@qwen-code/qwen-code 0.13.1-preview.0 → 0.13.1

package/cli.js

@@ -146729,18 +146729,22 @@ var init_openaiLogger = __esm({
       /**
        * Creates a new OpenAI logger
        * @param customLogDir Optional custom log directory path (supports relative paths, absolute paths, and ~ expansion)
+       * @param cwd Optional working directory for resolving relative paths. Defaults to process.cwd().
+       *            In ACP mode, process.cwd() may be '/' (filesystem root), so callers should
+       *            pass the project working directory from Config.getWorkingDir().
        */
-      constructor(customLogDir) {
+      constructor(customLogDir, cwd6) {
+        const baseCwd = cwd6 || process.cwd();
         if (customLogDir) {
           let resolvedPath = customLogDir;
           if (customLogDir === "~" || customLogDir.startsWith("~/")) {
             resolvedPath = path15.join(os6.homedir(), customLogDir.slice(1));
           } else if (!path15.isAbsolute(customLogDir)) {
-            resolvedPath = path15.resolve(process.cwd(), customLogDir);
+            resolvedPath = path15.resolve(baseCwd, customLogDir);
           }
           this.logDir = path15.normalize(resolvedPath);
         } else {
-          this.logDir = path15.join(process.cwd(), "logs", "openai");
+          this.logDir = path15.join(baseCwd, "logs", "openai");
         }
       }
       /**
@@ -146861,7 +146865,7 @@ var init_loggingContentGenerator = __esm({
         this.config = config2;
         this.modalities = generatorConfig.modalities;
         if (generatorConfig.enableOpenAILogging) {
-          this.openaiLogger = new OpenAILogger(generatorConfig.openAILoggingDir);
+          this.openaiLogger = new OpenAILogger(generatorConfig.openAILoggingDir, config2.getWorkingDir());
           this.schemaCompliance = generatorConfig.schemaCompliance;
         }
       }
@@ -171291,7 +171295,7 @@ __export(geminiContentGenerator_exports, {
   createGeminiContentGenerator: () => createGeminiContentGenerator
 });
 function createGeminiContentGenerator(config2, gcConfig) {
-  const version2 = "0.13.1-preview.0";
+  const version2 = "0.13.1";
   const userAgent2 = config2.userAgent || `QwenCode/${version2} (${process.platform}; ${process.arch})`;
   const baseHeaders = {
     "User-Agent": userAgent2
@@ -177385,6 +177389,75 @@ var init_rule_parser = __esm({
   }
 });
 
+// packages/core/dist/src/core/permission-helpers.js
+import * as path25 from "node:path";
+function buildPermissionCheckContext(toolName, toolParams, targetDir) {
+  const command2 = "command" in toolParams ? String(toolParams["command"]) : void 0;
+  let filePath = typeof toolParams["file_path"] === "string" ? toolParams["file_path"] : void 0;
+  if (filePath === void 0 && typeof toolParams["path"] === "string") {
+    filePath = path25.isAbsolute(toolParams["path"]) ? toolParams["path"] : path25.resolve(targetDir, toolParams["path"]);
+  }
+  let domain2;
+  if (typeof toolParams["url"] === "string") {
+    try {
+      domain2 = new URL(toolParams["url"]).hostname;
+    } catch {
+    }
+  }
+  const specifier = typeof toolParams["skill"] === "string" ? toolParams["skill"] : typeof toolParams["subagent_type"] === "string" ? toolParams["subagent_type"] : void 0;
+  return { toolName, command: command2, filePath, domain: domain2, specifier };
+}
+async function evaluatePermissionRules(pm, defaultPermission, pmCtx) {
+  let finalPermission = defaultPermission;
+  let pmForcedAsk = false;
+  if (pm && defaultPermission !== "deny") {
+    if (pm.hasRelevantRules(pmCtx)) {
+      const pmDecision = await pm.evaluate(pmCtx);
+      if (pmDecision !== "default") {
+        finalPermission = pmDecision;
+        if (pmDecision === "ask" && pm.hasMatchingAskRule(pmCtx)) {
+          pmForcedAsk = true;
+        }
+      }
+    }
+  }
+  return { finalPermission, pmForcedAsk };
+}
+function injectPermissionRulesIfMissing(confirmationDetails, pmCtx) {
+  if ((confirmationDetails.type === "exec" || confirmationDetails.type === "mcp" || confirmationDetails.type === "info") && !confirmationDetails.permissionRules) {
+    confirmationDetails.permissionRules = buildPermissionRules(pmCtx);
+  }
+}
+async function persistPermissionOutcome(outcome, confirmationDetails, persistFn, pm, payload) {
+  if (outcome !== ToolConfirmationOutcome.ProceedAlwaysProject && outcome !== ToolConfirmationOutcome.ProceedAlwaysUser) {
+    return;
+  }
+  const scope = outcome === ToolConfirmationOutcome.ProceedAlwaysProject ? "project" : "user";
+  const detailsRules = confirmationDetails?.["permissionRules"];
+  const payloadRules = payload?.permissionRules;
+  const rules = payloadRules ?? detailsRules ?? [];
+  if (rules.length > 0) {
+    for (const rule of rules) {
+      if (persistFn) {
+        await persistFn(scope, "allow", rule);
+      }
+      pm?.addPersistentRule(rule, "allow");
+    }
+  }
+}
+var init_permission_helpers = __esm({
+  "packages/core/dist/src/core/permission-helpers.js"() {
+    "use strict";
+    init_esbuild_shims();
+    init_tools();
+    init_rule_parser();
+    __name(buildPermissionCheckContext, "buildPermissionCheckContext");
+    __name(evaluatePermissionRules, "evaluatePermissionRules");
+    __name(injectPermissionRulesIfMissing, "injectPermissionRulesIfMissing");
+    __name(persistPermissionOutcome, "persistPermissionOutcome");
+  }
+});
+
 // packages/core/dist/src/utils/editor.js
 import { execSync as execSync3, spawn, spawnSync } from "node:child_process";
 function isValidEditorType(editor) {
@@ -177554,22 +177627,22 @@ var init_editor = __esm({
 
 // packages/core/dist/src/tools/modifiable-tool.js
 import os12 from "node:os";
-import path25 from "node:path";
+import path26 from "node:path";
 import fs29 from "node:fs";
 function isModifiableDeclarativeTool(tool) {
   return "getModifyContext" in tool;
 }
 function createTempFilesForModify(currentContent, proposedContent, file_path) {
   const tempDir = os12.tmpdir();
-  const diffDir = path25.join(tempDir, "qwen-code-tool-modify-diffs");
+  const diffDir = path26.join(tempDir, "qwen-code-tool-modify-diffs");
   if (!fs29.existsSync(diffDir)) {
     fs29.mkdirSync(diffDir, { recursive: true });
   }
-  const ext2 = path25.extname(file_path);
-  const fileName = path25.basename(file_path, ext2);
+  const ext2 = path26.extname(file_path);
+  const fileName = path26.basename(file_path, ext2);
   const timestamp = Date.now();
-  const tempOldPath = path25.join(diffDir, `qwen-code-modify-${fileName}-old-${timestamp}${ext2}`);
-  const tempNewPath = path25.join(diffDir, `qwen-code-modify-${fileName}-new-${timestamp}${ext2}`);
+  const tempOldPath = path26.join(diffDir, `qwen-code-modify-${fileName}-old-${timestamp}${ext2}`);
+  const tempNewPath = path26.join(diffDir, `qwen-code-modify-${fileName}-new-${timestamp}${ext2}`);
   fs29.writeFileSync(tempOldPath, currentContent, "utf8");
   fs29.writeFileSync(tempNewPath, proposedContent, "utf8");
   return { oldPath: tempOldPath, newPath: tempNewPath };
@@ -177592,7 +177665,7 @@ function getUpdatedParams(tmpOldPath, tempNewPath, originalParams, modifyContext
     newContent = "";
   }
   const updatedParams = modifyContext.createUpdatedParams(oldContent, newContent, originalParams);
-  const updatedDiff = createPatch(path25.basename(modifyContext.getFilePath(originalParams)), oldContent, newContent, "Current", "Proposed", DEFAULT_DIFF_OPTIONS);
+  const updatedDiff = createPatch(path26.basename(modifyContext.getFilePath(originalParams)), oldContent, newContent, "Current", "Proposed", DEFAULT_DIFF_OPTIONS);
   return { updatedParams, updatedDiff };
 }
 function deleteTempFiles(oldPath, newPath) {
@@ -178888,7 +178961,7 @@ function detectCommandSubstitution(command2) {
   }
   return false;
 }
-function checkCommandPermissions(command2, config2, sessionAllowlist) {
+async function checkCommandPermissions(command2, config2, sessionAllowlist) {
   if (detectCommandSubstitution(command2)) {
     return {
       allAllowed: false,
@@ -178912,7 +178985,7 @@ function checkCommandPermissions(command2, config2, sessionAllowlist) {
         if (isSessionAllowed)
           continue;
       }
-      const decision = pm.isCommandAllowed(cmd);
+      const decision = await pm.isCommandAllowed(cmd);
       if (decision === "deny") {
         return {
           allAllowed: false,
@@ -179080,8 +179153,8 @@ function isCommandAvailable(command2) {
   const { path: path134, error: error40 } = resolveCommandPath(command2);
   return { available: path134 !== null, error: error40 };
 }
-function isCommandAllowed(command2, config2) {
-  const { allAllowed, blockReason } = checkCommandPermissions(command2, config2);
+async function isCommandAllowed(command2, config2) {
+  const { allAllowed, blockReason } = await checkCommandPermissions(command2, config2);
   if (allAllowed) {
     return { allowed: true };
   }
@@ -186748,12 +186821,12 @@ ${JSON.stringify(symbolNames, null, 2)}`);
 });
 
 // packages/core/dist/src/utils/shellAstParser.js
-import path26 from "node:path";
+import path27 from "node:path";
 import { fileURLToPath as fileURLToPath3 } from "node:url";
 function resolveWasmPath(filename) {
-  const inSrcUtils = __filename_.includes(path26.join("src", "utils"));
+  const inSrcUtils = __filename_.includes(path27.join("src", "utils"));
   const levelsUp = !inSrcUtils ? 0 : __filename_.endsWith(".ts") ? 2 : 3;
-  return path26.join(__dirname_, ...Array(levelsUp).fill(".."), "vendor", "tree-sitter", filename);
+  return path27.join(__dirname_, ...Array(levelsUp).fill(".."), "vendor", "tree-sitter", filename);
 }
 async function initParser() {
   if (parserInstance)
@@ -187059,7 +187132,7 @@ var init_shellAstParser = __esm({
     init_esbuild_shims();
     import_web_tree_sitter = __toESM(require_tree_sitter(), 1);
     __filename_ = fileURLToPath3(import.meta.url);
-    __dirname_ = path26.dirname(__filename_);
+    __dirname_ = path27.dirname(__filename_);
     READ_ONLY_ROOT_COMMANDS2 = /* @__PURE__ */ new Set([
       "awk",
       "basename",
@@ -187584,7 +187657,7 @@ var init_shellAstParser = __esm({
 
 // packages/core/dist/src/tools/shell.js
 import fs30 from "node:fs";
-import path27 from "node:path";
+import path28 from "node:path";
 import os15, { EOL } from "node:os";
 import crypto8 from "node:crypto";
 function getShellToolDescription() {
@@ -187717,19 +187790,30 @@ var init_shell = __esm({
        */
       async getConfirmationDetails(_abortSignal) {
         const command2 = stripShellWrapper(this.params.command);
+        const pm = this.config.getPermissionManager?.();
         const subCommands = splitCommands(command2);
-        const nonReadOnlySubCommands = [];
+        const confirmableSubCommands = [];
         for (const sub of subCommands) {
+          let isReadOnly = false;
           try {
-            const isReadOnly = await isShellCommandReadOnlyAST(sub);
-            if (!isReadOnly) {
-              nonReadOnlySubCommands.push(sub);
-            }
+            isReadOnly = await isShellCommandReadOnlyAST(sub);
           } catch {
-            nonReadOnlySubCommands.push(sub);
           }
+          if (isReadOnly) {
+            continue;
+          }
+          if (pm) {
+            try {
+              if (await pm.isCommandAllowed(sub) === "allow") {
+                continue;
+              }
+            } catch (e4) {
+              debugLogger28.warn("PermissionManager command check failed:", e4);
+            }
+          }
+          confirmableSubCommands.push(sub);
         }
-        const effectiveSubCommands = nonReadOnlySubCommands.length > 0 ? nonReadOnlySubCommands : subCommands;
+        const effectiveSubCommands = confirmableSubCommands.length > 0 ? confirmableSubCommands : subCommands;
         const rootCommands = [
           ...new Set(effectiveSubCommands.map((c4) => getCommandRoot(c4)).filter((c4) => !!c4))
         ];
@@ -187771,7 +187855,7 @@ var init_shell = __esm({
         }
         const isWindows9 = os15.platform() === "win32";
         const tempFileName = `shell_pgrep_${crypto8.randomBytes(6).toString("hex")}.tmp`;
-        const tempFilePath = path27.join(os15.tmpdir(), tempFileName);
+        const tempFilePath = path28.join(os15.tmpdir(), tempFileName);
         try {
           const processedCommand = this.addCoAuthorToGitCommit(strippedCommand);
           const shouldRunInBackground = this.params.is_background;
@@ -188028,11 +188112,11 @@ Co-authored-by: ${gitCoAuthorSettings.name} <${gitCoAuthorSettings.email}>`;
           }
         }
         if (params.directory) {
-          if (!path27.isAbsolute(params.directory)) {
+          if (!path28.isAbsolute(params.directory)) {
             return "Directory must be an absolute path.";
           }
           const userSkillsDirs = this.config.storage.getUserSkillsDirs();
-          const resolvedDirectoryPath = path27.resolve(params.directory);
+          const resolvedDirectoryPath = path28.resolve(params.directory);
           const isWithinUserSkills = isSubpaths(userSkillsDirs, resolvedDirectoryPath);
           if (isWithinUserSkills) {
             return `Explicitly running shell commands from within the user skills directory is not allowed. Please use absolute paths for command parameter instead.`;
@@ -188053,7 +188137,6 @@ Co-authored-by: ${gitCoAuthorSettings.name} <${gitCoAuthorSettings.email}>`;
 });
 
 // packages/core/dist/src/core/coreToolScheduler.js
-import * as path28 from "node:path";
 function createFunctionResponsePart(callId, toolName, output, mediaParts) {
   const functionResponse = {
     id: callId,
@@ -188133,7 +188216,7 @@ var init_coreToolScheduler = __esm({
     init_types6();
     init_src2();
     init_tool_names();
-    init_rule_parser();
+    init_permission_helpers();
     init_generateContentResponseUtilities();
     init_modifiable_tool();
     init_lib();
@@ -188424,20 +188507,22 @@ var init_coreToolScheduler = __esm({
             throw new Error("Cannot schedule new tool calls while other tool calls are actively running (executing or awaiting approval).");
           }
           const requestsToProcess = Array.isArray(request4) ? request4 : [request4];
-          const newToolCalls = requestsToProcess.map((reqInfo) => {
+          const newToolCalls = [];
+          for (const reqInfo of requestsToProcess) {
             const pm = this.config.getPermissionManager?.();
-            if (pm && !pm.isToolEnabled(reqInfo.name)) {
+            if (pm && !await pm.isToolEnabled(reqInfo.name)) {
               const matchingRule = pm.findMatchingDenyRule({
                 toolName: reqInfo.name
               });
               const ruleInfo = matchingRule ? ` Matching deny rule: "${matchingRule}".` : "";
               const permissionErrorMessage = `Qwen Code requires permission to use "${reqInfo.name}", but that permission was declined.${ruleInfo}`;
-              return {
+              newToolCalls.push({
                 status: "error",
                 request: reqInfo,
                 response: createErrorResponse(reqInfo, new Error(permissionErrorMessage), ToolErrorType.EXECUTION_DENIED),
                 durationMs: 0
-              };
+              });
+              continue;
             }
             if (!pm) {
               const excludeTools = this.config.getPermissionsDeny?.() ?? void 0;
@@ -188446,54 +188531,58 @@ var init_coreToolScheduler = __esm({
                 const excludedMatch = excludeTools.find((excludedTool) => excludedTool.toLowerCase().trim() === normalizedToolName);
                 if (excludedMatch) {
                   const permissionErrorMessage = `Qwen Code requires permission to use ${excludedMatch}, but that permission was declined.`;
-                  return {
+                  newToolCalls.push({
                     status: "error",
                     request: reqInfo,
                     response: createErrorResponse(reqInfo, new Error(permissionErrorMessage), ToolErrorType.EXECUTION_DENIED),
                     durationMs: 0
-                  };
+                  });
+                  continue;
                 }
               }
             }
             const toolInstance = this.toolRegistry.getTool(reqInfo.name);
             if (!toolInstance) {
               const errorMessage = this.getToolNotFoundMessage(reqInfo.name);
-              return {
+              newToolCalls.push({
                 status: "error",
                 request: reqInfo,
                 response: createErrorResponse(reqInfo, new Error(errorMessage), ToolErrorType.TOOL_NOT_REGISTERED),
                 durationMs: 0
-              };
+              });
+              continue;
             }
             const invocationOrError = this.buildInvocation(toolInstance, reqInfo.args);
             if (invocationOrError instanceof Error) {
               const error40 = reqInfo.wasOutputTruncated ? new Error(`${invocationOrError.message} ${TRUNCATION_PARAM_GUIDANCE}`) : invocationOrError;
-              return {
+              newToolCalls.push({
                 status: "error",
                 request: reqInfo,
                 tool: toolInstance,
                 response: createErrorResponse(reqInfo, error40, ToolErrorType.INVALID_TOOL_PARAMS),
                 durationMs: 0
-              };
+              });
+              continue;
             }
             if (reqInfo.wasOutputTruncated && toolInstance.kind === Kind.Edit) {
               const truncationError = new Error(TRUNCATION_EDIT_REJECTION);
-              return {
+              newToolCalls.push({
                 status: "error",
                 request: reqInfo,
                 tool: toolInstance,
                 response: createErrorResponse(reqInfo, truncationError, ToolErrorType.OUTPUT_TRUNCATED),
                 durationMs: 0
-              };
+              });
+              continue;
             }
-            return {
+            newToolCalls.push({
               status: "validating",
               request: reqInfo,
               tool: toolInstance,
               invocation: invocationOrError,
               startTime: Date.now()
-            };
-          });
+            });
+          }
           this.toolCalls = this.toolCalls.concat(newToolCalls);
           this.notifyToolCallsUpdate();
           for (const toolCall of newToolCalls) {
@@ -188508,40 +188597,9 @@ var init_coreToolScheduler = __esm({
               }
               const defaultPermission = await invocation.getDefaultPermission();
               const pm = this.config.getPermissionManager?.();
-              let finalPermission = defaultPermission;
-              let pmForcedAsk = false;
               const toolParams = invocation.params;
-              const shellCommand = "command" in toolParams ? String(toolParams["command"]) : void 0;
-              let invocationFilePath = typeof toolParams["file_path"] === "string" ? toolParams["file_path"] : void 0;
-              if (invocationFilePath === void 0 && typeof toolParams["path"] === "string") {
-                invocationFilePath = path28.isAbsolute(toolParams["path"]) ? toolParams["path"] : path28.resolve(this.config.getTargetDir(), toolParams["path"]);
-              }
-              let invocationDomain;
-              if (typeof toolParams["url"] === "string") {
-                try {
-                  invocationDomain = new URL(toolParams["url"]).hostname;
-                } catch {
-                }
-              }
-              const literalSpecifier = typeof toolParams["skill"] === "string" ? toolParams["skill"] : typeof toolParams["subagent_type"] === "string" ? toolParams["subagent_type"] : void 0;
-              const pmCtx = {
-                toolName: reqInfo.name,
-                command: shellCommand,
-                filePath: invocationFilePath,
-                domain: invocationDomain,
-                specifier: literalSpecifier
-              };
-              if (pm && defaultPermission !== "deny") {
-                if (pm.hasRelevantRules(pmCtx)) {
-                  const pmDecision = pm.evaluate(pmCtx);
-                  if (pmDecision !== "default") {
-                    finalPermission = pmDecision;
-                    if (pmDecision === "ask") {
-                      pmForcedAsk = true;
-                    }
-                  }
-                }
-              }
+              const pmCtx = buildPermissionCheckContext(reqInfo.name, toolParams, this.config.getTargetDir?.() ?? "");
+              const { finalPermission, pmForcedAsk } = await evaluatePermissionRules(pm, defaultPermission, pmCtx);
               const approvalMode = this.config.getApprovalMode();
               const isPlanMode = approvalMode === ApprovalMode.PLAN;
               const isExitPlanModeTool = reqInfo.name === "exit_plan_mode";
@@ -188576,9 +188634,7 @@ var init_coreToolScheduler = __esm({
                 });
               } else {
                 const confirmationDetails = await invocation.getConfirmationDetails(signal);
-                if ((confirmationDetails.type === "exec" || confirmationDetails.type === "mcp" || confirmationDetails.type === "info") && !confirmationDetails.permissionRules) {
-                  confirmationDetails.permissionRules = buildPermissionRules(pmCtx);
-                }
+                injectPermissionRulesIfMissing(confirmationDetails, pmCtx);
                 if (approvalMode === ApprovalMode.AUTO_EDIT && (confirmationDetails.type === "edit" || confirmationDetails.type === "info")) {
                   this.setToolCallOutcome(reqInfo.callId, ToolConfirmationOutcome.ProceedAlways);
                   this.setStatusInternal(reqInfo.callId, "scheduled");
@@ -188592,6 +188648,9 @@ var init_coreToolScheduler = __esm({
                 }
                 if (confirmationDetails.type === "edit" && confirmationDetails.ideConfirmation) {
                   confirmationDetails.ideConfirmation.then((resolution) => {
+                    const still = this.toolCalls.find((c4) => c4.request.callId === reqInfo.callId && c4.status === "awaiting_approval");
+                    if (!still)
+                      return;
                     if (resolution.status === "accepted") {
                       this.handleConfirmationResponse(reqInfo.callId, confirmationDetails.onConfirm, ToolConfirmationOutcome.ProceedOnce, signal);
                     } else {
@@ -188653,25 +188712,11 @@ var init_coreToolScheduler = __esm({
       }
       async handleConfirmationResponse(callId, originalOnConfirm, outcome, signal, payload) {
         const toolCall = this.toolCalls.find((c4) => c4.request.callId === callId && c4.status === "awaiting_approval");
+        if (!toolCall)
+          return;
         await originalOnConfirm(outcome, payload);
         if (outcome === ToolConfirmationOutcome.ProceedAlways || outcome === ToolConfirmationOutcome.ProceedAlwaysProject || outcome === ToolConfirmationOutcome.ProceedAlwaysUser) {
-          if (outcome === ToolConfirmationOutcome.ProceedAlwaysProject || outcome === ToolConfirmationOutcome.ProceedAlwaysUser) {
-            const scope = outcome === ToolConfirmationOutcome.ProceedAlwaysProject ? "project" : "user";
-            const details = toolCall?.confirmationDetails;
-            const detailsRules = details?.["permissionRules"];
-            const payloadRules = payload?.permissionRules;
-            const rules = payloadRules ?? detailsRules ?? [];
-            const persistFn = this.config.getOnPersistPermissionRule?.();
-            const pm = this.config.getPermissionManager?.();
-            if (rules.length > 0) {
-              for (const rule of rules) {
-                if (persistFn) {
-                  await persistFn(scope, "allow", rule);
-                }
-                pm?.addPersistentRule(rule, "allow");
-              }
-            }
-          }
+          await persistPermissionOutcome(outcome, toolCall.confirmationDetails, this.config.getOnPersistPermissionRule?.(), this.config.getPermissionManager?.(), payload);
           await this.autoApproveCompatiblePendingTools(signal, callId);
         }
         this.setToolCallOutcome(callId, outcome);
@@ -188933,34 +188978,9 @@ ${failureHookResult.additionalContext}`;
         for (const pendingTool of pendingTools) {
           try {
             const defaultPermission = await pendingTool.invocation.getDefaultPermission();
-            let finalPermission = defaultPermission;
-            const pm = this.config.getPermissionManager?.();
-            if (pm && defaultPermission !== "deny") {
-              const params = pendingTool.invocation.params;
-              const shellCommand = "command" in params ? String(params["command"]) : void 0;
-              const filePath = typeof params["file_path"] === "string" ? params["file_path"] : void 0;
-              let domain2;
-              if (typeof params["url"] === "string") {
-                try {
-                  domain2 = new URL(params["url"]).hostname;
-                } catch {
-                }
-              }
-              const literalSpecifier = typeof params["skill"] === "string" ? params["skill"] : typeof params["subagent_type"] === "string" ? params["subagent_type"] : void 0;
-              const pmCtx = {
-                toolName: pendingTool.request.name,
-                command: shellCommand,
-                filePath,
-                domain: domain2,
-                specifier: literalSpecifier
-              };
-              if (pm.hasRelevantRules(pmCtx)) {
-                const pmDecision = pm.evaluate(pmCtx);
-                if (pmDecision !== "default") {
-                  finalPermission = pmDecision;
-                }
-              }
-            }
+            const toolParams = pendingTool.invocation.params;
+            const pmCtx = buildPermissionCheckContext(pendingTool.request.name, toolParams, this.config.getTargetDir?.() ?? "");
+            const { finalPermission } = await evaluatePermissionRules(this.config.getPermissionManager?.(), defaultPermission, pmCtx);
             if (finalPermission === "allow") {
               this.setToolCallOutcome(pendingTool.request.callId, ToolConfirmationOutcome.ProceedAlways);
               this.setStatusInternal(pendingTool.request.callId, "scheduled");
@@ -228865,8 +228885,9 @@ var init_edit = __esm({
         }
         const fileName = path39.basename(this.params.file_path);
         const fileDiff = createPatch(fileName, editData.currentContent ?? "", editData.newContent, "Current", "Proposed", DEFAULT_DIFF_OPTIONS);
+        const approvalMode = this.config.getApprovalMode();
         const ideClient = await IdeClient.getInstance();
-        const ideConfirmation = this.config.getIdeMode() && ideClient.isDiffingEnabled() ? ideClient.openDiff(this.params.file_path, editData.newContent) : void 0;
+        const ideConfirmation = this.config.getIdeMode() && ideClient.isDiffingEnabled() && approvalMode !== ApprovalMode.AUTO_EDIT && approvalMode !== ApprovalMode.YOLO ? ideClient.openDiff(this.params.file_path, editData.newContent) : void 0;
         const confirmationDetails = {
           type: "edit",
           title: `Confirm Edit: ${shortenPath(makeRelative(this.params.file_path, this.config.getTargetDir()))}`,
@@ -229372,10 +229393,11 @@ var init_glob2 = __esm({
           follow: false,
           signal
         });
-        const relativePaths = entries.map((p2) => path40.relative(searchDir, p2.fullpath()));
+        const projectRoot = this.config.getTargetDir();
+        const relativePaths = entries.map((p2) => path40.relative(projectRoot, p2.fullpath()));
         const { filteredPaths } = this.fileService.filterFilesWithReport(relativePaths, this.getFileFilteringOptions());
         const normalizePathForComparison = /* @__PURE__ */ __name((p2) => process.platform === "win32" || process.platform === "darwin" ? p2.toLowerCase() : p2, "normalizePathForComparison");
-        const filteredAbsolutePaths = new Set(filteredPaths.map((p2) => normalizePathForComparison(path40.resolve(searchDir, p2))));
+        const filteredAbsolutePaths = new Set(filteredPaths.map((p2) => normalizePathForComparison(path40.resolve(projectRoot, p2))));
         return entries.filter((entry) => filteredAbsolutePaths.has(normalizePathForComparison(entry.fullpath())));
       }
       async execute(signal) {
@@ -229564,7 +229586,7 @@ var init_grep2 = __esm({
             searchDirs.push(...workspaceDirs);
             searchLocationDescription = workspaceDirs.length > 1 ? `across ${workspaceDirs.length} workspace directories` : `in the workspace directory`;
           }
-          const rawMatches = [];
+          let rawMatches = [];
           for (const searchDir of searchDirs) {
             const matches = await this.performGrepSearch({
               pattern: this.params.pattern,
@@ -229581,6 +229603,16 @@ var init_grep2 = __esm({
             }
             rawMatches.push(...matches);
           }
+          if (searchDirs.length > 1) {
+            const seen = /* @__PURE__ */ new Set();
+            rawMatches = rawMatches.filter((match2) => {
+              const key = `${match2.filePath}:${match2.lineNumber}`;
+              if (seen.has(key))
+                return false;
+              seen.add(key);
+              return true;
+            });
+          }
           const filterDescription = this.params.glob ? ` (filter: "${this.params.glob}")` : "";
           if (rawMatches.length === 0) {
             const noMatchMsg = `No matches found for pattern "${this.params.pattern}" ${searchLocationDescription}${filterDescription}.`;
@@ -230401,7 +230433,23 @@ var init_ripGrep = __esm({
             const noMatchMsg = `No matches found for pattern "${this.params.pattern}" ${searchLocationDescription}${filterDescription}.`;
             return { llmContent: noMatchMsg, returnDisplay: `No matches found` };
           }
-          const allLines = rawOutput.split("\n").filter((line) => line.trim());
+          let allLines = rawOutput.split("\n").filter((line) => line.trim());
+          if (searchPaths.length > 1) {
+            const seen = /* @__PURE__ */ new Set();
+            allLines = allLines.filter((line) => {
+              const firstColon = line.indexOf(":");
+              if (firstColon !== -1) {
+                const secondColon = line.indexOf(":", firstColon + 1);
+                if (secondColon !== -1) {
+                  const key = line.substring(0, secondColon);
+                  if (seen.has(key))
+                    return false;
+                  seen.add(key);
+                }
+              }
+              return true;
+            });
+          }
           const totalMatches = allLines.length;
           const matchTerm = totalMatches === 1 ? "match" : "matches";
           const header = `Found ${totalMatches} ${matchTerm} for pattern "${this.params.pattern}" ${searchLocationDescription}${filterDescription}:
@@ -241448,8 +241496,9 @@ var init_write_file = __esm({
           "Proposed",
           DEFAULT_DIFF_OPTIONS
         );
+        const approvalMode = this.config.getApprovalMode();
         const ideClient = await IdeClient.getInstance();
-        const ideConfirmation = this.config.getIdeMode() && ideClient.isDiffingEnabled() ? ideClient.openDiff(this.params.file_path, this.params.content) : void 0;
+        const ideConfirmation = this.config.getIdeMode() && ideClient.isDiffingEnabled() && approvalMode !== ApprovalMode.AUTO_EDIT && approvalMode !== ApprovalMode.YOLO ? ideClient.openDiff(this.params.file_path, this.params.content) : void 0;
         const confirmationDetails = {
           type: "edit",
           title: `Confirm Write: ${shortenPath(relativePath)}`,
@@ -246286,6 +246335,8 @@ var init_permission_manager = __esm({
     init_esbuild_shims();
     init_rule_parser();
     init_shell_semantics();
+    init_shellAstParser();
+    init_shell_utils();
     DECISION_PRIORITY = {
       deny: 3,
       ask: 2,
@@ -246345,15 +246396,19 @@ var init_permission_manager = __esm({
        * @param ctx - The context containing the tool name and optional command.
        * @returns A PermissionDecision indicating how to handle this tool call.
        */
-      evaluate(ctx) {
-        const { command: command2 } = ctx;
+      async evaluate(ctx) {
+        const { command: command2, toolName } = ctx;
         if (command2 !== void 0) {
           const subCommands = splitCompoundCommand(command2);
           if (subCommands.length > 1) {
             return this.evaluateCompoundCommand(ctx, subCommands);
           }
         }
-        return this.evaluateSingle(ctx);
+        const decision = this.evaluateSingle(ctx);
+        if (decision === "default" && toolName === "run_shell_command" && command2 !== void 0) {
+          return this.resolveDefaultPermission(command2);
+        }
+        return decision;
       }
       /**
        * Evaluate a single (non-compound) context against all rules.
@@ -246445,18 +246500,23 @@ var init_permission_manager = __esm({
        * Evaluate a compound command by splitting it into sub-commands,
        * evaluating each independently, and returning the most restrictive result.
        *
-       * Restriction order: deny > ask > default > allow
+       * Restriction order: deny > ask > allow
        *
-       * Example: with rules `allow: [safe-cmd *, one-cmd *]`
-       *   - "safe-cmd && one-cmd"  → both allow  → allow
-       *   - "safe-cmd && two-cmd"  → allow + default → default
-       *   - "safe-cmd && evil-cmd" (deny: [evil-cmd]) → allow + deny → deny
+       * When a sub-command returns 'default' (no rule matches), it is resolved to
+       * the actual default permission using AST analysis:
+       *   - Command substitution detected → 'deny'
+       *   - Read-only command (cd, ls, git status, etc.) → 'allow'
+       *   - Otherwise → 'ask'
+       *
+       * Example: with rules `allow: [git checkout *]`
+       *   - "cd /path && git checkout -b feature" → allow (cd) + allow (rule) → allow
+       *   - "rm /path && git checkout -b feature" → ask (rm) + allow (rule) → ask
+       *   - "evil-cmd && git checkout" (deny: [evil-cmd]) → deny + allow → deny
        */
-      evaluateCompoundCommand(ctx, subCommands) {
+      async evaluateCompoundCommand(ctx, subCommands) {
         const PRIORITY = {
           deny: 3,
           ask: 2,
-          default: 1,
           allow: 0
         };
         let mostRestrictive = "allow";
@@ -246465,7 +246525,8 @@ var init_permission_manager = __esm({
             ...ctx,
             command: subCmd
           };
-          const decision = this.evaluateSingle(subCtx);
+          const rawDecision = this.evaluateSingle(subCtx);
+          const decision = rawDecision === "default" ? await this.resolveDefaultPermission(subCmd) : rawDecision;
           if (PRIORITY[decision] > PRIORITY[mostRestrictive]) {
             mostRestrictive = decision;
           }
@@ -246475,6 +246536,26 @@ var init_permission_manager = __esm({
         }
         return mostRestrictive;
       }
+      /**
+       * Resolve 'default' permission to actual permission using AST analysis.
+       * This mirrors the logic in ShellToolInvocation.getDefaultPermission().
+       *
+       * @param command - The shell command to analyze.
+       * @returns 'deny' for command substitution, 'allow' for read-only, 'ask' otherwise.
+       */
+      async resolveDefaultPermission(command2) {
+        if (detectCommandSubstitution(command2)) {
+          return "deny";
+        }
+        try {
+          const isReadOnly = await isShellCommandReadOnlyAST(command2);
+          if (isReadOnly) {
+            return "allow";
+          }
+        } catch {
+        }
+        return "ask";
+      }
       // ---------------------------------------------------------------------------
       // Registry-level helper
       // ---------------------------------------------------------------------------
@@ -246486,14 +246567,14 @@ var init_permission_manager = __esm({
        * `"Bash(rm -rf *)"` do NOT remove the tool from the registry – they only
        * deny specific invocations at runtime.
        */
-      isToolEnabled(toolName) {
+      async isToolEnabled(toolName) {
         const canonicalName = resolveToolName(toolName);
         if (this.coreToolsAllowList !== null && this.coreToolsAllowList.size > 0) {
           if (!this.coreToolsAllowList.has(canonicalName)) {
             return false;
           }
         }
-        const decision = this.evaluate({ toolName: canonicalName });
+        const decision = await this.evaluate({ toolName: canonicalName });
         return decision !== "deny";
       }
       /**
@@ -246535,7 +246616,7 @@ var init_permission_manager = __esm({
        * @param command - The shell command to evaluate.
        * @returns The PermissionDecision for this command.
        */
-      isCommandAllowed(command2) {
+      async isCommandAllowed(command2) {
         return this.evaluate({
           toolName: "run_shell_command",
           command: command2
@@ -246567,6 +246648,12 @@ var init_permission_manager = __esm({
        */
       hasRelevantRules(ctx) {
         const { toolName, command: command2, filePath, domain: domain2, specifier } = ctx;
+        if (ctx.toolName === "run_shell_command" && command2 !== void 0) {
+          const subCommands = splitCompoundCommand(command2);
+          if (subCommands.length > 1) {
+            return subCommands.some((subCmd) => this.hasRelevantRules({ ...ctx, command: subCmd }));
+          }
+        }
         const pathCtx = this.config.getProjectRoot && this.config.getCwd ? {
           projectRoot: this.config.getProjectRoot(),
           cwd: this.config.getCwd()
@@ -246608,6 +246695,56 @@ var init_permission_manager = __esm({
         }
         return false;
       }
+      /**
+       * Returns true when the invocation is matched by an explicit `ask` rule.
+       *
+       * This is intentionally narrower than `evaluate(ctx) === 'ask'`. Shell
+       * commands can resolve to `ask` simply because they are non-read-only and no
+       * explicit allow/deny rule matched. That fallback should still allow users to
+       * create new allow rules, so callers must only hide "Always allow" when a
+       * real ask rule matched.
+       */
+      hasMatchingAskRule(ctx) {
+        const { toolName, command: command2, filePath, domain: domain2, specifier } = ctx;
+        if (ctx.toolName === "run_shell_command" && command2 !== void 0) {
+          const subCommands = splitCompoundCommand(command2);
+          if (subCommands.length > 1) {
+            return subCommands.some((subCmd) => this.hasMatchingAskRule({ ...ctx, command: subCmd }));
+          }
+        }
+        const pathCtx = this.config.getProjectRoot && this.config.getCwd ? {
+          projectRoot: this.config.getProjectRoot(),
+          cwd: this.config.getCwd()
+        } : void 0;
+        const matchArgs = [
+          toolName,
+          command2,
+          filePath,
+          domain2,
+          pathCtx,
+          specifier
+        ];
+        const askRules = [...this.sessionRules.ask, ...this.persistentRules.ask];
+        if (askRules.some((rule) => matchesRule(rule, ...matchArgs))) {
+          return true;
+        }
+        if (ctx.toolName === "run_shell_command" && ctx.command !== void 0) {
+          const cwd6 = pathCtx?.cwd ?? process.cwd();
+          const ops = extractShellOperations(ctx.command, cwd6);
+          return ops.some((op) => {
+            const opMatchArgs = [
+              op.virtualTool,
+              void 0,
+              op.filePath,
+              op.domain,
+              pathCtx,
+              void 0
+            ];
+            return askRules.some((rule) => matchesRule(rule, ...opMatchArgs));
+          });
+        }
+        return false;
+      }
       // ---------------------------------------------------------------------------
       // Session rule management
       // ---------------------------------------------------------------------------
@@ -270588,14 +270725,14 @@ var init_config3 = __esm({
       }
       async createToolRegistry(sendSdkMcpMessage, options2) {
         const registry2 = new ToolRegistry(this, this.eventEmitter, sendSdkMcpMessage);
-        const registerCoreTool = /* @__PURE__ */ __name((ToolClass, ...args2) => {
+        const registerCoreTool = /* @__PURE__ */ __name(async (ToolClass, ...args2) => {
           const toolName = ToolClass?.Name;
           const className = ToolClass?.name ?? "UnknownTool";
           if (!toolName) {
             this.debugLogger.warn(`Skipping tool registration: ${className} is missing static Name property. Tools must define a static Name property to be registered.`);
             return;
           }
-          const pmEnabled = this.permissionManager ? this.permissionManager.isToolEnabled(toolName) : true;
+          const pmEnabled = this.permissionManager ? await this.permissionManager.isToolEnabled(toolName) : true;
           if (pmEnabled) {
             try {
               registry2.registerTool(new ToolClass(...args2));
@@ -270605,10 +270742,10 @@ var init_config3 = __esm({
             }
           }
         }, "registerCoreTool");
-        registerCoreTool(AgentTool, this);
-        registerCoreTool(SkillTool, this);
-        registerCoreTool(LSTool, this);
-        registerCoreTool(ReadFileTool, this);
+        await registerCoreTool(AgentTool, this);
+        await registerCoreTool(SkillTool, this);
+        await registerCoreTool(LSTool, this);
+        await registerCoreTool(ReadFileTool, this);
         if (this.getUseRipgrep()) {
           let useRipgrep = false;
           let errorString = void 0;
@@ -270618,28 +270755,28 @@ var init_config3 = __esm({
             errorString = getErrorMessage(error40);
           }
           if (useRipgrep) {
-            registerCoreTool(RipGrepTool, this);
+            await registerCoreTool(RipGrepTool, this);
           } else {
             logRipgrepFallback(this, new RipgrepFallbackEvent(this.getUseRipgrep(), this.getUseBuiltinRipgrep(), errorString || "ripgrep is not available"));
-            registerCoreTool(GrepTool, this);
+            await registerCoreTool(GrepTool, this);
           }
         } else {
-          registerCoreTool(GrepTool, this);
+          await registerCoreTool(GrepTool, this);
         }
-        registerCoreTool(GlobTool, this);
-        registerCoreTool(EditTool, this);
-        registerCoreTool(WriteFileTool, this);
-        registerCoreTool(ShellTool, this);
-        registerCoreTool(MemoryTool);
-        registerCoreTool(TodoWriteTool, this);
-        registerCoreTool(AskUserQuestionTool, this);
-        !this.sdkMode && registerCoreTool(ExitPlanModeTool, this);
-        registerCoreTool(WebFetchTool, this);
+        await registerCoreTool(GlobTool, this);
+        await registerCoreTool(EditTool, this);
+        await registerCoreTool(WriteFileTool, this);
+        await registerCoreTool(ShellTool, this);
+        await registerCoreTool(MemoryTool);
+        await registerCoreTool(TodoWriteTool, this);
+        await registerCoreTool(AskUserQuestionTool, this);
+        !this.sdkMode && await registerCoreTool(ExitPlanModeTool, this);
+        await registerCoreTool(WebFetchTool, this);
         if (this.getWebSearchConfig()) {
-          registerCoreTool(WebSearchTool, this);
+          await registerCoreTool(WebSearchTool, this);
         }
         if (this.isLspEnabled() && this.getLspClient()) {
-          registerCoreTool(LspTool, this);
+          await registerCoreTool(LspTool, this);
         }
         if (!options2?.skipDiscovery) {
           await registry2.discoverAllTools();
@@ -280688,6 +280825,7 @@ var init_src2 = __esm({
     init_client2();
     init_contentGenerator();
     init_coreToolScheduler();
+    init_permission_helpers();
     init_geminiChat();
     init_geminiRequest();
     init_logger();
@@ -281080,6 +281218,7 @@ __export(dist_exports, {
   applyReplacement: () => applyReplacement,
   buildApiHistoryFromConversation: () => buildApiHistoryFromConversation,
   buildHumanReadableRuleLabel: () => buildHumanReadableRuleLabel,
+  buildPermissionCheckContext: () => buildPermissionCheckContext,
   buildPermissionRules: () => buildPermissionRules,
   buildSkillLlmContent: () => buildSkillLlmContent,
   canUseRipgrep: () => canUseRipgrep,
@@ -281129,6 +281268,7 @@ __export(dist_exports, {
   envLayer: () => envLayer,
   escapePath: () => escapePath,
   escapeShellArg: () => escapeShellArg,
+  evaluatePermissionRules: () => evaluatePermissionRules,
   execCommand: () => execCommand,
   executeToolCall: () => executeToolCall,
   exists: () => exists,
@@ -281140,6 +281280,7 @@ __export(dist_exports, {
   findGitRoot: () => findGitRoot,
   findReleaseAsset: () => findReleaseAsset,
   fireNotificationHook: () => fireNotificationHook,
+  firePermissionRequestHook: () => firePermissionRequestHook,
   flatMapTextParts: () => flatMapTextParts,
   formatMemoryUsage: () => formatMemoryUsage,
   generateCodeChallenge: () => generateCodeChallenge,
@@ -281207,6 +281348,7 @@ __export(dist_exports, {
   hydrateString: () => hydrateString,
   ideContextStore: () => ideContextStore,
   initializeTelemetry: () => initializeTelemetry,
+  injectPermissionRulesIfMissing: () => injectPermissionRulesIfMissing,
   invokeMcpPrompt: () => invokeMcpPrompt,
   isAbortError: () => isAbortError,
   isApiError: () => isApiError,
@@ -281311,6 +281453,7 @@ __export(dist_exports, {
   partListUnionToString: () => partListUnionToString,
   partToString: () => partToString,
   performVariableReplacement: () => performVariableReplacement,
+  persistPermissionOutcome: () => persistPermissionOutcome,
   populateMcpServerCommand: () => populateMcpServerCommand,
   processSingleFileContent: () => processSingleFileContent,
   promptForSetting: () => promptForSetting,
@@ -406701,7 +406844,7 @@ __name(getPackageJson, "getPackageJson");
 // packages/cli/src/utils/version.ts
 async function getCliVersion() {
   const pkgJson = await getPackageJson();
-  return "0.13.1-preview.0";
+  return "0.13.1";
 }
 __name(getCliVersion, "getCliVersion");
 
@@ -411064,7 +411207,7 @@ function isDebugMode(argv) {
   );
 }
 __name(isDebugMode, "isDebugMode");
-async function loadCliConfig(settings, argv, cwd6 = process.cwd(), overrideExtensions, loadedSettings) {
+async function loadCliConfig(settings, argv, cwd6 = process.cwd(), overrideExtensions) {
   const debugMode = isDebugMode(argv);
   Storage.setRuntimeBaseDir(settings.advanced?.runtimeOutputDir, cwd6);
   const ideMode = settings.ide?.enabled ?? false;
@@ -411283,14 +411426,15 @@ async function loadCliConfig(settings, argv, cwd6 = process.cwd(), overrideExten
       deny: mergedDeny.length > 0 ? mergedDeny : void 0
     },
     // Permission rule persistence callback (writes to settings files).
-    onPersistPermissionRule: loadedSettings ? async (scope, ruleType, rule) => {
+    onPersistPermissionRule: /* @__PURE__ */ __name(async (scope, ruleType, rule) => {
+      const currentSettings = loadSettings(cwd6);
       const settingScope = scope === "project" ? "Workspace" /* Workspace */ : "User" /* User */;
       const key = `permissions.${ruleType}`;
-      const currentRules = loadedSettings.forScope(settingScope).settings.permissions?.[ruleType] ?? [];
+      const currentRules = currentSettings.forScope(settingScope).settings.permissions?.[ruleType] ?? [];
       if (!currentRules.includes(rule)) {
-        loadedSettings.setValue(settingScope, key, [...currentRules, rule]);
+        currentSettings.setValue(settingScope, key, [...currentRules, rule]);
       }
-    } : void 0,
+    }, "onPersistPermissionRule"),
     toolDiscoveryCommand: settings.tools?.discoveryCommand,
     toolCallCommand: settings.tools?.callCommand,
     mcpServerCommand: settings.mcp?.serverCommand,
@@ -414324,7 +414468,7 @@ var formatDuration = /* @__PURE__ */ __name((milliseconds) => {
 
 // packages/cli/src/generated/git-commit.ts
 init_esbuild_shims();
-var GIT_COMMIT_INFO = "9246216a8";
+var GIT_COMMIT_INFO = "cb271b3c9";
 
 // packages/cli/src/utils/systemInfo.ts
 async function getNpmVersion() {
@@ -422129,9 +422273,9 @@ var ShellProcessor = class {
     for (const injection of resolvedInjections) {
       const command2 = injection.resolvedCommand;
       if (!command2) continue;
-      const { allAllowed, disallowedCommands, blockReason, isHardDenial } = checkCommandPermissions(command2, config2, sessionShellAllowlist);
+      const { allAllowed, disallowedCommands, blockReason, isHardDenial } = await checkCommandPermissions(command2, config2, sessionShellAllowlist);
       const pm = config2.getPermissionManager?.();
-      const isAllowedBySettings = pm ? pm.isCommandAllowed(command2) === "allow" : false;
+      const isAllowedBySettings = pm ? await pm.isCommandAllowed(command2) === "allow" : false;
       if (!allAllowed) {
         if (isHardDenial) {
           throw new Error(
@@ -448679,6 +448823,7 @@ var ToolConfirmationMessage = /* @__PURE__ */ __name(({
     };
   }, [config2]);
   const handleConfirm = /* @__PURE__ */ __name(async (outcome) => {
+    onConfirm(outcome);
     if (confirmationDetails.type === "edit") {
       if (config2.getIdeMode() && isDiffingEnabled) {
         const cliOutcome = outcome === ToolConfirmationOutcome.Cancel ? "rejected" : "accepted";
@@ -448688,7 +448833,6 @@ var ToolConfirmationMessage = /* @__PURE__ */ __name(({
         );
       }
     }
-    onConfirm(outcome);
   }, "handleConfirm");
   const isTrustedFolder = config2.isTrustedFolder();
   useKeypress(
@@ -454454,6 +454598,18 @@ __name(ApiKeyInput, "ApiKeyInput");
 init_esbuild_shims();
 var import_react84 = __toESM(require_react(), 1);
 init_dist4();
+
+// packages/cli/src/constants/alibabaStandardApiKey.ts
+init_esbuild_shims();
+var DASHSCOPE_STANDARD_API_KEY_ENV_KEY = "DASHSCOPE_API_KEY";
+var ALIBABA_STANDARD_API_KEY_ENDPOINTS = {
+  "cn-beijing": "https://dashscope.aliyuncs.com/compatible-mode/v1",
+  "sg-singapore": "https://dashscope-intl.aliyuncs.com/compatible-mode/v1",
+  "us-virginia": "https://dashscope-us.aliyuncs.com/compatible-mode/v1",
+  "cn-hongkong": "https://cn-hongkong.dashscope.aliyuncs.com/compatible-mode/v1"
+};
+
+// packages/cli/src/ui/contexts/UIActionsContext.tsx
 var UIActionsContext = (0, import_react84.createContext)(null);
 var useUIActions = /* @__PURE__ */ __name(() => {
   const context2 = (0, import_react84.useContext)(UIActionsContext);
@@ -454473,11 +454629,19 @@ function parseDefaultAuthType(defaultAuthType) {
   return null;
 }
 __name(parseDefaultAuthType, "parseDefaultAuthType");
+var ALIBABA_STANDARD_MODEL_IDS_PLACEHOLDER = "qwen3.5-plus,glm-5,kimi-k2.5";
+var ALIBABA_STANDARD_API_DOCUMENTATION_URLS = {
+  "cn-beijing": "https://bailian.console.aliyun.com/cn-beijing?tab=api#/api",
+  "sg-singapore": "https://modelstudio.console.alibabacloud.com/ap-southeast-1?tab=api#/api/?type=model&url=2712195",
+  "us-virginia": "https://modelstudio.console.alibabacloud.com/us-east-1?tab=api#/api/?type=model&url=2712195",
+  "cn-hongkong": "https://modelstudio.console.alibabacloud.com/cn-hongkong?tab=api#/api/?type=model&url=2712195"
+};
 function AuthDialog() {
   const { pendingAuthType, authError } = useUIState();
   const {
     handleAuthSelect: onAuthSelect,
     handleCodingPlanSubmit,
+    handleAlibabaStandardSubmit,
     onAuthError
   } = useUIActions();
   const config2 = useConfig();
@@ -454487,6 +454651,13 @@ function AuthDialog() {
   const [region, setRegion] = (0, import_react85.useState)(
     "china" /* CHINA */
   );
+  const [alibabaStandardRegionIndex, setAlibabaStandardRegionIndex] = (0, import_react85.useState)(0);
+  const [apiKeyTypeIndex, setApiKeyTypeIndex] = (0, import_react85.useState)(0);
+  const [alibabaStandardRegion, setAlibabaStandardRegion] = (0, import_react85.useState)("cn-beijing");
+  const [alibabaStandardApiKey, setAlibabaStandardApiKey] = (0, import_react85.useState)("");
+  const [alibabaStandardApiKeyError, setAlibabaStandardApiKeyError] = (0, import_react85.useState)(null);
+  const [alibabaStandardModelId, setAlibabaStandardModelId] = (0, import_react85.useState)("");
+  const [alibabaStandardModelIdError, setAlibabaStandardModelIdError] = (0, import_react85.useState)(null);
   const mainItems = [
     {
       key: AuthType2.QWEN_OAUTH,
@@ -454544,6 +454715,66 @@ function AuthDialog() {
       value: "global" /* GLOBAL */
     }
   ];
+  const alibabaStandardRegionItems = [
+    {
+      key: "cn-beijing",
+      title: t4("China (Beijing)"),
+      label: t4("China (Beijing)"),
+      description: /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Text3, { color: theme.text.secondary, children: [
+        "Endpoint: ",
+        ALIBABA_STANDARD_API_KEY_ENDPOINTS["cn-beijing"]
+      ] }),
+      value: "cn-beijing"
+    },
+    {
+      key: "sg-singapore",
+      title: t4("Singapore"),
+      label: t4("Singapore"),
+      description: /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Text3, { color: theme.text.secondary, children: [
+        "Endpoint: ",
+        ALIBABA_STANDARD_API_KEY_ENDPOINTS["sg-singapore"]
+      ] }),
+      value: "sg-singapore"
+    },
+    {
+      key: "us-virginia",
+      title: t4("US (Virginia)"),
+      label: t4("US (Virginia)"),
+      description: /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Text3, { color: theme.text.secondary, children: [
+        "Endpoint: ",
+        ALIBABA_STANDARD_API_KEY_ENDPOINTS["us-virginia"]
+      ] }),
+      value: "us-virginia"
+    },
+    {
+      key: "cn-hongkong",
+      title: t4("China (Hong Kong)"),
+      label: t4("China (Hong Kong)"),
+      description: /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Text3, { color: theme.text.secondary, children: [
+        "Endpoint: ",
+        ALIBABA_STANDARD_API_KEY_ENDPOINTS["cn-hongkong"]
+      ] }),
+      value: "cn-hongkong"
+    }
+  ];
+  const apiKeyTypeItems = [
+    {
+      key: "ALIBABA_STANDARD_API_KEY",
+      title: t4("Alibaba Cloud ModelStudio Standard API Key"),
+      label: t4("Alibaba Cloud ModelStudio Standard API Key"),
+      description: t4("Quick setup for Model Studio (China/International)"),
+      value: "ALIBABA_STANDARD_API_KEY"
+    },
+    {
+      key: "CUSTOM_API_KEY",
+      title: t4("Custom API Key"),
+      label: t4("Custom API Key"),
+      description: t4(
+        "For other OpenAI / Anthropic / Gemini-compatible providers"
+      ),
+      value: "CUSTOM_API_KEY"
+    }
+  ];
   const contentGenConfig = config2.getContentGeneratorConfig();
   const isCurrentlyCodingPlan = isCodingPlanConfig(
     contentGenConfig?.baseUrl,
@@ -454551,8 +454782,9 @@ function AuthDialog() {
   ) !== false;
   const authTypeToMainOption = /* @__PURE__ */ __name((authType) => {
     if (authType === AuthType2.QWEN_OAUTH) return AuthType2.QWEN_OAUTH;
-    if (authType === AuthType2.USE_OPENAI && isCurrentlyCodingPlan)
+    if (authType === AuthType2.USE_OPENAI && isCurrentlyCodingPlan) {
       return "CODING_PLAN";
+    }
     return "API_KEY";
   }, "authTypeToMainOption");
   const initialAuthIndex = Math.max(
@@ -454582,17 +454814,36 @@ function AuthDialog() {
       return;
     }
     if (value === "API_KEY") {
-      setViewLevel("custom-info");
+      setViewLevel("api-key-type-select");
       return;
     }
     await onAuthSelect(value);
   }, "handleMainSelect");
+  const handleApiKeyTypeSelect = /* @__PURE__ */ __name(async (value) => {
+    setErrorMessage(null);
+    onAuthError(null);
+    if (value === "ALIBABA_STANDARD_API_KEY") {
+      setAlibabaStandardModelIdError(null);
+      setAlibabaStandardApiKeyError(null);
+      setViewLevel("alibaba-standard-region-select");
+      return;
+    }
+    setViewLevel("custom-info");
+  }, "handleApiKeyTypeSelect");
   const handleRegionSelect = /* @__PURE__ */ __name(async (selectedRegion) => {
     setErrorMessage(null);
     onAuthError(null);
     setRegion(selectedRegion);
     setViewLevel("api-key-input");
   }, "handleRegionSelect");
+  const handleAlibabaStandardRegionSelect = /* @__PURE__ */ __name(async (selectedRegion) => {
+    setErrorMessage(null);
+    onAuthError(null);
+    setAlibabaStandardApiKeyError(null);
+    setAlibabaStandardModelIdError(null);
+    setAlibabaStandardRegion(selectedRegion);
+    setViewLevel("alibaba-standard-api-key-input");
+  }, "handleAlibabaStandardRegionSelect");
   const handleApiKeyInputSubmit = /* @__PURE__ */ __name(async (apiKey) => {
     setErrorMessage(null);
     if (!apiKey.trim()) {
@@ -454601,13 +454852,54 @@ function AuthDialog() {
     }
     await handleCodingPlanSubmit(apiKey, region);
   }, "handleApiKeyInputSubmit");
+  const handleAlibabaStandardApiKeySubmit = /* @__PURE__ */ __name(() => {
+    const trimmedKey = alibabaStandardApiKey.trim();
+    if (!trimmedKey) {
+      setAlibabaStandardApiKeyError(t4("API key cannot be empty."));
+      return;
+    }
+    setAlibabaStandardApiKeyError(null);
+    if (!alibabaStandardModelId.trim()) {
+      setAlibabaStandardModelId(ALIBABA_STANDARD_MODEL_IDS_PLACEHOLDER);
+    }
+    setViewLevel("alibaba-standard-model-id-input");
+  }, "handleAlibabaStandardApiKeySubmit");
+  const handleAlibabaStandardModelSubmit = /* @__PURE__ */ __name(() => {
+    const trimmedApiKey = alibabaStandardApiKey.trim();
+    const trimmedModelIds = alibabaStandardModelId.trim();
+    if (!trimmedApiKey) {
+      setAlibabaStandardApiKeyError(t4("API key cannot be empty."));
+      setViewLevel("alibaba-standard-api-key-input");
+      return;
+    }
+    if (!trimmedModelIds) {
+      setAlibabaStandardModelIdError(t4("Model IDs cannot be empty."));
+      return;
+    }
+    setAlibabaStandardModelIdError(null);
+    void handleAlibabaStandardSubmit(
+      trimmedApiKey,
+      alibabaStandardRegion,
+      trimmedModelIds
+    );
+  }, "handleAlibabaStandardModelSubmit");
   const handleGoBack = /* @__PURE__ */ __name(() => {
     setErrorMessage(null);
     onAuthError(null);
-    if (viewLevel === "region-select" || viewLevel === "custom-info") {
+    if (viewLevel === "region-select") {
       setViewLevel("main");
     } else if (viewLevel === "api-key-input") {
       setViewLevel("region-select");
+    } else if (viewLevel === "api-key-type-select") {
+      setViewLevel("main");
+    } else if (viewLevel === "custom-info") {
+      setViewLevel("api-key-type-select");
+    } else if (viewLevel === "alibaba-standard-region-select") {
+      setViewLevel("api-key-type-select");
+    } else if (viewLevel === "alibaba-standard-api-key-input") {
+      setViewLevel("alibaba-standard-region-select");
+    } else if (viewLevel === "alibaba-standard-model-id-input") {
+      setViewLevel("alibaba-standard-api-key-input");
     }
   }, "handleGoBack");
   useKeypress(
@@ -454621,6 +454913,10 @@ function AuthDialog() {
           handleGoBack();
           return;
         }
+        if (viewLevel === "api-key-type-select" || viewLevel === "alibaba-standard-region-select" || viewLevel === "alibaba-standard-api-key-input" || viewLevel === "alibaba-standard-model-id-input") {
+          handleGoBack();
+          return;
+        }
         if (errorMessage) {
           return;
         }
@@ -454671,6 +454967,97 @@ function AuthDialog() {
       region
     }
   ) }), "renderApiKeyInputView");
+  const renderApiKeyTypeSelectView = /* @__PURE__ */ __name(() => /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(import_jsx_runtime79.Fragment, { children: [
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(
+      DescriptiveRadioButtonSelect,
+      {
+        items: apiKeyTypeItems,
+        initialIndex: apiKeyTypeIndex,
+        onSelect: handleApiKeyTypeSelect,
+        onHighlight: (value) => {
+          const index = apiKeyTypeItems.findIndex(
+            (item) => item.value === value
+          );
+          setApiKeyTypeIndex(index);
+        },
+        itemGap: 1
+      }
+    ) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme?.text?.secondary, children: t4("Enter to select, \u2191\u2193 to navigate, Esc to go back") }) })
+  ] }), "renderApiKeyTypeSelectView");
+  const renderAlibabaStandardRegionSelectView = /* @__PURE__ */ __name(() => /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(import_jsx_runtime79.Fragment, { children: [
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(
+      DescriptiveRadioButtonSelect,
+      {
+        items: alibabaStandardRegionItems,
+        initialIndex: alibabaStandardRegionIndex,
+        onSelect: handleAlibabaStandardRegionSelect,
+        onHighlight: (value) => {
+          const index = alibabaStandardRegionItems.findIndex(
+            (item) => item.value === value
+          );
+          setAlibabaStandardRegionIndex(index);
+        },
+        itemGap: 1
+      }
+    ) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme?.text?.secondary, children: t4("Enter to select, \u2191\u2193 to navigate, Esc to go back") }) })
+  ] }), "renderAlibabaStandardRegionSelectView");
+  const renderAlibabaStandardApiKeyInputView = /* @__PURE__ */ __name(() => /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Box_default, { marginTop: 1, flexDirection: "column", children: [
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Text3, { color: theme.text.secondary, children: [
+      "Endpoint: ",
+      ALIBABA_STANDARD_API_KEY_ENDPOINTS[alibabaStandardRegion]
+    ] }) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Text3, { color: theme.text.secondary, children: [
+      t4("Documentation"),
+      ":"
+    ] }) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 0, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(
+      dist_default6,
+      {
+        url: ALIBABA_STANDARD_API_DOCUMENTATION_URLS[alibabaStandardRegion],
+        fallback: false,
+        children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.text.link, children: ALIBABA_STANDARD_API_DOCUMENTATION_URLS[alibabaStandardRegion] })
+      }
+    ) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(
+      TextInput,
+      {
+        value: alibabaStandardApiKey,
+        onChange: (value) => {
+          setAlibabaStandardApiKey(value);
+          if (alibabaStandardApiKeyError) {
+            setAlibabaStandardApiKeyError(null);
+          }
+        },
+        onSubmit: handleAlibabaStandardApiKeySubmit,
+        placeholder: "sk-..."
+      }
+    ) }),
+    alibabaStandardApiKeyError && /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.status.error, children: alibabaStandardApiKeyError }) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.text.secondary, children: t4("Enter to submit, Esc to go back") }) })
+  ] }), "renderAlibabaStandardApiKeyInputView");
+  const renderAlibabaStandardModelIdInputView = /* @__PURE__ */ __name(() => /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(Box_default, { marginTop: 1, flexDirection: "column", children: [
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.text.secondary, children: t4(
+      "You can enter multiple model IDs, separated by commas. Examples: qwen3.5-plus,glm-5,kimi-k2.5"
+    ) }) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(
+      TextInput,
+      {
+        value: alibabaStandardModelId,
+        onChange: (value) => {
+          setAlibabaStandardModelId(value);
+          if (alibabaStandardModelIdError) {
+            setAlibabaStandardModelIdError(null);
+          }
+        },
+        onSubmit: handleAlibabaStandardModelSubmit,
+        placeholder: ALIBABA_STANDARD_MODEL_IDS_PLACEHOLDER
+      }
+    ) }),
+    alibabaStandardModelIdError && /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.status.error, children: alibabaStandardModelIdError }) }),
+    /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.text.secondary, children: t4("Enter to submit, Esc to go back") }) })
+  ] }), "renderAlibabaStandardModelIdInputView");
   const renderCustomInfoView = /* @__PURE__ */ __name(() => /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(import_jsx_runtime79.Fragment, { children: [
     /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.text.primary, children: t4("You can configure your API key and models in settings.json") }) }),
     /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { children: t4("Refer to the documentation for setup instructions") }) }),
@@ -454685,8 +455072,18 @@ function AuthDialog() {
         return t4("Select Region for Coding Plan");
       case "api-key-input":
         return t4("Enter Coding Plan API Key");
+      case "api-key-type-select":
+        return t4("Select API Key Type");
       case "custom-info":
         return t4("Custom Configuration");
+      case "alibaba-standard-region-select":
+        return t4(
+          "Select Region for Alibaba Cloud ModelStudio Standard API Key"
+        );
+      case "alibaba-standard-api-key-input":
+        return t4("Enter Alibaba Cloud ModelStudio Standard API Key");
+      case "alibaba-standard-model-id-input":
+        return t4("Enter Model IDs");
       default:
         return t4("Select Authentication Method");
     }
@@ -454704,6 +455101,10 @@ function AuthDialog() {
         viewLevel === "main" && renderMainView(),
         viewLevel === "region-select" && renderRegionSelectView(),
         viewLevel === "api-key-input" && renderApiKeyInputView(),
+        viewLevel === "api-key-type-select" && renderApiKeyTypeSelectView(),
+        viewLevel === "alibaba-standard-region-select" && renderAlibabaStandardRegionSelectView(),
+        viewLevel === "alibaba-standard-api-key-input" && renderAlibabaStandardApiKeyInputView(),
+        viewLevel === "alibaba-standard-model-id-input" && renderAlibabaStandardModelIdInputView(),
         viewLevel === "custom-info" && renderCustomInfoView(),
         (authError || errorMessage) && /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Box_default, { marginTop: 1, children: /* @__PURE__ */ (0, import_jsx_runtime79.jsx)(Text3, { color: theme.status.error, children: authError || errorMessage }) }),
         viewLevel === "main" && /* @__PURE__ */ (0, import_jsx_runtime79.jsxs)(import_jsx_runtime79.Fragment, { children: [
@@ -461698,14 +462099,6 @@ function useCommandCompletion(buffer, dirs, cwd6, slashCommands, commandContext,
   const cursorCol = buffer.cursor[1];
   const { completionMode, query, completionStart, completionEnd } = (0, import_react114.useMemo)(() => {
     const currentLine = buffer.lines[cursorRow] || "";
-    if (cursorRow === 0 && isSlashCommand(currentLine.trim())) {
-      return {
-        completionMode: "SLASH" /* SLASH */,
-        query: currentLine,
-        completionStart: 0,
-        completionEnd: currentLine.length
-      };
-    }
     const codePoints = toCodePoints(currentLine);
     for (let i4 = cursorCol - 1; i4 >= 0; i4--) {
       const char = codePoints[i4];
@@ -461741,6 +462134,14 @@ function useCommandCompletion(buffer, dirs, cwd6, slashCommands, commandContext,
         };
       }
     }
+    if (cursorRow === 0 && isSlashCommand(currentLine.trim())) {
+      return {
+        completionMode: "SLASH" /* SLASH */,
+        query: currentLine,
+        completionStart: 0,
+        completionEnd: currentLine.length
+      };
+    }
     return {
       completionMode: "IDLE" /* IDLE */,
       query: null,
@@ -465302,6 +465703,98 @@ var useAuthCommand = /* @__PURE__ */ __name((settings, config2, addItem, onAuthC
     },
     [settings, config2, handleAuthFailure, addItem, onAuthChange]
   );
+  const handleAlibabaStandardSubmit = (0, import_react132.useCallback)(
+    async (apiKey, region, modelIdsInput) => {
+      try {
+        setIsAuthenticating(true);
+        setAuthError(null);
+        const trimmedApiKey = apiKey.trim();
+        const modelIds = modelIdsInput.split(",").map((id) => id.trim()).filter(
+          (id, index, array2) => id.length > 0 && array2.indexOf(id) === index
+        );
+        if (!trimmedApiKey) {
+          throw new Error(t4("API key cannot be empty."));
+        }
+        if (modelIds.length === 0) {
+          throw new Error(t4("Model IDs cannot be empty."));
+        }
+        const baseUrl = ALIBABA_STANDARD_API_KEY_ENDPOINTS[region];
+        const persistScope = getPersistScopeForModelSelection(settings);
+        const settingsFile = settings.forScope(persistScope);
+        backupSettingsFile(settingsFile.path);
+        settings.setValue(
+          persistScope,
+          `env.${DASHSCOPE_STANDARD_API_KEY_ENV_KEY}`,
+          trimmedApiKey
+        );
+        process.env[DASHSCOPE_STANDARD_API_KEY_ENV_KEY] = trimmedApiKey;
+        const newConfigs = modelIds.map((modelId) => ({
+          id: modelId,
+          name: `[ModelStudio Standard] ${modelId}`,
+          baseUrl,
+          envKey: DASHSCOPE_STANDARD_API_KEY_ENV_KEY
+        }));
+        const existingConfigs = settings.merged.modelProviders?.[AuthType2.USE_OPENAI] || [];
+        const nonAlibabaStandardConfigs = existingConfigs.filter(
+          (existing) => !(existing.envKey === DASHSCOPE_STANDARD_API_KEY_ENV_KEY && typeof existing.baseUrl === "string" && Object.values(ALIBABA_STANDARD_API_KEY_ENDPOINTS).includes(
+            existing.baseUrl
+          ))
+        );
+        const updatedConfigs = [...newConfigs, ...nonAlibabaStandardConfigs];
+        settings.setValue(
+          persistScope,
+          `modelProviders.${AuthType2.USE_OPENAI}`,
+          updatedConfigs
+        );
+        settings.setValue(
+          persistScope,
+          "security.auth.selectedType",
+          AuthType2.USE_OPENAI
+        );
+        settings.setValue(persistScope, "model.name", modelIds[0]);
+        const updatedModelProviders = {
+          ...settings.merged.modelProviders,
+          [AuthType2.USE_OPENAI]: updatedConfigs
+        };
+        config2.reloadModelProvidersConfig(updatedModelProviders);
+        await config2.refreshAuth(AuthType2.USE_OPENAI);
+        setAuthError(null);
+        setAuthState("authenticated" /* Authenticated */);
+        setPendingAuthType(void 0);
+        setIsAuthDialogOpen(false);
+        setIsAuthenticating(false);
+        onAuthChange?.();
+        addItem(
+          {
+            type: "info" /* INFO */,
+            text: t4(
+              "Alibaba Cloud ModelStudio Standard API Key successfully entered. Settings updated with env.DASHSCOPE_API_KEY and {{modelCount}} model(s).",
+              { modelCount: String(modelIds.length) }
+            )
+          },
+          Date.now()
+        );
+        addItem(
+          {
+            type: "info" /* INFO */,
+            text: t4(
+              "You can use /model to see new ModelStudio Standard models and switch between them."
+            )
+          },
+          Date.now()
+        );
+        const authEvent = new AuthEvent(
+          AuthType2.USE_OPENAI,
+          "manual",
+          "success"
+        );
+        logAuth(config2, authEvent);
+      } catch (error40) {
+        handleAuthFailure(error40);
+      }
+    },
+    [settings, config2, handleAuthFailure, addItem, onAuthChange]
+  );
   (0, import_react132.useEffect)(() => {
     const defaultAuthType = process.env["QWEN_DEFAULT_AUTH_TYPE"];
     if (defaultAuthType && ![
@@ -465339,6 +465832,7 @@ var useAuthCommand = /* @__PURE__ */ __name((settings, config2, addItem, onAuthC
     qwenAuthState,
     handleAuthSelect,
     handleCodingPlanSubmit,
+    handleAlibabaStandardSubmit,
     openAuthDialog,
     cancelAuthentication
   };
@@ -473415,6 +473909,7 @@ var AppContainer = /* @__PURE__ */ __name((props) => {
     qwenAuthState,
     handleAuthSelect,
     handleCodingPlanSubmit,
+    handleAlibabaStandardSubmit,
     openAuthDialog,
     cancelAuthentication
   } = useAuthCommand(settings, config2, historyManager.addItem, refreshStatic);
@@ -474384,6 +474879,7 @@ ${migrationResult.failedFiles.map((f5) => `  \u2022 ${f5.file}: ${f5.error}`).jo
       onAuthError,
       cancelAuthentication,
       handleCodingPlanSubmit,
+      handleAlibabaStandardSubmit,
       handleEditorSelect,
       exitEditorDialog,
       closeSettingsDialog,
@@ -474441,6 +474937,7 @@ ${migrationResult.failedFiles.map((f5) => `  \u2022 ${f5.file}: ${f5.error}`).jo
       onAuthError,
       cancelAuthentication,
       handleCodingPlanSubmit,
+      handleAlibabaStandardSubmit,
       handleEditorSelect,
       exitEditorDialog,
       closeSettingsDialog,
@@ -477190,7 +477687,10 @@ __name(parseAcpModelOption, "parseAcpModelOption");
 init_esbuild_shims();
 init_dist4();
 init_zod();
-var debugLogger146 = createDebugLogger("ACP_SUBAGENT_TRACKER");
+
+// packages/cli/src/acp-integration/session/permissionUtils.ts
+init_esbuild_shims();
+init_dist4();
 var basicPermissionOptions = [
   {
     optionId: ToolConfirmationOutcome.ProceedOnce,
@@ -477203,6 +477703,165 @@ var basicPermissionOptions = [
     kind: "reject_once"
   }
 ];
+function supportsHideAlwaysAllow(confirmation) {
+  return confirmation.type !== "ask_user_question";
+}
+__name(supportsHideAlwaysAllow, "supportsHideAlwaysAllow");
+function filterAlwaysAllowOptions(confirmation, options2, forceHideAlwaysAllow = false) {
+  const hideAlwaysAllow = forceHideAlwaysAllow || supportsHideAlwaysAllow(confirmation) && confirmation.hideAlwaysAllow === true;
+  return hideAlwaysAllow ? options2.filter((option2) => option2.kind !== "allow_always") : options2;
+}
+__name(filterAlwaysAllowOptions, "filterAlwaysAllowOptions");
+function formatExecPermissionScopeLabel(confirmation) {
+  const permissionRules = confirmation.permissionRules ?? [];
+  const bashRules = permissionRules.map((rule) => {
+    const match2 = /^Bash\((.*)\)$/.exec(rule.trim());
+    return match2?.[1]?.trim() || void 0;
+  }).filter((rule) => Boolean(rule));
+  const uniqueRules = [...new Set(bashRules)];
+  if (uniqueRules.length === 1) {
+    return uniqueRules[0];
+  }
+  if (uniqueRules.length > 1) {
+    return uniqueRules.join(", ");
+  }
+  return confirmation.rootCommand;
+}
+__name(formatExecPermissionScopeLabel, "formatExecPermissionScopeLabel");
+function buildPermissionRequestContent(confirmation) {
+  const content = [];
+  if (confirmation.type === "edit") {
+    content.push({
+      type: "diff",
+      path: confirmation.filePath ?? confirmation.fileName,
+      oldText: confirmation.originalContent ?? "",
+      newText: confirmation.newContent
+    });
+  }
+  if (confirmation.type === "plan") {
+    content.push({
+      type: "content",
+      content: {
+        type: "text",
+        text: confirmation.plan
+      }
+    });
+  }
+  return content;
+}
+__name(buildPermissionRequestContent, "buildPermissionRequestContent");
+function toPermissionOptions(confirmation, forceHideAlwaysAllow = false) {
+  switch (confirmation.type) {
+    case "edit":
+      return filterAlwaysAllowOptions(
+        confirmation,
+        [
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlways,
+            name: "Allow All Edits",
+            kind: "allow_always"
+          },
+          ...basicPermissionOptions
+        ],
+        forceHideAlwaysAllow
+      );
+    case "exec": {
+      const label = formatExecPermissionScopeLabel(confirmation);
+      return filterAlwaysAllowOptions(
+        confirmation,
+        [
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
+            name: `Always Allow in project: ${label}`,
+            kind: "allow_always"
+          },
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
+            name: `Always Allow for user: ${label}`,
+            kind: "allow_always"
+          },
+          ...basicPermissionOptions
+        ],
+        forceHideAlwaysAllow
+      );
+    }
+    case "mcp":
+      return filterAlwaysAllowOptions(
+        confirmation,
+        [
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
+            name: `Always Allow in project: ${confirmation.toolName}`,
+            kind: "allow_always"
+          },
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
+            name: `Always Allow for user: ${confirmation.toolName}`,
+            kind: "allow_always"
+          },
+          ...basicPermissionOptions
+        ],
+        forceHideAlwaysAllow
+      );
+    case "info":
+      return filterAlwaysAllowOptions(
+        confirmation,
+        [
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
+            name: "Always Allow in project",
+            kind: "allow_always"
+          },
+          {
+            optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
+            name: "Always Allow for user",
+            kind: "allow_always"
+          },
+          ...basicPermissionOptions
+        ],
+        forceHideAlwaysAllow
+      );
+    case "plan":
+      return [
+        {
+          optionId: ToolConfirmationOutcome.ProceedAlways,
+          name: "Yes, and auto-accept edits",
+          kind: "allow_always"
+        },
+        {
+          optionId: ToolConfirmationOutcome.ProceedOnce,
+          name: "Yes, and manually approve edits",
+          kind: "allow_once"
+        },
+        {
+          optionId: ToolConfirmationOutcome.Cancel,
+          name: "No, keep planning (esc)",
+          kind: "reject_once"
+        }
+      ];
+    case "ask_user_question":
+      return [
+        {
+          optionId: ToolConfirmationOutcome.ProceedOnce,
+          name: "Submit",
+          kind: "allow_once"
+        },
+        {
+          optionId: ToolConfirmationOutcome.Cancel,
+          name: "Cancel",
+          kind: "reject_once"
+        }
+      ];
+    default: {
+      const unreachable = confirmation;
+      throw new Error(`Unexpected: ${unreachable}`);
+    }
+  }
+}
+__name(toPermissionOptions, "toPermissionOptions");
+
+// packages/cli/src/acp-integration/session/SubAgentTracker.ts
+var debugLogger146 = createDebugLogger("ACP_SUBAGENT_TRACKER");
 var SubAgentTracker = class {
   constructor(ctx, client, parentToolCallId, subagentType) {
     this.ctx = ctx;
@@ -477314,16 +477973,6 @@ var SubAgentTracker = class {
       const event = args2[0];
       if (abortSignal.aborted) return;
       const state = this.toolStates.get(event.callId);
-      const content = [];
-      if (event.confirmationDetails.type === "edit") {
-        const editDetails = event.confirmationDetails;
-        content.push({
-          type: "diff",
-          path: editDetails.filePath || editDetails.fileName,
-          oldText: editDetails.originalContent ?? "",
-          newText: editDetails.newContent
-        });
-      }
       const fullConfirmationDetails = {
         ...event.confirmationDetails,
         onConfirm: /* @__PURE__ */ __name(async () => {
@@ -477332,12 +477981,12 @@ var SubAgentTracker = class {
       const { title, locations, kind: kind2 } = this.toolCallEmitter.resolveToolMetadata(event.name, state?.args);
       const params = {
         sessionId: this.ctx.sessionId,
-        options: this.toPermissionOptions(fullConfirmationDetails),
+        options: toPermissionOptions(fullConfirmationDetails),
         toolCall: {
           toolCallId: event.callId,
           status: "pending",
           title,
-          content,
+          content: buildPermissionRequestContent(fullConfirmationDetails),
           locations,
           kind: kind2,
           rawInput: state?.args
@@ -477346,7 +477995,9 @@ var SubAgentTracker = class {
       try {
         const output = await this.client.requestPermission(params);
         const outcome = output.outcome.outcome === "cancelled" ? ToolConfirmationOutcome.Cancel : external_exports.nativeEnum(ToolConfirmationOutcome).parse(output.outcome.optionId);
-        await event.respond(outcome);
+        await event.respond(outcome, {
+          answers: "answers" in output ? output.answers : void 0
+        });
       } catch (error40) {
         debugLogger146.error(
           `Permission request failed for subagent tool ${event.name}:`,
@@ -477386,83 +478037,6 @@ var SubAgentTracker = class {
       );
     };
   }
-  /**
-   * Converts confirmation details to permission options for the client.
-   */
-  toPermissionOptions(confirmation) {
-    const hideAlwaysAllow = "hideAlwaysAllow" in confirmation && confirmation.hideAlwaysAllow;
-    switch (confirmation.type) {
-      case "edit":
-        return [
-          {
-            optionId: ToolConfirmationOutcome.ProceedAlways,
-            name: "Allow All Edits",
-            kind: "allow_always"
-          },
-          ...basicPermissionOptions
-        ];
-      case "exec":
-        return [
-          ...hideAlwaysAllow ? [] : [
-            {
-              optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
-              name: `Always Allow in project: ${confirmation.rootCommand ?? "command"}`,
-              kind: "allow_always"
-            },
-            {
-              optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
-              name: `Always Allow for user: ${confirmation.rootCommand ?? "command"}`,
-              kind: "allow_always"
-            }
-          ],
-          ...basicPermissionOptions
-        ];
-      case "mcp":
-        return [
-          ...hideAlwaysAllow ? [] : [
-            {
-              optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
-              name: `Always Allow in project: ${confirmation.toolName ?? "tool"}`,
-              kind: "allow_always"
-            },
-            {
-              optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
-              name: `Always Allow for user: ${confirmation.toolName ?? "tool"}`,
-              kind: "allow_always"
-            }
-          ],
-          ...basicPermissionOptions
-        ];
-      case "info":
-        return [
-          ...hideAlwaysAllow ? [] : [
-            {
-              optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
-              name: "Always Allow in project",
-              kind: "allow_always"
-            },
-            {
-              optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
-              name: "Always Allow for user",
-              kind: "allow_always"
-            }
-          ],
-          ...basicPermissionOptions
-        ];
-      case "plan":
-        return [
-          {
-            optionId: ToolConfirmationOutcome.ProceedAlways,
-            name: "Always Allow Plans",
-            kind: "allow_always"
-          },
-          ...basicPermissionOptions
-        ];
-      default: {
-        return [...basicPermissionOptions];
-      }
-    }
-  }
 };
 
 // packages/cli/src/acp-integration/session/Session.ts
@@ -477760,9 +478334,21 @@ var Session3 = class {
     };
     await this.sendUpdate(update2);
   }
+  async resolveIdeDiffForOutcome(confirmationDetails, outcome) {
+    if (confirmationDetails.type !== "edit" || !confirmationDetails.ideConfirmation) {
+      return;
+    }
+    const { IdeClient: IdeClient2 } = await Promise.resolve().then(() => (init_dist4(), dist_exports));
+    const ideClient = await IdeClient2.getInstance();
+    const cliOutcome = outcome === ToolConfirmationOutcome.Cancel ? "rejected" : "accepted";
+    await ideClient.resolveDiffFromCli(
+      confirmationDetails.filePath,
+      cliOutcome
+    );
+  }
   async runTool(abortSignal, promptId, fc) {
     const callId = fc.id ?? `${fc.name}-${Date.now()}`;
-    const args2 = fc.args ?? {};
+    let args2 = fc.args ?? {};
     const startTime = Date.now();
     const errorResponse = /* @__PURE__ */ __name((error40) => {
       const durationMs = Date.now() - startTime;
@@ -477788,16 +478374,39 @@ var Session3 = class {
         }
       ];
     }, "errorResponse");
+    const earlyErrorResponse = /* @__PURE__ */ __name(async (error40, toolName = fc.name ?? "unknown_tool") => {
+      if (toolName !== TodoWriteTool.Name) {
+        await this.toolCallEmitter.emitError(callId, toolName, error40);
+      }
+      const errorParts = errorResponse(error40);
+      this.config.getChatRecordingService()?.recordToolResult(errorParts, {
+        callId,
+        status: "error",
+        resultDisplay: void 0,
+        error: error40,
+        errorType: void 0
+      });
+      return errorParts;
+    }, "earlyErrorResponse");
     if (!fc.name) {
-      return errorResponse(new Error("Missing function name"));
+      return earlyErrorResponse(new Error("Missing function name"));
     }
     const toolRegistry = this.config.getToolRegistry();
     const tool = toolRegistry.getTool(fc.name);
     if (!tool) {
-      return errorResponse(
+      return earlyErrorResponse(
         new Error(`Tool "${fc.name}" not found in registry.`)
       );
     }
+    const pm = this.config.getPermissionManager?.();
+    if (pm && !await pm.isToolEnabled(fc.name)) {
+      return earlyErrorResponse(
+        new Error(
+          `Qwen Code requires permission to use "${fc.name}", but that permission was declined.`
+        ),
+        fc.name
+      );
+    }
     const isTodoWriteTool = tool.name === TodoWriteTool.Name;
     const isAgentTool = tool.name === AgentTool.Name;
     const isExitPlanModeTool = tool.name === ExitPlanModeTool.Name;
@@ -477821,85 +478430,147 @@ var Session3 = class {
       }
       const isAskUserQuestionTool = fc.name === ToolNames.ASK_USER_QUESTION;
       const defaultPermission = this.config.getApprovalMode() !== ApprovalMode.YOLO || isAskUserQuestionTool ? await invocation.getDefaultPermission() : "allow";
-      const needsConfirmation = defaultPermission === "ask";
-      const isPlanMode = this.config.getApprovalMode() === ApprovalMode.PLAN;
+      const toolParams = invocation.params;
+      const pmCtx = buildPermissionCheckContext(
+        fc.name,
+        toolParams,
+        this.config.getTargetDir?.() ?? ""
+      );
+      const { finalPermission, pmForcedAsk } = await evaluatePermissionRules(
+        pm,
+        defaultPermission,
+        pmCtx
+      );
+      const needsConfirmation = finalPermission === "ask";
+      const approvalMode = this.config.getApprovalMode();
+      const isPlanMode = approvalMode === ApprovalMode.PLAN;
       if (isPlanMode && !isExitPlanModeTool && !isAskUserQuestionTool && needsConfirmation) {
-        return errorResponse(
+        return earlyErrorResponse(
           new Error(
             `Plan mode is active. The tool "${fc.name}" cannot be executed because it modifies the system. Please use the exit_plan_mode tool to present your plan and exit plan mode before making changes.`
-          )
+          ),
+          fc.name
         );
       }
-      if (defaultPermission === "deny") {
-        return errorResponse(
+      if (finalPermission === "deny") {
+        return earlyErrorResponse(
           new Error(
-            `Tool "${fc.name}" is denied: command substitution is not allowed for security reasons.`
-          )
+            defaultPermission === "deny" ? `Tool "${fc.name}" is denied: command substitution is not allowed for security reasons.` : `Tool "${fc.name}" is denied by permission rules.`
+          ),
+          fc.name
         );
       }
+      let didRequestPermission = false;
       if (needsConfirmation) {
         const confirmationDetails = await invocation.getConfirmationDetails(abortSignal);
-        const content = [];
-        if (confirmationDetails.type === "edit") {
-          content.push({
-            type: "diff",
-            path: confirmationDetails.filePath || confirmationDetails.fileName,
-            oldText: confirmationDetails.originalContent,
-            newText: confirmationDetails.newContent
-          });
-        }
-        if (confirmationDetails.type === "plan") {
-          content.push({
-            type: "content",
-            content: {
-              type: "text",
-              text: confirmationDetails.plan
+        injectPermissionRulesIfMissing(confirmationDetails, pmCtx);
+        const messageBus = this.config.getMessageBus?.();
+        const hooksEnabled = this.config.getEnableHooks?.() ?? false;
+        let hookHandled = false;
+        if (hooksEnabled && messageBus) {
+          const hookResult = await firePermissionRequestHook(
+            messageBus,
+            fc.name,
+            args2,
+            String(approvalMode)
+          );
+          if (hookResult.hasDecision) {
+            hookHandled = true;
+            if (hookResult.shouldAllow) {
+              if (hookResult.updatedInput) {
+                args2 = hookResult.updatedInput;
+                invocation.params = hookResult.updatedInput;
+              }
+              await this.resolveIdeDiffForOutcome(
+                confirmationDetails,
+                ToolConfirmationOutcome.ProceedOnce
+              );
+              await confirmationDetails.onConfirm(
+                ToolConfirmationOutcome.ProceedOnce
+              );
+            } else {
+              return earlyErrorResponse(
+                new Error(
+                  hookResult.denyMessage || `Permission denied by hook for "${fc.name}"`
+                ),
+                fc.name
+              );
             }
-          });
-        }
-        const mappedKind = this.toolCallEmitter.mapToolKind(tool.kind, fc.name);
-        const params = {
-          sessionId: this.sessionId,
-          options: toPermissionOptions(confirmationDetails),
-          toolCall: {
-            toolCallId: callId,
-            status: "pending",
-            title: invocation.getDescription(),
-            content,
-            locations: invocation.toolLocations(),
-            kind: mappedKind,
-            rawInput: args2
           }
-        };
-        const output = await this.client.requestPermission(
-          params
-        );
-        const outcome = output.outcome.outcome === "cancelled" ? ToolConfirmationOutcome.Cancel : external_exports.nativeEnum(ToolConfirmationOutcome).parse(output.outcome.optionId);
-        await confirmationDetails.onConfirm(outcome, {
-          answers: output.answers
-        });
-        if (isExitPlanModeTool && outcome !== ToolConfirmationOutcome.Cancel) {
-          await this.sendCurrentModeUpdateNotification(outcome);
         }
-        switch (outcome) {
-          case ToolConfirmationOutcome.Cancel:
-            return errorResponse(
-              new Error(`Tool "${fc.name}" was canceled by the user.`)
+        if (approvalMode === ApprovalMode.AUTO_EDIT && (confirmationDetails.type === "edit" || confirmationDetails.type === "info")) {
+        } else if (!hookHandled) {
+          didRequestPermission = true;
+          const content = buildPermissionRequestContent(confirmationDetails);
+          const mappedKind = this.toolCallEmitter.mapToolKind(
+            tool.kind,
+            fc.name
+          );
+          if (hooksEnabled && messageBus) {
+            void fireNotificationHook(
+              messageBus,
+              `Qwen Code needs your permission to use ${fc.name}`,
+              NotificationType.PermissionPrompt,
+              "Permission needed"
             );
-          case ToolConfirmationOutcome.ProceedOnce:
-          case ToolConfirmationOutcome.ProceedAlways:
-          case ToolConfirmationOutcome.ProceedAlwaysProject:
-          case ToolConfirmationOutcome.ProceedAlwaysUser:
-          case ToolConfirmationOutcome.ProceedAlwaysServer:
-          case ToolConfirmationOutcome.ProceedAlwaysTool:
-          case ToolConfirmationOutcome.ModifyWithEditor:
-            break;
-          default: {
-            const resultOutcome = outcome;
-            throw new Error(`Unexpected: ${resultOutcome}`);
+          }
+          const params = {
+            sessionId: this.sessionId,
+            options: toPermissionOptions(confirmationDetails, pmForcedAsk),
+            toolCall: {
+              toolCallId: callId,
+              status: "pending",
+              title: invocation.getDescription(),
+              content,
+              locations: invocation.toolLocations(),
+              kind: mappedKind,
+              rawInput: args2
+            }
+          };
+          const output = await this.client.requestPermission(
+            params
+          );
+          const outcome = output.outcome.outcome === "cancelled" ? ToolConfirmationOutcome.Cancel : external_exports.nativeEnum(ToolConfirmationOutcome).parse(output.outcome.optionId);
+          await this.resolveIdeDiffForOutcome(confirmationDetails, outcome);
+          await confirmationDetails.onConfirm(outcome, {
+            answers: output.answers
+          });
+          if (outcome === ToolConfirmationOutcome.ProceedAlways || outcome === ToolConfirmationOutcome.ProceedAlwaysProject || outcome === ToolConfirmationOutcome.ProceedAlwaysUser) {
+            await persistPermissionOutcome(
+              outcome,
+              confirmationDetails,
+              this.config.getOnPersistPermissionRule?.(),
+              this.config.getPermissionManager?.(),
+              { answers: output.answers }
+            );
+          }
+          if (isExitPlanModeTool && outcome !== ToolConfirmationOutcome.Cancel) {
+            await this.sendCurrentModeUpdateNotification(outcome);
+          }
+          if (confirmationDetails.type === "edit" && outcome === ToolConfirmationOutcome.ProceedAlways) {
+            await this.sendCurrentModeUpdateNotification(outcome);
+          }
+          switch (outcome) {
+            case ToolConfirmationOutcome.Cancel:
+              return errorResponse(
+                new Error(`Tool "${fc.name}" was canceled by the user.`)
+              );
+            case ToolConfirmationOutcome.ProceedOnce:
+            case ToolConfirmationOutcome.ProceedAlways:
+            case ToolConfirmationOutcome.ProceedAlwaysProject:
+            case ToolConfirmationOutcome.ProceedAlwaysUser:
+            case ToolConfirmationOutcome.ProceedAlwaysServer:
+            case ToolConfirmationOutcome.ProceedAlwaysTool:
+            case ToolConfirmationOutcome.ModifyWithEditor:
+              break;
+            default: {
+              const resultOutcome = outcome;
+              throw new Error(`Unexpected: ${resultOutcome}`);
+            }
           }
         }
-      } else if (!isTodoWriteTool) {
+      }
+      if (!didRequestPermission && !isTodoWriteTool) {
         const startParams = {
           callId,
           toolName: fc.name,
@@ -478147,109 +478818,6 @@ ${contextPart.text}`
     }
   }
 };
-var basicPermissionOptions2 = [
-  {
-    optionId: ToolConfirmationOutcome.ProceedOnce,
-    name: "Allow",
-    kind: "allow_once"
-  },
-  {
-    optionId: ToolConfirmationOutcome.Cancel,
-    name: "Reject",
-    kind: "reject_once"
-  }
-];
-function toPermissionOptions(confirmation) {
-  switch (confirmation.type) {
-    case "edit":
-      return [
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlways,
-          name: "Allow All Edits",
-          kind: "allow_always"
-        },
-        ...basicPermissionOptions2
-      ];
-    case "exec":
-      return [
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
-          name: `Always Allow in project: ${confirmation.rootCommand}`,
-          kind: "allow_always"
-        },
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
-          name: `Always Allow for user: ${confirmation.rootCommand}`,
-          kind: "allow_always"
-        },
-        ...basicPermissionOptions2
-      ];
-    case "mcp":
-      return [
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
-          name: `Always Allow in project: ${confirmation.toolName}`,
-          kind: "allow_always"
-        },
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
-          name: `Always Allow for user: ${confirmation.toolName}`,
-          kind: "allow_always"
-        },
-        ...basicPermissionOptions2
-      ];
-    case "info":
-      return [
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlwaysProject,
-          name: `Always Allow in project`,
-          kind: "allow_always"
-        },
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlwaysUser,
-          name: `Always Allow for user`,
-          kind: "allow_always"
-        },
-        ...basicPermissionOptions2
-      ];
-    case "plan":
-      return [
-        {
-          optionId: ToolConfirmationOutcome.ProceedAlways,
-          name: `Yes, and auto-accept edits`,
-          kind: "allow_always"
-        },
-        {
-          optionId: ToolConfirmationOutcome.ProceedOnce,
-          name: `Yes, and manually approve edits`,
-          kind: "allow_once"
-        },
-        {
-          optionId: ToolConfirmationOutcome.Cancel,
-          name: `No, keep planning (esc)`,
-          kind: "reject_once"
-        }
-      ];
-    case "ask_user_question":
-      return [
-        {
-          optionId: ToolConfirmationOutcome.ProceedOnce,
-          name: "Submit",
-          kind: "allow_once"
-        },
-        {
-          optionId: ToolConfirmationOutcome.Cancel,
-          name: "Cancel",
-          kind: "reject_once"
-        }
-      ];
-    default: {
-      const unreachable = confirmation;
-      throw new Error(`Unexpected: ${unreachable}`);
-    }
-  }
-}
-__name(toPermissionOptions, "toPermissionOptions");
 
 // packages/cli/src/acp-integration/runtimeOutputDirContext.ts
 init_esbuild_shims();
@@ -478319,7 +478887,7 @@ var QwenAgent = class {
   async initialize(args2) {
     this.clientCapabilities = args2.clientCapabilities;
     const authMethods = buildAuthMethods();
-    const version2 = "0.13.1-preview.0";
+    const version2 = "0.13.1";
     return {
       protocolVersion: PROTOCOL_VERSION,
       agentInfo: {
@@ -478395,27 +478963,16 @@ var QwenAgent = class {
         return sessionService.sessionExists(params.sessionId);
       }
     );
-    if (!exists3) {
-      throw RequestError.invalidParams(
-        void 0,
-        `Session not found for id: ${params.sessionId}`
-      );
-    }
     const config2 = await this.newSessionConfig(
       params.cwd,
       params.mcpServers,
-      params.sessionId
+      params.sessionId,
+      exists3
     );
     await this.ensureAuthenticated(config2);
     this.setupFileSystem(config2);
     const sessionData = config2.getResumedSessionData();
-    if (!sessionData) {
-      throw RequestError.internalError(
-        void 0,
-        `Failed to load session data for id: ${params.sessionId}`
-      );
-    }
-    await this.createAndStoreSession(config2, sessionData.conversation);
+    await this.createAndStoreSession(config2, sessionData?.conversation);
     const modesData = this.buildModesData(config2);
     const availableModels = this.buildAvailableModels(config2);
     const configOptions = this.buildConfigOptions(config2);
@@ -478517,7 +479074,8 @@ var QwenAgent = class {
     throw RequestError.methodNotFound(method);
   }
   // --- private helpers ---
-  async newSessionConfig(cwd6, mcpServers, sessionId) {
+  async newSessionConfig(cwd6, mcpServers, sessionId, resume) {
+    this.settings = loadSettings(cwd6);
     const mergedMcpServers = { ...this.settings.merged.mcpServers };
     for (const server of mcpServers) {
       const stdioServer = toStdioServer(server);
@@ -478536,10 +479094,10 @@ var QwenAgent = class {
     const settings = { ...this.settings.merged, mcpServers: mergedMcpServers };
     const argvForSession = {
       ...this.argv,
-      resume: sessionId,
+      ...resume ? { resume: sessionId } : { sessionId },
       continue: false
     };
-    const config2 = await loadCliConfig(settings, argvForSession, cwd6);
+    const config2 = await loadCliConfig(settings, argvForSession, cwd6, []);
     await config2.initialize();
     return config2;
   }
@@ -478904,8 +479462,7 @@ ${finalArgs[promptIndex + 1]}`;
       settings.merged,
       argv,
       process.cwd(),
-      argv.extensions,
-      settings
+      argv.extensions
     );
     registerCleanup(() => config2.shutdown());
     const wasRaw = process.stdin.isRaw;