@opengsd/gsd-pi 1.2.0-dev.955e4da0 → 1.2.0-dev.9ad8ae33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (575) hide show
  1. package/dist/cli-style.d.ts +17 -0
  2. package/dist/cli-style.js +28 -0
  3. package/dist/cli.js +1 -1
  4. package/dist/headless-events.d.ts +4 -2
  5. package/dist/headless-events.js +14 -34
  6. package/dist/mcp-server.js +2 -1
  7. package/dist/models-resolver.d.ts +3 -13
  8. package/dist/models-resolver.js +3 -22
  9. package/dist/resource-loader.d.ts +10 -5
  10. package/dist/resource-loader.js +123 -20
  11. package/dist/resources/.managed-resources-content-hash +1 -1
  12. package/dist/resources/GSD-WORKFLOW.md +5 -4
  13. package/dist/resources/extensions/async-jobs/async-bash-tool.js +30 -64
  14. package/dist/resources/extensions/async-jobs/await-tool.js +80 -12
  15. package/dist/resources/extensions/async-jobs/index.js +65 -0
  16. package/dist/resources/extensions/async-jobs/job-manager.js +12 -1
  17. package/dist/resources/extensions/bg-shell/bg-shell-command.js +6 -6
  18. package/dist/resources/extensions/bg-shell/bg-shell-tool.js +10 -7
  19. package/dist/resources/extensions/bg-shell/overlay.js +9 -6
  20. package/dist/resources/extensions/bg-shell/process-manager.js +54 -25
  21. package/dist/resources/extensions/bg-shell/readiness-detector.js +11 -0
  22. package/dist/resources/extensions/bg-shell/utilities.js +3 -0
  23. package/dist/resources/extensions/browser-tools/engine/managed-gsd-browser.js +209 -88
  24. package/dist/resources/extensions/browser-tools/engine/selection.js +73 -5
  25. package/dist/resources/extensions/browser-tools/index.js +69 -12
  26. package/dist/resources/extensions/claude-code-cli/stream-adapter.js +30 -4
  27. package/dist/resources/extensions/gsd/auto/custom-verify-retry-store.js +17 -2
  28. package/dist/resources/extensions/gsd/auto/detect-stuck.js +33 -13
  29. package/dist/resources/extensions/gsd/auto/dispatch-history.js +105 -0
  30. package/dist/resources/extensions/gsd/auto/dispatch-key.js +37 -0
  31. package/dist/resources/extensions/gsd/auto/loop.js +4 -1
  32. package/dist/resources/extensions/gsd/auto/orchestrator.js +89 -54
  33. package/dist/resources/extensions/gsd/auto/phases.js +49 -6
  34. package/dist/resources/extensions/gsd/auto/session.js +3 -0
  35. package/dist/resources/extensions/gsd/auto-direct-dispatch.js +11 -34
  36. package/dist/resources/extensions/gsd/auto-dispatch.js +50 -58
  37. package/dist/resources/extensions/gsd/auto-model-selection.js +36 -13
  38. package/dist/resources/extensions/gsd/auto-post-unit.js +35 -8
  39. package/dist/resources/extensions/gsd/auto-prompts.js +81 -19
  40. package/dist/resources/extensions/gsd/auto-start.js +41 -18
  41. package/dist/resources/extensions/gsd/auto-tool-tracking.js +18 -0
  42. package/dist/resources/extensions/gsd/auto-unit-closeout.js +45 -21
  43. package/dist/resources/extensions/gsd/auto-unit-tool-scope.js +12 -20
  44. package/dist/resources/extensions/gsd/auto-verification.js +23 -30
  45. package/dist/resources/extensions/gsd/auto-worktree.js +44 -91
  46. package/dist/resources/extensions/gsd/auto.js +41 -14
  47. package/dist/resources/extensions/gsd/blocked-models.js +28 -0
  48. package/dist/resources/extensions/gsd/bootstrap/agent-end-recovery.js +29 -8
  49. package/dist/resources/extensions/gsd/bootstrap/dynamic-tools.js +23 -6
  50. package/dist/resources/extensions/gsd/bootstrap/exec-tools.js +2 -2
  51. package/dist/resources/extensions/gsd/bootstrap/register-extension.js +19 -0
  52. package/dist/resources/extensions/gsd/bootstrap/register-hooks.js +212 -48
  53. package/dist/resources/extensions/gsd/bootstrap/write-gate.js +303 -77
  54. package/dist/resources/extensions/gsd/branch-patterns.js +2 -0
  55. package/dist/resources/extensions/gsd/browser-daemon-auto-prep.js +83 -0
  56. package/dist/resources/extensions/gsd/browser-evidence.js +8 -2
  57. package/dist/resources/extensions/gsd/captures.js +4 -6
  58. package/dist/resources/extensions/gsd/closeout-wizard.js +92 -0
  59. package/dist/resources/extensions/gsd/commands/context.js +16 -2
  60. package/dist/resources/extensions/gsd/commands-handlers.js +46 -3
  61. package/dist/resources/extensions/gsd/consent-question.js +353 -0
  62. package/dist/resources/extensions/gsd/consent-verdict.js +63 -0
  63. package/dist/resources/extensions/gsd/constants.js +0 -2
  64. package/dist/resources/extensions/gsd/crash-recovery.js +12 -15
  65. package/dist/resources/extensions/gsd/db/queries.js +26 -0
  66. package/dist/resources/extensions/gsd/db-writer.js +8 -17
  67. package/dist/resources/extensions/gsd/dispatch-guard.js +10 -35
  68. package/dist/resources/extensions/gsd/doctor-engine-checks.js +5 -5
  69. package/dist/resources/extensions/gsd/doctor-environment.js +2 -6
  70. package/dist/resources/extensions/gsd/doctor-format.js +9 -6
  71. package/dist/resources/extensions/gsd/doctor-git-checks.js +2 -18
  72. package/dist/resources/extensions/gsd/doctor-runtime-checks.js +13 -15
  73. package/dist/resources/extensions/gsd/engine-hook-contract.js +70 -0
  74. package/dist/resources/extensions/gsd/error-classifier.js +9 -0
  75. package/dist/resources/extensions/gsd/exec-sandbox.js +30 -10
  76. package/dist/resources/extensions/gsd/files.js +33 -19
  77. package/dist/resources/extensions/gsd/gsd-command-home.js +22 -12
  78. package/dist/resources/extensions/gsd/gsd-db.js +2 -1
  79. package/dist/resources/extensions/gsd/guidance.js +158 -0
  80. package/dist/resources/extensions/gsd/guided-flow.js +23 -5
  81. package/dist/resources/extensions/gsd/markdown-renderer.js +10 -0
  82. package/dist/resources/extensions/gsd/mcp-filter.js +2 -19
  83. package/dist/resources/extensions/gsd/mcp-tool-name.js +5 -13
  84. package/dist/resources/extensions/gsd/memory-consolidation-scanner.js +1 -1
  85. package/dist/resources/extensions/gsd/migrate/safety.js +4 -1
  86. package/dist/resources/extensions/gsd/milestone-closeout.js +85 -24
  87. package/dist/resources/extensions/gsd/milestone-planning-persistence.js +2 -2
  88. package/dist/resources/extensions/gsd/milestone-reopen-events.js +3 -5
  89. package/dist/resources/extensions/gsd/notification-store.js +11 -4
  90. package/dist/resources/extensions/gsd/parallel-monitor-overlay.js +6 -4
  91. package/dist/resources/extensions/gsd/parsers-legacy.js +16 -4
  92. package/dist/resources/extensions/gsd/paths.js +27 -0
  93. package/dist/resources/extensions/gsd/pre-execution-checks.js +91 -3
  94. package/dist/resources/extensions/gsd/preferences-models.js +14 -48
  95. package/dist/resources/extensions/gsd/projection-flush.js +7 -0
  96. package/dist/resources/extensions/gsd/prompts/complete-slice.md +3 -3
  97. package/dist/resources/extensions/gsd/prompts/execute-task.md +1 -1
  98. package/dist/resources/extensions/gsd/prompts/plan-milestone.md +1 -1
  99. package/dist/resources/extensions/gsd/prompts/plan-slice.md +2 -2
  100. package/dist/resources/extensions/gsd/prompts/quick-task.md +1 -1
  101. package/dist/resources/extensions/gsd/prompts/reassess-roadmap.md +1 -1
  102. package/dist/resources/extensions/gsd/prompts/refine-slice.md +2 -2
  103. package/dist/resources/extensions/gsd/prompts/replan-slice.md +2 -2
  104. package/dist/resources/extensions/gsd/prompts/research-milestone.md +1 -1
  105. package/dist/resources/extensions/gsd/prompts/research-slice.md +1 -1
  106. package/dist/resources/extensions/gsd/prompts/rewrite-docs.md +1 -1
  107. package/dist/resources/extensions/gsd/prompts/run-uat.md +7 -5
  108. package/dist/resources/extensions/gsd/prompts/system.md +5 -2
  109. package/dist/resources/extensions/gsd/prompts/triage-captures.md +1 -1
  110. package/dist/resources/extensions/gsd/prompts/validate-milestone.md +1 -1
  111. package/dist/resources/extensions/gsd/provider-error-guidance.js +1 -5
  112. package/dist/resources/extensions/gsd/provider-switch-observer.js +1 -1
  113. package/dist/resources/extensions/gsd/publication.js +87 -0
  114. package/dist/resources/extensions/gsd/reactive-graph.js +8 -1
  115. package/dist/resources/extensions/gsd/recovery-classification.js +37 -94
  116. package/dist/resources/extensions/gsd/roadmap-slices.js +25 -3
  117. package/dist/resources/extensions/gsd/safety/destructive-confirmation.js +108 -0
  118. package/dist/resources/extensions/gsd/session-lock.js +1 -1
  119. package/dist/resources/extensions/gsd/state.js +6 -20
  120. package/dist/resources/extensions/gsd/stop-notice.js +57 -0
  121. package/dist/resources/extensions/gsd/tool-contract.js +14 -3
  122. package/dist/resources/extensions/gsd/tool-presentation-plan.js +4 -4
  123. package/dist/resources/extensions/gsd/tool-surface-readiness.js +56 -0
  124. package/dist/resources/extensions/gsd/tools/complete-milestone.js +3 -2
  125. package/dist/resources/extensions/gsd/tools/complete-slice.js +22 -12
  126. package/dist/resources/extensions/gsd/tools/complete-task.js +3 -2
  127. package/dist/resources/extensions/gsd/tools/exec-tool.js +9 -7
  128. package/dist/resources/extensions/gsd/tools/plan-slice.js +14 -8
  129. package/dist/resources/extensions/gsd/tools/plan-task.js +2 -2
  130. package/dist/resources/extensions/gsd/tools/reassess-roadmap.js +2 -2
  131. package/dist/resources/extensions/gsd/tools/reopen-milestone.js +2 -2
  132. package/dist/resources/extensions/gsd/tools/reopen-slice.js +2 -2
  133. package/dist/resources/extensions/gsd/tools/reopen-task.js +2 -2
  134. package/dist/resources/extensions/gsd/tools/replan-slice.js +2 -2
  135. package/dist/resources/extensions/gsd/tools/workflow-tool-executors.js +67 -2
  136. package/dist/resources/extensions/gsd/uat-policy.js +42 -16
  137. package/dist/resources/extensions/gsd/unit-closeout.js +138 -0
  138. package/dist/resources/extensions/gsd/unit-context-composer.js +74 -1
  139. package/dist/resources/extensions/gsd/unit-context-manifest.js +4 -27
  140. package/dist/resources/extensions/gsd/unit-registry.js +337 -0
  141. package/dist/resources/extensions/gsd/unit-tool-contracts.js +9 -182
  142. package/dist/resources/extensions/gsd/verdict-parser.js +1 -1
  143. package/dist/resources/extensions/gsd/verification-verdict.js +2 -1
  144. package/dist/resources/extensions/gsd/web-app-uat.js +45 -8
  145. package/dist/resources/extensions/gsd/workflow-event-ledger.js +91 -0
  146. package/dist/resources/extensions/gsd/workflow-event-vocabulary.js +46 -0
  147. package/dist/resources/extensions/gsd/workflow-events.js +6 -18
  148. package/dist/resources/extensions/gsd/workflow-reconcile.js +21 -56
  149. package/dist/resources/extensions/gsd/workflow-tool-surface.js +1 -1
  150. package/dist/resources/extensions/gsd/worktree-git-recovery.js +15 -9
  151. package/dist/resources/extensions/gsd/worktree-lifecycle.js +3 -2
  152. package/dist/resources/extensions/gsd/worktree-manager.js +7 -1
  153. package/dist/resources/extensions/gsd/worktree-root.js +11 -0
  154. package/dist/resources/extensions/gsd/worktree-session-state.js +4 -5
  155. package/dist/resources/extensions/gsd/worktree.js +8 -1
  156. package/dist/resources/extensions/search-the-web/native-search.js +5 -3
  157. package/dist/resources/extensions/shared/browser-contract.js +59 -0
  158. package/dist/resources/extensions/shared/gsd-browser-cli.js +116 -6
  159. package/dist/resources/shared/gsd-browser-path-sync.js +214 -0
  160. package/dist/resources/shared/package-manager-detection.js +1 -1
  161. package/dist/resources/shared/package.json +3 -0
  162. package/dist/resources/skills/create-skill/SKILL.md +3 -0
  163. package/dist/resources/skills/create-skill/references/executable-code.md +1 -1
  164. package/dist/resources/skills/create-skill/references/skill-structure.md +1 -0
  165. package/dist/resources/skills/create-skill/workflows/add-reference.md +8 -3
  166. package/dist/resources/skills/create-skill/workflows/add-script.md +4 -2
  167. package/dist/resources/skills/create-skill/workflows/add-template.md +3 -1
  168. package/dist/resources/skills/create-skill/workflows/add-workflow.md +8 -3
  169. package/dist/resources/skills/create-skill/workflows/upgrade-to-router.md +10 -5
  170. package/dist/resources/skills/create-skill/workflows/verify-skill.md +9 -4
  171. package/dist/resources/skills/spike-wrap-up/SKILL.md +9 -9
  172. package/dist/tsconfig.extensions.tsbuildinfo +1 -1
  173. package/dist/update-check.d.ts +2 -0
  174. package/dist/update-check.js +24 -1
  175. package/dist/update-cmd.js +20 -3
  176. package/dist/web/standalone/.next/BUILD_ID +1 -1
  177. package/dist/web/standalone/.next/app-path-routes-manifest.json +13 -13
  178. package/dist/web/standalone/.next/build-manifest.json +3 -3
  179. package/dist/web/standalone/.next/prerender-manifest.json +3 -3
  180. package/dist/web/standalone/.next/react-loadable-manifest.json +1 -1
  181. package/dist/web/standalone/.next/server/app/_global-error.html +1 -1
  182. package/dist/web/standalone/.next/server/app/_global-error.rsc +1 -1
  183. package/dist/web/standalone/.next/server/app/_global-error.segments/_full.segment.rsc +1 -1
  184. package/dist/web/standalone/.next/server/app/_global-error.segments/_global-error/__PAGE__.segment.rsc +1 -1
  185. package/dist/web/standalone/.next/server/app/_global-error.segments/_global-error.segment.rsc +1 -1
  186. package/dist/web/standalone/.next/server/app/_global-error.segments/_head.segment.rsc +1 -1
  187. package/dist/web/standalone/.next/server/app/_global-error.segments/_index.segment.rsc +1 -1
  188. package/dist/web/standalone/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
  189. package/dist/web/standalone/.next/server/app/_not-found.html +1 -1
  190. package/dist/web/standalone/.next/server/app/_not-found.rsc +1 -1
  191. package/dist/web/standalone/.next/server/app/_not-found.segments/_full.segment.rsc +1 -1
  192. package/dist/web/standalone/.next/server/app/_not-found.segments/_head.segment.rsc +1 -1
  193. package/dist/web/standalone/.next/server/app/_not-found.segments/_index.segment.rsc +1 -1
  194. package/dist/web/standalone/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +1 -1
  195. package/dist/web/standalone/.next/server/app/_not-found.segments/_not-found.segment.rsc +1 -1
  196. package/dist/web/standalone/.next/server/app/_not-found.segments/_tree.segment.rsc +1 -1
  197. package/dist/web/standalone/.next/server/app/api/update/route.js +1 -1
  198. package/dist/web/standalone/.next/server/app/api/update/route.js.nft.json +1 -1
  199. package/dist/web/standalone/.next/server/app/index.html +1 -1
  200. package/dist/web/standalone/.next/server/app/index.rsc +1 -1
  201. package/dist/web/standalone/.next/server/app/index.segments/__PAGE__.segment.rsc +1 -1
  202. package/dist/web/standalone/.next/server/app/index.segments/_full.segment.rsc +1 -1
  203. package/dist/web/standalone/.next/server/app/index.segments/_head.segment.rsc +1 -1
  204. package/dist/web/standalone/.next/server/app/index.segments/_index.segment.rsc +1 -1
  205. package/dist/web/standalone/.next/server/app/index.segments/_tree.segment.rsc +1 -1
  206. package/dist/web/standalone/.next/server/app-paths-manifest.json +13 -13
  207. package/dist/web/standalone/.next/server/chunks/5124.js +1 -1
  208. package/dist/web/standalone/.next/server/chunks/8357.js +2 -2
  209. package/dist/web/standalone/.next/server/middleware-build-manifest.js +1 -1
  210. package/dist/web/standalone/.next/server/middleware-react-loadable-manifest.js +1 -1
  211. package/dist/web/standalone/.next/server/pages/404.html +1 -1
  212. package/dist/web/standalone/.next/server/pages/500.html +1 -1
  213. package/dist/web/standalone/.next/server/server-reference-manifest.json +1 -1
  214. package/dist/web/standalone/.next/static/chunks/{796.cf859a427a2cb2ac.js → 796.e0bdc932325d7e03.js} +1 -1
  215. package/dist/web/standalone/.next/static/chunks/{webpack-fbea77b5f9953368.js → webpack-f0285ce91d4ec9ef.js} +1 -1
  216. package/dist/web/standalone/node_modules/node-pty/build/Makefile +1 -1
  217. package/dist/web/standalone/package.json +1 -1
  218. package/dist/worktree-cli.js +3 -6
  219. package/dist/worktree-status-banner.js +7 -15
  220. package/package.json +2 -2
  221. package/packages/cloud-mcp-gateway/package.json +2 -2
  222. package/packages/contracts/dist/rpc.d.ts +1 -0
  223. package/packages/contracts/dist/rpc.d.ts.map +1 -1
  224. package/packages/contracts/dist/rpc.js.map +1 -1
  225. package/packages/contracts/dist/workflow.d.ts +4 -0
  226. package/packages/contracts/dist/workflow.d.ts.map +1 -1
  227. package/packages/contracts/dist/workflow.js.map +1 -1
  228. package/packages/contracts/package.json +1 -1
  229. package/packages/daemon/package.json +4 -4
  230. package/packages/gsd-agent-core/package.json +5 -5
  231. package/packages/gsd-agent-modes/dist/modes/interactive/components/tool-execution.d.ts +5 -0
  232. package/packages/gsd-agent-modes/dist/modes/interactive/components/tool-execution.d.ts.map +1 -1
  233. package/packages/gsd-agent-modes/dist/modes/interactive/components/tool-execution.js +5 -0
  234. package/packages/gsd-agent-modes/dist/modes/interactive/components/tool-execution.js.map +1 -1
  235. package/packages/gsd-agent-modes/dist/modes/interactive/controllers/chat-controller.d.ts.map +1 -1
  236. package/packages/gsd-agent-modes/dist/modes/interactive/controllers/chat-controller.js +7 -0
  237. package/packages/gsd-agent-modes/dist/modes/interactive/controllers/chat-controller.js.map +1 -1
  238. package/packages/gsd-agent-modes/dist/modes/interactive/controllers/input-controller.d.ts.map +1 -1
  239. package/packages/gsd-agent-modes/dist/modes/interactive/controllers/input-controller.js +8 -1
  240. package/packages/gsd-agent-modes/dist/modes/interactive/controllers/input-controller.js.map +1 -1
  241. package/packages/gsd-agent-modes/dist/modes/interactive/interactive-chat-render.d.ts.map +1 -1
  242. package/packages/gsd-agent-modes/dist/modes/interactive/interactive-chat-render.js +11 -1
  243. package/packages/gsd-agent-modes/dist/modes/interactive/interactive-chat-render.js.map +1 -1
  244. package/packages/gsd-agent-modes/dist/modes/interactive/interactive-selectors-auth.d.ts.map +1 -1
  245. package/packages/gsd-agent-modes/dist/modes/interactive/interactive-selectors-auth.js +4 -4
  246. package/packages/gsd-agent-modes/dist/modes/interactive/interactive-selectors-auth.js.map +1 -1
  247. package/packages/gsd-agent-modes/dist/modes/rpc/rpc-mode.d.ts.map +1 -1
  248. package/packages/gsd-agent-modes/dist/modes/rpc/rpc-mode.js +3 -1
  249. package/packages/gsd-agent-modes/dist/modes/rpc/rpc-mode.js.map +1 -1
  250. package/packages/gsd-agent-modes/package.json +7 -7
  251. package/packages/mcp-server/dist/cli.js +9 -1
  252. package/packages/mcp-server/dist/cli.js.map +1 -1
  253. package/packages/mcp-server/dist/moonshot-tool-schema.d.ts +29 -0
  254. package/packages/mcp-server/dist/moonshot-tool-schema.d.ts.map +1 -0
  255. package/packages/mcp-server/dist/moonshot-tool-schema.js +50 -0
  256. package/packages/mcp-server/dist/moonshot-tool-schema.js.map +1 -0
  257. package/packages/mcp-server/dist/server.d.ts.map +1 -1
  258. package/packages/mcp-server/dist/server.js +4 -0
  259. package/packages/mcp-server/dist/server.js.map +1 -1
  260. package/packages/mcp-server/dist/workflow-tools.d.ts +26 -18
  261. package/packages/mcp-server/dist/workflow-tools.d.ts.map +1 -1
  262. package/packages/mcp-server/dist/workflow-tools.js +116 -39
  263. package/packages/mcp-server/dist/workflow-tools.js.map +1 -1
  264. package/packages/mcp-server/package.json +5 -4
  265. package/packages/native/package.json +1 -1
  266. package/packages/pi-agent-core/dist/harness/env/nodejs.d.ts +1 -0
  267. package/packages/pi-agent-core/dist/harness/env/nodejs.d.ts.map +1 -1
  268. package/packages/pi-agent-core/dist/harness/env/nodejs.js +34 -3
  269. package/packages/pi-agent-core/dist/harness/env/nodejs.js.map +1 -1
  270. package/packages/pi-agent-core/dist/index.d.ts +1 -0
  271. package/packages/pi-agent-core/dist/index.d.ts.map +1 -1
  272. package/packages/pi-agent-core/dist/index.js +3 -0
  273. package/packages/pi-agent-core/dist/index.js.map +1 -1
  274. package/packages/pi-agent-core/package.json +1 -1
  275. package/packages/pi-ai/README.md +1 -0
  276. package/packages/pi-ai/dist/image-models.generated.d.ts +2 -2
  277. package/packages/pi-ai/dist/image-models.generated.js +6 -6
  278. package/packages/pi-ai/dist/image-models.generated.js.map +1 -1
  279. package/packages/pi-ai/dist/index.d.ts +2 -0
  280. package/packages/pi-ai/dist/index.d.ts.map +1 -1
  281. package/packages/pi-ai/dist/index.js +2 -0
  282. package/packages/pi-ai/dist/index.js.map +1 -1
  283. package/packages/pi-ai/dist/models.generated.d.ts +35 -125
  284. package/packages/pi-ai/dist/models.generated.d.ts.map +1 -1
  285. package/packages/pi-ai/dist/models.generated.js +46 -120
  286. package/packages/pi-ai/dist/models.generated.js.map +1 -1
  287. package/packages/pi-ai/dist/providers/anthropic.d.ts.map +1 -1
  288. package/packages/pi-ai/dist/providers/anthropic.js +12 -7
  289. package/packages/pi-ai/dist/providers/anthropic.js.map +1 -1
  290. package/packages/pi-ai/dist/providers/google-shared.d.ts +5 -0
  291. package/packages/pi-ai/dist/providers/google-shared.d.ts.map +1 -1
  292. package/packages/pi-ai/dist/providers/google-shared.js +12 -3
  293. package/packages/pi-ai/dist/providers/google-shared.js.map +1 -1
  294. package/packages/pi-ai/dist/providers/openai-completions.d.ts.map +1 -1
  295. package/packages/pi-ai/dist/providers/openai-completions.js +7 -3
  296. package/packages/pi-ai/dist/providers/openai-completions.js.map +1 -1
  297. package/packages/pi-ai/dist/utils/moonshot-tool-schema.d.ts +9 -0
  298. package/packages/pi-ai/dist/utils/moonshot-tool-schema.d.ts.map +1 -0
  299. package/packages/pi-ai/dist/utils/moonshot-tool-schema.js +34 -0
  300. package/packages/pi-ai/dist/utils/moonshot-tool-schema.js.map +1 -0
  301. package/packages/pi-ai/dist/utils/oauth/github-copilot.d.ts.map +1 -1
  302. package/packages/pi-ai/dist/utils/oauth/github-copilot.js +6 -2
  303. package/packages/pi-ai/dist/utils/oauth/github-copilot.js.map +1 -1
  304. package/packages/pi-ai/package.json +3 -2
  305. package/packages/pi-coding-agent/dist/core/auth-storage.d.ts +2 -2
  306. package/packages/pi-coding-agent/dist/core/auth-storage.d.ts.map +1 -1
  307. package/packages/pi-coding-agent/dist/core/auth-storage.js +19 -13
  308. package/packages/pi-coding-agent/dist/core/auth-storage.js.map +1 -1
  309. package/packages/pi-coding-agent/dist/core/provider-readiness.d.ts.map +1 -1
  310. package/packages/pi-coding-agent/dist/core/provider-readiness.js +13 -6
  311. package/packages/pi-coding-agent/dist/core/provider-readiness.js.map +1 -1
  312. package/packages/pi-coding-agent/dist/core/tools/bash.d.ts +11 -0
  313. package/packages/pi-coding-agent/dist/core/tools/bash.d.ts.map +1 -1
  314. package/packages/pi-coding-agent/dist/core/tools/bash.js +53 -11
  315. package/packages/pi-coding-agent/dist/core/tools/bash.js.map +1 -1
  316. package/packages/pi-coding-agent/dist/index.d.ts +1 -1
  317. package/packages/pi-coding-agent/dist/index.d.ts.map +1 -1
  318. package/packages/pi-coding-agent/dist/index.js +1 -1
  319. package/packages/pi-coding-agent/dist/index.js.map +1 -1
  320. package/packages/pi-coding-agent/dist/utils/shell.d.ts +28 -2
  321. package/packages/pi-coding-agent/dist/utils/shell.d.ts.map +1 -1
  322. package/packages/pi-coding-agent/dist/utils/shell.js +56 -10
  323. package/packages/pi-coding-agent/dist/utils/shell.js.map +1 -1
  324. package/packages/pi-coding-agent/package.json +7 -7
  325. package/packages/pi-tui/dist/tui.d.ts.map +1 -1
  326. package/packages/pi-tui/dist/tui.js +9 -0
  327. package/packages/pi-tui/dist/tui.js.map +1 -1
  328. package/packages/pi-tui/package.json +2 -2
  329. package/packages/rpc-client/package.json +2 -2
  330. package/pkg/package.json +1 -1
  331. package/src/resources/GSD-WORKFLOW.md +5 -4
  332. package/src/resources/extensions/async-jobs/async-bash-cancel.test.ts +360 -0
  333. package/src/resources/extensions/async-jobs/async-bash-tool.ts +33 -56
  334. package/src/resources/extensions/async-jobs/await-tool.test.ts +139 -0
  335. package/src/resources/extensions/async-jobs/await-tool.ts +82 -12
  336. package/src/resources/extensions/async-jobs/index.ts +79 -0
  337. package/src/resources/extensions/async-jobs/job-manager.ts +21 -1
  338. package/src/resources/extensions/bg-shell/bg-shell-command.ts +6 -6
  339. package/src/resources/extensions/bg-shell/bg-shell-tool.ts +10 -6
  340. package/src/resources/extensions/bg-shell/overlay.ts +9 -5
  341. package/src/resources/extensions/bg-shell/process-manager.ts +50 -25
  342. package/src/resources/extensions/bg-shell/readiness-detector.ts +12 -0
  343. package/src/resources/extensions/bg-shell/tests/lifecycle-and-utilities.test.ts +48 -1
  344. package/src/resources/extensions/bg-shell/utilities.ts +3 -0
  345. package/src/resources/extensions/browser-tools/engine/managed-gsd-browser.ts +265 -98
  346. package/src/resources/extensions/browser-tools/engine/selection.ts +90 -4
  347. package/src/resources/extensions/browser-tools/index.ts +71 -13
  348. package/src/resources/extensions/browser-tools/tests/browser-engine-selection.test.mjs +83 -13
  349. package/src/resources/extensions/browser-tools/tests/gsd-browser-launch-config.test.mjs +40 -1
  350. package/src/resources/extensions/browser-tools/tests/managed-gsd-browser-tools.test.mjs +136 -0
  351. package/src/resources/extensions/claude-code-cli/stream-adapter.ts +34 -4
  352. package/src/resources/extensions/gsd/auto/custom-verify-retry-store.ts +21 -3
  353. package/src/resources/extensions/gsd/auto/detect-stuck.ts +32 -9
  354. package/src/resources/extensions/gsd/auto/dispatch-history.ts +152 -0
  355. package/src/resources/extensions/gsd/auto/dispatch-key.ts +39 -0
  356. package/src/resources/extensions/gsd/auto/loop.ts +4 -1
  357. package/src/resources/extensions/gsd/auto/orchestrator.ts +98 -56
  358. package/src/resources/extensions/gsd/auto/phases.ts +65 -26
  359. package/src/resources/extensions/gsd/auto/session.ts +3 -0
  360. package/src/resources/extensions/gsd/auto-direct-dispatch.ts +18 -48
  361. package/src/resources/extensions/gsd/auto-dispatch.ts +48 -61
  362. package/src/resources/extensions/gsd/auto-model-selection.ts +41 -12
  363. package/src/resources/extensions/gsd/auto-post-unit.ts +40 -8
  364. package/src/resources/extensions/gsd/auto-prompts.ts +118 -35
  365. package/src/resources/extensions/gsd/auto-start.ts +42 -21
  366. package/src/resources/extensions/gsd/auto-tool-tracking.ts +19 -0
  367. package/src/resources/extensions/gsd/auto-unit-closeout.ts +83 -28
  368. package/src/resources/extensions/gsd/auto-unit-tool-scope.ts +14 -21
  369. package/src/resources/extensions/gsd/auto-verification.ts +26 -28
  370. package/src/resources/extensions/gsd/auto-worktree.ts +44 -94
  371. package/src/resources/extensions/gsd/auto.ts +52 -16
  372. package/src/resources/extensions/gsd/blocked-models.ts +49 -0
  373. package/src/resources/extensions/gsd/bootstrap/agent-end-recovery.ts +37 -10
  374. package/src/resources/extensions/gsd/bootstrap/dynamic-tools.ts +23 -6
  375. package/src/resources/extensions/gsd/bootstrap/exec-tools.ts +2 -2
  376. package/src/resources/extensions/gsd/bootstrap/register-extension.ts +24 -0
  377. package/src/resources/extensions/gsd/bootstrap/register-hooks.ts +251 -47
  378. package/src/resources/extensions/gsd/bootstrap/write-gate.ts +352 -84
  379. package/src/resources/extensions/gsd/branch-patterns.ts +3 -0
  380. package/src/resources/extensions/gsd/browser-daemon-auto-prep.ts +108 -0
  381. package/src/resources/extensions/gsd/browser-evidence.ts +18 -2
  382. package/src/resources/extensions/gsd/captures.ts +4 -6
  383. package/src/resources/extensions/gsd/closeout-wizard.ts +102 -0
  384. package/src/resources/extensions/gsd/commands/context.ts +16 -2
  385. package/src/resources/extensions/gsd/commands-handlers.ts +46 -3
  386. package/src/resources/extensions/gsd/consent-question.ts +431 -0
  387. package/src/resources/extensions/gsd/consent-verdict.ts +86 -0
  388. package/src/resources/extensions/gsd/constants.ts +0 -3
  389. package/src/resources/extensions/gsd/crash-recovery.ts +13 -11
  390. package/src/resources/extensions/gsd/db/queries.ts +37 -0
  391. package/src/resources/extensions/gsd/db-writer.ts +11 -19
  392. package/src/resources/extensions/gsd/dispatch-guard.ts +8 -31
  393. package/src/resources/extensions/gsd/doctor-engine-checks.ts +5 -4
  394. package/src/resources/extensions/gsd/doctor-environment.ts +2 -7
  395. package/src/resources/extensions/gsd/doctor-format.ts +12 -7
  396. package/src/resources/extensions/gsd/doctor-git-checks.ts +2 -19
  397. package/src/resources/extensions/gsd/doctor-runtime-checks.ts +13 -15
  398. package/src/resources/extensions/gsd/engine-hook-contract.ts +79 -0
  399. package/src/resources/extensions/gsd/error-classifier.ts +11 -0
  400. package/src/resources/extensions/gsd/exec-sandbox.ts +49 -9
  401. package/src/resources/extensions/gsd/files.ts +33 -12
  402. package/src/resources/extensions/gsd/gsd-command-home.ts +13 -3
  403. package/src/resources/extensions/gsd/gsd-db.ts +4 -3
  404. package/src/resources/extensions/gsd/guidance.ts +217 -0
  405. package/src/resources/extensions/gsd/guided-flow.ts +37 -28
  406. package/src/resources/extensions/gsd/markdown-renderer.ts +11 -0
  407. package/src/resources/extensions/gsd/mcp-filter.ts +2 -23
  408. package/src/resources/extensions/gsd/mcp-tool-name.ts +6 -11
  409. package/src/resources/extensions/gsd/memory-consolidation-scanner.ts +1 -1
  410. package/src/resources/extensions/gsd/migrate/safety.ts +4 -1
  411. package/src/resources/extensions/gsd/milestone-closeout.ts +109 -24
  412. package/src/resources/extensions/gsd/milestone-planning-persistence.ts +2 -2
  413. package/src/resources/extensions/gsd/milestone-reopen-events.ts +3 -6
  414. package/src/resources/extensions/gsd/notification-store.ts +26 -3
  415. package/src/resources/extensions/gsd/parallel-monitor-overlay.ts +6 -4
  416. package/src/resources/extensions/gsd/parsers-legacy.ts +16 -4
  417. package/src/resources/extensions/gsd/paths.ts +33 -0
  418. package/src/resources/extensions/gsd/pre-execution-checks.ts +109 -3
  419. package/src/resources/extensions/gsd/preferences-models.ts +12 -47
  420. package/src/resources/extensions/gsd/projection-flush.ts +20 -0
  421. package/src/resources/extensions/gsd/prompts/complete-slice.md +3 -3
  422. package/src/resources/extensions/gsd/prompts/execute-task.md +1 -1
  423. package/src/resources/extensions/gsd/prompts/plan-milestone.md +1 -1
  424. package/src/resources/extensions/gsd/prompts/plan-slice.md +2 -2
  425. package/src/resources/extensions/gsd/prompts/quick-task.md +1 -1
  426. package/src/resources/extensions/gsd/prompts/reassess-roadmap.md +1 -1
  427. package/src/resources/extensions/gsd/prompts/refine-slice.md +2 -2
  428. package/src/resources/extensions/gsd/prompts/replan-slice.md +2 -2
  429. package/src/resources/extensions/gsd/prompts/research-milestone.md +1 -1
  430. package/src/resources/extensions/gsd/prompts/research-slice.md +1 -1
  431. package/src/resources/extensions/gsd/prompts/rewrite-docs.md +1 -1
  432. package/src/resources/extensions/gsd/prompts/run-uat.md +7 -5
  433. package/src/resources/extensions/gsd/prompts/system.md +5 -2
  434. package/src/resources/extensions/gsd/prompts/triage-captures.md +1 -1
  435. package/src/resources/extensions/gsd/prompts/validate-milestone.md +1 -1
  436. package/src/resources/extensions/gsd/provider-error-guidance.ts +4 -9
  437. package/src/resources/extensions/gsd/provider-switch-observer.ts +1 -1
  438. package/src/resources/extensions/gsd/publication.ts +122 -0
  439. package/src/resources/extensions/gsd/reactive-graph.ts +11 -1
  440. package/src/resources/extensions/gsd/recovery-classification.ts +42 -96
  441. package/src/resources/extensions/gsd/roadmap-slices.ts +28 -3
  442. package/src/resources/extensions/gsd/safety/destructive-confirmation.ts +134 -0
  443. package/src/resources/extensions/gsd/session-lock.ts +1 -1
  444. package/src/resources/extensions/gsd/state.ts +9 -21
  445. package/src/resources/extensions/gsd/stop-notice.ts +75 -0
  446. package/src/resources/extensions/gsd/tests/auto-model-selection.test.ts +97 -1
  447. package/src/resources/extensions/gsd/tests/auto-orchestrator.test.ts +198 -26
  448. package/src/resources/extensions/gsd/tests/auto-remote-session-lock-cleanup.test.ts +65 -3
  449. package/src/resources/extensions/gsd/tests/auto-start-orphan-bootstrap.test.ts +236 -0
  450. package/src/resources/extensions/gsd/tests/blocked-models.test.ts +19 -0
  451. package/src/resources/extensions/gsd/tests/browser-automation-contract-fixture.ts +39 -0
  452. package/src/resources/extensions/gsd/tests/browser-contract.test.ts +44 -0
  453. package/src/resources/extensions/gsd/tests/browser-daemon-auto-prep.test.ts +144 -0
  454. package/src/resources/extensions/gsd/tests/checkout-branch-stash-guard.test.ts +66 -1
  455. package/src/resources/extensions/gsd/tests/clear-stale-autostart.test.ts +22 -0
  456. package/src/resources/extensions/gsd/tests/commands-verdict.test.ts +8 -7
  457. package/src/resources/extensions/gsd/tests/complete-slice-verification-gate.test.ts +42 -0
  458. package/src/resources/extensions/gsd/tests/consent-question.test.ts +351 -0
  459. package/src/resources/extensions/gsd/tests/custom-verify-retry-store.test.ts +67 -0
  460. package/src/resources/extensions/gsd/tests/db-writer.test.ts +15 -4
  461. package/src/resources/extensions/gsd/tests/deep-project-auto-loop.test.ts +10 -10
  462. package/src/resources/extensions/gsd/tests/destructive-confirmation.test.ts +303 -0
  463. package/src/resources/extensions/gsd/tests/discuss-routing-fixes.test.ts +12 -2
  464. package/src/resources/extensions/gsd/tests/dispatch-history.test.ts +273 -0
  465. package/src/resources/extensions/gsd/tests/dispatch-run-uat-browser-tools.test.ts +2 -1
  466. package/src/resources/extensions/gsd/tests/doctor-git-checks-terminal.test.ts +73 -0
  467. package/src/resources/extensions/gsd/tests/dynamic-bash-no-cap.test.ts +132 -0
  468. package/src/resources/extensions/gsd/tests/engine-hook-contract.test.ts +148 -0
  469. package/src/resources/extensions/gsd/tests/exec-graceful-kill.test.ts +193 -0
  470. package/src/resources/extensions/gsd/tests/exec-tool.test.ts +29 -1
  471. package/src/resources/extensions/gsd/tests/extension-bootstrap-isolation.test.ts +35 -1
  472. package/src/resources/extensions/gsd/tests/gsd-command-home.test.ts +120 -0
  473. package/src/resources/extensions/gsd/tests/gsd-db.test.ts +27 -0
  474. package/src/resources/extensions/gsd/tests/guidance.test.ts +148 -0
  475. package/src/resources/extensions/gsd/tests/guided-dispatch-root.test.ts +2 -6
  476. package/src/resources/extensions/gsd/tests/integration/auto-worktree-milestone-merge.test.ts +53 -11
  477. package/src/resources/extensions/gsd/tests/integration/auto-worktree.test.ts +73 -58
  478. package/src/resources/extensions/gsd/tests/integration/gsd-integration-fixture.ts +80 -0
  479. package/src/resources/extensions/gsd/tests/integration/run-uat.test.ts +199 -0
  480. package/src/resources/extensions/gsd/tests/mcp-project-config.test.ts +3 -1
  481. package/src/resources/extensions/gsd/tests/milestone-closeout.test.ts +95 -4
  482. package/src/resources/extensions/gsd/tests/model-unittype-mapping.test.ts +32 -1
  483. package/src/resources/extensions/gsd/tests/notification-store.test.ts +32 -0
  484. package/src/resources/extensions/gsd/tests/oauth-api-model-routing.test.ts +167 -0
  485. package/src/resources/extensions/gsd/tests/parallel-research-dispatch.test.ts +18 -0
  486. package/src/resources/extensions/gsd/tests/parsers-legacy-importers.test.ts +138 -0
  487. package/src/resources/extensions/gsd/tests/phases-terminal-complete-idempotent.test.ts +242 -0
  488. package/src/resources/extensions/gsd/tests/post-exec-retry-bypass.test.ts +63 -2
  489. package/src/resources/extensions/gsd/tests/pre-execution-checks.test.ts +193 -1
  490. package/src/resources/extensions/gsd/tests/prompt-db.test.ts +124 -6
  491. package/src/resources/extensions/gsd/tests/provider-error-guidance.test.ts +3 -3
  492. package/src/resources/extensions/gsd/tests/publication.test.ts +120 -0
  493. package/src/resources/extensions/gsd/tests/register-hooks-depth-verification.test.ts +157 -0
  494. package/src/resources/extensions/gsd/tests/roadmap-slices.test.ts +68 -0
  495. package/src/resources/extensions/gsd/tests/runtime-invariant-modules.test.ts +20 -1
  496. package/src/resources/extensions/gsd/tests/stop-notice.test.ts +70 -0
  497. package/src/resources/extensions/gsd/tests/teardown-chdir-failure-clears-registry.test.ts +17 -0
  498. package/src/resources/extensions/gsd/tests/token-tool-gating.test.ts +76 -0
  499. package/src/resources/extensions/gsd/tests/tool-invocation-error-loop-break.test.ts +8 -0
  500. package/src/resources/extensions/gsd/tests/tool-surface-readiness.test.ts +155 -0
  501. package/src/resources/extensions/gsd/tests/tool-unavailable-retry.test.ts +33 -0
  502. package/src/resources/extensions/gsd/tests/transport-gate-double-complete.test.ts +139 -0
  503. package/src/resources/extensions/gsd/tests/uat-policy.test.ts +112 -29
  504. package/src/resources/extensions/gsd/tests/unit-closeout.test.ts +209 -0
  505. package/src/resources/extensions/gsd/tests/unit-context-composer.test.ts +67 -2
  506. package/src/resources/extensions/gsd/tests/unit-registry.test.ts +163 -0
  507. package/src/resources/extensions/gsd/tests/uok-audit-unified.test.ts +8 -0
  508. package/src/resources/extensions/gsd/tests/verification-verdict.test.ts +2 -0
  509. package/src/resources/extensions/gsd/tests/web-app-uat.test.ts +44 -1
  510. package/src/resources/extensions/gsd/tests/workflow-events.test.ts +19 -0
  511. package/src/resources/extensions/gsd/tests/workflow-mcp.test.ts +2 -2
  512. package/src/resources/extensions/gsd/tests/workflow-reconcile.test.ts +20 -0
  513. package/src/resources/extensions/gsd/tests/workflow-tool-executors.test.ts +275 -40
  514. package/src/resources/extensions/gsd/tests/worktree-teardown-safety.test.ts +22 -0
  515. package/src/resources/extensions/gsd/tests/worktree.test.ts +18 -0
  516. package/src/resources/extensions/gsd/tests/write-gate-seam.test.ts +358 -0
  517. package/src/resources/extensions/gsd/tests/write-gate.test.ts +67 -1
  518. package/src/resources/extensions/gsd/tool-contract.ts +38 -3
  519. package/src/resources/extensions/gsd/tool-presentation-plan.ts +4 -4
  520. package/src/resources/extensions/gsd/tool-surface-readiness.ts +76 -0
  521. package/src/resources/extensions/gsd/tools/complete-milestone.ts +3 -2
  522. package/src/resources/extensions/gsd/tools/complete-slice.ts +22 -12
  523. package/src/resources/extensions/gsd/tools/complete-task.ts +3 -2
  524. package/src/resources/extensions/gsd/tools/exec-tool.ts +8 -7
  525. package/src/resources/extensions/gsd/tools/plan-slice.ts +14 -8
  526. package/src/resources/extensions/gsd/tools/plan-task.ts +2 -2
  527. package/src/resources/extensions/gsd/tools/reassess-roadmap.ts +2 -2
  528. package/src/resources/extensions/gsd/tools/reopen-milestone.ts +2 -2
  529. package/src/resources/extensions/gsd/tools/reopen-slice.ts +2 -2
  530. package/src/resources/extensions/gsd/tools/reopen-task.ts +2 -2
  531. package/src/resources/extensions/gsd/tools/replan-slice.ts +2 -2
  532. package/src/resources/extensions/gsd/tools/workflow-tool-executors.ts +81 -2
  533. package/src/resources/extensions/gsd/uat-policy.ts +62 -16
  534. package/src/resources/extensions/gsd/unit-closeout.ts +201 -0
  535. package/src/resources/extensions/gsd/unit-context-composer.ts +111 -1
  536. package/src/resources/extensions/gsd/unit-context-manifest.ts +4 -28
  537. package/src/resources/extensions/gsd/unit-registry.ts +412 -0
  538. package/src/resources/extensions/gsd/unit-tool-contracts.ts +27 -192
  539. package/src/resources/extensions/gsd/verdict-parser.ts +1 -1
  540. package/src/resources/extensions/gsd/verification-verdict.ts +4 -2
  541. package/src/resources/extensions/gsd/web-app-uat.ts +51 -8
  542. package/src/resources/extensions/gsd/workflow-event-ledger.ts +131 -0
  543. package/src/resources/extensions/gsd/workflow-event-vocabulary.ts +59 -0
  544. package/src/resources/extensions/gsd/workflow-events.ts +12 -20
  545. package/src/resources/extensions/gsd/workflow-reconcile.ts +29 -62
  546. package/src/resources/extensions/gsd/workflow-tool-surface.ts +4 -1
  547. package/src/resources/extensions/gsd/worktree-git-recovery.ts +15 -9
  548. package/src/resources/extensions/gsd/worktree-lifecycle.ts +3 -8
  549. package/src/resources/extensions/gsd/worktree-manager.ts +6 -1
  550. package/src/resources/extensions/gsd/worktree-root.ts +12 -0
  551. package/src/resources/extensions/gsd/worktree-session-state.ts +3 -5
  552. package/src/resources/extensions/gsd/worktree.ts +7 -1
  553. package/src/resources/extensions/search-the-web/native-search.ts +5 -3
  554. package/src/resources/extensions/shared/browser-contract.ts +66 -0
  555. package/src/resources/extensions/shared/gsd-browser-cli.ts +141 -6
  556. package/src/resources/shared/gsd-browser-path-sync.ts +273 -0
  557. package/src/resources/shared/package-manager-detection.ts +1 -1
  558. package/src/resources/shared/package.json +3 -0
  559. package/src/resources/skills/create-skill/SKILL.md +3 -0
  560. package/src/resources/skills/create-skill/references/executable-code.md +1 -1
  561. package/src/resources/skills/create-skill/references/skill-structure.md +1 -0
  562. package/src/resources/skills/create-skill/workflows/add-reference.md +8 -3
  563. package/src/resources/skills/create-skill/workflows/add-script.md +4 -2
  564. package/src/resources/skills/create-skill/workflows/add-template.md +3 -1
  565. package/src/resources/skills/create-skill/workflows/add-workflow.md +8 -3
  566. package/src/resources/skills/create-skill/workflows/upgrade-to-router.md +10 -5
  567. package/src/resources/skills/create-skill/workflows/verify-skill.md +9 -4
  568. package/src/resources/skills/spike-wrap-up/SKILL.md +9 -9
  569. package/dist/resources/extensions/gsd/user-input-boundary.js +0 -218
  570. package/dist/resources/skills/gsd-browser/SKILL.md +0 -41
  571. package/src/resources/extensions/gsd/tests/user-input-boundary.test.ts +0 -173
  572. package/src/resources/extensions/gsd/user-input-boundary.ts +0 -216
  573. package/src/resources/skills/gsd-browser/SKILL.md +0 -41
  574. /package/dist/web/standalone/.next/static/{C24pqUd-aru-l0Dp0gLZP → FBNo5cT_chy7YNoAQsU3o}/_buildManifest.js +0 -0
  575. /package/dist/web/standalone/.next/static/{C24pqUd-aru-l0Dp0gLZP → FBNo5cT_chy7YNoAQsU3o}/_ssgManifest.js +0 -0
package/packages/pi-ai/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@gsd/pi-ai",
3
- "version": "1.2.0-dev.955e4da0",
3
+ "version": "1.2.0-dev.9ad8ae33",
4
4
  "description": "Unified LLM API with automatic model discovery and provider configuration",
5
5
  "type": "module",
6
6
  "gsd": {
@@ -72,7 +72,8 @@
72
72
  "clean": "node ../../scripts/clean-package-dist.cjs",
73
73
  "generate-models": "node scripts/generate-models.ts",
74
74
  "generate-image-models": "node scripts/generate-image-models.ts",
75
- "build": "node ../../scripts/clean-package-dist.cjs && node scripts/generate-models.ts && node scripts/generate-image-models.ts && tsc -p tsconfig.json --incremental false",
75
+ "generate": "pnpm run generate-models && pnpm run generate-image-models",
76
+ "build": "pnpm run clean && tsc -p tsconfig.json --incremental false",
76
77
  "test": "vitest --run",
77
78
  "prepublishOnly": "pnpm run clean && pnpm run build"
78
79
  },
package/packages/pi-coding-agent/dist/core/auth-storage.d.ts CHANGED
@@ -134,8 +134,8 @@ export declare class AuthStorage {
134
134
  * Get API key for a provider.
135
135
  * Priority:
136
136
  * 1. Runtime override (CLI --api-key)
137
- * 2. API key from auth.json
138
- * 3. OAuth token from auth.json (auto-refreshed with locking)
137
+ * 2. OAuth token from auth.json (when provider supports OAuth login)
138
+ * 3. API key from auth.json (including fallback when OAuth refresh fails)
139
139
  * 4. Environment variable
140
140
  * 5. Fallback resolver (models.json custom providers)
141
141
  */
package/packages/pi-coding-agent/dist/core/auth-storage.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth-storage.d.ts","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAGN,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,KAAK,eAAe,EACpB,MAAM,YAAY,CAAC;AASpB,MAAM,MAAM,gBAAgB,GAAG;IAC9B,IAAI,EAAE,SAAS,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;CACZ,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC7B,IAAI,EAAE,OAAO,CAAC;CACd,GAAG,gBAAgB,CAAC;AAErB,MAAM,MAAM,cAAc,GAAG,gBAAgB,GAAG,eAAe,CAAC;AAEhE,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,cAAc,GAAG,cAAc,EAAE,CAAC,CAAC;AAEhF,MAAM,MAAM,UAAU,GAAG;IACxB,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,aAAa,GAAG,UAAU,GAAG,iBAAiB,GAAG,qBAAqB,CAAC;IACvG,KAAK,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,UAAU,CAAC,CAAC,IAAI;IACpB,MAAM,EAAE,CAAC,CAAC;IACV,IAAI,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;AAUF,MAAM,WAAW,kBAAkB;IAClC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACnE,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;CAC1F;AAED,qBAAa,sBAAuB,YAAW,kBAAkB;IAChE,OAAO,CAAC,QAAQ,CAAS;gBAEb,QAAQ,GAAE,MAAyC;IAI/D,OAAO,CAAC,eAAe;IAOvB,OAAO,CAAC,gBAAgB;IAOxB,OAAO,CAAC,wBAAwB;IA2BhC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;IAqB5D,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CAiD/F;AAED,qBAAa,0BAA2B,YAAW,kBAAkB;IACpE,OAAO,CAAC,KAAK,CAAqB;IAElC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;IAQ5D,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CAO/F;AAED;;GAEG;AACH,qBAAa,WAAW;IACvB,OAAO,CAAC,IAAI,CAAuB;IACnC,OAAO,CAAC,gBAAgB,CAAkC;IAC1D,OAAO,CAAC,gBAAgB,CAAC,CAA2C;IACpE,OAAO,CAAC,SAAS,CAAsB;IACvC,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,OAAO,CAAqB;IAEpC,OAAO;IAKP,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,WAAW;IAI7C,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,WAAW;IAI5D,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAE,eAAoB,GAAG,WAAW;IAMxD;;;OAGG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI;IAIxD;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAI3C;;;OAGG;IACH,mBAAmB,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,GAAG,IAAI;IAI7E,OAAO,CAAC,WAAW;IAKnB,OAAO,CAAC,gBAAgB;IAOxB,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,EAAE;IAO7D;;OAEG;IACH,MAAM,IAAI,IAAI;IAed,OAAO,CAAC,qBAAqB;IAwB7B;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAIjD;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,cAAc,GAAG,IAAI;IAKvD;;OAEG;IACH,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAK9B;;OAEG;IACH,IAAI,IAAI,MAAM,EAAE;IAIhB;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAI9B;;;OAGG;IACH,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAQlC,OAAO,CAAC,eAAe,CAA6B;IAEpD,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAU9C,qBAAqB,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI;IAIlE,0BAA0B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAIrD,2BAA2B,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAMrD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU;IAqB3C;;OAEG;IACH,MAAM,IAAI,eAAe;IAIzB,WAAW,IAAI,KAAK,EAAE;IAMtB;;OAEG;IACG,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvF;;OAEG;IACH,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAI9B;;;OAGG;YACW,yBAAyB;IAsDvC;;;;;;;;OAQG;IACG,SAAS,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAoEzG;;OAEG;IACH,iBAAiB;CAGjB"}
1
+ {"version":3,"file":"auth-storage.d.ts","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAGN,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,KAAK,eAAe,EACpB,MAAM,YAAY,CAAC;AASpB,MAAM,MAAM,gBAAgB,GAAG;IAC9B,IAAI,EAAE,SAAS,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;CACZ,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC7B,IAAI,EAAE,OAAO,CAAC;CACd,GAAG,gBAAgB,CAAC;AAErB,MAAM,MAAM,cAAc,GAAG,gBAAgB,GAAG,eAAe,CAAC;AAEhE,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,cAAc,GAAG,cAAc,EAAE,CAAC,CAAC;AAEhF,MAAM,MAAM,UAAU,GAAG;IACxB,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,aAAa,GAAG,UAAU,GAAG,iBAAiB,GAAG,qBAAqB,CAAC;IACvG,KAAK,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,KAAK,UAAU,CAAC,CAAC,IAAI;IACpB,MAAM,EAAE,CAAC,CAAC;IACV,IAAI,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;AAUF,MAAM,WAAW,kBAAkB;IAClC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACnE,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;CAC1F;AAED,qBAAa,sBAAuB,YAAW,kBAAkB;IAChE,OAAO,CAAC,QAAQ,CAAS;gBAEb,QAAQ,GAAE,MAAyC;IAI/D,OAAO,CAAC,eAAe;IAOvB,OAAO,CAAC,gBAAgB;IAOxB,OAAO,CAAC,wBAAwB;IA2BhC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;IAqB5D,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CAiD/F;AAED,qBAAa,0BAA2B,YAAW,kBAAkB;IACpE,OAAO,CAAC,KAAK,CAAqB;IAElC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;IAQ5D,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,SAAS,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CAO/F;AAED;;GAEG;AACH,qBAAa,WAAW;IACvB,OAAO,CAAC,IAAI,CAAuB;IACnC,OAAO,CAAC,gBAAgB,CAAkC;IAC1D,OAAO,CAAC,gBAAgB,CAAC,CAA2C;IACpE,OAAO,CAAC,SAAS,CAAsB;IACvC,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,OAAO,CAAqB;IAEpC,OAAO;IAKP,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,WAAW;IAI7C,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,WAAW;IAI5D,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAE,eAAoB,GAAG,WAAW;IAMxD;;;OAGG;IACH,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI;IAIxD;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAI3C;;;OAGG;IACH,mBAAmB,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,GAAG,IAAI;IAI7E,OAAO,CAAC,WAAW;IAKnB,OAAO,CAAC,gBAAgB;IAOxB,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,EAAE;IAO7D;;OAEG;IACH,MAAM,IAAI,IAAI;IAed,OAAO,CAAC,qBAAqB;IAwB7B;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAIjD;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,cAAc,GAAG,IAAI;IAKvD;;OAEG;IACH,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAK9B;;OAEG;IACH,IAAI,IAAI,MAAM,EAAE;IAIhB;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAI9B;;;OAGG;IACH,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAQlC,OAAO,CAAC,eAAe,CAA6B;IAEpD,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAU9C,qBAAqB,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI;IAIlE,0BAA0B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAIrD,2BAA2B,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAMrD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU;IAqB3C;;OAEG;IACH,MAAM,IAAI,eAAe;IAIzB,WAAW,IAAI,KAAK,EAAE;IAMtB;;OAEG;IACG,KAAK,CAAC,UAAU,EAAE,eAAe,EAAE,SAAS,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvF;;OAEG;IACH,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAI9B;;;OAGG;YACW,yBAAyB;IAsDvC;;;;;;;;OAQG;IACG,SAAS,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IA8EzG;;OAEG;IACH,iBAAiB;CAGjB"}
package/packages/pi-coding-agent/dist/core/auth-storage.js CHANGED
@@ -413,8 +413,8 @@ export class AuthStorage {
413
413
  * Get API key for a provider.
414
414
  * Priority:
415
415
  * 1. Runtime override (CLI --api-key)
416
- * 2. API key from auth.json
417
- * 3. OAuth token from auth.json (auto-refreshed with locking)
416
+ * 2. OAuth token from auth.json (when provider supports OAuth login)
417
+ * 3. API key from auth.json (including fallback when OAuth refresh fails)
418
418
  * 4. Environment variable
419
419
  * 5. Fallback resolver (models.json custom providers)
420
420
  */
@@ -427,7 +427,12 @@ export class AuthStorage {
427
427
  const creds = this.getCredentialsForProvider(providerId);
428
428
  const apiKeyCredential = creds.find(isUsableApiKeyCredential);
429
429
  const oauthCredential = creds.find((entry) => entry.type === "oauth");
430
- const cred = apiKeyCredential ?? oauthCredential;
430
+ // Prefer OAuth for providers that support subscription login (anthropic,
431
+ // github-copilot, openai-codex). Users often have both OAuth and a stale
432
+ // API key on disk; subscription auth should win unless --api-key overrides.
433
+ const cred = oauthCredential && getOAuthProvider(providerId)
434
+ ? oauthCredential
435
+ : (apiKeyCredential ?? oauthCredential);
431
436
  if (cred?.type === "api_key") {
432
437
  return resolveConfigValue(cred.key);
433
438
  }
@@ -437,6 +442,7 @@ export class AuthStorage {
437
442
  // Unknown OAuth provider, can't get API key
438
443
  return undefined;
439
444
  }
445
+ const resolveStoredApiKey = () => apiKeyCredential ? resolveConfigValue(apiKeyCredential.key) : undefined;
440
446
  // Check if token needs refresh
441
447
  const needsRefresh = Date.now() >= cred.expires;
442
448
  if (needsRefresh) {
@@ -449,16 +455,16 @@ export class AuthStorage {
449
455
  }
450
456
  catch (error) {
451
457
  this.recordError(error);
452
- // Refresh failed - re-read file to check if another instance succeeded
453
- this.reload();
454
- const updatedCred = this.getCredentialsForProvider(providerId).find((entry) => entry.type === "oauth");
455
- if (updatedCred?.type === "oauth" && Date.now() < updatedCred.expires) {
456
- // Another instance refreshed successfully, use those credentials
457
- return provider.getApiKey(updatedCred);
458
- }
459
- // Refresh truly failed - return undefined so model discovery skips this provider
460
- // User can /login to re-authenticate (credentials preserved for retry)
461
- return undefined;
458
+ }
459
+ // Refresh failed or returned nothing - re-read file to check if another instance succeeded
460
+ this.reload();
461
+ const updatedCred = this.getCredentialsForProvider(providerId).find((entry) => entry.type === "oauth");
462
+ if (updatedCred?.type === "oauth" && Date.now() < updatedCred.expires) {
463
+ return provider.getApiKey(updatedCred);
464
+ }
465
+ const storedApiKey = resolveStoredApiKey();
466
+ if (storedApiKey) {
467
+ return storedApiKey;
462
468
  }
463
469
  }
464
470
  else {
package/packages/pi-coding-agent/dist/core/auth-storage.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth-storage.js","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACN,WAAW,EACX,YAAY,GAIZ,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACvF,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AACnF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,QAAQ,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AA0B/D,SAAS,wBAAwB,CAAC,UAA0B;IAC3D,OAAO,UAAU,CAAC,IAAI,KAAK,SAAS,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,wBAAwB,CAAC,UAA0B;IAC3D,OAAO,UAAU,CAAC,IAAI,KAAK,OAAO,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;AAC5E,CAAC;AAOD,MAAM,OAAO,sBAAsB;IAGlC,YAAY,WAAmB,IAAI,CAAC,WAAW,EAAE,EAAE,WAAW,CAAC;QAC9D,IAAI,CAAC,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC;IAEO,eAAe;QACtB,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACF,CAAC;IAEO,gBAAgB;QACvB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5C,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC;IACF,CAAC;IAEO,wBAAwB,CAAC,IAAY;QAC5C,MAAM,WAAW,GAAG,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,IAAI,SAAkB,CAAC;QAEvB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;YACzD,IAAI,CAAC;gBACJ,OAAO,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBAChB,MAAM,IAAI,GACT,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,MAAM,IAAI,KAAK;oBAC7D,CAAC,CAAC,MAAM,CAAE,KAA4B,CAAC,IAAI,CAAC;oBAC5C,CAAC,CAAC,SAAS,CAAC;gBACd,IAAI,IAAI,KAAK,SAAS,IAAI,OAAO,KAAK,WAAW,EAAE,CAAC;oBACnD,MAAM,KAAK,CAAC;gBACb,CAAC;gBACD,SAAS,GAAG,KAAK,CAAC;gBAClB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACzB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,OAAO,EAAE,CAAC;oBACrC,0DAA0D;gBAC3D,CAAC;YACF,CAAC;QACF,CAAC;QAED,MAAO,SAAmB,IAAI,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IAChF,CAAC;IAED,QAAQ,CAAI,EAAkD;QAC7D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,IAAI,OAAiC,CAAC;QACtC,IAAI,CAAC;YACJ,OAAO,GAAG,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvD,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC7F,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;YACrC,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;gBACxB,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC5C,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,IAAI,OAAO,EAAE,CAAC;gBACb,OAAO,EAAE,CAAC;YACX,CAAC;QACF,CAAC;IACF,CAAC;IAED,KAAK,CAAC,aAAa,CAAI,EAA2D;QACjF,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,IAAI,OAA0C,CAAC;QAC/C,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,oBAAuC,CAAC;QAC5C,MAAM,kBAAkB,GAAG,GAAG,EAAE;YAC/B,IAAI,eAAe,EAAE,CAAC;gBACrB,MAAM,oBAAoB,IAAI,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YAC9E,CAAC;QACF,CAAC,CAAC;QAEF,IAAI,CAAC;YACJ,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;gBAC5C,OAAO,EAAE;oBACR,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,CAAC;oBACT,UAAU,EAAE,GAAG;oBACf,UAAU,EAAE,KAAK;oBACjB,SAAS,EAAE,IAAI;iBACf;gBACD,KAAK,EAAE,KAAK;gBACZ,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE;oBACtB,eAAe,GAAG,IAAI,CAAC;oBACvB,oBAAoB,GAAG,GAAG,CAAC;gBAC5B,CAAC;aACD,CAAC,CAAC;YAEH,kBAAkB,EAAE,CAAC;YACrB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC7F,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC;YAC3C,kBAAkB,EAAE,CAAC;YACrB,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;gBACxB,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC5C,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACjC,CAAC;YACD,kBAAkB,EAAE,CAAC;YACrB,OAAO,MAAM,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,IAAI,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC;oBACJ,MAAM,OAAO,EAAE,CAAC;gBACjB,CAAC;gBAAC,MAAM,CAAC;oBACR,iDAAiD;gBAClD,CAAC;YACF,CAAC;QACF,CAAC;IACF,CAAC;CACD;AAED,MAAM,OAAO,0BAA0B;IAGtC,QAAQ,CAAI,EAAkD;QAC7D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxC,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACnB,CAAC;QACD,OAAO,MAAM,CAAC;IACf,CAAC;IAED,KAAK,CAAC,aAAa,CAAI,EAA2D;QACjF,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACnB,CAAC;QACD,OAAO,MAAM,CAAC;IACf,CAAC;CACD;AAED;;GAEG;AACH,MAAM,OAAO,WAAW;IAQvB,YAAoB,OAA2B;QAPvC,SAAI,GAAoB,EAAE,CAAC;QAC3B,qBAAgB,GAAwB,IAAI,GAAG,EAAE,CAAC;QAElD,cAAS,GAAiB,IAAI,CAAC;QAC/B,WAAM,GAAY,EAAE,CAAC;QA2JrB,oBAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;QAvJnD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,MAAM,EAAE,CAAC;IACf,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,QAAiB;QAC9B,OAAO,IAAI,WAAW,CAAC,IAAI,sBAAsB,CAAC,QAAQ,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAClG,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,OAA2B;QAC7C,OAAO,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAwB,EAAE;QACzC,MAAM,OAAO,GAAG,IAAI,0BAA0B,EAAE,CAAC;QACjD,OAAO,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrF,OAAO,WAAW,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,gBAAgB,CAAC,QAAgB,EAAE,MAAc;QAChD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAgB;QACnC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED;;;OAGG;IACH,mBAAmB,CAAC,QAAkD;QACrE,IAAI,CAAC,gBAAgB,GAAG,QAAQ,CAAC;IAClC,CAAC;IAEO,WAAW,CAAC,KAAc;QACjC,MAAM,eAAe,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAEO,gBAAgB,CAAC,OAA2B;QACnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACd,OAAO,EAAE,CAAC;QACX,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAoB,CAAC;IAC/C,CAAC;IAED,yBAAyB,CAAC,QAAgB;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,CAAC;QACtB,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM;QACL,IAAI,OAA2B,CAAC;QAChC,IAAI,CAAC;YACJ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE;gBACjC,OAAO,GAAG,OAAO,CAAC;gBAClB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;YAC9B,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC3C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,IAAI,CAAC,SAAS,GAAG,KAAc,CAAC;YAChC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;IACF,CAAC;IAEO,qBAAqB,CAC5B,QAAgB,EAChB,UAAyD;QAEzD,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;QACR,CAAC;QAED,IAAI,CAAC;YACJ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE;gBACjC,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBACnD,MAAM,MAAM,GAAoB,EAAE,GAAG,WAAW,EAAE,CAAC;gBACnD,IAAI,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,QAAQ,CAAC,GAAG,UAAU,CAAC;gBAC/B,CAAC;qBAAM,CAAC;oBACP,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACzB,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;YACrE,CAAC,CAAC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;IACF,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,QAAgB;QACnB,OAAO,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,QAAgB,EAAE,UAA0B;QAC/C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,UAAU,CAAC;QACjC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,QAAgB;QACtB,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,IAAI;QACH,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,QAAgB;QACnB,OAAO,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACH,OAAO,CAAC,QAAgB;QACvB,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,IAAI,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC;YAAE,OAAO,IAAI,CAAC;QACzF,IAAI,YAAY,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACnD,OAAO,KAAK,CAAC;IACd,CAAC;IAID,mBAAmB,CAAC,QAAgB;QACnC,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO,IAAI,CAAC;QACzC,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QACb,CAAC;QACD,OAAO,KAAK,CAAC;IACd,CAAC;IAED,qBAAqB,CAAC,QAAgB,EAAE,UAAmB;QAC1D,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC;IACzD,CAAC;IAED,0BAA0B,CAAC,QAAgB;QAC1C,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAED,2BAA2B,CAAC,QAAgB;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC;QACtC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,QAAgB;QAC7B,IAAI,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC;YAC7E,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAED,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;QACrE,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;QACtC,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClB,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,CAAC;QAED,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC;QACnF,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM;QACL,OAAO,EAAE,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAED,WAAW;QACV,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,OAAO,OAAO,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,UAA2B,EAAE,SAA8B;QACtE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,2BAA2B,UAAU,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,WAAW,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,QAAgB;QACtB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACvB,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,yBAAyB,CACtC,UAA2B;QAE3B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACb,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YACjE,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACnD,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;YACxB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YAEtB,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;YACtC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;gBACtC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,OAAO,CAAC;gBACvD,CAAC,CAAC,KAAK,EAAE,IAAI,KAAK,OAAO;oBACxB,CAAC,CAAC,KAAK;oBACP,CAAC,CAAC,SAAS,CAAC;YACd,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBAChD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;gBACrC,OAAO,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,EAAE,CAAC;YAC3F,CAAC;YAED,MAAM,UAAU,GAAqC,EAAE,CAAC;YACxD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBACxD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,KAAK,MAAM,SAAS,IAAI,OAAO,EAAE,CAAC;oBACjC,IAAI,SAAS,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;wBAChC,UAAU,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC;oBAC7B,CAAC;gBACF,CAAC;YACF,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;YAC/D,IAAI,CAAC,SAAS,EAAE,CAAC;gBAChB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,MAAM,MAAM,GAAoB;gBAC/B,GAAG,WAAW;gBACd,CAAC,UAAU,CAAC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC,cAAc,EAAE;aAC5D,CAAC;YACF,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC;YACnB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QACrE,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IACf,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,SAAS,CAAC,UAAkB,EAAE,OAAuC;QAC1E,0CAA0C;QAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACzD,IAAI,UAAU,EAAE,CAAC;YAChB,OAAO,UAAU,CAAC;QACnB,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC9D,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,gBAAgB,IAAI,eAAe,CAAC;QAEjD,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;YAC9B,OAAO,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrC,CAAC;QAED,IAAI,IAAI,EAAE,IAAI,KAAK,OAAO,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACf,4CAA4C;gBAC5C,OAAO,SAAS,CAAC;YAClB,CAAC;YAED,+BAA+B;YAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC;YAEhD,IAAI,YAAY,EAAE,CAAC;gBAClB,gDAAgD;gBAChD,IAAI,CAAC;oBACJ,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;oBAChE,IAAI,MAAM,EAAE,CAAC;wBACZ,OAAO,MAAM,CAAC,MAAM,CAAC;oBACtB,CAAC;gBACF,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBAChB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;oBACxB,uEAAuE;oBACvE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACd,MAAM,WAAW,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC,IAAI,CAClE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,OAAO,CACjC,CAAC;oBAEF,IAAI,WAAW,EAAE,IAAI,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,OAAO,EAAE,CAAC;wBACvE,iEAAiE;wBACjE,OAAO,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;oBACxC,CAAC;oBAED,iFAAiF;oBACjF,uEAAuE;oBACvE,OAAO,SAAS,CAAC;gBAClB,CAAC;YACF,CAAC;iBAAM,CAAC;gBACP,8CAA8C;gBAC9C,OAAO,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACjC,CAAC;QACF,CAAC;QAED,oCAAoC;QACpC,MAAM,MAAM,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;QACxC,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,oEAAoE;QACpE,IAAI,OAAO,EAAE,eAAe,KAAK,KAAK,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;QACzD,CAAC;QAED,OAAO,SAAS,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,iBAAiB;QAChB,OAAO,iBAAiB,EAAE,CAAC;IAC5B,CAAC;CACD","sourcesContent":["/**\n * Credential storage for API keys and OAuth tokens.\n * Handles loading, saving, and refreshing credentials from auth.json.\n *\n * Uses file locking to prevent race conditions when multiple pi instances\n * try to refresh tokens simultaneously.\n */\n\nimport {\n\tfindEnvKeys,\n\tgetEnvApiKey,\n\ttype OAuthCredentials,\n\ttype OAuthLoginCallbacks,\n\ttype OAuthProviderId,\n} from \"@gsd/pi-ai\";\nimport { getOAuthApiKey, getOAuthProvider, getOAuthProviders } from \"@gsd/pi-ai/oauth\";\nimport { chmodSync, existsSync, mkdirSync, readFileSync, writeFileSync } from \"fs\";\nimport { dirname, join } from \"path\";\nimport lockfile from \"proper-lockfile\";\nimport { getAgentDir } from \"../config.js\";\nimport { normalizePath } from \"../utils/paths.js\";\nimport { resolveConfigValue } from \"./resolve-config-value.js\";\n\nexport type ApiKeyCredential = {\n\ttype: \"api_key\";\n\tkey: string;\n};\n\nexport type OAuthCredential = {\n\ttype: \"oauth\";\n} & OAuthCredentials;\n\nexport type AuthCredential = ApiKeyCredential | OAuthCredential;\n\nexport type AuthStorageData = Record<string, AuthCredential | AuthCredential[]>;\n\nexport type AuthStatus = {\n\tconfigured: boolean;\n\tsource?: \"stored\" | \"runtime\" | \"environment\" | \"fallback\" | \"models_json_key\" | \"models_json_command\";\n\tlabel?: string;\n};\n\ntype LockResult<T> = {\n\tresult: T;\n\tnext?: string;\n};\n\nfunction isUsableApiKeyCredential(credential: AuthCredential): credential is ApiKeyCredential {\n\treturn credential.type === \"api_key\" && credential.key.trim().length > 0;\n}\n\nfunction isUsableStoredCredential(credential: AuthCredential): boolean {\n\treturn credential.type === \"oauth\" || isUsableApiKeyCredential(credential);\n}\n\nexport interface AuthStorageBackend {\n\twithLock<T>(fn: (current: string | undefined) => LockResult<T>): T;\n\twithLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T>;\n}\n\nexport class FileAuthStorageBackend implements AuthStorageBackend {\n\tprivate authPath: string;\n\n\tconstructor(authPath: string = join(getAgentDir(), \"auth.json\")) {\n\t\tthis.authPath = normalizePath(authPath);\n\t}\n\n\tprivate ensureParentDir(): void {\n\t\tconst dir = dirname(this.authPath);\n\t\tif (!existsSync(dir)) {\n\t\t\tmkdirSync(dir, { recursive: true, mode: 0o700 });\n\t\t}\n\t}\n\n\tprivate ensureFileExists(): void {\n\t\tif (!existsSync(this.authPath)) {\n\t\t\twriteFileSync(this.authPath, \"{}\", \"utf-8\");\n\t\t\tchmodSync(this.authPath, 0o600);\n\t\t}\n\t}\n\n\tprivate acquireLockSyncWithRetry(path: string): () => void {\n\t\tconst maxAttempts = 10;\n\t\tconst delayMs = 20;\n\t\tlet lastError: unknown;\n\n\t\tfor (let attempt = 1; attempt <= maxAttempts; attempt++) {\n\t\t\ttry {\n\t\t\t\treturn lockfile.lockSync(path, { realpath: false });\n\t\t\t} catch (error) {\n\t\t\t\tconst code =\n\t\t\t\t\ttypeof error === \"object\" && error !== null && \"code\" in error\n\t\t\t\t\t\t? String((error as { code?: unknown }).code)\n\t\t\t\t\t\t: undefined;\n\t\t\t\tif (code !== \"ELOCKED\" || attempt === maxAttempts) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\t\t\t\tlastError = error;\n\t\t\t\tconst start = Date.now();\n\t\t\t\twhile (Date.now() - start < delayMs) {\n\t\t\t\t\t// Sleep synchronously to avoid changing callers to async.\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tthrow (lastError as Error) ?? new Error(\"Failed to acquire auth storage lock\");\n\t}\n\n\twithLock<T>(fn: (current: string | undefined) => LockResult<T>): T {\n\t\tthis.ensureParentDir();\n\t\tthis.ensureFileExists();\n\n\t\tlet release: (() => void) | undefined;\n\t\ttry {\n\t\t\trelease = this.acquireLockSyncWithRetry(this.authPath);\n\t\t\tconst current = existsSync(this.authPath) ? readFileSync(this.authPath, \"utf-8\") : undefined;\n\t\t\tconst { result, next } = fn(current);\n\t\t\tif (next !== undefined) {\n\t\t\t\twriteFileSync(this.authPath, next, \"utf-8\");\n\t\t\t\tchmodSync(this.authPath, 0o600);\n\t\t\t}\n\t\t\treturn result;\n\t\t} finally {\n\t\t\tif (release) {\n\t\t\t\trelease();\n\t\t\t}\n\t\t}\n\t}\n\n\tasync withLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T> {\n\t\tthis.ensureParentDir();\n\t\tthis.ensureFileExists();\n\n\t\tlet release: (() => Promise<void>) | undefined;\n\t\tlet lockCompromised = false;\n\t\tlet lockCompromisedError: Error | undefined;\n\t\tconst throwIfCompromised = () => {\n\t\t\tif (lockCompromised) {\n\t\t\t\tthrow lockCompromisedError ?? new Error(\"Auth storage lock was compromised\");\n\t\t\t}\n\t\t};\n\n\t\ttry {\n\t\t\trelease = await lockfile.lock(this.authPath, {\n\t\t\t\tretries: {\n\t\t\t\t\tretries: 10,\n\t\t\t\t\tfactor: 2,\n\t\t\t\t\tminTimeout: 100,\n\t\t\t\t\tmaxTimeout: 10000,\n\t\t\t\t\trandomize: true,\n\t\t\t\t},\n\t\t\t\tstale: 30000,\n\t\t\t\tonCompromised: (err) => {\n\t\t\t\t\tlockCompromised = true;\n\t\t\t\t\tlockCompromisedError = err;\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tthrowIfCompromised();\n\t\t\tconst current = existsSync(this.authPath) ? readFileSync(this.authPath, \"utf-8\") : undefined;\n\t\t\tconst { result, next } = await fn(current);\n\t\t\tthrowIfCompromised();\n\t\t\tif (next !== undefined) {\n\t\t\t\twriteFileSync(this.authPath, next, \"utf-8\");\n\t\t\t\tchmodSync(this.authPath, 0o600);\n\t\t\t}\n\t\t\tthrowIfCompromised();\n\t\t\treturn result;\n\t\t} finally {\n\t\t\tif (release) {\n\t\t\t\ttry {\n\t\t\t\t\tawait release();\n\t\t\t\t} catch {\n\t\t\t\t\t// Ignore unlock errors when lock is compromised.\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n}\n\nexport class InMemoryAuthStorageBackend implements AuthStorageBackend {\n\tprivate value: string | undefined;\n\n\twithLock<T>(fn: (current: string | undefined) => LockResult<T>): T {\n\t\tconst { result, next } = fn(this.value);\n\t\tif (next !== undefined) {\n\t\t\tthis.value = next;\n\t\t}\n\t\treturn result;\n\t}\n\n\tasync withLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T> {\n\t\tconst { result, next } = await fn(this.value);\n\t\tif (next !== undefined) {\n\t\t\tthis.value = next;\n\t\t}\n\t\treturn result;\n\t}\n}\n\n/**\n * Credential storage backed by a JSON file.\n */\nexport class AuthStorage {\n\tprivate data: AuthStorageData = {};\n\tprivate runtimeOverrides: Map<string, string> = new Map();\n\tprivate fallbackResolver?: (provider: string) => string | undefined;\n\tprivate loadError: Error | null = null;\n\tprivate errors: Error[] = [];\n\tprivate storage: AuthStorageBackend;\n\n\tprivate constructor(storage: AuthStorageBackend) {\n\t\tthis.storage = storage;\n\t\tthis.reload();\n\t}\n\n\tstatic create(authPath?: string): AuthStorage {\n\t\treturn new AuthStorage(new FileAuthStorageBackend(authPath ?? join(getAgentDir(), \"auth.json\")));\n\t}\n\n\tstatic fromStorage(storage: AuthStorageBackend): AuthStorage {\n\t\treturn new AuthStorage(storage);\n\t}\n\n\tstatic inMemory(data: AuthStorageData = {}): AuthStorage {\n\t\tconst storage = new InMemoryAuthStorageBackend();\n\t\tstorage.withLock(() => ({ result: undefined, next: JSON.stringify(data, null, 2) }));\n\t\treturn AuthStorage.fromStorage(storage);\n\t}\n\n\t/**\n\t * Set a runtime API key override (not persisted to disk).\n\t * Used for CLI --api-key flag.\n\t */\n\tsetRuntimeApiKey(provider: string, apiKey: string): void {\n\t\tthis.runtimeOverrides.set(provider, apiKey);\n\t}\n\n\t/**\n\t * Remove a runtime API key override.\n\t */\n\tremoveRuntimeApiKey(provider: string): void {\n\t\tthis.runtimeOverrides.delete(provider);\n\t}\n\n\t/**\n\t * Set a fallback resolver for API keys not found in auth.json or env vars.\n\t * Used for custom provider keys from models.json.\n\t */\n\tsetFallbackResolver(resolver: (provider: string) => string | undefined): void {\n\t\tthis.fallbackResolver = resolver;\n\t}\n\n\tprivate recordError(error: unknown): void {\n\t\tconst normalizedError = error instanceof Error ? error : new Error(String(error));\n\t\tthis.errors.push(normalizedError);\n\t}\n\n\tprivate parseStorageData(content: string | undefined): AuthStorageData {\n\t\tif (!content) {\n\t\t\treturn {};\n\t\t}\n\t\treturn JSON.parse(content) as AuthStorageData;\n\t}\n\n\tgetCredentialsForProvider(provider: string): AuthCredential[] {\n\t\tconst entry = this.data[provider];\n\t\tif (!entry) return [];\n\t\tif (Array.isArray(entry)) return entry;\n\t\treturn [entry];\n\t}\n\n\t/**\n\t * Reload credentials from storage.\n\t */\n\treload(): void {\n\t\tlet content: string | undefined;\n\t\ttry {\n\t\t\tthis.storage.withLock((current) => {\n\t\t\t\tcontent = current;\n\t\t\t\treturn { result: undefined };\n\t\t\t});\n\t\t\tthis.data = this.parseStorageData(content);\n\t\t\tthis.loadError = null;\n\t\t} catch (error) {\n\t\t\tthis.loadError = error as Error;\n\t\t\tthis.recordError(error);\n\t\t}\n\t}\n\n\tprivate persistProviderChange(\n\t\tprovider: string,\n\t\tcredential: AuthCredential | AuthCredential[] | undefined,\n\t): void {\n\t\tif (this.loadError) {\n\t\t\treturn;\n\t\t}\n\n\t\ttry {\n\t\t\tthis.storage.withLock((current) => {\n\t\t\t\tconst currentData = this.parseStorageData(current);\n\t\t\t\tconst merged: AuthStorageData = { ...currentData };\n\t\t\t\tif (credential) {\n\t\t\t\t\tmerged[provider] = credential;\n\t\t\t\t} else {\n\t\t\t\t\tdelete merged[provider];\n\t\t\t\t}\n\t\t\t\treturn { result: undefined, next: JSON.stringify(merged, null, 2) };\n\t\t\t});\n\t\t} catch (error) {\n\t\t\tthis.recordError(error);\n\t\t}\n\t}\n\n\t/**\n\t * Get credential for a provider.\n\t */\n\tget(provider: string): AuthCredential | undefined {\n\t\treturn this.getCredentialsForProvider(provider)[0];\n\t}\n\n\t/**\n\t * Set credential for a provider.\n\t */\n\tset(provider: string, credential: AuthCredential): void {\n\t\tthis.data[provider] = credential;\n\t\tthis.persistProviderChange(provider, credential);\n\t}\n\n\t/**\n\t * Remove credential for a provider.\n\t */\n\tremove(provider: string): void {\n\t\tdelete this.data[provider];\n\t\tthis.persistProviderChange(provider, undefined);\n\t}\n\n\t/**\n\t * List all providers with credentials.\n\t */\n\tlist(): string[] {\n\t\treturn Object.keys(this.data);\n\t}\n\n\t/**\n\t * Check if credentials exist for a provider in auth.json.\n\t */\n\thas(provider: string): boolean {\n\t\treturn this.getCredentialsForProvider(provider).length > 0;\n\t}\n\n\t/**\n\t * Check if any form of auth is configured for a provider.\n\t * Unlike getApiKey(), this doesn't refresh OAuth tokens.\n\t */\n\thasAuth(provider: string): boolean {\n\t\tif (this.runtimeOverrides.has(provider)) return true;\n\t\tif (this.getCredentialsForProvider(provider).some(isUsableStoredCredential)) return true;\n\t\tif (getEnvApiKey(provider)) return true;\n\t\tif (this.fallbackResolver?.(provider)) return true;\n\t\treturn false;\n\t}\n\n\tprivate providerBackoff = new Map<string, number>();\n\n\tisProviderAvailable(provider: string): boolean {\n\t\tconst expiresAt = this.providerBackoff.get(provider);\n\t\tif (expiresAt === undefined) return true;\n\t\tif (Date.now() >= expiresAt) {\n\t\t\tthis.providerBackoff.delete(provider);\n\t\t\treturn true;\n\t\t}\n\t\treturn false;\n\t}\n\n\tmarkProviderExhausted(provider: string, _errorType?: string): void {\n\t\tthis.providerBackoff.set(provider, Date.now() + 60_000);\n\t}\n\n\tareAllCredentialsBackedOff(provider: string): boolean {\n\t\treturn !this.isProviderAvailable(provider);\n\t}\n\n\tgetProviderBackoffRemaining(provider: string): number {\n\t\tconst expiresAt = this.providerBackoff.get(provider);\n\t\tif (expiresAt === undefined) return 0;\n\t\treturn Math.max(0, expiresAt - Date.now());\n\t}\n\n\t/**\n\t * Return auth status without exposing credential values or refreshing tokens.\n\t */\n\tgetAuthStatus(provider: string): AuthStatus {\n\t\tif (this.getCredentialsForProvider(provider).some(isUsableStoredCredential)) {\n\t\t\treturn { configured: true, source: \"stored\" };\n\t\t}\n\n\t\tif (this.runtimeOverrides.has(provider)) {\n\t\t\treturn { configured: false, source: \"runtime\", label: \"--api-key\" };\n\t\t}\n\n\t\tconst envKeys = findEnvKeys(provider);\n\t\tif (envKeys?.[0]) {\n\t\t\treturn { configured: false, source: \"environment\", label: envKeys[0] };\n\t\t}\n\n\t\tif (this.fallbackResolver?.(provider)) {\n\t\t\treturn { configured: false, source: \"fallback\", label: \"custom provider config\" };\n\t\t}\n\n\t\treturn { configured: false };\n\t}\n\n\t/**\n\t * Get all credentials (for passing to getOAuthApiKey).\n\t */\n\tgetAll(): AuthStorageData {\n\t\treturn { ...this.data };\n\t}\n\n\tdrainErrors(): Error[] {\n\t\tconst drained = [...this.errors];\n\t\tthis.errors = [];\n\t\treturn drained;\n\t}\n\n\t/**\n\t * Login to an OAuth provider.\n\t */\n\tasync login(providerId: OAuthProviderId, callbacks: OAuthLoginCallbacks): Promise<void> {\n\t\tconst provider = getOAuthProvider(providerId);\n\t\tif (!provider) {\n\t\t\tthrow new Error(`Unknown OAuth provider: ${providerId}`);\n\t\t}\n\n\t\tconst credentials = await provider.login(callbacks);\n\t\tthis.set(providerId, { type: \"oauth\", ...credentials });\n\t}\n\n\t/**\n\t * Logout from a provider.\n\t */\n\tlogout(provider: string): void {\n\t\tthis.remove(provider);\n\t}\n\n\t/**\n\t * Refresh OAuth token with backend locking to prevent race conditions.\n\t * Multiple pi instances may try to refresh simultaneously when tokens expire.\n\t */\n\tprivate async refreshOAuthTokenWithLock(\n\t\tproviderId: OAuthProviderId,\n\t): Promise<{ apiKey: string; newCredentials: OAuthCredentials } | null> {\n\t\tconst provider = getOAuthProvider(providerId);\n\t\tif (!provider) {\n\t\t\treturn null;\n\t\t}\n\n\t\tconst result = await this.storage.withLockAsync(async (current) => {\n\t\t\tconst currentData = this.parseStorageData(current);\n\t\t\tthis.data = currentData;\n\t\t\tthis.loadError = null;\n\n\t\t\tconst entry = currentData[providerId];\n\t\t\tconst oauthEntry = Array.isArray(entry)\n\t\t\t\t? entry.find((candidate) => candidate.type === \"oauth\")\n\t\t\t\t: entry?.type === \"oauth\"\n\t\t\t\t\t? entry\n\t\t\t\t\t: undefined;\n\t\t\tif (!oauthEntry || oauthEntry.type !== \"oauth\") {\n\t\t\t\treturn { result: null };\n\t\t\t}\n\n\t\t\tif (Date.now() < oauthEntry.expires) {\n\t\t\t\treturn { result: { apiKey: provider.getApiKey(oauthEntry), newCredentials: oauthEntry } };\n\t\t\t}\n\n\t\t\tconst oauthCreds: Record<string, OAuthCredentials> = {};\n\t\t\tfor (const [key, value] of Object.entries(currentData)) {\n\t\t\t\tconst entries = Array.isArray(value) ? value : value ? [value] : [];\n\t\t\t\tfor (const candidate of entries) {\n\t\t\t\t\tif (candidate.type === \"oauth\") {\n\t\t\t\t\t\toauthCreds[key] = candidate;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst refreshed = await getOAuthApiKey(providerId, oauthCreds);\n\t\t\tif (!refreshed) {\n\t\t\t\treturn { result: null };\n\t\t\t}\n\n\t\t\tconst merged: AuthStorageData = {\n\t\t\t\t...currentData,\n\t\t\t\t[providerId]: { type: \"oauth\", ...refreshed.newCredentials },\n\t\t\t};\n\t\t\tthis.data = merged;\n\t\t\tthis.loadError = null;\n\t\t\treturn { result: refreshed, next: JSON.stringify(merged, null, 2) };\n\t\t});\n\n\t\treturn result;\n\t}\n\n\t/**\n\t * Get API key for a provider.\n\t * Priority:\n\t * 1. Runtime override (CLI --api-key)\n\t * 2. API key from auth.json\n\t * 3. OAuth token from auth.json (auto-refreshed with locking)\n\t * 4. Environment variable\n\t * 5. Fallback resolver (models.json custom providers)\n\t */\n\tasync getApiKey(providerId: string, options?: { includeFallback?: boolean }): Promise<string | undefined> {\n\t\t// Runtime override takes highest priority\n\t\tconst runtimeKey = this.runtimeOverrides.get(providerId);\n\t\tif (runtimeKey) {\n\t\t\treturn runtimeKey;\n\t\t}\n\n\t\tconst creds = this.getCredentialsForProvider(providerId);\n\t\tconst apiKeyCredential = creds.find(isUsableApiKeyCredential);\n\t\tconst oauthCredential = creds.find((entry) => entry.type === \"oauth\");\n\t\tconst cred = apiKeyCredential ?? oauthCredential;\n\n\t\tif (cred?.type === \"api_key\") {\n\t\t\treturn resolveConfigValue(cred.key);\n\t\t}\n\n\t\tif (cred?.type === \"oauth\") {\n\t\t\tconst provider = getOAuthProvider(providerId);\n\t\t\tif (!provider) {\n\t\t\t\t// Unknown OAuth provider, can't get API key\n\t\t\t\treturn undefined;\n\t\t\t}\n\n\t\t\t// Check if token needs refresh\n\t\t\tconst needsRefresh = Date.now() >= cred.expires;\n\n\t\t\tif (needsRefresh) {\n\t\t\t\t// Use locked refresh to prevent race conditions\n\t\t\t\ttry {\n\t\t\t\t\tconst result = await this.refreshOAuthTokenWithLock(providerId);\n\t\t\t\t\tif (result) {\n\t\t\t\t\t\treturn result.apiKey;\n\t\t\t\t\t}\n\t\t\t\t} catch (error) {\n\t\t\t\t\tthis.recordError(error);\n\t\t\t\t\t// Refresh failed - re-read file to check if another instance succeeded\n\t\t\t\t\tthis.reload();\n\t\t\t\t\tconst updatedCred = this.getCredentialsForProvider(providerId).find(\n\t\t\t\t\t\t(entry) => entry.type === \"oauth\",\n\t\t\t\t\t);\n\n\t\t\t\t\tif (updatedCred?.type === \"oauth\" && Date.now() < updatedCred.expires) {\n\t\t\t\t\t\t// Another instance refreshed successfully, use those credentials\n\t\t\t\t\t\treturn provider.getApiKey(updatedCred);\n\t\t\t\t\t}\n\n\t\t\t\t\t// Refresh truly failed - return undefined so model discovery skips this provider\n\t\t\t\t\t// User can /login to re-authenticate (credentials preserved for retry)\n\t\t\t\t\treturn undefined;\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\t// Token not expired, use current access token\n\t\t\t\treturn provider.getApiKey(cred);\n\t\t\t}\n\t\t}\n\n\t\t// Fall back to environment variable\n\t\tconst envKey = getEnvApiKey(providerId);\n\t\tif (envKey) return envKey;\n\n\t\t// Fall back to custom resolver (e.g., models.json custom providers)\n\t\tif (options?.includeFallback !== false) {\n\t\t\treturn this.fallbackResolver?.(providerId) ?? undefined;\n\t\t}\n\n\t\treturn undefined;\n\t}\n\n\t/**\n\t * Get all registered OAuth providers\n\t */\n\tgetOAuthProviders() {\n\t\treturn getOAuthProviders();\n\t}\n}\n"]}
1
+ {"version":3,"file":"auth-storage.js","sourceRoot":"","sources":["../../src/core/auth-storage.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACN,WAAW,EACX,YAAY,GAIZ,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACvF,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AACnF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,QAAQ,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AA0B/D,SAAS,wBAAwB,CAAC,UAA0B;IAC3D,OAAO,UAAU,CAAC,IAAI,KAAK,SAAS,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,wBAAwB,CAAC,UAA0B;IAC3D,OAAO,UAAU,CAAC,IAAI,KAAK,OAAO,IAAI,wBAAwB,CAAC,UAAU,CAAC,CAAC;AAC5E,CAAC;AAOD,MAAM,OAAO,sBAAsB;IAGlC,YAAY,WAAmB,IAAI,CAAC,WAAW,EAAE,EAAE,WAAW,CAAC;QAC9D,IAAI,CAAC,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC;IAEO,eAAe;QACtB,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACF,CAAC;IAEO,gBAAgB;QACvB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5C,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC;IACF,CAAC;IAEO,wBAAwB,CAAC,IAAY;QAC5C,MAAM,WAAW,GAAG,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,IAAI,SAAkB,CAAC;QAEvB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;YACzD,IAAI,CAAC;gBACJ,OAAO,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;YACrD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBAChB,MAAM,IAAI,GACT,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,MAAM,IAAI,KAAK;oBAC7D,CAAC,CAAC,MAAM,CAAE,KAA4B,CAAC,IAAI,CAAC;oBAC5C,CAAC,CAAC,SAAS,CAAC;gBACd,IAAI,IAAI,KAAK,SAAS,IAAI,OAAO,KAAK,WAAW,EAAE,CAAC;oBACnD,MAAM,KAAK,CAAC;gBACb,CAAC;gBACD,SAAS,GAAG,KAAK,CAAC;gBAClB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBACzB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,OAAO,EAAE,CAAC;oBACrC,0DAA0D;gBAC3D,CAAC;YACF,CAAC;QACF,CAAC;QAED,MAAO,SAAmB,IAAI,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IAChF,CAAC;IAED,QAAQ,CAAI,EAAkD;QAC7D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,IAAI,OAAiC,CAAC;QACtC,IAAI,CAAC;YACJ,OAAO,GAAG,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvD,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC7F,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC;YACrC,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;gBACxB,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC5C,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,MAAM,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,IAAI,OAAO,EAAE,CAAC;gBACb,OAAO,EAAE,CAAC;YACX,CAAC;QACF,CAAC;IACF,CAAC;IAED,KAAK,CAAC,aAAa,CAAI,EAA2D;QACjF,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,IAAI,OAA0C,CAAC;QAC/C,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,oBAAuC,CAAC;QAC5C,MAAM,kBAAkB,GAAG,GAAG,EAAE;YAC/B,IAAI,eAAe,EAAE,CAAC;gBACrB,MAAM,oBAAoB,IAAI,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;YAC9E,CAAC;QACF,CAAC,CAAC;QAEF,IAAI,CAAC;YACJ,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;gBAC5C,OAAO,EAAE;oBACR,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,CAAC;oBACT,UAAU,EAAE,GAAG;oBACf,UAAU,EAAE,KAAK;oBACjB,SAAS,EAAE,IAAI;iBACf;gBACD,KAAK,EAAE,KAAK;gBACZ,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE;oBACtB,eAAe,GAAG,IAAI,CAAC;oBACvB,oBAAoB,GAAG,GAAG,CAAC;gBAC5B,CAAC;aACD,CAAC,CAAC;YAEH,kBAAkB,EAAE,CAAC;YACrB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAC7F,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC;YAC3C,kBAAkB,EAAE,CAAC;YACrB,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;gBACxB,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC5C,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACjC,CAAC;YACD,kBAAkB,EAAE,CAAC;YACrB,OAAO,MAAM,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,IAAI,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC;oBACJ,MAAM,OAAO,EAAE,CAAC;gBACjB,CAAC;gBAAC,MAAM,CAAC;oBACR,iDAAiD;gBAClD,CAAC;YACF,CAAC;QACF,CAAC;IACF,CAAC;CACD;AAED,MAAM,OAAO,0BAA0B;IAGtC,QAAQ,CAAI,EAAkD;QAC7D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxC,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACnB,CAAC;QACD,OAAO,MAAM,CAAC;IACf,CAAC;IAED,KAAK,CAAC,aAAa,CAAI,EAA2D;QACjF,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACnB,CAAC;QACD,OAAO,MAAM,CAAC;IACf,CAAC;CACD;AAED;;GAEG;AACH,MAAM,OAAO,WAAW;IAQvB,YAAoB,OAA2B;QAPvC,SAAI,GAAoB,EAAE,CAAC;QAC3B,qBAAgB,GAAwB,IAAI,GAAG,EAAE,CAAC;QAElD,cAAS,GAAiB,IAAI,CAAC;QAC/B,WAAM,GAAY,EAAE,CAAC;QA2JrB,oBAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;QAvJnD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,MAAM,EAAE,CAAC;IACf,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,QAAiB;QAC9B,OAAO,IAAI,WAAW,CAAC,IAAI,sBAAsB,CAAC,QAAQ,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAClG,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,OAA2B;QAC7C,OAAO,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAAwB,EAAE;QACzC,MAAM,OAAO,GAAG,IAAI,0BAA0B,EAAE,CAAC;QACjD,OAAO,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrF,OAAO,WAAW,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,gBAAgB,CAAC,QAAgB,EAAE,MAAc;QAChD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAgB;QACnC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED;;;OAGG;IACH,mBAAmB,CAAC,QAAkD;QACrE,IAAI,CAAC,gBAAgB,GAAG,QAAQ,CAAC;IAClC,CAAC;IAEO,WAAW,CAAC,KAAc;QACjC,MAAM,eAAe,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAEO,gBAAgB,CAAC,OAA2B;QACnD,IAAI,CAAC,OAAO,EAAE,CAAC;YACd,OAAO,EAAE,CAAC;QACX,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAoB,CAAC;IAC/C,CAAC;IAED,yBAAyB,CAAC,QAAgB;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,CAAC;QACtB,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM;QACL,IAAI,OAA2B,CAAC;QAChC,IAAI,CAAC;YACJ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE;gBACjC,OAAO,GAAG,OAAO,CAAC;gBAClB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;YAC9B,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC3C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,IAAI,CAAC,SAAS,GAAG,KAAc,CAAC;YAChC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;IACF,CAAC;IAEO,qBAAqB,CAC5B,QAAgB,EAChB,UAAyD;QAEzD,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO;QACR,CAAC;QAED,IAAI,CAAC;YACJ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE;gBACjC,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBACnD,MAAM,MAAM,GAAoB,EAAE,GAAG,WAAW,EAAE,CAAC;gBACnD,IAAI,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,QAAQ,CAAC,GAAG,UAAU,CAAC;gBAC/B,CAAC;qBAAM,CAAC;oBACP,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACzB,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;YACrE,CAAC,CAAC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;IACF,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,QAAgB;QACnB,OAAO,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,QAAgB,EAAE,UAA0B;QAC/C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,UAAU,CAAC;QACjC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,QAAgB;QACtB,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,IAAI;QACH,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,QAAgB;QACnB,OAAO,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACH,OAAO,CAAC,QAAgB;QACvB,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,IAAI,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC;YAAE,OAAO,IAAI,CAAC;QACzF,IAAI,YAAY,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACxC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,CAAC;QACnD,OAAO,KAAK,CAAC;IACd,CAAC;IAID,mBAAmB,CAAC,QAAgB;QACnC,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO,IAAI,CAAC;QACzC,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QACb,CAAC;QACD,OAAO,KAAK,CAAC;IACd,CAAC;IAED,qBAAqB,CAAC,QAAgB,EAAE,UAAmB;QAC1D,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC;IACzD,CAAC;IAED,0BAA0B,CAAC,QAAgB;QAC1C,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAED,2BAA2B,CAAC,QAAgB;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC;QACtC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,QAAgB;QAC7B,IAAI,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC;YAC7E,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAED,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;QACrE,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;QACtC,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClB,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,CAAC;QAED,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC;QACnF,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM;QACL,OAAO,EAAE,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IACzB,CAAC;IAED,WAAW;QACV,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,OAAO,OAAO,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,UAA2B,EAAE,SAA8B;QACtE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,2BAA2B,UAAU,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,WAAW,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,QAAgB;QACtB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACvB,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,yBAAyB,CACtC,UAA2B;QAE3B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACb,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;YACjE,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACnD,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;YACxB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YAEtB,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;YACtC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;gBACtC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,OAAO,CAAC;gBACvD,CAAC,CAAC,KAAK,EAAE,IAAI,KAAK,OAAO;oBACxB,CAAC,CAAC,KAAK;oBACP,CAAC,CAAC,SAAS,CAAC;YACd,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBAChD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;gBACrC,OAAO,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,EAAE,CAAC;YAC3F,CAAC;YAED,MAAM,UAAU,GAAqC,EAAE,CAAC;YACxD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBACxD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,KAAK,MAAM,SAAS,IAAI,OAAO,EAAE,CAAC;oBACjC,IAAI,SAAS,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;wBAChC,UAAU,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC;oBAC7B,CAAC;gBACF,CAAC;YACF,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;YAC/D,IAAI,CAAC,SAAS,EAAE,CAAC;gBAChB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,MAAM,MAAM,GAAoB;gBAC/B,GAAG,WAAW;gBACd,CAAC,UAAU,CAAC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC,cAAc,EAAE;aAC5D,CAAC;YACF,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC;YACnB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACtB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QACrE,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IACf,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,SAAS,CAAC,UAAkB,EAAE,OAAuC;QAC1E,0CAA0C;QAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACzD,IAAI,UAAU,EAAE,CAAC;YAChB,OAAO,UAAU,CAAC;QACnB,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,gBAAgB,GAAG,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC9D,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;QACtE,yEAAyE;QACzE,yEAAyE;QACzE,4EAA4E;QAC5E,MAAM,IAAI,GACT,eAAe,IAAI,gBAAgB,CAAC,UAAU,CAAC;YAC9C,CAAC,CAAC,eAAe;YACjB,CAAC,CAAC,CAAC,gBAAgB,IAAI,eAAe,CAAC,CAAC;QAE1C,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;YAC9B,OAAO,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrC,CAAC;QAED,IAAI,IAAI,EAAE,IAAI,KAAK,OAAO,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACf,4CAA4C;gBAC5C,OAAO,SAAS,CAAC;YAClB,CAAC;YAED,MAAM,mBAAmB,GAAG,GAAuB,EAAE,CACpD,gBAAgB,CAAC,CAAC,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YAEzE,+BAA+B;YAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC;YAEhD,IAAI,YAAY,EAAE,CAAC;gBAClB,gDAAgD;gBAChD,IAAI,CAAC;oBACJ,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;oBAChE,IAAI,MAAM,EAAE,CAAC;wBACZ,OAAO,MAAM,CAAC,MAAM,CAAC;oBACtB,CAAC;gBACF,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBAChB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACzB,CAAC;gBAED,2FAA2F;gBAC3F,IAAI,CAAC,MAAM,EAAE,CAAC;gBACd,MAAM,WAAW,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC,IAAI,CAClE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,OAAO,CACjC,CAAC;gBAEF,IAAI,WAAW,EAAE,IAAI,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,OAAO,EAAE,CAAC;oBACvE,OAAO,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;gBACxC,CAAC;gBAED,MAAM,YAAY,GAAG,mBAAmB,EAAE,CAAC;gBAC3C,IAAI,YAAY,EAAE,CAAC;oBAClB,OAAO,YAAY,CAAC;gBACrB,CAAC;YACF,CAAC;iBAAM,CAAC;gBACP,8CAA8C;gBAC9C,OAAO,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACjC,CAAC;QACF,CAAC;QAED,oCAAoC;QACpC,MAAM,MAAM,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;QACxC,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,oEAAoE;QACpE,IAAI,OAAO,EAAE,eAAe,KAAK,KAAK,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,gBAAgB,EAAE,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC;QACzD,CAAC;QAED,OAAO,SAAS,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,iBAAiB;QAChB,OAAO,iBAAiB,EAAE,CAAC;IAC5B,CAAC;CACD","sourcesContent":["/**\n * Credential storage for API keys and OAuth tokens.\n * Handles loading, saving, and refreshing credentials from auth.json.\n *\n * Uses file locking to prevent race conditions when multiple pi instances\n * try to refresh tokens simultaneously.\n */\n\nimport {\n\tfindEnvKeys,\n\tgetEnvApiKey,\n\ttype OAuthCredentials,\n\ttype OAuthLoginCallbacks,\n\ttype OAuthProviderId,\n} from \"@gsd/pi-ai\";\nimport { getOAuthApiKey, getOAuthProvider, getOAuthProviders } from \"@gsd/pi-ai/oauth\";\nimport { chmodSync, existsSync, mkdirSync, readFileSync, writeFileSync } from \"fs\";\nimport { dirname, join } from \"path\";\nimport lockfile from \"proper-lockfile\";\nimport { getAgentDir } from \"../config.js\";\nimport { normalizePath } from \"../utils/paths.js\";\nimport { resolveConfigValue } from \"./resolve-config-value.js\";\n\nexport type ApiKeyCredential = {\n\ttype: \"api_key\";\n\tkey: string;\n};\n\nexport type OAuthCredential = {\n\ttype: \"oauth\";\n} & OAuthCredentials;\n\nexport type AuthCredential = ApiKeyCredential | OAuthCredential;\n\nexport type AuthStorageData = Record<string, AuthCredential | AuthCredential[]>;\n\nexport type AuthStatus = {\n\tconfigured: boolean;\n\tsource?: \"stored\" | \"runtime\" | \"environment\" | \"fallback\" | \"models_json_key\" | \"models_json_command\";\n\tlabel?: string;\n};\n\ntype LockResult<T> = {\n\tresult: T;\n\tnext?: string;\n};\n\nfunction isUsableApiKeyCredential(credential: AuthCredential): credential is ApiKeyCredential {\n\treturn credential.type === \"api_key\" && credential.key.trim().length > 0;\n}\n\nfunction isUsableStoredCredential(credential: AuthCredential): boolean {\n\treturn credential.type === \"oauth\" || isUsableApiKeyCredential(credential);\n}\n\nexport interface AuthStorageBackend {\n\twithLock<T>(fn: (current: string | undefined) => LockResult<T>): T;\n\twithLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T>;\n}\n\nexport class FileAuthStorageBackend implements AuthStorageBackend {\n\tprivate authPath: string;\n\n\tconstructor(authPath: string = join(getAgentDir(), \"auth.json\")) {\n\t\tthis.authPath = normalizePath(authPath);\n\t}\n\n\tprivate ensureParentDir(): void {\n\t\tconst dir = dirname(this.authPath);\n\t\tif (!existsSync(dir)) {\n\t\t\tmkdirSync(dir, { recursive: true, mode: 0o700 });\n\t\t}\n\t}\n\n\tprivate ensureFileExists(): void {\n\t\tif (!existsSync(this.authPath)) {\n\t\t\twriteFileSync(this.authPath, \"{}\", \"utf-8\");\n\t\t\tchmodSync(this.authPath, 0o600);\n\t\t}\n\t}\n\n\tprivate acquireLockSyncWithRetry(path: string): () => void {\n\t\tconst maxAttempts = 10;\n\t\tconst delayMs = 20;\n\t\tlet lastError: unknown;\n\n\t\tfor (let attempt = 1; attempt <= maxAttempts; attempt++) {\n\t\t\ttry {\n\t\t\t\treturn lockfile.lockSync(path, { realpath: false });\n\t\t\t} catch (error) {\n\t\t\t\tconst code =\n\t\t\t\t\ttypeof error === \"object\" && error !== null && \"code\" in error\n\t\t\t\t\t\t? String((error as { code?: unknown }).code)\n\t\t\t\t\t\t: undefined;\n\t\t\t\tif (code !== \"ELOCKED\" || attempt === maxAttempts) {\n\t\t\t\t\tthrow error;\n\t\t\t\t}\n\t\t\t\tlastError = error;\n\t\t\t\tconst start = Date.now();\n\t\t\t\twhile (Date.now() - start < delayMs) {\n\t\t\t\t\t// Sleep synchronously to avoid changing callers to async.\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tthrow (lastError as Error) ?? new Error(\"Failed to acquire auth storage lock\");\n\t}\n\n\twithLock<T>(fn: (current: string | undefined) => LockResult<T>): T {\n\t\tthis.ensureParentDir();\n\t\tthis.ensureFileExists();\n\n\t\tlet release: (() => void) | undefined;\n\t\ttry {\n\t\t\trelease = this.acquireLockSyncWithRetry(this.authPath);\n\t\t\tconst current = existsSync(this.authPath) ? readFileSync(this.authPath, \"utf-8\") : undefined;\n\t\t\tconst { result, next } = fn(current);\n\t\t\tif (next !== undefined) {\n\t\t\t\twriteFileSync(this.authPath, next, \"utf-8\");\n\t\t\t\tchmodSync(this.authPath, 0o600);\n\t\t\t}\n\t\t\treturn result;\n\t\t} finally {\n\t\t\tif (release) {\n\t\t\t\trelease();\n\t\t\t}\n\t\t}\n\t}\n\n\tasync withLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T> {\n\t\tthis.ensureParentDir();\n\t\tthis.ensureFileExists();\n\n\t\tlet release: (() => Promise<void>) | undefined;\n\t\tlet lockCompromised = false;\n\t\tlet lockCompromisedError: Error | undefined;\n\t\tconst throwIfCompromised = () => {\n\t\t\tif (lockCompromised) {\n\t\t\t\tthrow lockCompromisedError ?? new Error(\"Auth storage lock was compromised\");\n\t\t\t}\n\t\t};\n\n\t\ttry {\n\t\t\trelease = await lockfile.lock(this.authPath, {\n\t\t\t\tretries: {\n\t\t\t\t\tretries: 10,\n\t\t\t\t\tfactor: 2,\n\t\t\t\t\tminTimeout: 100,\n\t\t\t\t\tmaxTimeout: 10000,\n\t\t\t\t\trandomize: true,\n\t\t\t\t},\n\t\t\t\tstale: 30000,\n\t\t\t\tonCompromised: (err) => {\n\t\t\t\t\tlockCompromised = true;\n\t\t\t\t\tlockCompromisedError = err;\n\t\t\t\t},\n\t\t\t});\n\n\t\t\tthrowIfCompromised();\n\t\t\tconst current = existsSync(this.authPath) ? readFileSync(this.authPath, \"utf-8\") : undefined;\n\t\t\tconst { result, next } = await fn(current);\n\t\t\tthrowIfCompromised();\n\t\t\tif (next !== undefined) {\n\t\t\t\twriteFileSync(this.authPath, next, \"utf-8\");\n\t\t\t\tchmodSync(this.authPath, 0o600);\n\t\t\t}\n\t\t\tthrowIfCompromised();\n\t\t\treturn result;\n\t\t} finally {\n\t\t\tif (release) {\n\t\t\t\ttry {\n\t\t\t\t\tawait release();\n\t\t\t\t} catch {\n\t\t\t\t\t// Ignore unlock errors when lock is compromised.\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n}\n\nexport class InMemoryAuthStorageBackend implements AuthStorageBackend {\n\tprivate value: string | undefined;\n\n\twithLock<T>(fn: (current: string | undefined) => LockResult<T>): T {\n\t\tconst { result, next } = fn(this.value);\n\t\tif (next !== undefined) {\n\t\t\tthis.value = next;\n\t\t}\n\t\treturn result;\n\t}\n\n\tasync withLockAsync<T>(fn: (current: string | undefined) => Promise<LockResult<T>>): Promise<T> {\n\t\tconst { result, next } = await fn(this.value);\n\t\tif (next !== undefined) {\n\t\t\tthis.value = next;\n\t\t}\n\t\treturn result;\n\t}\n}\n\n/**\n * Credential storage backed by a JSON file.\n */\nexport class AuthStorage {\n\tprivate data: AuthStorageData = {};\n\tprivate runtimeOverrides: Map<string, string> = new Map();\n\tprivate fallbackResolver?: (provider: string) => string | undefined;\n\tprivate loadError: Error | null = null;\n\tprivate errors: Error[] = [];\n\tprivate storage: AuthStorageBackend;\n\n\tprivate constructor(storage: AuthStorageBackend) {\n\t\tthis.storage = storage;\n\t\tthis.reload();\n\t}\n\n\tstatic create(authPath?: string): AuthStorage {\n\t\treturn new AuthStorage(new FileAuthStorageBackend(authPath ?? join(getAgentDir(), \"auth.json\")));\n\t}\n\n\tstatic fromStorage(storage: AuthStorageBackend): AuthStorage {\n\t\treturn new AuthStorage(storage);\n\t}\n\n\tstatic inMemory(data: AuthStorageData = {}): AuthStorage {\n\t\tconst storage = new InMemoryAuthStorageBackend();\n\t\tstorage.withLock(() => ({ result: undefined, next: JSON.stringify(data, null, 2) }));\n\t\treturn AuthStorage.fromStorage(storage);\n\t}\n\n\t/**\n\t * Set a runtime API key override (not persisted to disk).\n\t * Used for CLI --api-key flag.\n\t */\n\tsetRuntimeApiKey(provider: string, apiKey: string): void {\n\t\tthis.runtimeOverrides.set(provider, apiKey);\n\t}\n\n\t/**\n\t * Remove a runtime API key override.\n\t */\n\tremoveRuntimeApiKey(provider: string): void {\n\t\tthis.runtimeOverrides.delete(provider);\n\t}\n\n\t/**\n\t * Set a fallback resolver for API keys not found in auth.json or env vars.\n\t * Used for custom provider keys from models.json.\n\t */\n\tsetFallbackResolver(resolver: (provider: string) => string | undefined): void {\n\t\tthis.fallbackResolver = resolver;\n\t}\n\n\tprivate recordError(error: unknown): void {\n\t\tconst normalizedError = error instanceof Error ? error : new Error(String(error));\n\t\tthis.errors.push(normalizedError);\n\t}\n\n\tprivate parseStorageData(content: string | undefined): AuthStorageData {\n\t\tif (!content) {\n\t\t\treturn {};\n\t\t}\n\t\treturn JSON.parse(content) as AuthStorageData;\n\t}\n\n\tgetCredentialsForProvider(provider: string): AuthCredential[] {\n\t\tconst entry = this.data[provider];\n\t\tif (!entry) return [];\n\t\tif (Array.isArray(entry)) return entry;\n\t\treturn [entry];\n\t}\n\n\t/**\n\t * Reload credentials from storage.\n\t */\n\treload(): void {\n\t\tlet content: string | undefined;\n\t\ttry {\n\t\t\tthis.storage.withLock((current) => {\n\t\t\t\tcontent = current;\n\t\t\t\treturn { result: undefined };\n\t\t\t});\n\t\t\tthis.data = this.parseStorageData(content);\n\t\t\tthis.loadError = null;\n\t\t} catch (error) {\n\t\t\tthis.loadError = error as Error;\n\t\t\tthis.recordError(error);\n\t\t}\n\t}\n\n\tprivate persistProviderChange(\n\t\tprovider: string,\n\t\tcredential: AuthCredential | AuthCredential[] | undefined,\n\t): void {\n\t\tif (this.loadError) {\n\t\t\treturn;\n\t\t}\n\n\t\ttry {\n\t\t\tthis.storage.withLock((current) => {\n\t\t\t\tconst currentData = this.parseStorageData(current);\n\t\t\t\tconst merged: AuthStorageData = { ...currentData };\n\t\t\t\tif (credential) {\n\t\t\t\t\tmerged[provider] = credential;\n\t\t\t\t} else {\n\t\t\t\t\tdelete merged[provider];\n\t\t\t\t}\n\t\t\t\treturn { result: undefined, next: JSON.stringify(merged, null, 2) };\n\t\t\t});\n\t\t} catch (error) {\n\t\t\tthis.recordError(error);\n\t\t}\n\t}\n\n\t/**\n\t * Get credential for a provider.\n\t */\n\tget(provider: string): AuthCredential | undefined {\n\t\treturn this.getCredentialsForProvider(provider)[0];\n\t}\n\n\t/**\n\t * Set credential for a provider.\n\t */\n\tset(provider: string, credential: AuthCredential): void {\n\t\tthis.data[provider] = credential;\n\t\tthis.persistProviderChange(provider, credential);\n\t}\n\n\t/**\n\t * Remove credential for a provider.\n\t */\n\tremove(provider: string): void {\n\t\tdelete this.data[provider];\n\t\tthis.persistProviderChange(provider, undefined);\n\t}\n\n\t/**\n\t * List all providers with credentials.\n\t */\n\tlist(): string[] {\n\t\treturn Object.keys(this.data);\n\t}\n\n\t/**\n\t * Check if credentials exist for a provider in auth.json.\n\t */\n\thas(provider: string): boolean {\n\t\treturn this.getCredentialsForProvider(provider).length > 0;\n\t}\n\n\t/**\n\t * Check if any form of auth is configured for a provider.\n\t * Unlike getApiKey(), this doesn't refresh OAuth tokens.\n\t */\n\thasAuth(provider: string): boolean {\n\t\tif (this.runtimeOverrides.has(provider)) return true;\n\t\tif (this.getCredentialsForProvider(provider).some(isUsableStoredCredential)) return true;\n\t\tif (getEnvApiKey(provider)) return true;\n\t\tif (this.fallbackResolver?.(provider)) return true;\n\t\treturn false;\n\t}\n\n\tprivate providerBackoff = new Map<string, number>();\n\n\tisProviderAvailable(provider: string): boolean {\n\t\tconst expiresAt = this.providerBackoff.get(provider);\n\t\tif (expiresAt === undefined) return true;\n\t\tif (Date.now() >= expiresAt) {\n\t\t\tthis.providerBackoff.delete(provider);\n\t\t\treturn true;\n\t\t}\n\t\treturn false;\n\t}\n\n\tmarkProviderExhausted(provider: string, _errorType?: string): void {\n\t\tthis.providerBackoff.set(provider, Date.now() + 60_000);\n\t}\n\n\tareAllCredentialsBackedOff(provider: string): boolean {\n\t\treturn !this.isProviderAvailable(provider);\n\t}\n\n\tgetProviderBackoffRemaining(provider: string): number {\n\t\tconst expiresAt = this.providerBackoff.get(provider);\n\t\tif (expiresAt === undefined) return 0;\n\t\treturn Math.max(0, expiresAt - Date.now());\n\t}\n\n\t/**\n\t * Return auth status without exposing credential values or refreshing tokens.\n\t */\n\tgetAuthStatus(provider: string): AuthStatus {\n\t\tif (this.getCredentialsForProvider(provider).some(isUsableStoredCredential)) {\n\t\t\treturn { configured: true, source: \"stored\" };\n\t\t}\n\n\t\tif (this.runtimeOverrides.has(provider)) {\n\t\t\treturn { configured: false, source: \"runtime\", label: \"--api-key\" };\n\t\t}\n\n\t\tconst envKeys = findEnvKeys(provider);\n\t\tif (envKeys?.[0]) {\n\t\t\treturn { configured: false, source: \"environment\", label: envKeys[0] };\n\t\t}\n\n\t\tif (this.fallbackResolver?.(provider)) {\n\t\t\treturn { configured: false, source: \"fallback\", label: \"custom provider config\" };\n\t\t}\n\n\t\treturn { configured: false };\n\t}\n\n\t/**\n\t * Get all credentials (for passing to getOAuthApiKey).\n\t */\n\tgetAll(): AuthStorageData {\n\t\treturn { ...this.data };\n\t}\n\n\tdrainErrors(): Error[] {\n\t\tconst drained = [...this.errors];\n\t\tthis.errors = [];\n\t\treturn drained;\n\t}\n\n\t/**\n\t * Login to an OAuth provider.\n\t */\n\tasync login(providerId: OAuthProviderId, callbacks: OAuthLoginCallbacks): Promise<void> {\n\t\tconst provider = getOAuthProvider(providerId);\n\t\tif (!provider) {\n\t\t\tthrow new Error(`Unknown OAuth provider: ${providerId}`);\n\t\t}\n\n\t\tconst credentials = await provider.login(callbacks);\n\t\tthis.set(providerId, { type: \"oauth\", ...credentials });\n\t}\n\n\t/**\n\t * Logout from a provider.\n\t */\n\tlogout(provider: string): void {\n\t\tthis.remove(provider);\n\t}\n\n\t/**\n\t * Refresh OAuth token with backend locking to prevent race conditions.\n\t * Multiple pi instances may try to refresh simultaneously when tokens expire.\n\t */\n\tprivate async refreshOAuthTokenWithLock(\n\t\tproviderId: OAuthProviderId,\n\t): Promise<{ apiKey: string; newCredentials: OAuthCredentials } | null> {\n\t\tconst provider = getOAuthProvider(providerId);\n\t\tif (!provider) {\n\t\t\treturn null;\n\t\t}\n\n\t\tconst result = await this.storage.withLockAsync(async (current) => {\n\t\t\tconst currentData = this.parseStorageData(current);\n\t\t\tthis.data = currentData;\n\t\t\tthis.loadError = null;\n\n\t\t\tconst entry = currentData[providerId];\n\t\t\tconst oauthEntry = Array.isArray(entry)\n\t\t\t\t? entry.find((candidate) => candidate.type === \"oauth\")\n\t\t\t\t: entry?.type === \"oauth\"\n\t\t\t\t\t? entry\n\t\t\t\t\t: undefined;\n\t\t\tif (!oauthEntry || oauthEntry.type !== \"oauth\") {\n\t\t\t\treturn { result: null };\n\t\t\t}\n\n\t\t\tif (Date.now() < oauthEntry.expires) {\n\t\t\t\treturn { result: { apiKey: provider.getApiKey(oauthEntry), newCredentials: oauthEntry } };\n\t\t\t}\n\n\t\t\tconst oauthCreds: Record<string, OAuthCredentials> = {};\n\t\t\tfor (const [key, value] of Object.entries(currentData)) {\n\t\t\t\tconst entries = Array.isArray(value) ? value : value ? [value] : [];\n\t\t\t\tfor (const candidate of entries) {\n\t\t\t\t\tif (candidate.type === \"oauth\") {\n\t\t\t\t\t\toauthCreds[key] = candidate;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst refreshed = await getOAuthApiKey(providerId, oauthCreds);\n\t\t\tif (!refreshed) {\n\t\t\t\treturn { result: null };\n\t\t\t}\n\n\t\t\tconst merged: AuthStorageData = {\n\t\t\t\t...currentData,\n\t\t\t\t[providerId]: { type: \"oauth\", ...refreshed.newCredentials },\n\t\t\t};\n\t\t\tthis.data = merged;\n\t\t\tthis.loadError = null;\n\t\t\treturn { result: refreshed, next: JSON.stringify(merged, null, 2) };\n\t\t});\n\n\t\treturn result;\n\t}\n\n\t/**\n\t * Get API key for a provider.\n\t * Priority:\n\t * 1. Runtime override (CLI --api-key)\n\t * 2. OAuth token from auth.json (when provider supports OAuth login)\n\t * 3. API key from auth.json (including fallback when OAuth refresh fails)\n\t * 4. Environment variable\n\t * 5. Fallback resolver (models.json custom providers)\n\t */\n\tasync getApiKey(providerId: string, options?: { includeFallback?: boolean }): Promise<string | undefined> {\n\t\t// Runtime override takes highest priority\n\t\tconst runtimeKey = this.runtimeOverrides.get(providerId);\n\t\tif (runtimeKey) {\n\t\t\treturn runtimeKey;\n\t\t}\n\n\t\tconst creds = this.getCredentialsForProvider(providerId);\n\t\tconst apiKeyCredential = creds.find(isUsableApiKeyCredential);\n\t\tconst oauthCredential = creds.find((entry) => entry.type === \"oauth\");\n\t\t// Prefer OAuth for providers that support subscription login (anthropic,\n\t\t// github-copilot, openai-codex). Users often have both OAuth and a stale\n\t\t// API key on disk; subscription auth should win unless --api-key overrides.\n\t\tconst cred =\n\t\t\toauthCredential && getOAuthProvider(providerId)\n\t\t\t\t? oauthCredential\n\t\t\t\t: (apiKeyCredential ?? oauthCredential);\n\n\t\tif (cred?.type === \"api_key\") {\n\t\t\treturn resolveConfigValue(cred.key);\n\t\t}\n\n\t\tif (cred?.type === \"oauth\") {\n\t\t\tconst provider = getOAuthProvider(providerId);\n\t\t\tif (!provider) {\n\t\t\t\t// Unknown OAuth provider, can't get API key\n\t\t\t\treturn undefined;\n\t\t\t}\n\n\t\t\tconst resolveStoredApiKey = (): string | undefined =>\n\t\t\t\tapiKeyCredential ? resolveConfigValue(apiKeyCredential.key) : undefined;\n\n\t\t\t// Check if token needs refresh\n\t\t\tconst needsRefresh = Date.now() >= cred.expires;\n\n\t\t\tif (needsRefresh) {\n\t\t\t\t// Use locked refresh to prevent race conditions\n\t\t\t\ttry {\n\t\t\t\t\tconst result = await this.refreshOAuthTokenWithLock(providerId);\n\t\t\t\t\tif (result) {\n\t\t\t\t\t\treturn result.apiKey;\n\t\t\t\t\t}\n\t\t\t\t} catch (error) {\n\t\t\t\t\tthis.recordError(error);\n\t\t\t\t}\n\n\t\t\t\t// Refresh failed or returned nothing - re-read file to check if another instance succeeded\n\t\t\t\tthis.reload();\n\t\t\t\tconst updatedCred = this.getCredentialsForProvider(providerId).find(\n\t\t\t\t\t(entry) => entry.type === \"oauth\",\n\t\t\t\t);\n\n\t\t\t\tif (updatedCred?.type === \"oauth\" && Date.now() < updatedCred.expires) {\n\t\t\t\t\treturn provider.getApiKey(updatedCred);\n\t\t\t\t}\n\n\t\t\t\tconst storedApiKey = resolveStoredApiKey();\n\t\t\t\tif (storedApiKey) {\n\t\t\t\t\treturn storedApiKey;\n\t\t\t\t}\n\t\t\t} else {\n\t\t\t\t// Token not expired, use current access token\n\t\t\t\treturn provider.getApiKey(cred);\n\t\t\t}\n\t\t}\n\n\t\t// Fall back to environment variable\n\t\tconst envKey = getEnvApiKey(providerId);\n\t\tif (envKey) return envKey;\n\n\t\t// Fall back to custom resolver (e.g., models.json custom providers)\n\t\tif (options?.includeFallback !== false) {\n\t\t\treturn this.fallbackResolver?.(providerId) ?? undefined;\n\t\t}\n\n\t\treturn undefined;\n\t}\n\n\t/**\n\t * Get all registered OAuth providers\n\t */\n\tgetOAuthProviders() {\n\t\treturn getOAuthProviders();\n\t}\n}\n"]}
package/packages/pi-coding-agent/dist/core/provider-readiness.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider-readiness.d.ts","sourceRoot":"","sources":["../../src/core/provider-readiness.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAErD,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,aAAa,CAAC;AAE3E,MAAM,WAAW,uBAAuB;IACvC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC;IACxB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,gBAAgB,CAAC;CAC5B;AAED,MAAM,WAAW,qBAAqB;IACrC,WAAW,EAAE,WAAW,CAAC;IACzB,mBAAmB,EAAE,GAAG,CAAC,MAAM,EAAE,uBAAuB,CAAC,CAAC;IAC1D,sBAAsB,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACzD,sBAAsB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CACpC;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,GAAG,gBAAgB,CAQnG;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAQhG;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,GAAG,MAAM,EAAE,CAE/E;AAED,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAO7F"}
1
+ {"version":3,"file":"provider-readiness.d.ts","sourceRoot":"","sources":["../../src/core/provider-readiness.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAErD,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,aAAa,CAAC;AAE3E,MAAM,WAAW,uBAAuB;IACvC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC;IACxB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,gBAAgB,CAAC;CAC5B;AAED,MAAM,WAAW,qBAAqB;IACrC,WAAW,EAAE,WAAW,CAAC;IACzB,mBAAmB,EAAE,GAAG,CAAC,MAAM,EAAE,uBAAuB,CAAC,CAAC;IAC1D,sBAAsB,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACzD,sBAAsB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CACpC;AAED,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,GAAG,gBAAgB,CAenG;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,CAQhG;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,qBAAqB,GAAG,MAAM,EAAE,CAE/E;AAED,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAO7F"}
package/packages/pi-coding-agent/dist/core/provider-readiness.js CHANGED
@@ -1,18 +1,25 @@
1
1
  /**
2
2
  * Provider readiness policy extracted from ModelRegistry.
3
3
  */
4
+ import { getOAuthProviders } from "@gsd/pi-ai/oauth";
4
5
  export function getProviderAuthMode(deps, provider) {
5
6
  if (provider === "gsd-fake")
6
7
  return "none";
7
8
  const config = deps.registeredProviders.get(provider);
8
- if (!config)
9
+ if (config) {
10
+ if (config.authMode)
11
+ return config.authMode;
12
+ if (config.oauth)
13
+ return "oauth";
14
+ if (config.apiKey)
15
+ return "apiKey";
9
16
  return "apiKey";
10
- if (config.authMode)
11
- return config.authMode;
12
- if (config.oauth)
17
+ }
18
+ // Built-in OAuth providers (openai-codex, github-copilot, …) are not
19
+ // registered via registerProvider(), but still authenticate via OAuth.
20
+ if (getOAuthProviders().some((oauthProvider) => oauthProvider.id === provider)) {
13
21
  return "oauth";
14
- if (config.apiKey)
15
- return "apiKey";
22
+ }
16
23
  return "apiKey";
17
24
  }
18
25
  export function setDisabledModelProviders(deps, providers) {
package/packages/pi-coding-agent/dist/core/provider-readiness.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"provider-readiness.js","sourceRoot":"","sources":["../../src/core/provider-readiness.ts"],"names":[],"mappings":"AAAA;;GAEG;AAoBH,MAAM,UAAU,mBAAmB,CAAC,IAA2B,EAAE,QAAgB;IAChF,IAAI,QAAQ,KAAK,UAAU;QAAE,OAAO,MAAM,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtD,IAAI,CAAC,MAAM;QAAE,OAAO,QAAQ,CAAC;IAC7B,IAAI,MAAM,CAAC,QAAQ;QAAE,OAAO,MAAM,CAAC,QAAQ,CAAC;IAC5C,IAAI,MAAM,CAAC,KAAK;QAAE,OAAO,OAAO,CAAC;IACjC,IAAI,MAAM,CAAC,MAAM;QAAE,OAAO,QAAQ,CAAC;IACnC,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,IAA2B,EAAE,SAAmB;IACzF,IAAI,CAAC,sBAAsB,CAAC,KAAK,EAAE,CAAC;IACpC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC7C,CAAC;IACF,CAAC;AACF,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,IAA2B;IACpE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,IAA2B,EAAE,QAAgB;IACnF,IAAI,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IACjF,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtD,IAAI,MAAM,EAAE,OAAO;QAAE,OAAO,MAAM,CAAC,OAAO,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACrD,IAAI,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACnE,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AACxF,CAAC","sourcesContent":["/**\n * Provider readiness policy extracted from ModelRegistry.\n */\n\nimport type { AuthStorage } from \"./auth-storage.js\";\n\nexport type ProviderAuthMode = \"apiKey\" | \"oauth\" | \"none\" | \"externalCli\";\n\nexport interface ProviderReadinessConfig {\n\tisReady?: () => boolean;\n\toauth?: unknown;\n\tapiKey?: string;\n\tauthMode?: ProviderAuthMode;\n}\n\nexport interface ProviderReadinessDeps {\n\tauthStorage: AuthStorage;\n\tregisteredProviders: Map<string, ProviderReadinessConfig>;\n\tproviderRequestConfigs: Map<string, { apiKey?: string }>;\n\tdisabledModelProviders: Set<string>;\n}\n\nexport function getProviderAuthMode(deps: ProviderReadinessDeps, provider: string): ProviderAuthMode {\n\tif (provider === \"gsd-fake\") return \"none\";\n\tconst config = deps.registeredProviders.get(provider);\n\tif (!config) return \"apiKey\";\n\tif (config.authMode) return config.authMode;\n\tif (config.oauth) return \"oauth\";\n\tif (config.apiKey) return \"apiKey\";\n\treturn \"apiKey\";\n}\n\nexport function setDisabledModelProviders(deps: ProviderReadinessDeps, providers: string[]): void {\n\tdeps.disabledModelProviders.clear();\n\tfor (const provider of providers) {\n\t\tconst normalized = provider.trim().toLowerCase();\n\t\tif (normalized.length > 0) {\n\t\t\tdeps.disabledModelProviders.add(normalized);\n\t\t}\n\t}\n}\n\nexport function getDisabledModelProviders(deps: ProviderReadinessDeps): string[] {\n\treturn Array.from(deps.disabledModelProviders);\n}\n\nexport function isProviderRequestReady(deps: ProviderReadinessDeps, provider: string): boolean {\n\tif (deps.disabledModelProviders.has(provider.trim().toLowerCase())) return false;\n\tconst config = deps.registeredProviders.get(provider);\n\tif (config?.isReady) return config.isReady();\n\tconst authMode = getProviderAuthMode(deps, provider);\n\tif (authMode === \"externalCli\" || authMode === \"none\") return true;\n\treturn deps.authStorage.hasAuth(provider) || deps.providerRequestConfigs.has(provider);\n}\n"]}
1
+ {"version":3,"file":"provider-readiness.js","sourceRoot":"","sources":["../../src/core/provider-readiness.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAmBrD,MAAM,UAAU,mBAAmB,CAAC,IAA2B,EAAE,QAAgB;IAChF,IAAI,QAAQ,KAAK,UAAU;QAAE,OAAO,MAAM,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtD,IAAI,MAAM,EAAE,CAAC;QACZ,IAAI,MAAM,CAAC,QAAQ;YAAE,OAAO,MAAM,CAAC,QAAQ,CAAC;QAC5C,IAAI,MAAM,CAAC,KAAK;YAAE,OAAO,OAAO,CAAC;QACjC,IAAI,MAAM,CAAC,MAAM;YAAE,OAAO,QAAQ,CAAC;QACnC,OAAO,QAAQ,CAAC;IACjB,CAAC;IACD,qEAAqE;IACrE,uEAAuE;IACvE,IAAI,iBAAiB,EAAE,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE,CAAC;QAChF,OAAO,OAAO,CAAC;IAChB,CAAC;IACD,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,IAA2B,EAAE,SAAmB;IACzF,IAAI,CAAC,sBAAsB,CAAC,KAAK,EAAE,CAAC;IACpC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC7C,CAAC;IACF,CAAC;AACF,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,IAA2B;IACpE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,IAA2B,EAAE,QAAgB;IACnF,IAAI,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IACjF,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtD,IAAI,MAAM,EAAE,OAAO;QAAE,OAAO,MAAM,CAAC,OAAO,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACrD,IAAI,QAAQ,KAAK,aAAa,IAAI,QAAQ,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACnE,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AACxF,CAAC","sourcesContent":["/**\n * Provider readiness policy extracted from ModelRegistry.\n */\n\nimport { getOAuthProviders } from \"@gsd/pi-ai/oauth\";\nimport type { AuthStorage } from \"./auth-storage.js\";\n\nexport type ProviderAuthMode = \"apiKey\" | \"oauth\" | \"none\" | \"externalCli\";\n\nexport interface ProviderReadinessConfig {\n\tisReady?: () => boolean;\n\toauth?: unknown;\n\tapiKey?: string;\n\tauthMode?: ProviderAuthMode;\n}\n\nexport interface ProviderReadinessDeps {\n\tauthStorage: AuthStorage;\n\tregisteredProviders: Map<string, ProviderReadinessConfig>;\n\tproviderRequestConfigs: Map<string, { apiKey?: string }>;\n\tdisabledModelProviders: Set<string>;\n}\n\nexport function getProviderAuthMode(deps: ProviderReadinessDeps, provider: string): ProviderAuthMode {\n\tif (provider === \"gsd-fake\") return \"none\";\n\tconst config = deps.registeredProviders.get(provider);\n\tif (config) {\n\t\tif (config.authMode) return config.authMode;\n\t\tif (config.oauth) return \"oauth\";\n\t\tif (config.apiKey) return \"apiKey\";\n\t\treturn \"apiKey\";\n\t}\n\t// Built-in OAuth providers (openai-codex, github-copilot, …) are not\n\t// registered via registerProvider(), but still authenticate via OAuth.\n\tif (getOAuthProviders().some((oauthProvider) => oauthProvider.id === provider)) {\n\t\treturn \"oauth\";\n\t}\n\treturn \"apiKey\";\n}\n\nexport function setDisabledModelProviders(deps: ProviderReadinessDeps, providers: string[]): void {\n\tdeps.disabledModelProviders.clear();\n\tfor (const provider of providers) {\n\t\tconst normalized = provider.trim().toLowerCase();\n\t\tif (normalized.length > 0) {\n\t\t\tdeps.disabledModelProviders.add(normalized);\n\t\t}\n\t}\n}\n\nexport function getDisabledModelProviders(deps: ProviderReadinessDeps): string[] {\n\treturn Array.from(deps.disabledModelProviders);\n}\n\nexport function isProviderRequestReady(deps: ProviderReadinessDeps, provider: string): boolean {\n\tif (deps.disabledModelProviders.has(provider.trim().toLowerCase())) return false;\n\tconst config = deps.registeredProviders.get(provider);\n\tif (config?.isReady) return config.isReady();\n\tconst authMode = getProviderAuthMode(deps, provider);\n\tif (authMode === \"externalCli\" || authMode === \"none\") return true;\n\treturn deps.authStorage.hasAuth(provider) || deps.providerRequestConfigs.has(provider);\n}\n"]}
package/packages/pi-coding-agent/dist/core/tools/bash.d.ts CHANGED
@@ -41,6 +41,17 @@ export interface BashOperations {
41
41
  export declare function createLocalBashOperations(options?: {
42
42
  shellPath?: string;
43
43
  loginShell?: boolean;
44
+ /**
45
+ * Grace (ms) handed to killProcessTree between SIGTERM and SIGKILL.
46
+ * Defaults to SIGKILL_GRACE_MS. Exposed primarily as a test seam.
47
+ */
48
+ killGraceMs?: number;
49
+ /**
50
+ * Delay (ms) AFTER a kill is initiated before the hard deadline force-resolves
51
+ * the awaiting exec. Defaults to SIGKILL_GRACE_MS + HARD_DEADLINE_MS so it only
52
+ * fires once SIGKILL has had its grace window. Exposed primarily as a test seam.
53
+ */
54
+ forceResolveDelayMs?: number;
44
55
  }): BashOperations;
45
56
  export interface BashSpawnContext {
46
57
  command: string;
package/packages/pi-coding-agent/dist/core/tools/bash.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../../src/core/tools/bash.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAGpD,OAAO,EAAE,KAAK,MAAM,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAY5C,OAAO,KAAK,EAAE,cAAc,EAA2B,MAAM,wBAAwB,CAAC;AAItF,OAAO,EAAoD,KAAK,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAExG,QAAA,MAAM,UAAU;;;EAGd,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,UAAU,CAAC,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC/B,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAC9B,cAAc,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC9B;;;;;;OAMG;IACH,IAAI,EAAE,CACL,OAAO,EAAE,MAAM,EACf,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;QACR,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;QAC/B,MAAM,CAAC,EAAE,WAAW,CAAC;QACrB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;KACxB,KACG,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC,CAAC;CAC1C;AAED;;;;;GAKG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,UAAU,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,cAAc,CA4DhH;AAED,MAAM,WAAW,gBAAgB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC,UAAU,CAAC;CACvB;AAED,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,gBAAgB,KAAK,gBAAgB,CAAC;AAO5E,MAAM,WAAW,eAAe;IAC/B,oEAAoE;IACpE,UAAU,CAAC,EAAE,cAAc,CAAC;IAC5B,mFAAmF;IACnF,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,2DAA2D;IAC3D,SAAS,CAAC,EAAE,aAAa,CAAC;CAC1B;AAKD,KAAK,eAAe,GAAG;IACtB,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC,OAAO,GAAG,SAAS,CAAC;CACrC,CAAC;AA8GF,wBAAgB,wBAAwB,CACvC,GAAG,EAAE,MAAM,EACX,OAAO,CAAC,EAAE,eAAe,GACvB,cAAc,CAAC,OAAO,UAAU,EAAE,eAAe,GAAG,SAAS,EAAE,eAAe,CAAC,CAyKjF;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,GAAG,SAAS,CAAC,OAAO,UAAU,CAAC,CAEnG"}
1
+ {"version":3,"file":"bash.d.ts","sourceRoot":"","sources":["../../../src/core/tools/bash.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAGpD,OAAO,EAAE,KAAK,MAAM,EAAE,IAAI,EAAE,MAAM,SAAS,CAAC;AAc5C,OAAO,KAAK,EAAE,cAAc,EAA2B,MAAM,wBAAwB,CAAC;AAItF,OAAO,EAAoD,KAAK,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAExG,QAAA,MAAM,UAAU;;;EAGd,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,UAAU,CAAC,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC/B,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAC9B,cAAc,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC9B;;;;;;OAMG;IACH,IAAI,EAAE,CACL,OAAO,EAAE,MAAM,EACf,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;QACR,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;QAC/B,MAAM,CAAC,EAAE,WAAW,CAAC;QACrB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;KACxB,KACG,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC,CAAC;CAC1C;AAED;;;;;GAKG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,CAAC,EAAE;IACnD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC7B,GAAG,cAAc,CA6FjB;AAED,MAAM,WAAW,gBAAgB;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC,UAAU,CAAC;CACvB;AAED,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,gBAAgB,KAAK,gBAAgB,CAAC;AAO5E,MAAM,WAAW,eAAe;IAC/B,oEAAoE;IACpE,UAAU,CAAC,EAAE,cAAc,CAAC;IAC5B,mFAAmF;IACnF,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,iDAAiD;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,2DAA2D;IAC3D,SAAS,CAAC,EAAE,aAAa,CAAC;CAC1B;AAKD,KAAK,eAAe,GAAG;IACtB,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC,OAAO,GAAG,SAAS,CAAC;CACrC,CAAC;AA8GF,wBAAgB,wBAAwB,CACvC,GAAG,EAAE,MAAM,EACX,OAAO,CAAC,EAAE,eAAe,GACvB,cAAc,CAAC,OAAO,UAAU,EAAE,eAAe,GAAG,SAAS,EAAE,eAAe,CAAC,CAgLjF;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,eAAe,GAAG,SAAS,CAAC,OAAO,UAAU,CAAC,CAEnG"}
package/packages/pi-coding-agent/dist/core/tools/bash.js CHANGED
@@ -7,14 +7,14 @@ import { keyHint } from "../tool-ui/keybinding-hints.js";
7
7
  import { truncateToVisualLines } from "../tool-ui/visual-truncate.js";
8
8
  import { theme } from "../../theme/theme.js";
9
9
  import { waitForChildProcess } from "../../utils/child-process.js";
10
- import { getShellConfig, getShellEnv, killProcessTree, trackDetachedChildPid, untrackDetachedChildPid, } from "../../utils/shell.js";
10
+ import { getShellConfig, getShellEnv, HARD_DEADLINE_MS, killProcessTree, SIGKILL_GRACE_MS, trackDetachedChildPid, untrackDetachedChildPid, } from "../../utils/shell.js";
11
11
  import { OutputAccumulator } from "./output-accumulator.js";
12
12
  import { getDisplayReason, getTextOutput, invalidArgText, str } from "./render-utils.js";
13
13
  import { wrapToolDefinition } from "./tool-definition-wrapper.js";
14
14
  import { DEFAULT_MAX_BYTES, DEFAULT_MAX_LINES, formatSize } from "./truncate.js";
15
15
  const bashSchema = Type.Object({
16
16
  command: Type.String({ description: "Bash command to execute" }),
17
- timeout: Type.Optional(Type.Number({ description: "Timeout in seconds (optional, no default timeout)" })),
17
+ timeout: Type.Optional(Type.Number({ description: "Timeout in seconds (optional, no default timeout)." })),
18
18
  });
19
19
  /**
20
20
  * Create bash operations using pi's built-in local shell execution backend.
@@ -23,6 +23,8 @@ const bashSchema = Type.Object({
23
23
  * standard local shell behavior while wrapping or rewriting commands.
24
24
  */
25
25
  export function createLocalBashOperations(options) {
26
+ const killGraceMs = options?.killGraceMs ?? SIGKILL_GRACE_MS;
27
+ const forceResolveDelayMs = options?.forceResolveDelayMs ?? SIGKILL_GRACE_MS + HARD_DEADLINE_MS;
26
28
  return {
27
29
  exec: async (command, cwd, { onData, signal, timeout, env }) => {
28
30
  const { shell, args } = getShellConfig(options?.shellPath);
@@ -46,17 +48,40 @@ export function createLocalBashOperations(options) {
46
48
  trackDetachedChildPid(child.pid);
47
49
  let timedOut = false;
48
50
  let timeoutHandle;
49
- const onAbort = () => {
51
+ // Hard deadline: a true D-state (uninterruptible-sleep) child never emits
52
+ // `exit`/`close`, so waitForChildProcess(child) would hang forever even after
53
+ // SIGKILL. killProcessTree can send the signals but cannot force-resolve
54
+ // the awaiting caller — the deadline MUST live here, in the caller. It is only
55
+ // ARMED once a kill has been initiated (timeout or abort), and fires
56
+ // `forceResolveDelayMs` later so SIGKILL has had its full grace window first.
57
+ let deadlineHandle;
58
+ let resolveDeadline;
59
+ const hardDeadlinePromise = new Promise((resolve) => {
60
+ resolveDeadline = resolve;
61
+ });
62
+ const armHardDeadline = () => {
63
+ if (deadlineHandle)
64
+ return; // already armed by a prior kill
65
+ deadlineHandle = setTimeout(() => {
66
+ resolveDeadline?.({ forceKilled: true });
67
+ }, forceResolveDelayMs);
68
+ if (typeof deadlineHandle === "object" && "unref" in deadlineHandle)
69
+ deadlineHandle.unref();
70
+ };
71
+ const initiateKill = () => {
50
72
  if (child.pid)
51
- killProcessTree(child.pid);
73
+ killProcessTree(child.pid, { graceMs: killGraceMs });
74
+ armHardDeadline();
75
+ };
76
+ const onAbort = () => {
77
+ initiateKill();
52
78
  };
53
79
  try {
54
80
  // Set timeout if provided.
55
81
  if (timeout !== undefined && timeout > 0) {
56
82
  timeoutHandle = setTimeout(() => {
57
83
  timedOut = true;
58
- if (child.pid)
59
- killProcessTree(child.pid);
84
+ initiateKill();
60
85
  }, timeout * 1000);
61
86
  }
62
87
  // Stream stdout and stderr.
@@ -69,22 +94,32 @@ export function createLocalBashOperations(options) {
69
94
  else
70
95
  signal.addEventListener("abort", onAbort, { once: true });
71
96
  }
72
- // Handle shell spawn errors and wait for the process to terminate without hanging
73
- // on inherited stdio handles held by detached descendants.
74
- const exitCode = await waitForChildProcess(child);
97
+ // Race the real termination against the hard deadline. Promise.race ensures
98
+ // the deadline and the real `close` cannot double-resolve the caller.
99
+ const exitPromise = waitForChildProcess(child).then((code) => ({ forceKilled: false, code }));
100
+ const raceResult = await Promise.race([exitPromise, hardDeadlinePromise]);
101
+ if (raceResult.forceKilled) {
102
+ // Child never closed (D-state symptom). Stop tracking and force-resolve
103
+ // the awaiting caller with a distinct marker the bash tool renders sanely.
104
+ if (child.pid)
105
+ untrackDetachedChildPid(child.pid);
106
+ throw new Error("force-killed");
107
+ }
75
108
  if (signal?.aborted) {
76
109
  throw new Error("aborted");
77
110
  }
78
111
  if (timedOut) {
79
112
  throw new Error(`timeout:${timeout}`);
80
113
  }
81
- return { exitCode };
114
+ return { exitCode: raceResult.code };
82
115
  }
83
116
  finally {
84
117
  if (child.pid)
85
118
  untrackDetachedChildPid(child.pid);
86
119
  if (timeoutHandle)
87
120
  clearTimeout(timeoutHandle);
121
+ if (deadlineHandle)
122
+ clearTimeout(deadlineHandle);
88
123
  if (signal)
89
124
  signal.removeEventListener("abort", onAbort);
90
125
  }
@@ -189,7 +224,7 @@ export function createBashToolDefinition(cwd, options) {
189
224
  return {
190
225
  name: "bash",
191
226
  label: "bash",
192
- description: `Execute a bash command in the current working directory. Returns stdout and stderr. Output is truncated to last ${DEFAULT_MAX_LINES} lines or ${DEFAULT_MAX_BYTES / 1024}KB (whichever is hit first). If truncated, full output is saved to a temp file. Optionally provide a timeout in seconds.`,
227
+ description: `Execute a bash command in the current working directory. Returns stdout and stderr. Output is truncated to last ${DEFAULT_MAX_LINES} lines or ${DEFAULT_MAX_BYTES / 1024}KB (whichever is hit first). If truncated, full output is saved to a temp file. Optionally provide a timeout in seconds. No default timeout — pass an explicit timeout or rely on human cancellation.`,
193
228
  promptSnippet: "Execute bash commands (ls, grep, find, etc.)",
194
229
  parameters: bashSchema,
195
230
  async execute(_toolCallId, { command, timeout }, signal, onUpdate, _ctx) {
@@ -292,6 +327,13 @@ export function createBashToolDefinition(cwd, options) {
292
327
  const timeoutSecs = err.message.split(":")[1];
293
328
  throw new Error(appendStatus(text, `Command timed out after ${timeoutSecs} seconds`));
294
329
  }
330
+ if (err instanceof Error && err.message === "force-killed") {
331
+ // Hard-deadline force-resolve: the child never closed even after SIGKILL
332
+ // (D-state symptom). Surface a distinct marker so an operator/agent can
333
+ // tell this apart from a clean SIGTERM exit. Partial output is preserved.
334
+ const suffix = timeout ? `Command timed out after ${timeout} seconds (force-killed)` : "Command force-killed";
335
+ throw new Error(appendStatus(text, suffix));
336
+ }
295
337
  throw err;
296
338
  }
297
339
  const snapshot = await finishOutput();