@otto-assistant/bridge 0.4.93 → 0.4.97

package/src/anthropic-auth-plugin.ts

@@ -35,6 +35,10 @@ import {
   upsertAccount,
   withAuthStateLock,
 } from './anthropic-auth-state.js'
+import {
+  extractAnthropicAccountIdentity,
+  type AnthropicAccountIdentity,
+} from './anthropic-account-identity.js'
 // PKCE (Proof Key for Code Exchange) using Web Crypto API.
 // Reference: https://github.com/badlogic/pi-mono/blob/main/packages/ai/src/utils/oauth/pkce.ts
 function base64urlEncode(bytes: Uint8Array): string {
@@ -68,6 +72,8 @@ const CLIENT_ID = (() => {
 
 const TOKEN_URL = 'https://platform.claude.com/v1/oauth/token'
 const CREATE_API_KEY_URL = 'https://api.anthropic.com/api/oauth/claude_cli/create_api_key'
+const CLIENT_DATA_URL = 'https://api.anthropic.com/api/oauth/claude_cli/client_data'
+const PROFILE_URL = 'https://api.anthropic.com/api/oauth/profile'
 const CALLBACK_PORT = 53692
 const CALLBACK_PATH = '/callback'
 const REDIRECT_URI = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`
@@ -81,6 +87,7 @@ const CLAUDE_CODE_BETA = 'claude-code-20250219'
 const OAUTH_BETA = 'oauth-2025-04-20'
 const FINE_GRAINED_TOOL_STREAMING_BETA = 'fine-grained-tool-streaming-2025-05-14'
 const INTERLEAVED_THINKING_BETA = 'interleaved-thinking-2025-05-14'
+const TOAST_SESSION_HEADER = 'x-kimaki-session-id'
 
 const ANTHROPIC_HOSTS = new Set([
   'api.anthropic.com',
@@ -298,6 +305,28 @@ async function createApiKey(accessToken: string): Promise<ApiKeySuccess> {
   return { type: 'success', key: json.raw_key }
 }
 
+async function fetchAnthropicAccountIdentity(accessToken: string) {
+  const urls = [CLIENT_DATA_URL, PROFILE_URL]
+  for (const url of urls) {
+    const responseText = await requestText(url, {
+      method: 'GET',
+      headers: {
+        Accept: 'application/json',
+        authorization: `Bearer ${accessToken}`,
+        'user-agent': process.env.OPENCODE_ANTHROPIC_USER_AGENT || `claude-cli/${CLAUDE_CODE_VERSION}`,
+        'x-app': 'cli',
+      },
+    }).catch(() => {
+      return undefined
+    })
+    if (!responseText) continue
+    const parsed = JSON.parse(responseText) as unknown
+    const identity = extractAnthropicAccountIdentity(parsed)
+    if (identity) return identity
+  }
+  return undefined
+}
+
 // --- Localhost callback server ---
 
 type CallbackResult = { code: string; state: string }
@@ -469,12 +498,13 @@ function buildAuthorizeHandler(mode: 'oauth' | 'apikey') {
       if (mode === 'apikey') {
         return createApiKey(creds.access)
       }
+      const identity = await fetchAnthropicAccountIdentity(creds.access)
       await rememberAnthropicOAuth({
         type: 'oauth',
         refresh: creds.refresh,
         access: creds.access,
         expires: creds.expires,
-      })
+      }, identity)
       return creds
     }
 
@@ -489,8 +519,7 @@ function buildAuthorizeHandler(mode: 'oauth' | 'apikey') {
             try {
               const result = await waitForCallback(auth.callbackServer)
               return await finalize(result)
-            } catch (error) {
-              console.error(`[anthropic-auth] ${error}`)
+            } catch {
               return { type: 'failed' }
             }
           })()
@@ -509,8 +538,7 @@ function buildAuthorizeHandler(mode: 'oauth' | 'apikey') {
           try {
             const result = await waitForCallback(auth.callbackServer, input)
             return await finalize(result)
-          } catch (error) {
-            console.error(`[anthropic-auth] ${error}`)
+          } catch {
             return { type: 'failed' }
           }
         })()
@@ -528,17 +556,26 @@ function toClaudeCodeToolName(name: string) {
   return OPENCODE_TO_CLAUDE_CODE_TOOL_NAME[name.toLowerCase()] ?? name
 }
 
-function sanitizeSystemText(text: string) {
-  return text.replaceAll(OPENCODE_IDENTITY, CLAUDE_CODE_IDENTITY)
+function sanitizeSystemText(text: string, onError?: (msg: string) => void) {
+  const startIdx = text.indexOf(OPENCODE_IDENTITY)
+  if (startIdx === -1) return text
+  const codeRefsMarker = '# Code References'
+  const endIdx = text.indexOf(codeRefsMarker, startIdx)
+  if (endIdx === -1) {
+    onError?.(`sanitizeSystemText: could not find '# Code References' after OpenCode identity`)
+    return text
+  }
+  // Remove everything from the OpenCode identity up to (but not including) '# Code References'
+  return text.slice(0, startIdx) + text.slice(endIdx)
 }
 
-function prependClaudeCodeIdentity(system: unknown) {
+function prependClaudeCodeIdentity(system: unknown, onError?: (msg: string) => void) {
   const identityBlock = { type: 'text', text: CLAUDE_CODE_IDENTITY }
 
   if (typeof system === 'undefined') return [identityBlock]
 
   if (typeof system === 'string') {
-    const sanitized = sanitizeSystemText(system)
+    const sanitized = sanitizeSystemText(system, onError)
     if (sanitized === CLAUDE_CODE_IDENTITY) return [identityBlock]
     return [identityBlock, { type: 'text', text: sanitized }]
   }
@@ -546,11 +583,11 @@ function prependClaudeCodeIdentity(system: unknown) {
   if (!Array.isArray(system)) return [identityBlock, system]
 
   const sanitized = system.map((item) => {
-    if (typeof item === 'string') return { type: 'text', text: sanitizeSystemText(item) }
+    if (typeof item === 'string') return { type: 'text', text: sanitizeSystemText(item, onError) }
     if (item && typeof item === 'object' && (item as { type?: unknown }).type === 'text') {
       const text = (item as { text?: unknown }).text
       if (typeof text === 'string') {
-        return { ...(item as Record<string, unknown>), text: sanitizeSystemText(text) }
+        return { ...(item as Record<string, unknown>), text: sanitizeSystemText(text, onError) }
       }
     }
     return item
@@ -568,7 +605,7 @@ function prependClaudeCodeIdentity(system: unknown) {
   return [identityBlock, ...sanitized]
 }
 
-function rewriteRequestPayload(body: string | undefined) {
+function rewriteRequestPayload(body: string | undefined, onError?: (msg: string) => void) {
   if (!body) return { body, modelId: undefined, reverseToolNameMap: new Map<string, string>() }
 
   try {
@@ -589,7 +626,7 @@ function rewriteRequestPayload(body: string | undefined) {
     }
 
     // Rename system prompt
-    payload.system = prependClaudeCodeIdentity(payload.system)
+    payload.system = prependClaudeCodeIdentity(payload.system, onError)
 
     // Rename tool_choice
     if (
@@ -673,6 +710,19 @@ function wrapResponseStream(response: Response, reverseToolNameMap: Map<string,
   })
 }
 
+function appendToastSessionMarker({
+  message,
+  sessionId,
+}: {
+  message: string
+  sessionId: string | undefined
+}) {
+  if (!sessionId) {
+    return message
+  }
+  return `${message} ${sessionId}`
+}
+
 // --- Beta headers ---
 
 function getRequiredBetas(modelId: string | undefined) {
@@ -728,7 +778,18 @@ async function getFreshOAuth(
     await setAnthropicAuth(refreshed, client)
     const store = await loadAccountStore()
     if (store.accounts.length > 0) {
-      upsertAccount(store, refreshed)
+      const identity: AnthropicAccountIdentity | undefined = (() => {
+        const currentIndex = store.accounts.findIndex((account) => {
+          return account.refresh === latest.refresh || account.access === latest.access
+        })
+        const current = currentIndex >= 0 ? store.accounts[currentIndex] : undefined
+        if (!current) return undefined
+        return {
+          ...(current.email ? { email: current.email } : {}),
+          ...(current.accountId ? { accountId: current.accountId } : {}),
+        }
+      })()
+      upsertAccount(store, { ...refreshed, ...identity })
       await saveAccountStore(store)
     }
     return refreshed
@@ -743,6 +804,12 @@ async function getFreshOAuth(
 
 const AnthropicAuthPlugin: Plugin = async ({ client }) => {
   return {
+    'chat.headers': async (input, output) => {
+      if (input.model.providerID !== 'anthropic') {
+        return
+      }
+      output.headers[TOAST_SESSION_HEADER] = input.sessionID
+    },
     auth: {
       provider: 'anthropic',
       async loader(
@@ -779,17 +846,27 @@ const AnthropicAuthPlugin: Plugin = async ({ client }) => {
                       .catch(() => undefined)
                   : undefined
 
-            const rewritten = rewriteRequestPayload(originalBody)
             const headers = new Headers(init?.headers)
             if (input instanceof Request) {
               input.headers.forEach((v, k) => {
                 if (!headers.has(k)) headers.set(k, v)
               })
             }
+            const sessionId = headers.get(TOAST_SESSION_HEADER) ?? undefined
+
+            const rewritten = rewriteRequestPayload(originalBody, (msg) => {
+              client.tui.showToast({
+                body: {
+                  message: appendToastSessionMarker({ message: msg, sessionId }),
+                  variant: 'error',
+                },
+              }).catch(() => {})
+            })
             const betas = getRequiredBetas(rewritten.modelId)
 
             const runRequest = async (auth: OAuthStored) => {
               const requestHeaders = new Headers(headers)
+              requestHeaders.delete(TOAST_SESSION_HEADER)
               requestHeaders.set('accept', 'application/json')
               requestHeaders.set(
                 'anthropic-beta',
@@ -826,9 +903,13 @@ const AnthropicAuthPlugin: Plugin = async ({ client }) => {
                   // Show toast notification so Discord thread shows the rotation
                   client.tui.showToast({
                     body: {
-                      message: `Switching from account ${rotated.fromLabel} to account ${rotated.toLabel}`,
+                      message: appendToastSessionMarker({
+                        message: `Switching from account ${rotated.fromLabel} to account ${rotated.toLabel}`,
+                        sessionId,
+                      }),
                       variant: 'info',
                     },
+
                   }).catch(() => {})
                   const retryAuth = await getFreshOAuth(getAuth, client)
                   if (retryAuth) {

package/src/{anthropic-auth-plugin.test.ts → anthropic-auth-state.test.ts}

@@ -1,10 +1,11 @@
-// Tests for Anthropic OAuth multi-account persistence and rotation.
+// Tests Anthropic OAuth account persistence, deduplication, and rotation.
 
 import { mkdtemp, readFile, rm, mkdir, writeFile } from 'node:fs/promises'
 import { tmpdir } from 'node:os'
 import path from 'node:path'
 import { afterEach, beforeEach, describe, expect, test } from 'vitest'
 import {
+  accountLabel,
   authFilePath,
   loadAccountStore,
   rememberAnthropicOAuth,
@@ -60,6 +61,27 @@ describe('rememberAnthropicOAuth', () => {
       expires: 3,
     })
   })
+
+  test('deduplicates new tokens by email or account ID', async () => {
+    await rememberAnthropicOAuth(firstAccount, {
+      email: 'user@example.com',
+      accountId: 'usr_123',
+    })
+    await rememberAnthropicOAuth(secondAccount, {
+      email: 'User@example.com',
+      accountId: 'usr_123',
+    })
+
+    const store = await loadAccountStore()
+    expect(store.accounts).toHaveLength(1)
+    expect(store.accounts[0]).toMatchObject({
+      refresh: 'refresh-second',
+      access: 'access-second',
+      email: 'user@example.com',
+      accountId: 'usr_123',
+    })
+    expect(accountLabel(store.accounts[0]!)).toBe('user@example.com')
+  })
 })
 
 describe('rotateAnthropicAccount', () => {

package/src/anthropic-auth-state.ts

@@ -2,6 +2,10 @@ import type { Plugin } from '@opencode-ai/plugin'
 import * as fs from 'node:fs/promises'
 import { homedir } from 'node:os'
 import path from 'node:path'
+import {
+  normalizeAnthropicAccountIdentity,
+  type AnthropicAccountIdentity,
+} from './anthropic-account-identity.js'
 
 const AUTH_LOCK_STALE_MS = 30_000
 const AUTH_LOCK_RETRY_MS = 100
@@ -14,6 +18,8 @@ export type OAuthStored = {
 }
 
 type AccountRecord = OAuthStored & {
+  email?: string
+  accountId?: string
   addedAt: number
   lastUsed: number
 }
@@ -114,6 +120,8 @@ export function normalizeAccountStore(
           typeof account.refresh === 'string' &&
           typeof account.access === 'string' &&
           typeof account.expires === 'number' &&
+          (typeof account.email === 'undefined' || typeof account.email === 'string') &&
+          (typeof account.accountId === 'undefined' || typeof account.accountId === 'string') &&
           typeof account.addedAt === 'number' &&
           typeof account.lastUsed === 'number',
       )
@@ -135,8 +143,13 @@ export async function saveAccountStore(store: AccountStore) {
 
 /** Short label for an account: first 8 + last 4 chars of refresh token. */
 export function accountLabel(account: OAuthStored, index?: number): string {
+  const accountWithIdentity = account as OAuthStored & AnthropicAccountIdentity
+  const identity = accountWithIdentity.email || accountWithIdentity.accountId
   const r = account.refresh
   const short = r.length > 12 ? `${r.slice(0, 8)}...${r.slice(-4)}` : r
+  if (identity) {
+    return index !== undefined ? `#${index + 1} (${identity})` : identity
+  }
   return index !== undefined ? `#${index + 1} (${short})` : short
 }
 
@@ -162,14 +175,29 @@ function findCurrentAccountIndex(store: AccountStore, auth: OAuthStored) {
 }
 
 export function upsertAccount(store: AccountStore, auth: OAuthStored, now = Date.now()) {
+  const authWithIdentity = auth as OAuthStored & AnthropicAccountIdentity
+  const identity = normalizeAnthropicAccountIdentity({
+    email: authWithIdentity.email,
+    accountId: authWithIdentity.accountId,
+  })
   const index = store.accounts.findIndex((account) => {
-    return account.refresh === auth.refresh || account.access === auth.access
+    if (account.refresh === auth.refresh || account.access === auth.access) {
+      return true
+    }
+    if (identity?.accountId && account.accountId === identity.accountId) {
+      return true
+    }
+    if (identity?.email && account.email === identity.email) {
+      return true
+    }
+    return false
   })
   const nextAccount: AccountRecord = {
     type: 'oauth',
     refresh: auth.refresh,
     access: auth.access,
     expires: auth.expires,
+    ...identity,
     addedAt: now,
     lastUsed: now,
   }
@@ -186,15 +214,20 @@ export function upsertAccount(store: AccountStore, auth: OAuthStored, now = Date
     ...existing,
     ...nextAccount,
     addedAt: existing.addedAt,
+    email: nextAccount.email || existing.email,
+    accountId: nextAccount.accountId || existing.accountId,
   }
   store.activeIndex = index
   return index
 }
 
-export async function rememberAnthropicOAuth(auth: OAuthStored) {
+export async function rememberAnthropicOAuth(
+  auth: OAuthStored,
+  identity?: AnthropicAccountIdentity,
+) {
   await withAuthStateLock(async () => {
     const store = await loadAccountStore()
-    upsertAccount(store, auth)
+    upsertAccount(store, { ...auth, ...normalizeAnthropicAccountIdentity(identity) })
     await saveAccountStore(store)
   })
 }

package/src/cli-parsing.test.ts

@@ -27,8 +27,8 @@ function createCliForIdParsing() {
     .option('-g, --guild <guildId>', 'Discord guild/server ID')
 
   cli.command('task delete <id>', 'Delete task')
-  cli.command('anthropic-accounts list', 'List stored Anthropic accounts').hidden()
-  cli.command('anthropic-accounts remove <index>', 'Remove stored Anthropic account').hidden()
+  cli.command('anthropic-accounts list', 'List stored Anthropic accounts')
+  cli.command('anthropic-accounts remove <indexOrEmail>', 'Remove stored Anthropic account')
 
   return cli
 }
@@ -163,19 +163,26 @@ describe('goke CLI ID parsing', () => {
     expect(typeof result.args[0]).toBe('string')
   })
 
-  test('hidden anthropic account commands still parse', () => {
+  test('anthropic account remove parses index and email as strings', () => {
     const cli = createCliForIdParsing()
 
-    const result = cli.parse(
+    const indexResult = cli.parse(
       ['node', 'kimaki', 'anthropic-accounts', 'remove', '2'],
       { run: false },
     )
 
-    expect(result.args[0]).toBe('2')
-    expect(typeof result.args[0]).toBe('string')
+    const emailResult = cli.parse(
+      ['node', 'kimaki', 'anthropic-accounts', 'remove', 'user@example.com'],
+      { run: false },
+    )
+
+    expect(indexResult.args[0]).toBe('2')
+    expect(typeof indexResult.args[0]).toBe('string')
+    expect(emailResult.args[0]).toBe('user@example.com')
+    expect(typeof emailResult.args[0]).toBe('string')
   })
 
-  test('hidden anthropic account commands are excluded from help output', () => {
+  test('anthropic account commands are included in help output', () => {
     const stdout = {
       text: '',
       write(data: string | Uint8Array) {
@@ -185,11 +192,11 @@ describe('goke CLI ID parsing', () => {
 
     const cli = goke('kimaki', { stdout: stdout as never })
     cli.command('send', 'Send a message')
-    cli.command('anthropic-accounts list', 'List stored Anthropic accounts').hidden()
+    cli.command('anthropic-accounts list', 'List stored Anthropic accounts')
     cli.help()
     cli.parse(['node', 'kimaki', '--help'], { run: false })
 
     expect(stdout.text).toContain('send')
-    expect(stdout.text).not.toContain('anthropic-accounts')
+    expect(stdout.text).toContain('anthropic-accounts')
   })
 })

package/src/cli.ts

@@ -1024,7 +1024,8 @@ async function resolveCredentials({
           options: [
             {
               value: 'gateway' as const,
-              label: 'Gateway (pre-built Kimaki bot — no setup needed)',
+              disabled: true,
+              label: 'Gateway (pre-built Kimaki bot, currently disabled because of Discord verification process. will be re-enabled soon)',
             },
             {
               value: 'self_hosted' as const,
@@ -3168,7 +3169,6 @@ cli
     'anthropic-accounts list',
     'List stored Anthropic OAuth accounts used for automatic rotation',
   )
-  .hidden()
   .action(async () => {
     const store = await loadAccountStore()
     console.log(`Store: ${accountsFilePath()}`)
@@ -3187,19 +3187,37 @@ cli
 
 cli
   .command(
-    'anthropic-accounts remove <index>',
-    'Remove a stored Anthropic OAuth account from the rotation pool',
+    'anthropic-accounts remove <indexOrEmail>',
+    'Remove a stored Anthropic OAuth account from the rotation pool by index or email',
   )
-  .hidden()
-  .action(async (index: string) => {
-    const value = Number(index)
-    if (!Number.isInteger(value) || value < 1) {
-      cliLogger.error('Usage: kimaki anthropic-accounts remove <index>')
+  .action(async (indexOrEmail: string) => {
+    const value = Number(indexOrEmail)
+    const store = await loadAccountStore()
+    const resolvedIndex = (() => {
+      if (Number.isInteger(value) && value >= 1) {
+        return value - 1
+      }
+      const email = indexOrEmail.trim().toLowerCase()
+      if (!email) {
+        return -1
+      }
+      return store.accounts.findIndex((account) => {
+        return account.email?.toLowerCase() === email
+      })
+    })()
+
+    if (resolvedIndex < 0) {
+      cliLogger.error(
+        'Usage: kimaki anthropic-accounts remove <index-or-email>',
+      )
       process.exit(EXIT_NO_RESTART)
     }
 
-    await removeAccount(value - 1)
-    cliLogger.log(`Removed Anthropic account ${value}`)
+    const removed = store.accounts[resolvedIndex]
+    await removeAccount(resolvedIndex)
+    cliLogger.log(
+      `Removed Anthropic account ${removed ? accountLabel(removed, resolvedIndex) : indexOrEmail}`,
+    )
     process.exit(0)
   })
 

package/src/context-awareness-plugin.test.ts

@@ -46,7 +46,7 @@ describe('shouldInjectPwd', () => {
       {
         "inject": true,
         "text": "
-      [working directory changed. Previous working directory: /repo/main. Current working directory: /repo/worktree. You MUST read, write, and edit files only under /repo/worktree. Do NOT read, write, or edit files under /repo/main.]",
+      [working directory changed. Previous working directory: /repo/main. Current working directory: /repo/worktree. You should read, write, and edit files under /repo/worktree. Do NOT read, write, or edit files under /repo/main.]",
       }
     `)
   })
@@ -62,7 +62,7 @@ describe('shouldInjectPwd', () => {
       {
         "inject": true,
         "text": "
-      [working directory changed. Previous working directory: /repo/worktree-a. Current working directory: /repo/worktree-b. You MUST read, write, and edit files only under /repo/worktree-b. Do NOT read, write, or edit files under /repo/worktree-a.]",
+      [working directory changed. Previous working directory: /repo/worktree-a. Current working directory: /repo/worktree-b. You should read, write, and edit files under /repo/worktree-b. Do NOT read, write, or edit files under /repo/worktree-a.]",
       }
     `)
   })

package/src/context-awareness-plugin.ts

@@ -126,7 +126,7 @@ export function shouldInjectPwd({
     text:
       `\n[working directory changed. Previous working directory: ${priorDirectory}. ` +
       `Current working directory: ${currentDir}. ` +
-      `You MUST read, write, and edit files only under ${currentDir}. ` +
+      `You should read, write, and edit files under ${currentDir}. ` +
       `Do NOT read, write, or edit files under ${priorDirectory}.]`,
   }
 }

package/src/discord-command-registration.ts

@@ -182,7 +182,7 @@ export async function registerCommands({
     new SlashCommandBuilder()
       .setName('new-worktree')
       .setDescription(
-        truncateCommandDescription('Create a git worktree branch from origin/HEAD (or main). Optionally pick a base branch.'),
+        truncateCommandDescription('Create a git worktree branch from HEAD by default. Optionally pick a base branch.'),
       )
       .addStringOption((option) => {
         option
@@ -198,7 +198,7 @@ export async function registerCommands({
         option
           .setName('base-branch')
           .setDescription(
-            truncateCommandDescription('Branch to create the worktree from (default: origin/HEAD or main)'),
+            truncateCommandDescription('Branch to create the worktree from (default: HEAD)'),
           )
           .setRequired(false)
           .setAutocomplete(true)

package/src/discord-utils.ts

@@ -2,19 +2,21 @@
 // Handles markdown splitting for Discord's 2000-char limit, code block escaping,
 // thread message sending, and channel metadata extraction from topic tags.
 
-import {
-  type APIInteractionGuildMember,
-  type AutocompleteInteraction,
-  ChannelType,
-  GuildMember,
-  MessageFlags,
-  PermissionsBitField,
-  type Guild,
-  type Message,
-  type TextChannel,
-  type ThreadChannel,
+// Use namespace import for CJS interop — discord.js is CJS and its named
+// exports aren't detectable by all ESM loaders (e.g. tsx/esbuild) because
+// discord.js uses tslib's __exportStar which is opaque to static analysis.
+import * as discord from 'discord.js'
+import type {
+  APIInteractionGuildMember,
+  AutocompleteInteraction,
+  GuildMember as GuildMemberType,
+  Guild,
+  Message,
+  REST as RESTType,
+  TextChannel,
+  ThreadChannel,
 } from 'discord.js'
-import { REST, Routes } from 'discord.js'
+const { ChannelType, GuildMember, MessageFlags, PermissionsBitField, REST, Routes } = discord
 import type { OpencodeClient } from '@opencode-ai/sdk/v2'
 import { discordApiUrl } from './discord-urls.js'
 import { Lexer } from 'marked'
@@ -37,7 +39,7 @@ const discordLogger = createLogger(LogPrefix.DISCORD)
  * Returns false if member is null or has the "no-kimaki" role (overrides all).
  */
 export function hasKimakiBotPermission(
-  member: GuildMember | APIInteractionGuildMember | null,
+  member: GuildMemberType | APIInteractionGuildMember | null,
   guild?: Guild | null,
 ): boolean {
   if (!member) {
@@ -61,7 +63,7 @@ export function hasKimakiBotPermission(
 }
 
 function hasRoleByName(
-  member: GuildMember | APIInteractionGuildMember,
+  member: GuildMemberType | APIInteractionGuildMember,
   roleName: string,
   guild?: Guild | null,
 ): boolean {
@@ -89,7 +91,7 @@ function hasRoleByName(
  * Check if the member has the "no-kimaki" role that blocks bot access.
  * Separate from hasKimakiBotPermission so callers can show a specific error message.
  */
-export function hasNoKimakiRole(member: GuildMember | null): boolean {
+export function hasNoKimakiRole(member: GuildMemberType | null): boolean {
   if (!member?.roles?.cache) {
     return false
   }
@@ -108,7 +110,7 @@ export async function reactToThread({
   channelId,
   emoji,
 }: {
-  rest: REST
+  rest: RESTType
   threadId: string
   /** Parent channel ID where the thread starter message lives.
    * If not provided, fetches the thread info from Discord API to resolve it. */
@@ -169,7 +171,7 @@ export async function archiveThread({
   client,
   archiveDelay = 0,
 }: {
-  rest: REST
+  rest: RESTType
   threadId: string
   parentChannelId?: string
   sessionId?: string

package/src/kimaki-opencode-plugin.ts

@@ -12,6 +12,7 @@
 export { ipcToolsPlugin } from './ipc-tools-plugin.js'
 export { contextAwarenessPlugin } from './context-awareness-plugin.js'
 export { interruptOpencodeSessionOnUserMessage } from './opencode-interrupt-plugin.js'
+export { systemPromptDriftPlugin } from './system-prompt-drift-plugin.js'
 export { anthropicAuthPlugin } from './anthropic-auth-plugin.js'
 export { imageOptimizerPlugin } from './image-optimizer-plugin.js'
 export { kittyGraphicsPlugin } from 'kitty-graphics-agent'

package/src/logger.ts

@@ -95,12 +95,19 @@ export function getLogFilePath(): string | null {
   return logFilePath
 }
 
+const MAX_LOG_ARG_LENGTH = 1000
+
+function truncate(str: string, max: number): string {
+  if (str.length <= max) return str
+  return str.slice(0, max) + `… [truncated ${str.length - max} chars]`
+}
+
 function formatArg(arg: unknown): string {
   if (typeof arg === 'string') {
-    return sanitizeSensitiveText(arg, { redactPaths: false })
+    return truncate(sanitizeSensitiveText(arg, { redactPaths: false }), MAX_LOG_ARG_LENGTH)
   }
   const safeArg = sanitizeUnknownValue(arg, { redactPaths: false })
-  return util.inspect(safeArg, { colors: true, depth: 4 })
+  return truncate(util.inspect(safeArg, { colors: true, depth: 4 }), MAX_LOG_ARG_LENGTH)
 }
 
 export function formatErrorWithStack(error: unknown): string {