@ottocode/server 0.1.226 → 0.1.228

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@ottocode/server",
-	"version": "0.1.226",
+	"version": "0.1.228",
 	"description": "HTTP API server for ottocode",
 	"type": "module",
 	"main": "./src/index.ts",
@@ -49,8 +49,8 @@
 		"typecheck": "tsc --noEmit"
 	},
 	"dependencies": {
-		"@ottocode/sdk": "0.1.226",
-		"@ottocode/database": "0.1.226",
+		"@ottocode/sdk": "0.1.228",
+		"@ottocode/database": "0.1.228",
 		"drizzle-orm": "^0.44.5",
 		"hono": "^4.9.9",
 		"zod": "^4.3.6"

package/src/events/types.ts

@@ -1,5 +1,6 @@
 export type OttoEventType =
 	| 'tool.approval.required'
+	| 'tool.approval.updated'
 	| 'tool.approval.resolved'
 	| 'setu.payment.required'
 	| 'setu.payment.signing'
@@ -11,6 +12,7 @@ export type OttoEventType =
 	| 'setu.fiat.checkout_created'
 	| 'setu.balance.updated'
 	| 'session.created'
+	| 'session.deleted'
 	| 'session.updated'
 	| 'message.created'
 	| 'message.updated'

package/src/hono-context.d.ts

@@ -0,0 +1,7 @@
+import type { EmbeddedAppConfig } from './index.ts';
+
+declare module 'hono' {
+	interface ContextVariableMap {
+		embeddedConfig: EmbeddedAppConfig | undefined;
+	}
+}

package/src/index.ts

@@ -191,6 +191,7 @@ export type EmbeddedAppConfig = {
 		provider?: ProviderId;
 		model?: string;
 		agent?: string;
+		toolApproval?: 'auto' | 'dangerous' | 'all';
 	};
 	/** Additional CORS origins for proxies/Tailscale (e.g., ['https://myapp.ts.net', 'https://example.com']) */
 	corsOrigins?: string[];
@@ -202,7 +203,14 @@ export function createEmbeddedApp(config: EmbeddedAppConfig = {}) {
 	// Store injected config in Hono context for routes to access
 	// Config can be empty - routes will fall back to files/env
 	honoApp.use('*', async (c, next) => {
-		c.set('embeddedConfig', config);
+		(
+			c as unknown as {
+				set: (
+					key: 'embeddedConfig',
+					value: EmbeddedAppConfig | undefined,
+				) => void;
+			}
+		).set('embeddedConfig', config);
 		await next();
 	});
 

package/src/routes/ask.ts

@@ -21,9 +21,11 @@ export function registerAskRoutes(app: Hono) {
 			return c.json({ error: 'Prompt is required.' }, 400);
 		}
 
-		const embeddedConfig = c.get('embeddedConfig') as
-			| EmbeddedAppConfig
-			| undefined;
+		const embeddedConfig = (
+			c as unknown as {
+				get: (key: 'embeddedConfig') => EmbeddedAppConfig | undefined;
+			}
+		).get('embeddedConfig');
 
 		// Hybrid fallback: Use embedded config if provided, otherwise fall back to files/env
 		let injectableConfig: InjectableConfig | undefined;

package/src/routes/config/agents.ts

@@ -8,9 +8,11 @@ import { discoverAllAgents, getDefault } from './utils.ts';
 export function registerAgentsRoute(app: Hono) {
 	app.get('/v1/config/agents', async (c) => {
 		try {
-			const embeddedConfig = c.get('embeddedConfig') as
-				| EmbeddedAppConfig
-				| undefined;
+			const embeddedConfig = (
+				c as unknown as {
+					get: (key: 'embeddedConfig') => EmbeddedAppConfig | undefined;
+				}
+			).get('embeddedConfig');
 
 			if (embeddedConfig) {
 				const agents = embeddedConfig.agents

package/src/routes/config/defaults.ts

@@ -1,5 +1,5 @@
 import type { Hono } from 'hono';
-import { setConfig, loadConfig } from '@ottocode/sdk';
+import { setConfig, loadConfig, type ProviderId } from '@ottocode/sdk';
 import { logger } from '@ottocode/sdk';
 import { serializeError } from '../../runtime/errors/api-error.ts';
 
@@ -21,7 +21,7 @@ export function registerDefaultsRoute(app: Hono) {
 			const scope = body.scope || 'global';
 			const updates: Partial<{
 				agent: string;
-				provider: string;
+				provider: ProviderId;
 				model: string;
 				toolApproval: 'auto' | 'dangerous' | 'all';
 				guidedMode: boolean;
@@ -30,7 +30,7 @@ export function registerDefaultsRoute(app: Hono) {
 			}> = {};
 
 			if (body.agent) updates.agent = body.agent;
-			if (body.provider) updates.provider = body.provider;
+			if (body.provider) updates.provider = body.provider as ProviderId;
 			if (body.model) updates.model = body.model;
 			if (body.toolApproval) updates.toolApproval = body.toolApproval;
 			if (body.guidedMode !== undefined) updates.guidedMode = body.guidedMode;

package/src/routes/config/main.ts

@@ -13,9 +13,11 @@ export function registerMainConfigRoute(app: Hono) {
 	app.get('/v1/config', async (c) => {
 		try {
 			const projectRoot = c.req.query('project') || process.cwd();
-			const embeddedConfig = c.get('embeddedConfig') as
-				| EmbeddedAppConfig
-				| undefined;
+			const embeddedConfig = (
+				c as unknown as {
+					get: (key: 'embeddedConfig') => EmbeddedAppConfig | undefined;
+				}
+			).get('embeddedConfig');
 
 			const cfg = await loadConfig(projectRoot);
 

package/src/routes/config/models.ts

@@ -82,9 +82,11 @@ async function getAuthorizedCopilotModels(
 export function registerModelsRoutes(app: Hono) {
 	app.get('/v1/config/providers/:provider/models', async (c) => {
 		try {
-			const embeddedConfig = c.get('embeddedConfig') as
-				| EmbeddedAppConfig
-				| undefined;
+			const embeddedConfig = (
+				c as unknown as {
+					get: (key: 'embeddedConfig') => EmbeddedAppConfig | undefined;
+				}
+			).get('embeddedConfig');
 			const provider = c.req.param('provider') as ProviderId;
 
 			const projectRoot = c.req.query('project') || process.cwd();
@@ -152,9 +154,11 @@ export function registerModelsRoutes(app: Hono) {
 
 	app.get('/v1/config/models', async (c) => {
 		try {
-			const embeddedConfig = c.get('embeddedConfig') as
-				| EmbeddedAppConfig
-				| undefined;
+			const embeddedConfig = (
+				c as unknown as {
+					get: (key: 'embeddedConfig') => EmbeddedAppConfig | undefined;
+				}
+			).get('embeddedConfig');
 
 			const projectRoot = c.req.query('project') || process.cwd();
 			const cfg = await loadConfig(projectRoot);

package/src/routes/config/providers.ts

@@ -9,14 +9,18 @@ import { getAuthorizedProviders, getDefault } from './utils.ts';
 export function registerProvidersRoute(app: Hono) {
 	app.get('/v1/config/providers', async (c) => {
 		try {
-			const embeddedConfig = c.get('embeddedConfig') as
-				| EmbeddedAppConfig
-				| undefined;
+			const embeddedConfig = (
+				c as unknown as {
+					get: (key: 'embeddedConfig') => EmbeddedAppConfig | undefined;
+				}
+			).get('embeddedConfig');
 
 			if (embeddedConfig) {
 				const providers = embeddedConfig.auth
 					? (Object.keys(embeddedConfig.auth) as ProviderId[])
-					: [embeddedConfig.provider];
+					: embeddedConfig.provider
+						? [embeddedConfig.provider]
+						: [];
 
 				return c.json({
 					providers,

package/src/routes/config/utils.ts

@@ -63,7 +63,8 @@ export async function getAuthTypeForProvider(
 	projectRoot: string,
 ): Promise<'api' | 'oauth' | 'wallet' | undefined> {
 	if (embeddedConfig?.auth?.[provider]) {
-		return embeddedConfig.auth[provider].type as 'api' | 'oauth' | 'wallet';
+		const embeddedAuth = embeddedConfig.auth[provider];
+		return 'type' in embeddedAuth ? embeddedAuth.type : 'api';
 	}
 	const auth = await getAuth(provider, projectRoot);
 	return auth?.type as 'api' | 'oauth' | 'wallet' | undefined;
@@ -83,7 +84,9 @@ export async function discoverAllAgents(
 			}
 		}
 	} catch (err) {
-		logger.debug('Failed to load agents.json', err);
+		logger.debug('Failed to load agents.json', {
+			error: err instanceof Error ? err.message : String(err),
+		});
 	}
 
 	try {
@@ -98,7 +101,9 @@ export async function discoverAllAgents(
 			}
 		}
 	} catch (err) {
-		logger.debug('Failed to read local agents directory', err);
+		logger.debug('Failed to read local agents directory', {
+			error: err instanceof Error ? err.message : String(err),
+		});
 	}
 
 	try {
@@ -113,7 +118,9 @@ export async function discoverAllAgents(
 			}
 		}
 	} catch (err) {
-		logger.debug('Failed to read global agents directory', err);
+		logger.debug('Failed to read global agents directory', {
+			error: err instanceof Error ? err.message : String(err),
+		});
 	}
 
 	return Array.from(agentSet).sort();

package/src/routes/terminals.ts

@@ -87,12 +87,14 @@ export function registerTerminalsRoutes(
 			return c.json({ error: 'Terminal not found' }, 404);
 		}
 
+		const activeTerminal = terminal;
+
 		return streamSSE(c, async (stream) => {
 			logger.debug('SSE stream started for terminal', { id });
 			// Send historical buffer first (unless skipHistory is set)
 			const skipHistory = c.req.query('skipHistory') === 'true';
 			if (!skipHistory) {
-				const history = terminal.read();
+				const history = activeTerminal.read();
 				logger.debug('SSE sending terminal history', {
 					id,
 					lines: history.length,
@@ -120,8 +122,8 @@ export function registerTerminalsRoutes(
 			let finished = false;
 
 			function cleanup() {
-				terminal.removeDataListener(onData);
-				terminal.removeExitListener(onExit);
+				activeTerminal.removeDataListener(onData);
+				activeTerminal.removeExitListener(onExit);
 				c.req.raw.signal.removeEventListener('abort', onAbort);
 			}
 
@@ -145,7 +147,7 @@ export function registerTerminalsRoutes(
 
 			function onAbort() {
 				logger.debug('SSE client disconnected from terminal', {
-					id: terminal.id,
+					id: activeTerminal.id,
 				});
 				stream.close();
 				finish();

package/src/routes/tunnel.ts

@@ -59,7 +59,7 @@ export function registerTunnelRoutes(app: Hono) {
 
 			const url = await activeTunnel.start(port, (msg) => {
 				progressMessage = msg;
-				logger.debug('Tunnel progress:', msg);
+				logger.debug('Tunnel progress', { message: msg });
 			});
 
 			tunnelUrl = url;

package/src/runtime/agent/oauth-codex-continuation.ts

@@ -10,6 +10,7 @@ export type OauthCodexContinuationInput = {
 	firstToolSeen: boolean;
 	hasTrailingAssistantText: boolean;
 	endedWithToolActivity?: boolean;
+	lastToolName?: string;
 	droppedPseudoToolText: boolean;
 	lastAssistantText: string;
 };
@@ -54,7 +55,7 @@ const MAX_UNCLEAN_EOF_RETRIES = 1;
 
 function isUncleanEof(input: OauthCodexContinuationInput): boolean {
 	if (input.finishReason && input.finishReason !== 'unknown') return false;
-	if (input.firstToolSeen) return true;
+	if (isMissingAssistantSummary(input)) return true;
 	if (looksLikeIntermediateProgressText(input.lastAssistantText)) return true;
 	return false;
 }
@@ -82,6 +83,10 @@ export function decideOauthCodexContinuation(
 		return { shouldContinue: true, reason: 'truncated' };
 	}
 
+	if (input.lastToolName === 'finish') {
+		return { shouldContinue: false };
+	}
+
 	if (input.endedWithToolActivity) {
 		return { shouldContinue: true, reason: 'ended-on-tool-activity' };
 	}

package/src/runtime/agent/runner.ts

@@ -182,11 +182,23 @@ async function runAssistant(opts: RunOpts) {
 	let _finishObserved = false;
 	let _toolActivityObserved = false;
 	let _trailingAssistantTextAfterTool = false;
+	let _endedWithToolActivity = false;
+	let _lastToolName: string | undefined;
 	let _abortedByUser = false;
+	let titleGenerationTriggered = false;
 	const unsubscribeFinish = subscribe(opts.sessionId, (evt) => {
 		if (evt.type === 'tool.call' || evt.type === 'tool.result') {
 			_toolActivityObserved = true;
 			_trailingAssistantTextAfterTool = false;
+			_endedWithToolActivity = true;
+			try {
+				_lastToolName = (evt.payload as { name?: string } | undefined)?.name;
+			} catch {
+				_lastToolName = undefined;
+			}
+		}
+		if (evt.type === 'tool.call') {
+			triggerTitleGenerationWhenReady();
 		}
 		if (evt.type !== 'tool.result') return;
 		try {
@@ -222,6 +234,22 @@ async function runAssistant(opts: RunOpts) {
 		stepIndex += 1;
 		return stepIndex;
 	};
+	const triggerTitleGenerationWhenReady = () => {
+		if (titleGenerationTriggered) {
+			return;
+		}
+
+		titleGenerationTriggered = true;
+		if (!isFirstMessage) {
+			return;
+		}
+
+		void triggerDeferredTitleGeneration({
+			cfg,
+			db,
+			sessionId: opts.sessionId,
+		});
+	};
 
 	const reasoningStates = new Map<string, ReasoningState>();
 
@@ -233,6 +261,7 @@ async function runAssistant(opts: RunOpts) {
 		getCurrentPartId,
 		updateCurrentPartId,
 		updateAccumulated,
+		triggerTitleGenerationWhenReady,
 		sharedCtx,
 		updateSessionTokensIncremental,
 		updateMessageTokensIncremental,
@@ -306,6 +335,7 @@ async function runAssistant(opts: RunOpts) {
 					(delta.trim().length > 0 && firstToolSeen())
 				) {
 					_trailingAssistantTextAfterTool = true;
+					_endedWithToolActivity = false;
 				}
 
 				if (!currentPartId && !accumulated.trim()) {
@@ -315,13 +345,6 @@ async function runAssistant(opts: RunOpts) {
 				if (!firstDeltaSeen) {
 					firstDeltaSeen = true;
 					streamStartTimer.end();
-					if (isFirstMessage) {
-						void triggerDeferredTitleGeneration({
-							cfg,
-							db,
-							sessionId: opts.sessionId,
-						});
-					}
 				}
 
 				if (!currentPartId) {
@@ -429,8 +452,6 @@ async function runAssistant(opts: RunOpts) {
 
 		const MAX_CONTINUATIONS = 6;
 		const continuationCount = opts.continuationCount ?? 0;
-		const endedWithToolActivity =
-			_toolActivityObserved && !_trailingAssistantTextAfterTool;
 		const continuationDecision = decideOauthCodexContinuation({
 			provider: opts.provider,
 			isOpenAIOAuth,
@@ -442,7 +463,8 @@ async function runAssistant(opts: RunOpts) {
 			rawFinishReason: streamRawFinishReason,
 			firstToolSeen: fs,
 			hasTrailingAssistantText: _trailingAssistantTextAfterTool,
-			endedWithToolActivity,
+			endedWithToolActivity: _endedWithToolActivity,
+			lastToolName: _lastToolName,
 			droppedPseudoToolText: oauthTextGuard?.dropped ?? false,
 			lastAssistantText: latestAssistantText,
 		});

package/src/runtime/ask/service.ts

@@ -127,7 +127,12 @@ async function processAskRequest(
 				google: { enabled: true },
 				openrouter: { enabled: true },
 				opencode: { enabled: true },
+				copilot: { enabled: true },
 				setu: { enabled: true },
+				zai: { enabled: true },
+				'zai-coding': { enabled: true },
+				moonshot: { enabled: true },
+				minimax: { enabled: true },
 			},
 			paths: {
 				dataDir: `${projectRoot}/.otto`,

package/src/runtime/errors/api-error.ts

@@ -5,6 +5,7 @@
  * across all API endpoints.
  */
 
+import type { ContentfulStatusCode } from 'hono/utils/http-status';
 import { isDebugEnabled } from '../debug/state.ts';
 import { toErrorPayload } from './handling.ts';
 
@@ -16,7 +17,7 @@ export type APIErrorResponse = {
 		message: string;
 		type: string;
 		code?: string;
-		status?: number;
+		status?: ContentfulStatusCode;
 		details?: Record<string, unknown>;
 		stack?: string;
 	};
@@ -27,29 +28,33 @@ export type APIErrorResponse = {
  */
 export class APIError extends Error {
 	public readonly code?: string;
-	public readonly status: number;
+	public readonly status: ContentfulStatusCode;
 	public readonly type: string;
 	public readonly details?: Record<string, unknown>;
 
 	constructor(
 		message: string,
-		options?: {
-			code?: string;
-			status?: number;
-			type?: string;
-			details?: Record<string, unknown>;
-			cause?: unknown;
-		},
+		options?:
+			| ContentfulStatusCode
+			| {
+					code?: string;
+					status?: ContentfulStatusCode;
+					type?: string;
+					details?: Record<string, unknown>;
+					cause?: unknown;
+			  },
 	) {
 		super(message);
 		this.name = 'APIError';
-		this.code = options?.code;
-		this.status = options?.status ?? 500;
-		this.type = options?.type ?? 'api_error';
-		this.details = options?.details;
-
-		if (options?.cause) {
-			this.cause = options.cause;
+		const normalizedOptions =
+			typeof options === 'number' ? { status: options } : options;
+		this.code = normalizedOptions?.code;
+		this.status = normalizedOptions?.status ?? 500;
+		this.type = normalizedOptions?.type ?? 'api_error';
+		this.details = normalizedOptions?.details;
+
+		if (normalizedOptions?.cause) {
+			this.cause = normalizedOptions.cause;
 		}
 
 		// Maintain proper stack trace
@@ -72,7 +77,7 @@ export function serializeError(err: unknown): APIErrorResponse {
 	// Determine HTTP status code
 	// Default to 400 for generic errors (client errors)
 	// Only use 500 if explicitly set or for APIError instances without a status
-	let status = 400;
+	let status: ContentfulStatusCode = 400;
 
 	// Handle APIError instances first
 	if (err instanceof APIError) {
@@ -80,15 +85,16 @@ export function serializeError(err: unknown): APIErrorResponse {
 	} else if (err && typeof err === 'object') {
 		const errObj = err as Record<string, unknown>;
 		if (typeof errObj.status === 'number') {
-			status = errObj.status;
+			status = errObj.status as ContentfulStatusCode;
 		} else if (typeof errObj.statusCode === 'number') {
-			status = errObj.statusCode;
+			status = errObj.statusCode as ContentfulStatusCode;
 		} else if (
 			errObj.details &&
 			typeof errObj.details === 'object' &&
 			typeof (errObj.details as Record<string, unknown>).statusCode === 'number'
 		) {
-			status = (errObj.details as Record<string, unknown>).statusCode as number;
+			status = (errObj.details as Record<string, unknown>)
+				.statusCode as ContentfulStatusCode;
 		}
 	}
 
@@ -130,7 +136,9 @@ export function serializeError(err: unknown): APIErrorResponse {
  * @param err - The error to convert
  * @returns Tuple of [APIErrorResponse, HTTP status code]
  */
-export function createErrorResponse(err: unknown): [APIErrorResponse, number] {
+export function createErrorResponse(
+	err: unknown,
+): [APIErrorResponse, ContentfulStatusCode] {
 	const response = serializeError(err);
 	return [response, response.error.status ?? 500];
 }

package/src/runtime/message/service.ts

@@ -284,7 +284,7 @@ async function generateSessionTitle(args: {
 			return;
 		}
 
-		const provider = sess.provider ?? cfg.defaults.provider;
+		const provider = (sess.provider ?? cfg.defaults.provider) as ProviderId;
 		const modelName = sess.model ?? cfg.defaults.model;
 
 		debugLog('[TITLE_GEN] Generating title for session');
@@ -365,7 +365,7 @@ Output ONLY the title, nothing else.`;
 
 		await db
 			.update(sessions)
-			.set({ title: sanitized, updatedAt: Date.now() })
+			.set({ title: sanitized, lastActiveAt: Date.now() })
 			.where(eq(sessions.id, sessionId));
 
 		debugLog(`[TITLE_GEN] Setting final title: "${sanitized}"`);

package/src/runtime/session/branch.ts

@@ -160,7 +160,14 @@ export async function createBranch({
 	}
 
 	const result: SessionRow = {
-		...newSession,
+		id: newSession.id,
+		title: newSession.title ?? null,
+		agent: newSession.agent,
+		provider: newSession.provider,
+		model: newSession.model,
+		projectPath: newSession.projectPath,
+		createdAt: newSession.createdAt,
+		lastActiveAt: newSession.lastActiveAt ?? null,
 		totalInputTokens: null,
 		totalOutputTokens: null,
 		totalCachedTokens: null,
@@ -171,6 +178,9 @@ export async function createBranch({
 		currentContextTokens: null,
 		contextSummary: null,
 		lastCompactedAt: null,
+		parentSessionId: newSession.parentSessionId ?? null,
+		branchPointMessageId: newSession.branchPointMessageId ?? null,
+		sessionType: newSession.sessionType ?? null,
 	};
 
 	publish({

package/src/runtime/session/manager.ts

@@ -39,7 +39,7 @@ export async function createSession({
 	await ensureProviderEnv(cfg, provider);
 	const id = crypto.randomUUID();
 	const now = Date.now();
-	const row = {
+	const row: SessionRow = {
 		id,
 		title: title ?? null,
 		agent,
@@ -56,6 +56,11 @@ export async function createSession({
 		totalToolTimeMs: null,
 		toolCountsJson: null,
 		currentContextTokens: null,
+		contextSummary: null,
+		lastCompactedAt: null,
+		parentSessionId: null,
+		branchPointMessageId: null,
+		sessionType: 'main',
 	};
 	await db.insert(sessions).values(row);
 	publish({ type: 'session.created', sessionId: id, payload: row });

package/src/runtime/stream/step-finish.ts

@@ -16,6 +16,7 @@ export function createStepFinishHandler(
 	getCurrentPartId: () => string | null,
 	updateCurrentPartId: (id: string | null) => void,
 	updateAccumulated: (text: string) => void,
+	triggerTitleGenerationWhenReady: () => void,
 	sharedCtx: ToolAdapterContext,
 	updateSessionTokensIncrementalFn: (
 		usage: UsageData,
@@ -31,6 +32,8 @@ export function createStepFinishHandler(
 	) => Promise<void>,
 ) {
 	return async (step: StepFinishEvent) => {
+		triggerTitleGenerationWhenReady();
+
 		const finishedAt = Date.now();
 		const currentPartId = getCurrentPartId();
 		const stepIndex = getStepIndex();

package/src/tools/adapter.ts

@@ -130,12 +130,13 @@ export function adaptTools(
 			}: {
 				callId?: string;
 				startTs?: number;
-				stepIndexForEvent: number;
+				stepIndexForEvent?: number;
 				args?: unknown;
 			},
 		) => {
 			const resultPartId = crypto.randomUUID();
 			const endTs = Date.now();
+			const effectiveStepIndex = stepIndexForEvent ?? ctx.stepIndex;
 			const dur =
 				typeof startTs === 'number' ? Math.max(0, endTs - startTs) : null;
 
@@ -160,7 +161,7 @@ export function adaptTools(
 				id: resultPartId,
 				messageId: ctx.messageId,
 				index,
-				stepIndex: stepIndexForEvent,
+				stepIndex: effectiveStepIndex,
 				type: 'tool_result',
 				content: JSON.stringify(contentObj),
 				agent: ctx.agent,
@@ -176,7 +177,7 @@ export function adaptTools(
 			publish({
 				type: 'tool.result',
 				sessionId: ctx.sessionId,
-				payload: { ...contentObj, stepIndex: stepIndexForEvent },
+				payload: { ...contentObj, stepIndex: effectiveStepIndex },
 			});
 		};