npm - @openacp/cli - Versions diffs - 2026.401.2 → 2026.401.4 - Mend

@openacp/cli 2026.401.2 → 2026.401.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/cli.js CHANGED Viewed

@@ -7493,6 +7493,7 @@ function resolveInstanceRoot(opts) {
   if (opts.global) return path21.join(os10.homedir(), ".openacp");
   const localRoot = path21.join(cwd, ".openacp");
   if (fs17.existsSync(localRoot)) return localRoot;
+  if (process.env.OPENACP_INSTANCE_ROOT) return process.env.OPENACP_INSTANCE_ROOT;
   return null;
 }
 function getGlobalRoot() {
@@ -10060,33 +10061,53 @@ var init_formatting = __esm({
   }
 });
+// src/core/utils/bypass-detection.ts
+function isPermissionBypass(value) {
+  const lower = value.toLowerCase();
+  return BYPASS_KEYWORDS.some((kw) => lower.includes(kw));
+}
+var BYPASS_KEYWORDS;
+var init_bypass_detection = __esm({
+  "src/core/utils/bypass-detection.ts"() {
+    "use strict";
+    BYPASS_KEYWORDS = ["bypass", "dangerous", "skip", "dontask", "dont_ask", "auto_accept"];
+  }
+});
 // src/plugins/telegram/commands/admin.ts
 import { InlineKeyboard } from "grammy";
+function isBypassActive(session) {
+  const modeOpt = session.getConfigByCategory("mode");
+  return modeOpt?.type === "select" && isPermissionBypass(String(modeOpt.currentValue)) || !!session.clientOverrides.bypassPermissions;
+}
 function setupDangerousModeCallbacks(bot, core) {
   bot.callbackQuery(/^d:/, async (ctx) => {
     const sessionId = ctx.callbackQuery.data.slice(2);
     const session = core.sessionManager.getSession(sessionId);
     if (session) {
-      const newDangerousMode2 = !session.clientOverrides.bypassPermissions;
-      session.clientOverrides.bypassPermissions = newDangerousMode2;
-      log14.info(
-        { sessionId, dangerousMode: newDangerousMode2 },
-        "Bypass permissions toggled via button"
-      );
-      core.sessionManager.patchRecord(sessionId, { clientOverrides: session.clientOverrides }).catch(() => {
-      });
-      const toastText2 = newDangerousMode2 ? "\u2620\uFE0F Bypass enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass disabled \u2014 approvals required";
+      const wantOn = !isBypassActive(session);
+      const toastText2 = wantOn ? "\u2620\uFE0F Bypass Permissions enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass Permissions disabled \u2014 approvals required";
       try {
         await ctx.answerCallbackQuery({ text: toastText2 });
       } catch {
       }
+      const registry = core.lifecycleManager?.serviceRegistry?.get("command-registry");
+      if (registry) {
+        await registry.execute(wantOn ? "/bypass on" : "/bypass off", {
+          raw: wantOn ? "on" : "off",
+          sessionId,
+          channelId: "telegram",
+          userId: String(ctx.from?.id ?? ""),
+          reply: async () => {
+          }
+        }).catch(() => {
+        });
+      }
+      log14.info({ sessionId, wantOn }, "Bypass permissions toggled via button");
       try {
-        await ctx.editMessageReplyMarkup({
-          reply_markup: buildSessionControlKeyboard(
-            sessionId,
-            newDangerousMode2,
-            session.voiceMode === "on"
-          )
+        await ctx.editMessageText(buildSessionStatusText(session), {
+          parse_mode: "HTML",
+          reply_markup: buildSessionControlKeyboard(sessionId, isBypassActive(session), session.voiceMode === "on")
         });
       } catch {
       }
@@ -10109,7 +10130,7 @@ function setupDangerousModeCallbacks(bot, core) {
       { sessionId, dangerousMode: newDangerousMode },
       "Bypass permissions toggled via button (store-only, session not in memory)"
     );
-    const toastText = newDangerousMode ? "\u2620\uFE0F Bypass enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass disabled \u2014 approvals required";
+    const toastText = newDangerousMode ? "\u2620\uFE0F Bypass Permissions enabled \u2014 permissions auto-approved" : "\u{1F510} Bypass Permissions disabled \u2014 approvals required";
     try {
       await ctx.answerCallbackQuery({ text: toastText });
     } catch {
@@ -10169,7 +10190,7 @@ async function handleEnableDangerous(ctx, core) {
     });
   }
   await ctx.reply(
-    `\u2620\uFE0F <b>Bypass enabled</b>
+    `\u2620\uFE0F <b>Bypass Permissions enabled</b>
 All permission requests will be auto-approved \u2014 the agent can run any action without asking.
@@ -10220,19 +10241,42 @@ async function handleDisableDangerous(ctx, core) {
     });
   }
   await ctx.reply(
-    "\u{1F510} <b>Bypass disabled</b>\n\nYou will be asked to approve risky actions.",
+    "\u{1F510} <b>Bypass Permissions disabled</b>\n\nYou will be asked to approve risky actions.",
     { parse_mode: "HTML" }
   );
 }
 function buildSessionControlKeyboard(sessionId, dangerousMode, voiceMode) {
   return new InlineKeyboard().text(
-    dangerousMode ? "\u{1F510} Disable Bypass" : "\u2620\uFE0F Enable Bypass",
+    dangerousMode ? "\u{1F510} Disable Bypass Permissions" : "\u2620\uFE0F Enable Bypass Permissions",
     `d:${sessionId}`
   ).row().text(
     voiceMode ? "\u{1F50A} Text to Speech" : "\u{1F507} Text to Speech",
     `v:${sessionId}`
   );
 }
+function buildSessionStatusText(session, heading = "\u2705 New chat (same agent &amp; workspace)") {
+  const lines = [heading];
+  lines.push(`<b>Agent:</b> ${escapeHtml4(session.agentName)}`);
+  lines.push(`<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>`);
+  const modelOpt = session.getConfigByCategory("model");
+  if (modelOpt && modelOpt.type === "select") {
+    const choice = modelOpt.options.flatMap((o) => "group" in o ? o.options : [o]).find((c3) => c3.value === modelOpt.currentValue);
+    lines.push(`<b>Model:</b> ${escapeHtml4(choice?.name ?? modelOpt.currentValue)}`);
+  }
+  const thoughtOpt = session.getConfigByCategory("thought_level");
+  if (thoughtOpt && thoughtOpt.type === "select") {
+    const choice = thoughtOpt.options.flatMap((o) => "group" in o ? o.options : [o]).find((c3) => c3.value === thoughtOpt.currentValue);
+    lines.push(`<b>Thinking:</b> ${escapeHtml4(choice?.name ?? thoughtOpt.currentValue)}`);
+  }
+  const modeOpt = session.getConfigByCategory("mode");
+  if (isBypassActive(session)) {
+    lines.push(`<b>Mode:</b> \u2620\uFE0F Bypass Permissions enabled`);
+  } else if (modeOpt && modeOpt.type === "select") {
+    const choice = modeOpt.options.flatMap((o) => "group" in o ? o.options : [o]).find((c3) => c3.value === modeOpt.currentValue);
+    lines.push(`<b>Mode:</b> ${escapeHtml4(choice?.name ?? modeOpt.currentValue)}`);
+  }
+  return lines.join("\n");
+}
 function setupTTSCallbacks(bot, core) {
   bot.callbackQuery(/^v:/, async (ctx) => {
     const sessionId = ctx.callbackQuery.data.slice(2);
@@ -10263,12 +10307,14 @@ function setupTTSCallbacks(bot, core) {
     } catch {
     }
     try {
-      await ctx.editMessageReplyMarkup({
-        reply_markup: buildSessionControlKeyboard(
-          sessionId,
-          session.clientOverrides.bypassPermissions ?? false,
-          newMode === "on"
-        )
+      const keyboard = buildSessionControlKeyboard(
+        sessionId,
+        isBypassActive(session),
+        newMode === "on"
+      );
+      await ctx.editMessageText(buildSessionStatusText(session), {
+        parse_mode: "HTML",
+        reply_markup: keyboard
       });
     } catch {
     }
@@ -10476,6 +10522,7 @@ var log14, OUTPUT_MODE_LABELS;
 var init_admin = __esm({
   "src/plugins/telegram/commands/admin.ts"() {
     "use strict";
+    init_bypass_detection();
     init_formatting();
     init_log();
     log14 = createChildLogger({ module: "telegram-cmd-admin" });
@@ -10499,14 +10546,14 @@ function cleanupPending(userId) {
 function botFromCtx(ctx) {
   return { api: ctx.api };
 }
-async function handleNew(ctx, core, chatId, assistant) {
+async function handleNew(ctx, core, chatId, assistant, onControlMessage) {
   const rawMatch = ctx.match;
   const matchStr = typeof rawMatch === "string" ? rawMatch : "";
   const args2 = matchStr.split(" ").filter(Boolean);
   const agentName = args2[0];
   const workspace = args2[1];
   if (agentName && workspace) {
-    await createSessionDirect(ctx, core, chatId, agentName, workspace);
+    await createSessionDirect(ctx, core, chatId, agentName, workspace, onControlMessage);
     return;
   }
   const currentThreadId = ctx.message?.message_thread_id;
@@ -10584,7 +10631,7 @@ async function startConfirmStep(ctx, chatId, userId, agentName, workspace) {
     timer: setTimeout(() => pendingNewSessions.delete(userId), PENDING_TIMEOUT_MS)
   });
 }
-async function createSessionDirect(ctx, core, chatId, agentName, workspace) {
+async function createSessionDirect(ctx, core, chatId, agentName, workspace, onControlMessage) {
   log15.info({ userId: ctx.from?.id, agentName, workspace }, "New session command (direct)");
   let threadId;
   try {
@@ -10602,19 +10649,19 @@ async function createSessionDirect(ctx, core, chatId, agentName, workspace) {
       await ctx.api.editForumTopic(chatId, threadId, { name: finalName });
     } catch {
     }
-    await ctx.api.sendMessage(
+    const controlMsg = await ctx.api.sendMessage(
       chatId,
-      `\u2705 <b>Session started</b>
-<b>Agent:</b> ${escapeHtml4(session.agentName)}
-<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>
-This is your coding session \u2014 chat here to work with the agent.`,
+      buildSessionStatusText(session, `\u2705 <b>Session started</b>`),
       {
         message_thread_id: threadId,
         parse_mode: "HTML",
         reply_markup: buildSessionControlKeyboard(session.id, false, false)
       }
     );
+    onControlMessage?.(session.id, controlMsg.message_id);
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { topicId: threadId }
+    });
     return threadId ?? null;
   } catch (err) {
     log15.error({ err }, "Session creation failed");
@@ -10629,7 +10676,7 @@ This is your coding session \u2014 chat here to work with the agent.`,
     return null;
   }
 }
-async function handleNewChat(ctx, core, chatId) {
+async function handleNewChat(ctx, core, chatId, onControlMessage) {
   const threadId = ctx.message?.message_thread_id;
   if (!threadId) {
     await ctx.reply(
@@ -10684,17 +10731,19 @@ async function handleNewChat(ctx, core, chatId) {
     await core.sessionManager.patchRecord(session.id, { platform: {
       topicId: newThreadId
     } });
-    await ctx.api.sendMessage(
+    const controlMsg = await ctx.api.sendMessage(
       chatId,
-      `\u2705 New chat (same agent &amp; workspace)
-<b>Agent:</b> ${escapeHtml4(session.agentName)}
-<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>`,
+      buildSessionStatusText(session, `\u2705 New chat (same agent &amp; workspace)`),
       {
         message_thread_id: newThreadId,
         parse_mode: "HTML",
         reply_markup: buildSessionControlKeyboard(session.id, false, false)
       }
     );
+    onControlMessage?.(session.id, controlMsg.message_id);
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { topicId: newThreadId }
+    });
   } catch (err) {
     if (newThreadId) {
       try {
@@ -12184,7 +12233,7 @@ Choose the repo that has Entire checkpoints enabled:`;
     timer: setTimeout(() => pendingResumes.delete(userId), PENDING_TIMEOUT_MS2)
   });
 }
-async function executeResume(ctx, core, chatId, query, repoPath) {
+async function executeResume(ctx, core, chatId, query, repoPath, onControlMessage) {
   const provider = await core.contextManager.getProvider(repoPath);
   if (!provider) {
     await ctx.reply(
@@ -12242,22 +12291,23 @@ Repo: <code>${escapeHtml4(repoPath)}</code>`,
         { parse_mode: "HTML" }
       );
     }
-    await ctx.api.sendMessage(
-      chatId,
-      `\u2705 <b>Session resumed with context</b>
-<b>Agent:</b> ${escapeHtml4(session.agentName)}
-<b>Workspace:</b> <code>${escapeHtml4(session.workingDirectory)}</code>
+    const resumeHeading = `\u2705 <b>Session resumed with context</b>
 <b>Sessions loaded:</b> ${sessionCount}
 <b>Mode:</b> ${escapeHtml4(mode)}
-<b>~Tokens:</b> ${tokens.toLocaleString()}
-Context is ready \u2014 chat here to continue working with the agent.`,
+<b>~Tokens:</b> ${tokens.toLocaleString()}`;
+    const controlMsg = await ctx.api.sendMessage(
+      chatId,
+      buildSessionStatusText(session, resumeHeading),
       {
         message_thread_id: threadId,
         parse_mode: "HTML",
         reply_markup: buildSessionControlKeyboard(session.id, false, false)
       }
     );
+    onControlMessage?.(session.id, controlMsg.message_id);
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { topicId: threadId }
+    });
   } catch (err) {
     log17.error({ err }, "Resume session creation failed");
     if (threadId) {
@@ -12270,7 +12320,7 @@ Context is ready \u2014 chat here to continue working with the agent.`,
     await ctx.reply(`\u274C ${escapeHtml4(message)}`, { parse_mode: "HTML" });
   }
 }
-async function handleResume(ctx, core, chatId, assistant) {
+async function handleResume(ctx, core, chatId, assistant, onControlMessage) {
   const rawMatch = ctx.match;
   const matchStr = typeof rawMatch === "string" ? rawMatch : "";
   const parsed = parseResumeArgs(matchStr);
@@ -12295,7 +12345,7 @@ Usage examples:
   if (!userId) return;
   await showWorkspacePicker(ctx, core, chatId, userId, query);
 }
-async function handlePendingResumeInput(ctx, core, chatId, assistantTopicId) {
+async function handlePendingResumeInput(ctx, core, chatId, assistantTopicId, onControlMessage) {
   const userId = ctx.from?.id;
   if (!userId) return false;
   const pending = pendingResumes.get(userId);
@@ -12315,10 +12365,10 @@ async function handlePendingResumeInput(ctx, core, chatId, assistantTopicId) {
   }
   const resolved = core.configManager.resolveWorkspace(workspace);
   cleanupPending2(userId);
-  await executeResume(ctx, core, chatId, pending.query, resolved);
+  await executeResume(ctx, core, chatId, pending.query, resolved, onControlMessage);
   return true;
 }
-function setupResumeCallbacks(bot, core, chatId) {
+function setupResumeCallbacks(bot, core, chatId, onControlMessage) {
   bot.callbackQuery(/^m:resume:/, async (ctx) => {
     const data = ctx.callbackQuery.data;
     const userId = ctx.from?.id;
@@ -12337,7 +12387,7 @@ function setupResumeCallbacks(bot, core, chatId) {
         await ctx.api.editMessageText(chatId, pending.messageId, `\u23F3 Using <code>${escapeHtml4(resolved)}</code>...`, { parse_mode: "HTML" });
       } catch {
       }
-      await executeResume(ctx, core, chatId, pending.query, resolved);
+      await executeResume(ctx, core, chatId, pending.query, resolved, onControlMessage);
       return;
     }
     if (data === "m:resume:ws:custom") {
@@ -12368,7 +12418,7 @@ Or just the folder name (will use workspace baseDir)`,
         await ctx.api.editMessageText(chatId, pending.messageId, `\u23F3 Using <code>${escapeHtml4(resolved)}</code>...`, { parse_mode: "HTML" });
       } catch {
       }
-      await executeResume(ctx, core, chatId, pending.query, resolved);
+      await executeResume(ctx, core, chatId, pending.query, resolved, onControlMessage);
       return;
     }
   });
@@ -13719,8 +13769,9 @@ var init_switch = __esm({
 // src/plugins/telegram/commands/index.ts
 function setupCommands(bot, core, chatId, assistant) {
-  bot.command("new", (ctx) => handleNew(ctx, core, chatId, assistant));
-  bot.command("newchat", (ctx) => handleNewChat(ctx, core, chatId));
+  const onControlMessage = assistant?.setControlMessage;
+  bot.command("new", (ctx) => handleNew(ctx, core, chatId, assistant, onControlMessage));
+  bot.command("newchat", (ctx) => handleNewChat(ctx, core, chatId, onControlMessage));
   bot.command("cancel", (ctx) => handleCancel(ctx, core, assistant));
   bot.command("status", (ctx) => handleStatus(ctx, core));
   bot.command("sessions", (ctx) => handleTopics(ctx, core));
@@ -13741,12 +13792,12 @@ function setupCommands(bot, core, chatId, assistant) {
   bot.command("text_to_speech", (ctx) => handleTTS(ctx, core));
   bot.command("verbosity", (ctx) => handleVerbosity(ctx, core));
   bot.command("outputmode", (ctx) => handleOutputMode(ctx, core));
-  bot.command("resume", (ctx) => handleResume(ctx, core, chatId, assistant));
+  bot.command("resume", (ctx) => handleResume(ctx, core, chatId, assistant, onControlMessage));
   bot.command("switch", (ctx) => handleSwitch(ctx, core));
 }
-function setupAllCallbacks(bot, core, chatId, systemTopicIds, getAssistantSession) {
+function setupAllCallbacks(bot, core, chatId, systemTopicIds, getAssistantSession, onControlMessage) {
   setupNewSessionCallbacks(bot, core, chatId);
-  setupResumeCallbacks(bot, core, chatId);
+  setupResumeCallbacks(bot, core, chatId, onControlMessage);
   setupSessionCallbacks(bot, core, chatId, systemTopicIds);
   setupSettingsCallbacks(bot, core, getAssistantSession ?? (() => void 0));
   setupDoctorCallbacks(bot);
@@ -16344,6 +16395,7 @@ var init_adapter2 = __esm({
     init_log();
     init_topics2();
     init_commands3();
+    init_admin();
     init_permissions();
     init_assistant();
     init_formatting();
@@ -16388,6 +16440,29 @@ var init_adapter2 = __esm({
       callbackCounter = 0;
       /** Pending skill commands queued when session.threadId was not yet set */
       _pendingSkillCommands = /* @__PURE__ */ new Map();
+      /** Control message IDs per session (for updating status text/buttons) */
+      controlMsgIds = /* @__PURE__ */ new Map();
+      /** Store control message ID in memory + persist to session record */
+      storeControlMsgId(sessionId, msgId) {
+        this.storeControlMsgId(sessionId, msgId);
+        this.core.sessionManager.patchRecord(sessionId, {
+          platform: { controlMsgId: msgId }
+        }).catch(() => {
+        });
+      }
+      /** Get control message ID (from Map, with fallback to session record) */
+      getControlMsgId(sessionId) {
+        let msgId = this.controlMsgIds.get(sessionId);
+        if (!msgId) {
+          const record = this.core.sessionManager.getSessionRecord(sessionId);
+          const platform2 = record?.platform;
+          if (platform2?.controlMsgId) {
+            msgId = platform2.controlMsgId;
+            this.storeControlMsgId(sessionId, msgId);
+          }
+        }
+        return msgId;
+      }
       getThreadId(sessionId) {
         const threadId = this._sessionThreadIds.get(sessionId);
         if (threadId === void 0) {
@@ -16594,7 +16669,26 @@ var init_adapter2 = __esm({
             });
             await ctx.answerCallbackQuery();
             if (response.type !== "silent") {
-              await this.renderCommandResponse(response, chatId, topicId);
+              if (response.type === "menu") {
+                const keyboard = response.options.map((opt) => [
+                  {
+                    text: `${opt.label}${opt.hint ? ` \u2014 ${opt.hint}` : ""}`,
+                    callback_data: this.toCallbackData(opt.command)
+                  }
+                ]);
+                try {
+                  await ctx.editMessageText(response.title, {
+                    reply_markup: { inline_keyboard: keyboard }
+                  });
+                } catch {
+                }
+              } else if (response.type === "text" || response.type === "error") {
+                const text6 = response.type === "text" ? response.text : `\u274C ${response.message}`;
+                try {
+                  await ctx.editMessageText(text6, { parse_mode: "Markdown" });
+                } catch {
+                }
+              }
             }
           } catch {
             await ctx.answerCallbackQuery({ text: "Command failed" });
@@ -16624,6 +16718,9 @@ var init_adapter2 = __esm({
               topicId: this.assistantTopicId,
               enqueuePrompt: (p2) => this.assistantSession.enqueuePrompt(p2)
             };
+          },
+          (sessionId, msgId) => {
+            this.storeControlMsgId(sessionId, msgId);
           }
         );
         setupCommands(
@@ -16633,6 +16730,9 @@ var init_adapter2 = __esm({
           {
             topicId: this.assistantTopicId,
             getSession: () => this.assistantSession,
+            setControlMessage: (sessionId, msgId) => {
+              this.storeControlMsgId(sessionId, msgId);
+            },
             respawn: async () => {
               if (this.assistantSession) {
                 await this.assistantSession.destroy();
@@ -16696,6 +16796,10 @@ var init_adapter2 = __esm({
             }
           );
         });
+        this.core.eventBus.on("session:configChanged", ({ sessionId }) => {
+          this.updateControlMessage(sessionId).catch(() => {
+          });
+        });
         this.setupRoutes();
         this.bot.start({
           allowed_updates: ["message", "callback_query"],
@@ -16900,7 +17004,10 @@ ${lines.join("\n")}`;
             ctx,
             this.core,
             this.telegramConfig.chatId,
-            this.assistantTopicId
+            this.assistantTopicId,
+            (sessionId2, msgId) => {
+              this.storeControlMsgId(sessionId2, msgId);
+            }
           )) {
             return;
           }
@@ -17279,6 +17386,41 @@ Task completed.
           );
         }
       }
+      async handleConfigUpdate(sessionId, _content) {
+        await this.updateControlMessage(sessionId);
+      }
+      /**
+       * Edit the pinned control message to reflect current session state
+       * (model, thought level, mode, bypass status).
+       */
+      async updateControlMessage(sessionId) {
+        const session = this.core.sessionManager.getSession(sessionId);
+        if (!session) return;
+        const controlMsgId = this.getControlMsgId(sessionId);
+        if (!controlMsgId) return;
+        const threadId = Number(session.threadId);
+        if (!threadId || isNaN(threadId)) return;
+        const text6 = buildSessionStatusText(session);
+        const keyboard = buildSessionControlKeyboard(
+          sessionId,
+          isBypassActive(session),
+          session.voiceMode === "on"
+        );
+        try {
+          await this.bot.api.editMessageText(
+            this.telegramConfig.chatId,
+            controlMsgId,
+            text6,
+            { parse_mode: "HTML" }
+          );
+          await this.bot.api.editMessageReplyMarkup(
+            this.telegramConfig.chatId,
+            controlMsgId,
+            { reply_markup: keyboard }
+          );
+        } catch {
+        }
+      }
       async handleError(sessionId, content) {
         this.getTracer(sessionId)?.log("telegram", { action: "handle:error", sessionId, text: content.text });
         const threadId = this.getThreadId(sessionId);
@@ -20016,19 +20158,6 @@ var init_session_manager = __esm({
   }
 });
-// src/core/utils/bypass-detection.ts
-function isPermissionBypass(value) {
-  const lower = value.toLowerCase();
-  return BYPASS_KEYWORDS.some((kw) => lower.includes(kw));
-}
-var BYPASS_KEYWORDS;
-var init_bypass_detection = __esm({
-  "src/core/utils/bypass-detection.ts"() {
-    "use strict";
-    BYPASS_KEYWORDS = ["bypass", "dangerous", "skip", "dontask", "dont_ask", "auto_accept"];
-  }
-});
 // src/core/sessions/session-bridge.ts
 var log29, SessionBridge;
 var init_session_bridge = __esm({
@@ -23773,6 +23902,7 @@ function registerCategoryCommand(registry, core, category, commandName) {
         if (response.configOptions) {
           session.configOptions = response.configOptions;
         }
+        core.eventBus.emit("session:configChanged", { sessionId: session.id });
         return { type: "text", text: labels.successMsg(match.name, configOption.name) };
       } catch (err) {
         const msg = err instanceof Error ? err.message : String(err);
@@ -23839,9 +23969,10 @@ function registerDangerousCommand(registry, core) {
           if (response.configOptions) {
             session.configOptions = response.configOptions;
           }
+          core.eventBus.emit("session:configChanged", { sessionId: session.id });
           return {
             type: "text",
-            text: wantOn ? "\u2620\uFE0F **Bypass enabled** \u2014 all permission requests will be auto-approved. The agent can run any action without asking." : "\u{1F510} **Bypass disabled** \u2014 you will be asked to approve risky actions."
+            text: wantOn ? "\u2620\uFE0F **Bypass Permissions enabled** \u2014 all permission requests will be auto-approved. The agent can run any action without asking." : "\u{1F510} **Bypass Permissions disabled** \u2014 you will be asked to approve risky actions."
           };
         } catch (err) {
           const msg = err instanceof Error ? err.message : String(err);
@@ -23852,9 +23983,10 @@ function registerDangerousCommand(registry, core) {
       await core.sessionManager.patchRecord(session.id, {
         clientOverrides: { ...session.clientOverrides }
       });
+      core.eventBus.emit("session:configChanged", { sessionId: session.id });
       return {
         type: "text",
-        text: wantOn ? "\u2620\uFE0F **Bypass enabled** (client-side) \u2014 all permission requests will be auto-approved.\n\n_Note: This agent doesn't natively support bypass mode, so OpenACP will auto-approve on your behalf._" : "\u{1F510} **Bypass disabled** \u2014 you will be asked to approve risky actions."
+        text: wantOn ? "\u2620\uFE0F **Bypass Permissions enabled** (client-side) \u2014 all permission requests will be auto-approved.\n\n_Note: This agent doesn't natively support bypass mode, so OpenACP will auto-approve on your behalf._" : "\u{1F510} **Bypass Permissions disabled** \u2014 you will be asked to approve risky actions."
       };
     }
   });
@@ -25735,6 +25867,12 @@ async function startServer(opts) {
       removePidFile2(ctx.paths.pid);
     }
     if (exitCode === RESTART_EXIT_CODE) {
+      if (process.env.OPENACP_DEV_LOOP) {
+        const fsMod = await import("fs");
+        const osMod = await import("os");
+        const pathMod2 = await import("path");
+        fsMod.writeFileSync(pathMod2.join(osMod.tmpdir(), "openacp-dev-loop-root"), ctx.root, "utf-8");
+      }
       if (isDaemon) {
         const { spawn: spawnChild } = await import("child_process");
         const { expandHome: expandHome4 } = await Promise.resolve().then(() => (init_config2(), config_exports));
@@ -25749,7 +25887,7 @@ async function startServer(opts) {
         const child = spawnChild(process.execPath, [cliPath, "--daemon-child"], {
           detached: true,
           stdio: ["ignore", out, err],
-          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1" }
+          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1", OPENACP_INSTANCE_ROOT: ctx.root }
         });
         fs53.closeSync(out);
         fs53.closeSync(err);
@@ -25759,7 +25897,7 @@ async function startServer(opts) {
         const { spawn: spawnChild } = await import("child_process");
         const child = spawnChild(process.execPath, process.argv.slice(1), {
           stdio: "inherit",
-          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1" }
+          env: { ...process.env, OPENACP_SKIP_UPDATE_CHECK: "1", OPENACP_INSTANCE_ROOT: ctx.root }
         });
         await shutdownLogger();
         child.on("exit", (code) => process.exit(code ?? 0));
@@ -27121,7 +27259,7 @@ Installs the plugin to ~/.openacp/plugins/.
 `);
     return;
   }
-  const pkg = args2[1];
+  const pkg = args2[0];
   if (!pkg) {
     console.error("Usage: openacp install <package>");
     process.exit(1);
@@ -27160,7 +27298,7 @@ async function cmdUninstall(args2, instanceRoot) {
 `);
     return;
   }
-  const pkg = args2[1];
+  const pkg = args2[0];
   if (!pkg) {
     console.error("Usage: openacp uninstall <package>");
     process.exit(1);
@@ -27561,7 +27699,7 @@ function printApiHelp() {
 `);
 }
 async function cmdApi(args2, instanceRoot) {
-  const subCmd = args2[1];
+  const subCmd = args2[0];
   if (wantsHelp(args2) && (!subCmd || subCmd === "--help" || subCmd === "-h")) {
     printApiHelp();
     return;
@@ -27789,9 +27927,9 @@ Shows the version of the currently running daemon process.
   const call = (urlPath, options) => apiCall(port, urlPath, options, instanceRoot);
   try {
     if (subCmd === "new") {
-      const agent = args2[2];
+      const agent = args2[1];
       const workspaceIdx = args2.indexOf("--workspace");
-      const workspace = workspaceIdx !== -1 ? args2[workspaceIdx + 1] : args2[3];
+      const workspace = workspaceIdx !== -1 ? args2[workspaceIdx + 1] : args2[2];
       const channelIdx = args2.indexOf("--channel");
       const channel = channelIdx !== -1 ? args2[channelIdx + 1] : void 0;
       const body = {};
@@ -27814,7 +27952,7 @@ Shows the version of the currently running daemon process.
       console.log(`  Workspace : ${data.workspace}`);
       console.log(`  Status    : ${data.status}`);
     } else if (subCmd === "cancel") {
-      const sessionId = args2[2];
+      const sessionId = args2[1];
       if (!sessionId) {
         console.error("Usage: openacp api cancel <session-id>");
         process.exit(1);
@@ -27867,7 +28005,7 @@ Shows the version of the currently running daemon process.
         }
       }
     } else if (subCmd === "delete-topic") {
-      const sessionId = args2[2];
+      const sessionId = args2[1];
       if (!sessionId) {
         console.error("Usage: openacp api delete-topic <session-id> [--force]");
         process.exit(1);
@@ -27907,12 +28045,12 @@ Shows the version of the currently running daemon process.
         }
       }
     } else if (subCmd === "send") {
-      const sessionId = args2[2];
+      const sessionId = args2[1];
       if (!sessionId) {
         console.error("Usage: openacp api send <session-id> <prompt>");
         process.exit(1);
       }
-      const prompt = args2.slice(3).join(" ");
+      const prompt = args2.slice(2).join(" ");
       if (!prompt) {
         console.error("Usage: openacp api send <session-id> <prompt>");
         process.exit(1);
@@ -27929,7 +28067,7 @@ Shows the version of the currently running daemon process.
       }
       console.log(`Prompt sent to session ${sessionId} (queue depth: ${data.queueDepth})`);
     } else if (subCmd === "session") {
-      const sessionId = args2[2];
+      const sessionId = args2[1];
       if (!sessionId) {
         console.error("Usage: openacp api session <session-id>");
         process.exit(1);
@@ -27954,12 +28092,12 @@ Shows the version of the currently running daemon process.
       console.log(`  Channel        : ${s.channelId ?? "(none)"}`);
       console.log(`  Thread         : ${s.threadId ?? "(none)"}`);
     } else if (subCmd === "dangerous" || subCmd === "bypass") {
-      const sessionId = args2[2];
+      const sessionId = args2[1];
       if (!sessionId) {
         console.error("Usage: openacp api bypass <session-id> [on|off]");
         process.exit(1);
       }
-      const toggle = args2[3];
+      const toggle = args2[2];
       if (!toggle || toggle !== "on" && toggle !== "off") {
         console.error("Usage: openacp api bypass <session-id> [on|off]");
         process.exit(1);
@@ -28010,7 +28148,7 @@ Shows the version of the currently running daemon process.
       console.log("Restart signal sent. OpenACP is restarting...");
     } else if (subCmd === "config") {
       console.warn('\u26A0\uFE0F  Deprecated: use "openacp config" or "openacp config set" instead.');
-      const subSubCmd = args2[2];
+      const subSubCmd = args2[1];
       if (!subSubCmd) {
         const res = await call("/api/config");
         const data = await res.json();
@@ -28020,8 +28158,8 @@ Shows the version of the currently running daemon process.
         }
         console.log(JSON.stringify(data.config, null, 2));
       } else if (subSubCmd === "set") {
-        const configPath = args2[3];
-        const configValue = args2[4];
+        const configPath = args2[2];
+        const configValue = args2[3];
         if (!configPath || configValue === void 0) {
           console.error("Usage: openacp api config set <path> <value>");
           process.exit(1);
@@ -28076,7 +28214,7 @@ Shows the version of the currently running daemon process.
         console.log("Tunnel: not enabled");
       }
     } else if (subCmd === "notify") {
-      const message = args2.slice(2).join(" ");
+      const message = args2.slice(1).join(" ");
       if (!message) {
         console.error("Usage: openacp api notify <message>");
         process.exit(1);
@@ -28101,12 +28239,12 @@ Shows the version of the currently running daemon process.
       }
       console.log(`Daemon version: ${data.version}`);
     } else if (subCmd === "session-config") {
-      const sessionId = args2[2];
+      const sessionId = args2[1];
       if (!sessionId) {
         console.error("Usage: openacp api session-config <session-id> [set <opt> <value> | overrides | dangerous [on|off]]");
         process.exit(1);
       }
-      const configSubCmd = args2[3];
+      const configSubCmd = args2[2];
       if (!configSubCmd || configSubCmd === "list") {
         const res = await call(`/api/sessions/${encodeURIComponent(sessionId)}/config`);
         const data = await res.json();
@@ -28144,8 +28282,8 @@ Shows the version of the currently running daemon process.
 Client overrides: ${JSON.stringify(clientOverrides)}`);
         }
       } else if (configSubCmd === "set") {
-        const configId = args2[4];
-        const value = args2[5];
+        const configId = args2[3];
+        const value = args2[4];
         if (!configId || value === void 0) {
           console.error("Usage: openacp api session-config <session-id> set <config-id> <value>");
           process.exit(1);
@@ -28183,7 +28321,7 @@ Client overrides: ${JSON.stringify(clientOverrides)}`);
           }
         }
       } else if (configSubCmd === "dangerous") {
-        const toggle = args2[4];
+        const toggle = args2[3];
         if (toggle && toggle !== "on" && toggle !== "off") {
           console.error("Usage: openacp api session-config <session-id> dangerous [on|off]");
           process.exit(1);
@@ -28318,7 +28456,7 @@ init_api_client();
 init_helpers();
 import * as pathMod from "path";
 async function cmdConfig(args2 = [], instanceRoot) {
-  const subCmd = args2[1];
+  const subCmd = args2[0];
   if (wantsHelp(args2) && subCmd === "set") {
     console.log(`
 \x1B[1mopenacp config set\x1B[0m \u2014 Set a config value directly
@@ -28366,8 +28504,8 @@ the API for live updates. When stopped, edits config file directly.
     return;
   }
   if (subCmd === "set") {
-    const configPath = args2[2];
-    const configValue = args2[3];
+    const configPath = args2[1];
+    const configValue = args2[2];
     if (!configPath || configValue === void 0) {
       console.error("Usage: openacp config set <path> <value>");
       process.exit(1);
@@ -28540,8 +28678,8 @@ as a messaging thread. Requires a running daemon.
 `);
     return;
   }
-  const agent = args2[1];
-  const sessionId = args2[2];
+  const agent = args2[0];
+  const sessionId = args2[1];
   if (!agent || !sessionId) {
     console.log("Usage: openacp adopt <agent> <session_id> [--cwd <path>] [--channel <name>]");
     console.log("Example: openacp adopt claude abc123-def456 --cwd /path/to/project");
@@ -28611,7 +28749,7 @@ a "Handoff" slash command to Claude Code.
     return;
   }
   const { getIntegration: getIntegration2, listIntegrations: listIntegrations2 } = await Promise.resolve().then(() => (init_integrate(), integrate_exports));
-  const agent = args2[1];
+  const agent = args2[0];
   const uninstall = args2.includes("--uninstall");
   if (!agent) {
     console.log("Usage: openacp integrate <agent> [--uninstall]");
@@ -28674,7 +28812,7 @@ Fixable issues can be auto-repaired when not using --dry-run.
     return;
   }
   const knownFlags = ["--dry-run"];
-  const unknownFlags = args2.slice(1).filter(
+  const unknownFlags = args2.filter(
     (a) => a.startsWith("--") && !knownFlags.includes(a)
   );
   if (unknownFlags.length > 0) {
@@ -28744,7 +28882,7 @@ async function createCatalog(instanceRoot) {
   return new AgentCatalog2();
 }
 async function cmdAgents(args2, instanceRoot) {
-  const subcommand = args2[1];
+  const subcommand = args2[0];
   if (wantsHelp(args2) && (!subcommand || subcommand === "--help" || subcommand === "-h")) {
     console.log(`
 \x1B[1mopenacp agents\x1B[0m \u2014 Manage AI coding agents
@@ -28771,9 +28909,9 @@ async function cmdAgents(args2, instanceRoot) {
   }
   switch (subcommand) {
     case "install":
-      return agentsInstall(args2[2], args2.includes("--force"), wantsHelp(args2), instanceRoot);
+      return agentsInstall(args2[1], args2.includes("--force"), wantsHelp(args2), instanceRoot);
     case "uninstall":
-      return agentsUninstall(args2[2], wantsHelp(args2), instanceRoot);
+      return agentsUninstall(args2[1], wantsHelp(args2), instanceRoot);
     case "refresh":
       if (wantsHelp(args2)) {
         console.log(`
@@ -28789,9 +28927,9 @@ bypassing the normal staleness check.
       }
       return agentsRefresh(instanceRoot);
     case "info":
-      return agentsInfo(args2[2], wantsHelp(args2), instanceRoot);
+      return agentsInfo(args2[1], wantsHelp(args2), instanceRoot);
     case "run":
-      return agentsRun(args2[2], args2.slice(3), wantsHelp(args2), instanceRoot);
+      return agentsRun(args2[1], args2.slice(2), wantsHelp(args2), instanceRoot);
     case "list":
     case void 0:
       return agentsList(instanceRoot);
@@ -29132,7 +29270,7 @@ ACP-specific flags are automatically stripped.
 // src/cli/commands/tunnel.ts
 init_api_client();
 async function cmdTunnel(args2, instanceRoot) {
-  const subCmd = args2[1];
+  const subCmd = args2[0];
   const port = readApiPort(void 0, instanceRoot);
   if (port === null) {
     console.error("OpenACP is not running. Start with `openacp start`");
@@ -29141,7 +29279,7 @@ async function cmdTunnel(args2, instanceRoot) {
   const call = (urlPath, options) => apiCall(port, urlPath, options, instanceRoot);
   try {
     if (subCmd === "add") {
-      const tunnelPort = args2[2];
+      const tunnelPort = args2[1];
       if (!tunnelPort) {
         console.error("Usage: openacp tunnel add <port> [--label name] [--session id]");
         process.exit(1);
@@ -29179,7 +29317,7 @@ async function cmdTunnel(args2, instanceRoot) {
         if (t.publicUrl) console.log(`     \u2192 ${t.publicUrl}`);
       }
     } else if (subCmd === "stop") {
-      const tunnelPort = args2[2];
+      const tunnelPort = args2[1];
       if (!tunnelPort) {
         console.error("Usage: openacp tunnel stop <port>");
         process.exit(1);
@@ -29401,7 +29539,7 @@ async function cmdDev(args2 = []) {
 `);
     return;
   }
-  const pluginPathArg = args2.slice(1).find((a) => !a.startsWith("--"));
+  const pluginPathArg = args2.find((a) => !a.startsWith("--"));
   const noWatch = args2.includes("--no-watch");
   const verbose = args2.includes("--verbose");
   if (!pluginPathArg) {