@qwen-code/qwen-code 0.19.3 → 0.19.4-nightly.20260702.46814e4f1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (308) hide show
  1. package/bundled/loop/SKILL.md +22 -3
  2. package/bundled/loop/SKILL.test.ts +20 -0
  3. package/bundled/loop/autonomous-loop.test.ts +59 -0
  4. package/bundled/loop/autonomous-loop.ts +102 -0
  5. package/bundled/loop/loop-task-file.test.ts +1064 -0
  6. package/bundled/loop/loop-task-file.ts +404 -0
  7. package/bundled/loop/loop-tick-resolver.test.ts +906 -0
  8. package/bundled/loop/loop-tick-resolver.ts +416 -0
  9. package/bundled/qc-helper/SKILL.md +12 -5
  10. package/bundled/qc-helper/docs/configuration/auth.md +1 -1
  11. package/bundled/qc-helper/docs/configuration/settings.md +62 -32
  12. package/bundled/qc-helper/docs/features/approval-mode.md +3 -0
  13. package/bundled/qc-helper/docs/features/auto-mode.md +40 -0
  14. package/bundled/qc-helper/docs/features/channels/overview.md +81 -18
  15. package/bundled/qc-helper/docs/features/channels/plugins.md +1 -1
  16. package/bundled/qc-helper/docs/features/code-review.md +17 -61
  17. package/bundled/qc-helper/docs/features/commands.md +42 -40
  18. package/bundled/qc-helper/docs/features/headless.md +19 -18
  19. package/bundled/qc-helper/docs/features/hooks.md +6 -1
  20. package/bundled/qc-helper/docs/features/mcp.md +3 -1
  21. package/bundled/qc-helper/docs/features/memory.md +1 -1
  22. package/bundled/qc-helper/docs/features/scheduled-tasks.md +10 -0
  23. package/bundled/qc-helper/docs/features/status-line.md +3 -3
  24. package/bundled/qc-helper/docs/ide-integration/ide-integration.md +4 -4
  25. package/bundled/qc-helper/docs/qwen-serve.md +53 -0
  26. package/bundled/qc-helper/docs/support/troubleshooting.md +11 -0
  27. package/bundled/review/DESIGN.md +21 -26
  28. package/bundled/review/SKILL.md +45 -129
  29. package/chunks/MaxSizedBox-GHGRQ2OS.js +69 -0
  30. package/chunks/{StandaloneSessionPicker-Z52JTYST.js → StandaloneSessionPicker-G7YTTM27.js} +49 -42
  31. package/chunks/{acpAgent-7RZUOWOM.js → acpAgent-SDOILBSU.js} +1325 -365
  32. package/chunks/{agent-4FG7WTHJ.js → agent-NTSXGV4L.js} +31 -25
  33. package/chunks/agent-headless-WYURMSAB.js +62 -0
  34. package/chunks/{anthropicContentGenerator-PFITVL7Y.js → anthropicContentGenerator-WL3LJOUB.js} +110 -31
  35. package/chunks/{artifact-tool-D2X7G3C3.js → artifact-tool-W76WC2JX.js} +3 -3
  36. package/chunks/{askUserQuestion-UGETICJQ.js → askUserQuestion-J3P6TH3V.js} +2 -2
  37. package/chunks/bridge-AMOL4W4P.js +73 -0
  38. package/chunks/{ca-IUFWESZL.js → ca-HCMB2I54.js} +10 -9
  39. package/chunks/channel-worker-supervisor-C3IB63V7.js +659 -0
  40. package/chunks/{chunk-STUWFKGD.js → chunk-26JIREA5.js} +466 -543
  41. package/chunks/{chunk-SLNKLLEO.js → chunk-2MRV62AU.js} +37 -8
  42. package/chunks/{chunk-ODLIHNOY.js → chunk-2U4HUMOL.js} +1 -1
  43. package/chunks/{chunk-CKQA6AWF.js → chunk-4D73HUOP.js} +1 -1
  44. package/chunks/{chunk-M2U5NM24.js → chunk-54YZOP7P.js} +309 -72
  45. package/chunks/{chunk-J7FA27RO.js → chunk-5LKL3PAU.js} +3 -3
  46. package/chunks/chunk-5P5XGNYH.js +93 -0
  47. package/chunks/{chunk-UFLGERMB.js → chunk-6JE32BRB.js} +178 -124
  48. package/chunks/{chunk-FKAVULLM.js → chunk-75AVTQJ2.js} +74 -10
  49. package/chunks/{chunk-I2LYBGNI.js → chunk-7IOMIYOE.js} +1 -1
  50. package/chunks/{chunk-4LUZAKMK.js → chunk-7KXAGQJ2.js} +1 -1
  51. package/chunks/{chunk-BXSHL2SF.js → chunk-7LUOQJ3D.js} +1 -1
  52. package/chunks/{chunk-YAINVQ3Q.js → chunk-A5OPLHFM.js} +18693 -17055
  53. package/chunks/chunk-AHNXYU4O.js +24 -0
  54. package/chunks/{chunk-UX4SGCGN.js → chunk-AVQDCKNF.js} +96 -22
  55. package/chunks/{chunk-HYCC3XM3.js → chunk-B236XPGF.js} +1 -1
  56. package/chunks/chunk-B6SZLQAZ.js +3523 -0
  57. package/chunks/{chunk-5DWXLGOM.js → chunk-BJBWRCSK.js} +1 -1
  58. package/chunks/chunk-BPFJQGY7.js +193 -0
  59. package/chunks/{chunk-SKQZZVAV.js → chunk-BZHLWC6T.js} +2 -2
  60. package/chunks/{chunk-U3KSMM7G.js → chunk-D5KISTLW.js} +339 -383
  61. package/chunks/{chunk-GT2FGICD.js → chunk-DE7YXUR7.js} +1 -1
  62. package/chunks/{chunk-BUUQ5HPX.js → chunk-DG573EOO.js} +1 -1
  63. package/chunks/{chunk-VVLOGDB6.js → chunk-DX3TKXNT.js} +2 -2
  64. package/chunks/chunk-E5A7LHNN.js +51 -0
  65. package/chunks/{chunk-3PJXIDKI.js → chunk-E6US47KI.js} +3 -27
  66. package/chunks/{chunk-QBZ22PQX.js → chunk-EWALXUAD.js} +3 -1
  67. package/chunks/{chunk-PDE7CSDS.js → chunk-FXKI7OW6.js} +2 -2
  68. package/chunks/{chunk-F3ZYSEY6.js → chunk-FY4TT4L4.js} +3 -3
  69. package/chunks/{chunk-QLDPRILK.js → chunk-G7OQ3RFJ.js} +3 -3
  70. package/chunks/{chunk-R2BXK7SX.js → chunk-GHOTR7HL.js} +6 -1
  71. package/chunks/{chunk-KMGMKW5Q.js → chunk-GLPV75ES.js} +9 -3
  72. package/chunks/{chunk-LD2XBG6Z.js → chunk-GO6LNQXT.js} +1 -39
  73. package/chunks/{chunk-CNLEDYE3.js → chunk-H6TNLOLM.js} +5 -5
  74. package/chunks/{chunk-JVHEVCAU.js → chunk-HLW4EGKR.js} +31 -6
  75. package/chunks/{chunk-I4H7PRWQ.js → chunk-HTWHAN44.js} +1 -1
  76. package/chunks/{chunk-QE6KJYLT.js → chunk-IPYE5BIS.js} +123 -25
  77. package/chunks/{chunk-EJYJYJZ2.js → chunk-IRJWHZWU.js} +3 -70
  78. package/chunks/{chunk-EDMZZFDU.js → chunk-J3YPTTNL.js} +930 -798
  79. package/chunks/{chunk-GGBIN5K7.js → chunk-JGAJMIJZ.js} +1 -1
  80. package/chunks/{chunk-N4EJFBN5.js → chunk-JVLP5US5.js} +427 -263
  81. package/chunks/{chunk-R5OP2ATH.js → chunk-JZG7VB6C.js} +11 -11
  82. package/chunks/{chunk-QI7GOGJR.js → chunk-KKQWC6WS.js} +1 -1
  83. package/chunks/{chunk-ADCIHOQZ.js → chunk-KX5QZRW2.js} +142 -30
  84. package/chunks/{chunk-SBBN4BWR.js → chunk-L7OJ3ZO3.js} +1 -1
  85. package/chunks/{chunk-NDOC6M5S.js → chunk-L7QPM2YD.js} +2 -2
  86. package/chunks/{chunk-BVSVIN45.js → chunk-LKWAVAB5.js} +3 -3
  87. package/chunks/{chunk-T4T2FNV4.js → chunk-LOW52WYZ.js} +2 -2
  88. package/chunks/{chunk-4QK3O43S.js → chunk-LU7BIVWC.js} +4 -4
  89. package/chunks/{chunk-ZP6UKOPB.js → chunk-LWGLBVWA.js} +1 -1
  90. package/chunks/{chunk-L7OKCI7T.js → chunk-M7BLWURA.js} +15 -1
  91. package/chunks/{chunk-PR32FRT6.js → chunk-MIM62IXS.js} +3 -3
  92. package/chunks/{chunk-RD6YJJJ6.js → chunk-MOUXUCXQ.js} +1 -1
  93. package/chunks/{chunk-VBZ452JT.js → chunk-MSNGFH6L.js} +494 -114
  94. package/chunks/{chunk-BX5YO7UW.js → chunk-MTNTVOJR.js} +542 -370
  95. package/chunks/chunk-MX2YXRER.js +44 -0
  96. package/chunks/chunk-NIOPRZNN.js +27 -0
  97. package/chunks/{chunk-SMYQZVZ3.js → chunk-NOGSPTLJ.js} +1 -1
  98. package/chunks/{chunk-DDMOU62Q.js → chunk-NPQWQYU6.js} +1 -1
  99. package/chunks/{chunk-MNF6S5PR.js → chunk-P5THQV6A.js} +4 -4
  100. package/chunks/{chunk-6V4NZFUS.js → chunk-PCYOT4PK.js} +5 -5
  101. package/chunks/{chunk-CF6BB3LT.js → chunk-PPFWEV7G.js} +10 -1
  102. package/chunks/{chunk-FXKVLFFY.js → chunk-PSFDB5FZ.js} +3 -3
  103. package/chunks/{chunk-XJYUPHRC.js → chunk-QOMAHFYI.js} +3 -3
  104. package/chunks/{chunk-J37FGIOA.js → chunk-QXPI7FEC.js} +38 -4
  105. package/chunks/{chunk-RRFZXMYP.js → chunk-QZDBHNMV.js} +691 -164
  106. package/chunks/{chunk-S7AKE7HL.js → chunk-R6RI2HIC.js} +63 -9
  107. package/chunks/{chunk-HZT4UCFB.js → chunk-RB7S52NJ.js} +4 -4
  108. package/chunks/{chunk-J33ZR6OJ.js → chunk-RK22ACPP.js} +16 -16
  109. package/chunks/chunk-RM3PGSGL.js +66 -0
  110. package/chunks/chunk-RNBYOUGV.js +42 -0
  111. package/chunks/chunk-S6RLAIUR.js +23 -0
  112. package/chunks/{chunk-3TV3HUWZ.js → chunk-SCYK2YLI.js} +81 -30
  113. package/chunks/{chunk-HPZTOP4I.js → chunk-SEKRT4SD.js} +133 -23
  114. package/chunks/chunk-SEZC2725.js +36 -0
  115. package/chunks/chunk-SIUQ3YYX.js +78 -0
  116. package/chunks/{chunk-O2VBQ3Y2.js → chunk-SJBIFVD2.js} +2 -2
  117. package/chunks/chunk-SYCJMSIJ.js +82 -0
  118. package/chunks/{chunk-JE5FVRPC.js → chunk-T22H4V4R.js} +48 -23
  119. package/chunks/{chunk-3227DZO4.js → chunk-T42ACHFI.js} +1 -1
  120. package/chunks/{chunk-UO5GVXQE.js → chunk-TENOUWY2.js} +3 -3
  121. package/chunks/{chunk-JOLIREYR.js → chunk-TOAUDIS7.js} +1 -1
  122. package/chunks/{chunk-QNKBEJO2.js → chunk-UA6XBZT7.js} +2776 -1289
  123. package/chunks/{chunk-O75BHFQW.js → chunk-UQTYK5SS.js} +2 -2
  124. package/chunks/{chunk-Y6YMRS3U.js → chunk-UY2TCIZS.js} +17 -3
  125. package/chunks/{chunk-FNJ7BDPH.js → chunk-UY7ZAYTY.js} +10 -7
  126. package/chunks/{chunk-UYT3MWEB.js → chunk-UYHWM24C.js} +30 -2
  127. package/chunks/{chunk-SMXULRAN.js → chunk-VXGPYF7U.js} +1 -1
  128. package/chunks/{chunk-BTLJ2MF5.js → chunk-W7CG5HPC.js} +3 -3
  129. package/chunks/{chunk-JJXWTVSK.js → chunk-XHZKDN7M.js} +34 -1
  130. package/chunks/{chunk-K5XU6E4T.js → chunk-XKSCTXPK.js} +2 -2
  131. package/chunks/chunk-Y4LITCRB.js +367 -0
  132. package/chunks/chunk-YHTNWGRR.js +239 -0
  133. package/chunks/{chunk-BKXBARJZ.js → chunk-YPCPZSZB.js} +1 -1
  134. package/chunks/{chunk-QWFNTRH4.js → chunk-YSM24SCE.js} +1 -1
  135. package/chunks/chunk-YTFBURQD.js +313 -0
  136. package/chunks/{chunk-NL4C3H6C.js → chunk-YXK4GPYO.js} +1 -1
  137. package/chunks/{chunk-RYLJU2DY.js → chunk-ZN5T4BHI.js} +1 -1
  138. package/chunks/{computer-use-JGB36FDW.js → computer-use-MTSVPLPY.js} +34 -28
  139. package/chunks/contextCommand-VGJ3BPTK.js +67 -0
  140. package/chunks/{cron-create-SKEY55RG.js → cron-create-6YTCOX6P.js} +4 -4
  141. package/chunks/{cron-delete-I3NAT32Z.js → cron-delete-E3NIFSUK.js} +4 -4
  142. package/chunks/{cron-list-6XRRL6TH.js → cron-list-Q64MNQNE.js} +4 -4
  143. package/chunks/daemon-EEB2RYOL.js +8453 -0
  144. package/chunks/daemon-status-provider-H5SNMK42.js +71 -0
  145. package/chunks/{de-EOW5PVHF.js → de-PLLFDERI.js} +10 -9
  146. package/chunks/{dist-NHEYYB2B.js → dist-ADMIQGHI.js} +2 -2
  147. package/chunks/{dist-J37VXPLD.js → dist-BCQ7INM7.js} +40 -15
  148. package/chunks/{dist-663NZ6MI.js → dist-KNZFCY5F.js} +116 -11
  149. package/chunks/{dist-LB6OGPVM.js → dist-LHUWC3K6.js} +26 -5
  150. package/chunks/{dist-PQPZ5Q4N.js → dist-WBBZ76JZ.js} +20 -9
  151. package/chunks/{earlyInputCapture-44RISVVJ.js → earlyInputCapture-U4ZIQSQU.js} +32 -26
  152. package/chunks/{edit-NN6GM5DT.js → edit-SYIQ2KBI.js} +41 -38
  153. package/chunks/{en-HPWEJBTR.js → en-M4EBUBNU.js} +32 -10
  154. package/chunks/{enter-worktree-PB3O2C7D.js → enter-worktree-HPPOO244.js} +31 -25
  155. package/chunks/{enterPlanMode-YQFNNSUA.js → enterPlanMode-56YYO52U.js} +41 -25
  156. package/chunks/{errors-LS7XU5DZ.js → errors-EO4SXCFP.js} +33 -27
  157. package/chunks/{exit-worktree-E2FTNSBK.js → exit-worktree-UDM7E6XH.js} +31 -25
  158. package/chunks/{exitPlanMode-GLYK2BUB.js → exitPlanMode-M6P3AWLJ.js} +149 -33
  159. package/chunks/{fast-path-WQ6M7LI7.js → fast-path-42P4QYWI.js} +33 -14
  160. package/chunks/{fast-path-settings-OAGU3X5H.js → fast-path-settings-UQLRFDQP.js} +2 -2
  161. package/chunks/{fr-BN5NKSAC.js → fr-MBMNQSQ6.js} +10 -9
  162. package/chunks/{gemini-2YFLVA2M.js → gemini-NRLXS5J7.js} +84 -70
  163. package/chunks/{geminiContentGenerator-XV6SV6CD.js → geminiContentGenerator-DLJPYYPA.js} +41 -5
  164. package/chunks/{glob-2H6CDDMK.js → glob-JPY3F74Y.js} +31 -25
  165. package/chunks/{grep-VXIUXM3C.js → grep-HW23YES5.js} +31 -25
  166. package/chunks/initializer-HWOZTC4A.js +67 -0
  167. package/chunks/{ja-7DEUB2TS.js → ja-HFV5QCHR.js} +10 -9
  168. package/chunks/{keychain-token-storage-YLMDLKXT.js → keychain-token-storage-GPAKRDKQ.js} +2 -2
  169. package/chunks/list-OZGAGRDG.js +71 -0
  170. package/chunks/loadedSettingsAdapter-RUTZVVIA.js +66 -0
  171. package/chunks/{loop-wakeup-CITGGQHA.js → loop-wakeup-G2EHBRGR.js} +5 -5
  172. package/chunks/{ls-R5WP4BGZ.js → ls-IDHUVSAG.js} +4 -4
  173. package/chunks/{lsp-GSICJMMW.js → lsp-FSRYXGFT.js} +2 -2
  174. package/chunks/{monitor-HKLRS2HQ.js → monitor-QVWEIXU3.js} +33 -26
  175. package/chunks/nonInteractiveCli-RV2WYPML.js +109 -0
  176. package/chunks/{notebook-edit-Y6SKSGTT.js → notebook-edit-B26W3FFH.js} +37 -34
  177. package/chunks/{openaiContentGenerator-J7G2FYJT.js → openaiContentGenerator-6TH7AZGQ.js} +15 -13
  178. package/chunks/pidfile-KW2QQJZI.js +73 -0
  179. package/chunks/{pt-TNZRNLQB.js → pt-2THT3YHA.js} +10 -9
  180. package/chunks/{qwenContentGenerator-5XIEM5GV.js → qwenContentGenerator-5IQAC7RN.js} +33 -27
  181. package/chunks/{qwenOAuth2-AG3PFFLZ.js → qwenOAuth2-LWLA6MQG.js} +5 -4
  182. package/chunks/{read-file-J7D552ZJ.js → read-file-CWFAHOI2.js} +11 -10
  183. package/chunks/{read-mcp-resource-DQQW7H7T.js → read-mcp-resource-PIJF24RO.js} +2 -2
  184. package/chunks/ripGrep-FTZGDKY4.js +60 -0
  185. package/chunks/{ru-NIAUBKCN.js → ru-Z67YJHBG.js} +10 -9
  186. package/chunks/{run-qwen-serve-SGEEVMXD.js → run-qwen-serve-FN2SW5ZI.js} +545 -97
  187. package/chunks/{scheduler-7CQI3S4Q.js → scheduler-BMS23O3I.js} +31 -25
  188. package/chunks/{send-message-EE4TWKVU.js → send-message-33PYFMCT.js} +20 -4
  189. package/chunks/serve-PXFYKL65.js +71 -0
  190. package/chunks/{server-4QMUWXPW.js → server-BRKALJ4F.js} +4132 -1175
  191. package/chunks/{session-NRO7UFOY.js → session-AQMISBP4.js} +205 -64
  192. package/chunks/{settings-SGWRDQSC.js → settings-JCPVUZMB.js} +35 -29
  193. package/chunks/{shell-62ANGIHL.js → shell-POHCRVN2.js} +31 -25
  194. package/chunks/{skill-VWAQAWW6.js → skill-QPEVHS6H.js} +13 -12
  195. package/chunks/spawnChannel-V3QT62TE.js +69 -0
  196. package/chunks/{src-KUV5J5Q2.js → src-IZSP7L6Y.js} +127 -32
  197. package/chunks/{startInteractiveUI-6EYJN3JV.js → startInteractiveUI-63KATISO.js} +16762 -16075
  198. package/chunks/{syntheticOutput-T5YHQ6S2.js → syntheticOutput-YOSWIHDJ.js} +3 -3
  199. package/chunks/{task-create-BLY7RHXX.js → task-create-NHS2NGB3.js} +9 -7
  200. package/chunks/{task-list-3QUYNVYR.js → task-list-5UIB564R.js} +7 -6
  201. package/chunks/{task-stop-U4RATK2V.js → task-stop-HGXZ2VZ3.js} +2 -2
  202. package/chunks/{task-update-U54O7KJX.js → task-update-IYYWUILG.js} +40 -7
  203. package/chunks/{team-create-LPOGCPM7.js → team-create-E5O2F3CA.js} +31 -25
  204. package/chunks/{team-delete-LKBYPASD.js → team-delete-FEKJCU4P.js} +7 -6
  205. package/chunks/team-plan-approval-2TU4YROB.js +202 -0
  206. package/chunks/theme-manager-37KOGPJL.js +64 -0
  207. package/chunks/{todoWrite-OYXKTVYN.js → todoWrite-TKMVZ2HT.js} +4 -4
  208. package/chunks/{tool-search-YPUFJ3ZQ.js → tool-search-4ZTGNSFI.js} +38 -11
  209. package/chunks/{trustedFolders-5B24TMEA.js → trustedFolders-RJ5WXJ6L.js} +32 -26
  210. package/chunks/{validateNonInterActiveAuth-BTDTYOVT.js → validateNonInterActiveAuth-ZWMHZAOK.js} +66 -55
  211. package/chunks/{web-fetch-EEB5LZYU.js → web-fetch-J4PIW36Q.js} +5 -4
  212. package/chunks/{workflow-LAWIW5LI.js → workflow-6PG2PC5M.js} +68 -39
  213. package/chunks/workspace-providers-status-4QIZN2W4.js +68 -0
  214. package/chunks/workspace-service-CYMCOEIO.js +78 -0
  215. package/chunks/{write-file-PCV226DJ.js → write-file-R354LGQF.js} +41 -40
  216. package/chunks/{zh-5EUYXASN.js → zh-SLZNSSZB.js} +32 -10
  217. package/chunks/{zh-TW-TR3XYGE5.js → zh-TW-P53C2SL5.js} +32 -10
  218. package/cli.js +6 -6
  219. package/locales/ca.js +15 -13
  220. package/locales/de.js +15 -13
  221. package/locales/en.js +52 -15
  222. package/locales/fr.js +15 -14
  223. package/locales/ja.js +15 -14
  224. package/locales/pt.js +15 -13
  225. package/locales/ru.js +15 -13
  226. package/locales/zh-TW.js +50 -14
  227. package/locales/zh.js +50 -14
  228. package/node_modules/@qwen-code/audio-capture/package.json +1 -1
  229. package/node_modules/@qwen-code/audio-capture/prebuilds/darwin-arm64/@qwen-code+audio-capture.node +0 -0
  230. package/node_modules/@qwen-code/audio-capture/prebuilds/darwin-x64/@qwen-code+audio-capture.node +0 -0
  231. package/node_modules/@qwen-code/audio-capture/prebuilds/win32-x64/@qwen-code+audio-capture.node +0 -0
  232. package/package.json +15 -6
  233. package/patches/chrome-devtools-mcp+1.4.0.patch +31 -0
  234. package/postinstall.js +50 -0
  235. package/web-shell/assets/{arc-DA7r8Ueo.js → arc-Bd3048nX.js} +1 -1
  236. package/web-shell/assets/{architectureDiagram-3BPJPVTR-ZDUxPtZ2.js → architectureDiagram-3BPJPVTR-DyzbzABx.js} +1 -1
  237. package/web-shell/assets/{blockDiagram-GPEHLZMM-vrtOf1kJ.js → blockDiagram-GPEHLZMM-CTjxm9Sy.js} +1 -1
  238. package/web-shell/assets/{c4Diagram-AAUBKEIU-BHFjzIi4.js → c4Diagram-AAUBKEIU-DSOFWNU6.js} +1 -1
  239. package/web-shell/assets/channel-oVoup_Ci.js +1 -0
  240. package/web-shell/assets/{chunk-2J33WTMH-mdeQVz59.js → chunk-2J33WTMH-D_PFdjo2.js} +1 -1
  241. package/web-shell/assets/{chunk-4BX2VUAB-BkKMlwBX.js → chunk-4BX2VUAB-52eG6wOT.js} +1 -1
  242. package/web-shell/assets/{chunk-55IACEB6-B7bnXNfu.js → chunk-55IACEB6-CGTZfKkC.js} +1 -1
  243. package/web-shell/assets/{chunk-727SXJPM-DGz8Mm6i.js → chunk-727SXJPM-CZ-qfRUm.js} +1 -1
  244. package/web-shell/assets/{chunk-AQP2D5EJ-BQAydUNk.js → chunk-AQP2D5EJ-B2dSDcqM.js} +1 -1
  245. package/web-shell/assets/{chunk-FMBD7UC4-GHr2LN_p.js → chunk-FMBD7UC4-Cfy3tyA0.js} +1 -1
  246. package/web-shell/assets/{chunk-ND2GUHAM-7R91lnUx.js → chunk-ND2GUHAM-CApNUpUq.js} +1 -1
  247. package/web-shell/assets/{chunk-QZHKN3VN-aTJD3lSQ.js → chunk-QZHKN3VN-CVBG8kgg.js} +1 -1
  248. package/web-shell/assets/classDiagram-4FO5ZUOK-B8WsaT2G.js +1 -0
  249. package/web-shell/assets/classDiagram-v2-Q7XG4LA2-B8WsaT2G.js +1 -0
  250. package/web-shell/assets/{cose-bilkent-S5V4N54A-BTf8t1RL.js → cose-bilkent-S5V4N54A-URd77-_-.js} +1 -1
  251. package/web-shell/assets/{dagre-BM42HDAG-_sgp3WuA.js → dagre-BM42HDAG-C07H4G9-.js} +1 -1
  252. package/web-shell/assets/{diagram-2AECGRRQ-CROtRy1w.js → diagram-2AECGRRQ-CYbpXrSn.js} +1 -1
  253. package/web-shell/assets/{diagram-5GNKFQAL-BqGRzwSc.js → diagram-5GNKFQAL-SI8s6fjX.js} +1 -1
  254. package/web-shell/assets/{diagram-KO2AKTUF-CMrcEtA7.js → diagram-KO2AKTUF-mBkC4RTW.js} +1 -1
  255. package/web-shell/assets/{diagram-LMA3HP47-BRydGNW5.js → diagram-LMA3HP47-CyBPDzWJ.js} +1 -1
  256. package/web-shell/assets/{diagram-OG6HWLK6-D0ilgNjV.js → diagram-OG6HWLK6-DwK7kBCu.js} +1 -1
  257. package/web-shell/assets/{erDiagram-TEJ5UH35-2lnQeJUM.js → erDiagram-TEJ5UH35-Ds1StEUd.js} +1 -1
  258. package/web-shell/assets/{flowDiagram-I6XJVG4X-C_ZMdQiC.js → flowDiagram-I6XJVG4X-BDC4-jHO.js} +1 -1
  259. package/web-shell/assets/{ganttDiagram-6RSMTGT7-Dw9V_Ny0.js → ganttDiagram-6RSMTGT7-CV2aHQqf.js} +1 -1
  260. package/web-shell/assets/{gitGraphDiagram-PVQCEYII-HDXI-F1B.js → gitGraphDiagram-PVQCEYII-B8RcuV_L.js} +1 -1
  261. package/web-shell/assets/index-B5WZ0qP1.js +717 -0
  262. package/web-shell/assets/index-CYE1IMd1.css +5 -0
  263. package/web-shell/assets/{infoDiagram-5YYISTIA-CuB8Ebua.js → infoDiagram-5YYISTIA-DUPoTf50.js} +1 -1
  264. package/web-shell/assets/{ishikawaDiagram-YF4QCWOH-D_tyhVwh.js → ishikawaDiagram-YF4QCWOH-FDYOx9rf.js} +1 -1
  265. package/web-shell/assets/{journeyDiagram-JHISSGLW-CgCwJQNU.js → journeyDiagram-JHISSGLW-C5_ohMRp.js} +1 -1
  266. package/web-shell/assets/{kanban-definition-UN3LZRKU-PZUtcbPx.js → kanban-definition-UN3LZRKU-Bn4UnOMG.js} +1 -1
  267. package/web-shell/assets/{linear-CZqRdJIU.js → linear-Bl0pKQtY.js} +1 -1
  268. package/web-shell/assets/{mermaid.core-CPW_4UEF.js → mermaid.core-sevQFoji.js} +72 -72
  269. package/web-shell/assets/{mindmap-definition-RKZ34NQL-D_Y75ID7.js → mindmap-definition-RKZ34NQL-DSH4JZF9.js} +1 -1
  270. package/web-shell/assets/{pieDiagram-4H26LBE5-Q4dTyLeF.js → pieDiagram-4H26LBE5-acWvdQTD.js} +1 -1
  271. package/web-shell/assets/{quadrantDiagram-W4KKPZXB-ckw329Ft.js → quadrantDiagram-W4KKPZXB-DlggX4Sm.js} +1 -1
  272. package/web-shell/assets/{requirementDiagram-4Y6WPE33-DbVDm4It.js → requirementDiagram-4Y6WPE33--mMqwmV8.js} +1 -1
  273. package/web-shell/assets/{sankeyDiagram-5OEKKPKP-CHuZ_ecH.js → sankeyDiagram-5OEKKPKP-BtV9tZ77.js} +1 -1
  274. package/web-shell/assets/{sequenceDiagram-3UESZ5HK-DU2YSpq-.js → sequenceDiagram-3UESZ5HK-iDQzPFlj.js} +1 -1
  275. package/web-shell/assets/{stateDiagram-AJRCARHV-CA9PEBUo.js → stateDiagram-AJRCARHV-CsCyQLZ3.js} +1 -1
  276. package/web-shell/assets/stateDiagram-v2-BHNVJYJU-CPapECG9.js +1 -0
  277. package/web-shell/assets/{timeline-definition-PNZ67QCA-Bhlo4WVc.js → timeline-definition-PNZ67QCA-Dl0rnKvr.js} +1 -1
  278. package/web-shell/assets/{vennDiagram-CIIHVFJN-6xtPLsyl.js → vennDiagram-CIIHVFJN-qF7nTZzA.js} +1 -1
  279. package/web-shell/assets/{wardley-L42UT6IY-3eozmXPf.js → wardley-L42UT6IY-fWoK9i7F.js} +1 -1
  280. package/web-shell/assets/{wardleyDiagram-YWT4CUSO-BOn6hKss.js → wardleyDiagram-YWT4CUSO-pHGfkMnc.js} +1 -1
  281. package/web-shell/assets/{xychartDiagram-2RQKCTM6-BsP4-I_y.js → xychartDiagram-2RQKCTM6-3Doc4Trz.js} +1 -1
  282. package/web-shell/index.html +18 -2
  283. package/chunks/MaxSizedBox-QNF3EIGU.js +0 -63
  284. package/chunks/agent-headless-RQ5BTX3G.js +0 -56
  285. package/chunks/bridge-JL2PMCIW.js +0 -66
  286. package/chunks/chunk-5GOVVXEV.js +0 -73
  287. package/chunks/chunk-BC3C4F3Q.js +0 -40
  288. package/chunks/chunk-BW4KCQFD.js +0 -1103
  289. package/chunks/chunk-RKIZXJMB.js +0 -13
  290. package/chunks/contextCommand-WYU6OQ2F.js +0 -61
  291. package/chunks/daemon-status-provider-HH2EC5FI.js +0 -65
  292. package/chunks/headlessSafetyWarnings-TBE35GJ4.js +0 -55
  293. package/chunks/initializer-2Y7SLOKV.js +0 -61
  294. package/chunks/list-ZAFHZ7OS.js +0 -65
  295. package/chunks/loadedSettingsAdapter-6KJXD6M3.js +0 -60
  296. package/chunks/nonInteractiveCli-5W4GIZQM.js +0 -96
  297. package/chunks/ripGrep-IEIFIWP4.js +0 -54
  298. package/chunks/serve-V6GVZR6U.js +0 -65
  299. package/chunks/spawnChannel-3VHW5EPY.js +0 -63
  300. package/chunks/theme-manager-LYLGAERF.js +0 -58
  301. package/chunks/workspace-providers-status-PIAFVYHA.js +0 -62
  302. package/chunks/workspace-service-YAIOD4HG.js +0 -71
  303. package/web-shell/assets/channel-iRo68q4Q.js +0 -1
  304. package/web-shell/assets/classDiagram-4FO5ZUOK-iHF24a8X.js +0 -1
  305. package/web-shell/assets/classDiagram-v2-Q7XG4LA2-iHF24a8X.js +0 -1
  306. package/web-shell/assets/index-CHmzAWys.css +0 -5
  307. package/web-shell/assets/index-w6GTOHh1.js +0 -713
  308. package/web-shell/assets/stateDiagram-v2-BHNVJYJU-t1LRI0oY.js +0 -1
@@ -2,7 +2,7 @@
2
2
  "use strict";
3
3
  import {
4
4
  createDebugLogger
5
- } from "./chunk-UX4SGCGN.js";
5
+ } from "./chunk-AVQDCKNF.js";
6
6
  import {
7
7
  init_esbuild_shims
8
8
  } from "./chunk-A4BMJM77.js";
@@ -471,6 +471,24 @@ var require_errors = __commonJS({
471
471
  }
472
472
  [kSecureProxyConnectionError] = true;
473
473
  };
474
+ var kMessageSizeExceededError = Symbol.for("undici.error.UND_ERR_WS_MESSAGE_SIZE_EXCEEDED");
475
+ var MessageSizeExceededError = class extends UndiciError {
476
+ static {
477
+ __name(this, "MessageSizeExceededError");
478
+ }
479
+ constructor(message) {
480
+ super(message);
481
+ this.name = "MessageSizeExceededError";
482
+ this.message = message || "Max decompressed message size exceeded";
483
+ this.code = "UND_ERR_WS_MESSAGE_SIZE_EXCEEDED";
484
+ }
485
+ static [Symbol.hasInstance](instance) {
486
+ return instance && instance[kMessageSizeExceededError] === true;
487
+ }
488
+ get [kMessageSizeExceededError]() {
489
+ return true;
490
+ }
491
+ };
474
492
  module.exports = {
475
493
  AbortError,
476
494
  HTTPParserError,
@@ -494,7 +512,8 @@ var require_errors = __commonJS({
494
512
  ResponseExceededMaxSizeError,
495
513
  RequestRetryError,
496
514
  ResponseError,
497
- SecureProxyConnectionError
515
+ SecureProxyConnectionError,
516
+ MessageSizeExceededError
498
517
  };
499
518
  }
500
519
  });
@@ -1561,6 +1580,9 @@ var require_request = __commonJS({
1561
1580
  if (upgrade && typeof upgrade !== "string") {
1562
1581
  throw new InvalidArgumentError("upgrade must be a string");
1563
1582
  }
1583
+ if (upgrade && !isValidHeaderValue(upgrade)) {
1584
+ throw new InvalidArgumentError("invalid upgrade header");
1585
+ }
1564
1586
  if (headersTimeout != null && (!Number.isFinite(headersTimeout) || headersTimeout < 0)) {
1565
1587
  throw new InvalidArgumentError("invalid headersTimeout");
1566
1588
  }
@@ -1793,12 +1815,18 @@ var require_request = __commonJS({
1793
1815
  } else {
1794
1816
  val = `${val}`;
1795
1817
  }
1796
- if (request.host === null && headerName === "host") {
1818
+ if (headerName === "host") {
1819
+ if (request.host !== null) {
1820
+ throw new InvalidArgumentError("duplicate host header");
1821
+ }
1797
1822
  if (typeof val !== "string") {
1798
1823
  throw new InvalidArgumentError("invalid host header");
1799
1824
  }
1800
1825
  request.host = val;
1801
- } else if (request.contentLength === null && headerName === "content-length") {
1826
+ } else if (headerName === "content-length") {
1827
+ if (request.contentLength !== null) {
1828
+ throw new InvalidArgumentError("duplicate content-length header");
1829
+ }
1802
1830
  request.contentLength = parseInt(val, 10);
1803
1831
  if (!Number.isFinite(request.contentLength)) {
1804
1832
  throw new InvalidArgumentError("invalid content-length header");
@@ -1904,16 +1932,24 @@ var require_dispatcher_base = __commonJS({
1904
1932
  var kOnDestroyed = Symbol("onDestroyed");
1905
1933
  var kOnClosed = Symbol("onClosed");
1906
1934
  var kInterceptedDispatch = Symbol("Intercepted Dispatch");
1935
+ var kWebSocketOptions = Symbol("webSocketOptions");
1907
1936
  var DispatcherBase = class extends Dispatcher {
1908
1937
  static {
1909
1938
  __name(this, "DispatcherBase");
1910
1939
  }
1911
- constructor() {
1940
+ constructor(opts) {
1912
1941
  super();
1913
1942
  this[kDestroyed] = false;
1914
1943
  this[kOnDestroyed] = null;
1915
1944
  this[kClosed] = false;
1916
1945
  this[kOnClosed] = [];
1946
+ this[kWebSocketOptions] = opts?.webSocket ?? {};
1947
+ }
1948
+ get webSocketOptions() {
1949
+ return {
1950
+ maxFragments: this[kWebSocketOptions].maxFragments ?? 131072,
1951
+ maxPayloadSize: this[kWebSocketOptions].maxPayloadSize ?? 128 * 1024 * 1024
1952
+ };
1917
1953
  }
1918
1954
  get destroyed() {
1919
1955
  return this[kDestroyed];
@@ -5712,6 +5748,9 @@ var require_client_h1 = __commonJS({
5712
5748
  var FastBuffer = Buffer[Symbol.species];
5713
5749
  var addListener = util.addListener;
5714
5750
  var removeAllListeners = util.removeAllListeners;
5751
+ var kIdleSocketValidation = Symbol("kIdleSocketValidation");
5752
+ var kIdleSocketValidationTimeout = Symbol("kIdleSocketValidationTimeout");
5753
+ var kSocketUsed = Symbol("kSocketUsed");
5715
5754
  var extractBody;
5716
5755
  async function lazyllhttp() {
5717
5756
  const llhttpWasmData = process.env.JEST_WORKER_ID ? require_llhttp_wasm() : void 0;
@@ -5878,24 +5917,55 @@ var require_client_h1 = __commonJS({
5878
5917
  currentBufferRef = null;
5879
5918
  }
5880
5919
  const offset = llhttp.llhttp_get_error_pos(this.ptr) - currentBufferPtr;
5881
- if (ret === constants.ERROR.PAUSED_UPGRADE) {
5882
- this.onUpgrade(data.slice(offset));
5883
- } else if (ret === constants.ERROR.PAUSED) {
5884
- this.paused = true;
5885
- socket.unshift(data.slice(offset));
5886
- } else if (ret !== constants.ERROR.OK) {
5887
- const ptr = llhttp.llhttp_get_error_reason(this.ptr);
5888
- let message = "";
5889
- if (ptr) {
5890
- const len = new Uint8Array(llhttp.memory.buffer, ptr).indexOf(0);
5891
- message = "Response does not match the HTTP/1.1 protocol (" + Buffer.from(llhttp.memory.buffer, ptr, len).toString() + ")";
5920
+ if (ret !== constants.ERROR.OK) {
5921
+ const body = data.subarray(offset);
5922
+ if (ret === constants.ERROR.PAUSED_UPGRADE) {
5923
+ this.onUpgrade(body);
5924
+ } else if (ret === constants.ERROR.PAUSED) {
5925
+ this.paused = true;
5926
+ socket.unshift(body);
5927
+ } else {
5928
+ throw this.createError(ret, body);
5892
5929
  }
5893
- throw new HTTPParserError(message, constants.ERROR[ret], data.slice(offset));
5894
5930
  }
5895
5931
  } catch (err) {
5896
5932
  util.destroy(socket, err);
5897
5933
  }
5898
5934
  }
5935
+ finish() {
5936
+ assert(currentParser === null);
5937
+ assert(this.ptr != null);
5938
+ assert(!this.paused);
5939
+ const { llhttp } = this;
5940
+ let ret;
5941
+ try {
5942
+ currentParser = this;
5943
+ ret = llhttp.llhttp_finish(this.ptr);
5944
+ } finally {
5945
+ currentParser = null;
5946
+ }
5947
+ if (ret === constants.ERROR.OK) {
5948
+ return null;
5949
+ }
5950
+ if (ret === constants.ERROR.PAUSED || ret === constants.ERROR.PAUSED_UPGRADE) {
5951
+ this.paused = true;
5952
+ return null;
5953
+ }
5954
+ return this.createError(ret, EMPTY_BUF);
5955
+ }
5956
+ createError(ret, data) {
5957
+ const { llhttp, contentLength, bytesRead } = this;
5958
+ if (contentLength && bytesRead !== parseInt(contentLength, 10)) {
5959
+ return new ResponseContentLengthMismatchError();
5960
+ }
5961
+ const ptr = llhttp.llhttp_get_error_reason(this.ptr);
5962
+ let message = "";
5963
+ if (ptr) {
5964
+ const len = new Uint8Array(llhttp.memory.buffer, ptr).indexOf(0);
5965
+ message = "Response does not match the HTTP/1.1 protocol (" + Buffer.from(llhttp.memory.buffer, ptr, len).toString() + ")";
5966
+ }
5967
+ return new HTTPParserError(message, constants.ERROR[ret], data);
5968
+ }
5899
5969
  destroy() {
5900
5970
  assert(this.ptr != null);
5901
5971
  assert(currentParser == null);
@@ -5915,6 +5985,10 @@ var require_client_h1 = __commonJS({
5915
5985
  if (socket.destroyed) {
5916
5986
  return -1;
5917
5987
  }
5988
+ if (client[kRunning] === 0) {
5989
+ util.destroy(socket, new SocketError("bad response", util.getSocketInfo(socket)));
5990
+ return -1;
5991
+ }
5918
5992
  const request = client[kQueue][client[kRunningIdx]];
5919
5993
  if (!request) {
5920
5994
  return -1;
@@ -5994,6 +6068,10 @@ var require_client_h1 = __commonJS({
5994
6068
  if (socket.destroyed) {
5995
6069
  return -1;
5996
6070
  }
6071
+ if (client[kRunning] === 0) {
6072
+ util.destroy(socket, new SocketError("bad response", util.getSocketInfo(socket)));
6073
+ return -1;
6074
+ }
5997
6075
  const request = client[kQueue][client[kRunningIdx]];
5998
6076
  if (!request) {
5999
6077
  return -1;
@@ -6119,6 +6197,7 @@ var require_client_h1 = __commonJS({
6119
6197
  }
6120
6198
  request.onComplete(headers);
6121
6199
  client[kQueue][client[kRunningIdx]++] = null;
6200
+ socket[kSocketUsed] = true;
6122
6201
  if (socket[kWriting]) {
6123
6202
  assert(client[kRunning] === 0);
6124
6203
  util.destroy(socket, new InformationalError("reset"));
@@ -6163,12 +6242,19 @@ var require_client_h1 = __commonJS({
6163
6242
  socket[kWriting] = false;
6164
6243
  socket[kReset] = false;
6165
6244
  socket[kBlocking] = false;
6245
+ socket[kIdleSocketValidation] = 0;
6246
+ socket[kIdleSocketValidationTimeout] = null;
6247
+ socket[kSocketUsed] = false;
6166
6248
  socket[kParser] = new Parser(client, socket, llhttpInstance);
6167
6249
  addListener(socket, "error", function(err) {
6168
6250
  assert(err.code !== "ERR_TLS_CERT_ALTNAME_INVALID");
6169
6251
  const parser = this[kParser];
6170
6252
  if (err.code === "ECONNRESET" && parser.statusCode && !parser.shouldKeepAlive) {
6171
- parser.onMessageComplete();
6253
+ const parserErr = parser.finish();
6254
+ if (parserErr) {
6255
+ this[kError] = parserErr;
6256
+ this[kClient][kOnError](parserErr);
6257
+ }
6172
6258
  return;
6173
6259
  }
6174
6260
  this[kError] = err;
@@ -6183,7 +6269,10 @@ var require_client_h1 = __commonJS({
6183
6269
  addListener(socket, "end", function() {
6184
6270
  const parser = this[kParser];
6185
6271
  if (parser.statusCode && !parser.shouldKeepAlive) {
6186
- parser.onMessageComplete();
6272
+ const parserErr = parser.finish();
6273
+ if (parserErr) {
6274
+ util.destroy(this, parserErr);
6275
+ }
6187
6276
  return;
6188
6277
  }
6189
6278
  util.destroy(this, new SocketError("other side closed", util.getSocketInfo(this)));
@@ -6191,9 +6280,10 @@ var require_client_h1 = __commonJS({
6191
6280
  addListener(socket, "close", function() {
6192
6281
  const client2 = this[kClient];
6193
6282
  const parser = this[kParser];
6283
+ clearIdleSocketValidation(this);
6194
6284
  if (parser) {
6195
6285
  if (!this[kError] && parser.statusCode && !parser.shouldKeepAlive) {
6196
- parser.onMessageComplete();
6286
+ this[kError] = parser.finish() || this[kError];
6197
6287
  }
6198
6288
  this[kParser].destroy();
6199
6289
  this[kParser] = null;
@@ -6242,7 +6332,7 @@ var require_client_h1 = __commonJS({
6242
6332
  return socket.destroyed;
6243
6333
  },
6244
6334
  busy(request) {
6245
- if (socket[kWriting] || socket[kReset] || socket[kBlocking]) {
6335
+ if (socket[kWriting] || socket[kReset] || socket[kBlocking] || socket[kIdleSocketValidation] === 1) {
6246
6336
  return true;
6247
6337
  }
6248
6338
  if (request) {
@@ -6261,6 +6351,26 @@ var require_client_h1 = __commonJS({
6261
6351
  };
6262
6352
  }
6263
6353
  __name(connectH1, "connectH1");
6354
+ function clearIdleSocketValidation(socket) {
6355
+ if (socket[kIdleSocketValidationTimeout]) {
6356
+ clearTimeout(socket[kIdleSocketValidationTimeout]);
6357
+ socket[kIdleSocketValidationTimeout] = null;
6358
+ }
6359
+ socket[kIdleSocketValidation] = 0;
6360
+ }
6361
+ __name(clearIdleSocketValidation, "clearIdleSocketValidation");
6362
+ function scheduleIdleSocketValidation(client, socket) {
6363
+ socket[kIdleSocketValidation] = 1;
6364
+ socket[kIdleSocketValidationTimeout] = setTimeout(() => {
6365
+ socket[kIdleSocketValidationTimeout] = null;
6366
+ socket[kIdleSocketValidation] = 2;
6367
+ if (client[kSocket] === socket && !socket.destroyed) {
6368
+ client[kResume]();
6369
+ }
6370
+ }, 0);
6371
+ socket[kIdleSocketValidationTimeout].unref?.();
6372
+ }
6373
+ __name(scheduleIdleSocketValidation, "scheduleIdleSocketValidation");
6264
6374
  function resumeH1(client) {
6265
6375
  const socket = client[kSocket];
6266
6376
  if (socket && !socket.destroyed) {
@@ -6273,6 +6383,29 @@ var require_client_h1 = __commonJS({
6273
6383
  socket.ref();
6274
6384
  socket[kNoRef] = false;
6275
6385
  }
6386
+ if (client[kRunning] === 0 && client[kPending] > 0 && socket[kSocketUsed]) {
6387
+ if (socket[kIdleSocketValidation] === 0) {
6388
+ scheduleIdleSocketValidation(client, socket);
6389
+ socket[kParser].readMore();
6390
+ if (socket.destroyed) {
6391
+ return;
6392
+ }
6393
+ return;
6394
+ }
6395
+ if (socket[kIdleSocketValidation] === 1) {
6396
+ socket[kParser].readMore();
6397
+ if (socket.destroyed) {
6398
+ return;
6399
+ }
6400
+ return;
6401
+ }
6402
+ }
6403
+ if (client[kRunning] === 0) {
6404
+ socket[kParser].readMore();
6405
+ if (socket.destroyed) {
6406
+ return;
6407
+ }
6408
+ }
6276
6409
  if (client[kSize] === 0) {
6277
6410
  if (socket[kParser].timeoutType !== TIMEOUT_KEEP_ALIVE) {
6278
6411
  socket[kParser].setTimeout(client[kKeepAliveTimeoutValue], TIMEOUT_KEEP_ALIVE);
@@ -6327,6 +6460,7 @@ var require_client_h1 = __commonJS({
6327
6460
  process.emitWarning(new RequestContentLengthMismatchError());
6328
6461
  }
6329
6462
  const socket = client[kSocket];
6463
+ clearIdleSocketValidation(socket);
6330
6464
  const abort = /* @__PURE__ */ __name((err) => {
6331
6465
  if (request.aborted || request.completed) {
6332
6466
  return;
@@ -7549,9 +7683,10 @@ var require_client = __commonJS({
7549
7683
  autoSelectFamilyAttemptTimeout,
7550
7684
  // h2
7551
7685
  maxConcurrentStreams,
7552
- allowH2
7686
+ allowH2,
7687
+ webSocket
7553
7688
  } = {}) {
7554
- super();
7689
+ super({ webSocket });
7555
7690
  if (keepAlive !== void 0) {
7556
7691
  throw new InvalidArgumentError("unsupported keepAlive, use pipelining=0 instead");
7557
7692
  }
@@ -8077,8 +8212,8 @@ var require_pool_base = __commonJS({
8077
8212
  static {
8078
8213
  __name(this, "PoolBase");
8079
8214
  }
8080
- constructor() {
8081
- super();
8215
+ constructor(opts) {
8216
+ super(opts);
8082
8217
  this[kQueue] = new FixedQueue();
8083
8218
  this[kClients] = [];
8084
8219
  this[kQueued] = 0;
@@ -8254,7 +8389,6 @@ var require_pool = __commonJS({
8254
8389
  allowH2,
8255
8390
  ...options
8256
8391
  } = {}) {
8257
- super();
8258
8392
  if (connections != null && (!Number.isFinite(connections) || connections < 0)) {
8259
8393
  throw new InvalidArgumentError("invalid connections");
8260
8394
  }
@@ -8275,6 +8409,7 @@ var require_pool = __commonJS({
8275
8409
  ...connect
8276
8410
  });
8277
8411
  }
8412
+ super(options);
8278
8413
  this[kInterceptors] = options.interceptors?.Pool && Array.isArray(options.interceptors.Pool) ? options.interceptors.Pool : [];
8279
8414
  this[kConnections] = connections || null;
8280
8415
  this[kUrl] = util.parseOrigin(origin);
@@ -8485,7 +8620,6 @@ var require_agent = __commonJS({
8485
8620
  __name(this, "Agent");
8486
8621
  }
8487
8622
  constructor({ factory = defaultFactory, maxRedirections = 0, connect, ...options } = {}) {
8488
- super();
8489
8623
  if (typeof factory !== "function") {
8490
8624
  throw new InvalidArgumentError("factory must be a function.");
8491
8625
  }
@@ -8495,6 +8629,7 @@ var require_agent = __commonJS({
8495
8629
  if (!Number.isInteger(maxRedirections) || maxRedirections < 0) {
8496
8630
  throw new InvalidArgumentError("maxRedirections must be a positive number");
8497
8631
  }
8632
+ super(options);
8498
8633
  if (connect && typeof connect !== "function") {
8499
8634
  connect = { ...connect };
8500
8635
  }
@@ -14481,23 +14616,25 @@ var require_fetch = __commonJS({
14481
14616
  if (status < 200) {
14482
14617
  return;
14483
14618
  }
14484
- let codings = [];
14485
14619
  let location = "";
14486
14620
  const headersList = new HeadersList();
14487
14621
  for (let i = 0; i < rawHeaders.length; i += 2) {
14488
14622
  headersList.append(bufferToLowerCasedHeaderName(rawHeaders[i]), rawHeaders[i + 1].toString("latin1"), true);
14489
14623
  }
14490
- const contentEncoding = headersList.get("content-encoding", true);
14491
- if (contentEncoding) {
14492
- codings = contentEncoding.toLowerCase().split(",").map((x) => x.trim());
14493
- }
14494
14624
  location = headersList.get("location", true);
14495
14625
  this.body = new Readable({ read: resume });
14496
14626
  const decoders = [];
14497
14627
  const willFollow = location && request.redirect === "follow" && redirectStatusSet.has(status);
14498
- if (codings.length !== 0 && request.method !== "HEAD" && request.method !== "CONNECT" && !nullBodyStatus.includes(status) && !willFollow) {
14628
+ if (request.method !== "HEAD" && request.method !== "CONNECT" && !nullBodyStatus.includes(status) && !willFollow) {
14629
+ const contentEncoding = headersList.get("content-encoding", true);
14630
+ const codings = contentEncoding ? contentEncoding.toLowerCase().split(",") : [];
14631
+ const maxContentEncodings = 5;
14632
+ if (codings.length > maxContentEncodings) {
14633
+ reject(new Error(`too many content-encodings in response: ${codings.length}, maximum allowed is ${maxContentEncodings}`));
14634
+ return true;
14635
+ }
14499
14636
  for (let i = codings.length - 1; i >= 0; --i) {
14500
- const coding = codings[i];
14637
+ const coding = codings[i].trim();
14501
14638
  if (coding === "x-gzip" || coding === "gzip") {
14502
14639
  decoders.push(zlib.createGunzip({
14503
14640
  // Be less strict when decoding compressed responses, since sometimes
@@ -16441,18 +16578,14 @@ var require_parse = __commonJS({
16441
16578
  } else if (attributeNameLowercase === "httponly") {
16442
16579
  cookieAttributeList.httpOnly = true;
16443
16580
  } else if (attributeNameLowercase === "samesite") {
16444
- let enforcement = "Default";
16445
16581
  const attributeValueLowercase = attributeValue.toLowerCase();
16446
- if (attributeValueLowercase.includes("none")) {
16447
- enforcement = "None";
16448
- }
16449
- if (attributeValueLowercase.includes("strict")) {
16450
- enforcement = "Strict";
16451
- }
16452
- if (attributeValueLowercase.includes("lax")) {
16453
- enforcement = "Lax";
16582
+ if (attributeValueLowercase === "none") {
16583
+ cookieAttributeList.sameSite = "None";
16584
+ } else if (attributeValueLowercase === "strict") {
16585
+ cookieAttributeList.sameSite = "Strict";
16586
+ } else if (attributeValueLowercase === "lax") {
16587
+ cookieAttributeList.sameSite = "Lax";
16454
16588
  }
16455
- cookieAttributeList.sameSite = enforcement;
16456
16589
  } else {
16457
16590
  cookieAttributeList.unparsed ??= [];
16458
16591
  cookieAttributeList.unparsed.push(`${attributeName}=${attributeValue}`);
@@ -17101,13 +17234,17 @@ var require_util7 = __commonJS({
17101
17234
  }
17102
17235
  __name(parseExtensions, "parseExtensions");
17103
17236
  function isValidClientWindowBits(value) {
17237
+ if (value.length === 0) {
17238
+ return false;
17239
+ }
17104
17240
  for (let i = 0; i < value.length; i++) {
17105
17241
  const byte = value.charCodeAt(i);
17106
17242
  if (byte < 48 || byte > 57) {
17107
17243
  return false;
17108
17244
  }
17109
17245
  }
17110
- return true;
17246
+ const num = Number.parseInt(value, 10);
17247
+ return num >= 8 && num <= 15;
17111
17248
  }
17112
17249
  __name(isValidClientWindowBits, "isValidClientWindowBits");
17113
17250
  var hasIntl = typeof process.versions.icu === "string";
@@ -17419,6 +17556,7 @@ var require_permessage_deflate = __commonJS({
17419
17556
  init_esbuild_shims();
17420
17557
  var { createInflateRaw, Z_DEFAULT_WINDOWBITS } = __require("node:zlib");
17421
17558
  var { isValidClientWindowBits } = require_util7();
17559
+ var { MessageSizeExceededError } = require_errors();
17422
17560
  var tail = Buffer.from([0, 0, 255, 255]);
17423
17561
  var kBuffer = Symbol("kBuffer");
17424
17562
  var kLength = Symbol("kLength");
@@ -17429,10 +17567,21 @@ var require_permessage_deflate = __commonJS({
17429
17567
  /** @type {import('node:zlib').InflateRaw} */
17430
17568
  #inflate;
17431
17569
  #options = {};
17432
- constructor(extensions) {
17570
+ #maxPayloadSize = 0;
17571
+ /**
17572
+ * @param {Map<string, string>} extensions
17573
+ */
17574
+ constructor(extensions, options) {
17433
17575
  this.#options.serverNoContextTakeover = extensions.has("server_no_context_takeover");
17434
17576
  this.#options.serverMaxWindowBits = extensions.get("server_max_window_bits");
17577
+ this.#maxPayloadSize = options.maxPayloadSize;
17435
17578
  }
17579
+ /**
17580
+ * Decompress a compressed payload.
17581
+ * @param {Buffer} chunk Compressed data
17582
+ * @param {boolean} fin Final fragment flag
17583
+ * @param {Function} callback Callback function
17584
+ */
17436
17585
  decompress(chunk, fin, callback) {
17437
17586
  if (!this.#inflate) {
17438
17587
  let windowBits = Z_DEFAULT_WINDOWBITS;
@@ -17443,12 +17592,23 @@ var require_permessage_deflate = __commonJS({
17443
17592
  }
17444
17593
  windowBits = Number.parseInt(this.#options.serverMaxWindowBits);
17445
17594
  }
17446
- this.#inflate = createInflateRaw({ windowBits });
17595
+ try {
17596
+ this.#inflate = createInflateRaw({ windowBits });
17597
+ } catch (err) {
17598
+ callback(err);
17599
+ return;
17600
+ }
17447
17601
  this.#inflate[kBuffer] = [];
17448
17602
  this.#inflate[kLength] = 0;
17449
17603
  this.#inflate.on("data", (data) => {
17450
- this.#inflate[kBuffer].push(data);
17451
17604
  this.#inflate[kLength] += data.length;
17605
+ if (this.#maxPayloadSize > 0 && this.#inflate[kLength] > this.#maxPayloadSize) {
17606
+ callback(new MessageSizeExceededError());
17607
+ this.#inflate.removeAllListeners();
17608
+ this.#inflate = null;
17609
+ return;
17610
+ }
17611
+ this.#inflate[kBuffer].push(data);
17452
17612
  });
17453
17613
  this.#inflate.on("error", (err) => {
17454
17614
  this.#inflate = null;
@@ -17460,6 +17620,9 @@ var require_permessage_deflate = __commonJS({
17460
17620
  this.#inflate.write(tail);
17461
17621
  }
17462
17622
  this.#inflate.flush(() => {
17623
+ if (!this.#inflate) {
17624
+ return;
17625
+ }
17463
17626
  const full = Buffer.concat(this.#inflate[kBuffer], this.#inflate[kLength]);
17464
17627
  this.#inflate[kBuffer].length = 0;
17465
17628
  this.#inflate[kLength] = 0;
@@ -17494,11 +17657,18 @@ var require_receiver = __commonJS({
17494
17657
  var { WebsocketFrameSend } = require_frame();
17495
17658
  var { closeWebSocketConnection } = require_connection();
17496
17659
  var { PerMessageDeflate } = require_permessage_deflate();
17660
+ var { MessageSizeExceededError } = require_errors();
17661
+ function failWebsocketConnectionWithCode(ws, code, reason) {
17662
+ closeWebSocketConnection(ws, code, reason, Buffer.byteLength(reason));
17663
+ failWebsocketConnection(ws, reason);
17664
+ }
17665
+ __name(failWebsocketConnectionWithCode, "failWebsocketConnectionWithCode");
17497
17666
  var ByteParser = class extends Writable {
17498
17667
  static {
17499
17668
  __name(this, "ByteParser");
17500
17669
  }
17501
17670
  #buffers = [];
17671
+ #fragmentsBytes = 0;
17502
17672
  #byteOffset = 0;
17503
17673
  #loop = false;
17504
17674
  #state = parserStates.INFO;
@@ -17506,12 +17676,23 @@ var require_receiver = __commonJS({
17506
17676
  #fragments = [];
17507
17677
  /** @type {Map<string, PerMessageDeflate>} */
17508
17678
  #extensions;
17509
- constructor(ws, extensions) {
17679
+ /** @type {number} */
17680
+ #maxFragments;
17681
+ /** @type {number} */
17682
+ #maxPayloadSize;
17683
+ /**
17684
+ * @param {import('./websocket').WebSocket} ws
17685
+ * @param {Map<string, string>|null} extensions
17686
+ * @param {{ maxFragments?: number, maxPayloadSize?: number }} [options]
17687
+ */
17688
+ constructor(ws, extensions, options = {}) {
17510
17689
  super();
17511
17690
  this.ws = ws;
17512
17691
  this.#extensions = extensions == null ? /* @__PURE__ */ new Map() : extensions;
17692
+ this.#maxFragments = options.maxFragments ?? 0;
17693
+ this.#maxPayloadSize = options.maxPayloadSize ?? 0;
17513
17694
  if (this.#extensions.has("permessage-deflate")) {
17514
- this.#extensions.set("permessage-deflate", new PerMessageDeflate(extensions));
17695
+ this.#extensions.set("permessage-deflate", new PerMessageDeflate(extensions, options));
17515
17696
  }
17516
17697
  }
17517
17698
  /**
@@ -17524,6 +17705,13 @@ var require_receiver = __commonJS({
17524
17705
  this.#loop = true;
17525
17706
  this.run(callback);
17526
17707
  }
17708
+ #validatePayloadLength() {
17709
+ if (this.#maxPayloadSize > 0 && !isControlFrame(this.#info.opcode) && this.#info.payloadLength + this.#fragmentsBytes > this.#maxPayloadSize) {
17710
+ failWebsocketConnectionWithCode(this.ws, 1009, "Payload size exceeds maximum allowed size");
17711
+ return false;
17712
+ }
17713
+ return true;
17714
+ }
17527
17715
  /**
17528
17716
  * Runs whenever a new chunk is received.
17529
17717
  * Callback is called whenever there are no more chunks buffering,
@@ -17583,6 +17771,9 @@ var require_receiver = __commonJS({
17583
17771
  if (payloadLength <= 125) {
17584
17772
  this.#info.payloadLength = payloadLength;
17585
17773
  this.#state = parserStates.READ_DATA;
17774
+ if (!this.#validatePayloadLength()) {
17775
+ return;
17776
+ }
17586
17777
  } else if (payloadLength === 126) {
17587
17778
  this.#state = parserStates.PAYLOADLENGTH_16;
17588
17779
  } else if (payloadLength === 127) {
@@ -17603,19 +17794,25 @@ var require_receiver = __commonJS({
17603
17794
  const buffer = this.consume(2);
17604
17795
  this.#info.payloadLength = buffer.readUInt16BE(0);
17605
17796
  this.#state = parserStates.READ_DATA;
17797
+ if (!this.#validatePayloadLength()) {
17798
+ return;
17799
+ }
17606
17800
  } else if (this.#state === parserStates.PAYLOADLENGTH_64) {
17607
17801
  if (this.#byteOffset < 8) {
17608
17802
  return callback();
17609
17803
  }
17610
17804
  const buffer = this.consume(8);
17611
17805
  const upper = buffer.readUInt32BE(0);
17612
- if (upper > 2 ** 31 - 1) {
17806
+ const lower = buffer.readUInt32BE(4);
17807
+ if (upper !== 0 || lower > 2 ** 31 - 1) {
17613
17808
  failWebsocketConnection(this.ws, "Received payload length > 2^31 bytes.");
17614
17809
  return;
17615
17810
  }
17616
- const lower = buffer.readUInt32BE(4);
17617
- this.#info.payloadLength = (upper << 8) + lower;
17811
+ this.#info.payloadLength = lower;
17618
17812
  this.#state = parserStates.READ_DATA;
17813
+ if (!this.#validatePayloadLength()) {
17814
+ return;
17815
+ }
17619
17816
  } else if (this.#state === parserStates.READ_DATA) {
17620
17817
  if (this.#byteOffset < this.#info.payloadLength) {
17621
17818
  return callback();
@@ -17626,32 +17823,46 @@ var require_receiver = __commonJS({
17626
17823
  this.#state = parserStates.INFO;
17627
17824
  } else {
17628
17825
  if (!this.#info.compressed) {
17629
- this.#fragments.push(body);
17826
+ if (!this.writeFragments(body)) {
17827
+ return;
17828
+ }
17829
+ if (this.#maxPayloadSize > 0 && this.#fragmentsBytes > this.#maxPayloadSize) {
17830
+ failWebsocketConnectionWithCode(this.ws, 1009, new MessageSizeExceededError().message);
17831
+ return;
17832
+ }
17630
17833
  if (!this.#info.fragmented && this.#info.fin) {
17631
- const fullMessage = Buffer.concat(this.#fragments);
17632
- websocketMessageReceived(this.ws, this.#info.binaryType, fullMessage);
17633
- this.#fragments.length = 0;
17834
+ websocketMessageReceived(this.ws, this.#info.binaryType, this.consumeFragments());
17634
17835
  }
17635
17836
  this.#state = parserStates.INFO;
17636
17837
  } else {
17637
- this.#extensions.get("permessage-deflate").decompress(body, this.#info.fin, (error, data) => {
17638
- if (error) {
17639
- closeWebSocketConnection(this.ws, 1007, error.message, error.message.length);
17640
- return;
17641
- }
17642
- this.#fragments.push(data);
17643
- if (!this.#info.fin) {
17644
- this.#state = parserStates.INFO;
17838
+ this.#extensions.get("permessage-deflate").decompress(
17839
+ body,
17840
+ this.#info.fin,
17841
+ (error, data) => {
17842
+ if (error) {
17843
+ const code = error instanceof MessageSizeExceededError ? 1009 : 1007;
17844
+ failWebsocketConnectionWithCode(this.ws, code, error.message);
17845
+ return;
17846
+ }
17847
+ if (!this.writeFragments(data)) {
17848
+ return;
17849
+ }
17850
+ if (this.#maxPayloadSize > 0 && this.#fragmentsBytes > this.#maxPayloadSize) {
17851
+ failWebsocketConnectionWithCode(this.ws, 1009, new MessageSizeExceededError().message);
17852
+ return;
17853
+ }
17854
+ if (!this.#info.fin) {
17855
+ this.#state = parserStates.INFO;
17856
+ this.#loop = true;
17857
+ this.run(callback);
17858
+ return;
17859
+ }
17860
+ websocketMessageReceived(this.ws, this.#info.binaryType, this.consumeFragments());
17645
17861
  this.#loop = true;
17862
+ this.#state = parserStates.INFO;
17646
17863
  this.run(callback);
17647
- return;
17648
17864
  }
17649
- websocketMessageReceived(this.ws, this.#info.binaryType, Buffer.concat(this.#fragments));
17650
- this.#loop = true;
17651
- this.#state = parserStates.INFO;
17652
- this.#fragments.length = 0;
17653
- this.run(callback);
17654
- });
17865
+ );
17655
17866
  this.#loop = false;
17656
17867
  break;
17657
17868
  }
@@ -17694,6 +17905,26 @@ var require_receiver = __commonJS({
17694
17905
  this.#byteOffset -= n;
17695
17906
  return buffer;
17696
17907
  }
17908
+ writeFragments(fragment) {
17909
+ if (this.#maxFragments > 0 && this.#fragments.length === this.#maxFragments) {
17910
+ failWebsocketConnectionWithCode(this.ws, 1008, "Too many message fragments");
17911
+ return false;
17912
+ }
17913
+ this.#fragmentsBytes += fragment.length;
17914
+ this.#fragments.push(fragment);
17915
+ return true;
17916
+ }
17917
+ consumeFragments() {
17918
+ const fragments = this.#fragments;
17919
+ if (fragments.length === 1) {
17920
+ this.#fragmentsBytes = 0;
17921
+ return fragments.shift();
17922
+ }
17923
+ const output = Buffer.concat(fragments, this.#fragmentsBytes);
17924
+ this.#fragments = [];
17925
+ this.#fragmentsBytes = 0;
17926
+ return output;
17927
+ }
17697
17928
  parseCloseBody(data) {
17698
17929
  assert(data.length !== 1);
17699
17930
  let code;
@@ -18141,7 +18372,13 @@ var require_websocket = __commonJS({
18141
18372
  */
18142
18373
  #onConnectionEstablished(response, parsedExtensions) {
18143
18374
  this[kResponse] = response;
18144
- const parser = new ByteParser(this, parsedExtensions);
18375
+ const webSocketOptions = this[kController]?.dispatcher?.webSocketOptions;
18376
+ const maxFragments = webSocketOptions?.maxFragments;
18377
+ const maxPayloadSize = webSocketOptions?.maxPayloadSize;
18378
+ const parser = new ByteParser(this, parsedExtensions, {
18379
+ maxFragments,
18380
+ maxPayloadSize
18381
+ });
18145
18382
  parser.on("drain", onParserDrain);
18146
18383
  parser.on("error", onParserError.bind(this));
18147
18384
  response.socket.ws = this;
@@ -18968,213 +19205,18 @@ var require_undici = __commonJS({
18968
19205
  }
18969
19206
  });
18970
19207
 
18971
- // packages/core/src/core/tokenLimits.ts
18972
- init_esbuild_shims();
18973
- var DEFAULT_TOKEN_LIMIT = 131072;
18974
- var DEFAULT_OUTPUT_TOKEN_LIMIT = 32e3;
18975
- var ESCALATED_MAX_TOKENS = 64e3;
18976
- function parsePositiveIntegerEnvValue(raw) {
18977
- if (raw === void 0) return void 0;
18978
- const trimmed = raw.trim();
18979
- if (!/^\d+$/.test(trimmed)) return void 0;
18980
- const parsed = Number(trimmed);
18981
- if (!Number.isSafeInteger(parsed) || parsed <= 0) return void 0;
18982
- return parsed;
18983
- }
18984
- __name(parsePositiveIntegerEnvValue, "parsePositiveIntegerEnvValue");
18985
- var LIMITS = {
18986
- "32k": 32768,
18987
- "64k": 65536,
18988
- "128k": 131072,
18989
- "192k": 196608,
18990
- // MiniMax-M2.5 context window
18991
- "200k": 2e5,
18992
- // vendor-declared decimal, used by OpenAI, Anthropic, etc.
18993
- "256k": 262144,
18994
- "272k": 272e3,
18995
- // vendor-declared decimal, GPT-5.x input (400K total - 128K output)
18996
- "384k": 384e3,
18997
- // vendor-declared decimal, DeepSeek V4 max output
18998
- "400k": 4e5,
18999
- // vendor-declared decimal, used by OpenAI GPT-5.x
19000
- "512k": 524288,
19001
- "1m": 1e6,
19002
- // Output token limits (typically much smaller than input limits)
19003
- "4k": 4096,
19004
- "8k": 8192,
19005
- "16k": 16384
19006
- };
19007
- function normalize(model) {
19008
- let s = (model ?? "").toLowerCase().trim();
19009
- s = s.replace(/^.*\//, "");
19010
- s = s.split("|").pop() ?? s;
19011
- s = s.split(":").pop() ?? s;
19012
- s = s.replace(/\s+/g, "-");
19013
- s = s.replace(/-preview/g, "");
19014
- if (!s.match(/^qwen-(?:plus|flash|vl-max)-latest$/) && !s.match(/^kimi-k2-\d{4}$/)) {
19015
- s = s.replace(
19016
- /-(?:\d{4,}|\d+x\d+b|v\d+(?:\.\d+)*|(?<=-[^-]+-)\d+(?:\.\d+)+|latest|exp)$/g,
19017
- ""
19018
- );
19019
- }
19020
- s = s.replace(/-(?:\d?bit|int[48]|bf16|fp16|q[45]|quantized)$/g, "");
19021
- return s;
19022
- }
19023
- __name(normalize, "normalize");
19024
- var PATTERNS = [
19025
- // -------------------
19026
- // Google Gemini
19027
- // -------------------
19028
- [/^gemini-3/, LIMITS["1m"]],
19029
- // Gemini 3.x (Pro, Flash, 3.1, etc.): 1M
19030
- [/^gemini-/, LIMITS["1m"]],
19031
- // Gemini fallback (1.5, 2.x): 1M
19032
- // -------------------
19033
- // OpenAI
19034
- // -------------------
19035
- [/^gpt-5/, LIMITS["272k"]],
19036
- // GPT-5.x: 272K input (400K total - 128K output)
19037
- [/^gpt-/, LIMITS["128k"]],
19038
- // GPT fallback (4o, 4.1, etc.): 128K
19039
- [/^o\d/, LIMITS["200k"]],
19040
- // o-series (o3, o4-mini, etc.): 200K
19041
- // -------------------
19042
- // Anthropic Claude
19043
- // -------------------
19044
- [/^claude-/, LIMITS["200k"]],
19045
- // All Claude models: 200K
19046
- // -------------------
19047
- // Alibaba / Qwen
19048
- // -------------------
19049
- // Commercial API models (1,000,000 context)
19050
- [/^qwen3-coder-plus/, LIMITS["1m"]],
19051
- [/^qwen3-coder-flash/, LIMITS["1m"]],
19052
- [/^qwen3\.\d/, LIMITS["1m"]],
19053
- [/^qwen-plus-latest$/, LIMITS["1m"]],
19054
- [/^qwen-flash-latest$/, LIMITS["1m"]],
19055
- [/^coder-model$/, LIMITS["1m"]],
19056
- // Commercial API models (256K context)
19057
- [/^qwen3-max/, LIMITS["256k"]],
19058
- // Open-source Qwen3 variants: 256K native
19059
- [/^qwen3-coder-/, LIMITS["256k"]],
19060
- // Qwen fallback (VL, turbo, plus, 2.5, etc.): 128K
19061
- [/^qwen/, LIMITS["256k"]],
19062
- // -------------------
19063
- // DeepSeek
19064
- // -------------------
19065
- [/^deepseek-v4/, LIMITS["1m"]],
19066
- // DeepSeek V4 (flash, pro): 1M
19067
- [/^deepseek/, LIMITS["128k"]],
19068
- // -------------------
19069
- // Zhipu GLM
19070
- // -------------------
19071
- // 1M context is the forward default for new GLM releases (GLM-5.2+, GLM-6.x,
19072
- // and beyond) so they need no future code change. Confirmed 200K families
19073
- // (GLM-5 / 5.0 / 5.1, GLM-4.x and older) are pinned explicitly first.
19074
- [/^glm-5(\.[01])?(-|$)/, 202752],
19075
- // GLM-5 / 5.0 / 5.1: 200K
19076
- [/^glm-(?:[5-9]|\d{2,})/, LIMITS["1m"]],
19077
- // GLM-5.2+, 6.x..9.x, 10.x+: 1M
19078
- [/^glm-/, 202752],
19079
- // GLM <=4.x / non-numeric fallback: 200K
19080
- // -------------------
19081
- // MiniMax
19082
- // -------------------
19083
- [/^minimax-m3/i, LIMITS["1m"]],
19084
- // MiniMax-M3: 1,000,000
19085
- [/^minimax-m2\.5/i, LIMITS["192k"]],
19086
- // MiniMax-M2.5: 196,608
19087
- [/^minimax-/i, LIMITS["200k"]],
19088
- // MiniMax fallback: 200K
19089
- // -------------------
19090
- // Moonshot / Kimi
19091
- // -------------------
19092
- [/^kimi-/, LIMITS["256k"]],
19093
- // Kimi fallback: 256K
19094
- // -------------------
19095
- // ByteDance Seed-OSS (512K)
19096
- // -------------------
19097
- [/^seed-oss/, LIMITS["512k"]]
19098
- ];
19099
- var OUTPUT_PATTERNS = [
19100
- // Google Gemini
19101
- [/^gemini-3/, LIMITS["64k"]],
19102
- // Gemini 3.x: 64K
19103
- [/^gemini-/, LIMITS["8k"]],
19104
- // Gemini fallback: 8K
19105
- // OpenAI
19106
- [/^gpt-5/, LIMITS["128k"]],
19107
- // GPT-5.x: 128K
19108
- [/^gpt-/, LIMITS["16k"]],
19109
- // GPT fallback: 16K
19110
- [/^o\d/, LIMITS["128k"]],
19111
- // o-series: 128K
19112
- // Anthropic Claude
19113
- [/^claude-opus-4-6/, LIMITS["128k"]],
19114
- // Opus 4.6: 128K
19115
- [/^claude-sonnet-4-6/, LIMITS["64k"]],
19116
- // Sonnet 4.6: 64K
19117
- [/^claude-/, LIMITS["64k"]],
19118
- // Claude fallback: 64K
19119
- // Alibaba / Qwen
19120
- [/^qwen3\.\d/, LIMITS["64k"]],
19121
- [/^coder-model$/, LIMITS["64k"]],
19122
- [/^qwen/, LIMITS["32k"]],
19123
- // Qwen fallback (VL, turbo, plus, etc.): 32K
19124
- // DeepSeek
19125
- [/^deepseek-v4/, LIMITS["384k"]],
19126
- // DeepSeek V4 (flash, pro): 384K
19127
- [/^deepseek-reasoner/, LIMITS["64k"]],
19128
- [/^deepseek-r1/, LIMITS["64k"]],
19129
- [/^deepseek-chat/, LIMITS["8k"]],
19130
- // Zhipu GLM
19131
- [/^glm-5(?:\.\d+)?(?:-|$)/, LIMITS["128k"]],
19132
- [/^glm-4\.7/, LIMITS["16k"]],
19133
- // MiniMax
19134
- [/^minimax-m2\.5/i, LIMITS["64k"]],
19135
- // Kimi
19136
- [/^kimi-k2\.5/, LIMITS["32k"]]
19137
- ];
19138
- function findTokenLimit(model, type = "input") {
19139
- const norm = normalize(model);
19140
- const patterns = type === "output" ? OUTPUT_PATTERNS : PATTERNS;
19141
- for (const [regex, limit] of patterns) {
19142
- if (regex.test(norm)) {
19143
- return limit;
19144
- }
19145
- }
19146
- return void 0;
19147
- }
19148
- __name(findTokenLimit, "findTokenLimit");
19149
- function hasExplicitOutputLimit(model) {
19150
- const norm = normalize(model);
19151
- return OUTPUT_PATTERNS.some(([regex]) => regex.test(norm));
19152
- }
19153
- __name(hasExplicitOutputLimit, "hasExplicitOutputLimit");
19154
- function knownTokenLimit(model, type = "input") {
19155
- return findTokenLimit(model, type);
19156
- }
19157
- __name(knownTokenLimit, "knownTokenLimit");
19158
- function tokenLimit(model, type = "input") {
19159
- return knownTokenLimit(model, type) ?? (type === "output" ? DEFAULT_OUTPUT_TOKEN_LIMIT : DEFAULT_TOKEN_LIMIT);
19160
- }
19161
- __name(tokenLimit, "tokenLimit");
19162
-
19163
- // packages/core/src/core/openaiContentGenerator/constants.ts
19164
- init_esbuild_shims();
19165
- var DEFAULT_TIMEOUT = 12e4;
19166
- var DEFAULT_STREAM_IDLE_TIMEOUT_MS = 12e4;
19167
- var QWEN_STREAM_IDLE_TIMEOUT_MS_ENV = "QWEN_STREAM_IDLE_TIMEOUT_MS";
19168
- var MAX_STREAM_IDLE_TIMEOUT_MS = 2147483647;
19169
- var DEFAULT_MAX_RETRIES = 3;
19170
- var DEFAULT_OPENAI_BASE_URL = "https://api.openai.com/v1";
19171
- var DEFAULT_DASHSCOPE_BASE_URL = "https://dashscope.aliyuncs.com/compatible-mode/v1";
19172
- var DASHSCOPE_PROXY_BASE_URL = process.env["DASHSCOPE_PROXY_BASE_URL"];
19173
-
19174
19208
  // packages/core/src/utils/runtimeFetchOptions.ts
19175
19209
  init_esbuild_shims();
19176
19210
  var import_undici = __toESM(require_undici(), 1);
19177
19211
  var debugLogger = createDebugLogger("RUNTIME_FETCH");
19212
+ function isTlsVerificationDisabled() {
19213
+ const flag = process.env["QWEN_TLS_INSECURE"];
19214
+ if (flag !== void 0 && /^(1|true|yes|on)$/i.test(flag.trim())) {
19215
+ return true;
19216
+ }
19217
+ return process.env["NODE_TLS_REJECT_UNAUTHORIZED"] === "0";
19218
+ }
19219
+ __name(isTlsVerificationDisabled, "isTlsVerificationDisabled");
19178
19220
  function detectRuntime() {
19179
19221
  if (typeof process !== "undefined" && process.versions?.["bun"]) {
19180
19222
  return "bun";
@@ -19224,8 +19266,9 @@ var NO_DISPATCHER_FALLBACK = {
19224
19266
  openai: void 0,
19225
19267
  anthropic: {}
19226
19268
  };
19227
- function getOrCreateSharedDispatcher(proxyUrl) {
19228
- const cached = dispatcherCache.get(proxyUrl);
19269
+ function getOrCreateSharedDispatcher(proxyUrl, insecure = isTlsVerificationDisabled()) {
19270
+ const cacheKey = insecure ? `${proxyUrl}#insecure` : proxyUrl;
19271
+ const cached = dispatcherCache.get(cacheKey);
19229
19272
  if (cached) {
19230
19273
  return cached;
19231
19274
  }
@@ -19233,9 +19276,16 @@ function getOrCreateSharedDispatcher(proxyUrl) {
19233
19276
  uri: proxyUrl,
19234
19277
  headersTimeout: 0,
19235
19278
  bodyTimeout: 0,
19236
- keepAliveTimeout: 6e4
19279
+ keepAliveTimeout: 6e4,
19280
+ // For a ProxyAgent the upstream (origin) TLS handshake is governed by
19281
+ // `requestTls`, not `connect`; `proxyTls` covers an HTTPS proxy whose own
19282
+ // certificate is self-signed. Disable verification on both when opted in.
19283
+ ...insecure ? {
19284
+ requestTls: { rejectUnauthorized: false },
19285
+ proxyTls: { rejectUnauthorized: false }
19286
+ } : {}
19237
19287
  });
19238
- dispatcherCache.set(proxyUrl, dispatcher);
19288
+ dispatcherCache.set(cacheKey, dispatcher);
19239
19289
  return dispatcher;
19240
19290
  }
19241
19291
  __name(getOrCreateSharedDispatcher, "getOrCreateSharedDispatcher");
@@ -19475,21 +19525,25 @@ function recordProxyFailure(hostname) {
19475
19525
  }
19476
19526
  __name(recordProxyFailure, "recordProxyFailure");
19477
19527
  function buildFetchOptionsWithDispatcher(sdkType, proxyUrl) {
19528
+ const insecure = isTlsVerificationDisabled();
19478
19529
  if (!proxyUrl) {
19479
- const NO_PROXY_KEY = "__no_proxy__";
19530
+ const NO_PROXY_KEY = insecure ? "__no_proxy__#insecure" : "__no_proxy__";
19480
19531
  let dispatcher = dispatcherCache.get(NO_PROXY_KEY);
19481
19532
  if (!dispatcher) {
19482
19533
  dispatcher = new import_undici.Agent({
19483
19534
  headersTimeout: 0,
19484
19535
  bodyTimeout: 0,
19485
- keepAliveTimeout: 6e4
19536
+ keepAliveTimeout: 6e4,
19537
+ // For a direct (non-proxy) Agent, `connect` options flow straight to
19538
+ // the TLS connector, so this disables upstream cert verification.
19539
+ ...insecure ? { connect: { rejectUnauthorized: false } } : {}
19486
19540
  });
19487
19541
  dispatcherCache.set(NO_PROXY_KEY, dispatcher);
19488
19542
  }
19489
19543
  return { fetchOptions: { dispatcher }, fetch: import_undici.fetch };
19490
19544
  }
19491
19545
  try {
19492
- const dispatcher = getOrCreateSharedDispatcher(proxyUrl);
19546
+ const dispatcher = getOrCreateSharedDispatcher(proxyUrl, insecure);
19493
19547
  return { fetchOptions: { dispatcher }, fetch: import_undici.fetch };
19494
19548
  } catch (error) {
19495
19549
  const hostname = extractHostnameFromProxyUrl(proxyUrl);
@@ -19505,118 +19559,20 @@ function buildFetchOptionsWithDispatcher(sdkType, proxyUrl) {
19505
19559
  }
19506
19560
  __name(buildFetchOptionsWithDispatcher, "buildFetchOptionsWithDispatcher");
19507
19561
 
19508
- // packages/core/src/utils/request-tokenizer/textTokenizer.ts
19509
- init_esbuild_shims();
19510
- var TextTokenizer = class {
19511
- static {
19512
- __name(this, "TextTokenizer");
19513
- }
19514
- /**
19515
- * Calculate tokens for text content
19516
- *
19517
- * @param text - The text to estimate tokens for
19518
- * @returns The estimated token count
19519
- */
19520
- async calculateTokens(text) {
19521
- return this.calculateTokensSync(text);
19522
- }
19523
- /**
19524
- * Calculate tokens for multiple text strings
19525
- *
19526
- * @param texts - Array of text strings to estimate tokens for
19527
- * @returns Array of token counts corresponding to each input text
19528
- */
19529
- async calculateTokensBatch(texts) {
19530
- return texts.map((text) => this.calculateTokensSync(text));
19531
- }
19532
- calculateTokensSync(text) {
19533
- if (!text || text.length === 0) {
19534
- return 0;
19535
- }
19536
- let asciiChars = 0;
19537
- let nonAsciiChars = 0;
19538
- for (let i = 0; i < text.length; i++) {
19539
- const charCode = text.charCodeAt(i);
19540
- if (charCode < 128) {
19541
- asciiChars++;
19542
- } else {
19543
- nonAsciiChars++;
19544
- }
19545
- }
19546
- const tokens = asciiChars / 4 + nonAsciiChars * 1.1;
19547
- return Math.ceil(tokens);
19548
- }
19549
- };
19550
-
19551
- // packages/core/src/utils/request-tokenizer/supportedImageFormats.ts
19552
- init_esbuild_shims();
19553
- var SUPPORTED_IMAGE_MIME_TYPES = [
19554
- "image/bmp",
19555
- "image/gif",
19556
- "image/jpeg",
19557
- "image/jpg",
19558
- // Alternative MIME type for JPEG
19559
- "image/png",
19560
- "image/tiff",
19561
- "image/webp",
19562
- "image/heic"
19563
- ];
19564
- function isSupportedImageMimeType(mimeType) {
19565
- return SUPPORTED_IMAGE_MIME_TYPES.includes(
19566
- mimeType
19567
- );
19568
- }
19569
- __name(isSupportedImageMimeType, "isSupportedImageMimeType");
19570
- function getSupportedImageFormatsString() {
19571
- return SUPPORTED_IMAGE_MIME_TYPES.map(
19572
- (type) => type.replace("image/", "").toUpperCase()
19573
- ).join(", ");
19574
- }
19575
- __name(getSupportedImageFormatsString, "getSupportedImageFormatsString");
19576
- function getUnsupportedImageFormatWarning() {
19577
- return `Only the following image formats are supported: ${getSupportedImageFormatsString()}. Other formats may not work as expected.`;
19578
- }
19579
- __name(getUnsupportedImageFormatWarning, "getUnsupportedImageFormatWarning");
19580
-
19581
19562
  export {
19582
19563
  require_undici,
19583
- DEFAULT_TOKEN_LIMIT,
19584
- DEFAULT_OUTPUT_TOKEN_LIMIT,
19585
- ESCALATED_MAX_TOKENS,
19586
- parsePositiveIntegerEnvValue,
19587
- normalize,
19588
- hasExplicitOutputLimit,
19589
- knownTokenLimit,
19590
- tokenLimit,
19591
- DEFAULT_TIMEOUT,
19592
- DEFAULT_STREAM_IDLE_TIMEOUT_MS,
19593
- QWEN_STREAM_IDLE_TIMEOUT_MS_ENV,
19594
- MAX_STREAM_IDLE_TIMEOUT_MS,
19595
- DEFAULT_MAX_RETRIES,
19596
- DEFAULT_OPENAI_BASE_URL,
19597
- DEFAULT_DASHSCOPE_BASE_URL,
19598
- DASHSCOPE_PROXY_BASE_URL,
19564
+ isTlsVerificationDisabled,
19599
19565
  detectRuntime,
19600
19566
  buildRuntimeFetchOptions,
19601
19567
  getOrCreateSharedDispatcher,
19602
19568
  redactProxyCredentials,
19603
- redactProxyError,
19604
- TextTokenizer,
19605
- SUPPORTED_IMAGE_MIME_TYPES,
19606
- isSupportedImageMimeType,
19607
- getSupportedImageFormatsString,
19608
- getUnsupportedImageFormatWarning
19569
+ redactProxyError
19609
19570
  };
19610
19571
  /**
19611
19572
  * @license
19612
19573
  * Copyright 2025 Qwen Team
19613
19574
  * SPDX-License-Identifier: Apache-2.0
19614
19575
  */
19615
- /**
19616
- * @license
19617
- * Copyright 2025 Qwen
19618
- * SPDX-License-Identifier: Apache-2.0
19619
- */
19620
19576
  /*! Bundled license information:
19621
19577
 
19622
19578
  undici/lib/web/fetch/body.js: