@qwen-code/sdk 0.1.6-preview.0 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/README.md +17 -9
  2. package/dist/cli/cli.js +101221 -78905
  3. package/dist/cli/locales/de.js +298 -5
  4. package/dist/cli/locales/en.js +288 -5
  5. package/dist/cli/locales/ja.js +287 -5
  6. package/dist/cli/locales/pt.js +293 -5
  7. package/dist/cli/locales/ru.js +288 -5
  8. package/dist/cli/locales/zh.js +273 -4
  9. package/dist/cli/vendor/tree-sitter/tree-sitter-bash.wasm +0 -0
  10. package/dist/cli/vendor/tree-sitter/tree-sitter.wasm +0 -0
  11. package/package.json +1 -1
package/README.md CHANGED
@@ -65,15 +65,18 @@ Creates a new query session with the Qwen Code.
65
65
  | `abortController` | `AbortController` | - | Controller to cancel the query session. Call `abortController.abort()` to terminate the session and cleanup resources. |
66
66
  | `debug` | `boolean` | `false` | Enable debug mode for verbose logging from the CLI process. |
67
67
  | `maxSessionTurns` | `number` | `-1` (unlimited) | Maximum number of conversation turns before the session automatically terminates. A turn consists of a user message and an assistant response. |
68
- | `coreTools` | `string[]` | - | Equivalent to `tool.core` in settings.json. If specified, only these tools will be available to the AI. Example: `['read_file', 'write_file', 'run_terminal_cmd']`. |
69
- | `excludeTools` | `string[]` | - | Equivalent to `tool.exclude` in settings.json. Excluded tools return a permission error immediately. Takes highest priority over all other permission settings. Supports pattern matching: tool name (`'write_file'`), tool class (`'ShellTool'`), or shell command prefix (`'ShellTool(rm )'`). |
70
- | `allowedTools` | `string[]` | - | Equivalent to `tool.allowed` in settings.json. Matching tools bypass `canUseTool` callback and execute automatically. Only applies when tool requires confirmation. Supports same pattern matching as `excludeTools`. |
68
+ | `coreTools` | `string[]` | - | Equivalent to `permissions.allow` in settings.json as an allowlist. If specified, only these tools will be available to the AI (all other tools are disabled at registry level). Supports tool name aliases and pattern matching. Example: `['Read', 'Edit', 'Bash(git *)']`. |
69
+ | `excludeTools` | `string[]` | - | Equivalent to `permissions.deny` in settings.json. Excluded tools return a permission error immediately. Takes highest priority over all other permission settings. Supports tool name aliases and pattern matching: tool name (`'write_file'`), shell command prefix (`'Bash(rm *)'`), or path patterns (`'Read(.env)'`, `'Edit(/src/**)'`). |
70
+ | `allowedTools` | `string[]` | - | Equivalent to `permissions.allow` in settings.json. Matching tools bypass `canUseTool` callback and execute automatically. Only applies when tool requires confirmation. Supports same pattern matching as `excludeTools`. Example: `['ShellTool(git status)', 'ShellTool(npm test)']`. |
71
71
  | `authType` | `'openai' \| 'qwen-oauth'` | `'openai'` | Authentication type for the AI service. Using `'qwen-oauth'` in SDK is not recommended as credentials are stored in `~/.qwen` and may need periodic refresh. |
72
72
  | `agents` | `SubagentConfig[]` | - | Configuration for subagents that can be invoked during the session. Subagents are specialized AI agents for specific tasks or domains. |
73
73
  | `includePartialMessages` | `boolean` | `false` | When `true`, the SDK emits incomplete messages as they are being generated, allowing real-time streaming of the AI's response. |
74
74
  | `resume` | `string` | - | Resume a previous session by providing its session ID. Equivalent to CLI's `--resume` flag. |
75
75
  | `sessionId` | `string` | - | Specify a session ID for the new session. Ensures SDK and CLI use the same ID without resuming history. Equivalent to CLI's `--session-id` flag. |
76
76
 
77
+ > [!tip]
78
+ > If you need to configure `coreTools`, `excludeTools`, or `allowedTools`, it is **strongly recommended** to read the [permissions configuration documentation](../docs/users/configuration/settings.md#permissions) first, especially the **Tool name aliases** and **Rule syntax examples** sections, to understand the available aliases and pattern matching syntax (e.g., `Bash(git *)`, `Read(.env)`, `Edit(/src/**)`).
79
+
77
80
  ### Timeouts
78
81
 
79
82
  The SDK enforces the following default timeouts:
@@ -157,12 +160,17 @@ The SDK supports different permission modes for controlling tool execution:
157
160
 
158
161
  ### Permission Priority Chain
159
162
 
160
- 1. `excludeTools` - Blocks tools completely
161
- 2. `permissionMode: 'plan'` - Blocks non-read-only tools
162
- 3. `permissionMode: 'yolo'` - Auto-approves all tools
163
- 4. `allowedTools` - Auto-approves matching tools
164
- 5. `canUseTool` callback - Custom approval logic
165
- 6. Default behavior - Auto-deny in SDK mode
163
+ Decision priority (highest first): `deny` > `ask` > `allow` > _(default/interactive mode)_
164
+
165
+ The first matching rule wins.
166
+
167
+ 1. `excludeTools` / `permissions.deny` - Blocks tools completely (returns permission error)
168
+ 2. `permissions.ask` - Always requires user confirmation
169
+ 3. `permissionMode: 'plan'` - Blocks all non-read-only tools
170
+ 4. `permissionMode: 'yolo'` - Auto-approves all tools
171
+ 5. `allowedTools` / `permissions.allow` - Auto-approves matching tools
172
+ 6. `canUseTool` callback - Custom approval logic (if provided, not called for allowed tools)
173
+ 7. Default behavior - Auto-deny in SDK mode (write tools require explicit approval)
166
174
 
167
175
  ## Examples
168
176