acpx 0.10.0 → 0.11.1

package/dist/cli.js

@@ -1,15 +1,16 @@
 #!/usr/bin/env node
-import { a as runSessionQueueOwner, c as buildQueueOwnerArgOverride, g as __exportAll, h as isProcessAlive, l as flushPerfMetricsCapture, n as getTextErrorRemediationHints, p as probeQueueOwnerHealth, t as createOutputFormatter, u as installPerfMetricsCapture } from "./output-Di77Yugq.js";
-import { $ as defaultSessionEventLog, A as findGitRepositoryRoot, At as EXIT_CODES, I as normalizeName, M as findSessionByDirectoryWalk, P as listSessions, Pt as OUTPUT_FORMATS, Rt as AcpxOperationalError, St as exitCodeForOutputErrorCode, Tt as normalizeOutputError, X as serializeSessionRecordForDisk, Y as parseSessionRecord, Z as normalizeRuntimeSessionId, at as isAcpJsonRpcMessage, bt as normalizeAgentName$1, ct as PromptInputValidationError, dt as parsePromptSource, j as findSession, mt as InterruptedError, nt as sessionEventLockPath, pt as textPrompt, rt as sessionEventSegmentPath, tt as sessionEventActivePath, ut as mergePromptSourceWithText, vt as DEFAULT_AGENT_NAME, yt as listBuiltInAgents, z as writeSessionRecord, zt as AgentSpawnError } from "./live-checkpoint-CuFft_Nd.js";
-import { _ as resolveOutputPolicy, b as loadPermissionPolicySpec, c as parseHistoryLimit, d as parseOutputFormat$1, f as parsePruneBeforeDate, g as resolveGlobalFlags, h as resolveAgentInvocation, i as addSessionOption, l as parseMaxTurns, m as parseTtlSeconds, n as addPromptInputOption, o as parseAllowedTools, p as parseSessionName, r as addSessionNameOption, s as parseDaysOlderThan, t as addGlobalFlags, u as parseNonEmptyValue, v as resolvePermissionMode, y as resolveSessionNameFromFlags } from "./flags--2oX_ubW.js";
-import { readFileSync, realpathSync } from "node:fs";
+import { a as runSessionQueueOwner, c as buildQueueOwnerArgOverride, g as __exportAll, h as isProcessAlive, l as flushPerfMetricsCapture, n as getTextErrorRemediationHints, o as runOnce, p as probeQueueOwnerHealth, t as createOutputFormatter, u as installPerfMetricsCapture } from "./output-BEv_BB7T.js";
+import { At as listBuiltInAgents, Et as TimeoutError, G as listSessions, Gt as OUTPUT_FORMATS, H as findSession, It as normalizeOutputError, L as getAcpxVersion, Nt as exitCodeForOutputErrorCode, St as parsePromptSource, Tt as InterruptedError, U as findSessionByDirectoryWalk, V as findGitRepositoryRoot, Vt as EXIT_CODES, X as writeSessionRecord, Xt as AgentSpawnError, Yt as AcpxOperationalError, ct as normalizeRuntimeSessionId, ft as sessionEventActivePath, gt as isAcpJsonRpcMessage, jt as normalizeAgentName$1, kt as DEFAULT_AGENT_NAME, mt as sessionEventSegmentPath, ot as parseSessionRecord, pt as sessionEventLockPath, q as normalizeName, st as serializeSessionRecordForDisk, ut as defaultSessionEventLog, wt as textPrompt, xt as mergePromptSourceWithText, yt as PromptInputValidationError } from "./live-checkpoint-BWkYxMeS.js";
+import { _ as resolveGlobalFlags, b as resolveSessionNameFromFlags, c as parseHistoryLimit, d as parseOutputFormat$1, f as parsePruneBeforeDate, g as resolveAgentInvocation, h as parseTtlSeconds, i as addSessionOption, l as parseMaxTurns, m as parseTimeoutSeconds, n as addPromptInputOption, o as parseAllowedTools, p as parseSessionName, r as addSessionNameOption, s as parseDaysOlderThan, t as addGlobalFlags, u as parseNonEmptyValue, v as resolveOutputPolicy, x as loadPermissionPolicySpec, y as resolvePermissionMode } from "./flags-Dvgmpq_l.js";
+import { realpathSync } from "node:fs";
 import { fileURLToPath, pathToFileURL } from "node:url";
 import path from "node:path";
 import { Command, CommanderError, InvalidArgumentError, Option } from "commander";
 import fs$1 from "node:fs/promises";
 import os from "node:os";
-import { randomUUID } from "node:crypto";
+import { createHash, randomUUID } from "node:crypto";
 import { ZodError, z } from "zod";
+import { performance } from "node:perf_hooks";
 //#region src/cli-public.ts
 function configurePublicCli(options) {
 	const builtInAgents = options.listBuiltInAgents(options.config.agents);
@@ -386,11 +387,11 @@ let sessionModulePromise;
 let outputModulePromise;
 let outputRenderModulePromise;
 function loadSessionModule() {
-	sessionModulePromise ??= import("./output-Di77Yugq.js").then((n) => n.i);
+	sessionModulePromise ??= import("./output-BEv_BB7T.js").then((n) => n.i);
 	return sessionModulePromise;
 }
 function loadOutputModule() {
-	outputModulePromise ??= import("./output-Di77Yugq.js").then((n) => n.r);
+	outputModulePromise ??= import("./output-BEv_BB7T.js").then((n) => n.r);
 	return outputModulePromise;
 }
 function loadOutputRenderModule() {
@@ -436,7 +437,7 @@ function resolveRequestedOutputPolicy(globalFlags) {
 		suppressReads: globalFlags.suppressReads === true
 	};
 }
-function sessionOptionsFromGlobalFlags(globalFlags) {
+function sessionOptionsFromGlobalFlags$1(globalFlags) {
 	return {
 		model: globalFlags.model,
 		allowedTools: globalFlags.allowedTools,
@@ -444,7 +445,7 @@ function sessionOptionsFromGlobalFlags(globalFlags) {
 		systemPrompt: globalFlags.systemPrompt
 	};
 }
-async function resolvePermissionPolicyFromFlags(globalFlags) {
+async function resolvePermissionPolicyFromFlags$1(globalFlags) {
 	try {
 		return await loadPermissionPolicySpec(globalFlags.permissionPolicy, globalFlags.cwd);
 	} catch (error) {
@@ -466,7 +467,8 @@ function buildSessionStartOptions(params) {
 		terminal: params.globalFlags.terminal,
 		timeoutMs: params.globalFlags.timeout,
 		verbose: params.globalFlags.verbose,
-		sessionOptions: sessionOptionsFromGlobalFlags(params.globalFlags)
+		sessionOptions: sessionOptionsFromGlobalFlags$1(params.globalFlags),
+		onModelWarning: params.globalFlags.jsonStrict ? void 0 : (message) => process.stderr.write(`[acpx] warning: ${message}\n`)
 	};
 }
 function resolveSessionListFilterCwd(flags, agentCwd) {
@@ -505,7 +507,7 @@ async function handlePrompt(explicitAgentName, promptParts, flags, command, conf
 	const globalFlags = resolveGlobalFlags(command, config);
 	const outputPolicy = resolveRequestedOutputPolicy(globalFlags);
 	const permissionMode = resolvePermissionMode(globalFlags, config.defaultPermissions);
-	const permissionPolicy = await resolvePermissionPolicyFromFlags(globalFlags);
+	const permissionPolicy = await resolvePermissionPolicyFromFlags$1(globalFlags);
 	const prompt = await readPrompt(promptParts, flags.file, globalFlags.cwd);
 	const agent = resolveAgentInvocation(explicitAgentName, globalFlags, config);
 	const [{ createOutputFormatter }, { printPromptSessionBanner, printQueuedPromptByFormat }, { sendSession }] = await Promise.all([
@@ -513,7 +515,7 @@ async function handlePrompt(explicitAgentName, promptParts, flags, command, conf
 		loadOutputRenderModule(),
 		loadSessionModule()
 	]);
-	const record = await findRoutedSessionOrThrow(agent.agentCommand, agent.agentName, agent.cwd, flags.session);
+	const record = await findRoutedSessionOrThrow(agent.agentCommand, agent.agentName, agent.cwd, resolveSessionNameFromFlags(flags, command));
 	const outputFormatter = createOutputFormatter(outputPolicy.format, {
 		jsonContext: { sessionId: record.acpxRecordId },
 		suppressReads: outputPolicy.suppressReads
@@ -523,6 +525,8 @@ async function handlePrompt(explicitAgentName, promptParts, flags, command, conf
 		sessionId: record.acpxRecordId,
 		prompt,
 		mcpServers: config.mcpServers,
+		mcpConfigPath: config.mcpConfigPath,
+		mcpConfigFingerprint: config.mcpConfigFingerprint,
 		permissionMode,
 		nonInteractivePermissions: globalFlags.nonInteractivePermissions,
 		permissionPolicy,
@@ -569,7 +573,7 @@ async function handleExec(explicitAgentName, promptParts, flags, command, config
 	const globalFlags = resolveGlobalFlags(command, config);
 	const outputPolicy = resolveRequestedOutputPolicy(globalFlags);
 	const permissionMode = resolvePermissionMode(globalFlags, config.defaultPermissions);
-	const permissionPolicy = await resolvePermissionPolicyFromFlags(globalFlags);
+	const permissionPolicy = await resolvePermissionPolicyFromFlags$1(globalFlags);
 	const prompt = await readPrompt(promptParts, flags.file, globalFlags.cwd);
 	const [{ createOutputFormatter }, { runOnce }] = await Promise.all([loadOutputModule(), loadSessionModule()]);
 	const outputFormatter = createOutputFormatter(outputPolicy.format, { suppressReads: outputPolicy.suppressReads });
@@ -726,7 +730,7 @@ async function handleSetConfigOption(explicitAgentName, configId, value, flags,
 }
 async function tryListAgentSessions(agent, flags, globalFlags, config) {
 	const permissionMode = resolvePermissionMode(globalFlags, config.defaultPermissions);
-	const permissionPolicy = await resolvePermissionPolicyFromFlags(globalFlags);
+	const permissionPolicy = await resolvePermissionPolicyFromFlags$1(globalFlags);
 	const { listAgentSessions } = await loadSessionModule();
 	try {
 		return await listAgentSessions({
@@ -781,7 +785,7 @@ async function handleSessionsClose(explicitAgentName, sessionName, command, conf
 async function handleSessionsNew(explicitAgentName, flags, command, config) {
 	const globalFlags = resolveGlobalFlags(command, config);
 	const permissionMode = resolvePermissionMode(globalFlags, config.defaultPermissions);
-	const permissionPolicy = await resolvePermissionPolicyFromFlags(globalFlags);
+	const permissionPolicy = await resolvePermissionPolicyFromFlags$1(globalFlags);
 	const agent = resolveAgentInvocation(explicitAgentName, globalFlags, config);
 	const [{ createSession, closeSession }, { printCreatedSessionBanner, printNewSessionByFormat }] = await Promise.all([loadSessionModule(), loadOutputRenderModule()]);
 	const replaced = await findSession({
@@ -811,7 +815,7 @@ async function handleSessionsNew(explicitAgentName, flags, command, config) {
 async function handleSessionsEnsure(explicitAgentName, flags, command, config) {
 	const globalFlags = resolveGlobalFlags(command, config);
 	const permissionMode = resolvePermissionMode(globalFlags, config.defaultPermissions);
-	const permissionPolicy = await resolvePermissionPolicyFromFlags(globalFlags);
+	const permissionPolicy = await resolvePermissionPolicyFromFlags$1(globalFlags);
 	const agent = resolveAgentInvocation(explicitAgentName, globalFlags, config);
 	const [{ ensureSession }, { printCreatedSessionBanner, printEnsuredSessionByFormat }] = await Promise.all([loadSessionModule(), loadOutputRenderModule()]);
 	const result = await ensureSession(buildSessionStartOptions({
@@ -987,6 +991,285 @@ async function handleSessionsPrune(explicitAgentName, flags, command, config) {
 	}), globalFlags.format);
 }
 //#endregion
+//#region src/cli/compare-command.ts
+const DEFAULT_COMPARE_TIMEOUT_MS = 3e5;
+const FINAL_MESSAGE_PREVIEW_CHARS = 200;
+var CaptureFormatter = class {
+	setContext(_context) {}
+	onAcpMessage(_message) {}
+	onError(params) {}
+	onPermissionEscalation(_event) {}
+	flush() {}
+};
+function asRecord$2(value) {
+	return Boolean(value) && typeof value === "object" && !Array.isArray(value) ? value : void 0;
+}
+function numberField(source, keys) {
+	if (!source) return null;
+	for (const key of keys) {
+		const value = source[key];
+		if (typeof value === "number" && Number.isFinite(value)) return value;
+	}
+	return null;
+}
+function collapseWhitespace(value) {
+	return value.replace(/\s+/g, " ").trim();
+}
+function truncate(value, maxChars) {
+	if (value.length <= maxChars) return value;
+	return `${value.slice(0, Math.max(0, maxChars - 3))}...`;
+}
+async function readStdin() {
+	let data = "";
+	for await (const chunk of process.stdin) data += String(chunk);
+	return data;
+}
+async function readPromptFile(filePath, promptText, cwd) {
+	const prompt = mergePromptSourceWithText(filePath === "-" ? await readStdin() : await fs$1.readFile(path.resolve(cwd, filePath), "utf8"), promptText);
+	if (prompt.length === 0) throw new InvalidArgumentError("Prompt from --file is empty");
+	return prompt;
+}
+async function readPromptFromStdin() {
+	if (process.stdin.isTTY) throw new InvalidArgumentError("Prompt is required (pass as final argument, --file, or pipe via stdin)");
+	const prompt = parsePromptSource(await readStdin());
+	if (prompt.length === 0) throw new InvalidArgumentError("Prompt from stdin is empty");
+	return prompt;
+}
+async function readPromptInput(filePath, promptText, cwd) {
+	try {
+		if (filePath) return await readPromptFile(filePath, promptText, cwd);
+		const joined = promptText.trim();
+		if (joined.length > 0) return textPrompt(joined);
+		return await readPromptFromStdin();
+	} catch (error) {
+		if (error instanceof PromptInputValidationError) throw new InvalidArgumentError(error.message);
+		throw error;
+	}
+}
+function promptTokensAfterDoubleDash(command) {
+	const commandName = command.name();
+	const commandIndex = process.argv.findIndex((token, index) => index >= 2 && token === commandName);
+	if (commandIndex < 0) return [];
+	const delimiterIndex = process.argv.findIndex((token, index) => index > commandIndex && token === "--");
+	return delimiterIndex < 0 ? [] : process.argv.slice(delimiterIndex + 1);
+}
+function splitCompareArgs(args, filePath, command) {
+	if (filePath) {
+		if (args.length === 0) throw new InvalidArgumentError("At least one agent is required");
+		return {
+			agents: args,
+			promptText: ""
+		};
+	}
+	const promptTokens = promptTokensAfterDoubleDash(command);
+	if (promptTokens.length > 0) {
+		const agents = args.slice(0, -promptTokens.length);
+		if (agents.length === 0) throw new InvalidArgumentError("At least one agent is required");
+		return {
+			agents,
+			promptText: promptTokens.join(" ")
+		};
+	}
+	if (args.length < 2) throw new InvalidArgumentError("Usage: acpx compare <agent>... '<prompt>'");
+	return {
+		agents: args.slice(0, -1),
+		promptText: args[args.length - 1] ?? ""
+	};
+}
+function captureUsage(update, capture) {
+	const source = asRecord$2(asRecord$2(update._meta)?.usage) ?? update;
+	capture.usage = {
+		input_tokens: numberField(source, ["input_tokens", "inputTokens"]) ?? void 0,
+		output_tokens: numberField(source, ["output_tokens", "outputTokens"]) ?? void 0,
+		total_tokens: numberField(source, [
+			"total_tokens",
+			"totalTokens",
+			"size",
+			"used"
+		]) ?? void 0
+	};
+}
+function captureSessionUpdate(notification, capture) {
+	const update = asRecord$2(notification.update);
+	if (!update) return;
+	if (update.sessionUpdate === "agent_message_chunk") {
+		const content = asRecord$2(update.content);
+		if (content?.type === "text" && typeof content.text === "string") capture.finalMessage += content.text;
+		return;
+	}
+	if (update.sessionUpdate === "usage_update") captureUsage(update, capture);
+}
+function rowStatusFromPermissionStats(stats) {
+	return stats.denied + stats.cancelled > 0 ? "permission_denied" : "ok";
+}
+function sessionOptionsFromGlobalFlags(globalFlags) {
+	return {
+		model: globalFlags.model,
+		allowedTools: globalFlags.allowedTools,
+		maxTurns: globalFlags.maxTurns,
+		systemPrompt: globalFlags.systemPrompt
+	};
+}
+async function resolvePermissionPolicyFromFlags(globalFlags) {
+	try {
+		return await loadPermissionPolicySpec(globalFlags.permissionPolicy, globalFlags.cwd);
+	} catch (error) {
+		throw new InvalidArgumentError(`Invalid permission policy: ${error instanceof Error ? error.message : String(error)}`);
+	}
+}
+function buildSuccessRow(agentName, result, capture, startedAt) {
+	const permissionStats = result.permissionStats;
+	return {
+		agent: agentName,
+		status: result.stopReason === "cancelled" ? "cancelled" : rowStatusFromPermissionStats(permissionStats),
+		stop_reason: result.stopReason,
+		wall_ms: Math.round(performance.now() - startedAt),
+		input_tokens: capture.usage.input_tokens ?? null,
+		output_tokens: capture.usage.output_tokens ?? null,
+		total_tokens: capture.usage.total_tokens ?? null,
+		final_message: truncate(collapseWhitespace(capture.finalMessage), FINAL_MESSAGE_PREVIEW_CHARS),
+		error: null,
+		permission_requests: permissionStats.requested,
+		permission_denied: permissionStats.denied + permissionStats.cancelled
+	};
+}
+function buildErrorRow(agentName, caught, capture, startedAt) {
+	return {
+		agent: agentName,
+		status: caught instanceof TimeoutError ? "cancelled" : "error",
+		stop_reason: null,
+		wall_ms: Math.round(performance.now() - startedAt),
+		input_tokens: capture.usage.input_tokens ?? null,
+		output_tokens: capture.usage.output_tokens ?? null,
+		total_tokens: capture.usage.total_tokens ?? null,
+		final_message: truncate(collapseWhitespace(capture.finalMessage), FINAL_MESSAGE_PREVIEW_CHARS),
+		error: truncate(collapseWhitespace(caught instanceof Error ? caught.message : String(caught)), FINAL_MESSAGE_PREVIEW_CHARS),
+		permission_requests: 0,
+		permission_denied: 0
+	};
+}
+async function runAgentForCompare(params) {
+	const capture = {
+		finalMessage: "",
+		usage: {},
+		errors: []
+	};
+	const formatter = new CaptureFormatter();
+	const t0 = performance.now();
+	try {
+		const agent = resolveAgentInvocation(params.agentName, params.globalFlags, params.config);
+		const result = await runOnce({
+			agentCommand: agent.agentCommand,
+			cwd: agent.cwd,
+			prompt: params.prompt,
+			mcpServers: params.config.mcpServers,
+			permissionMode: resolvePermissionMode(params.globalFlags, params.config.defaultPermissions),
+			nonInteractivePermissions: params.globalFlags.nonInteractivePermissions,
+			permissionPolicy: params.permissionPolicy,
+			authCredentials: params.config.auth,
+			authPolicy: params.globalFlags.authPolicy,
+			terminal: params.globalFlags.terminal,
+			outputFormatter: formatter,
+			suppressSdkConsoleErrors: true,
+			timeoutMs: params.globalFlags.timeout ?? DEFAULT_COMPARE_TIMEOUT_MS,
+			verbose: params.globalFlags.verbose,
+			promptRetries: params.globalFlags.promptRetries,
+			sessionOptions: sessionOptionsFromGlobalFlags(params.globalFlags),
+			onSessionUpdate: (notification) => captureSessionUpdate(notification, capture)
+		});
+		return buildSuccessRow(params.agentName, result, capture, t0);
+	} catch (caught) {
+		return buildErrorRow(params.agentName, caught, capture, t0);
+	}
+}
+function formatCell(value) {
+	if (value == null || value === "") return "-";
+	if (typeof value === "string") return collapseWhitespace(value);
+	if (typeof value === "number" || typeof value === "boolean") return String(value);
+	return collapseWhitespace(JSON.stringify(value));
+}
+function renderTable(rows) {
+	const headers = [
+		"agent",
+		"status",
+		"wall_ms",
+		"input",
+		"output",
+		"total",
+		"permissions",
+		"stop_reason",
+		"final_message",
+		"error"
+	];
+	const body = rows.map((row) => [
+		row.agent,
+		row.status,
+		row.wall_ms,
+		row.input_tokens,
+		row.output_tokens,
+		row.total_tokens,
+		`${row.permission_denied}/${row.permission_requests}`,
+		row.stop_reason,
+		row.final_message,
+		row.error
+	]);
+	const widths = headers.map((header, index) => Math.max(header.length, ...body.map((cells) => formatCell(cells[index]).length)));
+	const formatRow = (cells) => cells.map((cell, index) => truncate(formatCell(cell), widths[index] ?? 24).padEnd(widths[index] ?? 24)).join("  ").trimEnd();
+	return [
+		formatRow(headers),
+		widths.map((width) => "-".repeat(width)).join("  "),
+		...body.map(formatRow)
+	].join("\n");
+}
+function printRows(rows, format) {
+	if (format === "json") {
+		process.stdout.write(`${JSON.stringify(rows)}\n`);
+		return;
+	}
+	if (format === "quiet") {
+		for (const row of rows) process.stdout.write(`${row.agent}\t${row.status}\n`);
+		return;
+	}
+	process.stdout.write(`${renderTable(rows)}\n`);
+}
+function updateCompareExitCode(rows) {
+	if (rows.some((row) => row.status === "error")) {
+		process.exitCode = EXIT_CODES.ERROR;
+		return;
+	}
+	if (rows.some((row) => row.status === "permission_denied")) {
+		process.exitCode = EXIT_CODES.PERMISSION_DENIED;
+		return;
+	}
+	if (rows.some((row) => row.status === "cancelled")) process.exitCode = EXIT_CODES.TIMEOUT;
+}
+function resolvePromptFile(flags) {
+	if (flags.file && flags.promptFile && flags.file !== flags.promptFile) throw new InvalidArgumentError("Use only one prompt file flag: --file or --prompt-file");
+	return flags.file ?? flags.promptFile;
+}
+function registerCompareCommand(program, config) {
+	program.command("compare").description("Run one prompt across multiple agents and summarize the results").argument("<args...>", "Agents followed by prompt text, or agents with --file").option("--cwd <dir>", "Target workspace").option("--approve-all", "Auto-approve all permission requests").option("--approve-reads", "Auto-approve read/search requests and prompt for writes").option("--deny-all", "Deny all permission requests").option("--timeout <seconds>", "Per-agent timeout in seconds", parseTimeoutSeconds).option("--format <fmt>", "Output format: text, json, quiet", parseOutputFormat$1).option("--json", "Alias for --format json").option("-f, --file <path>", "Read prompt text from file path (use - for stdin)", (value) => parseNonEmptyValue("Prompt file", value)).option("--prompt-file <path>", "Alias for --file", (value) => parseNonEmptyValue("Prompt file", value)).action(async function(args, flags) {
+		if (config.disableExec) throw new Error("compare subcommand is disabled by configuration (disableExec: true)");
+		const globalFlags = resolveGlobalFlags(this, config);
+		if (globalFlags.agent) throw new InvalidArgumentError("Do not combine compare with --agent; pass agent names");
+		const outputPolicy = resolveOutputPolicy(flags.json === true ? "json" : globalFlags.format, globalFlags.jsonStrict === true);
+		const promptFile = resolvePromptFile(flags);
+		const { agents, promptText } = splitCompareArgs(args, promptFile, this);
+		const prompt = await readPromptInput(promptFile, promptText, globalFlags.cwd);
+		const permissionPolicy = await resolvePermissionPolicyFromFlags(globalFlags);
+		const rows = [];
+		for (const agentName of agents) rows.push(await runAgentForCompare({
+			agentName,
+			prompt,
+			config,
+			globalFlags,
+			permissionPolicy
+		}));
+		printRows(rows, outputPolicy.format);
+		updateCompareExitCode(rows);
+	});
+}
+//#endregion
 //#region src/mcp-servers.ts
 function asRecord$1(value) {
 	if (!value || typeof value !== "object" || Array.isArray(value)) return;
@@ -1090,7 +1373,6 @@ function parseOptionalMcpServers(value, sourcePath, fieldName = "mcpServers") {
 }
 //#endregion
 //#region src/cli/config.ts
-const DEFAULT_TIMEOUT_MS = void 0;
 const DEFAULT_TTL_MS = 3e5;
 const DEFAULT_PERMISSION_MODE = "approve-reads";
 const DEFAULT_NON_INTERACTIVE_PERMISSION_POLICY = "deny";
@@ -1098,14 +1380,14 @@ const DEFAULT_AUTH_POLICY = "skip";
 const DEFAULT_OUTPUT_FORMAT = "text";
 const DEFAULT_QUEUE_MAX_DEPTH = 16;
 const DEFAULT_DISABLE_EXEC = false;
-const VALID_PERMISSION_MODES = new Set([
+const VALID_PERMISSION_MODES = /* @__PURE__ */ new Set([
 	"approve-all",
 	"approve-reads",
 	"deny-all"
 ]);
-const VALID_NON_INTERACTIVE_PERMISSION_POLICIES = new Set(["deny", "fail"]);
-const VALID_AUTH_POLICIES = new Set(["skip", "fail"]);
-const VALID_OUTPUT_FORMATS = new Set([
+const VALID_NON_INTERACTIVE_PERMISSION_POLICIES = /* @__PURE__ */ new Set(["deny", "fail"]);
+const VALID_AUTH_POLICIES = /* @__PURE__ */ new Set(["skip", "fail"]);
+const VALID_OUTPUT_FORMATS = /* @__PURE__ */ new Set([
 	"text",
 	"json",
 	"quiet"
@@ -1218,6 +1500,16 @@ async function readConfigFile(filePath) {
 		throw error;
 	}
 }
+async function loadExplicitMcpConfig(cwd, configuredPath) {
+	if (!configuredPath) return {};
+	const resolvedPath = path.resolve(cwd, configuredPath);
+	const result = await readConfigFile(resolvedPath);
+	if (!result.exists) throw new Error(`MCP config file not found: ${resolvedPath}`);
+	return {
+		path: resolvedPath,
+		config: result.config
+	};
+}
 function mergeAgents(globalAgents, projectAgents) {
 	return {
 		...globalAgents,
@@ -1230,16 +1522,20 @@ function mergeAuth(globalAuth, projectAuth) {
 		...projectAuth
 	};
 }
-async function loadResolvedConfig(cwd) {
+async function loadResolvedConfig(cwd, options = {}) {
 	const globalPath = defaultGlobalConfigPath();
 	const projectPath = projectConfigPath(cwd);
-	const [globalResult, projectResult] = await Promise.all([readConfigFile(globalPath), readConfigFile(projectPath)]);
+	const [globalResult, projectResult, explicitMcp] = await Promise.all([
+		readConfigFile(globalPath),
+		readConfigFile(projectPath),
+		loadExplicitMcpConfig(cwd, options.mcpConfigPath)
+	]);
 	const globalConfig = globalResult.config;
 	const projectConfig = projectResult.config;
 	const scalar = resolveScalarConfigValues(projectConfig, projectPath, globalConfig, globalPath);
 	const agents = mergeAgents(parseAgents(globalConfig?.agents, globalPath), parseAgents(projectConfig?.agents, projectPath));
 	const auth = mergeAuth(parseAuth(globalConfig?.auth, globalPath), parseAuth(projectConfig?.auth, projectPath));
-	const mcpServers = resolveMcpServers(projectConfig, projectPath, globalConfig, globalPath);
+	const mcpServers = resolveMcpServers(projectConfig, projectPath, globalConfig, globalPath, explicitMcp.config, explicitMcp.path);
 	const disableExec = resolveDisableExec(projectConfig, projectPath, globalConfig, globalPath);
 	return {
 		...scalar,
@@ -1249,6 +1545,8 @@ async function loadResolvedConfig(cwd) {
 		mcpServers,
 		globalPath,
 		projectPath,
+		mcpConfigPath: explicitMcp.path,
+		mcpConfigFingerprint: explicitMcp.path ? createHash("sha256").update(JSON.stringify(mcpServers)).digest("hex") : void 0,
 		hasGlobalConfig: globalResult.exists,
 		hasProjectConfig: projectResult.exists
 	};
@@ -1292,9 +1590,9 @@ function hasConfigKey(config, key) {
 function resolveTimeoutMs(projectConfig, projectPath, globalConfig, globalPath) {
 	if (hasConfigKey(projectConfig, "timeout")) return parseTimeoutMs(projectConfig?.timeout, projectPath);
 	if (hasConfigKey(globalConfig, "timeout")) return parseTimeoutMs(globalConfig?.timeout, globalPath);
-	return DEFAULT_TIMEOUT_MS;
 }
-function resolveMcpServers(projectConfig, projectPath, globalConfig, globalPath) {
+function resolveMcpServers(projectConfig, projectPath, globalConfig, globalPath, mcpConfig, mcpConfigPath) {
+	if (mcpConfigPath) return parseMcpServers(mcpConfig?.mcpServers, mcpConfigPath);
 	if (hasConfigKey(projectConfig, "mcpServers")) return parseMcpServers(projectConfig?.mcpServers, projectPath);
 	if (hasConfigKey(globalConfig, "mcpServers")) return parseMcpServers(globalConfig?.mcpServers, globalPath);
 	return [];
@@ -1341,7 +1639,18 @@ async function initGlobalConfigFile() {
 		agents: {},
 		auth: {}
 	};
-	await fs$1.writeFile(configPath, `${JSON.stringify(payload, null, 2)}\n`, "utf8");
+	try {
+		await fs$1.writeFile(configPath, `${JSON.stringify(payload, null, 2)}\n`, {
+			encoding: "utf8",
+			flag: "wx"
+		});
+	} catch (error) {
+		if (error.code === "EEXIST") return {
+			path: configPath,
+			created: false
+		};
+		throw error;
+	}
 	return {
 		path: configPath,
 		created: true
@@ -1355,7 +1664,8 @@ async function handleConfigShow(command, config) {
 		...toConfigDisplay(config),
 		paths: {
 			global: config.globalPath,
-			project: config.projectPath
+			project: config.projectPath,
+			...config.mcpConfigPath ? { mcp: config.mcpConfigPath } : {}
 		},
 		loaded: {
 			global: config.hasGlobalConfig,
@@ -1862,7 +2172,7 @@ function registerAgentCommand(program, agentName, config) {
 }
 function registerFlowCommand(program, config) {
 	program.command("flow").description("Run multi-step ACP workflows from flow files").command("run").description("Run a flow file").argument("<file>", "Flow module path").option("--input-json <json>", "Flow input as JSON").option("--input-file <path>", "Read flow input JSON from file").option("--default-agent <name>", "Default agent profile for ACP nodes without profile", (value) => parseNonEmptyValue("Default agent", value)).action(async function(file, flags) {
-		const { handleFlowRun } = await import("./cli-8dP_TqBp.js");
+		const { handleFlowRun } = await import("./cli-D4XUKXcD.js");
 		await handleFlowRun(file, flags, this, config);
 	});
 }
@@ -1877,10 +2187,13 @@ function registerDefaultCommands(program, config) {
 	});
 	registerSessionsCommand(program, void 0, config);
 	registerConfigCommand(program, config);
+	registerCompareCommand(program, config);
 	registerFlowCommand(program, config);
 }
 //#endregion
 //#region src/cli/queue/owner-env.ts
+const QUEUE_OWNER_PAYLOAD_FILE_ENV = "ACPX_QUEUE_OWNER_PAYLOAD_FILE";
+const QUEUE_OWNER_PAYLOAD_ENV = "ACPX_QUEUE_OWNER_PAYLOAD";
 function asRecord(value) {
 	if (!value || typeof value !== "object" || Array.isArray(value)) return;
 	return value;
@@ -1902,6 +2215,8 @@ function parseQueueOwnerPayload(raw) {
 function assignQueueOwnerTransportOptions(options, record) {
 	const parsedMcpServers = parseOptionalMcpServers(record.mcpServers, "queue owner payload");
 	if (parsedMcpServers) options.mcpServers = parsedMcpServers;
+	if (typeof record.mcpConfigPath === "string" && record.mcpConfigPath.length > 0) options.mcpConfigPath = record.mcpConfigPath;
+	if (typeof record.mcpConfigFingerprint === "string" && record.mcpConfigFingerprint.length > 0) options.mcpConfigFingerprint = record.mcpConfigFingerprint;
 	if (record.authCredentials && typeof record.authCredentials === "object") {
 		const entries = Object.entries(record.authCredentials).filter(([, value]) => typeof value === "string");
 		options.authCredentials = Object.fromEntries(entries);
@@ -1934,6 +2249,7 @@ function assignQueueOwnerSessionOptions(options, rawSessionOptions) {
 	assignSessionAllowedTools(options.sessionOptions, sessionOpts.allowedTools);
 	assignSessionMaxTurns(options.sessionOptions, sessionOpts.maxTurns);
 	assignSessionSystemPrompt(options.sessionOptions, sessionOpts.systemPrompt);
+	assignSessionEnv(options.sessionOptions, sessionOpts.env);
 }
 function assignSessionModel(options, value) {
 	if (typeof value === "string" && value.trim().length > 0) options.model = value;
@@ -1952,60 +2268,43 @@ function assignSessionSystemPrompt(options, value) {
 	const systemPrompt = asRecord(value);
 	if (typeof systemPrompt?.append === "string") options.systemPrompt = { append: systemPrompt.append };
 }
-async function runQueueOwnerFromEnv(env) {
-	const payload = env.ACPX_QUEUE_OWNER_PAYLOAD;
-	if (!payload) throw new Error("missing ACPX_QUEUE_OWNER_PAYLOAD");
-	await runSessionQueueOwner(parseQueueOwnerPayload(payload));
+function assignSessionEnv(options, value) {
+	const env = asRecord(value);
+	if (!env) return;
+	const entries = Object.entries(env).filter((entry) => typeof entry[1] === "string");
+	if (entries.length > 0) options.env = Object.fromEntries(entries);
 }
-//#endregion
-//#region src/version.ts
-const UNKNOWN_VERSION = "0.0.0-unknown";
-const MODULE_DIR = path.dirname(fileURLToPath(import.meta.url));
-let cachedVersion = null;
-function parseVersion(value) {
-	if (typeof value !== "string") return null;
-	const trimmed = value.trim();
-	return trimmed.length > 0 ? trimmed : null;
-}
-function readPackageVersion(packageJsonPath) {
-	try {
-		return parseVersion(JSON.parse(readFileSync(packageJsonPath, "utf8")).version);
-	} catch {
-		return null;
-	}
+async function runQueueOwnerFromEnv(env) {
+	await runSessionQueueOwner(parseQueueOwnerPayload(await readQueueOwnerPayloadFromEnv(env)));
 }
-function resolveVersionFromAncestors(startDir) {
-	let current = startDir;
-	while (true) {
-		const packageVersion = readPackageVersion(path.join(current, "package.json"));
-		if (packageVersion) return packageVersion;
-		const parent = path.dirname(current);
-		if (parent === current) return null;
-		current = parent;
+async function readQueueOwnerPayloadFromEnv(env) {
+	const payloadFile = env[QUEUE_OWNER_PAYLOAD_FILE_ENV];
+	if (payloadFile) {
+		const payload = await fs$1.readFile(payloadFile, "utf8");
+		await cleanupQueueOwnerPayloadFile(payloadFile).catch(() => {});
+		return payload;
 	}
+	const payload = env[QUEUE_OWNER_PAYLOAD_ENV];
+	if (!payload) throw new Error(`missing ${QUEUE_OWNER_PAYLOAD_ENV}`);
+	return payload;
 }
-function resolveAcpxVersion(params) {
-	const envVersion = resolvePackageEnvVersion(params?.env ?? process.env);
-	if (envVersion) return envVersion;
-	if (params?.packageJsonPath) return readPackageVersion(params.packageJsonPath) ?? UNKNOWN_VERSION;
-	return resolveVersionFromAncestors(MODULE_DIR) ?? UNKNOWN_VERSION;
-}
-function resolvePackageEnvVersion(env) {
-	const envPackageName = parseVersion(env.npm_package_name);
-	const envVersion = parseVersion(env.npm_package_version);
-	return envPackageName === "acpx" ? envVersion : null;
+async function cleanupQueueOwnerPayloadFile(payloadFile) {
+	if (!isQueueOwnerPayloadFile(payloadFile)) return;
+	await fs$1.unlink(payloadFile).catch(() => {});
+	await fs$1.rmdir(path.dirname(payloadFile)).catch(() => {});
 }
-function getAcpxVersion() {
-	if (cachedVersion) return cachedVersion;
-	cachedVersion = resolveAcpxVersion();
-	return cachedVersion;
+function isQueueOwnerPayloadFile(payloadFile) {
+	const resolved = path.resolve(payloadFile);
+	const payloadDir = path.dirname(resolved);
+	return path.dirname(payloadDir) === path.resolve(os.tmpdir()) && path.basename(payloadDir).startsWith("acpx-queue-owner-") && path.basename(resolved) === "payload.json";
 }
 //#endregion
 //#region src/cli-core.ts
-const TOP_LEVEL_VERBS = new Set([
+const TOP_LEVEL_VERBS = /* @__PURE__ */ new Set([
 	"prompt",
 	"exec",
 	"cancel",
+	"compare",
 	"flow",
 	"set-mode",
 	"set",
@@ -2029,10 +2328,11 @@ const TOP_LEVEL_VERSION_VALUE_FLAG_VALUES = [
 	"--append-system-prompt",
 	"--prompt-retries",
 	"--timeout",
-	"--ttl"
+	"--ttl",
+	"--mcp-config"
 ];
 const TOP_LEVEL_VERSION_VALUE_FLAGS = new Set(TOP_LEVEL_VERSION_VALUE_FLAG_VALUES);
-const TOP_LEVEL_VERSION_BOOLEAN_FLAGS = new Set([
+const TOP_LEVEL_VERSION_BOOLEAN_FLAGS = /* @__PURE__ */ new Set([
 	"--approve-all",
 	"--approve-reads",
 	"--deny-all",
@@ -2100,31 +2400,69 @@ function detectAgentToken(argv) {
 function detectInitialCwd(argv) {
 	for (let index = 0; index < argv.length; index += 1) {
 		const token = argv[index];
-		if (token === "--cwd") {
-			const next = argv[index + 1];
-			if (next && next !== "--") return path.resolve(next);
-			break;
-		}
-		if (token.startsWith("--cwd=")) {
-			const value = token.slice(6).trim();
-			if (value.length > 0) return path.resolve(value);
-			break;
-		}
-		if (token === "--") break;
+		const scan = classifyTopLevelFlagScan(token);
+		if (scan.stop) break;
+		const cwd = readCwdFlagValue(token, argv[index + 1]);
+		if (cwd) return path.resolve(cwd);
+		if (isCwdFlagToken(token)) break;
+		if (scan.skipNext) index += 1;
 	}
 	return process.cwd();
 }
+function detectMcpConfigPath(argv, cwd) {
+	for (let index = 0; index < argv.length; index += 1) {
+		const scan = scanMcpConfigToken(argv[index], argv[index + 1], cwd);
+		if (scan.stop) return scan.path;
+		if (scan.skipNext) index += 1;
+	}
+}
+function scanMcpConfigToken(token, nextToken, cwd) {
+	if (token === "--" || !token.startsWith("-") || token === "-") return { stop: true };
+	if (token === "--mcp-config") return {
+		path: resolveMcpConfigPath(nextToken, cwd),
+		stop: true
+	};
+	if (token.startsWith("--mcp-config=")) return {
+		path: resolveMcpConfigPath(token.slice(13), cwd),
+		stop: true
+	};
+	return { skipNext: TOP_LEVEL_VERSION_VALUE_FLAGS.has(token) };
+}
+function resolveMcpConfigPath(value, cwd) {
+	const trimmed = value?.trim();
+	return trimmed && trimmed !== "--" ? path.resolve(cwd, trimmed) : void 0;
+}
+function isCwdFlagToken(token) {
+	return token === "--cwd" || token.startsWith("--cwd=");
+}
+function readCwdFlagValue(token, nextToken) {
+	const value = (token === "--cwd" ? nextToken : readInlineFlagValue(token, "--cwd"))?.trim();
+	if (!value || value === "--") return;
+	return value;
+}
 function detectRequestedOutputFormat(argv, fallback) {
 	let detectedFormat = fallback;
 	for (let index = 0; index < argv.length; index += 1) {
 		const token = argv[index];
-		if (token === "--") break;
+		const scan = classifyTopLevelFlagScan(token);
+		if (scan.stop) break;
 		if (isJsonStrictToken(token)) return "json";
 		const format = readFormatFlagValue(token, argv[index + 1]);
 		if (format) detectedFormat = format;
+		if (scan.skipNext) index += 1;
 	}
 	return detectedFormat;
 }
+function classifyTopLevelFlagScan(token) {
+	if (token === "--" || !token.startsWith("-") || token === "-") return {
+		stop: true,
+		skipNext: false
+	};
+	return {
+		stop: false,
+		skipNext: TOP_LEVEL_VERSION_VALUE_FLAGS.has(token)
+	};
+}
 function readFormatFlagValue(token, nextToken) {
 	const raw = token === "--format" ? nextToken : readInlineFlagValue(token, "--format");
 	return isOutputFormat(raw) ? raw : void 0;
@@ -2142,8 +2480,10 @@ function isJsonStrictToken(token) {
 function detectJsonStrict(argv) {
 	for (let index = 0; index < argv.length; index += 1) {
 		const token = argv[index];
-		if (token === "--") break;
+		const scan = classifyTopLevelFlagScan(token);
+		if (scan.stop) break;
 		if (isJsonStrictToken(token)) return true;
+		if (scan.skipNext) index += 1;
 	}
 	return false;
 }
@@ -2255,7 +2595,8 @@ async function main(argv = process.argv) {
 		return;
 	}
 	await maybeHandleSkillflag(normalizedArgv);
-	const config = await loadResolvedConfig(detectInitialCwd(rawArgs));
+	const initialCwd = detectInitialCwd(rawArgs);
+	const config = await loadResolvedConfig(initialCwd, { mcpConfigPath: detectMcpConfigPath(rawArgs, initialCwd) });
 	const requestedJsonStrict = detectJsonStrict(rawArgs);
 	const requestedOutputPolicy = {
 		...resolveOutputPolicy(detectRequestedOutputFormat(rawArgs, config.format), requestedJsonStrict),