."
+            text: wantOn ? "\u2620\uFE0F **Bypass Permissions enabled** \u2014 all permission requests will be auto-approved. The agent can run any action without asking." : "\u{1F510} **Bypass Permissions disabled** \u2014 you will be asked to approve risky actions."
           };
         } catch (err) {
           const msg = err instanceof Error ? err.message : String(err);
@@ -23852,9 +23983,10 @@ function registerDangerousCommand(registry, core) {
       await core.sessionManager.patchRecord(session.id, {
         clientOverrides: { ...session.clientOverrides }
       });
+      core.eventBus.emit("session:configChanged", { sessionId: session.id });
       return {
         type: "text",
-        text: wantOn ? "\u2620\uFE0F **Bypass enabled** (client-side) \u2014 all permission requests will be auto-approved.\n\n_Note: This agent doesn't natively support bypass mode, so OpenACP will auto-approve on your behalf._" : "\u{1F510} **Bypass disabled** \u2014 you will be asked to approve risky actions."
+        text: wantOn ? "\u2620\uFE0F **Bypass Permissions enabled** (client-side) \u2014 all permission requests will be auto-approved.\n\n_Note: This agent doesn't natively support bypass mode, so OpenACP will auto-approve on your behalf._" : "\u{1F510} **Bypass Permissions disabled** \u2014 you will be asked to approve risky actions."
       };
     }
   });
@@ -25735,6 +25867,12 @@ async function startServer(opts) {
       removePidFile2(ctx.paths.pid);
     }
     if (exitCode === RESTART_EXIT_CODE) {
+      if (process.env.OPENACP_DEV_LOOP) {
+        const fsMod = await import("fs");
+        const osMod = await import("os");
+        const pathMod2 = await import("path");
+        fsMod.writeFileSync(pathMod2.join(osMod.tmpdir(), "openacp-dev-loop-root"), ctx.root, "utf-8");
+      }
       if (isDaemon) {
         const { spawn: spawnChild } = await import("child_process");
         const { expandHome: expandHome4 } = await Promise.resolve().then(() => (init_config2(), config_exports));
@@ -25749,7 +25887,7 @@ async function startServer(opts) {
         const child = spawnChild(process.execPath, [cliPath, "--daemon-child"], {
           detached: true,
           stdio: ["ignore", out, err],
-          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1" }
+          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1", OPENACP_INSTANCE_ROOT: ctx.root }
         });
         fs53.closeSync(out);
         fs53.closeSync(err);
@@ -25759,7 +25897,7 @@ async function startServer(opts) {
         const { spawn: spawnChild } = await import("child_process");
         const child = spawnChild(process.execPath, process.argv.slice(1), {
           stdio: "inherit",
-          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1" }
+          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1", OPENACP_INSTANCE_ROOT: ctx.root }
         });
         await shutdownLogger();
         child.on("exit", (code) => process.exit(code ?? 0));
@@ -29401,7 +29539,7 @@ async function cmdDev(args2 = []) {
 `);
     return;
   }
-  const pluginPathArg = args2.slice(1).find((a) => !a.startsWith("--"));
+  const pluginPathArg = args2.find((a) => !a.startsWith("--"));
   const noWatch = args2.includes("--no-watch");
   const verbose = args2.includes("--verbose");
   if (!pluginPathArg) {