@qwen-code/qwen-code 0.19.7-nightly.20260708.394c1a289 → 0.19.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (228) hide show
  1. package/bundled/qc-helper/docs/features/channels/overview.md +6 -3
  2. package/bundled/qc-helper/docs/features/channels/plugins.md +1 -0
  3. package/bundled/qc-helper/docs/features/hooks.md +36 -34
  4. package/bundled/qc-helper/docs/features/memory.md +1 -1
  5. package/bundled/qc-helper/docs/qwen-serve.md +17 -10
  6. package/bundled/review/SKILL.md +6 -2
  7. package/chunks/{MaxSizedBox-XS37LWTD.js → MaxSizedBox-5DT2SD7B.js} +7 -7
  8. package/chunks/{StandaloneSessionPicker-LPALJTKN.js → StandaloneSessionPicker-EYRGH6PJ.js} +23 -21
  9. package/chunks/{acpAgent-4VE3FGJX.js → acpAgent-GRFTTRHW.js} +74 -69
  10. package/chunks/{agent-CCHERW6L.js → agent-H2DGKS77.js} +4 -4
  11. package/chunks/{agent-headless-55N6UBUU.js → agent-headless-KFMFIT6J.js} +4 -4
  12. package/chunks/{anthropicContentGenerator-AKYPSZIV.js → anthropicContentGenerator-CPF22MA7.js} +28 -1
  13. package/chunks/{bridge-U6HXOHE7.js → bridge-NA3ZQQKJ.js} +11 -10
  14. package/chunks/{ca-HCMB2I54.js → ca-MKD32FQL.js} +26 -1
  15. package/chunks/{channel-worker-supervisor-CRCVYQIE.js → channel-worker-supervisor-NZQUOEFJ.js} +3 -3
  16. package/chunks/{chunk-J43WPR6U.js → chunk-27BHARDE.js} +8 -8
  17. package/chunks/{chunk-KKWO4IX2.js → chunk-2EM7ECZD.js} +251 -71
  18. package/chunks/{chunk-E7HM76PR.js → chunk-3GNOQZDC.js} +1562 -1025
  19. package/chunks/{chunk-G7ZG7CA6.js → chunk-3UP777ZS.js} +8 -7
  20. package/chunks/{chunk-VEB3NYSO.js → chunk-5MBO76SL.js} +5 -0
  21. package/chunks/{chunk-N74BA4VP.js → chunk-6VK6FIMQ.js} +1 -1
  22. package/chunks/{chunk-2FHWCKWA.js → chunk-A5JOJ77H.js} +35 -14
  23. package/chunks/{chunk-PLGONYEL.js → chunk-AYNCLGTW.js} +5 -5
  24. package/chunks/{chunk-K34DD7FH.js → chunk-BOBOCR5H.js} +4 -3
  25. package/chunks/chunk-BOBRZZKD.js +468 -0
  26. package/chunks/{chunk-7I4MGFBN.js → chunk-BUZ6HGL4.js} +5 -5
  27. package/chunks/{chunk-FK77ILF5.js → chunk-BVYU3ZTI.js} +2 -2
  28. package/chunks/{chunk-TBAZMRW3.js → chunk-CD6USWHZ.js} +1 -1
  29. package/chunks/{chunk-PVXPDMGP.js → chunk-CHB5SLZZ.js} +2 -2
  30. package/chunks/{chunk-SJHAUELE.js → chunk-DCZWC4PF.js} +2 -2
  31. package/chunks/{chunk-YYU6H66M.js → chunk-DHOLNQLC.js} +11 -11
  32. package/chunks/{chunk-MOQOAH7N.js → chunk-DICGXFAI.js} +1 -1
  33. package/chunks/{chunk-KT3SI3CQ.js → chunk-DIWVZ3VM.js} +8 -8
  34. package/chunks/{chunk-2DYY5XUZ.js → chunk-E7EMCSUG.js} +1 -1
  35. package/chunks/{chunk-XQ2GVLNJ.js → chunk-EEN2TKST.js} +1 -1
  36. package/chunks/{chunk-DNV4FSN5.js → chunk-FBET5XZ2.js} +6 -4
  37. package/chunks/{chunk-GIY6JTTC.js → chunk-FQNC62B2.js} +4 -4
  38. package/chunks/{chunk-B34OV7K2.js → chunk-GGQQA4JW.js} +13 -0
  39. package/chunks/chunk-GLE2YUPU.js +34 -0
  40. package/chunks/{chunk-X265R5C6.js → chunk-GN3F6PIU.js} +1 -1
  41. package/chunks/{chunk-LC4SMGYY.js → chunk-GSHQYYIV.js} +45 -9
  42. package/chunks/{chunk-BGL43SJ3.js → chunk-HDOH3QYE.js} +1 -1
  43. package/chunks/{chunk-4AFOWB47.js → chunk-I6WGFJJ3.js} +63 -4
  44. package/chunks/{chunk-2NPS2UDH.js → chunk-IBY3Q3HG.js} +390 -9
  45. package/chunks/{chunk-AXTPFMRS.js → chunk-J7RCB6N5.js} +1 -1
  46. package/chunks/{chunk-QCSLZO6J.js → chunk-JCH35JB3.js} +1 -1
  47. package/chunks/{chunk-JYOWO2F7.js → chunk-JPALE3PA.js} +3 -3
  48. package/chunks/{chunk-5FL2K3ZB.js → chunk-JRQ7EVGE.js} +1 -1
  49. package/chunks/{chunk-BHRU4SDF.js → chunk-JZHIQJOE.js} +3 -3
  50. package/chunks/{chunk-FB2ULV4M.js → chunk-L46XKEGM.js} +14 -153
  51. package/chunks/{chunk-LKXDC3AW.js → chunk-L4AMBVQG.js} +9 -9
  52. package/chunks/{chunk-ME344634.js → chunk-LAXNEOBG.js} +1 -1
  53. package/chunks/{chunk-QHT5USLK.js → chunk-M7S4GK5Z.js} +66 -445
  54. package/chunks/{chunk-4RQIB5UZ.js → chunk-O2YT7VB4.js} +0 -34
  55. package/chunks/{chunk-TBLJNMI7.js → chunk-O33TBKDC.js} +10 -10
  56. package/chunks/chunk-O7FIRWJV.js +168 -0
  57. package/chunks/{chunk-4KJ2BPIT.js → chunk-OACJLMLD.js} +2 -38
  58. package/chunks/{chunk-CR5IU2RX.js → chunk-ON3JA3RU.js} +2 -2
  59. package/chunks/{chunk-VTCPREC7.js → chunk-OQXDAMKY.js} +3 -3
  60. package/chunks/{chunk-ELMPRVCB.js → chunk-P3XEEI3X.js} +1 -1
  61. package/chunks/{chunk-OU6FPTJZ.js → chunk-PMFULMLX.js} +296 -81
  62. package/chunks/{chunk-2YELHTUE.js → chunk-PUVCVELY.js} +1 -1
  63. package/chunks/{chunk-5OSSOBZC.js → chunk-RMLZAUWH.js} +4 -4
  64. package/chunks/{chunk-B6WUEODT.js → chunk-SQ2UATK7.js} +14 -8
  65. package/chunks/{chunk-TEYGKLIZ.js → chunk-TI3BWD4D.js} +1 -1
  66. package/chunks/{chunk-T2EJHSE3.js → chunk-TSPB77TG.js} +57 -35
  67. package/chunks/{chunk-L7IWK7JY.js → chunk-UX6OTBVD.js} +1 -1
  68. package/chunks/{chunk-XUSONNJ4.js → chunk-UXEW557D.js} +1 -1
  69. package/chunks/chunk-V35MD7KN.js +13 -0
  70. package/chunks/{chunk-B5FOCTEZ.js → chunk-VGGOPZUL.js} +6 -5
  71. package/chunks/{chunk-MYZWWRVW.js → chunk-WF4FAXDL.js} +2 -2
  72. package/chunks/{chunk-2SWMCXVR.js → chunk-WHJQ3JUS.js} +20 -8
  73. package/chunks/{chunk-VQJ64BIQ.js → chunk-WQTHLB5T.js} +3 -3
  74. package/chunks/chunk-XNXVCNAT.js +88 -0
  75. package/chunks/{chunk-TDGF35EN.js → chunk-XOHNA2S6.js} +1 -1
  76. package/chunks/{chunk-ZK5EI6NR.js → chunk-XYR5RUA5.js} +14 -5
  77. package/chunks/{chunk-YMWIKAEE.js → chunk-YDOXPLYL.js} +244 -47
  78. package/chunks/{chunk-UZCT5OLN.js → chunk-YHKAK72D.js} +11 -11
  79. package/chunks/{chunk-RFIL6REB.js → chunk-YKZIAK7C.js} +119 -29
  80. package/chunks/chunk-Z3I3QJK3.js +47 -0
  81. package/chunks/{chunk-3QDZDAJG.js → chunk-ZE6E424U.js} +1 -1
  82. package/chunks/chunk-ZL5HN75Q.js +61 -0
  83. package/chunks/{computer-use-4CTF6WS3.js → computer-use-WMY3UOBX.js} +4 -4
  84. package/chunks/{contextCommand-Z3XWQCY6.js → contextCommand-LXFZRP4L.js} +6 -6
  85. package/chunks/{daemon-F3I2RXP6.js → daemon-WPAENEBW.js} +48 -0
  86. package/chunks/{daemon-status-provider-6A4QCG6Q.js → daemon-status-provider-GJRXY5EN.js} +15 -13
  87. package/chunks/{de-PLLFDERI.js → de-ZFPPQVSF.js} +26 -1
  88. package/chunks/{dist-IMFFBMAT.js → dist-BEXOZXLQ.js} +1 -1
  89. package/chunks/{dist-OT7G2WNM.js → dist-E6UANPIM.js} +1 -1
  90. package/chunks/{dist-FQ5WRJPL.js → dist-H2AEJCZ5.js} +2 -2
  91. package/chunks/{dist-YTRKAVUB.js → dist-O2IRTRPP.js} +1 -1
  92. package/chunks/{dist-573HNSVO.js → dist-SCFLLYMK.js} +1 -1
  93. package/chunks/{dist-PKFTNUHO.js → dist-Z34QPAQW.js} +1 -1
  94. package/chunks/{earlyInputCapture-7O47HW62.js → earlyInputCapture-KNOYZ4MJ.js} +4 -4
  95. package/chunks/{edit-E32KWLF2.js → edit-OTYWAXGP.js} +5 -5
  96. package/chunks/{en-GA2RMXY5.js → en-N4EPZAQI.js} +26 -1
  97. package/chunks/{enter-worktree-ZKFFMHUD.js → enter-worktree-HNYBDVCX.js} +4 -4
  98. package/chunks/{enterPlanMode-HLDC6NGX.js → enterPlanMode-CJCNGT63.js} +4 -4
  99. package/chunks/environment-ATFTYMLZ.js +88 -0
  100. package/chunks/{errors-MTIDDXX7.js → errors-A54HAADA.js} +6 -6
  101. package/chunks/{exit-worktree-YHY72XA2.js → exit-worktree-DUUKOE3X.js} +4 -4
  102. package/chunks/{exitPlanMode-JNXKBZ2C.js → exitPlanMode-AMMSXOAJ.js} +4 -4
  103. package/chunks/{fast-path-DVAGBROV.js → fast-path-OV6NIP3K.js} +12 -3
  104. package/chunks/{fast-path-settings-RCRXH2JG.js → fast-path-settings-7RIFI3PK.js} +3 -2
  105. package/chunks/{fr-GWNQG4XH.js → fr-5WWMY53B.js} +26 -1
  106. package/chunks/{gemini-2TMHJVRC.js → gemini-NQ3WWBKB.js} +431 -135
  107. package/chunks/{geminiContentGenerator-WCH4GWD3.js → geminiContentGenerator-CDUNEJQE.js} +1 -1
  108. package/chunks/{glob-I6Y4AGKO.js → glob-ROV3YS4R.js} +4 -4
  109. package/chunks/{grep-3P2J3LU5.js → grep-NRITKDCD.js} +4 -4
  110. package/chunks/{handleAutoUpdate-4IVRMRG4.js → handleAutoUpdate-CEZJAARW.js} +6 -6
  111. package/chunks/{initializer-DVNCPVTC.js → initializer-BRFJKRRX.js} +11 -9
  112. package/chunks/{ja-2HOTA47X.js → ja-CUHZOLEJ.js} +26 -1
  113. package/chunks/{list-4D6QK2KZ.js → list-KVHF7O4X.js} +13 -11
  114. package/chunks/{loadedSettingsAdapter-GNGELH6Q.js → loadedSettingsAdapter-LL5PSFKX.js} +11 -9
  115. package/chunks/{ls-L654WOAT.js → ls-7MFU2QYW.js} +1 -1
  116. package/chunks/{lsp-M35KE54Y.js → lsp-XHDTPTGV.js} +2 -4
  117. package/chunks/{mcp-2IL72YJP.js → mcp-3GCXRTOQ.js} +11 -9
  118. package/chunks/{monitor-BLVCZAVX.js → monitor-FL2ZO33W.js} +4 -4
  119. package/chunks/{nonInteractiveCli-UD3V7UOO.js → nonInteractiveCli-PTQI3DV6.js} +44 -41
  120. package/chunks/{notebook-edit-5TVMWIWY.js → notebook-edit-6PULTHL5.js} +5 -5
  121. package/chunks/{openaiContentGenerator-5LJ5A7YY.js → openaiContentGenerator-YE42PKCY.js} +3 -3
  122. package/chunks/{pidfile-AN5JQJ2T.js → pidfile-NZYSCFRK.js} +4 -4
  123. package/chunks/{pt-2THT3YHA.js → pt-OLYN42DS.js} +26 -1
  124. package/chunks/{qwenContentGenerator-E2JSB4FJ.js → qwenContentGenerator-NX2E7PB7.js} +5 -5
  125. package/chunks/{read-file-N5DEFUDU.js → read-file-33XGP5HF.js} +2 -2
  126. package/chunks/{record-artifact-PP3LKHTS.js → record-artifact-SQ2OKRJW.js} +3 -3
  127. package/chunks/{ripGrep-BLJHTHKE.js → ripGrep-QWZLGTAN.js} +4 -4
  128. package/chunks/{ru-Z67YJHBG.js → ru-LDM3GWVQ.js} +26 -1
  129. package/chunks/{run-qwen-serve-4JDO64RN.js → run-qwen-serve-JK2DL7PI.js} +596 -143
  130. package/chunks/{scheduler-FQR4XA7J.js → scheduler-O4IGVZKK.js} +4 -4
  131. package/chunks/{send-message-OA6MV4EU.js → send-message-76GT3JMC.js} +1 -1
  132. package/chunks/{serve-ZOCFC7YM.js → serve-JTMIGANH.js} +13 -10
  133. package/chunks/{server-GEOYEPYT.js → server-SGNPKX2O.js} +667 -243
  134. package/chunks/{session-NJCONHGX.js → session-5BNM25EZ.js} +45 -42
  135. package/chunks/{settings-QBGGXANI.js → settings-3MI4XXP6.js} +20 -16
  136. package/chunks/{shell-2DVPSEKT.js → shell-YJKBE67T.js} +4 -4
  137. package/chunks/{skill-HIPXUHV7.js → skill-I22QK5XS.js} +2 -2
  138. package/chunks/{spawnChannel-3JYXY52G.js → spawnChannel-UNV6W4DU.js} +6 -6
  139. package/chunks/{src-NLEX4CUC.js → src-BBQSM46M.js} +8 -4
  140. package/chunks/{startInteractiveUI-TYGZIU27.js → startInteractiveUI-JII36UGN.js} +619 -288
  141. package/chunks/{task-create-RPFZNB4B.js → task-create-WCHTB435.js} +2 -2
  142. package/chunks/{task-update-5WUG5MVQ.js → task-update-XYWMHJGJ.js} +2 -2
  143. package/chunks/{team-create-MGX57SZJ.js → team-create-A7NUU5AQ.js} +4 -4
  144. package/chunks/{team-plan-approval-BO2N7J3E.js → team-plan-approval-TOQRJ2KI.js} +4 -4
  145. package/chunks/{theme-manager-WU7LOA64.js → theme-manager-WZ4RRMMB.js} +4 -4
  146. package/chunks/{tool-search-CLBKVEVK.js → tool-search-SZ4EFS2T.js} +3 -3
  147. package/chunks/total-session-admission-ULXJWXFV.js +72 -0
  148. package/chunks/{trustedFolders-GAQM2GHB.js → trustedFolders-LAZZPZ3D.js} +5 -5
  149. package/chunks/{updateCheck-RIK2YIQE.js → updateCheck-KONLM73X.js} +5 -5
  150. package/chunks/{validateNonInterActiveAuth-NS3GBIJZ.js → validateNonInterActiveAuth-MPKSRCXD.js} +41 -38
  151. package/chunks/{version-B3RSLP54.js → version-NO2XSNNP.js} +1 -1
  152. package/chunks/{workflow-7APPIGND.js → workflow-WO2H6NRI.js} +5 -5
  153. package/chunks/{workspace-providers-status-SC67GLMY.js → workspace-providers-status-3W7E7DFW.js} +14 -11
  154. package/chunks/workspace-registry-SXJZNN3O.js +74 -0
  155. package/chunks/{workspace-service-ZJHF22WA.js → workspace-service-CZRQZ4Q4.js} +17 -15
  156. package/chunks/{workspace-skills-status-NJEK6P6Y.js → workspace-skills-status-K7WFREPD.js} +12 -10
  157. package/chunks/{write-file-R6Z3VLRY.js → write-file-PX2Z7IBE.js} +5 -5
  158. package/chunks/{zh-7XVVRTDH.js → zh-J4F6QWQV.js} +26 -1
  159. package/chunks/{zh-TW-DPH554OG.js → zh-TW-XVDWOLSW.js} +26 -1
  160. package/cli.js +11 -11
  161. package/locales/ca.js +30 -0
  162. package/locales/de.js +30 -0
  163. package/locales/en.js +30 -0
  164. package/locales/fr.js +30 -0
  165. package/locales/ja.js +30 -0
  166. package/locales/pt.js +30 -0
  167. package/locales/ru.js +30 -0
  168. package/locales/zh-TW.js +30 -0
  169. package/locales/zh.js +30 -0
  170. package/node_modules/@qwen-code/audio-capture/package.json +1 -1
  171. package/node_modules/@qwen-code/audio-capture/prebuilds/darwin-arm64/@qwen-code+audio-capture.node +0 -0
  172. package/node_modules/@qwen-code/audio-capture/prebuilds/darwin-x64/@qwen-code+audio-capture.node +0 -0
  173. package/node_modules/@qwen-code/audio-capture/prebuilds/win32-x64/@qwen-code+audio-capture.node +0 -0
  174. package/package.json +3 -3
  175. package/web-shell/assets/{arc-C7hjaa7g.js → arc-BWyoJpY2.js} +1 -1
  176. package/web-shell/assets/{architectureDiagram-3BPJPVTR-pm9KtMZY.js → architectureDiagram-3BPJPVTR-BT0mGrz2.js} +1 -1
  177. package/web-shell/assets/{blockDiagram-GPEHLZMM-CApElKsU.js → blockDiagram-GPEHLZMM-BLgUWvyf.js} +1 -1
  178. package/web-shell/assets/{c4Diagram-AAUBKEIU-BeDe0-9N.js → c4Diagram-AAUBKEIU-DYx9M7oU.js} +1 -1
  179. package/web-shell/assets/channel-wmPUGHtg.js +1 -0
  180. package/web-shell/assets/{chunk-2J33WTMH-DJEkmLdl.js → chunk-2J33WTMH-CfMHWbuZ.js} +1 -1
  181. package/web-shell/assets/{chunk-4BX2VUAB-DXX8gdpe.js → chunk-4BX2VUAB-B1URoqEV.js} +1 -1
  182. package/web-shell/assets/{chunk-55IACEB6-DORmk1kQ.js → chunk-55IACEB6-DAIaM4QF.js} +1 -1
  183. package/web-shell/assets/{chunk-727SXJPM-DWmO4mCZ.js → chunk-727SXJPM-B2X34knw.js} +1 -1
  184. package/web-shell/assets/{chunk-AQP2D5EJ-C7LRaYw2.js → chunk-AQP2D5EJ-Cif-zLTQ.js} +1 -1
  185. package/web-shell/assets/{chunk-FMBD7UC4-CCdXgyC5.js → chunk-FMBD7UC4-H18WCXdY.js} +1 -1
  186. package/web-shell/assets/{chunk-ND2GUHAM-SyL_xvWc.js → chunk-ND2GUHAM-YFtetHi0.js} +1 -1
  187. package/web-shell/assets/{chunk-QZHKN3VN-BzOuCKxa.js → chunk-QZHKN3VN-By2hiH3r.js} +1 -1
  188. package/web-shell/assets/classDiagram-4FO5ZUOK-BA2ljEjW.js +1 -0
  189. package/web-shell/assets/classDiagram-v2-Q7XG4LA2-BA2ljEjW.js +1 -0
  190. package/web-shell/assets/{cose-bilkent-S5V4N54A-BMPWyDKc.js → cose-bilkent-S5V4N54A-VrcnnLZu.js} +1 -1
  191. package/web-shell/assets/{dagre-BM42HDAG-B_GnPWik.js → dagre-BM42HDAG-CGo-IaVV.js} +1 -1
  192. package/web-shell/assets/{diagram-2AECGRRQ-fJqMc3S_.js → diagram-2AECGRRQ-Dl4QjzIB.js} +1 -1
  193. package/web-shell/assets/{diagram-5GNKFQAL-ximV3O9D.js → diagram-5GNKFQAL-qMLmsO0u.js} +1 -1
  194. package/web-shell/assets/{diagram-KO2AKTUF-2vVyjzqw.js → diagram-KO2AKTUF-CHlmuxPI.js} +1 -1
  195. package/web-shell/assets/{diagram-LMA3HP47-Dckcx1sT.js → diagram-LMA3HP47-BUwU3GwT.js} +1 -1
  196. package/web-shell/assets/{diagram-OG6HWLK6-BAVv47ga.js → diagram-OG6HWLK6-HEhwPDUM.js} +1 -1
  197. package/web-shell/assets/{erDiagram-TEJ5UH35-Bn3nf5J0.js → erDiagram-TEJ5UH35-1n0llBmM.js} +1 -1
  198. package/web-shell/assets/{flowDiagram-I6XJVG4X-BIbGF9JT.js → flowDiagram-I6XJVG4X-BN74uMnt.js} +1 -1
  199. package/web-shell/assets/{ganttDiagram-6RSMTGT7-CDbhb3AH.js → ganttDiagram-6RSMTGT7-BoOq78i3.js} +1 -1
  200. package/web-shell/assets/{gitGraphDiagram-PVQCEYII-CbKG1a_w.js → gitGraphDiagram-PVQCEYII-CN8b00c8.js} +1 -1
  201. package/web-shell/assets/index-CNwoO1Cn.js +783 -0
  202. package/web-shell/assets/index-CWQ0z6kZ.css +5 -0
  203. package/web-shell/assets/{infoDiagram-5YYISTIA-DUFxTy8m.js → infoDiagram-5YYISTIA-CCurnIna.js} +1 -1
  204. package/web-shell/assets/{ishikawaDiagram-YF4QCWOH-D69hrBG8.js → ishikawaDiagram-YF4QCWOH-AwuRqdUP.js} +1 -1
  205. package/web-shell/assets/{journeyDiagram-JHISSGLW-DsvEw51Y.js → journeyDiagram-JHISSGLW-B7IICk-E.js} +1 -1
  206. package/web-shell/assets/{kanban-definition-UN3LZRKU-lFFjZEYd.js → kanban-definition-UN3LZRKU-BYF0OKhx.js} +1 -1
  207. package/web-shell/assets/{linear-Bo5bWzvo.js → linear-GWWguGfD.js} +1 -1
  208. package/web-shell/assets/{mermaid.core-C_HKMJx5.js → mermaid.core-JqtkxvCl.js} +5 -5
  209. package/web-shell/assets/{mindmap-definition-RKZ34NQL-DlV-NUTs.js → mindmap-definition-RKZ34NQL-B0MmHsZ6.js} +1 -1
  210. package/web-shell/assets/{pieDiagram-4H26LBE5-B2e6FH2a.js → pieDiagram-4H26LBE5-DhImUZLQ.js} +1 -1
  211. package/web-shell/assets/{quadrantDiagram-W4KKPZXB-D75kSk-b.js → quadrantDiagram-W4KKPZXB-DGeSC3DT.js} +1 -1
  212. package/web-shell/assets/{requirementDiagram-4Y6WPE33-CQ6xakhM.js → requirementDiagram-4Y6WPE33-DkspY6Re.js} +1 -1
  213. package/web-shell/assets/{sankeyDiagram-5OEKKPKP-J_XTKrcY.js → sankeyDiagram-5OEKKPKP-CaOofS2x.js} +1 -1
  214. package/web-shell/assets/{sequenceDiagram-3UESZ5HK-D7jTcBtf.js → sequenceDiagram-3UESZ5HK-DFQ_kFnN.js} +1 -1
  215. package/web-shell/assets/{stateDiagram-AJRCARHV-CrlM_OT3.js → stateDiagram-AJRCARHV-D3snw0Tz.js} +1 -1
  216. package/web-shell/assets/stateDiagram-v2-BHNVJYJU-BbSm_9d0.js +1 -0
  217. package/web-shell/assets/{timeline-definition-PNZ67QCA-5oZi76Ef.js → timeline-definition-PNZ67QCA-l4zH8nLM.js} +1 -1
  218. package/web-shell/assets/{vennDiagram-CIIHVFJN-DO5YptPK.js → vennDiagram-CIIHVFJN-BnRlA98M.js} +1 -1
  219. package/web-shell/assets/{wardley-L42UT6IY-4t1eJDvM.js → wardley-L42UT6IY-BS0xUdmd.js} +1 -1
  220. package/web-shell/assets/{wardleyDiagram-YWT4CUSO-DKZc661S.js → wardleyDiagram-YWT4CUSO-DKGBUWyQ.js} +1 -1
  221. package/web-shell/assets/{xychartDiagram-2RQKCTM6-su9hp08G.js → xychartDiagram-2RQKCTM6-DVb2HuOB.js} +1 -1
  222. package/web-shell/index.html +2 -2
  223. package/web-shell/assets/channel-BNf1dW-j.js +0 -1
  224. package/web-shell/assets/classDiagram-4FO5ZUOK-uOIGlzgi.js +0 -1
  225. package/web-shell/assets/classDiagram-v2-Q7XG4LA2-uOIGlzgi.js +0 -1
  226. package/web-shell/assets/index-CnE2ur2L.js +0 -779
  227. package/web-shell/assets/index-hSKXrlSE.css +0 -5
  228. package/web-shell/assets/stateDiagram-v2-BHNVJYJU-Bs4TK_84.js +0 -1
@@ -77,6 +77,7 @@ __name(getGlobalQwenDir, "getGlobalQwenDir");
77
77
  // packages/channels/base/dist/AcpBridge.js
78
78
  init_esbuild_shims();
79
79
  import { spawn } from "node:child_process";
80
+ import { randomUUID } from "node:crypto";
80
81
  import { Readable, Writable } from "node:stream";
81
82
  import { EventEmitter } from "node:events";
82
83
 
@@ -240,6 +241,7 @@ __name(readId, "readId");
240
241
  // packages/channels/base/dist/AcpBridge.js
241
242
  var MID_TURN_QUEUE_DRAIN_METHOD = "craft/drainMidTurnQueue";
242
243
  var ACP_EVENT_LOOP_STALL_RESTART_MS = 5 * 60 * 1e3;
244
+ var ACP_PERMISSION_RESPONSE_TIMEOUT_MS = 5 * 60 * 1e3;
243
245
  var ACP_EVENT_LOOP_STALL_RE = /^\[perf\] acp agent event loop stall: max=(\d+(?:\.\d+)?)ms/m;
244
246
  function readAvailableCommandAltNames(raw) {
245
247
  if (typeof raw !== "object" || raw === null)
@@ -266,6 +268,7 @@ var AcpBridge = class extends EventEmitter {
266
268
  channelLoopToolHandlers = [];
267
269
  channelLoopMcpRegistered = false;
268
270
  channelLoopMcpRegistration = null;
271
+ pendingPermissions = /* @__PURE__ */ new Map();
269
272
  constructor(options) {
270
273
  super();
271
274
  this.options = options;
@@ -292,7 +295,7 @@ var AcpBridge = class extends EventEmitter {
292
295
  this.child.stderr?.on("data", (data) => {
293
296
  const msg = data.toString().trim();
294
297
  if (msg) {
295
- process.stderr.write(`[AcpBridge] ${msg}
298
+ process.stderr.write(`[AcpBridge] ${sanitizeLogText(msg, 4096)}
296
299
  `);
297
300
  this.maybeKillOnEventLoopStall(msg);
298
301
  }
@@ -300,6 +303,7 @@ var AcpBridge = class extends EventEmitter {
300
303
  this.child.on("exit", (code, signal) => {
301
304
  process.stderr.write(`[AcpBridge] Process exited (code=${code}, signal=${signal})
302
305
  `);
306
+ this.resolvePendingPermissions();
303
307
  this.connection = null;
304
308
  this.child = null;
305
309
  this.emit("disconnected", code, signal);
@@ -316,11 +320,7 @@ var AcpBridge = class extends EventEmitter {
316
320
  this.handleSessionUpdate(params);
317
321
  return Promise.resolve();
318
322
  }, "sessionUpdate"),
319
- requestPermission: /* @__PURE__ */ __name(async (params) => {
320
- const options = Array.isArray(params.options) ? params.options : [];
321
- const optionId = options.find((o) => o.optionId === "proceed_once")?.optionId || options[0]?.optionId || "proceed_once";
322
- return { outcome: { outcome: "selected", optionId } };
323
- }, "requestPermission"),
323
+ requestPermission: /* @__PURE__ */ __name(async (params) => this.requestPermission(params), "requestPermission"),
324
324
  extMethod: /* @__PURE__ */ __name(async (method, params) => this.handleExtMethod(method, params), "extMethod"),
325
325
  extNotification: /* @__PURE__ */ __name(async () => {
326
326
  }, "extNotification")
@@ -387,9 +387,28 @@ var AcpBridge = class extends EventEmitter {
387
387
  }
388
388
  async cancelSession(sessionId) {
389
389
  const conn = this.ensureConnection();
390
- await conn.cancel({ sessionId });
390
+ try {
391
+ await conn.cancel({ sessionId });
392
+ } finally {
393
+ this.resolvePendingPermissions(sessionId);
394
+ }
395
+ }
396
+ async respondToPermission(requestId, response) {
397
+ const pending = this.pendingPermissions.get(requestId);
398
+ if (!pending) {
399
+ return false;
400
+ }
401
+ clearTimeout(pending.timeout);
402
+ this.pendingPermissions.delete(requestId);
403
+ pending.resolve(response);
404
+ this.emit("permissionResolved", {
405
+ requestId,
406
+ outcome: response.outcome
407
+ });
408
+ return true;
391
409
  }
392
410
  stop() {
411
+ this.resolvePendingPermissions();
393
412
  if (this.child) {
394
413
  this.child.kill();
395
414
  this.child = null;
@@ -445,6 +464,53 @@ var AcpBridge = class extends EventEmitter {
445
464
  }
446
465
  return this.connection;
447
466
  }
467
+ requestPermission(request) {
468
+ const requestId = `acp-permission-${randomUUID()}`;
469
+ const sessionId = typeof request.sessionId === "string" && request.sessionId.length > 0 ? request.sessionId : request.toolCall.toolCallId;
470
+ return new Promise((resolve2) => {
471
+ const timeout = setTimeout(() => {
472
+ const pending = this.pendingPermissions.get(requestId);
473
+ if (!pending) {
474
+ return;
475
+ }
476
+ process.stderr.write(`[AcpBridge] permission request ${sanitizeLogText(requestId, 128)} timed out after ${ACP_PERMISSION_RESPONSE_TIMEOUT_MS}ms (session=${sanitizeLogText(pending.sessionId, 128)})
477
+ `);
478
+ this.pendingPermissions.delete(requestId);
479
+ const response = {
480
+ outcome: { outcome: "cancelled" }
481
+ };
482
+ pending.resolve(response);
483
+ this.emit("permissionResolved", {
484
+ requestId,
485
+ outcome: response.outcome
486
+ });
487
+ }, ACP_PERMISSION_RESPONSE_TIMEOUT_MS);
488
+ timeout.unref?.();
489
+ this.pendingPermissions.set(requestId, { sessionId, resolve: resolve2, timeout });
490
+ this.emit("permissionRequest", {
491
+ requestId,
492
+ sessionId,
493
+ request
494
+ });
495
+ });
496
+ }
497
+ resolvePendingPermissions(sessionId) {
498
+ const response = {
499
+ outcome: { outcome: "cancelled" }
500
+ };
501
+ for (const [requestId, pending] of this.pendingPermissions) {
502
+ if (sessionId !== void 0 && pending.sessionId !== sessionId) {
503
+ continue;
504
+ }
505
+ clearTimeout(pending.timeout);
506
+ this.pendingPermissions.delete(requestId);
507
+ pending.resolve(response);
508
+ this.emit("permissionResolved", {
509
+ requestId,
510
+ outcome: response.outcome
511
+ });
512
+ }
513
+ }
448
514
  maybeKillOnEventLoopStall(stderr) {
449
515
  const match = ACP_EVENT_LOOP_STALL_RE.exec(stderr);
450
516
  if (!match)
@@ -1237,6 +1303,36 @@ var GroupGate = class {
1237
1303
  }
1238
1304
  };
1239
1305
 
1306
+ // packages/channels/base/dist/DmGate.js
1307
+ init_esbuild_shims();
1308
+ var DmGate = class {
1309
+ static {
1310
+ __name(this, "DmGate");
1311
+ }
1312
+ policy;
1313
+ constructor(policy = "open") {
1314
+ this.policy = policy;
1315
+ }
1316
+ /**
1317
+ * DM check: policy gating for private/non-group messages.
1318
+ * Evaluation order:
1319
+ * 1. Group messages bypass this gate (handled by GroupGate)
1320
+ * 2. dmPolicy (disabled → drop)
1321
+ *
1322
+ * Symmetric with GroupGate — GroupGate owns group messages,
1323
+ * DmGate owns DM messages.
1324
+ */
1325
+ check(envelope) {
1326
+ if (envelope.isGroup) {
1327
+ return { allowed: true };
1328
+ }
1329
+ if (this.policy === "disabled") {
1330
+ return { allowed: false, reason: "disabled" };
1331
+ }
1332
+ return { allowed: true };
1333
+ }
1334
+ };
1335
+
1240
1336
  // packages/channels/base/dist/group-history-store.js
1241
1337
  init_esbuild_shims();
1242
1338
  import { appendFileSync, chmodSync, existsSync, mkdirSync, readFileSync, renameSync, writeFileSync } from "node:fs";
@@ -2359,6 +2455,7 @@ var ChannelBase = class {
2359
2455
  config;
2360
2456
  bridge;
2361
2457
  groupGate;
2458
+ dmGate;
2362
2459
  gate;
2363
2460
  router;
2364
2461
  name;
@@ -2394,6 +2491,17 @@ var ChannelBase = class {
2394
2491
  bridgeSessionDiedListener = /* @__PURE__ */ __name((event) => {
2395
2492
  this.onSessionDied(event.sessionId);
2396
2493
  }, "bridgeSessionDiedListener");
2494
+ bridgePermissionRequestListener = /* @__PURE__ */ __name((event) => {
2495
+ void this.dispatchPermissionRequest(event).catch((err) => {
2496
+ process.stderr.write(`[${this.name}] permission relay failed for request ${sanitizeLogText(event.requestId, 128)}: ${this.lifecycleError(err)}
2497
+ `);
2498
+ });
2499
+ }, "bridgePermissionRequestListener");
2500
+ bridgePermissionResolvedListener = /* @__PURE__ */ __name((event) => {
2501
+ this.dispatchPermissionResolved(event);
2502
+ }, "bridgePermissionResolvedListener");
2503
+ pendingPermissions = /* @__PURE__ */ new Map();
2504
+ pendingPermissionsByChat = /* @__PURE__ */ new Map();
2397
2505
  channelLoopToolHandler = {
2398
2506
  canHandle: /* @__PURE__ */ __name((sessionId) => this.router.getTarget(sessionId)?.channelName === this.name, "canHandle"),
2399
2507
  create: /* @__PURE__ */ __name((sessionId, input) => this.createLoopFromTool(sessionId, input), "create"),
@@ -2423,6 +2531,78 @@ var ChannelBase = class {
2423
2531
  }
2424
2532
  this.onToolCall(chatId, event);
2425
2533
  }
2534
+ async dispatchPermissionRequest(event) {
2535
+ const target = this.permissionTargetForEvent(event);
2536
+ if (!target) {
2537
+ try {
2538
+ await this.bridge.respondToPermission?.(event.requestId, {
2539
+ outcome: { outcome: "cancelled" }
2540
+ });
2541
+ } catch (respondErr) {
2542
+ process.stderr.write(`[${this.name}] permission cancellation failed for request ${sanitizeLogText(event.requestId, 128)}: ${this.lifecycleError(respondErr)}
2543
+ `);
2544
+ }
2545
+ return;
2546
+ }
2547
+ this.removePendingPermission(event.requestId);
2548
+ const pending = {
2549
+ requestId: event.requestId,
2550
+ sessionId: event.sessionId,
2551
+ target,
2552
+ request: event.request
2553
+ };
2554
+ this.pendingPermissions.set(event.requestId, pending);
2555
+ const chatKey = this.permissionChatKey(target);
2556
+ const requestIds = this.pendingPermissionsByChat.get(chatKey) ?? [];
2557
+ requestIds.push(event.requestId);
2558
+ this.pendingPermissionsByChat.set(chatKey, requestIds);
2559
+ try {
2560
+ const text = this.formatPermissionRequest(pending);
2561
+ if (target.threadId !== void 0 && this.supportsProactiveSend() && this.supportsProactiveTarget(target)) {
2562
+ await this.pushProactive(target, text);
2563
+ } else {
2564
+ await this.sendMessage(target.chatId, text);
2565
+ }
2566
+ } catch (err) {
2567
+ this.removePendingPermission(event.requestId);
2568
+ try {
2569
+ await this.bridge.respondToPermission?.(event.requestId, {
2570
+ outcome: { outcome: "cancelled" }
2571
+ });
2572
+ } catch (respondErr) {
2573
+ process.stderr.write(`[${this.name}] permission cancellation failed for request ${sanitizeLogText(event.requestId, 128)}: ${this.lifecycleError(respondErr)}
2574
+ `);
2575
+ }
2576
+ throw err;
2577
+ }
2578
+ }
2579
+ permissionTargetForEvent(event) {
2580
+ const routeTarget = this.router.getTarget(event.sessionId);
2581
+ if (!routeTarget || routeTarget.channelName !== this.name) {
2582
+ return void 0;
2583
+ }
2584
+ const active = this.activePrompts.get(event.sessionId);
2585
+ if (!active) {
2586
+ return routeTarget;
2587
+ }
2588
+ const target = {
2589
+ channelName: routeTarget.channelName,
2590
+ senderId: active.senderId ?? routeTarget.senderId,
2591
+ chatId: active.chatId
2592
+ };
2593
+ if (active.threadId !== void 0) {
2594
+ target.threadId = active.threadId;
2595
+ }
2596
+ if (active.isGroup !== void 0) {
2597
+ target.isGroup = active.isGroup;
2598
+ } else if (routeTarget.isGroup !== void 0) {
2599
+ target.isGroup = routeTarget.isGroup;
2600
+ }
2601
+ return target;
2602
+ }
2603
+ dispatchPermissionResolved(event) {
2604
+ this.removePendingPermission(event.requestId);
2605
+ }
2426
2606
  constructor(name, config, bridge, options) {
2427
2607
  this.name = name;
2428
2608
  this.config = config;
@@ -2435,6 +2615,7 @@ var ChannelBase = class {
2435
2615
  this.groupHistory = new GroupHistoryStore(options?.groupHistoryPath ?? join4(getGlobalQwenDir(), "channels", `${encodeURIComponent(name)}-group-history.jsonl`));
2436
2616
  this.loopController = options?.loopController;
2437
2617
  this.groupGate = new GroupGate(config.groupPolicy, config.groups);
2618
+ this.dmGate = new DmGate(config.dmPolicy);
2438
2619
  const pairingStore = config.senderPolicy === "pairing" ? new PairingStore(name) : void 0;
2439
2620
  this.gate = new SenderGate(config.senderPolicy, config.allowedUsers, pairingStore);
2440
2621
  this.router = options?.router || new SessionRouter(bridge, config.cwd, config.sessionScope);
@@ -2554,6 +2735,7 @@ var ChannelBase = class {
2554
2735
  if (this.registerBridgeEvents) {
2555
2736
  this.detachBridgeEvents(this.bridge);
2556
2737
  }
2738
+ this.clearPendingPermissions();
2557
2739
  this.router.setBridge(bridge);
2558
2740
  this.bridge = bridge;
2559
2741
  if (this.loopController) {
@@ -2654,6 +2836,8 @@ ${promptText}`;
2654
2836
  done,
2655
2837
  resolve: doneResolve,
2656
2838
  chatId: job.target.chatId,
2839
+ threadId: job.target.threadId,
2840
+ isGroup: job.target.isGroup,
2657
2841
  messageId: job.id,
2658
2842
  senderId: job.target.senderId,
2659
2843
  senderName: job.createdBy,
@@ -2930,14 +3114,19 @@ ${promptText}`;
2930
3114
  onSessionDied(sessionId) {
2931
3115
  this.router.removeSessionId(sessionId);
2932
3116
  this.instructedSessions.delete(sessionId);
3117
+ this.removePendingPermissionsForSession(sessionId);
2933
3118
  }
2934
3119
  attachBridgeEvents(bridge) {
2935
3120
  bridge.on("toolCall", this.bridgeToolCallListener);
2936
3121
  bridge.on("sessionDied", this.bridgeSessionDiedListener);
3122
+ bridge.on("permissionRequest", this.bridgePermissionRequestListener);
3123
+ bridge.on("permissionResolved", this.bridgePermissionResolvedListener);
2937
3124
  }
2938
3125
  detachBridgeEvents(bridge) {
2939
3126
  bridge.off("toolCall", this.bridgeToolCallListener);
2940
3127
  bridge.off("sessionDied", this.bridgeSessionDiedListener);
3128
+ bridge.off("permissionRequest", this.bridgePermissionRequestListener);
3129
+ bridge.off("permissionResolved", this.bridgePermissionResolvedListener);
2941
3130
  }
2942
3131
  /**
2943
3132
  * Called when a prompt actually begins processing (inside the session queue).
@@ -3002,6 +3191,182 @@ ${promptText}`;
3002
3191
  return true;
3003
3192
  });
3004
3193
  }
3194
+ permissionChatKey(target) {
3195
+ return `${target.chatId}\0${target.threadId ?? ""}`;
3196
+ }
3197
+ pendingPermissionIdsForChatKey(chatKey) {
3198
+ const requestIds = this.pendingPermissionsByChat.get(chatKey);
3199
+ if (!requestIds) {
3200
+ return [];
3201
+ }
3202
+ const live = requestIds.filter((id) => this.pendingPermissions.has(id));
3203
+ if (live.length === 0) {
3204
+ this.pendingPermissionsByChat.delete(chatKey);
3205
+ } else if (live.length !== requestIds.length) {
3206
+ this.pendingPermissionsByChat.set(chatKey, live);
3207
+ }
3208
+ return live;
3209
+ }
3210
+ removePendingPermission(requestId) {
3211
+ const pending = this.pendingPermissions.get(requestId);
3212
+ if (!pending) {
3213
+ return;
3214
+ }
3215
+ this.pendingPermissions.delete(requestId);
3216
+ const chatKey = this.permissionChatKey(pending.target);
3217
+ const requestIds = this.pendingPermissionsByChat.get(chatKey);
3218
+ if (!requestIds) {
3219
+ return;
3220
+ }
3221
+ const remaining = requestIds.filter((id) => id !== requestId);
3222
+ if (remaining.length === 0) {
3223
+ this.pendingPermissionsByChat.delete(chatKey);
3224
+ } else {
3225
+ this.pendingPermissionsByChat.set(chatKey, remaining);
3226
+ }
3227
+ }
3228
+ removePendingPermissionsForSession(sessionId) {
3229
+ const requestIds = Array.from(this.pendingPermissions).filter(([, pending]) => pending.sessionId === sessionId).map(([requestId]) => requestId);
3230
+ for (const requestId of requestIds) {
3231
+ this.removePendingPermission(requestId);
3232
+ }
3233
+ }
3234
+ clearPendingPermissions() {
3235
+ this.pendingPermissions.clear();
3236
+ this.pendingPermissionsByChat.clear();
3237
+ }
3238
+ pendingPermissionForEnvelope(envelope, args) {
3239
+ const trimmed = args.trim();
3240
+ if (trimmed) {
3241
+ const explicit = this.pendingPermissions.get(trimmed);
3242
+ if (explicit && this.canEnvelopeAnswerPendingPermission(envelope, explicit)) {
3243
+ return { kind: "found", pending: explicit };
3244
+ }
3245
+ return { kind: "none", explicit: true };
3246
+ }
3247
+ const requestIds = this.pendingPermissionIdsForChatKey(this.permissionChatKey(envelope));
3248
+ if (requestIds.length === 0) {
3249
+ return { kind: "none", explicit: false };
3250
+ }
3251
+ const matching = requestIds.map((id) => this.pendingPermissions.get(id)).filter((pending) => pending !== void 0 && this.canEnvelopeAnswerPendingPermission(envelope, pending));
3252
+ if (matching.length === 0) {
3253
+ return { kind: "none", explicit: false };
3254
+ }
3255
+ if (matching.length > 1) {
3256
+ return {
3257
+ kind: "ambiguous",
3258
+ requestIds: matching.map((pending) => pending.requestId)
3259
+ };
3260
+ }
3261
+ return { kind: "found", pending: matching[0] };
3262
+ }
3263
+ canEnvelopeAnswerPendingPermission(envelope, pending) {
3264
+ return pending.target.chatId === envelope.chatId && pending.target.threadId === envelope.threadId && (this.isSharedSessionTarget(pending.target) || pending.target.senderId === envelope.senderId);
3265
+ }
3266
+ formatPermissionRequest(pending) {
3267
+ const { toolCall } = pending.request;
3268
+ const title = sanitizeQuotedText(toolCall.title || "Tool use", 160);
3269
+ const alwaysOption = this.approvalAlwaysOption(pending);
3270
+ const replies = [
3271
+ "/approve allow once",
3272
+ ...alwaysOption ? [`/approve-always ${alwaysOption.label}`] : [],
3273
+ "/deny deny"
3274
+ ];
3275
+ const lines = [
3276
+ "Permission required to run a tool",
3277
+ "",
3278
+ "Command:",
3279
+ title,
3280
+ "",
3281
+ "Reply with:",
3282
+ ...replies
3283
+ ];
3284
+ return lines.join("\n");
3285
+ }
3286
+ approvalOptionId(pending) {
3287
+ const options = pending.request.options;
3288
+ return options.find((option) => option.kind === "allow_once")?.optionId ?? options.find((option) => option.optionId === "proceed_once" && option.kind === void 0)?.optionId;
3289
+ }
3290
+ approvalAlwaysOption(pending) {
3291
+ const options = pending.request.options.filter((option2) => option2.kind === "allow_always");
3292
+ const option = this.findScopedAlwaysOption(options, "project") ?? this.findScopedAlwaysOption(options, "user") ?? options[0];
3293
+ if (!option) {
3294
+ return void 0;
3295
+ }
3296
+ return {
3297
+ optionId: option.optionId,
3298
+ label: this.approvalAlwaysLabel(option)
3299
+ };
3300
+ }
3301
+ findScopedAlwaysOption(options, scope) {
3302
+ return options.find((option) => option.optionId === `proceed_always_${scope}`);
3303
+ }
3304
+ approvalAlwaysLabel(option) {
3305
+ if (option.optionId === "proceed_always_project") {
3306
+ return "always allow for this project";
3307
+ }
3308
+ if (option.optionId === "proceed_always_user") {
3309
+ return "always allow for this user";
3310
+ }
3311
+ return "always allow";
3312
+ }
3313
+ denialResponse(pending) {
3314
+ const option = pending.request.options.find((candidate) => candidate.kind === "reject_once") ?? pending.request.options.find((candidate) => candidate.optionId === "cancel" && candidate.kind === void 0);
3315
+ if (option) {
3316
+ return { outcome: { outcome: "selected", optionId: option.optionId } };
3317
+ }
3318
+ return { outcome: { outcome: "cancelled" } };
3319
+ }
3320
+ async handlePermissionResponseCommand(envelope, args, decision) {
3321
+ if (!this.isAuthorizedForSharedSession(envelope)) {
3322
+ await this.sendMessage(envelope.chatId, "Only authorized members can answer permission requests in this shared session.");
3323
+ return true;
3324
+ }
3325
+ const lookup = this.pendingPermissionForEnvelope(envelope, args);
3326
+ if (lookup.kind === "ambiguous") {
3327
+ const requestList = lookup.requestIds.slice(0, 6).map((id) => {
3328
+ const pending2 = this.pendingPermissions.get(id);
3329
+ const title = pending2 ? `: ${sanitizeQuotedText(pending2.request.toolCall.title || "Tool use", 160)}` : "";
3330
+ return `- ${sanitizeQuotedText(id, 128)}${title}`;
3331
+ }).join("\n");
3332
+ await this.sendMessage(envelope.chatId, `Multiple permission requests are pending for this chat. Reply with /${decision} <request-id>.
3333
+ ${requestList}`);
3334
+ return true;
3335
+ }
3336
+ if (lookup.kind === "none") {
3337
+ await this.sendMessage(envelope.chatId, lookup.explicit ? "No pending permission request with that id for this chat." : "No pending permission request for this chat.");
3338
+ return true;
3339
+ }
3340
+ if (!this.bridge.respondToPermission) {
3341
+ await this.sendMessage(envelope.chatId, "Permission relay is not available for this session.");
3342
+ return true;
3343
+ }
3344
+ const { pending } = lookup;
3345
+ const response = (() => {
3346
+ if (decision === "deny") {
3347
+ return this.denialResponse(pending);
3348
+ }
3349
+ const optionId = decision === "approve" ? this.approvalOptionId(pending) : this.approvalAlwaysOption(pending)?.optionId;
3350
+ return optionId ? { outcome: { outcome: "selected", optionId } } : void 0;
3351
+ })();
3352
+ if (!response) {
3353
+ await this.sendMessage(envelope.chatId, decision === "approve-always" ? "This permission request has no always-allow option." : "This permission request has no approvable option.");
3354
+ return true;
3355
+ }
3356
+ let accepted;
3357
+ try {
3358
+ accepted = await this.bridge.respondToPermission(pending.requestId, response);
3359
+ } catch (err) {
3360
+ this.removePendingPermission(pending.requestId);
3361
+ process.stderr.write(`[${this.name}] permission response failed for request ${sanitizeLogText(pending.requestId, 128)}: ${this.lifecycleError(err)}
3362
+ `);
3363
+ await this.sendMessage(envelope.chatId, "Failed to answer the permission request.");
3364
+ return true;
3365
+ }
3366
+ this.removePendingPermission(pending.requestId);
3367
+ await this.sendMessage(envelope.chatId, accepted ? decision === "approve" ? "Permission approved." : decision === "approve-always" ? "Permission approved always." : "Permission denied." : "Permission request is no longer pending.");
3368
+ return true;
3369
+ }
3005
3370
  /** Register shared slash commands. Called from constructor. */
3006
3371
  registerSharedCommands() {
3007
3372
  const doClear = /* @__PURE__ */ __name(async (envelope) => {
@@ -3015,6 +3380,7 @@ ${promptText}`;
3015
3380
  `);
3016
3381
  }
3017
3382
  this.sessionGenerations.set(id, (this.sessionGenerations.get(id) ?? 0) + 1);
3383
+ this.removePendingPermissionsForSession(id);
3018
3384
  const active = this.activePrompts.get(id);
3019
3385
  this.dropCollectBuffer(id);
3020
3386
  if (active) {
@@ -3068,6 +3434,9 @@ ${promptText}`;
3068
3434
  this.registerCommand("clear", clearHandler);
3069
3435
  this.registerCommand("reset", clearHandler);
3070
3436
  this.registerCommand("new", clearHandler);
3437
+ this.registerCommand("approve", (envelope, args) => this.handlePermissionResponseCommand(envelope, args, "approve"));
3438
+ this.registerCommand("approve-always", (envelope, args) => this.handlePermissionResponseCommand(envelope, args, "approve-always"));
3439
+ this.registerCommand("deny", (envelope, args) => this.handlePermissionResponseCommand(envelope, args, "deny"));
3071
3440
  this.registerCommand("remember-channel", async (envelope, args) => {
3072
3441
  const text = args.trim();
3073
3442
  if (text === "") {
@@ -3126,13 +3495,19 @@ ${promptText}`;
3126
3495
  "/help \u2014 Show this help",
3127
3496
  this.isSharedSession(envelope) ? "/clear confirm \u2014 Clear the shared session (aliases: /reset, /new)" : "/clear \u2014 Clear your session (aliases: /reset, /new)",
3128
3497
  "/who \u2014 Show current session & workspace",
3129
- "/status \u2014 Show session info"
3498
+ "/status \u2014 Show session info",
3499
+ "/approve [request-id] \u2014 Approve a pending permission request",
3500
+ "/approve-always [request-id] \u2014 Always approve a pending permission request",
3501
+ "/deny [request-id] \u2014 Deny a pending permission request"
3130
3502
  ];
3131
3503
  const sharedCmds = /* @__PURE__ */ new Set([
3132
3504
  "help",
3133
3505
  "clear",
3134
3506
  "reset",
3135
3507
  "new",
3508
+ "approve",
3509
+ "approve-always",
3510
+ "deny",
3136
3511
  "remember-channel",
3137
3512
  "channel-memory",
3138
3513
  "forget-channel",
@@ -3482,7 +3857,7 @@ ${promptText}`;
3482
3857
  isMentioned: true,
3483
3858
  isReplyToBot: true
3484
3859
  };
3485
- return this.groupGate.check(envelope).allowed && this.gate.isAllowed(normalizedTarget.senderId) && this.isAuthorizedForSharedSession(envelope);
3860
+ return this.groupGate.check(envelope).allowed && this.dmGate.check(envelope).allowed && this.gate.isAllowed(normalizedTarget.senderId) && this.isAuthorizedForSharedSession(envelope);
3486
3861
  }
3487
3862
  /** Check if a message text matches a registered local command. */
3488
3863
  isLocalCommand(text) {
@@ -3915,6 +4290,10 @@ ${promptText}`;
3915
4290
  }
3916
4291
  return false;
3917
4292
  }
4293
+ const dmResult = this.dmGate.check(envelope);
4294
+ if (!dmResult.allowed) {
4295
+ return false;
4296
+ }
3918
4297
  const result = this.gate.check(envelope.senderId, envelope.senderName);
3919
4298
  if (!result.allowed) {
3920
4299
  if (result.pairingCode !== void 0) {
@@ -4153,6 +4532,8 @@ ${promptToSend}`;
4153
4532
  done,
4154
4533
  resolve: doneResolve,
4155
4534
  chatId: envelope.chatId,
4535
+ threadId: envelope.threadId,
4536
+ isGroup: envelope.isGroup,
4156
4537
  messageId: envelope.messageId,
4157
4538
  senderId: envelope.senderId,
4158
4539
  senderName: envelope.senderName
@@ -2,7 +2,7 @@
2
2
  "use strict";
3
3
  import {
4
4
  runExitCleanup
5
- } from "./chunk-QCSLZO6J.js";
5
+ } from "./chunk-JCH35JB3.js";
6
6
  import {
7
7
  init_esbuild_shims
8
8
  } from "./chunk-A4BMJM77.js";
@@ -60,7 +60,7 @@ async function runExitCleanup(options = {}) {
60
60
  }
61
61
  __name(runExitCleanup, "runExitCleanup");
62
62
  async function cleanupCheckpoints() {
63
- const { Storage } = await import("./src-NLEX4CUC.js");
63
+ const { Storage } = await import("./src-BBQSM46M.js");
64
64
  const storage = new Storage(process.cwd());
65
65
  const tempDir = storage.getProjectTempDir();
66
66
  const checkpointsDir = join(tempDir, "checkpoints");
@@ -8,16 +8,16 @@ import {
8
8
  initializeI18n,
9
9
  resolveLanguageSetting,
10
10
  t
11
- } from "./chunk-TBLJNMI7.js";
11
+ } from "./chunk-O33TBKDC.js";
12
12
  import {
13
13
  IdeClient
14
- } from "./chunk-E7HM76PR.js";
14
+ } from "./chunk-3GNOQZDC.js";
15
15
  import {
16
16
  AuthEvent,
17
17
  IdeConnectionEvent,
18
18
  logAuth,
19
19
  logIdeConnection
20
- } from "./chunk-7I4MGFBN.js";
20
+ } from "./chunk-BUZ6HGL4.js";
21
21
  import {
22
22
  getErrorMessage
23
23
  } from "./chunk-22MNNNXE.js";
@@ -2,7 +2,7 @@
2
2
  "use strict";
3
3
  import {
4
4
  parseRule
5
- } from "./chunk-E7HM76PR.js";
5
+ } from "./chunk-3GNOQZDC.js";
6
6
  import {
7
7
  init_esbuild_shims
8
8
  } from "./chunk-A4BMJM77.js";
@@ -5,10 +5,10 @@ import {
5
5
  } from "./chunk-KHDZHZMH.js";
6
6
  import {
7
7
  getCliVersion
8
- } from "./chunk-XUSONNJ4.js";
8
+ } from "./chunk-UXEW557D.js";
9
9
  import {
10
10
  IdeClient
11
- } from "./chunk-E7HM76PR.js";
11
+ } from "./chunk-3GNOQZDC.js";
12
12
  import {
13
13
  createDebugLogger
14
14
  } from "./chunk-22MNNNXE.js";
@@ -27,7 +27,7 @@ import { execFile } from "node:child_process";
27
27
 
28
28
  // packages/cli/src/generated/git-commit.ts
29
29
  init_esbuild_shims();
30
- var GIT_COMMIT_INFO = "1b72d7063";
30
+ var GIT_COMMIT_INFO = "34b1a8324";
31
31
 
32
32
  // packages/cli/src/utils/systemInfo.ts
33
33
  var debugLogger = createDebugLogger("STATUS");