@qwen-code/qwen-code 0.15.12-preview.2 → 0.15.12-preview.3

package/chunks/{serve-27O2AFE3.js → serve-VJEEEXA6.js}

@@ -13356,6 +13356,36 @@ var SessionNotFoundError = class extends Error {
     this.sessionId = sessionId;
   }
 };
+var RestoreInProgressError = class extends Error {
+  static {
+    __name(this, "RestoreInProgressError");
+  }
+  sessionId;
+  activeAction;
+  requestedAction;
+  constructor(sessionId, activeAction, requestedAction) {
+    super(
+      `Session "${sessionId}" is already being restored via session/${activeAction}; retry session/${requestedAction} after it completes`
+    );
+    this.name = "RestoreInProgressError";
+    this.sessionId = sessionId;
+    this.activeAction = activeAction;
+    this.requestedAction = requestedAction;
+  }
+};
+var InvalidSessionScopeError = class extends Error {
+  static {
+    __name(this, "InvalidSessionScopeError");
+  }
+  sessionScope;
+  constructor(sessionScope) {
+    super(
+      `Invalid sessionScope: ${JSON.stringify(sessionScope)}. Expected 'single' or 'thread'.`
+    );
+    this.name = "InvalidSessionScopeError";
+    this.sessionScope = sessionScope;
+  }
+};
 var SessionLimitExceededError = class extends Error {
   static {
     __name(this, "SessionLimitExceededError");
@@ -13383,7 +13413,32 @@ var WorkspaceMismatchError = class extends Error {
     this.requested = safeRequested;
   }
 };
+var InvalidClientIdError = class extends Error {
+  static {
+    __name(this, "InvalidClientIdError");
+  }
+  sessionId;
+  clientId;
+  constructor(sessionId, clientId) {
+    super(`Client id "${clientId}" is not registered for session ${sessionId}`);
+    this.name = "InvalidClientIdError";
+    this.sessionId = sessionId;
+    this.clientId = clientId;
+  }
+};
 var MAX_WORKSPACE_PATH_LENGTH = 4096;
+var MAX_RESOLVED_PERMISSION_RECORDS = 512;
+function isServeDebugLoggingEnabled() {
+  const value = process.env["QWEN_SERVE_DEBUG"];
+  if (!value) return false;
+  return !["0", "false", "off", "no"].includes(value.trim().toLowerCase());
+}
+__name(isServeDebugLoggingEnabled, "isServeDebugLoggingEnabled");
+function writeServeDebugLine(message) {
+  if (!isServeDebugLoggingEnabled()) return;
+  writeStderrLine(`qwen serve debug: ${message}`);
+}
+__name(writeServeDebugLine, "writeServeDebugLine");
 var InvalidPermissionOptionError = class extends Error {
   static {
     __name(this, "InvalidPermissionOptionError");
@@ -13400,8 +13455,9 @@ var InvalidPermissionOptionError = class extends Error {
   }
 };
 var BridgeClient = class {
-  constructor(resolveEntry, registerPending, rollbackPending, permissionTimeoutMs, maxPendingPerSession) {
+  constructor(resolveEntry, resolvePendingRestoreEvents, registerPending, rollbackPending, permissionTimeoutMs, maxPendingPerSession) {
     this.resolveEntry = resolveEntry;
+    this.resolvePendingRestoreEvents = resolvePendingRestoreEvents;
     this.registerPending = registerPending;
     this.rollbackPending = rollbackPending;
     this.permissionTimeoutMs = permissionTimeoutMs;
@@ -13459,7 +13515,8 @@ var BridgeClient = class {
           sessionId: entry.sessionId,
           toolCall: params.toolCall,
           options: params.options
-        }
+        },
+        ...entry.activePromptOriginatorClientId ? { originatorClientId: entry.activePromptOriginatorClientId } : {}
       });
       if (!published) {
         this.rollbackPending(requestId);
@@ -13481,8 +13538,13 @@ var BridgeClient = class {
   }
   async sessionUpdate(params) {
     const entry = this.resolveEntry(params.sessionId);
-    if (!entry) return;
-    entry.events.publish({ type: "session_update", data: params });
+    const events = entry?.events ?? this.resolvePendingRestoreEvents(params.sessionId);
+    if (!events) return;
+    events.publish({
+      type: "session_update",
+      data: params,
+      ...entry?.activePromptOriginatorClientId ? { originatorClientId: entry.activePromptOriginatorClientId } : {}
+    });
   }
   async writeTextFile(params) {
     let realTarget = params.path;
@@ -13561,7 +13623,7 @@ var DEFAULT_MAX_SESSIONS = 20;
 var DEFAULT_PERMISSION_TIMEOUT_MS = 5 * 60 * 1e3;
 var DEFAULT_MAX_PENDING_PER_SESSION = 64;
 function createHttpAcpBridge(opts) {
-  const sessionScope = opts.sessionScope ?? "single";
+  const defaultSessionScope = opts.sessionScope ?? "single";
   let maxSessions;
   if (opts.maxSessions === void 0) {
     maxSessions = DEFAULT_MAX_SESSIONS;
@@ -13578,9 +13640,9 @@ function createHttpAcpBridge(opts) {
   } else {
     maxSessions = opts.maxSessions;
   }
-  if (sessionScope !== "single" && sessionScope !== "thread") {
+  if (defaultSessionScope !== "single" && defaultSessionScope !== "thread") {
     throw new TypeError(
-      `Invalid sessionScope: ${JSON.stringify(sessionScope)}. Expected 'single' or 'thread'.`
+      `Invalid sessionScope: ${JSON.stringify(defaultSessionScope)}. Expected 'single' or 'thread'.`
     );
   }
   const channelFactory = opts.channelFactory ?? defaultSpawnChannelFactory;
@@ -13606,8 +13668,48 @@ function createHttpAcpBridge(opts) {
   let inFlightChannelSpawn;
   const byId = /* @__PURE__ */ new Map();
   const pendingPermissions = /* @__PURE__ */ new Map();
+  const resolvedPermissions = /* @__PURE__ */ new Map();
+  const resolvedPermissionOrder = [];
   let shuttingDown = false;
   const inFlightSpawns = /* @__PURE__ */ new Map();
+  const inFlightRestores = /* @__PURE__ */ new Map();
+  const pendingRestoreEvents = /* @__PURE__ */ new Map();
+  const createClientId = /* @__PURE__ */ __name(() => `client_${randomUUID()}`, "createClientId");
+  const registerClient = /* @__PURE__ */ __name((entry, requestedClientId) => {
+    if (requestedClientId && entry.clientIds.has(requestedClientId)) {
+      entry.clientIds.set(
+        requestedClientId,
+        (entry.clientIds.get(requestedClientId) ?? 0) + 1
+      );
+      return requestedClientId;
+    }
+    const clientId = createClientId();
+    entry.clientIds.set(clientId, 1);
+    return clientId;
+  }, "registerClient");
+  const unregisterClient = /* @__PURE__ */ __name((entry, clientId) => {
+    if (clientId === void 0) return;
+    const count = entry.clientIds.get(clientId);
+    if (count === void 0) return;
+    if (count <= 1) {
+      entry.clientIds.delete(clientId);
+    } else {
+      entry.clientIds.set(clientId, count - 1);
+    }
+  }, "unregisterClient");
+  const resolveTrustedClientId = /* @__PURE__ */ __name((entry, clientId) => {
+    if (clientId === void 0) return void 0;
+    if (!entry.clientIds.has(clientId)) {
+      throw new InvalidClientIdError(entry.sessionId, clientId);
+    }
+    return clientId;
+  }, "resolveTrustedClientId");
+  const resolveAnyTrustedClientId = /* @__PURE__ */ __name((clientId) => {
+    for (const entry of byId.values()) {
+      if (entry.clientIds.has(clientId)) return clientId;
+    }
+    throw new InvalidClientIdError("unknown", clientId);
+  }, "resolveAnyTrustedClientId");
   const registerPending = /* @__PURE__ */ __name((p) => {
     const entry = byId.get(p.sessionId);
     if (!entry) {
@@ -13617,7 +13719,38 @@ function createHttpAcpBridge(opts) {
     pendingPermissions.set(p.requestId, p);
     entry.pendingPermissionIds.add(p.requestId);
   }, "registerPending");
-  const resolvePending = /* @__PURE__ */ __name((requestId, response) => {
+  const rememberResolvedPermission = /* @__PURE__ */ __name((record) => {
+    if (!resolvedPermissions.has(record.requestId)) {
+      resolvedPermissionOrder.push(record.requestId);
+    }
+    resolvedPermissions.set(record.requestId, record);
+    while (resolvedPermissionOrder.length > MAX_RESOLVED_PERMISSION_RECORDS) {
+      const oldest = resolvedPermissionOrder.shift();
+      if (oldest !== void 0) resolvedPermissions.delete(oldest);
+    }
+  }, "rememberResolvedPermission");
+  const publishPermissionAlreadyResolved = /* @__PURE__ */ __name((record) => {
+    const entry = byId.get(record.sessionId);
+    if (!entry) return;
+    try {
+      writeServeDebugLine(
+        `permission ${JSON.stringify(record.requestId)} for session ${JSON.stringify(record.sessionId)} was already resolved; publishing duplicate-vote notification.`
+      );
+      entry.events.publish({
+        type: "permission_already_resolved",
+        data: {
+          requestId: record.requestId,
+          sessionId: record.sessionId,
+          outcome: record.outcome
+        }
+      });
+    } catch {
+      writeServeDebugLine(
+        `skipped duplicate-vote notification for permission ${JSON.stringify(record.requestId)} during shutdown.`
+      );
+    }
+  }, "publishPermissionAlreadyResolved");
+  const resolvePending = /* @__PURE__ */ __name((requestId, response, originatorClientId) => {
     const pending = pendingPermissions.get(requestId);
     if (!pending) return false;
     pendingPermissions.delete(requestId);
@@ -13627,11 +13760,17 @@ function createHttpAcpBridge(opts) {
       try {
         entry.events.publish({
           type: "permission_resolved",
-          data: { requestId, outcome: response.outcome }
+          data: { requestId, outcome: response.outcome },
+          ...originatorClientId ? { originatorClientId } : {}
         });
       } catch {
       }
     }
+    rememberResolvedPermission({
+      requestId,
+      sessionId: pending.sessionId,
+      outcome: response.outcome
+    });
     pending.resolve(response);
     return true;
   }, "resolvePending");
@@ -13656,6 +13795,7 @@ function createHttpAcpBridge(opts) {
           }
           return void 0;
         },
+        (sessionId) => sessionId ? pendingRestoreEvents.get(sessionId) : void 0,
         registerPending,
         (rid) => (
           // Roll back a register-then-publish-failed pending so the agent
@@ -13671,6 +13811,7 @@ function createHttpAcpBridge(opts) {
         connection,
         client,
         sessionIds: /* @__PURE__ */ new Set(),
+        pendingRestoreIds: /* @__PURE__ */ new Set(),
         isDying: false
       };
       aliveChannels.add(info);
@@ -13746,7 +13887,7 @@ function createHttpAcpBridge(opts) {
     }
   }
   __name(ensureChannel, "ensureChannel");
-  async function doSpawn(modelServiceId) {
+  async function doSpawn(modelServiceId, effectiveScope, requestedClientId) {
     const ci = await ensureChannel();
     let newSessionResp;
     try {
@@ -13769,26 +13910,21 @@ function createHttpAcpBridge(opts) {
     if (shuttingDown) {
       throw new Error("HttpAcpBridge is shutting down");
     }
-    const entry = {
-      sessionId: newSessionResp.sessionId,
-      workspaceCwd: boundWorkspace,
-      channel: ci.channel,
-      connection: ci.connection,
-      events: new EventBus(),
-      promptQueue: Promise.resolve(),
-      modelChangeQueue: Promise.resolve(),
-      pendingPermissionIds: /* @__PURE__ */ new Set(),
-      attachCount: 0,
-      spawnOwnerWantedKill: false
-    };
-    ci.sessionIds.add(entry.sessionId);
-    byId.set(entry.sessionId, entry);
-    if (!defaultEntry) defaultEntry = entry;
+    const entry = createSessionEntry(
+      ci,
+      newSessionResp.sessionId,
+      boundWorkspace
+    );
+    const clientId = registerClient(entry, requestedClientId);
+    if (effectiveScope === "single" && !defaultEntry) defaultEntry = entry;
     if (modelServiceId) {
-      await applyModelServiceId(entry, modelServiceId, initTimeoutMs).catch(
-        () => {
-        }
-      );
+      await applyModelServiceId(
+        entry,
+        modelServiceId,
+        initTimeoutMs,
+        clientId
+      ).catch(() => {
+      });
     }
     if (!byId.has(entry.sessionId)) {
       throw new Error(
@@ -13798,11 +13934,12 @@ function createHttpAcpBridge(opts) {
     return {
       sessionId: entry.sessionId,
       workspaceCwd: entry.workspaceCwd,
-      attached: false
+      attached: false,
+      clientId
     };
   }
   __name(doSpawn, "doSpawn");
-  async function applyModelServiceId(entry, modelId, timeoutMs) {
+  async function applyModelServiceId(entry, modelId, timeoutMs, originatorClientId) {
     const conn = entry.connection;
     const transportClosed = getTransportClosedReject(entry);
     const work = entry.modelChangeQueue.then(async () => {
@@ -13820,7 +13957,8 @@ function createHttpAcpBridge(opts) {
         ]);
         entry.events.publish({
           type: "model_switched",
-          data: { sessionId: entry.sessionId, modelId }
+          data: { sessionId: entry.sessionId, modelId },
+          ...originatorClientId ? { originatorClientId } : {}
         });
       } catch (err) {
         entry.events.publish({
@@ -13829,7 +13967,8 @@ function createHttpAcpBridge(opts) {
             sessionId: entry.sessionId,
             requestedModelId: modelId,
             error: err instanceof Error ? err.message : String(err)
-          }
+          },
+          ...originatorClientId ? { originatorClientId } : {}
         });
         throw err;
       }
@@ -13859,6 +13998,213 @@ function createHttpAcpBridge(opts) {
     }
     return entry.transportClosedReject;
   }, "getTransportClosedReject");
+  const resolveWorkspaceKey = /* @__PURE__ */ __name((workspaceCwd) => {
+    if (!path.isAbsolute(workspaceCwd)) {
+      throw new Error(
+        `workspaceCwd must be an absolute path; got "${workspaceCwd}"`
+      );
+    }
+    const workspaceKey = workspaceCwd === boundWorkspace ? boundWorkspace : canonicalizeWorkspace(workspaceCwd);
+    if (workspaceKey !== boundWorkspace) {
+      throw new WorkspaceMismatchError(boundWorkspace, workspaceKey);
+    }
+    return workspaceKey;
+  }, "resolveWorkspaceKey");
+  const createSessionEntry = /* @__PURE__ */ __name((ci, sessionId, workspaceCwd, events = new EventBus()) => {
+    const entry = {
+      sessionId,
+      workspaceCwd,
+      channel: ci.channel,
+      connection: ci.connection,
+      events,
+      promptQueue: Promise.resolve(),
+      modelChangeQueue: Promise.resolve(),
+      pendingPermissionIds: /* @__PURE__ */ new Set(),
+      clientIds: /* @__PURE__ */ new Map(),
+      attachCount: 0,
+      spawnOwnerWantedKill: false
+    };
+    ci.sessionIds.add(entry.sessionId);
+    byId.set(entry.sessionId, entry);
+    return entry;
+  }, "createSessionEntry");
+  const isAcpSessionResourceNotFound = /* @__PURE__ */ __name((err, sessionId) => {
+    if (!err || typeof err !== "object") return false;
+    const maybe = err;
+    if (maybe.code !== -32002) return false;
+    const expectedUri = `session:${sessionId}`;
+    if (maybe.data && typeof maybe.data === "object" && maybe.data.uri === expectedUri) {
+      return true;
+    }
+    return typeof maybe.message === "string" && maybe.message === `Resource not found: ${expectedUri}`;
+  }, "isAcpSessionResourceNotFound");
+  async function restoreSession(action, req) {
+    if (shuttingDown) {
+      throw new Error("HttpAcpBridge is shutting down");
+    }
+    const workspaceKey = resolveWorkspaceKey(req.workspaceCwd);
+    const existing = byId.get(req.sessionId);
+    if (existing) {
+      existing.attachCount++;
+      const clientId = registerClient(existing, req.clientId);
+      return {
+        sessionId: existing.sessionId,
+        workspaceCwd: existing.workspaceCwd,
+        attached: true,
+        clientId,
+        // Late attachers get the same ACP state the original restore
+        // caller saw; spawn-only sessions don't carry a state payload.
+        state: existing.restoreState ?? {}
+      };
+    }
+    const inFlight = inFlightRestores.get(req.sessionId);
+    if (inFlight) {
+      if (action !== inFlight.action) {
+        throw new RestoreInProgressError(
+          req.sessionId,
+          inFlight.action,
+          action
+        );
+      }
+      inFlight.coalesceState.count++;
+      let restored;
+      try {
+        restored = await inFlight.promise;
+      } catch (err) {
+        inFlight.coalesceState.count--;
+        throw err;
+      }
+      const entry = byId.get(restored.sessionId);
+      if (!entry) {
+        inFlight.coalesceState.count--;
+        throw new SessionNotFoundError(
+          restored.sessionId,
+          "the agent child likely crashed during session restore \u2014 retry to restore the session"
+        );
+      }
+      return {
+        ...restored,
+        attached: true,
+        clientId: registerClient(entry, req.clientId)
+      };
+    }
+    if (byId.size + inFlightSpawns.size + inFlightRestores.size >= maxSessions) {
+      throw new SessionLimitExceededError(maxSessions);
+    }
+    const restoreEvents = new EventBus();
+    let registeredEntry;
+    let ci;
+    const coalesceState = { count: 0 };
+    const promise = (async () => {
+      pendingRestoreEvents.set(req.sessionId, restoreEvents);
+      ci = await ensureChannel();
+      ci.pendingRestoreIds.add(req.sessionId);
+      const transportClosed = ci.channel.exited.then(() => {
+        throw new Error(`agent channel closed during session/${action}`);
+      });
+      transportClosed.catch(() => {
+      });
+      let state;
+      try {
+        if (action === "load") {
+          state = await Promise.race([
+            withTimeout(
+              ci.connection.loadSession({
+                sessionId: req.sessionId,
+                cwd: workspaceKey,
+                // Restore path drops per-request `mcpServers` (matches
+                // `doSpawn`); daemon-wide MCP comes from settings on
+                // the agent side. The SDK's `RestoreSessionRequest`
+                // intentionally has no `mcpServers` field for the
+                // same reason.
+                mcpServers: []
+              }),
+              initTimeoutMs,
+              "loadSession"
+            ),
+            transportClosed
+          ]);
+        } else {
+          state = await Promise.race([
+            withTimeout(
+              ci.connection.unstable_resumeSession({
+                sessionId: req.sessionId,
+                cwd: workspaceKey,
+                mcpServers: []
+              }),
+              initTimeoutMs,
+              "resumeSession"
+            ),
+            transportClosed
+          ]);
+        }
+      } catch (err) {
+        restoreEvents.close();
+        if (isAcpSessionResourceNotFound(err, req.sessionId)) {
+          throw new SessionNotFoundError(req.sessionId);
+        }
+        if (ci.sessionIds.size === 0 && ci.pendingRestoreIds.size === 1 && ci.pendingRestoreIds.has(req.sessionId)) {
+          ci.isDying = true;
+          await ci.channel.kill().catch(() => {
+          });
+        }
+        throw err;
+      }
+      if (shuttingDown) {
+        restoreEvents.close();
+        throw new Error("HttpAcpBridge is shutting down");
+      }
+      if (ci.isDying || !aliveChannels.has(ci)) {
+        restoreEvents.close();
+        throw new Error(
+          `Session ${req.sessionId} restored on a closed agent channel`
+        );
+      }
+      const racedEntry = byId.get(req.sessionId);
+      if (racedEntry) {
+        restoreEvents.close();
+        racedEntry.attachCount += 1 + coalesceState.count;
+        const clientId2 = registerClient(racedEntry, req.clientId);
+        return {
+          sessionId: racedEntry.sessionId,
+          workspaceCwd: racedEntry.workspaceCwd,
+          attached: true,
+          clientId: clientId2,
+          state: racedEntry.restoreState ?? {}
+        };
+      }
+      const entry = createSessionEntry(
+        ci,
+        req.sessionId,
+        workspaceKey,
+        restoreEvents
+      );
+      entry.restoreState = state;
+      const clientId = registerClient(entry, req.clientId);
+      entry.attachCount = coalesceState.count;
+      registeredEntry = entry;
+      return {
+        sessionId: entry.sessionId,
+        workspaceCwd: entry.workspaceCwd,
+        attached: false,
+        clientId,
+        state
+      };
+    })().finally(() => {
+      ci?.pendingRestoreIds.delete(req.sessionId);
+      pendingRestoreEvents.delete(req.sessionId);
+      if (!registeredEntry) {
+        restoreEvents.close();
+      }
+    });
+    inFlightRestores.set(req.sessionId, { action, promise, coalesceState });
+    try {
+      return await promise;
+    } finally {
+      inFlightRestores.delete(req.sessionId);
+    }
+  }
+  __name(restoreSession, "restoreSession");
   return {
     get sessionCount() {
       return byId.size;
@@ -13866,35 +14212,40 @@ function createHttpAcpBridge(opts) {
     get pendingPermissionCount() {
       return pendingPermissions.size;
     },
+    async loadSession(req) {
+      return restoreSession("load", req);
+    },
+    async resumeSession(req) {
+      return restoreSession("resume", req);
+    },
     async spawnOrAttach(req) {
       if (shuttingDown) {
         throw new Error("HttpAcpBridge is shutting down");
       }
-      if (!path.isAbsolute(req.workspaceCwd)) {
-        throw new Error(
-          `workspaceCwd must be an absolute path; got "${req.workspaceCwd}"`
-        );
-      }
-      const workspaceKey = req.workspaceCwd === boundWorkspace ? boundWorkspace : canonicalizeWorkspace(req.workspaceCwd);
-      if (workspaceKey !== boundWorkspace) {
-        throw new WorkspaceMismatchError(boundWorkspace, workspaceKey);
+      const workspaceKey = resolveWorkspaceKey(req.workspaceCwd);
+      if (req.sessionScope !== void 0 && req.sessionScope !== "single" && req.sessionScope !== "thread") {
+        throw new InvalidSessionScopeError(req.sessionScope);
       }
-      if (sessionScope === "single") {
+      const effectiveScope = req.sessionScope ?? defaultSessionScope;
+      if (effectiveScope === "single") {
         const existing = defaultEntry;
         if (existing) {
           existing.attachCount++;
+          const clientId = registerClient(existing, req.clientId);
           if (req.modelServiceId) {
             await applyModelServiceId(
               existing,
               req.modelServiceId,
-              initTimeoutMs
+              initTimeoutMs,
+              clientId
             ).catch(() => {
             });
           }
           return {
             sessionId: existing.sessionId,
             workspaceCwd: existing.workspaceCwd,
-            attached: true
+            attached: true,
+            clientId
           };
         }
         const inFlight = inFlightSpawns.get(workspaceKey);
@@ -13908,22 +14259,24 @@ function createHttpAcpBridge(opts) {
               "the agent child likely crashed during initialization \u2014 retry to spawn a new session"
             );
           }
+          const clientId = registerClient(attachedEntry, req.clientId);
           if (req.modelServiceId) {
             await applyModelServiceId(
               attachedEntry,
               req.modelServiceId,
-              initTimeoutMs
+              initTimeoutMs,
+              clientId
             ).catch(() => {
             });
           }
-          return { ...session, attached: true };
+          return { ...session, attached: true, clientId };
         }
       }
-      if (byId.size + inFlightSpawns.size >= maxSessions) {
+      if (byId.size + inFlightSpawns.size + inFlightRestores.size >= maxSessions) {
         throw new SessionLimitExceededError(maxSessions);
       }
-      const promise = doSpawn(req.modelServiceId);
-      const tracker = sessionScope === "single" ? workspaceKey : `${workspaceKey}#${randomUUID()}`;
+      const promise = doSpawn(req.modelServiceId, effectiveScope, req.clientId);
+      const tracker = effectiveScope === "single" ? workspaceKey : `${workspaceKey}#${randomUUID()}`;
       inFlightSpawns.set(tracker, promise);
       try {
         return await promise;
@@ -13931,9 +14284,13 @@ function createHttpAcpBridge(opts) {
         inFlightSpawns.delete(tracker);
       }
     },
-    async sendPrompt(sessionId, req, signal) {
+    async sendPrompt(sessionId, req, signal, context) {
       const entry = byId.get(sessionId);
       if (!entry) throw new SessionNotFoundError(sessionId);
+      const originatorClientId = resolveTrustedClientId(
+        entry,
+        context?.clientId
+      );
       if (signal?.aborted) {
         throw new DOMException("Prompt aborted", "AbortError");
       }
@@ -13942,7 +14299,14 @@ function createHttpAcpBridge(opts) {
         if (signal?.aborted) {
           throw new DOMException("Prompt aborted", "AbortError");
         }
-        const promptPromise = entry.connection.prompt(normalized);
+        if (originatorClientId === void 0) {
+          delete entry.activePromptOriginatorClientId;
+        } else {
+          entry.activePromptOriginatorClientId = originatorClientId;
+        }
+        const promptPromise = entry.connection.prompt(normalized).finally(() => {
+          delete entry.activePromptOriginatorClientId;
+        });
         const racedPromise = Promise.race([
           promptPromise,
           getTransportClosedReject(entry)
@@ -13969,9 +14333,10 @@ function createHttpAcpBridge(opts) {
       );
       return result;
     },
-    async cancelSession(sessionId, req) {
+    async cancelSession(sessionId, req, context) {
       const entry = byId.get(sessionId);
       if (!entry) throw new SessionNotFoundError(sessionId);
+      resolveTrustedClientId(entry, context?.clientId);
       cancelPendingForSession(sessionId);
       const notif = req ? { ...req, sessionId } : { sessionId };
       await entry.connection.cancel(notif);
@@ -13981,17 +14346,69 @@ function createHttpAcpBridge(opts) {
       if (!entry) throw new SessionNotFoundError(sessionId);
       return entry.events.subscribe(subOpts);
     },
-    respondToPermission(requestId, response) {
+    respondToPermission(requestId, response, context) {
+      const pending = pendingPermissions.get(requestId);
+      let originatorClientId;
+      if (context?.clientId !== void 0 && !pending) {
+        resolveAnyTrustedClientId(context.clientId);
+      } else if (pending && context?.clientId !== void 0) {
+        const entry = byId.get(pending.sessionId);
+        if (entry) {
+          originatorClientId = resolveTrustedClientId(entry, context.clientId);
+        } else {
+          resolveAnyTrustedClientId(context.clientId);
+        }
+      }
+      if (!pending) {
+        const record = resolvedPermissions.get(requestId);
+        if (record) {
+          publishPermissionAlreadyResolved(record);
+        }
+        return false;
+      }
       if (response.outcome.outcome === "selected") {
-        const pending = pendingPermissions.get(requestId);
-        if (pending && !pending.allowedOptionIds.has(response.outcome.optionId)) {
+        if (!pending.allowedOptionIds.has(response.outcome.optionId)) {
           throw new InvalidPermissionOptionError(
             requestId,
             response.outcome.optionId
           );
         }
       }
-      return resolvePending(requestId, response);
+      return resolvePending(requestId, response, originatorClientId);
+    },
+    respondToSessionPermission(sessionId, requestId, response, context) {
+      const entry = byId.get(sessionId);
+      if (!entry) throw new SessionNotFoundError(sessionId);
+      const pending = pendingPermissions.get(requestId);
+      if (!pending) {
+        const record = resolvedPermissions.get(requestId);
+        if (record?.sessionId === sessionId) {
+          resolveTrustedClientId(entry, context?.clientId);
+          publishPermissionAlreadyResolved(record);
+        } else if (record) {
+          writeServeDebugLine(
+            `rejected permission vote ${JSON.stringify(requestId)} for session ${JSON.stringify(sessionId)}; request belongs to session ${JSON.stringify(record.sessionId)}.`
+          );
+        }
+        return false;
+      }
+      if (pending.sessionId !== sessionId) {
+        writeServeDebugLine(
+          `rejected permission vote ${JSON.stringify(requestId)} for session ${JSON.stringify(sessionId)}; request belongs to session ${JSON.stringify(pending.sessionId)}.`
+        );
+        return false;
+      }
+      const originatorClientId = resolveTrustedClientId(
+        entry,
+        context?.clientId
+      );
+      if (response.outcome.outcome === "selected" && !pending.allowedOptionIds.has(response.outcome.optionId)) {
+        throw new InvalidPermissionOptionError(
+          requestId,
+          response.outcome.optionId
+        );
+      }
+      return resolvePending(requestId, response, originatorClientId);
     },
     listWorkspaceSessions(workspaceCwd) {
       if (!path.isAbsolute(workspaceCwd)) return [];
@@ -14008,9 +14425,13 @@ function createHttpAcpBridge(opts) {
       }
       return out;
     },
-    async setSessionModel(sessionId, req) {
+    async setSessionModel(sessionId, req, context) {
       const entry = byId.get(sessionId);
       if (!entry) throw new SessionNotFoundError(sessionId);
+      const originatorClientId = resolveTrustedClientId(
+        entry,
+        context?.clientId
+      );
       const normalized = { ...req, sessionId };
       const conn = entry.connection;
       const transportClosed = getTransportClosedReject(entry);
@@ -14039,7 +14460,8 @@ function createHttpAcpBridge(opts) {
               sessionId: entry.sessionId,
               requestedModelId: req.modelId,
               error: err instanceof Error ? err.message : String(err)
-            }
+            },
+            ...originatorClientId ? { originatorClientId } : {}
           });
         } catch {
         }
@@ -14048,7 +14470,8 @@ function createHttpAcpBridge(opts) {
       try {
         entry.events.publish({
           type: "model_switched",
-          data: { sessionId: entry.sessionId, modelId: req.modelId }
+          data: { sessionId: entry.sessionId, modelId: req.modelId },
+          ...originatorClientId ? { originatorClientId } : {}
         });
       } catch {
       }
@@ -14078,16 +14501,17 @@ function createHttpAcpBridge(opts) {
       } catch {
       }
       entry.events.close();
-      if (ci && ci.sessionIds.size === 0) {
+      if (ci && ci.sessionIds.size === 0 && ci.pendingRestoreIds.size === 0) {
         ci.isDying = true;
         await ci.channel.kill().catch(() => {
         });
       }
     },
-    async detachClient(sessionId) {
+    async detachClient(sessionId, clientId) {
       const entry = byId.get(sessionId);
       if (!entry) return;
       if (entry.attachCount > 0) entry.attachCount--;
+      unregisterClient(entry, clientId);
       if (entry.spawnOwnerWantedKill && entry.attachCount === 0 && entry.events.subscriberCount === 0) {
         await this.killSession(sessionId).catch(() => {
         });
@@ -14135,6 +14559,12 @@ function createHttpAcpBridge(opts) {
           () => void 0
         )
       );
+      const inFlightRestoreAwaits = Array.from(inFlightRestores.values()).map(
+        (restore) => restore.promise.then(
+          () => void 0,
+          () => void 0
+        )
+      );
       const inFlightChannelAwait = inFlightChannelSpawn ? inFlightChannelSpawn.then(
         () => void 0,
         () => void 0
@@ -14143,6 +14573,7 @@ function createHttpAcpBridge(opts) {
         ...channels.map((ci) => ci.channel.kill().catch(() => {
         })),
         ...inFlightSessionAwaits,
+        ...inFlightRestoreAwaits,
         inFlightChannelAwait
       ]);
     }
@@ -14328,20 +14759,68 @@ function killChild(child) {
 }
 __name(killChild, "killChild");
 
+// packages/cli/src/serve/capabilities.ts
+init_esbuild_shims();
+var SERVE_PROTOCOL_VERSION = "v1";
+var SUPPORTED_SERVE_PROTOCOL_VERSIONS = [
+  SERVE_PROTOCOL_VERSION
+];
+var SERVE_CAPABILITY_REGISTRY = {
+  health: { since: "v1" },
+  capabilities: { since: "v1" },
+  session_create: { since: "v1" },
+  session_scope_override: { since: "v1" },
+  session_load: { since: "v1" },
+  // ACP backs this with `connection.unstable_resumeSession`. Surface
+  // the unstable prefix so clients don't pin against a `v1` shape that
+  // the underlying ACP method may still change.
+  unstable_session_resume: { since: "v1" },
+  session_list: { since: "v1" },
+  session_prompt: { since: "v1" },
+  session_cancel: { since: "v1" },
+  session_events: { since: "v1" },
+  session_set_model: { since: "v1" },
+  client_identity: { since: "v1" },
+  session_permission_vote: { since: "v1" },
+  permission_vote: { since: "v1" }
+};
+var SERVE_FEATURES = Object.freeze(
+  Object.keys(SERVE_CAPABILITY_REGISTRY)
+);
+function serveProtocolVersionIndex(version) {
+  return SUPPORTED_SERVE_PROTOCOL_VERSIONS.indexOf(version);
+}
+__name(serveProtocolVersionIndex, "serveProtocolVersionIndex");
+function isFeatureAvailableInProtocol(feature, protocolVersion) {
+  return serveProtocolVersionIndex(SERVE_CAPABILITY_REGISTRY[feature].since) <= serveProtocolVersionIndex(protocolVersion);
+}
+__name(isFeatureAvailableInProtocol, "isFeatureAvailableInProtocol");
+function getRegisteredServeFeatures() {
+  return [...SERVE_FEATURES];
+}
+__name(getRegisteredServeFeatures, "getRegisteredServeFeatures");
+function getAdvertisedServeFeatures(protocolVersion = SERVE_PROTOCOL_VERSION) {
+  return SERVE_FEATURES.filter(
+    (feature) => isFeatureAvailableInProtocol(feature, protocolVersion)
+  );
+}
+__name(getAdvertisedServeFeatures, "getAdvertisedServeFeatures");
+function getServeFeatures() {
+  return getAdvertisedServeFeatures();
+}
+__name(getServeFeatures, "getServeFeatures");
+function getServeProtocolVersions() {
+  return {
+    current: SERVE_PROTOCOL_VERSION,
+    supported: [...SUPPORTED_SERVE_PROTOCOL_VERSIONS]
+  };
+}
+__name(getServeProtocolVersions, "getServeProtocolVersions");
+
 // packages/cli/src/serve/types.ts
 init_esbuild_shims();
 var CAPABILITIES_SCHEMA_VERSION = 1;
-var STAGE1_FEATURES = [
-  "health",
-  "capabilities",
-  "session_create",
-  "session_list",
-  "session_prompt",
-  "session_cancel",
-  "session_events",
-  "session_set_model",
-  "permission_vote"
-];
+var STAGE1_FEATURES = SERVE_FEATURES;
 
 // packages/cli/src/serve/server.ts
 function createServeApp(opts, getPort = () => opts.port, deps = {}) {
@@ -14385,8 +14864,9 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
   app.get("/capabilities", (_req, res) => {
     const envelope = {
       v: CAPABILITIES_SCHEMA_VERSION,
+      protocolVersions: getServeProtocolVersions(),
       mode: opts.mode,
-      features: [...STAGE1_FEATURES],
+      features: getAdvertisedServeFeatures(),
       modelServices: [],
       // #3803 §02: surface the bound workspace so clients can detect
       // mismatch pre-flight and omit `cwd` on `POST /session`.
@@ -14413,17 +14893,33 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
       return;
     }
     const modelServiceId = typeof body["modelServiceId"] === "string" ? body["modelServiceId"] : void 0;
+    const rawSessionScope = body["sessionScope"];
+    let sessionScope;
+    if (rawSessionScope !== void 0) {
+      if (rawSessionScope !== "single" && rawSessionScope !== "thread") {
+        res.status(400).json({
+          error: '`sessionScope` must be "single" or "thread" when provided',
+          code: "invalid_session_scope"
+        });
+        return;
+      }
+      sessionScope = rawSessionScope;
+    }
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) return;
     try {
       const session = await bridge.spawnOrAttach({
         workspaceCwd: cwd,
-        modelServiceId
+        modelServiceId,
+        ...clientId !== void 0 ? { clientId } : {},
+        ...sessionScope !== void 0 ? { sessionScope } : {}
       });
       if (!res.writable) {
         if (!session.attached) {
           bridge.killSession(session.sessionId, { requireZeroAttaches: true }).catch(() => {
           });
         } else {
-          bridge.detachClient(session.sessionId).catch(() => {
+          bridge.detachClient(session.sessionId, session.clientId).catch(() => {
           });
         }
         return;
@@ -14433,6 +14929,47 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
       sendBridgeError(res, err, { route: "POST /session" });
     }
   });
+  const restoreSessionHandler = /* @__PURE__ */ __name((action) => async (req, res) => {
+    const sessionId = req.params["id"];
+    if (!sessionId) {
+      res.status(400).json({ error: "`sessionId` route parameter is required" });
+      return;
+    }
+    const body = safeBody(req);
+    const cwd = parseOptionalWorkspaceCwd(body, boundWorkspace, res);
+    if (cwd === void 0) return;
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) return;
+    try {
+      const session = action === "load" ? await bridge.loadSession({
+        sessionId,
+        workspaceCwd: cwd,
+        ...clientId !== void 0 ? { clientId } : {}
+      }) : await bridge.resumeSession({
+        sessionId,
+        workspaceCwd: cwd,
+        ...clientId !== void 0 ? { clientId } : {}
+      });
+      if (!res.writable) {
+        if (!session.attached) {
+          bridge.killSession(session.sessionId, { requireZeroAttaches: true }).catch(() => {
+          });
+        } else {
+          bridge.detachClient(session.sessionId, session.clientId).catch(() => {
+          });
+        }
+        return;
+      }
+      res.status(200).json(session);
+    } catch (err) {
+      sendBridgeError(res, err, {
+        route: `POST /session/:id/${action}`,
+        sessionId
+      });
+    }
+  }, "restoreSessionHandler");
+  app.post("/session/:id/load", restoreSessionHandler("load"));
+  app.post("/session/:id/resume", restoreSessionHandler("resume"));
   app.post("/session/:id/prompt", async (req, res) => {
     const sessionId = req.params["id"];
     const body = safeBody(req);
@@ -14464,6 +15001,11 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
       if (!res.writableEnded) abort.abort();
     }, "onResClose");
     res.once("close", onResClose);
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) {
+      res.off("close", onResClose);
+      return;
+    }
     try {
       const result = await bridge.sendPrompt(
         sessionId,
@@ -14472,7 +15014,8 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
           sessionId,
           prompt
         },
-        abort.signal
+        abort.signal,
+        clientId !== void 0 ? { clientId } : void 0
       );
       res.status(200).json(result);
     } catch (err) {
@@ -14490,11 +15033,17 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
   app.post("/session/:id/cancel", async (req, res) => {
     const sessionId = req.params["id"];
     const body = safeBody(req);
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) return;
     try {
-      await bridge.cancelSession(sessionId, {
-        ...body,
-        sessionId
-      });
+      await bridge.cancelSession(
+        sessionId,
+        {
+          ...body,
+          sessionId
+        },
+        clientId !== void 0 ? { clientId } : void 0
+      );
       res.status(204).end();
     } catch (err) {
       sendBridgeError(res, err, {
@@ -14532,12 +15081,18 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
       });
       return;
     }
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) return;
     try {
-      const response = await bridge.setSessionModel(sessionId, {
-        ...body,
+      const response = await bridge.setSessionModel(
         sessionId,
-        modelId
-      });
+        {
+          ...body,
+          sessionId,
+          modelId
+        },
+        clientId !== void 0 ? { clientId } : void 0
+      );
       res.status(200).json(response);
     } catch (err) {
       sendBridgeError(res, err, {
@@ -14546,33 +15101,56 @@ function createServeApp(opts, getPort = () => opts.port, deps = {}) {
       });
     }
   });
-  app.post("/permission/:requestId", (req, res) => {
+  app.post("/session/:id/permission/:requestId", (req, res) => {
+    const sessionId = req.params["id"];
     const requestId = req.params["requestId"];
-    const body = safeBody(req);
-    const outcome = body["outcome"];
-    if (!isValidOutcome(outcome)) {
-      res.status(400).json({
-        error: '`outcome` must be `{ outcome: "cancelled" }` or `{ outcome: "selected", optionId: string }`'
+    const response = parsePermissionVoteBody(req, res);
+    if (response === void 0) return;
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) return;
+    let accepted;
+    try {
+      accepted = bridge.respondToSessionPermission(
+        sessionId,
+        requestId,
+        response,
+        clientId !== void 0 ? { clientId } : void 0
+      );
+    } catch (err) {
+      sendPermissionVoteError(res, err, {
+        route: "POST /session/:id/permission/:requestId",
+        sessionId
+      });
+      return;
+    }
+    if (!accepted) {
+      res.status(404).json({
+        error: "No pending permission request for session",
+        sessionId,
+        requestId
       });
       return;
     }
+    res.status(200).json({});
+  });
+  app.post("/permission/:requestId", (req, res) => {
+    const requestId = req.params["requestId"];
+    const response = parsePermissionVoteBody(req, res);
+    if (response === void 0) return;
+    const clientId = parseClientIdHeader(req, res);
+    if (clientId === null) return;
     let accepted;
     try {
-      accepted = bridge.respondToPermission(requestId, {
-        ...body,
-        outcome
-      });
+      accepted = bridge.respondToPermission(
+        requestId,
+        response,
+        clientId !== void 0 ? { clientId } : void 0
+      );
     } catch (err) {
-      if (err instanceof InvalidPermissionOptionError) {
-        res.status(400).json({
-          error: err.message,
-          code: "invalid_option_id",
-          requestId: err.requestId,
-          optionId: err.optionId
-        });
-        return;
-      }
-      throw err;
+      sendPermissionVoteError(res, err, {
+        route: "POST /permission/:requestId"
+      });
+      return;
     }
     if (!accepted) {
       res.status(404).json({ error: "No pending permission request", requestId });
@@ -14728,6 +15306,10 @@ var PROTOTYPE_POLLUTION_KEYS = /* @__PURE__ */ new Set([
   "constructor",
   "prototype"
 ]);
+var CLIENT_ID_HEADER = "x-qwen-client-id";
+var MAX_CLIENT_ID_LENGTH = 128;
+var CLIENT_ID_RE = /^[A-Za-z0-9._:-]+$/;
+var INVALID_PERMISSION_OUTCOME_ERROR = '`outcome` must be `{ outcome: "cancelled" }` or `{ outcome: "selected", optionId: string }`';
 function safeBody(req) {
   const raw = req.body;
   if (typeof raw !== "object" || raw === null || Array.isArray(raw)) {
@@ -14741,6 +15323,52 @@ function safeBody(req) {
   return out;
 }
 __name(safeBody, "safeBody");
+function parseOptionalWorkspaceCwd(body, boundWorkspace, res) {
+  const hasCwd = "cwd" in body;
+  if (hasCwd && typeof body["cwd"] !== "string") {
+    res.status(400).json({ error: "`cwd` must be a string absolute path when provided" });
+    return void 0;
+  }
+  if (hasCwd && body["cwd"].length > MAX_WORKSPACE_PATH_LENGTH) {
+    res.status(400).json({
+      error: `\`cwd\` exceeds the ${MAX_WORKSPACE_PATH_LENGTH}-character limit`
+    });
+    return void 0;
+  }
+  const cwd = hasCwd ? body["cwd"] : boundWorkspace;
+  if (!path2.isAbsolute(cwd)) {
+    res.status(400).json({ error: "`cwd` must be an absolute path when provided" });
+    return void 0;
+  }
+  return cwd;
+}
+__name(parseOptionalWorkspaceCwd, "parseOptionalWorkspaceCwd");
+function parseClientIdHeader(req, res) {
+  const raw = req.get(CLIENT_ID_HEADER);
+  if (raw === void 0 || raw === "") return void 0;
+  if (raw.length > MAX_CLIENT_ID_LENGTH || !CLIENT_ID_RE.test(raw)) {
+    res.status(400).json({
+      error: "`X-Qwen-Client-Id` must be a non-empty token of 128 characters or fewer",
+      code: "invalid_client_id"
+    });
+    return null;
+  }
+  return raw;
+}
+__name(parseClientIdHeader, "parseClientIdHeader");
+function parsePermissionVoteBody(req, res) {
+  const body = safeBody(req);
+  const outcome = body["outcome"];
+  if (!isValidOutcome(outcome)) {
+    res.status(400).json({ error: INVALID_PERMISSION_OUTCOME_ERROR });
+    return void 0;
+  }
+  return {
+    ...body,
+    outcome
+  };
+}
+__name(parsePermissionVoteBody, "parsePermissionVoteBody");
 function isValidOutcome(raw) {
   if (typeof raw !== "object" || raw === null) return false;
   const obj = raw;
@@ -14767,6 +15395,19 @@ function parseLastEventId(raw) {
   return n;
 }
 __name(parseLastEventId, "parseLastEventId");
+function sendPermissionVoteError(res, err, ctx) {
+  if (err instanceof InvalidPermissionOptionError) {
+    res.status(400).json({
+      error: err.message,
+      code: "invalid_option_id",
+      requestId: err.requestId,
+      optionId: err.optionId
+    });
+    return;
+  }
+  sendBridgeError(res, err, ctx);
+}
+__name(sendPermissionVoteError, "sendPermissionVoteError");
 function formatSseFrame(event) {
   const dataJson = JSON.stringify(event);
   const idLine = "id" in event && event.id !== void 0 ? `id: ${event.id}
@@ -14782,6 +15423,15 @@ function sendBridgeError(res, err, ctx) {
     res.status(404).json({ error: err.message, sessionId: err.sessionId });
     return;
   }
+  if (err instanceof InvalidClientIdError) {
+    res.status(400).json({
+      error: err.message,
+      code: "invalid_client_id",
+      sessionId: err.sessionId,
+      clientId: err.clientId
+    });
+    return;
+  }
   if (err instanceof WorkspaceMismatchError) {
     writeStderrLine(
       `qwen serve: workspace_mismatch (POST /session): daemon bound to ${JSON.stringify(err.bound)}, rejected ${JSON.stringify(err.requested)}`
@@ -14794,6 +15444,13 @@ function sendBridgeError(res, err, ctx) {
     });
     return;
   }
+  if (err instanceof InvalidSessionScopeError) {
+    res.status(400).json({
+      error: err.message,
+      code: "invalid_session_scope"
+    });
+    return;
+  }
   if (err instanceof SessionLimitExceededError) {
     res.set("Retry-After", "5");
     res.status(503).json({
@@ -14803,6 +15460,17 @@ function sendBridgeError(res, err, ctx) {
     });
     return;
   }
+  if (err instanceof RestoreInProgressError) {
+    res.set("Retry-After", "5");
+    res.status(409).json({
+      error: err.message,
+      code: "restore_in_progress",
+      sessionId: err.sessionId,
+      activeAction: err.activeAction,
+      requestedAction: err.requestedAction
+    });
+    return;
+  }
   const ctxParts = [
     ctx?.route,
     ctx?.sessionId ? `session=${ctx.sessionId}` : void 0
@@ -15066,12 +15734,20 @@ export {
   CAPABILITIES_SCHEMA_VERSION,
   EVENT_SCHEMA_VERSION,
   EventBus,
+  SERVE_CAPABILITY_REGISTRY,
+  SERVE_FEATURES,
+  SERVE_PROTOCOL_VERSION,
   STAGE1_FEATURES,
+  SUPPORTED_SERVE_PROTOCOL_VERSIONS,
   SessionNotFoundError,
   createHttpAcpBridge,
   createInMemoryChannel,
   createServeApp,
   defaultSpawnChannelFactory,
+  getAdvertisedServeFeatures,
+  getRegisteredServeFeatures,
+  getServeFeatures,
+  getServeProtocolVersions,
   runQwenServe
 };
 /**