@qwen-code/qwen-code 0.18.0 → 0.18.1-preview.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (115) hide show
  1. package/bundled/loop/SKILL.md +2 -1
  2. package/bundled/qc-helper/docs/common-workflow.md +4 -4
  3. package/bundled/qc-helper/docs/configuration/auth.md +1 -1
  4. package/bundled/qc-helper/docs/configuration/model-providers.md +13 -6
  5. package/bundled/qc-helper/docs/configuration/settings.md +90 -87
  6. package/bundled/qc-helper/docs/features/dual-output.md +37 -3
  7. package/bundled/qc-helper/docs/features/skills.md +29 -3
  8. package/bundled/qc-helper/docs/features/sub-agents.md +5 -4
  9. package/bundled/qc-helper/docs/qwen-serve.md +32 -23
  10. package/bundled/qc-helper/docs/reference/keyboard-shortcuts.md +30 -30
  11. package/bundled/review/SKILL.md +3 -1
  12. package/bundled/simplify/SKILL.md +1 -1
  13. package/chunks/{agent-LOTJK6AH.js → agent-WK5GYOPC.js} +21 -20
  14. package/chunks/{agent-headless-TU3EPMYU.js → agent-headless-KZJALDQF.js} +21 -20
  15. package/chunks/{anthropicContentGenerator-2HBRNQ3B.js → anthropicContentGenerator-DCI26OQF.js} +4 -4
  16. package/chunks/{askUserQuestion-OGCMIBQM.js → askUserQuestion-NDNFGC35.js} +2 -2
  17. package/chunks/{ca-BARBRL6N.js → ca-RK4QPLIX.js} +18 -1
  18. package/chunks/{chunk-BIVG75CP.js → chunk-26QELEL2.js} +1 -1
  19. package/chunks/{chunk-LBP46COL.js → chunk-27STU35P.js} +83 -15
  20. package/chunks/{chunk-ZTZ4DDQE.js → chunk-3NRO6NHX.js} +2 -2
  21. package/chunks/{chunk-XV4HCEVI.js → chunk-6WPY6ES3.js} +41 -22
  22. package/chunks/{chunk-A7B4ISQP.js → chunk-B4ZF2KSI.js} +1 -1
  23. package/chunks/chunk-BJ5HQ23U.js +178 -0
  24. package/chunks/{chunk-PL3MVCWD.js → chunk-BW7CMDF3.js} +11 -11
  25. package/chunks/{chunk-OHEGWO4L.js → chunk-CPVI5J2L.js} +1 -1
  26. package/chunks/{chunk-LEJ42GNY.js → chunk-DYCU43TE.js} +6 -6
  27. package/chunks/{chunk-6YIUGZTC.js → chunk-E322ZT4P.js} +281 -132
  28. package/chunks/{chunk-SEGYWKIH.js → chunk-FIQECJTQ.js} +1 -1
  29. package/chunks/{chunk-HR7SV7AY.js → chunk-HA2UEYZP.js} +6 -2
  30. package/chunks/{chunk-2Y5SYSD3.js → chunk-IDYDPBBN.js} +3 -3
  31. package/chunks/{chunk-3HTIVKZE.js → chunk-IQHSD7K5.js} +1 -1
  32. package/chunks/{chunk-MFBBBTNY.js → chunk-JZFEL3RB.js} +1 -1
  33. package/chunks/{chunk-B7HXHOHU.js → chunk-LXYWINWF.js} +1 -1
  34. package/chunks/{chunk-IDX6COTE.js → chunk-LYRSMKLS.js} +2 -2
  35. package/chunks/{chunk-M6VTDSVR.js → chunk-LYSND7KR.js} +9 -4
  36. package/chunks/{chunk-EYENRK4D.js → chunk-NNIYWQIS.js} +1 -1
  37. package/chunks/chunk-OMX7CUOE.js +356 -0
  38. package/chunks/{chunk-R7ODSGTK.js → chunk-OT6JA3KQ.js} +2 -2
  39. package/chunks/{chunk-IWAYOW5Q.js → chunk-Q3NN2XUW.js} +6661 -4210
  40. package/chunks/{chunk-72LDN5PP.js → chunk-QP4R5FTG.js} +1 -1
  41. package/chunks/{chunk-7BCMOPIM.js → chunk-RLFLJVHU.js} +31 -12
  42. package/chunks/{chunk-3DHXZ6EV.js → chunk-SFRV6BGY.js} +6 -4
  43. package/chunks/{chunk-JTQAQBTV.js → chunk-VU6A2OBJ.js} +20 -6
  44. package/chunks/{chunk-HLPLOD42.js → chunk-VXHYMZXW.js} +1 -1
  45. package/chunks/{chunk-J5MDQKJL.js → chunk-WPTCDQN6.js} +2 -347
  46. package/chunks/{chunk-SNGELLWX.js → chunk-ZMIBJS45.js} +1 -1
  47. package/chunks/{chunk-XBY7E2FX.js → chunk-ZOFNJQNJ.js} +6 -4
  48. package/chunks/computer-use-4ELNIZMF.js +2052 -0
  49. package/chunks/{contextCommand-K347QT6O.js → contextCommand-E2V26QGD.js} +23 -22
  50. package/chunks/cron-create-7CXEAJ2K.js +184 -0
  51. package/chunks/{cron-delete-WKWSJZQA.js → cron-delete-2FQYYNQ6.js} +27 -4
  52. package/chunks/{cron-list-B52XEXAZ.js → cron-list-QCAJ73XE.js} +39 -6
  53. package/chunks/{de-YGKK2BC4.js → de-FGPM4KW5.js} +18 -1
  54. package/chunks/{dist-4LXD6L6X.js → dist-2UCAYOX7.js} +2 -2
  55. package/chunks/{dist-H6ONXVLG.js → dist-33LHH26D.js} +1 -1
  56. package/chunks/{dist-PK7DFCAW.js → dist-KF43SZZV.js} +1 -1
  57. package/chunks/{dist-KAZ3SEBX.js → dist-PF2IYSMD.js} +1 -1
  58. package/chunks/{edit-KU4PJGEX.js → edit-IC3ECG44.js} +23 -24
  59. package/chunks/{en-DHGYHIHX.js → en-VP6XPGEC.js} +5 -2
  60. package/chunks/{enter-worktree-PPYIDCWI.js → enter-worktree-ETQWM7BB.js} +21 -20
  61. package/chunks/{enterPlanMode-5CZDMCB4.js → enterPlanMode-VL3F45RF.js} +21 -20
  62. package/chunks/{exit-worktree-UY3CGHKC.js → exit-worktree-F5BJXBFB.js} +21 -20
  63. package/chunks/{exitPlanMode-3DN4QNSG.js → exitPlanMode-VOC7G5FJ.js} +71 -31
  64. package/chunks/{fr-JXBKPJKQ.js → fr-ATYBVCLT.js} +18 -1
  65. package/chunks/{geminiContentGenerator-7A6I2RWB.js → geminiContentGenerator-7D2QZ5FE.js} +4 -4
  66. package/chunks/{glob-OFNQSS52.js → glob-XTABUPPR.js} +21 -20
  67. package/chunks/{grep-6J2MSUM5.js → grep-MRCXYH2N.js} +30 -26
  68. package/chunks/{ja-TGPZSP2B.js → ja-W2QEA2OI.js} +18 -1
  69. package/chunks/{keychain-token-storage-6IU6ORQN.js → keychain-token-storage-QSTRHKKL.js} +2 -2
  70. package/chunks/{ls-V3O6A5PT.js → ls-XVGXRYWD.js} +3 -3
  71. package/chunks/{lsp-G2OCIFUA.js → lsp-S6SHPULC.js} +2 -2
  72. package/chunks/{monitor-FKLHV423.js → monitor-LNRRNJJB.js} +21 -20
  73. package/chunks/{notebook-edit-KTBYFKWG.js → notebook-edit-IS3UYVGM.js} +22 -21
  74. package/chunks/{openaiContentGenerator-L5KSWQY7.js → openaiContentGenerator-P772OZ6K.js} +11 -11
  75. package/chunks/{pt-TIBG6BIO.js → pt-ZKEWJFBW.js} +18 -1
  76. package/chunks/{qwenContentGenerator-PYOXLMBW.js → qwenContentGenerator-Y6YGZRHH.js} +23 -22
  77. package/chunks/{qwenOAuth2-2KCKWDCF.js → qwenOAuth2-KK433U33.js} +4 -4
  78. package/chunks/{read-file-JQVRK4NU.js → read-file-2JIJ646W.js} +8 -8
  79. package/chunks/{ripGrep-2L4LPNAJ.js → ripGrep-Z74CN4MW.js} +21 -20
  80. package/chunks/{ru-JBCHCK4L.js → ru-VEKTPJ74.js} +18 -1
  81. package/chunks/{scheduler-FGNXY4JQ.js → scheduler-KFG4TT3A.js} +21 -20
  82. package/chunks/{send-message-SZFWNOCL.js → send-message-SMNR5DBG.js} +2 -2
  83. package/chunks/{serve-N2IBLA3G.js → serve-XDZAE3KF.js} +998 -278
  84. package/chunks/{shell-PTEG6UX4.js → shell-BTAJJJHO.js} +21 -20
  85. package/chunks/{skill-X4NTK4NH.js → skill-LSM726DP.js} +10 -10
  86. package/chunks/{src-GLLQ3R5W.js → src-JMUZP4A4.js} +44 -26
  87. package/chunks/{syntheticOutput-IKAY5F6X.js → syntheticOutput-KMNF7YG6.js} +3 -3
  88. package/chunks/{task-create-MQICOJFV.js → task-create-LIJHK75G.js} +7 -6
  89. package/chunks/{task-list-RIHJCH32.js → task-list-S4GNSILM.js} +6 -5
  90. package/chunks/{task-stop-FWZRFANS.js → task-stop-3GBRYJHM.js} +2 -2
  91. package/chunks/{task-update-2LHPXOYM.js → task-update-F3UTVJMS.js} +7 -6
  92. package/chunks/{team-create-2E4PF4KN.js → team-create-S5ZBN464.js} +21 -20
  93. package/chunks/{team-delete-DAUDQS4J.js → team-delete-54434EB7.js} +6 -5
  94. package/chunks/{todoWrite-HTUACZES.js → todoWrite-4ENGSBUX.js} +4 -4
  95. package/chunks/{tool-search-KTVULRES.js → tool-search-NUOEJ4LF.js} +8 -8
  96. package/chunks/{web-fetch-CZ7LLKPE.js → web-fetch-RHZMF3MP.js} +4 -4
  97. package/chunks/{workflow-L2ZUUDT2.js → workflow-ZI3ZXNU6.js} +503 -49
  98. package/chunks/{write-file-ZEB2JDYH.js → write-file-MHQLLZWY.js} +22 -21
  99. package/chunks/{zh-7H5OQC4I.js → zh-OIXDDQHB.js} +5 -2
  100. package/chunks/{zh-TW-P4IDHD3M.js → zh-TW-6YFNCKTA.js} +5 -2
  101. package/cli-entry.js +19 -0
  102. package/cli.js +6645 -4971
  103. package/locales/ca.js +20 -2
  104. package/locales/de.js +21 -2
  105. package/locales/en.js +7 -4
  106. package/locales/fr.js +22 -2
  107. package/locales/ja.js +22 -2
  108. package/locales/pt.js +21 -2
  109. package/locales/ru.js +20 -2
  110. package/locales/zh-TW.js +6 -4
  111. package/locales/zh.js +6 -4
  112. package/package.json +4 -3
  113. package/chunks/chunk-SKBPNJEW.js +0 -45
  114. package/chunks/computer-use-3RH2DOM6.js +0 -825
  115. package/chunks/cron-create-YJL3KFWI.js +0 -140
package/bundled/qc-helper/docs/features/skills.md CHANGED
@@ -118,9 +118,35 @@ Notes:
118
118
 
119
119
  - Globs are matched relative to the project root with [picomatch](https://github.com/micromatch/picomatch); files outside the project root never trigger activation.
120
120
  - A path-gated Skill **stays activated for the rest of the session** once a matching file is touched. A new session, or a `refreshCache` triggered by editing any Skill file, resets activations.
121
- - `paths:` only gates **model** discovery, and only at the SkillTool listing level. You can always invoke a path-gated Skill yourself via `/<skill-name>` or the `/skills` picker — that user path runs the Skill body regardless of activation state. The model side, however, stays gated until a matching file is touched: a slash invocation does **not** unlock model-side activation, so if you want the model to chain off your invocation (call `Skill { skill: ... }` itself), also access a file matching the skill's `paths:` first.
121
+ - `paths:` only gates **model** discovery, and only at the SkillTool listing level. Unless `user-invocable: false` is set, you can always invoke a path-gated Skill yourself via `/<skill-name>` or the `/skills` picker — that user path runs the Skill body regardless of activation state. The model side, however, stays gated until a matching file is touched: a slash invocation does **not** unlock model-side activation, so if you want the model to chain off your invocation (call `Skill { skill: ... }` itself), also access a file matching the skill's `paths:` first.
122
122
  - Combining `paths:` with `disable-model-invocation: true` is allowed but the gate has no effect — the Skill is hidden from the model regardless, so path activation never advertises it.
123
123
 
124
+ ### Optional: control user and model invocation
125
+
126
+ Skills are user-invocable by default. To hide a Skill from direct slash-command use while keeping it available for model invocation, set `user-invocable: false`:
127
+
128
+ ```yaml
129
+ ---
130
+ name: model-only-helper
131
+ description: Helper the model can call when appropriate
132
+ user-invocable: false
133
+ ---
134
+ ```
135
+
136
+ This removes the Skill from `/<skill-name>` invocation and `/skills` picker results. It does not hide the Skill from the model.
137
+
138
+ To hide a Skill from model invocation while keeping direct user invocation available, set `disable-model-invocation: true`:
139
+
140
+ ```yaml
141
+ ---
142
+ name: manual-helper
143
+ description: Helper you invoke manually
144
+ disable-model-invocation: true
145
+ ---
146
+ ```
147
+
148
+ You can combine both fields, but then the Skill is not reachable through the normal user or model invocation paths.
149
+
124
150
  ## Add supporting files
125
151
 
126
152
  Create additional files alongside `SKILL.md`:
@@ -170,9 +196,9 @@ To view available Skills, ask Qwen Code directly:
170
196
  What Skills are available?
171
197
  ```
172
198
 
173
- > **Heads up — model vs. user view.** Asking the model only surfaces Skills the model can currently see. If a Skill uses `paths:` (see "Optional: gate a Skill on file paths" above), it stays out of that listing until a matching file has been touched. The full set is always visible to you via the `/skills` slash command and on disk.
199
+ > **Heads up — model vs. user view.** Asking the model only surfaces Skills the model can currently see. If a Skill uses `paths:` (see "Optional: gate a Skill on file paths" above), it stays out of that listing until a matching file has been touched. The `/skills` slash command shows Skills you can invoke directly; Skills with `user-invocable: false` remain visible on disk and may still be visible to the model.
174
200
 
175
- Or browse the full list with the slash command (always shows every Skill, including path-gated ones that have not activated yet):
201
+ Or browse the user-invocable list with the slash command (including path-gated Skills that have not activated yet):
176
202
 
177
203
  ```text
178
204
  /skills
package/bundled/qc-helper/docs/features/sub-agents.md CHANGED
@@ -12,9 +12,9 @@ Subagents are independent AI assistants that:
12
12
  - **Work autonomously** - Once given a task, they work independently until completion or failure
13
13
  - **Provide detailed feedback** - You can see their progress, tool usage, and execution statistics in real-time
14
14
 
15
- ## Fork Subagent (Implicit Fork)
15
+ ## Fork Subagent
16
16
 
17
- In addition to named subagents, Qwen Code supports **implicit forking** — when the AI omits the `subagent_type` parameter, it triggers a fork that inherits the parent's full conversation context.
17
+ In addition to named subagents, Qwen Code supports **forking** — selected explicitly with `subagent_type: "fork"` (available in interactive sessions). A fork inherits the parent's full conversation context and runs detached in the background. Omitting `subagent_type` does **not** fork; it launches the general-purpose subagent, which runs to completion and returns its result inline.
18
18
 
19
19
  ### How Fork Differs from Named Subagents
20
20
 
@@ -59,7 +59,7 @@ Fork children cannot create further forks. This is enforced at runtime — if a
59
59
  ## How Subagents Work
60
60
 
61
61
  1. **Configuration**: You create Subagents configurations that define their behavior, tools, and system prompts
62
- 2. **Delegation**: The main AI can automatically delegate tasks to appropriate Subagents — or implicitly fork when no specific subagent type is needed
62
+ 2. **Delegation**: The main AI can automatically delegate tasks to appropriate Subagents — or fork itself (`subagent_type: "fork"`) when it wants to inherit the full conversation context and discard the intermediate output
63
63
  3. **Execution**: Subagents work independently, using their configured tools to complete tasks
64
64
  4. **Results**: They return results and execution summaries back to the main conversation
65
65
 
@@ -135,7 +135,7 @@ Subagents are configured using Markdown files with YAML frontmatter. This format
135
135
  name: agent-name
136
136
  description: Brief description of when and how to use this agent
137
137
  model: inherit # Optional: inherit, fast, modelId, or authType:modelId
138
- approvalMode: auto-edit # Optional: default, plan, auto-edit, yolo
138
+ approvalMode: auto-edit # Optional: default, plan, auto-edit, yolo, bubble
139
139
  tools: # Optional: allowlist of tools
140
140
  - tool1
141
141
  - tool2
@@ -202,6 +202,7 @@ Use the optional `approvalMode` frontmatter field to control how a subagent's to
202
202
  - `plan`: Analyze-only mode — the agent plans but does not execute changes
203
203
  - `auto-edit`: Tools are auto-approved without prompting (recommended for most agents)
204
204
  - `yolo`: All tools auto-approved, including potentially destructive ones
205
+ - `bubble`: Background-agent tool approvals are surfaced in the parent session
205
206
 
206
207
  If you omit this field, the subagent's permission mode is determined automatically:
207
208
 
package/bundled/qc-helper/docs/qwen-serve.md CHANGED
@@ -43,8 +43,9 @@ The first npm release of `qwen serve` (v0.16-alpha) is intentionally narrow —
43
43
  - ✅ Boot-time security gate (refuses non-loopback bind without a token, [PR 15 / #4236](https://github.com/QwenLM/qwen-code/pull/4236))
44
44
  - ✅ Mutation-route auth gate, session-scoped permission routing (Wave 4 PRs)
45
45
  - ✅ MCP guardrails + multi-client permission coordination (F2 / F3)
46
- - ⏸️ **Prompt absolute deadline + SSE writer idle timeout** — current AbortSignal + 15s heartbeat + `res.on('error')` cleanup is sufficient for local dev; explicit application-layer deadlines defer to v0.16.x once a remote / long-running scenario lands.
47
- - ⏸️ **Rate limiting + observability + load test harness** — defers to v0.17 F4 Phase-1 scale instrumentation when 30-50 active sessions becomes a real target.
46
+ - **Prompt absolute deadline + SSE writer idle timeout** — opt-in via `--prompt-deadline-ms` and `--writer-idle-timeout-ms`; advertised through `prompt_absolute_deadline` and `writer_idle_timeout` when enabled.
47
+ - **HTTP rate limiting** — opt-in via `--rate-limit` and per-tier thresholds; advertised through `rate_limit` when enabled.
48
+ - ⏸️ **Prometheus metrics + load test harness** — defers to v0.17 F4 Phase-1 scale instrumentation when 30-50 active sessions becomes a real target.
48
49
  - ⏸️ **`--max-body-size` CLI flag** — daemon enforces `express.json({ limit: '10mb' })` by default which comfortably covers text-only prompts (model context windows are well under 10 MiB of chars). Tunable via flag in v0.16.x.
49
50
 
50
51
  For the deeper "what we won't fix in Stage 1" enumeration (single-host session-state mutation model + N-parallel-sessions sharing one ACP child), see [Stage 1 scope boundaries](#stage-1-scope-boundaries--what-we-wont-fix-in-stage-15) below.
@@ -73,6 +74,7 @@ curl http://127.0.0.1:4170/capabilities
73
74
  ```
74
75
 
75
76
  The `workspaceCwd` field surfaces the bound workspace so clients can pre-flight check + omit `cwd` on `POST /session`.
77
+ The `limits.maxPendingPromptsPerSession` field advertises the active per-session prompt admission cap; `null` means the cap is disabled.
76
78
 
77
79
  The daemon also exposes read-only runtime snapshots for client UIs:
78
80
  `GET /workspace/mcp`, `GET /workspace/skills`, `GET /workspace/providers`,
@@ -202,20 +204,21 @@ The token comparison is constant-time (SHA-256 + `crypto.timingSafeEqual`); 401
202
204
 
203
205
  ## CLI flags
204
206
 
205
- | Flag | Default | Purpose |
206
- | ------------------------- | --------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
207
- | `--port <n>` | `4170` | TCP port. `0` = OS-assigned ephemeral port. |
208
- | `--hostname <addr>` | `127.0.0.1` | Bind interface. Anything beyond loopback requires a token. |
209
- | `--token <str>` | — | Bearer token. Falls back to `QWEN_SERVER_TOKEN` env var (with leading/trailing whitespace stripped — handy for `$(cat token.txt)`). |
210
- | `--require-auth` | `false` | Refuse to start without a bearer token, even on loopback. Hardens the `127.0.0.1` developer default for shared dev hosts / CI runners / multi-tenant workstations where any local user can hit the listener. Boots only with `--token` or `QWEN_SERVER_TOKEN` set; gates `/health` behind the bearer too. |
211
- | `--max-sessions <n>` | `20` | Cap on concurrent live sessions. New `POST /session` requests that would spawn a fresh child return `503` (with `Retry-After: 5`) when the cap is hit; attaches to existing sessions are NOT counted. Set to `0` to disable. Sized for single-user / small-team usage; raise it if your deployment has the RAM/FD headroom (~30–50 MB per session). |
212
- | `--workspace <path>` | `process.cwd()` | Absolute workspace path this daemon binds to (per [#3803](https://github.com/QwenLM/qwen-code/issues/3803) §02 1 daemon = 1 workspace). `POST /session` requests with a mismatched `cwd` return `400 workspace_mismatch`. For multi-workspace deployments, run one `qwen serve` per workspace on separate ports. |
213
- | `--max-connections <n>` | `256` | Listener-level TCP connection cap (`server.maxConnections`). Bounds raw socket count irrespective of session count slow / phantom SSE clients get rejected at accept time once full. Raise alongside `--max-sessions` if your deployment expects many SSE subscribers per session. |
214
- | `--event-ring-size <n>` | `8000` | Per-session SSE replay ring depth (#3803 §02 target). Sets the backlog available to `GET /session/:id/events` with `Last-Event-ID: N`. Larger = more reconnect headroom at the cost of a few hundred KB extra RAM per session. SDK clients can additionally request a larger per-subscriber backlog cap on a specific subscription via `?maxQueued=N` (range `[16, 2048]`, default 256). Daemons also emit a non-terminal `slow_client_warning` SSE frame at 75% queue fill so clients can drain / reconnect before getting evicted. Pre-flight `caps.features.slow_client_warning`. |
215
- | `--mcp-client-budget <n>` | | Positive integer cap on live MCP clients **per ACP session** (issue [#4175](https://github.com/QwenLM/qwen-code/issues/4175) PR 14 v1; PR 23 graduates this to per-workspace via the shared MCP pool). Combine with `--mcp-budget-mode`. When unset, no accounting-driven enforcement (but `GET /workspace/mcp` still reports `clientCount`). Distinct from claude-code's `MCP_SERVER_CONNECTION_BATCH_SIZE` which gates startup concurrency, not the total client count. Pre-flight `caps.features.mcp_guardrails`. |
216
- | `--mcp-budget-mode <m>` | `warn` / `off` | How `--mcp-client-budget` is enforced. `warn` (default when budget set): no refusal, snapshot's `budgets[0].status` flips to `warning` at ≥75% of budget. `enforce`: connects past the cap are refused, per-server cell shows `disabledReason: 'budget'`, deterministic by `mcpServers` declaration order. `off` (default when budget unset): pure observability. Boot rejects `enforce` without a budget. |
217
- | `--http-bridge` | `true` | Stage 1 mode: one `qwen --acp` child per daemon (bound to one workspace at boot, per [#3803](https://github.com/QwenLM/qwen-code/issues/3803) §02); N sessions multiplex onto that child via ACP `newSession()`. Stage 2 native in-process becomes available later. |
218
- | `--allow-origin <pat>` | | T2.4 ([#4514](https://github.com/QwenLM/qwen-code/issues/4514)). Cross-origin allowlist for browser webui clients. Repeatable. Each value is `*` (any origin — boot refuses if no bearer token is configured; `--require-auth` on loopback is recommended so `/health` and `/demo` are also bearer-gated, since both are pre-auth on loopback by default) or a canonical URL origin (`<scheme>://<host>[:<port>]`, no trailing slash / path / userinfo / query). **Subdomain wildcards (`https://*.example.com`) are intentionally unsupported** — list each subdomain explicitly, or use `*` with a configured token (and `--require-auth` for full hardening). Matched origins receive CORS response headers (`Access-Control-Allow-Origin`, `Vary: Origin`, methods, headers, max-age, and exposed `Retry-After`); unmatched origins still get a 403 with the same envelope as today's wall. `Origin: null` (sandboxed iframes, file:// docs) is always rejected, even under `*`. Pre-flight via `caps.features.allow_origin`. Loopback self-origin hits are unaffected. |
207
+ | Flag | Default | Purpose |
208
+ | --------------------------------------- | --------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
209
+ | `--port <n>` | `4170` | TCP port. `0` = OS-assigned ephemeral port. |
210
+ | `--hostname <addr>` | `127.0.0.1` | Bind interface. Anything beyond loopback requires a token. |
211
+ | `--token <str>` | — | Bearer token. Falls back to `QWEN_SERVER_TOKEN` env var (with leading/trailing whitespace stripped — handy for `$(cat token.txt)`). |
212
+ | `--require-auth` | `false` | Refuse to start without a bearer token, even on loopback. Hardens the `127.0.0.1` developer default for shared dev hosts / CI runners / multi-tenant workstations where any local user can hit the listener. Boots only with `--token` or `QWEN_SERVER_TOKEN` set; gates `/health` behind the bearer too. |
213
+ | `--max-sessions <n>` | `20` | Cap on concurrent live sessions. New `POST /session` requests that would spawn a fresh child return `503` (with `Retry-After: 5`) when the cap is hit; attaches to existing sessions are NOT counted. Set to `0` to disable. Sized for single-user / small-team usage; raise it if your deployment has the RAM/FD headroom (~30–50 MB per session). |
214
+ | `--max-pending-prompts-per-session <n>` | `5` | Per-session cap on prompts accepted by `POST /session/:id/prompt` but not yet settled, including queued prompts and the active prompt. The bridge rejects overflow synchronously with `503`, `Retry-After: 5`, and `code: "prompt_queue_full"` before returning a `promptId`. Set to `0` to disable. `branchSession` serializes on the same FIFO but does not count against this prompt cap. |
215
+ | `--workspace <path>` | `process.cwd()` | Absolute workspace path this daemon binds to (per [#3803](https://github.com/QwenLM/qwen-code/issues/3803) §02 1 daemon = 1 workspace). `POST /session` requests with a mismatched `cwd` return `400 workspace_mismatch`. For multi-workspace deployments, run one `qwen serve` per workspace on separate ports. |
216
+ | `--max-connections <n>` | `256` | Listener-level TCP connection cap (`server.maxConnections`). Bounds raw socket count irrespective of session count slow / phantom SSE clients get rejected at accept time once full. Raise alongside `--max-sessions` if your deployment expects many SSE subscribers per session. |
217
+ | `--event-ring-size <n>` | `8000` | Per-session SSE replay ring depth (#3803 §02 target). Sets the backlog available to `GET /session/:id/events` with `Last-Event-ID: N`. Larger = more reconnect headroom at the cost of a few hundred KB extra RAM per session. SDK clients can additionally request a larger per-subscriber backlog cap on a specific subscription via `?maxQueued=N` (range `[16, 2048]`, default 256). Daemons also emit a non-terminal `slow_client_warning` SSE frame at 75% queue fill so clients can drain / reconnect before getting evicted. Pre-flight `caps.features.slow_client_warning`. |
218
+ | `--mcp-client-budget <n>` | | Positive integer cap on live MCP clients **per ACP session** (issue [#4175](https://github.com/QwenLM/qwen-code/issues/4175) PR 14 v1; PR 23 graduates this to per-workspace via the shared MCP pool). Combine with `--mcp-budget-mode`. When unset, no accounting-driven enforcement (but `GET /workspace/mcp` still reports `clientCount`). Distinct from claude-code's `MCP_SERVER_CONNECTION_BATCH_SIZE` which gates startup concurrency, not the total client count. Pre-flight `caps.features.mcp_guardrails`. |
219
+ | `--mcp-budget-mode <m>` | `warn` / `off` | How `--mcp-client-budget` is enforced. `warn` (default when budget set): no refusal, snapshot's `budgets[0].status` flips to `warning` at ≥75% of budget. `enforce`: connects past the cap are refused, per-server cell shows `disabledReason: 'budget'`, deterministic by `mcpServers` declaration order. `off` (default when budget unset): pure observability. Boot rejects `enforce` without a budget. |
220
+ | `--http-bridge` | `true` | Stage 1 mode: one `qwen --acp` child per daemon (bound to one workspace at boot, per [#3803](https://github.com/QwenLM/qwen-code/issues/3803) §02); N sessions multiplex onto that child via ACP `newSession()`. Stage 2 native in-process becomes available later. |
221
+ | `--allow-origin <pat>` | — | T2.4 ([#4514](https://github.com/QwenLM/qwen-code/issues/4514)). Cross-origin allowlist for browser webui clients. Repeatable. Each value is `*` (any origin — boot refuses if no bearer token is configured; `--require-auth` on loopback is recommended so `/health` and `/demo` are also bearer-gated, since both are pre-auth on loopback by default) or a canonical URL origin (`<scheme>://<host>[:<port>]`, no trailing slash / path / userinfo / query). **Subdomain wildcards (`https://*.example.com`) are intentionally unsupported** — list each subdomain explicitly, or use `*` with a configured token (and `--require-auth` for full hardening). Matched origins receive CORS response headers (`Access-Control-Allow-Origin`, `Vary: Origin`, methods, headers, max-age, and exposed `Retry-After`); unmatched origins still get a 403 with the same envelope as today's wall. `Origin: null` (sandboxed iframes, file:// docs) is always rejected, even under `*`. Pre-flight via `caps.features.allow_origin`. Loopback self-origin hits are unaffected. |
219
222
 
220
223
  > **Sizing the load knobs.** `--max-sessions` is the **new-child** cap.
221
224
  > Three other layers also limit load — when sizing for a high-concurrency
@@ -226,14 +229,19 @@ The token comparison is constant-time (SHA-256 + `crypto.timingSafeEqual`); 401
226
229
  > - **per-session subscribers**: the EventBus caps SSE subscribers at
227
230
  > 64 per session by default; the 65th client gets a terminal
228
231
  > `stream_error` and is closed.
232
+ > - **per-session prompt admissions**:
233
+ > `--max-pending-prompts-per-session=5` bounds queued + active prompts
234
+ > accepted for one session. Overflow gets `503` with `Retry-After: 5`.
229
235
  > - **per-subscriber backlog**: a 256-frame queue per SSE client; an
230
236
  > over-capacity client gets a terminal `client_evicted` frame and is
231
237
  > closed (one slow consumer can't pin the daemon).
232
238
  >
233
- > The four caps interact: `--max-sessions × 64 subscribers × 256 frames`
234
- > is the worst-case in-flight memory at the EventBus layer. Default
235
- > sizing assumes single-user / small-team load; raise progressively
236
- > (and watch RSS) for multi-tenant deployments.
239
+ > These caps interact: `--max-sessions × 64 subscribers × 256 frames`
240
+ > is the worst-case in-flight memory at the EventBus layer, while
241
+ > `--max-sessions × --max-pending-prompts-per-session` bounds accepted
242
+ > prompt work at the admission layer. Default sizing assumes single-user /
243
+ > small-team load; raise progressively (and watch RSS) for multi-tenant
244
+ > deployments.
237
245
 
238
246
  > **MCP client guardrails (issue [#4175](https://github.com/QwenLM/qwen-code/issues/4175) PR 14).** A workspace declaring 30 MCP servers in `mcpServers` will start 30 clients with no upstream cap unless you set one. `--mcp-client-budget=N` caps the live MCP client count; `--mcp-budget-mode={enforce,warn,off}` chooses the behavior. Default is `warn` when a budget is set (snapshot surfaces the warning but no client is refused — useful for measuring real-world fanout before flipping on enforcement). Refused servers under `enforce` mode get `disabledReason: 'budget'` on their per-server cell, and the `budgets[0]` cell shows `status: 'error'` + `errorKind: 'budget_exhausted'`. Slot reservation is by server name and survives reconnects / discovery timeouts — a refused server can't take a slot from a healthy one.
239
247
  >
@@ -258,6 +266,7 @@ The token comparison is constant-time (SHA-256 + `crypto.timingSafeEqual`); 401
258
266
  - **CORS denies any browser Origin by default** — returns `403` JSON. Pass **`--allow-origin <pattern>`** (repeatable, T2.4 #4514) to opt specific browser origins through. Each value is either the literal `*` (any origin — boot refuses if no bearer token is configured; `--require-auth` on loopback is recommended for full hardening since `/health` and `/demo` remain pre-auth on loopback by default) or a canonical URL origin (`<scheme>://<host>[:<port>]`, no trailing slash / path / userinfo). Matched origins receive proper CORS response headers (`Access-Control-Allow-Origin: <echoed>`, `Vary: Origin`, plus standard methods / headers / max-age and exposed `Retry-After`); unmatched origins still get a 403 with the same envelope as the default wall. `caps.features.allow_origin` is advertised conditionally so SDK / webui clients can pre-flight whether the daemon honors cross-origin hits before issuing them. Example: `qwen serve --allow-origin http://localhost:3000 --allow-origin http://localhost:5173`. Loopback self-origin hits (e.g. the `/demo` page) are unaffected — a separate Origin-strip shim handles them regardless of `--allow-origin`. **Browser webuis without `--allow-origin` configured** still fall back to the same Stage 1 options as before: package as a native shell (Electron/Tauri) so no `Origin` header is sent, or front the daemon with a same-origin reverse proxy.
259
267
  - **Spawned `qwen --acp` child inherits the daemon's environment** with one explicit scrub: `QWEN_SERVER_TOKEN` is removed before the child starts (the daemon's own bearer; the agent doesn't need it). Everything else — `OPENAI_API_KEY` / `ANTHROPIC_API_KEY` / `QWEN_*` / `DASHSCOPE_API_KEY` / your custom `modelProviders[].envKey` / etc. — passes through, because the agent legitimately needs those to authenticate to the LLM. **This is intentional, not a sandbox.** The agent runs as the same UID with shell-tool access, so anything in `~/.bashrc` / `~/.aws/credentials` / `~/.npmrc` is reachable by prompt injection regardless. The env passthrough is not the security boundary; the user-as-trust-root is. Don't run `qwen serve` under an identity that has env-resident credentials you wouldn't trust the agent with.
260
268
  - **Per-subscriber bounded SSE queues** — a slow client that overflows its queue gets a `client_evicted` terminal frame and is closed; one stuck consumer can't pin the daemon.
269
+ - **Per-session prompt admission cap** — defaults to 5 accepted-but-unsettled prompts per session. A buggy client cannot enqueue unbounded prompt promises or temporary SSE waits for one session.
261
270
  - **Graceful shutdown** — SIGINT/SIGTERM drain the agent children before closing the listener (10s deadline per child).
262
271
 
263
272
  > ⚠️ **Stage 1 known gap — permissions are daemon-global, not per-session (BUy4H).** `pendingPermissions` lives at daemon scope; any client holding the bearer token can vote on any `requestId` for any session it can see (and SSE `permission_request` events carry the requestId in their payload). This is acceptable under the single-user / small-team trust model where every authenticated client is the same human or collaborators they trust. Stage 1.5 will move to `POST /session/:id/permission/:requestId` + session-scoped pending map + per-client identity (must-have #3 from the downstream review); until then, don't run `qwen serve` behind a bearer shared with untrusted parties.
@@ -309,12 +318,12 @@ To handle multiple **users** (each with their own quota, audit log, sandbox) or
309
318
 
310
319
  ## Loading and resuming a persisted session
311
320
 
312
- The daemon exposes ACP's `session/load` and `session/unstable_resumeSession` over HTTP via two routes:
321
+ The daemon exposes ACP's `session/load` and resume flow over HTTP via two routes:
313
322
 
314
323
  | Route | Use when |
315
324
  | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
316
325
  | `POST /session/:id/load` | The client has **no** history rendered (cold reconnect, picker-then-open). The daemon replays every persisted turn through SSE so subscribers see the full transcript. Capability tag: `session_load`. |
317
- | `POST /session/:id/resume` | The client already has the turns on screen and only needs the daemon-side handle back. Model context is restored on the agent side without UI replay — the SSE stream stays clean. Capability tag: `unstable_session_resume`. |
326
+ | `POST /session/:id/resume` | The client already has the turns on screen and only needs the daemon-side handle back. Model context is restored on the agent side without UI replay — the SSE stream stays clean. Capability tag: `session_resume` (`unstable_session_resume` remains a deprecated alias for older clients). |
318
327
 
319
328
  The TypeScript SDK exposes both as static factories on `DaemonSessionClient`:
320
329
 
@@ -335,7 +344,7 @@ for await (const event of session.events()) {
335
344
  }
336
345
  ```
337
346
 
338
- Pre-flight `caps.features.session_load` / `caps.features.unstable_session_resume` before calling — older daemons return `404`. Concurrent same-action requests for the same id coalesce; cross-action races (a `load` racing a `resume`) get `409 restore_in_progress` with `Retry-After: 5`. See the [protocol reference](../developers/qwen-serve-protocol.md) for the full error envelope.
347
+ Pre-flight `caps.features.session_load` / `caps.features.session_resume` before calling — older daemons return `404`. `unstable_session_resume` is still advertised as a deprecated compatibility alias. Concurrent same-action requests for the same id coalesce; cross-action races (a `load` racing a `resume`) get `409 restore_in_progress` with `Retry-After: 5`. See the [protocol reference](../developers/qwen-serve-protocol.md) for the full error envelope.
339
348
 
340
349
  Note: history replay is bounded by the SSE ring (default 4000 frames). Long histories with chatty turns can exceed that — earliest frames are dropped silently. For very long sessions, prefer `resume` and rely on the client's local persisted UI.
341
350
 
package/bundled/qc-helper/docs/reference/keyboard-shortcuts.md CHANGED
@@ -15,39 +15,39 @@ This document lists the available keyboard shortcuts in Qwen Code.
15
15
  | `Ctrl+T` | Toggle the display of tool descriptions. |
16
16
  | `Ctrl+B` | While a foreground shell command is running: promote it to a background task. The child keeps running, the agent's turn unblocks, and the shell appears in `/tasks` + the Background tasks dialog. No-op when no shell is executing — Ctrl+B then falls through to its prompt-area binding (cursor-left). |
17
17
  | `Alt/Option+M` | Toggle Markdown output between rich rendered previews and raw/source mode. On macOS, the terminal must send Option as Meta. |
18
- | `Shift+Tab` (`Tab` on Windows) | Cycle approval modes (`plan` → `default` → `auto-edit` → `yolo`) |
18
+ | `Shift+Tab` (`Tab` on Windows) | Cycle approval modes (`plan` → `default` → `auto-edit` → `auto` → `yolo`) |
19
19
 
20
20
  ## Input Prompt
21
21
 
22
- | Shortcut | Description |
23
- | -------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
24
- | `!` | Toggle shell mode when the input is empty. |
25
- | `?` | Toggle keyboard shortcuts display when the input is empty. |
26
- | `\` (at end of line) + `Enter` | Insert a newline. |
27
- | `Down Arrow` | Row down, then snap to end, then history next. |
28
- | `Enter` | Submit the current prompt. |
29
- | `Meta+Delete` / `Ctrl+Delete` | Delete the word to the right of the cursor. |
30
- | `Tab` | Autocomplete the current suggestion if one exists. |
31
- | `Up Arrow` | Row up, then snap to start, then history prev. |
32
- | `Ctrl+A` / `Home` | Move the cursor to the beginning of the line. |
33
- | `Ctrl+B` / `Left Arrow` | Move the cursor one character to the left. |
34
- | `Ctrl+C` | Clear the input prompt |
35
- | `Esc` (double press) | Clear the input prompt. |
36
- | `Ctrl+D` / `Delete` | Delete the character to the right of the cursor. |
37
- | `Ctrl+E` / `End` | Move the cursor to the end of the line. |
38
- | `Ctrl+F` / `Right Arrow` | Move the cursor one character to the right. |
39
- | `Ctrl+H` / `Backspace` | Delete the character to the left of the cursor. |
40
- | `Ctrl+K` | Delete from the cursor to the end of the line. |
41
- | `Ctrl+Left Arrow` / `Meta+Left Arrow` / `Meta+B` | Move the cursor one word to the left. |
42
- | `Ctrl+N` | Row down, then snap to end, then history next. |
43
- | `Ctrl+P` | Row up, then snap to start, then history prev. |
44
- | `Ctrl+R` | Reverse search through input/shell history. |
45
- | `Ctrl+Y` | Retry the last failed request. |
46
- | `Ctrl+Right Arrow` / `Meta+Right Arrow` / `Meta+F` | Move the cursor one word to the right. |
47
- | `Ctrl+U` | Delete from the cursor to the beginning of the line. |
48
- | `Ctrl+V` (Windows: `Alt+V`) | Paste clipboard content. If the clipboard contains an image, it will be saved and a reference to it will be inserted in the prompt. |
49
- | `Ctrl+W` / `Meta+Backspace` / `Ctrl+Backspace` | Delete the word to the left of the cursor. |
50
- | `Ctrl+X` / `Meta+Enter` | Open the current input in an external editor. |
22
+ | Shortcut | Description |
23
+ | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
24
+ | `!` | Toggle shell mode when the input is empty. |
25
+ | `?` | Toggle keyboard shortcuts display when the input is empty. |
26
+ | `Ctrl+Enter` / `Cmd+Enter` / `Shift+Enter` / `Ctrl+J` | Insert a newline. |
27
+ | `Down Arrow` | Row down, then snap to end, then history next. |
28
+ | `Enter` | Submit the current prompt. |
29
+ | `Meta+Delete` / `Ctrl+Delete` | Delete the word to the right of the cursor. |
30
+ | `Tab` | Autocomplete the current suggestion if one exists. |
31
+ | `Up Arrow` | Row up, then snap to start, then history prev. |
32
+ | `Ctrl+A` / `Home` | Move the cursor to the beginning of the line. |
33
+ | `Ctrl+B` / `Left Arrow` | Move the cursor one character to the left. |
34
+ | `Ctrl+C` | Clear the input prompt |
35
+ | `Esc` (double press) | Clear the input prompt. |
36
+ | `Ctrl+D` / `Delete` | Delete the character to the right of the cursor. |
37
+ | `Ctrl+E` / `End` | Move the cursor to the end of the line. |
38
+ | `Ctrl+F` / `Right Arrow` | Move the cursor one character to the right. |
39
+ | `Ctrl+H` / `Backspace` | Delete the character to the left of the cursor. |
40
+ | `Ctrl+K` | Delete from the cursor to the end of the line. |
41
+ | `Ctrl+Left Arrow` / `Meta+Left Arrow` / `Meta+B` | Move the cursor one word to the left. |
42
+ | `Ctrl+N` | Row down, then snap to end, then history next. |
43
+ | `Ctrl+P` | Row up, then snap to start, then history prev. |
44
+ | `Ctrl+R` | Reverse search through input/shell history. |
45
+ | `Ctrl+Y` | Retry the last failed request. |
46
+ | `Ctrl+Right Arrow` / `Meta+Right Arrow` / `Meta+F` | Move the cursor one word to the right. |
47
+ | `Ctrl+U` | Delete from the cursor to the beginning of the line. |
48
+ | `Ctrl+V` (Windows: `Alt+V`) | Paste clipboard content. If the clipboard contains an image, it will be saved and a reference to it will be inserted in the prompt. |
49
+ | `Ctrl+W` / `Meta+Backspace` / `Ctrl+Backspace` | Delete the word to the left of the cursor. |
50
+ | `Ctrl+X` / `Meta+Enter` | Open the current input in an external editor. |
51
51
 
52
52
  ## Suggestions
53
53
 
package/bundled/review/SKILL.md CHANGED
@@ -159,7 +159,9 @@ Assign severity based on the tool's own categorization:
159
159
 
160
160
  ## Step 4: Parallel multi-dimensional review
161
161
 
162
- Launch review agents by invoking all `task` tools in a **single response**. The runtime executes agent tools concurrently — they will run in parallel. You MUST include all tool calls in one response; do NOT send them one at a time. Launch **9 agents** for same-repo reviews (Agent 6 has three persona variants 6a/6b/6c that each count as a separate parallel agent), or **8 agents** (skip Agent 7: Build & Test) for cross-repo lightweight mode since there is no local codebase to build/test. Each agent should focus exclusively on its dimension.
162
+ Launch review agents by invoking all `agent` tools in a **single response**. The runtime executes agent tools concurrently — they will run in parallel. You MUST include all tool calls in one response; do NOT send them one at a time. Launch **9 agents** for same-repo reviews (Agent 6 has three persona variants 6a/6b/6c that each count as a separate parallel agent), or **8 agents** (skip Agent 7: Build & Test) for cross-repo lightweight mode since there is no local codebase to build/test. Each agent should focus exclusively on its dimension.
163
+
164
+ **Every agent MUST be an awaitable subagent: set `subagent_type: "general-purpose"` on every `agent` call.** Do NOT fork them — do not omit `subagent_type`, and never set `subagent_type: "fork"`. A fork runs fire-and-forget and its findings never come back to you, so the review would stall in Step 5 with nothing to aggregate. You need every agent's findings returned to you inline.
163
165
 
164
166
  **IMPORTANT**: Keep each agent's prompt **short** (under 200 words) to fit all tool calls in one response. Do NOT paste the full diff — give each agent:
165
167
 
package/bundled/simplify/SKILL.md CHANGED
@@ -39,7 +39,7 @@ Use `git diff HEAD` whenever staged changes exist. Otherwise use `git diff`.
39
39
 
40
40
  ## Step 2: Launch three review passes in parallel
41
41
 
42
- Use the `agent` tool and launch all review passes in a single response so they run concurrently. Each pass must receive the same review scope and diff command. These passes are read-only: each one inspects and reports findings only and must not modify files — all edits happen later in Step 4.
42
+ Use the `agent` tool and launch all review passes in a single response so they run concurrently. **Set `subagent_type: "general-purpose"` on every call — each pass must be an awaitable subagent whose findings return to you inline. Do NOT fork them: do not omit `subagent_type`, and never set `subagent_type: "fork"`. A fork runs fire-and-forget and never returns its findings, so there would be nothing to aggregate in Step 3.** Each pass must receive the same review scope and diff command. These passes are read-only: each one inspects and reports findings only and must not modify files — all edits happen later in Step 4.
43
43
 
44
44
  Keep each review prompt short and focused. Do not paste the full diff into the prompt. Tell each pass to read the diff itself and inspect only files relevant to its findings.
45
45
 
package/chunks/{agent-LOTJK6AH.js → agent-WK5GYOPC.js} RENAMED
@@ -7,39 +7,40 @@ import {
7
7
  hasRebuiltToolRegistry,
8
8
  rebuildToolRegistryOnOverride,
9
9
  resolveSubagentApprovalMode
10
- } from "./chunk-IWAYOW5Q.js";
10
+ } from "./chunk-Q3NN2XUW.js";
11
11
  import "./chunk-K5PGHDBN.js";
12
- import "./chunk-SKBPNJEW.js";
13
- import "./chunk-HLPLOD42.js";
12
+ import "./chunk-VXHYMZXW.js";
14
13
  import "./chunk-O4PICXES.js";
15
14
  import "./chunk-TW522KN6.js";
16
- import "./chunk-3DHXZ6EV.js";
17
- import "./chunk-XBY7E2FX.js";
18
- import "./chunk-J5MDQKJL.js";
15
+ import "./chunk-BJ5HQ23U.js";
16
+ import "./chunk-SFRV6BGY.js";
17
+ import "./chunk-ZOFNJQNJ.js";
18
+ import "./chunk-WPTCDQN6.js";
19
+ import "./chunk-OMX7CUOE.js";
19
20
  import "./chunk-MLZQVCF3.js";
20
21
  import "./chunk-LD2XBG6Z.js";
21
- import "./chunk-OHEGWO4L.js";
22
- import "./chunk-SNGELLWX.js";
22
+ import "./chunk-CPVI5J2L.js";
23
+ import "./chunk-ZMIBJS45.js";
23
24
  import "./chunk-77WXWU44.js";
24
- import "./chunk-A7B4ISQP.js";
25
- import "./chunk-6YIUGZTC.js";
25
+ import "./chunk-B4ZF2KSI.js";
26
+ import "./chunk-E322ZT4P.js";
26
27
  import "./chunk-3PJXIDKI.js";
27
28
  import "./chunk-UWCTAVOD.js";
28
29
  import "./chunk-OFEVLU4C.js";
29
- import "./chunk-3HTIVKZE.js";
30
- import "./chunk-IDX6COTE.js";
31
- import "./chunk-BIVG75CP.js";
32
- import "./chunk-XV4HCEVI.js";
33
- import "./chunk-2Y5SYSD3.js";
34
- import "./chunk-SEGYWKIH.js";
30
+ import "./chunk-IQHSD7K5.js";
31
+ import "./chunk-LYRSMKLS.js";
32
+ import "./chunk-26QELEL2.js";
33
+ import "./chunk-6WPY6ES3.js";
34
+ import "./chunk-IDYDPBBN.js";
35
+ import "./chunk-FIQECJTQ.js";
35
36
  import "./chunk-64WXLC72.js";
36
- import "./chunk-B7HXHOHU.js";
37
- import "./chunk-EYENRK4D.js";
38
- import "./chunk-M6VTDSVR.js";
37
+ import "./chunk-LXYWINWF.js";
38
+ import "./chunk-NNIYWQIS.js";
39
+ import "./chunk-LYSND7KR.js";
39
40
  import "./chunk-55ZMG67I.js";
40
41
  import "./chunk-H6BD2ELD.js";
41
42
  import "./chunk-5IFG2VC4.js";
42
- import "./chunk-HR7SV7AY.js";
43
+ import "./chunk-HA2UEYZP.js";
43
44
  import "./chunk-ZERZSAZL.js";
44
45
  import "./chunk-QN5NZ3UQ.js";
45
46
  import "./chunk-BR4QREVK.js";
package/chunks/{agent-headless-TU3EPMYU.js → agent-headless-KZJALDQF.js} RENAMED
@@ -4,39 +4,40 @@ import {
4
4
  AgentHeadless,
5
5
  ContextState,
6
6
  templateString
7
- } from "./chunk-IWAYOW5Q.js";
7
+ } from "./chunk-Q3NN2XUW.js";
8
8
  import "./chunk-K5PGHDBN.js";
9
- import "./chunk-SKBPNJEW.js";
10
- import "./chunk-HLPLOD42.js";
9
+ import "./chunk-VXHYMZXW.js";
11
10
  import "./chunk-O4PICXES.js";
12
11
  import "./chunk-TW522KN6.js";
13
- import "./chunk-3DHXZ6EV.js";
14
- import "./chunk-XBY7E2FX.js";
15
- import "./chunk-J5MDQKJL.js";
12
+ import "./chunk-BJ5HQ23U.js";
13
+ import "./chunk-SFRV6BGY.js";
14
+ import "./chunk-ZOFNJQNJ.js";
15
+ import "./chunk-WPTCDQN6.js";
16
+ import "./chunk-OMX7CUOE.js";
16
17
  import "./chunk-MLZQVCF3.js";
17
18
  import "./chunk-LD2XBG6Z.js";
18
- import "./chunk-OHEGWO4L.js";
19
- import "./chunk-SNGELLWX.js";
19
+ import "./chunk-CPVI5J2L.js";
20
+ import "./chunk-ZMIBJS45.js";
20
21
  import "./chunk-77WXWU44.js";
21
- import "./chunk-A7B4ISQP.js";
22
- import "./chunk-6YIUGZTC.js";
22
+ import "./chunk-B4ZF2KSI.js";
23
+ import "./chunk-E322ZT4P.js";
23
24
  import "./chunk-3PJXIDKI.js";
24
25
  import "./chunk-UWCTAVOD.js";
25
26
  import "./chunk-OFEVLU4C.js";
26
- import "./chunk-3HTIVKZE.js";
27
- import "./chunk-IDX6COTE.js";
28
- import "./chunk-BIVG75CP.js";
29
- import "./chunk-XV4HCEVI.js";
30
- import "./chunk-2Y5SYSD3.js";
31
- import "./chunk-SEGYWKIH.js";
27
+ import "./chunk-IQHSD7K5.js";
28
+ import "./chunk-LYRSMKLS.js";
29
+ import "./chunk-26QELEL2.js";
30
+ import "./chunk-6WPY6ES3.js";
31
+ import "./chunk-IDYDPBBN.js";
32
+ import "./chunk-FIQECJTQ.js";
32
33
  import "./chunk-64WXLC72.js";
33
- import "./chunk-B7HXHOHU.js";
34
- import "./chunk-EYENRK4D.js";
35
- import "./chunk-M6VTDSVR.js";
34
+ import "./chunk-LXYWINWF.js";
35
+ import "./chunk-NNIYWQIS.js";
36
+ import "./chunk-LYSND7KR.js";
36
37
  import "./chunk-55ZMG67I.js";
37
38
  import "./chunk-H6BD2ELD.js";
38
39
  import "./chunk-5IFG2VC4.js";
39
- import "./chunk-HR7SV7AY.js";
40
+ import "./chunk-HA2UEYZP.js";
40
41
  import "./chunk-ZERZSAZL.js";
41
42
  import "./chunk-QN5NZ3UQ.js";
42
43
  import "./chunk-BR4QREVK.js";
package/chunks/{anthropicContentGenerator-2HBRNQ3B.js → anthropicContentGenerator-DCI26OQF.js} RENAMED
@@ -6,7 +6,7 @@ import {
6
6
  } from "./chunk-KQIKOTQJ.js";
7
7
  import {
8
8
  RequestTokenizer
9
- } from "./chunk-ZTZ4DDQE.js";
9
+ } from "./chunk-3NRO6NHX.js";
10
10
  import {
11
11
  Blob,
12
12
  File,
@@ -16,7 +16,7 @@ import {
16
16
  import {
17
17
  buildRuntimeFetchOptions,
18
18
  redactProxyError
19
- } from "./chunk-EYENRK4D.js";
19
+ } from "./chunk-NNIYWQIS.js";
20
20
  import {
21
21
  CAPPED_DEFAULT_MAX_TOKENS,
22
22
  DEFAULT_TIMEOUT,
@@ -25,7 +25,7 @@ import {
25
25
  runtimeDiagnostics,
26
26
  safeJsonParse,
27
27
  tokenLimit
28
- } from "./chunk-M6VTDSVR.js";
28
+ } from "./chunk-LYSND7KR.js";
29
29
  import {
30
30
  FinishReason,
31
31
  GenerateContentResponse
@@ -34,7 +34,7 @@ import "./chunk-H6BD2ELD.js";
34
34
  import "./chunk-5IFG2VC4.js";
35
35
  import {
36
36
  createDebugLogger
37
- } from "./chunk-HR7SV7AY.js";
37
+ } from "./chunk-HA2UEYZP.js";
38
38
  import {
39
39
  require_ms
40
40
  } from "./chunk-BR4QREVK.js";
package/chunks/{askUserQuestion-OGCMIBQM.js → askUserQuestion-NDNFGC35.js} RENAMED
@@ -9,10 +9,10 @@ import {
9
9
  BaseToolInvocation,
10
10
  ToolDisplayNames,
11
11
  ToolNames
12
- } from "./chunk-XV4HCEVI.js";
12
+ } from "./chunk-6WPY6ES3.js";
13
13
  import {
14
14
  createDebugLogger
15
- } from "./chunk-HR7SV7AY.js";
15
+ } from "./chunk-HA2UEYZP.js";
16
16
  import "./chunk-Z2Z3GUXZ.js";
17
17
  import {
18
18
  init_esbuild_shims